Capturing Modbus RTU traffic with a USB-to-RS-485 converter
Hi, I am trying to use Wireshark 3.0.6 to decode Modbus RTU frames using a USB to RS-485 converter.
What I want is analyze the Modbus RTU frames that pass on the RS-485 between a Master and a Slave. The USB-Converter is connected to a laptop with wireshark.
Sometime appear on the wireshark capture some Modbus RTU frames, but they seems full wrong.
Someone with experience about Modbus RTU capture on Wireshark could help me to find the right setup ?
Presumably the USB-to-RS-485 converter appears as a serial port (COM: port on Windows, /dev/ttyXX port on UN*Xes such as Linux, *BSD, and macOS). What program is reading the frames from the serial port? Wireshark doesn't have built-in support for doing that.
Hi Guy, yes i am using under windows (COM port). So, I need to have another program in parallel of Wireshark to read the frames on the serial port? Which program can I use?
I used now Modbuspoll to communicate to the slave modbus and trying to sniff the messages with wireshark. The same result. The decoding of the messages Modbus looks wrong: it decodes a lot of CRC errors.
Guy, could you help me to obtain what I want? I would like to use wireashark like Modbus RS-485 analyzer of the traffic Modbus on the bus. Is there a way with Wireshark?
I can't help with a Wireshark solution to your problem, but over in the automation world debugging serial communications comes up often:
http://www.plctalk.net/qanda/showthread.php?t=48875&highlight=modbus+rtu
The link contains several ideas on software to help with this type of analysis.
Yes. Wireshark does not include any code to read any type of packets directly from a serial port, so if you're capturing Modbus frames on a COM port, you must already have installed some other program to do so - what program have you already installed?
What program are you using now? As I said, you can't do it using only Wireshark, so you must have added some other program.
By "Modbuspoll" do you mean "Modbus poll" or do you mean something else?
And how are you "trying to sniff the messages with wireshark"? Are you capturing on a device in Wireshark? If so, wha device are ...(more)
Yes. Wireshark does not include any code to read any type of packets directly from a serial port, so if you're capturing Modbus frames on a COM port, you must already have installed some other program to do so - what program have you already installed? Do you mean that I have to forget Wireshark for this purpose? Or that I need to use also some other program to permit Wireshark to do his work? What it is not clear to me till now is if wireshark can or not sniff Modbus messages.
By "Modbuspoll" do you mean "Modbus poll" or do you mean something else? Yes, I use "Modbus poll". But it is not what I want. Modbus poll can communicate like Master or Slave device. What I want is only sniff the Modbus Messages on the bus without taking action from the computer on the bus.
If so ...(more)