Passively listen to and decode Modbus/RTU (RS485) communication

General
1

Hi All,

I'm having two Modbus/RTU devices (RS-485 interface) and I'd like to passively listen to the communication between them with Node Red (using RS-485 / USB serial adapter) and decode the Modbus protocol between those two so basically I need the output of the "Modbus Read" node but without sending a request via the read node in advance.
Is that possible? And if so - how?

2

Not quite sure what you want to achieve here.
If these two devices are directly connected and communicating, I don't think that there is a way to sniff on a serial protocol between them.

What I'd think of is to use/replace the serial link with a tcp link (using two modbus/tcp converters), then use wireshark to sniff on the tcp connection and decode the modbus communication with it.

3

You can easily sniff mobus comms on RS485 - not sure if NR is the right tool to do it (or even if it can)

I have a fairly cheap device that i purchased a while ago - IONinja that plus into both the TX/RX lines and can listen and decode Modbus.

You can also very easily build the same thing on Python on a Rpi etc - lots of MITM/Sniffer projects on github for that.

The other thing you can do - with NR is to split the RS485 bus into two

Have two interfaces on NodeRed - one of them listens to the master - takes its requests and sends them out to the slave on the other bus and sends the responses back to the Master - you can then capture as much or as little of this. You can setup NR to look like the slave on the first bus so the master communicates with the same address and make NR look like the master on the 2nd bus to the slave

Obviosuly the frequency and volume of communication will dictate how fast a system you will need to do this - if fo instance it is a PV inverter talking to an enery meter that usually happens every 200ms

Craig

4

In fact, the physical connection/sniffing part is easy. It's RS485 so simply attach additional wires to the existing link, that's it.
I also can run a terminal software and I can see the data transferred between those two devices.
But I need the Data in NR.

That sounds interesting. What Nodes would I need to use to achieve that? I see the server node but from my understanding that's only for Modbus/tcp but not for RS485.

5

The problem with this solution is you have to marshal all the comms and your Node-RED becomes non-passive

How are you seeing that - IP or Serial?

PS, once you have the data in node-red it is a simple matter of parsing the requests and responses into something meaningful. I have done this using node-red-contrib-buffer-parser several times over the years. I probably have an old flow knocking around (maybe already posted somewhere on the forum).

6

Not sure if I'm missing something but RS485 is physically a serial connection. So I'm not sure if I understand your question correctly since it can never be IP.

That sounds interesting! Thank you!

7

Depends how you have "tapped in" - you might have used a device that sits on the serial network and transmits via Ethernet.

I had to ask to avoid offering wrong response :person_shrugging:

And your response tells me it is a serial interface so, in node-red, you would install `node-red-node-serialport

` and use a serial-in node to "see" the data.

8

Makes sense!

Great, Steve, thank you!
I'll give it a try and let you know.

9

So i assume you already have these - but you can get RS485 to USB devices - or you can get RS485/IP devices - i have my Node Red on a Virtual machine and hance use a number of RS485 to IP (multiport) devices - they cost around $100(AUD) from Aliexpress for 4 port units - which essentially look like 4 x individual RS485 ports and 4 IP servers to Node Red.

Craig

10

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.