<![CDATA[Modbus Publisher on Port 502]]>Hi,

I tried to publish Modbus IP on port 502, however I get this error:
0_1597816225690_7d37aacd-d2d9-46c3-aeed-2d3cf01f2b71-image.png

It works with any other ports greater than 1000, but port 502 is standard for Modbus. If I stop the Mango service and start it again with Sudo it accepts the port 502 as well. So definitely it's about system's permission level to use port 502.
Now my question is how I can make the Mango service to run as Sudo on the start-up, FYI I am using Mango GT. Any solution??

Thanks,
Saeed

]]>https://forum.mango-os.com/topic/4912/modbus-publisher-on-port-502RSS for NodeTue, 19 May 2026 22:32:32 GMTWed, 19 Aug 2020 05:29:49 GMT60<![CDATA[Reply to Modbus Publisher on Port 502 on Fri, 21 Aug 2020 02:00:17 GMT]]>@craigweb
Thanks Craig for your help, it worked :-)

]]>https://forum.mango-os.com/post/25658https://forum.mango-os.com/post/25658Fri, 21 Aug 2020 02:00:17 GMT<![CDATA[Reply to Modbus Publisher on Port 502 on Thu, 20 Aug 2020 07:26:18 GMT]]>@skazemi said in Modbus Publisher on Port 502:

t's why in rasb

What I was trying to say is that this is a rasbian issue and that I have found multiple threads where people have failed when putting rules in rc.local. https://blog.mxard.com/persistent-iptables-on-raspberry-pi-raspbian

Iptables-persistent is safe to use and will not interfere with the mango service. I have used it on several servers that use cloud connect. CC does not use iptable it does port forwarding with sshd

]]>https://forum.mango-os.com/post/25657https://forum.mango-os.com/post/25657Thu, 20 Aug 2020 07:26:18 GMT<![CDATA[Reply to Modbus Publisher on Port 502 on Thu, 20 Aug 2020 07:14:07 GMT]]>@craigweb said in Modbus Publisher on Port 502:

@Dave-Frazier Can you take a look at this.

@skazemi I have found a number of forum threads on the rasbian forum stating that the iptables do not persist. Most responces recommend using apt-get install iptables-persistent

Yes, iptables does not persis, that's why in rasbian I put the rules in rc.local, so every time they are added to the iptables after restarting OS. I can try iptables-persistent but I'm afraid that it interferes Mango service, because I saw this section in the ui and it means Mango also is working with iptables, is it the case??

0_1597908933587_913afcac-8895-4aef-bfac-c6f18332483c-image.png

]]>https://forum.mango-os.com/post/25656https://forum.mango-os.com/post/25656Thu, 20 Aug 2020 07:14:07 GMT<![CDATA[Reply to Modbus Publisher on Port 502 on Thu, 20 Aug 2020 06:21:38 GMT]]>@Dave-Frazier Can you take a look at this.

@skazemi I have found a number of forum threads on the rasbian forum stating that the iptables do not persist. Most responces recommend using apt-get install iptables-persistent

]]>https://forum.mango-os.com/post/25655https://forum.mango-os.com/post/25655Thu, 20 Aug 2020 06:21:38 GMT<![CDATA[Reply to Modbus Publisher on Port 502 on Thu, 20 Aug 2020 06:02:58 GMT]]>@craigweb said in Modbus Publisher on Port 502:

Hi @skazemi

Do you have a Modbus data source that is bound to 502 as well?

Yes, actually all my data sources are Modbus/TCP on port 502 which I don't have any issue to pull data from them. The only issue is publishing on Mango port 502.

@terrypacker said in Modbus Publisher on Port 502:

@skazemi you have a few options, by default linux restricts access to ports below 1000 (which you have figured out).

I suggest you follow this procedure which will allow Mango to safely run with the proper privileges to access port 502: https://help.infiniteautomation.com/linux-installation

The service is already installed and running on Mango GT and I couldn't find anything which can help with that, except this that I didn't know!!
"Note: Never run Mango as root, this is a security risk and will also result in files in /opt/mango having the incorrect owner."

But for general reference you have other options:

  1. You could use iptables to route traffic between ports. Here is an example of how we route traffic between 8080 <--> 80 https://help.infiniteautomation.com/linux-security

  2. I can't remember if the GT support ipchains but you could try those with something like this
    /sbin/ipchains -I input --proto TCP --dport 502 -j REDIRECT 5020

For these two solutions, I need to put the rule somewhere like rc.local to run in startup, however it didn'twork! looks like Mango or something else overwritten the iptables after bootup. I already asked about this in another post, no answer yet:
https://forum.infiniteautomation.com/topic/4908/port-forwarding-issue-with-mango-gt

  1. You could try setuid to allow the Mango process to access port 502

Hope that helps.

I'll try this!

]]>https://forum.mango-os.com/post/25654https://forum.mango-os.com/post/25654Thu, 20 Aug 2020 06:02:58 GMT<![CDATA[Reply to Modbus Publisher on Port 502 on Wed, 19 Aug 2020 14:09:48 GMT]]>@skazemi you have a few options, by default linux restricts access to ports below 1000 (which you have figured out).

I suggest you follow this procedure which will allow Mango to safely run with the proper privileges to access port 502: https://help.infiniteautomation.com/linux-installation

But for general reference you have other options:

  1. You could use iptables to route traffic between ports. Here is an example of how we route traffic between 8080 <--> 80 https://help.infiniteautomation.com/linux-security

  2. I can't remember if the GT support ipchains but you could try those with something like this
    /sbin/ipchains -I input --proto TCP --dport 502 -j REDIRECT 5020

  3. You could try setuid to allow the Mango process to access port 502

Hope that helps.

]]>https://forum.mango-os.com/post/25650https://forum.mango-os.com/post/25650Wed, 19 Aug 2020 14:09:48 GMT<![CDATA[Reply to Modbus Publisher on Port 502 on Wed, 19 Aug 2020 07:39:59 GMT]]>Hi @skazemi

Do you have a Modbus data source that is bound to 502 as well?

]]>https://forum.mango-os.com/post/25648https://forum.mango-os.com/post/25648Wed, 19 Aug 2020 07:39:59 GMT