Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Npcap 0.01 call for test about Windows loopback traffic capt

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Yang Luo <hsluoyb@xxxxxxxxx>
Date: Thu, 16 Jul 2015 17:56:02 +0800
Hi Tyson,

Thanks for testing Npcap and I already knew what to do about the service not start issue. It would be better if you can provide the BSOD issue reproduce steps because I never encountered this. I also encountered the connection loss problem sometimes, but it happens in a random way and I still don't know how to reproduce it.

Cheers,
Yang

On Wed, Jul 15, 2015 at 7:03 PM, Tyson Key <tyson.key@xxxxxxxxx> wrote:
Hi Yang,

Thank you for looking into implementing this. Sadly, I tried your package on my Win8.1 x86-64 machine, and found that not only did the new NPF service not start after uninstalling "real" WinPCap (running the installation tool manually, with the -il, and -i options didn't seem to do anything, until rebooting), and then your new NPCap in "compatibility mode", I had problems connecting to my WLAN, after rebooting (and I also received a BSOD, at one stage whilst trying to capture on multiple interfaces).

Unfortunately, I don't know if I can reproduce these issues, or provide any logging information, this time - but if I get chance, I'll have another look.

Take care,

Tyson.

2015-07-11 10:15 GMT+01:00 Yang Luo <hsluoyb@xxxxxxxxx>:
Hi list,

In order not to diverge with WinPcap interfaces, I have made a "WinPcap Mode" for Npcap, it uses the same system32 directory to put DLLs and has the same "npf" service and driver name. So it can be directly used in Wireshark without any patch. 

Another news is that I have finished Windows loopback packet capture feature in Npcap, Npcap will install an adapter named "Npcap Loopback Adapter". And I can see the loopback traffic using Wireshark now (See the attached pic). It seems to still have problems, like the "(no response found!)" in the ICMPv6 packets (ping ::1) in the pic. I don't know why Wireshark shows like this, perhaps you guys can provide me a clue.


I have tested this version Npcap under Wireshark 1.12.6 x64, in Windows 8.1 x64 and Windows Server 2016 TP2.

Notice: You need to try it under Win7 and later, and no need to change the installation options, just click the "Next"s. Npcap installed in "WinPcap Mode" is exclusive with WinPcap, so you must uninstall WinPcap first (installer will prompt you this).

The README is:

The implementation internal about loopback traffic feature is:


Cheers,
Yang

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe



--
                                          Fight Internet Censorship! http://www.eff.org
http://vmlemon.wordpress.com | Twitter/FriendFeed/Skype: vmlemon | 00447934365844

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube