Wireshark-dev: Re: [Wireshark-dev] Win10Pcap - WinPcap-compatible NDIS 6.x capture driver
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
Date: Tue, 16 Jun 2015 10:48:22 +0200


On Wed, Jun 10, 2015 at 6:48 PM, Daiyuu Nobori <nobori.daiyu@xxxxxxxxx> wrote:
Hi all,

Please let me introduce my WinPcap-compatible NDIS 6.x open source driver.

WinPcap is implemented in the NDIS 5.x driver model. The WinPcap dev
team seems not working recently to integrate the WinPcap kernel-mode
driver to NDIS 6.x driver model. As the result, recently WinPcap does
not work in some builds of Windows 10 correctly (while it does work in
some builds of Windows 10.) Additionally, WinPcap cannot capture 802.1Q
tagged VLAN headers received by NDIS 6.x NICs in Windows 7, 8 and 10.
I had desire to improve these problems with WinPcap.

As my personal project on my Ph.D course in the university (actually as
my hobby), I tried to write my own WinPcap-based and WinPcap-compatible
packet capture driver for Windows in the NDIS 6.x driver model.
I tested my implementation on some desktops and laptops with
Windows 10 beta builds, and my driver seems works quite well.
I also add the code to capture 802.1Q VLAN tags correctly.

Finally I named it 'Win10Pcap', prepared the installer package, and
released it on the GitHub repository, and on the web site as open source.
URLs are as below.
http://www.win10pcap.org/
https://github.com/SoftEtherVPN/Win10Pcap

I believe that Win10Pcap is complying with the NDIS 6.x driver model.
It can be expected to work well with Windows 10's future builds. It can
also capture 802.1Q tagged VLAN headers which original WinPcap drops.
I hope that my program would help someone who are in a trouble running
Wireshark in Windows 10 environments, or someone who has a hard-time
dealing with capturing tagged VLAN packets.

--
Daiyuu Nobori
Computer Science, University of Tsukuba, Japan

Hi,

Thanks !!
It is a great news !

Do you have also work/tested with Wireless interface (WiFi/3G/4G...) to get wireless header information ?

May be look to be the replacement of Winpcap (it is good about licencing...) but will drop XP/Vista support...

Regards,


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe