Comments (2)
hsluoyz
commented on August 24, 2024
Updating Npcap to use latest libpcap trunk is a necessary part for our long-term goal. However, we didn't come to an agreement on how to do it yet.
Current Npcap's libpcap code uses WinPcap 4.1.3's original part, which is based on libpcap version 1.0 branch 1_0_rel0b (20091008).
The official libpcap repository is also hosted on GitHub: https://github.com/the-tcpdump-group/libpcap, maintained by Guy. The latest version is 1.7.4.
We can view libpcap's code as two parts, the first part is OS-independent part. This part of code is general for all supported OSes (Linux, Windows, etc.). The second part is OS-dependent part. This part is only for the specific OS. Like pcap-win32.c, pcap-remote.c on Windows. The first part of code is much more than the second part.
However, because of some reason, the current libpcap trunk code is still not usable on Windows. So it canβt be directly used on Npcap or WinPcap. It needs some modifications. As libpcap 1.7.4 has changed too many things than the original 1.0, it's impossible to add all new libpcap 1.7.4 features to Npcap's libpcap 1.0 code. The only workable way is to add back Windows support to the current libpcap 1.7.4 trunk. So we have two ways here.
- Merge our modifications (including Windows support and Npcap support) to the official libpcap repo, then make the official libpcap repo a submodule of Npcap repo. The advantage is that Npcap will automatically receive all updates of the libpcap OS-independent part of code when the libpcap repo trunk updates. The disadvantage is that we don't have full control on the libpcap part of Npcap.
- Fork a private branch of libpcap, make our modifications on this private fork, then make this private repo a submodule of Npcap repo. The advantage is that we have full control on the libpcap part of Npcap. The disadvantage is that we still need to manually merge all necessary changes from the official libpcap repo to our private branch. As the official libpcap repo doesn't have our modifications, their new changes won't consider our fork's existence and can be quite difficult to apply on our own fork.
- based on method 1., we request to be one of the administrative members for the official libpcap repo. In this way, we can gain some sort of control on the libpcap repo.
I'm personally with 1. or 3. But we haven't reached an agreement yet, so still needs to be discussed.
from npcap.
hsluoyz
commented on August 24, 2024
This work has been done. And I released Npcap 0.08 for this improvement here: https://github.com/nmap/npcap/releases.
I used Nmap's libpcap fork's npcap branch as a submodule of the Npcap repo. This branch is based on the official libpcap's 1.8.0 release. And I have merged nearly all improvements from the original local libpcap source to this new repo.
Only two commits are still not merged yet:
b400111
5d84de4
Update
b400111: Nmap still uses the pcap_int.h to directly call Packet functions. So this commit is not needed.
5d84de4: We have decided to delete the pcap_get_servicename function.
So this work is finished.
from npcap.
Related Issues (20)
- API: pcap_next_ex did not get all the packets that met the requirements HOT 9
- pcap_oid_get_request is missing in npcap-1.79.exe HOT 1
- BSOD during VMware player (network driver) installation
- Update EV codesigning certificate used for Npcap and Nmap
- Update building documentation for Win11 SDK HOT 1
- Old version of Npcap on winget HOT 1
- Failed to capture traffic HOT 2
- Failure to Capture Virtual Adapter - winpcap can capture but npcap does not HOT 6
- PcapLiveDevice.cpp: sendPacket:628] Error sending packet: send error: PacketSendPacket failed: A device attached to the system is not functioning. (31) HOT 2
- Update Npcap to support NDIS 6.89 HOT 2
- With GNS3 and NPCAP not possible to ping and connect to host within GNS3
- Nmap Error: 'Error compiling our pcap filter: expression rejects all packets' HOT 6
- Not able to send 10 Gbps HOT 1
- Couldn't capture 802.11 radio beacon packets using Npcap SDK in Windows C++ HOT 7
- Resolve Application Verifier stops in libpcap (wpcap.dll) included with Npcap 1.79 HOT 5
- Npcap Bug Report - Error 0x80070002 failed to install npcap service
- outbound packets logged twice on vEthernet HOT 2
- Fix reported BSOD in !NPF_RemoveFromGroupOpenArray HOT 1
- Create API calls for non-blocking packet writes HOT 2
- pcap_next_ex still have timeout even when pcap_set_immediate_mode HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from npcap.