Join GitHub today
npcap & rpcapd support #1329
I gave a try at rpcapd (via WinPCAP on Windows and libpcap master on Linux) and it seemed to fit our usage nicely. It seems broken (it probably worked one time out of ten and when it doesn't it reports some number of packets but won't forward them) on Windows 2016 (and probably Windows 10 from some reports I saw) but works fine on Windows 2012.
I quickly looked at different mailing lists & issues trackers hoping the problem was already reported or known and I stumbled on npcap.
WinPCAP seems frozen and I don't have much hope to make it work out the box without probably having to debug/recompile it (and I'll probably have issues later since I won't be able to sign it? I'm not well versed in Windows development, sorry :)).
Do you have any plans to provide rpcapd (which is now available from libpcap with
We haven't done much testing with rpcapd, so I'm not surprised that there are some bugs there. Since the-tcpdump-group/libpcap has taken ownership of the rpcap source, it would be most appropriate to file issues there if the client code (libpcap or Npcap communicating with a correctly-functioning
I will take a look at running WinPcap's
A future Npcap release may ship with a rpcapd service, but for now, it's not in our immediate plans. For this reason, I'm using the 'enhancement' label instead of the 'bug' label.
Thanks for taking a look, I understand the priority so no worries.
To avoid any ambiguities I should probably have said that the following work fine:
The misbehaving part seem to be
I don't do anything special beside executing
I would gladly avoid using/recommending WinPCAP if Npcap was embedding a working
EDIT: I would gladly test some stuff if you have some kind of list, it's just that I'm not accustomed/don't even have the minimum setup to do Windows development so it would probably take me a bit of time just to start digging where the problem could be :)
I assume by "Windows 2016" you mean "Windows Server 2016"; at least if the "Windows Server 2016" Wikipedia page is to be believed, that's "Windows 10 Server", so this may be a Windows NT 10 issue.
The rpcapd source code in libpcap is changed from what's in the last WinPcap release (4.1.3); it has a bunch of changes to make it build "out of the box" on various UN*Xes, fix a protocol compatibility issue when running on Solaris (so the client and server, on Solaris, should be able to communicate with the server and client, respectively, on other OSes), and fix various other issues.
I don't know how Npcap builds the libpcap component, but if it uses CMake and builds with
I currently don't have a Windows 10 VM (and have a bunch of other stuff I'm juggling as well), so there's not much I can do right now to diagnose this problem.