Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Npcap 0.04 call for test

From: Pascal Quantin <pascal.quantin () gmail com>
Date: Mon, 24 Aug 2015 11:46:11 +0200
2015-08-24 11:39 GMT+02:00 Yang Luo <hsluoyb () gmail com>:


Hi Pascal,

"Medium in use" value corresponds to OID_GEN_MEDIA_IN_USE, not
OID_GEN_PHYSICAL_MEDIUM, Just below "Medium in use" text, you can see
"Physical medium" line, this one is related to OID_GEN_PHYSICAL_MEDIUM,
and it's a "Unspecified" for Npcap Loopback Adapter, which I think is a
suitable value.



Yes agreed, that's why I sent a follow up email after realizing my mistake.




I personally think data returned by OID_GEN_MEDIA_IN_USE should be
identical with the one returned by OID_GEN_MEDIA_SUPPORTED for our loopback
condition based on MSDN explanation, and it's "media" instead of "medium",
so I think the display string should be modified to "Media in use" instead
of "Medium in use".



Media is the plural form of medium. "media supported" could list several
medium, while only one can be in use at a given time. So the current
wording seems OK to me.
Note that I updated the list of enum (so as to support loopback value) in
https://code.wireshark.org/review/#/c/10225/




Cheers,
Yang


On Mon, Aug 24, 2015 at 4:29 PM, Pascal Quantin <pascal.quantin () gmail com>
wrote:




2015-08-24 10:19 GMT+02:00 Pascal Quantin <pascal.quantin () gmail com>:


2015-08-24 3:38 GMT+02:00 Yang Luo <hsluoyb () gmail com>:


Hi list,

In latest 0.04 r6 version, I have used 0x02, 0x00, 0x00, 0x00 for an
IPv4 packet and 0x18, 0x00, 0x00, 0x00 for an IPv6 packet (tell me if
you have better value for IPv6). The driver can return NdisMediumNull now
for loopback interface. Wireshark seems to work now, one little issue is
that in the "Characteristics" tab in loopback interface's "Interface
Details", "Media supported" and "Medium in use" shows (0xffffffff) instead
of a understandable string, this is because that the source code lacks the
-1 to string mapping.

Latest installer is at:
https://svn.nmap.org/nmap-exp/yang/NPcap-LWF/npcap-nmap-0.04-r6.exe

Cheers,
Yang



Hi Yang,

any reason for not using NdisMediumLoopback that is defined since Vista
according to
https://msdn.microsoft.com/en-us/library/windows/hardware/ff565910%28v=vs.85%29.aspx
? Maybe it would make sense to switch to DLT_LOOPBACK in that case (in that
case the packet type must be put in network order).
Note that Wireshark would still display the raw value: I'm gonna update
the array.
Any reason for not making the NULL/loopback mode default instead of the
fake ethernet header?

Cheers,
Pascal.



BTW for the "Medium in use" value (that corresponds to
OID_GEN_PHYSICAL_MEDIUM) should not you report
NdisPhysicalMediumUnspecified instead of -1?



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org
?subject=unsubscribe




___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org
?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: