[Winpcap-users] [Wireshark-dev] how Wireshark get linktype?

Gianluca Varenni gianluca.varenni at cacetech.com
Tue Sep 1 18:34:01 PDT 2009


If you want to debug the winpcap driver (npf.sys) you will need two machines 
(or eventually a virtual machine supporting your device) and WinDbg for 
kernel debugging.

Have a nice day
GV

----- Original Message ----- 
From: "Joshua (Shiwei) Zhao" <swzhao at gmail.com>
To: <winpcap-users at winpcap.org>; "Developer support list for Wireshark" 
<wireshark-dev at wireshark.org>
Sent: Tuesday, September 01, 2009 5:54 PM
Subject: Re: [Wireshark-dev] [Winpcap-users] how Wireshark get linktype?


Is there a way to debug winpcap at runtime when Wireshark calls it?

Many thanks,
Joshua


On Tue, Sep 1, 2009 at 5:37 PM, Guy Harris<guy at alum.mit.edu> wrote:
>
> On Sep 1, 2009, at 5:31 PM, Joshua (Shiwei) Zhao wrote:
>
>> 2) Since I already set the driver to monitor mode, I thought winpcap
>> should return that as the default.
>> In fact, winpcap doesn't even return DLT_IEEE802_11_RADIO as an
>> option. It only gives the default linke types. That's why I wonder
>> whether there is compatibility issue between winpcap and the driver
>> and whether winpcap uses those two OIDs for linktype queries.
>
> WinPcap knows nothing about monitor mode; it's a NDIS 5.x driver, and
> there's no notion of "monitor mode" in NDIS 5.x. It also has no
> notion of DLT_IEEE802_11_RADIO or even DLT_IEEE802_11, as there's no
> notion of a device returning 802.11 headers in NDIS 5.x.
>
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
> https://www.winpcap.org/mailman/listinfo/winpcap-users
>
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev at wireshark.org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request at wireshark.org?subject=unsubscribe 



More information about the Winpcap-users mailing list