basil00
commented
2 years ago If it is "link layer" then the packets would not be visible to WinDivert, which is "network layer".
Closed KarloX2 closed 2 years ago
basil00
commented
2 years ago If it is "link layer" then the packets would not be visible to WinDivert, which is "network layer".
KarloX2
commented
2 years ago @basil00 Thanks for your answer!
I want to make sure that I understand this right. Is the following correct? The WinDivert software is built on top of Windows Filtering Platform (WFP). With WFP, is is generally possible to capture and inject Link Layer packets (also called MAC frames, as described here), but currently WinDivert doesn't make use of this option.
So generally it would be possible? How hard would this be and are there any plans to extend WinDivert in this way? (I would consider buying a commercial license when this feature is avaiable.)
Thanks!
Hello! WinDivert 2.2.0 (on Win10) seems to not capture LLDP (multicast) link layer packets. Is there a known limitation for capturing multicast packets? Any other idea? Thanks Karlo