etl2pcapng is built only for ndiscap packet captures, but some users are not aware that there are multiple inbox pcap methods in Windows and try to use it on captures collected with pktmon. Currently the tool handles this usage ungracefully with a terse "there is no pcap in this file" message and a nearly-empty output file littering the filesystem.
This update prints a more helpful error message and cleans up the output file in this situation.
etl2pcapng is built only for ndiscap packet captures, but some users are not aware that there are multiple inbox pcap methods in Windows and try to use it on captures collected with pktmon. Currently the tool handles this usage ungracefully with a terse "there is no pcap in this file" message and a nearly-empty output file littering the filesystem.
This update prints a more helpful error message and cleans up the output file in this situation.