Closed Komosa closed 3 years ago
Hi @Komosa ,
I installed a Win Server 2016 TP4 English
on my VMware Workstation 12, with Wireshark 2.0.2 x64
and Npcap 0.06 R13
. I captured on Ethernet0
and Npcap Loopback Adapter
. I didn't see the abnormal packets you described.
I didn't install any other softwares. Could you provide detailed reproduce steps about this bug? Thanks.
Cheers, Yang
Hi, I reproduced issue also on freshly installed Win10 enterprise N version 1511 (updated feb 2016), 64bit. I Just installed it in my Virtualbox 5.0.16 and then downloaded wireshark (2.0.2) and npcap (Npcap 0.06 R13) via powershell's wget.
See examplary packet here. I would rather expect end of file just after TCP layer, with proper lengh in pcap_header_t.len
Hi @Komosa ,
I confirmed this issue on my Virtualbox 5.0.14 + Win10 Pro 10240 x64 + Wireshark 2.0.2 x64 + Npcap 0.06 R13
.
I think the cause of this issue is compatibility of Npcap with Virtualbox. Because you won't encounter this issue on a VMware guest or a physical host.
It still needs to be clarified whether this bug belongs to Npcap or Virtualbox.
There were no problems when using winpcap, so it seems that problem is at least related to npcap.
Hi @Komosa ,
I have confirmed that it's a Npcap bug introduced in 0.06 R9. I will fix it. Thanks for report!
Hi @Komosa ,
This bug has been fixed in Npcap 0.06 R14.
Please try the latest installer at: https://github.com/nmap/npcap/releases
Hi all, I started tests of win server 2016 (tech. preview 4) (I know, it is not supported yet by npcap).
I could observe following error with npcap-r06.13: Length of packets on wire is reported incorrectly, instead of expected value reported value is 2048 (for majority of packets). After adding those lengths over some period, sum is significantly greater than expected. Length at IPv4 layer is (about) 1480. I run those test in Virtualbox VM hosted on Win7.
I could not reproduce this behavior with winpcap or on Windows 7. I didn't run tests on Windows 10 (yet).
best regards.