Update of Chocolatey.org Package

[gsmithTUD]

Hi,

I'm looking to manage a larger deployment to ~250 Windows 10 desktops in a (non-profit) educational setting for students learning networking in conjunction with Wireshark. In the past we've use Winpcap and more recently Win10pcap. Both of these are closed/abandoned and I'm looking to use npcap instead.

I found npcap on Chocolatey but it's not publicly listed (the link to the issue on github about that has vanished?). The version there is 0.86 is way behind the currently available 1.5. Could this be updated please?

I would also be very useful to bake in some "sane default" install switches that people are likely to need in order to get npcap working with Wireshark.

Thanks!

[fyodor]

Hi @gsmithTUD. We briefly tested Chocolatey for the free/demo version of Npcap in 2017 but it didn't work well for us because:

• Unless I'm misremembering, they weren't showing the Npcap license agreement for the user to read and confirm. This is particularly important for the free version of Npcap so users know that it doesn't allow redistribution or usage on more than 5 systems (plus unlimited systems where it is only used for Nmap, Wireshark, and/or Microsoft Defender for Identity). We don't want people to violate the license unknowingly.
• The free/demo Npcap doesn't include a silent installer, but I think Chocolatey requires one.
• The commercial version (Npcap OEM Internal-Use License includes a silent installer, but Chocolatey doesn't seem to offer a payment process for commercial software the way other app stores do. Chocolatey itself sells a paid version, but none of that revenue goes to the actual software package developers.

I'm no Chocolatey expert, so please let me know if I'm wrong about any of this. We're also open to other Windows app stores that address these issues if anyone wants to recommend any. They would have to support drivers and not just user-mode apps.

For now we have just been distributing the three Npcap OEM editions ourselves:

• Npcap Free/Demo Edition can be downloaded from the main site
• Npcap OEM Internal-Use License with silent installer, support, and exempt from the 5-install limitation of the free version. This is what we recommend for folks who want to automatically deploy Npcap to hundreds of machines.
• Npcap OEM Redistribution License for companies who wish to redistribute Npcap OEM as part of their products for efficient Windows packet capture and transmission.

It is the paid versions of Npcap which fund the project so we can pay Windows kernel developers to work on it full time. And we're really proud of all the improvements we've been able to make in recent years through those investments. I'm closing this issue since I don't think Chocolatey will currently work for us, but I hope this information/reasoning helps.

Regarding your last note about "sane default" install switches for Wireshark, the default options should already work fine with Wireshark. If you are having problems using Wireshark with Npcap 1.50, please file it as a new issue here and we'll take a look.

[gsmitheidw]

Hi @fyodor - Sorry I was signed in as the wrong user identity earlier by accident. I'm gsmithTUD.

Just answer those:

• Yes - it is possible to show the licence agreement and have to manually set a switch to agree to continue with chocolatey. This is in the terminal (powershell/cmd) in text. But there is a package parameter to bypass this as well.

• The silent installer is very much a require part of chocolatey specifically for the community repo (self hosted repos are possible and commonplace too) but because any equivalent technology including MS upcoming Winget as well as established deployment tools like MS SCCM, Ninite Pro etc. None of those are app stores either. I think this is a general problem rather than chocolatey specific issue. How should Academic sector perform bulk installs to student labs for learning Wireshark with npcap with any deployment mechanism?

I fully understand and agree that as well as providing open source free utilities you are also a business and ultimately need to get funded - particularly from organistations that are using nmap/npcap etc for commercial gain and profit. My organistation like many other academic institutions is is non profit and a registered charity. We don't make a cent from using wireshark or pcap. I would imagine a lot of academic institutions make a "golden image" of Windows with all installs pre-installed of all applications thereby avoiding the need for a silent install. This method of deployment has become very oldfashioned and is not how MS are recommending deployments are done anymore. This is why modular installs with package management (basically like yum or apt in Linux) is becoming popular.

Presumably for the OEM version to be silently installed, a licence key is required? It should be possible to create a chocolatey package that will silently install if install parameter is passed that tells the package to use a key and maybe provide that to academia? Chocolatey community repo may not allow by default non-silent applications, but there a lot of chocolatey nupkg recipes available for software that is not possible to licence, redistribute or even download. In fact we run our own internal repo for deploying some science and maths software we have academic licences for. Some of those require a key to install silently, some check in on run against an internet licence server.

[gsmitheidw]

@fyodor Hi, just a "bump" on this and some other thoughts over the past week:

https://docs.chocolatey.org/en-us/information/legal Installing anything with Chocolatey is deemed to have accepted the licence terms of the application.

Using the nuspec correctly as per MS specification in the package there are two options:

Licence URL and Licence: https://docs.microsoft.com/en-gb/nuget/reference/nuspec#licenseurl

This is shown to the user when installing with choco install application either the licence link or the embedded licence text.

It is possible to over-ride that switch an acceptance switch like -y but again - the licence acceptance is implicit anyway. If somebody is going to break the licence anyway - forcing a non-silent is not insurmountable. AutoHotKey is regularly used with chocolatey to visually press buttons on non-silent installers, for example here's one in the community repo:

https://community.chocolatey.org/packages/QTTabBar#files

That could be done in theory, but it's a bit of a dirty hack of a solution in my opinion. Nobody should be doing that.

Another option I would suggest is to provide a method for reasonable non-profit/educational establishments to obtain a Npcap OEM Internal-Use License and provide a chocolatey recipe (basically the source to a nupkg) so that all that would be needed would be to git clone the repo, change the URL field in the chocolateyinstall.ps1 to an internal server UNC path or URL and just do a choco pack npcap. Anybody who is using npcap in such a manner will have an internal chocolatey repo anyway - so the community repo is somewhat less important.

I do feel the student's who are working on their personal computers are left out if they wish to do some automation of their home development environment if npcap isn't in the community repo though. Bear in mind, a student who has used npcap whilst in University may go on to use it professionally and commercially when they are qualified and earning money. So it isn't money lost, so much as invested in future potential customers.

[fyodor]

Hi @gsmitheidw. Thanks your comments. Even if the Chocolatey page says that users are deemed to have accepted the license terms of each application they install, I doubt very many users actually go out and review those licenses. So they are unlikely to even know about the 5-install limit of the free/demo version of Npcap. Plus unlimited copies that are only used for Nmap, Wireshark, and/or Microsoft Defender for Identity.

Npcap OEM does not require a license key since we are a bit skeptical of DRM solutions which can be a pain to activate and can fail in ways that leave you unable to use your software when you need it. So we rely on the honor system for Npcap OEM customers to only use the number of installs they paid for.

The Npcap OEM silent installer and lack of DRM makes it super easy to mass deploy using almost any Windows software deployment system. We're also hoping to release an MSI version of Npcap OEM so it's even easier when using Microsoft's deployment software (see #103).

Npcap OEM works very well for educational institutions and we sell to colleges and universities all of the time. Most schools are nonprofits from a tax standpoint, but they usually still charge their students tuition and use that substantial revenue to pay for teachers, computers, software, etc. Some have endowments reaching tens of billions of dollars and tuitions of $50k+ per year. Of course not all schools are in such a rosy financial position, and not all businesses are flush with cash either. Some are losing money. If schools are on a super strict budget with hundreds of computers, maybe they could install Linux instead of Windows. Then they can use Wireshark and Libpcap and lots of other software for free. Also, unlimited copies of the demo Npcap can be used for free with Wireshark. It just takes like 3 clicks to install. If an organization can't or doesn't want to pay for Npcap OEM and it's silent installer, and they're not willing to deal with the "hassle" of clicking through the free version installer, maybe Npcap is not that important to them anyway.

Using AHK or another automation system to install and click through the free Npcap installer is not necessarily against the free/demo license if you download Npcap yourself and just install it on your own organization's systems (e.g. you aren't redistributing Npcap) and are only using Npcap for thoe 3 applications for which unlimited installs of the free version are allowed. If an organization truly can't afford Npcap (even though we think it's fairly cheap by software standards), I wouldn't fault them for doing this. If an organization could easily afford Npcap but uses this technique to avoid paying and contributing to Npcap's maintenance, I might consider them cheapskates or freeloaders, but it's still within their rights as long as they aren't violating Npcap's license.

The good news is that many users and vendors who have been stuck with the unmaintained WinPcap for 8 years since the least release recognize the value Npcap provides and have shown themselves willing to pay for it. Enough that we're hoping to hire another developer this year!

Sorry for the long post, but I hope this helps explain our reasoning.

[gsmitheidw]

Thanks for clarifying, I think like many in education (and we're not in the league of the $50k+ per year fees category, we're government funded), we just used Wireshark and pcap was just a dependency that we didn't really give much thought to it as being all that distinct from Wireshark.

I wasn't sure what had changed with winpcap on chocolatey's community repo and just switched to win10pcap for a while and then that became unmaintained. I don't think many were actually aware npcap was actually a commercial package. Certainly I wasn't clear on that at all! I just thought the installer for winpcap was mistakenly missing a silent switch when setup compiled, rather than set deliberately so as to discourage unfair use by rich organisations.

Thanks for the time you put into replying, certainly I would be in favour of supporting the software financially to some degree, even though for our needs it is quite a small portion of our overall student computing courses.