Add support to Npcap native mode

[hsluoyz]

Hi, I'm the author of Npcap. Thanks for using Npcap first!

I found that the current pypcap doesn't support the Npcap native mode (Npcap DLLs will be installed in System32\Npcap instead of System32). The impact is that the user has to install Npcap with WinPcap Compatible Mode option checked to use (aka winpcap_mode=yes). Otherwise, pypcap cannot find Npcap DLLs. And enabling this option will install another copy of Npcap driver that is compatible with WinPcap (like installing the DLLs to System32), which may affect the performance. So Npcap suggests all its downstream software to support Npcap native mode. Now software like Wireshark, Nmap, GNS3 has already supported Npcap native mode.

Please refer to the docs here for details and implementation guidelines. An Python example can be found here.

[nuald]

We'll add support for this in near future, as soon as my big PR is merged into the main branch.

However, I'd like to see the Npcap SDK update in that case, because now we have to reference the old WinPcap dev package (current Npcap SDK gives some redefinition errors which were fixed in libpcap, but were not included yet in the SDK). If you need more details, I can provide them, but in general, you just need to rebuild and upload SDK, so we can provide the up-to-dated link in the documentation.

[hsluoyz]

About the Npcap SDK error, please submit the details to our issues page here. It's kind of strange because Nmap also uses Npcap SDK to build, and so far I didn't get complaints about it. But if there's indeed an error in our SDK, we will fix it ASAP.

[nuald]

Added: https://github.com/nmap/nmap/issues/857

[hsluoyz]

Hi @nuald , the Npcap SDK has been updated, see here: https://github.com/nmap/nmap/issues/857#issuecomment-302809068