Wireshark-dev: Re: [Wireshark-dev] No interfaces showing (Win 10, WS 3.0)
From: "David Kozinn" <david@xxxxxxxxxx>
Date: Mon, 18 Mar 2019 14:30:50 -0400

I started an update on another machine, it’s asking to install that same version. I could cancel out and install npcap manually, but since the Ethereal days I’ve always let the installer update Winpcap/npcap.

 

What version should I be using?

 

From: Wireshark-dev <wireshark-dev-bounces@xxxxxxxxxxxxx> On Behalf Of Pascal Quantin
Sent: Monday, March 18, 2019 2:22 PM
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Subject: Re: [Wireshark-dev] No interfaces showing (Win 10, WS 3.0)

 

Hi Graham and David,

Le lun. 18 mars 2019 à 19:12, Graham Bloice <graham.bloice@xxxxxxxxxxxxx> a écrit :

As you had WinPcap before, there might be conflicts.  I've always manually uninstalled WinPcap before upgrading to npcap.

 

Suggestions at this point are:

  1. Reboot.
  2. Manually uninstall any existing WinPcap and npcap instances, then manually reinstall npcap[1].

[1] npcap doesn't seem to make the previous releases accessible, and there has been very little, if any, Wireshark testing with the current release.  It's only an hour old!

 

You can find all the versions here: https://nmap.org/npcap/dist

 

Pascal.

 

 

On Mon, 18 Mar 2019 at 17:51, David Kozinn <david@xxxxxxxxxx> wrote:

I installed it along with Wireshark and didn’t (intentionally) change any options. I see that there’s a different version on the npcap site, but I’ll wait to hear back before doing anything.

 

From: Wireshark-dev <wireshark-dev-bounces@xxxxxxxxxxxxx> On Behalf Of Graham Bloice
Sent: Monday, March 18, 2019 1:12 PM
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Subject: Re: [Wireshark-dev] No interfaces showing (Win 10, WS 3.0)

 

That shows that you're using npcap (with Npcap version 0.99-r9) as a capture library.

 

Did you change install npcap with the Wireshark installer or separately?  Did you change any of the npcap options in the installer?

 

On Mon, 18 Mar 2019 at 16:56, David Kozinn <david@xxxxxxxxxx> wrote:

I hope this is what you were looking for:

Version 3.0.0 (v3.0.0-0-g937e33de)

Copyright 1998-2019 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors. License GPLv2+: GNU GPL version 2 or later <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html> This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.12.1, with WinPcap SDK (WpdPack) 4.1.2, with GLib 2.52.2, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.14.0, with Lua 5.2.4, with GnuTLS 3.6.3 and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.14.0, with LZ4, with Snappy, with libxml2 2.9.9, with QtMultimedia, with AirPcap, with SBC, with SpanDSP, with bcg729.

Running on 64-bit Windows 10 (1903), build 18356, with Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz (with SSE4.2), with 16334 MB of physical memory, with locale English_United States.1252, with Npcap version 0.99-r9, based on libpcap version 1.8.1, with GnuTLS 3.6.3, with Gcrypt 1.8.3, without AirPcap, binary plugins supported (14 loaded). Built using Microsoft Visual Studio 2017 (VC++ 14.12, build 25835).

Wireshark is Open Source Software released under the GNU General Public License.

Check the man page and http://www.wireshark.org for more information.

 

From: Wireshark-dev <wireshark-dev-bounces@xxxxxxxxxxxxx> On Behalf Of Graham Bloice
Sent: Monday, March 18, 2019 12:48 PM
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Subject: Re: [Wireshark-dev] No interfaces showing (Win 10, WS 3.0)

 

What is the contents of the Wireshark -> Help -> About Wireshark -> Wireshark dialog?  You can highlight the text and copy it and paste it into your reply.  You could also use the output of "tshark --version".

 

 

 

On Mon, 18 Mar 2019 at 15:53, David Kozinn <david@xxxxxxxxxx> wrote:

Hi Devs,

 

I’m using Version 3.0.0 (v3.0.0-0-g937e33de) on Windows 10 Pro 64-bit 1903 (build 18356.1), and there are no interfaces at all showing when I start Wireshark. WinDump -D shows:

 

1.\Device\NPF_{C0E23443-4215-4E51-8016-633F44FC063E} (Realtek PCIe GBE Family Controller)

2.\Device\NPF_{AA3C112A-73F5-420E-8078-6C4B7CDA69C5} (Microsoft)

3.\Device\NPF_{362B3BBF-C171-4125-A3DF-817B31E4F7E1} (Microsoft Corporation)

4.\Device\NPF_{B4422FE7-42C4-4285-83E1-03D6840FAB0C} (Microsoft)

5.\Device\NPF_{04833D28-6756-4E4E-874F-F6F1328063D0} (Microsoft)

6.\Device\NPF_{D5400C59-3FD8-4B91-82AA-827B3E155B85} (TAP-Windows Adapter V9)

7.\Device\NPF_{6562DFC2-4BF3-4007-BDC4-7A2249032205} (Microsoft)

 

If I run windump on interface 3 I see traffic.

 

I know that 3.0 worked after I initially installed it, however I don’t know if it worked after the first reboot after that, and I have subsequently received Windows 10 updates (I’m on the Insider Slow ring). I’ve rebooted several times with no change.

 

For what it’s worth, Microsoft Netmon does display the interfaces and capture traffic, though I realize that’s not via npcap.

 

I’d appreciate any help.

 

Thanks,

 

David

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


 

--

Graham Bloice

Software Developer

Trihedral UK Limited

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


 

--

Graham Bloice

Software Developer

Trihedral UK Limited

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


 

--

Graham Bloice

Software Developer

Trihedral UK Limited

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe