Re: Npcap 0.04 call for test

[Guy Harris <guy () alum mit edu>]

On Aug 24, 2015, at 1:19 AM, Pascal Quantin <pascal.quantin () gmail com> wrote:

> any reason for not using NdisMediumLoopback that is defined since Vista according to 
> https://msdn.microsoft.com/en-us/library/windows/hardware/ff565910%28v=vs.85%29.aspx ? Maybe it would make sense to 
> switch to DLT_LOOPBACK

You mean DLT_LOOP rather than DLT_LOOPBACK (that's what OpenBSD, which introduced DLT_LOOP, calls it).

> in that case (in that case the packet type must be put in network order).

Yes, that's what's different about DLT_LOOP - the address family value is in network byte order rather than host byte 
order.

Note that, if all packets are IPv4 or IPv6 packets, you could also use NdisMediumIP, if that means "received and 
transmitted packets begin with an IP header and have no link-layer header", and map that to DLT_RAW.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe