Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PPP capture

From: Yang Luo <hsluoyb () gmail com>
Date: Tue, 12 Jan 2016 09:42:50 +0800
Hi Alexis,

AFAIK, Npcap/WinPcap works on the data link level and it sees the Ethernet
frames. In my understanding, VPN SSL (https) or raw HTTP is just data of
high-levels (IP packets) for Npcap/WinPcap. I don't know if it's
appropriate or viable for Npcap/WinPcap to see this data. Maybe a
higher-level sniffer like Fiddler is more suitable for this task? Any other
opinions?


Cheers,
Yang


On Tue, Jan 12, 2016 at 4:14 AM, Alexis La Goutte <alexis.lagoutte () gmail com

wrote:





On Mon, Jan 11, 2016 at 6:16 PM, Yang Luo <hsluoyb () gmail com> wrote:


Hi Alexis,

Thanks to what Guy has pointed out, I will try my best on the monitor
mode when I get some time. There are some buddies asking for this feature
already:)


yes, i undertood too
i think, we need also to see for use npcap by default on Wireshark...
winpcap is really dead !



I haven't got an idea about the PPP support, but it sounds interested.
I'm a bit confused about it. What kind of support do you want for vpn? Do
you want Npcap to see decrypted data or something else? And what level vpn
do you want? I know pptp l2tp ipsec ssl, at least four kinds of vpn, they
work differently.


It is a VPN SSL from Fortinet/Fortigate for example ! it is a VPN SSL (top
of https), the idea is to have decrypted data !




Cheers,
Yang


On Monday, January 11, 2016, Alexis La Goutte <alexis.lagoutte () gmail com>
wrote:


Hi Yang,

Thanks for you create work on npcap ! (i waiing to try monitor mode on
Windows !)

I have a question for you...
the PPP support is planned or not ? because i have some VPN (SSL) client
using a virtual PPP and it should be nice to capture directly on VPN
connection.

Cheers






___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: