[Winpcap-users] capture differences between Linux system and Windows with winpcap

[Newlon, Phil]

This issue has reared its head again since I upgraded my hardware.  I am now back in the same boat as I was with my older Dell laptop where I am 'capturing' many more packets than are truly on the wire.

- I have tried three different adapters: the built in Intel 82579LM wired ethernet, ASIX AX 88772 USB to wired ethernet, and Dell 1540 802.11agn wireless adapter.  All exhibit the same behavior.
- I have tried (wired) adapter auto speed/duplex negotiation as well as manual configuration with no change in behavior (which is really odd, IMHO).
- For example, a four packet ping to a pingable device should produce 8 captured ICMP packets and in my case it produces 1528!
- I put the laptop on a hub and captured the traffic from the problem laptop there using Linux and captured the expected 8 packets.
- I uninstalled and reinstalled winpcap 4.1.3 with the same result.

Any thoughts what could possibly be causing winpcap to 'see' so many bogus packets regardless of which of three adapters I use?

Thanks, Phil


The issue was definitely with the Dell E6420.  I pulled the HDD out of it, put
it in a Dell E6430, installed the drivers for the newer laptop and all is well.
 Something is whacked with the E6420 Intel GB driver from Dell / Intel as far
as WinPcap is concerned.

Notice: This e-mail message and its attachments are the property of The Wendy's Company or one of its subsidiaries and may contain confidential or legally privileged information intended solely for the use of the addressee(s). If you are not an intended recipient, then any use, copying or distribution of this message or its attachments is strictly prohibited. If you received this message in error, please notify the sender and delete this message entirely from your system.