[Winpcap-users] PCAP_OPENFLAG_NOCAPTURE_LOCAL ignored and PCAP_SETDIRECTION()

[Daniel Smith]

Hello,

I have been trying to make a custom software bridge using winpcap.
Unfortunately this means sending and receiving packets that arrive on a
pair of interfaces which means there needs to be some sort of logic
preventing infinitely copying any packet that appears in a cycle. As it is
a bridge I can't apply a capture filter to match the source MAC/IP of the
interfaces since many (known and uknown) MACs/IPs may need to transit the
link pair. After digging through the documentation I came across two
possible solutions:

PCAP_SETDIRECTION(device, PCAP_D_IN) - a directional filter to the capture.
Unfortunately this returns -1 as it does not seem to be supported on
Windows.
pcap_open() instead of pcap_open_live() - pcap_open() has flags for the 3rd
argument, one of which being PCAP_OPENFLAG_NOCAPTURE_LOCAL which is
supposed to prevent capturing packets sent by the driver itself.


Unfortuntaley when I launch 2 threads, one capturing on the interface and
one sending, I still receive the sent packets in the capturing thread. I am
using the following to open the interface in both
threads: pcap_open(InterfaceName, 65536, PCAP_OPENFLAG_NOCAPTURE_LOCAL,
1000, nullptr, ErrorBuffer)



Does anyone have any guidance on why pcap_open() might be behaving this way
or another way to achieve my goal of not capturing packets libpcap itself
put on the interface?


Thank you,

Daniel Smith
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.winpcap.org/pipermail/winpcap-users/attachments/20160928/83734e9c/attachment.html>