Thanks for the report. Within Npcap, we do a very simple check against the MaxFrameSize for the adapter, which should work as you are expecting. Can you answer a few followup questions so we can better diagnose the problem?

• Did this work correctly in some previous version of Npcap? Specifically, Npcap 0.9986 or 0.9987, which predate a change in where Npcap gets the MaxFrameSize value.
• What size of packet actually does work? I would try 1513, 1501, 1500, 1499, 1486, and lower to find the upper limit, which could help us understand.

I did some checking in the source, and it looks like there is a discrepancy in the values we are using.

Npcap prior to version 0.9988 uses a fixed MaxFrameSize of 1514 regardless of what the network stack supports. This is obviously incorrect because some interfaces do not support this size due to 802.1q or other constraints on frame size.

Npcap 0.9986 and later set the MaxFrameSize based on the maximum MTU reported by NDIS when we attach to the adapter. Unfortunately, this is the value we would get from OID_GEN_MAXIMUM_FRAME_SIZE, which does not include the space taken up by the link header. What we need instead is the value we would get from OID_GEN_MAXIMUM_TOTAL_SIZE, which includes the link header minus any 802.1q or 802.1p tag space that a lower layer would add. Unfortunately, this isn't available in the filter attach parameters or restart attributes, so we would have to issue an OID request for it.

I will see if I can get this corrected in the release I'm prepping at the moment. In the meantime, you can get the actual value Npcap is using internally by using OID_GEN_MAXIMUM_FRAME_SIZE or another method to get the MTU for the adapter. I'm sorry for the inconvenience.

The next release will be bugfix-only, so we will work on this after that. Thanks again for reporting it.

I was under the impression that OID_GEN_MAXIMUM_FRAME_SIZE was deprecated for LWF Drivers as stated here link. When I tried to use it to make a workaround for this issue it always returned 0. I honestly don't know why this would be deprecated as it is still very useful? Can you point me in the right direction to where you use it in your code?

Got the same issue here. At the end you'll see my diag report.

This issue have been failing at least from 0.9988 for me. Works fine using winpcap (old winpcap). Please, if you need any aditional info i'll be glad to help.

DiagReport for Npcap ( http://npcap.org )

Script Architecture: 64-bit
Script Path: C:\Program Files\Npcap\DiagReport.ps1
Current Time: 06/20/2020 17:44:20
Npcap install path: C:\Program Files\Npcap
Npcap Version: 0.9994
PowerShell Version: 5.1.18362.752

OS Info:

Caption : Microsoft Windows 10 Home
BuildNumber : 18363
Locale : 0409
MUILanguages : {en-US, es-MX, is-IS, mi-NZ}
OSArchitecture : 64 bits
ServicePackMajorVersion : 0
ServicePackMinorVersion : 0
SystemDirectory : C:\Windows\system32
Version : 10.0.18363

CPU Info:

Name : Intel(R) Core(TM) i7-1065G7 CPU @ 1.30GHz
Manufacturer : GenuineIntel
DeviceID : CPU0
NumberOfCores : 4
NumberOfEnabledCore : 4
NumberOfLogicalProcessors : 8
Addresswidth : 64

Memory Info:

Size: 16208 MB (16995794944 Bytes)

Network Adapter(s) Info:

Caption : [00000003] Intel(R) Wi-Fi 6 AX201 160MHz
GUID : {4DE12D03-0399-XXXX-9346-775A2C0B6FEC}
Index : 3
InterfaceIndex : 10
Manufacturer : Intel Corporation
MACAddress : 28:7F:CF:XX:XX:XX
Speed : 866700000
NetConnectionID : Wi-Fi
NetConnectionStatus : 2
PNPDeviceID : PCI\VEN_8086&DEV_34F0&SUBSYS_00748086&REV_30\3&11583659&0&A3
ServiceName : Netwtw08
AdapterType : Ethernet 802.3

Caption : [00000014] VMware Virtual Ethernet Adapter for VMnet1
GUID : {D7625453-EE25-4045-B1B0-2BE3FA7B4C53}
Index : 14
InterfaceIndex : 24
Manufacturer : VMware, Inc.
MACAddress :
Speed :
NetConnectionID : VMware Network Adapter VMnet1
NetConnectionStatus : 4
PNPDeviceID : ROOT\VMWARE\0000
ServiceName : VMnetAdapter
AdapterType :

Caption : [00000015] VMware Virtual Ethernet Adapter for VMnet8
GUID : {EFE3C663-3395-4445-8039-C6F988FC6D56}
Index : 15
InterfaceIndex : 27
Manufacturer : VMware, Inc.
MACAddress :
Speed :
NetConnectionID : VMware Network Adapter VMnet8
NetConnectionStatus : 4
PNPDeviceID : ROOT\VMWARE\0001
ServiceName : VMnetAdapter
AdapterType :

Caption : [00000016] Fortinet Virtual Ethernet Adapter (NDIS 6.30)
GUID : {3796709B-6585-47E5-A438-148DCE11BDC3}
Index : 16
InterfaceIndex : 8
Manufacturer : Fortinet
MACAddress : 00:09:0F:FE:00:01
Speed : 100000000
NetConnectionID : Ethernet 2
NetConnectionStatus : 7
PNPDeviceID : ROOT\NET\0000
ServiceName : ft_vnic
AdapterType : Ethernet 802.3

Caption : [00000017] TAP-Windows Adapter V9
GUID : {B5B51B6D-D240-4A8C-A6D8-9211AB9B32E0}
Index : 17
InterfaceIndex : 20
Manufacturer : TAP-Windows Provider V9
MACAddress : 00:FF:B5:B5:1B:6D
Speed : 100000000
NetConnectionID : Ethernet 3
NetConnectionStatus : 2
PNPDeviceID : ROOT\NET\0004
ServiceName : tap0901
AdapterType : Ethernet 802.3

Caption : [00000020] Fortinet SSL VPN Virtual Ethernet Adapter
GUID : {DBC657B9-5AA5-4AC6-A371-06795E65F5E0}
Index : 20
InterfaceIndex : 25
Manufacturer : Fortinet Inc.
MACAddress :
Speed :
NetConnectionID : Ethernet 5
NetConnectionStatus : 4
PNPDeviceID : ROOT\NET\0001
ServiceName : ftsvnic
AdapterType :

Caption : [00000021] PPPoP WAN Adapter
GUID : {FF04E3BC-33C8-4BF5-BC34-20D49CE11AFD}
Index : 21
InterfaceIndex : 28
Manufacturer : Fortinet Inc.
MACAddress :
Speed :
NetConnectionID : Conexión de área local
NetConnectionStatus : 0
PNPDeviceID : ROOT\NET\0002
ServiceName : pppop
AdapterType :

NDIS Light-Weight Filter (LWF) Info:

HKLM:\SYSTEM\CurrentControlSet\Control\Network{4d36e974-e325-11ce-bfc1-08002be10318}*:

InstallTimeStamp : {221, 7, 12, 0...}
Characteristics : 262144
ComponentId : ms_bridge
Description : @%SystemRoot%\system32\bridgeres.dll,-2
InfPath : netbrdg.inf
InfSection : Install
LocDescription : @%SystemRoot%\system32\bridgeres.dll,-2

InstallTimeStamp : {221, 7, 12, 0...}
Characteristics : 262184
ComponentId : ms_wfplwf_lower
Description : @%windir%\System32\drivers\wfplwfs.sys,-6006
InfPath : wfplwfs.inf
InfSection : WfpLwf_Lower_Install
LocDescription : @%windir%\System32\drivers\wfplwfs.sys,-6006

InstallTimeStamp : {221, 7, 12, 0...}
Characteristics : 40
ComponentId : ms_netbios
Description : @%windir%\system32\drivers\netbios.sys,-501
InfPath : netnb.inf
InfSection : NetBIOS.ndi
LocDescription : @%windir%\system32\drivers\netbios.sys,-501

InstallTimeStamp : {227, 7, 11, 0...}
Characteristics : 16512
ComponentId : vmware_bridge
Description : @oem11.inf,%vmware_desc%;VMware Bridge Protocol
InfPath : oem11.inf
InfSection : VMnetBridge.Install
LocDescription : @oem11.inf,%vmware_desc%;VMware Bridge Protocol

InstallTimeStamp : {221, 7, 12, 0...}
ComponentId : ms_server
Description : @%systemroot%\system32\srvsvc.dll,-109
InfPath : Netserv.inf
InfSection : Install.ndi
LocDescription : @%systemroot%\system32\srvsvc.dll,-109

InstallTimeStamp : {221, 7, 12, 0...}
Characteristics : 262184
ComponentId : ms_vwifi
Description : @%windir%\System32\drivers\vwififlt.sys,-105
InfPath : netvwififlt.inf
InfSection : Install
LocDescription : @%windir%\System32\drivers\vwififlt.sys,-105

InstallTimeStamp : {228, 7, 6, 0...}
Characteristics : 262144
ComponentId : INSECURE_NPCAP
Description : @oem69.inf,%npf_desc_standard%;Npcap Packet Driver (NPCAP)
InfPath : oem69.inf
InfSection : FilterStandard
LocDescription : @oem69.inf,%npf_desc_standard%;Npcap Packet Driver (NPCAP)

InstallTimeStamp : {221, 7, 12, 0...}
Characteristics : 262144
ComponentId : ms_pacer
Description : @%windir%\System32\drivers\pacer.sys,-101
InfPath : netpacer.inf
InfSection : Install
LocDescription : @%windir%\System32\drivers\pacer.sys,-101

InstallTimeStamp : {221, 7, 12, 0...}
Characteristics : 262184
ComponentId : ms_wfplwf_upper
Description : @%windir%\System32\drivers\wfplwfs.sys,-6005
InfPath : wfplwfs.inf
InfSection : WfpLwf_Upper_Install
LocDescription : @%windir%\System32\drivers\wfplwfs.sys,-6005

InstallTimeStamp : {228, 7, 1, 0...}
Characteristics : 262144
ComponentId : ft_fortifilter
Description : @oem91.inf,%ftndislwf_desc%;FortiClient NDIS 6.3 Packet Filter Driver
InfPath : oem91.inf
InfSection : Install
LocDescription : @oem91.inf,%ftndislwf_desc%;FortiClient NDIS 6.3 Packet Filter Driver

InstallTimeStamp : {221, 7, 12, 0...}
Characteristics : 262184
ComponentId : ms_nativewifip
Description : @%windir%\System32\drivers\nwifi.sys,-101
InfPath : netnwifi.inf
InfSection : MS_NWIFI.Install
LocDescription : @%windir%\System32\drivers\nwifi.sys,-101

InstallTimeStamp : {221, 7, 12, 0...}
Characteristics : 262144
ComponentId : ms_wfplwf_vswitch
Description : @%windir%\System32\drivers\wfplwfs.sys,-6004
InfPath : wfplwfs.inf
InfSection : WfpLwf_vSwitch_Install
LocDescription : @%windir%\System32\drivers\wfplwfs.sys,-6004

InstallTimeStamp : {221, 7, 12, 0...}
Characteristics : 262200
ComponentId : ms_ndiscap
Description : @%windir%\System32\drivers\ndiscap.sys,-5000
InfPath : ndiscap.inf
InfSection : Install
LocDescription : @%windir%\System32\drivers\ndiscap.sys,-5000

File Info:

Directorio: C:\Program Files\Npcap

Mode LastWriteTime Length Name

-a---- 9/06/2020 2:14 p. m. 862 CheckStatus.bat
-a---- 20/06/2020 5:44 p. m. 0 DiagReport-20200620-174420.txt
-a---- 9/06/2020 2:14 p. m. 1073 DiagReport.bat
-a---- 9/06/2020 2:14 p. m. 7642 DiagReport.ps1
-a---- 9/06/2020 2:14 p. m. 2444 FixInstall.bat
-a---- 20/06/2020 5:06 p. m. 15392 install.log
-a---- 9/06/2020 2:14 p. m. 10302 LICENSE
-a---- 12/06/2020 7:16 p. m. 10934 npcap.cat
-a---- 12/06/2020 7:16 p. m. 8657 npcap.inf
-a---- 12/06/2020 7:16 p. m. 80672 npcap.sys
-a---- 12/06/2020 4:51 p. m. 2402 npcap_wfp.inf
-a---- 12/06/2020 5:02 p. m. 251736 NPFInstall.exe
-a---- 20/06/2020 5:05 p. m. 43070 NPFInstall.log
-a---- 12/06/2020 7:16 p. m. 267856 Uninstall.exe

Directorio: C:\Windows\System32

Mode LastWriteTime Length Name

-a---- 12/06/2020 5:02 p. m. 102232 NpcapHelper.exe
-a---- 12/06/2020 5:02 p. m. 179544 Packet.dll
-a---- 12/06/2020 5:02 p. m. 65368 WlanHelper.exe
-a---- 12/06/2020 5:02 p. m. 434520 wpcap.dll

Directorio: C:\Windows\System32\Npcap

Mode LastWriteTime Length Name

-a---- 12/06/2020 5:02 p. m. 102232 NpcapHelper.exe
-a---- 12/06/2020 5:02 p. m. 179544 Packet.dll
-a---- 12/06/2020 5:02 p. m. 65368 WlanHelper.exe
-a---- 12/06/2020 5:02 p. m. 434520 wpcap.dll

WinPcap Info:

HKLM:\SOFTWARE\WOW6432Node\WinPcap:
Not present.

Registry Info:

HKLM:\SOFTWARE\WOW6432Node\Npcap:

AdminOnly : 0
WinPcapCompatible : 1
(default) : C:\Program Files\Npcap

HKLM:\SYSTEM\CurrentControlSet\Services\npcap:

Type : 1
Start : 1
ErrorControl : 1
Tag : 42
ImagePath : \SystemRoot\system32\DRIVERS\npcap.sys
DisplayName : @oem69.inf,%NPF_Desc_Standard%;Npcap Packet Driver (NPCAP)
Group : NDIS
Description : @oem69.inf,%NPF_Desc_Standard%;Npcap Packet Driver (NPCAP)
NdisMajorVersion : 6
NdisMinorVersion : 20
DriverMajorVersion : 0
DriverMinorVersion : 49

HKLM:\SYSTEM\CurrentControlSet\Services\npcap\Parameters:

NdisImPlatformBindingOptions : 0
DefaultFilterSettings : 1
LoopbackSupport : 1
DltNull : 1
Edition : Npcap
AdminOnly : 0
Dot11Support : 0
VlanSupport : 0
WinPcapCompatible : 1

HKLM:\SYSTEM\CurrentControlSet\Services\npcap_wifi:

Start : 4

HKLM:\SYSTEM\CurrentControlSet\Services\npf:
Not present.
HKLM:\SYSTEM\CurrentControlSet\Services\npf\Parameters:
Not present.
HKLM:\SYSTEM\CurrentControlSet\Services\npf_wifi:
Not present.

Service Info:

Status : Running
Name : npcap
DisplayName : Npcap Packet Driver (NPCAP)

Get-Service : No se encuentra ningún servicio con el nombre 'npf'.
En C:\Program Files\Npcap\DiagReport.ps1: 211 Carácter: 1

• Get-Service npf

•   + CategoryInfo          : ObjectNotFound: (npf:String) [Get-Service], ServiceCommandException
    + FullyQualifiedErrorId : NoServiceFoundForGivenName,Microsoft.PowerShell.Commands.GetServiceCommand
  
  
  
  

Install Info:

Please refer to: C:\Program Files\Npcap\install.log

Got the same issue, normal frames with 1514 bytes causes PacketSendPacket failure.
It's quite critical since it prevents Intercepter-NG from a proper work.

Tested on different systems. WinPcap works fine. Can try the test builds if necessary. Thank you guys for your work.

It works now!