I have a problem with the npcap library (Successor to the popular WinPcap, and well know from e.g. Wireshark)
What I try to do is, monitoring all the traffic between my fiber optic modem and my router. But not only "sniffing" on the traffic using e.g. an Ethernet Hub or a Switch in port mirroring mode, but as a Man-In-The-Middle (MITM). Meaning: Reading/Intercepting the packages coming from the router, logging them (and in the future manipulating them), and writing/forwarding them to the Modem. As well as the same thing vice versa.
My Setup looks as follows:
Fiber optic modem ---> RJ-45 cable ---> USB-Ethernet-Adapter (delock) ---> Windows 10 Laptop (USB-Ports) ---> USB-Ethernet-Adapter (Realtek) ---> RJ-45 cable ---> AVM Fritz!Box 7590 (WAN-Port)
On the Windows Laptop:
At first, under the Windows 10 network adapter settings, I deactivated everything, except the "Npcap Packet Driver". Client for Microsoft Networks, QoS, TCP/IP, LLDP etc. everything is deactivated for both Ethernet Adapters, representing the USB-Ethernet adapters. To try out wether npcap works, I ran the basic_dump_ex example from the npcap SDK separately for both adapters, while having them connected to my home network. The result was, that, via both Interfaces, in npcap, I can read the Ethernet frames like Wireshark. (Ex-Example since it seems to read the messages in the same way, as the UserModeBridge example does - via polling instead of a callback)
Then I assembled the setup described above, and was running the UserModeBridge example. But the router is unable to connect to the Internet.
When I run separate Wireshark traces on both Ethernet adapters at the same time, I can see that the Realtek Interface regularly receives some "PPPoED Active Discovery Initiation (PADI)" and some "DHCP Discover" frames. And npcap seems to correctly replicate them to the Delock Interface. Meaning I see them in both Wireshark traces. Also the console prints of the UserModeBridge example indicates, that it forwards packages from one adapter to the other. But except those two messages, nothing happens.
If I remove the Laptop and connect the fiber optic modem directly to the router, the internet connection is established within seconds.
Has someone an idea or can help me? -Would be highly appreciated.
Am I trying something totally stupid and PPP cannot be forwarded in this way at all, because it works on a lower level than Ethernet frames? Or what am I doing wrong?
Thanks.