What is FreeCap ?
FreeCap is packet capture and dump tool for WindowNT4.0.
How ?
+-------------------------+
| FreeCap.exe (GUI) |
+-------------------------+
| ^ (Event)
V(Manipurate) | -using COM (AKA OLE Automation)
+-------------------------+
| MacCap.dll (engine) |
+-------------------------+
| ^ (Event)
V(Manipurate) | -using DeviceIOControl
+---------------------------+
| NCapDD.sys (Packet Driver)|
+---------------------------+
| NDIS 3.0 |
+---------------------------+
| MAC driver |
+---------------------------+
Why ?
I need it.
I've searched some capturing tools, but most of them are shareware. And complete free tool Gobbler is DOS only tool.
Gobbler could not run under WindowNT's DOS VDM.
Where is FreeCap ?
Here!
My front end app (FreeCap.exe) shows its captions in Japanese letter.(With ANSI mode, I believe you cannot read them correctly)
How to install ?
- Unzip FreeCap.zip into the temporary directory(ex. c:\temp).
- Add NCapDD.Sys and MacCap.dll using control panel.
- Open Network applette.
- Click protocol tab.
- Click Add.
- Enter the temporary directory name.
- Click OK.
- WindowsNT will bind it on the adapter drivers.
- WindowsNT prompts you to reboot.
- Reboot the system.
- Run setup.exe
- Delete the temporary directory if you would like to.
Where are the sources ?
Here!
Here is the sources of version 2 of MacCap/NCap
You need NT DDK, if you would like to compile NCapDD.sys driver.
You need C++Builder3, if you would like to modify FreeCap.exe front end app.
You need VC++6SP1, if you would like to compile capture engine(MacCap.dll).
If you would like to program your own front end (GUI part), you need some OLE-Automation compatible tools like Dephi, VB5...
Copyright? Distribution condition ?
Under GPL. Copyright (c) 1999 arton.
History
May 5, 1999
I continue to change MacCap/NCapDD driver pair.
- MacCap now loads NCapDD.sys dynamically.(no need to install driver)
- MacCap.dll changed its name to MacCapV2.ocx.
So you can use it more easy (without COM knowledge).
- Adding monitoring only ActiveX contorl in it.
- NCapDD.sys stamps the packet recvtime more fine.
(approximately 50micro sec)
- I've deleted all MSDEV supplied useless MBCS comments.
So you can open the MacCapV2 project file straight into your environment (maybe).
Here is the new sources.
Jan. 25, 1999
I fixed some bugs and add some futures in FreeCap.exe.
- change dump view, with colored fonts.
- correct localtime.
- replace Borland about-Icon with my own.
- save packets summery with csv format
I changed MacCap.dll (Ok, Ok, I know it's COM violation, but...)
- Append VendorCollection interace.
- Append length properties on collections.
Jan. 15, 1999
I correct some bugs in FreeCap.exe.
- sync pane button to tree view.
- enabling copy and print buttons.
I modified MacCap.dll.
- try to keep packets sequence.
Jan. 4, 1999
First release.
Back