Hi,
This issue has been added to list at:
https://github.com/nmap/nmap/issues/200. Windows is slightly different for this thing, because Npcap Loopback Adapter is actually based on "Microsoft KM-TEST Loopback Adapter" and Windows makes "Microsoft KM-TEST Loopback Adapter" an Ethernet adapter, it has a MAC address and MTU is 1500 (can be seen in Wireshark and Nmap). Before the
DLT_NULL/DLT_LOOP change, the MAC address should be removed first, the MTU should be modified to an apropriate value, like 65535. It's weird to have a pure loopback interface with MAC address.
It seems that most softwares can handle DLT_NULL/DLT_LOOP for the captured data. So I think "02 00 00 00" for IPv4 and "23 00 00 00" for IPv6 are enough, right? This can be handled by Npcap. Then how about the sending side? I think Nmap just constructs a packet from Ethernet header before sending it. How to make Nmap construct a DLT_NULL/DLT_LOOP header instead of an Ethernet header?
Cheers,
Yang