About Wireshark “the NPF driver isn’t running “Solutions

About Wireshark “the NPF driver isn’t running “Solutions

Today, when installing Wireshark software, there was an error as shown in the figure below. I searched for a solution, which is summarized as follows:

This error is caused by not opening the NPF service. Let’s talk about NPF briefly.

NPF (NetGroup packet filter) is the core part of WinPcap, which is the component of WinPcap to accomplish difficult work. It processes the packets transmitted on the network and provides capture, injection and analysis capabilities for the user level.   

It provides not only basic features (such as packet capture), but also more advanced features (such as programmable filter system). The former can be used to restrict a packet capture session to only a subset of network traffic, while the latter provides a powerful and simple mechanism to count network traffic.

The solution is as follows:

(1) Make sure you have installed WinPcap (which will prompt you to install when installing Wireshark) or download it from the official website:

Address: http://www.winpcap.org/

(2) Enter: Net start NPF at the command prompt to prompt that the driver service is opened successfully. As shown in the figure below:

If you want to close the service, enter: net stop NPF.

OK, now Wireshark works perfectly Start capturing data and analyzing it!!!

Similar Posts: