chall32 / ldwin Goto Github PK
View Code? Open in Web Editor NEWLink Discovery for Windows
Link Discovery for Windows
Currently this fails if you are connecting through more than a single device which broadcasts LLDP.
In particular, this fails both when an LLDP daemon is installed on the windows host itself (LDWin picks up those packets) or if you are connecting to a switch through something like an IP Phone which also reports LLDP.
On the command line with a tool like lldpd
this is resolved by simply printing multiple information blocks. Is there a simple way to add support for reporting multiple hosts broadcasting LLDP information?
Unfortunately I cannot simply look into it myself due to no source code....
LLDP and CDP are supposed to have both port Name and Description. The LDWin only displays the description. If switch ports have same description, or no description at all they are unidentifiable with the LDWin.
I tried this tool with Win7 (64 x) on a HP EliteBook (different models).
In any possibility it says that it can't get pakets. I do not know why... Is there any logfile or erorr messages to search in? What can I do?
We've been using LDWin for a long time and it's been great.
We've just put some new switches in (Cisco C9300-48P) and the data LDWIN gets isn't the same.
Port Identifier and Switch model, they are reporting different fields such as the IOS version on the switch model and our own description field on the Port ID instead of the port interface.
However, if we keep running 'get link data' we can occasionally see the correct info under those fields, but the then other fields, like VLAN Identifier are blank.
I'm wondering if Cisco have changed/increaed what information they are sending but LDWIN can only read so much of it?
Hello,
i would like to know if its possible to get commandline switches to run this Programm over cmd rather than the gui?
The app launches but can't retrieve data in Windows 11.
Can you add Voice VLAN ID support? This would help us out a bunch. Thanks for the awesome tool!
Hi,
I use Windows 10 version 1511 (OS build 10586.318) and Cisco switches.
I can't get info for some reason and would like to know how to troubleshoot this issue or what should be done computer or network wise to get Link Data.
Thank you
Be nice if there was a 64 bit version for winpe.
First of all, wonderful tool, thanks!
Ran into a little issue:
Lenovo Thinkpad t440s Win8.1. No link data found after ten minutes with LDW, but tcpdump gets it.
Tcpdump output:
C:\bin>tcpdump -i 5 -nn -v -s 1500 -c 1 (ether[12:2]==0x88cc or ether[20:2]==0x2
000)
** Tcpdump v4.5.1 (Nov 20, 2013) for Windows **
** Win98/ME/NT4/2000/XP/2003/Vista/2008/Win7/Win8/Win2012 **
** built with Microolap Packet Sniffer SDK v6.1 and **
** Microolap WinPCap to Packet Sniffer SDK migration module. **
** (c) Microolap Technologies, **
** Khalturin A.P. & Naumov D.A. **
** http://www.microolap.com **
** Trial license. **
tcpdump: listening on \Device{779A0282-3E24-48DB-94CE-0A9A28EC7224}
09:41:16.781687 CDPv2, ttl: 180s, checksum: 692 (unverified), length 462
Device-ID (0x01), length: 40 bytes: 'nnnn'
Version String (0x05), length: 243 bytes:
Cisco IOS Software, C3560 Software (C3560-IPBASEK9-M), Version 12.2(55
)SE8, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Wed 26-Jun-13 11:18 by prod_rel_team
Platform (0x06), length: 19 bytes: 'cisco WS-C3560-24TS'
Address (0x02), length: 13 bytes: IPv4 (1) x.x.x.x
Port-ID (0x03), length: 16 bytes: 'FastEthernet0/21'
Capability (0x04), length: 4 bytes: (0x00000028): L2 Switch, IGMP snoopi
ng
Protocol-Hello option (0x08), length: 32 bytes:
VTP Management Domain (0x09), length: 3 bytes: 'nnnn'
Native VLAN ID (0x0a), length: 2 bytes: xxx
Duplex (0x0b), length: 1 byte: full
ATA-186 VoIP VLAN request (0x0e), length: 3 bytes: app 1, vlan xxx
AVVID trust bitmap (0x12), length: 1 byte: 0x01
Management Addresses (0x16), length: 13 bytes: IPv4 (1) x.x.x.x
unknown field type (0x1a), length: 12 bytes:
0x0000: 0000 0001 0000 0000 ffff ffff
1 packet captured
255 packets received by filter
0 packets dropped by kernel
Hello, like any good sysadmin, I checked the file before executing. According to VirusTotal, 5 different engines have potential issues with the EXE file in your repo.
Hi Chris,
Thanks for this great tool!
I have directed many to use it and one of noted it was flaged as malware by Virustotal at https://www.virustotal.com/en/file/ed0bf3c3746fcaa8f4efcf12ad26c590cba709f229c0f4f8fc33e6df227b1872/analysis/1464117137/ - can you help and clear this?
Thanks,
Eitan
If using this program to troubleshoot Skype Locations, returning the MAC address is useful as we can compare the MAC address the client is seeing against the MAC address in the Skype database.
I think this should be a relatively simple addition?
When I use LDWin ver 2.0 with a Dell 5548 PowereConnect it passes through the switch and goes to the next switch upstream.
O/S Win 7 pro
This has been since a couple of months.
Already tried reinstalling network card, Windows Firewall, Troubleshooter.
Have read all the tickets, asked all my coworkers, but nobody seems to have the same problem.
If i open the program, select a network card and click on Get Link Data it will instantly show my own mac address and nothing else, i can scan multiple network cards but they all show the same result, I've also tried multiple switches but nothing works.
Thanks in advance for your help.
See screenshot below,
When using LDWin connected to a switch with mGig support, the port number is truncated by 1 character.
So all 2 digit ports starting from 20-29 show as port 2
i.e.
FiveGigabitEthernet1/0/25
shows as
FiveGigabitEthernet1/0/2
And so forth.
It may be better to either increase the length of the display field to account for this, or to substitute numbers for words such as
5GigabitEthernet
in place of
FiveGigabitEthernet
I tried using the tool from my laptop to a Cisco SG switch. It has an invalid port info.
Have run LDWin on over 60 ports in the last week and getting a non-consistent output.
I am trying to write a PowerShell script to combine the output files for easy manipulation to speed up documentation and alterations needed to the switches.
Is there a reason for these non-consistent outputs at all?
I was wondering if there was a command line option for this application ?
First off, great utility. I tried this utility in mulitple configurations and all execpt one has returned the expected results.
I recently refreshed my PC to a Lenovo X1 Carbon with an external OneLink Pro Dock with a Gigabit ethernet connection. If I hardwire a network adapter via USB or tcpdump sees the interface, but LDWin does not. Here is the output
tcpdump -D
** Tcpdump v4.5.1 (Nov 20, 2013) for Windows **
** Win98/ME/NT4/2000/XP/2003/Vista/2008/Win7/Win8/Win2012 **
** built with Microolap Packet Sniffer SDK v6.1 and **
** Microolap WinPCap to Packet Sniffer SDK migration module. **
** (c) Microolap Technologies, **
** Khalturin A.P. & Naumov D.A. **
** http://www.microolap.com **
** Trial license. **
1.\Device\PssdkLoopback (PSSDK Loopback Ethernet Emulation Adapter)
2.\Device\NdisWanBh (WAN Miniport (Network Monitor))
3.\Device{B426ECB8-3FDC-4738-8912-B236908F2BD4} (ThinkPad OneLink Pro Dock Giga Ethernet)
4.\Device{AFA859BD-7559-4658-A21E-9DDA5A756377} (Intel(R) Dual Band Wireless-AC 7260)
5.\Device{F9451C28-22FF-4DD9-AE40-6F5381981F7C} (Intel(R) Ethernet Connection I218-LM)
tcpdump -i 3 -nn -s 1500 -c 1 (ether[12:2]=0x88cc or ether[20:2]==0x2000)
** Tcpdump v4.5.1 (Nov 20, 2013) for Windows **
** Win98/ME/NT4/2000/XP/2003/Vista/2008/Win7/Win8/Win2012 **
** built with Microolap Packet Sniffer SDK v6.1 and **
** Microolap WinPCap to Packet Sniffer SDK migration module. **
** (c) Microolap Technologies, **
** Khalturin A.P. & Naumov D.A. **
** http://www.microolap.com **
** Trial license. **
tcpdump: listening on \Device{B426ECB8-3FDC-4738-8912-B236908F2BD4}
09:23:15.117373 LLDP, length 142: SEP8CB64F57EF89.cisco.com
1 packet captured
307 packets received by filter
0 packets dropped by kernel
The "Local Area Connection" lists the I218-LM network adapter"
The "Local Area Connection 2" (both of the entries) in the list show the network card as "Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Window x64".
Thanks,
Dan Keller
LDWIN 2.1; AutoIT 3.3.14.2
I have a Netgear Prosafe GS 108T and i tried ldwin with it.
It only returned the switch IP address - no MAC or Port id
I changed the code to make a copy of the data out of tcpdump, and it is as follows (the line numbers at the start are mine, not in the file)
0 12:21:24.443497 LLDP, length 46
1 Chassis ID TLV (1), length 7
2 Subtype MAC address (4): 2c:b0:5d:a1:ac:fd
3 Port ID TLV (2), length 3
4 Subtype Local (7): g1
5 Time to Live TLV (3), length 2: TTL 120s
6 Management Address TLV (8), length 20
7 Management Address length 5, AFI IPv4 (1): 192.168.1.253
8 Interface Index Interface Numbering (2): 13
9 OID length 8broadcom
10 End TLV (0), length 0
Also worth noting ...
AutoIt refused to run the file from github: I had to comment out the include of GUIHyperlink.au3 to get it working.
Norton Security removed the LDWin.exe file, saying it was a known threat. If you rename LDwin.exe to something else it runs (although it complains about it being potentially abusing, but does label it low risk)
Hello,
I tested LDWin.exe on my laptop. When displaying information from the LAN port, the first result was always displayed when the port was changed. The correct value of another port was displayed only after the laptop was restarted, and only the one was shown. Even if the Ethernet LAN port has been disconnected. Is this a good behavior? Thank you.
Is there a version of LDWin that is signed? Our EDR (Cybereason) keeps flagging the app as suspicious stating that there is a signed version available although the non-signed version is being run. I can;t find a signed version. Does one exist?
Hi chall32,
Is that possible to make the CLI version by any chance?
It would be nice if I can do like lldpcli on Linux.
lldpcli show neighbors
Recenttly I upgraded to Win10, and can`t make LDWin work on it.
If IsObj($colItems) Then
For $objItem In $colItems
FileWriteLine($log, "[" & $objItem.NetConnectionID & "]")
FileWriteLine($log, "ProductName=" & $objItem.ProductName)
$value = $objItem.NetConnectionID
$GUID = $objItem.GUID
If StringLen($value) > 1 Then $Output = $Output & $value & "|"
$colItems2 = $objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE SettingID = '" & $GUID & "'", "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly)
For $objItem2 In $colItems2
If $objItem.Index = $objItem2.Index Then
FileWriteLine($log, "SettingID=" & $objItem2.SettingID)
FileWriteLine($log, "IPAddress=" & $objItem2.IPAddress(0))
FileWriteLine($log, "MACAddress=" & $objItem2.MACAddress)
EndIf
Next
Next
Else
MsgBox(0, "WMI Output", "No WMI Objects Found for class: " & "Win32_NetworkAdapterConfiguration")
EndIf
it works like a charm
C:\Temp>tcpdump.exe -d
** Tcpdump v4.5.1 (Nov 20, 2013) for Windows **
** Win98/ME/NT4/2000/XP/2003/Vista/2008/Win7/Win8/Win2012 **
** built with Microolap Packet Sniffer SDK v6.1 and **
** Microolap WinPCap to Packet Sniffer SDK migration module. **
** (c) Microolap Technologies, **
** Khalturin A.P. & Naumov D.A. **
** http://www.microolap.com **
** Trial license. **
tcpdump.exe: listening on \Device{6990D8C0-6750-4521-B77D-708D3C2A9C40}
tcpdump.exe: : Error opening adapter: Overlapped I/O operation is in progress. (997)
This is using Windows 10 Enterprise Build 10586.318
I did run the TCPDUMP above as an administrator.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.