How Wireshark is able to pick network traffic from within Windows10 coming from WSL2

Question

My task is to create 2x programs written in C/C++ which can communicate with each other from within WSL2 and Windows 10. I'm able to send traffic from WSL2 to Windows 10, however I cannot manage to pick network traffic from Windows 10 side coming from WSL2 with a simple sniffer program written in C (on my own PC), however I'm able to see on 2x WireShark opened, (one in Windows 10 and one in WSL2) the UDP messages I'm trying to send to the IP address of WSL2 in Windows.

• I've tried putting ports in inbound rules of my FireWall (no result).
• I've tried setting my network interface into promisc mode in WSL2 (no result).
• I've tried setting the example here (no result in WSL2, however it works under WSL1, but I'm not interested in WSL1).
• I've tried setting up this project (no result).
• I've tried setting up the communication using USB (no result, I had a message related to 3rd party firewall blocking the specified port for communication, but didn't come to resolution about it).
• I've tried the WSL Networking guide (no result).
• I cannot create bridge, since its prohibited in my corporate environment, I cannot forward ports.

I'd like to understand how WireShark is able to sniff the traffic and possibly implement it on my side in a simple communication WSL2 send message ---> Windows receive msg.

Answer 1

Wireshark uses a custom driver – Npcap – to capture traffic. (It was previously known as WinPcap.) See Developing software with Npcap.

Npcap is only needed for network sniffing (packet capture); you shouldn't need it for normal communications between host and VM – regular UDP sockets should be enough for that.