MIB is Management Information Base. Seems to be data types related to SNMP network management.
The IP Helper API allows access to Windows network configuration. It uses data structures from the MIB. Functions in IP Helper have names like GetNetworkParams and GetIfTable.
GetIfEntry returns an MIB_IFROW.
libdnet assigns its own ad-hoc interface names to Windows devices depending on their type: eth0, eth1, lo0, ppp0 (see _ifcombo_name). Switching from the dnet name to the pcap name is done by DnetName2PcapName.
Just like send-ip on Windows if interface type is unrecognized even if canonicalized.
When you do nmap --iflist on Windows, you get a display like
************************INTERFACES************************
DEV (SHORT) IP/MASK TYPE UP MAC
eth0 (eth0) 192.168.1.178/24 ethernet up 00:15:E9:72:DB:8C
eth1 (eth1) 192.168.0.197/24 ethernet up 00:00:39:04:C1:F0
lo0 (lo0) 127.0.0.1/8 loopback up
DEV WINDEVICE
eth0 \Device\NPF_{43939745-59EC-4539-AA18-FA1950DEABD7}
eth1 \Device\NPF_{2E9F517C-BB63-4CDC-88DC-9EE3BC9F8270}
lo0 \Device\NPF_GenericDialupAdapter
The DEV-WINDEVICE section is a mapping from short libdnet names like "eth0" to long libpcap names like "\Device\NPF_{43939745-59EC-4539-AA18-FA1950DEABD7}".
The list is created with the following loop.
for(p_iface_iter = p_ifaces; p_iface_iter != NULL && i >= 1; i--) {
Tbl->addItem(i, 0, false, iflist[i-1].devname);
Tbl->addItem(i, 1, false, p_iface_iter->name);
p_iface_iter = p_iface_iter->next;
}
Look how this loop is iterating through two lists of interfaces: p_ifaces, the one returned by getpcapinterfaces; and iflist, the one returned by getinterfaces. getpcapinterfaces reads from libpcap and getinterfaces reads from libdnet. There is no guarantee that the two lists will be synchronized.
Open a network connection, do TCP/IP properties, choose "Use the following IP address", and type in IP information. Then click "Advanced", and add a different IP address (doesn't have to be on the same subnet or anything). This is how you create an interface alias in Windows.
Here I added an address 192.168.3.101. Now run nmap --iflist.
************************INTERFACES************************
DEV (SHORT) IP/MASK TYPE UP MAC
eth0 (eth0) 192.168.1.178/24 ethernet up 00:15:E9:72:DB:8C
eth1 (eth1) 192.168.0.197/24 ethernet up 00:00:39:04:C1:F0
eth1 (eth1) 192.168.3.101/24 ethernet up 00:00:39:04:C1:F0
lo0 (lo0) 127.0.0.1/8 loopback up
DEV WINDEVICE
eth1 \Device\NPF_{43939745-59EC-4539-AA18-FA1950DEABD7}
eth1 \Device\NPF_{2E9F517C-BB63-4CDC-88DC-9EE3BC9F8270}
lo0 \Device\NPF_GenericDialupAdapter
Look how eth0 has disappeared from the DEV-WINDEVICE section, and how eth1 appears twice. That's because there are now two entries for eth1 in the **INTERFACES** list. The two lists are not synchronized.
DEV WINDEVICE
eth0 \Device\NPF_{43939745-59EC-4539-AA18-FA1950DEABD7}
eth1 \Device\NPF_{2E9F517C-BB63-4CDC-88DC-9EE3BC9F8270}
eth1 \Device\NPF_{2E9F517C-BB63-4CDC-88DC-9EE3BC9F8270}
lo0 <unknown>
DEV WINDEVICE
eth0 \Device\NPF_{43939745-59EC-4539-AA18-FA1950DEABD7}
eth1 \Device\NPF_{2E9F517C-BB63-4CDC-88DC-9EE3BC9F8270}
eth1 \Device\NPF_{2E9F517C-BB63-4CDC-88DC-9EE3BC9F8270}
lo0 <none>
<none> \Device\NPF_GenericDialupAdapter