Npcap 1.50 receives ICMP Protocol Unreachable messages when sending ICMP Echo Request with Nping

[dmiller-nmap]

This was reported on nmap-dev mailing list: https://seclists.org/nmap-dev/2021/q2/12

My response:

The extra packets I believe are "protocol unreachable" errors that we had previously been stripping out within Npcap. We had removed the code that stripped them from the packet stream in the interest of transparency and simplicity, so the solution is likely to restore that code, but I will investigate other ways as well.

[dmiller-nmap]

Some possibilities to research:

1. Should we be sending to the Receive data path instead of the Send data path? How does WFP handle this? Probably could watch an actual "ping localhost" command in Npcap to see where the stuff is supposed to go.
2. Is it something to do with the layer at which we're injecting? Like should be be using FwpsInjectTransportReceiveAsync instead?
3. Is it something to do with the packet data, e.g. Nping is creating a bad IP header or something?
4. Is it something to do with the packet metadata, e.g. we are setting the wrong MDL offset within the packet when it is created?
5. Why are there 2 responses? Have we injected the same packet twice somehow? Could ndiskd debugging show the data path?
6. Should we just go back to dropping proto-unreach messages like we did before? How did that affect nmap -sO localhost for instance?