2005-07-28 14:29:19 +00:00
|
|
|
<?xml version="1.0"?>
|
2006-03-17 22:59:24 +00:00
|
|
|
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
2005-07-28 14:29:19 +00:00
|
|
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
|
|
|
|
2005-08-02 06:39:04 +00:00
|
|
|
<!-- $Id$ -->
|
2005-07-28 14:29:19 +00:00
|
|
|
|
|
|
|
<!--
|
|
|
|
DOCUMENT SECTION
|
|
|
|
-Use this section to encode all document information
|
|
|
|
-->
|
|
|
|
|
|
|
|
<!--
|
2006-06-06 13:04:30 +00:00
|
|
|
Wireshark Info
|
2005-07-28 14:29:19 +00:00
|
|
|
-->
|
2011-05-14 20:17:37 +00:00
|
|
|
<!ENTITY WiresharkCurrentVersion "1.7.0">
|
2005-07-28 14:29:19 +00:00
|
|
|
|
|
|
|
]>
|
|
|
|
|
|
|
|
<article>
|
2006-06-06 13:04:30 +00:00
|
|
|
<title>Wireshark &WiresharkCurrentVersion; Release Notes</title>
|
2005-07-28 14:29:19 +00:00
|
|
|
|
2006-06-06 13:04:30 +00:00
|
|
|
<section id="WhatIs"><title>What is Wireshark?</title>
|
2005-07-28 14:29:19 +00:00
|
|
|
<para>
|
2006-05-22 08:14:01 +00:00
|
|
|
Wireshark is the world's most popular network protocol analyzer. It
|
2010-05-16 16:58:04 +00:00
|
|
|
is used for troubleshooting, analysis, development and education.
|
2005-07-28 14:29:19 +00:00
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
|
|
|
<section id="WhatsNew"><title>What's New</title>
|
2008-03-03 22:05:25 +00:00
|
|
|
<section id="BugFixes"><title>Bug Fixes</title>
|
2006-03-07 19:53:57 +00:00
|
|
|
|
2006-08-24 16:29:49 +00:00
|
|
|
<para>
|
|
|
|
|
|
|
|
The following bugs have been fixed:
|
|
|
|
|
2007-09-25 21:35:20 +00:00
|
|
|
<itemizedlist>
|
|
|
|
|
2011-01-13 17:25:22 +00:00
|
|
|
<listitem><para>
|
2011-07-02 15:45:28 +00:00
|
|
|
The 64-bit Windows installer now supports OID-to-name resolution.
|
2011-01-13 17:25:22 +00:00
|
|
|
</para></listitem>
|
|
|
|
|
2007-09-25 21:35:20 +00:00
|
|
|
</itemizedlist>
|
|
|
|
|
2006-08-24 16:29:49 +00:00
|
|
|
</para>
|
|
|
|
|
2005-10-14 18:50:25 +00:00
|
|
|
</section>
|
2005-09-06 22:07:35 +00:00
|
|
|
|
2008-03-03 22:05:25 +00:00
|
|
|
<section id="NewFeatures"><title>New and Updated Features</title>
|
2005-08-17 22:32:40 +00:00
|
|
|
<para>
|
2005-10-14 16:00:04 +00:00
|
|
|
The following features are new (or have been significantly updated)
|
2011-05-17 19:26:00 +00:00
|
|
|
since version 1.6:
|
2005-08-17 22:32:40 +00:00
|
|
|
|
2007-08-30 00:24:40 +00:00
|
|
|
<itemizedlist>
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
<para>
|
2011-06-17 17:52:31 +00:00
|
|
|
Wireshark supports capturing from multiple interfaces at once.
|
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
<para>
|
|
|
|
Wireshark, TShark, and their associated utilities now save files
|
|
|
|
using the pcap-ng file format by default. (Your copy of Wireshark
|
|
|
|
might still use the pcap file format if pcap-ng is disabled in
|
|
|
|
your preferences.)
|
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
<para>
|
|
|
|
Decryption key management for IEEE 802.11, IPsec, and ISAKMP
|
|
|
|
is now easier.
|
2011-03-23 20:38:16 +00:00
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
2011-06-27 20:48:26 +00:00
|
|
|
<listitem>
|
|
|
|
<para>
|
|
|
|
OID resolution is now supported on 64-bit Windows.
|
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
2011-06-29 16:59:37 +00:00
|
|
|
<listitem>
|
|
|
|
<para>
|
|
|
|
TCP fast retransmissions are now indicated as an expert info note,
|
|
|
|
rather than a warning, just as TCP retransmissions are.
|
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
2011-06-29 18:45:14 +00:00
|
|
|
<listitem>
|
|
|
|
<para>
|
|
|
|
TCP window updates are no longer colorized as "Bad TCP".
|
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
2011-09-27 18:32:59 +00:00
|
|
|
<listitem>
|
|
|
|
<para>
|
|
|
|
The tshark command-line options have changed as follows: The
|
|
|
|
previously undocumented -P option is now -2 option for performing a
|
|
|
|
two-pass analysis; the former -S option is now the -P option for
|
|
|
|
printing packets even if writing to a file, and the -S option is
|
|
|
|
now used to specify a different line separator between packets.
|
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
2011-10-05 22:27:51 +00:00
|
|
|
<listitem>
|
|
|
|
<para>
|
|
|
|
GeoIP IPv6 databases are now supported.
|
|
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
|
2007-08-30 00:24:40 +00:00
|
|
|
</itemizedlist>
|
|
|
|
|
2005-08-17 22:32:40 +00:00
|
|
|
</para>
|
|
|
|
</section>
|
2005-10-12 16:17:03 +00:00
|
|
|
|
2008-03-03 22:05:25 +00:00
|
|
|
<section id="NewProtocols"><title>New Protocol Support</title>
|
2005-10-12 16:17:03 +00:00
|
|
|
<para>
|
|
|
|
|
2011-05-17 19:26:00 +00:00
|
|
|
<!-- Sorted, one per line -->
|
2011-01-12 23:20:03 +00:00
|
|
|
|
2005-10-12 16:17:03 +00:00
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
2008-03-03 22:05:25 +00:00
|
|
|
<section id="UpdatedProtocols"><title>Updated Protocol Support</title> <para>
|
2005-10-12 16:17:03 +00:00
|
|
|
|
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
2008-03-03 22:05:25 +00:00
|
|
|
<section id="NewCapture"><title>New and Updated Capture File Support</title>
|
2005-10-12 16:17:03 +00:00
|
|
|
<para>
|
|
|
|
|
2011-05-17 19:26:00 +00:00
|
|
|
<!-- Sorted, one per line -->
|
2011-01-12 23:20:03 +00:00
|
|
|
|
2006-10-14 00:31:35 +00:00
|
|
|
</para>
|
2005-10-12 16:17:03 +00:00
|
|
|
</section>
|
|
|
|
|
2005-07-28 14:29:19 +00:00
|
|
|
</section>
|
|
|
|
|
2006-06-06 13:04:30 +00:00
|
|
|
<section id="GettingWireshark"><title>Getting Wireshark</title>
|
2006-08-15 20:54:51 +00:00
|
|
|
<para>
|
|
|
|
Wireshark source code and installation packages are available from
|
2009-10-27 22:05:09 +00:00
|
|
|
<ulink url="http://www.wireshark.org/download.html">http://www.wireshark.org/download.html</ulink>.
|
2006-08-15 20:54:51 +00:00
|
|
|
</para>
|
2005-07-28 14:29:19 +00:00
|
|
|
|
2008-03-03 22:05:25 +00:00
|
|
|
<section id="VendorPackages"><title>Vendor-supplied Packages</title>
|
2005-07-28 14:29:19 +00:00
|
|
|
<para>
|
2010-05-16 16:58:04 +00:00
|
|
|
Most Linux and Unix vendors supply their own Wireshark packages.
|
|
|
|
You can usually install or upgrade Wireshark using the package management
|
|
|
|
system specific to that platform. A list of third-party packages
|
|
|
|
can be found on the
|
|
|
|
<ulink url="http://www.wireshark.org/download.html#thirdparty">download page</ulink>
|
|
|
|
on the Wireshark web site.
|
2005-07-28 14:29:19 +00:00
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
|
|
|
</section>
|
|
|
|
|
2006-03-17 22:59:24 +00:00
|
|
|
<!-- XXX needs to be written
|
2006-06-06 13:04:30 +00:00
|
|
|
<section id="RemovingWireshark"><title>Removing Wireshark</title>
|
2005-07-28 14:29:19 +00:00
|
|
|
<para>
|
|
|
|
</para>
|
|
|
|
</section>
|
2005-09-21 14:20:43 +00:00
|
|
|
-->
|
2005-07-28 14:29:19 +00:00
|
|
|
|
|
|
|
<section id="FileLocations"><title>File Locations</title>
|
|
|
|
<para>
|
2006-06-06 13:04:30 +00:00
|
|
|
Wireshark and TShark look in several different locations for
|
2005-09-06 19:21:48 +00:00
|
|
|
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
|
|
|
|
These locations vary from platform to platform. You can use
|
2011-01-12 23:20:03 +00:00
|
|
|
About→Folders to find the default locations on your system.
|
2005-07-28 14:29:19 +00:00
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
|
|
|
<section id="KnownProblems"><title>Known Problems</title>
|
2006-03-20 20:27:52 +00:00
|
|
|
|
2008-03-27 22:05:52 +00:00
|
|
|
<para>
|
|
|
|
Wireshark might make your system disassociate from a wireless network
|
2010-05-10 21:58:44 +00:00
|
|
|
on OS X 10.4.
|
2008-03-27 22:05:52 +00:00
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1315">Bug
|
|
|
|
1315</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Dumpcap might not quit if Wireshark or TShark crashes.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419">Bug
|
|
|
|
1419</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
The BER dissector might infinitely loop.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516">Bug
|
|
|
|
1516</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Capture filters aren't applied when capturing from named pipes.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814">Bug
|
|
|
|
1814</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Filtering tshark captures with display filters (-R) no longer works.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234">Bug
|
|
|
|
2234</ulink>)
|
2006-03-20 20:27:52 +00:00
|
|
|
</para>
|
|
|
|
|
2009-11-11 00:09:03 +00:00
|
|
|
<para>
|
2011-07-02 15:45:28 +00:00
|
|
|
The 64-bit Windows installer does not support Kerberos decryption.
|
2011-01-12 23:20:03 +00:00
|
|
|
(<ulink url="http://wiki.wireshark.org/Development/Win64">Win64
|
|
|
|
development page</ulink>)
|
2009-11-11 00:09:03 +00:00
|
|
|
</para>
|
|
|
|
|
2010-05-10 22:10:59 +00:00
|
|
|
<para>
|
|
|
|
Application crash when changing real-time option.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035">Bug
|
|
|
|
4035</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Hex pane display issue after startup.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056">Bug
|
|
|
|
4056</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Packet list rows are oversized.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357">Bug
|
|
|
|
4357</ulink>)
|
|
|
|
</para>
|
|
|
|
|
|
|
|
<para>
|
|
|
|
Summary pane selected frame highlighting not maintained.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445">Bug
|
|
|
|
4445</ulink>)
|
|
|
|
</para>
|
|
|
|
|
2011-05-20 17:02:20 +00:00
|
|
|
<para>
|
|
|
|
Wireshark and TShark will display incorrect delta times in some cases.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5356">Bug
|
|
|
|
4985</ulink>
|
|
|
|
and
|
|
|
|
<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5356">bug
|
|
|
|
5580</ulink>)
|
|
|
|
</para>
|
|
|
|
|
2011-01-13 00:52:32 +00:00
|
|
|
<para>
|
|
|
|
Character echo pauses in Capture Filter field in Capture Options.
|
|
|
|
(<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5356">Bug
|
|
|
|
5356</ulink>)
|
|
|
|
</para>
|
|
|
|
|
2005-07-28 14:29:19 +00:00
|
|
|
</section>
|
|
|
|
|
|
|
|
<section id="GettingHelp"><title>Getting Help</title>
|
|
|
|
<para>
|
2010-10-04 18:43:20 +00:00
|
|
|
Community support is available on
|
|
|
|
<ulink url="http://ask.wireshark.org/">Wireshark's Q&A site</ulink>
|
|
|
|
and on the wireshark-users mailing list.
|
2006-06-06 13:04:30 +00:00
|
|
|
Subscription information and archives for all of Wireshark's mailing
|
2006-05-31 19:12:15 +00:00
|
|
|
lists can be found on <ulink url="http://www.wireshark.org/lists/">the
|
2006-06-06 13:04:30 +00:00
|
|
|
web site</ulink>.
|
2005-09-21 14:20:43 +00:00
|
|
|
</para>
|
|
|
|
<para>
|
2010-05-10 21:58:44 +00:00
|
|
|
Training is available from
|
|
|
|
<ulink url="http://www.wiresharktraining.com/">Wireshark University</ulink>.
|
2005-07-28 14:29:19 +00:00
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
|
|
|
<section id="FAQ"><title>Frequently Asked Questions</title>
|
|
|
|
<para>
|
2005-09-21 14:20:43 +00:00
|
|
|
A complete FAQ is available on the
|
2006-06-06 13:04:30 +00:00
|
|
|
<ulink url="http://www.wireshark.org/faq.html">Wireshark web site</ulink>.
|
2005-07-28 14:29:19 +00:00
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
|
|
|
|
</article>
|