2016-11-01 21:35:29 +00:00
|
|
|
include::attributes.asciidoc[]
|
|
|
|
|
2016-07-16 07:53:37 +00:00
|
|
|
= Wireshark {wireshark-version} Release Notes
|
2014-10-02 21:15:05 +00:00
|
|
|
// AsciiDoc quick reference: http://powerman.name/doc/asciidoc
|
2014-04-15 16:31:24 +00:00
|
|
|
|
2016-07-21 22:53:54 +00:00
|
|
|
This is a semi-experimental release intended to test new features for
|
|
|
|
Wireshark 2.4.
|
2013-03-15 01:33:46 +00:00
|
|
|
|
|
|
|
== What is Wireshark?
|
|
|
|
|
|
|
|
Wireshark is the world's most popular network protocol analyzer. It is
|
|
|
|
used for troubleshooting, analysis, development and education.
|
|
|
|
|
|
|
|
== What's New
|
|
|
|
|
2014-10-02 21:15:05 +00:00
|
|
|
//=== Bug Fixes
|
2013-03-15 01:33:46 +00:00
|
|
|
|
2014-10-01 15:17:44 +00:00
|
|
|
//The following bugs have been fixed:
|
2013-03-15 01:33:46 +00:00
|
|
|
|
2013-03-15 18:25:42 +00:00
|
|
|
//* ws-buglink:5000[]
|
|
|
|
//* ws-buglink:6000[Wireshark bug]
|
2014-05-23 20:56:41 +00:00
|
|
|
//* cve-idlink:2014-2486[]
|
2017-06-02 22:39:32 +00:00
|
|
|
//* Wireshark convinced you to switch seats on the plane while neglecting to tell you that its seat was noticeably moist.
|
2013-03-15 01:33:46 +00:00
|
|
|
|
2016-06-08 16:15:24 +00:00
|
|
|
//_Non-empty section placeholder._
|
2015-10-13 21:59:56 +00:00
|
|
|
|
2013-03-15 01:33:46 +00:00
|
|
|
=== New and Updated Features
|
|
|
|
|
2016-07-14 21:06:14 +00:00
|
|
|
The following features are new (or have been significantly updated)
|
2016-08-16 14:50:37 +00:00
|
|
|
since version 2.2.0:
|
2016-07-14 21:06:14 +00:00
|
|
|
|
2016-09-07 19:53:34 +00:00
|
|
|
* Experimental 32-bit and 64-bit Windows Installer (.msi) packages are available.
|
|
|
|
It is recommended that you use these independently of the NSIS (.exe) installers.
|
|
|
|
That is, you should make sure the NSIS package is completely uninstalled before
|
|
|
|
installing the Windows Installer package and vice-versa.
|
|
|
|
* Source packages are now compressed using xz instead of bzip2.
|
2016-12-15 17:32:53 +00:00
|
|
|
* The legacy (GTK+) UI is disabled by default in the Windows installer.
|
|
|
|
* The legacy (GTK+) UI is disabled by default in Autotools and CMake.
|
2016-10-20 01:40:22 +00:00
|
|
|
* SS7 Point Codes can now be resolved into names with a hosts-like file.
|
2016-10-19 18:53:40 +00:00
|
|
|
* Wireshark can now go fullscreen to have more room for packets.
|
2016-11-24 14:37:01 +00:00
|
|
|
* TShark can now export objects like the other GUI interfaces.
|
2016-12-06 19:49:12 +00:00
|
|
|
* Support for G.722 and G.726 codecs in the RTP Player (via the SpanDSP library).
|
2016-12-02 23:52:02 +00:00
|
|
|
* You can now choose the output device when playing RTP streams.
|
2016-12-12 00:16:52 +00:00
|
|
|
* Added support for dissectors to include a unit name natively in their hf field.
|
|
|
|
A field can now automatically append "seconds" or "ms" to its value without
|
|
|
|
additional printf-style APIs.
|
2017-02-13 22:00:00 +00:00
|
|
|
* The Default profile can now be reset to default values.
|
2017-03-01 16:03:17 +00:00
|
|
|
* You can move back and forth in the selection history in the Qt UI.
|
2017-03-17 11:52:27 +00:00
|
|
|
* IEEE 802.15.4 dissector now uses an UAT for decryption keys. The original
|
|
|
|
decryption key preference has been obsoleted.
|
2017-04-15 21:30:30 +00:00
|
|
|
* Extcap utilities can now provide configuration for a GUI interface toolbar to
|
|
|
|
control the extcap utility while capturing.
|
2017-06-01 09:14:23 +00:00
|
|
|
* Extcap utilities can now validate the capture filter.
|
2017-05-28 12:55:15 +00:00
|
|
|
* Display filter function len() can now be used on all string and byte fields.
|
2015-06-29 11:05:32 +00:00
|
|
|
|
2014-06-06 18:39:55 +00:00
|
|
|
//=== Removed Dissectors
|
2014-01-03 09:48:53 +00:00
|
|
|
|
2016-08-16 14:50:37 +00:00
|
|
|
//=== New File Format Decoding Support
|
2014-01-03 09:48:53 +00:00
|
|
|
|
2013-03-15 01:33:46 +00:00
|
|
|
=== New Protocol Support
|
2016-06-03 16:21:21 +00:00
|
|
|
|
2016-06-08 16:15:24 +00:00
|
|
|
// Add one protocol per line between the --sort-and-group-- delimiters.
|
2016-06-03 16:21:21 +00:00
|
|
|
--sort-and-group--
|
2015-11-02 18:41:12 +00:00
|
|
|
Bluetooth HCI Vendor Intel
|
2016-12-15 17:32:53 +00:00
|
|
|
CAN FD
|
|
|
|
Ericsson A-bis P-GSL
|
|
|
|
Ericsson A-bis TFP (Traffic Forwarding Protocol)
|
|
|
|
Fc00/cjdns Protocol
|
2017-04-03 00:32:03 +00:00
|
|
|
Generic Netlink (genl)
|
2016-07-12 18:25:35 +00:00
|
|
|
GSM Osmux
|
2016-09-16 07:25:47 +00:00
|
|
|
Health Level 7 (HL7)
|
2016-12-15 17:32:53 +00:00
|
|
|
High-speed SECS message service (HSMS)
|
2016-05-31 06:50:36 +00:00
|
|
|
iPerf2
|
2016-12-15 17:32:53 +00:00
|
|
|
ISO 15765
|
2017-04-04 23:51:19 +00:00
|
|
|
Linux 802.11 Netlink (nl80211)
|
2016-12-15 17:32:53 +00:00
|
|
|
Local Service Discovery (LSD)
|
|
|
|
M2 Application Protocol
|
2017-03-17 16:59:23 +00:00
|
|
|
Mesh Link Establishment (MLE)
|
2016-12-15 17:32:53 +00:00
|
|
|
Nordic BLE Sniffer
|
2016-12-26 05:47:57 +00:00
|
|
|
NVMe Fabrics RDMA
|
|
|
|
NVMe
|
2017-03-17 16:59:23 +00:00
|
|
|
OpenThread simulator
|
2016-12-15 17:32:53 +00:00
|
|
|
RFTap Protocol
|
|
|
|
SCTE-35 Digital Program Insertion Messages
|
2016-11-16 20:33:09 +00:00
|
|
|
Snort Post-dissector
|
2017-03-17 16:59:23 +00:00
|
|
|
Thread CoAP
|
2016-12-15 17:32:53 +00:00
|
|
|
Unified Diagnostic Services (UDS)
|
|
|
|
vSocket
|
|
|
|
Windows Cluster Management API (clusapi)
|
2016-12-02 21:29:36 +00:00
|
|
|
GSMTAP based logging
|
2016-12-09 22:03:45 +00:00
|
|
|
HomePNA
|
2016-10-23 10:32:29 +00:00
|
|
|
X-Rite i1 Display Pro (and derivatives) USB protocol
|
2016-12-12 20:49:39 +00:00
|
|
|
IndigoCare iCall protocol
|
|
|
|
IndigoCare Netrix protocol
|
2017-03-24 19:29:29 +00:00
|
|
|
NetScaler HA Protocol
|
|
|
|
NetScaler Metric Exchange Protocol
|
|
|
|
NetScaler RPC Protocol
|
2017-03-15 04:25:42 +00:00
|
|
|
DirectPlay 8 protocol
|
2017-05-01 03:31:26 +00:00
|
|
|
NM protocol
|
2017-05-05 20:56:41 +00:00
|
|
|
Netgear Ensemble Protocol
|
2017-05-07 20:00:06 +00:00
|
|
|
OBD-II PIDs
|
2016-11-21 13:01:36 +00:00
|
|
|
(Facebook) Zero
|
2013-03-18 22:17:42 +00:00
|
|
|
--sort-and-group--
|
2013-03-15 01:33:46 +00:00
|
|
|
|
|
|
|
=== Updated Protocol Support
|
|
|
|
|
2016-08-16 14:50:37 +00:00
|
|
|
Too many protocols have been updated to list here.
|
2013-03-15 01:33:46 +00:00
|
|
|
|
|
|
|
=== New and Updated Capture File Support
|
|
|
|
|
2016-08-16 14:50:37 +00:00
|
|
|
_Non-empty section placeholder._
|
2016-06-08 16:15:24 +00:00
|
|
|
// Add one file type per line between the --sort-and-group-- delimiters.
|
2014-09-29 15:05:38 +00:00
|
|
|
--sort-and-group--
|
|
|
|
--sort-and-group--
|
2013-03-15 01:33:46 +00:00
|
|
|
|
2015-04-08 14:09:03 +00:00
|
|
|
=== New and Updated Capture Interfaces support
|
|
|
|
|
2015-10-13 21:59:56 +00:00
|
|
|
_Non-empty section placeholder._
|
2015-04-08 14:09:03 +00:00
|
|
|
--sort-and-group--
|
|
|
|
--sort-and-group--
|
|
|
|
|
2016-08-16 14:50:37 +00:00
|
|
|
//=== Major API Changes
|
2016-10-19 22:27:30 +00:00
|
|
|
IEEE802.11: wlan_mgt display filter element got renamed to wlan.
|
2017-02-09 14:00:19 +00:00
|
|
|
Libgcrypt is now a required dependency.
|
2014-02-22 19:16:44 +00:00
|
|
|
|
2013-03-15 01:33:46 +00:00
|
|
|
== Getting Wireshark
|
|
|
|
|
|
|
|
Wireshark source code and installation packages are available from
|
2014-09-17 00:15:56 +00:00
|
|
|
https://www.wireshark.org/download.html.
|
2013-03-15 01:33:46 +00:00
|
|
|
|
|
|
|
=== Vendor-supplied Packages
|
|
|
|
|
|
|
|
Most Linux and Unix vendors supply their own Wireshark packages. You can
|
|
|
|
usually install or upgrade Wireshark using the package management system
|
|
|
|
specific to that platform. A list of third-party packages can be found
|
2014-09-17 00:15:56 +00:00
|
|
|
on the https://www.wireshark.org/download.html#thirdparty[download page]
|
2013-03-15 01:33:46 +00:00
|
|
|
on the Wireshark web site.
|
|
|
|
|
|
|
|
== File Locations
|
|
|
|
|
|
|
|
Wireshark and TShark look in several different locations for preference
|
|
|
|
files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary
|
|
|
|
from platform to platform. You can use About→Folders to find the default
|
|
|
|
locations on your system.
|
|
|
|
|
|
|
|
== Known Problems
|
|
|
|
|
|
|
|
Dumpcap might not quit if Wireshark or TShark crashes.
|
2013-03-15 18:25:07 +00:00
|
|
|
(ws-buglink:1419[])
|
2013-03-15 01:33:46 +00:00
|
|
|
|
|
|
|
The BER dissector might infinitely loop.
|
2013-03-15 18:25:07 +00:00
|
|
|
(ws-buglink:1516[])
|
2013-03-15 01:33:46 +00:00
|
|
|
|
|
|
|
Capture filters aren't applied when capturing from named pipes.
|
2014-10-01 15:17:44 +00:00
|
|
|
(ws-buglink:1814[])
|
2013-03-15 01:33:46 +00:00
|
|
|
|
2013-03-28 21:46:37 +00:00
|
|
|
Filtering tshark captures with read filters (-R) no longer works.
|
2013-03-15 18:25:07 +00:00
|
|
|
(ws-buglink:2234[])
|
2013-03-15 01:33:46 +00:00
|
|
|
|
|
|
|
Application crash when changing real-time option.
|
2013-03-15 18:25:07 +00:00
|
|
|
(ws-buglink:4035[])
|
2013-03-15 01:33:46 +00:00
|
|
|
|
|
|
|
Wireshark and TShark will display incorrect delta times in some cases.
|
2013-03-15 18:25:07 +00:00
|
|
|
(ws-buglink:4985[])
|
2013-03-15 01:33:46 +00:00
|
|
|
|
2014-12-15 17:24:01 +00:00
|
|
|
Wireshark should let you work with multiple capture files. (ws-buglink:10488[])
|
|
|
|
|
2016-01-29 17:03:52 +00:00
|
|
|
Dell Backup and Recovery (DBAR) makes many Windows applications crash,
|
|
|
|
including Wireshark. (ws-buglink:12036[])
|
|
|
|
|
2013-03-15 01:33:46 +00:00
|
|
|
== Getting Help
|
|
|
|
|
2015-03-10 17:46:50 +00:00
|
|
|
Community support is available on https://ask.wireshark.org/[Wireshark's
|
2013-03-15 01:33:46 +00:00
|
|
|
Q&A site] and on the wireshark-users mailing list. Subscription
|
|
|
|
information and archives for all of Wireshark's mailing lists can be
|
2014-09-17 00:15:56 +00:00
|
|
|
found on https://www.wireshark.org/lists/[the web site].
|
2013-03-15 01:33:46 +00:00
|
|
|
|
|
|
|
Official Wireshark training and certification are available from
|
|
|
|
http://www.wiresharktraining.com/[Wireshark University].
|
|
|
|
|
|
|
|
== Frequently Asked Questions
|
|
|
|
|
|
|
|
A complete FAQ is available on the
|
2014-09-17 00:15:56 +00:00
|
|
|
https://www.wireshark.org/faq.html[Wireshark web site].
|