2019-07-28 08:20:20 +00:00
|
|
|
|
Wireshark 3.1.1 Release Notes
|
2014-05-11 19:16:39 +00:00
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
This is an experimental release intended to test new features for
|
2019-02-10 08:28:42 +00:00
|
|
|
|
Wireshark 3.2.
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
What is Wireshark?
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
Wireshark is the world’s most popular network protocol analyzer. It is
|
|
|
|
|
used for troubleshooting, analysis, development and education.
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
What’s New
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2019-06-23 08:20:25 +00:00
|
|
|
|
Many improvements have been made. See the “New and Updated Features”
|
|
|
|
|
section below for more details.
|
2018-03-15 20:46:30 +00:00
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
New and Updated Features
|
2018-03-15 20:46:30 +00:00
|
|
|
|
|
2019-07-28 08:20:20 +00:00
|
|
|
|
The following features are new (or have been significantly updated)
|
|
|
|
|
since version 3.1.0:
|
|
|
|
|
|
2019-11-17 08:20:19 +00:00
|
|
|
|
• Automatic updates are supported on macOS.
|
|
|
|
|
|
2019-11-18 18:54:40 +00:00
|
|
|
|
• You can now select multiple packets in the packet list at the
|
|
|
|
|
same time
|
2019-11-17 08:20:19 +00:00
|
|
|
|
|
2019-11-18 18:54:40 +00:00
|
|
|
|
• They can be exported as Text by “Ctrl+C” or “Cmd+C” and the
|
|
|
|
|
corresponding menu in “Edit › Copy › As …”
|
2019-07-28 08:20:20 +00:00
|
|
|
|
|
2019-11-18 18:54:40 +00:00
|
|
|
|
• They can be marked/unmarked or ignored/unignored at the same time
|
2019-10-27 08:23:30 +00:00
|
|
|
|
|
2019-11-18 18:54:40 +00:00
|
|
|
|
• They can be exported and printed using the corresponding menu
|
|
|
|
|
entries “File › Export Specified Packets”, “File › Export Packet
|
|
|
|
|
Dissections” and “File › Print”
|
2019-11-10 08:20:51 +00:00
|
|
|
|
|
2019-11-18 18:54:40 +00:00
|
|
|
|
You can now follow HTTP/2 and QUIC streams.
|
2019-11-10 08:20:51 +00:00
|
|
|
|
|
2019-11-18 18:54:40 +00:00
|
|
|
|
You can once again mark and unmark packets using the middle mouse
|
|
|
|
|
button. This feature went missing around 2009 or so.
|
|
|
|
|
|
|
|
|
|
The Windows packages are now built using Microsoft Visual Studio
|
|
|
|
|
2019.
|
|
|
|
|
|
|
|
|
|
IOGraph automatically adds a graph for the selected display filter if
|
|
|
|
|
no previous graph exists
|
|
|
|
|
|
|
|
|
|
Action buttons for the display filter bar may be aligned left via the
|
|
|
|
|
context menu
|
|
|
|
|
|
|
|
|
|
Allow extcaps to be loaded from the personal configuration directory
|
|
|
|
|
|
|
|
|
|
The Windows installers now ship with Qt 5.12.6. They previously
|
|
|
|
|
shipped with Qt 5.12.4.
|
2019-11-10 08:20:51 +00:00
|
|
|
|
|
2018-12-16 08:24:12 +00:00
|
|
|
|
The following features are new (or have been significantly updated)
|
2019-02-10 08:28:42 +00:00
|
|
|
|
since version 3.0.0:
|
2018-03-15 20:46:30 +00:00
|
|
|
|
|
2019-11-10 08:20:51 +00:00
|
|
|
|
• You can drag and drop a field to a column header to create a
|
|
|
|
|
column for that field, or to the display filter input to create a
|
|
|
|
|
display filter. If a display filter is applied, the new filter
|
|
|
|
|
can be added using the same rules as “Apply Filter”
|
2019-07-25 18:45:16 +00:00
|
|
|
|
|
2019-11-10 08:20:51 +00:00
|
|
|
|
• You can drag and drop a column entry to the display filter to
|
|
|
|
|
create a filter for it.
|
2019-07-25 18:45:16 +00:00
|
|
|
|
|
2019-11-10 08:20:51 +00:00
|
|
|
|
• You can import profiles from a .zip archive or an existing
|
|
|
|
|
directory.
|
2019-07-25 18:45:16 +00:00
|
|
|
|
|
2019-06-23 08:20:25 +00:00
|
|
|
|
• Dark mode support on macOS and dark theme support on other
|
|
|
|
|
platforms has been improved.
|
|
|
|
|
|
2019-04-28 08:31:53 +00:00
|
|
|
|
• Brotli decompression support in HTTP/HTTP2 (requires the brotli
|
|
|
|
|
library).
|
2015-09-02 16:19:40 +00:00
|
|
|
|
|
2019-05-05 08:32:46 +00:00
|
|
|
|
• The build system now checks for a SpeexDSP system library
|
|
|
|
|
installation. The bundled Speex resampler code is still provided
|
|
|
|
|
as a fallback.
|
|
|
|
|
|
2019-06-23 08:20:25 +00:00
|
|
|
|
• WireGuard decryption can now be enabled through keys embedded in
|
|
|
|
|
a pcapng in addition to the existing key log preference (Bug
|
2019-07-28 08:20:20 +00:00
|
|
|
|
15571[1]).
|
2019-06-23 08:20:25 +00:00
|
|
|
|
|
2019-06-30 08:21:48 +00:00
|
|
|
|
• A new tap for extracting credentials from the capture file has
|
2019-09-22 08:20:33 +00:00
|
|
|
|
been added. It can be accessed through the -z credentials option
|
2019-11-18 18:54:40 +00:00
|
|
|
|
in tshark or from the “Tools › Credentials” menu in Wireshark.
|
2019-06-30 08:21:48 +00:00
|
|
|
|
|
2019-07-21 08:23:24 +00:00
|
|
|
|
• Editcap can now split files on floating point intervals.
|
|
|
|
|
|
2019-07-28 08:20:20 +00:00
|
|
|
|
• Windows .msi packages are now signed using SHA-2[2]. .exe
|
|
|
|
|
installers are still dual-signed using SHA-1 and SHA-2.
|
|
|
|
|
|
2019-09-22 08:20:33 +00:00
|
|
|
|
• The “Enabled Protocols” Dialog now only enables, disables and
|
|
|
|
|
inverts protocols based on the set filter selection. The protocol
|
|
|
|
|
type (standard or heuristic) may also be choosen as a filter
|
|
|
|
|
value.
|
|
|
|
|
|
2019-11-18 18:54:40 +00:00
|
|
|
|
• The “Analyze › Apply as Filter” and “Analyze › Prepare a Filter”
|
2019-09-22 08:20:33 +00:00
|
|
|
|
packet list and detail popup menus now show a preview of their
|
|
|
|
|
respective filters.
|
2019-09-01 08:21:50 +00:00
|
|
|
|
|
2019-10-13 08:20:24 +00:00
|
|
|
|
• Protobuf files (*.proto) can now be configured to enable more
|
|
|
|
|
precise parsing of serialized Protobuf data (such as gRPC).
|
|
|
|
|
|
2019-11-10 08:20:51 +00:00
|
|
|
|
• HTTP2 support streaming mode reassembly. To use this feature,
|
|
|
|
|
subdissectors can register itself to "streaming_content_type"
|
|
|
|
|
dissector table and return pinfo→desegment_len and
|
|
|
|
|
pinfo→desegment_offset to tell HTTP2 when to start and how many
|
|
|
|
|
additional bytes requires when next called.
|
|
|
|
|
|
|
|
|
|
• The message of stream gRPC method can now be parsed with
|
|
|
|
|
supporting of HTTP2 streaming mode reassembly feature.
|
|
|
|
|
|
2019-11-18 18:54:40 +00:00
|
|
|
|
• The Windows installers now ship with Qt 5.12.4. They previously
|
|
|
|
|
shipped with Qt 5.12.1.
|
|
|
|
|
|
2009-09-14 23:31:02 +00:00
|
|
|
|
New Protocol Support
|
|
|
|
|
|
2019-07-25 18:45:16 +00:00
|
|
|
|
3GPP BICC MST (BICC-MST), 3GPP log packet (LOG3GPP), 3GPP/GSM Cell
|
|
|
|
|
Broadcast Service Protocol (cbsp), Bluetooth Mesh Beacon, Bluetooth
|
|
|
|
|
Mesh PB-ADV, Bluetooth Mesh Provisioning PDU, Bluetooth Mesh Proxy,
|
|
|
|
|
CableLabs Layer-3 Protocol IEEE EtherType 0xb4e3 (CL3), DCOM
|
2019-09-15 09:15:19 +00:00
|
|
|
|
IProvideClassInfo, DCOM ITypeInfo, Diagnostic Log and Trace (DLT),
|
|
|
|
|
Distributed Replicated Block Device (DRBD), Dual Channel Wi-Fi
|
|
|
|
|
(CL3DCW), EBHSCR Protocol (EBHSCR), EERO Protocol (EERO), evolved
|
|
|
|
|
Common Public Radio Interface (eCPRI), File Server Remote VSS
|
|
|
|
|
Protocol (FSRVP), FTDI FT USB Bridging Devices (FTDI FT), Graylog
|
|
|
|
|
Extended Log Format over UDP (GELF), GSM/3GPP CBSP (Cell Broadcast
|
|
|
|
|
Service Protocol), Linux net_dm (network drop monitor) protocol, MIDI
|
|
|
|
|
System Exclusive DigiTech (SYSEX DigiTech), Network Controller
|
|
|
|
|
Sideband Interface (NCSI), NR Positioning Protocol A (NRPPa) TS
|
2019-09-29 08:20:19 +00:00
|
|
|
|
38.455, NVM Express over Fabrics for TCP (nvme-tcp), OsmoTRX Protocol
|
|
|
|
|
(GSM Transceiver control and data), and Scalable service-Oriented
|
|
|
|
|
MiddlewarE over IP (SOME/IP)
|
2019-02-24 08:32:07 +00:00
|
|
|
|
|
2009-09-14 23:31:02 +00:00
|
|
|
|
Updated Protocol Support
|
|
|
|
|
|
2018-02-06 20:35:21 +00:00
|
|
|
|
Too many protocols have been updated to list here.
|
2013-03-28 17:48:31 +00:00
|
|
|
|
|
2009-09-14 23:31:02 +00:00
|
|
|
|
New and Updated Capture File Support
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2019-07-25 18:45:16 +00:00
|
|
|
|
3gpp phone, Android Logcat Text, Ascend, Candump, Endace ERF,
|
|
|
|
|
NetScaler, pcapng, and Savvius *Peek
|
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
Getting Wireshark
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
Wireshark source code and installation packages are available from
|
2019-07-25 18:45:16 +00:00
|
|
|
|
https://www.wireshark.org/download.html[3].
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
|
|
|
|
Vendor-supplied Packages
|
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
Most Linux and Unix vendors supply their own Wireshark packages. You
|
|
|
|
|
can usually install or upgrade Wireshark using the package management
|
|
|
|
|
system specific to that platform. A list of third-party packages can
|
2019-07-25 18:45:16 +00:00
|
|
|
|
be found on the download page[4] on the Wireshark web site.
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
File Locations
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
Wireshark and TShark look in several different locations for
|
2018-12-12 23:25:31 +00:00
|
|
|
|
preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
|
|
|
|
|
locations vary from platform to platform. You can use About→Folders to
|
|
|
|
|
find the default locations on your system.
|
2009-09-14 23:31:02 +00:00
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
Getting Help
|
2013-11-01 09:55:26 +00:00
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
The User’s Guide, manual pages and various other documentation can be
|
2019-07-25 18:45:16 +00:00
|
|
|
|
found at https://www.wireshark.org/docs/[5]
|
2005-10-14 21:39:33 +00:00
|
|
|
|
|
2019-07-25 18:45:16 +00:00
|
|
|
|
Community support is available on Wireshark’s Q&A site[6] and on the
|
2018-12-12 23:25:31 +00:00
|
|
|
|
wireshark-users mailing list. Subscription information and archives
|
2019-07-25 18:45:16 +00:00
|
|
|
|
for all of Wireshark’s mailing lists can be found on the web site[7].
|
2005-10-14 21:39:33 +00:00
|
|
|
|
|
2019-07-25 18:45:16 +00:00
|
|
|
|
Bugs and feature requests can be reported on the bug tracker[8].
|
2005-10-14 21:39:33 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
Official Wireshark training and certification are available from
|
2019-07-25 18:45:16 +00:00
|
|
|
|
Wireshark University[9].
|
2005-10-14 21:39:33 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
Frequently Asked Questions
|
2005-10-14 21:39:33 +00:00
|
|
|
|
|
2019-07-25 18:45:16 +00:00
|
|
|
|
A complete FAQ is available on the Wireshark web site[10].
|
2013-03-28 17:48:31 +00:00
|
|
|
|
|
2019-11-18 18:54:40 +00:00
|
|
|
|
Last updated 2019-11-18 18:42:46 UTC
|
2013-03-28 17:48:31 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
References
|
2013-03-28 17:48:31 +00:00
|
|
|
|
|
2019-07-28 08:20:20 +00:00
|
|
|
|
1. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15571
|
|
|
|
|
2. https://support.microsoft.com/en-us/help/4472027/2019-sha-2-code-s
|
2019-07-25 18:45:16 +00:00
|
|
|
|
igning-support-requirement-for-windows-and-wsus
|
|
|
|
|
3. https://www.wireshark.org/download.html
|
|
|
|
|
4. https://www.wireshark.org/download.html#thirdparty
|
|
|
|
|
5. https://www.wireshark.org/docs/
|
|
|
|
|
6. https://ask.wireshark.org/
|
|
|
|
|
7. https://www.wireshark.org/lists/
|
|
|
|
|
8. https://bugs.wireshark.org/
|
|
|
|
|
9. https://www.wiresharktraining.com/
|
|
|
|
|
10. https://www.wireshark.org/faq.html
|