152 lines
5.4 KiB
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Wireshark 4.1.0 Release Notes
This is an experimental release intended to test new features for
Wireshark 4.2.
What is Wireshark?
Wireshark is the worlds most popular network protocol analyzer. It is
used for troubleshooting, analysis, development and education.
Whats New
Wireshark is now better about generating valid UTF-8 output.
A new display filter feature for filtering raw bytes has been added.
Display filter autocomplete is smarter about not suggesting invalid
The Windows build has a new SpeexDSP external dependency
(https://www.speex.org). The speex code that was previously bundled
has been removed.
The personal extcap plugin folder location on Unix has been changed to
follow existing conventions for architecture-dependent files. The
extcap personal folder is now `$HOME/.local/lib/wireshark/extcap`.
Previously it was `$XDG_CONFIG_HOME/wireshark/extcap`.
The installation target no longer installs development headers by
default. That must be done explicitly using `cmake --install
<builddir> --component Development`.
Many other improvements have been made. See the “New and Updated
Features” section below for more details.
Bug Fixes
The following bugs have been fixed:
• Issue 18413[1] - RTP player do not play audio frequently on Win32
builds with Qt6
• Issue 18510[2] - Playback marker do not move after unpause with
New and Updated Features
The following features are new (or have been significantly updated)
since version 4.0.0:
• The API has been updated to ensure that the dissection engine
produces valid UTF-8 strings.
• Wireshark now builds with Qt6 by default. To use Qt5 instead pass
USE_qt6=OFF to CMake.
• It is now possible to filter on raw packet data for any field by
using the syntax `@some.field == <bytes…>`. This can be useful
to filter on malformed UTF-8 strings, among other use cases where
it is necessary to look at the fields raw data.
• Negation (unary minus) now works with any display filter
arithmetic expression.
• ciscodump support Cisco IOS XE 17.x
New Protocol Support
DECT DLC protocol layer (DECT-DLC), DECT NWK protocol layer
(DECT-NWK), DECT proprietary Mitel OMM/RFP Protocol (also named
AaMiDe), Low Level Signalling (ATSC3 LLS), Management Component
Transport Protocol (MCTP), Management Component Transport Protocol -
Control Protocol (MCTP CP), Non-volatile Memory Express - Management
Interface (NVMe-MI) over MCTP, SAP Enqueue Server (SAPEnqueue), SAP
GUI (SAPDiag), SAP HANA SQL Command Network Protocol (SAPHDB), SAP
Internet Graphic Server (SAP IGS), SAP Message Server (SAPMS), SAP
Network Interface (SAPNI), SAP Router (SAPROUTER), SAP Secure Network
Connection (SNC), Support for almost all WoW 1.12 messages has been
added., and World of Warcraft World (WOWW) display filters have been
changed to be more internally consistent.
Updated Protocol Support
• The JSON dissector now has a preference to enable/disable
"unescaping" of string values. By default it is off. Previously
it was always on.
• The JSON dissector now supports "Display JSON in raw form".
• The IPv6 dissector has a new preference to show some semantic
details about addresses (default off).
Too many other protocols have been updated to list them all here.
New and Updated Capture File Support
Getting Wireshark
Wireshark source code and installation packages are available from
Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark packages. You
can usually install or upgrade Wireshark using the package management
system specific to that platform. A list of third-party packages can
be found on the download page[3] on the Wireshark web site.
File Locations
Wireshark and TShark look in several different locations for
preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
locations vary from platform to platform. You can use "Help About
Wireshark Folders" or `tshark -G folders` to find the default
locations on your system.
Getting Help
The Users Guide, manual pages and various other documentation can be
found at https://www.wireshark.org/docs/
Community support is available on Wiresharks Q&A site[4] and on the
wireshark-users mailing list. Subscription information and archives
for all of Wiresharks mailing lists can be found on the web site[5].
Bugs and feature requests can be reported on the issue tracker[6].
You can learn protocol analysis and meet Wiresharks developers at
How You Can Help
The Wireshark Foundation helps as many people as possible understand
their networks as much as possible. You can find out more and donate
at wiresharkfoundation.org[8].
Frequently Asked Questions
A complete FAQ is available on the Wireshark web site[9].
1. https://gitlab.com/wireshark/wireshark/-/issues/18413
2. https://gitlab.com/wireshark/wireshark/-/issues/18510
3. https://www.wireshark.org/download.html
4. https://ask.wireshark.org/
5. https://www.wireshark.org/lists/
6. https://gitlab.com/wireshark/wireshark/-/issues
7. https://sharkfest.wireshark.org
8. https://wiresharkfoundation.org
9. https://www.wireshark.org/faq.html