osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity
wireshark/docbook/release-notes.adoc

163 lines
6.5 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

include::attributes.adoc[]
:stylesheet: ws.css
:linkcss:
:copycss: {stylesheet}
= Wireshark {wireshark-version} Release Notes
// Asciidoctor Syntax Quick Reference:
// https://asciidoctor.org/docs/asciidoc-syntax-quick-reference/
This is an experimental release intended to test new features for Wireshark 3.6.
== What is Wireshark?
Wireshark is the worlds most popular network protocol analyzer.
It is used for troubleshooting, analysis, development and education.
== Whats New
// If we expand this to all Win32 packages we should make this more prominent, e.g. with an admonition.
* We no longer ship Windows Installer (.msi) packages for 32-bit Windows. wsbuglink:17779[]
* The PCRE2 library (https://www.pcre.org/) is now a required dependency to build Wireshark.
* You must now have a compiler with C11 support in order to build Wireshark.
Many improvements have been made.
See the “New and Updated Features” section below for more details.
// === Bug Fixes
// The following bugs have been fixed:
//* wsbuglink:5000[]
//* wsbuglink:6000[Wireshark bug]
//* cveidlink:2014-2486[]
//* Wireshark insists on subscribing to two dozen streaming services but only watches three.
=== New and Updated Features
The following features are new (or have been significantly updated) since version 3.6.0:
* The Windows installers now ship with Npcap 1.60.
They previously shipped with Npcap 1.55.
* Display filter syntax:
** Set elements must be separated using a comma, e.g: {1, 2, "foo"}. Using only whitespace as separator was deprecated in 3.6 and is now a syntax error.
** Adds support for some additional character escape sequences in double quoted strings.
Besides octal and hex byte specification the following C escape sequences are now supported with the same meaning: \a, \b, \f, \n, \r, \t, \v.
Previously they were only supported with character constants.
** Unrecognized escape sequences are now treated as a syntax error. Previously they were treated as a literal character.
In addition to the sequences indicated above, backslash, single quotation and double quotation mark are also valid sequences: \\, \', \".
** The display filter engine now uses PCRE2 instead of GRegex (GLib bindings to the older end-of-life PCRE library).
PCRE2 is compatible with PCRE so the user-visible changes should be minimal.
Some exotic patterns may now be invalid and require rewriting.
** Adds a new strict equality operator "===" or "all_eq". The expression "a === b" is true if and only if all a's are equal to b.
The negation of "===" can now be written as "!==" (any_ne), in addition to "~=" (introduced in Wireshark 3.6.0).
** Adds the aliases "any_eq" for "==" and "all_ne" for "!=".
** Date and time can be given in UTC using ISO 8601 (with 'Z' timezone) or by appending the suffix "UTC" to the legacy formats.
Otherwise local time is used.
* text2pcap has been updated to use the new logging output options and the
"-d" flag has been removed. The "debug" log level corresponds to the old
"-d" flag, and the "noisy" log level corresponds to using "-d" multiple times.
* HTTP2 dissector now supports using fake headers to parse the DATAs of streams captured without first HEADERS frames of a long-lived stream (like
gRPC streaming call which allows sending many request or response messages in one HTTP2 stream). User can specify fake headers according to the
server port, stream id and direction of the long-lived stream that we start capturing packets after it is established.
* Mesh Connex (MCX) support in existing 802.11 packets.
* Capture Options dialog contains same configuration icon as Welcome Screen. It is possible to configure interface there.
* Extcap dialog remembers password items during runtime therefore it is possible to run extcap multiple times in row. Passwords are never stored to disk.
* It is possible to set extcap passwords on cli for tshark and other cli tools.
=== Removed Features and Support
* CMake: The options starting with DISABLE_something were renamed ENABLE_something for consistency.
For example DISABLE_WERROR=On became ENABLE_WERROR=Off. The defaults are unchanged.
// === Removed Dissectors
=== New File Format Decoding Support
[commaize]
--
--
=== New Protocol Support
// Add one protocol per line between the -- delimiters in the format
// “Full protocol name (Abbreviation)”
// git log --oneline --diff-filter=A --stat v3.7.0rc0.. epan/dissectors plugins
[commaize]
--
Host IP Configuration Protocol (HICP)
Secure Host IP Configuration Protocol (SHICP)
Mesh Connex (MCX)
FiveCo's Legacy Register Access Protocol (5co-legacy)
--
=== Updated Protocol Support
Too many protocols have been updated to list here.
=== New and Updated Capture File Support
// There is no new or updated capture file support in this release.
// Add one file type per line between the -- delimiters.
[commaize]
--
--
// === New and Updated Capture Interfaces support
//_Non-empty section placeholder._
=== Major API Changes
* proto.h: The field display types "STR_ASCII" and "STR_UNICODE" were removed. Use "BASE_NONE" instead.
== Getting Wireshark
Wireshark source code and installation packages are available from
https://www.wireshark.org/download.html.
=== Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark packages.
You can usually install or upgrade Wireshark using the package management system specific to that platform.
A list of third-party packages can be found on the
https://www.wireshark.org/download.html[download page]
on the Wireshark web site.
== File Locations
Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
These locations vary from platform to platform.
You can use menu:Help[About Wireshark,Folders] or `tshark -G folders` to find the default locations on your system.
== Getting Help
The Users Guide, manual pages and various other documentation can be found at
https://www.wireshark.org/docs/
Community support is available on
https://ask.wireshark.org/[Wiresharks Q&A site]
and on the wireshark-users mailing list.
Subscription information and archives for all of Wiresharks mailing lists can be found on
https://www.wireshark.org/lists/[the web site].
Bugs and feature requests can be reported on
https://gitlab.com/wireshark/wireshark/-/issues[the issue tracker].
// Official Wireshark training and certification are available from
// https://www.wiresharktraining.com/[Wireshark University].
== Frequently Asked Questions
A complete FAQ is available on the
https://www.wireshark.org/faq.html[Wireshark web site].
View Git Blame Copy Permalink