2023-10-01 16:23:06 +00:00
|
|
|
|
Wireshark 4.3.0 Release Notes
|
2014-05-11 19:16:39 +00:00
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
This is an experimental release intended to test new features for
|
2023-10-01 16:23:06 +00:00
|
|
|
|
Wireshark 4.4.
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
What is Wireshark?
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
Wireshark is the world’s most popular network protocol analyzer. It is
|
|
|
|
|
used for troubleshooting, analysis, development and education.
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
What’s New
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2023-10-01 16:23:06 +00:00
|
|
|
|
Improved display filter support for value strings (optional string
|
|
|
|
|
representations for numeric fields).
|
2022-11-27 16:47:44 +00:00
|
|
|
|
|
2023-10-29 16:26:06 +00:00
|
|
|
|
Display filter functions can be implemented as runtime-loadable C
|
|
|
|
|
plugins.
|
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
New and Updated Features
|
2018-03-15 20:46:30 +00:00
|
|
|
|
|
2023-09-17 16:23:39 +00:00
|
|
|
|
The following features are new (or have been significantly updated)
|
2023-10-01 16:23:06 +00:00
|
|
|
|
since version 4.2.0:
|
2023-07-30 19:52:02 +00:00
|
|
|
|
|
2023-10-01 16:23:06 +00:00
|
|
|
|
• Display filter syntax-related enhancements:
|
2023-05-14 16:46:02 +00:00
|
|
|
|
|
2023-10-01 16:23:06 +00:00
|
|
|
|
• Better handling of comparisons with value strings. Now the
|
|
|
|
|
display filter engine can correctly handle cases where multiple
|
|
|
|
|
different numeric values map to the same value string, including
|
|
|
|
|
but not limited to range-type value strings.
|
2023-06-04 16:23:40 +00:00
|
|
|
|
|
2023-10-01 16:23:06 +00:00
|
|
|
|
• Fields with value strings now support regular expression
|
|
|
|
|
matching.
|
2023-09-17 16:23:39 +00:00
|
|
|
|
|
2023-10-22 16:24:58 +00:00
|
|
|
|
• Date and time values now support arithmetic, with some
|
|
|
|
|
restrictions: the multiplier/divisor must be an integer or float
|
|
|
|
|
and appear on the right-hand side of the operator.
|
2023-10-15 16:24:27 +00:00
|
|
|
|
|
2023-10-29 16:26:06 +00:00
|
|
|
|
• The keyword "bitand" can be used as an alternative syntax for
|
|
|
|
|
the bitwise-and operator.
|
|
|
|
|
|
|
|
|
|
• Functions alone can now be used as an entire logical
|
|
|
|
|
expression. The result of the expression is the truthiness of the
|
|
|
|
|
function return value (or of all values if more than one). This
|
|
|
|
|
is useful for example to write "len(something)" instead of
|
|
|
|
|
"len(something) != 0". Even more so if a function returns itself
|
|
|
|
|
a boolean value, it is now possible to write
|
|
|
|
|
"bool_test(some.field)" instead of having to write
|
|
|
|
|
"bool_test(some.field) == True" (both forms are now valid).
|
|
|
|
|
|
|
|
|
|
• Display filter autocompletions now also include display filter
|
|
|
|
|
functions.
|
|
|
|
|
|
2009-09-14 23:31:02 +00:00
|
|
|
|
New Protocol Support
|
|
|
|
|
|
2023-10-29 16:26:06 +00:00
|
|
|
|
MAC NR Framed (mac-nr-framed), RF4CE Network Layer (RF4CE), and RF4CE
|
|
|
|
|
Profile (RF4CE Profile)
|
|
|
|
|
|
2009-09-14 23:31:02 +00:00
|
|
|
|
Updated Protocol Support
|
|
|
|
|
|
2023-10-29 16:26:06 +00:00
|
|
|
|
• IPv6: The "show address detail" preference is now enabled by
|
|
|
|
|
default. The address details provided have been extended to
|
|
|
|
|
include more special purpose address block properties
|
|
|
|
|
(forwardable, globally-routable, etc).
|
|
|
|
|
|
|
|
|
|
Too many other protocol updates have been made to list them all here.
|
|
|
|
|
|
|
|
|
|
Major API Changes
|
|
|
|
|
|
|
|
|
|
• Plugins should provide a `plugin_describe()` function that
|
|
|
|
|
returns an ORed list of flags consisting of the plugin types used
|
|
|
|
|
(declared in wsutil/plugins.h).
|
2023-08-25 17:09:01 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
Getting Wireshark
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
Wireshark source code and installation packages are available from
|
2019-12-15 08:20:34 +00:00
|
|
|
|
https://www.wireshark.org/download.html.
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
|
|
|
|
Vendor-supplied Packages
|
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
Most Linux and Unix vendors supply their own Wireshark packages. You
|
|
|
|
|
can usually install or upgrade Wireshark using the package management
|
|
|
|
|
system specific to that platform. A list of third-party packages can
|
2023-10-01 16:23:06 +00:00
|
|
|
|
be found on the download page[1] on the Wireshark web site.
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
File Locations
|
2005-12-28 16:19:31 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
Wireshark and TShark look in several different locations for
|
2018-12-12 23:25:31 +00:00
|
|
|
|
preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
|
2021-10-08 22:29:42 +00:00
|
|
|
|
locations vary from platform to platform. You can use "Help › About
|
|
|
|
|
Wireshark › Folders" or `tshark -G folders` to find the default
|
|
|
|
|
locations on your system.
|
2009-09-14 23:31:02 +00:00
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
Getting Help
|
2013-11-01 09:55:26 +00:00
|
|
|
|
|
2018-12-12 23:25:31 +00:00
|
|
|
|
The User’s Guide, manual pages and various other documentation can be
|
2019-12-15 08:20:34 +00:00
|
|
|
|
found at https://www.wireshark.org/docs/
|
2005-10-14 21:39:33 +00:00
|
|
|
|
|
2023-10-01 16:23:06 +00:00
|
|
|
|
Community support is available on Wireshark’s Q&A site[2] and on the
|
2018-12-12 23:25:31 +00:00
|
|
|
|
wireshark-users mailing list. Subscription information and archives
|
2023-10-01 16:23:06 +00:00
|
|
|
|
for all of Wireshark’s mailing lists can be found on the web site[3].
|
2022-08-21 16:39:53 +00:00
|
|
|
|
|
2023-10-01 16:23:06 +00:00
|
|
|
|
Bugs and feature requests can be reported on the issue tracker[4].
|
2005-10-14 21:39:33 +00:00
|
|
|
|
|
2022-08-21 16:39:53 +00:00
|
|
|
|
You can learn protocol analysis and meet Wireshark’s developers at
|
2023-10-01 16:23:06 +00:00
|
|
|
|
SharkFest[5].
|
2005-10-14 21:39:33 +00:00
|
|
|
|
|
2023-01-15 16:48:11 +00:00
|
|
|
|
How You Can Help
|
|
|
|
|
|
|
|
|
|
The Wireshark Foundation helps as many people as possible understand
|
|
|
|
|
their networks as much as possible. You can find out more and donate
|
2023-10-01 16:23:06 +00:00
|
|
|
|
at wiresharkfoundation.org[6].
|
2023-01-15 16:48:11 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
Frequently Asked Questions
|
2005-10-14 21:39:33 +00:00
|
|
|
|
|
2023-10-01 16:23:06 +00:00
|
|
|
|
A complete FAQ is available on the Wireshark web site[7].
|
2013-03-28 17:48:31 +00:00
|
|
|
|
|
2018-03-15 20:46:30 +00:00
|
|
|
|
References
|
2013-03-28 17:48:31 +00:00
|
|
|
|
|
2023-10-01 16:23:06 +00:00
|
|
|
|
1. https://www.wireshark.org/download.html
|
|
|
|
|
2. https://ask.wireshark.org/
|
|
|
|
|
3. https://www.wireshark.org/lists/
|
|
|
|
|
4. https://gitlab.com/wireshark/wireshark/-/issues
|
|
|
|
|
5. https://sharkfest.wireshark.org
|
|
|
|
|
6. https://wiresharkfoundation.org
|
|
|
|
|
7. https://www.wireshark.org/faq.html
|