NEWS got updated again. This shows two inconsistencies how
Gerald's and my machine generate this file: - Line width seems to be different - We use different time zones. Is there a way to make at least the first point consistent? Change-Id: I1f7ac0318eccc2fc5af94bfb8dc1f4e7410d4bcc Reviewed-on: https://code.wireshark.org/review/1595 Reviewed-by: Jörg Mayer <jmayer@loplof.de>
This commit is contained in:
parent
98f608cc0d
commit
7a010fa71b
255
NEWS
255
NEWS
|
@ -1,116 +1,121 @@
|
|||
Wireshark 1.11.3 Release Notes
|
||||
|
||||
This is an experimental release intended to test new features
|
||||
for the next stable release.
|
||||
__________________________________________________________
|
||||
Wireshark 1.11.4 Release Notes
|
||||
|
||||
This is an experimental release intended to test new features for the
|
||||
next stable release.
|
||||
__________________________________________________________________
|
||||
|
||||
What is Wireshark?
|
||||
|
||||
Wireshark is the world's most popular network protocol
|
||||
analyzer. It is used for troubleshooting, analysis, development
|
||||
and education.
|
||||
__________________________________________________________
|
||||
Wireshark is the world's most popular network protocol analyzer. It is
|
||||
used for troubleshooting, analysis, development and education.
|
||||
__________________________________________________________________
|
||||
|
||||
What's New
|
||||
|
||||
Bug Fixes
|
||||
|
||||
The following bugs have been fixed:
|
||||
* "On-the-wire" packet lengths are limited to 65535 bytes.
|
||||
([1]Bug 8808, ws-buglink:9390)
|
||||
* "Follow TCP Stream" shows only the first HTTP req+res.
|
||||
([2]Bug 9044)
|
||||
* Files with pcap-ng Simple Packet Blocks can't be read.
|
||||
([3]Bug 9200)
|
||||
* "On-the-wire" packet lengths are limited to 65535 bytes. ([1]Bug
|
||||
8808, ws-buglink:9390)
|
||||
* "Follow TCP Stream" shows only the first HTTP req+res. ([2]Bug
|
||||
9044)
|
||||
* Files with pcap-ng Simple Packet Blocks can't be read. ([3]Bug
|
||||
9200)
|
||||
* MPLS-over-PPP isn't recognized. ([4]Bug 9492)
|
||||
|
||||
New and Updated Features
|
||||
|
||||
The following features are new (or have been significantly
|
||||
updated) since version 1.11.2:
|
||||
The following features are new (or have been significantly updated)
|
||||
since version 1.11.3:
|
||||
* Transport name resolution is now disabled by default.
|
||||
|
||||
The following features are new (or have been significantly updated)
|
||||
since version 1.11.2:
|
||||
* Qt port:
|
||||
+ The About dialog has been added
|
||||
+ The Capture Interfaces dialog has been added.
|
||||
+ The Decode As dialog has been added. It managed to
|
||||
swallow up the User Specified Decodes dialog as well.
|
||||
+ The Decode As dialog has been added. It managed to swallow up
|
||||
the User Specified Decodes dialog as well.
|
||||
+ The Export PDU dialog has been added.
|
||||
+ Several SCTP dialogs have been added.
|
||||
+ The statistics tree (the backend for many Statistics
|
||||
and Telephony menu items) dialog has been added.
|
||||
+ The statistics tree (the backend for many Statistics and
|
||||
Telephony menu items) dialog has been added.
|
||||
+ The I/O Graph dialog has been added.
|
||||
+ French translation has updated.
|
||||
|
||||
The following features are new (or have been significantly
|
||||
updated) since version 1.11.1:
|
||||
The following features are new (or have been significantly updated)
|
||||
since version 1.11.1:
|
||||
* Mac OS X packaging has been improved.
|
||||
|
||||
The following features are new (or have been significantly
|
||||
updated) since version 1.11.0:
|
||||
* Dissector output may be encoded as UTF-8. This includes
|
||||
TShark output.
|
||||
The following features are new (or have been significantly updated)
|
||||
since version 1.11.0:
|
||||
* Dissector output may be encoded as UTF-8. This includes TShark
|
||||
output.
|
||||
* Qt port:
|
||||
+ The Follow Stream dialog now supports packet and TCP
|
||||
stream selection.
|
||||
+ The Follow Stream dialog now supports packet and TCP stream
|
||||
selection.
|
||||
+ A Flow Graph (sequence diagram) dialog has been added.
|
||||
+ The main window now respects geometry preferences.
|
||||
|
||||
The following features are new (or have been significantly
|
||||
updated) since version 1.10:
|
||||
* Wireshark now uses the Qt application framework. The new UI
|
||||
should provide a significantly better user experience,
|
||||
particularly on Mac OS X and Windows.
|
||||
* The Windows installer now uninstalls the previous version
|
||||
of Wireshark silently. You can still run the uninstaller
|
||||
manually beforehand if you wish to run it interactively.
|
||||
* Expert information is now filterable when the new API is in
|
||||
use.
|
||||
* The "Number" column shows related packets and protocol
|
||||
conversation spans (Qt only).
|
||||
* When manipulating packets with editcap using the -C
|
||||
<choplen> and/or -s <snaplen> options, it is now possible
|
||||
to also adjust the original frame length using the -L
|
||||
option.
|
||||
* You can now pass the -C <choplen> option to editcap
|
||||
multiple times, which allows you to chop bytes from the
|
||||
beginning of a packet as well as at the end of a packet in
|
||||
a single step.
|
||||
The following features are new (or have been significantly updated)
|
||||
since version 1.10:
|
||||
* Wireshark now uses the Qt application framework. The new UI should
|
||||
provide a significantly better user experience, particularly on Mac
|
||||
OS X and Windows.
|
||||
* The Windows installer now uninstalls the previous version of
|
||||
Wireshark silently. You can still run the uninstaller manually
|
||||
beforehand if you wish to run it interactively.
|
||||
* Expert information is now filterable when the new API is in use.
|
||||
* The "Number" column shows related packets and protocol conversation
|
||||
spans (Qt only).
|
||||
* When manipulating packets with editcap using the -C <choplen>
|
||||
and/or -s <snaplen> options, it is now possible to also adjust the
|
||||
original frame length using the -L option.
|
||||
* You can now pass the -C <choplen> option to editcap multiple times,
|
||||
which allows you to chop bytes from the beginning of a packet as
|
||||
well as at the end of a packet in a single step.
|
||||
* You can now specify an optional offset to the -C option for
|
||||
editcap, which allows you to start chopping from that
|
||||
offset instead of from the absolute packet beginning or
|
||||
end.
|
||||
* "malformed" display filter has been renamed to
|
||||
"_ws.malformed". A handful of other filters have been given
|
||||
the "_ws." prefix to note they are Wireshark application
|
||||
specific filters and not dissector filters.
|
||||
editcap, which allows you to start chopping from that offset
|
||||
instead of from the absolute packet beginning or end.
|
||||
* "malformed" display filter has been renamed to "_ws.malformed". A
|
||||
handful of other filters have been given the "_ws." prefix to note
|
||||
they are Wireshark application specific filters and not dissector
|
||||
filters.
|
||||
* The Kerberos dissector has been replaced with an auto generated one
|
||||
from ASN1 protocol description, changing a lot of filter names.
|
||||
|
||||
Removed dissectors
|
||||
|
||||
* The ASN1 plugin has been removed as it's deemed obsolete.
|
||||
* The GNM dissector has been removed as it was never used.
|
||||
* The Kerberos hand made dissector has been replaced by one generated
|
||||
from ASN1 code.
|
||||
|
||||
New Protocol Support
|
||||
|
||||
29West, 802.1AE Secure tag, ACR122, ADB Client-Server, AllJoyn,
|
||||
Apple PKTAP, Aruba Instant AP, ASTERIX, ATN, Bencode, Bluetooth
|
||||
3DS, Bluetooth HSP, Bluetooth Linux Monitor Transport,
|
||||
Bluetooth Low Energy, Bluetooth Low Energy RF Info, CARP, CFDP,
|
||||
Cisco MetaData, DCE/RPC MDSSVC, DeviceNet, ELF file format,
|
||||
EXPORTED PDU, FINGER, HDMI, HTTP2, IDRP, IEEE 1722a, ILP, iWARP
|
||||
Direct Data Placement and Remote Direct Memory Access Protocol,
|
||||
Kafka, Kyoto Tycoon, Landis & Gyr Telegyr 8979, LBM, LBMC,
|
||||
LBMPDM, LBMPDM-TCP, LBMR, LBT-RM, LBT-RU, LBT-TCP, Lightweight
|
||||
Mesh (v1.1.1), Linux netlink, Linux netlink netfilter, Linux
|
||||
netlink sock diag, Linux rtnetlink (route netlink), Logcat,
|
||||
MBIM, MiNT, MP4 / ISOBMFF file format, MQ Telemetry Transport
|
||||
Protocol, Novell PKIS certificate extensions, NXP PN532 HCI,
|
||||
Open Sound Control, OpenFlow, Pathport, PDC, Picture Transfer
|
||||
Protocol Over IP, PKTAP, Private Data Channel, QUIC (Quick UDP
|
||||
Internet Connections), SAE J1939, SEL RTAC (Real Time
|
||||
Automation Controller) EIA-232 Serial-Line Dissection, Sippy
|
||||
RTPproxy, SMB-Direct, STANAG 4607, STANAG 5066 DTS, STANAG 5066
|
||||
SIS, Tinkerforge, Ubertooth, UDT, URL Encoded Form Data, USB
|
||||
Communications and CDC Control, USB Device Firmware Upgrade,
|
||||
VP8, WHOIS, Wi-Fi Display, and ZigBee Green Power profile
|
||||
29West, 802.1AE Secure tag, A21, ACR122, ADB Client-Server, AllJoyn,
|
||||
Apple PKTAP, Aruba Instant AP, ASTERIX, ATN, Bencode, Bluetooth 3DS,
|
||||
Bluetooth HSP, Bluetooth Linux Monitor Transport, Bluetooth Low Energy,
|
||||
Bluetooth Low Energy RF Info, CARP, CFDP, Cisco MetaData, DCE/RPC
|
||||
MDSSVC, DeviceNet, ELF file format, Ethernet Local Management Interface
|
||||
(E-LMI), Ethernet Passive Optical Network (EPON), EXPORTED PDU, FINGER,
|
||||
HDMI, High-Speed LAN Instrument Protocol (HiSLIP), HTTP2, IDRP, IEEE
|
||||
1722a, ILP, iWARP Direct Data Placement and Remote Direct Memory Access
|
||||
Protocol, Kafka, Kyoto Tycoon, Landis & Gyr Telegyr 8979, LBM, LBMC,
|
||||
LBMPDM, LBMPDM-TCP, LBMR, LBT-RM, LBT-RU, LBT-TCP, Lightweight Mesh
|
||||
(v1.1.1), Link16, Linux netlink, Linux netlink netfilter, Linux netlink
|
||||
sock diag, Linux rtnetlink (route netlink), Logcat, MBIM, Media
|
||||
Agnostic USB (MA USB), MiNT, MP4 / ISOBMFF file format, MQ Telemetry
|
||||
Transport Protocol, MS NLB (Rewrite), Novell PKIS certificate
|
||||
extensions, NXP PN532 HCI, Open Sound Control, OpenFlow, Pathport, PDC,
|
||||
Picture Transfer Protocol Over IP, PKTAP, Private Data Channel, QUIC
|
||||
(Quick UDP Internet Connections), SAE J1939, SEL RTAC (Real Time
|
||||
Automation Controller) EIA-232 Serial-Line Dissection, Sippy RTPproxy,
|
||||
SMB-Direct, SPDY, STANAG 4607, STANAG 5066 DTS, STANAG 5066 SIS,
|
||||
Tinkerforge, Ubertooth, UDT, URL Encoded Form Data, USB Communications
|
||||
and CDC Control, USB Device Firmware Upgrade, VP8, WHOIS, Wi-Fi
|
||||
Display, and ZigBee Green Power profile
|
||||
|
||||
Updated Protocol Support
|
||||
|
||||
|
@ -118,100 +123,92 @@ What's New
|
|||
|
||||
New and Updated Capture File Support
|
||||
|
||||
Netscaler 2.6, STANAG 4607, and STANAG 5066 Data Transfer
|
||||
Sublayer
|
||||
Netscaler 2.6, STANAG 4607, and STANAG 5066 Data Transfer Sublayer
|
||||
|
||||
Major API Changes
|
||||
|
||||
The libwireshark API has undergone some major changes:
|
||||
* A more flexible, modular memory manager (wmem) has been
|
||||
added. It was available experimentally in 1.10 but is now
|
||||
mature and has mostly replaced the old emem API (which is
|
||||
deprecated).
|
||||
* A new API for expert information has been added, replacing
|
||||
the old one.
|
||||
* The tvbuff API has been cleaned up: tvb_length has been
|
||||
renamed to tvb_captured_length for clarity, and
|
||||
tvb_get_string and tvb_get_stringz have been deprecated in
|
||||
favour of tvb_get_string_enc and tvb_get_stringz_enc.
|
||||
__________________________________________________________
|
||||
* A more flexible, modular memory manager (wmem) has been added. It
|
||||
was available experimentally in 1.10 but is now mature and has
|
||||
mostly replaced the old emem API (which is deprecated).
|
||||
* A new API for expert information has been added, replacing the old
|
||||
one.
|
||||
* The tvbuff API has been cleaned up: tvb_length has been renamed to
|
||||
tvb_captured_length for clarity, and tvb_get_string and
|
||||
tvb_get_stringz have been deprecated in favour of
|
||||
tvb_get_string_enc and tvb_get_stringz_enc.
|
||||
__________________________________________________________________
|
||||
|
||||
Getting Wireshark
|
||||
|
||||
Wireshark source code and installation packages are available
|
||||
from [5]http://www.wireshark.org/download.html.
|
||||
Wireshark source code and installation packages are available from
|
||||
[5]http://www.wireshark.org/download.html.
|
||||
|
||||
Vendor-supplied Packages
|
||||
|
||||
Most Linux and Unix vendors supply their own Wireshark
|
||||
packages. You can usually install or upgrade Wireshark using
|
||||
the package management system specific to that platform. A list
|
||||
of third-party packages can be found on the [6]download page on
|
||||
the Wireshark web site.
|
||||
__________________________________________________________
|
||||
Most Linux and Unix vendors supply their own Wireshark packages. You
|
||||
can usually install or upgrade Wireshark using the package management
|
||||
system specific to that platform. A list of third-party packages can be
|
||||
found on the [6]download page on the Wireshark web site.
|
||||
__________________________________________________________________
|
||||
|
||||
File Locations
|
||||
|
||||
Wireshark and TShark look in several different locations for
|
||||
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
|
||||
These locations vary from platform to platform. You can use
|
||||
About->Folders to find the default locations on your system.
|
||||
__________________________________________________________
|
||||
Wireshark and TShark look in several different locations for preference
|
||||
files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
|
||||
vary from platform to platform. You can use About->Folders to find the
|
||||
default locations on your system.
|
||||
__________________________________________________________________
|
||||
|
||||
Known Problems
|
||||
|
||||
Dumpcap might not quit if Wireshark or TShark crashes. ([7]Bug
|
||||
1419)
|
||||
Dumpcap might not quit if Wireshark or TShark crashes. ([7]Bug 1419)
|
||||
|
||||
The BER dissector might infinitely loop. ([8]Bug 1516)
|
||||
|
||||
Capture filters aren't applied when capturing from named pipes.
|
||||
(ws-buglink:1814)
|
||||
|
||||
Filtering tshark captures with read filters (-R) no longer
|
||||
works. ([9]Bug 2234)
|
||||
Filtering tshark captures with read filters (-R) no longer works.
|
||||
([9]Bug 2234)
|
||||
|
||||
The 64-bit Windows installer does not support Kerberos
|
||||
decryption. ([10]Win64 development page)
|
||||
The 64-bit Windows installer does not support Kerberos decryption.
|
||||
([10]Win64 development page)
|
||||
|
||||
Resolving ([11]Bug 9044) reopens ([12]Bug 3528) so that
|
||||
Wireshark no longer automatically decodes gzip data when
|
||||
following a TCP stream.
|
||||
Resolving ([11]Bug 9044) reopens ([12]Bug 3528) so that Wireshark no
|
||||
longer automatically decodes gzip data when following a TCP stream.
|
||||
|
||||
Application crash when changing real-time option. ([13]Bug
|
||||
4035)
|
||||
Application crash when changing real-time option. ([13]Bug 4035)
|
||||
|
||||
Hex pane display issue after startup. ([14]Bug 4056)
|
||||
|
||||
Packet list rows are oversized. ([15]Bug 4357)
|
||||
|
||||
Summary pane selected frame highlighting not maintained.
|
||||
([16]Bug 4445)
|
||||
Summary pane selected frame highlighting not maintained. ([16]Bug 4445)
|
||||
|
||||
Wireshark and TShark will display incorrect delta times in some
|
||||
cases. ([17]Bug 4985)
|
||||
Wireshark and TShark will display incorrect delta times in some cases.
|
||||
([17]Bug 4985)
|
||||
|
||||
The 64-bit Mac OS X installer doesn't support Mac OS X 10.9
|
||||
([18]Bug 9242)
|
||||
__________________________________________________________
|
||||
The 64-bit Mac OS X installer doesn't support Mac OS X 10.9 ([18]Bug
|
||||
9242)
|
||||
__________________________________________________________________
|
||||
|
||||
Getting Help
|
||||
|
||||
Community support is available on [19]Wireshark's Q&A site and
|
||||
on the wireshark-users mailing list. Subscription information
|
||||
and archives for all of Wireshark's mailing lists can be found
|
||||
on [20]the web site.
|
||||
Community support is available on [19]Wireshark's Q&A site and on the
|
||||
wireshark-users mailing list. Subscription information and archives for
|
||||
all of Wireshark's mailing lists can be found on [20]the web site.
|
||||
|
||||
Official Wireshark training and certification are available
|
||||
from [21]Wireshark University.
|
||||
__________________________________________________________
|
||||
Official Wireshark training and certification are available from
|
||||
[21]Wireshark University.
|
||||
__________________________________________________________________
|
||||
|
||||
Frequently Asked Questions
|
||||
|
||||
A complete FAQ is available on the [22]Wireshark web site.
|
||||
__________________________________________________________
|
||||
__________________________________________________________________
|
||||
|
||||
Last updated 2014-04-15 09:19:56 PDT
|
||||
Last updated 2014-05-11 18:03:37 CEST
|
||||
|
||||
References
|
||||
|
||||
|
|
Loading…
Reference in New Issue