osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Build 2.9.0. 

Change-Id: Id2fb03127c3f4e371a11ba7788a5a3439bafc651
Reviewed-on: https://code.wireshark.org/review/31027
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This commit is contained in:
Gerald Combs 2018-12-12 15:25:31 -08:00
parent b415c6ede7
commit f4238cd266
3 changed files with 2933 additions and 781 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3445
ChangeLog
View File

File diff suppressed because it is too large Load Diff

261
NEWS
View File

@ -1,136 +1,120 @@
Wireshark 2.5.1 Release Notes
Wireshark 2.9.0 Release Notes
This is a semi-experimental release intended to test new features
for Wireshark 2.6.
This is an experimental release intended to test new features for
Wireshark 3.0.
What is Wireshark?
Wireshark is the worlds most popular network protocol analyzer.
It is used for troubleshooting, analysis, development and
education.
Wireshark is the worlds most popular network protocol analyzer. It is
used for troubleshooting, analysis, development and education.
Whats New
Wireshark 2.6 is the last release that will support the legacy
(GTK+) user interface. It will not be supported or available in
Wireshark 3.0.
Many user interface improvements have been made. See the “New and
Updated Features” section below for more details.
Many user interface improvements have been made. See the “New
and Updated Features” section below for more details.
Bug Fixes
Dumpcap might not quit if Wireshark or TShark crashes. (Bug
1419[1])
The following bugs have been fixed:
Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419[1])
New and Updated Features
The following features are new (or have been significantly
updated) since version 2.5.0:
The following features are new (or have been significantly updated)
since version 2.6.0:
• HTTP Referer statistics are now supported.
• The Windows .exe installers now ship with Npcap instead of
WinPcap.
• Wireshark now supports MaxMind DB files. Support for GeoIP
and GeoLite Legacy databases has been removed.
• Conversation timestamps are supported for UDP/UDP-Lite protocols
• The Windows packages are now built using Microsoft Visual
Studio 2017.
• TShark now supports the -G elastic-mapping option which generates
an ElasticSearch mapping file.
• The IP map feature (the “Map” button in the “Endpoints”
dialog) has been removed.
• The “Capture Information” dialog has been added back (Bug
12004[2]).
The following features are new (or have been significantly
updated) since version 2.4.0:
• The Ethernet and IEEE 802.11 dissectors no longer validate the
frame check sequence (checksum) by default.
• Display filter buttons can now be edited, disabled, and
removed via a context menu directly from the toolbar
• The TCP dissector gained a new “Reassemble out-of-order segments”
preference to fix dissection and decryption issues in case TCP
segments are received out-of-order. See the Users Guide, chapter
TCP Reassembly for details.
• Drag & Drop filter fields to the display filter toolbar or
edit to create a button on the fly or apply the filter as a
display filter.
• Decryption support for the new WireGuard dissector (Bug 15011[3],
requires Libgcrypt 1.8).
• Application startup time has been reduced.
• The BOOTP dissector has been renamed to DHCP. With the exception
of “bootp.dhcp”, the old “bootp.*” display filter fields are
still supported but may be removed in a future release.
• Some keyboard shortcut mix-ups have been resolved by
assigning new shortcuts to Edit → Copy methods.
• The SSL dissector has been renamed to TLS. As with BOOTP the old
“ssl.*” display filter fields are supported but may be removed in
a future release.
• TShark now supports color using the --color option.
• Coloring rules, IO graphs, Filter Buttons and protocol preference
tables can now be copied from other profiles using a button in
the corresponding configuration dialogs.
• The "matches" display filter operator is now
case-insensitive.
• APT-X has been renamed to aptX.
• Display expression (button) preferences have been converted
to a UAT. This puts the display expressions in their own
file. Wireshark still supports preference files that
contain the old preferences, but new preference files will
be written without the old fields.
• When importing from hex dump, its now possible to add an
ExportPDU header with a payload name. This calls the specific
dissector directly without lower protocols.
SMI private enterprise numbers are now read from the
"enterprises.tsv" configuration file.
• The sshdump and ciscodump extcap interfaces can now use a proxy
for the SSH connection.
The QUIC dissector has been renamed to Google QUIC (quic →
gquic).
Dumpcap now supports the -a packets:NUM and -b packets:NUM
options.
• The selected packet number can now be shown in the Status
Bar by enabling Preferences → Appearance → Layout → Show
selected packet number.
• Wireshark now includes a “No Reassembly” configuration profile.
• File load time in the Status Bar is now disabled by default
and can be enabled in Preferences → Appearance → Layout →
Show file load time.
• Wireshark now supports the Russian language.
• Support for the G.729A codec in the RTP Player is now added
via the bcg729 library.
• The build system now supports AppImage packages.
Support for hardware-timestamping of packets has been
added.
The Windows installers now ship with Qt 5.12.0. Previously they
shipped with Qt 5.9.7.
• Improved NetMon .cap support with comments, event tracing,
network filter, network info types and some Message
Analyzer exported types.
Removed Features and Support
• The personal plugins folder on Linux/Unix is now
~/.local/lib/wireshark/plugins.
• The legacy (GTK+) user interface has been removed and is no
longer supported.
TShark can print flow graphs using -z flow…
Wireshark requires Qt 5.2 or later. Qt 4 is no longer supported.
• Capinfos now prints SHA256 hashes in addition to RIPEMD160
and SHA1. MD5 output has been removed.
• Wireshark requires GLib 2.32 or later.
The packet editor has been removed. (This was a GTK+ only
experimental feature.)
Building Wireshark requires CMake. Autotools is no longer
supported.
Support BBC micro:bit Bluetooth profile
TSharks -z compare option was removed.
• The Linux and UNIX installation step for Wireshark will now
install headers required to build plugins. A pkg-config
file is provided to help with this (see doc/plugins.example
for details). Note you must still rebuild all plugins
between minor releases (X.Y).
New File Format Decoding Support
• The Windows installers and packages now ship with Qt 5.9.4.
• The generic data dissector can now uncompress zlib
compressed data.
Ruby Marshal format
New Protocol Support
ActiveMQ Artemis Core Protocol, AMT (Automatic Multicast
Tunneling), Bluetooth Mesh, Broadcom tags (Broadcom Ethernet
switch management frames), CAN-ETH, CVS password server,
Excentis DOCSIS31 XRA header, F5ethtrailer, FP Mux, GRPC
(gRPC), IEEE 1905.1a, IEEE 802.11ax (High Efficiency WLAN
(HEW)), IEEE 802.15.9 IEEE Recommended Practice for Transport
of Key Management Protocol (KMP) Datagrams, IEEE 802.3br Frame
Preemption Protocol, ISOBUS, LoRaTap, LoRaWAN, Lustre
Filesystem, Lustre Network, Nano / RaiBlocks Cryptocurrency
Protocol (UDP), Network Functional Application Platform
Interface (NFAPI) Protocol, New Radio Radio Resource Control
protocol, NXP 802.15.4 Sniffer Protocol, PFCP (Packet
Forwarding Control Protocol), Protobuf (Protocol Buffers), QUIC
(IETF), RFC 4108 Using CMS to Protect Firmware Packages,
Session Multiplex Protocol, SolarEdge monitoring protocol,
Steam In-Home Streaming Discovery Protocol, Tibia, TWAMP and
OWAMP, Wi-Fi Device Provisioning Protocol, and Wi-SUN FAN
Protocol
Apple Wireless Direct Link (AWDL), BLIP Couchbase Mobile (BLIP), CDMA
2000, Cisco Meraki Discovery Protocol (MDP), Distributed Ruby (DRb),
DXL, E1AP (5G), EVS (3GPP TS 26.445 A.2 EVS RTP), Exablaze trailers,
General Circuit Services Notification Application Protocol (GCSNA),
GLOW Lawo Emberplus Data format, GSM-R (User-to-User Information
Element usage), HI3CCLinkData, ISO 13400-2 Diagnostic communication
over Internet Protocol (DoIP), ITU-t X.696 Octet Encoding Rules
(OER), Local Number Portability Database Query Protocol (ANSI),
MsgPack, NGAP (5G), NR (5G) PDCP, Osmocom Generic Subscriber Update
Protocol (GSUP), PKCS#10 (RFC2986 Certification Request Syntax),
PROXY (v2), S101 Lawo Emberplus transport frame, Secure Reliable
Transport Protocol (SRT), Spirent Test Center Signature decoding for
Ethernet and FibreChannel (STCSIG, disabled by default),
Sybase-specific portions of TDS, systemd Journal Export, TeamSpeak 3
DNS, TPM 2.0, Ubiquiti Discovery Protocol (UBDP), WireGuard, and XnAP
(5G)
Updated Protocol Support
@ -138,78 +122,71 @@ Wireshark 2.5.1 Release Notes
New and Updated Capture File Support
Microsoft Network Monitor
RFC 7468 (PEM), Ruby marshal object files, systemd Journal Export,
and Unigraf DPA-400 DisplayPort AUX channel monitor
New and Updated Capture Interfaces support
LoRaTap
dpauxmon, an external capture interface (extcap) that captures
DisplayPort AUX channel data from linux kernel drivers.
sdjournal, an extcap that captures systemd journal entries.
Major API Changes
• Lua: the various logging functions (debug, info, message, warn
and critical) have been removed. Use the print function instead
for debugging purposes.
Getting Wireshark
Wireshark source code and installation packages are available
from https://www.wireshark.org/download.html[2].
Wireshark source code and installation packages are available from
https://www.wireshark.org/download.html[4].
Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark
packages. You can usually install or upgrade Wireshark using
the package management system specific to that platform. A list
of third-party packages can be found on the download page[3] on
the Wireshark web site.
Most Linux and Unix vendors supply their own Wireshark packages. You
can usually install or upgrade Wireshark using the package management
system specific to that platform. A list of third-party packages can
be found on the download page[5] on the Wireshark web site.
File Locations
Wireshark and TShark look in several different locations for
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
These locations vary from platform to platform. You can use
About→Folders to find the default locations on your system.
Known Problems
The BER dissector might infinitely loop. (Bug 1516[4])
Capture filters arent applied when capturing from named pipes.
(Bug 1814[5])
Filtering tshark captures with read filters (-R) no longer
works. (Bug 2234[6])
Application crash when changing real-time option. (Bug 4035[7])
Wireshark and TShark will display incorrect delta times in some
cases. (Bug 4985[8])
Wireshark should let you work with multiple capture files. (Bug
10488[9])
preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
locations vary from platform to platform. You can use About→Folders to
find the default locations on your system.
Getting Help
Community support is available on Wiresharks Q&A site[10] and
on the wireshark-users mailing list. Subscription information
and archives for all of Wiresharks mailing lists can be found
on the web site[11].
The Users Guide, manual pages and various other documentation can be
found at https://www.wireshark.org/docs/[6]
Community support is available on Wiresharks Q&A site[7] and on the
wireshark-users mailing list. Subscription information and archives
for all of Wiresharks mailing lists can be found on the web site[8].
Bugs and feature requests can be reported on the bug tracker[9].
Official Wireshark training and certification are available from
Wireshark University[12].
Wireshark University[10].
Frequently Asked Questions
A complete FAQ is available on the Wireshark web site[13].
A complete FAQ is available on the Wireshark web site[11].
Last updated 2018-03-13 19:13:27 UTC
Last updated 2018-12-12 23:05:55 UTC
References
1. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
2. https://www.wireshark.org/download.html
3. https://www.wireshark.org/download.html#thirdparty
4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
10. https://ask.wireshark.org/
11. https://www.wireshark.org/lists/
12. http://www.wiresharktraining.com/
13. https://www.wireshark.org/faq.html
1. 1
2. 2
3. 3
4. 4
5. 5
6. 6
7. 7
8. 8
9. 9
10. 10
11. 11

8
make-version.pl
View File

@ -84,12 +84,12 @@ my %version_pref = (
"format" => "git %Y%m%d%H%M%S",
# Normal development builds
"pkg_enable" => 1,
"pkg_format" => "-%#",
#"pkg_enable" => 1,
#"pkg_format" => "-%#",
# Development releases
#"pkg_enable" => 0,
#"pkg_format" => "",
"pkg_enable" => 0,
"pkg_format" => "",
);
my $srcdir = ".";
my $info_cmd = "";