439 lines
11 KiB
XML
439 lines
11 KiB
XML
<?xml version="1.0"?>
|
|
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
|
|
|
<!-- $Id$ -->
|
|
|
|
<!--
|
|
DOCUMENT SECTION
|
|
-Use this section to encode all document information
|
|
-->
|
|
|
|
<!--
|
|
Wireshark Info
|
|
-->
|
|
<!ENTITY WiresharkCurrentVersion "1.9.0">
|
|
|
|
]>
|
|
|
|
<article>
|
|
<title>Wireshark &WiresharkCurrentVersion; Release Notes</title>
|
|
|
|
<section id="WhatIs"><title>What is Wireshark?</title>
|
|
<para>
|
|
Wireshark is the world's most popular network protocol analyzer. It
|
|
is used for troubleshooting, analysis, development and education.
|
|
</para>
|
|
</section>
|
|
|
|
<section id="WhatsNew"><title>What's New</title>
|
|
<section id="BugFixes"><title>Bug Fixes</title>
|
|
|
|
<para>
|
|
|
|
The following bugs have been fixed:
|
|
|
|
<itemizedlist>
|
|
|
|
<!-- Sort by bug # -->
|
|
<!--
|
|
<listitem><para>
|
|
Wireshark will strip the paint off your car, then apply a hideous
|
|
flame job to the hood and fenders using gray, red, and black primer.
|
|
(<ulink url="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=0000">Bug
|
|
0000</ulink>)
|
|
</para></listitem>
|
|
-->
|
|
|
|
<listitem><para>
|
|
When saving the displayed packets, packets which are dependencies
|
|
(e.g., due to reassembly) of the displayed packets are included in
|
|
the list of saved packets
|
|
(<ulink url="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3315">Bug
|
|
3315</ulink>).
|
|
</para></listitem>
|
|
|
|
<listitem><para>
|
|
Rearranging columns in preferences doesn't work on 64-bit Windows.
|
|
(<ulink url="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6077">Bug
|
|
6077</ulink>)
|
|
</para></listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</para>
|
|
|
|
</section>
|
|
|
|
<section id="NewFeatures"><title>New and Updated Features</title>
|
|
<para>
|
|
The following features are new (or have been significantly updated)
|
|
since version 1.6:
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Wireshark supports capturing from multiple interfaces at once.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
You can now add, edit, and save packet and capture file annotations.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Wireshark, TShark, and their associated utilities now save files
|
|
using the pcap-ng file format by default. (Your copy of Wireshark
|
|
might still use the pcap file format if pcap-ng is disabled in
|
|
your preferences.)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Decryption key management for IEEE 802.11, IPsec, and ISAKMP
|
|
is easier.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
OID resolution is now supported on 64-bit Windows.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
When saving, exporting or printing packets, the default choice
|
|
is now to save, export or print only the displayed packets
|
|
rather than all packets.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
TCP fast retransmissions are now indicated as an expert info note,
|
|
rather than a warning, just as TCP retransmissions are.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
TCP window updates are no longer colorized as "Bad TCP".
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
TShark's command-line options have changed. The previously
|
|
undocumented -P option is now -2 option for performing a two-pass
|
|
analysis; the former -S option is now the -P option for printing
|
|
packets even if writing to a file, and the -S option is now used to
|
|
specify a different line separator between packets.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
GeoIP IPv6 databases are now supported.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</para>
|
|
</section>
|
|
|
|
<section id="NewProtocols"><title>New Protocol Support</title>
|
|
<para>
|
|
|
|
<!-- Sorted, one per line -->
|
|
|
|
Aastra Signalling Protocol (AASP),
|
|
ActiveMQ OpenWire,
|
|
Bandwidth Reservation Protocol (BRP),
|
|
Bazaar,
|
|
Binary Floor Control Protocol,
|
|
BitTorrent DHT,
|
|
C12.22,
|
|
CANopen,
|
|
CIP Motion,
|
|
CIP Safety,
|
|
Cisco FabricPath MiM,
|
|
DMX Channel Data,
|
|
DMX SIP,
|
|
DMX Test,
|
|
DMX Text,
|
|
DMX,
|
|
DVB Application Information Table,
|
|
DVB Bouquet Association Table,
|
|
DVB Event Information Table,
|
|
DVB MultiProtocol Encapsulation (DVB-MPE),
|
|
DVB Network Information Table,
|
|
DVB Service Description Table,
|
|
DVB Time and Date Table,
|
|
DVB Time Offset Table,
|
|
DVB/ETSI IP Data Cast (IPDC) Electronic Service Guide (ESG),
|
|
ECP VDP,
|
|
EIA-709.1 (LonTalk),
|
|
EIA-852 (CN/IP),
|
|
ELCOM,
|
|
Ericsson A-bis OML (OM 2000),
|
|
Ericsson HDLC,
|
|
Ericsson Proprietary PCAP,
|
|
ETSI CAT,
|
|
ETV-AM Data,
|
|
ETV-AM EISS Section,
|
|
Flight Message Transfer Protocol (FMTP),
|
|
Gadu-Gadu,
|
|
GEO-Mobile Radio (1) BCCH,
|
|
GEO-Mobile Radio (1) Common,
|
|
GEO-Mobile Radio (1) DTAP,
|
|
GEO-Mobile Radio (1) Radio Resource,
|
|
Gluster Callback,
|
|
Gluster CLI,
|
|
Gluster Dump,
|
|
Gluster Portmap,
|
|
GlusterD,
|
|
GlusterFS Callback,
|
|
GlusterFS Handshake,
|
|
GlusterFS,
|
|
GSM A-bis OML,
|
|
GSM CBCH,
|
|
GSM Cell Broadcast Service,
|
|
GSM SIM,
|
|
H.248.2,
|
|
Hadoop Distributed File System (HDFS),
|
|
HART/IP,
|
|
Hazelcast,
|
|
HDFS Data,
|
|
High bandwidth Digital Content Protection (HDCP),
|
|
High-availability Seamless Redundancy (HSR),
|
|
HomePlug AV,
|
|
HSR/PRP,
|
|
IEEE 1722.1,
|
|
ISO 7816,
|
|
ixveriwave,
|
|
Kismet drone/server protocol,
|
|
KristalliNet,
|
|
LCS-AP,
|
|
Link Access Procedure, Satellite channel (LAPSat),
|
|
LLRP,
|
|
LTE Positioning Protocol A (LPPa),
|
|
LTE Positioning Protocol,
|
|
M3 Application Protocol (M3AP),
|
|
MAC Address Acquisition Protocol,
|
|
MBMS synchronisation protocol,
|
|
Microsoft Credential Security Support Provider (CredSSP),
|
|
MoldUDP,
|
|
MoldUDP64,
|
|
MPEG Conditional Access,
|
|
MPEG descriptors,
|
|
MPEG DSM-CC,
|
|
MPEG Program Association Table (PAT),
|
|
MPEG Program Map Table,
|
|
MPEG Section,
|
|
MPLS Packet Loss and Delay Measurement,
|
|
MPLS-TP Protection State Coordination,
|
|
Multiple VLAN Registration Protocol (MRVP),
|
|
Netfilter LOG,
|
|
NOE,
|
|
NXP MiFare,
|
|
NXP PN532,
|
|
Open IPTV Forum
|
|
openSAFETY,
|
|
Performance Co-Pilot (PCP),
|
|
PPI Sensor,
|
|
RDP,
|
|
RTP-MIDI,
|
|
SBc Application Part (SBc-AP),
|
|
SDH/SONET,
|
|
Solaris IP over InfiniBand,
|
|
Sony FeliCa,
|
|
T.124,
|
|
UA (Universal Alcatel),
|
|
UA3G,
|
|
UASIP,
|
|
UAUDP,
|
|
USB Integrated Circuit Card Interface Device Class (CCID),
|
|
V5 Data Link Layer (V5DL),
|
|
V5 Envelope Function (V5EF),
|
|
Virtual eXtensible Local Area Network (VXLAN),
|
|
VSS-Monitoring,
|
|
Vuze DHT,
|
|
WaveAgent,
|
|
WebSocket,
|
|
WSE Remote Ethernet,
|
|
XMCP,
|
|
YAMI
|
|
|
|
|
|
</para>
|
|
</section>
|
|
|
|
<section id="UpdatedProtocols"><title>Updated Protocol Support</title> <para>
|
|
|
|
Too many protocols have been updated to list here.
|
|
|
|
</para>
|
|
</section>
|
|
|
|
<section id="NewCapture"><title>New and Updated Capture File Support</title>
|
|
<para>
|
|
|
|
<!-- Sorted, one per line -->
|
|
|
|
Aethra Telecommunications' PC108,
|
|
Catapult DCT2000,
|
|
Citrix NetScaler,
|
|
Cisco Secure IDS IPLog,
|
|
Endace ERF,
|
|
Gammu DCT3,
|
|
Generic MIME,
|
|
IBM iSeries,
|
|
InfoVista 5View,
|
|
Ixia IxVeriWave,
|
|
LANalyzer,
|
|
Microsoft NetMon,
|
|
MPEG2-TS,
|
|
Network Instruments Observer,
|
|
Nokia DCT3,
|
|
pcap,
|
|
pcap-ng,
|
|
Solaris snoop,
|
|
TamoSoft CommView,
|
|
Tektronix K12xx,
|
|
XML
|
|
|
|
</para>
|
|
</section>
|
|
|
|
</section>
|
|
|
|
<section id="GettingWireshark"><title>Getting Wireshark</title>
|
|
<para>
|
|
Wireshark source code and installation packages are available from
|
|
<ulink url="http://www.wireshark.org/download.html">http://www.wireshark.org/download.html</ulink>.
|
|
</para>
|
|
|
|
<section id="VendorPackages"><title>Vendor-supplied Packages</title>
|
|
<para>
|
|
Most Linux and Unix vendors supply their own Wireshark packages.
|
|
You can usually install or upgrade Wireshark using the package management
|
|
system specific to that platform. A list of third-party packages
|
|
can be found on the
|
|
<ulink url="http://www.wireshark.org/download.html#thirdparty">download page</ulink>
|
|
on the Wireshark web site.
|
|
</para>
|
|
</section>
|
|
|
|
</section>
|
|
|
|
<!-- XXX needs to be written
|
|
<section id="RemovingWireshark"><title>Removing Wireshark</title>
|
|
<para>
|
|
</para>
|
|
</section>
|
|
-->
|
|
|
|
<section id="FileLocations"><title>File Locations</title>
|
|
<para>
|
|
Wireshark and TShark look in several different locations for
|
|
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
|
|
These locations vary from platform to platform. You can use
|
|
About→Folders to find the default locations on your system.
|
|
</para>
|
|
</section>
|
|
|
|
<section id="KnownProblems"><title>Known Problems</title>
|
|
|
|
<para>
|
|
Dumpcap might not quit if Wireshark or TShark crashes.
|
|
(<ulink url="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419">Bug
|
|
1419</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
The BER dissector might infinitely loop.
|
|
(<ulink url="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516">Bug
|
|
1516</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
Capture filters aren't applied when capturing from named pipes.
|
|
(<ulink url="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814">Bug
|
|
1814</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
Filtering tshark captures with display filters (-R) no longer works.
|
|
(<ulink url="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234">Bug
|
|
2234</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
The 64-bit Windows installer does not support Kerberos decryption.
|
|
(<ulink url="https://wiki.wireshark.org/Development/Win64">Win64
|
|
development page</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
Application crash when changing real-time option.
|
|
(<ulink url="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035">Bug
|
|
4035</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
Hex pane display issue after startup.
|
|
(<ulink url="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056">Bug
|
|
4056</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
Packet list rows are oversized.
|
|
(<ulink url="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357">Bug
|
|
4357</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
Summary pane selected frame highlighting not maintained.
|
|
(<ulink url="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445">Bug
|
|
4445</ulink>)
|
|
</para>
|
|
|
|
<para>
|
|
Wireshark and TShark will display incorrect delta times in some cases.
|
|
(<ulink url="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985">Bug
|
|
4985</ulink>)
|
|
</para>
|
|
|
|
</section>
|
|
|
|
<section id="GettingHelp"><title>Getting Help</title>
|
|
<para>
|
|
Community support is available on
|
|
<ulink url="http://ask.wireshark.org/">Wireshark's Q&A site</ulink>
|
|
and on the wireshark-users mailing list.
|
|
Subscription information and archives for all of Wireshark's mailing
|
|
lists can be found on <ulink url="http://www.wireshark.org/lists/">the
|
|
web site</ulink>.
|
|
</para>
|
|
<para>
|
|
Official Wireshark training and certification are available from
|
|
<ulink url="http://www.wiresharktraining.com/">Wireshark University</ulink>.
|
|
</para>
|
|
</section>
|
|
|
|
<section id="FAQ"><title>Frequently Asked Questions</title>
|
|
<para>
|
|
A complete FAQ is available on the
|
|
<ulink url="http://www.wireshark.org/faq.html">Wireshark web site</ulink>.
|
|
</para>
|
|
</section>
|
|
|
|
</article>
|