188 lines
6.4 KiB
Plaintext
188 lines
6.4 KiB
Plaintext
include::attributes.adoc[]
|
||
:stylesheet: ws.css
|
||
:linkcss:
|
||
:copycss: {stylesheet}
|
||
|
||
= Wireshark {wireshark-version} Release Notes
|
||
// Asciidoctor Syntax Quick Reference:
|
||
// https://asciidoctor.org/docs/asciidoc-syntax-quick-reference/
|
||
|
||
This is an experimental release intended to test new features for Wireshark 4.2.
|
||
|
||
== What is Wireshark?
|
||
|
||
Wireshark is the world’s most popular network protocol analyzer.
|
||
It is used for troubleshooting, analysis, development and education.
|
||
|
||
== What’s New
|
||
|
||
// Add a summary of major changes here.
|
||
// Add other changes to "New and Updated Features" below.
|
||
|
||
Wireshark is now better about generating valid UTF-8 output.
|
||
|
||
A new display filter feature for filtering raw bytes has been added.
|
||
|
||
Display filter autocomplete is smarter about not suggesting invalid syntax.
|
||
|
||
The Windows build has a new SpeexDSP external dependency (https://www.speex.org).
|
||
The speex code that was previously bundled has been removed.
|
||
|
||
The personal extcap plugin folder location on Unix has been changed to
|
||
follow existing conventions for architecture-dependent files.
|
||
The extcap personal folder is now ``$HOME/.local/lib/wireshark/extcap``.
|
||
Previously it was ``$XDG_CONFIG_HOME/wireshark/extcap``.
|
||
|
||
The installation target no longer installs development headers by default.
|
||
That must be done explicitly using ``cmake --install <builddir> --component Development``.
|
||
|
||
The Wireshark installation is relocatable on Linux (and other ELF platforms
|
||
with support for relative RPATHs).
|
||
|
||
Many other improvements have been made.
|
||
See the “New and Updated Features” section below for more details.
|
||
|
||
=== Bug Fixes
|
||
|
||
The following bugs have been fixed:
|
||
|
||
* wsbuglink:18413[No Audio in RTP player with Wireshark 4.0.0] - RTP player do not play audio frequently on Win32 builds with Qt6
|
||
|
||
* wsbuglink:18510[Paused playback cannot continue to play] - Playback marker do not move after unpause with Qt6
|
||
|
||
|
||
//* wsbuglink:5000[]
|
||
//* wsbuglink:6000[Wireshark bug]
|
||
//* cveidlink:2014-2486[]
|
||
//* Wireshark grabs your ID at 3 am, goes to Waffle House, and insults people.
|
||
|
||
=== New and Updated Features
|
||
|
||
The following features are new (or have been significantly updated) since version 4.0.0:
|
||
|
||
// * The Windows installers now ship with Npcap 1.71.
|
||
// They previously shipped with Npcap 1.60.
|
||
|
||
* The API has been updated to ensure that the dissection engine produces valid UTF-8 strings.
|
||
|
||
* Wireshark now builds with Qt6 by default. To use Qt5 instead pass USE_qt6=OFF to CMake.
|
||
|
||
* It is now possible to filter on raw packet data for any field by using the syntax ``@some.field == <bytes...>``.
|
||
This can be useful to filter on malformed UTF-8 strings, among other use cases where it is necessary to
|
||
look at the field's raw data.
|
||
|
||
* Negation (unary minus) now works with any display filter arithmetic expression.
|
||
|
||
* ciscodump support Cisco IOS XE 17.x
|
||
|
||
// === Removed Features and Support
|
||
|
||
// === Removed Dissectors
|
||
|
||
// === New File Format Decoding Support
|
||
|
||
// [commaize]
|
||
// --
|
||
// --
|
||
|
||
=== New Protocol Support
|
||
|
||
// Add one protocol per line between the -- delimiters in the format
|
||
// “Full protocol name (Abbreviation)”
|
||
// git log --oneline --diff-filter=A --stat v3.7.0rc0.. epan/dissectors plugins
|
||
[commaize]
|
||
--
|
||
SAP GUI (SAPDiag)
|
||
SAP Enqueue Server (SAPEnqueue)
|
||
SAP HANA SQL Command Network Protocol (SAPHDB)
|
||
SAP Internet Graphic Server (SAP IGS)
|
||
SAP Message Server (SAPMS)
|
||
SAP Network Interface (SAPNI)
|
||
SAP Router (SAPROUTER)
|
||
SAP Secure Network Connection (SNC)
|
||
World of Warcraft World (WOWW) display filters have been changed to be more internally consistent.
|
||
Support for almost all WoW 1.12 messages has been added.
|
||
Management Component Transport Protocol (MCTP)
|
||
Management Component Transport Protocol - Control Protocol (MCTP CP)
|
||
Non-volatile Memory Express - Management Interface (NVMe-MI) over MCTP
|
||
DECT proprietary Mitel OMM/RFP Protocol (also named AaMiDe)
|
||
DECT DLC protocol layer (DECT-DLC)
|
||
DECT NWK protocol layer (DECT-NWK)
|
||
Low Level Signalling (ATSC3 LLS)
|
||
--
|
||
|
||
=== Updated Protocol Support
|
||
|
||
* The JSON dissector now has a preference to enable/disable "unescaping"
|
||
of string values. By default it is off. Previously it was always on.
|
||
|
||
* The JSON dissector now supports "Display JSON in raw form".
|
||
|
||
* The IPv6 dissector has a new preference to show some semantic details
|
||
about addresses (default off).
|
||
|
||
Too many other protocols have been updated to list them all here.
|
||
|
||
=== New and Updated Capture File Support
|
||
|
||
// There is no new or updated capture file support in this release.
|
||
// Add one file type per line between the -- delimiters.
|
||
[commaize]
|
||
--
|
||
--
|
||
|
||
// === New and Updated Capture Interfaces support
|
||
|
||
//_Non-empty section placeholder._
|
||
|
||
// === Major API Changes
|
||
|
||
== Getting Wireshark
|
||
|
||
Wireshark source code and installation packages are available from
|
||
https://www.wireshark.org/download.html.
|
||
|
||
=== Vendor-supplied Packages
|
||
|
||
Most Linux and Unix vendors supply their own Wireshark packages.
|
||
You can usually install or upgrade Wireshark using the package management system specific to that platform.
|
||
A list of third-party packages can be found on the
|
||
https://www.wireshark.org/download.html[download page]
|
||
on the Wireshark web site.
|
||
|
||
== File Locations
|
||
|
||
Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
|
||
These locations vary from platform to platform.
|
||
You can use menu:Help[About Wireshark,Folders] or `tshark -G folders` to find the default locations on your system.
|
||
|
||
== Getting Help
|
||
|
||
The User’s Guide, manual pages and various other documentation can be found at
|
||
https://www.wireshark.org/docs/
|
||
|
||
Community support is available on
|
||
https://ask.wireshark.org/[Wireshark’s Q&A site]
|
||
and on the wireshark-users mailing list.
|
||
Subscription information and archives for all of Wireshark’s mailing lists can be found on
|
||
https://www.wireshark.org/lists/[the web site].
|
||
|
||
Bugs and feature requests can be reported on
|
||
https://gitlab.com/wireshark/wireshark/-/issues[the issue tracker].
|
||
|
||
You can learn protocol analysis and meet Wireshark’s developers at
|
||
https://sharkfest.wireshark.org[SharkFest].
|
||
|
||
// Official Wireshark training and certification are available from
|
||
// https://www.wiresharktraining.com/[Wireshark University].
|
||
|
||
== How You Can Help
|
||
|
||
The Wireshark Foundation helps as many people as possible understand their networks as much as possible.
|
||
You can find out more and donate at https://wiresharkfoundation.org[wiresharkfoundation.org].
|
||
|
||
== Frequently Asked Questions
|
||
|
||
A complete FAQ is available on the
|
||
https://www.wireshark.org/faq.html[Wireshark web site].
|