osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
wireshark/NEWS

134 lines
4.7 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Wireshark 4.3.0 Release Notes
This is an experimental release intended to test new features for
Wireshark 4.4.
What is Wireshark?
Wireshark is the worlds most popular network protocol analyzer. It is
used for troubleshooting, analysis, development and education.
Whats New
Improved display filter support for value strings (optional string
representations for numeric fields).
Display filter functions can be implemented as runtime-loadable C
plugins.
New and Updated Features
The following features are new (or have been significantly updated)
since version 4.2.0:
• Display filter syntax-related enhancements:
• Better handling of comparisons with value strings. Now the
display filter engine can correctly handle cases where multiple
different numeric values map to the same value string, including
but not limited to range-type value strings.
• Fields with value strings now support regular expression
matching.
• Date and time values now support arithmetic, with some
restrictions: the multiplier/divisor must be an integer or float
and appear on the right-hand side of the operator.
• The keyword "bitand" can be used as an alternative syntax for
the bitwise-and operator.
• Functions alone can now be used as an entire logical
expression. The result of the expression is the truthiness of the
function return value (or of all values if more than one). This
is useful for example to write "len(something)" instead of
"len(something) != 0". Even more so if a function returns itself
a boolean value, it is now possible to write
"bool_test(some.field)" instead of having to write
"bool_test(some.field) == True" (both forms are now valid).
• Display filter references can be written without curly braces.
It is now possible to write `$frame.number` instead of
`${frame.number}` for example.
• Added new display filter functions to test various IP address
properties. Check the wireshark-filter(5) manpage for more
information.
• Display filter autocompletions now also include display filter
functions.
New Protocol Support
MAC NR Framed (mac-nr-framed), RF4CE Network Layer (RF4CE), and RF4CE
Profile (RF4CE Profile)
Updated Protocol Support
• IPv6: The "show address detail" preference is now enabled by
default. The address details provided have been extended to
include more special purpose address block properties
(forwardable, globally-routable, etc).
Too many other protocol updates have been made to list them all here.
Major API Changes
• Plugins should provide a `plugin_describe()` function that
returns an ORed list of flags consisting of the plugin types used
(declared in wsutil/plugins.h).
Getting Wireshark
Wireshark source code and installation packages are available from
https://www.wireshark.org/download.html.
Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark packages. You
can usually install or upgrade Wireshark using the package management
system specific to that platform. A list of third-party packages can
be found on the download page[1] on the Wireshark web site.
File Locations
Wireshark and TShark look in several different locations for
preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These
locations vary from platform to platform. You can use "Help About
Wireshark Folders" or `tshark -G folders` to find the default
locations on your system.
Getting Help
The Users Guide, manual pages and various other documentation can be
found at https://www.wireshark.org/docs/
Community support is available on Wiresharks Q&A site[2] and on the
wireshark-users mailing list. Subscription information and archives
for all of Wiresharks mailing lists can be found on the web site[3].
Bugs and feature requests can be reported on the issue tracker[4].
You can learn protocol analysis and meet Wiresharks developers at
SharkFest[5].
How You Can Help
The Wireshark Foundation helps as many people as possible understand
their networks as much as possible. You can find out more and donate
at wiresharkfoundation.org[6].
Frequently Asked Questions
A complete FAQ is available on the Wireshark web site[7].
References
1. https://www.wireshark.org/download.html
2. https://ask.wireshark.org/
3. https://www.wireshark.org/lists/
4. https://gitlab.com/wireshark/wireshark/-/issues
5. https://sharkfest.wireshark.org
6. https://wiresharkfoundation.org
7. https://www.wireshark.org/faq.html
Reference in New Issue View Git Blame Copy Permalink