Wireshark 2.2.6 (32-bit)
更新細節:
Vulnerabilities fixed:
IMAP dissector crash.
WBMXL dissector infinite loop.
NetScaler file parser infinite loop.
RPCoRDMA dissector infinite loop.
BGP dissector infinite loop.
DOF dissector infinite loop.
PacketBB dissector crash.
SLSK dissector long loop.
SIGCOMP dissector infinite loop.
WSP dissector infinite loop.
Bug fixed:
T30 FCF byte decoding masks DTC, CIG and NCS.
Wireshark gives decoding error during rnsap message dissection(SCCP reassembly).
Added IEEE 802.15.4-2003 AES-CCM security modes (packet-ieee802154).
Payload in 2 SCCP DT1 messages in the same frame isn’t (sub)dissected.
IEEE 802.15.4: an area of Payload IEs is dissected twice.
Qt UI: Wireshark crash when deleting IO graph string while it’s in editing mode.
Crash on exit due to an invalid frame data sequence state.
Access Violation using Lua dissector.
Some bytes ignored in every packet in NetScaler packet trace when vmnames are included in packet headers.
VOIP RTP stream Find Reverse button doesn’t work.
Lua dissector: ProtoField int&42; do not allow FT_HEX or FT_OCT, crash when set to FT_HEX_DEC or FT_DEC_HEX.
GIOP LocateRequest v1.0 is improperly indicated as "malformed".
Bug in ZigBee - Zone Status Change Notification.
Packet exception in packet-ua3g and incomplete strings in packet-noe.
Wrong BGP capability dissect.
Endpoint statistics column labels seem incorrect.
Strange automatic jump in packet details for a certain DNS response packet.
When a Lua enum or bool preference is changed via context menu, prefs_changed isn’t called with Qt Wireshark.
IO Graph selects wrong packet or displays "Packet number x isn’t displayed".
Tshark’s -z endpoints,ip ignores optional filter.
SSL: Handshake type in Info column not always separated by comma.
Libfuzzer: PEEKREMOTE dissector bug.
Libfuzzer: packetBB dissector bug (packetbb.msg.addr.valuecustom).
Libfuzzer: WSP dissector bug (wsp.header.x_wap_tod).
Libfuzzer: MIH dissector bug.
Libfuzzer: DNS dissector bug.
Libfuzzer: WLCCP dissector bug.
Libfuzzer: TAPA dissector bug.
Libfuzzer: lapsat dissector bug.
Libfuzzer: wassp dissector bug.
Illegal reassembly of GSM SMS packets.
SSH Dissector uses incorrect length for protocol field (ssh.protocol).
NBAP malformed packet for short Binding ID.
libfuzzer: WSP dissector bug (wsp.header.x_up_1.x_up_proxy_tod).
libfuzzer: asterix dissector bug (asterix.021_230_RA).
RTPproxy dissector adds multi lines to info column.
Updated Protocol Support:
ASTERIX, BGP, BSSGP, BT AVRCP, BT HCI_CMD, BT HFP, BT PBAP, DNS, DOF, EAPOL-MKA, GIOP, GSM SMS, HTTP, ICMP, IEEE 802.11, IEEE 802.15.4, IMAP, ISIS, LSP, iSNS, LAPSat, MIH, MySQL, NBAP, NBIFOM, PacketBB, PEEKREMOTE, RPCoRDMA, RTPproxy, SCCP, SIGCOMP, SLSK, SSH, SSL, T.30, TAPA, UA3G, WASSP, WBXML, WLCCP, WSP, and ZigBee ZCL IAS.
版本下載:Wireshark 2.2.6 (32-bit)
Wireshark 2.2.6 (64-bit)
更新細節:
Vulnerabilities fixed:
IMAP dissector crash.
WBMXL dissector infinite loop.
NetScaler file parser infinite loop.
RPCoRDMA dissector infinite loop.
BGP dissector infinite loop.
DOF dissector infinite loop.
PacketBB dissector crash.
SLSK dissector long loop.
SIGCOMP dissector infinite loop.
WSP dissector infinite loop.
Bug fixed:
T30 FCF byte decoding masks DTC, CIG and NCS.
Wireshark gives decoding error during rnsap message dissection(SCCP reassembly).
Added IEEE 802.15.4-2003 AES-CCM security modes (packet-ieee802154).
Payload in 2 SCCP DT1 messages in the same frame isn’t (sub)dissected.
IEEE 802.15.4: an area of Payload IEs is dissected twice.
Qt UI: Wireshark crash when deleting IO graph string while it’s in editing mode.
Crash on exit due to an invalid frame data sequence state.
Access Violation using Lua dissector.
Some bytes ignored in every packet in NetScaler packet trace when vmnames are included in packet headers.
VOIP RTP stream Find Reverse button doesn’t work.
Lua dissector: ProtoField int&42; do not allow FT_HEX or FT_OCT, crash when set to FT_HEX_DEC or FT_DEC_HEX.
GIOP LocateRequest v1.0 is improperly indicated as "malformed".
Bug in ZigBee - Zone Status Change Notification.
Packet exception in packet-ua3g and incomplete strings in packet-noe.
Wrong BGP capability dissect.
Endpoint statistics column labels seem incorrect.
Strange automatic jump in packet details for a certain DNS response packet.
When a Lua enum or bool preference is changed via context menu, prefs_changed isn’t called with Qt Wireshark.
IO Graph selects wrong packet or displays "Packet number x isn’t displayed".
Tshark’s -z endpoints,ip ignores optional filter.
SSL: Handshake type in Info column not always separated by comma.
Libfuzzer: PEEKREMOTE dissector bug.
Libfuzzer: packetBB dissector bug (packetbb.msg.addr.valuecustom).
Libfuzzer: WSP dissector bug (wsp.header.x_wap_tod).
Libfuzzer: MIH dissector bug.
Libfuzzer: DNS dissector bug.
Libfuzzer: WLCCP dissector bug.
Libfuzzer: TAPA dissector bug.
Libfuzzer: lapsat dissector bug.
Libfuzzer: wassp dissector bug.
Illegal reassembly of GSM SMS packets.
SSH Dissector uses incorrect length for protocol field (ssh.protocol).
NBAP malformed packet for short Binding ID.
libfuzzer: WSP dissector bug (wsp.header.x_up_1.x_up_proxy_tod).
libfuzzer: asterix dissector bug (asterix.021_230_RA).
RTPproxy dissector adds multi lines to info column.
Updated Protocol Support:
ASTERIX, BGP, BSSGP, BT AVRCP, BT HCI_CMD, BT HFP, BT PBAP, DNS, DOF, EAPOL-MKA, GIOP, GSM SMS, HTTP, ICMP, IEEE 802.11, IEEE 802.15.4, IMAP, ISIS, LSP, iSNS, LAPSat, MIH, MySQL, NBAP, NBIFOM, PacketBB, PEEKREMOTE, RPCoRDMA, RTPproxy, SCCP, SIGCOMP, SLSK, SSH, SSL, T.30, TAPA, UA3G, WASSP, WBXML, WLCCP, WSP, and ZigBee ZCL IAS.
版本下載:Wireshark 2.2.6 (64-bit)
Wireshark 2.2.5 (32-bit)
更新細節:
# Vulnerabilities fixed:
- LDSS dissector crash.
- RTMTP dissector infinite loop.
- WSP dissector infinite loop.
- STANAG 4607 file parser infinite loop.
- NetScaler file parser infinite loop.
- NetScaler file parser crash.
- K12 file parser crash.
- IAX2 dissector infinite loop.
- NetScaler file parser infinite loop.
# Bugs fixed:
- Display filter textbox loses focus during live capturing.
- Wireshark crashes when saving pcaps, opening pcaps, and exporting specified packets.
- tshark stalls on FreeBSD if androiddump is present.
- UTF-8 characters in packet list column title.
- Recent capture file list should appear immediately on startup.
- editcap segfault if a packet length is shorter than ignore bytes parameter.
- dftest segfault with automated build of 2.2.5.
- UMTS MAC Dissector shows Packet size limited for BCCH payload.
- VS2010 win32 ????.
- EAP AKA not being decoded properly.
- Dumpcap crashes during rpcap setup.
- Crash on closing SNMP capture file if snmp credentials are present.
- GPRS-NS message PDU type displayed in octal instead of hexadecimal.
版本下載:Wireshark 2.2.5 (32-bit)
Wireshark 2.2.5 (64-bit)
更新細節:
# Vulnerabilities fixed:
- LDSS dissector crash.
- RTMTP dissector infinite loop.
- WSP dissector infinite loop.
- STANAG 4607 file parser infinite loop.
- NetScaler file parser infinite loop.
- NetScaler file parser crash.
- K12 file parser crash.
- IAX2 dissector infinite loop.
- NetScaler file parser infinite loop.
# Bugs fixed:
- Display filter textbox loses focus during live capturing.
- Wireshark crashes when saving pcaps, opening pcaps, and exporting specified packets.
- tshark stalls on FreeBSD if androiddump is present.
- UTF-8 characters in packet list column title.
- Recent capture file list should appear immediately on startup.
- editcap segfault if a packet length is shorter than ignore bytes parameter.
- dftest segfault with automated build of 2.2.5.
- UMTS MAC Dissector shows Packet size limited for BCCH payload.
- VS2010 win32 ????.
- EAP AKA not being decoded properly.
- Dumpcap crashes during rpcap setup.
- Crash on closing SNMP capture file if snmp credentials are present.
- GPRS-NS message PDU type displayed in octal instead of hexadecimal.
版本下載:Wireshark 2.2.5 (64-bit)
Wireshark 2.2.4 (64-bit)
更新細節:
# Vulnerabilities fixed:
- The ASTERIX dissector could go into an infinite loop.
- The DHCPv6 dissector could go into a large loop.
# Bugs fixes:
- TCP reassembly: tcp.reassembled_in is not set in first packet.
- Duplicated Interfaces instances while refreshing.
- Time zone name needs to be converted to UTF-8 on Windows.
- Crash on fast local interface changes.
- Please align columns in tshark’s output.
- Display data rate fields for VHT rates invalid with BCC modulation.
- plugin_if_get_ws_info causes Access Violation if called during rescan.
- SMTP BDAT dissector not reverting to command-code after DATA.
- Wireshark fails to recognize V6 DBS Etherwatch capture files.
- Runtime Error when try to merge .pcap files (Wireshark crashes).
- PPP BCP BPDU size reports not header size, but all data underneath and its header size in UI.
- In-line UDP checksum bytes in 6LoWPAN IPHC are swapped.
- Uninitialized memcmp on data in daintree-sna.c.
- Crash when dissect WDBRPC Version 2 protocol with Dissect unknown program numbers enabled.
- Contents/Resources/bin directory isn’t in the app bundle after installation.
- Regression: IEEE17221 (AVDECC) decoded as IEEE1722 (AVB Transportation Protocol).
- Can’t decode packets captured with OpenBSD enc(4) encapsulating.
- UDLD flags are at other end of octet.
- MS-WSP dissector no longer works since commit 8c2fa5b5cf789e6d0d19cd0dd34479d0203d177a.
- TBCD string decoded wrongly in MAP ATI message.
- Filter Documentation: The tilde (~) operator is not documented.
- VoIP Flow Sequence Causes Application Crash.
版本下載:Wireshark 2.2.4 (64-bit)
Wireshark 2.2.4 (32-bit)
更新細節:
# Vulnerabilities fixed:
- The ASTERIX dissector could go into an infinite loop.
- The DHCPv6 dissector could go into a large loop.
# Bugs fixes:
- TCP reassembly: tcp.reassembled_in is not set in first packet.
- Duplicated Interfaces instances while refreshing.
- Time zone name needs to be converted to UTF-8 on Windows.
- Crash on fast local interface changes.
- Please align columns in tshark’s output.
- Display data rate fields for VHT rates invalid with BCC modulation.
- plugin_if_get_ws_info causes Access Violation if called during rescan.
- SMTP BDAT dissector not reverting to command-code after DATA.
- Wireshark fails to recognize V6 DBS Etherwatch capture files.
- Runtime Error when try to merge .pcap files (Wireshark crashes).
- PPP BCP BPDU size reports not header size, but all data underneath and its header size in UI.
- In-line UDP checksum bytes in 6LoWPAN IPHC are swapped.
- Uninitialized memcmp on data in daintree-sna.c.
- Crash when dissect WDBRPC Version 2 protocol with Dissect unknown program numbers enabled.
- Contents/Resources/bin directory isn’t in the app bundle after installation.
- Regression: IEEE17221 (AVDECC) decoded as IEEE1722 (AVB Transportation Protocol).
- Can’t decode packets captured with OpenBSD enc(4) encapsulating.
- UDLD flags are at other end of octet.
- MS-WSP dissector no longer works since commit 8c2fa5b5cf789e6d0d19cd0dd34479d0203d177a.
- TBCD string decoded wrongly in MAP ATI message.
- Filter Documentation: The tilde (~) operator is not documented.
- VoIP Flow Sequence Causes Application Crash.
版本下載:Wireshark 2.2.4 (32-bit)
Wireshark 2.2.3 (32-bit)
更新細節:
# The following bugs have been fixed:
* Saving all exported objects (SMB/SMB2) results in out of physical memory.
* Export HTTP Objects - Single file shows as multiple files in 2.0.2.
* Follow Stream and graph buttons remain greyed out in conversation window.
* Dicom list of tags in element of VR=AT not properly decoded.
* Malformed Packet: BGP Update (withdraw) message.
* Install fail on macOS Sierra (error PKInstallErrorDomain Code=112).
* GTP: "Create PDP Context response" message shows back-off timer as malformed when included in the response.
* ICMP dissector fails to properly detect timestamps.
* RLC misdissection.
* Text2pcap on Windows produces corrupt output when writing the capture file to the standard output.
* HTML escaping of quotes in error message.
* TShark doesn’t respect protocols.display_hidden_proto_items setting.
* RPC/RDMA dissector should exit when frame is not RPC-over-RDMA.
* Some RPC-over-RDMA frames are not recognized as RPC-over-RDMA.
* RPC-over-RDMA frames with chunk lists are "Malformed".
* TShark fails to pass RPC-over-RDMA frames to RPC subdissector.
* Adding a DOF DPS Identity Secret, session Key, or Mode Template causes Wireshark to crash.
* Wireshark shows "MS Video Source Request" in a RTCP packet as "Malformed".
版本下載:Wireshark 2.2.3 (32-bit)
Wireshark 2.2.2 (32-bit)
更新細節:
# Vulnerabilities fixed:
- Profinet I/O long loop.
- AllJoyn crash.
- OpenFlow crash.
- DCERPC crash.
- DTN infinite loop.
# Bug Fixex:
- TCP: nextseq incorrect if TCP_MAX_UNACKED_SEGMENTS exceeded & FIN true.
- SMPP schedule_delivery_time displayed wrong in Wireshark 2.1.0.
- Upgrading to latest version uninstalls Microsoft Visual C++ redistributable.
- dmg for OS X does not install man pages.
- Fails to compile against Heimdal 1.5.3.
- TCP: Next sequence number off by one when sending payload in SYN packet (e.g. TFO).
- Follow TCP Stream shows duplicate stream data.
- Dissection engine falsely asserts that EIGRP packet’s checksum is incorrect.
- IEEE 802.15.4 frames erroneously handed over to ZigBee dissector.
- Capture Filter Bookmark Inactive in Capture Options page.
- CLNP dissector does not parse ER NPDU properly.
- SNMP trap bindings for NON scalar OIDs.
- BGP LS Link Protection Type TLV (1093) decoding.
- Application crash sorting column for tcp.window_size_scalefactor up and down.
- ZigBee Green Power add key during execution.
- Malformed AMPQ packets for session.expected and session.confirmed fields.
- Wireshark 2.2.1 crashes when attempting to merge pcap files.
- [IS-637A] SMS - Teleservice layer parameter -? IA5 encoded text is not correctly displayed.
- Failure to dissect USB Audio feature unit descriptors missing the iFeature field.
- MSISDN not populated/decoded in JSON GTP-C decoding.
- E212: 3 digits MNC are identified as 2 digits long if they end with a 0.
- Exception with last unknown Cisco AVP available in a SCCRQ message.
- TShark stalls on FreeBSD if androiddump is present.
- Dissector skips DICOM command.
- UUID (FT_GUID) filtering isn’t working.
- Manufacturer name resolution fail.
- packet-sdp.c allocates transport_info?encoding_name from wrong memory pool.
- Payload type name for dynamic payload is wrong for reverse RTP channels.
版本下載:Wireshark 2.2.2 (32-bit)
Wireshark 2.2.1 (32-bit)
更新細節:
# The following bugs have been fixed:
* Flow Graph colored data arrows.
* Capture File Properties under Statistics Grayed Out after Stopping a Capture.
* Qt: Hidden columns displayed during live capture.
* Unable to save changes to coloring rules.
* Bad description for NBSS error code 0x81.
* Live capture from USBPcap fails immediately.
* Cannot decrypt EAP-TTLS traffic (not recognized as conversation).
* Export packet dissections Option disabled after capturing traffic.
* Failure to open file named with Chinese or other multibyte characters.
* k12 text file format causes errors.
* File | File Set | List Files dialog is blank.
* Decoding/Display of an INAP CONNECT message goes wrong for the Destination Routing Address part.
* TLS padding extension dissector length parsing bug.
* Diameter dictionary bugs.
* File open from menu bar with filter in place causes Wireshark to crash.
* Unable to capture USBPcap trace using tshark with extcap built.
* P1 dissector fails a TVB assertion.
* Multiple PortableApps instances can once again be run at the same time.
版本下載:Wireshark 2.2.1 (32-bit)
Wireshark 2.2.0 (32-bit)
更新細節:
# Bug Fixes
- Upgrading to latest version uninstalls Microsoft Visual C++ redistributable.
- Extcap errors not reported back to UI.
# New and Updated Features
- "Decode As" supports SSL (TLS) over TCP.
- Invalid coloring rules are now disabled instead of discarded.
- Added -d option for Decode As support in Wireshark (mimics TShark functionality)
- The Qt UI, GTK+ UI, and TShark can now export packets as JSON. TShark can additionally export packets as Elasticsearch-compatible JSON.
- The Qt UI now supports the -j, -J, and -l flags. The -m flag is now deprecated.
- The Conversations and Endpoints dialogs are more responsive when viewing large numbers of items.
- The RTP player now allows up to 30 minutes of silence frames.
- Packet bytes can now be displayed as EBCDIC.
- The Qt UI loads captures faster on Windows.
- proto_tree_add_checksum was added as an API. This attempts to standardize how checksums are reported and filtered for within *Shark. There are no more individual "good" and "bad" filter fields, protocols now have a "checksum.status" field that records "Good", "Bad" and "Unverified" (neither good or bad). Color filters provided with Wireshark have been adjusted to the new display filter names, but custom ones may need to be updated.
- The intelligent scroll bar now sits to the left of a normal scroll bar and provides a clickable map of nearby packets.
- You can now switch between between Capture and File Format dissection of the current capture file via the View menu in the Qt GUI.
- You can now show selected packet bytes as ASCII, HTML, Image, ISO 8859-1, Raw, UTF-8, a C array, or YAML.
- You can now use regular expressions in Find Packet and in the advanced preferences.
- Name resolution for packet capture now supports asynchronous DNS lookups only. Therefore the "concurrent DNS resolution" preference has been deprecated and is a no-op. To enable DNS name resolution some build dependencies must be present (currently c-ares). If that is not the case DNS name resolution will be disabled (but other name resolution mechanisms, such as host files, are still available).
- The byte under the mouse in the Packet Bytes pane is now highlighted.
- TShark supports exporting PDUs via the -U flag.
- The Windows and OS X installers now come with the "sshdump" and "ciscodump" extcap interfaces.
- Most dialogs in the Qt UI now save their size and positions.
- The Follow Stream dialog now supports UTF-16.
- The Firewall ACL Rules dialog has returned.
- The Flow (Sequence) Analysis dialog has been improved.
- We no longer provide packages for 32-bit versions of OS X.
- The Bluetooth Device details dialog has been added.
# New Protocol Support
- Apache Cassandra - CQL version 3.0, Bachmann bluecom Protocol, Bluetooth Pseudoheader for BR/EDR, Cisco ERSPAN3 Marker, Cisco ttag, Digital Equipment Corporation Local Area Transport, Distributed Object Framework, DOCSIS Upstream Channel Descriptor Type 35, Edge Control Protocol (ECP), Encrypted UDP based FTP with multicast, Ericsson IPOS Kernel Packet Header (IPOS), Extensible Control & Management Protocol (eCMP), FLEXRAY Protocol (automotive bus), IEEE 802.1BR E-Tag, Intel Omni-Path Architecture, ISO 8583-1, ISO14443, ITU-T G.7041/Y.1303 Generic Framing Procedure (GFP), LAT protocol (DECNET), Metamako trailers, Network Service Header for Ethernet & GRE, Network-Based IP Flow Mobility (NBIFOM), Nokia Intelligent Service Interface (ISI), Open Mobile Alliance Lightweight Machine to Machine TLV (LwM2M TLV), Real Time Location System (RTLS), RTI TCP Transport Layer (RTITCP), SMB Witness Service, STANAG 5602 SIMPLE, Standard Interface for Multiple Platform Link Evaluation (SIMPLE), USB3 Vision Protocol (USB machine vision cameras), USBIP Protocol, UserLog Protocol, and Zigbee Protocol Clusters (Closures Lighting General Measurement & Sensing HVAC Security & Safety)
版本下載:Wireshark 2.2.0 (32-bit)
Wireshark 2.2.0 (32-bit) RC2
更新細節:
# Bug Fixes
* Upgrading to latest version uninstalls Microsoft Visual C++ redistributable.
* Extcap errors not reported back to UI.
# New and Updated Features
- "Decode As" supports SSL (TLS) over TCP.
版本下載:Wireshark 2.2.0 (32-bit) RC2
Wireshark 2.2.0 (32-bit) RC1
Wireshark 2.0.5 (32-bit)
更新細節:
# The following bugs have been fixed:
- T30 FCF byte decoding masks DTC, CIG and NCS.
- TShark crashes with option "-z io,stat,…" in the presence of negative relative packet timestamps.
- Packet size limited during capture msg is repeated in the Info column.
- Wireshark loses windows decorations on second screen when restarting maximized using GNOME.
- Cannot launch GTK+ version of wireshark as a normal user.
- Restart current capture fails with "no interface selected" error when capturing in promiscuous mode.
- Add field completion suggestions when adding a Display filter or Y Field to the IO Graph.
- Wireshark Qt always indicates locale as "C".
- Wireshark crashes every time open Statistics ? Conversations | Endpoints.
- Find function within the conversations window does not work.
- Invalid values for USB SET_REQUEST packets.
- Display filter dropdown hides cursor.
- Filter for field name tcp.options.wscale.multiplier cannot exceed 255.
- Ctrl+ shortcuts that are not text-related do not work when focus is on display filter field.
- Closing Statistics window results in black screen.
- OSPF: Incorrect description of N/P-bit in NSSA LSA.
- Inconsistent VHT data rate.
- DCE/RPC malformed error when stub-data is missing but a sub-dissector has been registered.
- Wireshark is marking BGP FlowSpec NLRI as malformed if NLRI length is larger than 239 bytes.
- "Edit Resolved Name" is not saved in current pcapng file.
- MPTCP: MP_JOIN B bit not decoded correctly.
- MPTCP MP_PRIO header with AddrID: incorrect AddrID.
版本下載:Wireshark 2.0.5 (32-bit)
Wireshark 2.1.1 (32-bit) Beta
更新細節:
# New and Updated Features
- Added -d option for Decode As support in Wireshark (mimics TShark functionality)
- The Qt UI, GTK+ UI, and TShark can now export packets as JSON. TShark can additionally export packets as Elasticsearch-compatible JSON.
- The Qt UI now supports the -j, -J, and -l flags. The -m flag is now deprecated.
- The Conversations and Endpoints dialogs are more responsive when viewing large numbers of items.
- The RTP player now allows up to 30 minutes of silence frames.
- Packet bytes can now be displayed as EBCDIC.
- The Qt UI loads captures faster on Windows.
版本下載:Wireshark 2.1.1 (32-bit) Beta
Wireshark 2.1.0 (32-bit) Beta
更新細節:
# New and Updated Features
- You can now switch between between Capture and File Format dissection of the current capture file via the View menu in the Qt GUI.
- You can now show selected packet bytes as ASCII, HTML, Image, ISO 8859-1, Raw, UTF-8, a C array, or YAML.
- You can now use regular expressions in Find Packet and in the advanced preferences.
- Name resolution for packet capture now supports asynchronous DNS lookups only. Therefore the "concurrent DNS resolution" preference has been deprecated and is a no-op. To enable DNS name resolution some build dependencies must be present (currently c-ares). If that is not the case DNS name resolution will be disabled (but other name resolution mechanisms, such as host files, are still available).
- The byte under the mouse in the Packet Bytes pane is now highlighted.
- TShark supports exporting PDUs via the -U flag.
- The Windows and OS X installers now come with the "sshdump" and "ciscodump" extcap interfaces.
- Most dialogs in the Qt UI now save their size and positions.
- The Follow Stream dialog now supports UTF-16.
- The Firewall ACL Rules dialog has returned.
* New File Format Decoding Support
* New Protocol Support
* Updated Protocol Support: Bluetooth OBEX dissector (btobex) was renamed to Obex Dissector (obex), allow to DecodeAs it over USB, TCP and UDP. A preference was added to TCP dissector for handling IPFIX process information. It has been disabled by default.
* New and Updated Capture File Support and Micropross mplog
* New and Updated Capture Interfaces support: Non-empty section placeholder.
* Major API Changes
- The libwireshark API has undergone some major changes: The address macros (e.g., SET_ADDRESS) have been removed. Use the (lower case) functions of the same names instead. "old style" dissector functions (that don’t return number of bytes used) have been replaced in name with the "new style" dissector functions. tvb_get_string and tvb_get_stringz have been replaced with tvb_get_string_enc and tvb_get_stringz_enc respectively.
* Getting Wireshark: Wireshark source code and installation packages are available from https://www.wireshark.org/download.html.
* Vendor-supplied Packages: Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.
* File Locations: Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system.
* Getting Help: Community support is available on Wireshark’s Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark’s mailing lists can be found on the web site. Official Wireshark training and certification are available from Wireshark University.
* Frequently Asked Questions: A complete FAQ is available on the Wireshark web site.
版本下載:Wireshark 2.1.0 (32-bit) Beta