Wireshark-dev: [Wireshark-dev] Wireshark 2.2.0rc2 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 31 Aug 2016 12:44:19 -0700
I'm proud to announce the release of Wireshark 2.2.0rc2. This is the first release candidate for Wireshark 2.2.0. __________________________________________________________________ What is Wireshark? Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education. __________________________________________________________________ What's New Bug Fixes * Upgrading to latest version uninstalls Microsoft Visual C++ redistributable. ([1]Bug 12712) * Extcap errors not reported back to UI. ([2]Bug 11892) New and Updated Features The following features are new (or have been significantly updated) since version 2.2.0rc1: * "Decode As" supports SSL (TLS) over TCP. The following features are new (or have been significantly updated) since version 2.1.1: * Invalid coloring rules are now disabled instead of discarded. This will provide backward compatibility with a coloring rule change in Wireshark 2.2. The following features are new (or have been significantly updated) since version 2.1.0: * Added -d option for Decode As support in Wireshark (mimics TShark functionality) * The Qt UI, GTK+ UI, and TShark can now export packets as JSON. TShark can additionally export packets as Elasticsearch-compatible JSON. * The Qt UI now supports the -j, -J, and -l flags. The -m flag is now deprecated. * The Conversations and Endpoints dialogs are more responsive when viewing large numbers of items. * The RTP player now allows up to 30 minutes of silence frames. * Packet bytes can now be displayed as EBCDIC. * The Qt UI loads captures faster on Windows. * proto_tree_add_checksum was added as an API. This attempts to standardize how checksums are reported and filtered for within *Shark. There are no more individual "good" and "bad" filter fields, protocols now have a "checksum.status" field that records "Good", "Bad" and "Unverified" (neither good or bad). Color filters provided with Wireshark have been adjusted to the new display filter names, but custom ones may need to be updated. The following features are new (or have been significantly updated) since version 2.0.0: * The intelligent scroll bar now sits to the left of a normal scroll bar and provides a clickable map of nearby packets. * You can now switch between between Capture and File Format dissection of the current capture file via the View menu in the Qt GUI. * You can now show selected packet bytes as ASCII, HTML, Image, ISO 8859-1, Raw, UTF-8, a C array, or YAML. * You can now use regular expressions in Find Packet and in the advanced preferences. * Name resolution for packet capture now supports asynchronous DNS lookups only. Therefore the "concurrent DNS resolution" preference has been deprecated and is a no-op. To enable DNS name resolution some build dependencies must be present (currently c-ares). If that is not the case DNS name resolution will be disabled (but other name resolution mechanisms, such as host files, are still available). * The byte under the mouse in the Packet Bytes pane is now highlighted. * TShark supports exporting PDUs via the -U flag. * The Windows and OS X installers now come with the "sshdump" and "ciscodump" extcap interfaces. * Most dialogs in the Qt UI now save their size and positions. * The Follow Stream dialog now supports UTF-16. * The Firewall ACL Rules dialog has returned. * The Flow (Sequence) Analysis dialog has been improved. * We no longer provide packages for 32-bit versions of OS X. * The Bluetooth Device details dialog has been added. New File Format Decoding Support Wireshark is able to display the format of some types of files (rather than displaying the contents of those files). This is useful when you're curious about, or debugging, a file and its format. To open a capture file (such as PCAP) in this mode specify "MIME Files Format" as the file's format in the Open File dialog. New Protocol Support Apache Cassandra - CQL version 3.0, Bachmann bluecom Protocol, Bluetooth Pseudoheader for BR/EDR, Cisco ERSPAN3 Marker, Cisco ttag, Digital Equipment Corporation Local Area Transport, Distributed Object Framework, DOCSIS Upstream Channel Descriptor Type 35, Edge Control Protocol (ECP), Encrypted UDP based FTP with multicast, Ericsson IPOS Kernel Packet Header (IPOS), Extensible Control & Management Protocol (eCMP), FLEXRAY Protocol (automotive bus), IEEE 802.1BR E-Tag, Intel Omni-Path Architecture, ISO 8583-1, ISO14443, ITU-T G.7041/Y.1303 Generic Framing Procedure (GFP), LAT protocol (DECNET), Metamako trailers, Network Service Header for Ethernet & GRE, Network-Based IP Flow Mobility (NBIFOM), Nokia Intelligent Service Interface (ISI), Open Mobile Alliance Lightweight Machine to Machine TLV (LwM2M TLV), Real Time Location System (RTLS), RTI TCP Transport Layer (RTITCP), SMB Witness Service, STANAG 5602 SIMPLE, Standard Interface for Multiple Platform Link Evaluation (SIMPLE), USB3 Vision Protocol (USB machine vision cameras), USBIP Protocol, UserLog Protocol, and Zigbee Protocol Clusters (Closures Lighting General Measurement & Sensing HVAC Security & Safety) Updated Protocol Support Bluetooth OBEX dissector (btobex) was renamed to Obex Dissector (obex), which allows it to be used with "Decode As" over USB, TCP and UDP. A preference was added to TCP dissector for handling IPFIX process information. It has been disabled by default. New and Updated Capture File Support Micropross mplog New and Updated Capture Interfaces support Non-empty section placeholder. Major API Changes The libwireshark API has undergone some major changes: * The address macros (e.g., SET_ADDRESS) have been removed. Use the (lower case) functions of the same names instead. * "old style" dissector functions (that don't return number of bytes used) have been replaced in name with the "new style" dissector functions. * tvb_get_string and tvb_get_stringz have been replaced with tvb_get_string_enc and tvb_get_stringz_enc respectively. __________________________________________________________________ Getting Wireshark Wireshark source code and installation packages are available from [3]https://www.wireshark.org/download.html. Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the [4]download page on the Wireshark web site. __________________________________________________________________ File Locations Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About->Folders to find the default locations on your system. __________________________________________________________________ Known Problems Dumpcap might not quit if Wireshark or TShark crashes. ([5]Bug 1419) The BER dissector might infinitely loop. ([6]Bug 1516) Capture filters aren't applied when capturing from named pipes. ([7]Bug 1814) Filtering tshark captures with read filters (-R) no longer works. ([8]Bug 2234) Application crash when changing real-time option. ([9]Bug 4035) Packet list rows are oversized. ([10]Bug 4357) Wireshark and TShark will display incorrect delta times in some cases. ([11]Bug 4985) Wireshark should let you work with multiple capture files. ([12]Bug 10488) Dell Backup and Recovery (DBAR) makes many Windows applications crash, including Wireshark. ([13]Bug 12036) __________________________________________________________________ Getting Help Community support is available on [14]Wireshark's Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on [15]the web site. Official Wireshark training and certification are available from [16]Wireshark University. __________________________________________________________________ Frequently Asked Questions A complete FAQ is available on the [17]Wireshark web site. __________________________________________________________________ Last updated 2016-08-31 19:28:40 UTC References 1. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12712 2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11892 3. https://www.wireshark.org/download.html 4. https://www.wireshark.org/download.html#thirdparty 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488 13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12036 14. https://ask.wireshark.org/ 15. https://www.wireshark.org/lists/ 16. http://www.wiresharktraining.com/ 17. https://www.wireshark.org/faq.html Digests wireshark-2.2.0rc2.tar.bz2: 32109255 bytes SHA256(wireshark-2.2.0rc2.tar.bz2)=a508f23ccab41261a3b3426e642b5a2a9ad83731bedca3a520fe7ea399839bf8 RIPEMD160(wireshark-2.2.0rc2.tar.bz2)=3be9dd4da2927398616791f5ae6538331729b94e SHA1(wireshark-2.2.0rc2.tar.bz2)=044636ceabb611fb29ad0ed8295073eca8d972bd MD5(wireshark-2.2.0rc2.tar.bz2)=8ab118868e1da3bb91159c8c026afb8e Wireshark-win64-2.2.0rc2.exe: 48512248 bytes SHA256(Wireshark-win64-2.2.0rc2.exe)=0d0b21e9087c102cf98f8399100af115aff17b307a40fda1aa02fac83a42f8f4 RIPEMD160(Wireshark-win64-2.2.0rc2.exe)=40d2c0f68c1950483690084296f7c4073e0a7916 SHA1(Wireshark-win64-2.2.0rc2.exe)=711e83e61b4ae6cfc3abd58132114d6f2a6d4722 MD5(Wireshark-win64-2.2.0rc2.exe)=e18662a49a307b094ad851f21363b76f Wireshark-win32-2.2.0rc2.exe: 44806336 bytes SHA256(Wireshark-win32-2.2.0rc2.exe)=884ab19a1432c28b60256e048586f49e1caf20e33c631c6771fab147dbc87273 RIPEMD160(Wireshark-win32-2.2.0rc2.exe)=6193752f6231d801220743af2f8a6ccae7d7a736 SHA1(Wireshark-win32-2.2.0rc2.exe)=a22c0004920f7ec1fbe377c0581c7c64e7e787d7 MD5(Wireshark-win32-2.2.0rc2.exe)=ef4c85650b878a2da2502a4dca93ebcf WiresharkPortable_2.2.0rc2.paf.exe: 46435360 bytes SHA256(WiresharkPortable_2.2.0rc2.paf.exe)=ff584b214df9b9d462fbaf67df843c687d4dd093a4760dbbc24f838dd76f321c RIPEMD160(WiresharkPortable_2.2.0rc2.paf.exe)=5e64e64d8f8b8efcdeec066ebe0e33989a0919bf SHA1(WiresharkPortable_2.2.0rc2.paf.exe)=8c9c2f4456d10367b4927a6a254e81227099becd MD5(WiresharkPortable_2.2.0rc2.paf.exe)=c12b791fb82801f0b386effefb254267 Wireshark 2.2.0rc2 Intel 64.dmg: 32685118 bytes SHA256(Wireshark 2.2.0rc2 Intel 64.dmg)=df87a3dc43f0cab429aeaacacb3251eb608b1267a6927fcbca22c00a99144eba RIPEMD160(Wireshark 2.2.0rc2 Intel 64.dmg)=19420bbffefcaabbf4db6944d44a62fa383d4da6 SHA1(Wireshark 2.2.0rc2 Intel 64.dmg)=a42131ff56554c78bd23592f73b547dac330c3a3 MD5(Wireshark 2.2.0rc2 Intel 64.dmg)=e9e9213c1745c860e761520ea629bc05
Attachment:
signature.asc
Description: OpenPGP digital signature
- Prev by Date: Re: [Wireshark-dev] Problems compiling wireshark 2.0.5 on Amazon Linux AMI
- Next by Date: [Wireshark-dev] Has anyone created an XDR to Dissector tool?
- Previous by thread: Re: [Wireshark-dev] Problems compiling wireshark 2.0.5 on Amazon Linux AMI
- Next by thread: [Wireshark-dev] Has anyone created an XDR to Dissector tool?
- Index(es):