diff options
author | Gerald Combs <gerald@wireshark.org> | 2018-12-12 15:25:31 -0800 |
---|---|---|
committer | Gerald Combs <gerald@wireshark.org> | 2018-12-12 23:28:51 +0000 |
commit | f4238cd2668665fc0de85a9af03dcccca3b4e3e4 (patch) | |
tree | 50f1c2ca0569cbda63235cc49b2f91b633258d5d /NEWS | |
parent | b415c6ede7c056b85502788cc4920d1dd9a9f585 (diff) |
Build 2.9.0.
Change-Id: Id2fb03127c3f4e371a11ba7788a5a3439bafc651
Reviewed-on: https://code.wireshark.org/review/31027
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 259 |
1 files changed, 118 insertions, 141 deletions
@@ -1,136 +1,120 @@ -Wireshark 2.5.1 Release Notes +Wireshark 2.9.0 Release Notes - This is a semi-experimental release intended to test new features - for Wireshark 2.6. + This is an experimental release intended to test new features for + Wireshark 3.0. What is Wireshark? - Wireshark is the world’s most popular network protocol analyzer. - It is used for troubleshooting, analysis, development and - education. + Wireshark is the world’s most popular network protocol analyzer. It is + used for troubleshooting, analysis, development and education. What’s New - Wireshark 2.6 is the last release that will support the legacy - (GTK+) user interface. It will not be supported or available in - Wireshark 3.0. + Many user interface improvements have been made. See the “New and + Updated Features” section below for more details. - Many user interface improvements have been made. See the “New - and Updated Features” section below for more details. + Bug Fixes - Dumpcap might not quit if Wireshark or TShark crashes. (Bug - 1419[1]) + The following bugs have been fixed: - New and Updated Features + Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419[1]) - The following features are new (or have been significantly - updated) since version 2.5.0: + New and Updated Features - • HTTP Referer statistics are now supported. + The following features are new (or have been significantly updated) + since version 2.6.0: - • Wireshark now supports MaxMind DB files. Support for GeoIP - and GeoLite Legacy databases has been removed. + • The Windows .exe installers now ship with Npcap instead of + WinPcap. - • The Windows packages are now built using Microsoft Visual - Studio 2017. + • Conversation timestamps are supported for UDP/UDP-Lite protocols - • The IP map feature (the “Map” button in the “Endpoints” - dialog) has been removed. + • TShark now supports the -G elastic-mapping option which generates + an ElasticSearch mapping file. - The following features are new (or have been significantly - updated) since version 2.4.0: + • The “Capture Information” dialog has been added back (Bug + 12004[2]). - • Display filter buttons can now be edited, disabled, and - removed via a context menu directly from the toolbar + • The Ethernet and IEEE 802.11 dissectors no longer validate the + frame check sequence (checksum) by default. - • Drag & Drop filter fields to the display filter toolbar or - edit to create a button on the fly or apply the filter as a - display filter. + • The TCP dissector gained a new “Reassemble out-of-order segments” + preference to fix dissection and decryption issues in case TCP + segments are received out-of-order. See the User’s Guide, chapter + TCP Reassembly for details. - • Application startup time has been reduced. + • Decryption support for the new WireGuard dissector (Bug 15011[3], + requires Libgcrypt 1.8). - • Some keyboard shortcut mix-ups have been resolved by - assigning new shortcuts to Edit → Copy methods. + • The BOOTP dissector has been renamed to DHCP. With the exception + of “bootp.dhcp”, the old “bootp.*” display filter fields are + still supported but may be removed in a future release. - • TShark now supports color using the --color option. + • The SSL dissector has been renamed to TLS. As with BOOTP the old + “ssl.*” display filter fields are supported but may be removed in + a future release. - • The "matches" display filter operator is now - case-insensitive. + • Coloring rules, IO graphs, Filter Buttons and protocol preference + tables can now be copied from other profiles using a button in + the corresponding configuration dialogs. - • Display expression (button) preferences have been converted - to a UAT. This puts the display expressions in their own - file. Wireshark still supports preference files that - contain the old preferences, but new preference files will - be written without the old fields. + • APT-X has been renamed to aptX. - • SMI private enterprise numbers are now read from the - "enterprises.tsv" configuration file. + • When importing from hex dump, it’s now possible to add an + ExportPDU header with a payload name. This calls the specific + dissector directly without lower protocols. - • The QUIC dissector has been renamed to Google QUIC (quic → - gquic). + • The sshdump and ciscodump extcap interfaces can now use a proxy + for the SSH connection. - • The selected packet number can now be shown in the Status - Bar by enabling Preferences → Appearance → Layout → Show - selected packet number. + • Dumpcap now supports the -a packets:NUM and -b packets:NUM + options. - • File load time in the Status Bar is now disabled by default - and can be enabled in Preferences → Appearance → Layout → - Show file load time. + • Wireshark now includes a “No Reassembly” configuration profile. - • Support for the G.729A codec in the RTP Player is now added - via the bcg729 library. + • Wireshark now supports the Russian language. - • Support for hardware-timestamping of packets has been - added. + • The build system now supports AppImage packages. - • Improved NetMon .cap support with comments, event tracing, - network filter, network info types and some Message - Analyzer exported types. + • The Windows installers now ship with Qt 5.12.0. Previously they + shipped with Qt 5.9.7. - • The personal plugins folder on Linux/Unix is now - ~/.local/lib/wireshark/plugins. + Removed Features and Support - • TShark can print flow graphs using -z flow… + • The legacy (GTK+) user interface has been removed and is no + longer supported. - • Capinfos now prints SHA256 hashes in addition to RIPEMD160 - and SHA1. MD5 output has been removed. + • Wireshark requires Qt 5.2 or later. Qt 4 is no longer supported. - • The packet editor has been removed. (This was a GTK+ only - experimental feature.) + • Wireshark requires GLib 2.32 or later. - • Support BBC micro:bit Bluetooth profile + • Building Wireshark requires CMake. Autotools is no longer + supported. - • The Linux and UNIX installation step for Wireshark will now - install headers required to build plugins. A pkg-config - file is provided to help with this (see doc/plugins.example - for details). Note you must still rebuild all plugins - between minor releases (X.Y). + • TShark’s -z compare option was removed. - • The Windows installers and packages now ship with Qt 5.9.4. + New File Format Decoding Support - • The generic data dissector can now uncompress zlib - compressed data. + Ruby Marshal format New Protocol Support - ActiveMQ Artemis Core Protocol, AMT (Automatic Multicast - Tunneling), Bluetooth Mesh, Broadcom tags (Broadcom Ethernet - switch management frames), CAN-ETH, CVS password server, - Excentis DOCSIS31 XRA header, F5ethtrailer, FP Mux, GRPC - (gRPC), IEEE 1905.1a, IEEE 802.11ax (High Efficiency WLAN - (HEW)), IEEE 802.15.9 IEEE Recommended Practice for Transport - of Key Management Protocol (KMP) Datagrams, IEEE 802.3br Frame - Preemption Protocol, ISOBUS, LoRaTap, LoRaWAN, Lustre - Filesystem, Lustre Network, Nano / RaiBlocks Cryptocurrency - Protocol (UDP), Network Functional Application Platform - Interface (NFAPI) Protocol, New Radio Radio Resource Control - protocol, NXP 802.15.4 Sniffer Protocol, PFCP (Packet - Forwarding Control Protocol), Protobuf (Protocol Buffers), QUIC - (IETF), RFC 4108 Using CMS to Protect Firmware Packages, - Session Multiplex Protocol, SolarEdge monitoring protocol, - Steam In-Home Streaming Discovery Protocol, Tibia, TWAMP and - OWAMP, Wi-Fi Device Provisioning Protocol, and Wi-SUN FAN - Protocol + Apple Wireless Direct Link (AWDL), BLIP Couchbase Mobile (BLIP), CDMA + 2000, Cisco Meraki Discovery Protocol (MDP), Distributed Ruby (DRb), + DXL, E1AP (5G), EVS (3GPP TS 26.445 A.2 EVS RTP), Exablaze trailers, + General Circuit Services Notification Application Protocol (GCSNA), + GLOW Lawo Emberplus Data format, GSM-R (User-to-User Information + Element usage), HI3CCLinkData, ISO 13400-2 Diagnostic communication + over Internet Protocol (DoIP), ITU-t X.696 Octet Encoding Rules + (OER), Local Number Portability Database Query Protocol (ANSI), + MsgPack, NGAP (5G), NR (5G) PDCP, Osmocom Generic Subscriber Update + Protocol (GSUP), PKCS#10 (RFC2986 Certification Request Syntax), + PROXY (v2), S101 Lawo Emberplus transport frame, Secure Reliable + Transport Protocol (SRT), Spirent Test Center Signature decoding for + Ethernet and FibreChannel (STCSIG, disabled by default), + Sybase-specific portions of TDS, systemd Journal Export, TeamSpeak 3 + DNS, TPM 2.0, Ubiquiti Discovery Protocol (UBDP), WireGuard, and XnAP + (5G) Updated Protocol Support @@ -138,78 +122,71 @@ Wireshark 2.5.1 Release Notes New and Updated Capture File Support - Microsoft Network Monitor + RFC 7468 (PEM), Ruby marshal object files, systemd Journal Export, + and Unigraf DPA-400 DisplayPort AUX channel monitor New and Updated Capture Interfaces support - LoRaTap + dpauxmon, an external capture interface (extcap) that captures + DisplayPort AUX channel data from linux kernel drivers. + + sdjournal, an extcap that captures systemd journal entries. + + Major API Changes + + • Lua: the various logging functions (debug, info, message, warn + and critical) have been removed. Use the print function instead + for debugging purposes. Getting Wireshark - Wireshark source code and installation packages are available - from https://www.wireshark.org/download.html[2]. + Wireshark source code and installation packages are available from + https://www.wireshark.org/download.html[4]. Vendor-supplied Packages - Most Linux and Unix vendors supply their own Wireshark - packages. You can usually install or upgrade Wireshark using - the package management system specific to that platform. A list - of third-party packages can be found on the download page[3] on - the Wireshark web site. + Most Linux and Unix vendors supply their own Wireshark packages. You + can usually install or upgrade Wireshark using the package management + system specific to that platform. A list of third-party packages can + be found on the download page[5] on the Wireshark web site. File Locations Wireshark and TShark look in several different locations for - preference files, plugins, SNMP MIBS, and RADIUS dictionaries. - These locations vary from platform to platform. You can use - About→Folders to find the default locations on your system. - - Known Problems + preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These + locations vary from platform to platform. You can use About→Folders to + find the default locations on your system. - The BER dissector might infinitely loop. (Bug 1516[4]) - - Capture filters aren’t applied when capturing from named pipes. - (Bug 1814[5]) - - Filtering tshark captures with read filters (-R) no longer - works. (Bug 2234[6]) - - Application crash when changing real-time option. (Bug 4035[7]) - - Wireshark and TShark will display incorrect delta times in some - cases. (Bug 4985[8]) + Getting Help - Wireshark should let you work with multiple capture files. (Bug - 10488[9]) + The User’s Guide, manual pages and various other documentation can be + found at https://www.wireshark.org/docs/[6] - Getting Help + Community support is available on Wireshark’s Q&A site[7] and on the + wireshark-users mailing list. Subscription information and archives + for all of Wireshark’s mailing lists can be found on the web site[8]. - Community support is available on Wireshark’s Q&A site[10] and - on the wireshark-users mailing list. Subscription information - and archives for all of Wireshark’s mailing lists can be found - on the web site[11]. + Bugs and feature requests can be reported on the bug tracker[9]. Official Wireshark training and certification are available from - Wireshark University[12]. + Wireshark University[10]. Frequently Asked Questions - A complete FAQ is available on the Wireshark web site[13]. + A complete FAQ is available on the Wireshark web site[11]. - Last updated 2018-03-13 19:13:27 UTC + Last updated 2018-12-12 23:05:55 UTC References - 1. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 - 2. https://www.wireshark.org/download.html - 3. https://www.wireshark.org/download.html#thirdparty - 4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 - 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 - 6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 - 7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 - 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 - 9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488 - 10. https://ask.wireshark.org/ - 11. https://www.wireshark.org/lists/ - 12. http://www.wiresharktraining.com/ - 13. https://www.wireshark.org/faq.html + 1. 1 + 2. 2 + 3. 3 + 4. 4 + 5. 5 + 6. 6 + 7. 7 + 8. 8 + 9. 9 + 10. 10 + 11. 11 |