Wireshark-dev: Re: [Wireshark-dev] Wireshark 2.2.0rc1 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Tue, 23 Aug 2016 11:07:13 -0700
Done: https://code.wireshark.org/review/#/c/17273/ On 8/23/16 3:26 AM, Roland Knall wrote: > Hi Gerald > > Could you mention the fix > for https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11892 in the > release notes - "extcap utilities keep running, after capture shut down". > > regards > Roland > > On Tue, Aug 23, 2016 at 12:49 AM, Gerald Combs <gerald@xxxxxxxxxxxxx > <mailto:gerald@xxxxxxxxxxxxx>> wrote: > > I'm proud to announce the release of Wireshark 2.2.0rc1. > > > This is the first release candidate for Wireshark 2.2.0. > __________________________________________________________________ > > What is Wireshark? > > Wireshark is the world's most popular network protocol analyzer. It is > used for troubleshooting, analysis, development and education. > __________________________________________________________________ > > What's New > > * Invalid coloring rules are now disabled instead of discarded. This > will provide backward compatibility with a coloring rule change in > Wireshark 2.2. > > Bug Fixes > > * Upgrading to latest version uninstalls Microsoft Visual C++ > redistributable. ([1]Bug 12712) > > New and Updated Features > > There have been no new or significantly updated features since version > 2.1.1. > > The following features are new (or have been significantly updated) > since version 2.1.0: > * Added -d option for Decode As support in Wireshark (mimics TShark > functionality) > * The Qt UI, GTK+ UI, and TShark can now export packets as JSON. > TShark can additionally export packets as Elasticsearch-compatible > JSON. > * The Qt UI now supports the -j, -J, and -l flags. The -m flag is now > deprecated. > * The Conversations and Endpoints dialogs are more responsive when > viewing large numbers of items. > * The RTP player now allows up to 30 minutes of silence frames. > * Packet bytes can now be displayed as EBCDIC. > * The Qt UI loads captures faster on Windows. > * proto_tree_add_checksum was added as an API. This attempts to > standardize how checksums are reported and filtered for within > *Shark. There are no more individual "good" and "bad" filter > fields, protocols now have a "checksum.status" field that records > "Good", "Bad" and "Unverified" (neither good or bad). Color filters > provided with Wireshark have been adjusted to the new display > filter names, but custom ones may need to be updated. > > The following features are new (or have been significantly updated) > since version 2.0.0: > * The intelligent scroll bar now sits to the left of a normal scroll > bar and provides a clickable map of nearby packets. > * You can now switch between between Capture and File Format > dissection of the current capture file via the View menu in the Qt > GUI. > * You can now show selected packet bytes as ASCII, HTML, Image, ISO > 8859-1, Raw, UTF-8, a C array, or YAML. > * You can now use regular expressions in Find Packet and in the > advanced preferences. > * Name resolution for packet capture now supports asynchronous DNS > lookups only. Therefore the "concurrent DNS resolution" preference > has been deprecated and is a no-op. To enable DNS name resolution > some build dependencies must be present (currently c-ares). If that > is not the case DNS name resolution will be disabled (but other > name resolution mechanisms, such as host files, are still > available). > * The byte under the mouse in the Packet Bytes pane is now > highlighted. > * TShark supports exporting PDUs via the -U flag. > * The Windows and OS X installers now come with the "sshdump" and > "ciscodump" extcap interfaces. > * Most dialogs in the Qt UI now save their size and positions. > * The Follow Stream dialog now supports UTF-16. > * The Firewall ACL Rules dialog has returned. > * The Flow (Sequence) Analysis dialog has been improved. > * We no longer provide packages for 32-bit versions of OS X. > * The Bluetooth Device details dialog has been added. > > New File Format Decoding Support > > Wireshark is able to display the format of some types of files (rather > than displaying the contents of those files). This is useful when > you're curious about, or debugging, a file and its format. To open a > capture file (such as PCAP) in this mode specify "MIME Files Format" as > the file's format in the Open File dialog. > > New Protocol Support > > Apache Cassandra - CQL version 3.0, Bachmann bluecom Protocol, > Bluetooth Pseudoheader for BR/EDR, CISCO ERSPAN3 Marker, Edge Control > Protocol (ECP), Encrypted UDP based FTP with multicast, Ericsson IPOS > Kernel Packet Header Dissector Added (IPOS), Extensible Control & > Management Protocol (eCMP), FLEXRAY Protocol dissector added > (automotive bus), IEEE 802.1BR E-Tag, ISO 8583-1, ISO14443, ITU-T > G.7041/Y.1303 Generic Framing Procedure (GFP), LAT protocol (DECNET), > Metamako trailers, Network-Based IP Flow Mobility (NBIFOM), Nokia > Intelligent Service Interface (ISI), Open Mobile Alliance Lightweight > Machine to Machine TLV payload Added (LwM2M TLV), Real Time Location > System (RTLS), RTI TCP Transport Layer (RTITCP), STANAG 5602 SIMPLE, > USB3 Vision Protocol (USB machine vision cameras), USBIP Protocol, > UserLog Protocol, and Zigbee Protocol Clusters Dissectors Added > (Closures Lighting General Measurement & Sensing HVAC Security & > Safety) > > Updated Protocol Support > > Bluetooth OBEX dissector (btobex) was renamed to Obex Dissector (obex), > allow to DecodeAs it over USB, TCP and UDP. > > A preference was added to TCP dissector for handling IPFIX process > information. It has been disabled by default. > > New and Updated Capture File Support > > Micropross mplog > > New and Updated Capture Interfaces support > > Non-empty section placeholder. > > Major API Changes > > The libwireshark API has undergone some major changes: > * The address macros (e.g., SET_ADDRESS) have been removed. Use the > (lower case) functions of the same names instead. > * "old style" dissector functions (that don't return number of bytes > used) have been replaced in name with the "new style" dissector > functions. > * tvb_get_string and tvb_get_stringz have been replaced with > tvb_get_string_enc and tvb_get_stringz_enc respectively. > __________________________________________________________________ > > Getting Wireshark > > Wireshark source code and installation packages are available from > [2]https://www.wireshark.org/download.html > <https://www.wireshark.org/download.html>. > > Vendor-supplied Packages > > Most Linux and Unix vendors supply their own Wireshark packages. You > can usually install or upgrade Wireshark using the package management > system specific to that platform. A list of third-party packages can be > found on the [3]download page on the Wireshark web site. > __________________________________________________________________ > > File Locations > > Wireshark and TShark look in several different locations for preference > files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations > vary from platform to platform. You can use About->Folders to find the > default locations on your system. > __________________________________________________________________ > > Known Problems > > Dumpcap might not quit if Wireshark or TShark crashes. ([4]Bug 1419) > > The BER dissector might infinitely loop. ([5]Bug 1516) > > Capture filters aren't applied when capturing from named pipes. ([6]Bug > 1814) > > Filtering tshark captures with read filters (-R) no longer works. > ([7]Bug 2234) > > Application crash when changing real-time option. ([8]Bug 4035) > > Packet list rows are oversized. ([9]Bug 4357) > > Wireshark and TShark will display incorrect delta times in some cases. > ([10]Bug 4985) > > Wireshark should let you work with multiple capture files. ([11]Bug > 10488) > > Dell Backup and Recovery (DBAR) makes many Windows applications crash, > including Wireshark. ([12]Bug 12036) > __________________________________________________________________ > > Getting Help > > Community support is available on [13]Wireshark's Q&A site and on the > wireshark-users mailing list. Subscription information and archives for > all of Wireshark's mailing lists can be found on [14]the web site. > > Official Wireshark training and certification are available from > [15]Wireshark University. > __________________________________________________________________ > > Frequently Asked Questions > > A complete FAQ is available on the [16]Wireshark web site. > __________________________________________________________________ > > Last updated 2016-08-22 22:36:11 UTC > > References > > 1. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12712 > <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12712> > 2. https://www.wireshark.org/download.html > <https://www.wireshark.org/download.html> > 3. https://www.wireshark.org/download.html#thirdparty > <https://www.wireshark.org/download.html#thirdparty> > 4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 > <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419> > 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 > <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516> > 6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 > <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814> > 7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 > <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234> > 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 > <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035> > 9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357 > <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357> > 10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 > <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985> > 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488 > <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488> > 12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12036 > <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12036> > 13. https://ask.wireshark.org/ > 14. https://www.wireshark.org/lists/ <https://www.wireshark.org/lists/> > 15. http://www.wiresharktraining.com/ <http://www.wiresharktraining.com/> > 16. https://www.wireshark.org/faq.html > <https://www.wireshark.org/faq.html> > > > Digests > > wireshark-2.2.0rc1.tar.bz2: 32130789 bytes > SHA256(wireshark-2.2.0rc1.tar.bz2)=af5475523e050d2c207d356788ed633fd26a0c35b9198195c7d3a60aaa6f3dc4 > RIPEMD160(wireshark-2.2.0rc1.tar.bz2)=5fed5880fdf9bdaa87752ff0c9bb4a6ccb6e8d4e > SHA1(wireshark-2.2.0rc1.tar.bz2)=29019d95e04cd4ef251859f0ffe545e85b295463 > MD5(wireshark-2.2.0rc1.tar.bz2)=35b368760cef1bb5d57ee3d9cd42dbae > > Wireshark-win32-2.2.0rc1.exe: 44800176 bytes > SHA256(Wireshark-win32-2.2.0rc1.exe)=b2cc8dea20b2ea08779e6a518d76cacaa59cf14e2e2bb7011a8a2938de4c40ac > RIPEMD160(Wireshark-win32-2.2.0rc1.exe)=e4a20b2a06e6ce823928d4d57e4c3c4ad0b24c0f > SHA1(Wireshark-win32-2.2.0rc1.exe)=c8269f84f3c698106f3c56e21796d83cc364d1b8 > MD5(Wireshark-win32-2.2.0rc1.exe)=39a718737437df6520612c3aac71643e > > Wireshark-win64-2.2.0rc1.exe: 48520312 bytes > SHA256(Wireshark-win64-2.2.0rc1.exe)=1b0482e42be6abcd7ecc27657d76016b1dfdaa00490b31bd4b996b3ac6dba9c4 > RIPEMD160(Wireshark-win64-2.2.0rc1.exe)=2affb413e32a2ca091b38f2e4d03038de2ccbee1 > SHA1(Wireshark-win64-2.2.0rc1.exe)=279a8c87c2805f38083181577a22cb01ee775acf > MD5(Wireshark-win64-2.2.0rc1.exe)=d0f0af9ef0674203ac53639baabf84a2 > > WiresharkPortable_2.2.0rc1.paf.exe: 46429848 bytes > SHA256(WiresharkPortable_2.2.0rc1.paf.exe)=2cc5fdc66ae18864205405d7e823571e2f997fac52e84730b52cab06fe4faba6 > RIPEMD160(WiresharkPortable_2.2.0rc1.paf.exe)=a7a2b9d31cf6e3846bd78e99364b5d6ca3618a42 > SHA1(WiresharkPortable_2.2.0rc1.paf.exe)=3fe08ccd651e1495ef306cd74857c4cc8c258577 > MD5(WiresharkPortable_2.2.0rc1.paf.exe)=b320ba87699a411671cb7d44e7d889f3 > > Wireshark 2.2.0rc1 Intel 64.dmg: 32679941 bytes > SHA256(Wireshark 2.2.0rc1 Intel > 64.dmg)=6d6cb29a04f0c509ee69d1ad9a94fb3ccbf9df27e463dbf88a01e1739768732e > RIPEMD160(Wireshark 2.2.0rc1 Intel > 64.dmg)=171f2d9f12f9bf0feffc8ad291c42e0e2494d482 > SHA1(Wireshark 2.2.0rc1 Intel > 64.dmg)=32068ed02822a1dd03a803c83de8a2f0622ddeb4 > MD5(Wireshark 2.2.0rc1 Intel 64.dmg)=54f46270d997ac059493eb39c32ccbfb > > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx > <mailto:wireshark-dev@xxxxxxxxxxxxx>> > Archives: https://www.wireshark.org/lists/wireshark-dev > <https://www.wireshark.org/lists/wireshark-dev> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > <https://wireshark.org/mailman/options/wireshark-dev> > mailto:wireshark-dev-request@xxxxxxxxxxxxx > <mailto:wireshark-dev-request@xxxxxxxxxxxxx>?subject=unsubscribe > > > > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx> > Archives: https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe >
- References:
- [Wireshark-dev] Wireshark 2.2.0rc1 is now available
- From: Gerald Combs
- Re: [Wireshark-dev] Wireshark 2.2.0rc1 is now available
- From: Roland Knall
- [Wireshark-dev] Wireshark 2.2.0rc1 is now available
- Prev by Date: Re: [Wireshark-dev] Wireshark 2.2.0rc1 is now available
- Next by Date: [Wireshark-dev] Running extcaps from windows console
- Previous by thread: Re: [Wireshark-dev] Wireshark 2.2.0rc1 is now available
- Next by thread: [Wireshark-dev] Running extcaps from windows console
- Index(es):