Wireshark-dev: [Wireshark-dev] Wireshark 2.4.0 is now available
From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 19 Jul 2017 11:26:23 -0700
I'm proud to announce the release of Wireshark 2.4.0.
__________________________________________________________________
What is Wireshark?
Wireshark is the world's most popular network protocol analyzer. It is
used for troubleshooting, analysis, development and education.
__________________________________________________________________
What's New
New and Updated Features
The following features are new (or have been significantly updated)
since version 2.2.0:
* Experimental 32-bit and 64-bit Windows Installer (.msi) packages
are available. It is recommended that you use these independently
of the NSIS (.exe) installers. That is, you should make sure the
NSIS package is completely uninstalled before installing the
Windows Installer package and vice-versa.
* Source packages are now compressed using xz instead of bzip2.
* The legacy (GTK+) UI is disabled by default in the Windows
installers.
* The legacy (GTK+) UI is disabled by default in the development
environment (Autotools and CMake).
* SS7 Point Codes can now be resolved into names with a hosts-like
file.
* Wireshark can now go fullscreen to have more room for packets.
* TShark can now export objects like the other GUI interfaces.
* Support for G.722 and G.726 codecs in the RTP Player (via the
SpanDSP library).
* You can now choose the output device when playing RTP streams.
* Added support for dissectors to include a unit name natively in
their hf field. A field can now automatically append "seconds" or
"ms" to its value without additional printf-style APIs.
* The Default profile can now be reset to default values.
* You can move back and forth in the selection history in the Qt UI.
* IEEE 802.15.4 dissector now uses an UAT for decryption keys. The
original decryption key preference has been obsoleted.
* Extcap utilities can now provide configuration for a GUI interface
toolbar to control the extcap utility while capturing.
* Extcap utilities can now validate the capture filter.
* Display filter function len() can now be used on all string and
byte fields.
* Added an experimental timeline view for 802.11 wireless packet data
which can be enabled via the "802.11 radio information"
preferences.
* Added TLS 1.3 (draft 21) dissection and decryption support ([1]Bug
12779).
* The (D)TLS Application Layer protocol (e.g. HTTP or CoAP) can now
be changed via the Decode As dialog.
* The RSA keys dialog for SSL keys has improved feedback for invalid
settings and no longer requires the IP address, Port or Protocol
fields to be set in addition to the Key File.
* TCP Analysis will detect and flag more spurious retransmissions.
New Protocol Support
Bluetooth HCI Vendor Intel, CAN FD, Citrix NetScaler Metric Exchange
Protocol, Citrix NetScaler RPC Protocol, DirectPlay 8 protocol,
Ericsson A-bis P-GSL, Ericsson A-bis TFP (Traffic Forwarding Protocol),
Facebook Zero, Fc00/cjdns Protocol, Generic Netlink (genl), GSM Osmux,
GSMTAP based logging, Health Level 7 (HL7), High-speed SECS message
service (HSMS), HomePNA, IndigoCare iCall protocol, IndigoCare Netrix
protocol, iPerf2, ISO 15765, Linux 802.11 Netlink (nl80211), Local
Service Discovery (LSD), M2 Application Protocol, Mesh Link
Establishment (MLE), MUDURL, Netgear Ensemble Protocol, NetScaler HA
Protocol, NetScaler Metric Exchange Protocol, NetScaler RPC Protocol,
NM protocol, Nordic BLE Sniffer, NVMe, NVMe Fabrics RDMA, OBD-II PIDs,
OpenThread simulator, RFTap Protocol, SCTE-35 Digital Program Insertion
Messages, Snort Post-dissector, Thread CoAP, UDP based FTP w/ multicast
(UFTP and UFTP4), Unified Diagnostic Services (UDS), vSocket, Windows
Cluster Management API (clusapi), and X-Rite i1 Display Pro (and
derivatives) USB protocol
Updated Protocol Support
Too many protocols have been updated to list here.
New and Updated Capture File Support
ERF, IxVeriWave, Libpcap, and Pcap-ng
Major API Changes
IEEE802.11: wlan_mgt display filter element got renamed to wlan.
Libgcrypt is now a required dependency.
__________________________________________________________________
Getting Wireshark
Wireshark source code and installation packages are available from
[2]https://www.wireshark.org/download.html.
Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark packages. You
can usually install or upgrade Wireshark using the package management
system specific to that platform. A list of third-party packages can be
found on the [3]download page on the Wireshark web site.
__________________________________________________________________
File Locations
Wireshark and TShark look in several different locations for preference
files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
vary from platform to platform. You can use About->Folders to find the
default locations on your system.
__________________________________________________________________
Known Problems
Dumpcap might not quit if Wireshark or TShark crashes. ([4]Bug 1419)
The BER dissector might infinitely loop. ([5]Bug 1516)
Capture filters aren't applied when capturing from named pipes. ([6]Bug
1814)
Filtering tshark captures with read filters (-R) no longer works.
([7]Bug 2234)
Application crash when changing real-time option. ([8]Bug 4035)
Wireshark and TShark will display incorrect delta times in some cases.
([9]Bug 4985)
Wireshark should let you work with multiple capture files. ([10]Bug
10488)
__________________________________________________________________
Getting Help
Community support is available on [11]Wireshark's Q&A site and on the
wireshark-users mailing list. Subscription information and archives for
all of Wireshark's mailing lists can be found on [12]the web site.
Official Wireshark training and certification are available from
[13]Wireshark University.
__________________________________________________________________
Frequently Asked Questions
A complete FAQ is available on the [14]Wireshark web site.
__________________________________________________________________
Last updated 2017-07-19 17:49:40 UTC
References
1. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12779
2. https://www.wireshark.org/download.html
3. https://www.wireshark.org/download.html#thirdparty
4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
11. https://ask.wireshark.org/
12. https://www.wireshark.org/lists/
13. http://www.wiresharktraining.com/
14. https://www.wireshark.org/faq.html
Digests
wireshark-2.4.0.tar.xz: 28755596 bytes
SHA256(wireshark-2.4.0.tar.xz)=890bb41b826ff04e98fb089446ab37e5871e16205278bfeffc2a7c7364de3b04
RIPEMD160(wireshark-2.4.0.tar.xz)=277b417c0e52f7e5ad9278c63a7d5ac74e552518
SHA1(wireshark-2.4.0.tar.xz)=aa8f53300f60956553902ccc755c0dfe86f768fc
MD5(wireshark-2.4.0.tar.xz)=655106f8cf3bb8f521336d3a8ab5b10b
Wireshark-win64-2.4.0.exe: 59110928 bytes
SHA256(Wireshark-win64-2.4.0.exe)=341f97b1d8fc25b4e149fb20b718451aa8646856faa0576071037e60ed47f8b0
RIPEMD160(Wireshark-win64-2.4.0.exe)=57c5eca5d4efcb1c2b8c80cd79e6cb4d505e9c03
SHA1(Wireshark-win64-2.4.0.exe)=0452d3aa7ad1cc1240c0cdd9457159de244ca8be
MD5(Wireshark-win64-2.4.0.exe)=f611afe4a6d59f7ad18fd573232e30fe
Wireshark-win32-2.4.0.exe: 53570224 bytes
SHA256(Wireshark-win32-2.4.0.exe)=971e6021d6ba214aa938ff43436b70525efc8f5286e556066dfa4863603e7c5e
RIPEMD160(Wireshark-win32-2.4.0.exe)=04cd96b19aff8375fe1217c1829a850d1a3753ca
SHA1(Wireshark-win32-2.4.0.exe)=6e8351cb2aba06173aabc907922338edbcda63d2
MD5(Wireshark-win32-2.4.0.exe)=d96a10a99ca06e36528a0e6c662c17e5
Wireshark-win32-2.4.0.msi: 43032576 bytes
SHA256(Wireshark-win32-2.4.0.msi)=b730430387efab0bc3b01e5f10a2e708672d75157663c251fcb20431d6649a9f
RIPEMD160(Wireshark-win32-2.4.0.msi)=d726fbb03f9fdf64771620955ec6ae1924b23fbf
SHA1(Wireshark-win32-2.4.0.msi)=fe3cb12f5efa30e0619e81ba81271b334e4cd053
MD5(Wireshark-win32-2.4.0.msi)=5cd3e1b7ed315c3f5e928c9c8001dbf9
Wireshark-win64-2.4.0.msi: 48455680 bytes
SHA256(Wireshark-win64-2.4.0.msi)=609262ab1ecdda6fd3ed3a5ccddfb5b8d939b7a28616c5dacddcb1528c2b02d9
RIPEMD160(Wireshark-win64-2.4.0.msi)=e74ec7c8892a9413074cb1474d9fa335829c05be
SHA1(Wireshark-win64-2.4.0.msi)=1f4437025097362c8e76841a7569bb72da6cd036
MD5(Wireshark-win64-2.4.0.msi)=6fb4c41eb8a5300e0b0200ea7c1d56a4
WiresharkPortable_2.4.0.paf.exe: 46243888 bytes
SHA256(WiresharkPortable_2.4.0.paf.exe)=76dfafd12ad82a19fffe0d99b48e9ba5dd1b77ce9c566dcf19cdf32fffb40f22
RIPEMD160(WiresharkPortable_2.4.0.paf.exe)=65cbdfca286976a652a931c8e0c989c4e431efbe
SHA1(WiresharkPortable_2.4.0.paf.exe)=8c84ecf4455f34f7624ae1056f1af568a02bd2e0
MD5(WiresharkPortable_2.4.0.paf.exe)=8544747f6a4a89ee88d965953a1ff8b1
Wireshark 2.4.0 Intel 64.dmg: 35144406 bytes
SHA256(Wireshark 2.4.0 Intel
64.dmg)=20c2e5fa8ec302fc47100ad42f8d2020e629a72b75a7343929206d3274bd08b2
RIPEMD160(Wireshark 2.4.0 Intel
64.dmg)=978eab476a2ab3dcae2080902dc3d8f223f21aed
SHA1(Wireshark 2.4.0 Intel 64.dmg)=5aecbddef5a762a0a4c36c9312b727bf671c0992
MD5(Wireshark 2.4.0 Intel 64.dmg)=2cf632f801dc810c5f0378fa983fc9e9
Attachment:
signature.asc
Description: OpenPGP digital signature
- Prev by Date: [Wireshark-dev] Wireshark 2.0.14 is now available
- Next by Date: [Wireshark-dev] Dissector for link layer to run before ethernet one
- Previous by thread: [Wireshark-dev] Wireshark 2.0.14 is now available
- Next by thread: [Wireshark-dev] Dissector for link layer to run before ethernet one
- Index(es):