I'm proud to announce the release of Wireshark 2.5.1.
This is a semi-experimental release intended to test new features for Wireshark 2.6. What is Wireshark? Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education. What’s New Wireshark 2.6 is the last release that will support the legacy (GTK+) user interface. It will not be supported or available in Wireshark 3.0. Many user interface improvements have been made. See the “New and Updated Features” section below for more details. New and Updated Features The following features are new (or have been significantly updated) since version 2.5.0: • HTTP Referer statistics are now supported. • Wireshark now supports MaxMind DB files. Support for GeoIP and GeoLite Legacy databases has been removed. • The Windows packages are now built using Microsoft Visual Studio 2017. • The IP map feature (the “Map” button in the “Endpoints” dialog) has been removed. The following features are new (or have been significantly updated) since version 2.4.0: • Display filter buttons can now be edited, disabled, and removed via a context menu directly from the toolbar • Drag & Drop filter fields to the display filter toolbar or edit to create a button on the fly or apply the filter as a display filter. • Application startup time has been reduced. • Some keyboard shortcut mix-ups have been resolved by assigning new shortcuts to Edit → Copy methods. • TShark now supports color using the --color option. • The "matches" display filter operator is now case-insensitive. • Display expression (button) preferences have been converted to a UAT. This puts the display expressions in their own file. Wireshark still supports preference files that contain the old preferences, but new preference files will be written without the old fields. • SMI private enterprise numbers are now read from the "enterprises.tsv" configuration file. • The QUIC dissector has been renamed to Google QUIC (quic → gquic). • The selected packet number can now be shown in the Status Bar by enabling Preferences → Appearance → Layout → Show selected packet number. • File load time in the Status Bar is now disabled by default and can be enabled in Preferences → Appearance → Layout → Show file load time. • Support for the G.729A codec in the RTP Player is now added via the bcg729 library. • Support for hardware-timestamping of packets has been added. • Improved NetMon .cap support with comments, event tracing, network filter, network info types and some Message Analyzer exported types. • The personal plugins folder on Linux/Unix is now ~/.local/lib/wireshark/plugins. • TShark can print flow graphs using -z flow… • Capinfos now prints SHA256 hashes in addition to RIPEMD160 and SHA1. MD5 output has been removed. • The packet editor has been removed. (This was a GTK+ only experimental feature.) • Support BBC micro:bit Bluetooth profile • The Linux and UNIX installation step for Wireshark will now install headers required to build plugins. A pkg-config file is provided to help with this (see doc/plugins.example for details). Note you must still rebuild all plugins between minor releases (X.Y). • The Windows installers and packages now ship with Qt 5.9.4. • The generic data dissector can now uncompress zlib compressed data. New Protocol Support ActiveMQ Artemis Core Protocol, AMT (Automatic Multicast Tunneling), Bluetooth Mesh, Broadcom tags (Broadcom Ethernet switch management frames), CAN-ETH, CVS password server, Excentis DOCSIS31 XRA header, F5ethtrailer, FP Mux, GRPC (gRPC), IEEE 1905.1a, IEEE 802.11ax (High Efficiency WLAN (HEW)), IEEE 802.15.9 IEEE Recommended Practice for Transport of Key Management Protocol (KMP) Datagrams, IEEE 802.3br Frame Preemption Protocol, ISOBUS, LoRaTap, LoRaWAN, Lustre Filesystem, Lustre Network, Nano / RaiBlocks Cryptocurrency Protocol (UDP), Network Functional Application Platform Interface (NFAPI) Protocol, New Radio Radio Resource Control protocol, NXP 802.15.4 Sniffer Protocol, PFCP (Packet Forwarding Control Protocol), Protobuf (Protocol Buffers), QUIC (IETF), RFC 4108 Using CMS to Protect Firmware Packages, Session Multiplex Protocol, SolarEdge monitoring protocol, Steam In-Home Streaming Discovery Protocol, Tibia, TWAMP and OWAMP, Wi-Fi Device Provisioning Protocol, and Wi-SUN FAN Protocol Updated Protocol Support Too many protocols have been updated to list here. New and Updated Capture File Support Microsoft Network Monitor New and Updated Capture Interfaces support LoRaTap Getting Wireshark Wireshark source code and installation packages are available from https://www.wireshark.org/download.html. Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site. File Locations Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system. Known Problems The BER dissector might infinitely loop. (Bug 1516) Capture filters aren’t applied when capturing from named pipes. (Bug 1814) Filtering tshark captures with read filters (-R) no longer works. (Bug 2234) Application crash when changing real-time option. (Bug 4035) Wireshark and TShark will display incorrect delta times in some cases. (Bug 4985) Wireshark should let you work with multiple capture files. (Bug 10488) Getting Help Community support is available on Wireshark’s Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark’s mailing lists can be found on the web site. Official Wireshark training and certification are available from Wireshark University. Frequently Asked Questions A complete FAQ is available on the Wireshark web site. Last updated 2018-03-13 19:13:27 UTC References 1. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419 2. https://www.wireshark.org/download.html 3. https://www.wireshark.org/download.html#thirdparty 4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814 6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234 7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985 9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488 10. https://ask.wireshark.org/ 11. https://www.wireshark.org/lists/ 12. http://www.wiresharktraining.com/ 13. https://www.wireshark.org/faq.html Digests wireshark-2.5.1.tar.xz: 28229472 bytes SHA256(wireshark-2.5.1.tar.xz)=fe104b795d65b7658f60dd9dca52f122cc754ab2a10955332051a168261cfee3 RIPEMD160(wireshark-2.5.1.tar.xz)=11eb76149450b406e8c48c899b8c0cec709bbcb4 SHA1(wireshark-2.5.1.tar.xz)=e0918ffc43805564b8a9384000f36b6a52b1653f Wireshark-win64-2.5.1.exe: 59875080 bytes SHA256(Wireshark-win64-2.5.1.exe)=e9024f0145dc24a0747030c63ef5e9e837470a6634a6cde7134a30ee040bcbc5 RIPEMD160(Wireshark-win64-2.5.1.exe)=3aec11c0dee173c31d4910a8d690d992b7955086 SHA1(Wireshark-win64-2.5.1.exe)=2110f4cd7b8a39179e5c442ccb442ca84841ce11 Wireshark-win32-2.5.1.exe: 54162768 bytes SHA256(Wireshark-win32-2.5.1.exe)=a267fad0a5de5d983497aa5a455c7a39520697ba37f28edb7e540a6667e26106 RIPEMD160(Wireshark-win32-2.5.1.exe)=c585bd1289cf4a71be7237b7cc189f948688db53 SHA1(Wireshark-win32-2.5.1.exe)=36ab1e86016346365b5610039369b88c00208078 Wireshark-win32-2.5.1.msi: 43626496 bytes SHA256(Wireshark-win32-2.5.1.msi)=1a97bdebf9aafcb5cac4b6124b7f94b05510edd4fdc49f02e0851492684d4a94 RIPEMD160(Wireshark-win32-2.5.1.msi)=41de589ba23520b6cc19447d36b7fe25f7e983fc SHA1(Wireshark-win32-2.5.1.msi)=250c9d6eb228bdf99cb75bd8bc93888790cc9cda Wireshark-win64-2.5.1.msi: 49270784 bytes SHA256(Wireshark-win64-2.5.1.msi)=ae66d126f391dd2731bc85c4d8fed032dc7af03e72011563769fb66d6c388796 RIPEMD160(Wireshark-win64-2.5.1.msi)=47311af4617e9d8905a0c588bb97594f8f8f22d1 SHA1(Wireshark-win64-2.5.1.msi)=f9c016d508c955689cbaca0953d54ef89ed8b8c5 WiresharkPortable_2.5.1.paf.exe: 37400016 bytes SHA256(WiresharkPortable_2.5.1.paf.exe)=6ad3e383d06b6a5f8977fa1d0ab721e57ace00bdc3f270f01a8636343b1598e4 RIPEMD160(WiresharkPortable_2.5.1.paf.exe)=151d9075098a932587ac087c4007eae7ab00c496 SHA1(WiresharkPortable_2.5.1.paf.exe)=e32ad1590313e607a4aeaa9f039ecbcbe386d403 Wireshark 2.5.1 Intel 64.dmg: 168421961 bytes SHA256(Wireshark 2.5.1 Intel 64.dmg)=fe855b38b24d3b3aff55600bcb76a29a9375d638798fea9c8739137f85e720f8 RIPEMD160(Wireshark 2.5.1 Intel 64.dmg)=7a5aff28a76cb81d429365b1d8b6717b06f36fed SHA1(Wireshark 2.5.1 Intel 64.dmg)=566053c2baf917bfa6fa283277e597d6413734d0 You can validate these hashes using the following commands (among others): Windows: certutil -hashfile Wireshark-win64-x.y.z.exe SHA256 Linux (GNU Coreutils): sha256sum wireshark-x.y.z.tar.xz macOS: shasum -a 256 "Wireshark x.y.z Intel 64.dmg" Other: openssl sha256 wireshark-x.y.z.tar.xz
Description: OpenPGP digital signature
___________________________________________________________________________ Sent via: Wireshark-announce mailing list <email@example.com> Archives: https://www.wireshark.org/lists/wireshark-announce Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-announce mailto:wireshark-announce-requ...@wireshark.org?subject=unsubscribe