1 Wireshark 1.99.7 Release Notes
3 This is an experimental release intended to test new features for
5 __________________________________________________________________
9 Wireshark is the world's most popular network protocol analyzer. It is
10 used for troubleshooting, analysis, development and education.
11 __________________________________________________________________
15 New and Updated Features
17 The following features are new (or have been significantly updated)
20 + The Bluetooth Devices dialog has been added.
21 + The wireless toolbar has been added.
22 + Opening files via drag and drop is now supported.
23 + The Capture Filter and Display Filter dialogs have been added.
24 + The Display Filter Expression dialog has been added.
25 + Conversation Filter menu items have been added.
26 + You can change protocol preferences by right clicking on the
27 packet list and details.
29 The following features are new (or have been significantly updated)
30 since version 1.99.4 and 1.99.5:
32 + Capture restarts are now supported.
33 + Menu items for plugins are now supported.
34 + Extcap interfaces are now supported.
35 + The Expert Information dialog has been added.
36 + Display and capture filter completion is now supported.
37 + Many bugs have been fixed.
38 + Translations have been updated.
40 The following features are new (or have been significantly updated)
43 + Several interface bugs have been fixed.
44 + Translations have been updated.
46 The following features are new (or have been significantly updated)
49 + Several bugs have been fixed.
50 + You can now open a packet in a new window.
51 + The Bluetooth ATT Server Attributes dialog has been added.
52 + The Coloring Rules dialog has been added.
53 + Many translations have been updated. Chinese, Italian and
54 Polish translations are complete.
55 + General user interface and usability improvements.
56 + Automatic scrolling during capture now works.
57 + The related packet indicator has been updated.
59 The following features are new (or have been significantly updated)
62 + The welcome screen layout has been updated.
63 + The Preferences dialog no longer crashes on Windows.
64 + The packet list header menu has been added.
65 + Statistics tree plugins are now supported.
66 + The window icon is now displayed properly in the Windows
68 + A packet list an byte view selection bug has been fixed
70 + The RTP Streams dialog has been added.
71 + The Protocol Hierarchy Statistics dialog has been added.
73 The following features are new (or have been significantly updated)
76 + You can now show and hide toolbars and major widgets using the
78 + You can now set the time display format and precision.
79 + The byte view widget is much faster, particularly when
80 selecting large reassembled packets.
81 + The byte view is explorable. Hovering over it highlights the
82 corresponding field and shows a description in the status bar.
83 + An Italian translation has been added.
84 + The Summary dialog has been updated and renamed to Capture
86 + The VoIP Calls and SIP Flows dialogs have been added.
87 + Support for HiDPI / Retina displays has been improved in the
89 * DNS stats: + A new stats tree has been added to the Statistics
90 menu. Now it is possible to collect stats such as qtype/qclass
91 distribution, number of resource record per response section, and
92 stats data (min, max, avg) for values such as query name length or
94 * HPFEEDS stats: + A new stats tree has been added to the statistics
95 menu. Now it is possible to collect stats per channel (messages
96 count and payload size), and opcode distribution.
97 * HTTP2 stats: + A new stats tree has been added to the statistics
98 menu. Now it is possible to collect stats (type distribution).
100 The following features are new (or have been significantly updated)
101 since version 1.12.0:
102 * The I/O Graph in the Gtk+ UI now supports an unlimited number of
103 data points (up from 100k).
104 * TShark now resets its state when changing files in ring-buffer
106 * Expert Info severities can now be configured.
107 * Wireshark now supports external capture interfaces. External
108 capture interfaces can be anything from a tcpdump-over-ssh pipe to
109 a program that captures from proprietary or non-standard hardware.
110 This functionality is not available in the Qt UI yet.
112 + The Qt UI is now the default (program name is wireshark).
113 + A Polish translation has been added.
114 + The Interfaces dialog has been added.
115 + The interface list is now updated when interfaces appear or
117 + The Conversations and Endpoints dialogs have been added.
118 + A Japanese translation has been added.
119 + It is now possible to manage remote capture interfaces.
120 + Windows: taskbar progress support has been added.
121 + Most toolbar actions are in place and work.
122 + More command line options are now supported
126 (LISP) TCP Control Message, Aeron, AllJoyn Reliable Datagram Protocol,
127 Android ADB, Android Logcat text, Apache Tribes Heartbeat, BGP
128 Monitoring Prototol (BMP), C15 Call History Protocol dissection
129 (C15ch), ceph, corosync/totemnet corosync cluster engine ( lowest
130 levelencryption/decryption protocol), corosync/totemsrp corosync
131 cluster engine ( totem single ring protocol), Couchbase, CP "Cooper"
132 2179, DJI UAV Drone Control Protocol, Dynamic Source Routing (RFC
133 4728), Elasticsearch, ETSI Card Application Toolkit - Transport
134 Protocol, Generic Network Virtualization Encapsulation (Geneve),
135 Geospatial and Imagery Access Service (GIAS), GVSP GigE Vision (TM)
136 Streaming Protocol, HCrt, HiQnet, IP Detail Record (IPDR), IPMI Trace,
137 iSER, KNXnetIP, MACsec Key Agreement - EAPoL-MKA, MCPE (Minecraft
138 Pocket Edition), Network File System over Remote Direct Memory Access
139 (NFSoRDMA), OCFS2, OptoMMP, Performance Co-Pilot Proxy, QNEX6 (QNET),
140 RakNet games library, Remote Shared Virtual Disk - RSVD, Riemann, S7
141 Communication, Secure Socket Tunnel Protocol (SSTP), Shared Memory
142 Communications - RDMA, Stateless Transport Tunneling, Thrift, Video
143 Services over IP (VSIP), and ZVT Kassenschnittstelle
145 Updated Protocol Support
147 Too many protocols have been updated to list here.
149 New and Updated Capture File Support
151 3GPP Nettrace TS 34 423, Android Logcat text files, Colasoft Capsa
152 files, Netscaler 3.5, and Wireshark now supports nanosecond timestamp
153 resolution in PCAP-NG files.
155 New and Updated Capture Interfaces support
157 and Androiddump - provide interfaces to capture (Logcat and Bluetooth)
158 from connected Android devices
162 The libwireshark API has undergone some major changes:
163 * The emem framework (including all ep_ and se_ memory allocation
164 routines) has been completely removed in favour of wmem which is
166 * The (long-since-broken) Python bindings support has been removed.
167 If you want to write dissectors in something other than C, use Lua.
168 * Plugins can now create GUI menu items.
169 __________________________________________________________________
173 Wireshark source code and installation packages are available from
174 [2]https://www.wireshark.org/download.html.
176 Vendor-supplied Packages
178 Most Linux and Unix vendors supply their own Wireshark packages. You
179 can usually install or upgrade Wireshark using the package management
180 system specific to that platform. A list of third-party packages can be
181 found on the [3]download page on the Wireshark web site.
182 __________________________________________________________________
186 Wireshark and TShark look in several different locations for preference
187 files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
188 vary from platform to platform. You can use About->Folders to find the
189 default locations on your system.
190 __________________________________________________________________
194 Dumpcap might not quit if Wireshark or TShark crashes. ([4]Bug 1419)
196 The BER dissector might infinitely loop. ([5]Bug 1516)
198 Capture filters aren't applied when capturing from named pipes. ([6]Bug
201 Filtering tshark captures with read filters (-R) no longer works.
204 Resolving ([8]Bug 9044) reopens ([9]Bug 3528) so that Wireshark no
205 longer automatically decodes gzip data when following a TCP stream.
207 Application crash when changing real-time option. ([10]Bug 4035)
209 Hex pane display issue after startup. ([11]Bug 4056)
211 Packet list rows are oversized. ([12]Bug 4357)
213 Wireshark and TShark will display incorrect delta times in some cases.
216 The 64-bit version of Wireshark will leak memory on Windows when the
217 display depth is set to 16 bits ([14]Bug 9914)
219 Wireshark should let you work with multiple capture files. ([15]Bug
221 __________________________________________________________________
225 Community support is available on [16]Wireshark's Q&A site and on the
226 wireshark-users mailing list. Subscription information and archives for
227 all of Wireshark's mailing lists can be found on [17]the web site.
229 Official Wireshark training and certification are available from
230 [18]Wireshark University.
231 __________________________________________________________________
233 Frequently Asked Questions
235 A complete FAQ is available on the [19]Wireshark web site.
236 __________________________________________________________________
238 Last updated 2015-06-18 15:33:59 UTC
242 1. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10896
243 2. https://www.wireshark.org/download.html
244 3. https://www.wireshark.org/download.html#thirdparty
245 4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
246 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
247 6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
248 7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
249 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044
250 9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528
251 10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
252 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
253 12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
254 13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
255 14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9914
256 15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
257 16. https://ask.wireshark.org/
258 17. https://www.wireshark.org/lists/
259 18. http://www.wiresharktraining.com/
260 19. https://www.wireshark.org/faq.html