1 Wireshark 2.5.0 Release Notes
3 This is a semi-experimental release intended to test new features for
5 __________________________________________________________________
9 Wireshark is the world's most popular network protocol analyzer. It is
10 used for troubleshooting, analysis, development and education.
11 __________________________________________________________________
15 Many user interface improvements have been made. See the New and
16 Updated Features section below for more details.
18 New and Updated Features
20 The following features are new (or have been significantly updated)
22 * Display filter buttons can now be edited, disabled, and removed via
23 a context menu directly from the toolbar
24 * Drag & Drop filter fields to the display filter toolbar or edit to
25 create a button on the fly or apply the filter as a display filter.
26 * Application startup time has been reduced.
27 * Some keyboard shortcut mix-ups have been resolved by assigning new
28 shortcuts to Edit -> Copy methods.
29 * TShark now supports color using the --color option.
30 * The "matches" display filter operator is now case-insensitive.
31 * Display expression (button) preferences have been converted to a
32 UAT. This puts the display expressions in their own file. Wireshark
33 still supports preference files that contain the old preferences,
34 but new preference files will be written without the old fields.
35 * SMI private enterprise numbers are now read from the
36 "enterprises.tsv" configuration file.
37 * The QUIC dissector has been renamed to Google QUIC (quic -> gquic).
38 * The selected packet number can now be shown in the Status Bar by
39 enabling Preferences -> Appearance -> Layout -> Show selected
41 * File load time in the Status Bar is now disabled by default and can
42 be enabled in Preferences -> Appearance -> Layout -> Show file load
44 * Support for the G.729A codec in the RTP Player is now added via the
46 * Support for hardware-timestamping of packets has been added.
47 * Improved NetMon .cap support with comments, event tracing, network
48 filter, network info types and some Message Analyzer exported
50 * The personal plugins folder on Linux/Unix is now
51 ~/.local/lib/wireshark/plugins.
52 * TShark can print flow graphs using -z flow...
53 * Capinfos now prints SHA256 hashes in addition to RIPEMD160 and
54 SHA1. MD5 output has been removed.
55 * The packet editor has been removed. (This was a GTK+ only
56 experimental feature.)
57 * Support BBC micro:bit Bluetooth profile
58 * The Linux and UNIX installation step for Wireshark will now install
59 headers required to build plugins. A pkg-config file is provided to
60 help with this (see doc/plugins.example for details). Note you must
61 still rebuild all plugins between minor releases (X.Y).
62 * The Windows installers and packages now ship with Qt 5.9.4.
66 802.11ax (High Efficiency WLAN (HEW)), ActiveMQ Artemis Core Protocol,
67 AMT (Automatic Multicast Tunneling), Bluetooth Mesh, Broadcom tags
68 (Broadcom Ethernet switch management frames), CAN-ETH, CVS password
69 server, FP Mux, GRPC (gRPC), IEEE 1905.1a, IEEE 802.3br Frame
70 Preemption Protocol, ISOBUS, LoRaTap, LoRaWAN, Lustre Filesystem,
71 Lustre Network, Network Functional Application Platform Interface
72 (NFAPI) Protocol, New Radio Radio Resource Control protocol, NXP
73 802.15.4 Sniffer Protocol, PFCP (Packet Forwarding Control Protocol),
74 Protobuf (Protocol Buffers), QUIC (IETF), Session Multiplex Protocol,
75 SolarEdge monitoring protocol, Tibia, TWAMP and OWAMP, and Wi-Fi Device
78 Updated Protocol Support
80 Too many protocols have been updated to list here.
82 New and Updated Capture File Support
84 Microsoft Network Monitor
86 New and Updated Capture Interfaces support
89 __________________________________________________________________
93 Wireshark source code and installation packages are available from
94 [1]https://www.wireshark.org/download.html.
96 Vendor-supplied Packages
98 Most Linux and Unix vendors supply their own Wireshark packages. You
99 can usually install or upgrade Wireshark using the package management
100 system specific to that platform. A list of third-party packages can be
101 found on the [2]download page on the Wireshark web site.
102 __________________________________________________________________
106 Wireshark and TShark look in several different locations for preference
107 files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
108 vary from platform to platform. You can use About->Folders to find the
109 default locations on your system.
110 __________________________________________________________________
114 Dumpcap might not quit if Wireshark or TShark crashes. ([3]Bug 1419)
116 The BER dissector might infinitely loop. ([4]Bug 1516)
118 Capture filters aren't applied when capturing from named pipes. ([5]Bug
121 Filtering tshark captures with read filters (-R) no longer works.
124 Application crash when changing real-time option. ([7]Bug 4035)
126 Wireshark and TShark will display incorrect delta times in some cases.
129 Wireshark should let you work with multiple capture files. ([9]Bug
131 __________________________________________________________________
135 Community support is available on [10]Wireshark's Q&A site and on the
136 wireshark-users mailing list. Subscription information and archives for
137 all of Wireshark's mailing lists can be found on [11]the web site.
139 Official Wireshark training and certification are available from
140 [12]Wireshark University.
141 __________________________________________________________________
143 Frequently Asked Questions
145 A complete FAQ is available on the [13]Wireshark web site.
146 __________________________________________________________________
148 Last updated 2018-02-06 20:11:41 UTC
152 1. https://www.wireshark.org/download.html
153 2. https://www.wireshark.org/download.html#thirdparty
154 3. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
155 4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
156 5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
157 6. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
158 7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
159 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
160 9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10488
161 10. https://ask.wireshark.org/
162 11. https://www.wireshark.org/lists/
163 12. http://www.wiresharktraining.com/
164 13. https://www.wireshark.org/faq.html