1 Wireshark 1.11.3 Release Notes
3 This is an experimental release intended to test new features
4 for the next stable release.
5 __________________________________________________________
9 Wireshark is the world's most popular network protocol
10 analyzer. It is used for troubleshooting, analysis, development
12 __________________________________________________________
18 The following bugs have been fixed:
19 * "On-the-wire" packet lengths are limited to 65535 bytes.
20 ([1]Bug 8808, ws-buglink:9390)
21 * "Follow TCP Stream" shows only the first HTTP req+res.
23 * Files with pcap-ng Simple Packet Blocks can't be read.
25 * MPLS-over-PPP isn't recognized. ([4]Bug 9492)
27 New and Updated Features
29 The following features are new (or have been significantly
30 updated) since version 1.11.2:
32 + The About dialog has been added
33 + The Capture Interfaces dialog has been added.
34 + The Decode As dialog has been added. It managed to
35 swallow up the User Specified Decodes dialog as well.
36 + The Export PDU dialog has been added.
37 + Several SCTP dialogs have been added.
38 + The statistics tree (the backend for many Statistics
39 and Telephony menu items) dialog has been added.
40 + The I/O Graph dialog has been added.
41 + French translation has updated.
43 The following features are new (or have been significantly
44 updated) since version 1.11.1:
45 * Mac OS X packaging has been improved.
47 The following features are new (or have been significantly
48 updated) since version 1.11.0:
49 * Dissector output may be encoded as UTF-8. This includes
52 + The Follow Stream dialog now supports packet and TCP
54 + A Flow Graph (sequence diagram) dialog has been added.
55 + The main window now respects geometry preferences.
57 The following features are new (or have been significantly
58 updated) since version 1.10:
59 * Wireshark now uses the Qt application framework. The new UI
60 should provide a significantly better user experience,
61 particularly on Mac OS X and Windows.
62 * The Windows installer now uninstalls the previous version
63 of Wireshark silently. You can still run the uninstaller
64 manually beforehand if you wish to run it interactively.
65 * Expert information is now filterable when the new API is in
67 * The "Number" column shows related packets and protocol
68 conversation spans (Qt only).
69 * When manipulating packets with editcap using the -C
70 <choplen> and/or -s <snaplen> options, it is now possible
71 to also adjust the original frame length using the -L
73 * You can now pass the -C <choplen> option to editcap
74 multiple times, which allows you to chop bytes from the
75 beginning of a packet as well as at the end of a packet in
77 * You can now specify an optional offset to the -C option for
78 editcap, which allows you to start chopping from that
79 offset instead of from the absolute packet beginning or
81 * "malformed" display filter has been renamed to
82 "_ws.malformed". A handful of other filters have been given
83 the "_ws." prefix to note they are Wireshark application
84 specific filters and not dissector filters.
88 * The ASN1 plugin has been removed as it's deemed obsolete.
89 * The GNM dissector has been removed as it was never used.
93 29West, 802.1AE Secure tag, ACR122, ADB Client-Server, AllJoyn,
94 Apple PKTAP, Aruba Instant AP, ASTERIX, ATN, Bencode, Bluetooth
95 3DS, Bluetooth HSP, Bluetooth Linux Monitor Transport,
96 Bluetooth Low Energy, Bluetooth Low Energy RF Info, CARP, CFDP,
97 Cisco MetaData, DCE/RPC MDSSVC, DeviceNet, ELF file format,
98 EXPORTED PDU, FINGER, HDMI, HTTP2, IDRP, IEEE 1722a, ILP, iWARP
99 Direct Data Placement and Remote Direct Memory Access Protocol,
100 Kafka, Kyoto Tycoon, Landis & Gyr Telegyr 8979, LBM, LBMC,
101 LBMPDM, LBMPDM-TCP, LBMR, LBT-RM, LBT-RU, LBT-TCP, Lightweight
102 Mesh (v1.1.1), Linux netlink, Linux netlink netfilter, Linux
103 netlink sock diag, Linux rtnetlink (route netlink), Logcat,
104 MBIM, MiNT, MP4 / ISOBMFF file format, MQ Telemetry Transport
105 Protocol, Novell PKIS certificate extensions, NXP PN532 HCI,
106 Open Sound Control, OpenFlow, Pathport, PDC, Picture Transfer
107 Protocol Over IP, PKTAP, Private Data Channel, QUIC (Quick UDP
108 Internet Connections), SAE J1939, SEL RTAC (Real Time
109 Automation Controller) EIA-232 Serial-Line Dissection, Sippy
110 RTPproxy, SMB-Direct, STANAG 4607, STANAG 5066 DTS, STANAG 5066
111 SIS, Tinkerforge, Ubertooth, UDT, URL Encoded Form Data, USB
112 Communications and CDC Control, USB Device Firmware Upgrade,
113 VP8, WHOIS, Wi-Fi Display, and ZigBee Green Power profile
115 Updated Protocol Support
117 Too many protocols have been updated to list here.
119 New and Updated Capture File Support
121 Netscaler 2.6, STANAG 4607, and STANAG 5066 Data Transfer
126 The libwireshark API has undergone some major changes:
127 * A more flexible, modular memory manager (wmem) has been
128 added. It was available experimentally in 1.10 but is now
129 mature and has mostly replaced the old emem API (which is
131 * A new API for expert information has been added, replacing
133 * The tvbuff API has been cleaned up: tvb_length has been
134 renamed to tvb_captured_length for clarity, and
135 tvb_get_string and tvb_get_stringz have been deprecated in
136 favour of tvb_get_string_enc and tvb_get_stringz_enc.
137 __________________________________________________________
141 Wireshark source code and installation packages are available
142 from [5]http://www.wireshark.org/download.html.
144 Vendor-supplied Packages
146 Most Linux and Unix vendors supply their own Wireshark
147 packages. You can usually install or upgrade Wireshark using
148 the package management system specific to that platform. A list
149 of third-party packages can be found on the [6]download page on
150 the Wireshark web site.
151 __________________________________________________________
155 Wireshark and TShark look in several different locations for
156 preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
157 These locations vary from platform to platform. You can use
158 About->Folders to find the default locations on your system.
159 __________________________________________________________
163 Dumpcap might not quit if Wireshark or TShark crashes. ([7]Bug
166 The BER dissector might infinitely loop. ([8]Bug 1516)
168 Capture filters aren't applied when capturing from named pipes.
171 Filtering tshark captures with read filters (-R) no longer
174 The 64-bit Windows installer does not support Kerberos
175 decryption. ([10]Win64 development page)
177 Resolving ([11]Bug 9044) reopens ([12]Bug 3528) so that
178 Wireshark no longer automatically decodes gzip data when
179 following a TCP stream.
181 Application crash when changing real-time option. ([13]Bug
184 Hex pane display issue after startup. ([14]Bug 4056)
186 Packet list rows are oversized. ([15]Bug 4357)
188 Summary pane selected frame highlighting not maintained.
191 Wireshark and TShark will display incorrect delta times in some
192 cases. ([17]Bug 4985)
194 The 64-bit Mac OS X installer doesn't support Mac OS X 10.9
196 __________________________________________________________
200 Community support is available on [19]Wireshark's Q&A site and
201 on the wireshark-users mailing list. Subscription information
202 and archives for all of Wireshark's mailing lists can be found
205 Official Wireshark training and certification are available
206 from [21]Wireshark University.
207 __________________________________________________________
209 Frequently Asked Questions
211 A complete FAQ is available on the [22]Wireshark web site.
212 __________________________________________________________
214 Last updated 2014-04-15 09:19:56 PDT
218 1. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808
219 2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044
220 3. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9200
221 4. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9492
222 5. http://www.wireshark.org/download.html
223 6. http://www.wireshark.org/download.html#thirdparty
224 7. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
225 8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
226 9. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
227 10. https://wiki.wireshark.org/Development/Win64
228 11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044
229 12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528
230 13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
231 14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
232 15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
233 16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445
234 17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
235 18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9242
236 19. http://ask.wireshark.org/
237 20. http://www.wireshark.org/lists/
238 21. http://www.wiresharktraining.com/
239 22. http://www.wireshark.org/faq.html