1 = Wireshark wireshark-version:[] Release Notes
2 // AsciiDoc quick reference: http://powerman.name/doc/asciidoc
4 This is a semi-experimental release intended to test new features for Wireshark 2.2.
8 Wireshark is the world's most popular network protocol analyzer. It is
9 used for troubleshooting, analysis, development and education.
15 //The following bugs have been fixed:
18 //* ws-buglink:6000[Wireshark bug]
19 //* cve-idlink:2014-2486[]
20 //* Wireshark accepted your prom invitation then cancelled at the last minute. (ws-buglink:0000[])
22 _Non-empty section placeholder._
24 === New and Updated Features
26 The following features are new (or have been significantly updated)
28 ** You can now switch between between Capture and File Format dissection of
29 the current capture file via the View menu in the Qt GUI.
31 //=== Removed Dissectors
33 === New File Format Decoding Support
35 Wireshark is able to display the format of some types of files (rather than
36 displaying the contents of those files). This is useful when you're curious
37 about, or debugging, a file and its format. To open a capture file (such as
38 PCAP) in this mode specify "MIME Files Format" as the file's format in the
41 New files that Wireshark can open in this mode include:
43 _Non-empty section placeholder._
47 === New Protocol Support
49 Nokia Intelligent Service Interface (ISI)
51 Extensible Control & Management Protocol (eCMP)
52 RTI TCP Transport Layer (RTITCP)
53 ITU-T G.7041/Y.1303 Generic Framing Procedure (GFP)
54 Zigbee Protocol Clusters Dissectors Added (Closures, Lighting, General, Measurement & Sensing, HVAC, Security & Safety)
56 Ericsson IPOS Kernel Packet Header Dissector Added (IPOS)
59 // Items in --sort-and-group-- blocks will be sorted and comma-separated.
63 === Updated Protocol Support
65 Bluetooth OBEX dissector (btobex) was renamed to Obex Dissector (obex), allow to
66 DecodeAs it over USB, TCP and UDP.
68 Too many protocols have been updated to list here.
70 === New and Updated Capture File Support
72 _Non-empty section placeholder._
76 === New and Updated Capture Interfaces support
78 _Non-empty section placeholder._
84 The libwireshark API has undergone some major changes:
86 * The address macros (e.g., SET_ADDRESS) have been removed. Use the
87 (lower case) functions of the same names instead.
89 * "old style" dissector functions (that don't return number of bytes
90 used) have been replaced in name with the "new style" dissector
93 * tvb_get_string and tvb_get_stringz have been replaced with
94 tvb_get_string_enc and tvb_get_stringz_enc respectively.
99 Wireshark source code and installation packages are available from
100 https://www.wireshark.org/download.html.
102 === Vendor-supplied Packages
104 Most Linux and Unix vendors supply their own Wireshark packages. You can
105 usually install or upgrade Wireshark using the package management system
106 specific to that platform. A list of third-party packages can be found
107 on the https://www.wireshark.org/download.html#thirdparty[download page]
108 on the Wireshark web site.
112 Wireshark and TShark look in several different locations for preference
113 files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary
114 from platform to platform. You can use About→Folders to find the default
115 locations on your system.
119 Dumpcap might not quit if Wireshark or TShark crashes.
122 The BER dissector might infinitely loop.
125 Capture filters aren't applied when capturing from named pipes.
128 Filtering tshark captures with read filters (-R) no longer works.
131 Resolving (ws-buglink:9044[]) reopens (ws-buglink:3528[]) so that Wireshark
132 no longer automatically decodes gzip data when following a TCP stream.
134 Application crash when changing real-time option.
137 Hex pane display issue after startup.
140 Packet list rows are oversized.
143 Wireshark and TShark will display incorrect delta times in some cases.
146 The 64-bit version of Wireshark will leak memory on Windows when the display
147 depth is set to 16 bits (ws-buglink:9914[])
149 Wireshark should let you work with multiple capture files. (ws-buglink:10488[])
151 Dell Backup and Recovery (DBAR) makes many Windows applications crash,
152 including Wireshark. (ws-buglink:12036[])
156 Community support is available on https://ask.wireshark.org/[Wireshark's
157 Q&A site] and on the wireshark-users mailing list. Subscription
158 information and archives for all of Wireshark's mailing lists can be
159 found on https://www.wireshark.org/lists/[the web site].
161 Official Wireshark training and certification are available from
162 http://www.wiresharktraining.com/[Wireshark University].
164 == Frequently Asked Questions
166 A complete FAQ is available on the
167 https://www.wireshark.org/faq.html[Wireshark web site].