<!--
Wireshark Info
-->
- <!ENTITY WiresharkCurrentVersion "0.99.7">
+ <!ENTITY WiresharkCurrentVersion "1.5.0">
]>
<section id="WhatIs"><title>What is Wireshark?</title>
<para>
Wireshark is the world's most popular network protocol analyzer. It
- is used for troubleshooting, analysis, development, and education.
+ is used for troubleshooting, analysis, development and education.
</para>
</section>
<section id="WhatsNew"><title>What's New</title>
- <section><title>Bug Fixes</title>
+ <section id="BugFixes"><title>Bug Fixes</title>
+
<para>
- The following vulnerabilities have been fixed. See the
- <ulink url="http://www.wireshark.org/security/wnpa-sec-2007-02.html">security advisory</ulink> for details and a workaround.
+ The following bugs have been fixed:
+
+ <itemizedlist>
+
+ <listitem><para>
+ Wireshark is unresponsive when capturing from named pipes on Windows.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1759">Bug
+ 1759</ulink>)
+ </para></listitem>
+
+ </itemizedlist>
+
+ </para>
+
+ </section>
+
+ <section id="NewFeatures"><title>New and Updated Features</title>
+ <para>
+ The following features are new (or have been significantly updated)
+ since version 1.2:
<itemizedlist>
<listitem>
<para>
- Wireshark could crash when reading an MP3 file.
- <!-- Fixed in r22261 -->
- <!-- (Bug <ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=???">???</ulink>) -->
+ The packet list internals have been rewritten and are now more
+ efficient.
</para>
- <para>Versions affected: 0.99.6</para>
+ </listitem>
+
+ <listitem>
<para>
- <!-- <ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-????">CVE-2007-????</ulink> -->
+ Columns are easier to use. You can add a protocol field as a column
+ by right-clicking on its packet detail item, and you can adjust
+ some column preferences by right-clicking the column header.
</para>
</listitem>
- </itemizedlist>
-
- </para>
+ <listitem>
+ <para>
+ Preliminary Python scripting support has been added.
+ </para>
+ </listitem>
- <para>
+ <listitem>
+ <para>
+ Many memory leaks have been fixed.
+ </para>
+ </listitem>
- The following bugs have been fixed:
+ <listitem>
+ <para>
+ Wireshark no longer supports Windows 2000. Please use
+ Wireshark 1.2 or 1.0 on those systems.
+ </para>
+ </listitem>
- <itemizedlist>
+ <listitem>
+ <para>
+ Packets can now be ignored (excluded from dissection), similar to
+ the way they can be marked.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Manual IP address resolution is now supported.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Columns with seconds can now be displayed as hours, minutes and
+ seconds.
+ </para>
+ </listitem>
- </itemizedlist>
- </para>
+ <listitem>
+ <para>
+ You can now set the capture buffer size on UNIX and Linux if you have
+ libpcap 1.0.0 or greater.
+ </para>
+ </listitem>
- </section>
+ <listitem>
+ <para>
+ TShark no longer needs elevated privileges on UNIX or Linux to list
+ interfaces. Only dumpcap requires privileges now.
+ </para>
+ </listitem>
- <section><title>New and Updated Features</title>
- <para>
- The following features are new (or have been significantly updated)
- since the last release:
+ <listitem>
+ <para>
+ Wireshark and TShark can enable 802.11 monitor mode directly if you
+ have libpcap 1.0.0 or greater.
+ </para>
+ </listitem>
- <itemizedlist>
+ <listitem>
+ <para>
+ Play the RTP stream directly from the RTP Analysis.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Capinfos and editcap now respectively support time order checking
+ and forcing.
+ </para>
+ </listitem>
</itemizedlist>
+
</para>
</section>
- <section><title>New Protocol Support</title>
+ <section id="NewProtocols"><title>New Protocol Support</title>
<para>
</para>
</section>
- <section><title>Updated Protocol Support</title> <para>
+ <section id="UpdatedProtocols"><title>Updated Protocol Support</title> <para>
</para>
</section>
- <section><title>New and Updated Capture File Support</title>
+ <section id="NewCapture"><title>New and Updated Capture File Support</title>
<para>
</para>
<section id="GettingWireshark"><title>Getting Wireshark</title>
<para>
Wireshark source code and installation packages are available from
- the <ulink url="http://www.wireshark.org/download.html">download
- page</ulink> on the main web site.
+ <ulink url="http://www.wireshark.org/download.html">http://www.wireshark.org/download.html</ulink>.
</para>
- <section><title>Vendor-supplied Packages</title>
+ <section id="VendorPackages"><title>Vendor-supplied Packages</title>
<para>
- Most Linux and Unix vendors supply their own Wireshark packages.
- You can usually install or upgrade Wireshark using the package management
- system specific to that platform. A list of third-party packages
- can be found on the
- <ulink url="http://www.wireshark.org/download.html#otherplat">download page</ulink> on the Wireshark web site.
+ Most Linux and Unix vendors supply their own Wireshark packages.
+ You can usually install or upgrade Wireshark using the package management
+ system specific to that platform. A list of third-party packages
+ can be found on the
+ <ulink url="http://www.wireshark.org/download.html#thirdparty">download page</ulink>
+ on the Wireshark web site.
</para>
</section>
<section id="KnownProblems"><title>Known Problems</title>
<para>
- The <guibutton>Filter</guibutton> button is nonfunctional in the
- file dialogs under Windows.
- (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=942">Bug
- 942</ulink>)
+ Wireshark may appear offscreen on multi-monitor Windows systems.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=553">Bug
+ 553</ulink>)
+ </para>
+
+ <para>
+ Wireshark might make your system disassociate from a wireless network
+ on OS X 10.4.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1315">Bug
+ 1315</ulink>)
+ </para>
+
+ <para>
+ Dumpcap might not quit if Wireshark or TShark crashes.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419">Bug
+ 1419</ulink>)
+ </para>
+
+ <para>
+ The BER dissector might infinitely loop.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516">Bug
+ 1516</ulink>)
+ </para>
+
+ <para>
+ Capture filters aren't applied when capturing from named pipes.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814">Bug
+ 1814</ulink>)
+ </para>
+
+ <para>
+ Filtering tshark captures with display filters (-R) no longer works.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234">Bug
+ 2234</ulink>)
+ </para>
+
+ <para>
+ The 64-bit Windows installer does not ship with the same libraries as the
+ 32-bit installer.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3610">Bug
+ 3610</ulink>)
+ </para>
+
+ <para>
+ Application crash when changing real-time option.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035">Bug
+ 4035</ulink>)
+ </para>
+
+ <para>
+ Hex pane display issue after startup.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056">Bug
+ 4056</ulink>)
+ </para>
+
+ <para>
+ Crash when sorting column while capturing.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4273">Bug
+ 4273</ulink>)
+ </para>
+
+ <para>
+ Packet list rows are oversized.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357">Bug
+ 4357</ulink>)
+ </para>
+
+ <para>
+ Summary pane selected frame highlighting not maintained.
+ (<ulink url="http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445">Bug
+ 4445</ulink>)
</para>
</section>
web site</ulink>.
</para>
<para>
- Commercial support, training, and development services are available
- from <ulink url="http://www.cacetech.com/">CACE Technologies</ulink>.
+ Commercial support is available from
+ <ulink url="http://www.cacetech.com/products/sharknet.html">CACE Technologies</ulink>.
+ </para>
+ <para>
+ Training is available from
+ <ulink url="http://www.wiresharktraining.com/">Wireshark University</ulink>.
</para>
</section>