Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.
Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.
Wireshark 2.0.0rc2 has been released. This is the second release candidate for Wireshark 2.0. Installers for Windows, OS X, and source code are now available.
The following features are new (or have been significantly updated) since version 2.0.0rc1:
- For new installations on UN*X, the directory for user preferences is $HOME/.config/wireshark rather than $HOME/.wireshark. If that directory is absent, preferences will still be found and stored under $HOME/.wireshark.
- Qt port:
- The SIP Statistics dialog has been added.
- You can now create filter expressions from the display filter toolbar.
- Bugs in the UAT prefererences dialog has been fixed.
- Several dissector and Qt UI crash bugs have been fixed.
- Problems with the Mac OS X application bundle have been fixed.
The following features are new (or have been significantly updated) since version 1.99.9:
- Qt port:
- The LTE RLC Graph dialog has been added.
- The LTE MAC Statistics dialog has been added.
- The LTE RLC Statistics dialog has been added.
- The IAX2 Analysis dialog has been added.
- The Conversation Hash Tables dialog has been added.
- The Dissector Tables dialog has been added.
- The Supported Protocols dialog has been added.
- You can now zoom the I/O and TCP Stream graph X and Y axes independently.
- The RTP Player dialog has been added.
- Several memory leaks have been fixed.
Changes in Wireshark 2.0
Capture options. Capture options have been simplified and consolidated. In 1.12 they are spread out in many places across several windows. In 2.0 they are in two places: the Capture Options dialog (Capture→Options or the “gear” icon in the toolbar) and the Manage Interfaces dialog, which you can open by pressing “Manage Interfaces” in the Capture Options dialog.
Streamlined preferences. Preferences windows usually aren’t something to get excited about and this is no exception, but it’s important to note that in the process of removing clutter some preferences have been removed from the main window. They’re still available in the “Advanced” preference section which lists every available preference item.
Translations. Thanks to the hard work of many contributors the new interface supports multiple languages. You can now select between Chinese, English, French, German, Italian, Japanese, and Polish in the “Appearance” preferences section. Many more translations are underway. You can see the status the translation efforts and help out with the effort at https://www.transifex.com/wireshark/wireshark/.
Related packets. As you scroll through the packet list you might notice little symbols pop up along its left edge. For example, you might see left and right arrows for DNS requests and Replies, or a check mark to denote an ACKed TCP packet. These are related packets. This exposes some plumbing we’ve had in place for a long time, but it’s now shown in the main window instead of buried deep in the packet detail tree.
Intelligent scrollbar. As you scroll through the packet list you might notice that the scroll bar itself looks odd. It now features a map of nearby packets, similar to the “minimap” available in many modern text editors. The number of packets shown in the map is the same as the number of physical vertical pixels in your scrollbar. The more pixels you have, the more packets you can see. In other words, if you use Wireshark regularly you now have a legitimate business case for a retina display.
Statistics dialogs. The dialogs under the Statistics and Telephony menus have seen many improvements. The backend code has been consolidated so that most of Wireshark’s statistics now share common internal logic. This in turn let us create common UI code with many workflow improvements and a much more consistent interface.
I/O Graph dialog. You can now graph as many items as you like and save graphs as PDF, PNG, JPEG, and BMP. Graph settings stay with your profile so you can customize them for multiple environments.
Follow Stream dialog. You can now switch between streams and search for text.
General dialogs. Many dialogs now have context-aware hints. For example the I/O Graph and Follow Stream dialogs will tell you which packet corresponds to the graph or stream data under your cursor. Most of them will stay open after you close a capture file so that you can compare statistics or graphs between captures.
No comments:
Post a Comment