Wireshark is the world's foremost network protocol analyzer, and is the de facto standard across many industries and educational institutions.
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Read/write many different capture file formats
- Capture files compressed with gzip can be decompressed on the fly
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Coloring rules can be applied to the packet list for quick, intuitive analysis
- Output can be exported to XML, PostScript®, CSV, or plain text
# The following bugs have been fixed:
* Assertion failed when doing File->Quit->Save during live capture.
* Wrong PCEP XRO sub-object decoding.
* Wireshark window takes very long time to show up if invalid network file path is at recent file list
* Decoding [Status Records] Timestamp Sequence Field in Bundle Protocol fails if over 32 bits.
* ISUP party number dissection.
* wireshark-1.4.2 crashes when testing the example python dissector because of a dissector count assertion.
* Ethernet packets with both VLAN tag and LLC header no longer displayed correctly.
* SLL encapsuled 802.1Q VLAN is not dissected.
* Wireshark crashes when attempting to open a file via drag & drop when there's already a file open.
* Adding and removing custom HTTP headers requires a restart.
* Can't read full 64-bit SNMP values.
* Dissection fails for frames with Gigamon Header and VLAN.
* RTP Stream Analysis does not work for TURN-encapsulated RTP.
* packet-csn1.c doesn't process CSN_CHOICE entries properly.
* BACnet property time-synchronization-interval (204) name shown incorrectly as time-synchronization-recipients.
* GUI crash on invalid IEEE 802.11 GAS frame.
* [ASN.1 PER] Incorrect decoding of BIT STRING type.
* ICMPv6 router advertisement Prefix Information Flag R "Router Address" missing.
* Export -> Object -> HTTP -> save all: Error on saving files.
* Inner tag of 802.1ad frames not parsed properly.
* Added cursor type decoding to MySQL dissector.
* Incorrect identification of UDP-encapsulated NAT-keepalive packets.
* WPA IE pairwise cipher suite dissector uses incorrect value_string list.
* S1AP protocol can't decode IPv6 transportLayerAddress.
* RTPS2 dissector doesn't handle 0 in the octestToNextHeader field.
* packet-ajp13 fix, cleanup, and enhancement.
* Network Instruments Observer file format bugs.
* Wireshark crashes when using "Open Recent" 2 times in a row.
* Wireshark packet_gsm-sms, display bug: Filler bits in TP-User Data Header.
* wireshark unable to decode NetFlow options which have system scope size != 4 bytes.
* Display filter Expression Dialog Box Error.
* text_import_scanner.l missing.
# Updated Protocol Support
* AJP13, ASN.1 PER, BACnet, CSN.1, DTN, Ethernet, ICMPv6, IEEE 802.11, IEEE 802.1q, Infiniband, IPsec, MySQL, PCEP, PN-RT, RTP, S1AP, SSL
# New and Updated Capture File Support
* Endace ERF.