include::attributes.asciidoc[] = Wireshark {wireshark-version} Release Notes // AsciiDoc quick reference: http://powerman.name/doc/asciidoc This is a semi-experimental release intended to test new features for Wireshark 2.6. == What is Wireshark? Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education. == What's New //=== Bug Fixes //The following bugs have been fixed: //* ws-buglink:5000[] //* ws-buglink:6000[Wireshark bug] //* cve-idlink:2014-2486[] //* Wireshark convinced you to switch seats on the plane while neglecting to tell you that its seat was noticeably moist. //_Non-empty section placeholder._ === New and Updated Features The following features are new (or have been significantly updated) since version 2.4.0: * Add color support for TShark with --color option (non-Windows only) * TCP Analysis will detect and flag more spurious retransmissions. * The "matches" display filter operator is now case-insensitive. * Display expression (button) preferences have been converted to a UAT. This puts the display expressions in their own file. Wireshark still supports preference files that contain the old preferences, but new preference files will be written without the old fields. * Support for user-editable "enterprises" file in the personal config dir (overriding system file). //=== Removed Dissectors //=== New File Format Decoding Support === New Protocol Support // Add one protocol per line between the --sort-and-group-- delimiters. --sort-and-group-- LoRaTap LoRaWAN ISOBUS --sort-and-group-- === Updated Protocol Support Too many protocols have been updated to list here. === New and Updated Capture File Support _Non-empty section placeholder._ // Add one file type per line between the --sort-and-group-- delimiters. --sort-and-group-- --sort-and-group-- === New and Updated Capture Interfaces support _Non-empty section placeholder._ --sort-and-group-- LoRaTap --sort-and-group-- //=== Major API Changes == Getting Wireshark Wireshark source code and installation packages are available from https://www.wireshark.org/download.html. === Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the https://www.wireshark.org/download.html#thirdparty[download page] on the Wireshark web site. == File Locations Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system. == Known Problems Dumpcap might not quit if Wireshark or TShark crashes. (ws-buglink:1419[]) The BER dissector might infinitely loop. (ws-buglink:1516[]) Capture filters aren't applied when capturing from named pipes. (ws-buglink:1814[]) Filtering tshark captures with read filters (-R) no longer works. (ws-buglink:2234[]) Application crash when changing real-time option. (ws-buglink:4035[]) Wireshark and TShark will display incorrect delta times in some cases. (ws-buglink:4985[]) Wireshark should let you work with multiple capture files. (ws-buglink:10488[]) Dell Backup and Recovery (DBAR) makes many Windows applications crash, including Wireshark. (ws-buglink:12036[]) == Getting Help Community support is available on https://ask.wireshark.org/[Wireshark's Q&A site] and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on https://www.wireshark.org/lists/[the web site]. Official Wireshark training and certification are available from http://www.wiresharktraining.com/[Wireshark University]. == Frequently Asked Questions A complete FAQ is available on the https://www.wireshark.org/faq.html[Wireshark web site].