ProHoster > Blog > internet news > Wireshark 3.2 network analyzer release

Wireshark 3.2 network analyzer release

Took place release of a new stable branch of the network analyzer Wireshark 3.2. Recall that the project was originally developed under the name Ethereal, but in 2006 due to a conflict with the owner of the Ethereal trademark, the developers were forced to rename the project to Wireshark.

Key innovations Wireshark 3.2.0:

  • For HTTP / 2, support for the streaming mode of packet reassembly (reassembly) is implemented.
  • Added support for importing profiles from zip archives or from existing directories in the FS.
  • Added support for decompressing HTTP/HTTP2 sessions that use the Brotli compression algorithm.
  • Added the ability to compose in drag&drop mode by dragging the mouse fields into the header to create a column for this field or into the input area of ​​the display filter to create a new filter. To create a new filter for a column element, the element can now simply be dragged into the display filter area.
  • The assembly system implements a check for installing the SpeexDSP library into the system (if this library is not available, the built-in implementation of the Speex codec handler is used).
  • Provided the ability to decrypt WireGuard tunnels using keys built into the pcapng dump, in addition to the existing key log settings.
  • Added an action to extract credentials from a captured traffic file, called via the "-z credentials" option in tshark or via the "Tools > Credentials" menu in Wireshark.
  • Added support for splitting files based on fractional spacing values ​​in Editcap;
  • In the "Enabled Protocols" dialog, you can now enable, disable, and invert protocols only based on the selected filter. The protocol type can also be determined based on the filter value.
  • Added support for dark theme for macOS. Improved dark theme support for other platforms.
  • The package list and detail menus provided in the "Analyze > Apply as Filter" and "Analyze > Prepare a Filter" actions provide a preview of the respective filters.
  • Protobuf (*.proto) files can now be configured to parse serialized Protobuf data such as gRPC.
  • Added the ability to parse a gRPC stream method message using the HTTP2 stream rebuild feature.
  • Added support for protocols:
    • 3GPP BICC MST (BICC-MST),
    • 3GPP log packet (LOG3GPP),
    • 3GPP/GSM Cell Broadcast Service Protocol (cbsp),
    • Bluetooth Mesh Beacon,
    • Bluetooth Mesh PB-ADV,
    • Bluetooth Mesh Provisioning PDU,
    • Bluetooth Mesh Proxy,
    • CableLabs Layer-3 Protocol IEEE EtherType 0xb4e3 (CL3),
    • DCOM IProvideClassInfo,
    • DCOM ITypeInfo,
    • Diagnostic Log and Trace (DLT),
    • Distributed Replicated Block Device (DRBD),
    • Dual Channel WiFi (CL3DCW),
    • EBHSCR Protocol (EBHSCR),
    • EERO Protocol (EERO),
    • evolved Common Public Radio Interface (eCPRI),
    • File Server Remote VSS Protocol (FSRVP),
    • FTDI FT USB Bridging Devices (FTDI FT),
    • Graylog Extended Log Format over UDP (GELF), GSM/3GPP CBSP (Cell ***Broadcast Service Protocol),
    • Linux net_dm (network drop monitor),
    • MIDI System Exclusive DigiTech (SYSEX DigiTech),
    • Network Controller Sideband Interface (NCSI),
    • NR Positioning Protocol A (NRPPa) TS 38.455,
    • NVM Express over Fabrics for TCP (nvme-tcp),
    • OsmoTRX Protocol (GSM Transceiver control and data),
    • Scalable service-oriented Middleware over IP (SOME/IP)

Source: opennet.ru

Add a comment