ProHoster > Ibhulogi > iindaba ze-intanethi > Ukukhutshwa kwe-Wireshark 3.6 yenethiwekhi ye-analyzer

Ukukhutshwa kwe-Wireshark 3.6 yenethiwekhi ye-analyzer

Emva konyaka wophuhliso, isebe elitsha elizinzileyo le-Wireshark 3.6 network analyzer yakhululwa. Masikhumbule ukuba le projekthi yaqala ukuphuhliswa phantsi kwegama elithi Ethereal, kodwa ngo-2006, ngenxa yokungqubuzana nomnini we-trademark ye-Ethereal, abaphuhlisi baphoqeleka ukuba babize igama leprojekthi ye-Wireshark. Ikhowudi yeprojekthi isasazwa phantsi kwelayisensi ye-GPLv2.

Izinto ezintsha eziphambili kwiWireshark 3.6.0:

  • Utshintsho lwenziwe kwi-syntax yemithetho yokucoca i-traffic:
    • Inkxaso eyongeziweyo yesintaksi "a ~= b" okanye "a any_ne b" ukukhetha naliphi na ixabiso ngaphandle kwelinye.
    • Inkxaso eyongeziweyo ye-syntax ethi "a not in b", efana nefuthe elithi "not a in b".
    • Kuvunyelwe ukucacisa iintambo ngokufanisa kunye neentambo eziluhlaza kwiPython, ngaphandle kwesidingo sokuphepha abalinganiswa abakhethekileyo.
    • Ibinzana elithi "a != b" ngoku lihlala lifana nelithi "!(a == b)" xa lisetyenziswa ngamaxabiso emihlaba emininzi ("ip.addr != 1.1.1.1" ngoku iyafana ne icacisa "ip.src != 1.1.1.1. 1.1.1.1 kunye ne-ip.dst != XNUMX").
    • Izinto zoluhlu oluseti kufuneka ngoku zahlulwe kuphela ngeekoma, ukucandwa ngezithuba akuvumelekanga (o.k.t. umgaqo othi 'http.request.method kwi- {"GET" "HEAD"}' mawufakwe endaweni ka-'http.request.method in {" FUMANA" , "INTLOKO"}'.
  • Kwi-traffic ye-TCP, i-tcp.completeness filter yongezwe, ekuvumela ukuba uhlukanise imilambo ye-TCP ngokusekelwe kwimeko yomsebenzi wokudibanisa, oko kukuthi. Unokwazi ukuchonga ukuhamba kwe-TCP apho iipakethi zatshintshiselwa khona ukuseka, ukudlulisa idatha, okanye ukuphelisa uxhumano.
  • Yongeza "yongeza_default_value" useto, apho unokuchaza amaxabiso angagqibekanga kwimihlaba yeProtobuf engenziwanga landelelwano okanye etsitywayo xa kubanjwa itrafikhi.
  • Inkxaso eyongeziweyo yokufunda iifayile kunye nokubanjwa kwetrafikhi kwifomati yeETW (Umkhondo woMcimbi weWindows). Imodyuli ye-dissector yongezwe kwiipakethe ze-DLT_ETW.
  • Yongezwe "Landela umjelo we-DCCP", ekuvumela ukuba ucofe kwaye ukhuphe umxholo kwimijelo ye-DCCP.
  • Inkxaso eyongeziweyo yokwahlulahlula iipakethi ze-RTP ezinedatha yomsindo kwifomathi ye-OPUS.
  • Kuyenzeka ukurhweba ngaphandle iipakethi ezibanjiweyo ukusuka kwindawo yokulahla okubhaliweyo ukuya kwifomati ye-libpcap ngokucwangcisa imithetho yokwahlulahlula esekwe kumazwi aqhelekileyo.
  • Isidlali somjelo we-RTP (Ifowuni > i-RTP > i-RTP Player) iye yahlengahlengiswa ngokuphawulekayo, enokusetyenziswa ukudlala iifowuni zeVoIP. Inkxaso eyongeziweyo yoluhlu lokudlalwayo, ukunyuka kokuphendula kojongano, kubonelele ngokukwazi ukuthulisa isandi kunye nokutshintsha amajelo, wongeze inketho yokugcina izandi ezidlalwayo ngendlela yeefayile ezininzi ze-.au okanye .wav.
  • Iingxoxo ezinxulumene ne-VoIP zenziwe ngokutsha (Iifowuni zeVoIP, i-RTP Streams, i-RTP Analysis, i-RTP Player kunye ne-SIP Flows), ngoku ayiyo modal kwaye inokuvulwa ngasemva.
  • Ukukwazi ukulandelela iifowuni ze-SIP ngokusekelwe kwixabiso le-Call-ID yongezwe kwincoko ethi "Landela uMsinga". Iinkcukacha ezongeziweyo kwimveliso ye-YAML.
  • Ukukwazi ukudibanisa kwakhona amaqhekeza eepakethi ze-IP ezinee-ID ze-VLAN ezahlukeneyo ziphunyeziwe.
  • Kongezwe isibambi sokwakha kwakhona i-USB (i-USB Link Layer) ipakethe ebanjwe kusetyenziswa i-hardware analyzers.
  • Kongezwe "--export-tls-session-keys" ukhetho kwi-TShark ukuthumela ngaphandle izitshixo zeseshoni ye-TLS.
  • Incoko yababini yokuthumela ngaphandle kwifomathi ye-CSV itshintshiwe kuhlalutyi lomsinga we-RTP
  • Ukuqulunqwa kweepakethi zeenkqubo ezisekelwe kwi-macOS ezixhotyiswe nge-Apple M1 ARM chip sele iqalile. Iipakethi zezixhobo ze-Apple ezineetshiphusi ze-Intel ziye zanda iimfuno zohlobo lwe-macOS (10.13+). Kongezwe iipakethe eziphathwayo ze-64-bit zeWindows (PortableApps). Inkxaso yokuqala eyongeziweyo yokwakha iWireshark yeeWindows usebenzisa iGCC kunye neMinGW-w64.
  • Inkxaso eyongeziweyo ye-decoding kunye nokubamba idatha kwi-BLF (Informatik Binary Log File) ifomathi.
  • Inkxaso eyongeziweyo yeeprothokholi:
    • IProtokholi yoMphathi weBluetooth (BT LMP),
    • I-Bundle Protocol version 7 (BPv7),
    • I-Bundle Protocol version 7 Security (BPSec),
    • Ukusayinwa kweNto ye-CBOR kunye noFihlo (COSE),
    • I-E2 Application Protocol (E2AP),
    • Ukulandelela uMnyhadala weWindows (ETW),
    • Intloko ye-Eth eyongezelelweyo eyongezelelweyo (EXEH),
    • ITracer yoQhagamshelwano oluPhezulu (HiPerConTracer),
    • I-ISO 10681,
    • I-Kerberos THETHA,
    • iprotocol ye-psample ye-linux,
    • Uthungelwano loNxibelelwano lweNdawo (LIN),
    • Microsoft Task Scheduler Service,
    • O-RAN E2AP,
    • O-RAN fronthaul UC-plane (O-RAN),
    • I-Opus Interactive Audio Codec (OPUS),
    • IProthokholi yezoThutho yePDU, R09.x (R09),
    • IProtokholi yeRDP Dynamic Channel (DRDYNVC),
    • IProtokholi yesitishi soMzobo weRDP (EGFX),
    • I-RDP Multi-transport (RDPMT),
    • Upapasho lwexesha lokwenyani-Bhalisa uThutho oluNgcono (RTPS-VT),
    • Ixesha elililo lokuPapasha-Bhalisa iProtokholi yocingo (iyalungiswa) (RTPS-PROC),
    • Unxibelelwano lweMemori ekwabelwanayo ngayo (SMC),
    • Umqondiso wePDU, iSparkplugB,
    • IProtokholi yoNgqamaniso yeSizwe (SSyncP),
    • Ifomathi yoMfanekiso ophawulweyo (TIFF),
    • I-TP-Link Smart Home Protocol,
    • UAVCAN DSDL,
    • UAVCAN / CAN,
    • IProtokholi yeDesktop ekude ye-UDP (RDPUDP),
    • Van Jacobson PPP uxinzelelo (VJC),
    • Ihlabathi lehlabathi leWarcraft (WOWW),
    • X2 xIRI umvuzo wokuhlawula (xIRI).

umthombo: opennet.ru

Yongeza izimvo