Ukukhutshwa kwesebe elitsha elizinzileyo lomhlalutyi womnatha we-Wireshark 4.0 kupapashwe. Masikhumbule ukuba le projekthi yaqala ukuphuhliswa phantsi kwegama elithi Ethereal, kodwa ngo-2006, ngenxa yokungqubuzana nomnini we-trademark ye-Ethereal, abaphuhlisi baphoqeleka ukuba babize igama leprojekthi ye-Wireshark. Ikhowudi yeprojekthi isasazwa phantsi kwelayisensi ye-GPLv2.
Izinto ezintsha eziphambili kwiWireshark 4.0.0:
- Ubeko lwezinto kwifestile engundoqo lutshintshiwe. ULwazi lwePakethi eyongezelelweyo kunye neepaneli zePakethi zePakethi zibekwe ngapha nangapha ngaphantsi kwephaneli yoLuhlu lwePhakeji.
- Uyilo lwebhokisi yencoko ethi "Incoko" kunye ne "Endpoint" itshintshiwe.
- Iinketho ezongeziweyo kwiimenyu zomxholo ukubuyisela ubungakanani kwakhona kuzo zonke iikholamu kunye nokukopa izinto.
- Ukukwazi ukuqhafaza kwaye uncamathisele iithebhu unikiwe.
- Inkxaso eyongeziweyo yokuthumela ngaphandle ngefomathi ye-JSON.
- Xa izihluzi zisetyenziswa, kuboniswa iikholamu ezibonisa umahluko phakathi kweepakethi ezidityanisiweyo nezo zingahluzwanga.
- Ukuhlelwa kweentlobo ezahlukeneyo zedatha kutshintshiwe.
- Izazisi ziqhotyoshelwe kwimijelo ye-TCP kunye ne-UDP kunye nokukwazi ukucoca ngabo kunikezelwa.
- Ivumelekile ukufihla iingxoxo kwimenyu yentsingiselo.
- Ukungeniswa okuphuculweyo kokulahla i-hex kwi-interface ye-Wireshark kunye nokusebenzisa umyalelo we-text2pcap.
- I-text2pcap inika amandla okurekhoda ukulahla kuzo zonke iifomati ezixhaswa yilayibrari ye-wiretap.
- Kwi-text2pcap, i-pcapng imiselwe njengefomati engagqibekanga, efana ne-editcap, i-mergecap kunye ne-tshark utility.
- Inkxaso eyongeziweyo yokukhetha uhlobo lwe-encapsulation yefomathi yemveliso.
- Kongezwe iinketho ezintsha zokungena.
- Ukubonelela ngokukwazi ukugcina i-IP ye-dummy, i-TCP, i-UDP kunye ne-SCTP iintloko kwiindawo zokulahla xa usebenzisa i-Raw IP, i-Raw IPv4 kunye ne-Raw IPv6 encapsulation.
- Inkxaso eyongeziweyo yokuskena iifayile zegalelo kusetyenziswa intetho eqhelekileyo.
- Ukusebenza kwe-text2pcap utility kunye ne-interface ethi "Import esuka kwi-Hex Dump" kwi-Wireshark iqinisekisiwe.
- Ukusebenza kokumiselwa kwendawo kusetyenziswa oovimba beenkcukacha zeMaxMind kuphuculwe kakhulu.
- Utshintsho lwenziwe kwi-syntax yemithetho yokucoca i-traffic:
- Ukongezwa amandla okukhetha uluhlu oluthile lwe-protocol stack, umzekelo, xa ufaka i-IP-over-IP, ukukhupha iidilesi kwiipakethi zangaphandle kunye ne-nested, ungacacisa "ip.addr#1 == 1.1.1.1" kunye " ip.addr#2 == 1.1.1.2. XNUMX".
- Iingxelo ezinemiqathango ngoku zixhasa "nayiphi na" kunye "yonke" i-quantifiers, umzekelo "yonke i-tcp.port > 1024" ukuvavanya zonke iindawo ze-tcp.port.
- Kukho i-syntax eyakhelwe-ngaphakathi yokuchaza izingqinisiso zentsimi - ${some.field}, ephunyezwe ngaphandle kokusetyenziswa kweemacros.
- Kongezwe ukukwazi ukusebenzisa imisebenzi ye-arithmetic ("+", "-", "*", "/", "%") ngamabala amanani, ukwahlula intetho kunye neebrayisi ezigobileyo.
- Idityanisiwe max(), min() kunye abs() imisebenzi.
- Ivumelekile ukukhankanya iintetho kunye nokubiza eminye imisebenzi njengeengxoxo zokusebenza.
- Kongezwe i-syntax entsha ukwahlula i-literals from i-identifiers - ixabiso eliqala ngechaphaza liphathwa njengeprothokholi okanye indawo yeprothokholi, kwaye ixabiso elingaphakathi kwezibiyeli ze-engile liphathwa njengelingokoqobo.
- I-bit operator eyongeziweyo "&", umzekelo, ukutshintsha amasuntswana ngamanye ungakhankanya "isakhelo[0] & 0x0F == 3".
- Ukuqala kwengqiqo KUNYE nomsebenzi ngoku kuphezulu kunoko OKANYE nomsebenzisi.
- Inkxaso eyongeziweyo yokuchaza izinto ezingaguqukiyo kwimo yokubini kusetyenziswa isimaphambili "0b".
- Ukongeza ukukwazi ukusebenzisa amaxabiso esalathiso angalunganga wokunika ingxelo ukusuka ekupheleni, umzekelo, ukujonga iibyte ezimbini zokugqibela kwi-header ye-TCP ungacacisa "tcp[-2:] == AA:BB".
- Ukwahlula izakhi zeseti enezithuba akuvumelekanga; ukusebenzisa izithuba endaweni yeekoma ngoku kuya kukhokelela kwimpazamo kunesilumkiso.
- Kongezwe ulandelelwano lokubaleka olongezelelweyo: \a, \b, \f, \n, \r, \t, \v.
- Kongezwe ukukwazi ukukhankanya amagama e-Unicode kwi-\uNNNN kunye \UNNNNNNNNN iifomati.
- Kongezwe umqhubi omtsha wothelekiso "===" ("all_eq"), osebenza kuphela ukuba kwintetho "a === b" onke amaxabiso "a" adibana no "b". Umsebenzisi obuyela umva "!==" ("any_ne") naye wongeziwe.
- I-"~=" umsebenzisi uyekisiwe kwaye "!==" kufuneka isetyenziswe endaweni yoko.
- Akuvumelekile ukusebenzisa amanani anechaphaza elivulekileyo, okt. amaxabiso ".7" kunye "7." ngoku azikho mthethweni kwaye endaweni yazo kufuneka kufakwe "0.7" kunye "7.0".
- I-injini yokubonakalisa rhoqo kwi-injini yesihluzi sokubonisa isiwe kwithala leencwadi le-PCRE2 endaweni ye-GRegex.
- Ukuphathwa ngokuchanekileyo kwe-null bytes kumiliselwa kwimitya yokubonisa rhoqo kunye neetemplates (β\0β kumtya iphathwa njenge-null byte).
- Ukongeza kwi-1 kunye ne-0, amaxabiso e-boolean ngoku angabhalwa njengeNyaniso/YINYANISO kunye noBubuxoki/BUBUXOKI.
- Imodyuli ye-HTTP2 ye-dissector yongeze inkxaso yokusebenzisa iiheader ze-dummy ukucazulula idatha ebanjwe ngaphandle kweepakethi zangaphambili ezineentloko (umzekelo, xa usasaza imiyalezo kuqhagamshelwano olusele lusekiwe lwe-gRPC).
- Inkxaso yeMesh Connex (MCX) yongezwe kwi-IEEE 802.11 parser.
- Ugcino lwexeshana (ngaphandle kokugcina kwidiski) lwegama lokugqitha kwincoko yababini ye-Extcap linikiwe, ukwenzela ukuba ungayingenisi ngexesha lophehlelelo oluphindaphindiweyo. Yongeza ukukwazi ukuseta igama lokugqitha le extcap ngokusebenzisa izinto eziluncedo zomgca womyalelo ezifana netshark.
- I-ciscodump utility iphumeza ukukwazi ukubamba ukude ukusuka kwizixhobo ezisekelwe kwi-IOS, i-IOS-XE kunye ne-ASA.
- Inkxaso eyongeziweyo yeeprothokholi:
- Ukufunyanwa kwe-Allied Telesis Loop (AT LDF),
- I-AUTOSAR I-PDU Multiplexer (AUTOSAR I-PduM),
- Ukhuseleko lweProtocol ye-DTN Bundle (BPSec),
- DTN Bundle Protocol Version 7 (BPv7),
- I-DTN TCP Convergence Layer Protocol (TCPCL),
- Itheyibhile yoLwazi loKhetho lweDVB (DVB SIT),
- IsiNxibelelwano sokuRhweba ngeMali eyongeziweyo 10.0 (XTI),
- Ujongano Lwencwadi Yomyalelo Olongeziweyo 10.0 (EOBI),
- IsiNxulumaniso soRhwebo 10.0 (ETI),
- IProtokholi yoFikelelo lweLifa le-FiveCo (5co-legacy),
- IProtokholi yokuGqithisela ngeDatha eNxibeleleyo (GDT),
- IWebhu ye-gRPC (gRPC-Web),
- IProtokholi yoLungiso lwe-IP yoMmkeli (HICP),
- IHuawei GRE bonding (GREbond),
- Imodyuli yoNxibelelwano lweNdawo (IDENT, CALIBRATION, ISAMPULI -IM1, ISAMPULI -IM2R0),
- I-Mesh Connex (MCX),
- Microsoft Cluster Remote Control Protocol (RCP),
- Vula iProtocol yoLawulo ye-OCA/AES70 (OCP.1),
- iProtocol Extensible Authentication Protocol (PEAP)
- I-REdis Serialization Protocol v2 (RESP),
- I-Roon Discovery (i-RoonDisco),
- Khusela iProtokholi yokuGqithisela iFayile (sftp),
- Ukhuseleko lweProtokholi yoLungiso lwe-IP (SHICP),
- I-SSH File Transfer Protocol (SFTP),
- I-USB eqhotyoshelwe kwi-SCSI (UASP),
- I-ZBOSS Network Coprocessor (ZB NCP).
- Iimfuno zendawo yokwakha (CMake 3.10) kunye nokuxhomekeka (GLib 2.50.0, Libgcrypt 1.8.0, Python 3.6.0, GnuTLS 3.5.8) zonyusiwe.
umthombo: opennet.ru