I-ProHoster > Блог > izindaba ze-inthanethi > Ukukhishwa kokuhlaziya inethiwekhi ye-Wireshark 4.0

Ukukhishwa kokuhlaziya inethiwekhi ye-Wireshark 4.0

Ukukhishwa kwegatsha elisha elizinzile le-Wireshark 4.0 network analyzer kushicilelwe. Masikhumbule ukuthi iphrojekthi yaqalwa ngaphansi kwegama elithi Ethereal, kodwa ngo-2006, ngenxa yokungqubuzana nomnikazi we-trademark ye-Ethereal, abathuthukisi baphoqeleka ukuba baqambe kabusha iphrojekthi i-Wireshark. Ikhodi yephrojekthi isatshalaliswa ngaphansi kwelayisensi ye-GPLv2.

Izinto ezintsha ezibalulekile ku-Wireshark 4.0.0:

  • Isakhiwo sezinto efasiteleni elikhulu sishintshiwe. Ulwazi Lwephakethe Olwengeziwe kanye namaphaneli e-Packet Bytes atholakala ngapha nangapha ngaphansi kwephaneli Yohlu Lwephakheji.
  • Idizayini yebhokisi lebhokisi elithi “Ingxoxo” kanye “Nephoyinti lokugcina” ishintshiwe.
    • Kungezwe izinketho kumamenyu wokuqukethwe ukuze ushintshe usayizi wawo wonke amakholomu futhi ukopishe izinto.
    • Ikhono lokususa ukuphina nokunamathisela amathebhu linikeziwe.
    • Kwengezwe usekelo lokuthekelisa ngefomethi ye-JSON.
    • Uma kusetshenziswa izihlungi, amakholomu ayaboniswa abonisa umehluko phakathi kwamaphakethe afaniswe nalawo angazange ahlungwe.
    • Ukuhlungwa kwezinhlobo ezahlukene zedatha kushintshiwe.
    • Izihlonzi zinamathiselwe ekusakazweni kwe-TCP ne-UDP futhi ikhono lokuhlunga ngazo linikeziwe.
    • Ivunyelwe ukufihla izingxoxo kumenyu yokuqukethwe.
  • Ukungenisa okuthuthukisiwe kokulahlwa kwe-hex kusuka kusixhumi esibonakalayo se-Wireshark nokusebenzisa umyalo we-text2pcap.
    • I-text2pcap inikeza amandla okurekhoda ukulahlwa kuwo wonke amafomethi asekelwa umtapo wezincwadi we-wiretap.
    • Ku-text2pcap, i-pcapng isethwe njengefomethi ezenzakalelayo, efana ne-editcap, i-mergecap nezinsiza ze-tshark.
    • Ukwesekwa okungeziwe kokukhetha uhlobo lwefomethi ye-encapsulation yefomethi.
    • Kwengezwe izinketho ezintsha zokungena.
    • Kunikezwe ikhono lokulondoloza izihloko ze-IP, i-TCP, i-UDP ne-SCTP lapho kulahlwa khona lapho usebenzisa i-Raw IP, Raw IPv4 kanye ne-Raw IPv6 encapsulation.
    • Kwengezwe usekelo lokuskena amafayela okufakwayo kusetshenziswa izinkulumo ezijwayelekile.
    • Ukusebenza kwensiza ye-text2pcap kanye nesixhumi esibonakalayo sokuthi "Ngenisa kusuka ku-Hex Dump" ku-Wireshark kuyaqinisekiswa.
  • Ukusebenza kokunqunywa kwendawo kusetshenziswa isizindalwazi se-MaxMind kuye kwathuthukiswa kakhulu.
  • Izinguquko zenziwe ku-syntax yemithetho yokuhlunga kwethrafikhi:
    • Kwengezwe ikhono lokukhetha isendlalelo esithile sesitaki sephrothokholi, isibonelo, lapho uhlanganisa i-IP-over-IP, ukuze ukhiphe amakheli kumaphakethe angaphandle nabekwe esidlekeni, ungacacisa “ip.addr#1 == 1.1.1.1” kanye “ ip.addr#2 == 1.1.1.2. XNUMX".
    • Izitatimende ezinemibandela manje zisekela "noma iziphi" kanye "nazo zonke", isibonelo "all tcp.port > 1024" ukuhlola zonke izinkambu ze-tcp.port.
    • Kukhona i-syntax eyakhelwe ngaphakathi yokucacisa izithenjwa zenkambu - ${some.field}, esetshenziswe ngaphandle kokusetshenziswa kwama-macros.
    • Kwengezwe ikhono lokusebenzisa imisebenzi ye-arithmetic (“+”, “-“, “*”, “/”, “%”) ngezinkambu zezinombolo, ehlukanisa isisho ngezikaki ezigoqekile.
    • Kwengezwe ubuningi (), min() kanye ne-abs() imisebenzi.
    • Ivunyelwe ukucacisa izisho nokubiza eminye imisebenzi njengama-agumenti omsebenzi.
    • Kwengezwe i-syntax entsha ukuze kuhlukaniswe amagama angokoqobo nezihlonzi - inani eliqala ngechashazi libhekwa njengenkambu yephrothokholi noma yephrothokholi, futhi inani elingaphakathi kubakaki be-engeli libhekwa njengelingokoqobo.
    • Kwengezwe i-bit operator “&”, isibonelo, ukuze ushintshe amabhithi angawodwana ungacacisa “uhlaka[0] & 0x0F == 3”.
    • Ukwandulela kwe-opharetha okunengqondo KANYE manje sekungaphezulu kwalokho kwesisebenzisi esingu-OR.
    • Ukwesekwa okwengeziwe kokucacisa okungaguquki kufomu kanambambili kusetshenziswa isiqalo esithi “0b”.
    • Kwengezwe amandla okusebenzisa amanani enkomba anegethivu ekubikeni kusukela ekugcineni, isibonelo, ukuhlola amabhayithi amabili okugcina kunhlokweni ye-TCP ungacacisa “tcp[-2:] == AA:BB”.
    • Ukwehlukanisa izingxenye zesethi enezikhala akuvunyelwe; ukusebenzisa izikhala esikhundleni sikakhefana manje kuzoholela ephutha esikhundleni sesexwayiso.
    • Kwengezwe ukulandelana kokuphunyuka okwengeziwe: \a, \b, \f, \n, \r, \t, \v.
    • Kwengezwe ikhono lokucacisa izinhlamvu ze-Unicode kufomethi ethi \uNNNN kanye \UNNNNNNNN.
    • Kwengezwe u-opharetha wokuqhathanisa omusha “===” (“all_eq”), osebenza kuphela uma enkulumweni ethi “a === b” wonke amanani ka-“a” ehambisana nokuthi “b”. I-opharetha ehlehlayo "!==" ("any_ne") nayo yengeziwe.
    • I-"~=" opharetha yehlisiwe futhi "!==" kufanele isetshenziswe esikhundleni salokho.
    • Akuvunyelwe ukusebenzisa izinombolo ezinechashaza elivulekile, i.e. amanani "".7" kanye "7." manje azisavumelekile futhi kufanele kufakwe u-“0.7” no-“7.0”.
    • Injini yokukhuluma evamile enjinini yokuhlunga isibonisi ihanjiswe kulabhulali ye-PCRE2 esikhundleni se-GRegex.
    • Ukuphatha okulungile kwamabhayithi angenalutho kusetshenziswa kuyunithi yezinhlamvu zesisho ezivamile nezifanekiso ('\0' kuyunithi yezinhlamvu ithathwa njengebhayithi engenalutho).
    • Ngokungeziwe kokuthi 1 kanye no-0, amanani we-boolean manje nawo angabhalwa njengeQiniso/IQINISO nokuthi Amanga/AMAANGA.
  • Imojuli ye-dissector ye-HTTP2 yengeze usekelo lokusebenzisa izihloko ze-dummy ukuhlaziya idatha ethathwe ngaphandle kwamaphakethe wangaphambilini anezihloko (isibonelo, uma udlulisa imilayezo ekuxhumekeni osekuvele sekumisiwe kwe-gRPC).
  • Usekelo lwe-Mesh Connex (MCX) lwengezwe kusihlahleli se-IEEE 802.11.
  • Ukugcinwa kwesikhashana (ngaphandle kokulondoloza kudiski) kwephasiwedi kungxoxo ye-Extcap kunikezwa, ukuze ungayifaki ngesikhathi sokwethulwa okuphindaphindiwe. Kwengezwe amandla okusetha iphasiwedi ye-extcap ngokusebenzisa izinsiza zomugqa womyalo njenge-tshark.
  • Insiza ye-ciscodump isebenzisa ikhono lokuthwebula ukude kusuka kumadivayisi asuselwe ku-IOS, IOS-XE ne-ASA.
  • Ukwesekwa kwephrothokholi eyengeziwe:
    • I-Allied Telesis Loop Detection (AT LDF),
    • I-AUTOSAR I-PDU Multiplexer (AUTOSAR I-PduM),
    • I-DTN Bundle Protocol Security (BPSec),
    • I-DTN Bundle Protocol Version 7 (BPv7),
    • I-DTN TCP Convergence Layer Protocol (TCPCL),
    • I-DVB Selection Information Table (DVB SIT),
    • I-Encented Cash Trading Interface 10.0 (XTI),
    • I-Enhanced Order Book Interface 10.0 (EOBI),
    • Enhanced Trading Interface 10.0 (ETI),
    • I-FiveCo's Legacy Registration Protocol (5co-legacy),
    • I-Generic Data Transfer Protocol (GDT),
    • Iwebhu ye-gRPC (gRPC-Web),
    • Iphrothokholi Yokucushwa Kwe-IP Yokusingatha (HICP),
    • I-Huawei GRE bonding (GREbond),
    • Imojula Yesixhumi Esibonakalayo Sendawo (IDENT, CALIBRATION, AMsampuli - IM1, AMASAMPELA - IM2R0),
    • I-Mesh Connex (MCX),
    • I-Microsoft Cluster Remote Control Protocol (RCP),
    • I-Open Control Protocol ye-OCA/AES70 (OCP.1),
    • Protected Extensible Authentication Protocol (PEAP),
    • I-REdis Serialization Protocol v2 (RESP),
    • I-Roon Discovery (i-RoonDisco),
    • Vikela Iphrothokholi Yokudlulisa Ifayela (sftp),
    • Secure Host IP Configuration Protocol (SHICP),
    • I-SSH File Transfer Protocol (SFTP),
    • I-USB enamathiselwe i-SCSI (UASP),
    • I-ZBOSS Network Coprocessor (ZB NCP).
  • Izimfuneko zendawo yokwakha (CMake 3.10) kanye nokuncika (GLib 2.50.0, Libgcrypt 1.8.0, Python 3.6.0, GnuTLS 3.5.8) zinyusiwe.

Source: opennet.ru

Engeza amazwana