Wireshark, the world’s most popular network protocol analyzer, has reached the new stable 2.4.0 release one day ago on this Wednesday with many new features, a large number of new protocol support, and more.
New Features in Wireshark 2.4.0 include:
- Experimental 32-bit and 64-bit Windows Installers (.msi) are available.
- Disable the legacy (GTK+) UI by default in the both Windows installers and development environment.
- Wireshark can now go fullscreen
- TShark can now export objects like the other GUI interfaces.
- Support for G.722 and G.726 codecs in the RTP Player
- The Default profile can be reset to default values.
- Qt UI supports moving back and forth in the selection history
- IEEE 802.15.4 dissector uses an UAT for decryption keys.
- Added TLS 1.3 (draft 21) dissection and decryption support
- And more …
New Protocol support in Wireshark 2.4.0:
Bluetooth HCI Vendor Intel, CAN FD, Citrix NetScaler Metric Exchange Protocol, Citrix NetScaler RPC Protocol, DirectPlay 8 protocol, Ericsson A-bis P-GSL, Ericsson A-bis TFP (Traffic Forwarding Protocol), Facebook Zero, Fc00/cjdns Protocol, Generic Netlink (genl), GSM Osmux, GSMTAP based logging, Health Level 7 (HL7), High-speed SECS message service (HSMS), HomePNA, IndigoCare iCall protocol, IndigoCare Netrix protocol, iPerf2, ISO 15765, Linux 802.11 Netlink (nl80211), Local Service Discovery (LSD), M2 Application Protocol, Mesh Link Establishment (MLE), MUDURL, Netgear Ensemble Protocol, NetScaler HA Protocol, NetScaler Metric Exchange Protocol, NetScaler RPC Protocol, NM protocol, Nordic BLE Sniffer, NVMe, NVMe Fabrics RDMA, OBD-II PIDs, OpenThread simulator, RFTap Protocol, SCTE-35 Digital Program Insertion Messages, Snort Post-dissector, Thread CoAP, UDP based FTP w/ multicast (UFTP and UFTP4), Unified Diagnostic Services (UDS), vSocket, Windows Cluster Management API (clusapi), and X-Rite i1 Display Pro (and derivatives) USB protocol.
New and Updated Capture File Support:
ERF, IxVeriWave, Libpcap, and Pcap-ng.
For complete changelog, see the official release note.
How to Install Wireshark 2.4.0 in Ubuntu:
The source code as well as Windows, Mac OS installers are available for download at the link below:
Wireshark has an official stable PPA for current Ubuntu releases, though the 2.4.0 build is not ready at the moment of writing.
You may add the PPA by running command in terminal (open terminal from app launcher or via Ctrl+Alt+T)
sudo add-apt-repository ppa:wireshark-dev/stable
Then upgrade Wireshark from an existing release once the PPA published the new release packages.