Wireshark 2.6.0 Released

April 24, 2018

Wireshark 2.6.0 has been released. Installers for Windows, macOS, and source code are now available.

New and Updated Features

The following features are new (or have been significantly updated) since version 2.5.0:

  • HTTP Request sequences are now supported.

  • Wireshark now supports MaxMind DB files. Support for GeoIP and GeoLite Legacy databases has been removed.

  • The Windows packages are now built using Microsoft Visual Studio 2017.

  • The IP map feature (the “Map” button in the “Endpoints” dialog) has been removed.

The following features are new (or have been significantly updated) since version 2.4.0:

  • Display filter buttons can now be edited, disabled, and removed via a context menu directly from the toolbar

  • Drag & Drop filter fields to the display filter toolbar or edit to create a button on the fly or apply the filter as a display filter.

  • Application startup time has been reduced.

  • Some keyboard shortcut mix-ups have been resolved by assigning new shortcuts to Edit → Copy methods.

  • TShark now supports color using the --color option.

  • The "matches" display filter operator is now case-insensitive.

  • Display expression (button) preferences have been converted to a UAT. This puts the display expressions in their own file. Wireshark still supports preference files that contain the old preferences, but new preference files will be written without the old fields.

  • SMI private enterprise numbers are now read from the “enterprises.tsv” configuration file.

  • The QUIC dissector has been renamed to Google QUIC (quic → gquic).

  • The selected packet number can now be shown in the Status Bar by enabling Preferences → Appearance → Layout → Show selected packet number.

  • File load time in the Status Bar is now disabled by default and can be enabled in Preferences → Appearance → Layout → Show file load time.

  • Support for the G.729A codec in the RTP Player is now added via the bcg729 library.

  • Support for hardware-timestamping of packets has been added.

  • Improved NetMon .cap support with comments, event tracing, network filter, network info types and some Message Analyzer exported types.

  • The personal plugins folder on Linux/Unix is now ~/.local/lib/wireshark/plugins.

  • TShark can print flow graphs using -z flow…

  • Capinfos now prints SHA256 hashes in addition to RIPEMD160 and SHA1. MD5 output has been removed.

  • The packet editor has been removed. (This was a GTK+ only experimental feature.)

  • Support BBC micro:bit Bluetooth profile

  • The Linux and UNIX installation step for Wireshark will now install headers required to build plugins. A pkg-config file is provided to help with this (see “doc/plugins.example” for details). Note you must still rebuild all plugins between minor releases (X.Y).

  • The Windows installers and packages now ship with Qt 5.9.4.

  • The generic data dissector can now uncompress zlib compressed data.

  • DNS Stats now supports service level statistics.

  • DNS filters for retransmissions and unsolicited responses have been added.

  • The “tcptrace” TCP Stream graph now shows duplicate ACKS and zero window advertisements.

  • The membership operator now supports ranges, allowing display filters such as tcp.port in {4430..4434} to be expressed. See the User’s Guide, chapter Building display filter expressions for details.

New Protocol Support

ActiveMQ Artemis Core Protocol, AMT (Automatic Multicast Tunneling), AVSP (Arista Vendor Specific Protocol), Bluetooth Mesh, Broadcom tags (Broadcom Ethernet switch management frames), CAN-ETH, CVS password server, Excentis DOCSIS31 XRA header, F1 Application Protocol, F5ethtrailer, FP Mux, GRPC (gRPC), IEEE 1905.1a, IEEE 802.11ax (High Efficiency WLAN (HEW)), IEEE 802.15.9 IEEE Recommended Practice for Transport of Key Management Protocol (KMP) Datagrams, IEEE 802.3br Frame Preemption Protocol, ISOBUS, LoRaTap, LoRaWAN, Lustre Filesystem, Lustre Network, Nano / RaiBlocks Cryptocurrency Protocol (UDP), Network Functional Application Platform Interface (NFAPI) Protocol, New Radio Radio Link Control protocol, New Radio Radio Resource Control protocol, NR (5G) MAC protocol, NXP 802.15.4 Sniffer Protocol, Object Security for Constrained RESTful Environments (OSCORE), PFCP (Packet Forwarding Control Protocol), Protobuf (Protocol Buffers), QUIC (IETF), RFC 4108 Using CMS to Protect Firmware Packages, Session Multiplex Protocol, SolarEdge monitoring protocol, Steam In-Home Streaming Discovery Protocol, Tibia, TWAMP and OWAMP, Wi-Fi Device Provisioning Protocol, and Wi-SUN FAN Protocol

Official releases are available right now from the download page.

Wireshark 2.4.6 and 2.2.14 Released

April 3, 2018

Wireshark 2.4.6 and 2.2.14 have been released. Installers for Windows, Mac OS X 10.8 and above, and source code are now available.

In 2.4.6

Many vulnerabilities have been fixed. See the release notes for details.

For a complete list of changes, please refer to the 2.4.6 release notes.

In 2.2.14

Many vulnerabilities have been fixed. See the release notes for details.

For a complete list of changes, please refer to the 2.2.14 release notes.

Official releases are available right now from the download page.

What's Not As New

Wireshark 2.5.1 Development Release · March 15, 2018

Wireshark 2.4.5 and 2.2.13 Released · February 23, 2018

Wireshark 2.5.0 Development Release · February 6, 2018

Wireshark 2.4.4 and 2.2.12 Released · January 11, 2018

Wireshark 2.4.3 and 2.2.11 Released · November 30, 2017

Wireshark 2.4.2, 2.2.10, and 2.0.16 Released · October 10, 2017

Wireshark 2.4.1, 2.2.9, and 2.0.15 Released · August 29, 2017

Wireshark 2.4.0 Released · July 19, 2017

Wireshark 2.2.8 and 2.0.14 Released · July 18, 2017

Wireshark 2.4.0rc2 Released · June 28, 2017

Wireshark 2.4.0rc1 Released · June 7, 2017

Wireshark 2.2.7 and 2.0.13 Released · June 1, 2017

Wireshark 2.2.6 and 2.0.12 Released · April 12, 2017

Wireshark 2.2.5 and 2.0.11 Released · March 3, 2017

Wireshark 2.2.4 and 2.0.10 Released · January 23, 2017

Wireshark 2.2.3 and 2.0.9 Released · December 14, 2016

Wireshark 2.2.2 and 2.0.8 Released · November 16, 2016

Wireshark 2.2.1 and 2.0.7 Released · October 4, 2016

Wireshark 2.0.6 Released · September 8, 2016

Wireshark 2.2.0 Released · September 7, 2016

Wireshark 2.2.0rc2 · August 31, 2016

Wireshark 2.2.0rc1 · August 22, 2016

Wireshark 2.0.5 and 1.12.13 Released · July 27, 2016

Wireshark 2.1.1 Development Release · July 14, 2016

Wireshark 2.1.0 Development Release · June 8, 2016

Wireshark 2.0.4 and 1.12.12 Released · June 7, 2016

Wireshark 2.0.3 and 1.12.11 Released · April 22, 2016

Wireshark 2.0.2 and 1.12.10 Released · February 26, 2016

Wireshark 2.0.1 and 1.12.9 Released · December 29, 2015

Wireshark 2.0.0 Released · November 18, 2015

Wireshark 2.0.0rc3 Released · November 11, 2015

Wireshark 2.0.0rc2 Released · October 30, 2015

Wireshark 2.0.0rc1 Released · October 14, 2015

Wireshark 1.12.8 Released · October 14, 2015

Wireshark 1.99.9 Development Release · September 2, 2015

Wireshark 1.12.7 Released · August 12, 2015

Wireshark 1.99.8 Development Release · July 24, 2015

Wireshark 1.99.7 Development Release · June 18, 2015

Wireshark 1.12.6 Released · June 17, 2015

Wireshark 1.99.6 Development Release · May 28, 2015

Wireshark 1.12.5 and 1.10.14 Released · May 12, 2015

Wireshark 1.99.5 Development Release · March 20, 2015

Wireshark 1.99.4 Development Release · March 19, 2015

Wireshark 1.99.3 Development Release · March 5, 2015

Wireshark 1.12.4 and 1.10.13 Released · March 4, 2015

Wireshark 1.99.2 Development Release · February 4, 2015

Wireshark 1.12.3 and 1.10.12 Released · January 7, 2015

Wireshark 1.99.1 Development Release · December 10, 2014

Wireshark 1.12.2 and 1.10.11 Released · November 12, 2014

Wireshark 1.99.0 Development Release · October 7, 2014

Wireshark 1.12.1 and 1.10.10 Released · September 16, 2014

Wireshark 1.12.0 and 1.10.9 Released · July 31, 2014

Wireshark 1.12.0rc3 Released · July 22, 2014

Wireshark 1.12.0rc2 Released · June 13, 2014

Wireshark 1.10.8 and 1.8.15 Released · June 12, 2014

Wireshark 1.10.7 and 1.8.14 Released · April 22, 2014

Wireshark 1.11.3 Development Release · April 15, 2014

Wireshark 1.10.6 and 1.8.13 Released · March 7, 2014

Wireshark 1.10.5 Released · December 19, 2013

Wireshark 1.10.4 and 1.8.12 Released · December 17, 2013

Wireshark 1.11.2 Development Release · November 18, 2013

Wireshark 1.11.0 Development Release · November 15, 2013

Wireshark 1.10.3 and 1.8.11 Released · November 1, 2013

Wireshark 1.11.0 Development Release · October 15, 2013

Wireshark 1.10.2 and 1.8.10 Released · September 10, 2013

Wireshark 1.10.1 and 1.8.9 Released · July 26, 2013

Wireshark 1.8.8 and 1.6.16 Released and 1.6 End of Life · June 7, 2013

Wireshark 1.10.0 Released · June 5, 2013

Wireshark 1.10.0rc2 Released · May 22, 2013

Wireshark 1.8.7 and 1.6.15 Released · May 17, 2013

Wireshark 1.10.0rc1 Released · April 26, 2013

Wireshark 1.9.1 Development Release · March 28, 2013

Wireshark 1.9.1 Development Release · March 12, 2013

Wireshark 1.8.6 and 1.6.14 Released · March 6, 2013

Wireshark 1.9.0 Development Release · February 20, 2013

Wireshark 1.8.5 and 1.6.13 Released · January 29, 2013

Wireshark Wiki Security Incident · January 9, 2013

Wireshark 1.8.4 and 1.6.12 Released · November 28, 2012

Wireshark 1.8.3 and 1.6.11 Released · October 2, 2012

Wireshark 1.8.2 and 1.6.10 Released · August 15, 2012

Wireshark 1.4.14 Released · July 24, 2012

Wireshark 1.8.1 and 1.6.9 Released · July 23, 2012

Wireshark 1.8.0 Released · June 21, 2012

Wireshark 1.8.0rc2 Released · June 18, 2012

Wireshark 1.8.0rc1 Released · June 6, 2012

Wireshark 1.6.8 and 1.4.13 Released · May 22, 2012

Wireshark 1.7.1 Development Release · April 6, 2012

Wireshark 1.6.7 Released · April 6, 2012

Wireshark 1.6.6 and 1.4.12 Released · March 27, 2012

Wireshark 1.6.5 and 1.4.11 Released · January 10, 2012

Wireshark 1.6.4 Released · November 18, 2011

Wireshark 1.7.0 Development Release · November 8, 2011

#1 on SecTools.Org · November 7, 2011

Wireshark 1.6.3 and 1.4.10 Released · November 1, 2011

We're Essential · September 19, 2011

Wireshark 1.6.2 and 1.4.9 Released · September 8, 2011

Wireshark 1.6.1 and 1.4.8 Released · July 18, 2011

Wireshark 1.6.0 Released · June 7, 2011

Wireshark 1.6.0rc2 Released · June 2, 2011

Wireshark 1.4.7 and 1.2.17 Released · May 31, 2011

Wireshark 1.6.0rc1 Released · May 16, 2011

Wireshark 1.4.6 Released · April 18, 2011

Wireshark 1.4.5 and 1.2.16 Released · April 15, 2011

Wireshark 1.5.1 Development Release · April 11, 2011

Wireshark 1.4.4 and 1.2.15 Released · March 1, 2011

Wireshark 1.5.0 Development Release · January 24, 2011

Wireshark 1.4.3 and 1.2.14 Released · January 11, 2011

Wireshark 1.4.2 and 1.2.13 Released · November 19, 2010

Riverbed Acquires CACE Technologies · October 21, 2010

CACE Pilot, WiFi Pilot, and Shark Appliance 2.4 Released · October 20, 2010

Wireshark 1.4.1 and 1.2.12 Released, 1.0.x EOL · October 11, 2010

Wireshark 1.4.0, 1.2.11, and 1.0.16 Released · August 30, 2010

"Wireshark Antivirus" Malware · August 4, 2010

We're SourceForge.net's Project of the Month! · August 1, 2010

End of Life Announcement for Wireshark 1.0 · July 31, 2010

Wireshark 1.2.10, 1.0.15, and 1.4.0rc2 Released · July 29, 2010

Wireshark 1.2.9, 1.0.14, and 1.4.0rc1 Released · June 9, 2010

Wireshark 1.2.8, 1.0.13, and 1.3.5 Released · May 5, 2010

Wireshark 1.2.7, 1.0.12, and 1.3.4 Released · March 31, 2010

Wireshark Wins PC Magazine Editor's Choice Award · February 22, 2010

Wireshark 1.3.3 Development Release · February 11, 2010

Wireshark 1.2.6 and 1.0.11 Released · January 27, 2010

CACE Pilot and WiFi Pilot 2.2 Released · January 18, 2010

Wireshark 1.2.5 Released · December 17, 2009

Wireshark 1.3.2 Development Release · November 24, 2009

Wireshark 1.2.4 Released · November 16, 2009

Wireshark 1.2.3, 1.0.10, and 1.3.1 Released · October 27, 2009

Wireshark 1.2.2, 1.0.9, and 1.3.0 Released · September 15, 2009

CACE Pilot and WiFi Pilot 2.1 Released · September 1, 2009

CACE Pilot 2.0 Released · July 28, 2009

Wireshark 1.2.1 Released · July 20, 2009

Nmap 5 Released · July 16, 2009

Wireshark 1.2 Released · June 15, 2009

Wireshark 1.2.0pre2 Released · June 9, 2009

Wireshark 1.2.0pre1 Released · May 27, 2009

Free Wireshark Jumpstart Seminars From Laura Chappell · May 22, 2009

Wireshark 1.0.8 Released · May 21, 2009

Another Day, Another New York Times Article · May 14, 2009

Wireshark Helps Expose Spy Ring · May 12, 2009

Announcing WiFi Pilot · May 7, 2009

Wireshark 1.0.7 Released · April 8, 2009

A Pile Of Great Keynotes At Sharkfest '09 · March 24, 2009

Wireshark 1.1.3 Development Release · March 23, 2009

Conficker Loves Us! · March 12, 2009

Wireshark 1.0.6 Released · February 6, 2009

CACE Pilot 1.2 released · January 23, 2009

Wireshark 1.1.2 Development Release · January 15, 2009

Wireshark 1.0.5 Released · December 10, 2008

New Video: Custom Columns (Plus Bonus Wireshark University Updates) · December 9, 2008

New Book: Nmap Network Scanning · December 3, 2008

Wireshark classes from Mike Pennacchi and Chris Sanders · November 7, 2008

tcpdump 4.0.0 / libpcap 1.0.0 released · October 28, 2008

New Article: Using Wireshark and TShark display filters for troubleshooting · October 22, 2008

Wireshark 1.0.4 Released · October 20, 2008

Meet Gerald At Laura Chappell's Troubleshooting and Security Summit · October 10, 2008

Wireshark 1.1.1 Development Release · October 9, 2008

Wireshark 1.1.0 Development Release · September 14, 2008

Sign Up Now for Laura Chappell's Troubleshooting and Security Summit · September 3, 2008

Wireshark 1.0.3 Released · September 3, 2008

Wireshark Wins 2008 InfoWorld BOSSIE Award · August 4, 2008

Wireshark is 10! (Plus two bonus announcements) · July 14, 2008

Wireshark 1.0.2 Released · July 10, 2008

Wireshark 1.0.1 Released · June 30, 2008

Announcing TurboCap · June 26, 2008

New Article: Open Source Founders Reflect On Project Milestones · April 22, 2008

Announcing Pilot · April 16, 2008

New Video: TCP Connection Loss · April 7, 2008

Sharkfest Was Great! · April 3, 2008

Wireshark 1.0 Released · March 31, 2008

Server Outage · March 20, 2008

Wireshark 0.99.8 Released · February 27, 2008

Vint Cerf at Sharkfest! · February 19, 2008

New Video: Analyzing DNS Queries · February 4, 2008

New Video: ICMP Redirection (plus a Tech Talk) · January 7, 2008

Wireshark 0.99.7 Released · December 18, 2007

New Mirror in Indonesia · December 16, 2007

Nmap is 10 · December 14, 2007

New Video: Advanced IO Graphing · November 5, 2007

German Tutorial from Mirko Kulpa · November 1, 2007

In Memoriam: Jun-ichiro Hagino · October 30, 2007

New Article: Time to Roll Your Own 802.11n Standard · October 5, 2007

New Video: Faulty Padding · September 24, 2007

First Annual SHARKFEST Announced · September 12, 2007

Wireshark Wins 2007 InfoWorld BOSSIE Award · September 10, 2007

New Article: SPAN Port or TAP? CSO Beware · September 9, 2007

New Article: Analyzing TCP Performance with Wireshark · August 17, 2007

Wireshark 0.99.6a Windows Installer Released · July 9, 2007

Wireshark 0.99.6 Released · July 5, 2007

New Article: Creating Your Own Custom Wireshark Dissector · July 2, 2007

New Video: Building ACL Rules · July 2, 2007

Wireshark at LinuxWorld 2007 · June 27, 2007

New tool: WPA PSK Generator · June 22, 2007

New Book: Practical Packet Analysis · May 23, 2007

eWEEK Says We're Important · May 2, 2007

Wireshark! Live! Helpdesk · April 1, 2007

Wireshark University Announced · March 19, 2007

New Mirror in Hungary · March 2, 2007

New Mirror in Germany · February 21, 2007

McAfee VirusScan False Positive · February 13, 2007

Wireshark 0.99.5 Released · February 1, 2007

WinPcap 4.0 Released · January 29, 2007

3Com Says We're "Best-Of-Breed" · January 29, 2007

New Mirror in the U.S. · January 22, 2007

New Mirror in the Netherlands · January 5, 2007

MacOS X Package Available · January 4, 2007

Article in COMPUTERWOCHE.de · November 14, 2006

Wireshark 0.99.4 Released · October 31, 2006

Wireshark Training Available for Q1 2007 · October 23, 2006

Site Outage · September 18, 2006

Wireshark 0.99.3 Released · August 23, 2006

Wireshark 0.99.2 Released · July 17, 2006

Tutorial and Podcast from Chris Sanders · July 14, 2006

Symantec Antivirus False Positive · July 4, 2006

We're (still) #2! · June 21, 2006

Ethereal® is now Wireshark™ · June 7, 2006

Go Beyond with Riverbed Technology

Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products that fully integrate with Wireshark.

I have a lot of traffic...

ANSWER: SteelCentral™ Packet Analyzer PE
  • • Visually rich, powerful LAN analyzer
  • • Quickly access very large pcap files
  • • Professional, customizable reports
  • • Advanced triggers and alerts
Learn More

Buy Now

No, really, I have a LOT of traffic…

ANSWER: SteelCentral™ NetShark appliance
  • • Troubleshoot problems faster
  • • Quickly identify the applications running on your network
  • • Monitor your virtual machine traffic
Learn More