June 8, 2016
Wireshark 2.1.0 has been released. This is an experimental release intended to test features that will go into Wireshark 2.2. Installers for Windows, OS X, and source code are now available.
The following features are new (or have been significantly updated) since version 2.0.0:
- You can now switch between between Capture and File Format dissection of the current capture file via the View menu in the Qt GUI.
- You can now show selected packet bytes as ASCII, HTML, Image, ISO 8859-1, Raw, UTF-8, a C array, or YAML.
- You can now use regular expressions in Find Packet and in the advanced preferences.
- Name resolution for packet capture now supports asynchronous DNS lookups only. Therefore the "concurrent DNS resolution" preference has been deprecated and is a no-op. To enable DNS name resolution some build dependencies must be present (currently c-ares). If that is not the case DNS name resolution will be disabled (but other name resolution mechanisms, such as host files, are still available).
- The byte under the mouse in the Packet Bytes pane is now highlighted.
- TShark supports exporting PDUs via the
- The Windows and OS X installers now come with the "sshdump" and "ciscodump" extcap interfaces.
- Most dialogs in the Qt UI now save their size and positions.
- The Follow Stream dialog now supports UTF-16.
- The Firewall ACL Rules dialog has returned.
- The Flow (Sequence) Analysis dialog has been improved.