./net/wireshark, Network protocol analyzer

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 2.2.0nb1, Package name: wireshark-2.2.0nb1, Maintainer: pkgsrc-users

Wireshark is a network traffic analyzer, or "sniffer", for Unix and
Unix-like operating systems. It uses GTK+, a graphical user interface
library, and libpcap, a packet capture and filtering library.

The Wireshark distribution also comes with TShark, which is a
line-oriented sniffer (similar to Sun's snoop, or tcpdump) that uses the
same dissection, capture-file reading and writing, and packet filtering
code as Wireshark, and with editcap, which is a program to read capture
files and write the packets from that capture file, possibly in a
different capture file format, and with some packets possibly removed
from the capture.

This package tracks version 2 stable branch.

Required to run:
[sysutils/desktop-file-utils] [graphics/hicolor-icon-theme] [security/gnutls] [security/mit-krb5] [security/libgcrypt] [devel/glib2] [devel/libsmi] [devel/pcre] [x11/gtk3] [lang/lua52]

Required to build:
[pkgtools/x11-links] [x11/compositeproto] [x11/glproto] [x11/renderproto] [x11/xproto] [x11/xf86vidmodeproto] [x11/xf86driproto] [x11/damageproto] [x11/inputproto] [x11/xextproto] [x11/randrproto] [x11/dri2proto] [x11/xcb-proto] [x11/fixesproto4] [lang/python27]

Package options: gtk3, lua

Master sites:

SHA1: 4b47bf8e2053073585318646e27d2aa9dc7c7238
RMD160: bfcd77da458dc9f427cd423876a60968e8fa66ad
Filesize: 31387.833 KB

Version history: (Expand)

CVS history: (Expand)

   2016-09-19 15:04:29 by Thomas Klausner | Files touched by this commit (147)
Log message:
Recursive PKGREVISION bump for gnutls shlib major bump.
   2016-09-12 17:58:44 by Thomas Klausner | Files touched by this commit (1) | Package updated
Log message:
   2016-09-12 13:04:54 by Thomas Klausner | Files touched by this commit (2)
Log message:
Add upstream bug report URL.
   2016-09-12 12:59:55 by Thomas Klausner | Files touched by this commit (5) | Package updated
Log message:
Updated wireshark to 2.2.0.

What's New

  Bug Fixes

     * Upgrading to latest version uninstalls Microsoft Visual C++
       redistributable. ([1]Bug 12712)
     * Extcap errors not reported back to UI. ([2]Bug 11892)

  New and Updated Features

   The following features are new (or have been significantly updated)
   since version 2.2.0rc1:

   "Decode As" supports SSL (TLS) over TCP.

   The following features are new (or have been significantly updated)
   since version 2.1.1:
     * Invalid coloring rules are now disabled instead of discarded. This
       will provide backward compatibility with a coloring rule change in
       Wireshark 2.2.

   The following features are new (or have been significantly updated)
   since version 2.1.0:
     * Added -d option for Decode As support in Wireshark (mimics TShark
     * The Qt UI, GTK+ UI, and TShark can now export packets as JSON.
       TShark can additionally export packets as Elasticsearch-compatible
     * The Qt UI now supports the -j, -J, and -l flags. The -m flag is now
     * The Conversations and Endpoints dialogs are more responsive when
       viewing large numbers of items.
     * The RTP player now allows up to 30 minutes of silence frames.
     * Packet bytes can now be displayed as EBCDIC.
     * The Qt UI loads captures faster on Windows.
     * proto_tree_add_checksum was added as an API. This attempts to
       standardize how checksums are reported and filtered for within
       *Shark. There are no more individual "good" and "bad" \ 
       fields, protocols now have a "checksum.status" field that records
       "Good", "Bad" and "Unverified" (neither \ 
good or bad). Color filters
       provided with Wireshark have been adjusted to the new display
       filter names, but custom ones may need to be updated.

   The following features are new (or have been significantly updated)
   since version 2.0.0:
     * The intelligent scroll bar now sits to the left of a normal scroll
       bar and provides a clickable map of nearby packets.
     * You can now switch between between Capture and File Format
       dissection of the current capture file via the View menu in the Qt
     * You can now show selected packet bytes as ASCII, HTML, Image, ISO
       8859-1, Raw, UTF-8, a C array, or YAML.
     * You can now use regular expressions in Find Packet and in the
       advanced preferences.
     * Name resolution for packet capture now supports asynchronous DNS
       lookups only. Therefore the "concurrent DNS resolution" preference
       has been deprecated and is a no-op. To enable DNS name resolution
       some build dependencies must be present (currently c-ares). If that
       is not the case DNS name resolution will be disabled (but other
       name resolution mechanisms, such as host files, are still
     * The byte under the mouse in the Packet Bytes pane is now
     * TShark supports exporting PDUs via the -U flag.
     * The Windows and OS X installers now come with the "sshdump" and
       "ciscodump" extcap interfaces.
     * Most dialogs in the Qt UI now save their size and positions.
     * The Follow Stream dialog now supports UTF-16.
     * The Firewall ACL Rules dialog has returned.
     * The Flow (Sequence) Analysis dialog has been improved.
     * We no longer provide packages for 32-bit versions of OS X.
     * The Bluetooth Device details dialog has been added.

  New File Format Decoding Support

   Wireshark is able to display the format of some types of files (rather
   than displaying the contents of those files). This is useful when
   you're curious about, or debugging, a file and its format. To open a
   capture file (such as PCAP) in this mode specify "MIME Files Format" as
   the file's format in the Open File dialog.

  New Protocol Support

   Apache Cassandra - CQL version 3.0, Bachmann bluecom Protocol,
   Bluetooth Pseudoheader for BR/EDR, Cisco ERSPAN3 Marker, Cisco ttag,
   Digital Equipment Corporation Local Area Transport, Distributed Object
   Framework, DOCSIS Upstream Channel Descriptor Type 35, Edge Control
   Protocol (ECP), Encrypted UDP based FTP with multicast, Ericsson IPOS
   Kernel Packet Header Dissector Added (IPOS), Extensible Control &
   Management Protocol (eCMP), FLEXRAY Protocol dissector added
   (automotive bus), IEEE 802.1BR E-Tag, Intel Omni-Path Architecture, ISO
   8583-1, ISO14443, ITU-T G.7041/Y.1303 Generic Framing Procedure (GFP),
   LAT protocol (DECNET), Metamako trailers, Network Service Header for
   Ethernet & GRE, Network-Based IP Flow Mobility (NBIFOM), Nokia
   Intelligent Service Interface (ISI), Open Mobile Alliance Lightweight
   Machine to Machine TLV payload Added (LwM2M TLV), Real Time Location
   System (RTLS), RTI TCP Transport Layer (RTITCP), SMB Witness Service,
   STANAG 5602 SIMPLE, Standard Interface for Multiple Platform Link
   Evaluation (SIMPLE), USB3 Vision Protocol (USB machine vision cameras),
   USBIP Protocol, UserLog Protocol, and Zigbee Protocol Clusters
   Dissectors Added (Closures Lighting General Measurement & Sensing HVAC
   Security & Safety)

  Updated Protocol Support

   Bluetooth OBEX dissector (btobex) was renamed to Obex Dissector (obex),
   allow to DecodeAs it over USB, TCP and UDP.

   A preference was added to TCP dissector for handling IPFIX process
   information. It has been disabled by default.

  New and Updated Capture File Support

   Micropross mplog

  New and Updated Capture Interfaces support

   Non-empty section placeholder.

  Major API Changes

   The libwireshark API has undergone some major changes:
     * The address macros (e.g., SET_ADDRESS) have been removed. Use the
       (lower case) functions of the same names instead.
     * "old style" dissector functions (that don't return number of bytes
       used) have been replaced in name with the "new style" dissector
     * tvb_get_string and tvb_get_stringz have been replaced with
       tvb_get_string_enc and tvb_get_stringz_enc respectively.
   2016-08-03 12:23:40 by Adam Ciarcinski | Files touched by this commit (1248) | Package updated
Log message:
Revbump after graphics/gd update
   2016-07-28 16:33:20 by Thomas Klausner | Files touched by this commit (2)
Log message:
Add upstream bug report.
   2016-07-28 15:22:15 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated wireshark to 2.0.5.

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2016-39
       CORBA IDL dissector crash on 64-bit Windows. ([2]Bug 12495)
     * [3]wnpa-sec-2016-41
       PacketBB crash. ([4]Bug 12577)
     * [5]wnpa-sec-2016-42
       WSP infinite loop. ([6]Bug 12594)
     * [7]wnpa-sec-2016-44
       RLC long loop. ([8]Bug 12660)
     * [9]wnpa-sec-2016-45
       LDSS dissector crash. ([10]Bug 12662)
     * [11]wnpa-sec-2016-46
       RLC dissector crash. ([12]Bug 12664)
     * [13]wnpa-sec-2016-47
       OpenFlow long loop. ([14]Bug 12659)
     * [15]wnpa-sec-2016-48
       MMSE, WAP, WBXML, and WSP infinite loop. ([16]Bug 12661)
     * [17]wnpa-sec-2016-49
       WBXML crash. ([18]Bug 12663)

   The following bugs have been fixed:
     * T30 FCF byte decoding masks DTC, CIG and NCS. ([19]Bug 1918)
     * TShark crashes with option "-z io,stat,..." in the presence of
       negative relative packet timestamps. ([20]Bug 9014)
     * Packet size limited during capture msg is repeated in the Info
       column. ([21]Bug 9826)
     * Wireshark loses windows decorations on second screen when
       restarting maximized using GNOME. ([22]Bug 11303)
     * Cannot launch GTK+ version of wireshark as a normal user. ([23]Bug
     * Restart current capture fails with "no interface selected" error
       when capturing in promiscuous mode. ([24]Bug 11834)
     * Add field completion suggestions when adding a Display filter or Y
       Field to the IO Graph. ([25]Bug 11899)
     * Wireshark Qt always indicates locale as "C". ([26]Bug 11960)
     * Wireshark crashes every time open Statistics -> Conversations |
       Endpoints. ([27]Bug 12288)
     * Find function within the conversations window does not work.
       ([28]Bug 12363)
     * Invalid values for USB SET_REQUEST packets. ([29]Bug 12511)
     * Display filter dropdown hides cursor. ([30]Bug 12520)
     * Filter for field name tcp.options.wscale.multiplier cannot exceed
       255. ([31]Bug 12525)
     * Ctrl+ shortcuts that are not text-related do not work when focus is
       on display filter field. ([32]Bug 12533)
     * Closing Statistics window results in black screen. ([33]Bug 12544)
     * OSPF: Incorrect description of N/P-bit in NSSA LSA. ([34]Bug 12555)
     * Inconsistent VHT data rate. ([35]Bug 12558)
     * DCE/RPC malformed error when stub-data is missing but a
       sub-dissector has been registered. ([36]Bug 12561)
     * Wireshark is marking BGP FlowSpec NLRI as malformed if NLRI length
       is larger than 239 bytes. ([37]Bug 12568)
     * "Edit Resolved Name" is not saved in current pcapng file. ([38]Bug
     * MPTCP: MP_JOIN B bit not decoded correctly. ([39]Bug 12635)
     * MPTCP MP_PRIO header with AddrID: incorrect AddrID. ([40]Bug 12641)

  Updated Protocol Support

   802.11 Radiotap, BGP, CAN, CANopen, H.248 Q.1950, IPv4, IPv6, LANforge,

  New and Updated Capture File Support

   and pcapng
   2016-07-09 15:04:18 by Thomas Klausner | Files touched by this commit (599)
Log message:
Remove python33: adapt all packages that refer to it.