The first version of the new branch wireshark 4.4.0 has been released, enhancing the capabilities of the network protocol analyzer. Wireshark is a widely used tool for diagnosis, analysis, development, and education, allowing users to examine network data in detail.
The latest version, 4.4.0, introduces significant improvements in graph construction dialogues, including I/O Graphics, VOIP flows, call graphs, and TCP flow graphs. Automatic profile switching has been added, enabling the association of display filters with configuration profiles. When opening a capture file corresponding to a specific filter, Wireshark now automatically switches to the relevant profile.
Support for LUA versions 5.3 and 5.4 has been included, while versions 5.1 and 5.2 are no longer supported. The installation packages for Windows and MacOS now come with Lua 5.4.6. Users may need to update Lua scripts written for older versions to ensure proper functionality.
Enhanced support for display filters for string type values enables filter display functions in the form of plugins. Display filters can now be translated into PCAP filters through the editing menu, simplifying data analysis and customizing the interface for specific user needs.
Users can create custom dissectors using allowed field expressions such as filtering functions, packet fragments, arithmetic calculations, and logical tests. This simplifies data analysis and allows for tailored information display to address specific issues.
Wireshark now supports ZLIB-NG for assembly instead of ZLIB to handle compressed files, enhancing data speed. Official packages for Windows and MacOS come with this feature, improving program performance overall.
Additionally, new functions and support for additional protocols have been added since version 4.2.0. Windows installation packages now include NPCAP 1.79, increasing stability and performance. I/O Charts dialogue has been improved with support for smaller intervals down to 1 microsecond and an expanded number of elements for enhanced analysis capabilities.
The update also includes support for new protocols like Allied Telesis Resilience Link (AT RL), Monero, NMEA 0183, and others, enhancing Wireshark’s capabilities for network analysis.