I-Wireshark yi-analyzer yeprotocol esetyenziselwa ukuhlalutya kunye nokusombulula iingxaki zothungelwano
Emva kweenyanga ezininzi zophuhliso, ukukhutshwa kwenguqulelo entsha yeWireshark 4.0 kwabhengezwa, apho ku Ubeko lweziqalelo kwifestile engundoqo lutshintshiwe, njengoko ngoku ibonisa "uLwazi lwePakethi eyoNgezelelweyo" kunye neepaneli ze "Packet Bytes" zibekwe ecaleni komnye nomnye ngaphantsi kwe "Package List".
Olunye utshintsho esinokulufumana kule nguqulelo intsha kukuba utshintsho ubeko lwencoko, iinketho ezongeziweyo kwiimenyu zomxholo ukuhlaziya zonke iikholamu kunye nokukopisha izinto kunye nenkxaso ye-JSON yokuthumela ngaphandle kunye nokukwazi ukukhupha kunye nokuncamathisela iithebhu kunikwe.
Wireshark 4.0 inkxaso eyongeziweyo yokuskena iifayile zegalelo usebenzisa iintetho eziqhelekileyo, kunye nothelekiso olunikeziweyo phakathi kokusetyenzwa kwe-text2pcap eluncedo kunye ne "Import from hex dump" interface, ukongeza I-text2pcap ibonelela ngokukwazi ukuthatha iindawo zokulahla kuzo zonke iifomathi exhaswa yilayibrari yokucofa ngocingo kunye nayo ine pcapng cwangcisa njengefomati engagqibekanga, efana ne editcap, mergecap, kunye nezinto eziluncedo zetshark.
Kwakhona ukuba utshintsho lwenziwe kwi-syntax yemithetho yokucoca i-traffic, njengoko ukukwazi ukukhetha umaleko othile we-protocol stack yongezwa, umzekelo, xa ufaka i-IP phezu kwe-IP ukukhupha iidilesi kwiipakethi zangaphandle kunye ne-nested.
Xa izihluzi zisetyenziswa, iikholamu ziyaboniswa ebonisa umahluko phakathi kweepakethi ezihluziweyo nezingahluzwanga, kunye nokutshintsha ukuhlelwa kweentlobo ezahlukeneyo zedatha.
Ngaphezu koko, nayo ukuphuculwa kokusebenza kwendawo usebenzisa i-database ye-MaxMind ibonakalisiwe, iinketho ezintsha zokungena kunye Inkxaso ye-dissector ye-HTTP2 ukusebenzisa iiheader dummy ukwahlula idata eyamkelwe ngaphandle kweepakethi zangaphambili ezineheader (umzekelo, xa kusahlulwa imiyalezo ngaphezulu koqhagamshelwano olusele lusekiwe lwe gRPC).
Ibonelelwe ugcino lwexeshana (ngaphandle kokugcina kwidisk) yegama lokugqitha kwincoko yababini ye Extcap Ukungayingeni ngexesha leebhutsi eziphindaphindiweyo kwaye wongeze ukukwazi ukuseta igama eligqithisiweyo le-extcap ngokusebenzisa izinto eziluncedo zelayini yomyalelo njenge tshark.
Yongeziwe Isivakalisi esitsha sokwahlula iilithali kwiziphawuli: Ixabiso eliqala ngexesha liphathwa njengeprothokholi okanye indawo yeprothokholi, ngelixa ixabiso elivalelwe kwizibiyeli ze-engile liphathwa njengelingokoqobo.
Olunye utshintsho evelele kule nguqulo intsha:
- Izazisi ziqhotyoshelwe kwimijelo ye-TCP kunye ne-UDP kunye nokukwazi ukucoca ngabo kunikezelwa.
- Ivumelekile ukufihla iingxoxo kwimenyu yomxholo.
- Ukubonelela ngokukwazi ukulahla i-IP ye-dummy, i-TCP, i-UDP, kunye neentloko ze-SCTP xa usebenzisa i-IP eRaw, i-Raw IPv4, kunye ne-Raw IPv6 encapsulation.
- Isivakalisi esakhelwe-ngaphakathi sokuchaza iimbekiselo zentsimi: ${some.field}, iphunyezwe ngaphandle kokusebenzisa iimacros.
- Ubukhulu bongeziweyo (), min (), kunye ne-abs () imisebenzi.
- Ivumelekile ukukhankanya iintetho kunye nokubiza eminye imisebenzi njengeengxoxo zokusebenza.
- Ukwandulela kwe- AND yomsebenzisi obhadlileyo ngoku mkhulu kunomsebenzisi OKANYE.
- Inkxaso eyongeziweyo yokuchaza izinto ezingaguqukiyo kwimo yokubini kusetyenziswa isimaphambili "0b".Injini yokubonakalisa eqhelekileyo kwinjini yokucoca isiwe kwithala leencwadi lePCRE2 endaweni yeGRegex.
- I-null bytes iphathwa ngokuchanekileyo kwimitya kunye neepatheni zokubonisa rhoqo ('\0' kumtya iphathwa njenge-null byte).
- Ukongeza ku-1 kunye no-0, amaxabiso eBoolean ngoku angabhalwa njengeNyaniso/YINYANI kunye noBubuxoki/BUBUXOKI.
- Inkxaso eyongeziweyo ye-Mesh Connex (MCX) kwi-IEEE 802.11 analyzer.
- I-ciscodump utility iphumeza ukukwazi ukubamba ukude ukusuka kwi-IOS, i-IOS-XE, kunye nezixhobo ezisekelwe kwi-ASA.
- Inkxaso eyongeziweyo kwinani elikhulu leeprothokholi ezintsha.
Gqibela Ukuba unomdla wokwazi okungakumbi ngayo, Ungajonga iinkcukacha kwikhonkco elilandelayo.
Ngokuphathelele abo banomdla wokufumana olu guqulelo lutsha, bangakwenza oko ngokukhuphela iphakheji yeLinux kwiwebhusayithi esemthethweni kwicandelo layo lokukhuphela. Ikhonkco yile.