Mva nje ukuqaliswa kwabhengezwae inguqulelo entsha yophuhliso lomhlalutyi womnatha I-Wireshark 3.7.2, ebhalisa inani elikhulu lotshintsho olubalulekileyo, apho ukuphuculwa kweebhokisi zengxoxo, ukuphuculwa kokunikezelwa kwedatha, ukwanda kweemfuno kunye nokunye okugqamayo.
IWireshark (eyayisaziwa njenge-Etherealsisicazululi senkqubo yenethiwekhi yasimahla. IWireshark yiyo isetyenziselwa uhlalutyo lwenethiwekhi kunye nesisombululo, kuba le nkqubo isivumela ukuba sibone okwenzekayo kwinethiwekhi kwaye ngumgangatho weefektri kwiinkampani ezininzi imibutho yorhwebo nengenzi nzuzo, iiarhente zikarhulumente kunye namaziko emfundo.
Iindaba eziphambili zeWireshark 3.7.2 Uphuhliso
Kolu guqulelo lophuhliso oluvezwayo iingxoxo zokugqibela "zeNgxoxo kunye nexesha" zenziwe ngokutsha apho imenu yentsingiselo ngoku ibandakanya i ukhetho lokubuyisela ubungakanani bayo yonke imiqolo, kunye nezinto zokukopa, idatha ingathunyelwa ngaphandle njenge-JSON, iithebhu zinokwahlulwa kwaye ziphinde ziqhagamshelwe kwincoko yababini, iithebhu zinokudityaniswa okanye zisuswe, iikholamu ngoku zihlelwa ngeempawu zomntwana ukuba ungeno olufanayo lufunyenwe, nangaphezulu.
Olunye utshintsho olugqamayo kukuba i-ip.flags intsimi ngoku ngamasuntswana amathathu aphezulu, hayi i-byte epheleleyo. Izihluzi zokubonisa kunye nemithetho yombala esebenzisa ibala kuya kufuneka ilungiswe.
Kuyacaciswa ukuba isantya xa usebenzisa iMaxMind geolocation iye yaphuculwa kakhulu. I 'v' (onobumba abancinci) kunye no 'V' (onobumba abakhulu) batshintshelwe kuhlelo lwe-editcap kunye ne-mergecap ukuze lungqamane nezinye izinto eziluncedo zelayini yomyalelo.
Ngakolunye uhlangothi, yongezwe i-syntax ukuze itshatise umaleko othile kwisitaki seprothokholi. Umzekelo, kwi-IP phezu kwepakethi ye-IP, "ip.addr#1 == 1.1.1.1" ihambelana needilesi zomaleko wangaphandle kunye ne-"ip.addr#2 == 1.1.1.2" ihambelana needilesi zomaleko wangaphandle.
I-universal quantifiers "nayiphi na" kunye "nonke" yongeziwe kuye nawuphi na umsebenzi onxibeleleneyo. Umzekelo, intetho yonke tcp.port › 1024 yinyani ukuba kwaye kuphela ukuba zonke iindawo ze-tcp.port zihambelana nemeko. Ngaphambili, kuphela ukuziphatha okungagqibekanga ukubuyisela inyaniso ukuba nayiphi na indawo ehambelana nayo ixhasiwe.
Iimbekiselo zommandla, kwifomathi ${some.field} ngoku ziyinxalenye yesihluzo se-syntax umboniso. Ngaphambili, zaphunyezwa njenge-macros. Ukuphunyezwa okutsha kusebenza ngakumbi kwaye kuneepropati ezifanayo njengemimandla yeprotocol, enjengokulinganisa amaxabiso amaninzi usebenzisa i-quantifiers kunye nenkxaso yokucoca umaleko.
I-HTTP2 i-dissector ngoku ixhasa ukusetyenziswa kwee-headers zobuxoki ukucazulula i-DATA yemilambo ebanjwe ngaphandle kwezakhelo zokuqala ze-HEADERS zomsinga oqhuba ixesha elide (njengomnxeba we-gRPC wokusasaza ovumela ukuba izicelo ezininzi okanye imiyalezo yempendulo ithunyelwe kumlambo we-HTTP2). Abasebenzisi bangakhankanya iiheader ezibubuxoki besebenzisa izibuko lomncedisi, id, kunye nedilesi yomjelo okhoyo.
Yongeziwe inkxaso yolandelelwano lokubaleka koonobumba abongezelelweyo kwimitya efakwe kwizicatshulwa eziphindwe kabini. Kunye ne-octal encoding (\ ) kunye nehexadecimal (\x ), olu landelelwano lokubaleka lulandelayo C olunentsingiselo efanayo ngoku luyaxhaswa: \a, \b, \f, \n, \r, \t , \v. Ngaphambili, bebexhaswa kuphela ngabalinganiswa abazinzileyo.
Olunye utshintsho eziphuma phandle kolu guqulelo lutsha lophuhliso
- Uhlobo lwedilesi entsha AT_NUMERIC luvumela iidilesi zamanani ezilula zemithetho yomthetho engenandlela iqhelekileyo yokufikelela kwidilesi, efana ne-AT_STRINGZ.
- I-Wireshark Lua API ngoku isebenzisa izibophelelo ze-lrexlib ze-PCRE2.
- Inkqubo yokuloga itephu ihlaziyiwe kwaye uluhlu lwengxabano lwe tap_packet_cb lutshintshile.
- Ithala leencwadi lePCRE2 ngoku lixhomekeke ekwakhiweni kweWireshark.
- Ngoku kufuneka ube ne-C11 compiler ehambelanayo ukuqulunqa i-Wireshark.
- I-Perl ayisafuneki ukuba iqulunqe i-Wireshark, kodwa kunokufuneka ukuba iqokelele ezinye iifayile zemithombo kwaye iqhube ukuhlolwa kwekhowudi.
- Izifakeli zeWindows ngoku zithunyelwa nge-Qt 6.2.3.
- Iingxoxo zeNgxoxo kunye ne-Endpoint ziye zayilwa ngokutsha.
- Izifakeli zeWindows ngoku zithunyelwa ngeNpcap 1.60.
- Izifakeli zeWindows ngoku zithunyelwa nge-Qt 6.2.4.
- I-text2pcap ixhasa ukhetho lohlobo lwe-encapsulation yefomati yefayile yemveliso usebenzisa amagama amafutshane asuka kwilayibrari ye-wiretap.
- I-text2pcap yahlaziywa ukuze kusetyenziswe iinketho zemveliso entsha kwaye iflegi -d yasuswa.
Gqibela Ukuba unomdla wokwazi okungakumbi ngayo, ungajonga iinkcukacha Kule khonkco ilandelayo.