A new version of Wireshark is available for download here. Wireshark is used, amongst others, within Citrix for troubleshooting networking issues between servers and clients. Wireshark is a tool you really need as an admin in your toolbox. I’ve used this tool personally many times now for solving issues with XenDesktop, Provisioning Services and XenApp. It’s a real must have tool.
Bug Fixes
The following bugs have been fixed:
New and Updated Features
The following features are new (or have been significantly updated) since version 1.6:
- Wireshark supports capturing from multiple interfaces at once.
- You can now add, edit, and save packet and capture file annotations.
- Wireshark, TShark, and their associated utilities now save files using the pcap-ng file format by default. (Your copy of Wireshark might still use the pcap file format if pcap-ng is disabled in your preferences.)
- Decryption key management for IEEE 802.11, IPsec, and ISAKMP is easier.
- OID resolution is now supported on 64-bit Windows.
- The “Save As” menu item has been split into “Save As”, which lets you save a file using a different filename and “Export Specified Packets”, which lets you have more control over which packets are saved.
- TCP fast retransmissions are now indicated as an expert info note, rather than a warning, just as TCP retransmissions are.
- TCP window updates are no longer colorized as “Bad TCP”.
- TShark’s command-line options have changed. The previously undocumented -P option is now -2 option for performing a two-pass analysis; the former -S option is now the -P option for printing packets even if writing to a file, and the -S option is now used to specify a different line separator between packets.
- GeoIP IPv6 databases are now supported.