Wireshark 1.4.0 released

Wireshark is a popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.

The following features are new (or have been significantly updated) since version 1.2:

• The packet list internals have been rewritten and are now more efficient.
• Columns are easier to use. You can add a protocol field as a column by right-clicking on its packet detail item, and you can adjust some column preferences by right-clicking the column header.
• Preliminary Python scripting support has been added.
• Many memory leaks have been fixed.
• Wireshark 1.4 does not support Windows 2000. Please use Wireshark 1.2 or 1.0 on those systems.
• Packets can now be ignored (excluded from dissection), similar to the way they can be marked.
• Manual IP address resolution is now supported.
• Columns with seconds can now be displayed as hours, minutes and seconds.
• You can now set the capture buffer size on UNIX and Linux if you have libpcap 1.0.0 or greater.
• TShark no longer needs elevated privileges on UNIX or Linux to list interfaces. Only dumpcap requires privileges now.
• Wireshark and TShark can enable 802.11 monitor mode directly if you have libpcap 1.0.0 or greater.
• You can play RTP streams directly from the RTP Analysis window.
• Capinfos and editcap now respectively support time order checking and forcing.
• Wireshark now has a “jump to timestamp” command-line option.
• You can open JPEG files directly in Wireshark.