Wireshark, the most popular network protocol analyzer, has reached version 2.0. It features a completely new user interface which should provide a smoother, faster user experience.
Here’s an in-depth video introduction to Wireshark 2.0
The libwireshark API has undergone some major changes:
- The emem framework (including all ep_ and se_ memory allocation routines) has been completely removed in favour of wmem which is now fully mature.
- The (long-since-broken) Python bindings support has been removed. If you want to write dissectors in something other than C, use Lua.
- Plugins can now create GUI menu items.
- Heuristic dissectors can now be globally enabled/disabled so heur_dissector_add() has a few more parameters to make that possible
- proto_tree_add_text has been removed.
- tvb_length() has been removed in favor of tvb_reported_length() and tvb_captured_length().
- The API for ONC RPC-based dissectors has changed significantly: the procedure dissectors no longer take an offset, void-argument procedures now need to be declared with a function (use dissect_rpc_void()), and rpc_init_prog() now handles procedure registration too (it takes additional arguments to handle this; rpc_init_proc_table() was removed).
The following features are new (or have been significantly updated) since version 2.0.0rc3:
- An RTP player crash has been fixed.
- Flow graph issues have been fixed.
- A Follow Stream dialog crash has been fixed.
- An extcap crash has been fixed.
- A file merge crash has been fixed.
- A handle leak crash has been fixed.
- Several other crashes and usability issues have been fixed.