Wireshark 4.6.0 Release Candidate 1
The first release candidate for Wireshark 4.6.0 has been released, marking an important milestone in the development of this powerful network protocol analyzer.
For those who may be unfamiliar with Wireshark, it's worth noting that it is a free and open-source tool used for troubleshooting, analysis, development, and education purposes. The tool is maintained by the Wireshark Foundation, a non-profit organization dedicated to promoting protocol analysis education.
This new release represents an experimental version intended to test new features for Wireshark 4.6. With this update, users can expect several improvements, including enhancements to the Windows installers, macOS universal installers, and source packages compressed using zstd.
In terms of feature updates, Wireshark now includes a "Plots" dialog that offers scatter plots in contrast to the traditional "I/O Graphs" dialog. Live captures can also be compressed while writing, providing users with more flexibility when working with their data.
Furthermore, the new release features improvements to decryption capabilities, including support for NTP packets using Network Time Security (NTS) and expanded MACsec packet decryption. Other notable updates include enhancements to custom columns, Lua scripting, and HTTP2 tracking.
Additionally, Wireshark has removed its support for AirPcap and WinPcap and no longer supports libnl versions 1 or 2. The ENABLE_STATIC CMake option has also been deprecated in favor of BUILD_SHARED_LIBS.
New file format decoding support includes the Resource Interchange File Format (RIFF) and TTL File Format. New protocol support encompasses numerous communication protocols, including Asymmetric Key Packages (AKP), Binary HTTP, BIST TotalView-ITCH protocol, Bluetooth Android HCI, and many others.
Download
The release candidate can be downloaded from this page. For more information on Wireshark, visit the Wireshark webpage.
