to include capture, name resolution, and window geometry settings. It is
now possible to search for all fields in GIOP messages. You can now build
display filters on the fly by right-clicking on tree view items.
Additionally, protocol hierarchy statistics display and MacOS X capture
timeout bugs have been fixed.
The idl2eth utility now handles CORBA IDL recursive unions and structs and
the text2pcap utility also received updates, including SCTP support.
New dissectors include DHCPv6, DLSw, IAPP, SCSI, SPOOLSS RPC, SliMP3, and
TSP. Dissectors receiving updates include AFS, AIM, Auto-RP, BGP, BOOTP,
DCE RPC, DIAMETER, FDDI, GTP, H.261, HMIPv6, IS-IS, iSCSI, ISUP, LDAP,
M3UA, MIP, MMSE, MTP3, NBNS, NCP, NDMP, NFS, ONC RPC, PIM, PPP, PPP,
Q.931, RPC, RSVP, RTCP, SCTP, SDP, SIP, SMB/CIFS, SSL, STAT, Syslog, TCP,
TNS, VJ, WTP, and ypbind.
Support for WildPackets' AiroPeek and OpenBSD pflog capture file formats
have been added (you can read pflog data from a file, or directly from the
logging interface). Support for the DBS Etherwatch, EtherPeek, NetMon,
and VMS TCPIPtrace formats has been enhanced.
--
Several new features have been added, including TCP graphs and ring buffer
captures. The SMB dissector was completely rewritten and many enhancements
were made to the user interface. The text2pcap utility can now handle a
broader range of input data formats. The developer documentation also
received many updates. Bug fixes include a workaround for an SNMP bug
present several Linux distributions.
Many dissectors were enhanced. Support for the following protocols was
added:
EAPOL
M2TP
MS RPC
MTP2
PCNFSD
PPP/EAPOL
QLLC
SMPP
SUA
Support for DBS Etherwatch, Visual Networks Visual UpTime, and VMS
TCPIPtrace capture files was added. Ascend/Lucent debug Etherpeek,
iptrace and MS Netmon capture file support was enhanced.
Enhancements were made to many dissectors. In particular, the SMB, DCE
RPC, PPP, and GIOP dissectors had major updates.
New dissectors include:
CosEventComm
Quake 3 Arena
GMRP
GTP
HMIPv6
OSPFv3
MMSE
UCP
Skinny Client Control Protocol
--
New dissectors include SUA Light, HCLNFSD, Rquota. Many other dissectors were
updated and bug-fixed. The wiretap library can now read Etherpeek files,
and write NetMon 2.x files. Capture filters and display filters are kept in
separate dialogues/files to help minimize confusion. A new "Decode As"
feature allows some run-time configuration of which dissectors are called
for a particular packet. You can now click on a byte in the hex dump and the
appropriate field in the protocol tree will be selected. The display filter
code was re-written, and some syntax changed (esp. for boolean variables).
Ethereal 0.8.15 has one of the biggest GUI changes in recent history;
display filters can now be constructed via an easy-to-use point-and-click
interface. Protocol dissectors now exist for: NFSv4, Mobile IPv6, X.25
over TCP, LAPBETHER, DEC LANBridge Spanning Tree Protocol, X.25 over LLC,
Frame Relay, MTP3 User Adaptation Layer, and ISDN Q.921 User Adaptation
Layer. Many other dissectors and core features were improved, and bugs
were squashed. The wiretap library can now read Sniffer Frame Relay files.
Capturing supports the "any" pseudo-device on Linux if you use libpcap 0.6
from www.tcpdump.org.
--
Besides the new dissectors (WAP, SIP, AIM/OSCAR, GIOP 1.2, 802.11)
and updates to many many dissectors, an exploit for a buffer overrun
in the AFS dissector has been patched. Please upgrade to 0.8.14 as soon
as possible to guard against this exploit, which was announced
this weekend in BugTraq.
--
New dissectors include H.261, TPKT, and IGRP. RTP and RTCP were
re-written, and many other dissectors were updated and improved.
The wiretap library enables Ethereal to read Nokia-firewall tcpdump
files, Shomiti Surveyor 3.x files, pppd log files (pppdump format),
and NetXRay ATM files.
