Wireshark 4.4 has been released as the latest stable version of this popular network protocol analyzer software adding new features and improvements.
Highlights of Wireshark 4.4 include automatic switching of profiles by associating a display filter with a configuration profile, support for Lua 5.3 and Lua 5.4, the ability to implement display filter functions as libwireshark plugins, and the ability to translate display filters to pcap filters.
This release also adds support for defining custom output fields for the tshark -e command using any valid field expression, along with support for defining custom columns using any valid field expression, such as display filter functions, packet slices, arithmetic calculations, logical tests, raw byte addressing, and protocol layer modifiers.
Additionally, Wireshark 4.4 introduces numerous enhancements and corrections to various graphing dialogs such as I/O Graphs, Flow Graph / VoIP Calls, and TCP Stream Graphs, and improves display filter support for value strings.
Network protocol support has been enhanced with support for Allied Telesis Resiliency Link (AT RL), ATN Security Label, Bit Index Explicit Replication (BIER), Bus Mirroring Protocol, EGNOS Message Server (EMS) file format, Galileo E1-B I/NAV navigation messages, IBM i RDMA Endpoint (iRDMA-EDP), IWBEMSERVICES, MAC NR Framed (mac-nr-framed), and Matter Bluetooth Transport Protocol (MatterBTP) protocols.
The list of newly supported protocol continues with MiWi P2P Star, Monero, NMEA 0183, PLDM, RDP authentication redirection virtual channel protocol (rdpear), RF4CE Network Layer (RF4CE), RF4CE Profile (RF4CE Profile), RK512, SAP Remote Function Call (SAPRFC), SBAS L1 Navigation Message, Scanner Access Now Easy (SANE), TREL, WMIO, and ZeroMQ Message Transport Protocol (ZMTP).
IPv6 protocol support has been updated in this release by enabling the “show address detail” preference by default and extending the provided address details to include more special-purpose address block properties, such as forwardable, globally routable, etc.
Last but not least, Wireshark 4.4 adds support for new capture files, including EGNOS Messager Server (EMS) files, support for new capture interfaces, including u-blox GNSS receivers, and enhances compressed file support by allowing building with zlib-ng instead of zlib.
Check out the release announcement page for more details about the changes included in this major update to one of the world’s most popular network protocol analyzers. Meanwhile, you can download Wireshark 4.4 from the official website as a source tarball or install it as a Flatpak app from Flathub.