Popular open source cross-platform network protocol analyzer Wireshark’s got a new iteration, version 1.6.0, last week. The new version incorporates several bug fixes, in addition to new features and significant updates.
Wireshark 1.6.0 now has the ability to export SMB items and SSL session keys, as well as improved support for file sizes in excess of 2.0 GB. Text dumps can now be imported into Wireshark (similar to text2pcap) and exported from Wireshark within a user specified group ID using Dumpcap. Version 1.6.0 can now display the compiled BPF code for capture filters.
Protocol and file capture support have been revamped, with added support for more than 35 new protocols and updated file capture support for existing protocols. Wireshark for OS X is now distributed as an installation package, and adds a startup item (expected to make packet capture easier).
The complete list of changes and new additions can be found in the release notes available on the Wireshark website. Released under the GNU general public license version 2 (GPL v2), the source code and binaries for version 1.6.0 (Windows and OS X) are available on the project website.