Wireshark 4.4 Packet Analyzer Debuts with Major Enhancements

Wireshark 4.4 network protocol analyzer is out now with improved graphing tools, profile auto-switching, and exclusive support for Lua 5.4.
Wireshark, a leading free and open-source packet analyzer for network troubleshooting, analysis, and software and communications protocol development, just released its latest 4.4 version.

One of the significant upgrades is the series of improvements to its graphing dialogs. Users will notice substantial enhancements in I/O Graphs, Flow Graphs, VoIP Calls, and TCP Stream Graphs.

These dialogs boast increased responsiveness, reduced memory utilization, and more detailed and scalable visual representations.

Notably, the capability to handle smaller intervals—down to 1 microsecond—and support for more graph item buckets has been integrated, providing users with more precise and extensive data analysis options.

Moreover, Wireshark now supports automatic profile switching to streamline the user workflow, allowing users to associate display filters with specific configuration profiles. When a capture file that matches the filter is opened, Wireshark automatically switches to the corresponding profile, enhancing efficiency in managing multiple data sets.

Support for the Lua scripting language has been updated, with versions 5.3 and 5.4 now supported and earlier versions phased out. This update ensures that scripts and extensions that leverage Lua are more robust and compatible with modern features.

Additionally, the official Windows and macOS packages include the zlib-ng library instead of zlib for compressed file support, which offers significantly faster performance and enhances the overall user experience.

Wireshark 4.4 also introduces several new capabilities in display filtering. Users can now implement display filter functions as plugins, providing greater flexibility and power in data analysis.

Furthermore, display filters can now be directly translated to pcap filters, and custom columns can be defined with various data manipulations, from arithmetic calculations to protocol layer modifiers.

Needless to say, the release is rounded out with many minor improvements and bug fixes that enhance stability and usability.

Lastly, Wireshark 4.4 adds support for numerous new protocols, such as Allied Telesis Resiliency Link, and updates many existing ones. The release announcement provides detailed information on all changes.

