I am taking a Wireshark course from CBT Nuggets and the instructor is using version 1.8.7 which I believe is based on GTK. This appears to have a number of changes and some of them are really quite useful and appear to add a lot of functionality that does not appear to be available yet in the 2.2.1 version I am using. Are all the older version before 2.0 based on GTK and therefore likely to have the features like history for packet browsing and builtin ip address name resolution? These are just two things I have found so far that I could benefit from. I'm all for using the newer version but it seems like there are some features missing that I would rather wait on before moving up to version 2.x releases. Opinions? asked 25 Jan '17, 09:35  spkay31 |
One Answer:
As mentioned elsewhere Wireshark is likely to be dropping the GTK builds for Windows and macOS for version 2.4.x. You can see some info about the changes to the UI toolkits listed on the LifeCycle wiki page. Name resolution is available in both versions, that's provided by the dissection library which is common between GTK and Qt. For info about the Qt port (not entirely sure if it's up to date) see the wiki page here. If you follow the link for the Qt UI bugs note that a lot of them aren't actually Qt UI bugs, they need to be moved to a different category. answered 25 Jan '17, 09:55  grahamb ♦ |
If you think there are missing features, please file bugs on them at the Wireshark Bugzilla.