Wireshark 是世界上最流行的开源、免费跨平台网络协议分析软件，它经常被网络专家用户排错、部署、分析和教育活动中。目前Wireshark 2.2.0已经发布，包括一系列bug修复以及其他新特性。
Upgrading to latest version uninstalls Microsoft Visual C++ redistributable. (Bug 12712)
Extcap errors not reported back to UI. (Bug 11892)
The following features are new (or have been significantly updated) since version 2.2.0rc2:
No major changes since 2.2.0rc2.
The following features are new (or have been significantly updated) since version 2.2.0rc1:
"Decode As" supports SSL (TLS) over TCP.
The following features are new (or have been significantly updated) since version 2.1.1:
Invalid coloring rules are now disabled instead of discarded. This will provide backward compatibility with a coloring rule change in Wireshark 2.2.
The following features are new (or have been significantly updated) since version 2.1.0:
Added -d option for Decode As support in Wireshark (mimics TShark functionality)
The Qt UI, GTK+ UI, and TShark can now export packets as JSON. TShark can additionally export packets as Elasticsearch-compatible JSON.
The Qt UI now supports the -j, -J, and -l flags. The -m flag is now deprecated.
The Conversations and Endpoints dialogs are more responsive when viewing large numbers of items.
The RTP player now allows up to 30 minutes of silence frames.
Packet bytes can now be displayed as EBCDIC.
The Qt UI loads captures faster on Windows.
proto_tree_add_checksum was added as an API. This attempts to standardize how checksums are reported and filtered for within *Shark. There are no more individual "good" and "bad" filter fields, protocols now have a "checksum.status" field that records "Good", "Bad" and "Unverified" (neither good or bad). Color filters provided with Wireshark have been adjusted to the new display filter names, but custom ones may need to be updated.