This book was originally developed by Richard Sharpe with funds provided from the Wireshark Fund.

It was updated by Ed Warnicke and more recently redesigned and updated by Ulf Lamping.

In addition, all source code is freely available under the GPL.

Because of that, it is very easy for people to add new protocols to Wireshark, either as plugins, or built into the source, and they often do!

Although Wireshark captures packets using a separate process the main interface is single-threaded and won’t benefit much from multi-core systems.