[Ethereal-users] Two filter questions

["Joshua Wright" <Joshua.Wright@xxxxxxx>]

I've been very happy with Ethereal and particularly happy with its filter capability, but am having trouble with two particular filters and am hoping someone can assist.

+ From looking through the -users archives, I've seen a few older posts asking if it's possible to match strings in payload data.  The Ethereal "data" macro would make me think this is possible, but when I try to apply a filter with 'data[4:4] eq "All "', I get an error message stating '"All " is not a valid byte string'.  Is there a way to match strings in the data payload of a packet when I can specify an offset and length value?

+ The 802.11 decoder has been very helpful to me, saving me in many occasions from the painful byte-counting analysis I was doing with tcpdump.  I am interested in using the wlan_mgt.tag.interpretation macro to match non-ascii characters.  I am successful with this filter when trying to match ascii characters, e.q. 'wlan_mgt.tag.interpretation eq "myessid"', but I am having trouble matching with 'wlan_mgt.tag.interpretation eq 0x6D796573736964'.  I'm trying to match SSIDs with non-printable characters - is there a way to accomplish this?

Many thanks.

-Joshua Wright
Team Leader, Networks and Systems
Johnson & Wales University
Joshua.Wright@xxxxxxx 
http://home.jwu.edu/jwright/

pgpkey: http://home.jwu.edu/jwright/pgpkey.htm
fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73