I've been very happy with Ethereal and particularly happy with its filter capability, but am having trouble with two particular filters and am hoping someone can assist.
+ From looking through the -users archives, I've seen a few older posts asking if it's possible to match strings in payload data. The Ethereal "data" macro would make me think this is possible, but when I try to apply a filter with 'data[4:4] eq "All "', I get an error message stating '"All " is not a valid byte string'. Is there a way to match strings in the data payload of a packet when I can specify an offset and length value?
+ The 802.11 decoder has been very helpful to me, saving me in many occasions from the painful byte-counting analysis I was doing with tcpdump. I am interested in using the wlan_mgt.tag.interpretation macro to match non-ascii characters. I am successful with this filter when trying to match ascii characters, e.q. 'wlan_mgt.tag.interpretation eq "myessid"', but I am having trouble matching with 'wlan_mgt.tag.interpretation eq 0x6D796573736964'. I'm trying to match SSIDs with non-printable characters - is there a way to accomplish this?
Many thanks.
-Joshua Wright
Team Leader, Networks and Systems
Johnson & Wales University
Joshua.Wright@xxxxxxx
http://home.jwu.edu/jwright/
pgpkey: http://home.jwu.edu/jwright/pgpkey.htm
fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73
