All other string display functions, including the find features only consider the first byte in the two byte unicode data. I know that this is not the most desirable way of dealing with Unicode but it does allow this to work. Would it be possible to simply code it (for now) to process double byte strings as single byte?
On Wed, 2003-08-27 at 13:37, Greg Morris wrote:
> My fault, I was looking for Unicode data. How do you intend on handling
> Unicode? I tested with
>
> frame contains ff.ff.ff.a7.fd
> And this works great.
>
> I also tested with
> frame contains test
> This also works great as long as the data pattern is consistent
> (Non-Unicode) but of course fails with Unicode.
>
> I was unable to filter with the frame contains on any Unicode patterns.
> I tried T.e.s.t, T e s t, etc... with no luck.
>
> Suggestions? This really would make this feature more robust.,
>
> Greg
>
I'm going to have to add some kind of syntax for different text
encodings. Something like:
frame contains EBCDIC("test")
I don't know Unicode very well, so I don't know all the different types
of Unicode encodings, so I won't even guess as to what the names for
those "functions" would be, but they would follow the above example.
Of course, the exact syntax is open for discussion.
--gilbert
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
