Hi,
I do a lot of tracing which requires searching / filtering on the data
stream.
I have tried the "Find Frame" and "Filtering" options with the following
parameters.
smb[0:] == 43:00:6f:00:6d:00:6d:00: ;I copied the hex data stream from
the hex data of a trace.
ip[0:] == 43:00:6f:00:6d:00:6d:00: ;I copied the hex data stream from the
hex data of a trace.
tcp[0:] == 43:00:6f:00:6d:00:6d:00: ;I copied the hex data stream from
the hex data of a trace.
data[0:] == 43:00:6f:00:6d:00:6d:00: ;I copied the hex data stream from
the hex data of a trace.
I've have also tried to search for hex streams that were not separated by
the 00 hex characters as in the above example, same results.
Applying as a Filter displays no results and Find Frame responds with a "No
Packet Matched Filter" message.
I am guessing Ethereal dose not support this, but as it is important to me I
want to make sure before I abandon it for this application.
Thanks for any feed back.
John
****************************************************************************
This email may contain confidential material.
If you were not an intended recipient,
Please notify the sender and delete all copies.
We may monitor email to and from our network.
****************************************************************************
