["Fullager, Glenn" <gfullage@xxxxxxxxx>]

I know this has been asked before on this alias, but I'm having trouble
setting it up.  I have a large packet capture with some UDP packets that
have a phone number in them starting at frame offset 46.  So, offset 46 has
an 8, offset 47 has a 4, and so on up to the last number at offset 4d which
has say, a 2.

If I have a display filter of:

    frame[46] == 8 and udp.length > 30

Then I get all the packets with a phone number in them, no problem (assuming
the first number is an 8).  Now I want to get the one packet that has say,
84126852 in it.

I try 

    frame[46-4d] == 8:4:1:2:6:8:5:2 and udp.length > 30

which usually results in Ethereal crashing with an assertion error.  I even
try a simpler version with:

    frame[46-47] == 8:4 and udp.length > 30

and it still doesn't get every number starting with 84, in fact it doesn't
show any packets.  I'm sure I'm doing something stupid here with my
formatting, any ideas.

Thanks, Glenn.