Cheking content for all zeros

["Salim Douba" <Salim () cygnos com>]

Greetings all,

I am trying to devlelop a rule that checks the payload of an ICMP packet
for an all zero content (nothing but zeros in the content). I haven't
had a luck finding a way doing it. Any ideas would be greatly
appreciated. Execuse my ignorance if this question has been asked
before. I searched the archives to no avail (it might be something that
I did wrong searching).

Salim Douba