How to filter on a the contents of a packet in Wireshark?

Have you tried the "contains" or "matches" operators? For example,

tns.request and tns contains "Marshmallows"

or simply

frame matches "(?i)marshmallows"

The first example looks for TNS requests which contain the case-sensitive string "Marshmallows". The second example looks for "marshmallows" anywhere in any frame, ignoring case. ("contains" does simple string matching; "matches" lets you use PCRE modifiers).

---

Update: In Wireshark 2.6 and later "matches" is case-insensitive by default. You can use the "(?-i)" PCRE modifier to force case sensitivity.