1

Counting the number of flows in a tcpdump file

view story
linux-howto

http://serverfault.com – I have a large tcpdump file which I need to parse to identify the number of flows in the capture based on the ( source ip + source port , destination ip + destination port ) pairs. Does tcpdump / any other tool provide any means to obtain such data directly? / Any tips on how to optimize my parser to perform this operation? Any help / leads are very much appreciated. Thanks. (HowTos)