|
|
Sponsored Content
Top Forums
Shell Programming and Scripting
Sampling pcap file
Post 302471093 by sajal.bhatia on Friday 12th of November 2010 01:15:10 AM
11-12-2010
Thanks !!
First one works better. Don't know why but the second one make some error in counting the packets though the IP count is same.
Can this be extended to print only the IP addresses which are new in each interval by comparing it with previous interval? I mean for example the second interval (10-20 sec) had 30 IP's and first third interval (20-30) had 50 IP's, but out of these 50, 10 are common (i.e. also present in second interval). So the output file has one more column which prints out the new IP's i.e. 40 in this case.
The output file looks like this
#Time Packets IPs New IPs
The first interval (0-10) will have the same values for column 3 (IPs) and Column 4 (New IPs)
Thanks again
First one works better. Don't know why but the second one make some error in counting the packets though the IP count is same.
Can this be extended to print only the IP addresses which are new in each interval by comparing it with previous interval? I mean for example the second interval (10-20 sec) had 30 IP's and first third interval (20-30) had 50 IP's, but out of these 50, 10 are common (i.e. also present in second interval). So the output file has one more column which prints out the new IP's i.e. 40 in this case.
The output file looks like this
#Time Packets IPs New IPs
The first interval (0-10) will have the same values for column 3 (IPs) and Column 4 (New IPs)
Thanks again
|
|
7 More Discussions You Might Find Interesting
1. Programming
I don't know if this is the correct forum to post this but hopefully someone can atleast point me in the right direction if they can't help me.
I am trying to install the Net::Pcap module for perl from Tim Potter version .04. I have installed gcc 2.95.3 on my Solaris 8 box. I am sure it's just... (6 Replies)
Discussion started by: TioTony
6 Replies
2. Programming
I cant use pcap.h include file. How can I do so? :confused: (8 Replies)
Discussion started by: Pervez Sajjad
8 Replies
3. Programming
Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know?
Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies
4. Shell Programming and Scripting
Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know?
Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies
5. Shell Programming and Scripting
Hi everyone!
Can you please help me with some shell scripting?
I have an input file input.txt
It has 3 columns (Time, Event, Value)
Time event Value
03:38:22 A 57
03:38:23 A 56
03:38:24 B 24
03:38:25 C 51
03:38:26 B 7
03:38:26 ... (7 Replies)
Discussion started by: Needhelp2
7 Replies
6. Shell Programming and Scripting
I have a requirement where I have multiple flat file sources.
I need to create sample data from each source.
Example:
Source 1 has 10 flat files--
member, transaction,item,email,....etc
Now if I get any 10 records (say first 10 records) from the member flat file, I need to find those matching... (2 Replies)
Discussion started by: arrivederci
2 Replies
7. Programming
Hi Folks,
i got the following Problem: I want to make an analysis on a pcap file. (diestance between different packets and so on) The difficulty now... it's not a simple Ethernet/ IP/ File, but it's a SS7 file.
There are the Layers MTP2 MTP3 and ISUP. My analysis depends on the ISUP Layer.
Now... (0 Replies)
Discussion started by: thisismyname
0 Replies
LEARN ABOUT DEBIAN
grepcidr
GREPCIDR(1) General Commands Manual GREPCIDR(1) NAME
grepcidr -- Filter IP addresses matching IPv4 CIDR/network specification SYNOPSIS
grepcidr [-V] [-c] [-v] [-e pattern | -f file] DESCRIPTION
This manual page documents briefly the grepcidr command. This manual page was written for the Debian distribution because the original program does not have a manual page. grepcidr can be used to filter a list of IP addresses against one or more Classless Inter-Domain Routing (CIDR) specifications, or arbi- trary networks specified by an address range. As with grep, there are options to invert matching and load patterns from a file. grepcidr is capable of comparing thousands or even millions of IPs to networks with little memory usage and in reasonable computation time. OPTIONS
-V Show software version -c Display count of the matching lines, instead of showing the lines -v Invert the sense of matching, to select non-matching IP addresses -e Specify pattern(s) on command-line -f Obtain CIDR and range pattern(s) from file EXAMPLES
grepcidr -f ournetworks blocklist > abuse.log Find our customers that show up in blocklists grepcidr 127.0.0.0/8 iplog Searches for any localnet IP addresses inside the iplog file grepcidr "192.168.0.1-192.168.10.13" iplog Searches for IPs matching indicated range in the iplog file script | grepcidr -vf whitelist > blacklist Create a blacklist, with whitelisted networks removed (inverse) grepcidr -f list1 list2 Cross-reference two lists, outputs IPs common to both lists AUTHOR
This manual page was written by Ryan Finnie ryan@finnie.org for the Debian system (but may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 any later version published by the Free Software Foundation. On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL. GREPCIDR(1)