This is not a trivial problem.
You will need: - A good study of the tcpdump man page for the display format of the tcpdump file.
- A reasonable knowledge of regular expressions to parse the file
- Knowledge of a script language like awk, perl, python or ruby to produce the stats.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|