Dave Huang wrote:
> Hi, I've got a tcpdump capture file and am looking for a utility that
> will read the file and output either the average bandwidth over an
> interval of time or the number of bytes in that interval of time.
> tcptrace -xslice is almost perfect--the only problem is that it only
> counts TCP packets. I need the data for all packets in the trace.
> 
> For those who aren't familiar with it, the output from tcptrace
> -xslice looks like:
> 
> date                segs    bytes  rexsegs rexbytes      new   active
> --------------- -------- -------- -------- -------- -------- --------
> 15:03:26.707663     1790   241521        8     4457       21       21
> 15:03:41.707663     2875   799428        5     7281       32       39
> 15:03:56.707663     2590   688734       19    11988       17       34
> 15:04:11.707663     2856  1063850       16    18228       44       52
> 15:04:26.707663     2188   550299        8     7696        6       39
> 
> I only need the "date" and "bytes" columns.

Dave, 

You need averages over time.  I'm sure there are other ways, but if it
were me, I'd use sqlite3, believe it or not.  You can import your text
file, above, and use the database's time and avg() functions to compute
your answer.  

FWIW.  

--jkl