Analysis tools #5
Description
I think a summary tool, that would analyze a pcap file and dump a summary of its contents, would be really useful in some cases.
The initial version should produce tabular output, listing the flows identified in the pcap file (or in a live capture). Columns in this table should include # of packets and bytes to/from. It would also be cool to add TCP-specific stuff, like # of retransmissions.
This would essentially work like ntop, but mainly targeted at post-processing already captured traffic.
It may be helpful to consider a curses-based output, which would make this mode much more helpful when working on live captures.