tcplencount: Tool to count total payload len on a tcpdump output

5be1d464 · Kirill Smelkov · dacd4007 · 5be1d464
Commit 5be1d464 authored Oct 22, 2020 by Kirill Smelkov
Hide whitespace changes
Inline Side-by-side

Showing with 40 additions and 0 deletions

tcplencount tcplencount +40 -0

No files found.
--- a/tcplencount
+++ b/tcplencount
+#!/usr/bin/env -S python -u
+# tcplencount - count payload length in tcpdump output
+# Usage: tcpdump ... | tcplencount
+# (ex: tcpdump --immediate-mode -i eth0 -n -S  tcp and port 443 | tcplencount)
+#
+# FIXME is there an existing tool to do this?
+
+from __future__ import print_function, absolute_import
+
+import sys, re
+from time import time as now
+
+# 19:41:36.558143 IP 151.101.65.69.443 > 192.168.0.2.32918: Flags [P.], seq 3080627664:3080628656, ack 1305215952, win 411, options [nop,nop,TS val 3681237519 ecr 232665256], length 992
+lenrex = re.compile('.*, length ([0-9])+$')
+
+print_interval = 1.0
+KB = 1024.
+MB = 1024*KB
+
+def main():
+    lentotal = 0
+    tstart = tprint = now()
+    while 1:
+        l = sys.stdin.readline()
+        if l == '':
+            break # EOF
+        m = lenrex.match(l)
+        if m is None:
+            print('E: bad line: %r' % l, file=sys.stderr)
+            sys.exit(1)
+        length = int(m.group(1))
+        lentotal += length
+        t = now()
+        if (t - tprint) > print_interval:
+            tprint = t
+            print('total: %.3f MB\t(%.3f MB/s)' % (lentotal / MB, lentotal / MB / (t - tstart)))
+
+
+if __name__ == '__main__':
+    main()