Originally Posted by LinuxGeek
Do you know of any scripts that will do the above automatically and give me statistics such as host A to host B on port 8008 saw 150 packets and so on?
If you know the identity of A and B beforehand, filtering out the number of packets from A to B:8008 is a one-line tshark command, I believe. Check the man page.
You can either just let it print out the selected packet details (and count them with wc), or use the -w option (from memory) to write the selected packets to a new pcap file for further processing.
If you don't know the identity of the hosts beforehand, it would be slightly more involved, but you can imagine one command to select (say) packets including a source IP addresses, and then pass that through sort/uniq to get a list of (source) hosts. Then you do the above for the hosts you've found talking to the server you want.