How to get random packets from a .pcap file?
I am trying to get a random subset of packets from a .pcap file. To do so, I have written the following shell script:
large_number=150000
smaller_number=10000
selected_packet_numbers=$(shuf -i 0-"$large_number" -n "$smaller_number")
editcap -r capture.pcap capture-selected.pcap $selected_packet_numbers
However, editcap is giving me the following error:
Out of room for packet selections
Using a shell loop would take an unreasonably long time.
What can I do to select a random subset of packets from a .pcap file?
Comments