#!/usr/local/bin/perl -w 
use strict;
use TimeSeries;
use HTTP::Date qw(parse_date);

my %hist = ();
while (<>) {
    my ($timestring, $rest) = m/(\w\w\w [ \d]\d \d\d:\d\d:\d\d) (.*)/;
    my %p = /(\S+)=(\S+)/g;
    if ($p{SRC} && ($p{SRC} =~ /^143.130\./)) {
	my $bucket;
	if ($p{PROTO} eq "ICMP") {
	    $bucket = "$p{SRC} $p{DST} $p{PROTO} $p{TYPE}/$p{CODE}";
	} else {
	    $bucket = "$p{SRC} $p{DST} $p{PROTO} $p{DPT}";
	}
	$hist{$bucket}++;
    } 
}

for (sort keys %hist) {
    print "$_ $hist{$_}\n";
}