#!/usr/bin/perl -w
use strict;
# expect output of tcpdump -e -tt:
# 1112435754.534889 0:a0:24:b5:24:a4 0:1:2:f9:fa:67 ip 74:
# posbi.wsr.ac.at.2592 > lipo.at0.net.nntp: S 3984513449:3984513449(0)
# win 32120 <mss 1460,sackOK,timestamp 3461018906 0,nop,wscale 0> (DF)

my %octets;

while (<>) {
    if (/([\d.]+) ([\w:]+) ([\w:]+) ip (\d+): ([-\w.]+)\.(\w+) > ([-\w.]+)\.(\w+):/) {
	# print;
	# print "-> $1 $2 $3 $4 $5 $6 $7 $8\n";
	my $ts = int($1/3600)*3600;
	my $octets = $4;
	my $sip = $5;
	my $sport = $6;
	my $dip = $7;
	my $dport = $8;
	# print "-> proto = $proto\n";
	$octets{"$ts $sip $dip"} += $octets;
    }
}
for my $i (sort keys %octets) {
    print $i, " ", $octets{$i}, "\n";
}

#vim:sw=4