srcports.sh

#!/bin/sh
# (c) Barry Irwin <bvi@moria.org>
# November 2018
# takes in a tcpdump input as below.  prints out a lsit of the source ports.

# format expected (TCp/UDP only)
# 02:57:23.020317 IP A.B.C.D.SPORT > A.B.C.D.dport : Flags [S], seq 1995830557, win 14600, length 0

cat - | awk '{print $3}' | awk -F. '{print $5}'|  sed -e 's/://g' |sort | uniq -c | sort -rn