Is there any filter in Wireshark which can calculate a cummulative of the packets received and sent over a given period of time. For example, the filter flags a host and destination if more than 150 packets are received in a second. This can be used to track possible denial of service attacks and so may prove to be very useful for me
asked 16 Oct '17, 10:33
Nope. Filters can only decide if any individual packet should be captured\displayed, they don't provide aggregation facilities over multiple packets.
The area you're looking at sounds more like network security tools rather than packet analysis.
answered 16 Oct '17, 11:01