ipsumdump

Dump summary of packets from a pcap file

$ ipsumdump -r [capture.pcap]

$ sudo ipsumdump -i [eth0]

$ ipsumdump -r [capture.pcap] --src --dst

$ ipsumdump -r [capture.pcap] --timestamp --src --dst --proto

$ ipsumdump -r [capture.pcap] --filter '[tcp port 80]' --src --dst

$ ipsumdump -r [capture.pcap] --src --sport --dst --dport --length

ipsumdump [-r file] [-i interface] [--filter expression] [--output fields] [options]

ipsumdump summarizes network traffic by extracting and displaying selected fields from packet headers. It reads from pcap files or captures live traffic, producing compact text output suitable for further processing.
The tool is designed for network analysis and measurement, producing ASCII output with one line per packet. It's particularly useful for creating datasets for analysis, generating aggregate statistics, or extracting specific packet fields.

-r file

Read from pcap file

Capture live traffic from interface

BPF filter expression

Output source IP address

Output destination IP address

Output source port

Output destination port

Output IP protocol

Output packet timestamp

Output packet length

Output payload data

Don't set interface to promiscuous mode

Write output to file

Live capture requires root/administrator privileges. High traffic volumes may cause packet drops. Output format is text-based; for binary analysis, consider other tools. Part of a suite that includes ipaggcreate and ipaggmanip.

ipsumdump was developed by Eddie Kohler at UCLA (later ICSI) for network measurement research. First released in the early 2000s, it's built on the Click modular router framework and remains useful for network traffic analysis and research.

tcpdump(1), tshark(1), ipaggcreate(1), ipaggmanip(1)