SET outputpath="C:\test2.csv"SET inputpath="C:\capture.pcapng"REM Displays

1. SET outputpath="C:\test2.csv"
2. SET inputpath="C:\capture.pcapng"
3.  
4. REM Displays the packets analysis and create an output file for them
5. tshark -r %inputpath% -E separator=, -T fields -e frame.number -e ip.src -e ip.dst_host -e ipv6.src -e ipv6.dst -e eth.src -e eth.dst -e ip.proto -e tcp.srcport -e tcp.dstport -e udp.srcport -e udp.dstport -e _ws.col.Protocol -e _ws.col.Info -E header=y > %outputpath%
6.  
7. REM Gets the amount of packets for each filter and append to the output file
8. tshark -r %inputpath% -Y "http" | find /c /v "" >> %outputpath%
9. tshark -r %inputpath% -Y "dns" | find /c /v "" >> %outputpath%
10. tshark -r %inputpath% -Y "tcp" | find /c /v "" >> %outputpath%
11. tshark -r %inputpath% -Y "arp" | find /c /v "" >> %outputpath%
12. tshark -r %inputpath% -Y "udp" | find /c /v "" >> %outputpath%
13.  
14. REM Gets the amount of 3 way hand-shake packets
15. tshark -r %inputpath% -Y "tcp.flags.syn==1 or (tcp.seq==1 and tcp.ack==1 and tcp.len==0 and tcp.analysis.initial_rtt)" | find /c /v "" > temp.txt
16. SET /p number=<temp.txt
17.  
18. REM Divides the amount of packets by 3(as you need 3 packets to form a 3 way hand-shake)
19. SET /A amount=%number%/3
20. echo %amount% >> %outputpath%
21. PAUSE