#!/usr/bin/ksh

if [[ -z $1 ]]
then print -n "File: "
	read -r filename
else filename=$1
fi

result=$(/usr/local/bin/tcpdump -tqr $filename tcp | awk -f scantcp.awk)
if [[ -z $result ]]
then
	print "No TCP packets found in $filename"
	exit
fi

integer j
integer k
while ((1))
do
j=0
k=0
print "        Source           Destination   pkts bytes"
for i in $result
do
	if ((j==6))
	then
		print
		j=0
		k=k+1
	fi
	case $j in
	0)	print -n "$k\t"
		src[k]=$i;;
	1)	dst[k]=$i;;
	2)	sport[k]=${i%:};;
	3)	dport[k]=${i%:};;
	esac
	print -n "$i  "
	j=j+1
done
print

# read the line number
integer x=-1
while ((x<0 || x>k))
do
	print -n "Please enter a line number: "
	read -r x
done

if ((x==-1))
then exit
fi

args="-S"

integer packets=-1
while ((packets<0 || packets>2))
do print -n "Print packets[0], TCP stream[1], or both[2]? "
	read -r packets
done
case $packets in
	1) args=${args}atz;;
	2) args=${args}aZ;;
esac

integer t=-1

if((packets!=1))
then
	while ((t<0 || t>3))
	do print -n "Time format [0=none, 1=absolute, 2=delta, 3=relative]? "
		read -r t
	done
	case $t in
		0) args=${args}t;;
		2) args=${args}ttt;;
		3) args=${args}tttt;;
	esac
	t=-1
	while ((t<0 || t>1))
	do print -n "Long names[0] or short names[1]? "
		read -r t
	done
	if ((t==1))
	then args=${args}N
	fi
fi

if((packets==2))
then
	args=${args}X
fi

print
print "tcpdump ${args}r $filename tcp and src port ${sport[$x]} and dst port ${dport[$x]} and src host ${src[$x]} and dst host ${dst[$x]}"
print

/usr/local/bin/tcpdump ${args}r $filename tcp and src port ${sport[$x]}  and dst port ${dport[$x]} and src host ${src[$x]} and dst host ${dst[$x]}

done



