Search in text file in column and compare

this is the inside of a.txt and i need a perl script that called like
perl a.pl  a.txt 10.255.255.2

and it will start a decide mechanism

it will select the lines from $destination ip and group them for each  other column like that will get the biggest  :


10.255.255.2   TotalLine 1000
10.255.255.2  UDP   500 times
10.255.255.2  13 TTL    450 times
10.255.255.2  SameData    470 times
......







the column order is :

Time
Protocol Name
Flags
Protocol ID
TTL
SRC IP
SRC Port
Dest IP
Dest Port
Data Length
First 30 Byte of data



1439998658000   UDP             17      254     136.17.139.22   4488    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     44.35.5.131     9004    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     182.225.11.152  57782   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     165.88.135.184  22693   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     75.154.45.1     39499   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     182.87.50.206   22454   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     48.108.93.197   27696   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     1.112.117.104   28673   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     189.167.113.4   42941   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     13.208.145.43   53261   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     192.135.192.197 34752   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     209.88.52.22    22737   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     161.136.179.148 34977   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     141.171.137.167 43917   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     68.54.9.219     13892   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     42.23.142.205   5930    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     40.239.79.155   61224   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     26.231.157.230  59162   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     11.219.104.180  56075   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     176.125.231.113 32176   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     190.207.175.54  53182   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     67.29.32.215    7491    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     148.54.46.50    13972   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     60.185.251.176  47420   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     151.22.125.243  5783    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     36.71.186.169   18212   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     200.244.15.240  62664   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     133.46.124.125  11909   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     33.154.128.163  39457   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     3.35.227.250    8963    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     17.106.144.188  27153   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     149.94.108.100  24213   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     153.219.4.100   56217   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     29.114.66.113   29213   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     17.59.206.201   15121   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     168.173.86.176  44456   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     85.17.105.142   4437    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     36.82.145.50    21028   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     25.29.115.121   7449    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     52.60.238.134   15412   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     143.153.111.201 39311   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     28.154.11.121   39452   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     85.221.160.151  56661   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     157.165.164.251 42397   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     44.5.189.65     1324    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     40.225.184.58   57640   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     35.84.164.190   21539   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     145.94.247.57   24209   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     110.136.145.12  34926   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     30.213.131.8    54558   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     147.40.151.209  10387   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     208.183.249.254 47056   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     194.36.127.46   9410    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     174.143.184.253 36782   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     21.29.254.78    7445    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     170.16.152.71   4266    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     68.124.229.191  31812   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     97.76.23.97     19553   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     50.137.109.185  35122   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     217.155.167.172 39897   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     77.96.147.109   24653   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     99.11.132.226   2915    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     44.76.172.134   19500   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     39.5.72.23      1319    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     223.184.183.160 47327   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     171.195.78.44   50091   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     200.58.236.212  15048   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     153.147.138.29  37785   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     93.243.13.62    62301   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     29.216.107.211  55325   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     70.227.133.67   58182   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     29.136.58.237   34845   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     122.195.63.223  50042   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     75.0.150.55     75      10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     123.130.172.96  33403   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     177.42.100.218  10929   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     96.94.213.177   24160   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     191.189.222.170 48575   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     62.102.120.25   26174   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     215.59.170.118  15319   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     112.34.71.75    8816    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     99.119.190.181  30563   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     55.190.226.39   48695   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     75.209.180.183  53579   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     52.130.202.107  33332   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     113.70.50.181   18033   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     181.64.209.128  16565   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     104.165.57.33   42344   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     128.82.30.149   21120   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     203.118.4.145   30411   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     121.213.253.47  54649   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     210.190.156.76  48850   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     74.249.242.233  63818   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     12.142.50.212   36364   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     61.6.123.227    1597    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     78.53.11.166    13646   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     202.65.143.34   16842   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     100.72.221.53   18532   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     128.28.98.159   7296    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     113.88.240.5    22641   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     121.213.16.107  54649   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     99.112.27.104   28771   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     196.40.185.89   10436   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     195.249.246.102 63939   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     85.125.163.97   32085   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     5.17.18.111     4357    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     12.88.118.222   22540   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     3.186.8.167     47619   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     80.100.205.152  25680   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     85.212.152.154  54357   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     124.191.5.180   49020   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     71.184.253.123  47175   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     192.207.24.132  53184   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     135.96.37.202   24711   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     148.6.228.74    1684    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     123.231.67.230  59259   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     193.27.119.49   7105    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     78.13.177.149   3406    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     220.159.225.215 40924   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     72.231.191.110  59208   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     51.148.4.69     37939   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     77.87.139.112   22349   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     11.31.44.223    7947    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     182.245.48.117  62902   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     218.72.197.212  18650   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     212.34.212.173  8916    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     3.180.239.64    46083   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     143.137.214.32  35215   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     217.146.159.175 37593   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     83.118.0.20     30291   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     103.132.217.19  33895   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     142.243.152.19  62350   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     215.52.7.41     13527   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     71.138.138.5    35399   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     26.197.234.95   50458   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     69.218.125.70   55877   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     210.203.183.170 52178   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     17.178.159.40   45585   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     199.244.52.71   62663   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     96.94.232.236   24160   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     219.66.172.110  17115   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     47.81.132.60    20783   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     132.118.139.233 30340   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     91.7.204.233    1883    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     94.1.179.131    350     10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     50.60.19.222    15410   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     146.112.61.240  28818   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     91.225.218.194  57691   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     9.53.146.254    13577   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     186.140.152.123 36026   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     191.119.39.29   30655   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     210.197.158.68  50642   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     7.53.41.177     13575   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     27.29.220.198   7451    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     41.5.91.82      1321    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     72.200.172.186  51272   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     116.126.244.103 32372   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     75.179.59.92    45899   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     139.243.47.198  62347   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     181.64.111.145  16565   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     84.132.165.89   33876   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     182.250.25.243  64182   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     158.219.226.219 56222   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     43.25.123.237   6443    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     31.172.81.47    44063   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     66.124.131.208  31810   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     22.65.126.222   16662   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     97.63.213.56    16225   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     113.251.205.215 64369   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     173.195.97.103  50093   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     125.118.34.156  30333   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     29.161.72.72    41245   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     184.84.143.44   21688   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     90.23.25.163    5978    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     57.255.117.166  65337   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     169.220.92.135  56489   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     68.144.163.107  36932   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     121.182.253.182 46713   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     115.249.20.114  63859   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     40.150.84.93    38440   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     178.71.153.37   18354   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     188.78.118.198  20156   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     115.142.65.33   36467   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     8.178.54.219    45576   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     67.106.178.68   27203   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     95.119.227.12   30559   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     176.215.129.2   55216   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     78.69.186.228   17742   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     186.146.1.0     37562   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     59.19.150.65    4923    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     202.190.193.163 48842   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     63.13.125.219   3391    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     55.237.164.26   60727   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     219.128.206.35  32987   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     195.173.250.62  44483   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     167.195.195.86  50087   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     101.17.52.247   4453    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     179.209.104.156 53683   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     86.250.213.226  64086   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     27.136.175.23   34843   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     56.144.111.177  36920   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     130.64.77.9     16514   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     102.188.226.98  48230   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     144.27.85.169   7056    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     205.72.145.26   18637   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     128.136.92.117  34944   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     51.255.215.149  65331   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     81.7.152.47     1873    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     59.1.197.181    315     10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     79.233.14.126   59727   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     154.183.117.135 47002   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     160.70.182.44   18080   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     79.125.200.184  32079   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     14.124.97.72    31758   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     151.201.168.2   51607   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     134.84.109.164  21638   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     187.196.166.79  50363   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     6.255.83.30     65286   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     18.144.129.227  36882   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     136.158.71.127  40584   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     72.127.106.86   32584   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     20.218.91.190   55828   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     89.0.187.142    89      10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     168.16.172.214  4264    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     166.58.104.93   15014   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     159.203.149.34  52127   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     31.18.83.202    4639    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     140.85.5.27     21900   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     50.118.124.156  30258   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     62.201.205.63   51518   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     163.208.89.223  53411   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     182.184.163.167 47286   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     193.135.212.84  34753   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     128.33.58.85    8576    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     10.19.116.185   4874    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     32.14.39.132    3616    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     188.177.144.219 45500   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     152.78.136.248  20120   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     110.57.240.140  14702   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     145.107.25.181  27537   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     53.76.192.21    19509   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     164.204.45.153  52388   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     37.138.156.55   35365   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     91.107.224.100  27483   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     41.249.110.114  63785   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     24.145.25.90    37144   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     207.47.204.37   12239   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     178.197.176.118 50610   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     186.10.199.42   2746    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     137.238.11.139  61065   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     137.176.24.11   45193   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     153.79.32.111   20377   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     203.242.16.243  62155   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     21.42.32.202    10773   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     83.238.210.58   61011   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     131.88.3.65     22659   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     53.224.98.242   57397   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     30.13.143.13    3358    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     46.8.66.216     2094    10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     80.177.23.8     45392   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     15.148.23.128   37903   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     104.96.55.252   24680   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     193.117.3.201   30145   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     45.99.85.200    25389   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     5.76.158.141    19461   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     161.39.65.137   10145   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     177.198.72.237  50865   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     74.113.197.16   29002   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     129.113.254.96  29057   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000
1439998658000   UDP             17      254     190.53.177.209  13758   10.255.255.2    53      1048            000000000000000000000000000000000000000000000000000000000000

Open in new window

FireBallITAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

wilcoxonCommented:
I assume this is a continuation of your previous question.  If so, I'd suggest providing your current script in this question (or a link to the previous question) so that it is easier for people to modify the script to do what you want (or do you actually want a separate script this time?).
FireBallITAuthor Commented:
actually that will be just one script which is called from the other side after one second.
It logs into a text file and it has been succeded now i am checking from mysql for the connection counts and decide if there is an anomality on situation then if an ip address has anomality then it returns back to logs and search for the percantage of the processes.

so if i got a cumulative values for an ip address from the log
then i will create an ip tables rule to block the attack for x minutes then it will remove the block so it will allow to block attack
that will resolve

flood from same ip
flood from spoof ip with same data

but it will get more condition as possible as much like TTL , Packet size ....
FireBallITAuthor Commented:
That is a powerfull cent os server which has dual E5 2670 CPU and dual X520 10G ethernet cards to just stop

ACK , SYN , UDP , HTTP .... floods  which uses same packet or same ip or same source port or same ttl  :)

if it gets more then 3 Condition witha value of

total line - standart connection count = Y

%80 x  Y =  Smallest value we are looking for on the sum of the columns grouped by the ip address
wilcoxonCommented:
Try this...  It may be more complicated than you need but it seemed to me that some things don't make sense to look at in isolation (eg port really needs ip to be meaningful).
use strict;
use warnings;
my ($fil, $ip) = @_;
if (not -f $fil or not defined $ip) {
    die "Usage: $0 file_to_process ip_address\n";
}
open IN, $fil or die "could not open $fil: $!";
my %cache;
my @cols = (qw(time protocol_name flags protocol_id ttl src_ip src_port
               dest_ip dest_port data_len data));
my %cols = (time => 0, protocol_name => 1, flags => 2, protocol_id => 3,
            ttl => 4, src_ip => 5, src_port => 6, dest_ip => 7, dest_port => 8,
            data_len => 9, data => 10);
# set any col from above to 1 or another col name to process it as a single or pair
my %proc = (protocol_name => 1,
            src_ip => 'src_port',
            data_len => 'data');

while (<IN>) {
    chomp;
    my @fields= split /\s+/;
    next unless ($fields[7] eq $ip);
    for my $i (0..@fields) {
        next unless $proc{$cols[$i]};
        if ($proc{$cols[$i]} =~ /^\d+$/) {
            $cache{$cols[$i]}{$fields[$i]}++;
        } else { # col ref
            $cache{"$cols[$i]|$proc{$cols[$i]}"}{"$fields[$i]|$fields[$cols{$cols[$i]}]"}++;
        }
    }
}
close IN;
foreach my $col (sort keys %cache) {
    my ($val, $max) = maxval($cache{$col});
    print "$ip\t$col $val\t$max times\n";
}

sub maxval {
    my ($ref) = @_;
    my $key;
    my $max = 0;
    foreach my $key (keys %$ref) {
        if ($ref->{$key} > $max) {
            $val = $key;
            $max = $ref->{$key};
        }
    }
    return ($val, $max);
}

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Perl

From novice to tech pro — start learning today.