Here is a script that can use tshark to split a large pcap to multiple small pcaps

inpcap="test.pcap"

max=$(tshark  -r $inpcap -n -T fields -e frame.number|tail -1)

# This is the number of packets in each split pcap
c=1

# Save all new pcaps to out, if it does not exist, create it.
[[ ! -d out ]] && mkdir out

for i in $(seq 1 $max $c)
do
        tshark  -r $inpcap  -n -c $c "frame.number==$i" -w out/$i.pcap
        #Do other stuff, if required
        read -p "Send the next packet? "
done

A very simple 3-4 line script that has saved my day so may times.

Edit: I found a nice tcpdump cheatsheet https://comparite.ch/tcpdumpcs

Related Articles:

• 2013/01/16   dnstop – top like utility for Fedora and other *nix
• 2019/05/27   libvirt- Create virtual machine with text console only interface
• 2018/04/23   Port php mysql scripts to php 7.0 from 5.x version
• 2017/12/25   send mail using telnet from script
• 2017/04/10   scapy packet dump to packet