Buffer Implementation on a C Program by detection of packets using libpcap.

I have written a C program using libpcap which reads from a pcap file and detects per packet basis , if the packet is normal or malicious. The c program and Pcap file are both attached below. I need someone who is excellent with C program and has worked on Libpcap. The program needs some upgrade . The Current program is a offline sniffer which is reading the pcap file per packet basis and successfully detecting if the packet is malicious or normal. I need someone who can create a buffer and read a bunch of packets together (eg. 30 to 50 packets) together . And instead of per packet basis the attack should be detected on this bunch of packets. Program using libpcap to detect syn flood attack , in which you should be able to distinguish between normal and malicious packets by comparing the time stamp , IP address , Port Number, TCP Flag , SYN flags set or not set and number of counts in last 3 to 5 mins. And depending on above logic it should able to detect how many packets are normal or malicious in that bunch of packet. and also buffer should be like queue like not every time it should take 30-50 packets but it should be like if buffer size is 30, so it will take 30 packets but when 31st packet he capture from our file it should able to remove 1st packet and compare that 31st packet with remaining packets in buffer...... when we capture 32nd packet remove 2nd packet and compare the remaining packet with it......and so on .........and depend on this logic it should able to detect whether its attack or normal. Depend on this logic you should be able to detect whether its a normal or attack packet. A buffer should be used where the program should not read the pcap file on per packet basic but on chunk of packet basic or in a bunch of packet. i have attached the pcap file and the c program in this document. Any other doubts regarding the project can be discussed by me.