Is there any easy way to create a pcap file for the packets related to a specific datetime range maybe using tshark, tcpdump or another commandline tool?
tshark -R with frame.time seems promising but I haven't been able to work that out yet...
EDIT
The final command:
editcap -F libpcap -A "2013-07-20 23:00:00" -B "2013-07-20 23:20:00" input.pcap output.pcap
What you need is editcap. It's a command-line tool that is part of the Wireshark family.
Check out the man page at http://www.wireshark.org/docs/man-pages/editcap.html.
It takes a pcap file as input, and writes an output one. You may operate on the infile to filter content, for example, with start-time and end-time, packet number ranges, snap packet length, adjusting timestamps (!), etc. It's a great tool.
