I don't think the actual packets have timestamps -- could be wrong -- but I know the libpcap files do contain them. I think your best bet (as mentioned above) is to use the Net::Pcap library to read the source file and get the timestamps from there. It seems it does have a pcap_open_offline method, which I don't know how to use, that probably reads the file in.

How to get the actual timestamps from the packets:

   sub process_packet {
       my($user_data, $header, $packet) = @_;

       print "time: $header->{tv_sec}\n";
   }

  # The header information is a reference to a hash containing the fol
+lowing fields.
  # 
  #  *   "len" - the total length of the packet.
  #  *   "caplen" - the actual captured length of the packet
  #  *   "tv_sec" - seconds value of the packet timestamp.
  #  *   "tv_usec" - microseconds value of the packet timestamp.
[download]