tcpdump is a program that performs capture of packet information for IP packets. It originally supported only TCP packets, but has since grown to decode all manner of protocols, including UDP and ICMP.
Hints
- Capture information to file with -w as on slower hosts you will drop information if you capture and display at same time. When you capture you also get to look at again (and again and again).
- Use -s0, as the default capture length does not capture enough information for many Protocols.
See also: