[CentOS] tcpdump?

Sat Feb 20 10:36:37 UTC 2010
Alexander Dalloz <ad+lists at uni-x.org>

Am 20.02.2010 07:03, schrieb Hadi Motamedi:
> 
> Dear All
> 
> I have put tcpdump trace on port 4957 on my CentOS server , as the following :
> 
> #tcpdump port 4957
> 
> I want to obtain the payload data to see what is realy being exchanged between my CentOS server and the outside network element . Can you please let me know how I can modify my command ?
> 
> Thank you

tcpdump -i ethX -p -s 0 -w /path/to/4957.trace.pcap port 4957

After finishing the trace you can load the saved pcap file into
wireshark for a detailed analysis.

Alexander