Am 20.02.2010 07:03, schrieb Hadi Motamedi: > > Dear All > > I have put tcpdump trace on port 4957 on my CentOS server , as the following : > > #tcpdump port 4957 > > I want to obtain the payload data to see what is realy being exchanged between my CentOS server and the outside network element . Can you please let me know how I can modify my command ? > > Thank you tcpdump -i ethX -p -s 0 -w /path/to/4957.trace.pcap port 4957 After finishing the trace you can load the saved pcap file into wireshark for a detailed analysis. Alexander