Comment Re:Well the only fool proof way... (Score 1) 491
Actually tshark is the command line version of wireshark, and it is the first tool I reach for unless I need some capabilities of tcpdump. Tshark will give you a lot more information and protocol decoding that is very useful for troubleshooting application layer protocol issues without the need for loading wireshark.