sudo tcpdump -XX -i eth1 tcpdump verbose output suppressed use -v or -

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
1 % sudo tcpdump -XX -i eth1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
18:27:47.765697 ARP, Request who-has 192.168.1.129 tell router.asus.com, length 46
0x0000: ffff ffff ffff 74d0 2b5d 6c20 0806 0001 ......t.+]l.....
0x0010: 0800 0604 0001 74d0 2b5d 6c20 c0a8 0101 ......t.+]l.....
0x0020: 0000 0000 0000 c0a8 0181 0000 0000 0000 ................
0x0030: 0000 0000 0000 0000 65ab 9611 ........e...
18:27:47.960351 IP 87.250.242.169.49635 > coalmine.http: Flags [F.], seq 1428690534, ack 452444109, win 8192, options [nop,nop,TS val 504922510 ecr 41468065], length 0
0x0000: ac22 0bcb 0fd5 74d0 2b5d 6c20 0800 4518 ."....t.+]l...E.
0x0010: 0034 6506 4000 3606 d26f 57fa f2a9 c0a8 .4e.@.6..oW.....
0x0020: 01ea c1e3 0050 5528 1666 1af7 bfcd 8011 .....PU(.f......
0x0030: 2000 de3e 0000 0101 080a 1e18 818e 0278 ...>...........x
0x0040: c0a1 ..