TCP DUMP command
tcpdump [ -adeflnNOpqRStuvxX ] [ -c count ]
[ -C file_size ] [ -F file ]
[ -i interface ] [ -m module ] [ -r file ]
[ -s snaplen ] [ -T type ] [ -U user ] [ -w file ]
[ -E algo:secret ] [ expression ]
Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression. It can also be run with the -w flag, which causes it to save the packet data to a file for later analysis, and/or with the -r flag, which causes it to read from a saved packet file rather than to read packets from a network interface. In all cases, only packets that match expression will be processed by tcpdump.
More here on official website : http://www.tcpdump.org/
tcpdump -w – -p -n -s 0 udp > /tmp/capture-packets.txt
-w ( Output file )
-p Dont start promiscous mode
-n – no name resolution
-s 0 (Full frame, not only first bytes)
udp ( only udp packets)
Nice Video : http://www.youtube.com/watch?v=OFpQLyQxt84
Similar tools wireshark.