tcpdump – dump traffic on a network 


tcpdump [ -adeflnNOpqRStuvxX ] [ -c count ]
[ -C file_size ] [ -F file ]
[ -i interface ] [ -m module ] [ -r file ]
[ -s snaplen ] [ -T type ] [ -U user ] [ -w file ]
[ -E algo:secret ] [ expression ]

Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression. It can also be run with the -w flag, which causes it to save the packet data to a file for later analysis, and/or with the -r flag, which causes it to read from a saved packet file rather than to read packets from a network interface. In all cases, only packets that match expression will be processed by tcpdump.

More here on official website :

tcpdump -w – -p -n -s 0 udp > /tmp/capture-packets.txt

-w ( Output file )
-p Dont start promiscous mode
-n – no name resolution
-s 0 (Full frame, not only first bytes)
udp ( only udp packets)


Nice Video :

Similar tools wireshark.