sniffing traffic
I was debugging an application at work the other day and needed to monitor tcp network traffic on ports 80 and 8080 from one of our servers to another server. I fired up tcp dump on the server with the following command:
tcpdump -Xvnes 0 -w /tmp/capture.log 'tcp and host 123.123.123.123 and (port 8080 or port 80)'
Replace 123.123.123.123 with the real ip of the destination server. This created a dump file at /tmp/capture.log that I could then load up in wireshark for analysis.