Steps to run a TCPDUMP on Redhat Linux

Red Hat Linux Enterprise and CentOS

1. If the tcpdump utility is not already installed, then you can install via "Yum":
   
   yum install tcpdump


2. To run tcpdump and capture all incoming traffic for all interfaces on the server:
   
   tcpdump -i any -w /tmp/capture.pcap


3. This will log on ANY interface and on ALL ports and save it to file /tmp/capture.pcap. To stop the capture at any time, issue a control-break (ctrl-c or ^c) on the shell command line where the tcpdump has been executed from.
4. A filter can also be applied to specifically narrow down the capture to a single port, for example if you wanted only port 8080 traffic:
   
   tcpdump -i any port 8080 -w /tmp/capture.pcap


5. Or to narrow down to the trap port (default: 162) on the SpectroSERVER:
   
   tcpdump -i any udp dst port 162 -w /tmp/capture.pcap

However, for most issues relating to Broadcom products - ANY/ALL is helpful and we can filter the results down using Wireshark.