Steps to run a TCPDUMP on Redhat Linux
Red Hat Linux Enterprise and CentOS
If the tcpdump utility is not already installed, then you can install via "Yum":
yum install tcpdump
To run tcpdump and capture all incoming traffic for all interfaces on the server:
tcpdump -i any -w /tmp/capture.pcap
This will log on ANY interface and on ALL ports and save it to file /tmp/capture.pcap. To stop the capture at any time, simply issue a control-break (ctrl-c or ^c) on the shell command line where the tcpdump has been executed from.
A filter can also be applied to specifically narrow down the capture to a single port, for example if you wanted only port 8080 traffic:
tcpdump -i any port 8080 -w /tmp/capture.pcap
Or to narrow down to the trap port (default: 162) on the SpectroSERVER:
tcpdump -i any udp dst port 162 -w /tmp/capture.pcap
However, for most issues relating to Broadcom products - ANY/ALL is helpful and we can filter the results down using Wireshark.