About

Wireshark is the world's foremost network protocol analyzer. It let you capture and interactively browse the traffic running on a computer network. More information about Wireshark can be found here

Install

To install Wireshark put this command to Terminal:

yum -y install wireshark

Usage

After that you can use command:

tethereal -i eth0 -w /home/capture.pcap

To save a dump of packets please stop capturing by pressing ctrl+c

Packets will be saved to directory /home/capture.pcap

You can send captured file capture.pcap from your server and open with Wireshark GUI and analyse the packets.

You can analyse network packets on real time on server using command:

tshark

More options with command tshark you can find here.