On Tue, Mar 10, 2009 at 3:55 PM, Dante Lanznaster <[email protected]> wrote: > Use wireshark on a laptop to sniff what's going on. >
I'd second that, especially for quick looks at small traces. But if it is going to be a long trace, and there's no X server on the box, leave tcpdump running, capturing to a series of files. We do this in our lab as a "time machine" kind of thing. It's always recording. If something funny happens during network communication from one of our scripts we can pick up the most recent trace, and see what happened. You can use tcpdump to filter the trace for what you want. Then just load what you are interested in into Wireshark. Nothing beats a proper network trace for understanding what is actually happening on the network. -- John.
