If your still having trouble,
you could also capture on command line and view in wireshark.
eg
Code:
sudo tcpdump -w trace.pcap -s 1600 -i eth0
This will run tcpdump where
-w specifies a file to dump to, (in this case trace.pcap) which wireshark can open,
-s changes the capture size from default 64 bytes to 1600. If you don't change this all packets will appear truncated.
-i specifies an interface , in this case, eth0.
You can get crafty with your capture command line by specifying port numbers, protocol types, host names or IP addresses etc.
When the trace has been ran, control c to stop and open using wireshark.
Wireshark is good however, for watching packets in realtime,
You can do that with tcpdump also using the -v (verbose) option, however, thats not as good as wireshark
Bookmarks