I've looked over the MAN pages for TCPdump and I am still unclear on how to look though traffice based on port.
I want to look at HTTP traffic (in and out) on eth0. But be able to read the headers.
I've seen it before when I could see the URL etc of the packet to see what people were trying to view.
How is this done with TCPdump?