Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. (Wikipedia)
Download and setup
You can download Wireshark form the official website.
apt-get install wireshark
Resolve IP addresses (show domains instead of IP addresses)
- Edit > Preferences
- Under Name Resolution activate Resolve network (IP) addresses
Further information: Top 10 Wireshark Filters
Filter any packet with this IP as source or destination
ip.addr == IP-ADDRESS
Filter all HTTP packets with a specific content type and response code
http.content_type contains "text/html" and http.response.code == 200
Filter all HTTP packages with the content Xennis
data-text-lines contains "Xennis"
Filter all TCP packages with a port number greater then 60000
Problems and errors
Cannot capture as non root user
(1) Reconfigure wireshark and select yes for the question Should non-superusers be able to capture packets?. (2) Add your user account to the wireshark group
dpkg-reconfigure wireshark-common usermod -a -G wireshark $USER
Next logout and login again.