I just needed to help our dev team in proving that certain IM messages weren’t being queued and then delivered once connection resumes. That calls for a TCPDUMP!
This command will show you the entire payload of a packet. The final “s” increases the snaplength, grabbing the whole packet.
tcpdump -nnvvXSs 1514 -i <device> <filters>
eg tcpdump -nnvvXSs 1514 -i eth1 host awebsite.com.org.net (fyi the domain doesn’t exist 😉 )
I also had to email it to management, who will continue the good fight, which requires some sort of usable output: