Snoop vs. Tcpduimp

Thu, 12 Jun 2003 15:45:56 -0700

Okay, this has been bugging me for a while now.  I've R'ed the hell out of
TFMs, and I still can't figger this out.  Using Solaris' snoop command, I
can do troubleshooting of layer 7 of the OSI model.  I can view the data of
an SMTP dialog, a DNS query, an HTTP GET etc.  Can I do this with tcpdump on
Linux?  I suspect the answer is "Nope, you can only see the lower layers."
If it isn't possible, is there a common command line tool for Linux that
*will* let me do this?

~Jeff