tcpdump -s 1518 -lenx -i eth0

tcpdump -i eth0 -Alnq host 172.28.5.96 and port 80

tcpdump -nnvvXSs 1514 -i eth0 host 172.28.5.96 and port 80

tshark 'tcp port 80 and host 172.28.5.96 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' 

OS X issues - http://discussions.apple.com/thread.jspa?threadID=1904197&tstart=0

filter examples - http://www.danielmiessler.com/study/tcpdump/

ttcp http://www.ccci.com/product/network_mon/tnm31/ttcp.htm

netpipe-tcp netpipe is a protocol independent performance tool that encapsulates the best of ttcp and netperf and visually represents the network performance under a variety of conditions. By taking the end-to-end application view of a network, netpipe clearly shows the overhead associated with different protocol layers. Netpipe answers such questions as: how soon will a given data block of size k arrive at its destination? Which network and protocol will transmit size k blocks the fastest? What is a given network's effective maximum throughput and saturation level? Does there exist a block size k for which the throughput is maximized? How much communication overhead is due to the network communication protocol layer(s)? How quickly will a small (< 1 kbyte) control message arrive, and which network and protocol are best for this purpose?