At work, I’m currently debugging a problem requiring direct access to the network packets. The problem is between a linux box and a solaris box. At the linux side, tcpdump is my friend. On solaris, I’ve learned to use a tool called snoop. The magic that worked is:

./snoop -o /tmp/myhost.snoop -d bnx1 -P -q -s 181 host myhost.mydomain and
dst port xxxx and greater 180

This command will capture all packets to and from myhost with destination port xxxx and a size exactly matching 181 bytes. To replay the packets captured:

snoop -i /tmp/myhost.snoop