Wireshark is a GUI tool used to analyze network traffic. While there is a linux GUI you can run from gnome if you have it installed, we’ll run the GUI from a Mac OSX desktop here (windows version also available) and load the data captured from a CentOS server from the command line.
Wireshark packages are included in the base repo, as are the requirements so you can install via yum.
yum -y install wireshark
This command will begin capturing packets going over eth0, to stop capturing hit ctrl-c. The output file will be mentioned when starting, it should look like /tmp/wireshark_eth0_timestamp.
dumpcap -i eth0
Now just scp this output file over to your desktop and open from within Wireshark. Wireshark GUI tutorials to follow.(Comments)