Capturing fucking bound/inbound packets to Android devices.
Network setup
Network composition is fucking important here because your computer is going to be an observer of packets bound or inbound to your android devices in this particular circumstance. In most of home wireless network scenarios, people connect their mobile devices and laptops to the Internet via broadband router. Here, because all the packets go through router, the routers are absolutely possible candidate to observe all the packets going out to the Internet. But sorry, you can't use router to see the packets. Why can't you use it as an observer? Well, that's because unless your router is fucking expensive one, you can't login into router to see the packets. Moreover, even if it is possible to login, you may not be allowed to access them. To do that, we will put our computer in the middle of the device and the Internet. Not literally though. In short, your device should be connected to the internet/LAN via your computer, an packet observer. On Macbook Pro, open up "Sharing". Select "Internet Sharing". Plugin an ethernet cable to your MBP. Share your connection from Ethernet to computers using WiFi. Since my MacbookPro doesn't have Ethernet port, I used USB Ethernet Adapter.
tcpdump(BSD)
As a Mac user, I recommend you tcpdump instead of Wireshark. Wireshark is great tool but it runs kinda slow. Also, X11 desktop application is not my cup of tea; we are forced to use CTRL key to copy and paste. tcpdump command requires you superuser privilege. If you don't have it, ask it to your mom.
Note that tcpdump on Mac doesn't work like GNU's tcpdump since it's BSD tcpdump.
Make sure that the manual you are refering is a manual for BSD tcpdump, otherwise you are wasting your time looking at wrong documentation: it's like playing video games on Windows.
Case studies
Assumption
| device | IP Address | port | protocol |
| MacbookPro | 192.168.20.1 | * | * |
| Server | brazzers.com | 9000 | TCP/IP |
| Android | 192.168.20.2 | * | TCP/IP |
- Android connected to the Internet via Network interface bridge0 on MacbookPro.
All packets coming to your Android device.
sudo tcpdump -i bridge0 -v 'dst 192.168.20.2'
option `-v` triggers verbose mode.
All packets from brazzers.com coming to your Android device.
sudo tcpdump -i bridge0 -v 'dst 192.168.20.2 and src brazzers.com'
All packets from port 9000 at brazzers.com coming to your Android device.
sudo tcpdump -i bridge0 -v 'dst 192.168.20.2 and (src brazzers.com and tcp port 9000)'
Save all raw packets to a file:dump bound from port 9000 at brazzers.com coming to your Android device.
sudo tcpdump -i bridge0 -w dump -v 'dst 192.168.20.2 and (src brazzers.com and tcp port 9000)'
That's All I needed.
Love.
