Is there an easy command line tool for packet sniffing a single command on linux?

networking linux command-line-interface packet-analyzer

Solution 1:

There isn't any that I know of, but it theoretically shouldn't be hard to get something similar. Strace can be used to intercept networking syscalls. 

# strace -f -e trace=network -s 10000 /usr/bin/command arguments

This will give you information about the data sent between the kernel and the process. The output of strace isn't exactly what you'd want. However, strace uses the ptrace syscall to intercept system calls. It might be possible to write a program to output the data a little more usefully.

Alternatively, you can also intercept the nice useful socket, bind and listen syscalls. It might be possible to write a small program that used ptrace on these calls and libpcap to dynamically change the capture filter every time a new socket is opened.

Solution 2:

Tracedump

Tracedump is a single application IP packet sniffer, which captures all TCP and UDP packets of a single Linux process.

Download and description here: http://mutrics.iitis.pl/tracedump

Related

The difference between desktop-series HDD drives and server-series
How to make my boss understand that a server fault is a bad thing?
virsh: VM console does not show any output
Is there a way to see what is actually filtering TCP port communication?
Easy way to transfer files between host and LXC container on LVM
mount: wrong fs type, bad option, bad superblock on /dev/xvdf1, missing codepage or helper program, or other error
How can I improve my Windows XP start up time?
Apply multiple .patch files
mysqldump doesn't create tables or import any data
How to watch for count of new lines in tail
Testing a servers ability to serve a particular domain
Equivalent to the htop command on Windows