Andrew Watson wrote:
My questionis how can I output a file that I can then read / inspect?
As Jaap Keuter noted, the output of the "-w" flag isn't a text file,
it's a binary file containing raw packet data.
Either
1) don't use the "-w", just redirect the output, which will produce a
text file - in UN*X text file format, *not* Windows text file format, in
versions running on a UN*X (which CentOS is, being a Linux
distribution), so if you're planning on reading it on a Windows system
(as the ".txt" suggests you might be), you'll need a text editor that
can handle files with LFs but no CRs at the ends of lines
or
2) use "-w", and read the file with TShark or Wireshark (or any other
program that can read libpcap-format files) rather than with a text editor.