Hi there, I've always used wireshark for packet sniffing, it solved most of my needs.
First of all, I'm not questioning the why of not having a port, I've read the previous posts (I really don't care why, don't start a discussion). My main need is debugging DNS packets (mDNS), and reading raw tcpdump output isn't very easy, I need to really debug the protocol, so something that could show me field names and values would be cool. Right now I'm using tcpdump and accounting stuff like: ok this is the id, so the next 2 bytes is the query type and so on... (this isn't working :-D). I understand I could make some script to interpret the values, but I'm sure you guys already though of something better. Thanks.