sudo tcpdump --interface=any --snapshot-length=0 -n -w /var/tmp/$HOSTNAME.$(date +%4Y-%m-%d_%H-%M-%S).pid_$$.pcap; ls -lrt /var/tmp/*.pcap | tail
alternatively:
PCAPFILE=/var/tmp/$HOSTNAME.$$.pcap; rm -f "$PCAPFILE"; tcpdump --interface=any --snapshot-length=0 -n -w "$PCAPFILE"
And consider adding some filter onto the end:
'port 80''host 10.10.1.1''tcp'