Wireshark will guess what higher level protocols are being used in a packet, but how can I get tcpdump to do likewise (or any other linux command line tool)?
For example, the following screenshot shows wireshark detecting "HTTP" as the protocol being captured: http://www.tohir.co.za/wp-content/uploads/2010/09/wireshark_filters.png
However, the cli output of tcpdump simply says it's "IP" protocol -- which is not false, but I am wanting a tool which can determine for me what common higher level protocol is being used.