Any idea how to force tcpdump to dump ONLY TCP part? It seems to be dumping whole IP packet. I want to suppress IP header Yes, I know about Wireshark. But sometimes I need command-line CLI tool.

It’s been a while, but I believe tcpflow might be what you’re looking for. Have you looked into that yet?

Edit: Found this link that sounds exactly like what you’re asking for: linux - How do I make tcpdump not print the tcp headers? - Server Fault