I need to capture only the hostnames to the network I connect. I don't need the full traffic. e. g. I expect to get only names like "www.google.com", "facebook.com", "plus.google.com" etc. and save them in a file. What TCPDUMP command should I run in Android 4.4.2 ? N.B. I have tcpdump binary installed as /system/bin/tcpdump
The best tcpdump command for your purposes would probably be tcpdump -q ip or ip6.
There is no tcpdump command that will only show the host names corresponding to the IP source and destination addresses of packets - you'll get other information, such as packet time stamps and at least a minimum attempt to dissect the packet's contents, even with the -q flag - so you'd have to do some post-processing to extract the domain names, but the format of tcpdump text output isn't too hard to parse - you might see packets like
18:12:01.344016 IP www.sonic.net > 192.168.42.66: ICMP echo reply, id 61009, seq 1, length 64
or
18:13:02.576498 IP 192.168.42.66.60726 > www.sonic.net.http: tcp 0
18:13:02.611576 IP www.sonic.net.http > 192.168.42.66.60726: tcp 0
18:13:02.611653 IP 192.168.42.66.60726 > www.sonic.net.http: tcp 0
18:13:06.235021 IP 192.168.42.66.60726 > www.sonic.net.http: tcp 16
so you'd need to remove the time stamps and the "IP" (or "IP6"), remove the colon and everything after it, and, for TCP or UDP packets remove the last ".XXX" from the source and destination addresses (unless you want the source and destination port numbers/names; that's what the last component is for TCP or UDP packets). The ">" separates the source and destination addresses.
That means you'd probably need to install either a program such as sed, or a n interpreter for a scripting language such as AWK, Perl, or Python, to use that to do the post-processing.
If you want something giving only the domain names for the source and destination IP addresses, you might have to write it yourself.