Can you do something for me. Type 'whoami' & enter and then type 'ls -al /tmp/usr/sbin/tcpdump' & enter and post the output, if you would. Thanks.
Typically it's a chmod permission error in Linux. Easily fixed by finding who wants to execute it and what the existing permissions are. chmod 777 or +rxw tcpdump would fix it for everyone, but it's not typically good security practice to give everyone execute/write permissions(even in a tmp directory). So, trying to see who's kicking it off.
Note here you have to substitute "ar71xx/generic" by the directory of your specific router platform, and you should check in that directory what is the latest version of tcpdump.
ipkg will throw an error in the post-install script, but that doesn't hurt.
I succeeded with running ipkg against the trunk version of tcpdump for my WNDR3700v1:
Thank you so much, Salzrat! Those exact same instructions worked great on my D-link DIR-632 (same ar71xx chipset). So now I can run /tmp/usr/sbin/tcpdump , and it shows all the network traffic - yay!
if you are running Windows with putty installed (on Linux, you can just use ssh). However, ssh/plink asks for a password, so you should use key-authentication. Generate a public key using puttygen, paste it into the authorized keys section in the webinterface (making sure that sshd is enabled). This can be found in the Services tab (note the key needs to be formatted slightly differently on the router). Use pageant on the PC to load your private key.
Note that tcpdump will not survive a reboot of a router, since it's in RAM only.