To obtain a full packet capture with tcpdump you need to use '-s 0' to 
prevent the payload from being stipped and direct the ouput to a file 
like the following:

[root@miallen3 root]# tcpdump -s 0 -w mycapture.pcap 'port 137 || 138 
|| 139 || 445'
tcpdump: listening on eth0

38 packets received by filter
0 packets dropped by kernel

[root@miallen3 root]# tcpdump -s 1514 -w mycapture.pcap 'port 137 || 
138 || 139 || 445'