what is it
tcpdump is a data-network packet analyzer computer program that allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.
what scenarios can I use it in
checking what DNS queries is my laptop sending on the wireless interface:
tcpdump -i wlan0 port 53
i have a docker container running locally on port 32768. i can check if there are any packets arriving at that port at all
tcpdump -i lo port 32768
what packets are coming into my server from IP 1.2.3.4?
tcpdump port 1337 and host 1.2.3.4