The format of tcpdump command

Tcpdump only captures packets whose content satisfy expression (the format of is defined here). E.g., dump all HTTP protocol packets:

After inputting “Ctrl+C“ to terminate the tcpdump process, it also showed statistics of packets:

“packets captured” records the packets received and processed by . There are also “packets received by filter”, “packets dropped by kernel” and “packets dropped by interface” statistics. These items are fetched through API and depend on the underlying Operating System, so I would not elaborate them here.