More information: https://www.tcpdump.org

- List available network interfaces:
  tcpdump -D

- Capture the traffic of a specific interface:
  tcpdump -i eth0

- Capture all TCP traffic showing contents (ASCII) in console:
  tcpdump -A tcp

- Capture all TCP traffic showing contents (HEX) in console:
  tcpdump -X tcp

- Capture all ICMP traffic without DNS:
  tcpdump -i any -n icmp

- Capture all ICMP and print link level header:
  tcpdump -i any -e icmp

- Capture all ICMP and print more information:
  tcpdump -i any -v icmp

- Capture the traffic from or to a host:
  tcpdump host www.example.com

- Capture the traffic from a specific interface, source, destination and port:
  tcpdump -i eth0 src 192.168.1.1 and dst 192.168.1.2 and dst port 80

- Capture all UDP traffic from or to port 5000:
  tcpdump -i any udp and port 5000

- Capture the traffic of a network:
  tcpdump net 192.168.1.0/24

- Complex BPF syntax (https://biot.com/capstats/bpf.html):
  tcpdump -i any 'icmp and (host 8.8.8.8 or host 8.8.4.4)'

- Capture all traffic except traffic over port 22 and save to a dump file:
  tcpdump -w dumpfile.pcap port not 22

- Read from a given dump file:
  tcpdump -r dumpfile.pcap