Remember tcpdump?  That good old command-line packet analyzer, that's used to capture and analyze network traffic?  Has more switches than a 10,000 square mansion has light switches   Well, with all its capabilities, I suppose all those switches are warranted!  

It's a beautiful tool, allowing packets to be filtered based on criteria such as source/destination IP addrewss, port number, protocol, and a whole lot more!

It's truly fascinating to see the dizzying amount of information that scrolls down the screen when the command is run without any switches. 

Note: tcpdump requires elevated permissions inorder to capture packets for troubleshooting or analysis

Now, before I move into the bowels of this awesome tool, I have a question.  One of the switches that is available with tcpdump is:   --list-interfaces

When I run the command,

         #  ip  a  s

I see only a loopback interface, and a single physical interface.   However, when I run the command

         #  tcpdump  --list-interfaces

I see that same loopback interface and physical interface, along with several other interface names.  Why are those names appearing in that tcpdump output?