linux monitors the method of specifying network packets using the tcpdump command

Print all communication packets between local host and host on Berkeley network (nt: ucb-ether, here can be understood as 'Berkeley network 'network address, the original meaning of this expression can be expressed as: print all packets with network address ucb-ether)

tcpdump net ucb-ether

Print all ftp packets that pass through the gateway snup (note that the expression is enclosed in single quotes, which prevents shell from parsing the brackets incorrectly)

tcpdump 'gateway snup and (port ftp or ftp-data)'

Print all IP packets whose source or destination addresses are localhost

If the local network is connected to another network through the gateway, the other network is not considered a local network.

tcpdump ip and not net localnet