This note assumes you know how to use the Mac “terminal application” to issue simple line commands and in particular Apple’s sudo command. These are common Unix reflexes. I hope that this note may help some with limited Unix reflexes. It would have helped me.

While using WiFi-AirPort-802.11 wireless, I groped thru man tcpdump for a while and came up with two commands that seem useful: 

sudo tcpdump -D
which enumerates the network interfaces accessible to tcpdump. On my Intel MacBook I got 
1.en0
2.fw0
3.en1
4.wlt1
5.lo0
On my 2015 MacBook Pro I get: 
1.en0 [Up, Running]
2.p2p0 [Up, Running]
3.awdl0 [Up, Running]
4.bridge0 [Up, Running]
5.utun0 [Up, Running]
6.utun1 [Up, Running]
7.en2 [Up, Running]
8.en3 [Up, Running]
9.lo0 [Up, Running, Loopback]
10.gif0
11.stf0
It seems that en1 is the one that makes tcpdump work for me. (en0 for MacBook Pro) 
sudo tcpdump -i en1
turns on the dump which sends stuff to the terminal window for each packet to or from the network, which in my case I suppose is the WiFi radio transmission.

The first 14 characters of an output line seem to be a time stamp by the local clock, then a space. Next is what I take to be a protocol code. Almost all lines are “IP” which means Internet protocol. Another is “arp” which is address resolution protocol which is used at the link layer to establish a map between the MAC addresses and IP addresses of local network members. In my case the link is the WiFi.

Mysteries

During 
sudo tcpdump -i en1 -w -
According to the man pages this should put out all IP traffic to the terminal. The command dig vjpoetw.com should presumably invoke the network. Output is not prompt as if buffering is in the output stream from tcpdump.

During

sudo tcpdump -l -i en1 -w -
ping woeooll.com yields no prompt output. I don’t know how long to wait.