Every once in a while I run into an obscure computer technology that is a hidden gem, which over the years has become mostly forgotten. This is exactly how I feel about the tcpdump tool and its kernel counterpart the packet filter interface. For example, say you run: $ tcpdump -ni eth0 ip and udp and port 53 For most of us this command is pure magic, almost nobody understands what happens behind t