简单来说， captured是tcpdump处理过之后，得到的数据包数量，亦即最终获得的pcap文件中数据包数量； received是经过过滤器处理的所有数据包； dropped则是未经处理的数据包数量。

关于具体含义，有一些与操作系统有关都部分，tcpdump文档中有说明。

 When tcpdump finishes capturing packets, it will report counts of:

          packets ``captured'' (this is the number of packets that tcpdump has received and processed);

          packets  ``received by filter'' (the meaning of this depends on the OS on which you're running
          tcpdump, and possibly on the way the OS was configured - if a filter was specified on the com-
          mand  line, on some OSes it counts packets regardless of whether they were matched by the fil-
          ter expression and, even if they were matched by the filter expression, regardless of  whether
          tcpdump  has  read  and  processed  them  yet,  on other OSes it counts only packets that were
          matched by the filter expression regardless of whether tcpdump has  read  and  processed  them
          yet,  and  on other OSes it counts only packets that were matched by the filter expression and
          were processed by tcpdump);

          packets ``dropped by kernel'' (this is the number of packets that were dropped, due to a  lack
          of buffer space, by the packet capture mechanism in the OS on which tcpdump is running, if the
          OS reports that information to applications; if not, it will be reported as 0).