我的 MacBook 的 9229 端口有未知流量。
$ sudo tcpdump -i any -n port 9229
......
12:10:39.176502 IP6 ::1.62261 > ::1.9229: Flags [S], seq 638850191, win 65535, options [mss 16324,nop,wscale 5,nop,nop,TS val 1096627032 ecr 0,sackOK,eol], length 0
12:10:39.176520 IP6 ::1.62261 > ::1.9229: Flags [S], seq 638850191, win 65535, options [mss 16324,nop,wscale 5,nop,nop,TS val 1096627032 ecr 0,sackOK,eol], length 0
12:10:39.176535 IP6 ::1.9229 > ::1.62261: Flags [R.], seq 0, ack 638850192, win 0, length 0
12:10:39.176538 IP6 ::1.9229 > ::1.62261: Flags [R.], seq 0, ack 1, win 0, length 0
12:10:39.176741 IP6 ::1.62262 > ::1.9229: Flags [S], seq 3150040653, win 65535, options [mss 16324,nop,wscale 5,nop,nop,TS val 1096627032 ecr 0,sackOK,eol], length 0
12:10:39.176755 IP6 ::1.62262 > ::1.9229: Flags [S], seq 3150040653, win 65535, options [mss 16324,nop,wscale 5,nop,nop,TS val 1096627032 ecr 0,sackOK,eol], length 0
12:10:39.176768 IP6 ::1.9229 > ::1.62262: Flags [R.], seq 0, ack 3150040654, win 0, length 0
12:10:39.176772 IP6 ::1.9229 > ::1.62262: Flags [R.], seq 0, ack 1, win 0, length 0
12:10:39.176892 IP 127.0.0.1.62263 > 127.0.0.1.9229: Flags [S], seq 3515509457, win 65535, options [mss 16344,nop,wscale 5,nop,nop,TS val 1096627032 ecr 0,sackOK,eol], length 0
12:10:39.176908 IP 127.0.0.1.62263 > 127.0.0.1.9229: Flags [S], seq 3515509457, win 65535, options [mss 16344,nop,wscale 5,nop,nop,TS val 1096627032 ecr 0,sackOK,eol], length 0
12:10:39.176927 IP 127.0.0.1.9229 > 127.0.0.1.62263: Flags [R.], seq 0, ack 3515509458, win 0, length 0
12:10:39.176931 IP 127.0.0.1.9229 > 127.0.0.1.62263: Flags [R.], seq 0, ack 1, win 0, length 0
12:10:39.177042 IP 127.0.0.1.62264 > 127.0.0.1.9229: Flags [SEW], seq 204257524, win 65535, options [mss 16344,nop,wscale 5,nop,nop,TS val 1096627032 ecr 0,sackOK,eol], length 0
12:10:39.177059 IP 127.0.0.1.62264 > 127.0.0.1.9229: Flags [SEW], seq 204257524, win 65535, options [mss 16344,nop,wscale 5,nop,nop,TS val 1096627032 ecr 0,sackOK,eol], length 0
12:10:39.177078 IP 127.0.0.1.9229 > 127.0.0.1.62264: Flags [R.], seq 0, ack 204257525, win 0, length 0
12:10:39.177083 IP 127.0.0.1.9229 > 127.0.0.1.62264: Flags [R.], seq 0, ack 1, win 0, length 0
......
但是我找不到该进程netstat
。
$ netstat -an | grep 9229
$
或者用lsof
。
$ sudo lsof -i | grep 9229
$
我在一些数据包中tcpdump
找到了该字符串。因此我认为 Chrome 可能生成了这些流量。Google.Chrome
- 有人能帮我找出产生这些流量的 PID 吗?
- 如果是 Chrome,如何在不关闭 Chrome 的情况下阻止 Chrome 产生流量?
谢谢。
答案1
使用上网本。
提示:使您的终端窗口尽可能宽。nettop 有大量的列,但除非窗口足够宽,否则它不会显示它们。