Is there a way, on Linux / MacOs to find which process is filtering my UDP packets on a specific port ?
Here some details and why I'm asking:
On my MacOs ( Mojave 10.14) , if I try to send a UDP packet to any address ( DNS resolves correctly) to port 443, I cannot see anything leaving my laptop ( using tcpdump)
If I do the exact same test but for a different port , for instance 444, I can see the packet leaving ( on tcpdump).
There is a process which is filtering UDP packet to port 443 and I want to know which process it is ( Firewall disabled on my mac).
The exact commands I'm using for my tests :
sudo tcpdump udp port 443
nc -u IPADDRESS 443
I type something stuff here..
==> I cannot see anything going through
sudo tcpdump udp port 444
nc -u IPADDRESS 444
I type something stuff here..
==> I can see a datagram leaving my interface
I know this can be tricky to find which process might be filtering this port.. If anyone has an idea, would be great.
I would not want to rely on the method ' Kill everything until it works'
Copyright Notice:Content Author:「Yannick」,Reproduced under the CC 4.0 BY-SA copyright license with a link to the original source and this disclaimer.
Link to original article:https://stackoverflow.com/questions/61867329/linux-macos-know-which-process-filter-udp-443-packets