极客观点
项目管理
HarmonyOS
April 7 2025 Event: Little Snitch alerted of an incoming connection attempt from IPv4 142.250.191.99 to UDP port 56878 (denied). IP is in a Google-controlled range.
- Little Snitch Network Monitor showed no previous connections to
syslogdprocess in the last month and no previous incoming connections from that IP. But there were outgoing connections to it, like an outgoing UDP QUIC connection from Safari tofonts.gstatic.comon port 443 at the same time. syslogdis the Apple System Log server at/usr/sbin/syslogd. Itsmanpage says it should not listen for UDP connections by default but it was. The port 56878 seems randomly selected and was different on different macOS volumes.- Theory: Outgoing QUIC connection randomly selected the same local UDP port as
syslogd, causing Google to attempt to connect tosyslogdby chance.
- Little Snitch Network Monitor showed no previous connections to
- Addendum: Realized
syslogdUDP listener was present on macOS 12 Monterey and also appeared on Big Sur after booting into different versions.syslogddoesn't always listen on a UDP port, e.g., not on current MacBook Pro. Unsure when and why it starts and stops listening. - Author and Links: By Jeff Johnson (https://lapcatsoftware.com/), with links to his apps (https://underpassapp.com/, https://www.paypal.me/JeffJoh..., Mastodon (https://mastodon.social/@lapc... "@mailto:lapcatsoftware@mastodo...l") and articles index (https://lapcatsoftware.com/ar... "The Desolation of Blog"). Previous article was NSURLComponents changed in macOS 15.4.
为什么 macOS 的 syslogd 正在监听 UDP 连接?
Why is macOS syslogd listening for UDP connections?
https://lapcatsoftware.com/articles/2025/4/2.html
阅读 36
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。