sudo lsof -p $(pgrep fzmacappproxy) |wc -l 28 AU-L-0534:udppassthrough_withmitm richardwang$ sudo lsof -p $(pgrep fzmacappproxy) -iTCP -iUDP -n -P | wc -l 144 AU-L-0534:udppassthrough_withmitm richardwang$ sudo lsof -p $(pgrep fzmacappproxy) COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME com.famil 960 root cwd DIR 1,11 384 746134 /private/var/root/Library/Containers/com.familyzone.macappproxy.fzmacappproxy/Data com.famil 960 root txt REG 1,11 55592080 2909353 /Library/SystemExtensions/8D1C106D-6EA1-469B-87D9-45420894F5A7/com.familyzone.macappproxy.fzmacappproxy.systemextension/Contents/MacOS/com.familyzone.macappproxy.fzmacappproxy com.famil 960 root txt REG 1,11 48316 2908354 /Library/Preferences/Logging/.plist-cache.0ZkpciiO com.famil 960 root txt REG 1,11 32768 2908378 /private/var/db/mds/messages/se_SecurityMessages com.famil 960 root txt REG 1,11 169563 2908608 /private/var/db/analyticsd/events.whitelist com.famil 960 root txt REG 1,11 2160672 1152921500312810115 /usr/lib/dyld com.famil 960 root txt REG 1,11 29638992 1152921500312821865 /usr/share/icu/icudt68l.dat com.famil 960 root 0r CHR 3,2 0t0 331 /dev/null com.famil 960 root 1u CHR 3,2 0t0 331 /dev/null com.famil 960 root 2u CHR 3,2 0t0 331 /dev/null com.famil 960 root 3 NPOLICY com.famil 960 root 4u KQUEUE count=0, state=0xa com.famil 960 root 5u systm 0xd9d0d6782b7f00ed 0t0 [ctl com.apple.flow-divert id 1 unit 1] com.famil 960 root 6u IPv4 0xd9d0d67cf90fdfc5 0t0 TCP localhost:49219->localhost:openmailpxy (ESTABLISHED) com.famil 960 root 7u KQUEUE count=0, state=0xa com.famil 960 root 8 PIPE 0x16f4b00565915ab4 16384 ->0xacbf0638a900fdfd com.famil 960 root 9 PIPE 0xacbf0638a900fdfd 16384 ->0x16f4b00565915ab4 com.famil 960 root 10 CHAN flowsw 6980A6AE-9572-43AE-AEEE-94C5DAFD734A[18] user-packet-pool com.famil 960 root 11u unix 0xd9d0d67cf900b56d 0t0 ->0xd9d0d67cf900b635 com.famil 960 root 12u systm 0xd9d0d6782b7eff6d 0t0 [ctl com.apple.netsrc id 6 unit 18] com.famil 960 root 13u IPv4 0xd9d0d67cf90faa65 0t0 TCP 192.168.0.183:49240->208.109.201.35.bc.googleusercontent.com:https (ESTABLISHED) com.famil 960 root 14u IPv4 0xd9d0d67cf9101505 0t0 TCP 192.168.0.183:49241->208.109.201.35.bc.googleusercontent.com:https (ESTABLISHED) com.famil 960 root 15u IPv4 0xd9d0d67cf90fffc5 0t0 TCP 192.168.0.183:49242->208.109.201.35.bc.googleusercontent.com:https (ESTABLISHED) com.famil 960 root 16u IPv4 0xd9d0d67cf9100a65 0t0 TCP 192.168.0.183:49243->208.109.201.35.bc.googleusercontent.com:https (ESTABLISHED) com.famil 960 root 17u IPv4 0xd9d0d67cf90f9fc5 0t0 TCP 192.168.0.183:49244->208.109.201.35.bc.googleusercontent.com:https (ESTABLISHED) com.famil 960 root 18u IPv4 0xd9d0d67cf90f7fc5 0t0 TCP 192.168.0.183:49245->208.109.201.35.bc.googleusercontent.com:https (ESTABLISHED) com.famil 960 root 19u IPv4 0xd9d0d67cf90e6a65 0t0 TCP 192.168.0.183:49288->208.109.201.35.bc.googleusercontent.com:https (ESTABLISHED) AU-L-0534:udppassthrough_withmitm richardwang$ sudo lsof -p $(pgrep fzmacappproxy) -iTCP -iUDP -n -P COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME launchd 1 root 7u IPv6 0xd9d0d67cf90932ed 0t0 TCP *:22 (LISTEN) launchd 1 root 8u IPv4 0xd9d0d67cf9118a65 0t0 TCP *:22 (LISTEN) launchd 1 root 10u IPv6 0xd9d0d67cf90932ed 0t0 TCP *:22 (LISTEN) launchd 1 root 11u IPv4 0xd9d0d67cf9118a65 0t0 TCP *:22 (LISTEN) launchd 1 root 13u IPv4 0xd9d0d6782be640bd 0t0 UDP *:* launchd 1 root 35u IPv4 0xd9d0d6782be5de5d 0t0 UDP *:138 configd 111 root 25u IPv4 0xd9d0d6782be5f9ed 0t0 UDP *:* configd 111 root 28u IPv4 0xd9d0d6782be5f3cd 0t0 UDP *:* configd 111 root 29u IPv4 0xd9d0d6782be5f6dd 0t0 UDP *:* configd 111 root 30u IPv4 0xd9d0d6782be6031d 0t0 UDP *:* remoted 118 root 3u IPv6 0xd9d0d67cf90939cd 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49152->[fe80:7::aede:48ff:fe33:4455]:59602 (ESTABLISHED) remoted 118 root 4u IPv6 0xd9d0d67cf90940ad 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49153 (LISTEN) remoted 118 root 5u IPv6 0xd9d0d67cf909478d 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49154 (LISTEN) remoted 118 root 6u IPv6 0xd9d0d67cf9094e6d 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49155 (LISTEN) remoted 118 root 7u IPv6 0xd9d0d67cf909554d 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49156 (LISTEN) remoted 118 root 8u IPv6 0xd9d0d67cf9095c2d 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49157 (LISTEN) remoted 118 root 9u IPv6 0xd9d0d67cf909630d 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49158 (LISTEN) remoted 118 root 10u IPv6 0xd9d0d67cf90969ed 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49159 (LISTEN) syslogd 136 root 10u IPv4 0xd9d0d6782be37cfd 0t0 UDP *:62736 locationd 149 _locationd 11u IPv4 0xd9d0d6782be410bd 0t0 UDP *:* AgentMon 150 root 9u IPv4 0xd9d0d67cf9115505 0t0 TCP 192.168.0.183:49179->194.31.144.50:5721 (ESTABLISHED) fc-system 155 root 13u IPv4 0xd9d0d67cf9117fc5 0t0 TCP 127.0.0.1:5770 (LISTEN) fc-system 155 root 19u IPv4 0xd9d0d67cf90e2a65 0t0 TCP 192.168.0.183:62900->35.201.89.241:443 (CLOSED) fc-system 155 root 20u IPv4 0xd9d0d67cfa8e3505 0t0 TCP 192.168.0.183:62132->34.117.241.107:443 (CLOSED) fc-system 155 root 22u IPv4 0xd9d0d67cf90f2a65 0t0 TCP 192.168.0.183:64842->35.197.166.202:443 (CLOSED) fc-system 155 root 23u IPv4 0xd9d0d67cf90fea65 0t0 TCP 127.0.0.1:5768->127.0.0.1:49219 (ESTABLISHED) fc-system 155 root 24u IPv4 0xd9d0d67cf9117505 0t0 TCP 127.0.0.1:5768 (LISTEN) fc-system 155 root 25u IPv4 0xd9d0d67cf90f0a65 0t0 TCP 192.168.0.183:51534->54.66.249.77:443 (CLOSED) fc-system 155 root 26u IPv4 0xd9d0d67cfa8eaa65 0t0 TCP 127.0.0.1:5768->127.0.0.1:49269 (ESTABLISHED) fc-system 155 root 36u IPv4 0xd9d0d67cf90f3505 0t0 TCP 192.168.0.183:54506->35.244.73.253:443 (CLOSED) PerfPower 158 root 12u IPv4 0xd9d0d6782be63dad 0t0 UDP *:* PerfPower 158 root 14u IPv4 0xd9d0d6782be5226d 0t0 UDP *:* PerfPower 158 root 15u IPv4 0xd9d0d6782be5162d 0t0 UDP *:* PerfPower 158 root 16u IPv4 0xd9d0d6782be5257d 0t0 UDP *:* KaseyaEnd 160 root 21u IPv4 0xd9d0d67cf90edfc5 0t0 TCP 192.168.0.183:49290->194.31.144.50:5721 (ESTABLISHED) bluetooth 165 root 11u IPv4 0xd9d0d6782be49b4d 0t0 UDP *:* bluetooth 165 root 12u IPv4 0xd9d0d6782be4a78d 0t0 UDP *:* bluetooth 165 root 14u IPv4 0xd9d0d6782be59dad 0t0 UDP *:* AirPlayXP 169 root 3u IPv4 0xd9d0d6782be53e5d 0t0 UDP *:* AirPlayXP 169 root 4u IPv4 0xd9d0d6782be5447d 0t0 UDP *:* AirPlayXP 169 root 6u IPv4 0xd9d0d6782be5321d 0t0 UDP *:* trustd 181 _trustd 26u IPv4 0xd9d0d67cfa8ebfc5 0t0 TCP 192.168.0.183:54455->17.253.121.202:443 (CLOSED) trustd 181 _trustd 27u IPv4 0xd9d0d67cf9105fc5 0t0 TCP 192.168.0.183:59929->17.253.121.202:443 (CLOSED) symptomsd 194 _networkd 25u IPv4 0xd9d0d6782be6347d 0t0 UDP *:* findmydev 204 root 3u IPv6 0xd9d0d67cf90970cd 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49160->[fe80:7::aede:48ff:fe33:4455]:49272 (ESTABLISHED) mDNSRespo 243 _mdnsresponder 6u IPv4 0xd9d0d6782be4f78d 0t0 UDP *:5353 mDNSRespo 243 _mdnsresponder 7u IPv6 0xd9d0d6782be4fa9d 0t0 UDP *:5353 airportd 267 root 5u IPv4 0xd9d0d6782be618ed 0t0 UDP *:* airportd 267 root 6u IPv4 0xd9d0d6782be6283d 0t0 UDP *:* airportd 267 root 11u IPv6 0xd9d0d6782be62e5d 0t0 UDP *:* airportd 267 root 18u IPv4 0xd9d0d6782be4983d 0t0 UDP *:* airportd 267 root 23u IPv4 0xd9d0d6782be61bfd 0t0 UDP *:* airportd 267 root 24u IPv4 0xd9d0d6782be4ee5d 0t0 UDP *:* airportd 267 root 25u IPv4 0xd9d0d6782be4c62d 0t0 UDP *:* airportd 267 root 29u IPv4 0xd9d0d6782be5c57d 0t0 UDP *:* airportd 267 root 31u IPv4 0xd9d0d6782be47f5d 0t0 UDP *:* mobileass 273 root 10u IPv4 0xd9d0d67cfa8e3fc5 0t0 TCP 192.168.0.183:56976->23.202.172.97:443 (CLOSED) corekdld 304 root 3u IPv6 0xd9d0d67cf9097e8d 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49161->[fe80:7::aede:48ff:fe33:4455]:49265 (ESTABLISHED) SubmitDia 305 root 3u IPv6 0xd9d0d67cf90977ad 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49155->[fe80:7::aede:48ff:fe33:4455]:49286 (ESTABLISHED) SubmitDia 305 root 5u IPv6 0xd9d0d67cf9098c4d 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49173->[fe80:7::aede:48ff:fe33:4455]:49281 (ESTABLISHED) softwareu 312 _softwareupdate 4u IPv4 0xd9d0d67cfa8e5505 0t0 TCP 192.168.0.183:49806->23.202.172.97:443 (CLOSED) softwareu 312 _softwareupdate 5u IPv4 0xd9d0d67cfa8e1fc5 0t0 TCP 192.168.0.183:53343->23.202.172.97:443 (CLOSED) Kaseya.Ag 335 root 12u IPv4 0xd9d0d67cfa8ed505 0t0 TCP 192.168.0.183:49270->194.31.144.50:5721 (ESTABLISHED) wifip2pd 359 root 3u IPv4 0xd9d0d6782be56c4d 0t0 UDP *:* biometric 451 root 3u IPv6 0xd9d0d67cf909856d 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49172->[fe80:7::aede:48ff:fe33:4455]:49285 (ESTABLISHED) mobileact 576 root 3u IPv6 0xd9d0d67cf9092c0d 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49180->[fe80:7::aede:48ff:fe33:4455]:49278 (ESTABLISHED) trustd 593 richardwang 23u IPv4 0xd9d0d67cf90e3505 0t0 TCP 192.168.0.183:58487->17.253.121.202:443 (CLOSED) trustd 593 richardwang 24u IPv4 0xd9d0d67cf90dea65 0t0 TCP 192.168.0.183:62730->17.253.121.202:443 (CLOSED) trustd 593 richardwang 25u IPv4 0xd9d0d67cfa8edfc5 0t0 TCP 192.168.0.183:64349->17.253.121.202:443 (CLOSED) trustd 593 richardwang 26u IPv4 0xd9d0d67cfa8e9505 0t0 TCP 192.168.0.183:53898->17.253.121.202:443 (CLOSED) trustd 593 richardwang 27u IPv4 0xd9d0d67cfa8e8a65 0t0 TCP 192.168.0.183:49417->17.253.121.202:443 (CLOSED) rapportd 609 richardwang 3u IPv4 0xd9d0d67cf9113fc5 0t0 TCP *:49181 (LISTEN) rapportd 609 richardwang 4u IPv6 0xd9d0d67cf909932d 0t0 TCP *:49181 (LISTEN) rapportd 609 richardwang 5u IPv4 0xd9d0d6782be3e26d 0t0 UDP *:* rapportd 609 richardwang 6u IPv4 0xd9d0d6782be398ed 0t0 UDP *:* identitys 618 richardwang 23u IPv4 0xd9d0d6782be5693d 0t0 UDP *:* identitys 618 richardwang 28u IPv4 0xd9d0d6782be52f0d 0t0 UDP *:* cloudd 623 richardwang 190u IPv4 0xd9d0d67cf90effc5 0t0 TCP 192.168.0.183:57789->17.248.252.46:443 (CLOSED) cloudd 623 richardwang 198u IPv4 0xd9d0d67cf90fb505 0t0 TCP 192.168.0.183:54518->17.248.252.46:443 (CLOSED) ControlCe 636 richardwang 17u IPv4 0xd9d0d6782be5193d 0t0 UDP *:* ControlCe 636 richardwang 20u IPv4 0xd9d0d67cf9113505 0t0 TCP *:7000 (LISTEN) ControlCe 636 richardwang 21u IPv6 0xd9d0d67cf909232d 0t0 TCP *:7000 (LISTEN) ControlCe 636 richardwang 22u IPv4 0xd9d0d67cf9111fc5 0t0 TCP *:5000 (LISTEN) ControlCe 636 richardwang 23u IPv6 0xd9d0d67cf908bc0d 0t0 TCP *:5000 (LISTEN) ControlCe 636 richardwang 26u IPv4 0xd9d0d6782be5416d 0t0 UDP *:* sharingd 643 richardwang 4u IPv4 0xd9d0d6782be4231d 0t0 UDP *:* sharingd 643 richardwang 8u IPv4 0xd9d0d6782be3d93d 0t0 UDP *:* sharingd 643 richardwang 9u IPv4 0xd9d0d6782be3ccfd 0t0 UDP *:* sharingd 643 richardwang 10u IPv4 0xd9d0d6782be3d00d 0t0 UDP *:* sharingd 643 richardwang 11u IPv4 0xd9d0d6782be3a83d 0t0 UDP *:* sharingd 643 richardwang 26u IPv4 0xd9d0d6782be646dd 0t0 UDP *:* sharingd 643 richardwang 27u IPv4 0xd9d0d6782be6562d 0t0 UDP *:* Spotlight 650 richardwang 12u IPv4 0xd9d0d67cf90f8a65 0t0 TCP 192.168.0.183:60716->106.10.236.72:443 (CLOSED) Google 687 richardwang 19u IPv4 0xd9d0d67cf90e3fc5 0t0 TCP 192.168.0.183:60284->35.201.11.93:443 (CLOSED) Google 687 richardwang 23u IPv4 0xd9d0d67cf90ff505 0t0 TCP 192.168.0.183:56600->142.250.204.14:443 (CLOSED) Google 687 richardwang 24u IPv4 0xd9d0d67cf90fbfc5 0t0 TCP 192.168.0.183:64441->142.250.66.227:443 (CLOSED) Google 687 richardwang 25u IPv4 0xd9d0d67cf90e5505 0t0 TCP 192.168.0.183:58808->3.233.145.197:443 (CLOSED) Google 687 richardwang 26u IPv4 0xd9d0d67cf90e4a65 0t0 TCP 192.168.0.183:53327->172.217.24.36:443 (CLOSED) Google 687 richardwang 27u IPv4 0xd9d0d67cf90f5fc5 0t0 TCP 192.168.0.183:54010->162.247.242.19:443 (CLOSED) Google 687 richardwang 29u IPv4 0xd9d0d67cf90eca65 0t0 TCP 192.168.0.183:59323->172.217.24.36:443 (CLOSED) Google 687 richardwang 32u IPv4 0xd9d0d67cf90f7505 0t0 TCP 192.168.0.183:65025->142.250.204.14:443 (CLOSED) WirelessR 689 root 3u IPv4 0xd9d0d6782be4fdad 0t0 UDP *:* WirelessR 689 root 4u IPv4 0xd9d0d6782be649ed 0t0 UDP *:* WirelessR 689 root 5u IPv4 0xd9d0d6782be64cfd 0t0 UDP *:* WiFiAgent 711 richardwang 6u IPv4 0xd9d0d6782be5352d 0t0 UDP *:* wifiveloc 738 root 3u IPv4 0xd9d0d6782be4e52d 0t0 UDP *:* com.apple 745 richardwang 9u IPv4 0xd9d0d6782be62b4d 0t0 UDP *:* com.apple 745 richardwang 14u IPv4 0xd9d0d6782be6000d 0t0 UDP *:* nsurlsess 756 richardwang 7u IPv4 0xd9d0d67cf9102a65 0t0 TCP 192.168.0.183:58802->17.248.252.72:443 (CLOSED) com.famil 960 root cwd DIR 1,11 384 746134 /private/var/root/Library/Containers/com.familyzone.macappproxy.fzmacappproxy/Data com.famil 960 root txt REG 1,11 55592080 2909353 /Library/SystemExtensions/8D1C106D-6EA1-469B-87D9-45420894F5A7/com.familyzone.macappproxy.fzmacappproxy.systemextension/Contents/MacOS/com.familyzone.macappproxy.fzmacappproxy com.famil 960 root txt REG 1,11 48316 2908354 /Library/Preferences/Logging/.plist-cache.0ZkpciiO com.famil 960 root txt REG 1,11 32768 2908378 /private/var/db/mds/messages/se_SecurityMessages com.famil 960 root txt REG 1,11 169563 2908608 /private/var/db/analyticsd/events.whitelist com.famil 960 root txt REG 1,11 2160672 1152921500312810115 /usr/lib/dyld com.famil 960 root txt REG 1,11 29638992 1152921500312821865 /usr/share/icu/icudt68l.dat com.famil 960 root 0r CHR 3,2 0t0 331 /dev/null com.famil 960 root 1u CHR 3,2 0t0 331 /dev/null com.famil 960 root 2u CHR 3,2 0t0 331 /dev/null com.famil 960 root 3 NPOLICY com.famil 960 root 4u KQUEUE count=0, state=0xa com.famil 960 root 5u systm 0xd9d0d6782b7f00ed 0t0 [ctl com.apple.flow-divert id 1 unit 1] com.famil 960 root 6u IPv4 0xd9d0d67cf90fdfc5 0t0 TCP 127.0.0.1:49219->127.0.0.1:5768 (ESTABLISHED) com.famil 960 root 7u KQUEUE count=0, state=0xa com.famil 960 root 8 PIPE 0x16f4b00565915ab4 16384 ->0xacbf0638a900fdfd com.famil 960 root 9 PIPE 0xacbf0638a900fdfd 16384 ->0x16f4b00565915ab4 com.famil 960 root 10 CHAN flowsw 6980A6AE-9572-43AE-AEEE-94C5DAFD734A[18] user-packet-pool com.famil 960 root 11u unix 0xd9d0d67cf900b56d 0t0 ->0xd9d0d67cf900b635 com.famil 960 root 12u systm 0xd9d0d6782b7eff6d 0t0 [ctl com.apple.netsrc id 6 unit 18] com.famil 960 root 13u IPv4 0xd9d0d67cf90faa65 0t0 TCP 192.168.0.183:49240->35.201.109.208:443 (ESTABLISHED) com.famil 960 root 14u IPv4 0xd9d0d67cf9101505 0t0 TCP 192.168.0.183:49241->35.201.109.208:443 (ESTABLISHED) com.famil 960 root 15u IPv4 0xd9d0d67cf90fffc5 0t0 TCP 192.168.0.183:49242->35.201.109.208:443 (ESTABLISHED) com.famil 960 root 16u IPv4 0xd9d0d67cf9100a65 0t0 TCP 192.168.0.183:49243->35.201.109.208:443 (ESTABLISHED) com.famil 960 root 17u IPv4 0xd9d0d67cf90f9fc5 0t0 TCP 192.168.0.183:49244->35.201.109.208:443 (ESTABLISHED) com.famil 960 root 18u IPv4 0xd9d0d67cf90f7fc5 0t0 TCP 192.168.0.183:49245->35.201.109.208:443 (ESTABLISHED) com.famil 960 root 19u IPv4 0xd9d0d67cf90e6a65 0t0 TCP 192.168.0.183:49288->35.201.109.208:443 (ESTABLISHED) helpd 986 richardwang 11u IPv4 0xd9d0d67cf90e1fc5 0t0 TCP 192.168.0.183:56745->17.253.121.202:443 (CLOSED) corespeec 1023 richardwang 3u IPv6 0xd9d0d67cf908830d 0t0 TCP [fe80:7::aede:48ff:fe00:1122]:49268->[fe80:7::aede:48ff:fe33:4455]:49261 (ESTABLISHED) JavaAppLa 1043 richardwang 48u IPv6 0xd9d0d67cf908b32d 0t0 TCP 127.0.0.1:49269->127.0.0.1:5768 (ESTABLISHED) cupsd 1307 root 5u IPv6 0xd9d0d67cf908c2ed 0t0 TCP [::1]:631 (LISTEN) cupsd 1307 root 6u IPv4 0xd9d0d67cfa8eca65 0t0 TCP 127.0.0.1:631 (LISTEN) netbiosd 1600 _netbios 3u IPv4 0xd9d0d6782be640bd 0t0 UDP *:* netbiosd 1600 _netbios 4u IPv4 0xd9d0d6782be5de5d 0t0 UDP *:138 AU-L-0534:udppassthrough_withmitm richardwang$