Home / ubuntu / Questions / 553873
In Process
lazarus
Asked: 2014-11-27 11:39:14 +0800 CST

A chromium thread using port no other than 443 or 80

  • 772

I tried ss command to know the status of sockets in my system (ubuntu 14.10 ),

$ ss
tcp    ESTAB      0      0         192.168.1.10:51492    74.125.236.200:https   
tcp    ESTAB      0      0         192.168.1.10:45436      184.24.9.251:http    
tcp    ESTAB      0      0         192.168.1.10:33349     74.125.236.68:https   
tcp    ESTAB      0      0         192.168.1.10:45285     74.125.236.34:https   
tcp    ESTAB      0      0         192.168.1.10:52029    74.125.169.216:https   
tcp    ESTAB      0      0         192.168.1.10:49125      184.24.9.251:https   
tcp    ESTAB      0      0         192.168.1.10:49340      74.125.68.94:https   
tcp    ESTAB      0      0         192.168.1.10:47748     74.125.236.65:https   
tcp    ESTAB      0      0         192.168.1.10:32845     199.59.150.46:https   
tcp    ESTAB      0      0         192.168.1.10:34511     103.20.92.129:https   
tcp    ESTAB      0      0         192.168.1.10:43233    74.125.200.188:5228    
tcp    ESTAB      0      0         192.168.1.10:52208    74.125.169.216:https   
tcp    ESTAB      0      0         192.168.1.10:41742    184.87.213.124:http    
tcp    ESTAB      0      0         192.168.1.10:43939     74.125.68.147:https   
tcp    ESTAB      0      0         192.168.1.10:36935     74.125.236.90:http    
tcp    ESTAB      0      0         192.168.1.10:48165     74.125.236.33:https   
tcp    ESTAB      0      0         192.168.1.10:41456     74.125.236.34:http    
tcp    ESTAB      0      0         192.168.1.10:40549     74.125.236.90:https   
tcp    ESTAB      0      0         192.168.1.10:37934     122.175.190.8:http    
tcp    ESTAB      0      0         192.168.1.10:44557      31.13.79.112:https   
tcp    ESTAB      0      0         192.168.1.10:49879     74.125.236.43:https   
tcp    ESTAB      0      0         192.168.1.10:54648     23.34.240.214:http    
tcp    ESTAB      0      0         192.168.1.10:60101     74.125.236.67:https   
tcp    ESTAB      0      0         192.168.1.10:60836   108.160.165.173:http

and here in one of output I got 

tcp    ESTAB      0      0         192.168.1.10:43233    74.125.200.188:5228

then I tried nslookup ,I got

anupam@JAZZ:~$ nslookup 74.125.200.188
Server:     127.0.1.1
Address:    127.0.1.1#53

Non-authoritative answer:
188.200.125.74.in-addr.arpa name = sa-in-f188.1e100.net.

Authoritative answers can be found from:

I am not getting 188.200.125.74.in-addr.arpa name = sa-in-f188.1e100.net.part here ,,

then I tried netstat to know the PID associated with this..

$ netstat -natp
tcp        0      0 192.168.1.10:60081      74.125.236.73:443       ESTABLISHED 5141/chromium-brows
tcp        0      0 192.168.1.10:54746      74.125.236.199:80       ESTABLISHED 5141/chromium-brows
tcp        0      0 192.168.1.10:32845      199.59.150.46:443       ESTABLISHED 5141/chromium-brows
tcp        0      0 192.168.1.10:55852      74.125.236.67:80        ESTABLISHED 5141/chromium-brows
tcp        0      0 192.168.1.10:43119      198.252.206.25:443      ESTABLISHED 5141/chromium-brows
tcp        0      0 192.168.1.10:43233      74.125.200.188:5228     ESTABLISHED 5141/chromium-brows
tcp        0      0 192.168.1.10:41044      74.125.130.104:443      ESTABLISHED 5141/chromium-brows
tcp        0      0 192.168.1.10:56479      74.125.236.196:443      ESTABLISHED 5141/chromium-brows
tcp        0      0 192.168.1.10:48165      74.125.236.33:443       ESTABLISHED 5141/chromium-brows
tcp        0      0 192.168.1.10:35692      74.125.236.74:443       ESTABLISHED 5141/chromium-brows
tcp        0      0 192.168.1.10:60101      74.125.236.67:443       ESTABLISHED 5141/chromium-brows
tcp        0      0 192.168.1.10:60836      108.160.165.173:80      ESTABLISHED 2919/dropbox    
tcp        0      0 192.168.1.10:52425      74.125.236.201:443      ESTABLISHED 5141/chromium-brows
tcp        0      0 192.168.1.10:60058      74.125.236.73:443       ESTABLISHED 5141/chromium-brows
tcp        0      0 192.168.1.10:40360      74.125.130.94:443       ESTABLISHED 5141/chromium-brows

Here I found that It was thread of PID 5141 ,in chromium browser ,,

My question is as browsers are just user interface for http or https protocol implementation to exchange html pages ,, how any thread of it can use port no other than 80 or 443..(43233 here) ??

networking

2 Answers

  1. There are 2 ports: a source port (browser) and a destination port (server). The browser asks the OS for an available source port (let's say it receives 33123) then makes a socket connection to the destination port (usually 80/HTTP, 443/HTTPS).

    When the the web server receives the answer, it sends a response that has 80 as source port and 33123 as destination port.

    So if you have 2 browsers concurrently accessing stackoverflow.com, you'd have something like this:

    Firefox (localhost:33123) <-----------> stackoverflow.com (69.59.196.211:80)
Chrome  (localhost:33124) <-----------> stackoverflow.com (69.59.196.211:80)

    Source - Stack Overflow, Flavius Stef

    • 2

  2. I just checked the source code of chromium-browser version 65.0.3325.181-0ubuntu1.debian.

    # google_apis/gcm/engine/gservices_settings.cc
const char kDefaultCheckinURL[] = "https://android.clients.google.com/checkin";
const char kDefaultMCSHostname[] = "mtalk.google.com";
const int kDefaultMCSMainSecurePort = 5228;
const int kDefaultMCSFallbackSecurePort = 443;
// ...
GURL GServicesSettings::GetMCSMainEndpoint() const {
  // ...
  return GURL(MakeMCSEndpoint(kDefaultMCSHostname, kDefaultMCSMainSecurePort));
}

    Looks like chromium is connecting to some google services on port 5228.

    • 0