Login or Register to Ask a Question and Join Our Community


Red Hat

How to kill a TCP connection which has status TIME_WAIT & no PID

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Red Hat How to kill a TCP connection which has status TIME_WAIT & no PID
# 1  
Old 06-25-2010
How to kill a TCP connection which has status TIME_WAIT & no PID
Hi,

I want to kill TCP connections which have status as TIME_WAIT & no PID

(as per the output of the "netstat - p" command).

Is there any command/utility available to kill connections to a specific port or IP address.

The problem is that these connections don't have process ID (see below).
====================================================================
Code:
[remedy@CNDAUNREDBOP13 ~]$ netstat -p |grep 56000
tcp        0      0 CNDAUNREDBOP13:59388        10.5.45.39:56000            TIME_WAIT   -
tcp        0      0 CNDAUNREDBOP13:59389        10.5.45.39:56000            TIME_WAIT   -
tcp        0      0 CNDAUNREDBOP13:59390        10.5.45.39:56000            TIME_WAIT   -
tcp        0      0 CNDAUNREDBOP13:59385        10.5.45.39:56000            TIME_WAIT   -
tcp        0      0 CNDAUNREDBOP13:59386        10.5.45.39:56000            TIME_WAIT   -
tcp        0      0 CNDAUNREDBOP13:59411        10.5.45.39:56000            TIME_WAIT   -

How to kill a TCP connection which has status TIME_WAIT & no PID-netstat-timersjpg
Last edited by pludi; 06-25-2010 at 08:05 AM.. Reason: code tags please
# 2  
Old 06-29-2010
Hammer & Screwdriver
Quote:
Originally Posted by Davinder31may
Hi,

I want to kill TCP connections which have status as TIME_WAIT & no PID

(as per the output of the "netstat - p" command).

Is there any command/utility available to kill connections to a specific port or IP address.

The problem is that these connections don't have process ID (see below).
Hi,
there are two ways of "killing" TIME_WAIT connection:
1) change time of ip_conntrack_timeout_time_wait (via sysctl or by writing number of seconds to /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_time_wait by "echo" command)
2) use "lsof" (list opened files) command, eg:
Code:
gate1:~# lsof -n -i@127.0.0.1
COMMAND   PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
sshd      878 thiemtom   12u  IPv4 276087      0t0  TCP 127.0.0.1:57480->127.0.0.1:openvpn (ESTABLISHED)
sshd      878 thiemtom   13u  IPv4 276139      0t0  TCP 127.0.0.1:60649->127.0.0.1:xmpp-client (ESTABLISHED)
named    1494     bind   20u  IPv4   5358      0t0  TCP 127.0.0.1:domain (LISTEN)
named    1494     bind   26u  IPv4   5371      0t0  TCP 127.0.0.1:953 (LISTEN)
named    1494     bind  512u  IPv4   5357      0t0  UDP 127.0.0.1:domain 
lwresd   1591     root  512u  IPv4   5589      0t0  UDP 127.0.0.1:921 
ntpd     1605      ntp   18u  IPv4   5618      0t0  UDP 127.0.0.1:ntp 
openvpn  1637   nobody    7u  IPv4 276088      0t0  TCP 127.0.0.1:openvpn->127.0.0.1:57480 (ESTABLISHED)
epmd     1707 ejabberd    4u  IPv4   6890      0t0  TCP 127.0.0.1:4369->127.0.0.1:39726 (ESTABLISHED)
zebra    1708   quagga    9u  IPv4   6480      0t0  TCP 127.0.0.1:zebra (LISTEN)
ospfd    1758   quagga    7u  IPv4   6548      0t0  TCP 127.0.0.1:ospfd (LISTEN)
beam     1816 ejabberd    8u  IPv4   6889      0t0  TCP 127.0.0.1:39726->127.0.0.1:4369 (ESTABLISHED)
beam     1816 ejabberd   20u  IPv4   7591      0t0  TCP 127.0.0.1:5555 (LISTEN)
beam     1816 ejabberd   22u  IPv4   7756      0t0  TCP 127.0.0.1:5555->127.0.0.1:40447 (ESTABLISHED)
beam     1816 ejabberd   24u  IPv4 276140      0t0  TCP 127.0.0.1:xmpp-client->127.0.0.1:60649 (ESTABLISHED)
python   1840   pyicqt    3u  IPv4   7755      0t0  TCP 127.0.0.1:40447->127.0.0.1:5555 (ESTABLISHED)
sshd    29453     root    8u  IPv4 311274      0t0  TCP 127.0.0.1:6010 (LISTEN)

But I don't see the reason why to "kill" TCP_WAIT connection - it will timeout itself after some time (see ip_conntrack_timeout_time_wait)
# 3  
Old 06-29-2010
There's a utility called tcpdrop on BSDs. Not sure if its ported to any other OS.
# 4  
Old 06-29-2010
What is the same scenario if there is snyc_rec instead of time_wait. So how to kill those process.
# 5  
Old 06-29-2010
Quote:
There's a utility called tcpdrop on BSDs. Not sure if its ported to any other OS.
BSD's tcpdrop is not available on Linux because Linux does not support the TCPCTL_DROP ioctl (or the equivalent TCP_IOC_ABORT_CONN in Solaris) There is pushback against introducing such an ioctl in Linux every time the issue is raised.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. AIX

Kill pid

I created a program to kill long running pid processes. I am getting the following error message: -f command cannot be found. I also want to count the number of pids that are killed and append the results to a text file. I am new to shell script programming. 1.The first part of code... (10 Replies)
Discussion started by: dellanicholson
10 Replies

2. Shell Programming and Scripting

Kill PID with one liner

Hello Friends, I've been trying to write a one line which checks java processes and filter them for a user (testuser) and then check process arguments with PARGS command and then check if there is certain patterns exists in pargs output then kill the process. I have tried the following so... (2 Replies)
Discussion started by: EAGL€
2 Replies

3. Shell Programming and Scripting

Kill a PID using script

Hi, I wrote a script to kill a process id. I am able to kill the PID only if I enter the root password in the middle of the execution because I did not run as root i.e after i run the script from the terminal, instead of killing directly, it is killing only after entering the pass when it... (12 Replies)
Discussion started by: rajkumarme_1
12 Replies

4. Solaris

How to kill the TCP ESTABLISHED connection in netstat

Hello, Actually there are some bugs in application which does not close the TCP connection to other server though CORBA. We need to kill that ESTABLISHED connections as new connection are not happeneing as the allocated ports were used and showing as ESTABLISHED Is there any... (4 Replies)
Discussion started by: GIC1986
4 Replies

5. Red Hat

How to kill all active tcp connections from an IP?

How to kill all active tcp connections from an IP? I am using CentOS (3 Replies)
Discussion started by: an00p
3 Replies

6. Shell Programming and Scripting

When kill [pid] does not work...

Hi, On my Linux machine, using Bash, I sometimes run into a situation where doing the following does not seem to work at all. kermit@fastbox ~ $ ps -A | grep firefox-bin 5375 ? 00:06:57 firefox-bin <defunct> 5624 ? 00:00:00 firefox-bin kermit@fastbox ~ $ kill 5624... (7 Replies)
Discussion started by: kermit
7 Replies

7. UNIX for Advanced & Expert Users

KILL without PID

Hellow Experts i have one problem. i run one script in backgroun. and i want to kill that script with only script name..... so what's the solution.. for your info my script name is "testscript" n it contains "sleep 100" thanks.... (16 Replies)
Discussion started by: luckypower
16 Replies

8. Shell Programming and Scripting

KILL PID, intern should kill another PID.

Hi All, In my project i have two process runs in the back end. Once i start my project, and execute the command ps, i get below output: PID TTY TIME CMD 9086 pts/1 0:00 ksh 9241 pts/1 0:02 java 9240 pts/1 0:00 shell_script_bg java with 9241 PID is the main... (4 Replies)
Discussion started by: rkrgarlapati
4 Replies

9. UNIX for Dummies Questions & Answers

Session PID & socket connection pid

1. If I use an software application(which connects to the database in the server) in my local pc, how many PID should be registered? Would there be PID for the session and another PID for socket connection? 2. I noticed (through netstat) that when I logged in using the my software application,... (1 Reply)
Discussion started by: pcx26
1 Replies

10. UNIX for Advanced & Expert Users

TCP ports - TIME_WAIT

What is the maximum number of TCP ports that can be consumed at any one time? How can I determine what the number is or increase it? I was under the impression that with our system (UnixWare 7.1.1) 1024 was the maximum under our current Kernel tuning parms, but I think that is really just... (4 Replies)
Discussion started by: dlkox
4 Replies
Login or Register to Ask a Question