How can I kill a tcp connection?

Hello.
How can I kill a tcp connection?

Thank you.

That normally has to be done by the process using the connection. Or you can kill that process. The “lsof” command might be useful for finding which process is involved.

An alternative to effectively stop transmission on a given TCP port is to
use iptables commands. For example, if the connection is from the outside
(a client) to your machine (the server) and the local port is 443 with the
remote port being 34567 you could do something like this:


sudo /usr/sbin/iptables -I INPUT -m tcp -p tcp --sport 34567 --dport 443
-j DROP

sudo /usr/sbin/iptables -I INPUT -m tcp -p tcp --sport 443 --dport 34567
-j DROP

These two rules would block any communication on that socket, though keep
in mind it may eventually block other legitimate clients from coming in.


Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.

Other distros has “tcpkill” tool. How about OpenSUSE?

Can you show me an example?

Here’s an example of using “lsof”


# lsof -i:25
COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
sendmail 2245 root    4u  IPv4  28645      0t0  TCP localhost:smtp (LISTEN)

That listed all processes with a socket open for port 25. However, “lsof” has lots of options to narrow down the output.

Actually, the “ss” command with the “-p” option can also identify processes using ports.

ss -tp

restricts that to tcp ports.

Search is your friend. Found it in a second.

Hi
I don’t think it would be wise to use any of the tcpkill packages on OBS… it’s all > seven (7) years old, I see the latest Fedora release has 33 patches… seems it would be better to find a newer tool…

It show me “No packages found matching your search.”.

For kill it I need iptables!!!

Based on an Internet search,
I don’t think that there is a single authorized source for tcpkill,
There seem to be a few “improved” private releases in 2014/2015, but I can’t find anything newer.
One commonly used source and likely for Fedora is the dsniff package, but when I look at that OBS package it seems to have omitted/dropped tcpkill for openSUSE… If that’s the Fedora package being looked at, it’s likely the patches have to do with other utilities and not tcpkill.

I suspect this is one of those utilities where the functionality is so simple and basic that there might not be much to patch, so almost any version can be used regardless if it’s patched.

TSU