Tcpkill clear abnormal tcp connection

In linux, TCP connections cannot be released for a long time, such as the FIN_WAIT1 and FIN_WAIT2 statuses. the release time is uncertain and the corresponding program has been closed, and the corresponding ports are no longer monitored, it cannot be solved by killing the process. in this case, you have to restart the server to quickly restore the normal state, find the dsniff package containing the tcpkill command in linux by searching through various websites. this command can clear the TCP links in the above status

In linux, TCP connections cannot be released for a long time, such as the FIN_WAIT1 and FIN_WAIT2 statuses. the release time is uncertain and the corresponding program has been closed, and the corresponding ports are no longer monitored, it cannot be solved by killing the process. in this case, you have to restart the server to quickly restore the normal state, find the dsniff package in linux that contains the tcpkill command on various websites. this command can clear the TCP link in the above state, thus avoiding server restart.

The dsniff Integration Toolkit has a tcpkill command to solve these problems:
: Http://pkgs.repoforge.org/dsniff/ the version of the corresponding system can be found in this directory
Wget http://pkgs.repoforge.org/dsniff/dsniff-2.4-0.1.b1.el5.rf.x86_64.rpm
Rpm-ivh dsniff-2.4-0.1.b1.el5.rf.x86_64.rpm

After the installation is complete, you can find that the system has an additional tcpkill command. the command is used as follows:
Tcpkill-9 port ftp &>/dev/null
Tcpkill-9 host 192.168.10.30 &>/dev/null
Tcpkill-9 port 53 and port 8000 &>/dev/null
Tcpkill-9 net 192.168.10 &>/dev/null
Tcpkill-9 net 192.168.10 and port 22 &>/dev/null

Installation:

1. the RHEL5.x system is easy to install:
Wget http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/dsniff-2.4-0.1.b1.el5.rf.i386.rpm
Rpm-ivh dsniff-2.4-0.1.b1.el5.rf.i386.rpm
[Root @ tech02 tmp] # rpm-ivh dsniff-2.4-0.1.b1.el5.rf.i386.rpm
Warning: dsniff-2.4-0.1.b1.el5.rf.i386.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
Preparing... ######################################## ### [100%]
1: dsniff ####################################### #### [100%]
[Root @ tech02 tmp] # rpm-ql dsniff | grep bin
/Usr/sbin/arpspoof
/Usr/sbin/dnsspoof
/Usr/sbin/dsniff
/Usr/sbin/filesnscarf
/Usr/sbin/macof
/Usr/sbin/mailsnscarf
/Usr/sbin/msgsnscarf
/Usr/sbin/sshmitm
/Usr/sbin/sshow
/Usr/sbin/tcpkill
/Usr/sbin/tcpnice
/Usr/sbin/urlsnscarf
/Usr/sbin/webmitm
/Usr/sbin/webspy
The preceding tcpkill command indicates that the installation is successful! Yes.
2. RHEL 6 system:
Wget ftp://ftp.univie.ac.at/systems/linux/fedora/epel/6/i386/dsniff-2.4-0.9.b1.el6.i686.rpm
Wget ftp://ftp.univie.ac.at/systems/linux/fedora/epel/6/i386/libnet-1.1.5-1.el6.i686.rpm
Wget ftp://ftp.univie.ac.at/systems/linux/fedora/epel/6/i386/libnids-1.24-1.el6.i686.rpm
[Root @ RHEL601 tmp] # rpm-e libnet libnids? Nodeps
[Root @ RHEL601 tmp] # rpm-ivh dsniff-2.4-0.9.b1.el6.i686.rpm
Warning: dsniff-2.4-0.9.b1.el6.i686.rpm: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Error: Failed dependencies:
LibICE. so.6 is needed by dsniff-2.4-0.9.b1.el6.i686
LibSM. so.6 is needed by dsniff-2.4-0.9.b1.el6.i686
LibXmu. so.6 is needed by dsniff-2.4-0.9.b1.el6.i686
Libnet. so.1 is needed by dsniff-2.4-0.9.b1.el6.i686
Libnids. so.1.24 is needed by dsniff-2.4-0.9.b1.el6.i686
[Root @ RHEL601 tmp] # yum install libICE libSM libXmu-y
Loaded plugins: rhnplugin
This system is not registered with RHN.
RHN support will be disabled.
Setting up Install Process
Resolving Dependencies
?> Running transaction check
-> Package libICE. i686. 0.6-1. el6 set to be updated
-> Package libSM. i686. 1.0-7.1.el6 set to be updated
-> Package libXmu. i686. 0.5-1. el6 set to be updated
?> Processing Dependency: libXt. so.6 for package: libXmu-1.0.5-1.el6.i686
?> Running transaction check
-> Package libXt. i686. 0.7-1. el6 set to be updated
?> Finished Dependency Resolution

Dependencies Resolved

========================================================== ========================================================== ================================
Package Arch Version Repository Size
========================================================== ========================================================== ================================
Installing:
LibICE i686 1.0.6-1. el6 Server 52 k
LibSM i686 1.1.0-7.1.el6 Server 26 k
LibXmu i686 1.0.5-1. el6 Server 58 k
Installing for dependencies:
LibXt i686 1.0.7-1. el6 Server 168 k

Transaction Summary
========================================================== ========================================================== ================================
Install 4 Package (s)
Upgrade 0 Package (s)

Total download size: 305 k
Installed size: 668 k
Downloading Packages:
----------------------------------
Total 2.4 MB/s | 305 kB
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
Db4-devel-4.7.25-17.el6.i686 has missing requires of db4 = ('0', '4. 100', '17. el6 ′)
Db4-devel-4.7.25-17.el6.i686 has missing requires of db4-cxx = ('0', '4'. 100', '17. el6 ′)
Db4-devel-4.7.25-17.el6.i686 has missing requires of libdb_cxx-4.7.so
Libnet-devel-1.1.5-1.el6.i686 has missing requires of libnet = ('0', '1. 100', '1. el6 ′)
Libnet-devel-1.1.5-1.el6.i686 has missing requires of libnet. so.1
Libnids-devel-1.24-1.el6.i686 has missing requires of libnids = ('0', '1. 24', '1. el6 ′)
Libnids-devel-1.24-1.el6.i686 has missing requires of libnids. so.1.24
Rrdtool-1.4.4-1.el5.rf.i386 has missing requires of gettext
Rrdtool-1.4.4-1.el5.rf.i386 has missing requires of perl (Time: HiRes)
Rrdtool-1.4.4-1.el5.rf.i386 has missing requires of ruby
Rrdtool-1.4.4-1.el5.rf.i386 has missing requires of xorg-x11-fonts-Type1
Installing: libICE-1.0.6-1.el6.i686 1/4
Installing: libSM-1.1.0-7.1.el6.i686 2/4
Installing: libXt-1.0.7-1.el6.i686 3/4
Installing: libXmu-1.0.5-1.el6.i686 4/4

Installed:
LibICE. i686. 0.6-1. el6 libSM. i686. 1.0-7.1.el6 libXmu. i686. 0.5-1. el6

Dependency Installed:
LibXt. i686. 0.7-1. el6

Complete!
[Root @ RHEL601 tmp] # rpm-ivh libnet-1.1.5-1.el6.i686.rpm libnids-1.24-1.el6.i686.rpm dsniff-2.4-0.9.b1.el6.i686.rpm
Warning: libnet-1.1.5-1.el6.i686.rpm: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Preparing... ######################################## ### [100%]
1: libnet ####################################### #### [33%]
2: libnids ####################################### #### [67%]
3: dsniff ####################################### #### [100%]
[Root @ RHEL601 tmp] # tcpkill
Version: 2.4
Usage: tcpkill [-I interface] [-1 .. 9] expression

I only used commands like tcpkill-9 host 192.168.10.30 &>/dev/null at work (note: the IP address is a remote IP address ).
Because we had no time to record such problems at the time, we would not write or use instances for the time being. we will try again in the future to supplement these cases. At the same time, the dsniff package also contains many commands. if you are interested, you can continue to study them.