有的场景需要关闭一个tcp链接但是能kill进程,不能拔网线,该怎么操作iptables? iptables dorp和reject实测后都不可用
答:用tcpkill命令
如:tcpkill 后用telnet尝试连接测试,443端口已经无法链接。
[root@dev02 ~]# tcpkill -i eth0 -9 port 443
tcpkill: listening on eth0 [port 443]
10.95.134.136:49488 > 101.198.185.107:443: R 2895975021:2895975021(0) win 0
10.95.134.136:49488 > 101.198.185.107:443: R 2896004221:2896004221(0) win 0
10.95.134.136:49488 > 101.198.185.107:443: R 2896062621:2896062621(0) win 0
10.95.134.136:49488 > 101.198.185.107:443: R 2896150221:2896150221(0) win 0
10.95.134.136:49488 > 101.198.185.107:443: R 2896267021:2896267021(0) win 0
10.95.134.136:49488 > 101.198.185.107:443: R 2896413021:2896413021(0) win 0
tcpkill不是liunx自带的cli命令,需要自行安装。
yum install dsniff 会报错。。
安装步骤:
1下载dsniff的安装包:
https://pkgs.org/download/dsniff
如:https://centos.pkgs.org/7/epel-x86_64/dsniff-2.4-0.23.b1.el7.x86_64.rpm.html
2 安装dsniff
[root@dev02 develop]# rpm -ivh dsniff-2.4-0.23.b1.el7.x86_64.rpm
error: Failed dependencies:
libXmu.so.6()(64bit) is needed by dsniff-2.4-0.23.b1.el7.x86_64
libnet.so.1()(64bit) is needed by dsniff-2.4-0.23.b1.el7.x86_64
libnids.so.1.24()(64bit) is needed by dsniff-2.4-0.23.b1.el7.x86_64
直接用yum 安装缺失的包试试,
yum install libXmu
yum install libnet
yum install libbids 报错(手动下载安装: http://www.rpmfind.net/linux/rpm2html/search.php?query=libnids.so.1.24()(64bit)
最后:rpm -ivh
[root@dev02 develop]# rpm -ivh dsniff-2.4-0.23.b1.el7.x86_64.rpm
Preparing... ################################# [100%]
Updating / installing...
1:dsniff-2.4-0.23.b1.el7 ################################# [100%]