系统linux怎么清除TCP,tcpkill清除异常tcp连接

在linux系统中，遇到TCP链接迟迟不能释放的情况，类似FIN_WAIT1、FIN_WAIT2的状态，释放时间不确定，而且对应的程序已经关闭，相应的端口也不再监听，无法通过杀进程来解决，这种情况下，为了快速恢复正常，不得不采用重启服务器的方法加以解决，在经过各大网站搜索找到linux下dsniff包中含有tcpkill命令，该命令可以将上述状态的TCP链接加以清除，进而免除服务器重启的情况。

在dsniff集成工具包中有一个tcpkill命令,可以解决这类问题:

下载地址:http://pkgs.repoforge.org/dsniff/ 此目录中可以找到相应系统的版本

wget  http://pkgs.repoforge.org/dsniff/dsniff-2.4-0.1.b1.el5.rf.x86_64.rpm

rpm -ivh dsniff-2.4-0.1.b1.el5.rf.x86_64.rpm

安装完成后可以发现系统多了一个tcpkill的命令,命令使用方法如下:

tcpkill -9 port ftp &>/dev/null

tcpkill -9 host 192.168.10.30 &>/dev/null

tcpkill -9 port 53 and port 8000 &>/dev/null

tcpkill -9 net 192.168.10 &>/dev/null

tcpkill -9 net 192.168.10 and port 22 &>/dev/null

安装：

1、RHEL5.x系统中安装比较简单：

wget http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/dsniff-2.4-0.1.b1.el5.rf.i386.rpm

rpm -ivh dsniff-2.4-0.1.b1.el5.rf.i386.rpm

[root@tech02 tmp]# rpm -ivh dsniff-2.4-0.1.b1.el5.rf.i386.rpm

warning: dsniff-2.4-0.1.b1.el5.rf.i386.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6

Preparing…                ########################################### [100%]

1:dsniff                 ########################################### [100%]

[root@tech02 tmp]# rpm -ql dsniff | grep bin

/usr/sbin/arpspoof

/usr/sbin/dnsspoof

/usr/sbin/dsniff

/usr/sbin/filesnarf

/usr/sbin/macof

/usr/sbin/mailsnarf

/usr/sbin/msgsnarf

/usr/sbin/sshmitm

/usr/sbin/sshow

/usr/sbin/tcpkill

/usr/sbin/tcpnice

/usr/sbin/urlsnarf

/usr/sbin/webmitm

/usr/sbin/webspy

以上就有tcpkill命令，说明安装成功！可以使用了。

2、RHEL 6系统:

wget ftp://ftp.univie.ac.at/systems/linux/fedora/epel/6/i386/dsniff-2.4-0.9.b1.el6.i686.rpm

wget ftp://ftp.univie.ac.at/systems/linux/fedora/epel/6/i386/libnet-1.1.5-1.el6.i686.rpm

wget ftp://ftp.univie.ac.at/systems/linux/fedora/epel/6/i386/libnids-1.24-1.el6.i686.rpm

[root@RHEL601 tmp]# rpm -e libnet libnids –nodeps

[root@RHEL601 tmp]# rpm -ivh dsniff-2.4-0.9.b1.el6.i686.rpm

warning: dsniff-2.4-0.9.b1.el6.i686.rpm: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY

error: Failed dependencies:

libICE.so.6 is needed by dsniff-2.4-0.9.b1.el6.i686

libSM.so.6 is needed by dsniff-2.4-0.9.b1.el6.i686

libXmu.so.6 is needed by dsniff-2.4-0.9.b1.el6.i686

libnet.so.1 is needed by dsniff-2.4-0.9.b1.el6.i686

libnids.so.1.24 is needed by dsniff-2.4-0.9.b1.el6.i686

[root@RHEL601 tmp]# yum install libICE libSM libXmu -y

Loaded plugins: rhnplugin

This system is not registered with RHN.

RHN support will be disabled.

Setting up Install Process

Resolving Dependencies

–> Running transaction check

—> Package libICE.i686 0:1.0.6-1.el6 set to be updated

—> Package libSM.i686 0:1.1.0-7.1.el6 set to be updated

—> Package libXmu.i686 0:1.0.5-1.el6 set to be updated

–> Processing Dependency: libXt.so.6 for package: libXmu-1.0.5-1.el6.i686

–> Running transaction check

—> Package libXt.i686 0:1.0.7-1.el6 set to be updated

–> Finished Dependency Resolution

Dependencies Resolved

Package               Arch                Version                      Repository             Size

Installing:

libICE                i686                1.0.6-1.el6                  Server                 52 k

libSM                 i686                1.1.0-7.1.el6                Server                 26 k

libXmu                i686                1.0.5-1.el6                  Server                 58 k

Installing for dependencies:

libXt                 i686                1.0.7-1.el6                  Server                168 k

Transaction Summary

Install       4 Package(s)

Upgrade       0 Package(s)

Total download size: 305 k

Installed size: 668 k

Downloading Packages:

Total                                                               2.4 MB/s | 305 kB     00:00

Running rpm_check_debug

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Warning: RPMDB altered outside of yum.

db4-devel-4.7.25-17.el6.i686 has missing requires of db4 = (’0′, ’4.7.25′, ’17.el6′)

db4-devel-4.7.25-17.el6.i686 has missing requires of db4-cxx = (’0′, ’4.7.25′, ’17.el6′)

db4-devel-4.7.25-17.el6.i686 has missing requires of libdb_cxx-4.7.so

libnet-devel-1.1.5-1.el6.i686 has missing requires of libnet = (’0′, ’1.1.5′, ’1.el6′)

libnet-devel-1.1.5-1.el6.i686 has missing requires of libnet.so.1

libnids-devel-1.24-1.el6.i686 has missing requires of libnids = (’0′, ’1.24′, ’1.el6′)

libnids-devel-1.24-1.el6.i686 has missing requires of libnids.so.1.24

rrdtool-1.4.4-1.el5.rf.i386 has missing requires of gettext

rrdtool-1.4.4-1.el5.rf.i386 has missing requires of perl(Time::HiRes)

rrdtool-1.4.4-1.el5.rf.i386 has missing requires of ruby

rrdtool-1.4.4-1.el5.rf.i386 has missing requires of xorg-x11-fonts-Type1

Installing     : libICE-1.0.6-1.el6.i686                                                      1/4

Installing     : libSM-1.1.0-7.1.el6.i686                                                     2/4

Installing     : libXt-1.0.7-1.el6.i686                                                       3/4

Installing     : libXmu-1.0.5-1.el6.i686                                                      4/4

Installed:

libICE.i686 0:1.0.6-1.el6       libSM.i686 0:1.1.0-7.1.el6       libXmu.i686 0:1.0.5-1.el6

Dependency Installed:

libXt.i686 0:1.0.7-1.el6

Complete!

[root@RHEL601 tmp]# rpm -ivh libnet-1.1.5-1.el6.i686.rpm libnids-1.24-1.el6.i686.rpm dsniff-2.4-0.9.b1.el6.i686.rpm

warning: libnet-1.1.5-1.el6.i686.rpm: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY

Preparing…                ########################################### [100%]

1:libnet                 ########################################### [ 33%]

2:libnids                ########################################### [ 67%]

3:dsniff                 ########################################### [100%]

[root@RHEL601 tmp]# tcpkill

Version: 2.4

Usage: tcpkill [-i interface] [-1..9] expression

个人在工作中仅仅用到了类似tcpkill -9 host 192.168.10.30 &>/dev/null的命令(注：该IP地址为远程IP)。

由于当时处理此类问题是没有来得及做记录，故暂时就不写使用实例了，以后再遇到此类情况，再加以补充。同时dsniff包中还含有许多命令，有兴趣的可以继续加以研究。