Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations gmmastros on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

how to disconnect a specific IP connected to a specific port

Status
Not open for further replies.

ramonetNet

IS-IT--Management
Jun 16, 2011
3
EU
Hi, all.

We have a server running Red Hat 5, where lots of remote clients connect on a specific port, lets say 5678.

I run the command "netstat -an | grep 5678" and I get a listing of remote IP's that are connected to this service.

I would need a command to disconnect a specific IP (lets say 11.22.33.44) from my port.

Any ideas ?

Thanks a lot. Sebastian.
 
Using the command netstat with the -p option (as root) will give you the pid number and then you can kill that particular process instance to close the connection. I normally run netsat -pane for a nice display of options. If you would like to block that particular IP, you can do so by setting up a rule in iptables, though this can be problematic as the IP changes.
 
mr Noway2 : the process id shown by netstat -pane is the one of the service, this is, the Apache application.

Anyway this command is quite interesting :

[root@labss1 cmds]# netstat -aenp | grep 1352
tcp 0 0 23.137.164.154:1352 23.172.140.46:2373 ESTABLISHED 500 12337 3433/server
tcp 0 0 23.137.164.154:1352 23.172.140.48:1100 ESTABLISHED 500 12546 3433/server

When I use the "-e" flag, some "extended" information comes up, and this is the column with some strange number : 12337 on first connection and 12546 on the seccond connection.

Can you tell me what this info is ?

By the way : I think I have found the solution to my problem - it is called TCPKILL and is part of the DSNIFF package
>>>
Sebastian.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top