有的場景需要關閉一個tcp鏈接但是能kill進程,不能拔網線,該怎麼操作iptables? iptables dorp和reject實測後都不可用
答:用tcpkill命令
如:tcpkill 後用telnet嘗試連接測試,443端口已經無法鏈接。
[root@dev02 ~]# tcpkill -i eth0 -9 port 443
tcpkill: listening on eth0 [port 443]
10.95.134.136:49488 > 101.198.185.107:443: R 2895975021:2895975021(0) win 0
10.95.134.136:49488 > 101.198.185.107:443: R 2896004221:2896004221(0) win 0
10.95.134.136:49488 > 101.198.185.107:443: R 2896062621:2896062621(0) win 0
10.95.134.136:49488 > 101.198.185.107:443: R 2896150221:2896150221(0) win 0
10.95.134.136:49488 > 101.198.185.107:443: R 2896267021:2896267021(0) win 0
10.95.134.136:49488 > 101.198.185.107:443: R 2896413021:2896413021(0) win 0
tcpkill不是liunx自帶的cli命令,需要自行安裝。
yum install dsniff 會報錯。。
安裝步驟:
1下載dsniff的安裝包:
https://pkgs.org/download/dsniff
如:https://centos.pkgs.org/7/epel-x86_64/dsniff-2.4-0.23.b1.el7.x86_64.rpm.html
2 安裝dsniff
[root@dev02 develop]# rpm -ivh dsniff-2.4-0.23.b1.el7.x86_64.rpm
error: Failed dependencies:
libXmu.so.6()(64bit) is needed by dsniff-2.4-0.23.b1.el7.x86_64
libnet.so.1()(64bit) is needed by dsniff-2.4-0.23.b1.el7.x86_64
libnids.so.1.24()(64bit) is needed by dsniff-2.4-0.23.b1.el7.x86_64
直接用yum 安裝缺失的包試試,
yum install libXmu
yum install libnet
yum install libbids 報錯(手動下載安裝: http://www.rpmfind.net/linux/rpm2html/search.php?query=libnids.so.1.24()(64bit)
最後:rpm -ivh
[root@dev02 develop]# rpm -ivh dsniff-2.4-0.23.b1.el7.x86_64.rpm
Preparing... ################################# [100%]
Updating / installing...
1:dsniff-2.4-0.23.b1.el7 ################################# [100%]