How to kill a single TCP connection in Linux?

Here are some options:

  • Attach with gdb and call close() on the fd. You can map from addr/port to inode number via /proc/net/tcp and from inode number to FD inside the process with ls -la /proc/$pid/fd.
  • Spoof a RST packet. You'll need to generate it locally and guess the SEQ number somehow.
  • Maybe setup an iptables rule to generate a RST on the next packet.
  • Write a kernel module.

There doesn't seem to be a well supported way to do this. It is likely that processes will crash if their FDs are unexpectedly closed anyway.


You can't kill a single connection of a process.

But you could block it with iptables. So the connection can't provide or receive data and the client will run in a timeout.


On linux kernel >= 4.9 you can use the ss command from iproute2 with key -K

ss -K dst client1.something dport = 49987

the kernel have to be compiled with CONFIG_INET_DIAG_DESTROY option enabled.


You can kill by destination port:

ss -K dport = 65987

Tags:

Linux

Tcp

Recent Posts