From: rick.jones2@hp.com
Jorgen Grahn wrote:
> On Wed, 2011-06-15, SebastiaNot wrote:
> >
> > Hi, all.
> > We have a server running Red Hat 5, where lots of remote clients
> > connect on a specific port, lets say 1234.
> >
> > I run the command "netstat -an | grep 1234" and I get a listing of
> > remote IP's that are connected to this service.
> >
> > I would need a command to disconnect a specific IP (lets say
> > 11.22.33.44) from my port.
> >
> > Any ideas ?
> The best way by far is to do it with the cooperation of whatever
> server process is running on port 1234. I.e. there should be a
> command you can send it "hey, kill all your connections with
> 11.22.33.44".
> I don't think there's an easy general way to kill existing TCP
> connections from the outside (or more generally, introduce a fatal
> error on another process' file descriptor).
Its use is broadly frowned upon, but in the HP-UX 11i networking stack
there is an ndd option called tcp_discon and one called (iirc)
tcp_discon_by_addr that will induce a connection abort. A they share
a common herritage I suspect the Solaris networking stack has
something similar.
Presumably, under Linux, one might be able to craft a one-time
netfilter rule that did something similar, but I am speculating based
only on email messages I've seen go by.
Disconnect after the fact is a poor substitute for "Not accept in the
first place..."
rick jones
--
The computing industry isn't as much a game of "Follow The Leader" as
it is one of "Ring Around the Rosy" or perhaps "Duck Duck Goose."
- Rick Jones
these opinions are mine, all mine; HP might not want them anyway... :)
feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
