Blog

03/06/2019

Linux: Force Close A Socket / Port On Server In a TIME_WAIT State



I run a BT client and few other server program on Linux. Sometime these programs get overloaded with too many connections and crashes. If I restart my apps, I see lots of old IPs in a TIME_WAIT state. How do I force and and close everything in a TIME_WAIT state under Linux operating systems?

TIME-WAIT state can exists on either server or client program. It represents waiting for enough time to pass to be sure the remote TCP received the acknowledgment of its connection termination request. [donotprint][/donotprint]The /proc/sys/net/ipv4/tcp_fin_timeout setting determines the time that must elapse before TCP/IP can release a closed connection and reuse its resources. This is known as TIME_WAIT state. TIME_WAIT is a normal part of the TCP connection. However, if you must close a socket in TIME_WAIT state, try:

[a] Restart the networking service

[b] cutter command

Finding out current TIME_WAIT settings

Type the following command
$ cat /proc/sys/net/ipv4/tcp_fin_timeout
Sample outputs:

60

You can lower the value by typing the following command as root user:
# echo 20 > /proc/sys/net/ipv4/tcp_fin_timeout
To set /proc/sys/net/ipv4/tcp_fin_timeout to 20 permanently, edit the file /etc/sysctl.conf and set it as follows:

net.ipv4.tcp_fin_timeout=20

Restating the network service

To restart the network service under RHEL / CentOS based systems, enter:
# service network restart
OR
# /etc/init.d/network restart
Ubuntu / Debian Linux, user try the following command:
$ sudo service networking restart
OR
$ sudo /etc/init.d/networking restart

cutter command

Cutter is an open source program that allows Linux firewall administrators to abort TCP/IP connections routed over the firewall or router on which it is run.

Examples

To cut all connections from 192.168.1.10 to server, enter:
# cutter 192.168.1.10
To cut all ssh connection from 192.168.1.1 to server, type:
# cutter 192.168.1.1 22
To cut all http connection from 192.168.1.5 to ssh server 202.54.1.20, run:
# cutter 202.54.1.20 192.168.1.5 80
See how to install and use the cutter command for more information here.

See also

See the following man pages:
man 7 socket
man 7 tcp
man 7 ip
man 5 proc

Posted by: SXI ADMIN

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

20/08/2019

Start your Bitcoin Exchange with our Software

Start your Bitcoin Exchange with our Software Setup your white label bitcoin exchange right away. Or create your own cryptocurrency using...
14/08/2019

How to KVM, QEMU start or stop virtual machine from command line (CLI)

KVM or Kernel Based Virtual Machine is a popular virtualization technology. It allows you to run virtual guest machines over a host machine. To start...
14/08/2019

How to Docker backup Saving and restoring your volumes

Running a Docker volume backup First, we spin up a temporary container, and we mount the backup folder and the target Docker volume to this container....