HowTo: Kill TCP Connections in CLOSE_WAIT State

HowTo: Kill TCP Connections in CLOSE_WAIT State

 

If you are seeing a large number of connections persisting in CLOSE_WAIT state, it’s probably a problem with the application itself.

Restarting it will clear the connections temporarily, but obviously, further investigation will be required to find the cause of the problem.

If restarting of application is undesirable, you can manually kill all connections that are in CLOSE_WAIT state.

Kill CLOSE_WAIT connections by IP

Kill TCP connections in CLOSE_WAIT state, established with the foreign IP address 192.168.0.100:

$ netstat -anp |\
grep 192.168.0.100 |\
grep CLOSE_WAIT |\
awk '{print $7}' |\
cut -d \/ -f1 |\
grep -oE "[[:digit:]]{1,}" |\
xargs kill

The same command in one line:

$ netstat -anp | grep 192.168.0.100 | grep CLOSE_WAIT | awk '{print $7}' | cut -d \/ -f1 | grep -oE "[[:digit:]]{1,}" | xargs kill

Kill CLOSE_WAIT connections by PORT

Use the following command to Kill TCP connections in CLOSE_WAIT state on port 80:

$ netstat -anp |\
grep ':80 ' |\
grep CLOSE_WAIT |\
awk '{print $7}' |\
cut -d \/ -f1 |\
grep -oE "[[:digit:]]{1,}" |\
xargs kill

The same command in one line:

$ netstat -anp | grep ':80 ' | grep CLOSE_WAIT | awk '{print $7}' | cut -d \/ -f1 | grep -oE "[[:digit:]]{1,}" | xargs kill

Kill CLOSE_WAIT connections by IP and PORT

Kill TCP connections in CLOSE_WAIT, state established with foreign IP address 192.168.0.100 on port 80:

$ netstat -anp |\
grep 192.168.0.100 |\
grep ':80 ' |\
grep CLOSE_WAIT |\
awk '{print $7}' |\
cut -d \/ -f1 |\
grep -oE "[[:digit:]]{1,}" |\
xargs kill

The same command in one line:

$ netstat -anp | grep 192.168.0.100 | grep ':80 ' | grep CLOSE_WAIT | awk '{print $7}' | cut -d \/ -f1 | grep -oE "[[:digit:]]{1,}" | xargs kill

How Does It Work?

$ netstat -anp |\  # print network connections
grep 192.168.0.100 |\  # established with IP 192.168.0.100
grep ':80 ' |\  # established on port 80
grep CLOSE_WAIT |\  #  connections in CLOSE_WAIT state
awk '{print $7}' |\  #  print the 7th column
cut -d \/ -f1 |\  #  extract PIDs
grep -oE "[[:digit:]]{1,}" |\  #  extract PIDs
xargs kill  #  kill PIDs

lsof -i :80 |grep CLOSE_WAIT| awk '{print $2}|uniq| xargs kill
 
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
Linux - How to get network speed and statistic of ethernet adapter in Linux
Viewed 907 times since Fri, Jun 8, 2018
Use inotify-tools on CentOS 7 or RHEL 7 to watch files and directories for events
Viewed 11176 times since Fri, Jul 27, 2018
RHEL7: How to get started with Firewalld.
Viewed 8921 times since Wed, May 22, 2019
RHEL: Displaying system info (firmware, serial numbers... )
Viewed 9233 times since Sun, May 27, 2018
systemctl Use systemd to Start a Linux Service at Boot
Viewed 3993 times since Mon, Dec 7, 2020
How To Ping Specific Port Number
Viewed 1515 times since Mon, Jun 1, 2020
RHEL: Retrieve and generate a unique SCSI identifier
Viewed 1539 times since Sat, Jun 2, 2018
OpenSSL – sprawdzanie czy klucz pasuje do certyfikatu
Viewed 1516 times since Thu, May 24, 2018
CentOS / RHEL : How to move a Volume Group from one system to another
Viewed 1515 times since Mon, Jan 28, 2019
Linux Cluster Tutorial
Viewed 839 times since Sat, Sep 29, 2018