Home » Categories » Linux

HowTo: Kill TCP Connections in CLOSE_WAIT State

Article Number: 477 | Rating: Unrated | Last Updated: Thu, Feb 14, 2019 10:34 AM

HowTo: Kill TCP Connections in CLOSE_WAIT State

Posted on by admin
 

If you are seeing a large number of connections persisting in CLOSE_WAIT state, it’s probably a problem with the application itself.

Restarting it will clear the connections temporarily, but obviously, further investigation will be required to find the cause of the problem.

If restarting of application is undesirable, you can manually kill all connections that are in CLOSE_WAIT state.

Kill CLOSE_WAIT connections by IP

Kill TCP connections in CLOSE_WAIT state, established with the foreign IP address 192.168.0.100:

$ netstat -anp |\
grep 192.168.0.100 |\
grep CLOSE_WAIT |\
awk '{print $7}' |\
cut -d \/ -f1 |\
grep -oE "[[:digit:]]{1,}" |\
xargs kill

The same command in one line:

$ netstat -anp | grep 192.168.0.100 | grep CLOSE_WAIT | awk '{print $7}' | cut -d \/ -f1 | grep -oE "[[:digit:]]{1,}" | xargs kill

Kill CLOSE_WAIT connections by PORT

Use the following command to Kill TCP connections in CLOSE_WAIT state on port 80:

$ netstat -anp |\
grep ':80 ' |\
grep CLOSE_WAIT |\
awk '{print $7}' |\
cut -d \/ -f1 |\
grep -oE "[[:digit:]]{1,}" |\
xargs kill

The same command in one line:

$ netstat -anp | grep ':80 ' | grep CLOSE_WAIT | awk '{print $7}' | cut -d \/ -f1 | grep -oE "[[:digit:]]{1,}" | xargs kill

Kill CLOSE_WAIT connections by IP and PORT

Kill TCP connections in CLOSE_WAIT, state established with foreign IP address 192.168.0.100 on port 80:

$ netstat -anp |\
grep 192.168.0.100 |\
grep ':80 ' |\
grep CLOSE_WAIT |\
awk '{print $7}' |\
cut -d \/ -f1 |\
grep -oE "[[:digit:]]{1,}" |\
xargs kill

The same command in one line:

$ netstat -anp | grep 192.168.0.100 | grep ':80 ' | grep CLOSE_WAIT | awk '{print $7}' | cut -d \/ -f1 | grep -oE "[[:digit:]]{1,}" | xargs kill

How Does It Work?

$ netstat -anp |\  # print network connections
grep 192.168.0.100 |\  # established with IP 192.168.0.100
grep ':80 ' |\  # established on port 80
grep CLOSE_WAIT |\  #  connections in CLOSE_WAIT state
awk '{print $7}' |\  #  print the 7th column
cut -d \/ -f1 |\  #  extract PIDs
grep -oE "[[:digit:]]{1,}" |\  #  extract PIDs
xargs kill  #  kill PIDs

lsof -i :80 |grep CLOSE_WAIT| awk '{print $2}|uniq| xargs kill
 
Posted - Thu, Feb 14, 2019 10:34 AM. This article has been viewed 14695 times.
Filed Under: Linux
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
Tcpdump Examples Linux
Viewed 5579 times since Fri, Nov 16, 2018
SSH ProxyCommand example: Going through one host to reach another server
Viewed 12992 times since Tue, Aug 6, 2019
RHEL: Resize/disable /dev/shm filesystem
Viewed 13820 times since Sun, May 27, 2018
ZPOOL: Grow a zpool by adding new device(s)
Viewed 5798 times since Sun, Jun 3, 2018
RHCS6: Create a new Logical Volume / Global Filesystem 2 (GFS2)
Viewed 1933 times since Sun, Jun 3, 2018
What UUIDs can do for you
Viewed 1555 times since Tue, Jul 17, 2018
LVM: Create a new Volume Group
Viewed 1808 times since Sat, Jun 2, 2018
Modifying the inode count for an ext2/ext3/ext4 file system
Viewed 14198 times since Fri, Sep 18, 2020
Find All Large Files On A Linux System
Viewed 1863 times since Mon, Oct 29, 2018
Secure Remote Logging to Central Log Server Using RSYSLOG on CentOS 6 / CentOS 7 and stunnel
Viewed 3292 times since Sun, Dec 6, 2020