Home » Categories » Linux

HowTo: Kill TCP Connections in CLOSE_WAIT State

Article Number: 477 | Rating: Unrated | Last Updated: Thu, Feb 14, 2019 10:34 AM

HowTo: Kill TCP Connections in CLOSE_WAIT State

Posted on by admin
 

If you are seeing a large number of connections persisting in CLOSE_WAIT state, it’s probably a problem with the application itself.

Restarting it will clear the connections temporarily, but obviously, further investigation will be required to find the cause of the problem.

If restarting of application is undesirable, you can manually kill all connections that are in CLOSE_WAIT state.

Kill CLOSE_WAIT connections by IP

Kill TCP connections in CLOSE_WAIT state, established with the foreign IP address 192.168.0.100:

$ netstat -anp |\
grep 192.168.0.100 |\
grep CLOSE_WAIT |\
awk '{print $7}' |\
cut -d \/ -f1 |\
grep -oE "[[:digit:]]{1,}" |\
xargs kill

The same command in one line:

$ netstat -anp | grep 192.168.0.100 | grep CLOSE_WAIT | awk '{print $7}' | cut -d \/ -f1 | grep -oE "[[:digit:]]{1,}" | xargs kill

Kill CLOSE_WAIT connections by PORT

Use the following command to Kill TCP connections in CLOSE_WAIT state on port 80:

$ netstat -anp |\
grep ':80 ' |\
grep CLOSE_WAIT |\
awk '{print $7}' |\
cut -d \/ -f1 |\
grep -oE "[[:digit:]]{1,}" |\
xargs kill

The same command in one line:

$ netstat -anp | grep ':80 ' | grep CLOSE_WAIT | awk '{print $7}' | cut -d \/ -f1 | grep -oE "[[:digit:]]{1,}" | xargs kill

Kill CLOSE_WAIT connections by IP and PORT

Kill TCP connections in CLOSE_WAIT, state established with foreign IP address 192.168.0.100 on port 80:

$ netstat -anp |\
grep 192.168.0.100 |\
grep ':80 ' |\
grep CLOSE_WAIT |\
awk '{print $7}' |\
cut -d \/ -f1 |\
grep -oE "[[:digit:]]{1,}" |\
xargs kill

The same command in one line:

$ netstat -anp | grep 192.168.0.100 | grep ':80 ' | grep CLOSE_WAIT | awk '{print $7}' | cut -d \/ -f1 | grep -oE "[[:digit:]]{1,}" | xargs kill

How Does It Work?

$ netstat -anp |\  # print network connections
grep 192.168.0.100 |\  # established with IP 192.168.0.100
grep ':80 ' |\  # established on port 80
grep CLOSE_WAIT |\  #  connections in CLOSE_WAIT state
awk '{print $7}' |\  #  print the 7th column
cut -d \/ -f1 |\  #  extract PIDs
grep -oE "[[:digit:]]{1,}" |\  #  extract PIDs
xargs kill  #  kill PIDs

lsof -i :80 |grep CLOSE_WAIT| awk '{print $2}|uniq| xargs kill
 
Posted - Thu, Feb 14, 2019 10:34 AM. This article has been viewed 17177 times.
Filed Under: Linux
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
Use Fail2ban to Secure Your Server
Viewed 16063 times since Fri, Jul 5, 2019
OpenSSL – sprawdzanie czy klucz pasuje do certyfikatu
Viewed 3284 times since Thu, May 24, 2018
RHEL: Remove existing SAN LUNs
Viewed 14973 times since Sat, Jun 2, 2018
debian Debian/Ubuntu Linux: Find If Installed APT Package Includes a Fix/Patch Via CVE Number
Viewed 10239 times since Sun, Sep 23, 2018
Using grep to find string in files
Viewed 3051 times since Fri, May 15, 2020
RHEL: XFS basic operations
Viewed 17186 times since Sat, Jun 2, 2018
10 Linux nslookup Command Examples for DNS Lookup
Viewed 10960 times since Sun, Sep 30, 2018
CentOS / RHEL : How to move a Volume Group from one system to another
Viewed 4637 times since Mon, Jan 28, 2019
What is OS Watcher Utility and How to use it for Database Troubleshooting ?
Viewed 31755 times since Thu, Jun 21, 2018
ubuntu How to Reset Forgotten Passwords in Ubuntu 16.04
Viewed 4508 times since Tue, Dec 8, 2020