3

Greeting,

I am testing application on linux, and we have a bug related to the database connection, since the database connection cannnot be restarted and it's on a remote machine, I would like to kill the tcp connection in order to interrupt the connection and see the behaviour.

Unplugging the network cable is not an option neither! I don't have physical access on both machines.

I tought about using the iptables, but I don't have iptables on my system, so my project manager told me to use tcpkill to accomplish this.

Can someone tell me where I can get the tcpkill rpm and give me some hints about how to use it?

Killercode
  • 133
  • 1
  • 1
  • 5

1 Answers1

10

Add a null route with ip route blackhole, assuming you have root:

[root@centos6 ~]# nc -zv 192.168.15.100 80
Connection to 192.168.15.100 80 port [tcp/http] succeeded!
[root@centos6 ~]# ip route add blackhole 192.168.15.100
[root@centos6 ~]# nc -zv 192.168.15.100 80
nc: connect to 192.168.15.100 port 80 (tcp) failed: Network is unreachable
[root@centos6 ~]# ip route delete blackhole 192.168.15.100
[root@centos6 ~]# nc -zv 192.168.15.100 80
Connection to 192.168.15.100 80 port [tcp/http] succeeded!

EDIT: If you have on the machine and the app connects to the database via a FQDN, add a FQDN and point the FQDN to a dummy address. It may take a while for the tcp connection to drop, though.

EDIT again: Okay, I missed the part about tcpkill. :)

It available in EPEL, which, if you are running CentOS or Scientific Linux, you enable the EPEL repo so that you can find it:

[root@kerberos rsync-dist]# yum whatprovides "*/tcpkill" --enablerepo=epel
Loaded plugins: refresh-packagekit
epel/metalink                                                                                                                                                              | 9.0 kB     00:00     
epel                                                                                                                                                                       | 4.3 kB     00:00     
epel/primary_db                                                                                                                                                            | 4.3 MB     00:05     
epel/filelists_db                                                                                                                                                          | 5.5 MB     00:07     
dsniff-2.4-0.9.b1.el6.x86_64 : Tools for network auditing and penetration testing
Repo        : epel
Matched from:
Filename    : /usr/sbin/tcpkill

Make sure to use the --enablerepo so that you can install from there, like this:

yum -y install dsniff --enablerepo=epel

You can read the instructions here:

http://www.cyberciti.biz/howto/question/linux/kill-tcp-connection-using-linux-netstat.php

Example:

tcpkill ip host 192.168.1.2 and not 192.168.1.111
Rilindo
  • 5,058
  • 5
  • 26
  • 46
  • changing DNS will not kill existing tcp connection – Sandman4 Dec 06 '11 at 06:35
  • You are right. At best, the connection will just time out. I just provided that in case he does not have the iproute2 package installed (not likely at this, but you never know). – Rilindo Dec 06 '11 at 14:07