How to use the command tcpkill (with examples)

This article provides examples of how to use the tcpkill command to kill specified in-progress TCP connections.

Description of the command

The tcpkill command is used to terminate ongoing TCP connections. It allows users to specify the interface, host, and port of the connections to be killed.

Use case 1: Kill in-progress connections at a specified interface, host, and port

Code:

tcpkill -i eth1 host 192.95.4.27 and port 2266

Motivation:

This use case is useful in scenarios where there is a need to terminate specific TCP connections. For example, if there is suspicious network activity originating from a particular IP address and port, using tcpkill can help disconnect those connections immediately.

Explanation:

• tcpkill: The command used to kill TCP connections.
• -i eth1: Specifies the network interface on which the command will act. In this example, it is set to eth1.
• host 192.95.4.27 and port 2266: Filters the connections to be killed based on the specified host IP address and port number. In this case, any TCP connection originating from host 192.95.4.27 and port 2266 will be terminated.

Example output:

Killed connection 192.95.4.27:2266 <-> 10.0.0.1:12345
Killed connection 192.95.4.27:2266 <-> 10.0.0.2:54321

Conclusion

The tcpkill command provides a quick and efficient way to terminate specific TCP connections. By specifying the interface, host, and port, users can terminate unwanted or suspicious connections on their network.