conn-close 1.0

conn-close gives us possibility to get rid of entries in ip_conntrack about ESTABLISHED TCP connections.

  Add it to your Download Basket!

 Add it to your Watch List!

0/5

Rate it!
send us
an update
LICENSE TYPE:
GPL (GNU General Public License) 
USER RATING:
UNRATED
  0.0/5
DEVELOPED BY:
Pawel Pawilcz
HOMEPAGE:
snaj.royy.net
CATEGORY:
ROOT \ System \ Networking
3 conn-close Screenshots:
conn-closeconn-closeconn-close
conn-close gives us possibility to get rid of entries in ip_conntrack about ESTABLISHED TCP connections that goes through our server.

conn-close script uses hping2 to send spoofed RST packets which will fool conntrack and cause specified connections to be considered by conntrack as closed (now these connections will be in ip_conntrack in CLOSE state), even though RST packets will be mor

Information about connections is read of course from /proc/net/ip_conntrack.

Idea was taken from script seen somewhere on the internet.

Requirements:

· Perl 5.x (latest stable for your distro because of security reasons)
· hping2

Installation:

· Download script: conn-close
· Copy conn-close to some location that is in your PATH variable, for example /usr/sbin.
· chmod +x /path_to_script/conn-close

Example of usage:

conn-close
conn-close --srcip=10.0.0.2 --dstip=1.2.3.4 --lookup
conn-close --srcip=10.0.0.2 --dstip=1.2.3.4 --srcport=22 --dstport=8080 --close

Last updated on May 8th, 2006

#TCP connections #ip_conntrack entries #remove ip_conntrack entries #conn-close #ip_conntrack #entries #TCP

Add your review!

SUBMIT