2005-02-06 10:47:12 +00:00
|
|
|
.\" $OpenBSD: tcpdrop.8,v 1.5 2004/05/24 13:57:31 jmc Exp $
|
|
|
|
.\"
|
2009-06-01 06:49:09 +00:00
|
|
|
.\" Copyright (c) 2009 Juli Mallett <jmallett@FreeBSD.org>
|
2005-02-06 10:47:12 +00:00
|
|
|
.\" Copyright (c) 2004 Markus Friedl <markus@openbsd.org>
|
|
|
|
.\"
|
|
|
|
.\" Permission to use, copy, modify, and distribute this software for any
|
|
|
|
.\" purpose with or without fee is hereby granted, provided that the above
|
|
|
|
.\" copyright notice and this permission notice appear in all copies.
|
|
|
|
.\"
|
|
|
|
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
|
|
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
|
|
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
|
|
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
|
|
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
|
|
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
|
|
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
|
|
.\"
|
|
|
|
.\" $FreeBSD$
|
|
|
|
.\"
|
2009-06-01 06:49:09 +00:00
|
|
|
.Dd March 24, 2009
|
2005-02-06 10:47:12 +00:00
|
|
|
.Dt TCPDROP 8
|
|
|
|
.Os
|
|
|
|
.Sh NAME
|
|
|
|
.Nm tcpdrop
|
2009-06-01 06:49:09 +00:00
|
|
|
.Nd drop TCP connections
|
2005-02-06 10:47:12 +00:00
|
|
|
.Sh SYNOPSIS
|
|
|
|
.Nm tcpdrop
|
2009-06-01 06:49:09 +00:00
|
|
|
.Ar local-address
|
|
|
|
.Ar local-port
|
|
|
|
.Ar foreign-address
|
|
|
|
.Ar foreign-port
|
|
|
|
.Nm tcpdrop
|
|
|
|
.Op Fl l
|
|
|
|
.Fl a
|
2005-02-06 10:47:12 +00:00
|
|
|
.Sh DESCRIPTION
|
|
|
|
The
|
|
|
|
.Nm
|
2009-06-01 06:49:09 +00:00
|
|
|
command may be used to drop TCP connections from the command line.
|
|
|
|
.Pp
|
|
|
|
If
|
|
|
|
.Fl a
|
|
|
|
is specified then
|
|
|
|
.Nm
|
|
|
|
will attempt to drop all active connections.
|
|
|
|
The
|
|
|
|
.Fl l
|
|
|
|
flag may be given to list the tcpdrop invocation to drop all active
|
|
|
|
connections one at a time.
|
|
|
|
.Pp
|
|
|
|
If
|
|
|
|
.Fl a
|
|
|
|
is not specified then only the connection between the given local
|
|
|
|
address
|
|
|
|
.Ar local-address ,
|
2005-02-06 10:47:12 +00:00
|
|
|
port
|
2009-06-01 06:49:09 +00:00
|
|
|
.Ar local-port ,
|
2005-02-06 10:47:12 +00:00
|
|
|
and the foreign address
|
2009-06-01 06:49:09 +00:00
|
|
|
.Ar foreign-address ,
|
2005-02-06 10:47:12 +00:00
|
|
|
port
|
2009-06-01 06:49:09 +00:00
|
|
|
.Ar foreign-port ,
|
|
|
|
will be dropped.
|
|
|
|
.Pp
|
|
|
|
Addresses and ports may be specified by name or numeric value.
|
|
|
|
Both IPv4 and IPv6 address formats are supported.
|
|
|
|
.Nm
|
|
|
|
in case of success or failure.
|
2005-02-06 10:47:12 +00:00
|
|
|
.Sh EXIT STATUS
|
|
|
|
.Ex -std
|
|
|
|
.Sh EXAMPLES
|
|
|
|
If a connection to
|
2009-06-01 06:49:09 +00:00
|
|
|
.Xr httpd 8
|
2005-02-06 10:47:12 +00:00
|
|
|
is causing congestion on a network link, one can drop the TCP session
|
|
|
|
in charge:
|
|
|
|
.Bd -literal -offset indent
|
2005-03-14 14:12:29 +00:00
|
|
|
# sockstat -c | grep httpd
|
2005-03-14 12:15:43 +00:00
|
|
|
www httpd 16525 3 tcp4 \e
|
|
|
|
192.168.5.41:80 192.168.5.1:26747
|
2005-02-06 10:47:12 +00:00
|
|
|
.Ed
|
|
|
|
.Pp
|
|
|
|
The following command will drop the connection:
|
|
|
|
.Bd -literal -offset indent
|
|
|
|
# tcpdrop 192.168.5.41 80 192.168.5.1 26747
|
|
|
|
.Ed
|
2009-06-01 06:49:09 +00:00
|
|
|
.Pp
|
|
|
|
The following command will drop all connections but those to or from
|
|
|
|
port 22, the port used by
|
|
|
|
.Xr sshd 8 :
|
|
|
|
.Bd -literal -offset indent
|
|
|
|
# tcpdrop -l -a | grep -vw 22 | sh
|
|
|
|
.Ed
|
2005-02-06 10:47:12 +00:00
|
|
|
.Sh SEE ALSO
|
2005-03-14 12:24:34 +00:00
|
|
|
.Xr netstat 1 ,
|
|
|
|
.Xr sockstat 1
|
2005-02-06 10:47:12 +00:00
|
|
|
.Sh AUTHORS
|
|
|
|
.An Markus Friedl Aq markus@openbsd.org
|
2009-06-01 06:49:09 +00:00
|
|
|
.An Juli Mallett Aq jmallett@FreeBSD.org
|