Tcpkill is a command line tool which comes with dsnif package to kill/terminate the tcp connections on a LAN/WAN/INTERNET from ports or hosts. To install the dsnif packages read my another post regarding the dsnif installation.
Tcpkill Syntax :
- # tcpkill [-i interface] [-1…9] expression
OPTIONS
- -i interface Specify the interface to listen on.
- -1…9 Specify the degree of brute force to use in killing a connection. Fast connections may require a higher number in order to land a RST in the moving receive window. Default is 3.
{expression} Specify a tcpdump(8) filter expression to select the connections to kill.
Kill all outgoing SMTP (port 25) connection:
- # tcpkill -i eth0 port 25
To prevent any connections to the host www.gmail.com or an ip 192.168.1.1 use this command:
- # /usr/sbin/tcpkill −9 host www.gmail.com
# /usr/sbin/tcpkill −9 192.168.1.1
# /usr/sbin/tcpkill −9 host www.gmail.com and host www.gnutoolbox.com
To kill all IP packets between 192.168.1.1 and any host except 192.168.1.2 :
- # tcpkill ip host 192.168.1.1 and not 192.168.1.2
Killing all packets arriving at or departing from host 192.168.1.1
- # tcpkill host 192.168.1.1
# tcpkill host hostname.com
Useful Links :