通過過濾ip_conntrack表得到ESTABLISHED狀態過多的ip,用hping工具將這些ip從表中清理掉...
安裝: ./configure;make;make install
hping清理IP conntrack script:(此script修改連結狀態為closed)
#!/bin/sh
if [ -z $1 ] ; then
echo "NO INPUT IP"
exit
fi
grep -E "^tcp .{10,25}ESTABLISHED src=$1 " /proc/net/ip_conntrack | while read line; do
S_IP=`echo $line | awk '{print substr($5,5)}'`
S_SOCK=`echo $line | awk '{print substr($7,7)}'`
D_IP=`echo $line | awk '{print substr($6,5)}'`
D_SOCK=`echo $line | awk '{print substr($8,7)}'`
echo "$S_IP:$S_SOCK $D_IP:$D_SOCK"
hping2 $D_IP -R -s $S_SOCK -p $D_SOCK -a $S_IP -k -c 1 > /home/huaying/1.log 2>&1 &
done
實際上還是用 conntrack tool 去 flush table比較快 @_@"
沒有留言:
張貼留言