内容纲要
环境
老游戏服务器系统老旧 centos6.5
程序服务端不更新了,获取不到用户ip,无法封,所以用iptables封杀
1. TCP连接去重排序
[root@server ~]# netstat -lanp|grep 35127|grep ESTABLISHED|awk -F "[:]+" '{print $6}'|sort|uniq -c|sort -rn
23 106.8.233.11
7 223.90.40.54
6 27.19.32.32
4 175.155.103.14
4 120.235.60.250
4 112.49.205.160
3 140.240.45.225
3 117.160.155.38
2 36.98.188.205
2 27.38.217.141
2 183.19.222.40
2 124.226.44.243明显106.8.233.11 不正常
2. 拉黑IP
iptables -I INPUT -s 106.8.233.11 -j DROP此时TCP连接还存在,需要tcpkill
3. 安装 dsniff
yum -y install dsniff 4. tcpkill 指定IP
tcpkill -i any -9 host 106.8.233.11指定网卡eth0什么的
tcpkill -i eth0 -9 host 106.8.233.11执行耐心等待出现 ,完工
[root@server ~]# tcpkill -i eth0 -9 host 106.8.233.11
tcpkill: listening on eth0 [host 106.8.233.11]
172.19.63.158:35127 > 106.8.233.11:29106: R 2667842955:2667842955(0) win 0
172.19.63.158:35127 > 106.8.233.11:29106: R 2667842984:2667842984(0) win 0
172.19.63.158:35127 > 106.8.233.11:29106: R 2667843042:2667843042(0) win 0
172.19.63.158:35127 > 106.8.233.11:29106: R 2667843129:2667843129(0) win 0
172.19.63.158:35127 > 106.8.233.11:29106: R 2667843245:2667843245(0) win 0
172.19.63.158:35127 > 106.8.233.11:29106: R 2667843390:2667843390(0) win 0
172.19.63.158:30127 > 106.8.233.11:29106: R 2667843564:2667843564(0) win 0
....5. tcpkill 端口命令
没用到 记录备忘
tcpkill -i any -9 port 29106
近期评论