29

I have a port that is blocked by a process I needed to kill. (a little telnet daemon that crashed). The process was killed successfully but the port is still in a 'FIN_WAIT1' state. It doesn't come out of it, the timeout for that seems to be set to 'a decade'.

The only way I've found to free the port is to reboot the entire machine, which is ofcourse something I do not want to do.

$ netstat -tulnap | grep FIN_WAIT1 
tcp        0  13937 10.0.0.153:4000         10.0.2.46:2572          FIN_WAIT1  -

Does anyone know how I can get this port unblocked without rebooting?

masegaloeh
  • 18,498
Gert M
  • 1,491

9 Answers9

26
# record what tcp_max_orphans's current value
original_value=$(cat /proc/sys/net/ipv4/tcp_max_orphans)

#set the tcp_max_orphans to 0 temporarily
echo 0 > /proc/sys/net/ipv4/tcp_max_orphans

# watch /var/log/messages
# it will split out "kernel: TCP: too many of orphaned sockets"
# it won't take long for the connections to be killed

# restore the value of tcp_max_orphans whatever it was before. 
echo $original_value > /proc/sys/net/ipv4/tcp_max_orphans

# verify with 
netstat -an|grep FIN_WAIT1
unpythonic
  • 103
IdaWong
  • 376
7

You should be able to set the timeout with /proc/sys/net/ipv4/tcp_fin_timeout.

There really doesn't seem to be any way to clear the socket manually.

innaM
  • 1,468
6

It seems that tcp_orphan_retries setting controls how many attempts will be done before a server-less port is released. It was 0 here, after setting it to 1 the ports were gone.

HTH

user64877
  • 61
5

/proc/sys/net/ipv4/tcp_fin_timeout is the timeout of the FIN-WAIT-2 state, not FIN-WAIT-1. You should go with the tcpkill route or you can try to play with the keepalive times under /proc/sys/net/ipv4/tcp_keepalive_* to force a kill by the SO.

Ryan Ahearn
  • 317
2

Running these steps under root ID and it cleared for me:

Capture the kernel setting to change in a variable

$ orig_orphans=$(sysctl -a|grep tcp_max_orph|cut -f3 -d' ')

Temporarily set the max orphans to 0

$ sysctl -w net.ipv4.tcp_max_orphans=0

Check to make sure that problematic port is no longer in use

$ netstat -np|grep 9716

Wait a bit and repeat above step if needed until above command returns no lines

Reset the tcp_max_orphans kernel parameter back to the original value from the variable above

$ sysctl -w net.ipv4.tcp_max_orphans=$orig_orphans
Richard
  • 779
Rad Mandapati
  • 21
1

FIN_WAIT1

The application on local machine has closed the connection. Indication of this has been sent to the remote machine.

You application has closed its side of the connection, the socket is now waiting for the remote side to confirm that close. If you have a problem with a lot of those sockets being held in FIN_WAIT1 then you should follow Manni's advice above.

Dave Cheney
  • 18,875
1

On linux kernel >= 4.9 you can use the ss command from iproute2 with key -K

ss -K dst 192.168.1.214 dport = 49029 the kernel have to be compiled with CONFIG_INET_DIAG_DESTROY option enabled.

via https://unix.stackexchange.com/a/511691/43898

eri
  • 294
-1

Maybe tcpkill would help? More here: http://www.cyberciti.biz/howto/question/linux/kill-tcp-connection-using-linux-netstat.php

Kazimieras Aliulis
  • 2,324
-4

this may help:

net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_intvl = 15
net.ipv4.tcp_retries2 = 2
net.ipv4.tcp_orphan_retries = 1
net.ipv4.tcp_reordering = 5
net.ipv4.tcp_retrans_collapse = 0
user9517
  • 117,122
wkf1436
  • 1
  • 1