First, use conntrack to correctly identify your entries:
conntrack -L -s 172.16.1.45 -d 123.123.123.123
This should display any connections that came from the internal IP of 172.16.1.45 destined to 123.123.123.123
Once you have confirmed the connections shown are the ones you with to delete/reset, paste the following after the command from above:
conntrack -L -s 172.16.1.45 -d 123.123.123.123 | sed 's/=/ /g' | awk '{print("conntrack -D -s "$6" -d "$8" -p "$1" --sport="$10" --dport="$12)}'
This will print a list of the commands that would run to delete the connections. Replace "print" with "system" to execute the deletions:
conntrack -L -s 172.16.1.45 -d 123.123.123.123 | sed 's/=/ /g' | awk '{system("conntrack -D -s "$6" -d "$8" -p "$1" --sport="$10" --dport="$12)}'
Finally, re-run the list command to see that all the entries have been removed:
conntrack -L -s 172.16.1.45 -d 123.123.123.123
And you're done!
One thought on “Deleting Specific Entries from Conntrack in Linux”
You must log in to post a comment.