Deleting Specific Entries from Conntrack in Linux

First, use conntrack to correctly identify your entries:

    conntrack -L -s 172.16.1.45 -d 123.123.123.123

This should display any connections that came from the internal IP of 172.16.1.45 destined to 123.123.123.123

Once you have confirmed the connections shown are the ones you with to delete/reset, paste the following after the command from above:

    conntrack -L -s 172.16.1.45 -d 123.123.123.123 | sed ‘s/=/ /g’ | awk ‘{print("conntrack -D -s "$6" -d "$8" -p "$1" –sport="$10" –dport="$12)}’

This will print a list of the commands that would run to delete the connections. Replace "print" with "system" to execute the deletions:

    conntrack -L -s 172.16.1.45 -d 123.123.123.123 | sed ‘s/=/ /g’ | awk ‘{system("conntrack -D -s "$6" -d "$8" -p "$1" –sport="$10" –dport="$12)}’

Finally, re-run the list command to see that all the entries have been removed:

    conntrack -L -s 172.16.1.45 -d 123.123.123.123

And you’re done!

One thought on “Deleting Specific Entries from Conntrack in Linux”