有人知道如何通过windows命令行关闭单个连接的TCP或UDP套接字吗?

我在谷歌上搜索了一下,看到一些人也问了同样的问题。但是答案看起来像是netstat或netsh命令的手册页,重点关注如何监视端口。我不想要关于如何监控它们的答案(我已经这样做了)。我想干掉他们。

EDIT, for clarification: Let's say that my server listens TCP port 80. A client makes a connection and port 56789 is allocated for it. Then, I discover that this connection is undesired (e.g. this user is doing bad things, we asked them to stop but the connection didn't get dropped somewhere along the way). Normally, I would add a firewall to do the job, but this would take some time, and I was in an emergency situation. Killing the process that owns the connection is really a bad idea here because this would take down the server (all users would lose functionality when we just want to selectively and temporally drop this one connection).


当前回答

例如,您希望释放端口8080 然后,按照这些命令执行。

 netstat -ano
 taskkill /f /im [PID of the port 8080 got from previous command]

完成了!

其他回答

为了关闭该端口,您可以确定正在侦听该端口的进程并杀死该进程。

即时/可行/部分答案:https://stackoverflow.com/a/20130959/2584794 与前面使用netstat -a -o -n的答案不同,在没有使用这些端口的应用程序名称的情况下,要查看非常长的列表

Wkillcx是一个可靠的Windows命令行工具,用于从前面没有提到的命令行删除TCP连接。不过,它有时确实会在连接大量的服务器上出现问题。我有时使用tcpview进行交互式kill,但wkillcx可以在脚本中使用。

CurrPorts不适合我们,我们只能通过ssh访问服务器,所以也没有TCPView。为了不断开其他连接,我们也不能终止该进程。我们最终做的是在Windows的防火墙上阻止连接,但这还没有被建议。是的,这将阻止所有符合规则的连接,但在我们的情况下,只有一个连接(我们感兴趣的):

netsh advfirewall firewall add rule name="Conn hotfix" dir=out action=block protocol=T
CP remoteip=192.168.38.13

替换为您需要的IP,并根据需要添加其他规则。

尝试Sysinternals/Microsoft的工具TCPView (GUI)和Tcpvcon(命令行)。 https://learn.microsoft.com/en-us/sysinternals/downloads/tcpview