From owner-freebsd-stable@FreeBSD.ORG  Fri May 30 08:37:40 2008
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 25198106566B
	for <freebsd-stable@freebsd.org>; Fri, 30 May 2008 08:37:40 +0000 (UTC)
	(envelope-from devin@spamcop.net)
Received: from mail.distalzou.net (203.141.139.231.static.zoot.jp
	[203.141.139.231])
	by mx1.freebsd.org (Postfix) with ESMTP id D0BCA8FC1B
	for <freebsd-stable@freebsd.org>; Fri, 30 May 2008 08:37:39 +0000 (UTC)
	(envelope-from devin@spamcop.net)
Received: from plexi.pun-pun.prv ([192.168.7.29])
	by mail.distalzou.net with esmtps (TLSv1:AES256-SHA:256)
	(Exim 4.69 (FreeBSD)) (envelope-from <devin@spamcop.net>)
	id 1K1zog-000B8n-Jb; Fri, 30 May 2008 17:18:26 +0900
Date: Fri, 30 May 2008 17:18:26 +0900 (JST)
From: Tod McQuillin <devin@spamcop.net>
X-X-Sender: devin@plexi.pun-pun.prv
To: Peter Jeremy <peterjeremy@optushome.com.au>
In-Reply-To: <20080530081143.GI1028@server.vk2pj.dyndns.org>
Message-ID: <20080530171642.S87269@plexi.pun-pun.prv>
References: <483E4657.9060906@FreeBSD.org> <483EA513.4070409@earthlink.net>
	<96AFE8D3-7EAC-4A4A-8EFF-35A5DCEC6426@inoc.net>
	<483EAED1.2050404@FreeBSD.org>
	<200805291912.m4TJCG56025525@apollo.backplane.com>
	<14DA211A-A9C5-483A-8CB9-886E5B19A840@inoc.net>
	<200805291930.m4TJUeGX025815@apollo.backplane.com>
	<0C827F66-09CE-476D-86E9-146AB255926B@inoc.net>
	<200805292132.m4TLWhCv026720@apollo.backplane.com>
	<CCBAEE3E-35A5-4BF8-A0B7-321272533B62@inoc.net>
	<20080530081143.GI1028@server.vk2pj.dyndns.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-stable@freebsd.org, Robert Blayzor <rblayzor.bulk@inoc.net>
Subject: Re: Sockets stuck in FIN_WAIT_1
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 30 May 2008 08:37:40 -0000

On Fri, 30 May 2008, Peter Jeremy wrote:

> As a work-around, you could write a cronjob that scans "netstat" and
> temporarily creates an ipfw 'reset' rule that matches each FIN_WAIT_1
> socket

In the past, I've used something like this:

netstat -an | grep FIN_WAIT_1 |
perl -pe 's/.*\s((?:\d+\.){3}\d+)\.(\d+)\s*((?:\d+\.){3}\d+)\.(\d+).*/tcpdrop $1 $2 $3 $4/' |
sh -x

This relies on tcpdrop, included as /usr/sbin/tcpdrop on FreeBSD 6.x; you 
may need to install it from a port on FreeBSD 4.x.
-- 
Tod McQuillin