On Fri, Sep 16, 2016 at 10:06:23AM +0300, Cyrill Gorcunov wrote: > On Thu, Sep 15, 2016 at 05:45:02PM -0600, David Ahern wrote: > > > > > > Try to be selective in the -K , do not kill tcp sockets ? > > > > I am running > > ss -aKw 'dev == red' > > > > to kill raw sockets bound to device named 'red'. > > Thanks David, Eric! I'll play with this option today and report the results.
I created veth pair and bound raw socket into it.
[root@pcs7 iproute2]# misc/ss -A raw
State Recv-Q Send-Q Local Address:Port
Peer Address:Port
ESTAB 0 0
127.0.0.1:ipproto-255
127.0.0.10:ipproto-9090
UNCONN 0 0
127.0.0.10:ipproto-255 *:*
UNCONN 0 0 :::ipv6-icmp
:::*
UNCONN 0 0 :::ipv6-icmp
:::*
ESTAB 0 0
::1:ipproto-255
::1:ipproto-9091
UNCONN 0 0
::1%vm1:ipproto-255 :::*
[root@pcs7 iproute2]#
[root@pcs7 iproute2]# misc/ss -aKw 'dev == vm1'
State Recv-Q Send-Q Local Address:Port
Peer Address:Port
UNCONN 0 0
::1%vm1:ipproto-255 :::*
[root@pcs7 iproute2]# misc/ss -A raw
State Recv-Q Send-Q Local Address:Port
Peer Address:Port
ESTAB 0 0
127.0.0.1:ipproto-255
127.0.0.10:ipproto-9090
UNCONN 0 0
127.0.0.10:ipproto-255 *:*
UNCONN 0 0 :::ipv6-icmp
:::*
UNCONN 0 0 :::ipv6-icmp
:::*
ESTAB 0 0
::1:ipproto-255
::1:ipproto-9091
so it get zapped out. Is there some other way to test it?
