Drop TCP connections

On FreeBSD you can drop existing TCP connection using the tcpdrop command. For instance you can drop all ESTABLISHED connections using tcpdrop -s ESTABLISHED. Or you can even list them all with:

$ tcpdrop -la
tcpdrop ::1 59298 ::1 1180
tcpdrop 10.0.0.10 59299 163.172.87.245 80
tcpdrop 10.0.0.10 59300 163.172.87.245 22
tcpdrop 10.0.0.10 59301 96.47.72.84 443

Notice the fun thing here. Those are actual commands that you can use to drop the connections. In fact you can use this to filter which connection you want to drop. For example:

# Drop all but SSH connections
tcpdrop -la | grep -vw 22 | sh

# Drop all incoming HTTP connections
tcpdrop -la | grep -v " 80 " | sh

# Drop all connections to a specific IP
tcpdrop -la | grep -vw 8.8.8.8 | sh

This can be useful for instance on a desktop when you just switched interface, or say just started a VPN daemon, and want all prior TCP connections not originating from your new addresses to be killed. Then you would just add those IP you would like to keep and filter them out:

# List of IPs you want to keep
echo 192.168.1.122 > keep-ip.txt
echo 10.0.0.10 >> keep-ip.txt

tcpdrop -la | grep -Ev "(::1|127.0.0.1)" | grep -vwf keep-ip.txt | sh

Intel NIC connection problem

PCIe ASPM is an hardware power management protocol for PCI express devices. It allows a far better power management than what can be done with software power management at the price of an increased latency to the device. However some hardware don’t advertise it properly. And this was in fact the origin of the power regression case of 2.6.38 which was later fixed in 3.3.

It may also cause some Intel NIC (such as e1000e) to fall asleep unintentionally. So if you have an Intel NIC on Linux and it even fails to acquire an IPv4 address then you might try to add this option to your kernel command line : pcie_aspm=off. On Debian you can add this option to GRUB_CMDLINE_LINUX_DEFAULT in /etc/default/grub and issue an update-grub.

You may also want to change the link-state of one specific device to L0/L1 at runtime. For this I’ll point you there : http://wireless.kernel.org/en/users/Documentation/ASPM.