1 --- a/net/netfilter/nf_conntrack_standalone.c
2 +++ b/net/netfilter/nf_conntrack_standalone.c
3 @@ -268,10 +268,34 @@ static int ct_open(struct inode *inode,
4 sizeof(struct ct_iter_state));
7 +static int kill_all(struct nf_conn *i, void *data)
12 +static ssize_t ct_file_write(struct file *file, const char __user *buf,
13 + size_t count, loff_t *ppos)
15 + struct seq_file *seq = file->private_data;
16 + struct net *net = seq_file_net(seq);
21 + if (get_user(c, buf))
25 + nf_ct_iterate_cleanup(net, kill_all, NULL);
30 static const struct file_operations ct_file_ops = {
34 + .write = ct_file_write,
36 .release = seq_release_net,
38 @@ -373,7 +397,7 @@ static int nf_conntrack_standalone_init_
40 struct proc_dir_entry *pde;
42 - pde = proc_create("nf_conntrack", 0440, net->proc_net, &ct_file_ops);
43 + pde = proc_create("nf_conntrack", 0660, net->proc_net, &ct_file_ops);
45 goto out_nf_conntrack;