remove write permission of nf_conntrack/acct This option only works when initialization. Signed-off-by: Changli Gao <xiaosuo@xxxxxxxxx> ---- net/netfilter/nf_conntrack_acct.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/net/netfilter/nf_conntrack_acct.c.orig 2009-11-06 17:27:31.000000000 +0800 +++ b/net/netfilter/nf_conntrack_acct.c 2009-11-06 17:27:47.000000000 +0800 @@ -20,7 +20,7 @@ static int nf_ct_acct __read_mostly = NF_CT_ACCT_DEFAULT; -module_param_named(acct, nf_ct_acct, bool, 0644); +module_param_named(acct, nf_ct_acct, bool, 0444); MODULE_PARM_DESC(acct, "Enable connection tracking flow accounting."); #ifdef CONFIG_SYSCTL -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
