Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > On Mon, Nov 19, 2012 at 10:39:55PM +0100, Florian Westphal wrote: > > --- a/src/conntrack/api.c > > +++ b/src/conntrack/api.c > > @@ -147,7 +147,7 @@ struct nf_conntrack *nfct_clone(const struct nf_conntrack *ct) > > > > if ((clone = nfct_new()) == NULL) > > return NULL; > > - memcpy(clone, ct, sizeof(*ct)); > > + nfct_copy(clone, ct, NFCT_CP_ALL); > > That seems safe to me. > > Still I think NFCT_CP_OVERRIDE is faster. I added that flag way after > to improve a bit the copying time. I missed that, thanks. Suggestion: I'll re-send with the above changed to nfct_copy(clone, ct, NFCT_CP_OVERRIDE) plus adding copy_attr_help_info(ct1, ct2) to __copy_fast. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
