169065 – [ipsec] [regression] "netstat -p ipsec -s" is broken

Bug 169065 - [ipsec] [regression] "netstat -p ipsec -s" is broken

Summary: [ipsec] [regression] "netstat -p ipsec -s" is broken

Status:	Closed FIXED

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	kern (show other bugs)
Version:	8.3-STABLE
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Eugene Grosbein

URL:
Keywords:

Depends on:
Blocks:

Reported:	2012-06-14 12:10 UTC by Eugene Grosbein
Modified:	2017-10-06 14:00 UTC (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Eugene Grosbein 2012-06-14 12:10:02 UTC

	
"netstat -p ipsec -s" command used to produce lots of useful data
in KAME IPSEC implementation (upto RELENG_6).

Since RELENG_7, this command shows incorrect data -
it shows zeroes for most counters. This makes it difficult to diagnose
other IPSEC-related problems.

Fix: 

Unknown.
How-To-Repeat: 
Make use of IPSEC, make some traffic pass in encrypted form,
look at "netstat -p ipsec -s" output.

Same for 7.x/i386, 8.x/i386, and 8.x/amd64.

Comment 1 Eugene Grosbein freebsd_committer

2017-09-19 17:58:04 UTC

My PR.

Comment 2 Eugene Grosbein freebsd_committer

2017-10-06 14:00:52 UTC

Believed to be fixed with recent IPSEC overhaul and merge to stable/11.