From eugen@eg.sd.rdtc.ru  Thu Jun 14 11:08:34 2012
Return-Path: <eugen@eg.sd.rdtc.ru>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 9109A1065675;
	Thu, 14 Jun 2012 11:08:34 +0000 (UTC)
	(envelope-from eugen@eg.sd.rdtc.ru)
Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [62.231.161.221])
	by mx1.freebsd.org (Postfix) with ESMTP id ED95F8FC0C;
	Thu, 14 Jun 2012 11:08:33 +0000 (UTC)
Received: from eg.sd.rdtc.ru (localhost [127.0.0.1])
	by eg.sd.rdtc.ru (8.14.5/8.14.5) with ESMTP id q5EAsX3g008671;
	Thu, 14 Jun 2012 17:54:33 +0700 (NOVT)
	(envelope-from eugen@eg.sd.rdtc.ru)
Received: (from eugen@localhost)
	by eg.sd.rdtc.ru (8.14.5/8.14.5/Submit) id q5EAsX73008670;
	Thu, 14 Jun 2012 17:54:33 +0700 (NOVT)
	(envelope-from eugen)
Message-Id: <201206141054.q5EAsX73008670@eg.sd.rdtc.ru>
Date: Thu, 14 Jun 2012 17:54:33 +0700 (NOVT)
From: Eugene Grosbein <eugen@grosbein.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc: bz@freebsd.org
Subject: [ipsec] [regression] "netstat -p ipsec -s" is broken
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         169065
>Category:       kern
>Synopsis:       [ipsec] [regression] "netstat -p ipsec -s" is broken
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jun 14 11:10:02 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Eugene Grosbein
>Release:        FreeBSD 8.3-STABLE i386
>Organization:
RDTC JSC
>Environment:
System: FreeBSD eg.sd.rdtc.ru 8.3-STABLE FreeBSD 8.3-STABLE #51: Wed Jun 13 12:30:15 NOVT 2012 root@eg.sd.rdtc.ru:/usr/local/obj/usr/local/src/sys/EG i386

>Description:
	
"netstat -p ipsec -s" command used to produce lots of useful data
in KAME IPSEC implementation (upto RELENG_6).

Since RELENG_7, this command shows incorrect data -
it shows zeroes for most counters. This makes it difficult to diagnose
other IPSEC-related problems.

>How-To-Repeat:

Make use of IPSEC, make some traffic pass in encrypted form,
look at "netstat -p ipsec -s" output.

Same for 7.x/i386, 8.x/i386, and 8.x/amd64.

>Fix:

Unknown.

>Release-Note:
>Audit-Trail:
>Unformatted:
