Subject: Re: Resetting ip, icmp etc statistics
To: Liam J. Foy <>
From: Bill Studenmund <>
List: tech-net
Date: 04/05/2006 14:10:30
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Apr 05, 2006 at 03:21:23PM +0100, Liam J. Foy wrote:
> On 16:54, Mon 03 Apr 06, Bill Studenmund wrote:
> > On Mon, Apr 03, 2006 at 06:50:27PM +0100, Liam J. Foy wrote:
> > Because I think it's simpler and cleaner. Note: I'm assuming that both =
> > running and checkpointed counters are in the kernel. I think it's simpl=
> > as we only export "running" and "since-checkpoint" counters, and the on=
> > operation permitted by userland is to set the checkpoints to the curren=
> > values.
> I'm feeling pretty confused. You're right, both counters in the
> implementation I have here are in the kernel. The current implementation
> I have here copy for example, 'ipstats' into 'cp_ipstats' when a
> checkpoint is requested through 'netstat -Zp ip' for example.=20

My confusion is that it isn't clear what is doing the copying, the kernel=
or netstat. If it's the kernel, I'm content (I still think this is the=20
wrong way to go, but it's not hideously wrong). If netstat is copying,=20
then I think we have a security issue.

> Why concerned? I'm assuming by load you're meaning load the kernel
> stats, for example 'cp_ipstats' into netstat for printing. However, the
> current implementation I have here does nothing different to how the
> 'ipstats' is loaded in netstat. 'netstat -szp ip' I have here just reads
> 'cp_ipstats' instead of 'ipstats'.
> I think we're confusing each other! :-)

Could be. :-)

Take care,


Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.3 (NetBSD)