From owner-freebsd-net@FreeBSD.ORG  Mon Mar 31 20:03:37 2014
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 161F45BE;
 Mon, 31 Mar 2014 20:03:37 +0000 (UTC)
Received: from mail-we0-x22c.google.com (mail-we0-x22c.google.com
 [IPv6:2a00:1450:400c:c03::22c])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 82056E58;
 Mon, 31 Mar 2014 20:03:36 +0000 (UTC)
Received: by mail-we0-f172.google.com with SMTP id t61so5365897wes.31
 for <multiple recipients>; Mon, 31 Mar 2014 13:03:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:sender:date:message-id:subject:from:to:content-type;
 bh=cYQ0GiXbp7Gc/EOv/4W9drX62iuI0fOuFzNFtbNmLn4=;
 b=lg2Rswb1zROIgWl6G1rlftTsSHXVTJxY9Cm1IHNsNwgEcuUQ2s5RwwDXMi1f7CwLcL
 UDmupDQtAU5Ti2mWshB+tK77H4z5ykjExq7e9vLHXJyTmpJPZjOUDmo8SG/IXRNocMfj
 942gxhbS0368zmX83wdBl1jEJf+I4qsfTOSkipwDVYyz8QLEALp4/sZWgV4ZB38H0ioQ
 tWKAfVxhOwYVE0/KYUFXYHAYwZJchj9pJNPhAp37hc2H5PdE6cfkm/p5pqGJG+51gOKO
 6gysSkCNLhPI2cF7AOO4djg3P1cuh1PFRxzG/oKbS2WypE8lvqWCm7HLrbQIidpy9YL2
 HbCA==
MIME-Version: 1.0
X-Received: by 10.194.190.42 with SMTP id gn10mr17327003wjc.9.1396296213631;
 Mon, 31 Mar 2014 13:03:33 -0700 (PDT)
Sender: asomers@gmail.com
Received: by 10.194.168.130 with HTTP; Mon, 31 Mar 2014 13:03:33 -0700 (PDT)
Date: Mon, 31 Mar 2014 14:03:33 -0600
X-Google-Sender-Auth: LzBoT9LjFSy0zlaVDvbfbnJrjxQ
Message-ID: <CAOtMX2iNkohdeQLp_cR2iNTpQ1qva3cp+pfpWDHwJ_KHKUTiAg@mail.gmail.com>
Subject: netstat -i[d] violates PoLS
From: Alan Somers <asomers@freebsd.org>
To: FreeBSD Net <freebsd-net@freebsd.org>, attilio@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Mar 2014 20:03:37 -0000

"netstat -i" prints dropped output packets iff you also use "-d".
Starting with r199803 on 2009-11-25, "netstat -i" prints dropped input
packets regardless of the "-d" flags.  That is a PoLS violation, IMHO.
 I think that the "-d" flag should control printing of dropped input
packets as well as dropped output packets.

OTOH, this behavior has been around for more than 4 years, and some
scripts may rely on it.  At the very least, the man page should be
updated to reflect r199803.

What do you think?  Does the likelihood of hardcoded scripts preclude
fixing this bug?

-Alan