Date: Tue, 1 Apr 2014 13:52:10 +1100 (EST) From: Bruce Evans <brde@optusnet.com.au> To: Alan Somers <asomers@freebsd.org> Cc: attilio@freebsd.org, FreeBSD Net <freebsd-net@freebsd.org> Subject: Re: netstat -i[d] violates PoLS Message-ID: <20140401114356.H878@besplex.bde.org> In-Reply-To: <CAOtMX2iNkohdeQLp_cR2iNTpQ1qva3cp%2BpfpWDHwJ_KHKUTiAg@mail.gmail.com> References: <CAOtMX2iNkohdeQLp_cR2iNTpQ1qva3cp%2BpfpWDHwJ_KHKUTiAg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 31 Mar 2014, Alan Somers wrote:
> "netstat -i" prints dropped output packets iff you also use "-d".
> Starting with r199803 on 2009-11-25, "netstat -i" prints dropped input
> packets regardless of the "-d" flags. That is a PoLS violation, IMHO.
> I think that the "-d" flag should control printing of dropped input
> packets as well as dropped output packets.
>
> OTOH, this behavior has been around for more than 4 years, and some
> scripts may rely on it. At the very least, the man page should be
> updated to reflect r199803.
This also destroyed the output formatting. Please fix other destructions
of the output formatting in netstat too.
FreeBSD-11 netstat -i:
%%%
Name Mtu Network Address Ipkts Ierrs Idrop Opkts Oerrs
Coll
igb0 1500 <Link#1> 68:b5:99:b5:2a:02 4189424443 2 0 2499213512
0 0
igb0 - 8.8.178.128/2 freefall 271628427 - - 248798734
- -
igb0 - fe80::6ab5:99 fe80::6ab5:99ff:f 182226 - - 182602 -
-
...
%%%
The Idrop column uses space that is not available.
Despite using too many columns, the fields are not wide enough to line up.
E.g., only 8 columns are available for Ipkts, but 10 are used. The
Network and Address fields are also not wide enough. They don't use more
columns than are available, but are blindly truncated.
FreeBSD-5 netstat -i:
%%%
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
bge0 1500 <Link#1> 00:04:76:f3:ac:ad 0 0 5 0 0
...
rl0 1500 122.106.144/2 c122-106-147-133. 674 - 529 - -
%%%
This gives an example of address truncation even in FreeBSD-5.
FreeBSD-11 netstat -id (header only):
Name Mtu Network Address Ipkts Ierrs Idrop Opkts Oerrs
Coll Drop
At least 4 more bugs are visible in this alone:
1. "Drop" is not spelled with an "s". Neither is "Coll". This is to save
space. The unbroken format is 79 columns wide. Not a single column is
available to consistantly pluralize these, so none were used. This is
special to the non-I case. Plurals are used for -I. See below. Using
more columns than are available to print Idrops turned this careful
formatting into garbage.
2. "Idrop" is not spelled with an "s". This is inconsistent too, but there
is more reason for it -- all the short fields have width 5, and keeping
them all the same width makes the output easier to read. This leaves no
space for pluralization.
3. "Drop" is not spelled with an "O". This together with consistently
omitting "s" for IDrop and Drop leaves 1 fewer column under the header
available for the numeric value for Drop than for Idrop, so the short
fields can't actually all have width 5.
3a. The header only allows 4 columns for "Coll", by 5 are used. This
doesn't completely break the formatting since it overlaps the 2-column
gap between "Oerrs" and "Coll" in the header. This gap is really too
small. It makes it look like "Coll" is associated with output. There
is space for pluralization of "Coll" be shrinking the gap further.
3b. The header only allows 4 columns for "Drop". Actually, only 3 were
used (preceded by a space). Now, none are used -- "Drop" is not printed
at all, and there is an XXXGL comment reminding that they should be
printed. Printing the column header without even printing 0's or '-'s
under it is negatively useful. Extraction of fields using cut -c doesn't
work due to the inconsistent formatting. "Drop" is normally the last
field, so omitting its numeric value is not such a large problem.
3c. The above output shows strange printing of numeric values of 0 --
sometimes "0" is printed and sometimes "-" is printed. "-" is harder
to post-process.
4. "Drop" is added at the end. If it were actually useful, then it would
belong with the output fields, unlike "Coll". Note that what used to
be under "Drop" is actually for input, and this was moved to be
together with the other input fields. So if there were space for
it, then it would not be a bug to print it unconditionally there.
If this is fixed by printing it conditionally at the end again,
then it needs an "I" in its name, and so would output "Drops" if
these were actually counted.
FreeBSD-5 netstat -id (header only):
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll Drop
There was no space available for "Drop" here too. Perhaps it was
intentionally left out.
FreeBSD-11 netstat -r:
%%%
Destination Gateway Flags Netif Expire
default router.v108.ysv.fr UGS igb0
8.8.178.128/26 link#1 U igb0
...
Internet6:
Destination Gateway Flags Netif Expire
...
fe80::6ab5:99ff:fe link#1 UHS lo0
%%%
OK, except names are unnecessarily truncated because the fixed format is
unnecessarily narrow.
FreeBSD-11 netstat -rn:
%%%
Internet:
Destination Gateway Flags Netif Expire
default 8.8.178.129 UGS igb0
...
Internet6:
Destination Gateway Flags Netif
Expire
...
2001:1900:2254:206c::/64 link#1 U igb0
...
ff01::/32 fe80::6ab5:99ff:feb5:2a02 U igb0
%%%
Broken. The fixed format is unnecessarily wide for all (?) cases and causes
wrap for the "Expire" field. Most "Expire" values are 0, so they don't
cause line wrap on every line.
FreeBSD-11 netstat -I igb0 1:
%%%
input igb0 output
packets errs idrops bytes packets errs bytes colls
8 0 0 1926 8 0 2345 0
9 0 0 1915 7 0 1921 0
%%%
FreeBSD-5 netstat -I bge0 1:
%%%
input (bge0) output
packets errs bytes packets errs bytes colls
0 0 0 0 0 0 0
0 0 0 0 0 0 0
%%%
Note that everything is pluralized here. Capitalization is inconsistent
with that for netstat -i, and worse. The source code has to use separate
strings for the field names so as to handle different pluralization and
other differences like expanding Ipkts to "input" on 1 line and "packets"
on another line.
This shows the following regressions:
- lost parentheses around the interface name
- the interface name and "output" were not moved to the right to adjust for
the extra input field
- "i" in "idrops" is more inconsistent than for netstat -i, since now it
is the only i/o field name with an "i" or an "o"
- the extra "i" is not compensated for in the numeric formatting. The
numeric values are supposed to be right justified below with their
description in the header, but are now off by 1 starting with "idrops".
It was very unclear which fields the "input" and "output" headers are over.
Now it is even less clear. The interface name used to be centered in the
gap between the input and output fields. Now it is over the last input
field. This could be improved by not using a separate header for
"input" and "output". The abbreviation "I" used for netstat -i is much
more readable.
Adding -i to netstat -I... doesn't change anything. Adding -d extends the
mess only slightly. There is still plenty of space for all the fields.
Numeric values for the "drops" field are not available and not printed,
as above.
Related documentation bugs:
- the new Idrops and idrops and the old Drop and Drops are not documented
(neither are other field names or field formatting)
- -d is still described as being for "dropped packets". It actually gives
only the available info for dropped output packets, and that info is null.
It used to give the available info for dropped input packets, and that
info is not null.
Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140401114356.H878>