Index: /branches/rel_apv_10_7/usr/src/sys/click/app/ssl/ssl_alert.c
===================================================================
--- /branches/rel_apv_10_7/usr/src/sys/click/app/ssl/ssl_alert.c	(revision 38543)
+++ /branches/rel_apv_10_7/usr/src/sys/click/app/ssl/ssl_alert.c	(working copy)
@@ -16,6 +16,7 @@
 ssl_handle_alert(ssl_data_t *sslp, ssl_record_t *rp)
 {
 	ssl_alert_t *ap;
+	struct ssl_vhost *vhost = NULL;
 
 	clicktcp_enter_func(sslp, sslp->flags);
 	char real_name[SEGMENTMAXSSLHOSTNAMELEN]={0};
@@ -81,6 +82,11 @@
 	/* level is 1 or 2 */
 	sslstats.ssls_alerts_received[ap->level-1][ap->desc]++;
 
+	vhost = get_vhost_by_name(sslp->vhost->name);
+	if(vhost != NULL) {
+		vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_received[ap->level-1][ap->desc]++;
+	}
+
 	/* bug 15120, lingx, 20070109 */
 	/* 
 	 * SSL v3 will send an alert which desc == 41 if there isn't
@@ -305,6 +311,7 @@
 	struct mbuf *mp;
 	ssl_record_t *rp;
 	char real_name[SEGMENTMAXSSLHOSTNAMELEN]={0};
+	struct ssl_vhost *vhost = NULL;
 
 	if (sslp->vhost != NULL) {
 		get_user_config_name(sslp->vhost->name, real_name);
@@ -387,6 +394,11 @@
 	/* level is 1 or 2 */
 	sslstats.ssls_alerts_sent[level-1][desc]++;
 
+	vhost = get_vhost_by_name(sslp->vhost->name);
+	if(vhost != NULL) {
+		vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_sent[level-1][desc]++;
+	}
+
 	/* If send a fatal alert, need free all havn't sent records of record_out */
 	if (level == SSL3_AL_FATAL) {
 		ssl_destroy_record_queue(&sslp->record_out);
Index: /branches/rel_apv_10_7/usr/src/sys/click/app/ssl/ssl_est.c
===================================================================
--- /branches/rel_apv_10_7/usr/src/sys/click/app/ssl/ssl_est.c	(revision 38543)
+++ /branches/rel_apv_10_7/usr/src/sys/click/app/ssl/ssl_est.c	(working copy)
@@ -965,6 +965,7 @@
 	struct mbuf *mp;
 	ssl_record_t *rp;
 	ssl_alert_t *sslalert;
+	struct ssl_vhost *vhost = NULL; 
 
 	clicktcp_enter_func(sslp, sslp->flags);
 	/* read from TCP but not take out from the queue yet */
@@ -977,6 +978,11 @@
 		if (sslalert->level == SSL3_AL_WARNING &&
 		    sslalert->desc == SSL3_AD_CLOSE_NOTIFY) {
 			sslstats.ssls_alerts_received[0][0]++;
+			
+			vhost = get_vhost_by_name(sslp->vhost->name);
+			if(vhost != NULL) {
+				vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_received[0][0]++;
+			}
 		    	if (sslp->flags & SSL_FLAG_PASSIVE_CLOSE) {
 				SSL_SM_ERROR(sslp, RST_ID_FROM_SSL_82);    /* no passive close */
 			}
Index: /branches/rel_apv_10_7/usr/src/sys/click/app/ssl/ssl_ui.c
===================================================================
--- /branches/rel_apv_10_7/usr/src/sys/click/app/ssl/ssl_ui.c	(revision 38543)
+++ /branches/rel_apv_10_7/usr/src/sys/click/app/ssl/ssl_ui.c	(working copy)
@@ -9586,6 +9586,44 @@
 	app_printf(pcb, "\tResumable SSL sessions : %lu\n", vhost_stats->resumable_ssl_connections);
 	app_printf(pcb, "\tSession Misses         : %lu\n", vhost_stats->session_misses);
 	app_printf(pcb, "\n");
+
+	if (segment_host) {
+		app_printf(pcb, "SSL Individual Statistics for \"%s\"\n", vhost_name_real);
+	} else {
+		app_printf(pcb, "SSL Individual Statistics for \"%s\"\n", host_name(vhost->name));
+	}
+	
+	app_printf(pcb, "\tConnection Attempts      : %lu\n", vhost_stats->requested_ssl_connections);
+	app_printf(pcb, "\tSuccessful Handshakes    : %lu\n", vhost_stats->accepted_ssl_connections);
+	app_printf(pcb, "\tActive Connections       : %lu\n", vhost_stats->resumed_ssl_connections);
+	{
+		int sent, received, warning, fatal, tot;
+		sent = received = warning = fatal = 0;
+		for (i = 0; i < SSL_MAX_ALERT_DESC; i++) {
+			if (vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_sent[0][i] ||
+				vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_received[0][i] ||
+				vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_sent[1][i] ||
+				vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_received[1][i]) {
+					sent 		+= 	vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_sent[0][i] +
+									vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_sent[1][i];
+					received 	+= 	vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_received[0][i] +
+									vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_received[1][i];
+					warning 	+= 	vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_sent[0][i] +
+									vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_received[0][i];
+					fatal 		+= 	vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_sent[1][i] +
+									vhost->vhost_atcp[0].vhost_stats_smp.ssl_vhost_alerts_received[1][i];
+				}
+		}
+		/* print out total and number of alerts of each type */
+		tot = sent + received;
+		app_printf(pcb, "\tAlerts Total             : %d\n", tot);
+		app_printf(pcb, "\tAlerts Sent              : %d\n", sent);
+		app_printf(pcb, "\tAlerts Received          : %d\n", received);
+		app_printf(pcb, "\tWarning Alerts           : %d\n", warning);
+		app_printf(pcb, "\tFatal Alerts             : %d\n", fatal);
+		app_printf(pcb, "\n");
+	}
+
 	free(vhost_stats, M_TEMP);
 
 	if (vhost->flags & SSL_VHOST_INTERCEPTION) {
@@ -9689,6 +9727,21 @@
 	app_printf(pcb, "\tHost inbound           : %d\n", 0);
 	app_printf(pcb, "\tHost outbound          : %d\n", 0);
 	app_printf(pcb, "\n");
+
+	if (segment_host) {
+		app_printf(pcb, "SSL Individual Statistics for \"%s\"\n", vhost_name_real);
+	} else {
+		app_printf(pcb, "SSL Individual Statistics for \"%s\"\n", name);
+	}
+	app_printf(pcb, "\tConnection Attempts    : %d\n", 0);
+	app_printf(pcb, "\tSuccessful Handshakes  : %d\n", 0);
+	app_printf(pcb, "\tActive Connections     : %d\n", 0);
+	app_printf(pcb, "\tAlerts Total           : %d\n", 0);
+	app_printf(pcb, "\tAlerts Sent            : %d\n", 0);
+	app_printf(pcb, "\tAlerts Received        : %d\n", 0);
+	app_printf(pcb, "\tWarning Alerts         : %d\n", 0);
+	app_printf(pcb, "\tFatal Alerts           : %d\n", 0);
+	app_printf(pcb, "\n");
 }
 
 /*
Index: /branches/rel_apv_10_7/usr/src/sys/click/app/ssl/ssl_usrreq.h
===================================================================
--- /branches/rel_apv_10_7/usr/src/sys/click/app/ssl/ssl_usrreq.h	(revision 38543)
+++ /branches/rel_apv_10_7/usr/src/sys/click/app/ssl/ssl_usrreq.h	(working copy)
@@ -1715,6 +1715,8 @@
 
 /* per vhost statistics */
 struct ssl_vhost_stats {
+	uint32_t	ssl_vhost_alerts_sent[2][SSL_MAX_ALERT_DESC];		/* alerts sent */
+	uint32_t	ssl_vhost_alerts_received[2][SSL_MAX_ALERT_DESC];	/* alerts received */
 	uint64_t	open_ssl_connections;
 	uint64_t	ssli_cached_rsa_cert;
 	uint64_t	ssli_cached_ecc_cert;/*This must not be cleared by CLI*/