csf -t shows duplicate entries but ports are already aggregated

[scrupul0us]

I have CSF setup to only block IP access to service ports for which a block occurs.

When running csf -t, I see an entry for each service port that has been blocked, however, the port column shows an aggregate of the ports being blocked.

For instance:

Code: Select all

[~] csf -g xxx.68.22.155

Table  Chain            num   pkts bytes target     prot opt in     out     source               destination

filter DENYIN           2        0     0 DROP       tcp  --  ens192 *       xxx.68.22.155         0.0.0.0/0            tcp dpt:80
filter DENYIN           3        0     0 DROP       tcp  --  ens192 *       xxx.68.22.155         0.0.0.0/0            tcp dpt:443

Code: Select all

[~] csf -t
A/D   IP address                               Port   Dir   Time To Live     Comment
DENY  xxx.68.22.155                            80,443  in    35m 25s          lfd - REDACTED xxx.68.22.155 (REDACTED/-): 10 in the last 3600 secs
DENY  xxx.68.22.155                            80,443  in    35m 25s          lfd - REDACTED xxx.68.22.155 (REDACTED/-): 10 in the last 3600 secs

If the output is going to aggregate the ports being blocked under the port column, could the entries displayed be reduced?

If there is concern that the port count may be too much for a single column, then, perhaps a single port per entry is suitable?

Thank you very much.