csf -t shows duplicate entries but ports are already aggregated
Posted: 28 Mar 2024, 19:13
I have CSF setup to only block IP access to service ports for which a block occurs.
When running csf -t, I see an entry for each service port that has been blocked, however, the port column shows an aggregate of the ports being blocked.
For instance:
If the output is going to aggregate the ports being blocked under the port column, could the entries displayed be reduced?
If there is concern that the port count may be too much for a single column, then, perhaps a single port per entry is suitable?
Thank you very much.
When running csf -t, I see an entry for each service port that has been blocked, however, the port column shows an aggregate of the ports being blocked.
For instance:
Code: Select all
[~] csf -g xxx.68.22.155
Table Chain num pkts bytes target prot opt in out source destination
filter DENYIN 2 0 0 DROP tcp -- ens192 * xxx.68.22.155 0.0.0.0/0 tcp dpt:80
filter DENYIN 3 0 0 DROP tcp -- ens192 * xxx.68.22.155 0.0.0.0/0 tcp dpt:443
Code: Select all
[~] csf -t
A/D IP address Port Dir Time To Live Comment
DENY xxx.68.22.155 80,443 in 35m 25s lfd - REDACTED xxx.68.22.155 (REDACTED/-): 10 in the last 3600 secs
DENY xxx.68.22.155 80,443 in 35m 25s lfd - REDACTED xxx.68.22.155 (REDACTED/-): 10 in the last 3600 secs
If there is concern that the port count may be too much for a single column, then, perhaps a single port per entry is suitable?
Thank you very much.