[Logcheck-commits] CVS logcheck/rulefiles/linux/ignore.d.server

Mon, 02 May 2005 07:20:44 +0000

Update of /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server
In directory haydn:/tmp/cvs-serv12147/rulefiles/linux/ignore.d.server

Modified Files:
	kernel 
Log Message:

well '.*' is not my preferred regex,
but --log-prefix from iptables can be any string.
replace custom log prefix with it.

--- /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server/kernel	2005/04/21 21:08:21	1.2
+++ /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server/kernel	2005/05/02 07:20:44	1.3
@@ -1,5 +1,5 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: lp[0-9]+ out of paper$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: REJECT INPUT IN=[[:alpha:]]+[0-9]+ OUT= MAC=[[:alnum:]:]+ SRC=[.0-9]{7,15} DST=[.0-9]{7,15} LEN=[0-9]+ TOS=0x[0-9]+ PREC=0x[0-9]+ TTL=[0-9]+ ID=[0-9]+ (DF )?PROTO=UDP SPT=[0-9]+ DPT=[0-9]+ LEN=[0-9]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: UDP6 REJECT: IN=[[:alpha:]]+[0-9]+ OUT= MAC=[[:alnum:]:]+ SRC=[[:alnum:]:]+ DST=[[:alnum:]:]+ LEN=[0-9]+ TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=UDP SPT=5353 DPT=5353 LEN=[0-9]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: UDP6 REJECT: IN=[[:alpha:]]+[0-9]+ OUT= MAC=[[:alnum:]:]+ SRC=[[:alnum:]:]+ DST=[[:alnum:]:]+ LEN=[0-9]+ TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=UDP SPT=49342 DPT=5353 LEN=[0-9]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: .*IN=[[:alpha:]]+[0-9]+ OUT= MAC=[[:alnum:]:]+ SRC=[.0-9]{7,15} DST=[.0-9]{7,15} LEN=[0-9]+ TOS=0x[0-9]+ PREC=0x[0-9]+ TTL=[0-9]+ ID=[0-9]+ (DF )?PROTO=UDP SPT=[0-9]+ DPT=[0-9]+ LEN=[0-9]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: .*IN=[[:alpha:]]+[0-9]+ OUT= MAC=[[:alnum:]:]+ SRC=[[:alnum:]:]+ DST=[[:alnum:]:]+ LEN=[0-9]+ TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=UDP SPT=5353 DPT=5353 LEN=[0-9]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: .*IN=[[:alpha:]]+[0-9]+ OUT= MAC=[[:alnum:]:]+ SRC=[[:alnum:]:]+ DST=[[:alnum:]:]+ LEN=[0-9]+ TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=UDP SPT=49342 DPT=5353 LEN=[0-9]+$
 


