[Logcheck-commits] r1409 - in logcheck/trunk: debian rulefiles/linux/ignore.d.server

madduck at users.alioth.debian.org madduck at users.alioth.debian.org
Thu Dec 28 12:15:59 CET 2006 

Author: madduck
Date: 2006-12-28 12:15:59 +0100 (Thu, 28 Dec 2006)
New Revision: 1409

Modified:
   logcheck/trunk/debian/changelog
   logcheck/trunk/rulefiles/linux/ignore.d.server/ssh
Log:
* ignore.d.server/ssh: allow dashes in hostnames of refused connect
  messages; thanks to Russ Allbery (closes: #400813).

Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog	2006-12-28 11:14:33 UTC (rev 1408)
+++ logcheck/trunk/debian/changelog	2006-12-28 11:15:59 UTC (rev 1409)
@@ -32,6 +32,8 @@
   * ignore.d.server/ssh: ignore messages about missing auth information.
   * ignore.d.server/ssh: support filtering gssapi-keyex messages; thanks to
     Russ Allbery (closes: #400426).
+  * ignore.d.server/ssh: allow dashes in hostnames of refused connect
+    messages; thanks to Russ Allbery (closes: #400813).
   * violations.ignore.d/logcheck-ssh: ignore ssh hosts.allow warnings
     (closes: #400714).
 
@@ -54,7 +56,7 @@
     (closes: #402204).
   * Do not source debconf confmodule in preinst as it's not needed.
 
- -- martin f. krafft <madduck at debian.org>  Thu, 28 Dec 2006 12:13:48 +0100
+ -- martin f. krafft <madduck at debian.org>  Thu, 28 Dec 2006 12:15:14 +0100
 
 logcheck (1.2.51) unstable; urgency=medium
 

Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/ssh
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/ssh	2006-12-28 11:14:33 UTC (rev 1408)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/ssh	2006-12-28 11:15:59 UTC (rev 1409)
@@ -7,7 +7,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Received disconnect from [:[:xdigit:].]+: [0-9]+: Disconnect requested by Windows SSH Client\.$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+: [12]: Timeout, server not responding\.$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: syslogin_perform_logout: logout\(\) returned an error$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: refused connect from [:[:alnum:].]+ \([:[:alnum:].]+\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: refused connect from [:[:alnum:]._-]+ \([:[:alnum:].]+\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: Timeout before authentication for [:[:alnum:].]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: nss_ldap: reconnect(ing|ed) to LDAP server(\.\.\.| after [0-9]+ attempt\(s\))$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Did not receive identification string from ([:[:xdigit:].]+|UNKNOWN)+$

More information about the Logcheck-commits mailing list