[Logcheck-commits] r1340 - in logcheck/trunk: debian
rulefiles/linux/ignore.d.server
madduck at users.alioth.debian.org
madduck at users.alioth.debian.org
Tue Nov 14 01:42:04 CET 2006
Author: madduck
Date: 2006-11-14 01:42:04 +0100 (Tue, 14 Nov 2006)
New Revision: 1340
Modified:
logcheck/trunk/debian/changelog
logcheck/trunk/rulefiles/linux/ignore.d.server/kernel
Log:
* ignore.d.server/kernel: ignore iptables bandwidth messages generated by
webmin bandwidth module/shorewall (closes: #397580).
* ignore.d.server/kernel: remove filter for iptables log messages for UDP
packets, which aren't generated by default.
Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog 2006-11-14 00:31:09 UTC (rev 1339)
+++ logcheck/trunk/debian/changelog 2006-11-14 00:42:04 UTC (rev 1340)
@@ -63,8 +63,12 @@
of IPs; thanks to Jan Evert van Grootheest (closes: #396407).
* ignore.d.server/courier: cleanup to match some more messages reported by
Enrique Garcia (closes: #395265).
+ * ignore.d.server/kernel: ignore iptables bandwidth messages generated by
+ webmin bandwidth module/shorewall (closes: #397580).
+ * ignore.d.server/kernel: remove filter for iptables log messages for UDP
+ packets, which aren't generated by default.
- -- martin f. krafft <madduck at debian.org> Tue, 14 Nov 2006 01:30:27 +0100
+ -- martin f. krafft <madduck at debian.org> Tue, 14 Nov 2006 01:41:35 +0100
logcheck (1.2.50) unstable; urgency=low
Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/kernel
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/kernel 2006-11-14 00:31:09 UTC (rev 1339)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/kernel 2006-11-14 00:42:04 UTC (rev 1340)
@@ -1,6 +1,5 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: lp[0-9]+ out of paper$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: lp[0-9]+: ECP mode$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: .*IN=([[:alpha:]]+[0-9]+)? OUT=([[:alpha:]]+[0-9]+)? MAC=[[:alnum:]:]+ SRC=[.0-9]{7,15} DST=[.0-9]{7,15} LEN=[0-9]+ TOS=0x[0-9]+ PREC=0x[0-9]+ TTL=[0-9]+ ID=[0-9]+ (DF )?PROTO=UDP SPT=[0-9]+ DPT=[0-9]+ LEN=[0-9]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel: ll header: [:[:xdigit:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel: martian source 255\.255\.255\.255 from [.[:digit:]]{7,15} on dev [[:alnum:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel: icmpv6_send: no reply to icmp error$
@@ -44,3 +43,6 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: Copyright \(C\) 20[[:digit:]]+( ?- ?[[:digit:]]+)? MontaVista Software - IPMI Powerdown via sys_reboot\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: IPMI System Interface driver\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: IPMI Watchdog: driver initialized$
+# this is stuff related to the webmin bandwidth module, also in use by shorewall it seems
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: BANDWIDTH_OUT:IN= OUT=[[:alnum:]]+ SRC=[.0-9]{7,15} DST=[.0-9]{7,15} LEN=[0-9]+ TOS=0x[[:xdigit:]]+ PREC=0x[[:xdigit:]]+ TTL=[0-9]+ ID=[0-9]+ (DF )?PROTO=TCP SPT=[0-9]+ DPT=[0-9]+ WINDOW=[0-9]+ RES=0x[[:xdigit:]]+ ACK PSH URGP=[0-9]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: BANDWIDTH_IN:IN=[[:alnum:]]+ OUT= MAC=[:[:xdigit:]]+ SRC=[.0-9]{7,15} DST=[.0-9]{7,15} LEN=[0-9]+ TOS=0x[[:xdigit:]]+ PREC=0x[[:xdigit:]]+ TTL=[0-9]+ ID=[0-9]+ (DF )?PROTO=TCP SPT=[0-9]+ DPT=[0-9]+ WINDOW=[0-9]+ RES=0x[[:xdigit:]]+ ACK (PSH )?URGP=[0-9]+$
More information about the Logcheck-commits
mailing list