[Logcheck-commits] r1224 - in logcheck/trunk: debian
rulefiles/linux/ignore.d.server
madduck at users.alioth.debian.org
madduck at users.alioth.debian.org
Fri Oct 6 15:01:48 UTC 2006
Author: madduck
Date: 2006-10-06 15:01:48 +0000 (Fri, 06 Oct 2006)
New Revision: 1224
Modified:
logcheck/trunk/debian/changelog
logcheck/trunk/rulefiles/linux/ignore.d.server/ssh
Log:
* ignore.d.server/ssh: ignoring ssh_msg_recv failure messages.
Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog 2006-10-06 14:53:14 UTC (rev 1223)
+++ logcheck/trunk/debian/changelog 2006-10-06 15:01:48 UTC (rev 1224)
@@ -58,8 +58,9 @@
[ martin f. krafft ]
* ignore.d.server/dovecot: ignoring inactivity logouts.
* ignore.d.server/pdns: ignoring message about new superslave zones.
+ * ignore.d.server/ssh: ignoring ssh_msg_recv failure messages.
- -- martin f. krafft <madduck at debian.org> Fri, 6 Oct 2006 16:52:56 +0200
+ -- martin f. krafft <madduck at debian.org> Fri, 6 Oct 2006 17:01:23 +0200
logcheck (1.2.47) unstable; urgency=low
Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/ssh
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/ssh 2006-10-06 14:53:14 UTC (rev 1223)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/ssh 2006-10-06 15:01:48 UTC (rev 1224)
@@ -19,3 +19,4 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: \(pam_unix\) check pass; user unknown$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Address [._[:alnum:]-]+ maps to [._[:alnum:]-]+, but this does not map back to the address - POSSIBLE BREAK-?IN ATTEMPT!$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: reverse mapping checking getaddrinfo for [._[:alnum:]-]+ failed - POSSIBLE BREAK-?IN ATTEMPT!$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: recv_rexec_state: ssh_msg_recv failed$
More information about the Logcheck-commits
mailing list