[Logcheck-commits] r1269 - in logcheck/trunk: debian rulefiles/linux/violations.ignore.d

madduck at users.alioth.debian.org madduck at users.alioth.debian.org
Thu Oct 19 08:17:56 UTC 2006


Author: madduck
Date: 2006-10-19 08:17:55 +0000 (Thu, 19 Oct 2006)
New Revision: 1269

Modified:
   logcheck/trunk/debian/changelog
   logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-bind
   logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix
Log:
* violations.ignore.d/logcheck-postfix: updated filter for generic smtp
  status messages to postfix 2.3 (closes: #376533).
* violations.ignore.d/logcheck-bind: ignoring messages for unexpected
  RCODEs; thanks to Ingo Theiss (closes: #378333).

Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog	2006-10-19 07:56:30 UTC (rev 1268)
+++ logcheck/trunk/debian/changelog	2006-10-19 08:17:55 UTC (rev 1269)
@@ -18,8 +18,12 @@
     rules to support nagios2; thanks to Cyril Chaboisseau (closes: #355364).
   * ignore.d.server/innd: ignoring new message about flushing messages by
     send-uucp; thanks to Thomas Parmelan (closes: #387272).
+  * violations.ignore.d/logcheck-postfix: updated filter for generic smtp
+    status messages to postfix 2.3 (closes: #376533).
+  * violations.ignore.d/logcheck-bind: ignoring messages for unexpected
+    RCODEs; thanks to Ingo Theiss (closes: #378333).
 
- -- martin f. krafft <madduck at debian.org>  Thu, 19 Oct 2006 09:55:50 +0200
+ -- martin f. krafft <madduck at debian.org>  Thu, 19 Oct 2006 10:17:10 +0200
 
 logcheck (1.2.49~unreleased.2) UNRELEASED; urgency=low
 

Modified: logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-bind
===================================================================
--- logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-bind	2006-10-19 07:56:30 UTC (rev 1268)
+++ logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-bind	2006-10-19 08:17:55 UTC (rev 1269)
@@ -1 +1,2 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ named\[[0-9]+\]: zone [._[:alnum:]-]+/IN: refresh: failure trying master [._[:alnum:]-]+#53: .*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ named\[[0-9]+\]: unexpected RCODE \((REFUSED|SERVFAIL)\) resolving '[^[:space:]]+': [.[:digit:]]+#[0-9]+$

Modified: logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix
===================================================================
--- logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix	2006-10-19 07:56:30 UTC (rev 1268)
+++ logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix	2006-10-19 08:17:55 UTC (rev 1269)
@@ -10,7 +10,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: smtpd_peer_init: [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+: hostname [^[:space:]]+ verification failed: (Temporary failure in name resolution|Name or service not known|No address associated with hostname)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: Peer verification: CommonName in certificate does not match: [._*[:alnum:]-]+ != [._[:alnum:]-]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+: host [^[:space:]]+ said: [45][0-9][0-9] .* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|end of DATA) command\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+: to=<[^[:space:]]+>, relay=[._[:alnum:]-]+\[[0-9.]{7,15}\], delay=[0-9]+, status=(deferred|bounced) \(host [._[:alnum:]-]+\[[0-9.]{7,15}\] said: [45][0-9][0-9] .* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|end of DATA) command\)\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+: to=<[^[:space:]]+>, relay=[._[:alnum:]-]+\[[0-9.]{7,15}\], delay=[.0-9]+(, delays=([.0-9]+/){3}[.0-9]+)?(, dsn=[45](\.[0-9]+){2})?, status=(deferred|bounced|undeliverable) \(host [._[:alnum:]-]+\[[0-9.]{7,15}\] said: [45][0-9][0-9] .* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|end of DATA) command\)\)$ 
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [A-Z0-9]+: to=<[^[:space:]]+>, relay=[^[:space:]]+, delay=[0-9]+, status=deferred \(host [^[:space:]]+ refused to talk to me: [^[:space:]]+ 554 Access denied\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: Read failed in network_biopair_interop with errno=[0-9]+: num_read=[0-9]+, want_read=[0-9]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policy-spf\[[0-9]+\]: handler sender_permitted_from: DUNNO$




More information about the Logcheck-commits mailing list