[Logcheck-commits] r1264 - in logcheck/trunk: debian
rulefiles/linux/ignore.d.server
madduck at users.alioth.debian.org
madduck at users.alioth.debian.org
Thu Oct 19 07:41:53 UTC 2006
Author: madduck
Date: 2006-10-19 07:41:52 +0000 (Thu, 19 Oct 2006)
New Revision: 1264
Modified:
logcheck/trunk/debian/changelog
logcheck/trunk/rulefiles/linux/ignore.d.server/kernel
Log:
* ignore.d.server/kernel: also ignore outgoing iptables log entries
(closes: #377381).
Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog 2006-10-19 07:39:59 UTC (rev 1263)
+++ logcheck/trunk/debian/changelog 2006-10-19 07:41:52 UTC (rev 1264)
@@ -8,8 +8,10 @@
(closes: #387008).
* ignore.d.server/spamd, violations.ignore.d/logcheck-spamd: update rule to
ignore checking messages (closes: #382805).
+ * ignore.d.server/kernel: also ignore outgoing iptables log entries
+ (closes: #377381).
- -- martin f. krafft <madduck at debian.org> Thu, 19 Oct 2006 09:39:23 +0200
+ -- martin f. krafft <madduck at debian.org> Thu, 19 Oct 2006 09:41:21 +0200
logcheck (1.2.49~unreleased.2) UNRELEASED; urgency=low
Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/kernel
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/kernel 2006-10-19 07:39:59 UTC (rev 1263)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/kernel 2006-10-19 07:41:52 UTC (rev 1264)
@@ -1,8 +1,6 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: lp[0-9]+ out of paper$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: lp[0-9]+: ECP mode$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: .*IN=[[:alpha:]]+[0-9]+ OUT= MAC=[[:alnum:]:]+ SRC=[.0-9]{7,15} DST=[.0-9]{7,15} LEN=[0-9]+ TOS=0x[0-9]+ PREC=0x[0-9]+ TTL=[0-9]+ ID=[0-9]+ (DF )?PROTO=UDP SPT=[0-9]+ DPT=[0-9]+ LEN=[0-9]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: .*IN=[[:alpha:]]+[0-9]+ OUT= MAC=[[:alnum:]:]+ SRC=[[:alnum:]:]+ DST=[[:alnum:]:]+ LEN=[0-9]+ TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=UDP SPT=5353 DPT=5353 LEN=[0-9]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: .*IN=[[:alpha:]]+[0-9]+ OUT= MAC=[[:alnum:]:]+ SRC=[[:alnum:]:]+ DST=[[:alnum:]:]+ LEN=[0-9]+ TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=UDP SPT=49342 DPT=5353 LEN=[0-9]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: .*IN=([[:alpha:]]+[0-9]+)? OUT=([[:alpha:]]+[0-9]+)? MAC=[[:alnum:]:]+ SRC=[.0-9]{7,15} DST=[.0-9]{7,15} LEN=[0-9]+ TOS=0x[0-9]+ PREC=0x[0-9]+ TTL=[0-9]+ ID=[0-9]+ (DF )?PROTO=UDP SPT=[0-9]+ DPT=[0-9]+ LEN=[0-9]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel: ll header: [:[:xdigit:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel: martian source 255\.255\.255\.255 from [.[:digit:]]{7,15} on dev [[:alnum:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel: icmpv6_send: no reply to icmp error$
More information about the Logcheck-commits
mailing list