[Logcheck-commits] Frédéric Brière : Two Postfix "TLS connection" additions (closes: #529367)

Wed Aug 19 12:23:23 UTC 2009

Module: logcheck
Branch: master
Commit: 21cdfd840917c884e73e5d6e15fe6f79bdc854b1
URL:    http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=21cdfd840917c884e73e5d6e15fe6f79bdc854b1

Author: Frédéric Brière <fbriere at fbriere.net>
Date:   Wed Aug 19 08:22:48 2009 -0400

Two Postfix "TLS connection" additions (closes: #529367)

  - allow optional port number after "setting up TLS connection"
  - recognize "Trusted TLS connection established"

---

 debian/changelog                        |    3 +++
 rulefiles/linux/ignore.d.server/postfix |    4 ++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 63fdd5d..264b145 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -30,6 +30,9 @@ logcheck (1.3.4) experimental; urgency=low
     - replaced the (incomplete) method list with a wildcard (closes: #530591)
   * ignore.d.server/openvpn:
     - recognize some more options for PUSH_REPLY (closes: #511353)
+  * ignore.d.server/postfix: (closes: #529367)
+    - allow optional port number after "setting up TLS connection"
+    - recognize "Trusted TLS connection established"
 
  -- Frédéric Brière <fbriere at fbriere.net>  Mon, 17 Aug 2009 11:48:08 -0400
 
diff --git a/rulefiles/linux/ignore.d.server/postfix b/rulefiles/linux/ignore.d.server/postfix
index c792415..9199026 100644
--- a/rulefiles/linux/ignore.d.server/postfix
+++ b/rulefiles/linux/ignore.d.server/postfix
@@ -64,7 +64,7 @@
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: warning: host [^[:space:]]+ replied to HELO/EHLO with my own hostname [._[:alnum:]-]+$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: warning: mailer loop: best MX for [^[:space:]]+ is local$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: warning: no MX host for [^[:space:]]+ has a valid (A|address) record$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: (Anonymous )?TLS connection established (to|from) [^[:space:]]+: (TLSv1|SSLv[23]) with cipher [^[:space:]]+ \([/[:digit:]]+ bits\)$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: ((Anonymous|Trusted) )?TLS connection established (to|from) [^[:space:]]+: (TLSv1|SSLv[23]) with cipher [^[:space:]]+ \([/[:digit:]]+ bits\)$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: (Peer|Server) certificate could not be verified$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: Unverified: subject_CN=.*$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: Verified: subject_CN=.*, issuer=.*$
@@ -82,7 +82,7 @@
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: certificate verification failed for [^[:space:]]+: untrusted issuer /.+$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: initializing the server-side TLS engine$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: issuer=[[:space:]]*/O=.*$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: setting up TLS connection (to|from) [._[:alnum:]-]+(\[[[:xdigit:].:]{3,39}\])?$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: setting up TLS connection (to|from) [._[:alnum:]-]+(\[[[:xdigit:].:]{3,39}\](:[[:digit:]]+)?)?$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: verify error:num=10:certificate has expired$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: verify error:num=18:self signed certificate$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: verify error:num=19:self signed certificate in certificate chain$


