[Logcheck-commits] [SCM] logcheck source and rules branch, master, updated. debian/1.3.14-13-gd7e9a7b
Frédéric Brière
fbriere at fbriere.net
Mon Jan 16 16:15:06 UTC 2012
The following commit has been merged in the master branch:
commit d7e9a7be6e3d43c512a9387c37809d944630eb09
Author: Frédéric Brière <fbriere at fbriere.net>
Date: Sun Jan 15 22:09:13 2012 -0500
i.d.s/postfix: fixed "lost connection while sending end of data" rule
This amends commit 8f58ac6, which introduced a superfluous "while".
diff --git a/debian/changelog b/debian/changelog
index 451aa19..d18e017 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,6 +8,7 @@ logcheck (1.3.15) UNRELEASED; urgency=low
* ignore.d.server/postfix:
- ignore "offered null AUTH mechanism list"
- ignore "lost connection while receiving the initial server greeting"
+ - fixed "lost connection while sending end of data" rule
* ignore.d.server/proftpd:
- ignore "authentication failure" even if ruser is provided
* ignore.d.server/ssh:
diff --git a/rulefiles/linux/ignore.d.server/postfix b/rulefiles/linux/ignore.d.server/postfix
index 8c6d68b..7346aec 100644
--- a/rulefiles/linux/ignore.d.server/postfix
+++ b/rulefiles/linux/ignore.d.server/postfix
@@ -49,7 +49,7 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: host [^[:space:]]+ refused to talk to me: [45][[:digit:]][[:digit:]].*$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: host [^[:space:]]+ said: .* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|end of DATA) command\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: host [^[:space:]]+ said: [45][[:digit:]][[:digit:]][- ]+.* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|(end of )?DATA) command\)$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: lost connection with [^[:space:]]+ while (performing the (HELO|EHLO) handshake|receiving the initial (SMTP|server) greeting|while sending end of data -- message may be sent more than once|sending( [[:upper:]]+){1,2}( command)?)$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: lost connection with [^[:space:]]+ while (performing the (HELO|EHLO) handshake|receiving the initial (SMTP|server) greeting|sending end of data -- message may be sent more than once|sending( [[:upper:]]+){1,2}( command)?)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>(, orig_to=<[^[:space:]]+>)?, relay=[._[:alnum:]-]+\[[[:digit:].]{7,15}\](:[[:digit:]]{1,5})?,( conn_use=[[:digit:]]+,)? delay=[.[:digit:]]+(, delays=([.[:digit:]]+/){3}[.[:digit:]]+)?(, dsn=[45](\.[[:digit:]]+){2})?, status=(deferred|bounced|undeliverable|SOFTBOUNCE) \(host [._[:alnum:]-]+\[[[:digit:].]{7,15}\] said: [45][[:digit:]][[:digit:]][- ]+.* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|DATA|end of DATA) command\)\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>, relay=[._[:alnum:]-]+\[[[:digit:].]{7,15}\](:[[:digit:]]{1,5})?, (conn_use=[[:digit:]]+, )?delay=[.[:digit:]]+(, delays=([.[:digit:]]+/){3}[.[:digit:]]+)?(, dsn=2(\.[[:digit:]]+){2})?, status=deliverable \(250 Ok\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>, relay=[._[:alnum:]-]+\[[[:digit:].]{7,15}\](:[[:digit:]]{1,5})?, delay=[.[:digit:]]+(, delays=([.[:digit:]]+/){3}[.[:digit:]]+)?(, dsn=2(\.[[:digit:]]+){2})?, status=deliverable \(2[[:digit:]][[:digit:]] .*\)$
--
logcheck source and rules
More information about the Logcheck-commits
mailing list