[Logcheck-devel] Bug#271286: marked as done (minor fix for ignore.d.server/oidentd)

Debian Bug Tracking System owner at bugs.debian.org
Wed Sep 22 21:03:15 UTC 2004 

Your message dated Wed, 22 Sep 2004 16:47:06 -0400
with message-id <E1CAE14-0001My-00 at newraff.debian.org>
and subject line Bug#271286: fixed in logcheck 1.2.28
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 12 Sep 2004 12:26:01 +0000
>From jonas at freesources.org Sun Sep 12 05:26:01 2004
Return-path: <jonas at freesources.org>
Received: from ns2.kidns.de (diana50.kidns.de) [62.75.129.11] (Debian-exim)
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1C6TQf-0000VJ-00; Sun, 12 Sep 2004 05:26:01 -0700
Received: from pd9e9c8cd.dip0.t-ipconnect.de
	([217.233.200.205] helo=resivo.mejo.net ident=Debian-exim)
	by diana50.kidns.de with asmtp (TLS-1.0:RSA_ARCFOUR_SHA:16)
	(Exim 4.34)
	id 1C6TQa-0004U4-H8; Sun, 12 Sep 2004 14:25:56 +0200
Received: from jonas by resivo.mejo.net with local (Exim 4.34)
	id 1C6TQc-0002QY-TS; Sun, 12 Sep 2004 14:25:58 +0200
Date: Sun, 12 Sep 2004 14:25:58 +0200
From: Jonas Meurer <jonas at freesources.org>
To: Debian Bug Tracking System <submit at bugs.debian.org>
Subject: minor fix for ignore.d.server/oidentd
Message-ID: <20040912122555.GA9323 at resivo.mejo.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Reportbug-Version: 2.64
User-Agent: Mutt/1.5.6+20040818i
Sender: jonas <jonas at freesources.org>
X-SA-Exim-Connect-IP: 217.233.200.205
X-SA-Exim-Mail-From: jonas at freesources.org
X-SA-Exim-Scanned: No (on diana50.kidns.de); SAEximRunCond expanded to false
Delivered-To: submit at bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

Package: logcheck
Version: 1.2.27
Severity: wishlist


hello,

in ignore.d.server/oidentd you have:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ oidentd\[[0-9]+\]: Connection from \
	[._[:alnum:]-]+ \([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\):[0-9]{1,5}$

anyway, some oidentd logs don't have a hostname:
oidentd[34562]: Connection from 241.145.24.135:2353

therefore you have to add:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ oidentd\[[0-9]+\]: Connection from \
	\([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\):[0-9]{1,5}$


but maybe this works for both directives:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ oidentd\[[0-9]+\]: Connection from \
	[._[:alnum:]-]*	\([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\):[0-9]{1,5}$

bye
 jonas

---------------------------------------
Received: (at 271286-close) by bugs.debian.org; 22 Sep 2004 20:58:38 +0000
>From katie at ftp-master.debian.org Wed Sep 22 13:58:37 2004
Return-path: <katie at ftp-master.debian.org>
Received: from newraff.debian.org [208.185.25.31] (mail)
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1CAECD-0000M3-00; Wed, 22 Sep 2004 13:58:37 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
	id 1CAE14-0001My-00; Wed, 22 Sep 2004 16:47:06 -0400
From: Todd Troxell <ttroxell at debian.org>
To: 271286-close at bugs.debian.org
X-Katie: $Revision: 1.51 $
Subject: Bug#271286: fixed in logcheck 1.2.28
Message-Id: <E1CAE14-0001My-00 at newraff.debian.org>
Sender: Archive Administrator <katie at ftp-master.debian.org>
Date: Wed, 22 Sep 2004 16:47:06 -0400
Delivered-To: 271286-close at bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 
X-CrossAssassin-Score: 3

Source: logcheck
Source-Version: 1.2.28

We believe that the bug you reported is fixed in the latest version of
logcheck, which is due to be installed in the Debian FTP archive:

logcheck-database_1.2.28_all.deb
  to pool/main/l/logcheck/logcheck-database_1.2.28_all.deb
logcheck_1.2.28.dsc
  to pool/main/l/logcheck/logcheck_1.2.28.dsc
logcheck_1.2.28.tar.gz
  to pool/main/l/logcheck/logcheck_1.2.28.tar.gz
logcheck_1.2.28_all.deb
  to pool/main/l/logcheck/logcheck_1.2.28_all.deb
logtail_1.2.28_all.deb
  to pool/main/l/logcheck/logtail_1.2.28_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 271286 at bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Todd Troxell <ttroxell at debian.org> (supplier of updated logcheck package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster at debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wednesday, 22 Sep 2004 16:35:03 -0500
Source: logcheck
Binary: logcheck logtail logcheck-database
Architecture: source all
Version: 1.2.28
Distribution: unstable
Urgency: low
Maintainer: Debian logcheck Team <logcheck-devel at lists.alioth.debian.org>
Changed-By: Todd Troxell <ttroxell at debian.org>
Description: 
 logcheck   - Mails anomalies in the system logfiles to the administrator
 logcheck-database - A database of system log rules for the use of log checkers
 logtail    - Print log file lines that have not been read
Closes: 260743 270398 271286 271482
Changes: 
 logcheck (1.2.28) unstable; urgency=low
 .
   maks:
   * Small fixes: join 2 lines in ignore.d.server/postfix, add '^' for
     start-of-line ignore.d.server/scponly (Closes: #270398)
   * Small rule update oidentd (Closes: #271286)
   * Check if logcheck has the permissions to read the offsetfiles.
   * Allow Hostname for logcheck mail to be set by commandline switch
     for log hosts. thanks to Joerg Jaspert <joerg at debian.org>
   * Minor comment fixes for picky readers.
   * Handle lack of permissions gracefully. (Closes: #271482)
   * Small update dhcp for dyndns support. (Closes: #260743)
   * Add a sendfile rule at level workstation for its connect syslogging.
Files: 
 8c637493c86f9837bf562948ab13b2c0 668 admin optional logcheck_1.2.28.dsc
 6e4d2752d7d6ff9ce715b72f54008d5b 81327 admin optional logcheck_1.2.28.tar.gz
 d1ffd289685832e7996435d5ae3c45cb 39542 admin optional logcheck_1.2.28_all.deb
 4826a618a56a8972fbeb8d5d9ddb38ff 48216 admin optional logcheck-database_1.2.28_all.deb
 304d26bb982ee707fc522222ef6eb58b 23138 admin optional logtail_1.2.28_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBUeJd4u3oQ3FHP2YRArC7AKCDxvbr8v3stHMV4A0F8bPxs2F+NQCfck+7
pLnknmV272C+HIjbcLRTrPk=
=7w+3
-----END PGP SIGNATURE-----

More information about the Logcheck-devel mailing list