[Logcheck-devel] Bug#309084: logcheck-database: new rule & minor fixes for proftpd

[Tilman Koschnick]

Package: logcheck-database
Version: 1.2.39
Severity: wishlist
Tags: patch

Hi,

find attached an additional rule for proftpd, and some minor fixes
for the existing ones. Could you please include this in the database?

Cheers, Til

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages logcheck-database depends on:
ii  debconf [debconf-2.0]         1.4.30.13  Debian configuration management sy

-- debconf information:
  logcheck-database/conffile-cleanup: false
  logcheck-database/rules-directories-note:
  logcheck-database/standard-rename-note:
-------------- next part --------------
=== logcheck/ignore.d.server/proftpd
==================================================================
--- logcheck/ignore.d.server/proftpd  (revision 322)
+++ logcheck/ignore.d.server/proftpd  (local)
@@ -1,3 +1,4 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ \([._[:alnum:]-]+\[[0-9.]{7,15}\]\) (- )FTP session (opened|closed)\.$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ \([._[:alnum:]-]+\[[0-9.]{7,15}\]\) (- )USER [\._[:alnum:]-]+: Login successful\.$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd: \(pam_unix\) session (opened|closed) for user [\._[:alnum:]-]+( by \(uid=[0-9]+\))$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ \([._[:alnum:]-]+\[[0-9.]{7,15}\]\) (- )USER [._[:alnum:]-]+: Login successful\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ \([._[:alnum:]-]+\[[0-9.]{7,15}\]\) (- )mod_delay/0.4: delaying for [0-9]+ usecs$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd: \(pam_unix\) session (opened|closed) for user [._[:alnum:]-]+( by \(uid=[0-9]+\)|)$