[Logcheck-devel] Bug#376461: ignore.d.server/ssh fixes

[martin f krafft]

also sprach martin f krafft <madduck at debian.org> [2006.07.03.0744 +0200]:
> --- ignore.d.server/ssh 
> +++ ignore.d.server/ssh 
> @@ -9,5 +9,5 @@
>  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: refused connect from [:[:alnum:].]+ \([:[:alnum:].]+\)$
>  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: Timeout before authentication for [:[:alnum:].]+$
>  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: nss_ldap: reconnect(ing|ed) to LDAP server(\.\.\.| after [0-9]+ attempt\(s\))$
> -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Did not receive identification string from (::ffff:)?[:0-9a-f.]{7,15}$
> +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Did not receive identification string from (::ffff:)?[.[:digit:]]{7,15}$
>  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Authorized to [^[:space:]]+, krb5 principal [^[:space:]]+ \(krb5_kuserok\)$

Correction, after seeing an UNKNOWN message today:

  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Did not receive identification string from ((::ffff:)?[.[:digit:]]{7,15}|UNKNOWN)$

-- 
Please do not send copies of list mail to me; I read the list!
 
 .''`.     martin f. krafft <madduck at debian.org>
: :'  :    proud Debian developer and author: http://debiansystem.info
`. `'`
  `-  Debian - when you have better things to do than fixing a system
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature (GPG/PGP)
Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20060703/07f4ee8a/attachment.pgp