[Logcheck-devel] Bug#861950: logcheck-database: OpenVPN rules assume fixed TLS version which is not correct anymore
Sami Kuhmonen
sami at tokavuh.com
Sat May 6 10:45:30 UTC 2017
Package: logcheck-database
Version: 1.3.18
Severity: normal
Dear Maintainer,
OpenVPN ignore rules have fixed TLSv1 mention which is not reasonable. On my system the version
is TLSv1.2 and I would assume with many others it may say something different. The rule should
be more relaxed.
Suggested changed line:
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]:( ([-_.@[:alnum:]]+/)?[.[:digit:]]{7,15}:[[:digit:]]{2,5})? Control Channel: TLSv[.[:digit:]]+, cipher TLSv1/SSLv3 [[:alnum:]-]+, [[:digit:]]+ bit RSA$
-- System Information:
Debian Release: 9.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386
(i686)
More information about the Logcheck-devel
mailing list