Logcheck devel - Jul 2006 - Bug#376461: ignore.d.server/ssh fixes

Package: logcheck-database
Version: 1.2.44
Severity: minor
Tags: patch

/(::ffff:)?[:0-9a-f.]{7,15}/ makes no sense. I don't know how
postfix logs actual IPv6 addresses though. Anyway, IPv4 for now...

--- ignore.d.server/ssh 
+++ ignore.d.server/ssh 
@@ -9,5 +9,5 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: refused connect from
[:[:alnum:].]+ \([:[:alnum:].]+\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: Timeout before
authentication for [:[:alnum:].]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: nss_ldap: reconnect(ing|ed)
to LDAP server(\.\.\.| after [0-9]+ attempt\(s\))$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Did not receive
identification string from (::ffff:)?[:0-9a-f.]{7,15}$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Did not receive
identification string from (::ffff:)?[.[:digit:]]{7,15}$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Authorized to [^[:space:]]+,
krb5 principal [^[:space:]]+ \(krb5_kuserok\)$

-- 
Please do not send copies of list mail to me; I read the list!
 
 .''`.     martin f. krafft <madduck at debian.org>
: :'  :    proud Debian developer and author: http://debiansystem.info
`. `'`
  `-  Debian - when you have better things to do than fixing a system
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature (GPG/PGP)
Url :
http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20060703/4ef9017f/attachment.pgp

Package: logcheck-database
Version: 1.2.44
Severity: wishlist
Tags: patch

ignore.d.server/ssh:
  ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: Peer
verification: [[:digit:]]+ dNSNames in certificate found, but no one does match
[-_.[:alnum:]]+$

-- 
Please do not send copies of list mail to me; I read the list!
 
 .''`.     martin f. krafft <madduck at debian.org>
: :'  :    proud Debian developer and author: http://debiansystem.info
`. `'`
  `-  Debian - when you have better things to do than fixing a system
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature (GPG/PGP)
Url :
http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20060703/ce6d3f82/attachment.pgp

also sprach martin f krafft <madduck at debian.org> [2006.07.03.0744
+0200]:
> --- ignore.d.server/ssh 
> +++ ignore.d.server/ssh 
> @@ -9,5 +9,5 @@
>  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: refused connect from
[:[:alnum:].]+ \([:[:alnum:].]+\)$
>  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: Timeout before
authentication for [:[:alnum:].]+$
>  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: nss_ldap:
reconnect(ing|ed) to LDAP server(\.\.\.| after [0-9]+ attempt\(s\))$
> -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Did not receive
identification string from (::ffff:)?[:0-9a-f.]{7,15}$
> +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Did not receive
identification string from (::ffff:)?[.[:digit:]]{7,15}$
>  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Authorized to
[^[:space:]]+, krb5 principal [^[:space:]]+ \(krb5_kuserok\)$
Correction, after seeing an UNKNOWN message today:

  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Did not receive
identification string from ((::ffff:)?[.[:digit:]]{7,15}|UNKNOWN)$

-- 
Please do not send copies of list mail to me; I read the list!
 
 .''`.     martin f. krafft <madduck at debian.org>
: :'  :    proud Debian developer and author: http://debiansystem.info
`. `'`
  `-  Debian - when you have better things to do than fixing a system
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature (GPG/PGP)
Url :
http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20060703/07f4ee8a/attachment.pgp