Sasa Bajic
2006-Nov-08 10:23 UTC
[Logcheck-devel] Bug#397580: Ignore rule in server profile for kernel related to BANDWITH IN/OUT
Package: logcheck-database Version: 1.2.39 I am trying, but cann't make working ignore rule in ignore.d.server/kernel location so it could discard unneeded data. Following content I am getting from logcheck and I would like to force logcheck to ignore it all. System Events =-=-=-=-=-=-Nov 8 10:44:06 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=88 TOS=0x00 PREC=0x00 TTL=64 ID=45204 DF PROTO=TCP SPT=10000 DPT=2268 WINDOW=6792 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:06 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=455 TOS=0x00 PREC=0x00 TTL=64 ID=45205 DF PROTO=TCP SPT=10000 DPT=2268 WINDOW=6792 RES=0x00 ACK PSH FIN URGP=0 Nov 8 10:44:06 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20817 DF PROTO=TCP SPT=2268 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0 Nov 8 10:44:06 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20818 DF PROTO=TCP SPT=2268 DPT=10000 WINDOW=65535 RES=0x00 ACK FIN URGP=0 Nov 8 10:44:06 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=10000 DPT=2268 WINDOW=6792 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=20819 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 SYN URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=48 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=5840 RES=0x00 ACK SYN URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20821 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=142 TOS=0x00 PREC=0x00 TTL=127 ID=20822 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=9378 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=5840 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=846 TOS=0x00 PREC=0x00 TTL=64 ID=9379 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=5840 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=180 TOS=0x00 PREC=0x00 TTL=127 ID=20824 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=64729 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=107 TOS=0x00 PREC=0x00 TTL=64 ID=9380 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=5840 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=596 TOS=0x00 PREC=0x00 TTL=127 ID=20826 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=64662 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=9381 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=92 TOS=0x00 PREC=0x00 TTL=64 ID=9382 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20829 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=64610 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=988 TOS=0x00 PREC=0x00 TTL=64 ID=9383 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=9384 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20831 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=343 TOS=0x00 PREC=0x00 TTL=64 ID=9385 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=9386 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20833 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=386 TOS=0x00 PREC=0x00 TTL=64 ID=9387 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=9388 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20835 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=240 TOS=0x00 PREC=0x00 TTL=64 ID=9389 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=9390 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20837 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=461 TOS=0x00 PREC=0x00 TTL=64 ID=9391 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=9392 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20839 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=350 TOS=0x00 PREC=0x00 TTL=64 ID=9393 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=9394 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20841 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=195 TOS=0x00 PREC=0x00 TTL=64 ID=9395 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=9396 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20843 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=430 TOS=0x00 PREC=0x00 TTL=64 ID=9397 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=1029 TOS=0x00 PREC=0x00 TTL=64 ID=9398 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH FIN URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20845 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=64156 RES=0x00 ACK URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20846 DF PROTO=TCP SPT=2269 DPT=10000 WINDOW=64156 RES=0x00 ACK FIN URGP=0 Nov 8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0 Nov 8 10:44:11 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=ff:ff:ff:ff:ff:ff:00:50:bf:13:6a:8a:08:00 SRC=10.136.3.1 DST=255.255.255.255 LEN=77 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=5678 DPT=5678 LEN=57 Nov 8 10:44:13 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=20915 DF PROTO=TCP SPT=2283 DPT=110 WINDOW=65535 RES=0x00 SYN URGP=0 Nov 8 10:44:13 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=48 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=110 DPT=2283 WINDOW=5840 RES=0x00 ACK SYN URGP=0 Nov 8 10:44:13 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUTMAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11 DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20916 DF PROTO=TCP SPT=2283 DPT=110 WINDOW=65535 RES=0x00 ACK URGP=0 Nov 8 10:44:13 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0 SRC=212.200.101.26 DST=192.168.50.11 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=29581 DF PROTO=TCP SPT=110 DPT=2283 WINDOW=5840 RES=0x00 ACK PSH URGP=0