similar to: Bug#397466: logcheck-database: proftpd rules do not support IPv6 addresses with UseReverseDNS off

Package: logcheck-database Version: 1.2.61 Severity: wishlist File: /etc/logcheck/ignore.d.server/proftpd Two weeks ago, I got a rush of these: Sep 8 12:37:07 goretex proftpd: PAM-listfile: Refused user news for service proftpd (Apparently, fail2ban managed to miss those.) This is triggered by pam_listfile, which is used by proftpd (and other FTP daemons) to block users listed in

Package: logcheck-database Version: 1.2.54 Severity: normal It would appear that proftpd is now logging IP addresses in IPv6 form, even the v4 ones. I got a bunch of these last week: Aug 7 04:00:11 goretex proftpd: (pam_unix) authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=::ffff:58.60.237.66 user=mysql Simply adding a ":" to the rhost character class did the

I'm setting up a ftp server. I need to be able to have people have a non interactive login through a web browser into a chrooted directory i.e. ftp://somewhere.com. I also need to have a URL that will auto login a user to a chrooted directory. These chrooted directories will be RO for all anonymous access. That said I also need to have a staff account that has upload rights to these

Package: logcheck-database Version: 1.3.8 Severity: wishlist HI, can you please create a rule/some rules for amavis(d-new). I get for every mail this mesage: May 25 19:55:40 data amavis[9603]: (09603-15) Passed CLEAN, [::1] [213.165.64.22] <xxx at yyy.zz> -> \ <aaa at localhost>, Message-ID: <20100525175015.29677page1 at mx002.bbb.ccc>, mail_id: MM7upJv6se1Z, \ Hits:

Hi Peoples, I'm still beating my head with the Proftpd although I have solved my orininal issue. That turned out to be an iptables issue and I'm beginning to wonder if iptables is playing with me again. I have an FTP server that allows anonymous downloads and with specific accounts able to upload to the anonymous directory. The problem is, those users cannot upload. I have

Package: logcheck-database Version: 1.3.13 Severity: normal Tags: patch After upgrading to debian squeeze I get several messages a day in the form of: Jul 2 15:05:15 hostname spamd[21286]: spamd: handled cleanup of child pid [28609] due to SIGCHLD: exit 0 This is due to an update in spamd, that makes the message more detailed (includes exit code)[1]. Therefore messages including exit code 0

Hello list!! I am trying to setup very simple authentication for proftpd under centos 5.6. But for some reason it isn't working and I was hoping to get some advice into how to resolve the issue. Machine info: [code] [root at VIRTCENT07:~] #cat /etc/redhat-release CentOS release 5.6 (Final) [root at VIRTCENT07:~] #uname -a Linux VIRTCENT07 2.6.18-238.el5xen #1 SMP Thu Jan 13 17:49:40 EST

Hello list, With my latest proftpd server graphical client error on list (ls) directory: Error: Could not read from socket: ECONNRESET - Connection reset by peer Error: Disconnected from server Error: Failed to retrieve directory listing So far I've tried both filezilla and cyberduck. But command line ftp works completely: [dunphy at BAM-025715-TD:~] #ftp jfweb Connected to jfweb.

Package: logcheck-database Version: 1.2.49 Severity: normal My logcheck configuration is quite a default one, ignore level server. i found the "session opened" and "session closed" ignore lines in ignore.d.server/logcheck. but i still get those lines in the logcheck mails: Nov 12 17:17:01 server06 CRON[32741]: (pam_unix) session opened for user root by (uid=0) Nov 12

For some reason proftpd stopped authentication for users. Anonymous access still works but when someone tries to access the server via their login it no longer authenticates them. I recently ran yum where proftpd was updated (that said, I'm not sure that caused the problem). I uninstalled the new version and and installed a prior version with no change. Below is a look at my config, a

Hello list! Well I have delved back into my proftpd config in the hopes of resolving my issues and having a working server. :) I believe I have the passive mode issue that I was expereriencing last time mostly worked out. But there are still a couple of things going on with this config that I was hoping to run by you in hopes of finding a solution. If I execute an ftp session on localhost

Package: logcheck-database Version: 1.2.69 Severity: normal Tags: patch kernel log lines of the form: ...kernel: [1933150.816604] TCP: Treason uncloaked! Peer 0000:0000:0000:0000:0000:ffff:d04e:3f6b:4038/80 shrinks window 2491430013:2491430014. Repaired. are not caught by the current rules. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500,

Processing commands for control at bugs.debian.org: > # Automatically generated email from bts, devscripts version 2.9.20 > package logcheck logcheck-database logtail Ignoring bugs not assigned to: logcheck-database logtail logcheck > tags 354820 + pending Bug#354820: rules to filter out entries caused by ssh scanners Tags were: patch Tags added: pending > tags 355085 + pending

Hello list, I was able to get passive mode worked out. I'm really glad I was able to do this. I'm able to log into the ftp server, list directories, enter subdirectories and upload/download files. However my next task is to enable virtual users using mysql. I have installed proftpd-mysql and enabled the sql modules in the config. I found a good article on how to do this here:

Package: logcheck Version: 1.2.41 Severity: wishlist Hi folks, thanks for your work maintaining logcheck, it works well. When my users read their mail using imap (usually via squirrelmail, not sure about other clients) I get a message like this in the log: Aug 22 21:03:32 phoenix imapd[6551]: Moved 11323 bytes of new mail to /home/winky/mail/mbox from /var/spool/mail/winky host= localhost

Package: logcheck Version: 1.2.41 Severity: minor man (8) logcheck says: For hints on how to maintain rules, see README.logcheck-database.gz, but this file is not included in /usr/share/doc/logcheck. micah -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel:

Package: logcheck-database Version: 1.3.13 Severity: normal The rule for SSH ignoring "Bad protocol version identification" assumes there are no single quotes inside the version string ('[^']'). I am however getting mails including those lines: Mar 25 22:57:04 Debian-60-squeeze-64-minimal sshd[12144]: Bad protocol version identification

Package: logcheck-database Version: 1.2.54 Severity: normal Tags: patch Logcheck fails to ignore certain lines generated by OpenVPN; the attached patch fixes several regular expressions: * OpenVPN does not print the full path to ifconfig or route (at least here) * The interface name can also contain dots and does not always start with "tun" * The startup messages now gets suppressed

On Sat, 15 May 2004, CVS User ttroxell wrote: > if [ -f /etc/logcheck/header.txt ] ; then > - $CAT /etc/logcheck/header.txt >> $TMPDIR/report > + $CAT /etc/logcheck/header.txt >> $TMPDIR/report \ > + || error "Could not append header to $TMPDIR/report Disk full?" > fi > } > > @@ -152,7 +157,8 @@ > # Add a footer

Hello, list! I can't run logcheck. This is the first time my system has not let me run something, any way I try. I am member of sudo group. I run this sudo -u logcheck logcheck -o -t and get Sorry, user [user] is not allowed to execute '/usr/sbin/logcheck -o -t' as logcheck on [machine]. If I try su -s /bin/bash -c "/usr/sbin/logcheck -o -t" logcheck I get