Displaying 20 results from an estimated 10000 matches similar to: "Bug#445074: [PATCH] Ignore "Nasty PTR record" messages from openssh (closes: #445074)"
2007 Oct 03
1
Bug#445074: /etc/logcheck/ignore.d.server/ssh: Nasty PTR record
Package: logcheck-database
Version: 1.2.62
Severity: wishlist
File: /etc/logcheck/ignore.d.server/ssh
openssh issues a friendly warning when the remote IP maps back to a
hostname that looks just like an IP address. (For example, the address
206.251.174.31 currently maps back to the hostname "206.251.174.31".)
Here's a rule that filters out these unimportant messages:
^\w{3} [
2008 Jan 24
0
[PATCH] Re-enabled :port portion of "UDPv4 link" openvpn rule
I see that this openvpn rule has been modified to no longer attach the
":port" part to "[undef]" -- probably to reflect a recent change in
openvpn. Unfortunately, the rule no longer matches in etch, thus
breaking the backport.
Here's a patch to match both versions.
Signed-off-by: Fr?d?ric Bri?re <fbriere at fbriere.net>
---
rulefiles/linux/ignore.d.server/openvpn
2008 Jan 24
0
[PATCH] Added "Re-using pre-shared static key" openvpn rule
Signed-off-by: Fr?d?ric Bri?re <fbriere at fbriere.net>
---
rulefiles/linux/ignore.d.server/openvpn | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/rulefiles/linux/ignore.d.server/openvpn b/rulefiles/linux/ignore.d.server/openvpn
index 68ebf8f..c57e3cb 100644
--- a/rulefiles/linux/ignore.d.server/openvpn
+++ b/rulefiles/linux/ignore.d.server/openvpn
@@ -13,7 +13,7
2010 May 04
1
Bug#580260: logcheck-database: dkim-filter needs tweak
Package: logcheck-database
Version: 1.3.8
11 hex digits, and "no"
diff -ur logcheck-1.3.8.orig/rulefiles/linux/ignore.d.server/dkim-filter logcheck-1.3.8/rulefiles/linux/ignore.d.server/dkim-filter
--- logcheck-1.3.8.orig/rulefiles/linux/ignore.d.server/dkim-filter 2008-05-22 04:20:58.000000000 -0400
+++ logcheck-1.3.8/rulefiles/linux/ignore.d.server/dkim-filter 2010-05-04
2007 Sep 23
0
Bug#443171: [PATCH] ignore acpid clients disconnecting
- ignore messages "acpid: client has disconnected"
Signed-off-by: Hanspeter Kunz <hp at edelkunz.ch>
---
rulefiles/linux/ignore.d.server/acpid | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/rulefiles/linux/ignore.d.server/acpid b/rulefiles/linux/ignore.d.server/acpid
index 034ddf1..faebe1e 100644
--- a/rulefiles/linux/ignore.d.server/acpid
+++
2010 Jun 14
0
[PATCH] i.d.s/postfix: fixed policyd-weight patterns
At least the policyd-weight in lenny seems to generate quite different
patterns. For example the 'rate' is output multiple times in some
situations, the 'check from' is omited sometimes and somehow those log
messages have a trailing blank.
With those patterns logcheck stays silent again.
Signed-off-by: Mathias Krause <minipli at googlemail.com>
---
2007 Sep 24
3
Bug#443886: /etc/logcheck/ignore.d.server/proftpd: [proftpd] Refused user $USER for service $FOO
Package: logcheck-database
Version: 1.2.61
Severity: wishlist
File: /etc/logcheck/ignore.d.server/proftpd
Two weeks ago, I got a rush of these:
Sep 8 12:37:07 goretex proftpd: PAM-listfile: Refused user news for service proftpd
(Apparently, fail2ban managed to miss those.)
This is triggered by pam_listfile, which is used by proftpd (and other
FTP daemons) to block users listed in
2005 Jun 07
2
Bug#312376: /etc/logcheck/logcheck.ignore is no longer read
Package: logcheck
Version: 1.2.39
Severity: normal
Since I've upgraded my servers to sarge, I'm getting mail every hour for
stuff that was duly included in /etc/logcheck/logcheck.ignore. Turns
out that sarge's version no longer reads that file.
If this was a conscious decision, then there should be some warning
about this when upgrading (via debconf of NEWS.Debian). Also, the
2008 Mar 15
1
Bug#471072: logcheck-database: Moving most of violations.ignore.d to ignore.d.*
Package: logcheck-database
Version: 1.2.63
Severity: normal
Given that violations.d/logcheck has been emptied by
2394562ab4a13c4510c671f01ffc8f35e97f1cd3, shouldn't most of
violations.ignore.d be moved to one of ignore.d.*? AIUI, all of these
are currently rendered useless.
(I'll gladly lend a hand; I just want to make sure this is the right
thing to do.)
-- System Information:
Debian
2007 Oct 03
2
Bug#445072: /etc/logcheck/violations.ignore.d/logcheck-ssh: Failed password for ...
Package: logcheck-database
Version: 1.2.62
Severity: normal
File: /etc/logcheck/violations.ignore.d/logcheck-ssh
Somewhere between etch and now, ssh stopped reporting failed passwords
as "error: PAM: Authentication failure for foo", and switched to "Failed
password for foo", similar to what it already did for unknown users, but
without the "invalid user" part.
2007 Sep 26
1
Bug#444097: /etc/logcheck/ignore.d.server/ddclient: 2 rules to get you started
Package: logcheck
Version: 1.2.62
Severity: wishlist
Here are two rules for ddclient, a client for dynamic IP services such
as DynDNS or DynIP:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[[:digit:]]+\]: SUCCESS: updating [._[:alnum:]-]+: good: IP address set to [:[:xdigit:].]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[[:digit:]]+\]: WARNING: forcing update of [._[:alnum:]-]+ from
2006 Jul 07
0
Bug#377276: "Did not receive identification string" warning reappeared
Package: logcheck-database
Version: 1.2.45
Severity: normal
Tags: patch pending confirmed
My bad, sorry.
--- rulefiles/linux/ignore.d.server/ssh 6 Jul 2006 10:16:41 -0000 1.18
+++ rulefiles/linux/ignore.d.server/ssh 7 Jul 2006 19:35:19 -0000
@@ -10,7 +10,7 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: refused connect from [:[:alnum:].]+ \([:[:alnum:].]+\)$
^\w{3} [ :0-9]{11}
2004 Oct 13
2
Bug#276317: logcheck-database: Namechange for ISC in /etc/logcheck/ignore.d.server/dhcp
Package: logcheck-database
Version: 1.2.28
Severity: normal
Hi,
the Internet Software Consortium changed the name to Internet Systems Consortium.
For a fix for the logcheck rules see the attachment.
-- System Information:
Debian Release: 3.0
APT prefers testing
APT policy: (600, 'testing'), (100, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel:
2011 Dec 31
0
[PATCH] i.d.s/openvpn: support 'remote-cert-tls (server|client)'
From: Simon Deziel <simon.deziel at gmail.com>
Fixes LP: #806537
Signed-off-by: Simon Deziel <simon.deziel at gmail.com>
---
rulefiles/linux/ignore.d.server/openvpn | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/rulefiles/linux/ignore.d.server/openvpn b/rulefiles/linux/ignore.d.server/openvpn
index 2b4bfd6..d80f42f 100644
---
2006 Dec 24
0
Bug#404422: logcheck-database: postfix/lmtp messages not ignored by ignore.d.server/postfix
Package: logcheck-database
Version: 1.2.51
Severity: normal
Messages such as these are no longer being filtered by logcheck
('hostname' used to replace actual hostname; 'hostname.com' used to
replace actual domain):
Dec 23 12:02:58 hostname postfix/lmtp[5047]: 38BE4C21ED: to=<root at hostname.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=4.1, delays=2/0.16/0.05/1.8,
2009 Dec 21
2
Bug#561995: mkdir: cannot create directory `/var/lock/logcheck': Permission denied
Package: logcheck
Version: 1.3.4
Severity: normal
I am running debian/testing and just upgraded to logcheck 1.3.4 and it
started reporting the error:
mkdir: cannot create directory `/var/lock/logcheck': Permission denied
I created the directory and chown'd it to logcheck and it seems fine now.
Looking at the changelog, I see something was purposefully changed, so I
imagine I
2008 Sep 17
2
Bug#499323: logcheck-database: Logcheck fails to ignore certain OpenVPN messages
Package: logcheck-database
Version: 1.2.54
Severity: normal
Tags: patch
Logcheck fails to ignore certain lines generated by OpenVPN; the attached patch
fixes several regular expressions:
* OpenVPN does not print the full path to ifconfig or route (at least here)
* The interface name can also contain dots and does not always start with "tun"
* The startup messages now gets suppressed
2005 Jun 14
3
Bug#313601: logcheck-database: ignore mount version messages
Package: logcheck-database
Version: 1.2.39
Severity: wishlist
These are the subject of an am-utils FAQ
<URL:http://www.am-utils.org/docs/am-utils/FAQ.txt> and would be
useful in the ignored list. Note that it's either `newer' or `older'.
Jun 14 14:32:25 albion kernel: nfs warning: mount version newer than kernel
Jun 14 14:37:54 dlsy kernel: nfs warning: mount version older
2006 Feb 21
2
Bug#353815: logcheck: Ignore Pocket PC/synce/USB messages, please
Package: logcheck
Version: 1.2.42
Severity: wishlist
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Here are some more messages that can be safely ignored:
localhost kernel: drivers/usb/serial/usb-serial.c: USB Serial Driver core
localhost kernel: drivers/usb/serial/usb-serial.c: USB Serial support registered for PocketPC PDA
localhost kernel: drivers/usb/serial/ipaq.c: USB PocketPC PDA driver
2009 Apr 07
1
Bug#515156: Same bug after removal + reinstall
I ran into the same problem after somebody uninstalled logcheck and I
re-installed it.
It turned out that the ownership of /var/lock/logcheck where root:root -
sudo chown logcheck:logcheck /var/lock/logcheck solved it.
I see that there already is a check for the permissions in the postinst
which (as far as I can see) *should* have fixed the permissions and
ownership there.
When re-installing