[Logcheck-commits] martin f. krafft: ignore multiple PIX workaround messages.
Martin F. Krafft
madduck at alioth.debian.org
Wed Aug 27 18:02:13 UTC 2008
Module: logcheck
Branch: viol-merge
Commit: 070063480510e20a28c4c5eaaf88d8120af8989b
URL: http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=070063480510e20a28c4c5eaaf88d8120af8989b
Author: martin f. krafft <madduck at debian.org>
Date: Wed Aug 27 15:05:05 2008 +0100
ignore multiple PIX workaround messages.
---
debian/changelog | 1 +
rulefiles/linux/ignore.d.server/postfix | 3 ++-
2 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index f778c32..c05dd6f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -25,6 +25,7 @@ logcheck (1.3) unstable; urgency=low
- ignore getting too many errors after END-OF-MESSAGE, not only after four
letter SMTP commands.
- ignore milter-reject messages after RCPT which include the recipient.
+ - ignore multiple PIX workaround messages.
* ignore.d.server/ssh:
- ignore authentication failures with new PAM format.
* ignore.d.server/kernel:
diff --git a/rulefiles/linux/ignore.d.server/postfix b/rulefiles/linux/ignore.d.server/postfix
index 819d6d3..383f6b4 100644
--- a/rulefiles/linux/ignore.d.server/postfix
+++ b/rulefiles/linux/ignore.d.server/postfix
@@ -47,7 +47,8 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:alnum:]]+: to=<.*>,( orig_to=<[^[:space:]]+>,)? relay=[^[:space:]]+\](:[[:digit:]]+)?,( conn_use=[[:digit:]]+,)? delay=[[:digit:].]+,( delays=[[:digit:]./]+,)?( dsn=4\.[[:digit:]]\.[[:digit:]],)? status=deferred \(host [^[:space:]]+\] said: .*$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:alnum:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)? relay=[^[:space:]]+\](:[[:digit:]]+)?,( conn_use=[[:digit:]]+,)? delay=[[:digit:].]+,( delays=[[:digit:]./]+,)?( dsn=4\.[[:digit:]]\.[[:digit:]],)? status=deferred \((delivery temporarily suspended: )?conversation with [^[:space:]]+ timed out while (receiving the initial server greeting|sending [[:alnum:]]+( [[:alnum:]]+)?|sending end of data -- message may be sent more than once)\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: conversation with [._[:alnum:]-]+\[[[:digit:]a-f.:]{3,39}\] timed out while (receiving the initial server greeting|sending [[:alnum:]]+( [[:alnum:]]+)?|sending end of data -- message may be sent more than once)$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: enabling PIX <CRLF>\.<CRLF> workaround for .*$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: enabling PIX <CRLF>\.<CRLF> workaround for [._[:alnum:]-]+\[[[:digit:].]{7,15}\](:[[:digit:]]{1,5})?$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: enabling PIX workarounds:( (disable_esmtp|delay_dotcrlf))+ for [._[:alnum:]-]+\[[[:digit:].]{7,15}\](:[[:digit:]]{1,5})?$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: host [^[:space:]]+ refused to talk to me: [45][[:digit:]][[:digit:]].*$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: host [^[:space:]]+ said: .* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|end of DATA) command\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: host [^[:space:]]+ said: [45][[:digit:]][[:digit:]][- ]+.* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|(end of )?DATA) command\)$
More information about the Logcheck-commits
mailing list