[Logcheck-commits] martin f. krafft: ignore anvil connection rate statistics for unknown DNS hosts.
Martin F. Krafft
madduck at alioth.debian.org
Sun Aug 31 19:24:18 UTC 2008
Module: logcheck
Branch: master
Commit: 91e2b40d5b77cffd5b3c6e23d8c8cb82166e70b3
URL: http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=91e2b40d5b77cffd5b3c6e23d8c8cb82166e70b3
Author: martin f. krafft <madduck at debian.org>
Date: Wed Aug 27 15:06:55 2008 +0100
ignore anvil connection rate statistics for unknown DNS hosts.
---
debian/changelog | 1 +
rulefiles/linux/ignore.d.server/postfix | 2 +-
2 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index c05dd6f..640b675 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -26,6 +26,7 @@ logcheck (1.3) unstable; urgency=low
letter SMTP commands.
- ignore milter-reject messages after RCPT which include the recipient.
- ignore multiple PIX workaround messages.
+ - ignore anvil connection rate statistics for unknown DNS hosts.
* ignore.d.server/ssh:
- ignore authentication failures with new PAM format.
* ignore.d.server/kernel:
diff --git a/rulefiles/linux/ignore.d.server/postfix b/rulefiles/linux/ignore.d.server/postfix
index 383f6b4..ef10496 100644
--- a/rulefiles/linux/ignore.d.server/postfix
+++ b/rulefiles/linux/ignore.d.server/postfix
@@ -5,7 +5,7 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/[ls]mtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)* relay=[^[:space:]]+,( conn_use=[[:digit:]]+,)? delay=[.[:digit:]]+,( delays=[.[:digit:]/]+, dsn=[[:digit:].]+,)? status=sent \(250 Ok: queued as [[:digit:]A-F]+\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/[ls]mtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)* relay=[^[:space:]]+,( conn_use=[[:digit:]]+,)? delay=[.[:digit:]]+,( delays=[.[:digit:]/]+, dsn=[[:digit:].]+,)? status=sent \(250 [[:digit:].]+ (Ok((, id=[-[:digit:]]+, from MTA(\([^[:space:]]+\))?: 250 ([[:digit:].]+ )?Ok)?: queued as [[:digit:]A-F]+|, discarded, UBE, id=[-[:digit:]]+)*|[[:alnum:]]+ Message accepted for delivery)\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/[ls]mtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)? relay=[^[:space:]]+,( conn_use=[[:digit:]]+,)? delay=[.[:digit:]]+,( delays=[.[:digit:]/]+, dsn=[[:digit:].]+,)? status=sent \(250 [[:digit:].]+ Ok((, id=[-[:digit:]]+, from MTA(\([^[:space:]]+\))?: 250 ([[:digit:].]+ )?Ok)?: queued as [[:digit:]A-F]+|, discarded, UBE, id=[-[:digit:]]+)*|, DSN muted \([45][[:digit:]][[:digit:]] [45](\.[[:digit:]]){2} .+\)\)$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/anvil\[[[:digit:]]+\]: statistics: max (message|recipient|connection) (count|rate) [/[:digit:]s]+ for \(([.:[:xdigit:]]+)?(smtp(s)?|25|submission|587):[.:[:xdigit:]]+\) at \w{3} [ :[:digit:]]{11}$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/anvil\[[[:digit:]]+\]: statistics: max (message|recipient|connection) (count|rate) [/[:digit:]s]+ for \(([.:[:xdigit:]]+)?(smtp(s)?|25|submission|587):([.:[:xdigit:]]+|unknown)\) at \w{3} [ :[:digit:]]{11}$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/anvil\[[[:digit:]]+\]: statistics: max cache size [[:digit:]]+ at \w{3} [ :[:digit:]]{11}$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/bounce\[[[:digit:]]+\]: [[:upper:][:digit:]]+: sender (non-delivery|delivery status) notification: [[:upper:][:digit:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/bounce\[[[:digit:]]+\]: [[:xdigit:]]+: sender delivery status notification: [[:xdigit:]]+$
More information about the Logcheck-commits
mailing list