[Logcheck-commits] martin f. krafft: ignore connection messages for anonymous TLS connections

Gerfried Fuchs alfie at alioth.debian.org
Wed Jul 16 11:03:45 UTC 2008 

Module: logcheck
Branch: etch-backports
Commit: dc7fbbca006b383e660d22198ff1afccec55e183
URL:    http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=dc7fbbca006b383e660d22198ff1afccec55e183

Author: martin f. krafft <madduck at debian.org>
Date:   Tue Jun 24 18:52:37 2008 +0100

ignore connection messages for anonymous TLS connections

---

 debian/changelog                        |    5 ++++-
 rulefiles/linux/ignore.d.server/postfix |    2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 5a1f1e3..b9a5d8b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,13 +2,16 @@ logcheck (1.2.65) unstable; urgency=low
 
   * violations.ignore.d/logcheck-postfix:
     - fixed filters for certificate messages that changed in postfix 2.5.
+  * ignore.d.server/postfix:
+    - ignore connection messages for anonymous TLS connections; thanks to
+      Justin Larue (closes: #486440).
   * ignore.d.server/maradns:
     - ignore messages related to resolvconf integration.
   * ignore.d.server/dovecot:
     - ignore aborted logins with 0 authentication attempts, e.g. due to
       nagios; thanks to René Hertell (closes: #487208).
 
- -- martin f. krafft <madduck at debian.org>  Tue, 24 Jun 2008 18:48:28 +0100
+ -- martin f. krafft <madduck at debian.org>  Tue, 24 Jun 2008 18:51:15 +0100
 
 logcheck (1.2.64) unstable; urgency=low
 
diff --git a/rulefiles/linux/ignore.d.server/postfix b/rulefiles/linux/ignore.d.server/postfix
index ce1f3c6..5c541ee 100644
--- a/rulefiles/linux/ignore.d.server/postfix
+++ b/rulefiles/linux/ignore.d.server/postfix
@@ -19,7 +19,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: cert has expired$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: (Peer|Server) certificate could not be verified$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: smtpd_peer_init: [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+: address not listed for hostname [._[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: TLS connection established (to|from) [^[:space:]]+: (TLSv1|SSLv[23]) with cipher [^[:space:]]+ \([/0-9]+ bits\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: (Anonymous )?TLS connection established (to|from) [^[:space:]]+: (TLSv1|SSLv[23]) with cipher [^[:space:]]+ \([/0-9]+ bits\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: setting up TLS connection (to|from) [._[:alnum:]-]+(\[[0-9a-f.:]{3,39}\])?$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: fingerprint=([0-9A-F]{2}:){15}[0-9A-F]{2}$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: Verified: subject_CN=.*, issuer=.*$

More information about the Logcheck-commits mailing list