[Logcheck-commits] Hanspeter Kunz: postfix: added rule to ignore "SSL23_GET_CLIENT_HELLO: unknown protocol"

Martin F. Krafft madduck at alioth.debian.org
Wed Jul 30 06:14:04 UTC 2008 

Module: logcheck
Branch: master
Commit: cd83fb08c504d803575e46f55a0014e7fd2aa07c
URL:    http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=cd83fb08c504d803575e46f55a0014e7fd2aa07c

Author: Hanspeter Kunz <hkunz at ifi.uzh.ch>
Date:   Tue Jul 29 23:35:37 2008 +0200

postfix: added rule to ignore "SSL23_GET_CLIENT_HELLO:unknown protocol"

Signed-off-by: Hanspeter Kunz <hkunz at ifi.uzh.ch>

---

 debian/changelog                        |    2 ++
 rulefiles/linux/ignore.d.server/postfix |    1 +
 2 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 207718d..0452042 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -9,6 +9,8 @@ logcheck (1.2.68) unstable; urgency=low
     - ignore "NOQUEUE: milter-reject" messages.
     - enhanced "TLS library problem" rule to also ignore "bad
       certificate" errors.
+    - added rule to ignore "SSL23_GET_CLIENT_HELLO:unknown protocol"
+      messages.
 
  -- martin f. krafft <madduck at debian.org>  Thu, 17 Jul 2008 12:17:19 +0200
 
diff --git a/rulefiles/linux/ignore.d.server/postfix b/rulefiles/linux/ignore.d.server/postfix
index 174c866..4198301 100644
--- a/rulefiles/linux/ignore.d.server/postfix
+++ b/rulefiles/linux/ignore.d.server/postfix
@@ -125,6 +125,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policyd-weight\[[[:digit:]]+\]: cache: (purged|deleted) [^[:space:]]+ from HAM cache$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: warning: milter unix:/var/run/clamav/clamav-milter\.ctl: can't read SMFIC_MAIL reply packet header: Connection timed out$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: warning: TLS library problem: [[:digit:]]+:error:[[:xdigit:]]+:SSL routines:SSL3_READ_BYTES:sslv3 alert (unexpected message|bad certificate):s3_pkt\.c:[[:digit:]]+:SSL alert number (10|42):$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: warning: TLS library problem: [[:digit:]]+:error:[[:xdigit:]]+:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr\.c:[[:digit:]]+:$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: gethostby\*\.getanswer: asked for "([-_.[:alnum:]]+)", got "\1"$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: discarding EHLO keywords:( [[:upper:]]+)+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/cleanup\[[0-9]+\]: [[:alnum:]]+: milter-discard: END-OF-MESSAGE from [-._[:alnum:]]+\[[.[:digit:]]+\]: milter triggers DISCARD action; from=<[^[:space:]]*> to=<[^[:space:]]*> proto=E?SMTP helo=<[^[:space:]]+>$

More information about the Logcheck-commits mailing list