[Logcheck-commits] Frédéric Brière : Recognize some more openvpn options for PUSH_REPLY (closes: #511353)
Frédéric Brière
fbriere-guest at alioth.debian.org
Wed Aug 19 00:59:31 UTC 2009
Module: logcheck
Branch: master
Commit: 39b0250981af296acd61106e1753cd020521b1de
URL: http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=39b0250981af296acd61106e1753cd020521b1de
Author: Frédéric Brière <fbriere at fbriere.net>
Date: Tue Aug 18 20:56:48 2009 -0400
Recognize some more openvpn options for PUSH_REPLY (closes: #511353)
---
debian/changelog | 2 ++
rulefiles/linux/ignore.d.server/openvpn | 2 +-
2 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index c5c7a00..63fdd5d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -28,6 +28,8 @@ logcheck (1.3.4) experimental; urgency=low
* Added rule for ext3 writeback data mode (closes: #542273)
* ignore.d.server/dovecot:
- replaced the (incomplete) method list with a wildcard (closes: #530591)
+ * ignore.d.server/openvpn:
+ - recognize some more options for PUSH_REPLY (closes: #511353)
-- Frédéric Brière <fbriere at fbriere.net> Mon, 17 Aug 2009 11:48:08 -0400
diff --git a/rulefiles/linux/ignore.d.server/openvpn b/rulefiles/linux/ignore.d.server/openvpn
index 802bf64..27f949e 100644
--- a/rulefiles/linux/ignore.d.server/openvpn
+++ b/rulefiles/linux/ignore.d.server/openvpn
@@ -36,7 +36,7 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: read UDPv4 \[EHOSTUNREACH\|EHOSTUNREACH\|EHOSTUNREACH\]: No route to host \(code=113\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]:( ([-_.@[:alnum:]]+/)?[.[:digit:]]{7,15}:[[:digit:]]{2,5})? (Data|Control) Channel MTU parms \[[[:upper:]:[:digit:]/ ]+\]$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]:( ([-_.@[:alnum:]]+/)?[.[:digit:]]{7,15}:[[:digit:]]{2,5})? (Local|Expected Remote) Options hash \(VER=V[34]\): '[[:xdigit:]]+'$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]:( ([-_.@[:alnum:]]+/)?[.[:digit:]]{7,15}:[[:digit:]]{2,5})? (PUSH: Received control message|SENT CONTROL \[[-_.[:alnum:]]+\]): 'PUSH_REPLY(,redirect-gateway)?(,route [.[:digit:]]{7,15}( [.[:digit:]]{7,15})?)*,ping [[:digit:]]+,ping-restart [[:digit:]]+,ifconfig [.[:digit:]]{7,15} [.[:digit:]]{7,15}'( \(status=[[:digit:]]+\))?$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]:( ([-_.@[:alnum:]]+/)?[.[:digit:]]{7,15}:[[:digit:]]{2,5})? (PUSH: Received control message|SENT CONTROL \[[-_.[:alnum:]]+\]): 'PUSH_REPLY(,redirect-gateway)?(,route [.[:digit:]]{7,15}( [.[:digit:]]{7,15})?)*(,route-gateway ([.[:digit:]]{7,15}|dhcp))?(,topology [[:alnum:]]+)?,ping [[:digit:]]+,ping-restart [[:digit:]]+,ifconfig [.[:digit:]]{7,15} [.[:digit:]]{7,15}(,socket-flags TCP_NODELAY)?'( \(status=[[:digit:]]+\))?$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]:( ([-_.@[:alnum:]]+/)?[.[:digit:]]{7,15}:[[:digit:]]{2,5})? (PUSH: Received control message|SENT CONTROL \[[-_.[:alnum:]]+\]): 'PUSH_REQUEST'( \(status=[[:digit:]]+\))?$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]:( ([-_.@[:alnum:]]+/)?[.[:digit:]]{7,15}:[[:digit:]]{2,5})? Connection reset, restarting \[[-[:digit:]]+\]$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]:( ([-_.@[:alnum:]]+/)?[.[:digit:]]{7,15}:[[:digit:]]{2,5})? Control Channel: TLSv1, cipher TLSv1/SSLv3 [[:alnum:]-]+, [[:digit:]]+ bit RSA$
More information about the Logcheck-commits
mailing list