[Logcheck-commits] Hannes von Haugwitz: i.d.s/bind: added rules for "notify" messages

Gerfried Fuchs alfie at alioth.debian.org
Thu Feb 25 19:20:28 UTC 2010


Module: logcheck
Branch: lenny-backports
Commit: 9ee3d4a81665e37e79dd91265073375876dca736
URL:    http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=9ee3d4a81665e37e79dd91265073375876dca736

Author: Hannes von Haugwitz <hannes at vonhaugwitz.com>
Date:   Sun Jan 31 20:24:24 2010 +0100

i.d.s/bind: added rules for "notify" messages

---

 debian/changelog                     |    7 +++++--
 rulefiles/linux/ignore.d.server/bind |    2 ++
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 29a5dc8..9a952e2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,9 @@
 logcheck (1.3.7) UNRELEASED; urgency=low
 
   [ Hannes von Haugwitz ]
+  * ignore.d.server/bind:
+    - added rules for "received notify for zone" and
+      "zone is up to date" message
   * Makefile: added an empty "all" make target,
     thanks to Paweł Hajdan, Jr. (closes: #567150)
   * ignore.d.server/ssh:
@@ -12,9 +15,9 @@ logcheck (1.3.7) UNRELEASED; urgency=low
   * ignore.d.server/dovecot:
     - added an optional prefix "dovecot: " to the deliver rule
     - added rule to ignore various sieve messages (stored mail, forwards,
-      vacation replies and discards) 
+      vacation replies and discards)
 
- -- Hanspeter Kunz <hkunz at ifi.uzh.ch>  Sat, 30 Jan 2010 18:07:12 +0100
+ -- Hannes von Haugwitz <hannes at vonhaugwitz.com>  Sun, 31 Jan 2010 20:13:27 +0100
 
 logcheck (1.3.6) unstable; urgency=low
 
diff --git a/rulefiles/linux/ignore.d.server/bind b/rulefiles/linux/ignore.d.server/bind
index 2cdc651..38e0c79 100644
--- a/rulefiles/linux/ignore.d.server/bind
+++ b/rulefiles/linux/ignore.d.server/bind
@@ -7,3 +7,5 @@
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ named\[[[:digit:]]+\]: ((network|host) (unreachable|down)|connection refused|unexpected RCODE \((FORMERR|SERVFAIL|NXDOMAIN|NOTIMP|REFUSED|YXDOMAIN|YXRRSET|NXRRSET|NOTAUTH|NOTZONE|BADVERS|<rcode [[:digit:]]+>|[[:digit:]]+)\)) resolving '[^[:space:]]+': [.:[:xdigit:]]+#[[:digit:]]+$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ named\[[[:digit:]]+\]: zone [._[:alnum:]-]+/IN(/[._[:alnum:]-]+)?: Transfer started.$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ named\[[[:digit:]]+\]: zone [._[:alnum:]-]+/IN: refresh: failure trying master [._[:alnum:]-]+#53: .*$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ named\[[[:digit:]]+\]: client [.:[:xdigit:]]+#[[:digit:]]+: received notify for zone '[-._[:alnum:]]+': TSIG '[-_[:alnum:]]+'$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ named\[[[:digit:]]+\]: zone [-._[:alnum:]]+/IN: notify from [.:[:xdigit:]]+#[[:digit:]]+: zone is up to date$




More information about the Logcheck-commits mailing list