[Logcheck-commits] r1132 - in logcheck/trunk: debian
rulefiles/linux/ignore.d.server
madduck at users.alioth.debian.org
madduck at users.alioth.debian.org
Sat Jul 8 10:36:17 UTC 2006
Author: madduck
Date: 2006-07-08 10:36:17 +0000 (Sat, 08 Jul 2006)
New Revision: 1132
Modified:
logcheck/trunk/debian/changelog
logcheck/trunk/rulefiles/linux/ignore.d.server/pdns
Log:
* ignore.d.server/pdns: ignoring warnings about overly large packets, or
packates otherwise of the wrong size.
Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog 2006-07-08 10:20:46 UTC (rev 1131)
+++ logcheck/trunk/debian/changelog 2006-07-08 10:36:17 UTC (rev 1132)
@@ -5,8 +5,10 @@
* ignore.d.server/ssh, violations.ignore.d/logcheck-ssh: extended the regexp
matching usernames to anything non-whitespace in filters about nonexistent
users -- today someone tried to log in as '!@#$%^&*()_+' here!
+ * ignore.d.server/pdns: ignoring warnings about overly large packets, or
+ packates otherwise of the wrong size.
- -- martin f. krafft <madduck at debian.org> Sat, 8 Jul 2006 11:24:43 +0200
+ -- martin f. krafft <madduck at debian.org> Sat, 8 Jul 2006 12:36:01 +0200
logcheck (1.2.45) unstable; urgency=low
Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/pdns
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/pdns 2006-07-08 10:20:46 UTC (rev 1131)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/pdns 2006-07-08 10:36:17 UTC (rev 1132)
@@ -1,5 +1,6 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pdns\[[0-9]+\]: On retrieving question of packet from [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}, encountered error: Label claims to be longer than packet$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pdns\[[0-9]+\]: Ignoring packet: too short from [.0-9]{7,15}$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pdns\[[0-9]+\]: Ignoring packet: question too short from [.0-9]{7,15}, offset [[:digit:]]+>=[[:digit:]]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pdns\[[0-9]+\]: Ignoring packet: question too short from [.0-9]{7,15}, [0-9]+>=[0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pdns\[[0-9]+\]: Error sending reply with sendto \(socket=[0-9]\): Invalid argument$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pdns\[[0-9]+\]: Received packet from recursor backend with id [0-9] which is a duplicate$
@@ -23,6 +24,7 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: Removed from notification list: '[-_.[:alnum:]]+' to [.[:digit:]]{7,15}( \(was acknowledged\))?$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: Notification request for domain '[-_.[:alnum:]]+' received from operator$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: Recursive query for remote [.[:digit:]]{7,15} with internal id [[:digit:]]+ was not answered by backend within timeout, reusing id$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: Received an overly large question from [.[:digit:]]{7,15}, dropping$
# pgsql
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: gpgsql Connection succesful$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: AXFR of domain '[-_.[:alnum:]]+' initiated by [.[:digit:]]{7,15}$
More information about the Logcheck-commits
mailing list