[Logcheck-commits] r1163 - in logcheck/trunk: debian rulefiles/linux/violations.ignore.d

madduck at users.alioth.debian.org madduck at users.alioth.debian.org
Tue Jul 11 11:21:19 UTC 2006 

Author: madduck
Date: 2006-07-11 11:21:18 +0000 (Tue, 11 Jul 2006)
New Revision: 1163

Modified:
   logcheck/trunk/debian/changelog
   logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-ssh
Log:
* violations.ignore.d/logcheck-ssh: ignoring "Connection reset by peer"
  messages.

Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog	2006-07-10 19:43:14 UTC (rev 1162)
+++ logcheck/trunk/debian/changelog	2006-07-11 11:21:18 UTC (rev 1163)
@@ -14,8 +14,12 @@
   [ maximilian attems ]
   * Updated de debconf translation.
 
- -- maximilian attems <maks at sternwelten.at>  Mon, 10 Jul 2006 21:39:05 +0200
+  [ martin f. krafft ]
+  * violations.ignore.d/logcheck-ssh: ignoring "Connection reset by peer"
+    messages.
 
+ -- martin f. krafft <madduck at debian.org>  Tue, 11 Jul 2006 13:20:54 +0200
+
 logcheck (1.2.46) unstable; urgency=low
 
   * ignore.d.server/ssh: fixed regression related to "Did not receive

Modified: logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-ssh
===================================================================
--- logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-ssh	2006-07-10 19:43:14 UTC (rev 1162)
+++ logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-ssh	2006-07-11 11:21:18 UTC (rev 1163)
@@ -3,7 +3,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: reverse mapping checking getaddrinfo for [._[:alnum:]-]+ failed - POSSIBLE BREAK-?IN ATTEMPT!$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Address [._[:alnum:]-]+ maps to [._[:alnum:]-]+, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Write failed: Broken pipe$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Write failed: Connection timed out$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Write failed: Connection (timed out|reset by peer)$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: warning: [-._[:alnum:]]+\[[.[:digit:]]+\]: SASL (LOGIN|PLAIN|(DIGEST|CRAM)-MD5|APOP) authentication failed$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: warning: SASL authentication failure: Password verification failed$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: PAM: User not known to the underlying authentication module for i(llegal|nvalid) user [-_.[:alnum:]]+ from ([:.[:xdigit:]]+|UNKNOWN)$

More information about the Logcheck-commits mailing list