diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2005-12-12 00:55:18 +0000 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2005-12-12 00:55:18 +0000 |
| commit | 4c4497c0be794cc6b8d8b33a60e5fad949a5432f (patch) | |
| tree | 99280a802fc908cad392f11bec56d71db0af36e5 /logcheck/ignore.d.server | |
| parent | 508d1edafc174914892b1d81504129f27ed9b35d (diff) | |
Move postfix smtp refusals to violations.
Diffstat (limited to 'logcheck/ignore.d.server')
| -rw-r--r-- | logcheck/ignore.d.server/local | 19 | ||||
| -rw-r--r-- | logcheck/ignore.d.server/postfix | 6 |
2 files changed, 14 insertions, 11 deletions
diff --git a/logcheck/ignore.d.server/local b/logcheck/ignore.d.server/local index c1410ad..9abe2ab 100644 --- a/logcheck/ignore.d.server/local +++ b/logcheck/ignore.d.server/local @@ -64,6 +64,13 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhclient(-2.2.x)?: DHCP(ACK|OFFER) from [\.0-9]+$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhclient(-2.2.x)?: bound to [\.0-9]+ -- renewal in [0-9]+ seconds\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhclient(-2.2.x)?: irda0: unknown hardware address type 783$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: Abandoning IP address [\.0-9]+: (declined\.|pinged before offer) ?$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: BOOT(DISCOVER|REQUEST) from [0-9a-f:]+ via eth[0-9]+ (\(non-rfc1048)\) ?$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: BOOTREPLY for [\.0-9]+ to [^[:space:]]+ \([0-9a-f:]+\) via eth[0-9]+ ?$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: DHCP(ACK|NAK|OFFER) on [\.0-9]+ to [0-9a-f:]+ via eth[0-9]+ ?$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: DHCP(DECLINE on|RELEASE of|REQUEST for) [\.0-9]+ from [0-9a-f:]+( \([^[:space:]]+\))? via eth[0-9]+ \((not )?found\) ?$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: DHCPINFORM from [\.0-9]+ ?$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: DHCPREQUEST for [\.0-9]+ from [0-9a-f:]+( \([^[:space:]]+\))? via eth[0-9]+: wrong network\. ?$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: Abandoning IP address [\.0-9]+: pinged before offer ?$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: BOOTREQUEST from [0-9a-f:]+ ?$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: DHCP(ACK|NAK|OFFER) on [\.0-9]+ to [0-9a-f:]+( \([^\)]+\))? via eth[0-9]+ ?$ @@ -76,13 +83,6 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: Wrote [0-9]+ (leases|deleted host decls|new dynamic host decls) to leases file\. ?$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: accepting packet with data after udp payload. ?$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: ip length 576 disagrees with bytes received 590. ?$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: Abandoning IP address [\.0-9]+: (declined\.|pinged before offer) ?$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: BOOT(DISCOVER|REQUEST) from [0-9a-f:]+ via eth[0-9]+ (\(non-rfc1048)\) ?$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: BOOTREPLY for [\.0-9]+ to [^[:space:]]+ \([0-9a-f:]+\) via eth[0-9]+ ?$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: DHCP(ACK|NAK|OFFER) on [\.0-9]+ to [0-9a-f:]+ via eth[0-9]+ ?$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: DHCP(DECLINE on|RELEASE of|REQUEST for) [\.0-9]+ from [0-9a-f:]+( \([^[:space:]]+\))? via eth[0-9]+ \((not )?found\) ?$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: DHCPINFORM from [\.0-9]+ ?$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd-2.2.x: DHCPREQUEST for [\.0-9]+ from [0-9a-f:]+( \([^[:space:]]+\))? via eth[0-9]+: wrong network\. ?$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ gdm\[[0-9]+\]: run_pictures: Directory [^[:space:]] does not exist\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ gdm\[[0-9]+\]: Pingning af.* mislykkedes, deaktiver terminal! ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ gdm\[[0-9]+\]: \(child [0-9]+\) gdm_slave_xioerror_handler: Fatal X-fejl - genstarter [0-9:\.]*$ @@ -182,8 +182,9 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: Peer certi?ficate could not be verified$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: SSL_connect error to [^[:space:]]+: -1 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [A-Z0-9]+: enabling PIX <CRLF>\.<CRLF> workaround for [^[:space:]]+\[[\.0-9]+\]$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [^[:space:]]+ status=deferred \(connect to [^[:space:]]+\[[\.0-9]+\]: (Connection refused|server refused mail service)\)$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: (Connection (refused|reset by peer|timed out)|read timeout|server (refused mail service|dropped connection|refused to talk to me: .*)|No route to host) \(port 25\)$ + +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: (Connection (reset by peer|timed out)|read timeout|server dropped connection|No route to host) +\(port 25\)$ + ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: warning: bad size limit "truncates" in EHLO reply from [^[:space:]]+$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: warning: host [^[:space:]]+\[[\.0-9]+\] (greeted me|replied to HELO/EHLO) with my own hostname [^[:space:]]+$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: warning: no MX host for [^[:space:]]+ has a valid A record$ diff --git a/logcheck/ignore.d.server/postfix b/logcheck/ignore.d.server/postfix index 8c12809..bca6b88 100644 --- a/logcheck/ignore.d.server/postfix +++ b/logcheck/ignore.d.server/postfix @@ -9,8 +9,10 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: Peer certi?ficate could not be verified$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: SSL_connect error to [^[:space:]]+: -1 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [A-Z0-9]+: enabling PIX <CRLF>\.<CRLF> workaround for [^[:space:]]+\[[\.0-9]+\]$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [^[:space:]]+ status=deferred \(connect to [^[:space:]]+\[[\.0-9]+\]: (Connection refused|server refused mail service)\)$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: (Connection (refused|reset by peer|timed out)|read timeout|server (refused mail service|dropped connection|refused to talk to me: .*)|No route to host) \(port 25\)$ + +# Ignore common errors on remote hosts (refusals are in violations.ignore.d) +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: (Connection (reset by peer|timed out)|read timeout|server dropped connection|No route to host) +\(port 25\)$ + #^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: verify error:num=10:certificate has expired$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: warning: bad size limit "truncates" in EHLO reply from [^[:space:]]+$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: warning: host [^[:space:]]+\[[\.0-9]+\] (greeted me|replied to HELO/EHLO) with my own hostname [^[:space:]]+$ |