diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2006-07-19 01:03:36 +0000 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2006-07-19 01:03:36 +0000 |
| commit | a3268b2cae7dc89cbfc3975b27efc7548d93eb43 (patch) | |
| tree | dc240b363769af7a3a911f84fab57c450dc45f1d | |
| parent | 55ca11e78573a8078b1985c5f1d53bbfa7a0330e (diff) | |
Fix broken postfix regex.
| -rw-r--r-- | logcheck/violations.ignore.d/local | 2 | ||||
| -rw-r--r-- | logcheck/violations.ignore.d/postfix | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/logcheck/violations.ignore.d/local b/logcheck/violations.ignore.d/local index 8200ebb..c5dcb1a 100644 --- a/logcheck/violations.ignore.d/local +++ b/logcheck/violations.ignore.d/local @@ -47,7 +47,7 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/qmgr\[[0-9]+\]: [[:xdigit:]]+: (to|relay|delay)=([^[:space:]]+, )status=deferred \(delivery temporarily suspended: host [^[:space:]]+\[[\.0-9]+\] refused to talk to me: .*$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:xdigit:]]+: host [^[:space:]]+\[[\.0-9]+\] refused to talk to me: .*$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: [^[:space:]]+=[^[:space:]]+, )*(from|helo|message\-id|to)=<[^>]*(attack|BAD|debug|denied|deny|error|expn|refused)[^>]*>.*$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: ([^[:space:]]+=[^[:space:]]+, )*(from|helo|message\-id|to)=<[^>]*(attack|BAD|debug|denied|deny|error|expn|refused)[^>]*>.*$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: warning: no MX host for [^[:space:]]*(attack|BAD|debug|denied|deny|error|expn|refused)[^[:space:]]* has a valid A record$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [^[:space:]]+ \([^[:space:]\[]+\[[\.0-9]+\]\) - USER anonymous \(Login failed\): Can't find user\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ smbd\[[0-9]+\]: read(_socket)?_data: (read|recv) failure for [[:digit:]]+\. Error = (No route to host|Connection (reset by peer|timed out)) ?$ diff --git a/logcheck/violations.ignore.d/postfix b/logcheck/violations.ignore.d/postfix index 2620645..3dcae98 100644 --- a/logcheck/violations.ignore.d/postfix +++ b/logcheck/violations.ignore.d/postfix @@ -17,5 +17,5 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:xdigit:]]+: host [^[:space:]]+\[[\.0-9]+\] refused to talk to me: .*$ # Suspiciously worded hostname or email address is not a security thread -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: [^[:space:]]+=[^[:space:]]+, )*(from|helo|message\-id|to)=<[^>]*(attack|BAD|debug|denied|deny|error|expn|refused)[^>]*>.*$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: ([^[:space:]]+=[^[:space:]]+, )*(from|helo|message\-id|to)=<[^>]*(attack|BAD|debug|denied|deny|error|expn|refused)[^>]*>.*$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: warning: no MX host for [^[:space:]]*(attack|BAD|debug|denied|deny|error|expn|refused)[^[:space:]]* has a valid A record$ |