diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2003-01-02 01:33:40 +0000 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2003-01-02 01:33:40 +0000 |
| commit | 79d4dad44f8c89ec243a86f96e7680e2e6d87ef3 (patch) | |
| tree | 743ffdf900c4342c84d9b5ad5f9e2072eed9a5d9 /logcheck/ignore.d.workstation | |
| parent | 11d6898e4a07016364d6d289426a415acdbb1c4f (diff) | |
Misc updates to postfix and samba loglines.
Diffstat (limited to 'logcheck/ignore.d.workstation')
| -rw-r--r-- | logcheck/ignore.d.workstation/local | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/logcheck/ignore.d.workstation/local b/logcheck/ignore.d.workstation/local index 8e4e3d8..48abfc3 100644 --- a/logcheck/ignore.d.workstation/local +++ b/logcheck/ignore.d.workstation/local @@ -214,12 +214,13 @@ postfix/postfix-script: refreshing the Postfix mail system$ postfix/smtp\[[0-9]+\]: [A-Z0-9]+: enabling PIX <CRLF>\.<CRLF> workaround for [^[:space:]]+\[[\.0-9]+\]$ postfix/smtp\[[0-9]+\]: [^[:space:]]+ status=deferred \(connect to [^[:space:]]+: (Connection refused|server refused mail service)\)$ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+: (Connection (refused|reset by peer|timed out)|read timeout|server (refused mail service|dropped connection)|No route to host) \(port 25\)$ -postfix/smtp\[[0-9]+\]: fingerprint=[0-9A-F:]+$ postfix/smtp\[[0-9]+\]: warning: bad size limit "truncates" in EHLO reply from [^[:space:]]+$ postfix/smtp\[[0-9]+\]: warning: host [^[:space:]]+\[[\.0-9]+\] (greeted me|replied to HELO/EHLO) with my own hostname [^[:space:]]+$ postfix/smtp\[[0-9]+\]: warning: no MX host for [^[:space:]]+ has a valid A record$ postfix/smtpd?\[[0-9]+\]: TLS connection established (from|to) [^[:space:]]+: TLSv1 with cipher [^[:space:]]+ \([0-9/]+ bits\)$ postfix/smtpd?\[[0-9]+\]: Verified: subject_CN=[^,]+, issuer=[^,]+$ +postfix/smtpd?\[[0-9]+\]: fingerprint=[0-9A-F:]+$ +postfix/smtpd?\[[0-9]+\]: setting up TLS connection from [^[:space:]]+\[[\.0-9]+\]$ postfix/smtpd?\[[0-9]+\]: warning: (numeric|malformed) domain name in resource data of MX record for [^[:space:]]+: [^[:space:]]*$ postfix/smtpd?\[[0-9]+\]: warning: valid_hostname: (empty hostname|invalid character [0-9]+\(decimal\): [^[:space:]]+)$ postfix/smtpd\[[0-9]+\]: (lost connection|timeout) after [^ ]+ from [^[:space:]]+\[[\.0-9]+\]$ @@ -340,11 +341,12 @@ portsentry\[[0-9]+\]: attackalert: .* pumpd\[[0-9]+\]: SO_BINDTODEVICE eth0 \(4\) failed: Invalid argument ## samba smbd\[[0-9]+\]: process_local_message: unknown UDP message command code \(2de1\) - ignoring. $ -smbd\[[0-9]+\]: read(_socket)?_data: recv failure for 4. Error = (No route to host|Connection reset by peer) $ +smbd\[[0-9]+\]: read(_socket)?_data: (read|recv) failure for 4. Error = (No route to host|Connection reset by peer) $ smbd\[[0-9]+\]: smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User [[:alnum:]]+ ! $ smbd\[[0-9]+\]: yield_connection: tdb_delete for name failed with error Record does not exist\. $ smbd\[[0-9]+\]: \[[0-9/]+ [0-9:]+, [0-9]+\] (lib/util_sock.c:read_data|passdb/pampass.c:smb_pam_passcheck|smbd/(connection.c:yield_connection|oplock.c:process_local_message|service.c:find_service))\([0-9]+\) $ -sshd\[[0-9]+\]: Failed password for [[:alnum:]]+ $ +## ssh +sshd\[[0-9]+\]: Failed password for [[:alnum:]]+ from [0-9\.]+ port [0-9]+ ssh2$ sshd\[[0-9]+\]: packet_set_maxsize: setting to 4096 $ ## postfix postfix.*\[[0-9]+\]: .* from=<groove@mailomat.grooveattack.com> |