diff options
| -rw-r--r-- | logcheck/cracking.ignore.d/local | 3 | ||||
| -rwxr-xr-x | logcheck/mklocalfiles | 2 |
2 files changed, 4 insertions, 1 deletions
diff --git a/logcheck/cracking.ignore.d/local b/logcheck/cracking.ignore.d/local new file mode 100644 index 0000000..151108f --- /dev/null +++ b/logcheck/cracking.ignore.d/local @@ -0,0 +1,3 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: ([[:xdigit:]]+|NOQUEUE): ([^[:space:]]+=[^[:space:]]+, )*(from|helo|message-id|to)=<[^>]*(attack|nested)[^>]*>.*$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: warning: no MX host for [^[:space:]]*(attack|nested)[^[:space:]]* has a valid A record$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp+\[[0-9]+\]: connect to [^[:space:]]*(attack|nested)[^[:space:]]*:.*$ diff --git a/logcheck/mklocalfiles b/logcheck/mklocalfiles index eeb53eb..1ffa4e8 100755 --- a/logcheck/mklocalfiles +++ b/logcheck/mklocalfiles @@ -3,7 +3,7 @@ # Bad ass temp script to simply generate file "local" containing *all* # other files in it (until a proper cfengine script is written -for dir in ignore.d.server ignore.d.workstation violations.ignore.d; do +for dir in ignore.d.server ignore.d.workstation violations.ignore.d cracking.ignore.d; do echo regenerating $dir rm -f $dir/local # # Include server lines in workstation as well |