From 2bb63b0b81fb7aec533eaf645591426662e17124 Mon Sep 17 00:00:00 2001
From: Jonas Smedegaard <dr@jones.dk>
Date: Sun, 22 Feb 2004 10:23:41 +0000
Subject: Tighten all rules to strict left side, based on su rules.

---
 logcheck/ignore.d.server/ssh | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

(limited to 'logcheck/ignore.d.server/ssh')

diff --git a/logcheck/ignore.d.server/ssh b/logcheck/ignore.d.server/ssh
index f8a7e6c..d64d593 100644
--- a/logcheck/ignore.d.server/ssh
+++ b/logcheck/ignore.d.server/ssh
@@ -1,11 +1,11 @@
-sshd\[[0-9]+\]: syslogin_perform_logout: logout\(\) returned an error$
-sshd\[[0-9]+\]: Could not reverse map address .*\.
-sshd\[[0-9]+\]: Connection closed by .*
-sshd\[[0-9]+\]: Did not receive ident(ification)? string from [\.0-9]+$
-sshd\[[0-9]+\]: scanned from [\.0-9]+ with SSH-1\.0-SSH_Version_Mapper\.  Don't panic\.$
-sshd\[[0-9]+\]: Disconnecting: Your ssh version is too old and is no longer supported\.  Please install a newer version\.$
-sshd\[[0-9]+\]: Accepted (keyboard-interactive|password|publickey) for [[:alnum:]]+ from [\.0-9]+ port [0-9]+( ssh2)?$
-sshd\[[0-9]+\]: warning: /etc/hosts.deny, line 15: can't verify hostname: gethostbyname(.*) failed
-sshd\[[0-9]+\]: refused connect from .*
-sshd\[[0-9]+\]: Received disconnect from [\.0-9]+: 11: Disconnect requested by Windows SSH Client.$
-sshd\[[0-9]+\]: subsystem request for sftp$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: syslogin_perform_logout: logout\(\) returned an error$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Could not reverse map address .*\.
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Connection closed by .*
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Did not receive ident(ification)? string from [\.0-9]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: scanned from [\.0-9]+ with SSH-1\.0-SSH_Version_Mapper\.  Don't panic\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Disconnecting: Your ssh version is too old and is no longer supported\.  Please install a newer version\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Accepted (keyboard-interactive|password|publickey) for [[:alnum:]]+ from [\.0-9]+ port [0-9]+( ssh2)?$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: warning: /etc/hosts.deny, line 15: can't verify hostname: gethostbyname(.*) failed
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: refused connect from .*
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Received disconnect from [\.0-9]+: 11: Disconnect requested by Windows SSH Client.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: subsystem request for sftp$
-- 
cgit v1.2.3