[Logcheck-devel] Bug#637916: logcheck-database: Tweak to dovecot rules to match IPv6 addresses

[Gerald Turner]

Subject: logcheck-database: Tweak to dovecot rules to match IPv6 addresses
Package: logcheck-database
Version: 1.3.13
Severity: minor

*** Please type your report below this line ***
There is a rule in /etc/logcheck/ignore.d.server/dovecot that almost
works for IPv6 addresses but it uses [:digit:] instead of [:xdigit:]:

  ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: managesieve-login: Login: 
user=<[._[:alnum:]-]+>, method=[[:alnum:]-]+, rip=[.:[:digit:]]+, 
lip=[.:[:digit:]]+, (TLS( handshake)?|secured)$

Fixed with:

  ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: managesieve-login: Login: 
user=<[._[:alnum:]-]+>, method=[[:alnum:]-]+, rip=[.:[:xdigit:]]+, 
lip=[.:[:xdigit:]]+, (TLS( handshake)?|secured)$

-- System Information:
Debian Release: 6.0.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-xen-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash

-- Configuration Files:

-- no debconf information

-- 
Gerald Turner   Email: gtur...@unzane.com   JID: gtur...@unzane.com
GPG: 0xFA8CD6D5  21D9 B2E8 7FE7 F19E 5F7D  4D0C 3FA0 810F FA8C D6D5

--- dovecot.orig	2011-08-15 11:51:48.775348529 -0700
+++ dovecot	2011-08-15 11:52:06.707075441 -0700
@@ -22,5 +22,5 @@
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: auth\([[:alnum:]]+\): client in: CONT<hidden>
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: auth\([[:alnum:]]+\): client out: CONT[[:space:]]+[[:digit:]]+[[:space:]]+[[:alnum:]]+$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: ssl-build-param: SSL parameters regeneration completed$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: managesieve-login: Login: user=<[._[:alnum:]-]+>, method=[[:alnum:]-]+, rip=[.:[:digit:]]+, lip=[.:[:digit:]]+, (TLS( handshake)?|secured)$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: managesieve-login: Login: user=<[._[:alnum:]-]+>, method=[[:alnum:]-]+, rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+, (TLS( handshake)?|secured)$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: MANAGESIEVE\([._[:alnum:]-]+\): Connection closed( bytes=[[:digit:]]+/[[:digit:]]+)?$

pgpwhlXa7z15f.pgp
Description: PGP signature

_______________________________________________
Logcheck-devel mailing list
Logcheck-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/logcheck-devel