Bug#397580: Ignore rule in server profile for kernel related to BANDWITH IN/OUT

Sasa Bajic Wed, 08 Nov 2006 02:42:42 -0800

Package: logcheck-database
Version: 1.2.39
 
I am trying, but cann't make working ignore rule in ignore.d.server/kernel
location so it could discard unneeded data. Following content I am getting
from logcheck and I would like to force logcheck to ignore it all.
 
System Events
=-=-=-=-=-=-=
Nov  8 10:44:06 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=88 TOS=0x00 PREC=0x00 TTL=64
ID=45204 DF PROTO=TCP SPT=10000 DPT=2268 WINDOW=6792 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:06 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=455 TOS=0x00 PREC=0x00 TTL=64
ID=45205 DF PROTO=TCP SPT=10000 DPT=2268 WINDOW=6792 RES=0x00 ACK PSH FIN
URGP=0
Nov  8 10:44:06 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20817 DF PROTO=TCP
SPT=2268 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0
Nov  8 10:44:06 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20818 DF PROTO=TCP
SPT=2268 DPT=10000 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Nov  8 10:44:06 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0
DF PROTO=TCP SPT=10000 DPT=2268 WINDOW=6792 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=20819 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 SYN URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=48 TOS=0x00 PREC=0x00 TTL=64 ID=0
DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=5840 RES=0x00 ACK SYN URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20821 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=142 TOS=0x00 PREC=0x00 TTL=127 ID=20822 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=40 TOS=0x00 PREC=0x00 TTL=64
ID=9378 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=5840 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=846 TOS=0x00 PREC=0x00 TTL=64
ID=9379 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=5840 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=180 TOS=0x00 PREC=0x00 TTL=127 ID=20824 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=64729 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=107 TOS=0x00 PREC=0x00 TTL=64
ID=9380 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=5840 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=596 TOS=0x00 PREC=0x00 TTL=127 ID=20826 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=64662 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=40 TOS=0x00 PREC=0x00 TTL=64
ID=9381 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=92 TOS=0x00 PREC=0x00 TTL=64
ID=9382 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20829 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=64610 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=988 TOS=0x00 PREC=0x00 TTL=64
ID=9383 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64
ID=9384 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20831 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=343 TOS=0x00 PREC=0x00 TTL=64
ID=9385 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64
ID=9386 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20833 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=386 TOS=0x00 PREC=0x00 TTL=64
ID=9387 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64
ID=9388 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20835 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=240 TOS=0x00 PREC=0x00 TTL=64
ID=9389 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64
ID=9390 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20837 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=461 TOS=0x00 PREC=0x00 TTL=64
ID=9391 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64
ID=9392 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20839 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=350 TOS=0x00 PREC=0x00 TTL=64
ID=9393 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64
ID=9394 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20841 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=195 TOS=0x00 PREC=0x00 TTL=64
ID=9395 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=1500 TOS=0x00 PREC=0x00 TTL=64
ID=9396 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20843 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=65535 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=430 TOS=0x00 PREC=0x00 TTL=64
ID=9397 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=1029 TOS=0x00 PREC=0x00 TTL=64
ID=9398 DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK PSH FIN
URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20845 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=64156 RES=0x00 ACK URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20846 DF PROTO=TCP
SPT=2269 DPT=10000 WINDOW=64156 RES=0x00 ACK FIN URGP=0
Nov  8 10:44:09 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0
DF PROTO=TCP SPT=10000 DPT=2269 WINDOW=6672 RES=0x00 ACK URGP=0
Nov  8 10:44:11 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:50:bf:13:6a:8a:08:00 SRC=10.136.3.1
DST=255.255.255.255 LEN=77 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP
SPT=5678 DPT=5678 LEN=57
Nov  8 10:44:13 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=20915 DF PROTO=TCP
SPT=2283 DPT=110 WINDOW=65535 RES=0x00 SYN URGP=0
Nov  8 10:44:13 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=48 TOS=0x00 PREC=0x00 TTL=64 ID=0
DF PROTO=TCP SPT=110 DPT=2283 WINDOW=5840 RES=0x00 ACK SYN URGP=0
Nov  8 10:44:13 jupiter kernel: BANDWIDTH_IN:IN=eth0 OUT=
MAC=00:50:8b:ec:95:34:00:50:bf:13:6a:8a:08:00 SRC=192.168.50.11
DST=212.200.101.26 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20916 DF PROTO=TCP
SPT=2283 DPT=110 WINDOW=65535 RES=0x00 ACK URGP=0
Nov  8 10:44:13 jupiter kernel: BANDWIDTH_OUT:IN= OUT=eth0
SRC=212.200.101.26 DST=192.168.50.11 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=29581 DF PROTO=TCP SPT=110 DPT=2283 WINDOW=5840 RES=0x00 ACK PSH URGP=0




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#397580: Ignore rule in server profile for kernel related to BANDWITH IN/OUT

Reply via email to