Bug#438478: djbdns-installer should depend on libc6-dev
In a fresh etch debootstrap (with only locales package added to get rid of annoying LANG warnings..) I was unable to reproduce - simple install of djbdns-installer with both aptitude and apt-get indicate that libc6-dev will be installed. libc6-dev is a Recommends: in gcc package (this is where your Recommend came from). libc6-dev is a Depends: in build-essential package. daemontools-installer includes a Depends: on build-essential (this is where my Depend came from), so it seems as if you may already have the daemontools binary package installed? Since daemontools-installer depends on build-essential, it may be appropriate to go ahead and add 'Depends: build-essential' to djbdns-installer dependencies - this would have pulled in the needed packages in Meder's case. -- Kind Regards, Michael Shuler = [EMAIL PROTECTED]:/# aptitude install djbdns-installer Reading package lists... Done Building dependency tree... Done Reading extended state information Initializing package states... Done Reading task descriptions... Done Building tag database... Done The following NEW packages will be automatically installed: binutils build-essential bzip2 cpp cpp-4.1 daemontools-installer debhelper dpkg-dev fakeroot file g++ g++-4.1 gcc gcc-4.1 gettext gettext-base html2text intltool-debian libc6-dev libcompress-zlib-perl libmagic1 libmail-sendmail-perl libmudflap0 libmudflap0-dev libssp0 libstdc++6-4.1-dev linux-kernel-headers make patch perl perl-doc perl-modules po-debconf The following NEW packages will be installed: binutils build-essential bzip2 cpp cpp-4.1 daemontools-installer debhelper djbdns-installer dpkg-dev fakeroot file g++ g++-4.1 gcc gcc-4.1 gettext gettext-base html2text intltool-debian libc6-dev libcompress-zlib-perl libmagic1 libmail-sendmail-perl libmudflap0 libmudflap0-dev libssp0 libstdc++6-4.1-dev linux-kernel-headers make patch perl perl-doc perl-modules po-debconf 0 packages upgraded, 34 newly installed, 0 to remove and 0 not upgraded. Need to get 32.4MB of archives. After unpacking 107MB will be used. Do you want to continue? [Y/n/?] n Abort. [EMAIL PROTECTED]:/# apt-get install djbdns-installer Reading package lists... Done Building dependency tree... Done The following extra packages will be installed: binutils build-essential cpp cpp-4.1 daemontools-installer debhelper dpkg-dev fakeroot file g++ g++-4.1 gcc gcc-4.1 gettext gettext-base html2text intltool-debian libc6-dev libmagic1 libssp0 libstdc++6-4.1-dev linux-kernel-headers make patch perl perl-modules po-debconf Suggested packages: binutils-doc cpp-doc gcc-4.1-locales dh-make ucspi-tcp-src debian-keyring gcc-4.1-doc lib64stdc++6 manpages-dev autoconf automake1.9 libtool flex bison gdb gcc-doc libc6-dev-amd64 lib64gcc1 lib64ssp0 cvs gettext-doc glibc-doc libstdc++6-4.1-doc make-doc-non-dfsg diff-doc libterm-readline-gnu-perl libterm-readline-perl-perl Recommended packages: bzip2 libmudflap0-dev perl-doc libmail-sendmail-perl libcompress-zlib-perl The following NEW packages will be installed: binutils build-essential cpp cpp-4.1 daemontools-installer debhelper djbdns-installer dpkg-dev fakeroot file g++ g++-4.1 gcc gcc-4.1 gettext gettext-base html2text intltool-debian libc6-dev libmagic1 libssp0 libstdc++6-4.1-dev linux-kernel-headers make patch perl perl-modules po-debconf 0 upgraded, 28 newly installed, 0 to remove and 0 not upgraded. Need to get 24.3MB of archives. After unpacking 92.5MB of additional disk space will be used. Do you want to continue [Y/n]? n Abort. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#438478: djbdns-installer should depend on libc6-dev
tags 438478 patch thanks I think this Depends looks about right: Depends: patch, fakeroot | sudo, wget, debhelper, build-essential, daemontools-installer | daemontools Kind Regards, Michael Shuler --- control.orig 2003-11-19 19:16:20.0 + +++ control 2007-08-21 02:22:09.0 + @@ -7,7 +7,7 @@ Package: djbdns-installer Architecture: all -Depends: dpkg-dev (= 1.4.0.20), patch (= 2.5-0bo1), fakeroot | sudo, gcc, make, debhelper, daemontools-installer | daemontools, wget +Depends: patch, fakeroot | sudo, wget, debhelper, build-essential, daemontools-installer | daemontools Suggests: ucspi-tcp-src Description: Source only package for building djbdns The following were taken from various HTML pages under
Bug#433183: djbdns-installer: init.d script failed if installed in non-FHS fashion
I am curious if you manually removed the daemontools inittab entry in your configuration, in preference of using the init.d script. I ask this because, if daemontools is handling svscan, should the init.d script gracefully fail? ie: if grep svscanboot /etc/inittab; then echo Daemontools is currently handling services from inittab.. exit 1 else if [ -d /service ]; then SVCDIR=/service elif [ -d /var/lib/svscan ]; then SVCDIR=/var/lib/svscan else echo Couldn't find your service dir.. exit 1 fi case $1 in start) echo -n Starting djbdns: for i in `ls -d $SVCDIR/dnscache* ...`; do ... esac fi Would this work out ok in the init.d script, or should this be done differently? An added note, since the init.d script needs a little tlc - the usage note has a typo, as well (s/dnscache/djbdns/): *) echo 'Usage: /etc/init.d/dnscache {start|stop|restart}' exit 1 Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#434661: bind9: vulnerability with cryptographically weak transaction
Looks like this was done on July 25th, 2007 - bug should be closed: # [SECURITY] [DSA 1341-1] New bind9 packages fix DNS cache poisoning Moritz Muehlenhoff # [SECURITY] [DSA 1342-2] New bind9 packages fix DNS cache poisoning Moritz Muehlenhoff Thank you, Moritz. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#243323: extra file in package (djbdns-conf-fhs)
tags 243323 patch thanks djbdns-conf-fhs is the wrapper for the other *-conf utilities to set up the various djbdns services, however, I think a check on how it was called would not be a bad idea. $ ls -l *-conf-fhs lrwxrwxrwx 1 root root 15 Jul 9 13:08 axfrdns-conf-fhs - djbdns-conf-fhs -rwxr-xr-x 1 root root 289 Jul 9 11:42 djbdns-conf-fhs lrwxrwxrwx 1 root root 15 Jul 9 13:08 dnscache-conf-fhs - djbdns-conf-fhs lrwxrwxrwx 1 root root 15 Jul 9 13:08 pickdns-conf-fhs - djbdns-conf-fhs lrwxrwxrwx 1 root root 15 Jul 9 13:08 rbldns-conf-fhs - djbdns-conf-fhs lrwxrwxrwx 1 root root 15 Jul 9 13:08 tinydns-conf-fhs - djbdns-conf-fhs lrwxrwxrwx 1 root root 15 Jul 9 13:08 walldns-conf-fhs - djbdns-conf-fhs Kind Regards, Michael Shuler --- debian/djbdns-conf-fhs.orig 2003-11-18 22:39:05.0 -0600 +++ debian/djbdns-conf-fhs 2007-07-27 23:44:17.0 -0500 @@ -2,6 +2,13 @@ umask 022 +WRAPPER=`basename ${0}` +if [[ $WRAPPER = djbdns-conf-fhs ]]; then +echo $WRAPPER is the FHS wrapper for the djbdns *-conf utilities. +echo $WRAPPER is not intended to be run directly. +exit 1 +fi + fhslogdir () { NEWLOGDIR=`basename $2` mkdir -p /var/log/djbdns/${NEWLOGDIR}
Bug#432903: Please add native SRV type to tinydns-data / axfr-get
Package: djbdns-installer Version: 1.05-11 Severity: wishlist Tags: patch The attached patch adds native SRV record type to tinydns-data and axfr-get (patch credit goes to Michael Handler for the initial patch, and to Laurent G. Bercot for the updated patch for djbdns-1.05). Native SRV record data type is far more useful than the opaque SRV handling in the stock djbdns source. Kind Regards, Michael Shuler From: Michael Handler [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: tinydns-data SRV axfr-get SRV/PTR patches Date: Thu, 14 Sep 2000 20:37:50 -0400 Here's a combined patch that: a) adds a native SRV type to tinydns-data Sfqdn:ip:x:port:weight:priority:ttl:timestamp Standard rules for ip, x, ttl, and timestamp apply. Port, weight, and priority all range from 0-65535. Weight and priority are optional; they default to zero if not provided. Sconsole.zoinks.example.com:1.2.3.4:rack102-con1:2001:69:7:300: b) makes axfr-get decompose SRV and PTR records and write them out in native format, rather than opaque. Again, this is necessary because if the DNAME fields in the records reference the same zone as fqdn, they can have compression pointers that are bogus outside the context of that specific packet, and which can't be correctly loaded into data.cdb by tinydns-data. --michael Laurent G. Bercot [EMAIL PROTECTED] updated it for djbdns-1.05: diff -rNU3 djbdns-1.05/axfr-get.c djbdns-1.05-srv/axfr-get.c --- djbdns-1.05/axfr-get.c Sun Feb 11 22:11:45 2001 +++ djbdns-1.05-srv/axfr-get.c Thu Oct 18 14:46:56 2001 @@ -209,6 +209,26 @@ if (!stralloc_cats(line,.:)) return 0; if (!stralloc_catulong0(line,dist,0)) return 0; } + else if (byte_equal(data,2,DNS_T_SRV)) { +uint16 dist, weight, port; +if (!stralloc_copys(line,S)) return 0; +if (!dns_domain_todot_cat(line,d1)) return 0; +if (!stralloc_cats(line,::)) return 0; +pos = x_copy(buf,len,pos,data,2); +uint16_unpack_big(data,dist); +pos = x_copy(buf,len,pos,data,2); +uint16_unpack_big(data,weight); +pos = x_copy(buf,len,pos,data,2); +uint16_unpack_big(data,port); +x_getname(buf,len,pos,d1); +if (!dns_domain_todot_cat(line,d1)) return 0; +if (!stralloc_cats(line,.:)) return 0; +if (!stralloc_catulong0(line,dist,0)) return 0; +if (!stralloc_cats(line,:)) return 0; +if (!stralloc_catulong0(line,weight,0)) return 0; +if (!stralloc_cats(line,:)) return 0; +if (!stralloc_catulong0(line,port,0)) return 0; + } else if (byte_equal(data,2,DNS_T_A) (dlen == 4)) { char ipstr[IP4_FMT]; if (!stralloc_copys(line,+)) return 0; @@ -216,6 +236,14 @@ if (!stralloc_cats(line,:)) return 0; x_copy(buf,len,pos,data,4); if (!stralloc_catb(line,ipstr,ip4_fmt(ipstr,data))) return 0; + } + else if (byte_equal(data,2,DNS_T_PTR)) { +if (!stralloc_copys(line,^)) return 0; +if (!dns_domain_todot_cat(line,d1)) return 0; +if (!stralloc_cats(line,:)) return 0; +x_getname(buf,len,pos,d1); +if (!dns_domain_todot_cat(line,d1)) return 0; +if (!stralloc_cats(line,.)) return 0; } else { unsigned char ch; diff -rNU3 djbdns-1.05/dns.h djbdns-1.05-srv/dns.h --- djbdns-1.05/dns.h Sun Feb 11 22:11:45 2001 +++ djbdns-1.05-srv/dns.h Thu Oct 18 14:46:56 2001 @@ -20,6 +20,7 @@ #define DNS_T_SIG \0\30 #define DNS_T_KEY \0\31 #define DNS_T_ \0\34 +#define DNS_T_SRV \0\41 #define DNS_T_AXFR \0\374 #define DNS_T_ANY \0\377 diff -rNU3 djbdns-1.05/tinydns-data.c djbdns-1.05-srv/tinydns-data.c --- djbdns-1.05/tinydns-data.c Sun Feb 11 22:11:45 2001 +++ djbdns-1.05-srv/tinydns-data.c Thu Oct 18 14:50:53 2001 @@ -196,6 +196,7 @@ char type[2]; char soa[20]; char buf[4]; + char srv[6]; umask(022); @@ -360,6 +361,43 @@ rr_start(DNS_T_MX,ttl,ttd,loc); uint16_pack_big(buf,u); rr_add(buf,2); + rr_addname(d2); + rr_finish(d1); + + if (ip4_scan(f[1].s,ip)) { + rr_start(DNS_T_A,ttl,ttd,loc); + rr_add(ip,4); + rr_finish(d2); + } + break; + + case 'S': + if (!dns_domain_fromdot(d1,f[0].s,f[0].len)) nomem(); + if (!stralloc_0(f[6])) nomem(); + if (!scan_ulong(f[6].s,ttl)) ttl = TTL_POSITIVE; + ttdparse(f[7],ttd); + locparse(f[8],loc); + + if (!stralloc_0(f[1])) nomem(); + + if (byte_chr(f[2].s,f[2].len,'.') = f[2].len) { + if (!stralloc_cats(f[2],.srv.)) nomem(); + if (!stralloc_catb(f[2],f[0].s,f[0].len)) nomem(); + } + if (!dns_domain_fromdot(d2,f[2].s,f[2].len)) nomem(); + + if (!stralloc_0(f[4])) nomem(); + if (!scan_ulong(f[4].s,u)) u = 0; + uint16_pack_big(srv,u); + if (!stralloc_0(f[5])) nomem(); + if (!scan_ulong(f[5].s,u)) u = 0; + uint16_pack_big(srv + 2,u); + if (!stralloc_0(f[3])) nomem(); + if (!scan_ulong(f[3].s,u)) nomem(); + uint16_pack_big(srv + 4,u); + + rr_start(DNS_T_SRV,ttl,ttd,loc
Bug#432900: Please add one-second.patch for performance
Package: djbdns-installer Version: 1.05-11 Severity: wishlist Tags: patch Attached is a patch for improving the performance of djbdns under high load. This patch makes djbdns-1.05 cache its mmap() of the data.cdb file up to a maximum of one second, which substantially reduces the number of times that the database file needs to be mapped and unmapped (patch credit goes to Lennert Buytenhek). Kind Regards, Michael Shuler From [EMAIL PROTECTED] Sat Jul 23 15:19:58 2005 X-VM-v5-Data: ([nil nil nil nil nil nil nil nil nil] [1512 Tuesday 20 April 2004 13:06:49 +0200 Lennert Buytenhek [EMAIL PROTECTED] nil 61 patch to make djbdns 1.05 cache its mmap() of the data.cdb file ^From: nil nil 4 nil nil nil nil nil nil nil nil nil] nil) Return-Path: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] Received: (qmail 9047 invoked by alias); 23 Jul 2005 15:19:58 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 9044 invoked by uid 500); 23 Jul 2005 15:19:58 - Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dog; d=wantstofly.org; b=IWNClqptgImEp3WfkGIht8VKuoHgvQcYS2QB6tjfjVSIFs+iulN4Fg1yMtJiDL3D ; Message-ID: [EMAIL PROTECTED] X-Original-To: buytenh Delivered-To: [EMAIL PROTECTED] User-Agent: Mutt/1.4.1i X-Keywords: X-UID: 800 From: Lennert Buytenhek [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: patch to make djbdns 1.05 cache its mmap() of the data.cdb file Date: Tue, 20 Apr 2004 13:06:49 +0200 Hi, This patch makes djbdns 1.05 cache its mmap() of the data.cdb file up to a maximum of one second. Under high query load, this substantially reduces the number of times that the database file needs to be mapped and unmapped, and gives a two-digit percentage performance improvement under 100% system load (as discussed on the djbdns mailing list.) Could you stick a copy of the patch on www.tinydns.org please? I don't have anywhere to host it myself at this point, and I would like to see it on that page -- is that acceptable to you? thanks, Lennert diff -urN djbdns-1.05.orig/tdlookup.c djbdns-1.05/tdlookup.c --- djbdns-1.05.orig/tdlookup.c 2001-02-11 22:11:45.0 +0100 +++ djbdns-1.05/tdlookup.c 2004-04-18 13:56:13.0 +0200 @@ -280,15 +280,24 @@ int respond(char *q,char qtype[2],char ip[4]) { - int fd; + static struct tai cdb_valid = { 0 }; + static int fd = -1; + struct tai one_second; int r; char key[6]; tai_now(now); - fd = open_read(data.cdb); - if (fd == -1) return 0; - cdb_init(c,fd); - + if (tai_less(cdb_valid, now)) { +if (fd != -1) { + cdb_free(c); + close(fd); +} +fd = open_read(data.cdb); +if (fd == -1) return 0; +cdb_init(c,fd); +tai_uint(one_second, 1); +tai_add(cdb_valid, now, one_second); + } byte_zero(clientloc,2); key[0] = 0; key[1] = '%'; @@ -304,7 +313,5 @@ r = doit(q,qtype); - cdb_free(c); - close(fd); return r; } - End forwarded message -
Bug#432459: B.ROOT-SERVERS.NET IP address changed
Package: djbdns-installer Version: 1.05-11 Severity: normal According to the 2004-01-29 news posting: http://www.root-servers.org/news/new-ip-b.html The old address (128.9.0.107) will respond to DNS queries for a significant period of time, however, the file dnsroots.global should be updated for the new IP address: B.ROOT-SERVERS.NET. 360 A 192.228.79.201 A new dnsroots.diff is attached. Kind Regards, Michael Shuler --- dnsroots.global.orig 2001-02-11 21:11:45.0 + +++ dnsroots.global 2007-07-09 23:14:38.0 + @@ -1,5 +1,5 @@ 198.41.0.4 -128.9.0.107 +192.228.79.201 192.33.4.12 128.8.10.90 192.203.230.10 @@ -7,7 +7,7 @@ 192.112.36.4 128.63.2.53 192.36.148.17 -198.41.0.10 +192.58.128.30 193.0.14.129 198.32.64.12 202.12.27.33
Bug#274000: djbdns-installer: typo in description of tinydns
Tags: + patch patch attached --- debian/control.orig 2003-11-19 13:16:20.0 -0600 +++ debian/control 2007-07-09 21:29:25.0 -0500 @@ -19,7 +19,7 @@ save time later. . tinydns is a DNS server. It accepts iterative DNS queries from hosts - taround he Internet, and responds with locally configured information. + around the Internet, and responds with locally configured information. . pickdns is a load-balancing DNS server. It accepts iterative DNS queries from hosts around the Internet, and responds with a dynamic
Bug#432471: Truncation of alias chains by tinydns and axfrdns
Package: djbdns-installer Version: 1.05-11 Severity: normal Tags: patch From: http://homepages.tesco.net./~J.deBoynePollard/FGA/djbdns-problems.html#content-alias-chain-truncation According to the algorithm in RFC 1034 ยง 4.3.2, a content DNS server must search for a CNAME resource record for the domain name being queried, and if it finds one it must substitute the domain name from the data portion, add the resource record to the answer section of the response, and restart processing. tinydns and axfrdns do not do this. (plus more good info) In production authoritative name service for 400,000+ domains, we found the patch provided by Jonathan de Boyne Pollard at the above site corrected the CNAME authority issues with tinydns/axfrdns. A quick example of an erroneous response from an unpatched tinydns (djbdns-installer_1.05): $ dig kokopelli.pbandjelly.org @ns.rackspace.com ;kokopelli.pbandjelly.org. IN A kokopelli.pbandjelly.org. 86400 IN CNAME kokopelli.homeunix.org. pbandjelly.org. 86400 IN NS ns.rackspace.com. pbandjelly.org. 86400 IN NS ns2.rackspace.com. ;; Received 128 bytes from 69.20.95.4#53(69.20.95.4) in 12 ms A patched tinydns response as per the algorithm in RFC 1034: $ dig kokopelli.pbandjelly.org @ns.rackspace.com ;kokopelli.pbandjelly.org. IN A kokopelli.pbandjelly.org. 86400 IN CNAME kokopelli.homeunix.org. ;; Received 75 bytes from 69.20.95.4#53(69.20.95.4) in 13 ms And the resulting recursive resolver response (which picks up the proper authority from the external CNAME target): $ dig kokopelli.pbandjelly.org ;kokopelli.pbandjelly.org. IN A kokopelli.pbandjelly.org. 31057 IN CNAME kokopelli.homeunix.org. kokopelli.homeunix.org. 60 IN A 10.1.100.156 homeunix.org. 11192 IN NS ns3.dyndns.org. homeunix.org. 11192 IN NS ns4.dyndns.org. homeunix.org. 11192 IN NS ns5.dyndns.org. homeunix.org. 11192 IN NS ns1.dyndns.org. homeunix.org. 11192 IN NS ns2.dyndns.org. ;; Received 268 bytes from 64.39.2.170#53(64.39.2.170) in 21 ms Kind Regards, Michael Shuler --- djbdns-1.05-original/tdlookup.c Sun Feb 11 21:11:45 2001 +++ djbdns-1.05/tdlookup.c Thu Apr 3 11:56:47 2003 @@ -103,12 +103,13 @@ return response_addname(d1); } -static int doit(char *q,char qtype[2]) +static int doit1(char **pqname,char qtype[2]) { unsigned int bpos; unsigned int anpos; unsigned int aupos; unsigned int arpos; + char *q; char *control; char *wild; int flaggavesoa; @@ -122,6 +123,12 @@ int addrnum; uint32 addrttl; int i; + int loop = 0 ; + +RESTART: + if (loop++ = 100) return 0 ; + + q = *pqname ; anpos = response_len; @@ -136,7 +143,14 @@ if (byte_equal(type,2,DNS_T_NS)) flagns = 1; } if (flagns) break; -if (!*control) return 0; /* q is not within our bailiwick */ +if (!*control) { /* q is not within our bailiwick */ + if (loop = 1) +return 0 ; + else { +response[2] = ~4; +goto DONE; /* The administrator has issued contradictory instructions */ + } +} control += *control; control += 1; } @@ -172,8 +186,16 @@ continue; } if (!response_rstart(q,type,ttl)) return 0; - if (byte_equal(type,2,DNS_T_NS) || byte_equal(type,2,DNS_T_CNAME) || byte_equal(type,2,DNS_T_PTR)) { + if (byte_equal(type,2,DNS_T_NS) || byte_equal(type,2,DNS_T_PTR)) { + if (!doname()) return 0; + } + else if (byte_equal(type,2,DNS_T_CNAME)) { if (!doname()) return 0; +if (byte_diff(type,2,qtype)) { + response_rfinish(RESPONSE_ANSWER); + if (!dns_domain_copy(pqname,d1)) return 0 ; + goto RESTART ; + } } else if (byte_equal(type,2,DNS_T_MX)) { if (!dobytes(2)) return 0; @@ -275,9 +297,21 @@ } } +DONE: return 1; } +static int doit(char *qname,char qtype[2]) +{ + int r ; + char * q = 0 ; + + if (!dns_domain_copy(q, qname)) return 0 ; + r = doit1(q, qtype) ; + dns_domain_free(q) ; + return r ; +} + int respond(char *q,char qtype[2],char ip[4]) { int fd;
Bug#421662: libexo-0.3-0 missing dependency on liburi-perl
Package: libexo-0.3-0 Version: 0.3.1.12rc2-1 When selecting an email address from an xfce4-terminal session, I expected my preferred mail reader to open a compose window. Instead, I received an error window, Failed to execute default Mail Reader. Input/output error. In ~/.xsession-errors, I found: Can't locate URI/Escape.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.8.8 /usr/local/share/perl/5.8.8 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.8 /usr/share/perl/5.8 /usr/local/lib/site_perl .) at /usr/lib/libexo-0.3-0/exo-compose-mail-0.3 line 26. BEGIN failed--compilation aborted at /usr/lib/libexo-0.3-0/exo-compose-mail-0.3 line 26. A quick 'apt-get install install liburi-perl' solved this problem. Kind Regards, Michael Shuler Debian GNU/Linux 4.0 Etch, kernel 2.6.18.dfsg.1-12, libc6 2.3.6.ds1-13 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#418449: submission entry for ignore.d.server/postfix
Here is an example of the event entries that prompted me to edit my postfix ignore, after I enabled postfix to listen to the submission port (tcp/587): System Events =-=-=-=-=-=-= Mar 3 13:31:27 aesop postfix/anvil[16286]: statistics: max connection rate 1/60s for (submission:69.153.32.239) at Mar 3 13:27:40 Mar 3 13:31:27 aesop postfix/anvil[16286]: statistics: max connection count 1 for (submission:69.153.32.239) at Mar 3 13:27:40 Kind Regards, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#418449: submission entry for ignore.d.server/postfix
Package: logcheck Version: 1.2.54 When Postfix is configured to listen on port tcp/587 by uncommenting the submission line in the postfix master.cf, logcheck does not ignore the anvil statistics log entries - attached is a patch from the current SVN trunk. Index: rulefiles/linux/ignore.d.server/postfix === --- rulefiles/linux/ignore.d.server/postfix (revision 1531) +++ rulefiles/linux/ignore.d.server/postfix (working copy) @@ -79,7 +79,7 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/local\[[0-9]+\]: [[:upper:][:digit:]]+: to=[^[:space:]]+,( orig_to=[^[:space:]]+,)* relay=local, delay=[0-9]+, status=sent \(delivered to command: exec /usr/bin/procmail\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/local\[[0-9]+\]: table hash:[^[:space:]]+\([-,|_[:alnum:]]+\) has changed -- restarting$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policy-spf\[[0-9]+\]: : SPF pass: smtp_comment=.*: [.[:alnum:]]+ MX [.[:alnum:]]+ A [0-9a-f.:]+, header_comment=[.[:alnum:]+: domain of [%[:punct:][:alnum:[EMAIL PROTECTED]:alnum:]]+ designates [0-9a-f.:]{3,39} as permitted sender$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/anvil\[[0-9]+\]: statistics: max (message|recipient|connection) (count|rate) [/[:digit:]s]+ for \(([.:[:xdigit:]]+)?(smtp(s)?|25|587):[.:[:xdigit:]]+\) at \w{3} [ :0-9]{11}$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/anvil\[[0-9]+\]: statistics: max (message|recipient|connection) (count|rate) [/[:digit:]s]+ for \(([.:[:xdigit:]]+)?(smtp(s)?|25|submission|587):[.:[:xdigit:]]+\) at \w{3} [ :0-9]{11}$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/anvil\[[0-9]+\]: statistics: max cache size [[:digit:]]+ at \w{3} [ :0-9]{11}$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/scache\[[0-9]+\]: statistics: start interval \w{3} [ :0-9]{11}$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/scache\[[0-9]+\]: statistics: (domain|address) lookup hits=[0-9]+ miss=[0-9]+ success=[0-9]+%$