Hi,
We prefer if package maintainers take care of the rules themselves
and they are distributed with the package to which they apply.
So if you are willing to include the rule in sslh itself it would be
great, otherwise I would include it in logcheck-database.
I've adjusted the rule to be a bit more strict.
Greetings,
Hannes
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sslh\[[[:digit:]]+\]: connection from
(([0-9]|([1-9]|1[0-9]|2[0-4])[0-9]|25[0-5])\.){3}([0-9]|([1-9]|1[0-9]|2[0-4])[0-9]|25[0-5]):([0-9]|([1-9]|([1-9]|([1-9]|[1-5][0-9]|6[0-4])[0-9]|65[0-4])[0-9]|655[0-2])[0-9]|6553[0-5])
forwarded to (SSH|SSL)$
_______________________________________________
Logcheck-devel mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/logcheck-devel
