Author: zbyniu Date: Sat Jun 18 11:23:48 2011 GMT
Module: packages Tag: HEAD
---- Log message:
- updated for 1.1
---- Files affected:
packages/logfmon:
logfmon-conf.patch (1.1 -> 1.2)
---- Diffs:
================================================================
Index: packages/logfmon/logfmon-conf.patch
diff -u packages/logfmon/logfmon-conf.patch:1.1
packages/logfmon/logfmon-conf.patch:1.2
--- packages/logfmon/logfmon-conf.patch:1.1 Thu Dec 9 20:33:18 2004
+++ packages/logfmon/logfmon-conf.patch Sat Jun 18 13:23:42 2011
@@ -1,7 +1,9 @@
---- logfmon.conf 2004-11-28 16:07:35.000000000 +0100
-+++ logfmon.conf 2004-12-09 00:36:37.431601656 +0100
-@@ -1,10 +1,10 @@
+--- examples/logfmon-openbsd.conf 2004-11-28 16:07:35.000000000 +0100
++++ examples/logfmon-openbsd.conf 2004-12-09 00:36:37.431601656 +0100
+@@ -1,12 +1,12 @@
set mailtime 1m
+
+ # Mail command. This may be /bin/mail on some systems.
-set mailcmd "/usr/bin/mail -s \"`hostname` `date` log report\" root"
+set mailcmd "/bin/mail -s \"`hostname` `date` log report\" root"
@@ -13,30 +15,3 @@
match in * "last message repeated [0-9] times" ignore
-@@ -45,18 +45,18 @@
- # sshd context rules
- # messages that match contexts fall through to following rules.
- #match in auth "sshd\\[\\([0-9]*\\)\\]: Invalid user .* from [0-9.]*" open
"sshd-$1" expire 2m
--match in auth "sshd\\[\\([0-9]*\\)\\]: input_userauth_request: invalid user
.*" open "sshd-$1" expire 2m pipe "/usr/bin/mail -s \"`date` ssh attempt
(expired)\" root"
--match in auth "sshd\\[\\([0-9]*\\)\\]: .*" append "sshd-$1"
--match in auth "sshd\\[\\([0-9]*\\)\\]: Received disconnect from .*" close
"sshd-$1" pipe "/usr/bin/mail -s \"`date` ssh attempt\" root"
-+#match in auth "sshd\\[\\([0-9]*\\)\\]: input_userauth_request: invalid user
.*" open "sshd-$1" expire 2m pipe "/usr/bin/mail -s \"`date` ssh attempt
(expired)\" root"
-+#match in auth "sshd\\[\\([0-9]*\\)\\]: .*" append "sshd-$1"
-+#match in auth "sshd\\[\\([0-9]*\\)\\]: Received disconnect from .*" close
"sshd-$1" pipe "/usr/bin/mail -s \"`date` ssh attempt\" root"
-
- # normal sshd rules
--match in auth "sshd\\[[0-9]*\\]: Connection closed by 10.0.0.[1-9]" ignore
--match in auth "sshd\\[[0-9]*\\]: Accepted publickey for root from
10.0.0.[1-9] port [0-9]* ssh2" ignore
--match in auth "sshd\\[[0-9]*\\]: Accepted publickey for nicholas from
10.0.0.[1-9] port [0-9]* ssh2" ignore
--match in auth "sshd\\[[0-9]*\\]: Root login accepted for forced command."
ignore
-+#match in auth "sshd\\[[0-9]*\\]: Connection closed by 10.0.0.[1-9]" ignore
-+#match in auth "sshd\\[[0-9]*\\]: Accepted publickey for root from
10.0.0.[1-9] port [0-9]* ssh2" ignore
-+#match in auth "sshd\\[[0-9]*\\]: Accepted publickey for nicholas from
10.0.0.[1-9] port [0-9]* ssh2" ignore
-+#match in auth "sshd\\[[0-9]*\\]: Root login accepted for forced command."
ignore
-
- #match in auth "sshd\\[[0-9]*\\]: Failed password for invalid user .* from
\\([0-9.]*\\) port [0-9]* ssh[12]" exec "grep $1 /etc/pf.ignore || (echo $1 >>
/etc/pf.ignore; pfctl -t ignore -T add $1; pfctl -k $1)"
--match in auth "sshd\\[[0-9]*\\]: Invalid user .* from \\([0-9.]*\\)" exec
"grep $1 /etc/pf.ignore || (echo $1 >> /etc/pf.ignore; pfctl -t ignore -T add
$1; pfctl -k $1)"
-+#match in auth "sshd\\[[0-9]*\\]: Invalid user .* from \\([0-9.]*\\)" exec
"grep $1 /etc/pf.ignore || (echo $1 >> /etc/pf.ignore; pfctl -t ignore -T add
$1; pfctl -k $1)"
-
- # fetchmail
- match in mail "fetchmail\\[[0-9]*\\]: .*" ignore
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/logfmon/logfmon-conf.patch?r1=1.1&r2=1.2&f=u
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
