Author: brueffer
Date: Thu Feb 20 23:43:49 2014
New Revision: 262273
URL: http://svnweb.freebsd.org/changeset/base/262273
Log:
Further refine the auth fail regex to catch more auth failures and
reduce false positives.
The committed patch was provided by Christian Marg.
PR: 91732
Submitted by: Daniel O'Connor <doconnor at gsoft.com.au>
Skye Poier <spoier at gmail.com>
Alan Amesbury <amesbury at umn.edu>
Christian Marg <marg at rz.tu-clausthal.de>
MFC after: 1 month
Modified:
head/etc/periodic/security/800.loginfail
Modified: head/etc/periodic/security/800.loginfail
==============================================================================
--- head/etc/periodic/security/800.loginfail Thu Feb 20 23:18:30 2014
(r262272)
+++ head/etc/periodic/security/800.loginfail Thu Feb 20 23:43:49 2014
(r262273)
@@ -64,7 +64,7 @@ if check_yesno_period security_status_lo
then
echo ""
echo "${host} login failures:"
- n=$(catmsgs | egrep -ia "^$yesterday.*: .*(fail|invalid|bad|illegal)" |
+ n=$(catmsgs | egrep -ia "^$yesterday.*:
.*\b(fail(ures?|ed)?|invalid|bad|illegal|auth.*error)\b" |
tee /dev/stderr | wc -l)
[ $n -gt 0 ] && rc=1 || rc=0
fi
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "[email protected]"
