diff options
author | Hendrik Jäger <gitcommit@henk.geekmail.org> | 2022-11-12 10:21:10 +0100 |
---|---|---|
committer | Hendrik Jäger <gitcommit@henk.geekmail.org> | 2022-11-12 10:21:10 +0100 |
commit | 54f5d023a761421bfa99920c0f1d21e2a24df4ee (patch) | |
tree | 08e23604081ca1b413c216841797ec443c108900 | |
parent | 3c0c71cce6f6189d3a3acf3be6583fac5425c10f (diff) |
update rules
-rw-r--r-- | files/etc/logcheck/ignore.d.server/local-dnsmasq | 6 | ||||
-rw-r--r-- | files/etc/logcheck/ignore.d.server/local-ssh | 1 |
2 files changed, 6 insertions, 1 deletions
diff --git a/files/etc/logcheck/ignore.d.server/local-dnsmasq b/files/etc/logcheck/ignore.d.server/local-dnsmasq index 4afcf39..0246b42 100644 --- a/files/etc/logcheck/ignore.d.server/local-dnsmasq +++ b/files/etc/logcheck/ignore.d.server/local-dnsmasq @@ -1,3 +1,7 @@ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dnsmasq-dhcp\[[[:digit:]]+\]: RTR-ADVERT\([[:alnum:]-]+\) [[:xdigit:]:]+$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dnsmasq-dhcp\[[[:digit:]]+\]: DHCPADVERTISE\([[:alnum:]-]+\) [[:xdigit:]:]+ [[:xdigit:]:]+$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dnsmasq-dhcp\[[[:digit:]]+\]: DHCPCONFIRM\([[:alnum:]-]+\) [[:xdigit:]:]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dnsmasq-dhcp\[[[:digit:]]+\]: DHCPRENEW\([[:alnum:]-]+\) [[:xdigit:]:]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dnsmasq-dhcp\[[[:digit:]]+\]: DHCPREPLY\([[:alnum:]-]+\) [[:xdigit:]:]+ [[:xdigit:]:]+$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dnsmasq-dhcp\[[[:digit:]]+\]: DHCPSOLICIT\([[:alnum:]-]+\) [[:xdigit:]:]+$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dnsmasq-dhcp\[[[:digit:]]+\]: RTR-ADVERT\([[:alnum:]-]+\) [[:xdigit:]:]+$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dnsmasq-dhcp\[[[:digit:]]+\]: RTR-SOLICIT\([[:alnum:]-]+\) [[:xdigit:]:]+$ diff --git a/files/etc/logcheck/ignore.d.server/local-ssh b/files/etc/logcheck/ignore.d.server/local-ssh index e9aa7ab..10c878b 100644 --- a/files/etc/logcheck/ignore.d.server/local-ssh +++ b/files/etc/logcheck/ignore.d.server/local-ssh @@ -103,6 +103,7 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: ssh_dispatch_run_fatal: Connection from [:.[:xdigit:]]+ port [[:digit:]]+: DH GEX group out of range \[preauth\]$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: ssh_dispatch_run_fatal: Connection from [:.[:xdigit:]]+ port [[:digit:]]+: incomplete message \[preauth\]$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: ssh_dispatch_run_fatal: Connection from [:.[:xdigit:]]+ port [[:digit:]]+: message authentication code incorrect \[preauth\]$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: ssh_dispatch_run_fatal: Connection from [:.[:xdigit:]]+ port [[:digit:]]+: invalid format \[preauth\]$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Unable to negotiate with [:.[:xdigit:]]+ port [[:digit:]]+: no matching (cipher|key exchange method|host key type|MAC) found\. Their offer: .* \[preauth\]$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: User [._[:alnum:]-]+ from [[:alnum:].-]+ not allowed because none of user's groups are listed in AllowGroups$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes \[preauth\]$ |