Home » Tag

Ssl

Weitere logcheck Regeln für amavisd-new, dovecot und postfix unter Debian Wheezy

Ich habe soeben wieder logcheck in Betrieb genommen und erst einmal die paar folgenden, weiteren Regeln hinzugefügt bzw. bestehende leicht modifiziert. diff --git a/logcheck/ignore.d.server/amavisd-new b/logcheck/ignore.d.server/amavisd-new index 2dce777..d0d8743 100644 --- a/logcheck/ignore.d.server/amavisd-new +++ b/logcheck/ignore.d.server/amavisd-new @@ -3,3 +3,5 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ amavis\[[[:digit:]]+\]: \([-[:digit:]]+\) NOTICE: Not sending DSN in response to bulk mail from <[^.]*> containing [[:upper:] ]+, mail intentionally dropped$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ amavis\[[[:digit:]]+\]: \([-[:digit:]]+\) INFO: unfolded [[:digit:]]+ illegal all-whitespace continuation lines$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ amavis\[[[:digit:]]+\]: \([-[:digit:]]+\) WARN: address modified \((sender|recipient)\): <[^>]+> -> <[^>]+>$&lt;br /> +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ amavis\[[[:digit:]]+\]: \([-[:digit:]]+\) Passed (BAD-HEADER-[:digit:]|UNCHECKED|CLEAN|SPAM(MY)?) {(RelayedInbound|RelayedTaggedInbound|RelayedOpenRelay|RelayedInternal)(,Quarantined)?},( LOCAL)? (\[[.[:digit:]]+\]:[[:digit:]]+ )?(\[[.:[:alnum:]]+\] )?<([._-=@[:alnum:]]+)?> -> <([._-=@[:alnum:]]+)?>,( quarantine: [._-=/@[:alnum:]]+,)? (Queue-ID: [[:alnum:]]+, )?(Message-ID: &lt;.*>, )?mail_id: [-_[:alnum:]]+, Hits: -?[.[:xdigit:]]*, size: [[:digit:]]+, queued_as: [_[:alnum:]]+, [[:digit:]]+ ms$&lt;br /> +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ amavis\[[[:digit:]]+\]: \([-[:digit:]]+\) Blocked BANNED \(.*\) {(No)?BouncedInbound,Quarantined}, (\[[.[:digit:]]+\]:[[:digit:]]+ )?(\[[.:[:alnum:]]+\] )?<([._-=@[:alnum:]]+)?> -> <([._-=@[:alnum:]]+)?>, (quarantine: [[:alnum:]]/.*, )?(Queue-ID: [[:alnum:]]+, )?(Message-ID: &lt;[._-$%@[:alnum:]]+>, )?mail_id: [-_[:alnum:]]+, Hits: -?[.[:xdigit:]]*, size: [[:digit:]]+, (queued_as: [_[:alnum:]]+, )?[[:digit:]]+ ms$&lt;br /> diff --git a/logcheck/ignore.d.server/dovecot b/logcheck/ignore.d.server/dovecot index 8f4dcb6..643a4e4 100644 --- a/logcheck/ignore.d.server/dovecot +++ b/logcheck/ignore.d.server/dovecot @@ -7,12 +7,13 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: pam_unix\(dovecot:[[:alnum:]]+\): check pass; user unknown$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: pam_ldap: error trying to bind as user \".*\" \(Invalid credentials\)$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (imap|pop3)-login: Login: [.[:alnum:]@-]+ \[[.:[:xdigit:]]+\]$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: Aborted login( \([[:digit:]]+ authentication attempts\))?: (user=<[-_.@[:alnum:]]+>, method=[[:alnum:]-]+, )?rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+(, (TLS( handshake)?|secured))?$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: Aborted login( \([[:digit:]]+ authentication attempts\))?: (user=<[-_.@[:alnum:]]+>, method=[[:alnum:]-]+, )?rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+(, (TLS( handshake)?|secured))? ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: (Disconnected|Aborted login)(: Inactivity)? (\(no auth attempts\):|\(auth failed, [[:digit:]]+ attempts\): user=<[-_.@[:alnum:]]+>, method=PLAIN,|\(aborted authentication\): method=PLAIN,) rip=[.[:digit:]]+, lip=[.[:digit:]]+, (TLS|SSL)(( handshaking)?(: Disconnected)?|: SSL_read\(\) syscall failed: Connection reset by peer)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: Disconnected: ((Too many invalid commands|Inactivity): )?(user=<[-_.@[:alnum:]]+>, )?(method=[[:alnum:]-]+, )?rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+(, (TLS( handshake)?|secured))?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: Disconnected: Logged out$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: Login: user=<[-_.@[:alnum:]]+>, method=[[:alnum:]-]+, rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+(, (TLS( handshake)?|secured))?$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: Login: user=<[-_.@[:alnum:]]+>, method=[[:alnum:]-]+, rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+(, mpid=[[:digit:]]+)?(, (TLS( handshake)?|secured))? ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: IMAP\([-_.@[:alnum:]]+\): Connection closed(: Connection reset by peer)?( bytes=[[:digit:]]+/[[:digit:]]+)?$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: imap\([-_.@[:alnum:]]+\): Connection closed(: Connection reset by peer)?( in=[[:digit:]]+ out=[[:digit:]]+)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: IMAP\([-_.@[:alnum:]]+\): Disconnected(: Logged out| for inactivity|: Disconnected| in [[:upper:]]+|: Too many invalid IMAP commands\.)?( bytes=[[:digit:]]+/[[:digit:]]+)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: IMAP\([-_.@[:alnum:]]+\): Fixed index file /[-._/[:alnum:]&#038;]+/dovecot\.index: first_(recent|unseen)_uid_lowwater [[:digit:]]+ -> [[:digit:]]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: POP3\([-_.@[:alnum:]]+\): Disconnected(: Logged out| for inactivity|: Disconnected)? top=[[:digit:]]+/[[:digit:]]+, retr=[[:digit:]]+/[[:digit:]]+, del=[[:digit:]]+/[[:digit:]]+, size=[[:digit:]]+$ @@ -22,5 +23,9 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: auth\([[:alnum:]]+\): client in: CONT<hidden> ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: auth\([[:alnum:]]+\): client out: CONT[[:space:]]+[[:digit:]]+[[:space:]]+[[:alnum:]]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: ssl-build-param: SSL parameters regeneration completed$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: managesieve-login: Login: user=<[._[:alnum:]-]+>, method=[[:alnum:]-]+, rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+, (TLS( handshake)?|secured)$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: MANAGESIEVE\([._[:alnum:]-]+\): (Connection closed|Disconnected: Logged out)( bytes=[[:digit:]]+/[[:digit:]]+)?$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: managesieve-login: Login: user=<[._[:alnum:]-]+>, method=[[:alnum:]-]+, rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+, (TLS( handshake)?|secured) +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: managesieve\([._[:alnum:]-]+\): (Connection closed|Disconnected: Logged out)( bytes=[[:digit:]]+/[[:digit:]]+)?$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: (Disconnected|Aborted login)(: Inactivity)? \( +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: imap\([-_.@[:alnum:]]+\): Disconnected +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: lda\([-_.@[:alnum:]]+\): sieve: msgid=.*: stored mail into mailbox '[-.[:alnum:]]+'$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: auth-worker\([-_.[:alnum:]]+\): (pg|my)sql\([.:[:xdigit:]]+\): Connected to database [-_.[:alnum:]]+$ diff --git a/logcheck/ignore.d.server/movim b/logcheck/ignore.d.server/movim new file mode 100644 index 0000000..64eef12 --- /dev/null +++ b/logcheck/ignore.d.server/movim @@ -0,0 +1,5 @@ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ movim\[[[:digit:]]+\]: movim.ERROR: Undefined (index|offseti|variable): [[:alnum:]]+ \[\] \[\]$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ movim\[[[:digit:]]+\]: movim.ERROR: array_key_exists() expects parameter 2 to be array, boolean given \[\] \[\]$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ movim\[[[:digit:]]+\]: movim.ERROR: Use of undefined constant FAIL_SAFE - assumed 'FAIL_SAFE' \[\] \[\]$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ movim\[[[:digit:]]+\]: movim.ERROR: Trying to get property of non-object \[\] \[\]$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ movim\[[[:digit:]]+\]: movim.ERROR: Invalid argument supplied for foreach() \[\] \[\]$ diff --git a/logcheck/ignore.d.server/postfix b/logcheck/ignore.d.server/postfix index 7346aec..297771a 100644 --- a/logcheck/ignore.d.server/postfix +++ b/logcheck/ignore.d.server/postfix @@ -168,3 +168,4 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/trivial-rewrite\[[[:digit:]]+\]: warning: valid_ipv4_hostaddr: invalid octet count: ?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: warning: TLS library problem: [[:digit:]]+:error:[[:xdigit:]]+:SSL routines:SSL23_GET_CLIENT_HELLO:(unknown protocol|http request):s23_srvr\.c:[[:digit:]]+:$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/verify\[[[:digit:]]+\]: cache [-._[:alnum:]/]+ full cleanup: retained=[[:digit:]]+ dropped=[[:digit:]]+ entries$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: warning: hostname [-._[:alnum:]]+ does not resolve to address [.[:digit:]]+$ Updated 07.05.14 ...

Mai 2, 2014 · 4 Minuten

Weave Sync und Reg Server Setup unter Debian Lenny

Update vom 16.4.: Der Artikel ist schon einigermaßen veraltet. Daher würd ich den nicht mehr so genau nehmen. Einige Anmerkungen und für einige Probleme haben engagierte Nutzer Kommentare geschrieben. Wer wie ich mal einen Weave Sync Server unter Debian aufsetzen will, um einen eigenen Server zu haben mit dem das neue Firefox Sync Addon synchronisiert, dem wird die folgende Anleitung helfen. Voraussetzung für die Anleitung ist ein installierter Apache2 mit mindestens php 5.1, php-json, php-mysql und eine MySQL Installation. Zunächst hab ich in /var/www ein neues Verzeichnis erstellt und die Server (Sync und Reg Server heruntergeladen, beides entpackt und die Ordner umbenannt: mkdir weave &#038;&#038; cd weave wget http://hg.mozilla.org/services/sync-server/archive/tip.tar.gz wget http://hg.mozilla.org/services/reg-server/archive/tip.tar.gz tar xfz tip.tar.gz tar xfz tip.tar.gz.1 mv reg-server-828798f908a0/ reg-server mv sync-server-55d5049f6eeb/ sync-server Als nächstes hab ich erstmal einen neuen Vhost für den Apache angelegt und entsprechend der beiden Anleitungen (Sync und Reg) konfiguriert. Die sieht nun so aus: <VirtualHost myserver.de:80> ServerName myserver.de Redirect / https://myserver.de </VirtualHost> <VirtualHost myserver.de:443>&lt;br /> SSLEngine On SSLCertificateFile /etc/apache2/ssl/server-cert.pem SSLCertificateKeyFile /etc/apache2/ssl/server-key.pem ServerAdmin webmaster@myserver.de ServerName myserver.de DocumentRoot /var/www/weave Alias /1.0 /var/www/weave/sync-server/1.0/index.php Alias /user/1.0 /var/www/weave/reg-server/1.0/index.php Alias /user/1 /var/www/weave/reg-server/1.0/index.php Alias /misc/1.0/captcha_html /var/www/weave/reg-server/1.0/captcha.php Alias /misc/1/captcha_html /var/www/weave/reg-server/1.0/captcha.php Alias /weave-registration-static /var/www/weave/reg-server/1.0/static Alias /weave-password-reset /var/www/weave/reg-server/1.0/forgot_password.php CustomLog /var/log/apache2/weave/access.log combined ErrorLog /var/log/apache2/weave/error.log DirectoryIndex index.php index.html index.htm ServerSignature Off <Directory "/var/www/weave/"> Options Indexes FollowSymLinks AllowOverride none Order allow,deny Allow from all </Directory> </VirtualHost> Anschließend muss eine neue Datenbank erstellt werden. Auf dieser muss dann der folgende SQL-Code ausgeführt werden, der die Tabellen erstellt: ...

Juli 1, 2010 · 4 Minuten