svn commit: r263662 - stable/9/etc/periodic/security
Christian Brueffer
brueffer at FreeBSD.org
Sun Mar 23 13:03:47 UTC 2014
Author: brueffer
Date: Sun Mar 23 13:03:46 2014
New Revision: 263662
URL: http://svnweb.freebsd.org/changeset/base/263662
Log:
MFC: r262273
Further refine the auth fail regex to catch more auth failures and
reduce false positives.
The committed patch was provided by Christian Marg.
PR: 91732
Submitted by: Daniel O'Connor <doconnor at gsoft.com.au>
Skye Poier <spoier at gmail.com>
Alan Amesbury <amesbury at umn.edu>
Christian Marg <marg at rz.tu-clausthal.de>
Modified:
stable/9/etc/periodic/security/800.loginfail
Directory Properties:
stable/9/etc/ (props changed)
Modified: stable/9/etc/periodic/security/800.loginfail
==============================================================================
--- stable/9/etc/periodic/security/800.loginfail Sun Mar 23 12:58:48 2014 (r263661)
+++ stable/9/etc/periodic/security/800.loginfail Sun Mar 23 13:03:46 2014 (r263662)
@@ -59,7 +59,7 @@ case "$daily_status_security_loginfail_e
[Yy][Ee][Ss])
echo ""
echo "${host} login failures:"
- n=$(catmsgs | egrep -ia "^$yesterday.*: .*(fail|invalid|bad|illegal)" |
+ n=$(catmsgs | egrep -ia "^$yesterday.*: .*\b(fail(ures?|ed)?|invalid|bad|illegal|auth.*error)\b" |
tee /dev/stderr | wc -l)
[ $n -gt 0 ] && rc=1 || rc=0;;
*) rc=0;;
More information about the svn-src-stable-9
mailing list