Sophie

Sophie

distrib > Fedora > 13 > i386 > media > updates-src > by-pkgid > 8ff15aaec6aa7c6a6bfade293a2cfbaa > files > 48

logwatch-7.3.6-55.fc13.src.rpm

diff -up logwatch-7.3.6/scripts/services/pam_unix.pom logwatch-7.3.6/scripts/services/pam_unix
--- logwatch-7.3.6/scripts/services/pam_unix.pom	2009-10-12 14:55:08.000000000 +0200
+++ logwatch-7.3.6/scripts/services/pam_unix	2009-10-12 15:06:46.000000000 +0200
@@ -204,6 +204,8 @@ while ($line = <STDIN>) {
    } elsif ($service eq 'dovecot') {
       if ($line =~ s/^authentication failure; .*user=(.+)$/$1/) {
 		   $data{$service}{'Authentication Failures'}{$line}++;
+           } elsif ($line =~ /check pass; user unknown/) {
+                   $data{$service}{'Invalid Users'}{'Unknown Account'}++;
 	   } else {
 		   $data{$service}{'Unknown Entries'}{$line}++;
 	   }
@@ -225,11 +227,13 @@ while ($line = <STDIN>) {
       } else {
          $data{$service}{'Unknown Entries'}{$line}++;
       }
-   } elsif ($service eq 'pure-ftpd') {
+   } elsif (($service eq 'pure-ftpd') || ($service eq 'vsftpd')){
       if ($line =~ s/^session opened for user (.+)/$1/) {
          $data{$service}{'Sessions Opened'}{$line}++;
       } elsif ($line =~ s/^check pass; (.+)/$1/) {
          $data{$service}{'Password Failures'}{$line}++;
+      } elsif ($line =~ s/^authentication failure; .*user=(.+)$/$1/) {
+         $data{$service}{'Authentication Failures'}{$line}++;
       } else {
          $data{$service}{'Unknown Entries'}{$line}++;
       }
@@ -255,7 +259,7 @@ while ($line = <STDIN>) {
          $data{$service}{'Unknown Entries'}{$line}++;
       }
    } elsif (($service eq 'samba') or ($service eq 'smbd')) {
-      if ($line =~ s/^session opened for user ([a-zA-Z\d]+) by (.+)/$1/) {
+      if ($line =~ s/^session opened for user (\S+) by (.+)/$1/) {
          ($Detail >= 5) && $data{$service}{'Sessions Opened'}{$line}++;
       } elsif ($line =~ s/^session closed for user (.+)/$1/) {
          ($Detail >= 8) && $data{$service}{'Sessions Closed'}{$line}++;
@@ -297,7 +301,16 @@ while ($line = <STDIN>) {
       } else {
            $data{$service}{'Unknown Entries'}{$line}++;
       }
-
+   } elsif ($service eq 'smtp') {
+     if ($line =~ s/^authentication failure; logname=(\S*) uid=(\d+).*user=(\S*)$/$1($2) -> $3/) {
+        $data{$service}{'Authentication Failures'}{$line}++;
+     } elsif ($line =~ /authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=/) {
+              # ignore this line
+     } elsif ($line =~ /check pass; user unknown/) {
+              $data{$service}{'Invalid Users'}{'Unknown Account'}++;
+     } else  {
+        $data{$service}{'Unknown Entries'}{$line}++;
+     }
    } else {
          $data{$service}{'Unknown Entries'}{$line}++;
    }

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional