X-Git-Url: http://gitweb.michael.orlitzky.com/?a=blobdiff_plain;f=postfix-logwatch;h=be28795b543c8f5288be27c1c488253e0333761d;hb=db74adc313ccbb4d116da7b8de7850a21f613dd9;hp=92ed62138fe0d37ab30268f40c8e5ccbc3ee67d3;hpb=6afb8e258a5a2a0e7c72c4c25927dde9d1e2ad89;p=postfix-logwatch.git diff --git a/postfix-logwatch b/postfix-logwatch index 92ed621..be28795 100644 --- a/postfix-logwatch +++ b/postfix-logwatch @@ -66,7 +66,9 @@ my $re_QID_s = qr/[A-Z\d]+/; my $re_QID_l = qr/(?:NOQUEUE|[bcdfghjklmnpqrstvwxyzBCDFGHJKLMNPQRSTVWXYZ\d]+)/; our $re_QID; -our $re_DSN = qr/(?:(?:\d{3})?(?: ?\d\.\d\.\d)?)/; +# The enhanced status codes can contain two-digit (or more) numbers; +# for example, "550 5.7.23". +our $re_DSN = qr/(?:(?:\d{3})?(?: ?\d+\.\d+\.\d+)?)/; our $re_DDD = qr/(?:(?:conn_use=\d+ )?delay=-?[\d.]+(?:, delays=[\d\/.]+)?(?:, dsn=[\d.]+)?)/; #MODULE: ../Logreporters/Utils.pm @@ -1276,8 +1278,8 @@ sub print_unmatched_report() { 1978 SpamAssassin bypassed 18 Released from quarantine - 1982 Whitelisted - 3 Blacklisted + 1982 Allowlisted + 3 Denylisted 12 MIME error 51 Bad header (debug supplemental) 28 Extra code modules loaded at runtime @@ -4357,7 +4359,8 @@ sub postfix_postscreen { $line =~ /discarding EHLO keywords: / or $line =~ /: discard_mask / or $line =~ /: sq=\d+ cq=\d+ event/ or - $line =~ /: replacing command "/ + $line =~ /: replacing command "/ or + $line =~ /^(DATA|BDAT) without valid RCPT/ ); @@ -4367,7 +4370,12 @@ sub postfix_postscreen { ($line =~ /^(HANGUP) (?:after \S+)? from \[([^]]+)\](?::\d+)?/)) { $Counts{'postscreen'}{lc $1}{$2}{$END_KEY}++ if $Collecting{'postscreen'}; } - elsif ($line =~ /^(WHITELISTED|BLACKLISTED|PASS \S+) \[([^]]+)\](?::\d+)?$/) { + elsif ($line =~ /^((ALLOW|WHITE|BLACK|DENY)LISTED|PASS \S+) \[([^]]+)\](?::\d+)?$/) { + # This will display two separate counts for e.g. "allowlisted" + # and "whitelisted" if you change your configuration in the + # middle of the day, but I don't see that as a huge problem. + # + # ALLOWLISTED [40.92.75.48]:17085 # PASS NEW [192.168.0.2]:12345 # PASS OLD [192.168.0.3]:12345 $Counts{'postscreen'}{lc $1}{$2}{$END_KEY}++ if $Collecting{'postscreen'}; @@ -4397,19 +4405,16 @@ sub postfix_postscreen { } } - elsif ($line =~ /^NOQUEUE: reject: CONNECT from \[([^]]+)\](?::\d+)?: too many connections/) { - # NOQUEUE: reject: CONNECT from [192.168.0.1]:7197: too many connections - $Counts{'postscreen'}{'reject'}{'Too many connections'}{$1}{$END_KEY}++ if $Collecting{'postscreen'}; - } - - elsif ($line =~ /^reject: connect from \[([^]]+)\](?::\d+)?: (.+)$/) { - # reject: connect from [192.168.0.1]:21225: all screening ports busy - $Counts{'postscreen'}{'reject'}{"\u$2"}{$1}{$END_KEY}++ if $Collecting{'postscreen'}; + elsif ($line =~ /^(NOQUEUE: )?reject: (connect|CONNECT) from \[([^]]+)\](?::\d+)?: (.+)$/) { + # NOQUEUE: reject: CONNECT from [192.168.0.1]:7197: too many connections + # NOQUEUE: reject: CONNECT from [192.168.0.1]:39410: all server ports busy + # reject: connect from [192.168.0.1]:21225: all screening ports busy + $Counts{'postscreen'}{'reject'}{"\u$4"}{$3}{$END_KEY}++ if $Collecting{'postscreen'}; } - elsif ($line =~ /^(?:WHITELIST VETO) \[([^]]+)\](?::\d+)?$/) { + elsif ($line =~ /^(?:(WHITE|ALLOW)LIST VETO) \[([^]]+)\](?::\d+)?$/) { # WHITELIST VETO [192.168.0.8]:43579 - $Counts{'postscreen'}{'whitelist veto'}{$1}{$END_KEY}++ if $Collecting{'postscreen'}; + $Counts{'postscreen'}{'allowlist veto'}{$1}{$END_KEY}++ if $Collecting{'postscreen'}; } elsif ($line =~ /^(entering|leaving) STRESS mode with (\d+) connections$/) {