Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-mail/postfix-logwatch/files/all-server-ports-busy-lines.patch
blob: dd5ae5869eb28d3d0da305097d5260ffe2afa356 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

From 7b3930a9d44f91a63f0edbe765c75dc8f6128b7c Mon Sep 17 00:00:00 2001
From: Michael Orlitzky <michael@orlitzky.com>
Date: Wed, 26 Dec 2018 12:54:15 -0500
Subject: [PATCH 1/1] Match postscreen "all server ports busy" lines.

Lines that look like

  NOQUEUE: reject: CONNECT from [192.168.0.1]:39410: all server ports busy

were not being matched. There were two similar matches, one for a
specific "too many connections" error

 NOQUEUE: reject: CONNECT from [192.168.0.1]:7197: too many connections

and another for a more general form intended to match "all screening
ports busy" errors from postscreen:

 reject: connect from [192.168.0.1]:21225: all screening ports busy

The general form is preferable in my opinion, but the "screening
ports" message is a bit of a black sheep. As a result, even the more
general regular expression didn't match the other two errors due to
their beginning with "NOQUEUE" and using an uppercase "CONNECT".

To fix this, the general regular expression was made even more
general. Now, a leading "NOQUEUE: " is optional, and the "CONNECT" can
be capitalized. Thus, one regular expression now catches all three
messages.
---
 postfix-logwatch | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/postfix-logwatch b/postfix-logwatch
index 827dfe0..648ba7a 100644
--- a/postfix-logwatch
+++ b/postfix-logwatch
@@ -4399,14 +4399,11 @@ sub postfix_postscreen {
       }
    }
 
-   elsif ($line =~ /^NOQUEUE: reject: CONNECT from \[([^]]+)\](?::\d+)?: too many connections/) {
-      # NOQUEUE: reject: CONNECT from [192.168.0.1]:7197: too many connections
-      $Counts{'postscreen'}{'reject'}{'Too many connections'}{$1}{$END_KEY}++      if $Collecting{'postscreen'};
-   }
-
-   elsif ($line =~ /^reject: connect from \[([^]]+)\](?::\d+)?: (.+)$/) {
-      # reject: connect from [192.168.0.1]:21225: all screening ports busy
-      $Counts{'postscreen'}{'reject'}{"\u$2"}{$1}{$END_KEY}++      if $Collecting{'postscreen'};
+   elsif ($line =~ /^(NOQUEUE: )?reject: (connect|CONNECT) from \[([^]]+)\](?::\d+)?: (.+)$/) {
+       # NOQUEUE: reject: CONNECT from [192.168.0.1]:7197: too many connections
+       # NOQUEUE: reject: CONNECT from [192.168.0.1]:39410: all server ports busy
+       # reject: connect from [192.168.0.1]:21225: all screening ports busy
+      $Counts{'postscreen'}{'reject'}{"\u$4"}{$3}{$END_KEY}++      if $Collecting{'postscreen'};
    }
 
    elsif ($line =~ /^(?:WHITELIST VETO) \[([^]]+)\](?::\d+)?$/) {
-- 
2.19.2