From 684dbe134f157dfb95158b66ba797e8a240f60fa Mon Sep 17 00:00:00 2001
From: =?utf8?q?Hendrik=20J=C3=A4ger?= <gitcommit@henk.geekmail.org>
Date: Mon, 30 Sep 2024 09:15:44 +0200
Subject: [PATCH] update rules

---
 files/etc/logcheck/ignore.d.server/local-openvpn | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/files/etc/logcheck/ignore.d.server/local-openvpn b/files/etc/logcheck/ignore.d.server/local-openvpn
index e9e977f..364de34 100644
--- a/files/etc/logcheck/ignore.d.server/local-openvpn
+++ b/files/etc/logcheck/ignore.d.server/local-openvpn
@@ -1,7 +1,7 @@
-^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: \[[[:alnum:]._-]+\] Peer Connection Initiated with \[AF_INET\][[:xdigit:]:.]+$
 ^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: Connection Attempt read UDPv4 \[ECONNREFUSED(\|ECONNREFUSED)*\]: Connection refused \(fd=[[:digit:]]+,code=111\)$
 ^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: Control Channel: .*$
 ^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: Could not determine IPv4/IPv6 protocol\. Using AF_INET$
+^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: MULTI_sva: pool returned IPv4=[[:digit:].]+, IPv6=\(Not enabled\)$
 ^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: net_addr_ptp_v4_add: [[:xdigit:]:.]+ peer [[:xdigit:]:.]+ dev tun[[:digit:]]+$
 ^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: net_addr_ptp_v4_del: [[:xdigit:]:.]+ dev tun[[:digit:]]+$
 ^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: net_iface_mtu_set: mtu 1500 for tun[[:digit:]]+$
@@ -26,6 +26,7 @@
 ^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: UDPv4 link local \(bound\): \[AF_INET\]\[undef\]:1194$
 ^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: UDPv4 link remote: \[AF_UNSPEC\]$
 ^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: VERIFY OK: depth=0, CN=[^[:space:]]+$
+^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: [[:xdigit:]:.]+ \[[[:alnum:]._-]+\] Peer Connection Initiated with \[AF_INET\][[:xdigit:]:.]+$
 ^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: [[:xdigit:]:.]+ OpenSSL: error:0A0000C7:SSL routines::peer did not return a certificate$
 ^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: [[:xdigit:]:.]+ TLS_ERROR: BIO read tls_read_plaintext error$
 ^(\w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ (openvpn|ovpn-[._[:alnum:]-]+)\[[[:digit:]]+\]: [[:xdigit:]:.]+ TLS Error: TLS object -> incoming plaintext read error$
-- 
2.39.5