diff options
author | varac <varacanero@zeromail.org> | 2015-07-07 16:04:40 +0200 |
---|---|---|
committer | varac <varacanero@zeromail.org> | 2015-07-07 16:04:40 +0200 |
commit | 3cb5ae59d51d85cde704214dcea7c65da2bf6e94 (patch) | |
tree | 134db0815470e28222156d2463a477f35ce466e5 /puppet/modules/site_check_mk/files | |
parent | 07e949ad3d3baa132c88e529ab5121c4016eb0be (diff) |
Ignore openvpn logwatch warnings (#6867)
These are warnings that might have different origins, each of
them we don't want to alarm the admin:
- A bitmask client bug (user will poke the client devs if things
break, and they will go after it)
- A simple network failure, packets might get cut of
- Malicious user tries to temper with TLS handshakes - this gets
more interesting, but still (like ssh bruteforce attacs) an admin
would not want to get annoyed by this by default, but they still
have the option to use log analysers of their choice if they want
to investigate this.
Change-Id: I23ca3b700e41f22f34ad3346ed4e647b86000bb2
Diffstat (limited to 'puppet/modules/site_check_mk/files')
-rw-r--r-- | puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg index ed50f420..d99dcde9 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg @@ -8,6 +8,11 @@ I ovpn-.*TLS Error: TLS object -> incoming plaintext read error I ovpn-.*Fatal TLS error \(check_tls_errors_co\), restarting I ovpn-.*TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate + I ovpn-.*TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate + I ovpn-.*TLS Error: unknown opcode received from + I ovpn-.*Authenticate/Decrypt packet error: packet HMAC authentication failed + I ovpn-.*TLS Error: reading acknowledgement record from packet + I ovpn-.*TLS Error: session-id not found in packet from I ovpn-.*SIGUSR1\[soft,tls-error\] received, client-instance restarting I ovpn-.*VERIFY ERROR: depth=0, error=certificate has expired |