From 0ac8746d0566427c7c1bb3dddb6e7eb82e0ff809 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 28 Apr 2013 11:03:44 +1000
Subject: [PATCH 1/2] ENH: Account for views in named filter. By Romain Riviere
 in gentoo bug #259458

---
 config/filter.d/named-refused.conf | 2 +-
 testcases/files/logs/named-refused | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/config/filter.d/named-refused.conf b/config/filter.d/named-refused.conf
index ebf7681a..64f7d685 100644
--- a/config/filter.d/named-refused.conf
+++ b/config/filter.d/named-refused.conf
@@ -26,7 +26,7 @@ __line_prefix=(?:\s\S+ %(__daemon_combs_re)s\s+)?
 # Notes.: regex to match the password failures messages in the logfile.
 # Values: TEXT
 #
-failregex = %(__line_prefix)sclient <HOST>#.+: query(?: \(cache\))? '.*' denied\s*$
+failregex = %(__line_prefix)sclient <HOST>#\S+: (view (internal|external): )?query(?: \(cache\))? '.*' denied\s*$
 
 # Option:  ignoreregex
 # Notes.:  regex to ignore. If this regex matches, the line is ignored.
diff --git a/testcases/files/logs/named-refused b/testcases/files/logs/named-refused
index 6608ae2f..130e7417 100644
--- a/testcases/files/logs/named-refused
+++ b/testcases/files/logs/named-refused
@@ -3,3 +3,4 @@ Jul 24 14:16:56 raid5 named[3935]: client 62.123.164.113#32768: query 'ricreig.c
 Jul 24 14:17:13 raid5 named[3935]: client 148.160.29.6#33081: query (cache) 'geo-mueller.de/NS/IN' denied
 Jul 24 14:20:25 raid5 named[3935]: client 148.160.29.6#33081: query (cache) 'shivaree.de/NS/IN' denied
 Jul 24 14:23:36 raid5 named[3935]: client 148.160.29.6#33081: query (cache) 'mietberatung.de/NS/IN' denied
+Jul 24 14:23:36 raid5 named[3935]: client 62.109.4.89#9334: view external: query (cache) './NS/IN' denied

From f2f523407653d634a49ab2b3d60dd1839621ee41 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 28 Apr 2013 11:05:07 +1000
Subject: [PATCH 2/2] DOC: ChangeLog for named-refused entry

---
 ChangeLog | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index e60eb12f..cec4a833 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -93,6 +93,8 @@ Borreli, blotus:
    * [a2b29b4] Fixed lots of typos in config files and documentation.
   hamilton5
    * [7ede1e8] Update dovecot filter config.
+	Romain Riviere
+	 * [0ac8746] Enhance named-refused filter for views.
 
 Special Kudos also go to Fabian Wenk, Arturo 'Buanzo' Busleiman, Tom
 Hendrikx and other TBN heroes supporting users on fail2ban-users