From ec6a30efcfd8d1a095de3a6544b25f43990b74bb Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Fri, 30 Jan 2015 10:37:45 -0500
Subject: [PATCH] ENH: define ignoreregex for all filters explicitly, to avoid
 warnings (Closes #934)

---
 ChangeLog                           | 2 ++
 config/filter.d/counter-strike.conf | 1 +
 config/filter.d/groupoffice.conf    | 2 +-
 config/filter.d/kerio.conf          | 3 +++
 config/filter.d/monit.conf          | 1 +
 config/filter.d/nsd.conf            | 2 ++
 config/filter.d/portsentry.conf     | 2 ++
 config/filter.d/squid.conf          | 2 +-
 config/filter.d/squirrelmail.conf   | 1 +
 config/filter.d/stunnel.conf        | 2 ++
 10 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 27e97c4d..f1963b1e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -54,6 +54,8 @@ ver. 0.9.2 (2014/XX/XXX) - wanna-be-released
    * Enable multiport for firewallcmd-new action.  Closes gh-834
    * files/debian-initd migrated from the debian branch and should be
      suitable for manual installations now (thanks Juan Karlo de Guzman)
+   * Define empty ignoreregex in filters which didn't have it to avoid
+     warnings (gh-934)
 
 
 ver. 0.9.1 (2014/10/29) - better, faster, stronger
diff --git a/config/filter.d/counter-strike.conf b/config/filter.d/counter-strike.conf
index ef42db25..a896b5ca 100644
--- a/config/filter.d/counter-strike.conf
+++ b/config/filter.d/counter-strike.conf
@@ -6,6 +6,7 @@
 
 failregex = ^: Bad Rcon: "rcon \d+ "\S+"  sv_contact ".*?"" from "<HOST>:\d+"$
 
+ignoreregex =
 
 [Init]
 
diff --git a/config/filter.d/groupoffice.conf b/config/filter.d/groupoffice.conf
index d5a4e4d8..166c5fea 100644
--- a/config/filter.d/groupoffice.conf
+++ b/config/filter.d/groupoffice.conf
@@ -8,7 +8,7 @@
 
 failregex = ^\[\]LOGIN FAILED for user: "\S+" from IP: <HOST>$
 
-
+ignoreregex =
 
 # Author: Daniel Black
 
diff --git a/config/filter.d/kerio.conf b/config/filter.d/kerio.conf
index 33779950..313c9b36 100644
--- a/config/filter.d/kerio.conf
+++ b/config/filter.d/kerio.conf
@@ -6,6 +6,9 @@ failregex = ^ SMTP Spam attack detected from <HOST>,
             ^ IP address <HOST> found in DNS blacklist \S+, mail from \S+ to \S+$
             ^ Relay attempt from IP address <HOST>
             ^ Attempt to deliver to unknown recipient \S+, from \S+, IP address <HOST>$
+
+ignoreregex =
+
 [Init]
 
 datepattern = ^\[%%d/%%b/%%Y %%H:%%M:%%S\]
diff --git a/config/filter.d/monit.conf b/config/filter.d/monit.conf
index 1fcd980b..c2ef20d9 100644
--- a/config/filter.d/monit.conf
+++ b/config/filter.d/monit.conf
@@ -7,3 +7,4 @@
 failregex = ^\[[A-Z]+\s+\]\s*error\s*:\s*Warning:\s+Client '<HOST>' supplied unknown user '\w+' accessing monit httpd$
             ^\[[A-Z]+\s+\]\s*error\s*:\s*Warning:\s+Client '<HOST>' supplied wrong password for user '\w+' accessing monit httpd$
 
+ignoreregex =
diff --git a/config/filter.d/nsd.conf b/config/filter.d/nsd.conf
index cd4ce35f..70b41ca4 100644
--- a/config/filter.d/nsd.conf
+++ b/config/filter.d/nsd.conf
@@ -24,3 +24,5 @@ _daemon = nsd
 
 failregex =  ^\[\]%(__prefix_line)sinfo: ratelimit block .* query <HOST> TYPE255$
               ^\[\]%(__prefix_line)sinfo: .* <HOST> refused, no acl matches\.$
+
+ignoreregex =
diff --git a/config/filter.d/portsentry.conf b/config/filter.d/portsentry.conf
index 1ee9531c..27dca9b4 100644
--- a/config/filter.d/portsentry.conf
+++ b/config/filter.d/portsentry.conf
@@ -6,5 +6,7 @@
 
 failregex = \/<HOST> Port\: [0-9]+ (TCP|UDP) Blocked$
 
+ignoreregex =
+
 # Author: Pacop <pacoparu@gmail.com>
 
diff --git a/config/filter.d/squid.conf b/config/filter.d/squid.conf
index da282692..e26cab9c 100644
--- a/config/filter.d/squid.conf
+++ b/config/filter.d/squid.conf
@@ -7,7 +7,7 @@
 failregex = ^\s+\d\s<HOST>\s+[A-Z_]+_DENIED/403 .*$
             ^\s+\d\s<HOST>\s+NONE/405 .*$
 
-
+ignoreregex =
 
 # Author: Daniel Black
 
diff --git a/config/filter.d/squirrelmail.conf b/config/filter.d/squirrelmail.conf
index 9defd8d6..af0c38e7 100644
--- a/config/filter.d/squirrelmail.conf
+++ b/config/filter.d/squirrelmail.conf
@@ -3,6 +3,7 @@
 
 failregex = ^ \[LOGIN_ERROR\].*from <HOST>: Unknown user or password incorrect\.$
 
+ignoreregex =
 
 [Init]
 
diff --git a/config/filter.d/stunnel.conf b/config/filter.d/stunnel.conf
index c49bab4b..2396d895 100644
--- a/config/filter.d/stunnel.conf
+++ b/config/filter.d/stunnel.conf
@@ -4,6 +4,8 @@
 
 failregex = ^ LOG\d\[\d+:\d+\]:\ SSL_accept from <HOST>:\d+ : (?P<CODE>[\dA-F]+): error:(?P=CODE):SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate$
 
+ignoreregex =
+
 # DEV NOTES:
 # 
 # Author: Daniel Black