- print FILE "LogLevel\t\t\t$settings{'GUARDIAN_LOGLEVEL'}\n";
- print FILE "BlockCount\t\t\t$settings{'GUARDIAN_BLOCKCOUNT'}\n";
- print FILE "HostGatewayByte\t\t\t$HostGatewayByte\n";
- print FILE "LogFile\t\t\t\t$settings{'GUARDIAN_LOGFILE'}\n";
- print FILE "AlertFile\t\t\t$settings{'GUARDIAN_SNORT_ALERTFILE'}\n";
- print FILE "IgnoreFile\t\t\t$ignorefile\n";
- print FILE "TimeLimit\t\t\t$settings{'GUARDIAN_BLOCKTIME'}\n";
- print FILE "PriorityLevel\t\t\t$settings{'GUARDIAN_PRIORITY_LEVEL'}\n";
+ print FILE "LogLevel = $settings{'GUARDIAN_LOGLEVEL'}\n\n";
+
+ # IPFire related static settings.
+ print FILE "# IPFire related settings.\n";
+ print FILE "FirewallEngine = IPtables\n";
+ print FILE "SocketOwner = nobody:nobody\n";
+ print FILE "IgnoreFile = $ignorefile\n\n";
+
+ # Configured block values.
+ print FILE "# Configured block settings.\n";
+ print FILE "BlockCount = $settings{'GUARDIAN_BLOCKCOUNT'}\n";
+ print FILE "BlockTime = $settings{'GUARDIAN_BLOCKTIME'}\n";
+ print FILE "FirewallAction = $settings{'GUARDIAN_FIREWALL_ACTION'}\n\n";
+
+ # Enabled modules.
+ # Loop through whole settings hash.
+ print FILE "# Enabled modules.\n";
+ foreach my $option (keys %settings) {
+ # Search for enabled modules.
+ if ($option =~ /GUARDIAN_MONITOR_(.*)/) {
+ # Skip if module is not enabled.
+ next unless($settings{$option} eq "on");
+
+ # Skip module if no file location is available.
+ next unless(exists($module_file_locations{$1}));
+
+ # Add enabled module and defined path to the config file.
+ print FILE "Monitor_$1 = $module_file_locations{$1}\n";
+ }
+ }