--- a/example.conf	Thu Aug 13 19:21:15 2009 +0300
+++ b/example.conf	Fri Aug 14 01:19:58 2009 +0300
@@ -1,6 +1,10 @@
-## Maltfilter configuration file.
-## PLEASE READ THROUGH THIS FILE VERY CAREFULLY!
+#############################################################################
+### Maltfilter configuration file.
+### PLEASE READ THROUGH THIS FILE VERY CAREFULLY!
 
+#############################################################################
+### General settings
+#############################################################################
 # Verbosity level (0 = quiet, bigger values add noise. valid range 0 - 4)
 VERBOSITY = 4
 
@@ -10,14 +14,16 @@
 # NOTICE! IF YOU DON'T CHANGE THIS TO 0, MALTFILTER WILL NOT DAEMONIZE!
 DRY_RUN = 1
 
-# Define system log files to scan. Only auth.log and Apache errorlog /
-# common log format files are supported for now. You can have as many
-# of SCANFILE settings as you wish.
-SCANFILE = "/var/log/auth.log"
-SCANFILE = "/var/log/httpd/error.log"
-SCANFILE = "/var/log/httpd/access.log"
+# Maltfilter logfile path and name (set empty "" if you don't want logging)
+LOGFILE = "/var/log/maltfilter"
+  
+# Full path to iptables binary
+IPTABLES = "/sbin/iptables"
 
 
+#############################################################################
+### Actions, etc. settings
+#############################################################################
 # Weeding treshold in hours. Entries older than this will be "weeded"
 # off from current netfilter settings.
 WEEDPERIOD = 72
@@ -30,6 +36,30 @@
 # can use whatever rule chain name you want to here.
 ACTION = "DROP"
 
+# IP addresses that should NOT be blocked under any circumstances. You should
+# set this if you wish to have a surefire open channel from some host, even in
+# the case someone tries to spoof IPs for denial of service.
+#
+# NOTICE! This setting supports only IPv4 addresses, no IPv6 or DNS names.
+# You can have any number of NOBLOCK_IPS settings.
+NOBLOCK_IPS = "192.121.86.15"
+NOBLOCK_IPS = "74.125.45.100"
+
+
+#############################################################################
+### Logfiles
+#############################################################################
+# Define system log files to scan. Only auth.log and Apache errorlog /
+# common log format files are supported for now. You can have as many
+# of SCANFILE settings as you wish.
+SCANFILE = "/var/log/auth.log"
+SCANFILE = "/var/log/httpd/error.log"
+SCANFILE = "/var/log/httpd/access.log"
+
+
+#############################################################################
+### Checks / tests
+#############################################################################
 # Enabled checks (1 = enabled, 0 = disabled). Please read the test
 # descriptions from "check_log_line" function in the maltfilter script.
 CHK_SSHD            = 1
@@ -43,17 +73,17 @@
 # or that alternatively you have defined "safe" hosts in NOBLOCK_HOSTS below.
 CHK_ROOT_SSH_PWD    = 0
 
-# Maltfilter logfile path and name (set empty "" if you don't want logging)
-LOGFILE = "/var/log/maltfilter"
   
-# Full path to iptables binary
-IPTABLES = "/sbin/iptables"
-  
-# IP addresses that should NOT be blocked under any circumstances. You should
-# set this if you wish to have a surefire open channel from some host, even in
-# the case someone tries to spoof IPs for denial of service.
-#
-# NOTICE! This setting supports only IPv4 addresses, no IPv6 or DNS names.
-# You can have any number of NOBLOCK_IPS settings.
-NOBLOCK_IPS = "192.121.86.15"
-NOBLOCK_IPS = "74.125.45.100"
+#############################################################################
+### Reports
+#############################################################################
+# Define files for periodically updated status reports (refreshed once
+# every few minutes.) Leave empty ("") if you do not want status reports.
+
+# Plain ASCII text file rerpot
+STATUS_FILE_PLAIN = ""
+
+# HTML file and optional CSS stylesheet URL for the HTML
+# (if left empty, no CSS is used)
+STATUS_FILE_HTML = ""
+STATUS_FILE_CSS = ""