[Pkg-ossec-devel] [pkg-ossec] 01/01: Revert "Imported Upstream version 2.7-1-beta-1". Bad version number.

Jose Antonio Quevedo Muñoz jaqm-guest at alioth.debian.org
Thu Aug 1 17:11:49 UTC 2013


This is an automated email from the git hooks/post-receive script.

jaqm-guest pushed a commit to branch upstream
in repository pkg-ossec.

commit 540baaaf5c91c38d989d51df4d216366a9b7d3a7
Author: Jose Antonio Quevedo <joseantonio.quevedo at gmail.com>
Date:   Thu Aug 1 13:35:35 2013 +0200

    Revert "Imported Upstream version 2.7-1-beta-1". Bad version number.
    
    This reverts commit 34b1c6efbc563f10af5700d2f103d09cced846cb.
---
 ._.hg_archival.txt                                 |  Bin 0 -> 212 bytes
 ._.hgignore                                        |  Bin 0 -> 212 bytes
 ._.hgtags                                          |  Bin 0 -> 212 bytes
 ._BUGS                                             |  Bin 0 -> 212 bytes
 ._CONFIG                                           |  Bin 0 -> 212 bytes
 ._CONTRIBUTORS                                     |  Bin 0 -> 212 bytes
 ._INSTALL                                          |  Bin 0 -> 212 bytes
 ._LICENSE                                          |  Bin 0 -> 212 bytes
 ._README                                           |  Bin 0 -> 212 bytes
 ._install.sh                                       |  Bin 0 -> 212 bytes
 .hg_archival.txt                                   |    6 +-
 .hgignore                                          |    1 -
 .hgtags                                            |    3 -
 BUGS                                               |    4 +-
 CONFIG                                             |    6 +-
 CONTRIBUTORS                                       |   20 +-
 INSTALL                                            |    4 +-
 LICENSE                                            |    2 +-
 README                                             |    4 +-
 active-response/._disable-account.sh               |  Bin 0 -> 212 bytes
 active-response/._firewall-drop.sh                 |  Bin 0 -> 212 bytes
 active-response/._host-deny.sh                     |  Bin 0 -> 212 bytes
 active-response/._ossec-tweeter.sh                 |  Bin 0 -> 212 bytes
 active-response/._restart-ossec.sh                 |  Bin 0 -> 212 bytes
 active-response/._route-null.sh                    |  Bin 0 -> 212 bytes
 active-response/firewall-drop.sh                   |   66 +-
 active-response/firewalls/._ipfw.sh                |  Bin 0 -> 212 bytes
 active-response/firewalls/._ipfw_mac.sh            |  Bin 0 -> 212 bytes
 active-response/firewalls/._pf.sh                  |  Bin 0 -> 212 bytes
 active-response/ip-customblock.sh                  |   42 --
 active-response/win/._netsh.cmd                    |  Bin 0 -> 212 bytes
 active-response/win/._restart-ossec.cmd            |  Bin 0 -> 212 bytes
 active-response/win/._route-null.cmd               |  Bin 0 -> 212 bytes
 contrib/._active-list.pl                           |  Bin 0 -> 212 bytes
 contrib/._add_localfile.sh                         |  Bin 0 -> 212 bytes
 contrib/._compile_alerts.pl                        |  Bin 0 -> 212 bytes
 contrib/._compile_alerts.txt                       |  Bin 0 -> 212 bytes
 contrib/._config2xml                               |  Bin 0 -> 212 bytes
 contrib/._ossec-batch-manager.pl                   |  Bin 0 -> 212 bytes
 contrib/._ossec2mysql.conf                         |  Bin 0 -> 212 bytes
 contrib/._ossec2mysql.pl                           |  Bin 0 -> 212 bytes
 contrib/._ossec2mysql.sql                          |  Bin 0 -> 212 bytes
 contrib/._ossec2mysqld.pl                          |  Bin 0 -> 212 bytes
 contrib/._ossec2rss.php                            |  Bin 0 -> 212 bytes
 contrib/._ossec_report.txt                         |  Bin 0 -> 212 bytes
 contrib/._ossec_report_contrib.pl                  |  Bin 0 -> 212 bytes
 contrib/._ossecmysql.pm                            |  Bin 0 -> 212 bytes
 contrib/._ossectop.pl                              |  Bin 0 -> 212 bytes
 contrib/._util.sh                                  |  Bin 0 -> 212 bytes
 contrib/logtesting/._dotests.sh                    |  Bin 0 -> 212 bytes
 contrib/logtesting/1/._log                         |  Bin 0 -> 212 bytes
 contrib/logtesting/1/._res                         |  Bin 0 -> 212 bytes
 contrib/logtesting/10/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/10/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/11/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/11/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/12/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/12/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/13/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/13/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/14/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/14/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/15/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/15/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/16/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/16/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/17/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/17/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/18/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/18/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/19/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/19/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/2/._log                         |  Bin 0 -> 212 bytes
 contrib/logtesting/2/._res                         |  Bin 0 -> 212 bytes
 contrib/logtesting/20/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/20/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/21/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/21/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/22/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/22/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/23/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/23/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/24/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/24/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/25/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/25/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/26/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/26/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/27/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/27/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/28/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/28/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/29/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/29/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/3/._log                         |  Bin 0 -> 212 bytes
 contrib/logtesting/3/._res                         |  Bin 0 -> 212 bytes
 contrib/logtesting/30/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/30/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/31/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/31/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/32/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/32/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/33/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/33/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/34/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/34/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/35/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/35/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/36/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/36/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/37/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/37/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/38/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/38/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/39/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/39/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/4/._log                         |  Bin 0 -> 212 bytes
 contrib/logtesting/4/._res                         |  Bin 0 -> 212 bytes
 contrib/logtesting/40/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/40/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/41/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/41/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/42/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/42/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/43/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/43/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/44/._log                        |  Bin 0 -> 212 bytes
 contrib/logtesting/44/._res                        |  Bin 0 -> 212 bytes
 contrib/logtesting/5/._log                         |  Bin 0 -> 212 bytes
 contrib/logtesting/5/._res                         |  Bin 0 -> 212 bytes
 contrib/logtesting/6/._log                         |  Bin 0 -> 212 bytes
 contrib/logtesting/6/._res                         |  Bin 0 -> 212 bytes
 contrib/logtesting/7/._log                         |  Bin 0 -> 212 bytes
 contrib/logtesting/7/._res                         |  Bin 0 -> 212 bytes
 contrib/logtesting/8/._log                         |  Bin 0 -> 212 bytes
 contrib/logtesting/8/._res                         |  Bin 0 -> 212 bytes
 contrib/logtesting/9/._log                         |  Bin 0 -> 212 bytes
 contrib/logtesting/9/._res                         |  Bin 0 -> 212 bytes
 contrib/ossec-testing/._runtests.py                |  Bin 0 -> 212 bytes
 contrib/ossec-testing/tests/._named.ini            |  Bin 0 -> 212 bytes
 contrib/ossec2snorby/README                        |  120 ----
 contrib/ossec2snorby/ossec2snorby.pl               |  716 --------------------
 contrib/ossec2snorby/ossec2snorby.sh               |   78 ---
 contrib/ossec2snorby/ossec2snorby_category.sql     |  171 -----
 contrib/ossec2snorby/ossec2snorby_ubuntu.sh        |   57 --
 contrib/specs/._getattr.pl                         |  Bin 0 -> 212 bytes
 contrib/specs/._remove_ossec                       |  Bin 0 -> 212 bytes
 contrib/specs/agent/._ossec-hids-agent.spec        |  Bin 0 -> 212 bytes
 contrib/specs/agent/._preloaded-vars.conf          |  Bin 0 -> 212 bytes
 contrib/specs/agent/ossec-hids-agent.spec          |    2 +-
 contrib/specs/local/._ossec-hids-local.spec        |  Bin 0 -> 212 bytes
 contrib/specs/local/._preloaded-vars.conf          |  Bin 0 -> 212 bytes
 contrib/specs/local/ossec-hids-local.spec          |    2 +-
 contrib/specs/server/._ossec-hids-server.spec      |  Bin 0 -> 212 bytes
 contrib/specs/server/._preloaded-vars.conf         |  Bin 0 -> 212 bytes
 contrib/specs/server/ossec-hids-server.spec        |    2 +-
 doc/._README.config                                |  Bin 0 -> 212 bytes
 doc/._active-response-internal.txt                 |  Bin 0 -> 212 bytes
 doc/._active-response.txt                          |  Bin 0 -> 212 bytes
 doc/._logs.txt                                     |  Bin 0 -> 212 bytes
 doc/._manage_agents.txt                            |  Bin 0 -> 212 bytes
 doc/._manager.txt                                  |  Bin 0 -> 212 bytes
 doc/._nmap.txt                                     |  Bin 0 -> 212 bytes
 doc/._rootcheck.txt                                |  Bin 0 -> 212 bytes
 doc/._rule_ids.txt                                 |  Bin 0 -> 212 bytes
 doc/._rules.txt                                    |  Bin 0 -> 212 bytes
 doc/br/._INSTALL.br                                |  Bin 0 -> 212 bytes
 doc/br/._README.config                             |  Bin 0 -> 212 bytes
 doc/br/._TRANSLATION                               |  Bin 0 -> 212 bytes
 doc/br/._active-response-internal.txt              |  Bin 0 -> 212 bytes
 doc/br/._active-response.txt                       |  Bin 0 -> 212 bytes
 doc/br/._logs.txt                                  |  Bin 0 -> 212 bytes
 doc/br/._manager.txt                               |  Bin 0 -> 212 bytes
 doc/br/._rootcheck.txt                             |  Bin 0 -> 212 bytes
 doc/br/._rule_ids.txt                              |  Bin 0 -> 212 bytes
 doc/br/._rules.txt                                 |  Bin 0 -> 212 bytes
 doc/pl/._INSTALL.pl                                |  Bin 0 -> 212 bytes
 doc/pl/._README.config                             |  Bin 0 -> 212 bytes
 doc/pl/._TRANSLATION                               |  Bin 0 -> 212 bytes
 doc/pl/._active-response-internal.txt              |  Bin 0 -> 212 bytes
 doc/pl/._active-response.txt                       |  Bin 0 -> 212 bytes
 doc/pl/._logs.txt                                  |  Bin 0 -> 212 bytes
 doc/pl/._manager.txt                               |  Bin 0 -> 212 bytes
 doc/pl/._rootcheck.txt                             |  Bin 0 -> 212 bytes
 doc/pl/._rule_ids.txt                              |  Bin 0 -> 212 bytes
 doc/pl/._rules.txt                                 |  Bin 0 -> 212 bytes
 etc/._decoder.xml                                  |  Bin 0 -> 212 bytes
 etc/._internal_options.conf                        |  Bin 0 -> 212 bytes
 etc/._ossec-agent.conf                             |  Bin 0 -> 212 bytes
 etc/._ossec-local.conf                             |  Bin 0 -> 212 bytes
 etc/._ossec-server.conf                            |  Bin 0 -> 212 bytes
 etc/._ossec.conf                                   |  Bin 0 -> 212 bytes
 etc/._preloaded-vars.conf                          |  Bin 0 -> 212 bytes
 etc/decoder.xml                                    |  159 ++---
 etc/rules/._apache_rules.xml                       |  Bin 0 -> 212 bytes
 etc/rules/._arpwatch_rules.xml                     |  Bin 0 -> 212 bytes
 etc/rules/._asterisk_rules.xml                     |  Bin 0 -> 212 bytes
 etc/rules/._attack_rules.xml                       |  Bin 0 -> 212 bytes
 etc/rules/._bro-ids_rules.xml                      |  Bin 0 -> 212 bytes
 etc/rules/._cimserver_rules.xml                    |  Bin 0 -> 212 bytes
 etc/rules/._cisco-ios_rules.xml                    |  Bin 0 -> 212 bytes
 etc/rules/._clam_av_rules.xml                      |  Bin 0 -> 212 bytes
 etc/rules/._courier_rules.xml                      |  Bin 0 -> 212 bytes
 etc/rules/._dovecot_rules.xml                      |  Bin 0 -> 212 bytes
 etc/rules/._dropbear_rules.xml                     |  Bin 0 -> 212 bytes
 etc/rules/._firewall_rules.xml                     |  Bin 0 -> 212 bytes
 etc/rules/._ftpd_rules.xml                         |  Bin 0 -> 212 bytes
 etc/rules/._hordeimp_rules.xml                     |  Bin 0 -> 212 bytes
 etc/rules/._ids_rules.xml                          |  Bin 0 -> 212 bytes
 etc/rules/._imapd_rules.xml                        |  Bin 0 -> 212 bytes
 etc/rules/._local_rules.xml                        |  Bin 0 -> 212 bytes
 etc/rules/._mailscanner_rules.xml                  |  Bin 0 -> 212 bytes
 etc/rules/._mcafee_av_rules.xml                    |  Bin 0 -> 212 bytes
 etc/rules/._ms-exchange_rules.xml                  |  Bin 0 -> 212 bytes
 etc/rules/._ms-se_rules.xml                        |  Bin 0 -> 212 bytes
 etc/rules/._ms_dhcp_rules.xml                      |  Bin 0 -> 212 bytes
 etc/rules/._ms_ftpd_rules.xml                      |  Bin 0 -> 212 bytes
 etc/rules/._msauth_rules.xml                       |  Bin 0 -> 212 bytes
 etc/rules/._mysql_rules.xml                        |  Bin 0 -> 212 bytes
 etc/rules/._named_rules.xml                        |  Bin 0 -> 212 bytes
 etc/rules/._netscreenfw_rules.xml                  |  Bin 0 -> 212 bytes
 etc/rules/._nginx_rules.xml                        |  Bin 0 -> 212 bytes
 etc/rules/._openbsd_rules.xml                      |  Bin 0 -> 212 bytes
 etc/rules/._ossec_rules.xml                        |  Bin 0 -> 212 bytes
 etc/rules/._pam_rules.xml                          |  Bin 0 -> 212 bytes
 etc/rules/._php_rules.xml                          |  Bin 0 -> 212 bytes
 etc/rules/._pix_rules.xml                          |  Bin 0 -> 212 bytes
 etc/rules/._policy_rules.xml                       |  Bin 0 -> 212 bytes
 etc/rules/._postfix_rules.xml                      |  Bin 0 -> 212 bytes
 etc/rules/._postgresql_rules.xml                   |  Bin 0 -> 212 bytes
 etc/rules/._proftpd_rules.xml                      |  Bin 0 -> 212 bytes
 etc/rules/._pure-ftpd_rules.xml                    |  Bin 0 -> 212 bytes
 etc/rules/._racoon_rules.xml                       |  Bin 0 -> 212 bytes
 etc/rules/._roundcube_rules.xml                    |  Bin 0 -> 212 bytes
 etc/rules/._rules_config.xml                       |  Bin 0 -> 212 bytes
 etc/rules/._sendmail_rules.xml                     |  Bin 0 -> 212 bytes
 etc/rules/._smbd_rules.xml                         |  Bin 0 -> 212 bytes
 etc/rules/._solaris_bsm_rules.xml                  |  Bin 0 -> 212 bytes
 etc/rules/._sonicwall_rules.xml                    |  Bin 0 -> 212 bytes
 etc/rules/._spamd_rules.xml                        |  Bin 0 -> 212 bytes
 etc/rules/._squid_rules.xml                        |  Bin 0 -> 212 bytes
 etc/rules/._sshd_rules.xml                         |  Bin 0 -> 212 bytes
 etc/rules/._symantec-av_rules.xml                  |  Bin 0 -> 212 bytes
 etc/rules/._symantec-ws_rules.xml                  |  Bin 0 -> 212 bytes
 etc/rules/._syslog_rules.xml                       |  Bin 0 -> 212 bytes
 etc/rules/._telnetd_rules.xml                      |  Bin 0 -> 212 bytes
 etc/rules/._trend-osce_rules.xml                   |  Bin 0 -> 212 bytes
 etc/rules/._vmpop3d_rules.xml                      |  Bin 0 -> 212 bytes
 etc/rules/._vmware_rules.xml                       |  Bin 0 -> 212 bytes
 etc/rules/._vpn_concentrator_rules.xml             |  Bin 0 -> 212 bytes
 etc/rules/._vpopmail_rules.xml                     |  Bin 0 -> 212 bytes
 etc/rules/._vsftpd_rules.xml                       |  Bin 0 -> 212 bytes
 etc/rules/._web_appsec_rules.xml                   |  Bin 0 -> 212 bytes
 etc/rules/._web_rules.xml                          |  Bin 0 -> 212 bytes
 etc/rules/._wordpress_rules.xml                    |  Bin 0 -> 212 bytes
 etc/rules/._zeus_rules.xml                         |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._101                        |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._1101                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._1301_1302_1303             |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._1401                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._1402                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._1602                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._1603                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._1607                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._1609                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._1901                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._1902                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._1903                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._1905                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._201                        |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._202                        |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._204                        |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._2501                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._2601                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._301                        |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._401                        |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._403                        |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._408                        |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._409                        |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._access-control             |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._apache-error.logs          |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._cisco-ios-ids              |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._ciscoios                   |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._ftpd                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._iis6                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._imapd                      |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._kernel                     |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._mail-alerts                |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._mail-errors                |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._ns1                        |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._proftpd                    |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._smbd                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._spamd                      |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._sshd                       |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._symantecws                 |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._telnetd                    |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._unkown                     |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._vpn.log                    |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._vpopmail                   |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._worms                      |  Bin 0 -> 212 bytes
 etc/rules/log-entries/._xferlog                    |  Bin 0 -> 212 bytes
 etc/rules/nginx_rules.xml                          |    6 -
 etc/rules/openbsd_rules.xml                        |    4 +-
 etc/rules/pure-ftpd_rules.xml                      |   23 +-
 etc/rules/syslog_rules.xml                         |   32 -
 .../translated/pure_ftpd/._pure-ftpd_rules_da.xml  |  Bin 0 -> 212 bytes
 .../translated/pure_ftpd/._pure-ftpd_rules_de.xml  |  Bin 0 -> 212 bytes
 .../translated/pure_ftpd/._pure-ftpd_rules_en.xml  |  Bin 0 -> 212 bytes
 .../translated/pure_ftpd/._pure-ftpd_rules_es.xml  |  Bin 0 -> 212 bytes
 .../translated/pure_ftpd/._pure-ftpd_rules_fr.xml  |  Bin 0 -> 212 bytes
 .../pure_ftpd/._pure-ftpd_rules_fr_funny.xml       |  Bin 0 -> 212 bytes
 .../translated/pure_ftpd/._pure-ftpd_rules_it.xml  |  Bin 0 -> 212 bytes
 .../translated/pure_ftpd/._pure-ftpd_rules_nl.xml  |  Bin 0 -> 212 bytes
 .../translated/pure_ftpd/._pure-ftpd_rules_no.xml  |  Bin 0 -> 212 bytes
 .../pure_ftpd/._pure-ftpd_rules_pt_br.xml          |  Bin 0 -> 212 bytes
 .../translated/pure_ftpd/._pure-ftpd_rules_ro.xml  |  Bin 0 -> 212 bytes
 .../translated/pure_ftpd/._pure-ftpd_rules_sk.xml  |  Bin 0 -> 212 bytes
 .../translated/pure_ftpd/._pure-ftpd_rules_sv.xml  |  Bin 0 -> 212 bytes
 .../translated/pure_ftpd/._pure-ftpd_rules_tr.xml  |  Bin 0 -> 212 bytes
 etc/rules/web_appsec_rules.xml                     |   65 +-
 etc/rules/web_rules.xml                            |   47 +-
 etc/templates/br/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/br/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/br/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/br/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/br/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/br/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/br/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/br/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/br/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../br/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/br/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/br/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/br/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/br/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/br/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/cn/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/cn/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/cn/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/cn/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/cn/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/cn/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/cn/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/cn/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/cn/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../cn/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/cn/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/cn/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/cn/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/cn/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/cn/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/config/._active-response.template    |  Bin 0 -> 212 bytes
 etc/templates/config/._apache-logs.template        |  Bin 0 -> 212 bytes
 etc/templates/config/._ar-disable-account.template |  Bin 0 -> 212 bytes
 etc/templates/config/._ar-firewall-drop.template   |  Bin 0 -> 212 bytes
 etc/templates/config/._ar-host-deny.template       |  Bin 0 -> 212 bytes
 etc/templates/config/._ar-routenull.template       |  Bin 0 -> 212 bytes
 etc/templates/config/._pgsql-logs.template         |  Bin 0 -> 212 bytes
 etc/templates/config/._rootcheck.template          |  Bin 0 -> 212 bytes
 etc/templates/config/._rules.template              |  Bin 0 -> 212 bytes
 etc/templates/config/._snort-logs.template         |  Bin 0 -> 212 bytes
 etc/templates/config/._syscheck.template           |  Bin 0 -> 212 bytes
 etc/templates/config/._syslog-logs.template        |  Bin 0 -> 212 bytes
 etc/templates/de/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/de/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/de/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/de/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/de/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/de/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/de/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/de/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/de/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../de/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/de/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/de/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/de/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/de/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/de/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/el/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/el/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/el/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/el/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/el/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/el/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/el/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/el/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/el/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../el/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/el/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/el/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/el/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/el/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/el/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/en/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/en/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/en/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/en/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/en/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/en/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/en/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/en/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/en/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../en/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/en/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/en/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/en/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/en/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/en/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/es/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/es/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/es/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/es/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/es/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/es/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/es/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/es/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/es/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../es/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/es/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/es/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/es/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/es/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/es/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/fr/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/fr/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/fr/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/fr/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/fr/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/fr/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/fr/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/fr/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/fr/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../fr/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/fr/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/fr/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/fr/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/fr/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/fr/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/hu/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/hu/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/hu/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/hu/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/hu/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/hu/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/hu/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/hu/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/hu/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../hu/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/hu/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/hu/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/hu/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/hu/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/hu/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/it/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/it/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/it/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/it/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/it/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/it/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/it/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/it/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/it/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../it/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/it/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/it/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/it/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/it/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/it/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/jp/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/jp/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/jp/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/jp/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/jp/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/jp/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/jp/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/jp/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/jp/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../jp/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/jp/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/jp/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/jp/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/jp/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/jp/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/nl/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/nl/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/nl/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/nl/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/nl/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/nl/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/nl/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/nl/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/nl/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../nl/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/nl/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/nl/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/nl/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/nl/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/nl/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/pl/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/pl/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/pl/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/pl/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/pl/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/pl/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/pl/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/pl/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/pl/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../pl/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/pl/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/pl/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/pl/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/pl/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/pl/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/ru/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/ru/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/ru/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/ru/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/ru/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/ru/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/ru/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/ru/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/ru/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../ru/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/ru/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/ru/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/ru/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/ru/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/ru/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/sr/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/sr/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/sr/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/sr/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/sr/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/sr/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/sr/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/sr/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/sr/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../sr/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/sr/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/sr/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/sr/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/sr/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/sr/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 etc/templates/tr/._language.txt                    |  Bin 0 -> 212 bytes
 etc/templates/tr/._messages.txt                    |  Bin 0 -> 212 bytes
 etc/templates/tr/errors/._0x1-location.txt         |  Bin 0 -> 212 bytes
 etc/templates/tr/errors/._0x2-beroot.txt           |  Bin 0 -> 212 bytes
 etc/templates/tr/errors/._0x3-dependencies.txt     |  Bin 0 -> 212 bytes
 etc/templates/tr/errors/._0x4-installtype.txt      |  Bin 0 -> 212 bytes
 etc/templates/tr/errors/._0x5-build.txt            |  Bin 0 -> 212 bytes
 etc/templates/tr/messages/._0x101-initial.txt      |  Bin 0 -> 212 bytes
 etc/templates/tr/messages/._0x102-installhelp.txt  |  Bin 0 -> 212 bytes
 .../tr/messages/._0x103-thanksforusing.txt         |  Bin 0 -> 212 bytes
 etc/templates/tr/messages/._0x104-client.txt       |  Bin 0 -> 212 bytes
 etc/templates/tr/messages/._0x105-noboot.txt       |  Bin 0 -> 212 bytes
 etc/templates/tr/messages/._0x106-logs.txt         |  Bin 0 -> 212 bytes
 etc/templates/tr/messages/._0x107-ar.txt           |  Bin 0 -> 212 bytes
 etc/templates/tr/messages/._0x108-ar-enabled.txt   |  Bin 0 -> 212 bytes
 install.sh                                         |    4 +-
 src/._Config.Make                                  |  Bin 0 -> 212 bytes
 src/._InstallAgent.sh                              |  Bin 0 -> 212 bytes
 src/._InstallServer.sh                             |  Bin 0 -> 212 bytes
 src/._LOCATION                                     |  Bin 0 -> 212 bytes
 src/._Makeall                                      |  Bin 0 -> 212 bytes
 src/._Makefile                                     |  Bin 0 -> 212 bytes
 src/._VERSION                                      |  Bin 0 -> 212 bytes
 src/InstallAgent.sh                                |   23 +-
 src/InstallServer.sh                               |   75 +-
 src/Makeall                                        |   11 +-
 src/Makefile                                       |   10 +-
 src/VERSION                                        |    2 +-
 src/addagent/._Makefile                            |  Bin 0 -> 212 bytes
 src/addagent/._b64.c                               |  Bin 0 -> 212 bytes
 src/addagent/._main.c                              |  Bin 0 -> 212 bytes
 src/addagent/._manage_agents.c                     |  Bin 0 -> 212 bytes
 src/addagent/._manage_agents.h                     |  Bin 0 -> 212 bytes
 src/addagent/._manage_keys.c                       |  Bin 0 -> 212 bytes
 src/addagent/._read_from_user.c                    |  Bin 0 -> 212 bytes
 src/addagent/._validate.c                          |  Bin 0 -> 212 bytes
 src/addagent/b64.c                                 |   30 +-
 src/addagent/main.c                                |    3 +-
 src/addagent/read_from_user.c                      |    2 +-
 src/agentlessd/._Makefile                          |  Bin 0 -> 212 bytes
 src/agentlessd/._README                            |  Bin 0 -> 212 bytes
 src/agentlessd/._agentlessd.c                      |  Bin 0 -> 212 bytes
 src/agentlessd/._agentlessd.h                      |  Bin 0 -> 212 bytes
 src/agentlessd/._main.c                            |  Bin 0 -> 212 bytes
 src/agentlessd/agentlessd.c                        |  114 ++--
 src/agentlessd/main.c                              |   25 +-
 src/agentlessd/scripts/._main.exp                  |  Bin 0 -> 212 bytes
 src/agentlessd/scripts/._register_host.sh          |  Bin 0 -> 212 bytes
 src/agentlessd/scripts/._ssh.exp                   |  Bin 0 -> 212 bytes
 src/agentlessd/scripts/._ssh_asa-fwsmconfig_diff   |  Bin 0 -> 212 bytes
 src/agentlessd/scripts/._ssh_foundry_diff          |  Bin 0 -> 212 bytes
 src/agentlessd/scripts/._ssh_generic_diff          |  Bin 0 -> 212 bytes
 src/agentlessd/scripts/._ssh_integrity_check_bsd   |  Bin 0 -> 212 bytes
 src/agentlessd/scripts/._ssh_integrity_check_linux |  Bin 0 -> 212 bytes
 src/agentlessd/scripts/._ssh_nopass.exp            |  Bin 0 -> 212 bytes
 src/agentlessd/scripts/._ssh_pixconfig_diff        |  Bin 0 -> 212 bytes
 src/agentlessd/scripts/._sshlogin.exp              |  Bin 0 -> 212 bytes
 src/agentlessd/scripts/._su.exp                    |  Bin 0 -> 212 bytes
 src/agentlessd/scripts/ssh_asa-fwsmconfig_diff     |    3 +-
 src/agentlessd/scripts/ssh_pixconfig_diff          |    2 +-
 src/analysisd/._Makefile                           |  Bin 0 -> 212 bytes
 src/analysisd/._active-response.c                  |  Bin 0 -> 212 bytes
 src/analysisd/._active-response.h                  |  Bin 0 -> 212 bytes
 src/analysisd/._analysisd.c                        |  Bin 0 -> 212 bytes
 src/analysisd/._analysisd.h                        |  Bin 0 -> 212 bytes
 src/analysisd/._cleanevent.c                       |  Bin 0 -> 212 bytes
 src/analysisd/._config.c                           |  Bin 0 -> 212 bytes
 src/analysisd/._config.h                           |  Bin 0 -> 212 bytes
 src/analysisd/._dodiff.c                           |  Bin 0 -> 212 bytes
 src/analysisd/._eventinfo.c                        |  Bin 0 -> 212 bytes
 src/analysisd/._eventinfo.h                        |  Bin 0 -> 212 bytes
 src/analysisd/._eventinfo_list.c                   |  Bin 0 -> 212 bytes
 src/analysisd/._fts.c                              |  Bin 0 -> 212 bytes
 src/analysisd/._fts.h                              |  Bin 0 -> 212 bytes
 src/analysisd/._lists.c                            |  Bin 0 -> 212 bytes
 src/analysisd/._lists.h                            |  Bin 0 -> 212 bytes
 src/analysisd/._lists_list.c                       |  Bin 0 -> 212 bytes
 src/analysisd/._lists_make.c                       |  Bin 0 -> 212 bytes
 src/analysisd/._lists_make.h                       |  Bin 0 -> 212 bytes
 src/analysisd/._makelists.c                        |  Bin 0 -> 212 bytes
 src/analysisd/._makelists.h                        |  Bin 0 -> 212 bytes
 src/analysisd/._picviz.c                           |  Bin 0 -> 212 bytes
 src/analysisd/._picviz.h                           |  Bin 0 -> 212 bytes
 src/analysisd/._prelude.c                          |  Bin 0 -> 212 bytes
 src/analysisd/._prelude.h                          |  Bin 0 -> 212 bytes
 src/analysisd/._rules.c                            |  Bin 0 -> 212 bytes
 src/analysisd/._rules.h                            |  Bin 0 -> 212 bytes
 src/analysisd/._rules_list.c                       |  Bin 0 -> 212 bytes
 src/analysisd/._stats.c                            |  Bin 0 -> 212 bytes
 src/analysisd/._stats.h                            |  Bin 0 -> 212 bytes
 src/analysisd/._testrule.c                         |  Bin 0 -> 212 bytes
 src/analysisd/active-response.c                    |    4 +-
 src/analysisd/active-response.h                    |    4 +-
 src/analysisd/alerts/._Makefile                    |  Bin 0 -> 212 bytes
 src/analysisd/alerts/._alerts.h                    |  Bin 0 -> 212 bytes
 src/analysisd/alerts/._exec.c                      |  Bin 0 -> 212 bytes
 src/analysisd/alerts/._exec.h                      |  Bin 0 -> 212 bytes
 src/analysisd/alerts/._getloglocation.c            |  Bin 0 -> 212 bytes
 src/analysisd/alerts/._getloglocation.h            |  Bin 0 -> 212 bytes
 src/analysisd/alerts/._log.c                       |  Bin 0 -> 212 bytes
 src/analysisd/alerts/._log.h                       |  Bin 0 -> 212 bytes
 src/analysisd/alerts/._mail.c                      |  Bin 0 -> 212 bytes
 src/analysisd/alerts/alerts.h                      |    2 +-
 src/analysisd/alerts/exec.c                        |   28 +-
 src/analysisd/alerts/exec.h                        |    2 +-
 src/analysisd/alerts/getloglocation.c              |   46 +-
 src/analysisd/alerts/getloglocation.h              |    2 +-
 src/analysisd/alerts/log.c                         |  176 +----
 src/analysisd/alerts/log.h                         |    3 +-
 src/analysisd/alerts/mail.c                        |    2 +-
 src/analysisd/analysisd.c                          |  283 ++++----
 src/analysisd/cdb/._Makefile                       |  Bin 0 -> 212 bytes
 src/analysisd/cdb/._cdb.c                          |  Bin 0 -> 212 bytes
 src/analysisd/cdb/._cdb.h                          |  Bin 0 -> 212 bytes
 src/analysisd/cdb/._cdb_hash.c                     |  Bin 0 -> 212 bytes
 src/analysisd/cdb/._cdb_make.c                     |  Bin 0 -> 212 bytes
 src/analysisd/cdb/._cdb_make.h                     |  Bin 0 -> 212 bytes
 src/analysisd/cdb/._uint32.h                       |  Bin 0 -> 212 bytes
 src/analysisd/cdb/._uint32_pack.c                  |  Bin 0 -> 212 bytes
 src/analysisd/cdb/._uint32_unpack.c                |  Bin 0 -> 212 bytes
 src/analysisd/cleanevent.c                         |  168 ++---
 src/analysisd/compiled_rules/._.function_list      |  Bin 0 -> 212 bytes
 src/analysisd/compiled_rules/._Makefile            |  Bin 0 -> 212 bytes
 src/analysisd/compiled_rules/._generic_samples.c   |  Bin 0 -> 212 bytes
 src/analysisd/compiled_rules/._register_rule.sh    |  Bin 0 -> 212 bytes
 src/analysisd/compiled_rules/generic_samples.c     |   16 +-
 src/analysisd/config.c                             |    9 +-
 src/analysisd/config.h                             |    2 +-
 src/analysisd/decoders/._Makefile                  |  Bin 0 -> 212 bytes
 src/analysisd/decoders/._decode-xml.c              |  Bin 0 -> 212 bytes
 src/analysisd/decoders/._decoder.c                 |  Bin 0 -> 212 bytes
 src/analysisd/decoders/._decoder.h                 |  Bin 0 -> 212 bytes
 src/analysisd/decoders/._decoders_list.c           |  Bin 0 -> 212 bytes
 src/analysisd/decoders/._hostinfo.c                |  Bin 0 -> 212 bytes
 src/analysisd/decoders/._plugin_decoders.h         |  Bin 0 -> 212 bytes
 src/analysisd/decoders/._rootcheck.c               |  Bin 0 -> 212 bytes
 src/analysisd/decoders/._syscheck.c                |  Bin 0 -> 212 bytes
 src/analysisd/decoders/decode-xml.c                |  140 ++--
 src/analysisd/decoders/decoder.c                   |   52 +-
 src/analysisd/decoders/decoder.h                   |   12 +-
 src/analysisd/decoders/decoders_list.c             |   36 +-
 src/analysisd/decoders/hostinfo.c                  |   32 +-
 src/analysisd/decoders/plugin_decoders.h           |   12 +-
 src/analysisd/decoders/plugins/._Makefile          |  Bin 0 -> 212 bytes
 .../decoders/plugins/._ossecalert_decoder.c        |  Bin 0 -> 212 bytes
 src/analysisd/decoders/plugins/._pf_decoder.c      |  Bin 0 -> 212 bytes
 .../decoders/plugins/._sonicwall_decoder.c         |  Bin 0 -> 212 bytes
 .../decoders/plugins/._symantecws_decoder.c        |  Bin 0 -> 212 bytes
 .../decoders/plugins/ossecalert_decoder.c          |   28 +-
 src/analysisd/decoders/plugins/pf_decoder.c        |   54 +-
 src/analysisd/decoders/plugins/sonicwall_decoder.c |   54 +-
 .../decoders/plugins/symantecws_decoder.c          |   34 +-
 src/analysisd/decoders/rootcheck.c                 |   30 +-
 src/analysisd/decoders/syscheck.c                  |  110 +--
 src/analysisd/dodiff.c                             |   16 +-
 src/analysisd/eventinfo.c                          |  142 ++--
 src/analysisd/eventinfo.h                          |    2 +-
 src/analysisd/eventinfo_list.c                     |   26 +-
 src/analysisd/fts.c                                |   66 +-
 src/analysisd/lists.c                              |    4 +-
 src/analysisd/lists_list.c                         |   60 +-
 src/analysisd/lists_make.c                         |   18 +-
 src/analysisd/makelists.c                          |   16 +-
 src/analysisd/picviz.c                             |    2 +-
 src/analysisd/prelude.c                            |  108 +--
 src/analysisd/rules.c                              |  435 ++++++------
 src/analysisd/rules.h                              |   22 +-
 src/analysisd/rules_list.c                         |   78 +--
 src/analysisd/stats.c                              |   86 +--
 src/analysisd/testrule.c                           |  119 ++--
 src/client-agent/._COPYRIGHT                       |  Bin 0 -> 212 bytes
 src/client-agent/._Makefile                        |  Bin 0 -> 212 bytes
 src/client-agent/._VERSION                         |  Bin 0 -> 212 bytes
 src/client-agent/._agentd.c                        |  Bin 0 -> 212 bytes
 src/client-agent/._agentd.h                        |  Bin 0 -> 212 bytes
 src/client-agent/._config.c                        |  Bin 0 -> 212 bytes
 src/client-agent/._event-forward.c                 |  Bin 0 -> 212 bytes
 src/client-agent/._intcheck_op.c                   |  Bin 0 -> 212 bytes
 src/client-agent/._main.c                          |  Bin 0 -> 212 bytes
 src/client-agent/._notify.c                        |  Bin 0 -> 212 bytes
 src/client-agent/._receiver-win.c                  |  Bin 0 -> 212 bytes
 src/client-agent/._receiver.c                      |  Bin 0 -> 212 bytes
 src/client-agent/._sendmsg.c                       |  Bin 0 -> 212 bytes
 src/client-agent/._start_agent.c                   |  Bin 0 -> 212 bytes
 src/client-agent/agentd.c                          |   48 +-
 src/client-agent/agentd.h                          |    4 +-
 src/client-agent/config.c                          |    2 +-
 src/client-agent/intcheck_op.c                     |    4 +-
 src/client-agent/main.c                            |   16 +-
 src/client-agent/notify.c                          |   14 +-
 src/client-agent/receiver-win.c                    |   58 +-
 src/client-agent/receiver.c                        |   20 +-
 src/client-agent/sendmsg.c                         |    2 +-
 src/client-agent/start_agent.c                     |   48 +-
 src/config/._Makefile                              |  Bin 0 -> 212 bytes
 src/config/._active-response.c                     |  Bin 0 -> 212 bytes
 src/config/._active-response.h                     |  Bin 0 -> 212 bytes
 src/config/._agentlessd-config.c                   |  Bin 0 -> 212 bytes
 src/config/._agentlessd-config.h                   |  Bin 0 -> 212 bytes
 src/config/._alerts-config.c                       |  Bin 0 -> 212 bytes
 src/config/._client-config.c                       |  Bin 0 -> 212 bytes
 src/config/._client-config.h                       |  Bin 0 -> 212 bytes
 src/config/._config.c                              |  Bin 0 -> 212 bytes
 src/config/._config.h                              |  Bin 0 -> 212 bytes
 src/config/._csyslogd-config.c                     |  Bin 0 -> 212 bytes
 src/config/._csyslogd-config.h                     |  Bin 0 -> 212 bytes
 src/config/._dbd-config.c                          |  Bin 0 -> 212 bytes
 src/config/._dbd-config.h                          |  Bin 0 -> 212 bytes
 src/config/._email-alerts-config.c                 |  Bin 0 -> 212 bytes
 src/config/._global-config.c                       |  Bin 0 -> 212 bytes
 src/config/._global-config.h                       |  Bin 0 -> 212 bytes
 src/config/._localfile-config.c                    |  Bin 0 -> 212 bytes
 src/config/._localfile-config.h                    |  Bin 0 -> 212 bytes
 src/config/._mail-config.h                         |  Bin 0 -> 212 bytes
 src/config/._remote-config.c                       |  Bin 0 -> 212 bytes
 src/config/._remote-config.h                       |  Bin 0 -> 212 bytes
 src/config/._reports-config.c                      |  Bin 0 -> 212 bytes
 src/config/._reports-config.h                      |  Bin 0 -> 212 bytes
 src/config/._rootcheck-config.c                    |  Bin 0 -> 212 bytes
 src/config/._rootcheck-config.h                    |  Bin 0 -> 212 bytes
 src/config/._rules-config.c                        |  Bin 0 -> 212 bytes
 src/config/._syscheck-config.c                     |  Bin 0 -> 212 bytes
 src/config/._syscheck-config.h                     |  Bin 0 -> 212 bytes
 src/config/active-response.c                       |   55 +-
 src/config/active-response.h                       |    6 +-
 src/config/agentlessd-config.c                     |   26 +-
 src/config/agentlessd-config.h                     |    6 +-
 src/config/alerts-config.c                         |    6 +-
 src/config/client-config.c                         |   33 +-
 src/config/client-config.h                         |    2 -
 src/config/config.c                                |   38 +-
 src/config/config.h                                |    4 +-
 src/config/csyslogd-config.c                       |   20 +-
 src/config/csyslogd-config.h                       |    2 +-
 src/config/dbd-config.c                            |    4 +-
 src/config/dbd-config.h                            |    4 +-
 src/config/email-alerts-config.c                   |   52 +-
 src/config/global-config.c                         |   65 +-
 src/config/global-config.h                         |   18 +-
 src/config/localfile-config.c                      |   58 +-
 src/config/localfile-config.h                      |   14 +-
 src/config/mail-config.h                           |    4 +-
 src/config/remote-config.c                         |   24 +-
 src/config/remote-config.h                         |    4 +-
 src/config/reports-config.c                        |   14 +-
 src/config/reports-config.h                        |    2 +-
 src/config/rootcheck-config.c                      |   20 +-
 src/config/rootcheck-config.h                      |   18 +-
 src/config/rules-config.c                          |   30 +-
 src/config/syscheck-config.c                       |  106 +--
 src/config/syscheck-config.h                       |   12 +-
 src/error_messages/._error_messages.h              |  Bin 0 -> 212 bytes
 src/error_messages/error_messages.h                |   16 +-
 src/external/zlib-1.2.3/._COPYRIGHT                |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._Makefile                 |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._README                   |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._adler32.c                |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._algorithm.txt            |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._compress.c               |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._crc32.c                  |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._crc32.h                  |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._deflate.c                |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._deflate.h                |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._gzio.c                   |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._infback.c                |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._inffast.c                |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._inffast.h                |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._inffixed.h               |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._inflate.c                |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._inflate.h                |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._inftrees.c               |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._inftrees.h               |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._trees.c                  |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._trees.h                  |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._uncompr.c                |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._zconf.h                  |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._zconf.in.h               |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._zlib.h                   |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._zutil.c                  |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/._zutil.h                  |  Bin 0 -> 212 bytes
 src/external/zlib-1.2.3/gzio.c                     |    4 +-
 src/headers/._agent_op.h                           |  Bin 0 -> 212 bytes
 src/headers/._ar.h                                 |  Bin 0 -> 212 bytes
 src/headers/._debug_op.h                           |  Bin 0 -> 212 bytes
 src/headers/._defs.h                               |  Bin 0 -> 212 bytes
 src/headers/._dirtree_op.h                         |  Bin 0 -> 212 bytes
 src/headers/._file-queue.h                         |  Bin 0 -> 212 bytes
 src/headers/._file_op.h                            |  Bin 0 -> 212 bytes
 src/headers/._hash_op.h                            |  Bin 0 -> 212 bytes
 src/headers/._help.h                               |  Bin 0 -> 212 bytes
 src/headers/._list_op.h                            |  Bin 0 -> 212 bytes
 src/headers/._math_op.h                            |  Bin 0 -> 212 bytes
 src/headers/._mem_op.h                             |  Bin 0 -> 212 bytes
 src/headers/._mq_op.h                              |  Bin 0 -> 212 bytes
 src/headers/._os_err.h                             |  Bin 0 -> 212 bytes
 src/headers/._privsep_op.h                         |  Bin 0 -> 212 bytes
 src/headers/._pthreads_op.h                        |  Bin 0 -> 212 bytes
 src/headers/._rc.h                                 |  Bin 0 -> 212 bytes
 src/headers/._read-agents.h                        |  Bin 0 -> 212 bytes
 src/headers/._read-alert.h                         |  Bin 0 -> 212 bytes
 src/headers/._regex_op.h                           |  Bin 0 -> 212 bytes
 src/headers/._report_op.h                          |  Bin 0 -> 212 bytes
 src/headers/._rules_op.h                           |  Bin 0 -> 212 bytes
 src/headers/._sec.h                                |  Bin 0 -> 212 bytes
 src/headers/._shared.h                             |  Bin 0 -> 212 bytes
 src/headers/._sig_op.h                             |  Bin 0 -> 212 bytes
 src/headers/._store_op.h                           |  Bin 0 -> 212 bytes
 src/headers/._string_op.h                          |  Bin 0 -> 212 bytes
 src/headers/._validate_op.h                        |  Bin 0 -> 212 bytes
 src/headers/._wait_op.h                            |  Bin 0 -> 212 bytes
 src/headers/agent_op.h                             |    2 +-
 src/headers/custom_output_search.h                 |   72 --
 src/headers/debug_op.h                             |    2 +-
 src/headers/defs.h                                 |   36 +-
 src/headers/dirtree_op.h                           |    8 +-
 src/headers/file-queue.h                           |    4 +-
 src/headers/hash_op.h                              |   12 +-
 src/headers/list_op.h                              |    2 +-
 src/headers/math_op.h                              |    2 +-
 src/headers/os_err.h                               |    2 +-
 src/headers/rc.h                                   |    2 +-
 src/headers/read-agents.h                          |   12 +-
 src/headers/read-alert.h                           |    2 +-
 src/headers/report_op.h                            |   10 +-
 src/headers/rules_op.h                             |   18 +-
 src/headers/sec.h                                  |   12 +-
 src/headers/shared.h                               |   11 +-
 src/headers/store_op.h                             |    4 +-
 src/headers/string_op.h                            |    4 +-
 src/headers/validate_op.h                          |   14 +-
 src/headers/wait_op.h                              |    2 +-
 src/init/._darwin-addusers.pl                      |  Bin 0 -> 212 bytes
 src/init/._darwin-init.sh                          |  Bin 0 -> 212 bytes
 src/init/._functions.sh                            |  Bin 0 -> 212 bytes
 src/init/._fw-check.sh                             |  Bin 0 -> 212 bytes
 src/init/._init.sh                                 |  Bin 0 -> 212 bytes
 src/init/._language.sh                             |  Bin 0 -> 212 bytes
 src/init/._ossec-client.sh                         |  Bin 0 -> 212 bytes
 src/init/._ossec-hids-aix.init                     |  Bin 0 -> 212 bytes
 src/init/._ossec-hids-debian.init                  |  Bin 0 -> 212 bytes
 src/init/._ossec-hids-gentoo.init                  |  Bin 0 -> 212 bytes
 src/init/._ossec-hids-rh.init                      |  Bin 0 -> 212 bytes
 src/init/._ossec-hids-solaris.init                 |  Bin 0 -> 212 bytes
 src/init/._ossec-hids-suse.init                    |  Bin 0 -> 212 bytes
 src/init/._ossec-hids.init                         |  Bin 0 -> 212 bytes
 src/init/._ossec-local.sh                          |  Bin 0 -> 212 bytes
 src/init/._ossec-server.sh                         |  Bin 0 -> 212 bytes
 src/init/._osx105-addusers.sh                      |  Bin 0 -> 212 bytes
 src/init/._shared.sh                               |  Bin 0 -> 212 bytes
 src/init/._update.sh                               |  Bin 0 -> 212 bytes
 src/init/ossec-client.sh                           |    3 +-
 src/init/ossec-local.sh                            |    3 +-
 src/init/ossec-server.sh                           |    3 +-
 src/init/osx105-addusers.sh                        |  149 +---
 src/init/update.sh                                 |   13 +-
 src/logcollector/._COPYRIGHT                       |  Bin 0 -> 212 bytes
 src/logcollector/._Makefile                        |  Bin 0 -> 212 bytes
 src/logcollector/._VERSION                         |  Bin 0 -> 212 bytes
 src/logcollector/._config.c                        |  Bin 0 -> 212 bytes
 src/logcollector/._logcollector.c                  |  Bin 0 -> 212 bytes
 src/logcollector/._logcollector.h                  |  Bin 0 -> 212 bytes
 src/logcollector/._main.c                          |  Bin 0 -> 212 bytes
 src/logcollector/._read_command.c                  |  Bin 0 -> 212 bytes
 src/logcollector/._read_djb_multilog.c             |  Bin 0 -> 212 bytes
 src/logcollector/._read_fullcommand.c              |  Bin 0 -> 212 bytes
 src/logcollector/._read_mssql_log.c                |  Bin 0 -> 212 bytes
 src/logcollector/._read_multiline.c                |  Bin 0 -> 212 bytes
 src/logcollector/._read_mysql_log.c                |  Bin 0 -> 212 bytes
 src/logcollector/._read_nmapg.c                    |  Bin 0 -> 212 bytes
 src/logcollector/._read_ossecalert.c               |  Bin 0 -> 212 bytes
 src/logcollector/._read_postgresql_log.c           |  Bin 0 -> 212 bytes
 src/logcollector/._read_snortfull.c                |  Bin 0 -> 212 bytes
 src/logcollector/._read_syslog.c                   |  Bin 0 -> 212 bytes
 src/logcollector/._read_win_el.c                   |  Bin 0 -> 212 bytes
 src/logcollector/config.c                          |   10 +-
 src/logcollector/logcollector.c                    |  132 ++--
 src/logcollector/main.c                            |   38 +-
 src/logcollector/read_command.c                    |   16 +-
 src/logcollector/read_djb_multilog.c               |   44 +-
 src/logcollector/read_fullcommand.c                |   12 +-
 src/logcollector/read_mssql_log.c                  |   48 +-
 src/logcollector/read_multiline.c                  |   20 +-
 src/logcollector/read_mysql_log.c                  |   48 +-
 src/logcollector/read_nmapg.c                      |   80 +--
 src/logcollector/read_ossecalert.c                 |   18 +-
 src/logcollector/read_postgresql_log.c             |   50 +-
 src/logcollector/read_snortfull.c                  |   14 +-
 src/logcollector/read_syslog.c                     |   18 +-
 src/logcollector/read_win_el.c                     |  166 ++---
 src/monitord/._Makefile                            |  Bin 0 -> 212 bytes
 src/monitord/._compress_log.c                      |  Bin 0 -> 212 bytes
 src/monitord/._generate_reports.c                  |  Bin 0 -> 212 bytes
 src/monitord/._main.c                              |  Bin 0 -> 212 bytes
 src/monitord/._manage_files.c                      |  Bin 0 -> 212 bytes
 src/monitord/._monitor_agents.c                    |  Bin 0 -> 212 bytes
 src/monitord/._monitord.c                          |  Bin 0 -> 212 bytes
 src/monitord/._monitord.h                          |  Bin 0 -> 212 bytes
 src/monitord/._report.c                            |  Bin 0 -> 212 bytes
 src/monitord/._sign_log.c                          |  Bin 0 -> 212 bytes
 src/monitord/compress_log.c                        |   18 +-
 src/monitord/generate_reports.c                    |    4 +-
 src/monitord/main.c                                |   23 +-
 src/monitord/manage_files.c                        |   14 +-
 src/monitord/monitor_agents.c                      |    8 +-
 src/monitord/monitord.c                            |   20 +-
 src/monitord/report.c                              |   29 +-
 src/monitord/sign_log.c                            |   12 +-
 src/os_auth/._Makefile                             |  Bin 0 -> 212 bytes
 src/os_auth/._auth.h                               |  Bin 0 -> 212 bytes
 src/os_auth/._main-client.c                        |  Bin 0 -> 212 bytes
 src/os_auth/._main-server.c                        |  Bin 0 -> 212 bytes
 src/os_auth/._ssl-test.c                           |  Bin 0 -> 212 bytes
 src/os_auth/._ssl.c                                |  Bin 0 -> 212 bytes
 src/os_auth/main-client.c                          |   56 +-
 src/os_auth/main-server.c                          |    1 -
 src/os_auth/ssl-test.c                             |    8 +-
 src/os_auth/ssl.c                                  |    8 +-
 src/os_crypto/._Makefile                           |  Bin 0 -> 212 bytes
 src/os_crypto/blowfish/._Makefile                  |  Bin 0 -> 212 bytes
 src/os_crypto/blowfish/._bf_enc.c                  |  Bin 0 -> 212 bytes
 src/os_crypto/blowfish/._bf_locl.h                 |  Bin 0 -> 212 bytes
 src/os_crypto/blowfish/._bf_op.c                   |  Bin 0 -> 212 bytes
 src/os_crypto/blowfish/._bf_op.h                   |  Bin 0 -> 212 bytes
 src/os_crypto/blowfish/._bf_pi.h                   |  Bin 0 -> 212 bytes
 src/os_crypto/blowfish/._bf_skey.c                 |  Bin 0 -> 212 bytes
 src/os_crypto/blowfish/._blowfish.h                |  Bin 0 -> 212 bytes
 src/os_crypto/blowfish/._main.c                    |  Bin 0 -> 212 bytes
 src/os_crypto/blowfish/bf_enc.c                    |   12 +-
 src/os_crypto/blowfish/bf_locl.h                   |   12 +-
 src/os_crypto/blowfish/bf_op.c                     |    2 +-
 src/os_crypto/blowfish/bf_op.h                     |    2 +-
 src/os_crypto/blowfish/bf_pi.h                     |  524 +++++++-------
 src/os_crypto/blowfish/bf_skey.c                   |   12 +-
 src/os_crypto/blowfish/blowfish.h                  |   14 +-
 src/os_crypto/blowfish/main.c                      |    4 +-
 src/os_crypto/md5/._Makefile                       |  Bin 0 -> 212 bytes
 src/os_crypto/md5/._main.c                         |  Bin 0 -> 212 bytes
 src/os_crypto/md5/._md5.c                          |  Bin 0 -> 212 bytes
 src/os_crypto/md5/._md5.h                          |  Bin 0 -> 212 bytes
 src/os_crypto/md5/._md5_op.c                       |  Bin 0 -> 212 bytes
 src/os_crypto/md5/._md5_op.h                       |  Bin 0 -> 212 bytes
 src/os_crypto/md5/main.c                           |   10 +-
 src/os_crypto/md5/md5.c                            |    4 +-
 src/os_crypto/md5/md5_op.c                         |   22 +-
 src/os_crypto/md5_sha1/._Makefile                  |  Bin 0 -> 212 bytes
 src/os_crypto/md5_sha1/._main.c                    |  Bin 0 -> 212 bytes
 src/os_crypto/md5_sha1/._md5_sha1_op.c             |  Bin 0 -> 212 bytes
 src/os_crypto/md5_sha1/._md5_sha1_op.h             |  Bin 0 -> 212 bytes
 src/os_crypto/md5_sha1/main.c                      |    8 +-
 src/os_crypto/md5_sha1/md5_sha1_op.c               |    4 +-
 src/os_crypto/sha1/._Makefile                      |  Bin 0 -> 212 bytes
 src/os_crypto/sha1/._main.c                        |  Bin 0 -> 212 bytes
 src/os_crypto/sha1/._md32_common.h                 |  Bin 0 -> 212 bytes
 src/os_crypto/sha1/._sha.h                         |  Bin 0 -> 212 bytes
 src/os_crypto/sha1/._sha1_op.c                     |  Bin 0 -> 212 bytes
 src/os_crypto/sha1/._sha1_op.h                     |  Bin 0 -> 212 bytes
 src/os_crypto/sha1/._sha_locl.h                    |  Bin 0 -> 212 bytes
 src/os_crypto/sha1/main.c                          |    4 +-
 src/os_crypto/sha1/md32_common.h                   |    6 +-
 src/os_crypto/sha1/sha.h                           |   12 +-
 src/os_crypto/sha1/sha1_op.c                       |   20 +-
 src/os_crypto/sha1/sha_locl.h                      |   24 +-
 src/os_crypto/shared/._Makefile                    |  Bin 0 -> 212 bytes
 src/os_crypto/shared/._keys.c                      |  Bin 0 -> 212 bytes
 src/os_crypto/shared/._msgs.c                      |  Bin 0 -> 212 bytes
 src/os_crypto/shared/keys.c                        |  110 +--
 src/os_crypto/shared/msgs.c                        |   90 +--
 src/os_csyslogd/._Makefile                         |  Bin 0 -> 212 bytes
 src/os_csyslogd/._alert.c                          |  Bin 0 -> 212 bytes
 src/os_csyslogd/._config.c                         |  Bin 0 -> 212 bytes
 src/os_csyslogd/._csyslogd.c                       |  Bin 0 -> 212 bytes
 src/os_csyslogd/._csyslogd.h                       |  Bin 0 -> 212 bytes
 src/os_csyslogd/._main.c                           |  Bin 0 -> 212 bytes
 src/os_csyslogd/alert.c                            |   14 +-
 src/os_csyslogd/config.c                           |   10 +-
 src/os_csyslogd/csyslogd.c                         |   56 +-
 src/os_csyslogd/csyslogd.h                         |    1 -
 src/os_csyslogd/main.c                             |   35 +-
 src/os_dbd/._Makefile                              |  Bin 0 -> 212 bytes
 src/os_dbd/._README                                |  Bin 0 -> 212 bytes
 src/os_dbd/._alert.c                               |  Bin 0 -> 212 bytes
 src/os_dbd/._config.c                              |  Bin 0 -> 212 bytes
 src/os_dbd/._db_op.c                               |  Bin 0 -> 212 bytes
 src/os_dbd/._db_op.h                               |  Bin 0 -> 212 bytes
 src/os_dbd/._dbd.c                                 |  Bin 0 -> 212 bytes
 src/os_dbd/._dbd.h                                 |  Bin 0 -> 212 bytes
 src/os_dbd/._dbmake.sh                             |  Bin 0 -> 212 bytes
 src/os_dbd/._main.c                                |  Bin 0 -> 212 bytes
 src/os_dbd/._mysql.schema                          |  Bin 0 -> 212 bytes
 src/os_dbd/._postgresql.schema                     |  Bin 0 -> 212 bytes
 src/os_dbd/._rules.c                               |  Bin 0 -> 212 bytes
 src/os_dbd/._server.c                              |  Bin 0 -> 212 bytes
 src/os_dbd/alert.c                                 |   28 +-
 src/os_dbd/config.c                                |   14 +-
 src/os_dbd/db_op.c                                 |   62 +-
 src/os_dbd/db_op.h                                 |    2 +-
 src/os_dbd/dbd.c                                   |    6 +-
 src/os_dbd/dbd.h                                   |    4 +-
 src/os_dbd/main.c                                  |   51 +-
 src/os_dbd/rules.c                                 |   38 +-
 src/os_dbd/server.c                                |   12 +-
 src/os_execd/._Makefile                            |  Bin 0 -> 212 bytes
 src/os_execd/._config.c                            |  Bin 0 -> 212 bytes
 src/os_execd/._exec.c                              |  Bin 0 -> 212 bytes
 src/os_execd/._execd.c                             |  Bin 0 -> 212 bytes
 src/os_execd/._execd.h                             |  Bin 0 -> 212 bytes
 src/os_execd/._win_execd.c                         |  Bin 0 -> 212 bytes
 src/os_execd/config.c                              |   16 +-
 src/os_execd/exec.c                                |   38 +-
 src/os_execd/execd.c                               |   91 ++-
 src/os_execd/execd.h                               |    2 +-
 src/os_execd/win_execd.c                           |   38 +-
 src/os_maild/._Makefile                            |  Bin 0 -> 212 bytes
 src/os_maild/._config.c                            |  Bin 0 -> 212 bytes
 src/os_maild/._mail_list.c                         |  Bin 0 -> 212 bytes
 src/os_maild/._mail_list.h                         |  Bin 0 -> 212 bytes
 src/os_maild/._maild.c                             |  Bin 0 -> 212 bytes
 src/os_maild/._maild.h                             |  Bin 0 -> 212 bytes
 src/os_maild/._os_maild_client.c                   |  Bin 0 -> 212 bytes
 src/os_maild/._sendcustomemail.c                   |  Bin 0 -> 212 bytes
 src/os_maild/._sendmail.c                          |  Bin 0 -> 212 bytes
 src/os_maild/config.c                              |    2 +-
 src/os_maild/mail_list.c                           |   42 +-
 src/os_maild/mail_list.h                           |    6 +-
 src/os_maild/maild.c                               |  105 ++-
 src/os_maild/maild.h                               |    6 +-
 src/os_maild/os_maild_client.c                     |   90 +--
 src/os_maild/sendcustomemail.c                     |   12 +-
 src/os_maild/sendmail.c                            |   29 +-
 src/os_net/._COPYRIGHT                             |  Bin 0 -> 212 bytes
 src/os_net/._Makefile                              |  Bin 0 -> 212 bytes
 src/os_net/._VERSION                               |  Bin 0 -> 212 bytes
 src/os_net/._os_err.h                              |  Bin 0 -> 212 bytes
 src/os_net/._os_net.c                              |  Bin 0 -> 212 bytes
 src/os_net/._os_net.h                              |  Bin 0 -> 212 bytes
 src/os_net/os_err.h                                |    2 +-
 src/os_net/os_net.c                                |   78 +--
 src/os_net/os_net.h                                |   12 +-
 src/os_regex/._COPYRIGHT                           |  Bin 0 -> 212 bytes
 src/os_regex/._Makefile                            |  Bin 0 -> 212 bytes
 src/os_regex/._README                              |  Bin 0 -> 212 bytes
 src/os_regex/._VERSION                             |  Bin 0 -> 212 bytes
 src/os_regex/._os_match.c                          |  Bin 0 -> 212 bytes
 src/os_regex/._os_match_compile.c                  |  Bin 0 -> 212 bytes
 src/os_regex/._os_match_execute.c                  |  Bin 0 -> 212 bytes
 src/os_regex/._os_match_free_pattern.c             |  Bin 0 -> 212 bytes
 src/os_regex/._os_regex.c                          |  Bin 0 -> 212 bytes
 src/os_regex/._os_regex.h                          |  Bin 0 -> 212 bytes
 src/os_regex/._os_regex_compile.c                  |  Bin 0 -> 212 bytes
 src/os_regex/._os_regex_execute.c                  |  Bin 0 -> 212 bytes
 src/os_regex/._os_regex_free_pattern.c             |  Bin 0 -> 212 bytes
 src/os_regex/._os_regex_free_substrings.c          |  Bin 0 -> 212 bytes
 src/os_regex/._os_regex_internal.h                 |  Bin 0 -> 212 bytes
 src/os_regex/._os_regex_maps.h                     |  Bin 0 -> 212 bytes
 src/os_regex/._os_regex_match.c                    |  Bin 0 -> 212 bytes
 src/os_regex/._os_regex_str.c                      |  Bin 0 -> 212 bytes
 src/os_regex/._os_regex_strbreak.c                 |  Bin 0 -> 212 bytes
 src/os_regex/examples/._Makefile                   |  Bin 0 -> 212 bytes
 src/os_regex/examples/._match.c                    |  Bin 0 -> 212 bytes
 src/os_regex/examples/._regex.c                    |  Bin 0 -> 212 bytes
 src/os_regex/examples/._regex_str.c                |  Bin 0 -> 212 bytes
 src/os_regex/examples/._run.sh                     |  Bin 0 -> 212 bytes
 src/os_regex/examples/._validate.pl                |  Bin 0 -> 212 bytes
 src/os_regex/examples/match.c                      |    2 +-
 src/os_regex/examples/regex.c                      |    2 +-
 src/os_regex/examples/regex_str.c                  |   16 +-
 src/os_regex/examples/tests/._false.regex          |  Bin 0 -> 212 bytes
 src/os_regex/examples/tests/._false.tests          |  Bin 0 -> 212 bytes
 src/os_regex/examples/tests/._str.regex            |  Bin 0 -> 212 bytes
 src/os_regex/examples/tests/._true.regex           |  Bin 0 -> 212 bytes
 src/os_regex/examples/tests/._true.tests           |  Bin 0 -> 212 bytes
 src/os_regex/os_match.c                            |    6 +-
 src/os_regex/os_match_compile.c                    |   48 +-
 src/os_regex/os_match_execute.c                    |   28 +-
 src/os_regex/os_match_free_pattern.c               |    2 +-
 src/os_regex/os_regex.c                            |    2 +-
 src/os_regex/os_regex.h                            |   18 +-
 src/os_regex/os_regex_compile.c                    |   68 +-
 src/os_regex/os_regex_execute.c                    |   78 +--
 src/os_regex/os_regex_free_pattern.c               |    4 +-
 src/os_regex/os_regex_internal.h                   |   20 +-
 src/os_regex/os_regex_maps.h                       |    6 +-
 src/os_regex/os_regex_match.c                      |   36 +-
 src/os_regex/os_regex_str.c                        |   14 +-
 src/os_regex/os_regex_strbreak.c                   |    8 +-
 src/os_xml/._COPYRIGHT                             |  Bin 0 -> 212 bytes
 src/os_xml/._Makefile                              |  Bin 0 -> 212 bytes
 src/os_xml/._README                                |  Bin 0 -> 212 bytes
 src/os_xml/._VERSION                               |  Bin 0 -> 212 bytes
 src/os_xml/._os_xml.c                              |  Bin 0 -> 212 bytes
 src/os_xml/._os_xml.h                              |  Bin 0 -> 212 bytes
 src/os_xml/._os_xml_access.c                       |  Bin 0 -> 212 bytes
 src/os_xml/._os_xml_node_access.c                  |  Bin 0 -> 212 bytes
 src/os_xml/._os_xml_variables.c                    |  Bin 0 -> 212 bytes
 src/os_xml/._os_xml_writer.c                       |  Bin 0 -> 212 bytes
 src/os_xml/._os_xml_writer.h                       |  Bin 0 -> 212 bytes
 src/os_xml/examples/._mem_test.c                   |  Bin 0 -> 212 bytes
 src/os_xml/examples/._test.c                       |  Bin 0 -> 212 bytes
 src/os_xml/examples/._test.xml                     |  Bin 0 -> 212 bytes
 src/os_xml/examples/mem_test.c                     |   14 +-
 src/os_xml/examples/test.c                         |   12 +-
 src/os_xml/os_xml.c                                |   42 +-
 src/os_xml/os_xml_access.c                         |   32 +-
 src/os_xml/os_xml_node_access.c                    |   28 +-
 src/os_xml/os_xml_variables.c                      |   92 +--
 src/os_xml/os_xml_writer.c                         |   42 +-
 src/os_xml/os_xml_writer.h                         |    2 +-
 src/os_zlib/._Makefile                             |  Bin 0 -> 212 bytes
 src/os_zlib/._os_zlib.c                            |  Bin 0 -> 212 bytes
 src/os_zlib/._os_zlib.h                            |  Bin 0 -> 212 bytes
 src/os_zlib/._zlib-test.c                          |  Bin 0 -> 212 bytes
 src/os_zlib/os_zlib.c                              |   14 +-
 src/os_zlib/os_zlib.h                              |    2 +-
 src/os_zlib/zlib-test.c                            |   14 +-
 src/remoted/._COPYRIGHT                            |  Bin 0 -> 212 bytes
 src/remoted/._Makefile                             |  Bin 0 -> 212 bytes
 src/remoted/._README                               |  Bin 0 -> 212 bytes
 src/remoted/._VERSION                              |  Bin 0 -> 212 bytes
 src/remoted/._ar-forward.c                         |  Bin 0 -> 212 bytes
 src/remoted/._config.c                             |  Bin 0 -> 212 bytes
 src/remoted/._main.c                               |  Bin 0 -> 212 bytes
 src/remoted/._manager.c                            |  Bin 0 -> 212 bytes
 src/remoted/._remoted.c                            |  Bin 0 -> 212 bytes
 src/remoted/._remoted.h                            |  Bin 0 -> 212 bytes
 src/remoted/._secure.c                             |  Bin 0 -> 212 bytes
 src/remoted/._sendmsg.c                            |  Bin 0 -> 212 bytes
 src/remoted/._syslog.c                             |  Bin 0 -> 212 bytes
 src/remoted/._syslogtcp.c                          |  Bin 0 -> 212 bytes
 src/remoted/ar-forward.c                           |   32 +-
 src/remoted/config.c                               |    2 +-
 src/remoted/main.c                                 |   26 +-
 src/remoted/manager.c                              |  102 +--
 src/remoted/remoted.c                              |   28 +-
 src/remoted/remoted.h                              |    2 +-
 src/remoted/secure.c                               |   44 +-
 src/remoted/sendmsg.c                              |   22 +-
 src/remoted/syslog.c                               |   10 +-
 src/remoted/syslogtcp.c                            |   24 +-
 src/rootcheck/._Makefile                           |  Bin 0 -> 212 bytes
 src/rootcheck/._check_open_ports.c                 |  Bin 0 -> 212 bytes
 src/rootcheck/._check_rc_dev.c                     |  Bin 0 -> 212 bytes
 src/rootcheck/._check_rc_files.c                   |  Bin 0 -> 212 bytes
 src/rootcheck/._check_rc_if.c                      |  Bin 0 -> 212 bytes
 src/rootcheck/._check_rc_pids.c                    |  Bin 0 -> 212 bytes
 src/rootcheck/._check_rc_policy.c                  |  Bin 0 -> 212 bytes
 src/rootcheck/._check_rc_ports.c                   |  Bin 0 -> 212 bytes
 src/rootcheck/._check_rc_readproc.c                |  Bin 0 -> 212 bytes
 src/rootcheck/._check_rc_sys.c                     |  Bin 0 -> 212 bytes
 src/rootcheck/._check_rc_trojans.c                 |  Bin 0 -> 212 bytes
 src/rootcheck/._common.c                           |  Bin 0 -> 212 bytes
 src/rootcheck/._common_rcl.c                       |  Bin 0 -> 212 bytes
 src/rootcheck/._config.c                           |  Bin 0 -> 212 bytes
 src/rootcheck/._os_string.c                        |  Bin 0 -> 212 bytes
 src/rootcheck/._rootcheck-config.c                 |  Bin 0 -> 212 bytes
 src/rootcheck/._rootcheck.c                        |  Bin 0 -> 212 bytes
 src/rootcheck/._rootcheck.conf                     |  Bin 0 -> 212 bytes
 src/rootcheck/._rootcheck.h                        |  Bin 0 -> 212 bytes
 src/rootcheck/._run_rk_check.c                     |  Bin 0 -> 212 bytes
 src/rootcheck/._unix-process.c                     |  Bin 0 -> 212 bytes
 src/rootcheck/._win-common.c                       |  Bin 0 -> 212 bytes
 src/rootcheck/._win-process.c                      |  Bin 0 -> 212 bytes
 src/rootcheck/check_open_ports.c                   |   20 +-
 src/rootcheck/check_rc_dev.c                       |   52 +-
 src/rootcheck/check_rc_files.c                     |   74 +-
 src/rootcheck/check_rc_if.c                        |   24 +-
 src/rootcheck/check_rc_pids.c                      |  100 +--
 src/rootcheck/check_rc_policy.c                    |   18 +-
 src/rootcheck/check_rc_ports.c                     |   28 +-
 src/rootcheck/check_rc_readproc.c                  |   34 +-
 src/rootcheck/check_rc_sys.c                       |  104 +--
 src/rootcheck/check_rc_trojans.c                   |   28 +-
 src/rootcheck/common.c                             |  139 ++--
 src/rootcheck/common_rcl.c                         |  106 +--
 src/rootcheck/config.c                             |    2 +-
 src/rootcheck/db/._cis_debian_linux_rcl.txt        |  Bin 0 -> 212 bytes
 src/rootcheck/db/._cis_rhel5_linux_rcl.txt         |  Bin 0 -> 212 bytes
 src/rootcheck/db/._cis_rhel_linux_rcl.txt          |  Bin 0 -> 212 bytes
 src/rootcheck/db/._rootkit_files.txt               |  Bin 0 -> 212 bytes
 src/rootcheck/db/._rootkit_trojans.txt             |  Bin 0 -> 212 bytes
 src/rootcheck/db/._system_audit_rcl.txt            |  Bin 0 -> 212 bytes
 src/rootcheck/db/._win_applications_rcl.txt        |  Bin 0 -> 212 bytes
 src/rootcheck/db/._win_audit_rcl.txt               |  Bin 0 -> 212 bytes
 src/rootcheck/db/._win_malware_rcl.txt             |  Bin 0 -> 212 bytes
 src/rootcheck/os_string.c                          |   38 +-
 src/rootcheck/rootcheck-config.c                   |   54 +-
 src/rootcheck/rootcheck.c                          |   74 +-
 src/rootcheck/rootcheck.h                          |   22 +-
 src/rootcheck/run_rk_check.c                       |   98 +--
 src/rootcheck/unix-process.c                       |   28 +-
 src/rootcheck/util/._ads_dump.c                    |  Bin 0 -> 212 bytes
 src/rootcheck/util/ads_dump.c                      |   30 +-
 src/rootcheck/win-common.c                         |   64 +-
 src/rootcheck/win-process.c                        |   24 +-
 src/shared/._Makefile                              |  Bin 0 -> 212 bytes
 src/shared/._agent_op.c                            |  Bin 0 -> 212 bytes
 src/shared/._debug_op.c                            |  Bin 0 -> 212 bytes
 src/shared/._dirtree_op.c                          |  Bin 0 -> 212 bytes
 src/shared/._file-queue.c                          |  Bin 0 -> 212 bytes
 src/shared/._file_op.c                             |  Bin 0 -> 212 bytes
 src/shared/._hash_op.c                             |  Bin 0 -> 212 bytes
 src/shared/._help.c                                |  Bin 0 -> 212 bytes
 src/shared/._list_op.c                             |  Bin 0 -> 212 bytes
 src/shared/._math_op.c                             |  Bin 0 -> 212 bytes
 src/shared/._mem_op.c                              |  Bin 0 -> 212 bytes
 src/shared/._mq_op.c                               |  Bin 0 -> 212 bytes
 src/shared/._privsep_op.c                          |  Bin 0 -> 212 bytes
 src/shared/._pthreads_op.c                         |  Bin 0 -> 212 bytes
 src/shared/._read-agents.c                         |  Bin 0 -> 212 bytes
 src/shared/._read-alert.c                          |  Bin 0 -> 212 bytes
 src/shared/._regex_op.c                            |  Bin 0 -> 212 bytes
 src/shared/._report_op.c                           |  Bin 0 -> 212 bytes
 src/shared/._rules_op.c                            |  Bin 0 -> 212 bytes
 src/shared/._sig_op.c                              |  Bin 0 -> 212 bytes
 src/shared/._store_op.c                            |  Bin 0 -> 212 bytes
 src/shared/._string_op.c                           |  Bin 0 -> 212 bytes
 src/shared/._validate_op.c                         |  Bin 0 -> 212 bytes
 src/shared/._wait_op.c                             |  Bin 0 -> 212 bytes
 src/shared/agent_op.c                              |   32 +-
 src/shared/custom_output_search_replace.c          |  158 -----
 src/shared/debug_op.c                              |   16 +-
 src/shared/dirtree_op.c                            |   38 +-
 src/shared/file-queue.c                            |   36 +-
 src/shared/file_op.c                               |  118 ++--
 src/shared/hash_op.c                               |   34 +-
 src/shared/list_op.c                               |   52 +-
 src/shared/math_op.c                               |    6 +-
 src/shared/mem_op.c                                |    8 +-
 src/shared/mq_op.c                                 |   24 +-
 src/shared/privsep_op.c                            |   26 +-
 src/shared/read-agents.c                           |  286 ++++----
 src/shared/read-alert.c                            |   85 ++-
 src/shared/regex_op.c                              |    8 +-
 src/shared/report_op.c                             |  154 ++---
 src/shared/rules_op.c                              |  166 ++---
 src/shared/sig_op.c                                |    6 +-
 src/shared/store_op.c                              |   82 +--
 src/shared/string_op.c                             |   35 +-
 src/shared/tests/._Makefile                        |  Bin 0 -> 212 bytes
 src/shared/tests/._hash_test.c                     |  Bin 0 -> 212 bytes
 src/shared/tests/._ip_test.c                       |  Bin 0 -> 212 bytes
 src/shared/tests/._merge_test.c                    |  Bin 0 -> 212 bytes
 src/shared/tests/._prime_test.c                    |  Bin 0 -> 212 bytes
 src/shared/tests/hash_test.c                       |    6 +-
 src/shared/tests/ip_test.c                         |    2 +-
 src/shared/validate_op.c                           |  118 ++--
 src/shared/wait_op.c                               |   10 +-
 src/syscheckd/._Makefile                           |  Bin 0 -> 212 bytes
 src/syscheckd/._config.c                           |  Bin 0 -> 212 bytes
 src/syscheckd/._create_db.c                        |  Bin 0 -> 212 bytes
 src/syscheckd/._run_check.c                        |  Bin 0 -> 212 bytes
 src/syscheckd/._run_realtime.c                     |  Bin 0 -> 212 bytes
 src/syscheckd/._seechanges.c                       |  Bin 0 -> 212 bytes
 src/syscheckd/._syscheck-baseline.c                |  Bin 0 -> 212 bytes
 src/syscheckd/._syscheck.c                         |  Bin 0 -> 212 bytes
 src/syscheckd/._syscheck.h                         |  Bin 0 -> 212 bytes
 src/syscheckd/._win-registry.c                     |  Bin 0 -> 212 bytes
 src/syscheckd/config.c                             |    4 +-
 src/syscheckd/create_db.c                          |  108 ++-
 src/syscheckd/run_check.c                          |  107 ++-
 src/syscheckd/run_realtime.c                       |   32 +-
 src/syscheckd/seechanges.c                         |   32 +-
 src/syscheckd/syscheck-baseline.c                  |   34 +-
 src/syscheckd/syscheck.c                           |   62 +-
 src/syscheckd/syscheck.h                           |    8 +-
 src/syscheckd/win-registry.c                       |   84 +--
 src/sysinfo/._df.c                                 |  Bin 0 -> 212 bytes
 src/sysinfo/._statfs.c                             |  Bin 0 -> 212 bytes
 src/sysinfo/._statfs.h                             |  Bin 0 -> 212 bytes
 src/sysinfo/statfs.c                               |    6 +-
 src/util/._Makefile                                |  Bin 0 -> 212 bytes
 src/util/._agent_control.c                         |  Bin 0 -> 212 bytes
 src/util/._clear_stats.c                           |  Bin 0 -> 212 bytes
 src/util/._list_agents.c                           |  Bin 0 -> 212 bytes
 src/util/._ossec-regex.c                           |  Bin 0 -> 212 bytes
 src/util/._rootcheck_control.c                     |  Bin 0 -> 212 bytes
 src/util/._syscheck_control.c                      |  Bin 0 -> 212 bytes
 src/util/._syscheck_update.c                       |  Bin 0 -> 212 bytes
 src/util/._verify-agent-conf.c                     |  Bin 0 -> 212 bytes
 src/util/agent_control.c                           |   84 +--
 src/util/clear_stats.c                             |   44 +-
 src/util/list_agents.c                             |   22 +-
 src/util/ossec-regex.c                             |   44 +-
 src/util/rootcheck_control.c                       |   58 +-
 src/util/syscheck_control.c                        |   66 +-
 src/util/syscheck_update.c                         |   36 +-
 src/util/verify-agent-conf.c                       |   10 +-
 src/win32/._add-localfile.c                        |  Bin 0 -> 212 bytes
 src/win32/._doc.html                               |  Bin 0 -> 212 bytes
 src/win32/._extract-win-el.c                       |  Bin 0 -> 212 bytes
 src/win32/._favicon.ico                            |  Bin 0 -> 212 bytes
 src/win32/._favicon2.ico                           |  Bin 0 -> 212 bytes
 src/win32/._gen_win.cmd                            |  Bin 0 -> 212 bytes
 src/win32/._gen_win.sh                             |  Bin 0 -> 212 bytes
 src/win32/._help.txt                               |  Bin 0 -> 212 bytes
 src/win32/._icofile.rc                             |  Bin 0 -> 212 bytes
 src/win32/._iis-logs.bat                           |  Bin 0 -> 212 bytes
 src/win32/._make.bat                               |  Bin 0 -> 212 bytes
 src/win32/._make.sh                                |  Bin 0 -> 212 bytes
 src/win32/._os_win.h                               |  Bin 0 -> 212 bytes
 src/win32/._ossec-installer.nsi                    |  Bin 0 -> 212 bytes
 src/win32/._ossec-uninstall.ico                    |  Bin 0 -> 212 bytes
 src/win32/._ossec.conf                             |  Bin 0 -> 212 bytes
 src/win32/._read-registry.c                        |  Bin 0 -> 212 bytes
 src/win32/._service-start.c                        |  Bin 0 -> 212 bytes
 src/win32/._service-stop.c                         |  Bin 0 -> 212 bytes
 src/win32/._setup-iis.c                            |  Bin 0 -> 212 bytes
 src/win32/._setup-shared.c                         |  Bin 0 -> 212 bytes
 src/win32/._setup-shared.h                         |  Bin 0 -> 212 bytes
 src/win32/._setup-syscheck.c                       |  Bin 0 -> 212 bytes
 src/win32/._setup-win.c                            |  Bin 0 -> 212 bytes
 src/win32/._ui.nsi                                 |  Bin 0 -> 212 bytes
 src/win32/._unix2dos.pl                            |  Bin 0 -> 212 bytes
 src/win32/._vista_sec.csv                          |  Bin 0 -> 212 bytes
 src/win32/._win-files.txt                          |  Bin 0 -> 212 bytes
 src/win32/._win_agent.c                            |  Bin 0 -> 212 bytes
 src/win32/._win_service.c                          |  Bin 0 -> 212 bytes
 src/win32/add-localfile.c                          |   34 +-
 src/win32/extract-win-el.c                         |   82 +--
 src/win32/help.txt                                 |    6 +-
 src/win32/os_win.h                                 |    6 +-
 src/win32/ossec-installer.nsi                      |    4 +-
 src/win32/read-registry.c                          |   36 +-
 src/win32/service-start.c                          |    4 +-
 src/win32/service-stop.c                           |    4 +-
 src/win32/setup-iis.c                              |   88 +--
 src/win32/setup-shared.c                           |    4 +-
 src/win32/setup-shared.h                           |    2 +-
 src/win32/setup-syscheck.c                         |    4 +-
 src/win32/setup-win.c                              |   14 +-
 src/win32/ui.nsi                                   |    2 +-
 src/win32/ui/._common.c                            |  Bin 0 -> 212 bytes
 src/win32/ui/._favicon.ico                         |  Bin 0 -> 212 bytes
 src/win32/ui/._make.bat                            |  Bin 0 -> 212 bytes
 src/win32/ui/._make.sh                             |  Bin 0 -> 212 bytes
 src/win32/ui/._os_win32ui.c                        |  Bin 0 -> 212 bytes
 src/win32/ui/._os_win32ui.exe.manifest             |  Bin 0 -> 212 bytes
 src/win32/ui/._os_win32ui.h                        |  Bin 0 -> 212 bytes
 src/win32/ui/._win32ui.rc                          |  Bin 0 -> 212 bytes
 src/win32/ui/common.c                              |   32 +-
 src/win32/ui/os_win32ui.c                          |   88 +--
 src/win32/ui/os_win32ui.h                          |    4 +-
 src/win32/win_agent.c                              |  155 ++---
 src/win32/win_service.c                            |   48 +-
 1386 files changed, 5671 insertions(+), 7885 deletions(-)

diff --git a/._.hg_archival.txt b/._.hg_archival.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/._.hg_archival.txt differ
diff --git a/._.hgignore b/._.hgignore
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/._.hgignore differ
diff --git a/._.hgtags b/._.hgtags
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/._.hgtags differ
diff --git a/._BUGS b/._BUGS
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/._BUGS differ
diff --git a/._CONFIG b/._CONFIG
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/._CONFIG differ
diff --git a/._CONTRIBUTORS b/._CONTRIBUTORS
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/._CONTRIBUTORS differ
diff --git a/._INSTALL b/._INSTALL
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/._INSTALL differ
diff --git a/._LICENSE b/._LICENSE
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/._LICENSE differ
diff --git a/._README b/._README
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/._README differ
diff --git a/._install.sh b/._install.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/._install.sh differ
diff --git a/.hg_archival.txt b/.hg_archival.txt
index 4ca74dc..c696e38 100644
--- a/.hg_archival.txt
+++ b/.hg_archival.txt
@@ -1,5 +1,5 @@
 repo: b55c69ab0638427c3307fb169a767b950530ce4a
-node: c3bbae6804264f5d015edae0fc15f9ccd71e0f6f
+node: c1d1982737cb58bbffc9721f82c0532323f36bba
 branch: default
-latesttag: v2.7
-latesttagdistance: 60
+latesttag: v2.6.0 Final plus enhancements
+latesttagdistance: 107
diff --git a/.hgignore b/.hgignore
index 1394769..4f821f1 100644
--- a/.hgignore
+++ b/.hgignore
@@ -5,7 +5,6 @@ syntax: glob
 *.o
 *.a
 *.dSYM
-*.orig
 .hgignore
 
 # Auto generated build files
diff --git a/.hgtags b/.hgtags
index 2a4136a..02ea517 100644
--- a/.hgtags
+++ b/.hgtags
@@ -7,6 +7,3 @@
 6f9682e3e1492532e48455e6ca65ca27151f1931 AgentConfigProfile-beta
 7f7d3ed19f558c985931a9b2734a6d5fabc42ab3 MultpileProfileWithOverwriting
 3c4f446bab8d58b93c99e14276ec599319e61401 v2.6.0 Final plus enhancements
-c1d1982737cb58bbffc9721f82c0532323f36bba v2.7-beta1
-39c20dca5873f178beb31168e79dcf654139e578 2.7-beta2
-10cc358d57a8cf57eb9c97c411cc2a118a3c14ac v2.7
diff --git a/BUGS b/BUGS
index e5cde6e..adf841c 100644
--- a/BUGS
+++ b/BUGS
@@ -1,5 +1,5 @@
-OSSEC v2.7.1
-Copyright (C) 2013 Trend Micro Inc.
+OSSEC v2.7-beta1
+Copyright (C) 2012 Trend Micro Inc.
 
 
 ** Reporting bugs **
diff --git a/CONFIG b/CONFIG
index 18dbd1f..b825170 100644
--- a/CONFIG
+++ b/CONFIG
@@ -1,5 +1,5 @@
-OSSEC v2.7.1
-Copyright (C) 2013 Trend Micro Inc.
+OSSEC v2.7-beta1
+Copyright (C) 2012 Trend Micro Inc.
 
 
 = Information about OSSEC =
@@ -16,4 +16,4 @@ See INSTALL
 
 Just follow the steps from the install.sh script.
 More information at
-http://www.ossec.net/doc/manual/index.html
+http://www.ossec.net/en/manual.html
diff --git a/CONTRIBUTORS b/CONTRIBUTORS
index 211226f..3d2ae12 100644
--- a/CONTRIBUTORS
+++ b/CONTRIBUTORS
@@ -1,5 +1,5 @@
-OSSEC v2.7.1
-Copyright (C) 2013 Trend Micro Inc.
+OSSEC v2.7-beta1
+Copyright (C) 2012 Trend Micro Inc.
 
 Many thanks to everyone who contributed and helped with
 the ossec project. Below is the list of all the people
@@ -15,21 +15,14 @@ who helped us since our first release (0.1).
   - Slava Semushin <php-coder at altlinux.org>
   - Ahmet Ozturk <oahmet ( at )  metu.edu.tr>
   - Scott R. Shinn 
-  - George Kargiotakis
   - Jason Stelzer
-  - Xavier Mertens
-  - Stjepan Gros
-  - Brad Lhotsky
+  - Stjepan
   - cmlara
-  - Christian Gottsche (cgzones)
   - Dominic
   - JB Cheng
-  - Cristobel Rosa ( at ) alienvault
-  - jp.zurbrugg
-  - bil_hays (at) unc edu
 
 
--Testing/Patches Rules and other contributions.
+-Testing/Patches and other contributions.
   - Cédric Bleimling <cedri at dryades.org
   - Dean Takemori <dtakemori at thdfsg.com>
   - Sebastien Tricaud <toady at gscore.org>
@@ -58,11 +51,6 @@ who helped us since our first release (0.1).
   - Danny Fullerton
   - Jeremy Hanmer
   - Pepe Sanz
-  - Kat Fitzgerald
-  - Regis Houssin
-  - carlopmart
-  - Ash Kumar
-  - Alexandro Silva
   
   
 -Translations
diff --git a/INSTALL b/INSTALL
index c26efc9..675e33b 100644
--- a/INSTALL
+++ b/INSTALL
@@ -1,5 +1,5 @@
-OSSEC v2.7.1
-Copyright (C) 2013 Trend Micro Inc.
+OSSEC v2.7-beta1
+Copyright (C) 2012 Trend Micro Inc.
 
 
 = Information about OSSEC =
diff --git a/LICENSE b/LICENSE
index 8975df2..2652963 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,5 +1,5 @@
 
- Copyright (C) 2003 - 2013 Trend Micro Inc. All rights reserved.
+ Copyright (C) 2012 Trend Micro Inc. All rights reserved.
 
  OSSEC HIDS is a free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License (version 2) as
diff --git a/README b/README
index 7c9b1b3..a8ef3d6 100644
--- a/README
+++ b/README
@@ -1,5 +1,5 @@
-OSSEC v2.7.1
-Copyright (C) 2013 Trend Micro Inc.
+OSSEC v2.7-beta1
+Copyright (C) 2012 Trend Micro Inc.
 
 
 = Information about OSSEC =
diff --git a/active-response/._disable-account.sh b/active-response/._disable-account.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/active-response/._disable-account.sh differ
diff --git a/active-response/._firewall-drop.sh b/active-response/._firewall-drop.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/active-response/._firewall-drop.sh differ
diff --git a/active-response/._host-deny.sh b/active-response/._host-deny.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/active-response/._host-deny.sh differ
diff --git a/active-response/._ossec-tweeter.sh b/active-response/._ossec-tweeter.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/active-response/._ossec-tweeter.sh differ
diff --git a/active-response/._restart-ossec.sh b/active-response/._restart-ossec.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/active-response/._restart-ossec.sh differ
diff --git a/active-response/._route-null.sh b/active-response/._route-null.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/active-response/._route-null.sh differ
diff --git a/active-response/firewall-drop.sh b/active-response/firewall-drop.sh
index 820d759..bce6c6a 100755
--- a/active-response/firewall-drop.sh
+++ b/active-response/firewall-drop.sh
@@ -6,8 +6,7 @@
 # Expect: srcip
 # Author: Ahmet Ozturk (ipfilter and IPSec)
 # Author: Daniel B. Cid (iptables)
-# Author: cgzones 
-# Last modified: Oct 04, 2012
+# Last modified: Feb 14, 2006
 
 UNAME=`uname`
 ECHO="/bin/echo"
@@ -29,19 +28,15 @@ RULEID=""
 ACTION=$1
 USER=$2
 IP=$3
-PWD=`pwd`
-LOCK="${PWD}/fw-drop"
-LOCK_PID="${PWD}/fw-drop/pid"
-
 
 LOCAL=`dirname $0`;
 cd $LOCAL
 cd ../
-filename=$(basename "$0")
-
-LOG_FILE="${PWD}/../logs/active-responses.log"
+PWD=`pwd`
+LOCK="${PWD}/fw-drop"
+LOCK_PID="${PWD}/fw-drop/pid"
 
-echo "`date` $0 $1 $2 $3 $4 $5" >> ${LOG_FILE}
+echo "`date` $0 $1 $2 $3 $4 $5" >> ${PWD}/../logs/active-responses.log
 
 
 # Checking for an IP
@@ -53,14 +48,9 @@ fi
 case "${IP}" in
     *:* ) IPTABLES=$IP6TABLES;;
     *.* ) IPTABLES=$IP4TABLES;;
-    * ) echo "`date` Unable to run active response (invalid IP: '${IP}')." >> ${LOG_FILE} && exit 1;;
+    * ) echo "`date` Unable to run active response (invalid IP)." >> ${PWD}/../logs/active-responses.log && exit 1;;
 esac
 
-# This number should be more than enough (even if a hundred
-# instances of this script is ran together). If you have
-# a really loaded env, you can increase it to 75 or 100.
-MAX_ITERATION="50"
-
 # Lock function
 lock()
 {
@@ -79,45 +69,30 @@ lock()
         C_PID=`cat ${LOCK_PID} 2>/dev/null`
         if [ "x" = "x${S_PID}" ]; then
             S_PID=${C_PID}
-        fi
+        fi    
 
         # Breaking out of the loop after X attempts
         if [ "x${C_PID}" = "x${S_PID}" ]; then
             i=`expr $i + 1`;
         fi
-
+   
         # Sleep 1 after 10/25 interactions
         if [ "$i" = "10" -o "$i" = "25" ]; then
             sleep 1;
         fi
-
+             
         i=`expr $i + 1`;
-
+        
         # So i increments 2 by 2 if the pid does not change.
         # If the pid keeps changing, we will increments one
         # by one and fail after MAX_ITERACTION
-
         if [ "$i" = "${MAX_ITERATION}" ]; then
-            kill="false"
-            for pid in `pgrep -f "${filename}"`; do
-                if [ "x${pid}" = "x${C_PID}" ]; then
-                    # Unlocking and exiting
-                    kill -9 ${C_PID}
-                    echo "`date` Killed process ${C_PID} holding lock." >> ${LOG_FILE}
-                    kill="true"
-                    unlock;
-                    i=0;
-                    S_PID="";
-                    break;
-                fi
-            done
-
-            if [ "x${kill}" = "xfalse" ]; then
-                echo "`date` Unable kill process ${C_PID} holding lock." >> ${LOG_FILE}
-                # Unlocking and exiting
-                unlock;
-                exit 1;
-            fi
+            echo "`date` Unable to execute. Locked: $0" \
+                        >> ${PWD}/ossec-hids-responses.log
+            
+            # Unlocking and exiting
+            unlock;
+            exit 1;                
         fi
     done
 }
@@ -152,8 +127,7 @@ if [ "X${UNAME}" = "XLinux" ]; then
    if [ ! -x ${IPTABLES} ]; then
       IPTABLES="/usr"${IPTABLES}
       if [ ! -x ${IPTABLES} ]; then
-        echo "$0: can not find iptables"
-        exit 0;
+         exit 0;
       fi
    fi
 
@@ -161,13 +135,14 @@ if [ "X${UNAME}" = "XLinux" ]; then
    COUNT=0;
    lock;
    while [ 1 ]; do
+       echo ".."
         ${IPTABLES} ${ARG1}
         RES=$?
         if [ $RES = 0 ]; then
             break;
         else
             COUNT=`expr $COUNT + 1`;
-            echo "`date` Unable to run (iptables returning != $RES): $COUNT - $0 $1 $2 $3 $4 $5" >> ${LOG_FILE}
+            echo "`date` Unable to run (iptables returning != $RES): $COUNT - $0 $1 $2 $3 $4 $5" >> ${PWD}/../logs/active-responses.log     
             sleep $COUNT;
 
             if [ $COUNT -gt 4 ]; then
@@ -176,7 +151,6 @@ if [ "X${UNAME}" = "XLinux" ]; then
         fi
    done
    
-   COUNT=0;
    while [ 1 ]; do
         ${IPTABLES} ${ARG2}
         RES=$?
@@ -184,7 +158,7 @@ if [ "X${UNAME}" = "XLinux" ]; then
             break;
         else
             COUNT=`expr $COUNT + 1`;
-            echo "`date` Unable to run (iptables returning != $RES): $COUNT - $0 $1 $2 $3 $4 $5" >> ${LOG_FILE}
+            echo "`date` Unable to run (iptables returning != $RES): $COUNT - $0 $1 $2 $3 $4 $5" >> ${PWD}/../logs/active-responses.log     
             sleep $COUNT;
 
             if [ $COUNT -gt 4 ]; then
diff --git a/active-response/firewalls/._ipfw.sh b/active-response/firewalls/._ipfw.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/active-response/firewalls/._ipfw.sh differ
diff --git a/active-response/firewalls/._ipfw_mac.sh b/active-response/firewalls/._ipfw_mac.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/active-response/firewalls/._ipfw_mac.sh differ
diff --git a/active-response/firewalls/._pf.sh b/active-response/firewalls/._pf.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/active-response/firewalls/._pf.sh differ
diff --git a/active-response/ip-customblock.sh b/active-response/ip-customblock.sh
deleted file mode 100755
index 1210d50..0000000
--- a/active-response/ip-customblock.sh
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/sh
-# Custom OSSEC block / Easily modifiable for custom responses (touch a file, insert to db, etc).
-# Expect: srcip
-# Author: Daniel B. Cid
-# Last modified: Feb 16, 2013
-
-ACTION=$1
-USER=$2
-IP=$3
-
-LOCAL=`dirname $0`;
-cd $LOCAL
-cd ../
-PWD=`pwd`
-
-
-# Logging the call
-echo "`date` $0 $1 $2 $3 $4 $5" >> ${PWD}/../logs/active-responses.log
-
-
-# IP Address must be provided
-if [ "x${IP}" = "x" ]; then
-   echo "$0: Missing argument <action> <user> (ip)" 
-   exit 1;
-fi
-
-
-# Custom block (touching a file inside /ipblock/IP)
-if [ "x${ACTION}" = "xadd" ]; then
-    if [ ! -d /ipblock ]; then
-       mkdir /ipblock
-    fi
-    touch "/ipblock/${IP}"
-elif [ "x${ACTION}" = "xdelete" ]; then   
-    rm -f "/ipblock/${IP}"
-
-# Invalid action   
-else
-   echo "$0: invalid action: ${ACTION}"
-fi       
-
-exit 1;
diff --git a/active-response/win/._netsh.cmd b/active-response/win/._netsh.cmd
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/active-response/win/._netsh.cmd differ
diff --git a/active-response/win/._restart-ossec.cmd b/active-response/win/._restart-ossec.cmd
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/active-response/win/._restart-ossec.cmd differ
diff --git a/active-response/win/._route-null.cmd b/active-response/win/._route-null.cmd
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/active-response/win/._route-null.cmd differ
diff --git a/contrib/._active-list.pl b/contrib/._active-list.pl
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._active-list.pl differ
diff --git a/contrib/._add_localfile.sh b/contrib/._add_localfile.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._add_localfile.sh differ
diff --git a/contrib/._compile_alerts.pl b/contrib/._compile_alerts.pl
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._compile_alerts.pl differ
diff --git a/contrib/._compile_alerts.txt b/contrib/._compile_alerts.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._compile_alerts.txt differ
diff --git a/contrib/._config2xml b/contrib/._config2xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._config2xml differ
diff --git a/contrib/._ossec-batch-manager.pl b/contrib/._ossec-batch-manager.pl
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._ossec-batch-manager.pl differ
diff --git a/contrib/._ossec2mysql.conf b/contrib/._ossec2mysql.conf
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._ossec2mysql.conf differ
diff --git a/contrib/._ossec2mysql.pl b/contrib/._ossec2mysql.pl
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._ossec2mysql.pl differ
diff --git a/contrib/._ossec2mysql.sql b/contrib/._ossec2mysql.sql
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._ossec2mysql.sql differ
diff --git a/contrib/._ossec2mysqld.pl b/contrib/._ossec2mysqld.pl
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._ossec2mysqld.pl differ
diff --git a/contrib/._ossec2rss.php b/contrib/._ossec2rss.php
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._ossec2rss.php differ
diff --git a/contrib/._ossec_report.txt b/contrib/._ossec_report.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._ossec_report.txt differ
diff --git a/contrib/._ossec_report_contrib.pl b/contrib/._ossec_report_contrib.pl
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._ossec_report_contrib.pl differ
diff --git a/contrib/._ossecmysql.pm b/contrib/._ossecmysql.pm
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._ossecmysql.pm differ
diff --git a/contrib/._ossectop.pl b/contrib/._ossectop.pl
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._ossectop.pl differ
diff --git a/contrib/._util.sh b/contrib/._util.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/._util.sh differ
diff --git a/contrib/logtesting/._dotests.sh b/contrib/logtesting/._dotests.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/._dotests.sh differ
diff --git a/contrib/logtesting/1/._log b/contrib/logtesting/1/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/1/._log differ
diff --git a/contrib/logtesting/1/._res b/contrib/logtesting/1/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/1/._res differ
diff --git a/contrib/logtesting/10/._log b/contrib/logtesting/10/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/10/._log differ
diff --git a/contrib/logtesting/10/._res b/contrib/logtesting/10/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/10/._res differ
diff --git a/contrib/logtesting/11/._log b/contrib/logtesting/11/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/11/._log differ
diff --git a/contrib/logtesting/11/._res b/contrib/logtesting/11/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/11/._res differ
diff --git a/contrib/logtesting/12/._log b/contrib/logtesting/12/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/12/._log differ
diff --git a/contrib/logtesting/12/._res b/contrib/logtesting/12/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/12/._res differ
diff --git a/contrib/logtesting/13/._log b/contrib/logtesting/13/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/13/._log differ
diff --git a/contrib/logtesting/13/._res b/contrib/logtesting/13/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/13/._res differ
diff --git a/contrib/logtesting/14/._log b/contrib/logtesting/14/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/14/._log differ
diff --git a/contrib/logtesting/14/._res b/contrib/logtesting/14/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/14/._res differ
diff --git a/contrib/logtesting/15/._log b/contrib/logtesting/15/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/15/._log differ
diff --git a/contrib/logtesting/15/._res b/contrib/logtesting/15/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/15/._res differ
diff --git a/contrib/logtesting/16/._log b/contrib/logtesting/16/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/16/._log differ
diff --git a/contrib/logtesting/16/._res b/contrib/logtesting/16/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/16/._res differ
diff --git a/contrib/logtesting/17/._log b/contrib/logtesting/17/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/17/._log differ
diff --git a/contrib/logtesting/17/._res b/contrib/logtesting/17/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/17/._res differ
diff --git a/contrib/logtesting/18/._log b/contrib/logtesting/18/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/18/._log differ
diff --git a/contrib/logtesting/18/._res b/contrib/logtesting/18/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/18/._res differ
diff --git a/contrib/logtesting/19/._log b/contrib/logtesting/19/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/19/._log differ
diff --git a/contrib/logtesting/19/._res b/contrib/logtesting/19/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/19/._res differ
diff --git a/contrib/logtesting/2/._log b/contrib/logtesting/2/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/2/._log differ
diff --git a/contrib/logtesting/2/._res b/contrib/logtesting/2/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/2/._res differ
diff --git a/contrib/logtesting/20/._log b/contrib/logtesting/20/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/20/._log differ
diff --git a/contrib/logtesting/20/._res b/contrib/logtesting/20/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/20/._res differ
diff --git a/contrib/logtesting/21/._log b/contrib/logtesting/21/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/21/._log differ
diff --git a/contrib/logtesting/21/._res b/contrib/logtesting/21/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/21/._res differ
diff --git a/contrib/logtesting/22/._log b/contrib/logtesting/22/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/22/._log differ
diff --git a/contrib/logtesting/22/._res b/contrib/logtesting/22/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/22/._res differ
diff --git a/contrib/logtesting/23/._log b/contrib/logtesting/23/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/23/._log differ
diff --git a/contrib/logtesting/23/._res b/contrib/logtesting/23/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/23/._res differ
diff --git a/contrib/logtesting/24/._log b/contrib/logtesting/24/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/24/._log differ
diff --git a/contrib/logtesting/24/._res b/contrib/logtesting/24/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/24/._res differ
diff --git a/contrib/logtesting/25/._log b/contrib/logtesting/25/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/25/._log differ
diff --git a/contrib/logtesting/25/._res b/contrib/logtesting/25/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/25/._res differ
diff --git a/contrib/logtesting/26/._log b/contrib/logtesting/26/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/26/._log differ
diff --git a/contrib/logtesting/26/._res b/contrib/logtesting/26/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/26/._res differ
diff --git a/contrib/logtesting/27/._log b/contrib/logtesting/27/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/27/._log differ
diff --git a/contrib/logtesting/27/._res b/contrib/logtesting/27/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/27/._res differ
diff --git a/contrib/logtesting/28/._log b/contrib/logtesting/28/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/28/._log differ
diff --git a/contrib/logtesting/28/._res b/contrib/logtesting/28/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/28/._res differ
diff --git a/contrib/logtesting/29/._log b/contrib/logtesting/29/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/29/._log differ
diff --git a/contrib/logtesting/29/._res b/contrib/logtesting/29/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/29/._res differ
diff --git a/contrib/logtesting/3/._log b/contrib/logtesting/3/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/3/._log differ
diff --git a/contrib/logtesting/3/._res b/contrib/logtesting/3/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/3/._res differ
diff --git a/contrib/logtesting/30/._log b/contrib/logtesting/30/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/30/._log differ
diff --git a/contrib/logtesting/30/._res b/contrib/logtesting/30/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/30/._res differ
diff --git a/contrib/logtesting/31/._log b/contrib/logtesting/31/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/31/._log differ
diff --git a/contrib/logtesting/31/._res b/contrib/logtesting/31/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/31/._res differ
diff --git a/contrib/logtesting/32/._log b/contrib/logtesting/32/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/32/._log differ
diff --git a/contrib/logtesting/32/._res b/contrib/logtesting/32/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/32/._res differ
diff --git a/contrib/logtesting/33/._log b/contrib/logtesting/33/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/33/._log differ
diff --git a/contrib/logtesting/33/._res b/contrib/logtesting/33/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/33/._res differ
diff --git a/contrib/logtesting/34/._log b/contrib/logtesting/34/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/34/._log differ
diff --git a/contrib/logtesting/34/._res b/contrib/logtesting/34/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/34/._res differ
diff --git a/contrib/logtesting/35/._log b/contrib/logtesting/35/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/35/._log differ
diff --git a/contrib/logtesting/35/._res b/contrib/logtesting/35/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/35/._res differ
diff --git a/contrib/logtesting/36/._log b/contrib/logtesting/36/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/36/._log differ
diff --git a/contrib/logtesting/36/._res b/contrib/logtesting/36/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/36/._res differ
diff --git a/contrib/logtesting/37/._log b/contrib/logtesting/37/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/37/._log differ
diff --git a/contrib/logtesting/37/._res b/contrib/logtesting/37/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/37/._res differ
diff --git a/contrib/logtesting/38/._log b/contrib/logtesting/38/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/38/._log differ
diff --git a/contrib/logtesting/38/._res b/contrib/logtesting/38/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/38/._res differ
diff --git a/contrib/logtesting/39/._log b/contrib/logtesting/39/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/39/._log differ
diff --git a/contrib/logtesting/39/._res b/contrib/logtesting/39/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/39/._res differ
diff --git a/contrib/logtesting/4/._log b/contrib/logtesting/4/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/4/._log differ
diff --git a/contrib/logtesting/4/._res b/contrib/logtesting/4/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/4/._res differ
diff --git a/contrib/logtesting/40/._log b/contrib/logtesting/40/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/40/._log differ
diff --git a/contrib/logtesting/40/._res b/contrib/logtesting/40/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/40/._res differ
diff --git a/contrib/logtesting/41/._log b/contrib/logtesting/41/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/41/._log differ
diff --git a/contrib/logtesting/41/._res b/contrib/logtesting/41/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/41/._res differ
diff --git a/contrib/logtesting/42/._log b/contrib/logtesting/42/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/42/._log differ
diff --git a/contrib/logtesting/42/._res b/contrib/logtesting/42/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/42/._res differ
diff --git a/contrib/logtesting/43/._log b/contrib/logtesting/43/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/43/._log differ
diff --git a/contrib/logtesting/43/._res b/contrib/logtesting/43/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/43/._res differ
diff --git a/contrib/logtesting/44/._log b/contrib/logtesting/44/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/44/._log differ
diff --git a/contrib/logtesting/44/._res b/contrib/logtesting/44/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/44/._res differ
diff --git a/contrib/logtesting/5/._log b/contrib/logtesting/5/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/5/._log differ
diff --git a/contrib/logtesting/5/._res b/contrib/logtesting/5/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/5/._res differ
diff --git a/contrib/logtesting/6/._log b/contrib/logtesting/6/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/6/._log differ
diff --git a/contrib/logtesting/6/._res b/contrib/logtesting/6/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/6/._res differ
diff --git a/contrib/logtesting/7/._log b/contrib/logtesting/7/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/7/._log differ
diff --git a/contrib/logtesting/7/._res b/contrib/logtesting/7/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/7/._res differ
diff --git a/contrib/logtesting/8/._log b/contrib/logtesting/8/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/8/._log differ
diff --git a/contrib/logtesting/8/._res b/contrib/logtesting/8/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/8/._res differ
diff --git a/contrib/logtesting/9/._log b/contrib/logtesting/9/._log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/9/._log differ
diff --git a/contrib/logtesting/9/._res b/contrib/logtesting/9/._res
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/logtesting/9/._res differ
diff --git a/contrib/ossec-testing/._runtests.py b/contrib/ossec-testing/._runtests.py
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/ossec-testing/._runtests.py differ
diff --git a/contrib/ossec-testing/tests/._named.ini b/contrib/ossec-testing/tests/._named.ini
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/ossec-testing/tests/._named.ini differ
diff --git a/contrib/ossec2snorby/README b/contrib/ossec2snorby/README
deleted file mode 100644
index 6a0764a..0000000
--- a/contrib/ossec2snorby/README
+++ /dev/null
@@ -1,120 +0,0 @@
-File attachments:
-1- Init scripts for linux distributions:
-    a. ossec2snorby.sh = Generic
-    b. ossec2snorby_ubuntu.sh = Ubuntu init script (training wheels ! :D)
-2- ossec2snorby.pl = script
-3- ossec2snorby_category.sql = needed for script, explained below.
-4- NOT INCLUDED, ossec2snorby.pl still feeds off "ossecmysql.pm" which is already included in OSSEC/contrib. No modifications were made to the file.
-
-
-===============================================================================
-
-
-About this script:
-
-    ossec2snorby.pl comes from the original ossec2mysql.pl script, slight modifications were made to adapt it to snorby's requirements and
-as such, thanks must go to the original Author and Co-Author. I would also like to note that this is the first perl script I've made and so it might require tweaking 
-based on the environment it will be used in.
-
-Lastly, as any other contributions made to a community, responsibility lies on the person that uses this script and so please run numerous tests
-on a lab before pushing this to your production environment as you will have to tweak it based on your needs.
-
-
-----------------
-DEPENDENCIES:
-
-1- Ossec2snorby.pl depends on the table called "Category" which contains a relation between OSSEC's categories and Snorts signature classes.
-
-    import ossec2snorby_category.sql to your Snorby DB.
-
-    Follow the steps on this site if you do not know how to do this ( admin privileges are required towards the Snorby DB):
-    http://dev.mysql.com/doc/refman/5.0/en/batch-commands.html
-
-2- Follow the installation steps noted on ossec2snorby.pl ( view with your favorite text editor)
-
-
-3-Consider adding the following to your local decoders in OSSEC.
-    This will extract the SRCIP from the ossec events related to "Agent disconnected". Without this you'll get
-    "0.0.0.1" or "127.0.0.1" as source IP for these events.
-
-        <decoder name="ossec-agent2">
-          <parent>ossec</parent>
-          <type>ossec</type>
-          <prematch offset="after_parent">^Agent disconnected:</prematch>
-          <regex offset="after_prematch">^ '\S+(\d+.\d+.\d+.\d+)'</regex>
-          <order>srcip</order>
-        </decoder>
-
-
-
-NOTES:
-
-1- Using ossec2snorby.pl to dump many alerts at once (over 10k+ or 30k+ events) might crash Snorby's workers resulting in
-    No events being displayed on the dashboard. Events will still be displayed on the "events" section, but no statistics will be shown.
-
-    Possible fix? Clearing out the snorby daily stats might fix things:
-
-    Execute the following on your shell:
-    mysql -u root -p
-    <type password>
-
-    Execute: use snorby;
-    Execute: truncate table caches;
-    Execute: exit
-    
-    On the portal, go to Administration followed by Worker & Job Queue.
-    Search for "--- !ruby/struct:Snorby::Jobs::DailyCacheJob " by clicking on the job handler buttons. Once you find the DailyCacheJob handler click on the associated trash can button.
-    Now you'll see a new button below Administration called "Worker Options". click there followed by "Start Daily Cache Job"
-    Wait 10 minutes and then check your dashboard again.
-
-    If this does not work then you'll have to head over to Snorby's Google group and seek assistance.
-    
-
-2- Snorby expects that srcip and dstip be populated by a numeric value greater than "0" otherwise the GUI output will be incorrect. Note that if an entry is added in the DB table "iphdr" for an event where srcip\dstip are NOT populated then its default value will be "0".
-
-2.A- An IP address value of "0.0.0.1" will be shown when the field could not be populated, either for source or destination IP. This will happen if an event had no recognizable SRC\DST IP.
-    Note that Snorby should populate "N\A" on the GUI for IPs stated as "0", but it does not...
-    Note that "127.0.0.1" will be used for events generated on the OSSEC Server(localhost).
-    Note that the same IP address will appear in SRC and DST fields if the event was generated by the same host from where the event was sent from unless this host is the OSSEC server.
-
-4- Events will be categorized as "unknown" when a relation between OSSEC's category could not be matched against Snorby's sig class names. This match is completed using the "category" table. Please keep in mind that only the LAST OSSEC category is used for the match.  Its not optimal but its all I could think of.
-
-    EXAMPLE:
-    In this example, only "authentication_success" will be used, which when looked up on the category table, returns a sig_class_id of "11" which in turn snorby interprets as "successful-user"
-
-    example:
-        ** Alert 1359725403.1533356: - pam,syslog,authentication_success,
-        2013 Feb 01 09:30:03 (theHost) 192.168.1.1->/var/log/secure
-        Rule: 5501 (level 12) -> 'Login session opened.'
-        Feb  1 08:30:01 esx001 crond[19884]: pam_unix(crond:session): session opened for user root by (uid=0)
-
-
-5- ossec2snorby.pl depends on DNS resolutions unlike ossec2mysql.pl which allows us to choose whether or not to resolve a host; ossec2snorby.pl will try to resolve computer names(NetBIOS\Flatnames) by appending the domain suffix to them and querying your DNS servers. This only happens if OSSEC could not decode a SRC IP or if an IP address could not be decoded from the log by ossec2snorby.pl. Failure to resolve a host will force ossec2snorby to populate SRCIP as "0.0.0.1" or "127.0.0.1" d [...]
-
-=================================================
-Examples on how to use ossec2snorby.pl:
-
-1 - Process a single file:
-gzip -dc <OSSEC HOME>/var/ossec/logs/alerts/2013/Mar/ossec-alerts-07.log.gz | /usr/local/bin/ossec2snorby/ossec2snorby.pl --conf /etc/ossec2snorby.conf  --interface manualfeed
-
-2- Process a bunch of files ( CAREFUL!, too many DB inserts at once might cause problems with Snorby's workers):
-gzip -dc <OSSEC HOME>/var/ossec/logs/alerts/2013/Mar/ossec-alerts-*.log.gz | /usr/local/bin/ossec2snorby/ossec2snorby.pl --conf /etc/ossec2snorby.conf  --interface manualfeed
-
-3- Something isn't right and you'd like to debug?
-gzip -dc <OSSEC HOME>/var/ossec/logs/alerts/2013/Mar/ossec-alerts-07.log.gz | /usr/local/bin/ossec2snorby/ossec2snorby.pl -v --conf /etc/ossec2snorby.conf  --interface manualfeed > debug.log
-
-Now check out debug.log for details on each event.
-
-4- Run ossec2snorby.pl as a daemon:
-/usr/local/bin/ossec2snorby/ossec2snorby.pl --conf /etc/ossec2snorby.conf -d
-
-Confirm everything is running:
-ps auwx |grep ossec2snorby
-lsof |grep alerts:
-tail       2478             root    3r      REG              252,0     1394774    2760144 /var/ossec/logs/alerts/alerts.log
-
-Notice how it says "tail" has the file open, careful not to confuse the results with any other tail you might have running on alerts.log...
-
-==================
-Thats it ... I tried my best at making the script as stable as possible, any suggestions, opinions or critics are more than welcome. I hope this helps anyone trying to get Snorby to play nice with OSSEC.
-
diff --git a/contrib/ossec2snorby/ossec2snorby.pl b/contrib/ossec2snorby/ossec2snorby.pl
deleted file mode 100644
index ea3936f..0000000
--- a/contrib/ossec2snorby/ossec2snorby.pl
+++ /dev/null
@@ -1,716 +0,0 @@
-#!/usr/bin/perl -w
-use Socket;
-use POSIX 'setsid';
-use strict;
-use ossecmysql;
-# ---------------------------------------------------------------------------
-# Author: Meir Michanie (meirm at riunx.com)
-# Co-Author: J.A.Senger (jorge at br10.com.br)
-# $Id$
-# ---------------------------------------------------------------------------
-# http://www.riunx.com/
-# ---------------------------------------------------------------------------
-#
-# ---------------------------------------------------------------------------
-# About this script
-# ---------------------------------------------------------------------------
-#
-# "Ossec to Snorby" records the OSSEC HIDS alert logs in MySQL database.
-# It can run as a daemon (ossec2snorby.pl), recording in real-time the logs in database or
-# as a simple script (ossec2snorby.pl).
-#
-# ---------------------------------------------------------------------------
-# Snorby support by Jean-Pierre Zurbrugg (jp.zurbrugg at live.com)
-# ---------------------------------------------------------------------------
-# The original script by the Author and Co-author was taken as a template and
-# modified to work with Snorby (http://snorby.org) which uses a Snort DB schema.
-# Credit must go to the author\Co-author for the initial template. 
-#
-########################### WARNING ###############################
-# My modifications are by far stable and worthy of a production environment
-# WHITHOUT INICIAL TWEAKING. Please setup your labs and make sure everything
-# works properly before using this script on a production environment.
-########################### WARNING ###############################
-#
-#
-#  Changelog:
-#     * Extra validations were added to make sure srcip\dstip do not remain with
-#           a default value of "0" which causes GUI parsing errors if left unhandled.
-#     * Validation against '$hostname'; if localhost then srcip="127.0.0.1"
-#     * Snorby expects IP related data to be published on its "iphdr" table.
-#     * Snorby expects OSSEC's logs to be converted to HEX and wordwrapped.
-#     * Modified the scripts "Daemon" mode; it now uses "tail -Fn 0 <file>"
-#
-# ---------------------------------------------------------------------------
-# Prerequisites
-# ---------------------------------------------------------------------------
-#
-# MySQL Server
-# Perl DBD::mysql module
-# Perl DBI module
-#
-# Snorby prerequesites:
-#   import ossec2snorby_category.sql from contrib directory
-#   Populate "domain" in /etc/ossec2snorby.conf
-#
-# ---------------------------------------------------------------------------
-# Installation steps
-# ---------------------------------------------------------------------------
-# 
-# 1) Create a user to access the database initially created by Snorby;
-# 2) Copy ossec2snorby.conf to /etc/ossec2snorby.conf with 0600 permissions
-# 3) Edit /etc/ossec2snorby.conf according to your needs:
-#   dbhost=localhost
-#   database=snorby
-#   debug=5
-#   dbport=3306
-#   dbpasswd=mypassword
-#   dbuser=ossecuser
-#   daemonize=0
-#   resolve=1
-#   domain=mydomain.local
-#
-# NOTE: It is recommended to keep "resolve" as "1" and populate "domain" with
-#       your actual domain. Not doing so will restrict the script and force it
-#       to populate IPs as "0.0.0.1" for events whose SRC or DST IP are unknown.
-#
-# ---------------------------------------------------------------------------
-# License
-# ---------------------------------------------------------------------------
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
-#
-# ---------------------------------------------------------------------------
-# About OSSEC HIDS
-# ---------------------------------------------------------------------------
-#
-# OSSEC HIDS is an Open Source Host-based Intrusion Detection System.
-# It performs log analysis and correlation, integrity checking,
-# rootkit detection, time-based alerting and active response.
-# http://www.ossec.net
-#
-# ---------------------------------------------------------------------------
-
-# ---------------------------------------------------------------------------
-# Parameters
-# ---------------------------------------------------------------------------
-my $VERSION="0.4";
-$SIG{TERM} = sub { &gracefulend('TERM')};
-$SIG{INT} = sub { &gracefulend('INT')};
-
-# If no ARGV are given then present &help().
-&help() unless @ARGV;
-
-my ($RUNASDAEMON)=0;
-my ($DAEMONLOGFILE)='/var/log/ossec2snorby.log';
-my ($DAEMONLOGERRORFILE) = '/var/log/ossec2snorby.err';
-# Declare OSSEC's log path and filename format.
-my $LOG='/var/ossec/logs/alerts/alerts.log';  # we need to tail this file instead of the old.
-                                              # With this we can survive file rotations while
-                                              # running in daemon mode.
-
-my ($LOGGER)='ossec2snorby';
-my($OCT) = '(?:25[012345]|2[0-4]\d|1?\d\d?)';
-my($IP) = $OCT . '\.' . $OCT . '\.' . $OCT . '\.' . $OCT;
-my $dump=0;
-my ($hids_id,$hids,$hids_interface,$last_cid)=(undef, 'localhost', 'ossec',0);
-my ($tempvar,$VERBOSE)=(0,0); 
-
-my %conf;
-$conf{dbhost}='localhost';
-$conf{database}='snort';
-$conf{debug}=5;
-$conf{dbport}='3306';
-$conf{dbpasswd}='password';
-$conf{dbuser}='user';
-$conf{daemonize}=0;
-$conf{sensor}='sensor';
-$conf{hids_interface}='ossec';
-$conf{resolve}=1;
-$conf{domain}='';
-
-# OSSEC's default class_ID
-# We will categorize events as "unknown" if a match could not be found...
-my $sig_class_id=2;  # We will try to fetch the correct class_id later.
-
-my($sig_class_name,$taillog);
-# ---------------------------------------------------------------------------
-# Arguments parsing
-# ---------------------------------------------------------------------------
-while (@ARGV){
-        $_= shift @ARGV;
-    if (m/^-d$|^--daemon$/){
-        $conf{daemonize}=1;
-    }elsif ( m/^-h$|^--help$/){
-                &help();
-        }elsif ( m/^-n$|^--noname$/){
-                $conf{'resolve'}=0;
-        }elsif ( m/^-v$|^--verbose$/){
-         $VERBOSE=1;
-    }elsif ( m/^--interface$/){
-                $conf{hids_interface}= shift @ARGV if @ARGV; # ossec-rt/ossec-feed
-        }elsif ( m/^--sensor$/){
-                $conf{sensor}= shift @ARGV if @ARGV; # monitor
-        }elsif ( m/^--conf$/){
-                $conf{conf}= shift @ARGV if @ARGV; # localhost
-        &loadconf(\%conf);
-        }elsif ( m/^--dbhost$/){
-                $conf{dbhost}= shift @ARGV if @ARGV; # localhost
-        }elsif ( m/^--dbport$/){
-                $conf{dbport}= shift @ARGV if @ARGV; # localhost
-        }elsif ( m/^--dbname$/){
-                $conf{database}= shift @ARGV if @ARGV; # snort
-        }elsif ( m/^--dbuser$/){
-                $conf{dbuser}= shift @ARGV if @ARGV; # root
-        }elsif ( m/^--dbpass$/){
-                $conf{dbpasswd}= shift @ARGV if @ARGV; # monitor
-        }
-
-}
-if ($conf{dbpasswd}=~ m/^--stdin$/){
-    print "dbpassword:";
-    $conf{dbpasswd}=<>;
-    chomp $conf{dbpasswd};
-}
-$hids=$conf{sensor} if exists($conf{sensor});
-$hids_interface=$conf{hids_interface} if exists($conf{hids_interface});
-
-# START IN DAEMON MODE ?
-&daemonize() if $conf{daemonize};
-
-my $dbi= ossecmysql->new(%conf) || die ("Could not connect to $conf{dbhost}:$conf{dbport}:$conf{database} as $conf{dbpasswd}\n");
-
-####
-# SQL vars;
-my ($query,$numrows,$row_ref);
-
-####
-#get sensor id
-$query= 'select sid,last_cid from sensor where hostname=? and interface=?';
-$numrows= $dbi->execute($query,$hids,$hids_interface);
-if (1==$numrows){
-    $row_ref=$dbi->{sth}->fetchrow_hashref;
-    $hids_id=$row_ref->{sid};
-    $last_cid=$row_ref->{last_cid};
-}else{
-    $query="INSERT INTO sensor ( sid , hostname , interface , filter , detail , encoding , last_cid )
-VALUES (
-NULL , ?, ? , NULL , ? , ?, ?
-)";
-    $numrows= $dbi->execute($query,$hids,$hids_interface,1,2,0);
-    $hids_id=$dbi->lastid();
-}
-$dbi->{sth}->finish;
-&forceprintlog ("SENSOR:$hids; feed:$hids_interface; id:$hids_id; last cid:$last_cid");
-
-my $newrecord=0;
-my %stats;
-my %resolv;
-my ($timestamp,$sec,$mail,$date,$alerthost,$alerthostip,$datasource,$rule,$level,$description,
-        $srcip,$dstip,$user,$text,$filtered,$osseclevel)=();
-my $lasttimestamp=0;
-my $delta=0;
-
-&taillog($last_cid,$LOG);
-################################################################
-sub forceprintlog(){
-    $tempvar=$VERBOSE;
-    $VERBOSE=1;
-    &printlog (@_);
-    $VERBOSE=$tempvar;
-}
-
-sub taillog {
-   my ($last_cid,$LOG)=@_;
-   while (<>) {
-    if (m/^$/){
-        # we reached a newline, finish up with current record.
-        $newrecord=1;
-        next unless $timestamp;
-        $alerthostip=$alerthost if $alerthost=~ m/^$IP$/;
-        
-        # Populate DST IP
-        if ($alerthostip){
-            $dstip=$alerthostip;
-            $resolv{$alerthost}=$dstip;
-
-        }else{
-            if (exists $resolv{$alerthost}){
-                $dstip=$resolv{$alerthost};
-            }else{
-                if ($conf{'resolve'}){
-                    if ($alerthost =~m/(\d+\.\d+\.\d+\.\d+)/ ){
-                        $dstip=$1;
-                    }else{
-                        # the "host" command doesn't work with Flatname\NetBIOS names.
-                        # The server's hostname is almost always a flatname and OSSEC
-                        # doesn't return an IP for alerts generated from localhost.
-                        # Ex. 2013 Jan 24 15:51:36 ubuntu->/var/log/auth.log                    
-                        my $x = `cat /etc/hostname`;  # get Host's hostname
-                        chomp $x;  # remove extra lines, if any.
-                        if ($x eq $alerthost) {  # Validate if $alerthost is us, localhost.
-                            $dstip='127.0.0.1';  # Snorby does not allow empty\"0" as IP value.
-                        }else{
-                            my $fetch=&host2ip($alerthost);
-                        
-                            if (defined $fetch){
-                                $dstip=$fetch;
-                            }else{
-                                $dstip=$srcip;
-                            }
-                        }
-                    }
-                }
-                $resolv{$alerthost}=$dstip;
-            }
-        }
-        
-        #Populate SRC IP (requires dstip to be populated)
-        if (! defined $srcip) {
-            if (defined $dstip) {
-    #Feb  6 15:18:21 1.1.1.1 %ASA-3-313001: Denied ICMP type=3, code=3 from 111.111.1.1 on interface OUTSIDE
-                $filtered =~ s/$dstip//;            # filter out known dstip from log output.
-                $srcip=$1 if $filtered=~ m/\s($IP)\s/;  # Search all text for an IP address.
-                                                        # This could easily bug out with logs that contains
-                                                        # version numbering such as mysql 1.3.4.5.
-            }
-    # Windows logs include "User Name" in their log output. Some companies name their employees's PCs after its users which is
-    # resolvable via DNS.
-    # Windows logs may state a computer name as "User Name". Lets strip out the "$" from the computer name...
-            if (defined $user and ! defined $srcip) {
-                my $u=$user;
-                $u=~ s/\$//;  # remove "$" from computer names.
-
-                my $fetch=&host2ip($u);
-                $srcip=$fetch if (defined $fetch);
-            }
-            if (! defined $srcip or $srcip eq '') {
-                # NO recognizable IPs or User Names were found on log output,
-                # this suggests the log was generated by dstip.
-                $srcip=$dstip;                    
-            }
-        }
-        #
-        $last_cid= &prepair2basedata(
-            $hids_id,
-            $last_cid,
-            $timestamp,
-            $sec,
-            $mail,
-            $date,
-            $alerthost,
-            $datasource,
-            $rule,
-            $level,
-            $description,
-            $srcip,
-            $dstip,
-            $user,
-            $text
-        );
-        ($timestamp,$sec,$mail,$date,$alerthost,$alerthostip,$datasource,$rule,$level,$description,
-        $srcip,$dstip,$user,$text)=();
-        next ;
-    }
-    if (m/^\*\* Alert ([0-9]+).([0-9]+):(.*)$/){
-        $timestamp=$1;
-        if ( $timestamp == $lasttimestamp){
-            $delta++;
-        }else{
-            $delta=0;
-            $lasttimestamp=$timestamp;
-        }
-        $sec=$2;
-        $mail=$3;
-        $mail=$mail ? $mail : 'nomail';
-#2006 Aug 29 17:19:52 firewall -> /var/log/messages
-#2006 Aug 30 11:52:14 192.168.0.45->/var/log/secure
-#2006 Sep 12 11:12:16 92382-Snort1 -> 172.16.176.132
-        }elsif ( m/^([0-9]+\s\w+\s[0-9]+\s[0-9]+:[0-9]+:[0-9]+)\s+(\S+)\s*->(.*)$/){
-                $date=$1;
-                $alerthost=$2;
-                $datasource=$3;
-                if ($datasource=~ m/(\d+\.\d+\.\d+\.\d+)/){
-                        $alerthost=$1;
-                        $datasource="remoted";
-                }
-#2006 Aug 29 17:33:31 (recepcao) 10.0.3.154 -> syscheck
-    }elsif ( m/^([0-9]+\s\w+\s[0-9]+\s[0-9]+:[0-9]+:[0-9]+)\s+\((.*?)\)\s+(\S+)\s*->(.*)$/){
-        $date=$1;
-        $alerthost=$2;
-        $alerthostip=$3;
-        $datasource=$4;
-    }elsif ( m/^([0-9]+\s\w+\s[0-9]+\s[0-9]+:[0-9]+:[0-9]+)\s(.*?)$/){
-                $date=$1;
-                $alerthost='localhost';
-                $datasource=$2;
-    }elsif ( m/Rule: ([0-9]+) \(level ([0-9]+)\) -> \'(.*)\'$/ ){
-        $rule=$1;
-        $level=$2;
-        $osseclevel=$level;  # Keep copy of OSSEC level as it will later be converted to snort level.
-        $description= $3;
-    }elsif ( m/src\s?ip:/i){
-        if ( m/($IP)/){
-            $srcip=$1;
-        }else{
-            $srcip='1';  # Snorby doesn't like srcip\dstip = 0\null.
-        }
-    }elsif ( m/User: (.*)$/){
-        $user=$1;
-    }elsif ( m/(.*)$/){
-        my $x=$1;
- 
-        # Get IP from User Name + DNS query.
-        if (! defined $user){
-             if ( m/User\s?Name:\s?(\S+)\s/i){
-                my $u=$1;
-                $user="$u";
-            }
-        }
-        $x =~ s/(.$)/$1\r\n/;  # lets multiline this string for cleaner output once $payload wordwraps it.
-        $text .=$x;
-        
-        # This variable will be used to populate srcip once we reach the end of the current log entry.
-        $filtered=$text;
-    }
-   } # End of while read line
-}
-
-sub ossec_aton(){
-        my ($ip)=@_;
-        if ($ip=~ m/(\d+)\.(\d+)\.(\d+)\.(\d+)/){
-                my $num= ($1 * 256 ** 3) + ($2 * 256 ** 2)+ ($3 * 256 ** 1)+ ($4);
-
-                return "$num";
-        }else{
-                return "1";  # Snorby has a bug where it wont ouput "N\A" on the IP columns if srcip\dstip = 0\null
-        }
-
-}
-
-sub prepair2basedata(){
-    my (
-        $hids_id,
-        $last_cid,
-        $timestamp,
-        $sec,
-        $mail,
-        $date,
-        $alerthost,
-        $datasource,
-        $rule,
-        $level,
-        $description,
-        $srcip,
-        $dstip,
-        $user,
-        $text
-    )=@_;
-    my ($payload,$count,$query,$row_ref,$sig_id);
-    
-   
-###
-# Get sig_class_id
-#
-# Note: the original script stated sig_class_id as "1" by default which in BASE might be ok but for 
-# snorby it maps to a category of "not-suspicious" which is not efficient when stats are ran based on
-# event categories alone...
-#
-# Furthermore, OSSEC allows a rule to have multiple categories assigned to it which snorby was not prepared to handle GUI
-# wize. (The event details contains a small section where the category value can be shown, this section is too small
-# to show OSSEC's sometimes long category results such as :
-#  syslog,sshd,invalid_login,authentication_failed,)
-#
-# We will use the last category shown only...This isn't the correct approach but my programing skills prevent me
-# from providing a better solution.
-
-    # ex: - syslog,sshd,invalid_login,authentication_failed,
-    if ($mail=~ m/\.*\,?(\w+\_?\w+)\,?$/){  # $mail contains the rule's categories. No clue why its named $mail...
-        $sig_class_name=$1;
-        &printlog ("SIG_CLASS_NAME: $sig_class_name \n");
-        $query = "SELECT sig_class_id FROM category WHERE cat_name=?";
-        $dbi->execute($query,$sig_class_name);
-        $count=$dbi->{sth}->rows;
-        if ($count){
-            $row_ref=$dbi->{sth}->fetchrow_hashref;
-            $sig_class_id=$row_ref->{sig_class_id};
-            &printlog ("SIG_CLASS_ID: $sig_class_id");
-        }else{
-            &printlog ("SIG_CLASS_ID NOT FOUND. USING DEFAULT SIG.");
-            $sig_class_id=2;
-        }
-    }else{
-        &printlog ("COULD NOT GET A RULE CATEGORY. USING DEFAULT SIG.");
-        $sig_class_id=2;
-    }
-
-###
-#
-# Get/Set signature id
-
-    # Convert OSSEC Severity to Snort Severity.
-    #   Dont modify this after having live data on Snorby as it will create duplicated
-    #   sig_names.
-    $level=4 if ($level <= 4);  # Informational only.
-    $level=3 if ($level == 5);  # User generated errors \ low severity.
-    $level=2 if (($level >= 6) && ($level <=11));  # Low to mid severity attacks.
-    $level=1 if ($level >= 12);  # High importance events \ Successfull attacks \ all our bases belong to them!
-
-    $query = "SELECT sig_id FROM signature where sig_name=? and sig_class_id=? and sig_priority=? and sig_rev=? and sig_sid=? and sig_gid is NULL";
-    $dbi->execute($query,$description,$sig_class_id,$level,0,$rule);
-    $count=$dbi->{sth}->rows;
-    if ($count){
-        $row_ref=$dbi->{sth}->fetchrow_hashref;
-        $sig_id=$row_ref->{sig_id};
-        &printlog ("REUSING SIGNATURE\n");
-    }else{
-        $query="INSERT INTO signature ( sig_id , sig_name , sig_class_id , sig_priority , sig_rev , sig_sid , sig_gid )
-VALUES (
-NULL ,?, ? , ? , ? , ?, NULL
-)";
-        $dbi->execute($query,$description,$sig_class_id,$level,0,$rule);
-        $sig_id = $dbi->lastid();
-    }
-    $dbi->{sth}->finish;
-    &printlog ("SIGNATURE: $sig_id\n");
-    
-    
-    ############################
-    ############################
-        #DEBUG
-    # &printlog ("filtered: $filtered \n");
-    # &printlog ("SRC IP: $srcip \n");
-    # &printlog ("DST IP: $dstip \n");
-    # &printlog ("mail: $mail \n");
-    # &printlog ("sig_class_name: $sig_class_name");
-    # &printlog ("date: $date \n");
-    # &printlog ("alerthost: $alerthost \n");
-    # &printlog ("rule: $rule \n");
-    # &printlog ("level: $level \n");
-    # &printlog ("OSSEC level: $osseclevel \n");
-    # &printlog ("USER: $user \n");
-    # &printlog ("text: $text \n");
-    # &printlog ("sec?: $sec \n");
-    # &printlog ("datasource: $datasource \n");
-    # &printlog ("description: $description \n");
-    # exit 1;
-    ############################
-    
-    
-#######
-#
-# Set event
-    $query="INSERT INTO event ( sid , cid , signature , timestamp )
-VALUES (
-? , ? , ? ,? 
-)";
-    $last_cid++;
-    $dbi->execute($query,$hids_id,$last_cid,$sig_id,&fixdate2base($date));
-
-    &printlog ("EVENT: ($query,$hids_id,$last_cid,$sig_id,&fixdate2base($date)\n");
-    $dbi->{sth}->finish;
-#########
-#
-# Set iphdr
-
-    # And yet again,Snorby doesn't like empty IP fields; Validate if srcip or dstip are empty.
-    $srcip = "1" if !defined $srcip;  # leaving the fields srcip / dstip with a value = 0
-    $dstip = "1" if !defined $dstip;  # causes output to get messed up on the GUI.  
-
-    $query=" INSERT INTO iphdr ( sid , cid , ip_src , ip_dst , ip_ver , ip_hlen , ip_tos , ip_len , ip_id , ip_flags , ip_off , ip_ttl , ip_proto , ip_csum )
-VALUES (
-? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ?
-) ";
-    $dbi->execute($query,$hids_id,$last_cid,&ossec_aton($srcip),&ossec_aton($dstip),4,5,0,20,0,0,0,0,0,0);
-    &printlog ("iphdr: ($query,$hids_id,$last_cid,&ossec_aton($srcip),&ossec_aton($dstip),4,5,0,undef,undef,undef,undef,undef,undef,undef)\n");
-    $dbi->{sth}->finish;
-
-#########
-#
-#
-# Set data
-    $payload = "$date ($alerthost) $dstip->$datasource\r\nRule: $rule (OSSEC level $osseclevel) -> $description\r\n$text";
-    $payload =~ s/(.{1,109}\S|\S+)\s+/$1\r\n/mg;  # Snorby does not wordwrap the payload, lets wrap the first 109 non-whitespace chars. 
-    $payload = unpack("H*",$payload);             # Convert to HEX
-
-    $query=" INSERT INTO data ( sid , cid , data_payload ) 
-VALUES (
-?,?,?)";
-    $dbi->execute($query,$hids_id,$last_cid,$payload);
-    &printlog ("DATA: ($query,$hids_id,$last_cid,$payload)\n");
-    $dbi->{sth}->finish;
-##########
-#
-    $query="UPDATE sensor SET last_cid=? where sid=? limit 1";
-    $numrows= $dbi->execute($query,$last_cid,$hids_id);
-
-    $dbi->{sth}->finish;
-    return $last_cid;
-} # end sub
-
-sub host2ip {
-    # This sub requires argument 0 to be a named host. We also need to know
-    # the domain to which we belong to in order to append it to the host if
-    # its a flatname host.
-    my $host=$_[0];
-    my $domain=$conf{domain} if exists($conf{domain});
-    my $CMD;
-
-    # Validate if we were fed a flatnamed host or a FQDN.
-    if ($host =~ m/.*\..+/){
-        # FQDN
-        $CMD=`host $host 2>/dev/null | grep 'has address' `;
-        if ($CMD =~m/(\d+\.\d+\.\d+\.\d+)/ ){
-            return($1);
-        }else{
-            return undef; # return False.
-        }
-        
-    }else{
-        # FLATNAME
-        if (! defined $domain or $domain eq ''){
-            &printlog ('[WARNING]: domain value was not populated on ossec2snorby.conf." . 
-            " DNS resolutions cannot be completed for NetBIOS\Flatname hosts.');
-            return undef;
-        }
-
-        # There is an extra "." after $domain, this is to ensure linux
-        # does not append "localdomain" at the end of the host.
-        $CMD=`host $host.$domain. 2>/dev/null | grep 'has address' `;
-        if ($CMD =~m/(\d+\.\d+\.\d+\.\d+)/ ){
-            return($1);
-        }else{
-            return undef; # return False.
-        }
-    }
-}
-
-sub fixdate2base(){
-    my ($date)=@_;
-    $date=~ s/ Jan /-01-/;
-    $date=~ s/ Feb /-02-/;
-    $date=~ s/ Mar /-03-/;
-    $date=~ s/ Apr /-04-/;
-    $date=~ s/ May /-05-/;
-    $date=~ s/ Jun /-06-/;
-    $date=~ s/ Jul /-07-/;
-    $date=~ s/ Aug /-08-/;
-    $date=~ s/ Sep /-09-/;
-    $date=~ s/ Oct /-10-/;
-    $date=~ s/ Nov /-11-/;
-    $date=~ s/ Dec /-12-/;
-    $date=~ s/\s$//g;
-    return $date;
-}
-sub version(){
-    print "OSSEC report tool $VERSION\n";
-    print "Licensed under GPL\n";
-    print "Contributor Meir Michanie\n";
-}
-
-sub help(){
-    &version();
-    print "This tool helps you import into base the alerts generated by ossec."
-        . " More info in the doc directory .\n";
-        print "Usage:\n";
-        print "$0 [-h|--help] # This text you read now\n";
-    print "Options:\n";
-    print "\t--dbhost <hostname>\n";
-    print "\t--dbname <database>\n";
-    print "\t--dbport <[0-9]+>\n";
-    print "\t--dbpass <dbpasswd>\n";
-    print "\t--dbuser <dbuser>\n";
-    print "\t-d|--daemonize\n";
-    print "\t-n|--noname\n";
-    print "\t-v|--verbose\n";
-    print "\t--conf <ossec2based-config>\n";
-    print "\t--sensor <sensor-name>\n";
-    print "\t--interface <ifname>\n";
-    
-    exit 0;
-}
-
-
-sub daemonize {
-    my $running = kill 0, `cat /var/run/ossec2base2.pid`;
-    if ($running){
-        print "OSSEC2SNORBY is already running...\n";
-        exit 1;
-    }
-
-    chdir '/'               or die "Can't chdir to /: $!";
-    
-    open STDOUT, ">>$DAEMONLOGFILE"
-                           or die "Can't write to $DAEMONLOGFILE: $!";
-
-    # I may be mistaken but the original script didn't seem to actually
-    # tail the logs. It would run until it hit EOF and then exit script.
-    $taillog= open STDIN,"-|", "/usr/bin/tail", "-Fn 0", "$LOG";
-    if ($taillog){
-        &forceprintlog ("Daemon started TAIL PID: $taillog");
-        &forceprintlog ("NOW MONITORING: $LOG");
-    }else{
-        &forceprintlog ("Could not start daemon on $LOG: $!");
-        exit 1;
-    }
-
-    defined(my $pid = fork) or die "Can't fork: $!";
-    if ($pid){
-            open (PIDFILE , ">/var/run/ossec2snorby.pid") ;
-            print PIDFILE "$pid\n";
-            close (PIDFILE);
-            exit 0;
-    }
-    setsid                  or die "Can't start a new session: $!";
-    open STDERR, ">>$DAEMONLOGERRORFILE" or die "Can't write to $DAEMONLOGERRORFILE: $!";
-}
-
-sub gracefulend(){
-    my ($signal)=@_;
-    &forceprintlog ("Terminating upon signal $signal");
-    &forceprintlog ("Daemon halted");
-    # This might be paranoid or simply useless but better safe than sorry.
-    close STDOUT or die "WARNING: Closing STDOUT failed.";
-    close STDERR or die "WARNING: Closing STDERR failed.";
-    kill 3, $taillog or die "WARNING: Closing $taillog failed.";
-    close STDIN or die "WARNING: Closing STDIN failed.";
-    exit 0;
-}
-
-sub printlog(){
-    return unless $VERBOSE;
-        my (@lines)=@_;
-        foreach my $line(@lines){
-                chomp $line;
-                my ($date)=scalar localtime;
-                $date=~ s/^\S+\s+(\S+.*\s[0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}).*$/$1/;
-                print "$date $LOGGER: $line\n";
-        }
-    }
-
-
-sub loadconf(){
-    my ($hash_ref)=@_;
-    my $conf=$hash_ref->{conf};
-    unless (-f $conf) { &printlog ("ERROR: I can't find config file $conf"); exit 1;}
-    unless (open ( CONF , "$conf")){ &printlog ("ERROR: I can't open file $conf");exit 1;}
-    while (<CONF>){
-        next if m/^$|^#/;
-        if ( m/^(\S+)\s?=\s?(.*?)$/) {
-                        $hash_ref->{$1} = $2;
-                }
-    }
-    close CONF;
-}
diff --git a/contrib/ossec2snorby/ossec2snorby.sh b/contrib/ossec2snorby/ossec2snorby.sh
deleted file mode 100644
index 8ead14d..0000000
--- a/contrib/ossec2snorby/ossec2snorby.sh
+++ /dev/null
@@ -1,78 +0,0 @@
-#!/bin/sh
-#
-# Init file for ossec2snorby.pl
-#
-#
-# chkconfig: 2345 40 60
-# description:  ossec2snorby is an output processor for ossec.
-#
-# processname: ossec2snorby
-# config: /etc/ossec2snorby.conf
-# pidfile: /var/run/ossec2snorby.pid
-
-[ -x /usr/local/bin/ossec2snorby/ossec2snorby.pl ] || { echo " [ERROR]: ossec2snorby.pl non existant or not executable..."; exit 1; }
-[ -r /etc/ossec2snorby.conf ] || { echo " [ERROR]: ossec2snorby.conf was not found..."; exit 1; }
-[ -r /usr/local/bin/ossec2snorby/ossecmysql.pm ] || { echo " [ERROR]: ossecmysql was not found..."; exit 1; }
-
-### Default variables
-SYSCONFIG="/etc/ossec2snorby.conf"
-
-### Read configuration
-[ -r "$SYSCONFIG" ] && . "$SYSCONFIG"
-
-RETVAL=0
-prog="ossec2snorby.pl"
-homedir="/usr/local/bin/ossec2snorby"
-desc="Ossec Output Processor"
-
-start() {
-        echo -n $"Starting $desc ($prog): "
-
-        PIDFILE="/var/run/ossec2snorby.pid"
-        OPTS="--conf $SYSCONFIG -d"
-        $homedir/$prog $OPTS
-
-        RETVAL=$?
-        echo
-        [ $RETVAL -eq 0 ] && touch /var/lock/$prog
-        return $RETVAL
-}
-
-stop() {
-        echo -n $"Shutting down $desc ($prog): "
-        kill -n 3 $homedir/$prog
-        RETVAL=$?
-        echo
-        [ $RETVAL -eq 0 ] && rm -f /var/lock/$prog
-        return $RETVAL
-}
-
-restart() {
-        stop
-        start
-}
-
-case "$1" in
-  start)
-        start
-        ;;
-  stop)
-        stop
-        ;;
-  restart)
-        restart
-        ;;
-  condrestart)
-        [ -e /var/lock/$prog ] && restart
-        RETVAL=$?
-        ;;
-  status)
-        status $prog
-        RETVAL=$?
-        ;;
-  *)
-        echo $"Usage: $0 {start|stop|restart|status}"
-        RETVAL=1
-esac
-
-exit $RETVAL
diff --git a/contrib/ossec2snorby/ossec2snorby_category.sql b/contrib/ossec2snorby/ossec2snorby_category.sql
deleted file mode 100644
index cf29f6d..0000000
--- a/contrib/ossec2snorby/ossec2snorby_category.sql
+++ /dev/null
@@ -1,171 +0,0 @@
-/*
-Navicat MySQL Data Transfer
-
-Source Server         : generic-localhost
-Source Server Version : 50167
-Source Host           : localhost:3306
-Source Database       : snorby
-
-Target Server Type    : MYSQL
-Target Server Version : 50167
-File Encoding         : 65001
-
-Date: 2013-01-28 16:35:59
-*/
-
-SET FOREIGN_KEY_CHECKS=0;
--- ----------------------------
--- Table structure for `category`
--- ----------------------------
-DROP TABLE IF EXISTS `category`;
-CREATE TABLE `category` (
-  `cat_id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,
-  `sig_class_id` smallint(5) NOT NULL,
-  `cat_name` varchar(32) NOT NULL,
-  PRIMARY KEY (`cat_id`),
-  UNIQUE KEY `cat_name` (`cat_name`),
-  KEY `cat_name_2` (`cat_name`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
--- ----------------------------
--- Records of category
--- ----------------------------
-INSERT INTO `category` VALUES ('1', '1', 'syslog');
-INSERT INTO `category` VALUES ('2', '29', 'firewall');
-INSERT INTO `category` VALUES ('3', '29', 'ids');
-INSERT INTO `category` VALUES ('4', '1', 'web-log');
-INSERT INTO `category` VALUES ('5', '1', 'squid');
-INSERT INTO `category` VALUES ('6', '1', 'windows');
-INSERT INTO `category` VALUES ('7', '1', 'ossec');
-INSERT INTO `category` VALUES ('8', '9', 'pam');
-INSERT INTO `category` VALUES ('9', '11', 'authentication_success');
-INSERT INTO `category` VALUES ('10', '18', 'authentication_failed');
-INSERT INTO `category` VALUES ('11', '18', 'invalid_login');
-INSERT INTO `category` VALUES ('12', '18', 'authentication_failures');
-INSERT INTO `category` VALUES ('13', '1', 'sshd');
-INSERT INTO `category` VALUES ('14', '4', 'recon');
-INSERT INTO `category` VALUES ('15', '28', 'exploit_attempt');
-INSERT INTO `category` VALUES ('16', '1', 'telnetd');
-INSERT INTO `category` VALUES ('17', '3', 'errors');
-INSERT INTO `category` VALUES ('18', '29', 'low_diskspace');
-INSERT INTO `category` VALUES ('19', '29', 'service_availability');
-INSERT INTO `category` VALUES ('20', '29', 'nfs');
-INSERT INTO `category` VALUES ('21', '29', 'xinetd');
-INSERT INTO `category` VALUES ('22', '29', 'access_control');
-INSERT INTO `category` VALUES ('23', '18', 'access_denied');
-INSERT INTO `category` VALUES ('24', '22', 'connection_attempt');
-INSERT INTO `category` VALUES ('25', '1', 'mail');
-INSERT INTO `category` VALUES ('26', '1', 'smartd');
-INSERT INTO `category` VALUES ('27', '1', 'linuxkernel');
-INSERT INTO `category` VALUES ('28', '1', 'promisc');
-INSERT INTO `category` VALUES ('29', '1', 'system_shutdown');
-INSERT INTO `category` VALUES ('30', '1', 'cron');
-INSERT INTO `category` VALUES ('31', '19', 'su');
-INSERT INTO `category` VALUES ('32', '1', 'tripwire');
-INSERT INTO `category` VALUES ('33', '1', 'adduser');
-INSERT INTO `category` VALUES ('34', '19', 'sudo');
-INSERT INTO `category` VALUES ('35', '29', 'pptp');
-INSERT INTO `category` VALUES ('36', '1', 'fts');
-INSERT INTO `category` VALUES ('37', '1', 'dpkg');
-INSERT INTO `category` VALUES ('38', '1', 'config_changed');
-INSERT INTO `category` VALUES ('39', '1', 'yum');
-INSERT INTO `category` VALUES ('40', '29', 'arpwatch');
-INSERT INTO `category` VALUES ('41', '29', 'new_host');
-INSERT INTO `category` VALUES ('42', '30', 'ip_spoof');
-INSERT INTO `category` VALUES ('43', '1', 'symantec');
-INSERT INTO `category` VALUES ('44', '17', 'virus');
-INSERT INTO `category` VALUES ('45', '29', 'pix');
-INSERT INTO `category` VALUES ('46', '1', 'account_changed');
-INSERT INTO `category` VALUES ('47', '3', 'system_error');
-INSERT INTO `category` VALUES ('48', '1', 'named');
-INSERT INTO `category` VALUES ('49', '10', 'invalid_access');
-INSERT INTO `category` VALUES ('50', '3', 'client_misconfig');
-INSERT INTO `category` VALUES ('51', '29', 'smbd');
-INSERT INTO `category` VALUES ('52', '29', 'vsftpd');
-INSERT INTO `category` VALUES ('53', '29', 'pure-ftpd');
-INSERT INTO `category` VALUES ('54', '29', 'proftpd');
-INSERT INTO `category` VALUES ('55', '29', 'msftp');
-INSERT INTO `category` VALUES ('56', '29', 'ftpd');
-INSERT INTO `category` VALUES ('57', '29', 'hordeimp');
-INSERT INTO `category` VALUES ('58', '29', 'roundcube');
-INSERT INTO `category` VALUES ('59', '1', 'wordpress');
-INSERT INTO `category` VALUES ('60', '29', 'cimserver');
-INSERT INTO `category` VALUES ('61', '29', 'vpopmail');
-INSERT INTO `category` VALUES ('62', '29', 'vm-pop3d');
-INSERT INTO `category` VALUES ('63', '29', 'courier');
-INSERT INTO `category` VALUES ('64', '29', 'web');
-INSERT INTO `category` VALUES ('65', '1', 'accesslog');
-INSERT INTO `category` VALUES ('66', '28', 'attack');
-INSERT INTO `category` VALUES ('67', '30', 'sql_injection');
-INSERT INTO `category` VALUES ('68', '27', 'web_scan');
-INSERT INTO `category` VALUES ('69', '29', 'appsec');
-INSERT INTO `category` VALUES ('70', '29', 'apache');
-INSERT INTO `category` VALUES ('71', '22', 'automatic_attack');
-INSERT INTO `category` VALUES ('72', '22', 'unknown_resource');
-INSERT INTO `category` VALUES ('73', '3', 'invalid_request');
-INSERT INTO `category` VALUES ('74', '1', 'mysql_log');
-INSERT INTO `category` VALUES ('75', '1', 'postgresql_log');
-INSERT INTO `category` VALUES ('76', '29', 'firewall_drop');
-INSERT INTO `category` VALUES ('77', '23', 'multiple_drops');
-INSERT INTO `category` VALUES ('78', '29', 'cisco_ios');
-INSERT INTO `category` VALUES ('79', '29', 'netscreenfw');
-INSERT INTO `category` VALUES ('80', '29', 'sonicwall');
-INSERT INTO `category` VALUES ('81', '1', 'postfix');
-INSERT INTO `category` VALUES ('82', '32', 'spam');
-INSERT INTO `category` VALUES ('83', '32', 'multiple_spam');
-INSERT INTO `category` VALUES ('84', '29', 'sendmail');
-INSERT INTO `category` VALUES ('85', '29', 'smf-sav');
-INSERT INTO `category` VALUES ('86', '29', 'imapd');
-INSERT INTO `category` VALUES ('87', '29', 'mailscanner');
-INSERT INTO `category` VALUES ('88', '29', 'dovecot');
-INSERT INTO `category` VALUES ('89', '29', 'ms');
-INSERT INTO `category` VALUES ('90', '29', 'exchange');
-INSERT INTO `category` VALUES ('91', '29', 'racoon');
-INSERT INTO `category` VALUES ('92', '29', 'cisco_vpn');
-INSERT INTO `category` VALUES ('93', '29', 'spamd');
-INSERT INTO `category` VALUES ('94', '10', 'win_authentication_failed');
-INSERT INTO `category` VALUES ('95', '1', 'policy_changed');
-INSERT INTO `category` VALUES ('96', '1', 'group_changed');
-INSERT INTO `category` VALUES ('97', '1', 'win_group_changed');
-INSERT INTO `category` VALUES ('98', '1', 'logs_cleared');
-INSERT INTO `category` VALUES ('99', '1', 'login_denied');
-INSERT INTO `category` VALUES ('100', '1', 'time_changed');
-INSERT INTO `category` VALUES ('101', '1', 'group_created');
-INSERT INTO `category` VALUES ('102', '1', 'win_group_created');
-INSERT INTO `category` VALUES ('103', '2', 'group_deleted');
-INSERT INTO `category` VALUES ('104', '2', 'win_group_deleted');
-INSERT INTO `category` VALUES ('105', '30', 'attacks');
-INSERT INTO `category` VALUES ('106', '1', 'mcafee');
-INSERT INTO `category` VALUES ('107', '1', 'trend_micro');
-INSERT INTO `category` VALUES ('108', '1', 'ocse');
-INSERT INTO `category` VALUES ('109', '1', 'ocsevirus');
-INSERT INTO `category` VALUES ('110', '1', 'mse');
-INSERT INTO `category` VALUES ('111', '30', 'zeus');
-INSERT INTO `category` VALUES ('112', '1', 'solaris_bsm');
-INSERT INTO `category` VALUES ('113', '1', 'vmware');
-INSERT INTO `category` VALUES ('114', '29', 'dhcp');
-INSERT INTO `category` VALUES ('115', '1', 'service_start');
-INSERT INTO `category` VALUES ('116', '29', 'dhcp_lease_action');
-INSERT INTO `category` VALUES ('117', '29', 'dhcp_dns_maintenance');
-INSERT INTO `category` VALUES ('118', '29', 'dhcp_maintenance');
-INSERT INTO `category` VALUES ('119', '30', 'dhcp_rogue_server');
-INSERT INTO `category` VALUES ('120', '29', 'dhcp_ipv6');
-INSERT INTO `category` VALUES ('121', '29', 'asterisk');
-INSERT INTO `category` VALUES ('122', '1', 'rootcheck');
-INSERT INTO `category` VALUES ('123', '1', 'syscheck');
-INSERT INTO `category` VALUES ('124', '1', 'process_monitor');
-INSERT INTO `category` VALUES ('125', '1', 'agentless');
-INSERT INTO `category` VALUES ('126', '1', 'hostinfo');
-INSERT INTO `category` VALUES ('127', '1', 'active_response');
-INSERT INTO `category` VALUES ('128', '13', 'elevation_of_privilege');
-INSERT INTO `category` VALUES ('129', '1', 'local');
-INSERT INTO `category` VALUES ('130', '1', 'openbsd');
-INSERT INTO `category` VALUES ('131', '1', 'openbsdgroupdel');
-INSERT INTO `category` VALUES ('132', '1', 'clamd');
-INSERT INTO `category` VALUES ('133', '1', 'freshclam');
-INSERT INTO `category` VALUES ('134', '1', 'bro');
-INSERT INTO `category` VALUES ('135', '30', 'dropbear');
-INSERT INTO `category` VALUES ('136', '30', 'dropbearauthentication_failed');
-INSERT INTO `category` VALUES ('137', '4', 'dropbearauthentication_failures');
-INSERT INTO `category` VALUES ('138', '4', 'dropbearrecon');
-INSERT INTO `category` VALUES ('139', '5', 'dropbearauthentication_success');
diff --git a/contrib/ossec2snorby/ossec2snorby_ubuntu.sh b/contrib/ossec2snorby/ossec2snorby_ubuntu.sh
deleted file mode 100644
index 9fbc9b2..0000000
--- a/contrib/ossec2snorby/ossec2snorby_ubuntu.sh
+++ /dev/null
@@ -1,57 +0,0 @@
-#!/bin/sh
-#
-# Init file for ossec2snorby.pl
-#
-#
-# chkconfig: 2345 40 60
-# description:  ossec2snorby is an output processor for ossec.
-#
-# processname: ossec2snorby
-# config: /etc/ossec2snorby.conf
-# pidfile: /var/run/ossec2snorby.pid
-
-PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
-DAEMON=/usr/local/bin/ossec2snorby/ossec2snorby.pl
-PERLPATH=`which perl` || { echo "  [ERROR]:perl not found."; exit 1; }
-NAME="ossec2snorby.pl"
-DESC="Ossec2Snorby Output Processor"
-PIDFILE="/var/run/ossec2snorby.pid"
-CONFIGFILE="/etc/ossec2snorby.conf"
-OPTS="--conf $CONFIGFILE -d"
-
-[ -x $DAEMON ] || { echo " [ERROR]: ossec2snorby.pl non existant or not executable..."; exit 1; }
-[ -r $CONFIGFILE ] || { echo " [ERROR]: ossec2snorby.conf was not found..."; exit 1; }
-[ -r /usr/local/bin/ossec2snorby/ossecmysql.pm ] || { echo " [ERROR]: ossecmysql was not found..."; exit 1; }
-
-set -e
-
-case "$1" in
-    start)
-        echo -n "Starting $DESC: "
-        start-stop-daemon --start --background --start --exec $DAEMON -- $OPTS
-        echo "$NAME."
-        ;;
-    stop)
-        echo -n "Stopping $DESC: "
-        start-stop-daemon --stop --oknodo --quiet --pidfile $PIDFILE
-        rm -f $PIDFILE
-        echo "$NAME."
-        ;;
-    restart)
-        echo -n "Restarting $DESC: "
-        start-stop-daemon --stop --oknodo --quiet --pidfile $PIDFILE
-        rm -f $PIDFILE
-        sleep 2
-        start-stop-daemon --start --background --start --exec $DAEMON -- $OPTS
-        echo "$NAME."
-        ;;
-    status)  # NOT WORKING !!!
-        status_of_proc -p "$PIDFILE" "$PERLPATH" "perl && exit 0 || exit $?
-        ;;
-    *)
-        echo "Usage: $0 { start | restart | stop }" >&2
-        exit 1
-        ;;
-esac
-
-exit 0
\ No newline at end of file
diff --git a/contrib/specs/._getattr.pl b/contrib/specs/._getattr.pl
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/specs/._getattr.pl differ
diff --git a/contrib/specs/._remove_ossec b/contrib/specs/._remove_ossec
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/specs/._remove_ossec differ
diff --git a/contrib/specs/agent/._ossec-hids-agent.spec b/contrib/specs/agent/._ossec-hids-agent.spec
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/specs/agent/._ossec-hids-agent.spec differ
diff --git a/contrib/specs/agent/._preloaded-vars.conf b/contrib/specs/agent/._preloaded-vars.conf
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/specs/agent/._preloaded-vars.conf differ
diff --git a/contrib/specs/agent/ossec-hids-agent.spec b/contrib/specs/agent/ossec-hids-agent.spec
index 09d5b79..c959b58 100644
--- a/contrib/specs/agent/ossec-hids-agent.spec
+++ b/contrib/specs/agent/ossec-hids-agent.spec
@@ -17,7 +17,7 @@ Summary: Open Source Host-based Intrusion Detection System (Server)
 Name: ossec-hids-agent-FC7
 Version: 1.3
 Release: 1
-License: GPLv2
+License: GPLv3
 Group: Applications/Security
 URL: http://www.ossec.net
 Packager: Michael Williams (maverick at maverick.org)
diff --git a/contrib/specs/local/._ossec-hids-local.spec b/contrib/specs/local/._ossec-hids-local.spec
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/specs/local/._ossec-hids-local.spec differ
diff --git a/contrib/specs/local/._preloaded-vars.conf b/contrib/specs/local/._preloaded-vars.conf
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/specs/local/._preloaded-vars.conf differ
diff --git a/contrib/specs/local/ossec-hids-local.spec b/contrib/specs/local/ossec-hids-local.spec
index 7068b66..63373c6 100644
--- a/contrib/specs/local/ossec-hids-local.spec
+++ b/contrib/specs/local/ossec-hids-local.spec
@@ -17,7 +17,7 @@ Summary: Open Source Host-based Intrusion Detection System (Server)
 Name: ossec-hids-local-FC7
 Version: 1.3
 Release: 1
-License: GPLv2
+License: GPLv3
 Group: Applications/Security
 URL: http://www.ossec.net
 Packager: Michael Williams (maverick at maverick.org)
diff --git a/contrib/specs/server/._ossec-hids-server.spec b/contrib/specs/server/._ossec-hids-server.spec
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/contrib/specs/server/._ossec-hids-server.spec differ
diff --git a/contrib/specs/server/._preloaded-vars.conf b/contrib/specs/server/._preloaded-vars.conf
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/contrib/specs/server/._preloaded-vars.conf differ
diff --git a/contrib/specs/server/ossec-hids-server.spec b/contrib/specs/server/ossec-hids-server.spec
index 8e70b59..9fa7170 100644
--- a/contrib/specs/server/ossec-hids-server.spec
+++ b/contrib/specs/server/ossec-hids-server.spec
@@ -17,7 +17,7 @@ Summary: Open Source Host-based Intrusion Detection System (Server)
 Name: ossec-hids-server-FC7
 Version: 1.3
 Release: 1
-License: GPLv2
+License: GPLv3
 Group: Applications/Security
 URL: http://www.ossec.net
 Packager: Michael Williams (maverick at maverick.org)
diff --git a/doc/._README.config b/doc/._README.config
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/._README.config differ
diff --git a/doc/._active-response-internal.txt b/doc/._active-response-internal.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/._active-response-internal.txt differ
diff --git a/doc/._active-response.txt b/doc/._active-response.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/._active-response.txt differ
diff --git a/doc/._logs.txt b/doc/._logs.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/._logs.txt differ
diff --git a/doc/._manage_agents.txt b/doc/._manage_agents.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/._manage_agents.txt differ
diff --git a/doc/._manager.txt b/doc/._manager.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/._manager.txt differ
diff --git a/doc/._nmap.txt b/doc/._nmap.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/._nmap.txt differ
diff --git a/doc/._rootcheck.txt b/doc/._rootcheck.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/._rootcheck.txt differ
diff --git a/doc/._rule_ids.txt b/doc/._rule_ids.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/._rule_ids.txt differ
diff --git a/doc/._rules.txt b/doc/._rules.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/._rules.txt differ
diff --git a/doc/br/._INSTALL.br b/doc/br/._INSTALL.br
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/br/._INSTALL.br differ
diff --git a/doc/br/._README.config b/doc/br/._README.config
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/br/._README.config differ
diff --git a/doc/br/._TRANSLATION b/doc/br/._TRANSLATION
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/br/._TRANSLATION differ
diff --git a/doc/br/._active-response-internal.txt b/doc/br/._active-response-internal.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/br/._active-response-internal.txt differ
diff --git a/doc/br/._active-response.txt b/doc/br/._active-response.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/br/._active-response.txt differ
diff --git a/doc/br/._logs.txt b/doc/br/._logs.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/br/._logs.txt differ
diff --git a/doc/br/._manager.txt b/doc/br/._manager.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/br/._manager.txt differ
diff --git a/doc/br/._rootcheck.txt b/doc/br/._rootcheck.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/br/._rootcheck.txt differ
diff --git a/doc/br/._rule_ids.txt b/doc/br/._rule_ids.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/br/._rule_ids.txt differ
diff --git a/doc/br/._rules.txt b/doc/br/._rules.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/br/._rules.txt differ
diff --git a/doc/pl/._INSTALL.pl b/doc/pl/._INSTALL.pl
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/pl/._INSTALL.pl differ
diff --git a/doc/pl/._README.config b/doc/pl/._README.config
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/pl/._README.config differ
diff --git a/doc/pl/._TRANSLATION b/doc/pl/._TRANSLATION
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/pl/._TRANSLATION differ
diff --git a/doc/pl/._active-response-internal.txt b/doc/pl/._active-response-internal.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/pl/._active-response-internal.txt differ
diff --git a/doc/pl/._active-response.txt b/doc/pl/._active-response.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/pl/._active-response.txt differ
diff --git a/doc/pl/._logs.txt b/doc/pl/._logs.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/pl/._logs.txt differ
diff --git a/doc/pl/._manager.txt b/doc/pl/._manager.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/pl/._manager.txt differ
diff --git a/doc/pl/._rootcheck.txt b/doc/pl/._rootcheck.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/pl/._rootcheck.txt differ
diff --git a/doc/pl/._rule_ids.txt b/doc/pl/._rule_ids.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/pl/._rule_ids.txt differ
diff --git a/doc/pl/._rules.txt b/doc/pl/._rules.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/doc/pl/._rules.txt differ
diff --git a/etc/._decoder.xml b/etc/._decoder.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/._decoder.xml differ
diff --git a/etc/._internal_options.conf b/etc/._internal_options.conf
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/._internal_options.conf differ
diff --git a/etc/._ossec-agent.conf b/etc/._ossec-agent.conf
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/._ossec-agent.conf differ
diff --git a/etc/._ossec-local.conf b/etc/._ossec-local.conf
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/._ossec-local.conf differ
diff --git a/etc/._ossec-server.conf b/etc/._ossec-server.conf
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/._ossec-server.conf differ
diff --git a/etc/._ossec.conf b/etc/._ossec.conf
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/._ossec.conf differ
diff --git a/etc/._preloaded-vars.conf b/etc/._preloaded-vars.conf
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/._preloaded-vars.conf differ
diff --git a/etc/decoder.xml b/etc/decoder.xml
index e825c36..669508e 100755
--- a/etc/decoder.xml
+++ b/etc/decoder.xml
@@ -464,7 +464,7 @@
 
 <decoder name="proftpd-ip">
   <parent>proftpd</parent>
-  <regex>^\S+ \(\S+[(\S+)]\)|^\S+ \(\S+[::ffff:(\S+)]\)</regex>
+  <regex>^\S+ \(\S+[(\S+)]\)</regex>
   <order>srcip</order>
 </decoder>
 
@@ -498,19 +498,6 @@
   <order>user,srcip</order>
 </decoder>  
 
-<!-- Pure-FTPd transfer log decoder
-  - Examples from ossec-list:
-  - example.com - user1 [11/Mar/2013:12:10:23 -0000] "PUT /ftpdrive/user1/FinalBackup.zip" 200 25268220
-  - example.com - user1 [11/Mar/2013:12:24:57 -0000] "GET /ftpdrive/user1/FinalBackup.zip" 200 25268220
-  -->
-
-<decoder name="pure-transfer">
-  <prematch>^\S+ - \S+ [\d\d/\S\S\S/\d\d\d\d:\d\d:\d\d:\d\d -\d\d\d\d] </prematch>
-  <regex>^(\S+) - (\S+) [\d\d/\S\S\S/\d\d\d\d:\d\d:\d\d:\d\d -\d\d\d\d] "(\S+) (\.+) (\d+) \d+$</regex>
-  <order>extra_data,dstuser,action,url,status</order>
-</decoder>
-
-
 
 
 <!-- vsftpd decoder.
@@ -728,7 +715,7 @@
 
 <decoder name="courier-generic">
   <parent>courier</parent>
-  <regex>, ip=[(\S+\d)]$|, ip=[::ffff:(\S+\d)]$</regex>
+  <regex>, ip=[(\S+\d)]$</regex>
   <order>srcip</order>
 </decoder>
 
@@ -1862,9 +1849,9 @@ Sat May  7 03:27:57 CDT 2011 /var/ossec/active-response/bin/firewall-drop.sh del
 -->
 
 <decoder name="ar_log"> 
-  <prematch>^\w\w\w \w+\s+\d+ \d\d:\d\d:\d\d \w+ \d+ /\S+/active-response</prematch>
-  <regex offset="after_prematch">/bin/(\S+) (\S+) - (\S+) (\d+.\d+) (\d+)</regex> 
-  <order>action, status, srcip, id, extra_data</order> 
+        <prematch>^Mon|^Tue|^Wed|^Thu|^Fri|^Sat|^Sun \S+\s+\d+ \d\d:\d\d:\d\d \S+ \d+ /\.+/active-response</prematch>
+        <regex offset="after_prematch">/bin/(\S+) (\S+) - (\S+) (\d+.\d+) (\d+)</regex> 
+        <order>action, status, srcip, id, extra_data</order> 
 </decoder>
 
 <!-- Zeus decoder.
@@ -2379,95 +2366,67 @@ type=PATH msg=audit(1273924468.947:179534): item=0 name=(null) inode=424783 dev=
 </decoder>
 
 <!-- SELinux -->
-<decoder name="auditd-selinux">
-  <parent>auditd</parent>
-  <prematch offset="after_parent">^AVC </prematch>
-  <regex offset="after_parent">^(AVC) msg=audit\(\d\d\d\d\d\d\d\d\d\d.\d\d\d:(\d+)\): avc:  (\S+)  { \.+ } for  pid=\d+ comm="(\S+)" path="\S+" dev=\S+ ino=\d+ scontext=\S+ tcontext=\S+ tclass=\S+$</regex>
-  <order>action,id,status,extra_data</order>
-</decoder>
+  <decoder name="auditd-selinux">
+    <parent>auditd</parent>
+    <prematch offset="after_parent">^AVC </prematch>
+    <regex offset="after_parent">^(AVC) msg=audit\(\d\d\d\d\d\d\d\d\d\d.\d\d\d:(\d+)\): avc:  (\S+)  { \.+ } for  pid=\d+ comm="(\S+)" path="\S+" dev=\S+ ino=\d+ scontext=\S+ tcontext=\S+ tclass=\S+$</regex>
+    <order>action,id,status,extra_data</order>
+  </decoder>
 
 <!-- syscall -->
-<decoder name="auditd-syscall">
-  <parent>auditd</parent>
-  <prematch offset="after_parent">^SYSCALL </prematch>
-  <regex offset="after_parent">^(SYSCALL) msg=audit\(\d\d\d\d\d\d\d\d\d\d.\d\d\d:(\d+)\): arch=\w+ syscall=\d+ success=(\S+) exit=\S+ a0=\w+ a1=\w+ a2=\w+ a3=\w+ items=\d+ ppid=\d+ pid=\d+ auid=\d+ uid=\d+ gid=\d+ euid=\d+ suid=\d+ fsuid=\d+ egid=\d+ sgid=\d+ fsgid=\d+ tty=\S+ ses=\d+ comm="\S+" exe="(\.+)"</regex>
-  <order>action,id,status,extra_data</order>
-</decoder>
+  <decoder name="auditd-syscall">
+    <parent>auditd</parent>
+    <prematch offset="after_parent">^SYSCALL </prematch>
+    <regex offset="after_parent">^(SYSCALL) msg=audit\(\d\d\d\d\d\d\d\d\d\d.\d\d\d:(\d+)\): arch=\w+ syscall=\d+ success=(\S+) exit=\S+ a0=\w+ a1=\w+ a2=\w+ a3=\w+ items=\d+ ppid=\d+ pid=\d+ auid=\d+ uid=\d+ gid=\d+ euid=\d+ suid=\d+ fsuid=\d+ egid=\d+ sgid=\d+ fsgid=\d+ tty=\S+ ses=\d+ comm="\S+" exe="(\.+)"</regex>
+    <order>action,id,status,extra_data</order>
+  </decoder>
 
 <!-- config -->
-<decoder name="auditd-config">
-  <parent>auditd</parent>
-  <prematch offset="after_parent">^CONFIG_CHANGE </prematch>
-  <regex offset="after_parent">^(CONFIG_CHANGE) msg=audit\(\d\d\d\d\d\d\d\d\d\d.\d\d\d:(\d+)\): auid=\d+ ses=\d+ op="\.+" path="(\.+)" key="\S+" list=\d+ res=\d+$</regex>
-  <order>action,id,extra_data</order>
-</decoder>
+  <decoder name="auditd-config">
+    <parent>auditd</parent>
+    <prematch offset="after_parent">^CONFIG_CHANGE </prematch>
+    <regex offset="after_parent">^(CONFIG_CHANGE) msg=audit\(\d\d\d\d\d\d\d\d\d\d.\d\d\d:(\d+)\): auid=\d+ ses=\d+ op="\.+" path="(\.+)" key="\S+" list=\d+ res=\d+$</regex>
+    <order>action,id,extra_data</order>
+  </decoder>
 
 <!-- path (will only decode if name is not null)-->
-<decoder name="auditd-path">
-  <parent>auditd</parent>
-  <prematch offset="after_parent">^PATH </prematch>
-  <regex offset="after_parent">^(PATH) msg=audit\(\d\d\d\d\d\d\d\d\d\d.\d\d\d:(\d+)\): item=\d+ name="(\.+)" inode=\d+ dev=\S+ mode=\d+ ouid=\d+ ogid=\d+ rdev=\S+</regex>
-  <order>action,id,extra_data</order>
-</decoder>
+  <decoder name="auditd-path">
+    <parent>auditd</parent>
+    <prematch offset="after_parent">^PATH </prematch>
+    <regex offset="after_parent">^(PATH) msg=audit\(\d\d\d\d\d\d\d\d\d\d.\d\d\d:(\d+)\): item=\d+ name="(\.+)" inode=\d+ dev=\S+ mode=\d+ ouid=\d+ ogid=\d+ rdev=\S+</regex>
+    <order>action,id,extra_data</order>
+  </decoder>
 
 <!-- user-related -->
-<decoder name="auditd-user">
-  <parent>auditd</parent>
-  <regex offset="after_parent">^(USER_\S+) msg=audit\(\d\d\d\d\d\d\d\d\d\d.\d\d\d:(\d+)\): user pid=\d+ uid=\d+ auid=\d+|</regex>
-  <regex>^(CRED_\S+) msg=audit\(\d\d\d\d\d\d\d\d\d\d.\d\d\d:(\d+)\): user pid=\d+ uid=\d+ auid=\d+</regex>
-  <order>action,id</order>
-</decoder>
-
-<decoder name="auditd-user">
-  <parent>auditd</parent>
-  <regex offset="after_regex"> acct="(\.+)" : exe="(\.+)" \(hostname=\S+, addr=(\S+), terminal=\S+$</regex>
-  <order>user,extra_data,srcip</order>
-</decoder>
-
-<decoder name="auditd-user">
-  <parent>auditd</parent>
-  <regex offset="after_regex"> ses=\d+ subj=\S+ msg='\.+ acct="(\.+)" exe="(\.+)" hostname=\S+ addr=(\S+) terminal=\S+ res=(\S+)$</regex>
-  <order>user,extra_data,srcip,status</order>
-</decoder>
-
-<decoder name="auditd-user">
-  <parent>auditd</parent>
-  <regex offset="after_regex"> subj=\S+ msg='\.+ acct="(\.+)" \p*\s*exe="(\.+)" \(hostname=\S+, addr=(\S+), terminal=\S+ res=(\S+)\)'$</regex>
-  <order>user,extra_data,srcip,status</order>
-</decoder>
-
-<decoder name="auditd-user">
-  <parent>auditd</parent>
-  <regex offset="after_regex"> subj=\S+ msg='\.+ exe="(\.+)" \(hostname=\S+, addr=(\S+), terminal=\S+ res=(\S+)\)'$</regex>
-  <order>extra_data,srcip,status</order>
-</decoder>
-
-<!--
-mptscsih \ mptbase decoder
-
-Description: module for SCSI controllers.
-
-Examples:
-[ 5008.286061] mptscsih: ioc0: task abort: FAILED (rv=2003) (sc=ffff88007a8a9f00)
-
-[ 6498.769248] mptbase: ioc0: RAID STATUS CHANGE for PhysDisk 1 id=8
-[ 6498.769252] mptbase: ioc0:   PhysDisk is now failed, out of sync
-
-[ 6498.775783] mptbase: ioc0: RAID STATUS CHANGE for VolumeID 0
-[ 6498.775788] mptbase: ioc0:   volume is now degraded, enabled
--->
-<decoder name="mptscsih-1">
-  <parent>iptables</parent>
-  <prematch>^[\s\d+.\d+] mptscsih: </prematch>
-  <regex>^[\s\d+.\d+] (\w+): (\w+): task abort: (\w+)</regex>
-  <order>id,data,status</order>
-</decoder>
-
-<decoder name="mptbase-1">
-  <parent>iptables</parent>
-  <prematch>^[\s\d+.\d+] mptbase: </prematch>
-  <regex>^[\s\d+.\d+] (\w+): (\w+):\s+\w+ is now (\w+)\p\s(\D+)$</regex>
-  <order>id,data,action,status</order>
-</decoder>
+  <decoder name="auditd-user">
+    <parent>auditd</parent>
+    <regex offset="after_parent">^(USER_\S+) msg=audit\(\d\d\d\d\d\d\d\d\d\d.\d\d\d:(\d+)\): user pid=\d+ uid=\d+ auid=\d+|</regex>
+    <regex>^(CRED_\S+) msg=audit\(\d\d\d\d\d\d\d\d\d\d.\d\d\d:(\d+)\): user pid=\d+ uid=\d+ auid=\d+</regex>
+    <order>action,id</order>
+  </decoder>
+
+  <decoder name="auditd-user">
+    <parent>auditd</parent>
+    <regex offset="after_regex"> acct="(\.+)" : exe="(\.+)" \(hostname=\S+, addr=(\S+), terminal=\S+$</regex>
+    <order>user,extra_data,srcip</order>
+  </decoder>
+
+  <decoder name="auditd-user">
+    <parent>auditd</parent>
+    <regex offset="after_regex"> ses=\d+ subj=\S+ msg='\.+ acct="(\.+)" exe="(\.+)" hostname=\S+ addr=(\S+) terminal=\S+ res=(\S+)$</regex>
+    <order>user,extra_data,srcip,status</order>
+  </decoder>
+
+   <decoder name="auditd-user">
+    <parent>auditd</parent>
+    <regex offset="after_regex"> subj=\S+ msg='\.+ acct="(\.+)" \p*\s*exe="(\.+)" \(hostname=\S+, addr=(\S+), terminal=\S+ res=(\S+)\)'$</regex>
+    <order>user,extra_data,srcip,status</order>
+  </decoder>
+
+  <decoder name="auditd-user">
+    <parent>auditd</parent>
+    <regex offset="after_regex"> subj=\S+ msg='\.+ exe="(\.+)" \(hostname=\S+, addr=(\S+), terminal=\S+ res=(\S+)\)'$</regex>
+    <order>extra_data,srcip,status</order>
+  </decoder>
 
 <!-- EOF -->
diff --git a/etc/rules/._apache_rules.xml b/etc/rules/._apache_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._apache_rules.xml differ
diff --git a/etc/rules/._arpwatch_rules.xml b/etc/rules/._arpwatch_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._arpwatch_rules.xml differ
diff --git a/etc/rules/._asterisk_rules.xml b/etc/rules/._asterisk_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._asterisk_rules.xml differ
diff --git a/etc/rules/._attack_rules.xml b/etc/rules/._attack_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._attack_rules.xml differ
diff --git a/etc/rules/._bro-ids_rules.xml b/etc/rules/._bro-ids_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._bro-ids_rules.xml differ
diff --git a/etc/rules/._cimserver_rules.xml b/etc/rules/._cimserver_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._cimserver_rules.xml differ
diff --git a/etc/rules/._cisco-ios_rules.xml b/etc/rules/._cisco-ios_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._cisco-ios_rules.xml differ
diff --git a/etc/rules/._clam_av_rules.xml b/etc/rules/._clam_av_rules.xml
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._clam_av_rules.xml differ
diff --git a/etc/rules/._courier_rules.xml b/etc/rules/._courier_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._courier_rules.xml differ
diff --git a/etc/rules/._dovecot_rules.xml b/etc/rules/._dovecot_rules.xml
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._dovecot_rules.xml differ
diff --git a/etc/rules/._dropbear_rules.xml b/etc/rules/._dropbear_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._dropbear_rules.xml differ
diff --git a/etc/rules/._firewall_rules.xml b/etc/rules/._firewall_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._firewall_rules.xml differ
diff --git a/etc/rules/._ftpd_rules.xml b/etc/rules/._ftpd_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._ftpd_rules.xml differ
diff --git a/etc/rules/._hordeimp_rules.xml b/etc/rules/._hordeimp_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._hordeimp_rules.xml differ
diff --git a/etc/rules/._ids_rules.xml b/etc/rules/._ids_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._ids_rules.xml differ
diff --git a/etc/rules/._imapd_rules.xml b/etc/rules/._imapd_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._imapd_rules.xml differ
diff --git a/etc/rules/._local_rules.xml b/etc/rules/._local_rules.xml
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._local_rules.xml differ
diff --git a/etc/rules/._mailscanner_rules.xml b/etc/rules/._mailscanner_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._mailscanner_rules.xml differ
diff --git a/etc/rules/._mcafee_av_rules.xml b/etc/rules/._mcafee_av_rules.xml
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._mcafee_av_rules.xml differ
diff --git a/etc/rules/._ms-exchange_rules.xml b/etc/rules/._ms-exchange_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._ms-exchange_rules.xml differ
diff --git a/etc/rules/._ms-se_rules.xml b/etc/rules/._ms-se_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._ms-se_rules.xml differ
diff --git a/etc/rules/._ms_dhcp_rules.xml b/etc/rules/._ms_dhcp_rules.xml
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._ms_dhcp_rules.xml differ
diff --git a/etc/rules/._ms_ftpd_rules.xml b/etc/rules/._ms_ftpd_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._ms_ftpd_rules.xml differ
diff --git a/etc/rules/._msauth_rules.xml b/etc/rules/._msauth_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._msauth_rules.xml differ
diff --git a/etc/rules/._mysql_rules.xml b/etc/rules/._mysql_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._mysql_rules.xml differ
diff --git a/etc/rules/._named_rules.xml b/etc/rules/._named_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._named_rules.xml differ
diff --git a/etc/rules/._netscreenfw_rules.xml b/etc/rules/._netscreenfw_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._netscreenfw_rules.xml differ
diff --git a/etc/rules/._nginx_rules.xml b/etc/rules/._nginx_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._nginx_rules.xml differ
diff --git a/etc/rules/._openbsd_rules.xml b/etc/rules/._openbsd_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._openbsd_rules.xml differ
diff --git a/etc/rules/._ossec_rules.xml b/etc/rules/._ossec_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._ossec_rules.xml differ
diff --git a/etc/rules/._pam_rules.xml b/etc/rules/._pam_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._pam_rules.xml differ
diff --git a/etc/rules/._php_rules.xml b/etc/rules/._php_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._php_rules.xml differ
diff --git a/etc/rules/._pix_rules.xml b/etc/rules/._pix_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._pix_rules.xml differ
diff --git a/etc/rules/._policy_rules.xml b/etc/rules/._policy_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._policy_rules.xml differ
diff --git a/etc/rules/._postfix_rules.xml b/etc/rules/._postfix_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._postfix_rules.xml differ
diff --git a/etc/rules/._postgresql_rules.xml b/etc/rules/._postgresql_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._postgresql_rules.xml differ
diff --git a/etc/rules/._proftpd_rules.xml b/etc/rules/._proftpd_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._proftpd_rules.xml differ
diff --git a/etc/rules/._pure-ftpd_rules.xml b/etc/rules/._pure-ftpd_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._pure-ftpd_rules.xml differ
diff --git a/etc/rules/._racoon_rules.xml b/etc/rules/._racoon_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._racoon_rules.xml differ
diff --git a/etc/rules/._roundcube_rules.xml b/etc/rules/._roundcube_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._roundcube_rules.xml differ
diff --git a/etc/rules/._rules_config.xml b/etc/rules/._rules_config.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._rules_config.xml differ
diff --git a/etc/rules/._sendmail_rules.xml b/etc/rules/._sendmail_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._sendmail_rules.xml differ
diff --git a/etc/rules/._smbd_rules.xml b/etc/rules/._smbd_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._smbd_rules.xml differ
diff --git a/etc/rules/._solaris_bsm_rules.xml b/etc/rules/._solaris_bsm_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._solaris_bsm_rules.xml differ
diff --git a/etc/rules/._sonicwall_rules.xml b/etc/rules/._sonicwall_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._sonicwall_rules.xml differ
diff --git a/etc/rules/._spamd_rules.xml b/etc/rules/._spamd_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._spamd_rules.xml differ
diff --git a/etc/rules/._squid_rules.xml b/etc/rules/._squid_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._squid_rules.xml differ
diff --git a/etc/rules/._sshd_rules.xml b/etc/rules/._sshd_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._sshd_rules.xml differ
diff --git a/etc/rules/._symantec-av_rules.xml b/etc/rules/._symantec-av_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._symantec-av_rules.xml differ
diff --git a/etc/rules/._symantec-ws_rules.xml b/etc/rules/._symantec-ws_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._symantec-ws_rules.xml differ
diff --git a/etc/rules/._syslog_rules.xml b/etc/rules/._syslog_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._syslog_rules.xml differ
diff --git a/etc/rules/._telnetd_rules.xml b/etc/rules/._telnetd_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._telnetd_rules.xml differ
diff --git a/etc/rules/._trend-osce_rules.xml b/etc/rules/._trend-osce_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._trend-osce_rules.xml differ
diff --git a/etc/rules/._vmpop3d_rules.xml b/etc/rules/._vmpop3d_rules.xml
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._vmpop3d_rules.xml differ
diff --git a/etc/rules/._vmware_rules.xml b/etc/rules/._vmware_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._vmware_rules.xml differ
diff --git a/etc/rules/._vpn_concentrator_rules.xml b/etc/rules/._vpn_concentrator_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._vpn_concentrator_rules.xml differ
diff --git a/etc/rules/._vpopmail_rules.xml b/etc/rules/._vpopmail_rules.xml
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._vpopmail_rules.xml differ
diff --git a/etc/rules/._vsftpd_rules.xml b/etc/rules/._vsftpd_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._vsftpd_rules.xml differ
diff --git a/etc/rules/._web_appsec_rules.xml b/etc/rules/._web_appsec_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._web_appsec_rules.xml differ
diff --git a/etc/rules/._web_rules.xml b/etc/rules/._web_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._web_rules.xml differ
diff --git a/etc/rules/._wordpress_rules.xml b/etc/rules/._wordpress_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._wordpress_rules.xml differ
diff --git a/etc/rules/._zeus_rules.xml b/etc/rules/._zeus_rules.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/._zeus_rules.xml differ
diff --git a/etc/rules/log-entries/._101 b/etc/rules/log-entries/._101
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._101 differ
diff --git a/etc/rules/log-entries/._1101 b/etc/rules/log-entries/._1101
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._1101 differ
diff --git a/etc/rules/log-entries/._1301_1302_1303 b/etc/rules/log-entries/._1301_1302_1303
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._1301_1302_1303 differ
diff --git a/etc/rules/log-entries/._1401 b/etc/rules/log-entries/._1401
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._1401 differ
diff --git a/etc/rules/log-entries/._1402 b/etc/rules/log-entries/._1402
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._1402 differ
diff --git a/etc/rules/log-entries/._1602 b/etc/rules/log-entries/._1602
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._1602 differ
diff --git a/etc/rules/log-entries/._1603 b/etc/rules/log-entries/._1603
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._1603 differ
diff --git a/etc/rules/log-entries/._1607 b/etc/rules/log-entries/._1607
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._1607 differ
diff --git a/etc/rules/log-entries/._1609 b/etc/rules/log-entries/._1609
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._1609 differ
diff --git a/etc/rules/log-entries/._1901 b/etc/rules/log-entries/._1901
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._1901 differ
diff --git a/etc/rules/log-entries/._1902 b/etc/rules/log-entries/._1902
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._1902 differ
diff --git a/etc/rules/log-entries/._1903 b/etc/rules/log-entries/._1903
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._1903 differ
diff --git a/etc/rules/log-entries/._1905 b/etc/rules/log-entries/._1905
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._1905 differ
diff --git a/etc/rules/log-entries/._201 b/etc/rules/log-entries/._201
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._201 differ
diff --git a/etc/rules/log-entries/._202 b/etc/rules/log-entries/._202
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._202 differ
diff --git a/etc/rules/log-entries/._204 b/etc/rules/log-entries/._204
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._204 differ
diff --git a/etc/rules/log-entries/._2501 b/etc/rules/log-entries/._2501
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._2501 differ
diff --git a/etc/rules/log-entries/._2601 b/etc/rules/log-entries/._2601
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._2601 differ
diff --git a/etc/rules/log-entries/._301 b/etc/rules/log-entries/._301
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._301 differ
diff --git a/etc/rules/log-entries/._401 b/etc/rules/log-entries/._401
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._401 differ
diff --git a/etc/rules/log-entries/._403 b/etc/rules/log-entries/._403
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._403 differ
diff --git a/etc/rules/log-entries/._408 b/etc/rules/log-entries/._408
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._408 differ
diff --git a/etc/rules/log-entries/._409 b/etc/rules/log-entries/._409
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._409 differ
diff --git a/etc/rules/log-entries/._access-control b/etc/rules/log-entries/._access-control
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._access-control differ
diff --git a/etc/rules/log-entries/._apache-error.logs b/etc/rules/log-entries/._apache-error.logs
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._apache-error.logs differ
diff --git a/etc/rules/log-entries/._cisco-ios-ids b/etc/rules/log-entries/._cisco-ios-ids
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._cisco-ios-ids differ
diff --git a/etc/rules/log-entries/._ciscoios b/etc/rules/log-entries/._ciscoios
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._ciscoios differ
diff --git a/etc/rules/log-entries/._ftpd b/etc/rules/log-entries/._ftpd
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._ftpd differ
diff --git a/etc/rules/log-entries/._iis6 b/etc/rules/log-entries/._iis6
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._iis6 differ
diff --git a/etc/rules/log-entries/._imapd b/etc/rules/log-entries/._imapd
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._imapd differ
diff --git a/etc/rules/log-entries/._kernel b/etc/rules/log-entries/._kernel
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._kernel differ
diff --git a/etc/rules/log-entries/._mail-alerts b/etc/rules/log-entries/._mail-alerts
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._mail-alerts differ
diff --git a/etc/rules/log-entries/._mail-errors b/etc/rules/log-entries/._mail-errors
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._mail-errors differ
diff --git a/etc/rules/log-entries/._ns1 b/etc/rules/log-entries/._ns1
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._ns1 differ
diff --git a/etc/rules/log-entries/._proftpd b/etc/rules/log-entries/._proftpd
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._proftpd differ
diff --git a/etc/rules/log-entries/._smbd b/etc/rules/log-entries/._smbd
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._smbd differ
diff --git a/etc/rules/log-entries/._spamd b/etc/rules/log-entries/._spamd
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._spamd differ
diff --git a/etc/rules/log-entries/._sshd b/etc/rules/log-entries/._sshd
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._sshd differ
diff --git a/etc/rules/log-entries/._symantecws b/etc/rules/log-entries/._symantecws
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._symantecws differ
diff --git a/etc/rules/log-entries/._telnetd b/etc/rules/log-entries/._telnetd
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._telnetd differ
diff --git a/etc/rules/log-entries/._unkown b/etc/rules/log-entries/._unkown
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._unkown differ
diff --git a/etc/rules/log-entries/._vpn.log b/etc/rules/log-entries/._vpn.log
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._vpn.log differ
diff --git a/etc/rules/log-entries/._vpopmail b/etc/rules/log-entries/._vpopmail
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._vpopmail differ
diff --git a/etc/rules/log-entries/._worms b/etc/rules/log-entries/._worms
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._worms differ
diff --git a/etc/rules/log-entries/._xferlog b/etc/rules/log-entries/._xferlog
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/log-entries/._xferlog differ
diff --git a/etc/rules/nginx_rules.xml b/etc/rules/nginx_rules.xml
index 855a605..d51615d 100755
--- a/etc/rules/nginx_rules.xml
+++ b/etc/rules/nginx_rules.xml
@@ -70,12 +70,6 @@
     <group>authentication_failures,</group>
   </rule>
 
-  <rule id="31317" level="0">
-    <if_sid>31303</if_sid>
-    <match>failed (2: No such file or directory</match>
-    <description>Common cache error when files were removed.</description>
-  </rule>
-
   <rule id="31320" level="10">
     <if_sid>31303</if_sid>
     <match>failed (63: File name too long)</match>
diff --git a/etc/rules/openbsd_rules.xml b/etc/rules/openbsd_rules.xml
index 171b7a0..d2f458d 100755
--- a/etc/rules/openbsd_rules.xml
+++ b/etc/rules/openbsd_rules.xml
@@ -185,13 +185,13 @@
     <description>Duplicate IPv6 address.</description>
   </rule>
 
-  <rule id="51529" level="0">
+  <rule id="51528" level="0">
     <decoded_as>bsd_kernel</decoded_as>
     <match>failed loadfirmware of file</match>
     <description>Could not load a firmware.</description>
   </rule>
 
-  <rule id="51530" level="0">
+  <rule id="51529" level="0">
     <program_name>^hotplugd</program_name>
     <match>Permission denied$</match>
     <description>hotplugd could not open a file.</description>
diff --git a/etc/rules/pure-ftpd_rules.xml b/etc/rules/pure-ftpd_rules.xml
index 8d9e1ff..38c3246 100755
--- a/etc/rules/pure-ftpd_rules.xml
+++ b/etc/rules/pure-ftpd_rules.xml
@@ -59,31 +59,10 @@
   </rule>
 
   <rule id="11309" level="3">
-    <if_sid>11300</if_sid>
-    <match>[INFO] \S+ is now logged in| is now logged in</match>
+    <match>[INFO] \S+ is now logged in</match>
     <description>FTP Authentication success.</description>
     <group>authentication_success,</group>
   </rule>  
-
-  <rule id="11310" level="0">
-    <decoded_as>pure-transfer</decoded_as>
-    <description>Rule grouping for pure ftpd transfers.</description>
-  </rule>
-
-  <rule id="11311" level="0">
-    <if_sid>11310</if_sid>
-    <action>PUT</action>
-    <description>File added to ftpd.</description>
-  </rule>
-
-  <rule id="11312" level="0">
-    <if_sid>11310</if_sid>
-    <action>GET</action>
-    <description>File retrieved from ftpd.</description>
-  </rule>
-
-
-
 </group> <!-- SYSLOG,PURE-FTPD -->
 
 
diff --git a/etc/rules/syslog_rules.xml b/etc/rules/syslog_rules.xml
index a385e43..80a00ee 100755
--- a/etc/rules/syslog_rules.xml
+++ b/etc/rules/syslog_rules.xml
@@ -617,38 +617,6 @@
     <group>config_changed,</group>
     <description>Yum package deleted.</description>
   </rule>
-
-  <!-- SCSI CONTROLLER -->
-  <rule id="2935" level="0" noalert="1">
-    <if_sid>5100</if_sid>
-    <id>mptscsih</id>
-    <description>Grouping for the mptscrih rules.</description>
-  </rule>
-
-  <rule id="2936" level="0" noalert="1">
-    <if_sid>5100</if_sid>
-    <id>mptbase</id>
-    <description>Grouping for the mptbase rules.</description>
-  </rule>
-
-  <rule id="2937" level="12">
-    <if_sid>2935</if_sid>
-    <status>FAILED</status>
-    <description>Posible Disk failure. SCSI controller error.</description>
-  </rule>
-
-  <rule id="2938" level="12">
-    <if_sid>2936</if_sid>
-    <action>failed</action>
-    <description>SCSI RAID ARRAY ERROR, drive failed.</description>
-  </rule>
-
-  <rule id="2939" level="12">
-    <if_sid>2936</if_sid>
-    <action>degraded</action>
-    <description>SCSI RAID is now in a degraded status.</description>
-  </rule>
-
 </group>
 
 
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_da.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_da.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_da.xml differ
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_de.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_de.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_de.xml differ
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_en.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_en.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_en.xml differ
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_es.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_es.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_es.xml differ
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_fr.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_fr.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_fr.xml differ
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_fr_funny.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_fr_funny.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_fr_funny.xml differ
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_it.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_it.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_it.xml differ
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_nl.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_nl.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_nl.xml differ
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_no.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_no.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_no.xml differ
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_pt_br.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_pt_br.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_pt_br.xml differ
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_ro.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_ro.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_ro.xml differ
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_sk.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_sk.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_sk.xml differ
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_sv.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_sv.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_sv.xml differ
diff --git a/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_tr.xml b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_tr.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/rules/translated/pure_ftpd/._pure-ftpd_rules_tr.xml differ
diff --git a/etc/rules/web_appsec_rules.xml b/etc/rules/web_appsec_rules.xml
index 3f405c0..e3d9aaa 100755
--- a/etc/rules/web_appsec_rules.xml
+++ b/etc/rules/web_appsec_rules.xml
@@ -56,7 +56,7 @@
   <rule id="31504" level="6">
     <if_sid>31100</if_sid>
     <url>login.php</url>
-    <regex>/admin/\w+.php/login.php</regex>
+    <regex> "GET /\S+/admin/file_manager.php/login.php</regex>
     <description>osCommerce file manager login.php bypass attempt.</description>
    </rule>
 
@@ -88,23 +88,23 @@
   <!-- BAD/Annoying user agents -->
   <rule id="31508" level="6">
     <if_sid>31100</if_sid>
-    <match> "ZmEu"| "libwww-perl/|"the beast"|"Morfeus|"ZmEu|"Nikto|"w3af.sourceforge.net|MJ12bot/v</match>
+    <match> "ZmEu"| "libwww-perl/</match>
     <description>Blacklisted user agent (known malicious user agent).</description>
   </rule>
 
   <!-- WordPress wp-login.php brute force -->
   <rule id="31509" level="3">
     <if_sid>31108</if_sid>
-    <url>wp-login.php|/administrator</url>
-    <regex>] "POST \S+wp-login.php| "POST /administrator</regex>
-    <description>CMS (WordPress or Joomla) login attempt.</description>
+    <url>wp-login.php</url>
+    <regex>] "POST \S+wp-login.php</regex>
+    <description>WordPress login attempt.</description>
   </rule>
 
   <!-- If we see frequent wp-login POST's, it is likely a bot. -->
-  <rule id="31510" level="8" frequency="6" timeframe="30">
+  <rule id="31510" level="6" frequency="4" timeframe="120" ignore="30">
     <if_matched_sid>31509</if_matched_sid>
     <same_source_ip />
-    <description>CMS (WordPress or Joomla) brute force attempt.</description>
+    <description>WordPress wp-login.php brute force attempt.</description>
   </rule>
 
   <!-- Nothing wrong with wget per se, but it misses a lot of links
@@ -122,7 +122,7 @@
     <if_sid>31100</if_sid>
     <url>uploadify.php</url>
     <regex> "GET /\S+/uploadify.php?src=http://\S+.php</regex>
-    <description>Uploadify vulnerability exploit attempt.</description>
+    <description>TimThumb vulnerability exploit attempt.</description>
    </rule>
 
   <!-- BBS delete.php skin_path.
@@ -134,58 +134,19 @@
     <description>BBS delete.php exploit attempt.</description>
    </rule>
 
-  <!-- Simple shell.php command execution
-    -->
-  <rule id="31514" level="6">
+  <!-- Anomaly rules - Used on common web attacks -->
+  <rule id="31550" level="6">
     <if_sid>31100</if_sid>
-    <url>shell.php</url>
-    <regex> "GET \S+/shell.php?cmd=</regex>
-    <description>Simple shell.php command execution.</description>
+    <url>%00</url>
+    <regex> "GET /\S+.php?\S+%00</regex>
+    <description>Anomaly URL query (attempting to pass null termination).</description>
    </rule>
 
-  <!-- PHPMyAdmin scans
-    -->
-  <rule id="31515" level="6">
-    <if_sid>31100</if_sid>
-    <url>phpMyAdmin/scripts/setup.php</url>
-    <description>PHPMyAdmin scans (looking for setup.php).</description>
-   </rule>
 
-  <!-- Suspicious URL's access 
-    -->
-  <rule id="31516" level="6">
-    <if_sid>31100</if_sid>
-    <url>.swp$|.bak$|/.htaccess|/server-status|/.ssh|/.history</url>
-    <description>Suspicious URL access.</description>
-   </rule>
 
-  <!-- Checking POST requests - Too many in a small type = likely a bot -->
-  <rule id="31530" level="3">
-    <if_sid>31100</if_sid>
-    <match>] "POST </match>
-    <options>no_log</options>
-    <description>POST request received.</description>
-   </rule>
 
-   <rule id="31531" level="0">
-    <if_sid>31530</if_sid>
-    <url>/wp-admin/|/administrator/|/admin/</url>
-    <description>Ignoring often post requests inside /wp-admin and /admin.</description>
-   </rule>
 
-   <rule id="31533" level="10" timeframe="20" frequency="6">
-    <if_matched_sid>31530</if_matched_sid>
-    <same_source_ip />
-    <description>High amount of POST requests in a small period of time (likely bot).</description>
-   </rule>
 
-  <!-- Anomaly rules - Used on common web attacks -->
-  <rule id="31550" level="6">
-    <if_sid>31100</if_sid>
-    <url>%00</url>
-    <regex> "GET /\S+.php?\S+%00</regex>
-    <description>Anomaly URL query (attempting to pass null termination).</description>
-   </rule>
 
 
 </group>
diff --git a/etc/rules/web_rules.xml b/etc/rules/web_rules.xml
index bba91f4..b35d899 100755
--- a/etc/rules/web_rules.xml
+++ b/etc/rules/web_rules.xml
@@ -1,4 +1,4 @@
-<!-- @(#) $Id: ./etc/rules/web_rules.xml, 2013/02/28 dcid Exp $
+<!-- @(#) $Id: ./etc/rules/web_rules.xml, 2012/05/08 dcid Exp $
 
   -
   -  Official Web access rules for OSSEC.
@@ -36,14 +36,14 @@
 
   <rule id="31102" level="0">
     <if_sid>31101</if_sid>
-    <url>.jpg$|.gif$|favicon.ico$|.png$|robots.txt$|.css$|.js$|.jpeg$</url>
+    <url>.jpg$|.gif$|favicon.ico$|.png$|robots.txt$|.css$|.js$</url>
     <compiled_rule>is_simple_http_request</compiled_rule>
     <description>Ignored extensions on 400 error codes.</description>
   </rule>
   
   <rule id="31103" level="6">
     <if_sid>31100</if_sid>
-    <url>=select%20|select+|insert%20|%20from%20|%20where%20|union%20|</url>
+    <url>='|select%20|select+|insert%20|%20from%20|%20where%20|union%20|</url>
     <url>union+|where+|null,null|xp_cmdshell</url>
     <description>SQL injection attempt.</description>
     <group>attack,sql_injection,</group>
@@ -54,10 +54,10 @@
     
     <!-- Attempt to do directory transversal, simple sql injections,
       -  or access to the etc or bin directory (unix). -->
-    <url>%027|%00|%01|%7f|%2E%2E|%0A|%0D|../..|..\..|echo;|</url>
-    <url>cmd.exe|root.exe|_mem_bin|msadc|/winnt/|/boot.ini|</url>
+    <url>%027|%00|%01|%7f|%2E%2E|%0A|%0D|../..|..\..|echo;|..|</url>
+    <url>cmd.exe|root.exe|_mem_bin|msadc|/winnt/|</url>
     <url>/x90/|default.ida|/sumthin|nsiislog.dll|chmod%|wget%|cd%20|</url>
-    <url>exec%20|../..//|%5C../%5C|././././|2e%2e%5c%2e|\x5C\x5C</url>
+    <url>cat%20|exec%20|rm%20</url>
     <description>Common web attack.</description>
     <group>attack,</group>
   </rule>
@@ -86,7 +86,7 @@
 
   <rule id="31109" level="6">
     <if_sid>31100</if_sid>
-    <url>+as+varchar</url>
+    <url>+as+varchar(8000)</url>
     <regex>%2Bchar\(\d+\)%2Bchar\(\d+\)%2Bchar\(\d+\)%2Bchar\(\d+\)%2Bchar\(\d+\)%2Bchar\(\d+\)</regex>
     <description>MSSQL Injection attempt (/ur.php, urchin.js)</description>
     <group>attack,</group>
@@ -102,14 +102,13 @@
     <description>Ignored URLs for the web attacks</description>
   </rule>
 
-  <rule id="31115" level="13" maxsize="7900">
+  <rule id="31115" level="13" maxsize="5900">
     <if_sid>31100</if_sid>
     <description>URL too long. Higher than allowed on most </description>
     <description>browsers. Possible attack.</description>
     <group>invalid_access,</group>
   </rule>
 
-
   <!-- 500 error codes, server error
     - http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
     -->
@@ -148,15 +147,8 @@
     <description>Ignoring google/msn/yahoo bots.</description>
   </rule>
 
-  <!-- Ignoring nginx 499's -->
-  <rule id="31141" level="0">
-    <if_sid>31101</if_sid>
-    <id>^499</id>
-    <description>Ignored 499's on nginx.</description>
-  </rule>
-
   
-  <rule id="31151" level="10" frequency="12" timeframe="90">
+  <rule id="31151" level="10" frequency="10" timeframe="120">
     <if_matched_sid>31101</if_matched_sid>
     <same_source_ip />
     <description>Multiple web server 400 error codes </description>
@@ -187,39 +179,24 @@
     <group>attack,</group>
   </rule>
   
-  <rule id="31161" level="10" frequency="12" timeframe="120">
+  <rule id="31161" level="10" frequency="8" timeframe="120">
     <if_matched_sid>31121</if_matched_sid>
     <same_source_ip />
     <description>Multiple web server 501 error code (Not Implemented).</description>
     <group>web_scan,recon,</group>
   </rule>
   
-  <rule id="31162" level="10" frequency="12" timeframe="120">
+  <rule id="31162" level="10" frequency="5" timeframe="120">
     <if_matched_sid>31122</if_matched_sid>
     <same_source_ip />
     <description>Multiple web server 500 error code (Internal Error).</description>
     <group>system_error,</group>
   </rule>
   
-  <rule id="31163" level="10" frequency="12" timeframe="120">
+  <rule id="31163" level="10" frequency="8" timeframe="120">
     <if_matched_sid>31123</if_matched_sid>
     <same_source_ip />
     <description>Multiple web server 503 error code (Service unavailable).</description>
     <group>web_scan,recon,</group>
   </rule>
-
-  <rule id="31164" level="6">
-    <if_sid>31100</if_sid>
-    <url>=%27|select%2B|insert%2B|%2Bfrom%2B|%2Bwhere%2B|%2Bunion%2B</url>
-    <description>SQL injection attempt.</description>
-    <group>attack,sqlinjection,</group>
-  </rule>
-
-  <rule id="31165" level="6">
-    <if_sid>31100</if_sid>
-    <url>%EF%BC%87|%EF%BC%87|%EF%BC%87|%2531|%u0053%u0045</url>
-    <description>SQL injection attempt.</description>
-    <group>attack,sqlinjection,</group>
-  </rule>
-
 </group> <!-- Web access log -->
diff --git a/etc/templates/br/._language.txt b/etc/templates/br/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/._language.txt differ
diff --git a/etc/templates/br/._messages.txt b/etc/templates/br/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/._messages.txt differ
diff --git a/etc/templates/br/errors/._0x1-location.txt b/etc/templates/br/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/errors/._0x1-location.txt differ
diff --git a/etc/templates/br/errors/._0x2-beroot.txt b/etc/templates/br/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/br/errors/._0x3-dependencies.txt b/etc/templates/br/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/br/errors/._0x4-installtype.txt b/etc/templates/br/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/br/errors/._0x5-build.txt b/etc/templates/br/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/errors/._0x5-build.txt differ
diff --git a/etc/templates/br/messages/._0x101-initial.txt b/etc/templates/br/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/messages/._0x101-initial.txt differ
diff --git a/etc/templates/br/messages/._0x102-installhelp.txt b/etc/templates/br/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/br/messages/._0x103-thanksforusing.txt b/etc/templates/br/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/br/messages/._0x104-client.txt b/etc/templates/br/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/messages/._0x104-client.txt differ
diff --git a/etc/templates/br/messages/._0x105-noboot.txt b/etc/templates/br/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/br/messages/._0x106-logs.txt b/etc/templates/br/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/messages/._0x106-logs.txt differ
diff --git a/etc/templates/br/messages/._0x107-ar.txt b/etc/templates/br/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/messages/._0x107-ar.txt differ
diff --git a/etc/templates/br/messages/._0x108-ar-enabled.txt b/etc/templates/br/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/br/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/cn/._language.txt b/etc/templates/cn/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/._language.txt differ
diff --git a/etc/templates/cn/._messages.txt b/etc/templates/cn/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/._messages.txt differ
diff --git a/etc/templates/cn/errors/._0x1-location.txt b/etc/templates/cn/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/errors/._0x1-location.txt differ
diff --git a/etc/templates/cn/errors/._0x2-beroot.txt b/etc/templates/cn/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/cn/errors/._0x3-dependencies.txt b/etc/templates/cn/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/cn/errors/._0x4-installtype.txt b/etc/templates/cn/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/cn/errors/._0x5-build.txt b/etc/templates/cn/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/errors/._0x5-build.txt differ
diff --git a/etc/templates/cn/messages/._0x101-initial.txt b/etc/templates/cn/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/messages/._0x101-initial.txt differ
diff --git a/etc/templates/cn/messages/._0x102-installhelp.txt b/etc/templates/cn/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/cn/messages/._0x103-thanksforusing.txt b/etc/templates/cn/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/cn/messages/._0x104-client.txt b/etc/templates/cn/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/messages/._0x104-client.txt differ
diff --git a/etc/templates/cn/messages/._0x105-noboot.txt b/etc/templates/cn/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/cn/messages/._0x106-logs.txt b/etc/templates/cn/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/messages/._0x106-logs.txt differ
diff --git a/etc/templates/cn/messages/._0x107-ar.txt b/etc/templates/cn/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/messages/._0x107-ar.txt differ
diff --git a/etc/templates/cn/messages/._0x108-ar-enabled.txt b/etc/templates/cn/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/cn/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/config/._active-response.template b/etc/templates/config/._active-response.template
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/config/._active-response.template differ
diff --git a/etc/templates/config/._apache-logs.template b/etc/templates/config/._apache-logs.template
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/config/._apache-logs.template differ
diff --git a/etc/templates/config/._ar-disable-account.template b/etc/templates/config/._ar-disable-account.template
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/config/._ar-disable-account.template differ
diff --git a/etc/templates/config/._ar-firewall-drop.template b/etc/templates/config/._ar-firewall-drop.template
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/config/._ar-firewall-drop.template differ
diff --git a/etc/templates/config/._ar-host-deny.template b/etc/templates/config/._ar-host-deny.template
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/config/._ar-host-deny.template differ
diff --git a/etc/templates/config/._ar-routenull.template b/etc/templates/config/._ar-routenull.template
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/config/._ar-routenull.template differ
diff --git a/etc/templates/config/._pgsql-logs.template b/etc/templates/config/._pgsql-logs.template
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/config/._pgsql-logs.template differ
diff --git a/etc/templates/config/._rootcheck.template b/etc/templates/config/._rootcheck.template
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/config/._rootcheck.template differ
diff --git a/etc/templates/config/._rules.template b/etc/templates/config/._rules.template
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/config/._rules.template differ
diff --git a/etc/templates/config/._snort-logs.template b/etc/templates/config/._snort-logs.template
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/config/._snort-logs.template differ
diff --git a/etc/templates/config/._syscheck.template b/etc/templates/config/._syscheck.template
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/config/._syscheck.template differ
diff --git a/etc/templates/config/._syslog-logs.template b/etc/templates/config/._syslog-logs.template
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/config/._syslog-logs.template differ
diff --git a/etc/templates/de/._language.txt b/etc/templates/de/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/._language.txt differ
diff --git a/etc/templates/de/._messages.txt b/etc/templates/de/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/._messages.txt differ
diff --git a/etc/templates/de/errors/._0x1-location.txt b/etc/templates/de/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/errors/._0x1-location.txt differ
diff --git a/etc/templates/de/errors/._0x2-beroot.txt b/etc/templates/de/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/de/errors/._0x3-dependencies.txt b/etc/templates/de/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/de/errors/._0x4-installtype.txt b/etc/templates/de/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/de/errors/._0x5-build.txt b/etc/templates/de/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/errors/._0x5-build.txt differ
diff --git a/etc/templates/de/messages/._0x101-initial.txt b/etc/templates/de/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/messages/._0x101-initial.txt differ
diff --git a/etc/templates/de/messages/._0x102-installhelp.txt b/etc/templates/de/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/de/messages/._0x103-thanksforusing.txt b/etc/templates/de/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/de/messages/._0x104-client.txt b/etc/templates/de/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/messages/._0x104-client.txt differ
diff --git a/etc/templates/de/messages/._0x105-noboot.txt b/etc/templates/de/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/de/messages/._0x106-logs.txt b/etc/templates/de/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/messages/._0x106-logs.txt differ
diff --git a/etc/templates/de/messages/._0x107-ar.txt b/etc/templates/de/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/messages/._0x107-ar.txt differ
diff --git a/etc/templates/de/messages/._0x108-ar-enabled.txt b/etc/templates/de/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/de/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/el/._language.txt b/etc/templates/el/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/._language.txt differ
diff --git a/etc/templates/el/._messages.txt b/etc/templates/el/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/._messages.txt differ
diff --git a/etc/templates/el/errors/._0x1-location.txt b/etc/templates/el/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/errors/._0x1-location.txt differ
diff --git a/etc/templates/el/errors/._0x2-beroot.txt b/etc/templates/el/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/el/errors/._0x3-dependencies.txt b/etc/templates/el/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/el/errors/._0x4-installtype.txt b/etc/templates/el/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/el/errors/._0x5-build.txt b/etc/templates/el/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/errors/._0x5-build.txt differ
diff --git a/etc/templates/el/messages/._0x101-initial.txt b/etc/templates/el/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/messages/._0x101-initial.txt differ
diff --git a/etc/templates/el/messages/._0x102-installhelp.txt b/etc/templates/el/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/el/messages/._0x103-thanksforusing.txt b/etc/templates/el/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/el/messages/._0x104-client.txt b/etc/templates/el/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/messages/._0x104-client.txt differ
diff --git a/etc/templates/el/messages/._0x105-noboot.txt b/etc/templates/el/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/el/messages/._0x106-logs.txt b/etc/templates/el/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/messages/._0x106-logs.txt differ
diff --git a/etc/templates/el/messages/._0x107-ar.txt b/etc/templates/el/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/messages/._0x107-ar.txt differ
diff --git a/etc/templates/el/messages/._0x108-ar-enabled.txt b/etc/templates/el/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/el/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/en/._language.txt b/etc/templates/en/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/._language.txt differ
diff --git a/etc/templates/en/._messages.txt b/etc/templates/en/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/._messages.txt differ
diff --git a/etc/templates/en/errors/._0x1-location.txt b/etc/templates/en/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/errors/._0x1-location.txt differ
diff --git a/etc/templates/en/errors/._0x2-beroot.txt b/etc/templates/en/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/en/errors/._0x3-dependencies.txt b/etc/templates/en/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/en/errors/._0x4-installtype.txt b/etc/templates/en/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/en/errors/._0x5-build.txt b/etc/templates/en/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/errors/._0x5-build.txt differ
diff --git a/etc/templates/en/messages/._0x101-initial.txt b/etc/templates/en/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/messages/._0x101-initial.txt differ
diff --git a/etc/templates/en/messages/._0x102-installhelp.txt b/etc/templates/en/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/en/messages/._0x103-thanksforusing.txt b/etc/templates/en/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/en/messages/._0x104-client.txt b/etc/templates/en/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/messages/._0x104-client.txt differ
diff --git a/etc/templates/en/messages/._0x105-noboot.txt b/etc/templates/en/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/en/messages/._0x106-logs.txt b/etc/templates/en/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/messages/._0x106-logs.txt differ
diff --git a/etc/templates/en/messages/._0x107-ar.txt b/etc/templates/en/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/messages/._0x107-ar.txt differ
diff --git a/etc/templates/en/messages/._0x108-ar-enabled.txt b/etc/templates/en/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/en/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/es/._language.txt b/etc/templates/es/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/._language.txt differ
diff --git a/etc/templates/es/._messages.txt b/etc/templates/es/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/._messages.txt differ
diff --git a/etc/templates/es/errors/._0x1-location.txt b/etc/templates/es/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/errors/._0x1-location.txt differ
diff --git a/etc/templates/es/errors/._0x2-beroot.txt b/etc/templates/es/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/es/errors/._0x3-dependencies.txt b/etc/templates/es/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/es/errors/._0x4-installtype.txt b/etc/templates/es/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/es/errors/._0x5-build.txt b/etc/templates/es/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/errors/._0x5-build.txt differ
diff --git a/etc/templates/es/messages/._0x101-initial.txt b/etc/templates/es/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/messages/._0x101-initial.txt differ
diff --git a/etc/templates/es/messages/._0x102-installhelp.txt b/etc/templates/es/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/es/messages/._0x103-thanksforusing.txt b/etc/templates/es/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/es/messages/._0x104-client.txt b/etc/templates/es/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/messages/._0x104-client.txt differ
diff --git a/etc/templates/es/messages/._0x105-noboot.txt b/etc/templates/es/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/es/messages/._0x106-logs.txt b/etc/templates/es/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/messages/._0x106-logs.txt differ
diff --git a/etc/templates/es/messages/._0x107-ar.txt b/etc/templates/es/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/messages/._0x107-ar.txt differ
diff --git a/etc/templates/es/messages/._0x108-ar-enabled.txt b/etc/templates/es/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/es/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/fr/._language.txt b/etc/templates/fr/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/._language.txt differ
diff --git a/etc/templates/fr/._messages.txt b/etc/templates/fr/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/._messages.txt differ
diff --git a/etc/templates/fr/errors/._0x1-location.txt b/etc/templates/fr/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/errors/._0x1-location.txt differ
diff --git a/etc/templates/fr/errors/._0x2-beroot.txt b/etc/templates/fr/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/fr/errors/._0x3-dependencies.txt b/etc/templates/fr/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/fr/errors/._0x4-installtype.txt b/etc/templates/fr/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/fr/errors/._0x5-build.txt b/etc/templates/fr/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/errors/._0x5-build.txt differ
diff --git a/etc/templates/fr/messages/._0x101-initial.txt b/etc/templates/fr/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/messages/._0x101-initial.txt differ
diff --git a/etc/templates/fr/messages/._0x102-installhelp.txt b/etc/templates/fr/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/fr/messages/._0x103-thanksforusing.txt b/etc/templates/fr/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/fr/messages/._0x104-client.txt b/etc/templates/fr/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/messages/._0x104-client.txt differ
diff --git a/etc/templates/fr/messages/._0x105-noboot.txt b/etc/templates/fr/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/fr/messages/._0x106-logs.txt b/etc/templates/fr/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/messages/._0x106-logs.txt differ
diff --git a/etc/templates/fr/messages/._0x107-ar.txt b/etc/templates/fr/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/messages/._0x107-ar.txt differ
diff --git a/etc/templates/fr/messages/._0x108-ar-enabled.txt b/etc/templates/fr/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/fr/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/hu/._language.txt b/etc/templates/hu/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/._language.txt differ
diff --git a/etc/templates/hu/._messages.txt b/etc/templates/hu/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/._messages.txt differ
diff --git a/etc/templates/hu/errors/._0x1-location.txt b/etc/templates/hu/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/errors/._0x1-location.txt differ
diff --git a/etc/templates/hu/errors/._0x2-beroot.txt b/etc/templates/hu/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/hu/errors/._0x3-dependencies.txt b/etc/templates/hu/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/hu/errors/._0x4-installtype.txt b/etc/templates/hu/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/hu/errors/._0x5-build.txt b/etc/templates/hu/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/errors/._0x5-build.txt differ
diff --git a/etc/templates/hu/messages/._0x101-initial.txt b/etc/templates/hu/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/messages/._0x101-initial.txt differ
diff --git a/etc/templates/hu/messages/._0x102-installhelp.txt b/etc/templates/hu/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/hu/messages/._0x103-thanksforusing.txt b/etc/templates/hu/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/hu/messages/._0x104-client.txt b/etc/templates/hu/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/messages/._0x104-client.txt differ
diff --git a/etc/templates/hu/messages/._0x105-noboot.txt b/etc/templates/hu/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/hu/messages/._0x106-logs.txt b/etc/templates/hu/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/messages/._0x106-logs.txt differ
diff --git a/etc/templates/hu/messages/._0x107-ar.txt b/etc/templates/hu/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/messages/._0x107-ar.txt differ
diff --git a/etc/templates/hu/messages/._0x108-ar-enabled.txt b/etc/templates/hu/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/hu/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/it/._language.txt b/etc/templates/it/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/._language.txt differ
diff --git a/etc/templates/it/._messages.txt b/etc/templates/it/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/._messages.txt differ
diff --git a/etc/templates/it/errors/._0x1-location.txt b/etc/templates/it/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/errors/._0x1-location.txt differ
diff --git a/etc/templates/it/errors/._0x2-beroot.txt b/etc/templates/it/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/it/errors/._0x3-dependencies.txt b/etc/templates/it/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/it/errors/._0x4-installtype.txt b/etc/templates/it/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/it/errors/._0x5-build.txt b/etc/templates/it/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/errors/._0x5-build.txt differ
diff --git a/etc/templates/it/messages/._0x101-initial.txt b/etc/templates/it/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/messages/._0x101-initial.txt differ
diff --git a/etc/templates/it/messages/._0x102-installhelp.txt b/etc/templates/it/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/it/messages/._0x103-thanksforusing.txt b/etc/templates/it/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/it/messages/._0x104-client.txt b/etc/templates/it/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/messages/._0x104-client.txt differ
diff --git a/etc/templates/it/messages/._0x105-noboot.txt b/etc/templates/it/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/it/messages/._0x106-logs.txt b/etc/templates/it/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/messages/._0x106-logs.txt differ
diff --git a/etc/templates/it/messages/._0x107-ar.txt b/etc/templates/it/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/messages/._0x107-ar.txt differ
diff --git a/etc/templates/it/messages/._0x108-ar-enabled.txt b/etc/templates/it/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/it/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/jp/._language.txt b/etc/templates/jp/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/._language.txt differ
diff --git a/etc/templates/jp/._messages.txt b/etc/templates/jp/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/._messages.txt differ
diff --git a/etc/templates/jp/errors/._0x1-location.txt b/etc/templates/jp/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/errors/._0x1-location.txt differ
diff --git a/etc/templates/jp/errors/._0x2-beroot.txt b/etc/templates/jp/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/jp/errors/._0x3-dependencies.txt b/etc/templates/jp/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/jp/errors/._0x4-installtype.txt b/etc/templates/jp/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/jp/errors/._0x5-build.txt b/etc/templates/jp/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/errors/._0x5-build.txt differ
diff --git a/etc/templates/jp/messages/._0x101-initial.txt b/etc/templates/jp/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/messages/._0x101-initial.txt differ
diff --git a/etc/templates/jp/messages/._0x102-installhelp.txt b/etc/templates/jp/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/jp/messages/._0x103-thanksforusing.txt b/etc/templates/jp/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/jp/messages/._0x104-client.txt b/etc/templates/jp/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/messages/._0x104-client.txt differ
diff --git a/etc/templates/jp/messages/._0x105-noboot.txt b/etc/templates/jp/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/jp/messages/._0x106-logs.txt b/etc/templates/jp/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/messages/._0x106-logs.txt differ
diff --git a/etc/templates/jp/messages/._0x107-ar.txt b/etc/templates/jp/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/messages/._0x107-ar.txt differ
diff --git a/etc/templates/jp/messages/._0x108-ar-enabled.txt b/etc/templates/jp/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/jp/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/nl/._language.txt b/etc/templates/nl/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/._language.txt differ
diff --git a/etc/templates/nl/._messages.txt b/etc/templates/nl/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/._messages.txt differ
diff --git a/etc/templates/nl/errors/._0x1-location.txt b/etc/templates/nl/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/errors/._0x1-location.txt differ
diff --git a/etc/templates/nl/errors/._0x2-beroot.txt b/etc/templates/nl/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/nl/errors/._0x3-dependencies.txt b/etc/templates/nl/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/nl/errors/._0x4-installtype.txt b/etc/templates/nl/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/nl/errors/._0x5-build.txt b/etc/templates/nl/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/errors/._0x5-build.txt differ
diff --git a/etc/templates/nl/messages/._0x101-initial.txt b/etc/templates/nl/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/messages/._0x101-initial.txt differ
diff --git a/etc/templates/nl/messages/._0x102-installhelp.txt b/etc/templates/nl/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/nl/messages/._0x103-thanksforusing.txt b/etc/templates/nl/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/nl/messages/._0x104-client.txt b/etc/templates/nl/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/messages/._0x104-client.txt differ
diff --git a/etc/templates/nl/messages/._0x105-noboot.txt b/etc/templates/nl/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/nl/messages/._0x106-logs.txt b/etc/templates/nl/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/messages/._0x106-logs.txt differ
diff --git a/etc/templates/nl/messages/._0x107-ar.txt b/etc/templates/nl/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/messages/._0x107-ar.txt differ
diff --git a/etc/templates/nl/messages/._0x108-ar-enabled.txt b/etc/templates/nl/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/nl/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/pl/._language.txt b/etc/templates/pl/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/._language.txt differ
diff --git a/etc/templates/pl/._messages.txt b/etc/templates/pl/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/._messages.txt differ
diff --git a/etc/templates/pl/errors/._0x1-location.txt b/etc/templates/pl/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/errors/._0x1-location.txt differ
diff --git a/etc/templates/pl/errors/._0x2-beroot.txt b/etc/templates/pl/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/pl/errors/._0x3-dependencies.txt b/etc/templates/pl/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/pl/errors/._0x4-installtype.txt b/etc/templates/pl/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/pl/errors/._0x5-build.txt b/etc/templates/pl/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/errors/._0x5-build.txt differ
diff --git a/etc/templates/pl/messages/._0x101-initial.txt b/etc/templates/pl/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/messages/._0x101-initial.txt differ
diff --git a/etc/templates/pl/messages/._0x102-installhelp.txt b/etc/templates/pl/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/pl/messages/._0x103-thanksforusing.txt b/etc/templates/pl/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/pl/messages/._0x104-client.txt b/etc/templates/pl/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/messages/._0x104-client.txt differ
diff --git a/etc/templates/pl/messages/._0x105-noboot.txt b/etc/templates/pl/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/pl/messages/._0x106-logs.txt b/etc/templates/pl/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/messages/._0x106-logs.txt differ
diff --git a/etc/templates/pl/messages/._0x107-ar.txt b/etc/templates/pl/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/messages/._0x107-ar.txt differ
diff --git a/etc/templates/pl/messages/._0x108-ar-enabled.txt b/etc/templates/pl/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/pl/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/ru/._language.txt b/etc/templates/ru/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/._language.txt differ
diff --git a/etc/templates/ru/._messages.txt b/etc/templates/ru/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/._messages.txt differ
diff --git a/etc/templates/ru/errors/._0x1-location.txt b/etc/templates/ru/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/errors/._0x1-location.txt differ
diff --git a/etc/templates/ru/errors/._0x2-beroot.txt b/etc/templates/ru/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/ru/errors/._0x3-dependencies.txt b/etc/templates/ru/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/ru/errors/._0x4-installtype.txt b/etc/templates/ru/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/ru/errors/._0x5-build.txt b/etc/templates/ru/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/errors/._0x5-build.txt differ
diff --git a/etc/templates/ru/messages/._0x101-initial.txt b/etc/templates/ru/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/messages/._0x101-initial.txt differ
diff --git a/etc/templates/ru/messages/._0x102-installhelp.txt b/etc/templates/ru/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/ru/messages/._0x103-thanksforusing.txt b/etc/templates/ru/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/ru/messages/._0x104-client.txt b/etc/templates/ru/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/messages/._0x104-client.txt differ
diff --git a/etc/templates/ru/messages/._0x105-noboot.txt b/etc/templates/ru/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/ru/messages/._0x106-logs.txt b/etc/templates/ru/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/messages/._0x106-logs.txt differ
diff --git a/etc/templates/ru/messages/._0x107-ar.txt b/etc/templates/ru/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/messages/._0x107-ar.txt differ
diff --git a/etc/templates/ru/messages/._0x108-ar-enabled.txt b/etc/templates/ru/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/ru/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/sr/._language.txt b/etc/templates/sr/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/._language.txt differ
diff --git a/etc/templates/sr/._messages.txt b/etc/templates/sr/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/._messages.txt differ
diff --git a/etc/templates/sr/errors/._0x1-location.txt b/etc/templates/sr/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/errors/._0x1-location.txt differ
diff --git a/etc/templates/sr/errors/._0x2-beroot.txt b/etc/templates/sr/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/sr/errors/._0x3-dependencies.txt b/etc/templates/sr/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/sr/errors/._0x4-installtype.txt b/etc/templates/sr/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/sr/errors/._0x5-build.txt b/etc/templates/sr/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/errors/._0x5-build.txt differ
diff --git a/etc/templates/sr/messages/._0x101-initial.txt b/etc/templates/sr/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/messages/._0x101-initial.txt differ
diff --git a/etc/templates/sr/messages/._0x102-installhelp.txt b/etc/templates/sr/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/sr/messages/._0x103-thanksforusing.txt b/etc/templates/sr/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/sr/messages/._0x104-client.txt b/etc/templates/sr/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/messages/._0x104-client.txt differ
diff --git a/etc/templates/sr/messages/._0x105-noboot.txt b/etc/templates/sr/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/sr/messages/._0x106-logs.txt b/etc/templates/sr/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/messages/._0x106-logs.txt differ
diff --git a/etc/templates/sr/messages/._0x107-ar.txt b/etc/templates/sr/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/messages/._0x107-ar.txt differ
diff --git a/etc/templates/sr/messages/._0x108-ar-enabled.txt b/etc/templates/sr/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/sr/messages/._0x108-ar-enabled.txt differ
diff --git a/etc/templates/tr/._language.txt b/etc/templates/tr/._language.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/._language.txt differ
diff --git a/etc/templates/tr/._messages.txt b/etc/templates/tr/._messages.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/._messages.txt differ
diff --git a/etc/templates/tr/errors/._0x1-location.txt b/etc/templates/tr/errors/._0x1-location.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/errors/._0x1-location.txt differ
diff --git a/etc/templates/tr/errors/._0x2-beroot.txt b/etc/templates/tr/errors/._0x2-beroot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/errors/._0x2-beroot.txt differ
diff --git a/etc/templates/tr/errors/._0x3-dependencies.txt b/etc/templates/tr/errors/._0x3-dependencies.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/errors/._0x3-dependencies.txt differ
diff --git a/etc/templates/tr/errors/._0x4-installtype.txt b/etc/templates/tr/errors/._0x4-installtype.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/errors/._0x4-installtype.txt differ
diff --git a/etc/templates/tr/errors/._0x5-build.txt b/etc/templates/tr/errors/._0x5-build.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/errors/._0x5-build.txt differ
diff --git a/etc/templates/tr/messages/._0x101-initial.txt b/etc/templates/tr/messages/._0x101-initial.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/messages/._0x101-initial.txt differ
diff --git a/etc/templates/tr/messages/._0x102-installhelp.txt b/etc/templates/tr/messages/._0x102-installhelp.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/messages/._0x102-installhelp.txt differ
diff --git a/etc/templates/tr/messages/._0x103-thanksforusing.txt b/etc/templates/tr/messages/._0x103-thanksforusing.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/messages/._0x103-thanksforusing.txt differ
diff --git a/etc/templates/tr/messages/._0x104-client.txt b/etc/templates/tr/messages/._0x104-client.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/messages/._0x104-client.txt differ
diff --git a/etc/templates/tr/messages/._0x105-noboot.txt b/etc/templates/tr/messages/._0x105-noboot.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/messages/._0x105-noboot.txt differ
diff --git a/etc/templates/tr/messages/._0x106-logs.txt b/etc/templates/tr/messages/._0x106-logs.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/messages/._0x106-logs.txt differ
diff --git a/etc/templates/tr/messages/._0x107-ar.txt b/etc/templates/tr/messages/._0x107-ar.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/messages/._0x107-ar.txt differ
diff --git a/etc/templates/tr/messages/._0x108-ar-enabled.txt b/etc/templates/tr/messages/._0x108-ar-enabled.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/etc/templates/tr/messages/._0x108-ar-enabled.txt differ
diff --git a/install.sh b/install.sh
index 798f5cd..fb82917 100755
--- a/install.sh
+++ b/install.sh
@@ -128,7 +128,7 @@ Install()
     echo "TYPE=\"${INSTYPE}\"" >> ${OSSEC_INIT}
     chmod 600 ${OSSEC_INIT}
     cp -pr ${OSSEC_INIT} ${INSTALLDIR}${OSSEC_INIT}
-    chmod 640 ${INSTALLDIR}${OSSEC_INIT}
+    chmod 644 ${INSTALLDIR}${OSSEC_INIT}
 
 
     # If update_rules is set, we need to tweak
@@ -369,7 +369,7 @@ ConfigureClient()
         echo "3- ${configuring} $NAME."
         echo ""
 
-    if [ "X${USER_AGENT_SERVER_IP}" = "X" -a "X${USER_AGENT_SERVER_NAME}" = "X" ]; then
+    if [[ "X${USER_AGENT_SERVER_IP}" = "X" && "X${USER_AGENT_SERVER_NAME}" = "X" ]]; then
         # Looping and asking for server ip or hostname
         while [ 1 ]; do
             $ECHO "  3.1- ${serveraddr}: "
diff --git a/src/._Config.Make b/src/._Config.Make
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/._Config.Make differ
diff --git a/src/._InstallAgent.sh b/src/._InstallAgent.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/._InstallAgent.sh differ
diff --git a/src/._InstallServer.sh b/src/._InstallServer.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/._InstallServer.sh differ
diff --git a/src/._LOCATION b/src/._LOCATION
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/._LOCATION differ
diff --git a/src/._Makeall b/src/._Makeall
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/._Makeall differ
diff --git a/src/._Makefile b/src/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/._Makefile differ
diff --git a/src/._VERSION b/src/._VERSION
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/._VERSION differ
diff --git a/src/InstallAgent.sh b/src/InstallAgent.sh
index 6f42f5b..4dcd94c 100755
--- a/src/InstallAgent.sh
+++ b/src/InstallAgent.sh
@@ -67,15 +67,14 @@ elif [ "$UNAME" = "Darwin" ]; then
     id -u ${USER} > /dev/null 2>&1
     if [ ! $? = 0 ]; then
 
-        # Creating for <= 10.4
-        /usr/bin/sw_vers 2>/dev/null| grep "ProductVersion" | grep -E "10.2.|10.3|10.4" > /dev/null 2>&1
+        # Creating for 10.5
+        /usr/bin/sw_vers 2>/dev/null| grep "ProductVersion" | grep -E "10.5.|10.6" > /dev/null 2>&1
         if [ $? = 0 ]; then
-
-	    chmod +x ./init/darwin-addusers.pl
-            ./init/darwin-addusers.pl
-	else
             chmod +x ./init/osx105-addusers.sh
             ./init/osx105-addusers.sh
+        else
+            chmod +x ./init/darwin-addusers.pl
+            ./init/darwin-addusers.pl    
         fi        
     fi
 else
@@ -190,13 +189,13 @@ chown root:${GROUP} ${DIR}/var/run
 
 
 # Moving the binary files
-cp -pr client-agent/ossec-agentd ${DIR}/bin/
-cp -pr os_auth/agent-auth ${DIR}/bin/
-cp -pr logcollector/ossec-logcollector ${DIR}/bin/
-cp -pr syscheckd/ossec-syscheckd ${DIR}/bin/
-cp -pr os_execd/ossec-execd ${DIR}/bin/
+cp -pr ../bin/ossec-agentd ${DIR}/bin/
+cp -pr ../bin/agent-auth ${DIR}/bin/
+cp -pr ../bin/ossec-logcollector ${DIR}/bin/
+cp -pr ../bin/ossec-syscheckd ${DIR}/bin/
+cp -pr ../bin/ossec-execd ${DIR}/bin/
 cp -pr ./init/ossec-client.sh ${DIR}/bin/ossec-control
-cp -pr addagent/manage_agents ${DIR}/bin/
+cp -pr ../bin/manage_agents ${DIR}/bin/
 cp -pr ../contrib/util.sh ${DIR}/bin/
 chown root:${GROUP} ${DIR}/bin/util.sh
 chmod +x ${DIR}/bin/util.sh
diff --git a/src/InstallServer.sh b/src/InstallServer.sh
index 24444ce..18c09c7 100755
--- a/src/InstallServer.sh
+++ b/src/InstallServer.sh
@@ -81,14 +81,14 @@ elif [ "$UNAME" = "Darwin" ]; then
     id -u ${USER} > /dev/null 2>&1
     if [ ! $? = 0 ]; then
 
-        # Creating for <= 10.4
-        /usr/bin/sw_vers 2>/dev/null| grep "ProductVersion" | grep -E "10.2.|10.3|10.4" > /dev/null 2>&1
+        # Creating for 10.5 and 10.6
+        /usr/bin/sw_vers 2>/dev/null| grep "ProductVersion" | grep -E "10.5.|10.6" > /dev/null 2>&1
         if [ $? = 0 ]; then
-            chmod +x ./init/darwin-addusers.pl
-            ./init/darwin-addusers.pl    
-        else
             chmod +x ./init/osx105-addusers.sh
             ./init/osx105-addusers.sh
+        else
+            chmod +x ./init/darwin-addusers.pl
+            ./init/darwin-addusers.pl    
         fi        
     fi    
 else
@@ -121,10 +121,8 @@ for i in ${subdirs}; do
 done
 
 # Default for all directories
-chmod 550 ${DIR}
-chmod 550 ${DIR}/*
-chown root:${GROUP} ${DIR}
-chown root:${GROUP} ${DIR}/*
+chmod -R 550 ${DIR}
+chown -R root:${GROUP} ${DIR}
 
 # AnalysisD needs to write to alerts: log, mail and cmds
 chown -R ${USER}:${GROUP} ${DIR}/queue/alerts
@@ -148,21 +146,20 @@ chown -R ${USER}:${GROUP} ${DIR}/queue/rootcheck
 chmod -R 750 ${DIR}/queue/rootcheck
 chmod 740 ${DIR}/queue/rootcheck/* > /dev/null 2>&1
 
-chown ${USER}:${GROUP} ${DIR}/queue/diff
-chown ${USER}:${GROUP} ${DIR}/queue/diff/* > /dev/null 2>&1
-chmod 750 ${DIR}/queue/diff
+chown -R ${USER}:${GROUP} ${DIR}/queue/diff
+chmod -R 750 ${DIR}/queue/diff
 chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1
 
 chown -R ${USER_REM}:${GROUP} ${DIR}/queue/agent-info
-chmod -R 750 ${DIR}/queue/agent-info
-chmod 740 ${DIR}/queue/agent-info/* > /dev/null 2>&1
+chmod -R 755 ${DIR}/queue/agent-info
+chmod 744 ${DIR}/queue/agent-info/* > /dev/null 2>&1
 chown -R ${USER_REM}:${GROUP} ${DIR}/queue/rids
-chmod -R 750 ${DIR}/queue/rids
-chmod 740 ${DIR}/queue/rids/* > /dev/null 2>&1
+chmod -R 755 ${DIR}/queue/rids
+chmod 744 ${DIR}/queue/rids/* > /dev/null 2>&1
 
 chown -R ${USER}:${GROUP} ${DIR}/queue/agentless
-chmod -R 750 ${DIR}/queue/agentless
-chmod 740 ${DIR}/queue/agentless/* > /dev/null 2>&1
+chmod -R 755 ${DIR}/queue/agentless
+chmod 744 ${DIR}/queue/agentless/* > /dev/null 2>&1
 
 
 # For the stats directory
@@ -172,13 +169,12 @@ chmod -R 750 ${DIR}/stats
 # For the logging user
 chown -R ${USER}:${GROUP} ${DIR}/logs
 chmod -R 750 ${DIR}/logs
-touch ${DIR}/logs/ossec.log
-chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
-chmod 660 ${DIR}/logs/ossec.log
-
 touch ${DIR}/logs/active-responses.log
 chown ${USER}:${GROUP} ${DIR}/logs/active-responses.log
 chmod 660 ${DIR}/logs/active-responses.log
+touch ${DIR}/logs/ossec.log
+chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
+chmod 664 ${DIR}/logs/ossec.log
 
 # For the rules directory
 ls ${DIR}/rules/*.xml > /dev/null 2>&1
@@ -196,7 +192,6 @@ if [ $? = 0 ]; then
 fi
     
 cp -pr ../etc/rules/* ${DIR}/rules/
-find ${DIR}/rules/ -type f -exec chmod 440 {} \;
 
 # If the local_rules is saved, moved it back
 ls ${DIR}/rules/saved_local_rules.xml.$$ > /dev/null 2>&1
@@ -214,21 +209,21 @@ chown -R root:${GROUP} ${DIR}/etc
 ls /etc/localtime > /dev/null 2>&1
 if [ $? = 0 ]; then
     cp -pL /etc/localtime ${DIR}/etc/;
-    chmod 440 ${DIR}/etc/localtime
+    chmod 555 ${DIR}/etc/localtime
     chown root:${GROUP} ${DIR}/etc/localtime 
 fi
 
 # Solaris Needs some extra files
 if [ "$UNAME" = "SunOS" ]; then
     mkdir -p ${DIR}/usr/share/lib/zoneinfo/
-    chmod -R 550 ${DIR}/usr/
+    chmod -R 555 ${DIR}/usr/
     cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/
 fi
 
 ls /etc/TIMEZONE > /dev/null 2>&1
 if [ $? = 0 ]; then
     cp -p /etc/TIMEZONE ${DIR}/etc/;
-    chmod 550 ${DIR}/etc/TIMEZONE
+    chmod 555 ${DIR}/etc/TIMEZONE
 fi
                         
 
@@ -237,23 +232,15 @@ chmod 770 ${DIR}/var/run
 chown root:${GROUP} ${DIR}/var/run
 
 # Moving the binary files
-cp -pr addagent/manage_agents agentlessd/ossec-agentlessd \
-        analysisd/ossec-analysisd logcollector/ossec-logcollector \
-        monitord/ossec-monitord monitord/ossec-reportd \
-        os_execd/ossec-execd os_maild/ossec-maild \
-        remoted/ossec-remoted syscheckd/ossec-syscheckd \
-	analysisd/ossec-logtest os_csyslogd/ossec-csyslogd \
-	os_auth/ossec-authd os_dbd/ossec-dbd analysisd/ossec-makelists \
-	${DIR}/bin/
-
-cp -pr util/verify-agent-conf ${DIR}/bin/
-cp -pr util/clear_stats ${DIR}/bin/
-cp -pr util/list_agents ${DIR}/bin/
-cp -pr util/ossec-regex ${DIR}/bin/
-cp -pr util/syscheck_update ${DIR}/bin/
-cp -pr util/agent_control ${DIR}/bin/
-cp -pr util/syscheck_control ${DIR}/bin/
-cp -pr util/rootcheck_control ${DIR}/bin/
+cp -pr ../bin/ossec* ${DIR}/bin/
+cp -pr ../bin/manage_agents ${DIR}/bin/
+cp -pr ../bin/syscheck_update ${DIR}/bin/
+cp -pr ../bin/verify-agent-conf ${DIR}/bin/
+cp -pr ../bin/clear_stats ${DIR}/bin/
+cp -pr ../bin/list_agents ${DIR}/bin/
+cp -pr ../bin/agent_control ${DIR}/bin/
+cp -pr ../bin/syscheck_control ${DIR}/bin/
+cp -pr ../bin/rootcheck_control ${DIR}/bin/
 cp -pr ../contrib/util.sh ${DIR}/bin/
 chown root:${GROUP} ${DIR}/bin/util.sh
 chmod +x ${DIR}/bin/util.sh
@@ -311,7 +298,7 @@ sh ./init/fw-check.sh execute > /dev/null
 cp -p ../active-response/*.sh ${DIR}/active-response/bin/
 cp -p ../active-response/firewalls/*.sh ${DIR}/active-response/bin/
 
-chmod 550 ${DIR}/active-response/bin/*
+chmod 755 ${DIR}/active-response/bin/*
 chown root:${GROUP} ${DIR}/active-response/bin/*
 
 chown root:${GROUP} ${DIR}/bin/*
diff --git a/src/Makeall b/src/Makeall
index fe361a1..94c8a95 100755
--- a/src/Makeall
+++ b/src/Makeall
@@ -68,11 +68,11 @@ if [ "X${ARGV}" = "Xall" -o "X${ARGV}" = "Xrootcheck" -o "X${ARGV}" = "Xlibs" ];
 
     # Checking for inotify
     if [ "X$OS" = "XLinux" ]; then
-        if [ -e /usr/include/sys/inotify.h ]; then
+        ls /usr/include/sys/inotify.h > /dev/null 2>&1
+        if [ $? = 0 ]; then
             echo "EEXTRA=-DUSEINOTIFY" >> Config.OS
-        elif [ -e /usr/include/linux/inotify.h ]; then
-            echo "EEXTRA=-DUSEINOTIFY" >> Config.OS
-        fi
+        fi    
+
     fi    
 
     if [ "X$OS" = "XAIX" ]; then
@@ -97,9 +97,6 @@ if [ "X${ARGV}" = "Xall" -o "X${ARGV}" = "Xrootcheck" -o "X${ARGV}" = "Xlibs" ];
 
     elif [ "X$OS" = "XDarwin" ]; then
         echo "EEXTRA=-DDarwin -DHIGHFIRST" >> Config.OS
-
-    elif [ "X$OS" = "XFreeBSD" ]; then
-        echo "EEXTRA=-DFreeBSD" >> Config.OS
     
     else
         
diff --git a/src/Makefile b/src/Makefile
index a96be3a..c103df3 100755
--- a/src/Makefile
+++ b/src/Makefile
@@ -47,20 +47,16 @@ setagent:
 		@echo "CEXTRA=-DCLIENT" >> ./Config.OS
 
 setclang:
-		@mv LOCATION LOCATION.backup
-		@sed -e "s/^CC=.*/CC=clang/g" LOCATION.backup > LOCATION
-		@rm LOCATION.backup
+		@sed -i '' -e "s/^CC=.*/CC=clang/g" LOCATION
 
 unsetclang:
-		@mv LOCATION LOCATION.backup
-		@sed -e "s/^CC=.*/CC=gcc/g" LOCATION.backup > LOCATION
-		@rm LOCATION.backup
+		@sed -i '' -e "s/^CC=.*/CC=gcc/g" LOCATION
 
 setprelude:
 		@echo "CPRELUDE=-DPRELUDE -lprelude `libprelude-config --pthread-cflags` `libprelude-config --libs`" >> ./Config.OS
         
 setgeoip:
-		@echo "CGEOIP=-DGEOIP -I/usr/local/include -L/usr/local/lib -lGeoIP" >> ./Config.OS
+		@echo "CGEOIP=-DGEOIP -lGeoIP" >> ./Config.OS
 
 setdb:
 		@cd ./os_dbd; echo "CDB=`./dbmake.sh`" >> ../Config.OS;
diff --git a/src/VERSION b/src/VERSION
index 4507a4d..90f0449 100755
--- a/src/VERSION
+++ b/src/VERSION
@@ -1 +1 @@
-v2.7.1-beta-1
+v2.7-beta1
diff --git a/src/addagent/._Makefile b/src/addagent/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/addagent/._Makefile differ
diff --git a/src/addagent/._b64.c b/src/addagent/._b64.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/addagent/._b64.c differ
diff --git a/src/addagent/._main.c b/src/addagent/._main.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/addagent/._main.c differ
diff --git a/src/addagent/._manage_agents.c b/src/addagent/._manage_agents.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/addagent/._manage_agents.c differ
diff --git a/src/addagent/._manage_agents.h b/src/addagent/._manage_agents.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/addagent/._manage_agents.h differ
diff --git a/src/addagent/._manage_keys.c b/src/addagent/._manage_keys.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/addagent/._manage_keys.c differ
diff --git a/src/addagent/._read_from_user.c b/src/addagent/._read_from_user.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/addagent/._read_from_user.c differ
diff --git a/src/addagent/._validate.c b/src/addagent/._validate.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/addagent/._validate.c differ
diff --git a/src/addagent/b64.c b/src/addagent/b64.c
index 45ecb49..44f0079 100755
--- a/src/addagent/b64.c
+++ b/src/addagent/b64.c
@@ -13,7 +13,7 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * General Public License for more details.
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with this program; if not, write to the Free Software Foundation,
  * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
@@ -36,7 +36,7 @@ static unsigned char decode(char c);
 
 
 /**
- *  Implementation of base64 encoding/decoding.
+ *  Implementation of base64 encoding/decoding. 
  *
  *  @author Jan-Henrik Haukeland, <hauk at tildeslash.com>
  *
@@ -68,7 +68,7 @@ char *encode_base64(int size, char *src) {
     out = (char *)calloc(sizeof(char), size*4/3+4);
     if(!out)
         return NULL;
-
+    
     p = out;
 
     for(i = 0; i < size; i+=3) {
@@ -114,45 +114,45 @@ char *encode_base64(int size, char *src) {
  * 'dest'. The dest buffer is NUL terminated.
  * Return NULL in case of error
  */
-char *decode_base64(const char *src)
+char *decode_base64(const char *src) 
 {
-    if(src && *src)
+    if(src && *src) 
     {
         char *dest;
         unsigned char *p;
         int k, l = strlen(src)+1;
         unsigned char *buf;
-
+        
         /* The size of the dest will always be less than
          * the source
          */
         dest = (char *)calloc(sizeof(char), l + 13);
         if(!dest)
             return(NULL);
-
+        
         p = (unsigned char *)dest;
-
+         
         buf = malloc(l);
         if(!buf)
             return(NULL);
 
         /* Ignore non base64 chars as per the POSIX standard */
-        for(k=0, l=0; src[k]; k++)
+        for(k=0, l=0; src[k]; k++) 
         {
-            if(is_base64(src[k]))
+            if(is_base64(src[k])) 
             {
                 buf[l++]= src[k];
             }
-        }
+        } 
 
-        for(k=0; k<l; k+=4)
+        for(k=0; k<l; k+=4) 
         {
             char c1='A', c2='A', c3='A', c4='A';
             unsigned char b1=0, b2=0, b3=0, b4=0;
 
             c1= buf[k];
 
-            if(k+1<l)
+            if(k+1<l) 
             {
                 c2= buf[k+1];
             }
@@ -246,7 +246,7 @@ int main(int argc, char **argv)
 {
     char *s;
     char *d;
-
+    
     if(argc < 2)
     {
         printf("%s string\n",argv[0]);
@@ -259,7 +259,7 @@ int main(int argc, char **argv)
 
     d = decode_base64(s);
     printf("decode:%s\n",d);
-
+    
     exit(0);
 }
 
diff --git a/src/addagent/main.c b/src/addagent/main.c
index a620ff8..1334da6 100755
--- a/src/addagent/main.c
+++ b/src/addagent/main.c
@@ -25,8 +25,7 @@ void helpmsg()
     printf("\t-l          List available agents.\n");
     printf("\t-e <id>     Extracts key for an agent (Manager only).\n");
     printf("\t-i <id>     Import authentication key (Agent only).\n");
-    printf("\t-f <file>   Bulk generate client keys from file. (Manager only).\n");
-    printf("\t            <file> contains lines in IP,NAME format.\n\n");
+    printf("\t-f <file>   Bulk generate client keys from file. (Manager only).\n\n");
     exit(1);
 }
 
diff --git a/src/addagent/read_from_user.c b/src/addagent/read_from_user.c
index c46d158..31da5e6 100755
--- a/src/addagent/read_from_user.c
+++ b/src/addagent/read_from_user.c
@@ -23,7 +23,7 @@ char *read_from_user()
 {
     memset(__user_buffer, '\0', USER_SIZE +1);
 
-    if((fgets(__user_buffer, USER_SIZE -1, stdin) == NULL) ||
+    if((fgets(__user_buffer, USER_SIZE -1, stdin) == NULL) || 
        (strlen(__user_buffer) >= (USER_SIZE -2)))
     {
         printf(INPUT_LARGE);
diff --git a/src/agentlessd/._Makefile b/src/agentlessd/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/._Makefile differ
diff --git a/src/agentlessd/._README b/src/agentlessd/._README
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/._README differ
diff --git a/src/agentlessd/._agentlessd.c b/src/agentlessd/._agentlessd.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/._agentlessd.c differ
diff --git a/src/agentlessd/._agentlessd.h b/src/agentlessd/._agentlessd.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/._agentlessd.h differ
diff --git a/src/agentlessd/._main.c b/src/agentlessd/._main.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/._main.c differ
diff --git a/src/agentlessd/agentlessd.c b/src/agentlessd/agentlessd.c
index 505d43b..8aa056f 100755
--- a/src/agentlessd/agentlessd.c
+++ b/src/agentlessd/agentlessd.c
@@ -25,7 +25,7 @@ int save_agentless_entry(char *host, char *script, char *agttype)
     char sys_location[1024 +1];
 
     sys_location[1024] = '\0';
-    snprintf(sys_location, 1024, "%s/(%s) %s",
+    snprintf(sys_location, 1024, "%s/(%s) %s", 
              AGENTLESS_ENTRYDIRPATH, script, host);
 
     fp = fopen(sys_location, "w");
@@ -51,7 +51,7 @@ int send_intcheck_msg(char *script, char *host, char *msg)
 
     sys_location[1024] = '\0';
     snprintf(sys_location, 1024, "(%s) %s->%s", script, host, SYSCHECK);
-
+    
     if(SendMSG(lessdc.queue, msg, sys_location, SYSCHECK_MQ) < 0)
     {
         merror(QUEUE_SEND, ARGV0);
@@ -77,7 +77,7 @@ int send_log_msg(char *script, char *host, char *msg)
 
     sys_location[1024] = '\0';
     snprintf(sys_location, 1024, "(%s) %s->%s", script, host, SYSCHECK);
-
+    
     if(SendMSG(lessdc.queue, msg, sys_location, LOCALFILE_MQ) < 0)
     {
         merror(QUEUE_SEND, ARGV0);
@@ -108,7 +108,7 @@ int gen_diff_alert(char *host, char *script, int alert_diff_time)
 
     snprintf(buf, 2048, "%s/%s->%s/diff.%d",
              DIFF_DIR_PATH, host, script,  alert_diff_time);
-
+    
     fp = fopen(buf, "r");
     if(!fp)
     {
@@ -133,7 +133,7 @@ int gen_diff_alert(char *host, char *script, int alert_diff_time)
         else
         {
             /* Weird diff with only one large line. */
-            buf[256] = '\0';
+            buf[256] = '\0';    
         }
     }
     else
@@ -146,19 +146,19 @@ int gen_diff_alert(char *host, char *script, int alert_diff_time)
 
     /* Getting up to 8 line changes. */
     tmp_str = buf;
-
+    
     while(tmp_str && (*tmp_str != '\0'))
     {
         tmp_str = strchr(tmp_str, '\n');
         if(!tmp_str)
-            break;
+            break;    
         else if(n >= 7)
         {
-            *tmp_str = '\0';
+            *tmp_str = '\0';    
             break;
         }
         n++;
-        tmp_str++;
+        tmp_str++;    
     }
 
 
@@ -167,10 +167,10 @@ int gen_diff_alert(char *host, char *script, int alert_diff_time)
              buf, n>=7?
              "\nMore changes..":
              "");
-
-
+    
+    
     snprintf(buf, 1024, "(%s) %s->agentless", script, host);
-
+    
     if(SendMSG(lessdc.queue, diff_alert, buf, LOCALFILE_MQ) < 0)
     {
         merror(QUEUE_SEND, ARGV0);
@@ -203,7 +203,7 @@ int check_diff_file(char *host, char *script)
 
     os_md5 md5sum_old;
     os_md5 md5sum_new;
-
+    
     old_location[1024] = '\0';
     new_location[1024] = '\0';
     tmp_location[1024] = '\0';
@@ -229,7 +229,7 @@ int check_diff_file(char *host, char *script)
     if(OS_MD5_File(new_location, md5sum_new) != 0)
     {
         merror("%s: ERROR: Invalid internal state (missing '%s').",
-               ARGV0, new_location);
+               ARGV0, new_location); 
         return(0);
     }
 
@@ -251,15 +251,15 @@ int check_diff_file(char *host, char *script)
 
     /* Run diff. */
     date_of_change = File_DateofChange(old_location);
-    snprintf(diff_cmd, 2048, "diff \"%s\" \"%s\" > \"%s/%s->%s/diff.%d\" "
+    snprintf(diff_cmd, 2048, "diff \"%s\" \"%s\" > \"%s/%s->%s/diff.%d\" " 
              "2>/dev/null",
-             tmp_location, old_location,
+             tmp_location, old_location, 
              DIFF_DIR_PATH, host, script, date_of_change);
     if(system(diff_cmd) != 256)
     {
         merror("%s: ERROR: Unable to run diff for %s->%s",
                ARGV0,  host, script);
-        return(0);
+        return(0); 
     }
 
 
@@ -277,7 +277,7 @@ FILE *open_diff_file(char *host, char *script)
 {
     FILE *fp = NULL;
     char sys_location[1024 +1];
-
+          
     sys_location[1024] = '\0';
     snprintf(sys_location, 1024, "%s/%s->%s/%s", DIFF_DIR_PATH, host, script,
              DIFF_NEW_FILE);
@@ -298,7 +298,7 @@ FILE *open_diff_file(char *host, char *script)
             }
         }
 
-        snprintf(sys_location, 1024, "%s/%s->%s/%s", DIFF_DIR_PATH, host,
+        snprintf(sys_location, 1024, "%s/%s->%s/%s", DIFF_DIR_PATH, host, 
                  script, DIFF_NEW_FILE);
         fp = fopen(sys_location, "w");
         if(!fp)
@@ -322,13 +322,13 @@ int run_periodic_cmd(agentlessd_entries *entry, int test_it)
     char command[OS_SIZE_1024 +1];
     FILE *fp;
     FILE *fp_store = NULL;
-
-
+    
+    
     buf[0] = '\0';
     command[0] = '\0';
-    command[OS_SIZE_1024] = '\0';
-
-
+    command[OS_SIZE_1024] = '\0'; 
+    
+    
     while(entry->server[i])
     {
         /* Ignored entry. */
@@ -337,14 +337,14 @@ int run_periodic_cmd(agentlessd_entries *entry, int test_it)
             i++;
             continue;
         }
-
-
-        /* We only test for the first server entry. */
+        
+        
+        /* We only test for the first server entry. */ 
         else if(test_it)
         {
             int ret_code = 0;
-            snprintf(command, OS_SIZE_1024,
-                    "%s/%s test test >/dev/null 2>&1",
+            snprintf(command, OS_SIZE_1024, 
+                    "%s/%s test test >/dev/null 2>&1", 
                     AGENTLESSDIRPATH, entry->type);
             ret_code = system(command);
 
@@ -355,7 +355,7 @@ int run_periodic_cmd(agentlessd_entries *entry, int test_it)
                 {
                     merror("%s: ERROR: Expect command not found (or bad "
                            "arguments) for '%s'.",
-                           ARGV0, entry->type);
+                           ARGV0, entry->type); 
                 }
                 merror("%s: ERROR: Test failed for '%s' (%d). Ignoring.",
                        ARGV0, entry->type, ret_code/256);
@@ -366,23 +366,23 @@ int run_periodic_cmd(agentlessd_entries *entry, int test_it)
             verbose("%s: INFO: Test passed for '%s'.", ARGV0, entry->type);
             return(0);
         }
-
+        
         if(entry->server[i][0] == 's')
         {
-            snprintf(command, OS_SIZE_1024, "%s/%s \"use_su\" \"%s\" %s 2>&1",
-                AGENTLESSDIRPATH, entry->type, entry->server[i] +1,
+            snprintf(command, OS_SIZE_1024, "%s/%s \"use_su\" \"%s\" %s 2>&1", 
+                AGENTLESSDIRPATH, entry->type, entry->server[i] +1, 
                 entry->options);
         }
         else if(entry->server[i][0] == 'o')
         {
-            snprintf(command, OS_SIZE_1024, "%s/%s \"use_sudo\" \"%s\" %s 2>&1",
-                AGENTLESSDIRPATH, entry->type, entry->server[i] +1,
+            snprintf(command, OS_SIZE_1024, "%s/%s \"use_sudo\" \"%s\" %s 2>&1", 
+                AGENTLESSDIRPATH, entry->type, entry->server[i] +1, 
                 entry->options);
         }
         else
         {
-            snprintf(command, OS_SIZE_1024, "%s/%s \"%s\" %s 2>&1",
-                AGENTLESSDIRPATH, entry->type, entry->server[i] +1,
+            snprintf(command, OS_SIZE_1024, "%s/%s \"%s\" %s 2>&1", 
+                AGENTLESSDIRPATH, entry->type, entry->server[i] +1, 
                 entry->options);
         }
 
@@ -398,23 +398,23 @@ int run_periodic_cmd(agentlessd_entries *entry, int test_it)
                 tmp_str = strchr(buf, '\n');
                 if(tmp_str)
                     *tmp_str = '\0';
-
+                    
                 if(strncmp(buf, "ERROR: ", 7) == 0)
                 {
-                    merror("%s: ERROR: %s: %s: %s", ARGV0,
+                    merror("%s: ERROR: %s: %s: %s", ARGV0, 
                            entry->type, entry->server[i] +1, buf +7);
                     entry->error_flag++;
                     break;
                 }
                 else if(strncmp(buf, "INFO: ", 6) == 0)
                 {
-                    verbose("%s: INFO: %s: %s: %s", ARGV0,
+                    verbose("%s: INFO: %s: %s: %s", ARGV0, 
                             entry->type, entry->server[i] +1, buf +6);
                 }
                 else if(strncmp(buf, "FWD: ", 4) == 0)
                 {
                     tmp_str = buf + 5;
-                    send_intcheck_msg(entry->type, entry->server[i]+1,
+                    send_intcheck_msg(entry->type, entry->server[i]+1, 
                                       tmp_str);
                 }
                 else if(strncmp(buf, "LOG: ", 4) == 0)
@@ -426,7 +426,7 @@ int run_periodic_cmd(agentlessd_entries *entry, int test_it)
                 else if((entry->state & LESSD_STATE_DIFF) &&
                         (strncmp(buf, "STORE: ", 7) == 0))
                 {
-                    fp_store = open_diff_file(entry->server[i]+1,
+                    fp_store = open_diff_file(entry->server[i]+1, 
                                               entry->type);
                 }
                 else if(fp_store)
@@ -448,14 +448,14 @@ int run_periodic_cmd(agentlessd_entries *entry, int test_it)
             }
             else
             {
-                save_agentless_entry(entry->server[i] +1,
+                save_agentless_entry(entry->server[i] +1, 
                                      entry->type, "syscheck");
             }
             pclose(fp);
         }
         else
         {
-            merror("%s: ERROR: popen failed on '%s' for '%s'.", ARGV0,
+            merror("%s: ERROR: popen failed on '%s' for '%s'.", ARGV0, 
                    entry->type, entry->server[i] +1);
             entry->error_flag++;
         }
@@ -467,7 +467,7 @@ int run_periodic_cmd(agentlessd_entries *entry, int test_it)
     {
         fclose(fp_store);
     }
-
+    
     return(0);
 }
 
@@ -476,10 +476,10 @@ int run_periodic_cmd(agentlessd_entries *entry, int test_it)
 /* Main agentlessd */
 void Agentlessd()
 {
-    time_t tm;
-    struct tm *p;
+    time_t tm;     
+    struct tm *p;       
 
-    int today = 0;		
+    int today = 0;		        
     int thismonth = 0;
     int thisyear = 0;
     int test_it = 1;
@@ -490,16 +490,16 @@ void Agentlessd()
     /* Waiting a few seconds to settle */
     sleep(2);
     memset(str, '\0', OS_SIZE_1024 +1);
-
-
+    
+    
     /* Getting currently time before starting */
     tm = time(NULL);
     p = localtime(&tm);	
-
+    
     today = p->tm_mday;
     thismonth = p->tm_mon;
     thisyear = p->tm_year+1900;
-
+                
 
     /* Connecting to the message queue
      * Exit if it fails.
@@ -535,7 +535,7 @@ void Agentlessd()
                 if(lessdc.entries[i]->error_flag != 99)
                 {
                     merror("%s: ERROR: Too many failures for '%s'. Ignoring it.",
-                           ARGV0, lessdc.entries[i]->type);
+                           ARGV0, lessdc.entries[i]->type); 
                     lessdc.entries[i]->error_flag = 99;
                 }
 
@@ -544,22 +544,22 @@ void Agentlessd()
                 continue;
             }
 
-
+            
             /* Run the check again if the frequency has elapsed. */
             if((lessdc.entries[i]->state & LESSD_STATE_PERIODIC) &&
-               ((lessdc.entries[i]->current_state +
+               ((lessdc.entries[i]->current_state + 
                  lessdc.entries[i]->frequency) < tm))
             {
                 run_periodic_cmd(lessdc.entries[i], test_it);
                 if(!test_it)
                     lessdc.entries[i]->current_state = tm;
             }
-
+            
             i++;
 
             sleep(i);
         }
-
+        
         /* We only check every minute */
         test_it = 0;
         sleep(60);
diff --git a/src/agentlessd/main.c b/src/agentlessd/main.c
index 1d3ce3b..516f485 100755
--- a/src/agentlessd/main.c
+++ b/src/agentlessd/main.c
@@ -29,7 +29,7 @@ int main(int argc, char **argv)
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
+        
 
     while((c = getopt(argc, argv, "Vdhtfu:g:D:c:")) != -1){
         switch(c){
@@ -59,14 +59,13 @@ int main(int argc, char **argv)
                 if(!optarg)
                     ErrorExit("%s: -D needs an argument",ARGV0);
                 dir=optarg;
-                break;
             case 'c':
                 if(!optarg)
                     ErrorExit("%s: -c needs an argument",ARGV0);
                 cfg = optarg;
                 break;
             case 't':
-                test_config = 1;
+                test_config = 1;    
                 break;
             default:
                 help(ARGV0);
@@ -103,30 +102,30 @@ int main(int argc, char **argv)
     if(test_config)
         exit(0);
 
-
+        
     /* Going on daemon mode */
-    if(!run_foreground)
+    if(!run_foreground) 
     {
         nowDaemon();
         goDaemonLight();
     }
     chdir(dir);
 
-
+    
     /* Exiting if not configured. */
     if(!lessdc.entries)
     {
         verbose("%s: INFO: Not configured. Exiting.", ARGV0);
         exit(0);
     }
-
-
+    
+    
     /* Privilege separation */	
     if(Privsep_SetGroup(gid) < 0)
         ErrorExit(SETGID_ERROR,ARGV0,group);
 
-
-    /* Changing user */
+    
+    /* Changing user */        
     if(Privsep_SetUser(uid) < 0)
         ErrorExit(SETUID_ERROR,ARGV0,user);
 
@@ -138,16 +137,16 @@ int main(int argc, char **argv)
     /* Signal manipulation */
     StartSIG(ARGV0);
 
-
+    
 
     /* Creating PID files */
     if(CreatePID(ARGV0, getpid()) < 0)
         ErrorExit(PID_ERROR,ARGV0);
 
-
+    
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, (int)getpid());
-
+    
 
     /* the real daemon now */	
     Agentlessd();
diff --git a/src/agentlessd/scripts/._main.exp b/src/agentlessd/scripts/._main.exp
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/scripts/._main.exp differ
diff --git a/src/agentlessd/scripts/._register_host.sh b/src/agentlessd/scripts/._register_host.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/scripts/._register_host.sh differ
diff --git a/src/agentlessd/scripts/._ssh.exp b/src/agentlessd/scripts/._ssh.exp
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/scripts/._ssh.exp differ
diff --git a/src/agentlessd/scripts/._ssh_asa-fwsmconfig_diff b/src/agentlessd/scripts/._ssh_asa-fwsmconfig_diff
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/scripts/._ssh_asa-fwsmconfig_diff differ
diff --git a/src/agentlessd/scripts/._ssh_foundry_diff b/src/agentlessd/scripts/._ssh_foundry_diff
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/scripts/._ssh_foundry_diff differ
diff --git a/src/agentlessd/scripts/._ssh_generic_diff b/src/agentlessd/scripts/._ssh_generic_diff
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/scripts/._ssh_generic_diff differ
diff --git a/src/agentlessd/scripts/._ssh_integrity_check_bsd b/src/agentlessd/scripts/._ssh_integrity_check_bsd
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/scripts/._ssh_integrity_check_bsd differ
diff --git a/src/agentlessd/scripts/._ssh_integrity_check_linux b/src/agentlessd/scripts/._ssh_integrity_check_linux
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/scripts/._ssh_integrity_check_linux differ
diff --git a/src/agentlessd/scripts/._ssh_nopass.exp b/src/agentlessd/scripts/._ssh_nopass.exp
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/scripts/._ssh_nopass.exp differ
diff --git a/src/agentlessd/scripts/._ssh_pixconfig_diff b/src/agentlessd/scripts/._ssh_pixconfig_diff
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/scripts/._ssh_pixconfig_diff differ
diff --git a/src/agentlessd/scripts/._sshlogin.exp b/src/agentlessd/scripts/._sshlogin.exp
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/scripts/._sshlogin.exp differ
diff --git a/src/agentlessd/scripts/._su.exp b/src/agentlessd/scripts/._su.exp
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/agentlessd/scripts/._su.exp differ
diff --git a/src/agentlessd/scripts/ssh_asa-fwsmconfig_diff b/src/agentlessd/scripts/ssh_asa-fwsmconfig_diff
index 7e69b63..e843367 100755
--- a/src/agentlessd/scripts/ssh_asa-fwsmconfig_diff
+++ b/src/agentlessd/scripts/ssh_asa-fwsmconfig_diff
@@ -14,8 +14,7 @@
 
 
 if {$argc < 1} {
-    send_user "ERROR: ssh_asa-fwsmconfig_diff <hostname> <commands>\n";
-    send_user "ERROR: Must be run from /var/ossec\n";
+    send_user "ERROR: ssh_pixconfig_diff <hostname> <commands>\n";
     exit 1;
 }
 
diff --git a/src/agentlessd/scripts/ssh_pixconfig_diff b/src/agentlessd/scripts/ssh_pixconfig_diff
index 57b8c9e..ba6294e 100755
--- a/src/agentlessd/scripts/ssh_pixconfig_diff
+++ b/src/agentlessd/scripts/ssh_pixconfig_diff
@@ -129,7 +129,7 @@ expect {
         send_user "ERROR: Unable to connect to remote host: $hostname .\n"
         exit 1;
     }
-    "*Password:*" {
+    "* password:*" {
         send "$pass\r"
         
         expect {
diff --git a/src/analysisd/._Makefile b/src/analysisd/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._Makefile differ
diff --git a/src/analysisd/._active-response.c b/src/analysisd/._active-response.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._active-response.c differ
diff --git a/src/analysisd/._active-response.h b/src/analysisd/._active-response.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._active-response.h differ
diff --git a/src/analysisd/._analysisd.c b/src/analysisd/._analysisd.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._analysisd.c differ
diff --git a/src/analysisd/._analysisd.h b/src/analysisd/._analysisd.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._analysisd.h differ
diff --git a/src/analysisd/._cleanevent.c b/src/analysisd/._cleanevent.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._cleanevent.c differ
diff --git a/src/analysisd/._config.c b/src/analysisd/._config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._config.c differ
diff --git a/src/analysisd/._config.h b/src/analysisd/._config.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._config.h differ
diff --git a/src/analysisd/._dodiff.c b/src/analysisd/._dodiff.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._dodiff.c differ
diff --git a/src/analysisd/._eventinfo.c b/src/analysisd/._eventinfo.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._eventinfo.c differ
diff --git a/src/analysisd/._eventinfo.h b/src/analysisd/._eventinfo.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._eventinfo.h differ
diff --git a/src/analysisd/._eventinfo_list.c b/src/analysisd/._eventinfo_list.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._eventinfo_list.c differ
diff --git a/src/analysisd/._fts.c b/src/analysisd/._fts.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._fts.c differ
diff --git a/src/analysisd/._fts.h b/src/analysisd/._fts.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._fts.h differ
diff --git a/src/analysisd/._lists.c b/src/analysisd/._lists.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._lists.c differ
diff --git a/src/analysisd/._lists.h b/src/analysisd/._lists.h
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._lists.h differ
diff --git a/src/analysisd/._lists_list.c b/src/analysisd/._lists_list.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._lists_list.c differ
diff --git a/src/analysisd/._lists_make.c b/src/analysisd/._lists_make.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._lists_make.c differ
diff --git a/src/analysisd/._lists_make.h b/src/analysisd/._lists_make.h
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._lists_make.h differ
diff --git a/src/analysisd/._makelists.c b/src/analysisd/._makelists.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._makelists.c differ
diff --git a/src/analysisd/._makelists.h b/src/analysisd/._makelists.h
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._makelists.h differ
diff --git a/src/analysisd/._picviz.c b/src/analysisd/._picviz.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._picviz.c differ
diff --git a/src/analysisd/._picviz.h b/src/analysisd/._picviz.h
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._picviz.h differ
diff --git a/src/analysisd/._prelude.c b/src/analysisd/._prelude.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._prelude.c differ
diff --git a/src/analysisd/._prelude.h b/src/analysisd/._prelude.h
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._prelude.h differ
diff --git a/src/analysisd/._rules.c b/src/analysisd/._rules.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._rules.c differ
diff --git a/src/analysisd/._rules.h b/src/analysisd/._rules.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._rules.h differ
diff --git a/src/analysisd/._rules_list.c b/src/analysisd/._rules_list.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._rules_list.c differ
diff --git a/src/analysisd/._stats.c b/src/analysisd/._stats.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._stats.c differ
diff --git a/src/analysisd/._stats.h b/src/analysisd/._stats.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._stats.h differ
diff --git a/src/analysisd/._testrule.c b/src/analysisd/._testrule.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/._testrule.c differ
diff --git a/src/analysisd/active-response.c b/src/analysisd/active-response.c
index f6f2414..fd27c37 100755
--- a/src/analysisd/active-response.c
+++ b/src/analysisd/active-response.c
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 #include "shared.h"
 #include "active-response.h"
 
@@ -56,7 +56,7 @@ int AR_ReadConfig(int test_config, char *cfgfile)
 
 
     /* Setting right permission */
-    chmod(DEFAULTARPATH, 0440);
+    chmod(DEFAULTARPATH, 0444);
 
 
     /* Reading configuration */
diff --git a/src/analysisd/active-response.h b/src/analysisd/active-response.h
index 3c3fc11..b34b49f 100755
--- a/src/analysisd/active-response.h
+++ b/src/analysisd/active-response.h
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 #ifndef _AR__H
 #define _AR__H
 
@@ -29,7 +29,7 @@ void AR_Init();
  * to the appropriate lists.
  */
 int AR_ReadConfig(int test_config, char *cfgfile);
-
+     
 
 /* Active response commands */
 OSList *ar_commands;
diff --git a/src/analysisd/alerts/._Makefile b/src/analysisd/alerts/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/alerts/._Makefile differ
diff --git a/src/analysisd/alerts/._alerts.h b/src/analysisd/alerts/._alerts.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/alerts/._alerts.h differ
diff --git a/src/analysisd/alerts/._exec.c b/src/analysisd/alerts/._exec.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/alerts/._exec.c differ
diff --git a/src/analysisd/alerts/._exec.h b/src/analysisd/alerts/._exec.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/alerts/._exec.h differ
diff --git a/src/analysisd/alerts/._getloglocation.c b/src/analysisd/alerts/._getloglocation.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/alerts/._getloglocation.c differ
diff --git a/src/analysisd/alerts/._getloglocation.h b/src/analysisd/alerts/._getloglocation.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/alerts/._getloglocation.h differ
diff --git a/src/analysisd/alerts/._log.c b/src/analysisd/alerts/._log.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/alerts/._log.c differ
diff --git a/src/analysisd/alerts/._log.h b/src/analysisd/alerts/._log.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/alerts/._log.h differ
diff --git a/src/analysisd/alerts/._mail.c b/src/analysisd/alerts/._mail.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/alerts/._mail.c differ
diff --git a/src/analysisd/alerts/alerts.h b/src/analysisd/alerts/alerts.h
index 92d9325..011238a 100755
--- a/src/analysisd/alerts/alerts.h
+++ b/src/analysisd/alerts/alerts.h
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
diff --git a/src/analysisd/alerts/exec.c b/src/analysisd/alerts/exec.c
index 073ac58..b7857ea 100755
--- a/src/analysisd/alerts/exec.c
+++ b/src/analysisd/alerts/exec.c
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
@@ -26,7 +26,7 @@
 #include "eventinfo.h"
 
 
-/* OS_Exec v0.1
+/* OS_Exec v0.1 
  */
 void OS_Exec(int *execq, int *arq, Eventinfo *lf, active_response *ar)
 {
@@ -41,7 +41,7 @@ void OS_Exec(int *execq, int *arq, Eventinfo *lf, active_response *ar)
         if(strncmp(lf->srcip, "::ffff:", 7) == 0)
         {
             ip = lf->srcip + 7;
-        }
+        } 
         else
         {
             ip = lf->srcip;
@@ -63,7 +63,7 @@ void OS_Exec(int *execq, int *arq, Eventinfo *lf, active_response *ar)
             OSMatch **wl;
 
             srcip_size = strlen(ip);
-
+        
             wl = Config.hostname_white_list;
             while(*wl)
             {
@@ -77,8 +77,8 @@ void OS_Exec(int *execq, int *arq, Eventinfo *lf, active_response *ar)
     {
         ip = "-";
     }
-
-
+   
+   
     /* Getting username */
     if(lf->dstuser && (ar->ar_cmd->expect & USERNAME))
     {
@@ -90,17 +90,17 @@ void OS_Exec(int *execq, int *arq, Eventinfo *lf, active_response *ar)
     }
 
 
-    /* active response on the server.
+    /* active response on the server. 
      * The response must be here if the ar->location is set to AS
      * or the ar->location is set to local (REMOTE_AGENT) and the
      * event location is from here.
-     */
+     */         
     if((ar->location & AS_ONLY) ||
       ((ar->location & REMOTE_AGENT) && (lf->location[0] != '(')) )
     {
         if(!(Config.ar & LOCAL_AR))
             return;
-
+            
         snprintf(exec_msg, OS_SIZE_1024,
                 "%s %s %s %d.%ld %d %s",
                 ar->name,
@@ -116,9 +116,9 @@ void OS_Exec(int *execq, int *arq, Eventinfo *lf, active_response *ar)
             merror("%s: Error communicating with execd.", ARGV0);
         }
     }
+   
 
-
-    /* Active response to the forwarder */
+    /* Active response to the forwarder */ 
     else if((Config.ar & REMOTE_AR))
     {
 	int rc;
@@ -153,7 +153,7 @@ void OS_Exec(int *execq, int *arq, Eventinfo *lf, active_response *ar)
                 	__crt_ftell,
                 	lf->generated_rule->sigid);
 	}
-
+      
         if((rc = OS_SendUnix(*arq, exec_msg, 0)) < 0)
         {
             if(rc == OS_SOCKBUSY)
@@ -162,12 +162,12 @@ void OS_Exec(int *execq, int *arq, Eventinfo *lf, active_response *ar)
             }
             else
             {
-                merror("%s: AR socket error (shutdown?).", ARGV0);
+                merror("%s: AR socket error (shutdown?).", ARGV0);   
             }
             merror("%s: Error communicating with ar queue (%d).", ARGV0, rc);
         }
     }
-
+    
     return;
 }
 
diff --git a/src/analysisd/alerts/exec.h b/src/analysisd/alerts/exec.h
index 674796d..773cd83 100755
--- a/src/analysisd/alerts/exec.h
+++ b/src/analysisd/alerts/exec.h
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
diff --git a/src/analysisd/alerts/getloglocation.c b/src/analysisd/alerts/getloglocation.c
index 652696a..d3cee2b 100755
--- a/src/analysisd/alerts/getloglocation.c
+++ b/src/analysisd/alerts/getloglocation.c
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
@@ -22,32 +22,32 @@ char __elogfile[OS_FLSIZE+1];
 char __alogfile[OS_FLSIZE+1];
 char __flogfile[OS_FLSIZE+1];
 	
-/* OS_InitLog */
+/* OS_InitLog */    
 void OS_InitLog()
 {
     OS_InitFwLog();
 
     __crt_day = 0;
-
-    /* alerts and events log file */
-    memset(__alogfile,'\0',OS_FLSIZE +1);
-    memset(__elogfile,'\0',OS_FLSIZE +1);
-    memset(__flogfile,'\0',OS_FLSIZE +1);
+    
+    /* alerts and events log file */    
+    memset(__alogfile,'\0',OS_FLSIZE +1); 
+    memset(__elogfile,'\0',OS_FLSIZE +1); 
+    memset(__flogfile,'\0',OS_FLSIZE +1); 
 
     _eflog = NULL;
     _aflog = NULL;
     _fflog = NULL;
-
+    
     /* Setting the umask */
     umask(0027);
 }
 
 
-/* gzips a log file
+/* gzips a log file 
 int OS_CompressLog(int yesterday, char *prev_month, int prev_year)
 
-  -- moved to monitord.	
-*/
+  -- moved to monitord.	  
+*/      
 
 
 
@@ -55,11 +55,11 @@ int OS_CompressLog(int yesterday, char *prev_month, int prev_year)
 /* OS_GetLogLocation: v0.1, 2005/04/25 */
 int OS_GetLogLocation(Eventinfo *lf)
 {
-    /* Checking what directories to create
+    /* Checking what directories to create 
      * Checking if the year directory is there.
      * If not, create it. Same for the month directory.
      */
-
+     
     /* For the events */
     if(_eflog)
     {
@@ -68,7 +68,7 @@ int OS_GetLogLocation(Eventinfo *lf)
         fclose(_eflog);
         _eflog = NULL;
     }
-
+    
     snprintf(__elogfile,OS_FLSIZE,"%s/%d/", EVENTS, lf->year);
     if(IsDir(__elogfile) == -1)
         if(mkdir(__elogfile,0770) == -1)
@@ -97,11 +97,11 @@ int OS_GetLogLocation(Eventinfo *lf)
     _eflog = fopen(__elogfile,"a");
     if(!_eflog)
         ErrorExit("%s: Error opening logfile: '%s'",ARGV0,__elogfile);
-
+    
     /* Creating a symlink */
     unlink(EVENTS_DAILY);
     link(__elogfile, EVENTS_DAILY);
-
+    
 
     /* for the alerts logs */
     if(_aflog)
@@ -111,7 +111,7 @@ int OS_GetLogLocation(Eventinfo *lf)
         fclose(_aflog);
         _aflog = NULL;
     }
-
+                            
     snprintf(__alogfile,OS_FLSIZE,"%s/%d/", ALERTS, lf->year);
     if(IsDir(__alogfile) == -1)
         if(mkdir(__alogfile,0770) == -1)
@@ -137,14 +137,14 @@ int OS_GetLogLocation(Eventinfo *lf)
             lf->day);
 
     _aflog = fopen(__alogfile,"a");
-
+    
     if(!_aflog)
         ErrorExit("%s: Error opening logfile: '%s'",ARGV0,__alogfile);
-
+    
     /* Creating a symlink */
     unlink(ALERTS_DAILY);
     link(__alogfile, ALERTS_DAILY);
-
+            
 
     /* For the firewall events */
     if(_fflog)
@@ -154,7 +154,7 @@ int OS_GetLogLocation(Eventinfo *lf)
         fclose(_fflog);
         _fflog = NULL;
     }
-
+                            
     snprintf(__flogfile,OS_FLSIZE,"%s/%d/", FWLOGS, lf->year);
     if(IsDir(__flogfile) == -1)
         if(mkdir(__flogfile,0770) == -1)
@@ -188,9 +188,9 @@ int OS_GetLogLocation(Eventinfo *lf)
     /* Creating a symlink */
     unlink(FWLOGS_DAILY);
     link(__flogfile, FWLOGS_DAILY);
+            
 
-
-    /* Setting the new day */
+    /* Setting the new day */        
     __crt_day = lf->day;
 
     return(0);
diff --git a/src/analysisd/alerts/getloglocation.h b/src/analysisd/alerts/getloglocation.h
index 13c600e..06e5a4b 100755
--- a/src/analysisd/alerts/getloglocation.h
+++ b/src/analysisd/alerts/getloglocation.h
@@ -31,7 +31,7 @@ void OS_InitFwLog();
  * @param lf        Event structure
  *
  * @retval 0        success
- *         -1       error
+ *         -1       error 
  */
 int OS_GetLogLocation(Eventinfo *lf);
 
diff --git a/src/analysisd/alerts/log.c b/src/analysisd/alerts/log.c
index 048403f..e606859 100755
--- a/src/analysisd/alerts/log.c
+++ b/src/analysisd/alerts/log.c
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
@@ -104,44 +104,9 @@ char *GeoIPLookup(char *ip)
 OSMatch FWDROPpm;
 OSMatch FWALLOWpm;
 
-/*
- * Allow custom alert output tokens.
- */
 
-typedef enum e_custom_alert_tokens_id
-{
-  CUSTOM_ALERT_TOKEN_TIMESTAMP = 0,
-  CUSTOM_ALERT_TOKEN_FTELL,
-  CUSTOM_ALERT_TOKEN_RULE_ALERT_OPTIONS,
-  CUSTOM_ALERT_TOKEN_HOSTNAME,
-  CUSTOM_ALERT_TOKEN_LOCATION,
-  CUSTOM_ALERT_TOKEN_RULE_ID,
-  CUSTOM_ALERT_TOKEN_RULE_LEVEL,
-  CUSTOM_ALERT_TOKEN_RULE_COMMENT,
-  CUSTOM_ALERT_TOKEN_SRC_IP,
-  CUSTOM_ALERT_TOKEN_DST_USER,
-  CUSTOM_ALERT_TOKEN_FULL_LOG,
-  CUSTOM_ALERT_TOKEN_RULE_GROUP,
-  CUSTOM_ALERT_TOKEN_LAST
-} CustomAlertTokenID;
-
-char CustomAlertTokenName[CUSTOM_ALERT_TOKEN_LAST][15] =
-{
-{ "$TIMESTAMP" },
-{ "$FTELL" },
-{ "$RULEALERT" },
-{ "$HOSTNAME" },
-{ "$LOCATION" },
-{ "$RULEID" },
-{ "$RULELEVEL" },
-{ "$RULECOMMENT" },
-{ "$SRCIP" },
-{ "$DSTUSER" },
-{ "$FULLLOG" },
-{ "$RULEGROUP" },
-};
 /* OS_Store: v0.2, 2005/02/10 */
-/* Will store the events in a file
+/* Will store the events in a file 
  * The string must be null terminated and contain
  * any necessary new lines, tabs, etc.
  *
@@ -168,7 +133,7 @@ void OS_Store(Eventinfo *lf)
             lf->location,
             lf->full_log);
 
-    fflush(_eflog);
+    fflush(_eflog); 
     return;	
 }
 
@@ -345,126 +310,7 @@ void OS_Log(Eventinfo *lf)
     return;	
 }
 
-/* OS_CustomLog: v0.1, 2012/10/10*/
-void OS_CustomLog(Eventinfo *lf,char* format)
-{
-  char *log;
-  char *tmp_log;
-  char tmp_buffer[1024];
-  //Replace all the tokens:
-  os_strdup(format,log);
-
-  snprintf(tmp_buffer, 1024, "%d", lf->time);
-  tmp_log = searchAndReplace(log, CustomAlertTokenName[CUSTOM_ALERT_TOKEN_TIMESTAMP], tmp_buffer);
-  if(log)
-  {
-    os_free(log);
-    log=NULL;
-  }
-  snprintf(tmp_buffer, 1024, "%ld", __crt_ftell);
-  log = searchAndReplace(tmp_log, CustomAlertTokenName[CUSTOM_ALERT_TOKEN_FTELL], tmp_buffer);
-  if (tmp_log)
-  {
-    os_free(tmp_log);
-    tmp_log=NULL;
-  }
-
-
-  snprintf(tmp_buffer, 1024, "%s", (lf->generated_rule->alert_opts & DO_MAILALERT)?"mail " : "");
-  tmp_log = searchAndReplace(log, CustomAlertTokenName[CUSTOM_ALERT_TOKEN_RULE_ALERT_OPTIONS], tmp_buffer);
-  if(log)
-  {
-    os_free(log);
-    log=NULL;
-  }
-
-
-  snprintf(tmp_buffer, 1024, "%s",lf->hostname?lf->hostname:"None");
-  log = searchAndReplace(tmp_log, CustomAlertTokenName[CUSTOM_ALERT_TOKEN_HOSTNAME], tmp_buffer);
-  if (tmp_log)
-  {
-    os_free(tmp_log);
-    tmp_log=NULL;
-  }
-
-  snprintf(tmp_buffer, 1024, "%s",lf->location?lf->location:"None");
-  tmp_log = searchAndReplace(log, CustomAlertTokenName[CUSTOM_ALERT_TOKEN_LOCATION], tmp_buffer);
-  if(log)
-  {
-    os_free(log);
-    log=NULL;
-  }
-
-
-  snprintf(tmp_buffer, 1024, "%d", lf->generated_rule->sigid);
-  log = searchAndReplace(tmp_log, CustomAlertTokenName[CUSTOM_ALERT_TOKEN_RULE_ID], tmp_buffer);
-  if (tmp_log)
-  {
-    os_free(tmp_log);
-    tmp_log=NULL;
-  }
-
-  snprintf(tmp_buffer, 1024, "%d", lf->generated_rule->level);
-  tmp_log = searchAndReplace(log, CustomAlertTokenName[CUSTOM_ALERT_TOKEN_RULE_LEVEL], tmp_buffer);
-  if(log)
-  {
-    os_free(log);
-    log=NULL;
-  }
-
-  snprintf(tmp_buffer, 1024, "%s",lf->srcip?lf->srcip:"None");
-  log = searchAndReplace(tmp_log, CustomAlertTokenName[CUSTOM_ALERT_TOKEN_SRC_IP], tmp_buffer);
-  if (tmp_log)
-  {
-    os_free(tmp_log);
-    tmp_log=NULL;
-  }
-
-  snprintf(tmp_buffer, 1024, "%s",lf->srcuser?lf->srcuser:"None");
-
-  tmp_log = searchAndReplace(log, CustomAlertTokenName[CUSTOM_ALERT_TOKEN_DST_USER], tmp_buffer);
-  if(log)
-  {
-    os_free(log);
-    log=NULL;
-  }
-
-  log = searchAndReplace(tmp_log, CustomAlertTokenName[CUSTOM_ALERT_TOKEN_FULL_LOG], lf->full_log);
-  if (tmp_log)
-  {
-    os_free(tmp_log);
-    tmp_log=NULL;
-  }
-
-  snprintf(tmp_buffer, 1024, "%s",lf->generated_rule->comment?lf->generated_rule->comment:"");
-  tmp_log = searchAndReplace(log, CustomAlertTokenName[CUSTOM_ALERT_TOKEN_RULE_COMMENT], tmp_buffer);
-  if(log)
-  {
-    os_free(log);
-    log=NULL;
-  }
-
-  snprintf(tmp_buffer, 1024, "%s",lf->generated_rule->group?lf->generated_rule->group:"");
-  log = searchAndReplace(tmp_log, CustomAlertTokenName[CUSTOM_ALERT_TOKEN_RULE_GROUP], tmp_buffer);
-  if (tmp_log)
-  {
-    os_free(tmp_log);
-    tmp_log=NULL;
-  }
-
-
-  fprintf(_aflog,log);
-  fprintf(_aflog,"\n");
-  fflush(_aflog);
-
-  if(log)
-  {
-    os_free(log);
-    log=NULL;
-  }
-
-  return;
-}
+
 
 void OS_InitFwLog()
 {
@@ -480,7 +326,7 @@ void OS_InitFwLog()
         ErrorExit(REGEX_COMPILE, ARGV0, FWALLOW,
                 FWALLOWpm.error);
     }
-
+                    
 }
 
 
@@ -491,7 +337,7 @@ int FW_Log(Eventinfo *lf)
      * action, there is no point in going
      * forward over here
      */
-    if(!lf->action || !lf->srcip || !lf->dstip || !lf->srcport ||
+    if(!lf->action || !lf->srcip || !lf->dstip || !lf->srcport || 
        !lf->dstport || !lf->protocol)
     {
         return(0);
@@ -522,7 +368,7 @@ int FW_Log(Eventinfo *lf)
             os_free(lf->action);
             os_strdup("CLOSED", lf->action);
             break;
-        /* allow, accept, */
+        /* allow, accept, */    
         case 'a':
         case 'A':
         /* pass/permitted */
@@ -530,9 +376,9 @@ int FW_Log(Eventinfo *lf)
         case 'P':
         /* open */
         case 'o':
-        case 'O':
+        case 'O':    
             os_free(lf->action);
-            os_strdup("ALLOW", lf->action);
+            os_strdup("ALLOW", lf->action);        
             break;
         default:
             if(OSMatch_Execute(lf->action,strlen(lf->action),&FWDROPpm))
@@ -550,7 +396,7 @@ int FW_Log(Eventinfo *lf)
                 os_free(lf->action);
                 os_strdup("UNKNOWN", lf->action);
             }
-            break;
+            break;    
     }
 
 
@@ -570,7 +416,7 @@ int FW_Log(Eventinfo *lf)
             lf->srcport,
             lf->dstip,
             lf->dstport);
-
+    
     fflush(_fflog);
 
     return(1);
diff --git a/src/analysisd/alerts/log.h b/src/analysisd/alerts/log.h
index a38ca73..5bf67e1 100755
--- a/src/analysisd/alerts/log.h
+++ b/src/analysisd/alerts/log.h
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
@@ -22,7 +22,6 @@
 
 void OS_LogOutput(Eventinfo *lf);
 void OS_Log(Eventinfo *lf);
-void OS_CustomLog(Eventinfo *lf,char * format);
 void OS_Store(Eventinfo *lf);
 int FW_Log(Eventinfo *lf);
 
diff --git a/src/analysisd/alerts/mail.c b/src/analysisd/alerts/mail.c
index dc87751..7f22d6e 100755
--- a/src/analysisd/alerts/mail.c
+++ b/src/analysisd/alerts/mail.c
@@ -5,7 +5,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
diff --git a/src/analysisd/analysisd.c b/src/analysisd/analysisd.c
index 9d6f91a..6e72bd8 100755
--- a/src/analysisd/analysisd.c
+++ b/src/analysisd/analysisd.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -17,7 +17,7 @@
 /* Part of the OSSEC
  * Available at http://www.ossec.net
  */
-
+  
 
 /* ossec-analysisd.
  * Responsible for correlation and log decoding.
@@ -98,7 +98,7 @@ void DecodeEvent(Eventinfo *lf);
 int DecodeSyscheck(Eventinfo *lf);
 int DecodeRootcheck(Eventinfo *lf);
 int DecodeHostinfo(Eventinfo *lf);
-
+ 
 
 /* For Decoders */
 int ReadDecodeXML(char *file);
@@ -126,7 +126,7 @@ int hourly_firewall;
 
 /** int main(int argc, char **argv)
  */
-#ifndef TESTRULE
+#ifndef TESTRULE 
 int main(int argc, char **argv)
 #else
 int main_analysisd(int argc, char **argv)
@@ -180,14 +180,13 @@ int main_analysisd(int argc, char **argv)
                 if(!optarg)
                     ErrorExit("%s: -D needs an argument",ARGV0);
                 dir = optarg;
-                break;
             case 'c':
                 if(!optarg)
                     ErrorExit("%s: -c needs an argument",ARGV0);
                 cfg = optarg;
                 break;
             case 't':
-                test_config = 1;
+                test_config = 1;    
                 break;
             default:
                 help(ARGV0);
@@ -201,7 +200,7 @@ int main_analysisd(int argc, char **argv)
     debug1(STARTED_MSG,ARGV0);
     DEBUG_MSG("%s: DEBUG: Starting on debug mode - %d ", ARGV0, (int)time(0));
 
-
+    
     /*Check if the user/group given are valid */
     uid = Privsep_GetUser(user);
     gid = Privsep_GetGroup(group);
@@ -212,7 +211,7 @@ int main_analysisd(int argc, char **argv)
     /* Found user */
     debug1(FOUND_USER, ARGV0);
 
-
+    
     /* Initializing Active response */
     AR_Init();
     if(AR_ReadConfig(test_config, cfg) < 0)
@@ -220,8 +219,8 @@ int main_analysisd(int argc, char **argv)
         ErrorExit(CONFIG_ERROR,ARGV0, cfg);
     }
     debug1(ASINIT, ARGV0);
-
-
+    
+    
     /* Reading configuration file */
     if(GlobalConf(cfg) < 0)
     {
@@ -229,19 +228,19 @@ int main_analysisd(int argc, char **argv)
     }
 
     debug1(READ_CONFIG, ARGV0);
-
+        
 
     /* Fixing Config.ar */
     Config.ar = ar_flag;
     if(Config.ar == -1)
         Config.ar = 0;
-
-
+        
+    
     /* Getting servers hostname */
     memset(__shost, '\0', 512);
     if(gethostname(__shost, 512 -1) != 0)
     {
-        strncpy(__shost, OSSEC_SERVER, 512 -1);
+        strncpy(__shost, OSSEC_SERVER, 512 -1);    
     }
     else
     {
@@ -252,14 +251,14 @@ int main_analysisd(int argc, char **argv)
         if(_ltmp)
             *_ltmp = '\0';
     }
-
+    
     /* going on Daemon mode */
     if(!test_config && !run_foreground)
     {
         nowDaemon();
         goDaemon();
     }
-
+    
 
     /* Starting prelude */
     #ifdef PRELUDE
@@ -287,22 +286,22 @@ int main_analysisd(int argc, char **argv)
 
 
     nowChroot();
-
-
+    
+    
 
     /*
-     * Anonymous Section: Load rules, decoders, and lists
+     * Anonymous Section: Load rules, decoders, and lists 
      *
      * As lists require two pass loading of rules that make use of list lookups
-     * are created with blank database structs, and need to be filled in after
-     * completion of all rules and lists.
+     * are created with blank database structs, and need to be filled in after 
+     * completion of all rules and lists. 
      */
     {
         {
             /* Initializing the decoders list */
             OS_CreateOSDecoderList();
 
-            if(!Config.decoders)
+            if(!Config.decoders) 
             { /* Legacy loading */
                 /* Reading decoders */
                 if(!ReadDecodeXML(XML_DECODER))
@@ -333,9 +332,9 @@ int main_analysisd(int argc, char **argv)
                         verbose("%s: INFO: Reading decoder file %s.", ARGV0, *decodersfiles);
                     if(!ReadDecodeXML(*decodersfiles))
                         ErrorExit(CONFIG_ERROR, ARGV0, *decodersfiles);
-
-                    free(*decodersfiles);
-                    decodersfiles++;
+                    
+                    free(*decodersfiles);    
+                    decodersfiles++;    
                 }
             }
 
@@ -344,7 +343,7 @@ int main_analysisd(int argc, char **argv)
         }
         { /* Load Lists */
             /* Initializing the lists of list struct */
-            Lists_OP_CreateLists();
+            Lists_OP_CreateLists(); 
             /* Load each list into list struct */
             {
                 char **listfiles;
@@ -376,24 +375,24 @@ int main_analysisd(int argc, char **argv)
                         verbose("%s: INFO: Reading rules file: '%s'", ARGV0, *rulesfiles);
                     if(Rules_OP_ReadRules(*rulesfiles) < 0)
                         ErrorExit(RULES_ERROR, ARGV0, *rulesfiles);
-
-                    free(*rulesfiles);
-                    rulesfiles++;
+                        
+                    free(*rulesfiles);    
+                    rulesfiles++;    
                 }
 
                 free(Config.includes);
                 Config.includes = NULL;
             }
-
+            
             /* Find all rules with that require list lookups and attache the
-             * the correct list struct to the rule.  This keeps rules from having to
+             * the correct list struct to the rule.  This keeps rules from having to 
              * search thought the list of lists for the correct file during rule evaluation.
              */
             OS_ListLoadRules();
         }
     }
 
-
+    
     /* Fixing the levels/accuracy */
     {
         int total_rules;
@@ -401,7 +400,7 @@ int main_analysisd(int argc, char **argv)
 
         total_rules = _setlevels(tmp_node, 0);
         if(!test_config)
-            verbose("%s: INFO: Total rules enabled: '%d'", ARGV0, total_rules);
+            verbose("%s: INFO: Total rules enabled: '%d'", ARGV0, total_rules);    
     }
 
 
@@ -417,8 +416,8 @@ int main_analysisd(int argc, char **argv)
         AddHash_Rule(tmp_node);
     }
 
-
-
+   
+   
     /* Ignored files on syscheck */
     {
         char **files;
@@ -427,7 +426,7 @@ int main_analysisd(int argc, char **argv)
         {
             if(!test_config)
                 verbose("%s: INFO: Ignoring file: '%s'", ARGV0, *files);
-            files++;
+            files++;    
         }
     }
 
@@ -437,12 +436,12 @@ int main_analysisd(int argc, char **argv)
                                  "log_fw",
                                  0, 1);
 
-
+    
     /* Success on the configuration test */
     if(test_config)
         exit(0);
 
-
+        
     /* Verbose message */
     debug1(PRIVSEP_MSG, ARGV0, dir, user);
 
@@ -451,11 +450,11 @@ int main_analysisd(int argc, char **argv)
     StartSIG(ARGV0);
 
 
-    /* Setting the user */
+    /* Setting the user */ 
     if(Privsep_SetUser(uid) < 0)
         ErrorExit(SETUID_ERROR,ARGV0,user);
-
-
+    
+    
     /* Creating the PID file */
     if(CreatePID(ARGV0, getpid()) < 0)
         ErrorExit(PID_ERROR,ARGV0);
@@ -493,7 +492,7 @@ int main_analysisd(int argc, char **argv)
     if(Config.hostname_white_list == NULL)
     {
         if(Config.ar)
-            verbose("%s: INFO: No Hostname in the white list for active reponse.",
+            verbose("%s: INFO: No Hostname in the white list for active reponse.", 
             ARGV0);
     }
     else
@@ -502,7 +501,7 @@ int main_analysisd(int argc, char **argv)
         {
             int wlc = 0;
             OSMatch **wl;
-
+            
             wl = Config.hostname_white_list;
             while(*wl)
             {
@@ -528,13 +527,13 @@ int main_analysisd(int argc, char **argv)
     /* Going to main loop */	
     OS_ReadMSG(m_queue);
 
-    if (Config.picviz)
+    if (Config.picviz) 
     {
         OS_PicvizClose();
     }
 
     exit(0);
-
+    
 }
 
 
@@ -543,7 +542,7 @@ int main_analysisd(int argc, char **argv)
  * Main function. Receives the messages(events)
  * and analyze them all.
  */
-#ifndef TESTRULE
+#ifndef TESTRULE 
 void OS_ReadMSG(int m_queue)
 #else
 void OS_ReadMSG_analysisd(int m_queue)
@@ -554,7 +553,7 @@ void OS_ReadMSG_analysisd(int m_queue)
     Eventinfo *lf;
 
     RuleInfo *stats_rule;
-
+    
 
     /* Null to global currently pointers */
     currently_rule = NULL;
@@ -569,12 +568,12 @@ void OS_ReadMSG_analysisd(int m_queue)
 
     /* Initializing Rootcheck */
     RootcheckInit();
-
-
+    
+   
     /* Initializing host info */
     HostinfoInit();
-
-
+    
+    
     /* Creating the event list */
     OS_CreateEventList(Config.memorysize);
 
@@ -584,7 +583,7 @@ void OS_ReadMSG_analysisd(int m_queue)
     {
         ErrorExit(FTS_LIST_ERROR, ARGV0);
     }
-
+    
 
     /* Starting the active response queues */
     if(Config.ar)
@@ -592,14 +591,14 @@ void OS_ReadMSG_analysisd(int m_queue)
         /* Waiting the ARQ to settle .. */
         sleep(3);
 
-
+        
         #ifndef LOCAL
         if(Config.ar & REMOTE_AR)
         {
             if((arq = StartMQ(ARQUEUE, WRITE)) < 0)
             {
                 merror(ARQ_ERROR, ARGV0);
-
+                
                 /* If LOCAL_AR is set, keep it there */
                 if(Config.ar & LOCAL_AR)
                 {
@@ -616,7 +615,7 @@ void OS_ReadMSG_analysisd(int m_queue)
                 verbose(CONN_TO, ARGV0, ARQUEUE, "active-response");
             }
         }
-
+        
         #else
         /* Only for LOCAL_ONLY installs */
         if(Config.ar & REMOTE_AR)
@@ -632,13 +631,13 @@ void OS_ReadMSG_analysisd(int m_queue)
             }
         }
         #endif
-
+        
         if(Config.ar & LOCAL_AR)
         {
             if((execdq = StartMQ(EXECQUEUE, WRITE)) < 0)
             {
                 merror(ARQ_ERROR, ARGV0);
-
+                
                 /* If REMOTE_AR is set, keep it there */
                 if(Config.ar & REMOTE_AR)
                 {
@@ -685,8 +684,8 @@ void OS_ReadMSG_analysisd(int m_queue)
 
     /* Doing some cleanup */
     memset(msg, '\0', OS_MAXSTR +1);
-
-
+    
+    
     /* Initializing the logs */
     {
         lf = (Eventinfo *)calloc(1,sizeof(Eventinfo));
@@ -703,27 +702,25 @@ void OS_ReadMSG_analysisd(int m_queue)
 
         Free_Eventinfo(lf);
     }
-
-
+    
+    
     debug1("%s: DEBUG: Startup completed. Waiting for new messages..",ARGV0);
-
-    if(Config.custom_alert_output)
-      debug1("%s: INFO: Custom output found.!",ARGV0);
+    
 
     /* Daemon loop */
     while(1)
     {
         lf = (Eventinfo *)calloc(1,sizeof(Eventinfo));
-
+        
         /* This shouldn't happen .. */
         if(lf == NULL)
         {
             ErrorExit(MEM_ERROR,ARGV0);
         }
-
+    
         DEBUG_MSG("%s: DEBUG: Waiting for msgs - %d ", ARGV0, (int)time(0));
 
-
+        
         /* Receive message from queue */
         if((i = OS_RecvUnix(m_queue, OS_MAXSTR, msg)))
         {
@@ -744,12 +741,12 @@ void OS_ReadMSG_analysisd(int m_queue)
                 Free_Eventinfo(lf);
                 continue;
             }
-
+            
 
             /* Message before extracting header */
             DEBUG_MSG("%s: DEBUG: Received msg: %s ", ARGV0, msg);
 
-
+            
             /* Clean the msg appropriately */
             if(OS_CleanMSG(msg, lf) < 0)
             {
@@ -762,7 +759,7 @@ void OS_ReadMSG_analysisd(int m_queue)
             /* Msg cleaned */
             DEBUG_MSG("%s: DEBUG: Msg cleanup: %s ", ARGV0, lf->log);
 
-
+            
             /* Currently rule must be null in here */
             currently_rule = NULL;
 
@@ -797,8 +794,8 @@ void OS_ReadMSG_analysisd(int m_queue)
                     prev_year = lf->year;
                 }
             }
-
-
+            
+            
             /* Incrementing number of events received */
             hourly_events++;
 
@@ -809,7 +806,7 @@ void OS_ReadMSG_analysisd(int m_queue)
             if(msg[0] == SYSCHECK_MQ)
             {
                 hourly_syscheck++;
-
+                
                 if(!DecodeSyscheck(lf))
                 {
                     /* We don't process syscheck events further */
@@ -850,7 +847,7 @@ void OS_ReadMSG_analysisd(int m_queue)
 
                 DecodeEvent(lf);
             }
-
+            
 
             /* Firewall event */
             if(lf->decoder_info->type == FIREWALL)
@@ -858,7 +855,7 @@ void OS_ReadMSG_analysisd(int m_queue)
                 /* If we could not get any information from
                  * the log, just ignore it
                  */
-                hourly_firewall++;
+                hourly_firewall++;  
                 if(Config.logfw)
                 {
                     if(!FW_Log(lf))
@@ -889,10 +886,10 @@ void OS_ReadMSG_analysisd(int m_queue)
                 {
                     void *saved_rule = lf->generated_rule;
                     char *saved_log;
-
+                    
                     /* Saving previous log */
                     saved_log = lf->full_log;
-
+                    
                     lf->generated_rule = stats_rule;
                     lf->full_log = __stats_comment;
 
@@ -901,15 +898,7 @@ void OS_ReadMSG_analysisd(int m_queue)
                     if(stats_rule->alert_opts & DO_LOGALERT)
                     {
                         __crt_ftell = ftell(_aflog);
-                        if(Config.custom_alert_output)
-                        {
-                          OS_CustomLog(lf,Config.custom_alert_output_format);
-                        }
-                        else
-                        {
-                          OS_Log(lf);
-                        }
-
+                        OS_Log(lf);
                     }
 
 
@@ -921,13 +910,13 @@ void OS_ReadMSG_analysisd(int m_queue)
 
 
             /* Checking the rules */
-            DEBUG_MSG("%s: DEBUG: Checking the rules - %d ",
+            DEBUG_MSG("%s: DEBUG: Checking the rules - %d ", 
                            ARGV0, lf->decoder_info->type);
 
-
+            
             /* Looping all the rules */
             rulenode_pt = OS_GetFirstRule();
-            if(!rulenode_pt)
+            if(!rulenode_pt) 
             {
                 ErrorExit("%s: Rules in an inconsistent state. Exiting.",
                         ARGV0);
@@ -940,22 +929,22 @@ void OS_ReadMSG_analysisd(int m_queue)
                 {
                     if(!lf->generated_rule)
                     {
-                        goto CLMEM;
+                        goto CLMEM;            
                     }
-
+                    
                     /* We go ahead in here and process the alert. */
                     currently_rule = lf->generated_rule;
                 }
-
+                
                 /* The categories must match */
-                else if(rulenode_pt->ruleinfo->category !=
+                else if(rulenode_pt->ruleinfo->category != 
                         lf->decoder_info->type)
                 {
                     continue;
                 }
 
                 /* Checking each rule. */
-                else if((currently_rule = OS_CheckIfRuleMatch(lf, rulenode_pt))
+                else if((currently_rule = OS_CheckIfRuleMatch(lf, rulenode_pt)) 
                         == NULL)
                 {
                     continue;
@@ -969,7 +958,7 @@ void OS_ReadMSG_analysisd(int m_queue)
                 }
 
 
-                /* Checking ignore time */
+                /* Checking ignore time */ 
                 if(currently_rule->ignore_time)
                 {
                     if(currently_rule->time_ignored == 0)
@@ -980,7 +969,7 @@ void OS_ReadMSG_analysisd(int m_queue)
                      * is less than the time it should be ignored,
                      * leave (do not alert again).
                      */
-                    else if((lf->time - currently_rule->time_ignored)
+                    else if((lf->time - currently_rule->time_ignored) 
                             < currently_rule->ignore_time)
                     {
                         break;
@@ -995,7 +984,7 @@ void OS_ReadMSG_analysisd(int m_queue)
                 /* Pointer to the rule that generated it */
                 lf->generated_rule = currently_rule;
 
-
+                
                 /* Checking if we should ignore it */
                 if(currently_rule->ckignore && IGnore(lf))
                 {
@@ -1003,8 +992,8 @@ void OS_ReadMSG_analysisd(int m_queue)
                     lf->generated_rule = NULL;
                     break;
                 }
-
-
+                
+                
                 /* Checking if we need to add to ignore list */
                 if(currently_rule->ignore)
                 {
@@ -1016,15 +1005,7 @@ void OS_ReadMSG_analysisd(int m_queue)
                 if(currently_rule->alert_opts & DO_LOGALERT)
                 {
                     __crt_ftell = ftell(_aflog);
-
-                    if(Config.custom_alert_output)
-                    {
-                      OS_CustomLog(lf,Config.custom_alert_output_format);
-                    }
-                    else
-                    {
-                      OS_Log(lf);
-                    }
+                    OS_Log(lf);
                 }
 
 
@@ -1045,7 +1026,7 @@ void OS_ReadMSG_analysisd(int m_queue)
                 {
                     OS_PicvizLog(lf);
                 }
-
+                
 
                 /* Execute an active response */
                 if(currently_rule->ar)
@@ -1060,7 +1041,7 @@ void OS_ReadMSG_analysisd(int m_queue)
                         do_ar = 1;
                         if((*rule_ar)->ar_cmd->expect & USERNAME)
                         {
-                            if(!lf->dstuser ||
+                            if(!lf->dstuser || 
                                 !OS_PRegex(lf->dstuser,"^[a-zA-Z._0-9@?-]*$"))
                             {
                                 if(lf->dstuser)
@@ -1097,19 +1078,19 @@ void OS_ReadMSG_analysisd(int m_queue)
                     }
                     else
                     {
-                        lf->sid_node_to_delete =
+                        lf->sid_node_to_delete = 
                             currently_rule->sid_prev_matched->last_node;
                     }
                 }
                 /* Group list */
                 else if(currently_rule->group_prev_matched)
                 {
-                    i = 0;
-
+                    i = 0;  
+                    
                     while(i < currently_rule->group_prev_matched_sz)
                     {
                         if(!OSList_AddData(
-                                currently_rule->group_prev_matched[i],
+                                currently_rule->group_prev_matched[i], 
                                 lf))
                         {
                            merror("%s: Unable to add data to grp list.",ARGV0);
@@ -1117,7 +1098,7 @@ void OS_ReadMSG_analysisd(int m_queue)
                         i++;
                     }
                 }
-
+                
                 OS_AddEvent(lf);
 
                 break;
@@ -1132,10 +1113,10 @@ void OS_ReadMSG_analysisd(int m_queue)
 
             /* Cleaning the memory */	
             CLMEM:
-
+            
 
             /* Only clear the memory if the eventinfo was not
-             * added to the stateful memory
+             * added to the stateful memory 
              * -- message is free inside clean event --
              */
             if(lf->generated_rule == NULL)
@@ -1175,39 +1156,39 @@ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node)
      * status,
      */
     RuleInfo *currently_rule = curr_node->ruleinfo;
-
-
+   
+    
     /* Can't be null */
     if(!currently_rule)
     {
         merror("%s: Inconsistent state. currently rule NULL", ARGV0);
         return(NULL);
     }
-
+   
 
     #ifdef TESTRULE
     if(full_output && !alert_only)
     print_out("    Trying rule: %d - %s", currently_rule->sigid,
                                           currently_rule->comment);
     #endif
-
-
+   
+     
     /* Checking if any decoder pre-matched here */
-    if(currently_rule->decoded_as &&
+    if(currently_rule->decoded_as && 
        currently_rule->decoded_as != lf->decoder_info->id)
     {
         return(NULL);
     }
-
-
+   
+    
     /* Checking program name */
     if(currently_rule->program_name)
     {
         if(!lf->program_name)
             return(NULL);
 
-        if(!OSMatch_Execute(lf->program_name,
-                            lf->p_name_size,
+        if(!OSMatch_Execute(lf->program_name, 
+                            lf->p_name_size, 
                             currently_rule->program_name))
                         return(NULL);
     }
@@ -1220,7 +1201,7 @@ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node)
         {
             return(NULL);
         }
-
+        
         if(!OSMatch_Execute(lf->id,
                             strlen(lf->id),
                             currently_rule->id))
@@ -1229,25 +1210,25 @@ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node)
 
         #endif
     }
-
+    
 
     /* Checking if any word to match exists */
     if(currently_rule->match)
     {
         if(!OSMatch_Execute(lf->log, lf->size, currently_rule->match))
             return(NULL);
-    }	   	
-
+    }	   	   
 
 
+    
     /* Checking if exist any regex for this rule */
     if(currently_rule->regex)
     {
         if(!OSRegex_Execute(lf->log, currently_rule->regex))
             return(NULL);
     }
-
-
+    
+    
     /* Checking for actions */
     if(currently_rule->action)
     {
@@ -1258,7 +1239,7 @@ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node)
             return(NULL);
     }
 
-
+    
     /* Checking for the url */
     if(currently_rule->url)
     {
@@ -1266,7 +1247,7 @@ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node)
         {
             return(NULL);
         }
-
+        
         if(!OSMatch_Execute(lf->url, strlen(lf->url), currently_rule->url))
         {
             return(NULL);
@@ -1321,7 +1302,7 @@ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node)
             {
                 return(NULL);
             }
-
+            
             if(!OSMatch_Execute(lf->srcport,
                                 strlen(lf->srcport),
                                 currently_rule->srcport))
@@ -1338,7 +1319,7 @@ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node)
             {
                 return(NULL);
             }
-
+            
             if(!OSMatch_Execute(lf->dstport,
                                 strlen(lf->dstport),
                                 currently_rule->dstport))
@@ -1350,7 +1331,7 @@ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node)
             #endif
         }
     } /* END PACKET_INFO */
-
+    
 
     /* Extra information from event */
     if(currently_rule->alert_opts & DO_EXTRAINFO)
@@ -1583,7 +1564,7 @@ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node)
         }
     }
 
-
+        
     /* If it is a context rule, search for it */
     if(currently_rule->context == 1)
     {
@@ -1595,19 +1576,19 @@ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node)
     if(full_output && !alert_only)
     print_out("       *Rule %d matched.", currently_rule->sigid);
     #endif
-
-
+    
+        
     /* Search for dependent rules */
     if(curr_node->child)
     {
         RuleNode *child_node = curr_node->child;
         RuleInfo *child_rule = NULL;
-
+        
         #ifdef TESTRULE
         if(full_output && !alert_only)
         print_out("       *Trying child rules.");
         #endif
-
+        
         while(child_node)
         {
             child_rule = OS_CheckIfRuleMatch(lf, child_node);
@@ -1615,19 +1596,19 @@ RuleInfo *OS_CheckIfRuleMatch(Eventinfo *lf, RuleNode *curr_node)
             {
                 return(child_rule);
             }
-
+            
             child_node = child_node->next;
         }
     }
 
-
+    
     /* If we are set to no alert, keep going */
     if(currently_rule->alert_opts & NO_ALERT)
     {
         return(NULL);
     }
 
-
+   
     hourly_alerts++;
     currently_rule->firedtimes++;
 
@@ -1642,14 +1623,14 @@ void LoopRule(RuleNode *curr_node, FILE *flog)
 {
     if(curr_node->ruleinfo->firedtimes)
     {
-        fprintf(flog, "%d-%d-%d-%d\n",
-                thishour,
+        fprintf(flog, "%d-%d-%d-%d\n", 
+                thishour, 
                 curr_node->ruleinfo->sigid,
                 curr_node->ruleinfo->level,
                 curr_node->ruleinfo->firedtimes);
         curr_node->ruleinfo->firedtimes = 0;
     }
-
+    
     if(curr_node->child)
     {
         RuleNode *child_node = curr_node->child;
@@ -1718,7 +1699,7 @@ void DumpLogstats()
     /* Looping on all the rules and printing the stats from them */
     do
     {
-        LoopRule(rulenode_pt, flog);
+        LoopRule(rulenode_pt, flog);    
     }while((rulenode_pt = rulenode_pt->next) != NULL);
 
 
@@ -1730,7 +1711,7 @@ void DumpLogstats()
     hourly_events = 0;
     hourly_syscheck = 0;
     hourly_firewall = 0;
-
+   
     fclose(flog);
 }
 
diff --git a/src/analysisd/cdb/._Makefile b/src/analysisd/cdb/._Makefile
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/cdb/._Makefile differ
diff --git a/src/analysisd/cdb/._cdb.c b/src/analysisd/cdb/._cdb.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/cdb/._cdb.c differ
diff --git a/src/analysisd/cdb/._cdb.h b/src/analysisd/cdb/._cdb.h
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/cdb/._cdb.h differ
diff --git a/src/analysisd/cdb/._cdb_hash.c b/src/analysisd/cdb/._cdb_hash.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/cdb/._cdb_hash.c differ
diff --git a/src/analysisd/cdb/._cdb_make.c b/src/analysisd/cdb/._cdb_make.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/cdb/._cdb_make.c differ
diff --git a/src/analysisd/cdb/._cdb_make.h b/src/analysisd/cdb/._cdb_make.h
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/cdb/._cdb_make.h differ
diff --git a/src/analysisd/cdb/._uint32.h b/src/analysisd/cdb/._uint32.h
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/cdb/._uint32.h differ
diff --git a/src/analysisd/cdb/._uint32_pack.c b/src/analysisd/cdb/._uint32_pack.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/cdb/._uint32_pack.c differ
diff --git a/src/analysisd/cdb/._uint32_unpack.c b/src/analysisd/cdb/._uint32_unpack.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/cdb/._uint32_unpack.c differ
diff --git a/src/analysisd/cleanevent.c b/src/analysisd/cleanevent.c
index dfc456c..4c10494 100755
--- a/src/analysisd/cleanevent.c
+++ b/src/analysisd/cleanevent.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -31,9 +31,9 @@ char *(month[])={"Jan","Feb","Mar","Apr","May","Jun","Jul","Aug",
 
 
 
-
+                
 /* OS_CleanMSG v0.3: 2006/03/04
- * Format a received message in the
+ * Format a received message in the 
  * Eventinfo structure.
  */
 int OS_CleanMSG(char *msg, Eventinfo *lf)
@@ -59,23 +59,23 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
         merror(FORMAT_ERROR, ARGV0);
         return(-1);
     }
-
+    
     *pieces = '\0';
-    pieces++;
-
-
+    pieces++;    
+    
+    
     os_strdup(msg, lf->location);
-
-
+        
+    
     /* Getting the log length */
     loglen = strlen(pieces) + 1;
-
-
+    
+    
     /* Assigning the values in the strucuture (lf->full_log) */
     os_malloc((2*loglen) +1, lf->full_log);
-
-
-    /* Setting the whole message at full_log */
+    
+   
+    /* Setting the whole message at full_log */ 
     strncpy(lf->full_log, pieces, loglen);
 
 
@@ -83,22 +83,22 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
     lf->log = lf->full_log+loglen;
     strncpy(lf->log, pieces, loglen);
 
-
-
-    /* Checking for the syslog date format.
-     * ( ex: Dec 29 10:00:01
+    
+    
+    /* Checking for the syslog date format. 
+     * ( ex: Dec 29 10:00:01  
      *   or  2007-06-14T15:48:55-04:00 for syslog-ng isodate
      *   or  2009-05-22T09:36:46.214994-07:00 for rsyslog )
      */	
     if(
         (
-        (loglen > 17) &&
-        (pieces[3] == ' ') &&
-        (pieces[6] == ' ') &&
-        (pieces[9] == ':') &&
-        (pieces[12] == ':') &&
+        (loglen > 17) && 
+        (pieces[3] == ' ') && 
+        (pieces[6] == ' ') && 
+        (pieces[9] == ':') && 
+        (pieces[12] == ':') && 
         (pieces[15] == ' ') && (lf->log+=16)
-        )
+        ) 
         ||
         (
         (loglen > 33) &&
@@ -107,7 +107,7 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
         (pieces[10] == 'T') &&
         (pieces[13] == ':') &&
         (pieces[16] == ':') &&
-
+        
         (
          ((pieces[22] == ':') &&
           (pieces[25] == ' ') && (lf->log+=26)) ||
@@ -115,9 +115,9 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
          ((pieces[19] == '.') &&
           (pieces[29] == ':') && (lf->log+=32))
         )
-
+        
         )
-      )
+      )  
     {
         /* Checking for an extra space in here */
         if(*lf->log == ' ')
@@ -126,15 +126,15 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
 
         /* Hostname */
         pieces = lf->hostname = lf->log;
-
-
+        
+        
         /* Checking for a valid hostname */
         while(isValidChar(*pieces) == 1)
         {
             pieces++;
         }
-
-
+        
+        
         /* Checking if it is a syslog without hostname (common on Solaris. */
         if(*pieces == ':' && pieces[1] == ' ')
         {
@@ -152,8 +152,8 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
             lf->log = pieces;
         }
 
-
-        /* Extracting the hostname */
+        
+        /* Extracting the hostname */ 
         else if(*pieces != ' ')
         {
             /* Invalid hostname */
@@ -176,13 +176,13 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
 
 
             /* Extracting program_name */
-            /* Valid names:
-             * p_name:
+            /* Valid names: 
+             * p_name:   
              * p_name[pid]:
              * p_name[pid]: [ID xx facility.severity]
              * auth|security:info p_name:
-             *
-             */
+             * 
+             */    
             while(isValidChar(*pieces) == 1)
             {
                 pieces++;
@@ -195,7 +195,7 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
                 *pieces = '\0';
                 pieces+=2;
             }
-
+            
             /* Checking for the second format: p_name[pid]: */
             else if((*pieces == '[') && (isdigit((int)pieces[1])))
             {
@@ -246,7 +246,7 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
                     pieces++;
                     while(isalnum((int)*pieces))
                         pieces++;
-
+                
                     if(*pieces == ' ')
                     {
                         pieces++;
@@ -302,15 +302,15 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
                 lf->program_name = NULL;
             }
         }
-
-
+        
+        
         /* Removing [ID xx facility.severity] */
         if(pieces)
         {
             /* Setting log after program name */
             lf->log = pieces;
 
-            if((pieces[0] == '[') &&
+            if((pieces[0] == '[') && 
                (pieces[1] == 'I') &&
                (pieces[2] == 'D') &&
                (pieces[3] == ' '))
@@ -333,8 +333,8 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
             lf->p_name_size = strlen(lf->program_name);
         }
     }
-
-    /* xferlog date format
+    
+    /* xferlog date format 
      * Mon Apr 17 18:27:14 2006 1 64.160.42.130
      */
     else if((loglen > 28) &&
@@ -350,53 +350,37 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
         /* Moving log to the beginning of the message */
         lf->log+=24;
     }
-
+    
 
     /* Checking for snort date format
-     * ex: 01/28-09:13:16.240702  [**]
-     */
-    else if( (loglen > 24) &&
-             (pieces[2] == '/') &&
+     * ex: 01/28-09:13:16.240702  [**] 
+     */ 
+    else if( (loglen > 24) && 
+             (pieces[2] == '/') && 
              (pieces[5] == '-') &&
-             (pieces[8] == ':') &&
+             (pieces[8] == ':') && 
              (pieces[11]== ':') &&
-             (pieces[14]== '.') &&
+             (pieces[14]== '.') && 
              (pieces[21] == ' ') )
     {
         lf->log+=23;
     }
 
-    /* Checking for suricata (new) date format
-     * ex: 01/28/1979-09:13:16.240702  [**]
-     */
-    else if( (loglen > 26) &&
-             (pieces[2] == '/') &&
-             (pieces[5] == '/') &&
-             (pieces[10] == '-') &&
-             (pieces[13] == ':') &&
-             (pieces[16]== ':') &&
-             (pieces[19]== '.') &&
-             (pieces[26] == ' ') )
-    {
-        lf->log+=28;
-    }
-
-
     /* Checking for apache log format */
     /* [Fri Feb 11 18:06:35 2004] [warn] */
-    else if( (loglen > 27) &&
-             (pieces[0] == '[') &&
+    else if( (loglen > 27) && 
+             (pieces[0] == '[') && 
              (pieces[4] == ' ') &&
-             (pieces[8] == ' ') &&
+             (pieces[8] == ' ') && 
              (pieces[11]== ' ') &&
-             (pieces[14]== ':') &&
+             (pieces[14]== ':') && 
              (pieces[17]== ':') &&
-             (pieces[20]== ' ') &&
+             (pieces[20]== ' ') && 
              (pieces[25]== ']') )
     {
         lf->log+=27;
     }
-
+    
     /* Checking for the osx asl log format.
      * Examples:
      * [Time 2006.12.28 15:53:55 UTC] [Facility auth] [Sender sshd] [PID 483] [Message error: PAM: Authentication failure for username from 192.168.0.2] [Level 3] [UID -2] [GID -2] [Host Hostname]
@@ -415,8 +399,8 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
     {
         /* Do not read more than 1 message entry -> log tampering */
         short unsigned int done_message = 0;
-
-
+        
+        
         /* Removing the date */
         lf->log+=25;
 
@@ -438,10 +422,10 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
                 if(pieces)
                 {
                     *pieces = '\0';
-
+                    
                     /* Setting program_name size */
                     lf->p_name_size = strlen(lf->program_name);
-
+                    
                     pieces++;
                 }
                 /* Invalid program name */
@@ -451,14 +435,14 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
                     break;
                 }
             }
-
+            
             /* Getting message */
             else if((strncmp(pieces, "Message ", 8) == 0) &&
                     (done_message == 0))
             {
                 pieces+=8;
                 done_message = 1;
-
+                
                 lf->log = pieces;
 
                 /* Getting the closing brackets */
@@ -488,7 +472,7 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
                     *pieces = '\0';
                     pieces++;
                 }
-
+                
                 /* Invalid hostname */
                 else
                 {
@@ -501,19 +485,17 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
             pieces = strchr(pieces, '[');
         }
     }
-
+    
     /* Checking for squid date format
      * 1140804070.368  11623
      * seconds from 00:00:00 1970-01-01 UTC
      */
-    else if((loglen > 32) &&
+    else if((loglen > 32) && 
             (pieces[0] == '1') &&
-            (isdigit((int)pieces[1])) &&
-            (isdigit((int)pieces[2])) &&
-            (isdigit((int)pieces[3])) &&
             (pieces[10] == '.') &&
-            (isdigit((int)pieces[13])) &&
             (pieces[14] == ' ') &&
+            (isdigit((int)pieces[13])) &&
+            (isdigit((int)pieces[1])) &&
             ((pieces[21] == ' ')||(pieces[22] == ' ')))
     {
         lf->log+=14;
@@ -526,7 +508,7 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
     }
 
 
-    /* Every message must be in the format
+    /* Every message must be in the format 
      * hostname->location or
      * (agent) ip->location.
      */
@@ -543,13 +525,13 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
         lf->hostname = __shost;
     }
 
-
+    
     /* Setting up the event data */
     lf->time = c_time;
     p = localtime(&c_time);
 
 
-
+    
     /* Assign hour, day, year and month values */
     lf->day = p->tm_mday;
     lf->year = p->tm_year+1900;
@@ -558,14 +540,14 @@ int OS_CleanMSG(char *msg, Eventinfo *lf)
                           p->tm_hour,
                           p->tm_min,
                           p->tm_sec);
-
+   
 
 
     /* Setting the global hour/weekday */
     __crt_hour = p->tm_hour;
-    __crt_wday = p->tm_wday;
-
-
+    __crt_wday = p->tm_wday;   
+  
+    
 
     #ifdef TESTRULE
     if(!alert_only)
diff --git a/src/analysisd/compiled_rules/._.function_list b/src/analysisd/compiled_rules/._.function_list
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/compiled_rules/._.function_list differ
diff --git a/src/analysisd/compiled_rules/._Makefile b/src/analysisd/compiled_rules/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/compiled_rules/._Makefile differ
diff --git a/src/analysisd/compiled_rules/._generic_samples.c b/src/analysisd/compiled_rules/._generic_samples.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/compiled_rules/._generic_samples.c differ
diff --git a/src/analysisd/compiled_rules/._register_rule.sh b/src/analysisd/compiled_rules/._register_rule.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/compiled_rules/._register_rule.sh differ
diff --git a/src/analysisd/compiled_rules/generic_samples.c b/src/analysisd/compiled_rules/generic_samples.c
index 57da7b0..50054f0 100644
--- a/src/analysisd/compiled_rules/generic_samples.c
+++ b/src/analysisd/compiled_rules/generic_samples.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -20,10 +20,10 @@
 
 
 
-/** Note: If the rule fails to match it should return NULL.
+/** Note: If the rule fails to match it should return NULL. 
  * If you want processing to continue, return lf (the eventinfo structure).
  */
-
+ 
 
 
 /* Example 1:
@@ -115,17 +115,17 @@ void *comp_mswin_targetuser_calleruser_diff(Eventinfo *lf)
         if(*target_user != *caller_user)
             return(lf);
 
-        if(*target_user == '\t' ||
+        if(*target_user == '\t' || 
            (*target_user == ' '  && target_user[1] == ' '))
-            break;
+            break;    
 
-        target_user++;caller_user++;
+        target_user++;caller_user++;           
     }
 
 
     /* If we got in here, the accounts are the same.
      * So, we return NULL since we only want to alert if they are different.
-     */
+     */ 
     return(NULL);
 }
 
@@ -143,7 +143,7 @@ void *is_simple_http_request(Eventinfo *lf)
         return(lf);
     }
 
-
+    
     /* Simple request, no query. */
     if(!strchr(lf->url,'?'))
     {
diff --git a/src/analysisd/config.c b/src/analysisd/config.c
index be6706a..921b45f 100755
--- a/src/analysisd/config.c
+++ b/src/analysisd/config.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -53,14 +53,11 @@ int GlobalConf(char * cfgfile)
     Config.syscheck_ignore = NULL;
     Config.white_list = NULL;
     Config.hostname_white_list = NULL;
-
+    
     /* Default actions -- only log above level 1 */
     Config.mailbylevel = 7;
     Config.logbylevel  = 1;
 
-    Config.custom_alert_output =0;
-    Config.custom_alert_output_format = NULL;
-
     Config.includes = NULL;
     Config.lists = NULL;
     Config.decoders = NULL;
@@ -79,7 +76,7 @@ int GlobalConf(char * cfgfile)
     /* Minimum memory size */
     if(Config.memorysize < 64)
         Config.memorysize = 64;
-
+        
 
     return(0);
 }
diff --git a/src/analysisd/config.h b/src/analysisd/config.h
index f335d12..5bf409a 100755
--- a/src/analysisd/config.h
+++ b/src/analysisd/config.h
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 
 #ifndef _CONFIG__H
 
diff --git a/src/analysisd/decoders/._Makefile b/src/analysisd/decoders/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/._Makefile differ
diff --git a/src/analysisd/decoders/._decode-xml.c b/src/analysisd/decoders/._decode-xml.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/._decode-xml.c differ
diff --git a/src/analysisd/decoders/._decoder.c b/src/analysisd/decoders/._decoder.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/._decoder.c differ
diff --git a/src/analysisd/decoders/._decoder.h b/src/analysisd/decoders/._decoder.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/._decoder.h differ
diff --git a/src/analysisd/decoders/._decoders_list.c b/src/analysisd/decoders/._decoders_list.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/._decoders_list.c differ
diff --git a/src/analysisd/decoders/._hostinfo.c b/src/analysisd/decoders/._hostinfo.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/._hostinfo.c differ
diff --git a/src/analysisd/decoders/._plugin_decoders.h b/src/analysisd/decoders/._plugin_decoders.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/._plugin_decoders.h differ
diff --git a/src/analysisd/decoders/._rootcheck.c b/src/analysisd/decoders/._rootcheck.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/._rootcheck.c differ
diff --git a/src/analysisd/decoders/._syscheck.c b/src/analysisd/decoders/._syscheck.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/._syscheck.c differ
diff --git a/src/analysisd/decoders/decode-xml.c b/src/analysisd/decoders/decode-xml.c
index f3c182d..6838264 100755
--- a/src/analysisd/decoders/decode-xml.c
+++ b/src/analysisd/decoders/decode-xml.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -43,7 +43,7 @@ int getDecoderfromlist(char *name)
     {
         return(OSStore_GetPosition(os_decoder_store, name));
     }
-
+    
     return(0);
 }
 
@@ -93,10 +93,10 @@ int os_setdecoderids(char *p_name)
     {
         int p_id = 0;
         char *p_name;
-
+        
         nnode = node->osdecoder;
-        nnode->id = getDecoderfromlist(nnode->name);
-
+        nnode->id = getDecoderfromlist(nnode->name);        
+        
         /* Id can noit be 0 */
         if(nnode->id == 0)
         {
@@ -132,8 +132,8 @@ int os_setdecoderids(char *p_name)
                 /* Setting parent name */
                 nnode->name = p_name;
             }
-
-
+            
+            
             /* Id can noit be 0 */
             if(nnode->id == 0)
             {
@@ -157,11 +157,11 @@ int ReadDecodeAttrs(char **names, char **values)
     {
         return(0);
     }
-
+    
     if(strcmp(names[0], "offset") == 0)
     {
         int offset = 0;
-
+        
         /* Offsets can be: after_parent, after_prematch
          * or after_regex.
          */
@@ -182,7 +182,7 @@ int ReadDecodeAttrs(char **names, char **values)
             merror(INV_OFFSET, ARGV0, values[0]);
             offset |= AFTER_ERROR;
         }
-
+        
         return(offset);
     }
 
@@ -198,9 +198,9 @@ int ReadDecodeXML(char *file)
     OS_XML xml;
     XML_NODE node = NULL;
 
-    /* XML variables */
+    /* XML variables */ 
     /* These are the available options for the rule configuration */
-
+    
     char *xml_plugindecoder = "plugin_decoder";
     char *xml_decoder = "decoder";
     char *xml_decoder_name = "name";
@@ -217,21 +217,21 @@ int ReadDecodeXML(char *file)
 
     int i = 0;
     OSDecoderInfo *NULL_Decoder_tmp = NULL;
-
-
-    /* Reading the XML */
+    
+     
+    /* Reading the XML */       
     if((i = OS_ReadXML(file,&xml)) < 0)
     {
         if((i == -2) && (strcmp(file, XML_LDECODER) == 0))
         {
             return(-2);
         }
-
+        
         merror(XML_ERROR, ARGV0, file, xml.err, xml.err_line);
         return(0);
     }
 
-
+    
     /* Applying any variable found */
     if(OS_ApplyVariables(&xml) != 0)
     {
@@ -263,7 +263,7 @@ int ReadDecodeXML(char *file)
     NULL_Decoder = (void *)NULL_Decoder_tmp;
 
 
-
+    
     i = 0;
     while(node[i])
     {
@@ -275,14 +275,14 @@ int ReadDecodeXML(char *file)
         char *prematch;
         char *p_name;
 
-
-        if(!node[i]->element ||
+        
+        if(!node[i]->element || 
             strcasecmp(node[i]->element, xml_decoder) != 0)
         {
             merror(XML_INVELEM, ARGV0, node[i]->element);
             return(0);
         }
-
+       
 
         /* Getting name */
         if((!node[i]->attributes) || (!node[i]->values)||
@@ -293,7 +293,7 @@ int ReadDecodeXML(char *file)
             return(0);
         }
 
-
+        
         /* Checking for additional entries */
         if(node[i]->attributes[1] && node[i]->values[1])
         {
@@ -302,7 +302,7 @@ int ReadDecodeXML(char *file)
                 merror(XML_INVELEM, ARGV0, node[i]->element);
                 return(0);
             }
-
+            
             if(node[i]->attributes[2])
             {
                 merror(XML_INVELEM, ARGV0, node[i]->element);
@@ -310,7 +310,7 @@ int ReadDecodeXML(char *file)
             }
         }
 
-
+         
         /* Getting decoder options */
         elements = OS_GetElementsbyNode(&xml,node[i]);
         if(elements == NULL)
@@ -326,8 +326,8 @@ int ReadDecodeXML(char *file)
             merror(MEM_ERROR,ARGV0);
             return(0);
         }
-
-
+        
+        
         /* Default values to the list */
         pi->parent = NULL;
         pi->id = 0;
@@ -343,19 +343,19 @@ int ReadDecodeXML(char *file)
         pi->get_next = 0;
         pi->regex_offset = 0;
         pi->prematch_offset = 0;
-
+        
         regex = NULL;
         prematch = NULL;
         p_name = NULL;
-
-
+       
+       
         /* Checking if strdup worked */
         if(!pi->name)
         {
             merror(MEM_ERROR, ARGV0);
             return(0);
         }
-
+        
         /* Add decoder */
         if(!addDecoder2list(pi->name))
         {
@@ -376,51 +376,51 @@ int ReadDecodeXML(char *file)
                 merror(XML_VALUENULL, ARGV0, elements[j]->element);
                 return(0);
             }
-
+                                                                                                                    
             /* Checking if it is a child of a rule */
             else if(strcasecmp(elements[j]->element, xml_parent) == 0)
             {
                 pi->parent = _loadmemory(pi->parent, elements[j]->content);
             }
-
+            
             /* Getting the regex */
             else if(strcasecmp(elements[j]->element,xml_regex) == 0)
             {
                 int r_offset;
                 r_offset = ReadDecodeAttrs(elements[j]->attributes,
                                            elements[j]->values);
-
+                
                 if(r_offset & AFTER_ERROR)
                 {
                     merror(DEC_REGEX_ERROR, ARGV0, pi->name);
                     return(0);
                 }
-
-                /* Only the first regex entry may have an offset */
+                
+                /* Only the first regex entry may have an offset */ 
                 if(regex && r_offset)
                 {
                     merror(DUP_REGEX, ARGV0, pi->name);
                     merror(DEC_REGEX_ERROR, ARGV0, pi->name);
                     return(0);
                 }
-
+                
                 /* regex offset */
                 if(r_offset)
                 {
                     pi->regex_offset = r_offset;
                 }
-
+                
                 /* Assign regex */
                 regex =
                     _loadmemory(regex,
                             elements[j]->content);
             }
-
+            
             /* Getting the pre match */
             else if(strcasecmp(elements[j]->element,xml_prematch)==0)
             {
                 int r_offset;
-
+                
                 r_offset = ReadDecodeAttrs(
                                       elements[j]->attributes,
                                       elements[j]->values);
@@ -430,7 +430,7 @@ int ReadDecodeXML(char *file)
                     ErrorExit(DEC_REGEX_ERROR, ARGV0, pi->name);
                 }
 
-
+                
                 /* Only the first prematch entry may have an offset */
                 if(prematch && r_offset)
                 {
@@ -442,7 +442,7 @@ int ReadDecodeXML(char *file)
                 {
                     pi->prematch_offset = r_offset;
                 }
-
+                
                 prematch =
                     _loadmemory(prematch,
                             elements[j]->content);
@@ -470,7 +470,7 @@ int ReadDecodeXML(char *file)
                 int ed_c = 0;
                 for(ed_c = 0; plugin_decoders[ed_c] != NULL; ed_c++)
                 {
-                    if(strcmp(plugin_decoders[ed_c],
+                    if(strcmp(plugin_decoders[ed_c], 
                               elements[j]->content) == 0)
                     {
                         /* Initializing plugin */
@@ -490,8 +490,8 @@ int ReadDecodeXML(char *file)
                     return(0);
                 }
             }
-
-
+                                                                                
+            
             /* Getting the type */
             else if(strcmp(elements[j]->element, xml_type) == 0)
             {
@@ -500,17 +500,17 @@ int ReadDecodeXML(char *file)
                 else if(strcmp(elements[j]->content, "ids") == 0)
                     pi->type = IDS;
                 else if(strcmp(elements[j]->content, "web-log") == 0)
-                    pi->type = WEBLOG;
+                    pi->type = WEBLOG;    
                 else if(strcmp(elements[j]->content, "syslog") == 0)
                     pi->type = SYSLOG;
                 else if(strcmp(elements[j]->content, "squid") == 0)
                     pi->type = SQUID;
                 else if(strcmp(elements[j]->content, "windows") == 0)
-                    pi->type = WINDOWS;
+                    pi->type = WINDOWS;        
                 else if(strcmp(elements[j]->content, "host-information") == 0)
                     pi->type = HOST_INFO;
                 else if(strcmp(elements[j]->content, "ossec") == 0)
-                    pi->type = OSSEC_RL;
+                    pi->type = OSSEC_RL;    
                 else
                 {
                     merror("%s: Invalid decoder type '%s'.",
@@ -518,13 +518,13 @@ int ReadDecodeXML(char *file)
                     return(0);
                 }
             }
-
+                         
             /* Getting the order */
             else if(strcasecmp(elements[j]->element,xml_order)==0)
             {
                 char **norder, **s_norder;
                 int order_int = 0;
-
+                
                 /* Maximum number is 8 for the order */
                 norder = OS_StrBreak(',',elements[j]->content, 8);
                 s_norder = norder;
@@ -538,7 +538,7 @@ int ReadDecodeXML(char *file)
                     order_int++;
                 }
                 order_int = 0;
-
+                
 
                 /* Checking the values from the order */
                 while(*norder)
@@ -618,23 +618,23 @@ int ReadDecodeXML(char *file)
 
                 free(s_norder);
             }
-
+            
             /* Getting the fts order */
             else if(strcasecmp(elements[j]->element,xml_fts)==0)
             {
                 char **norder;
                 char **s_norder;
-
+                
                 /* Maximum number is 8 for the fts */
                 norder = OS_StrBreak(',',elements[j]->content, 8);
                 if(norder == NULL)
                     ErrorExit(MEM_ERROR,ARGV0);
-
-
+                
+                
                 /* Saving the initial point to free later */
                 s_norder = norder;
-
-
+                
+                    
                 /* Checking the values from the fts */
                 while(*norder)
                 {
@@ -707,11 +707,11 @@ int ReadDecodeXML(char *file)
 
             /* NEXT */
             j++;
-
+            
         } /* while(elements[j]) */
-
+        
         OS_ClearNode(elements);
-
+        
 
         /* Prematch must be set */
         if(!prematch && !pi->parent && !p_name)
@@ -727,7 +727,7 @@ int ReadDecodeXML(char *file)
             merror(DEC_REGEX_ERROR, ARGV0, pi->name);
             return(0);
         }
-
+        
 
         /* For the offsets */
         if(pi->regex_offset & AFTER_PARENT && !pi->parent)
@@ -736,7 +736,7 @@ int ReadDecodeXML(char *file)
             merror(DEC_REGEX_ERROR, ARGV0, pi->name);
             return(0);
         }
-
+        
         if(pi->regex_offset & AFTER_PREMATCH)
         {
             /* If after_prematch is set, but rule have
@@ -755,7 +755,7 @@ int ReadDecodeXML(char *file)
                 return(0);
             }
         }
-
+        
         /* For the after_regex offset */
         if(pi->regex_offset & AFTER_PREVREGEX)
         {
@@ -766,7 +766,7 @@ int ReadDecodeXML(char *file)
                 return(0);
             }
         }
-
+        
 
         /* Checking the prematch offset */
         if(pi->prematch_offset)
@@ -788,7 +788,7 @@ int ReadDecodeXML(char *file)
             }
         }
 
-
+        
         /* Compiling the regex/prematch */
         if(prematch)
         {
@@ -801,7 +801,7 @@ int ReadDecodeXML(char *file)
 
             free(prematch);
         }
-
+        
         /* Compiling the p_name */
         if(p_name)
         {
@@ -814,7 +814,7 @@ int ReadDecodeXML(char *file)
 
             free(p_name);
         }
-
+        
         /* We may not have the pi->regex */
         if(regex)
         {
@@ -842,11 +842,11 @@ int ReadDecodeXML(char *file)
             merror(DECODE_ADD, ARGV0, pi->name);
             return(0);
         }
-
+        
         /* Adding osdecoder to the list */
         if(!OS_AddOSDecoder(pi))
         {
-            merror(DECODER_ERROR, ARGV0);
+            merror(DECODER_ERROR, ARGV0);        
             return(0);
         }
 
@@ -857,7 +857,7 @@ int ReadDecodeXML(char *file)
     /* Cleaning  node and XML structures */
     OS_ClearNode(node);
 
-
+    
     OS_ClearXML(&xml);
 
 
@@ -868,7 +868,7 @@ int ReadDecodeXML(char *file)
 
 
 int SetDecodeXML()
-{
+{    
     /* Adding rootcheck decoder to list */
     addDecoder2list(ROOTCHECK_MOD);
     addDecoder2list(SYSCHECK_MOD);
diff --git a/src/analysisd/decoders/decoder.c b/src/analysisd/decoders/decoder.c
index b5cb303..1375db5 100755
--- a/src/analysisd/decoders/decoder.c
+++ b/src/analysisd/decoders/decoder.c
@@ -9,11 +9,11 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
-
+ 
 #include "shared.h"
 #include "os_regex/os_regex.h"
 #include "os_xml/os_xml.h"
@@ -54,9 +54,9 @@ void DecodeEvent(Eventinfo *lf)
     {
         print_out("\n**Phase 2: Completed decoding.");
     }
-    #endif
+    #endif    
 
-    do
+    do 
     {
         nnode = node->osdecoder;
 
@@ -64,7 +64,7 @@ void DecodeEvent(Eventinfo *lf)
         /* First checking program name */
         if(lf->program_name)
         {
-            if(!OSMatch_Execute(lf->program_name, lf->p_name_size,
+            if(!OSMatch_Execute(lf->program_name, lf->p_name_size, 
                         nnode->program_name))
             {
                 continue;
@@ -89,11 +89,11 @@ void DecodeEvent(Eventinfo *lf)
 
         #ifdef TESTRULE
         if(!alert_only)print_out("       decoder: '%s'", nnode->name);
-        #endif
-
+        #endif    
+        
 
         lf->decoder_info = nnode;
-
+        
 
         child_node = node->child;
 
@@ -122,7 +122,7 @@ void DecodeEvent(Eventinfo *lf)
                 {
                     char *llog;
 
-                    /* If we have an offset set, use it */
+                    /* If we have an offset set, use it */     
                     if(nnode->prematch_offset & AFTER_PARENT)
                     {
                         llog = pmatch;
@@ -163,7 +163,7 @@ void DecodeEvent(Eventinfo *lf)
                         return;
 
                     child_node = child_node->next;
-                    nnode = NULL;
+                    nnode = NULL;   
                 }
                 else
                 {
@@ -185,8 +185,8 @@ void DecodeEvent(Eventinfo *lf)
             nnode->plugindecoder(lf);
             return;
         }
-
-
+        
+        
         /* Getting the regex */
         while(child_node)
         {
@@ -273,7 +273,7 @@ void DecodeEvent(Eventinfo *lf)
         }
 
         /* ok to return  */
-        return;
+        return;         
     }while((node=node->next) != NULL);
 
     #ifdef TESTRULE
@@ -282,7 +282,7 @@ void DecodeEvent(Eventinfo *lf)
         print_out("       No decoder matched.");
     }
     #endif
-
+                
 }
 
 
@@ -292,7 +292,7 @@ void *DstUser_FP(Eventinfo *lf, char *field)
     #ifdef TESTRULE
     if(!alert_only)print_out("       dstuser: '%s'", field);
     #endif
-
+                    
     lf->dstuser = field;
     return(NULL);
 }
@@ -301,7 +301,7 @@ void *SrcUser_FP(Eventinfo *lf, char *field)
     #ifdef TESTRULE
     if(!alert_only)print_out("       srcuser: '%s'", field);
     #endif
-
+                    
     lf->srcuser = field;
     return(NULL);
 }
@@ -310,7 +310,7 @@ void *SrcIP_FP(Eventinfo *lf, char *field)
     #ifdef TESTRULE
     if(!alert_only)print_out("       srcip: '%s'", field);
     #endif
-
+                    
     lf->srcip = field;
     return(NULL);
 }
@@ -319,7 +319,7 @@ void *DstIP_FP(Eventinfo *lf, char *field)
     #ifdef TESTRULE
     if(!alert_only)print_out("       dstip: '%s'", field);
     #endif
-
+                    
     lf->dstip = field;
     return(NULL);
 }
@@ -328,7 +328,7 @@ void *SrcPort_FP(Eventinfo *lf, char *field)
     #ifdef TESTRULE
     if(!alert_only)print_out("       srcport: '%s'", field);
     #endif
-
+                    
     lf->srcport = field;
     return(NULL);
 }
@@ -337,7 +337,7 @@ void *DstPort_FP(Eventinfo *lf, char *field)
     #ifdef TESTRULE
     if(!alert_only)print_out("       dstport: '%s'", field);
     #endif
-
+                    
     lf->dstport = field;
     return(NULL);
 }
@@ -346,7 +346,7 @@ void *Protocol_FP(Eventinfo *lf, char *field)
     #ifdef TESTRULE
     if(!alert_only)print_out("       proto: '%s'", field);
     #endif
-
+                    
     lf->protocol = field;
     return(NULL);
 }
@@ -355,7 +355,7 @@ void *Action_FP(Eventinfo *lf, char *field)
     #ifdef TESTRULE
     if(!alert_only)print_out("       action: '%s'", field);
     #endif
-
+                    
     lf->action = field;
     return(NULL);
 }
@@ -364,7 +364,7 @@ void *ID_FP(Eventinfo *lf, char *field)
     #ifdef TESTRULE
     if(!alert_only)print_out("       id: '%s'", field);
     #endif
-
+                    
     lf->id = field;
     return(NULL);
 }
@@ -373,7 +373,7 @@ void *Url_FP(Eventinfo *lf, char *field)
     #ifdef TESTRULE
     if(!alert_only)print_out("       url: '%s'", field);
     #endif
-
+                    
     lf->url = field;
     return(NULL);
 }
@@ -382,7 +382,7 @@ void *Data_FP(Eventinfo *lf, char *field)
     #ifdef TESTRULE
     if(!alert_only)print_out("       extra_data: '%s'", field);
     #endif
-
+                    
     lf->data = field;
     return(NULL);
 }
@@ -391,7 +391,7 @@ void *Status_FP(Eventinfo *lf, char *field)
     #ifdef TESTRULE
     if(!alert_only)print_out("       status: '%s'", field);
     #endif
-
+                    
     lf->status = field;
     return(NULL);
 }
diff --git a/src/analysisd/decoders/decoder.h b/src/analysisd/decoders/decoder.h
index 84e9e86..86333cd 100755
--- a/src/analysisd/decoders/decoder.h
+++ b/src/analysisd/decoders/decoder.h
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -25,8 +25,8 @@
 
 #define AFTER_PARENT    0x001   /* 1   */
 #define AFTER_PREMATCH  0x002   /* 2   */
-#define AFTER_PREVREGEX 0x004   /* 4   */
-#define AFTER_ERROR     0x010
+#define AFTER_PREVREGEX 0x004   /* 4   */ 
+#define AFTER_ERROR     0x010   
 
 
 
@@ -40,16 +40,16 @@ typedef struct
     u_int16_t id;
     u_int16_t regex_offset;
     u_int16_t prematch_offset;
-
+    
     int fts;
     char *parent;
     char *name;
     char *ftscomment;
-
+    
     OSRegex *regex;
     OSRegex *prematch;
     OSMatch *program_name;
-
+    
     void (*plugindecoder)(void *lf);
     void (**order)(void *lf, char *field);
 }OSDecoderInfo;
diff --git a/src/analysisd/decoders/decoders_list.c b/src/analysisd/decoders/decoders_list.c
index 652f785..8c5320a 100755
--- a/src/analysisd/decoders/decoders_list.c
+++ b/src/analysisd/decoders/decoders_list.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -51,7 +51,7 @@ OSDecoderNode *OS_GetFirstOSDecoder(char *p_name)
     {
         return(osdecodernode_forpname);
     }
-
+    
     return(osdecodernode_nopname);
 }
 
@@ -61,11 +61,11 @@ OSDecoderNode *_OS_AddOSDecoder(OSDecoderNode *s_node, OSDecoderInfo *pi)
 {
     OSDecoderNode *tmp_node = s_node;
     int rm_f = 0;
-
+    
     if(tmp_node)
     {
         OSDecoderNode *new_node;
-
+        
         new_node = (OSDecoderNode *)calloc(1,sizeof(OSDecoderNode));
         if(new_node == NULL)
         {
@@ -83,9 +83,9 @@ OSDecoderNode *_OS_AddOSDecoder(OSDecoderNode *s_node, OSDecoderInfo *pi)
                 if((tmp_node->osdecoder->prematch ||
                     tmp_node->osdecoder->regex) && pi->regex_offset)
                 {
-                    rm_f = 1;
+                    rm_f = 1;                    
                 }
-
+                
                 /* Multi-regexes patterns cannot have prematch */
                 if(pi->prematch)
                 {
@@ -110,24 +110,24 @@ OSDecoderNode *_OS_AddOSDecoder(OSDecoderNode *s_node, OSDecoderInfo *pi)
                     return(NULL);
                 }
             }
-
+            
         }while(tmp_node->next && (tmp_node = tmp_node->next));
-
-
+        
+        
         /* Must have a prematch set */
         if(!rm_f && (pi->regex_offset & AFTER_PREVREGEX))
         {
             merror(INV_OFFSET, ARGV0, pi->name);
             return(NULL);
         }
-
+        
         tmp_node->next = new_node;
-
+        
         new_node->next = NULL;
-        new_node->osdecoder = pi;
+        new_node->osdecoder = pi; 
         new_node->child = NULL;
     }
-
+    
     else
     {
         /* Must not have a previous regex set */
@@ -164,7 +164,7 @@ int OS_AddOSDecoder(OSDecoderInfo *pi)
     /* We can actually have two lists. One with program
      * name and the other without.
      */
-    if(pi->program_name)
+    if(pi->program_name)     
     {
         osdecodernode = osdecodernode_forpname;
     }
@@ -173,7 +173,7 @@ int OS_AddOSDecoder(OSDecoderInfo *pi)
         osdecodernode = osdecodernode_nopname;
     }
 
-
+    
     /* Search for parent on both lists */
     if(pi->parent)
     {
@@ -194,7 +194,7 @@ int OS_AddOSDecoder(OSDecoderInfo *pi)
             }
             tmp_node = tmp_node->next;
         }
-
+        
 
         /* List without p name */
         tmp_node = osdecodernode_nopname;
@@ -219,9 +219,9 @@ int OS_AddOSDecoder(OSDecoderInfo *pi)
         {
             return(1);
         }
-
+        
         merror(PPLUGIN_INV, ARGV0, pi->parent);
-        return(0);
+        return(0); 
     }
     else
     {
diff --git a/src/analysisd/decoders/hostinfo.c b/src/analysisd/decoders/hostinfo.c
index fa7c414..d5577e5 100755
--- a/src/analysisd/decoders/hostinfo.c
+++ b/src/analysisd/decoders/hostinfo.c
@@ -95,7 +95,7 @@ void HostinfoInit()
 
     /* Opening HOSTINFO_FILE */
     snprintf(_hi_buf,OS_SIZE_1024, "%s", HOSTINFO_FILE);
-
+    
 
     /* r+ to read and write. Do not truncate */
     _hi_fp = fopen(_hi_buf,"r+");
@@ -115,7 +115,7 @@ void HostinfoInit()
         return;
     }
 
-
+    
     /* clearing the buffer */
     memset(_hi_buf, '\0', OS_MAXSTR +1);
 
@@ -148,7 +148,7 @@ int DecodeHostinfo(Eventinfo *lf)
 {
     int changed = 0;
     int bf_size;
-
+    
     char *ip;
     char *portss;
     char *tmpstr;
@@ -157,7 +157,7 @@ int DecodeHostinfo(Eventinfo *lf)
     char opened[OS_MAXSTR + 1];
     FILE *fp;
 
-
+    
     /* Checking maximum number of errors */
     if(hi_err > 30)
     {
@@ -165,7 +165,7 @@ int DecodeHostinfo(Eventinfo *lf)
                "Ignoring it.", ARGV0);
         return(0);
     }
-
+                
 
     /* Zeroing buffers */
     buffer[OS_MAXSTR] = '\0';
@@ -182,8 +182,8 @@ int DecodeHostinfo(Eventinfo *lf)
 
     /* Copying log to buffer */
     strncpy(buffer,lf->log, OS_MAXSTR);
-
-
+    
+    
     /* Getting ip */
     tmpstr = __go_after(buffer, HOST_HOST);
     if(!tmpstr)
@@ -194,7 +194,7 @@ int DecodeHostinfo(Eventinfo *lf)
         return(0);
     }
 
-
+    
     /* Setting ip */
     ip = tmpstr;
     tmpstr = strchr(tmpstr, ',');
@@ -217,8 +217,8 @@ int DecodeHostinfo(Eventinfo *lf)
         *tmpstr = '\0';
     }
     bf_size = strlen(ip);
-
-
+    
+    
     /* Reads the file and search for a possible
      * entry
      */
@@ -233,13 +233,13 @@ int DecodeHostinfo(Eventinfo *lf)
         /* Removing new line */
         tmpstr = strchr(_hi_buf, '\n');
         if(tmpstr)
-            *tmpstr = '\0';
+            *tmpstr = '\0';    
 
 
         /* Checking for ip */
         if(strncmp(ip, _hi_buf, bf_size) == 0)
         {
-            /* Cannot use strncmp to avoid errors with crafted files */
+            /* Cannot use strncmp to avoid errors with crafted files */    
             if(strcmp(portss, _hi_buf + bf_size) == 0)
             {
                 return(0);
@@ -253,9 +253,9 @@ int DecodeHostinfo(Eventinfo *lf)
                 changed = 1;
             }
         }
-    }
-
+    }                
 
+    
     /* Adding the new entry at the end of the file */
     fseek(fp, 0, SEEK_END);
     fprintf(fp,"%s%s\n", ip, portss);
@@ -264,7 +264,7 @@ int DecodeHostinfo(Eventinfo *lf)
     /* Setting decoder */
     lf->decoder_info = hostinfo_dec;
 
-
+    
     /* Setting comment */
     if(changed == 1)
     {
@@ -275,7 +275,7 @@ int DecodeHostinfo(Eventinfo *lf)
     {
         hostinfo_dec->id = id_new;
     }
-
+    
 
     return(1);
 }
diff --git a/src/analysisd/decoders/plugin_decoders.h b/src/analysisd/decoders/plugin_decoders.h
index 282eb31..ab1bd8f 100755
--- a/src/analysisd/decoders/plugin_decoders.h
+++ b/src/analysisd/decoders/plugin_decoders.h
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -37,22 +37,22 @@ void *OSSECAlert_Decoder_Exec(void *lf);
 
 /* List of plugins. All three lists must be in the same order */
 char *(plugin_decoders[])={"PF_Decoder",
-                           "SymantecWS_Decoder",
+                           "SymantecWS_Decoder", 
                            "SonicWall_Decoder",
                            "OSSECAlert_Decoder",
                            NULL};
-void *(plugin_decoders_init[]) = {PF_Decoder_Init,
+void *(plugin_decoders_init[]) = {PF_Decoder_Init, 
                                   SymantecWS_Decoder_Init,
-                                  SonicWall_Decoder_Init,
+                                  SonicWall_Decoder_Init, 
                                   OSSECAlert_Decoder_Init,
                                   NULL};
-void *(plugin_decoders_exec[]) = {PF_Decoder_Exec,
+void *(plugin_decoders_exec[]) = {PF_Decoder_Exec, 
                                   SymantecWS_Decoder_Exec,
                                   SonicWall_Decoder_Exec,
                                   OSSECAlert_Decoder_Exec,
                                   NULL};
 
-
+                    
 
 
 #endif
diff --git a/src/analysisd/decoders/plugins/._Makefile b/src/analysisd/decoders/plugins/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/plugins/._Makefile differ
diff --git a/src/analysisd/decoders/plugins/._ossecalert_decoder.c b/src/analysisd/decoders/plugins/._ossecalert_decoder.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/plugins/._ossecalert_decoder.c differ
diff --git a/src/analysisd/decoders/plugins/._pf_decoder.c b/src/analysisd/decoders/plugins/._pf_decoder.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/plugins/._pf_decoder.c differ
diff --git a/src/analysisd/decoders/plugins/._sonicwall_decoder.c b/src/analysisd/decoders/plugins/._sonicwall_decoder.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/plugins/._sonicwall_decoder.c differ
diff --git a/src/analysisd/decoders/plugins/._symantecws_decoder.c b/src/analysisd/decoders/plugins/._symantecws_decoder.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/analysisd/decoders/plugins/._symantecws_decoder.c differ
diff --git a/src/analysisd/decoders/plugins/ossecalert_decoder.c b/src/analysisd/decoders/plugins/ossecalert_decoder.c
index 0f91fc0..337e0a7 100644
--- a/src/analysisd/decoders/plugins/ossecalert_decoder.c
+++ b/src/analysisd/decoders/plugins/ossecalert_decoder.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -35,12 +35,12 @@ void *OSSECAlert_Decoder_Init()
 
 #define oa_strchr(x,y,z) z = strchr(x,y); if(!z){ return(NULL); }
 
-/* OSSECAlert decoder
+/* OSSECAlert decoder 
  * Will extract the rule_id and point back to the original rule.
  * Will also extract srcip and username if available.
  * Examples:
- *
- */
+ * 
+ */                             
 void *OSSECAlert_Decoder_Exec(Eventinfo *lf)
 {
     char *oa_id = 0;
@@ -61,7 +61,7 @@ void *OSSECAlert_Decoder_Exec(Eventinfo *lf)
         return(NULL);
     }
 
-
+    
     /* Going past the level. */
     oa_strchr(lf->log, ';', tmp_str);
     tmp_str++;
@@ -73,10 +73,10 @@ void *OSSECAlert_Decoder_Exec(Eventinfo *lf)
     if(*tmp_str != ' ')
     {
         return(NULL);
-    }
+    }    
     tmp_str++;
 
-
+    
     /* Getting id. */
     oa_id = tmp_str;
     oa_strchr(tmp_str, ' ', tmp_str);
@@ -106,7 +106,7 @@ void *OSSECAlert_Decoder_Exec(Eventinfo *lf)
 
     /* Setting location; */
     oa_location = tmp_str;
-
+    
 
     oa_strchr(tmp_str, ';', tmp_str);
     *tmp_str = '\0';
@@ -124,7 +124,7 @@ void *OSSECAlert_Decoder_Exec(Eventinfo *lf)
     }
     else
     {
-        snprintf(oa_newlocation, 255, "%s->%s|%s", lf->hostname,
+        snprintf(oa_newlocation, 255, "%s->%s|%s", lf->hostname, 
                  lf->location, oa_location);
         free(lf->location);
         os_strdup(oa_newlocation, lf->location);
@@ -134,7 +134,7 @@ void *OSSECAlert_Decoder_Exec(Eventinfo *lf)
     *tmp_str = ';';
     tmp_str++;
 
-
+    
     /* Getting additional fields. */
     while((*tmp_str == ' ') && (tmp_str[1] != ' '))
     {
@@ -160,18 +160,18 @@ void *OSSECAlert_Decoder_Exec(Eventinfo *lf)
         *tmp_str = ';';
         tmp_str++;
     }
-
+    
 
     /* Removing space. */
     while(*tmp_str == ' ')
         tmp_str++;
-
-
+    
+    
     /* Creating new full log. */
     free(lf->full_log);
     os_strdup(tmp_str, lf->full_log);
     lf->log = lf->full_log;
-
+    
 
     /* Rule that generated. */
     lf->generated_rule = rule_pointer;
diff --git a/src/analysisd/decoders/plugins/pf_decoder.c b/src/analysisd/decoders/plugins/pf_decoder.c
index 8680ece..3c9ed17 100644
--- a/src/analysisd/decoders/plugins/pf_decoder.c
+++ b/src/analysisd/decoders/plugins/pf_decoder.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -28,7 +28,7 @@ void *PF_Decoder_Init()
 }
 
 
-/* OpenBSD PF decoder
+/* OpenBSD PF decoder 
  * Will extract the action,srcip,dstip,protocol,srcport,dstport
  *
  * Examples:
@@ -38,7 +38,7 @@ void *PF_Decoder_Init()
  * Mar 30 15:54:22.174412 rule 3/(match) pass out on xl0: 192.168.2.10.1514 > 192.168.2.190.1030:  udp 89
  * Mar 30 17:47:40.390143 rule 2/(match) pass in on lo0: 127.0.0.1 > 127.0.0.1: icmp: echo reply
  * Mar 30 17:47:41.400075 rule 3/(match) pass out on lo0: 127.0.0.1 > 127.0.0.1: icmp: echo request
- */
+ */                             
 void *PF_Decoder_Exec(Eventinfo *lf)
 {
     int port_count = 0;
@@ -49,13 +49,13 @@ void *PF_Decoder_Exec(Eventinfo *lf)
     /* tmp_str should be: Mar 30 15:54:22.171929 rule 3/(match) pass out .. */
     tmp_str = strchr(lf->log, ')');
 
-
+    
     /* Didn't match */
     if(!tmp_str)
     {
         return(NULL);
     }
-
+    
     /* Going to the action entry */
     tmp_str++;
     if(*tmp_str != ' ')
@@ -83,7 +83,7 @@ void *PF_Decoder_Exec(Eventinfo *lf)
         return(NULL);
     }
 
-
+    
     /* Jumping to the src ip */
     tmp_str = strchr(tmp_str, ':');
     if(!tmp_str)
@@ -98,32 +98,32 @@ void *PF_Decoder_Exec(Eventinfo *lf)
     tmp_str++;
 
 
-
+    
     /* tmp_str should be: 192.168.2.10.1514 > .. */
     aux_str = strchr(tmp_str, ' ');
     if(!aux_str)
         return(NULL);
-
-
+    
+    
     /* Setting aux_str to 0 for strdup */
     *aux_str = '\0';
-
+    
     os_strdup(tmp_str, lf->srcip);
-
+    
     /* Aux str has a valid pointer to lf->log now */
     *aux_str = ' ';
     aux_str++;
-
-
-
+    
+    
+    
     /* Setting the source port if present */
     tmp_str = lf->srcip;
     while(*tmp_str != '\0')
     {
         if(*tmp_str == '.')
             port_count++;
-
-
+        
+        
         /* Found port */
         if(port_count == 4)
         {
@@ -132,7 +132,7 @@ void *PF_Decoder_Exec(Eventinfo *lf)
             os_strdup(tmp_str, lf->srcport);
             break;
         }
-
+        
         tmp_str++;
     }
 
@@ -152,14 +152,14 @@ void *PF_Decoder_Exec(Eventinfo *lf)
     tmp_str = strchr(aux_str, ':');
     if(!tmp_str)
         return(NULL);
-
-
+    
+    
     /* Setting aux_str to 0 for strdup */
     *tmp_str = '\0';
-
+        
     os_strdup(aux_str, lf->dstip);
-
-
+    
+            
     /* tmp str has a valid pointer to lf->log now */
     *tmp_str = ':';
     tmp_str++;
@@ -172,8 +172,8 @@ void *PF_Decoder_Exec(Eventinfo *lf)
     {
         if(*aux_str == '.')
             port_count++;
-
-
+        
+        
         /* Found port */
         if(port_count == 4)
         {
@@ -182,7 +182,7 @@ void *PF_Decoder_Exec(Eventinfo *lf)
             os_strdup(aux_str, lf->dstport);
             break;
         }
-
+        
         aux_str++;
     }
 
@@ -207,10 +207,10 @@ void *PF_Decoder_Exec(Eventinfo *lf)
         {
             os_strdup("TCP", lf->protocol);
         }
-
+        
         break;
     }
-
+    
     return(NULL);
 }
 
diff --git a/src/analysisd/decoders/plugins/sonicwall_decoder.c b/src/analysisd/decoders/plugins/sonicwall_decoder.c
index 42e854a..34bd5e2 100644
--- a/src/analysisd/decoders/plugins/sonicwall_decoder.c
+++ b/src/analysisd/decoders/plugins/sonicwall_decoder.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -32,7 +32,7 @@
 
 /** Global variables -- not thread safe. If we ever multi thread
  * analysisd, these will need to be changed.
- */
+ */                        
 OSRegex *__sonic_regex_prid = NULL;
 OSRegex *__sonic_regex_sdip = NULL;
 OSRegex *__sonic_regex_prox = NULL;
@@ -90,13 +90,13 @@ void *SonicWall_Decoder_Init()
 
 
 
-/* SonicWall decoder
+/* SonicWall decoder 
  * Will extract the id, severity, action, srcip, dstip, protocol,srcport,dstport
  * severity will be extracted as status.
  * Examples:
  * Jan  3 13:45:36 192.168.5.1 id=firewall sn=000SERIAL time="2007-01-03 14:48:06" fw=1.1.1.1 pri=6 c=262144 m=98 msg="Connection Opened" n=23419 src=2.2.2.2:36701:WAN dst=1.1.1.1:50000:WAN proto=tcp/50000
  * Jan  3 13:45:36 192.168.5.1 id=firewall sn=000SERIAL time="2007-01-03 14:48:07" fw=1.1.1.1 pri=1 c=32 m=30 msg="Administrator login denied due to bad credentials" n=7 src=2.2.2.2:36701:WAN dst=1.1.1.1:50000:WAN
- */
+ */                             
 void *SonicWall_Decoder_Exec(Eventinfo *lf)
 {
     int i = 0;
@@ -107,9 +107,9 @@ void *SonicWall_Decoder_Exec(Eventinfo *lf)
     /* Zeroing category */
     category[0] = '\0';
     lf->decoder_info->type = SYSLOG;
-
-
-
+    
+    
+    
     /** We first run our regex to extract the severity, cat and id. **/
     if(!(tmp_str = OSRegex_Execute(lf->log, __sonic_regex_prid)))
     {
@@ -132,7 +132,7 @@ void *SonicWall_Decoder_Exec(Eventinfo *lf)
         /* Clearing all substrings */
         __sonic_regex_prid->sub_strings[0] = NULL;
         __sonic_regex_prid->sub_strings[2] = NULL;
-
+        
         free(__sonic_regex_prid->sub_strings[1]);
         __sonic_regex_prid->sub_strings[1] = NULL;
     }
@@ -157,9 +157,9 @@ void *SonicWall_Decoder_Exec(Eventinfo *lf)
     {
         return(NULL);
     }
-    if(__sonic_regex_sdip->sub_strings[0] &&
-       __sonic_regex_sdip->sub_strings[1] &&
-       __sonic_regex_sdip->sub_strings[2] &&
+    if(__sonic_regex_sdip->sub_strings[0] && 
+       __sonic_regex_sdip->sub_strings[1] && 
+       __sonic_regex_sdip->sub_strings[2] && 
        __sonic_regex_sdip->sub_strings[3])
     {
         /* Setting all the values */
@@ -187,7 +187,7 @@ void *SonicWall_Decoder_Exec(Eventinfo *lf)
 
                 i = 0;
                 tmp_str += 6;
-
+                
 
                 /* Allocating memory for the protocol */
                 os_calloc(8, sizeof(char), proto);
@@ -223,7 +223,7 @@ void *SonicWall_Decoder_Exec(Eventinfo *lf)
 
 
 
-
+    
     /** Setting the category/action based on the id. **/
 
     /* IDS event */
@@ -231,16 +231,16 @@ void *SonicWall_Decoder_Exec(Eventinfo *lf)
     {
         lf->decoder_info->type = IDS;
     }
-
+    
     /* Firewall connection opened */
     else if((strcmp(lf->id, "98") == 0) ||
-            (strcmp(lf->id, "597") == 0) ||
-            (strcmp(lf->id, "598") == 0))
+            (strcmp(lf->id, "597") == 0) || 
+            (strcmp(lf->id, "598") == 0)) 
     {
         lf->decoder_info->type = FIREWALL;
-        os_strdup("pass", lf->action);
+        os_strdup("pass", lf->action); 
     }
-
+    
     /* Firewall connection dropped */
     else if((strcmp(lf->id, "38") == 0) ||
             (strcmp(lf->id, "36") == 0) ||
@@ -249,16 +249,16 @@ void *SonicWall_Decoder_Exec(Eventinfo *lf)
             (strcmp(lf->id, "37") == 0))
     {
         lf->decoder_info->type = FIREWALL;
-        os_strdup("drop", lf->action);
+        os_strdup("drop", lf->action); 
     }
-
+    
     /* Firewall connection closed */
     else if(strcmp(lf->id, "537") == 0)
     {
         lf->decoder_info->type = FIREWALL;
         os_strdup("close", lf->action);
     }
-
+    
     /* Proxy msg */
     else if(strcmp(lf->id, "97") == 0)
     {
@@ -270,7 +270,7 @@ void *SonicWall_Decoder_Exec(Eventinfo *lf)
         {
             return(NULL);
         }
-
+        
 
         /* We first run our regex to extract the severity and id. */
         if(!OSRegex_Execute(tmp_str, __sonic_regex_prox))
@@ -290,18 +290,18 @@ void *SonicWall_Decoder_Exec(Eventinfo *lf)
         {
             return(NULL);
         }
-
+        
 
         /* Getting HTTP page */
-        if(__sonic_regex_prox->sub_strings[1] &&
+        if(__sonic_regex_prox->sub_strings[1] && 
            __sonic_regex_prox->sub_strings[2])
         {
             char *final_url;
             int url_size = strlen(__sonic_regex_prox->sub_strings[1]) +
                            strlen(__sonic_regex_prox->sub_strings[2]) + 2;
-
+            
             os_calloc(url_size +1, sizeof(char), final_url);
-            snprintf(final_url, url_size, "%s%s",
+            snprintf(final_url, url_size, "%s%s", 
                                 __sonic_regex_prox->sub_strings[1],
                                 __sonic_regex_prox->sub_strings[2]);
 
@@ -324,7 +324,7 @@ void *SonicWall_Decoder_Exec(Eventinfo *lf)
         return(NULL);
     }
 
-
+    
     return(NULL);
 }
 
diff --git a/src/analysisd/decoders/plugins/symantecws_decoder.c b/src/analysisd/decoders/plugins/symantecws_decoder.c
index 5ee3ecc..2e1a773 100644
--- a/src/analysisd/decoders/plugins/symantecws_decoder.c
+++ b/src/analysisd/decoders/plugins/symantecws_decoder.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -27,25 +27,25 @@ void *SymantecWS_Decoder_Init()
 }
 
 
-/* Symantec Web Security decoder
+/* Symantec Web Security decoder 
  * Will extract the action, srcip, id, url and username.
  *
- * Examples (also online at
+ * Examples (also online at 
  * http://www.ossec.net/wiki/index.php/Symantec_WebSecurity ).
  * 20070717,73613,1=5,11=10.1.1.3,10=userc,3=1,2=1
  * 20070717,73614,1=5,11=1.2.3.4,1106=News,60=http://news.bbc.co.uk/,10=userX,1000=212.58.240.42,2=27
- */
+ */                             
 void *SymantecWS_Decoder_Exec(Eventinfo *lf)
 {
     int count = 0;
     char buf_str[OS_SIZE_1024 +1];
     char *tmp_str = NULL;
-
+    
     /* Initializing buffer */
     buf_str[0] = '\0';
     buf_str[OS_SIZE_1024] = '\0';
-
-
+    
+    
     /* Removing date and time */
     if(!(tmp_str = strchr(lf->log, ',')))
     {
@@ -56,8 +56,8 @@ void *SymantecWS_Decoder_Exec(Eventinfo *lf)
         return(NULL);
     }
     tmp_str++;
-
-
+    
+    
     /* Getting all the values */
     while(tmp_str != NULL)
     {
@@ -66,9 +66,9 @@ void *SymantecWS_Decoder_Exec(Eventinfo *lf)
         {
             count = 0;
             tmp_str+=3;
-            while(*tmp_str != '\0' && count < 128 && *tmp_str != ',')
+            while(*tmp_str != '\0' && count < 128 && *tmp_str != ',') 
             {
-                buf_str[count] = *tmp_str;
+                buf_str[count] = *tmp_str; 
                 count++; tmp_str++;
             }
             buf_str[count] = '\0';
@@ -78,15 +78,15 @@ void *SymantecWS_Decoder_Exec(Eventinfo *lf)
                 os_strdup(buf_str, lf->dstuser);
             }
         }
-
+        
         /* Checking the ip address */
         else if(strncmp(tmp_str, "11=", 3) == 0)
         {
             count = 0;
             tmp_str+=3;
-            while(*tmp_str != '\0' && count < 128 && *tmp_str != ',')
+            while(*tmp_str != '\0' && count < 128 && *tmp_str != ',') 
             {
-                buf_str[count] = *tmp_str;
+                buf_str[count] = *tmp_str; 
                 count++; tmp_str++;
             }
             buf_str[count] = '\0';
@@ -103,9 +103,9 @@ void *SymantecWS_Decoder_Exec(Eventinfo *lf)
         {
             count = 0;
             tmp_str+=3;
-            while(*tmp_str != '\0' && count < OS_SIZE_1024 && *tmp_str != ',')
+            while(*tmp_str != '\0' && count < OS_SIZE_1024 && *tmp_str != ',') 
             {
-                buf_str[count] = *tmp_str;
+                buf_str[count] = *tmp_str; 
                 count++; tmp_str++;
             }
             buf_str[count] = '\0';
@@ -143,7 +143,7 @@ void *SymantecWS_Decoder_Exec(Eventinfo *lf)
             tmp_str++;
         }
     }
-
+    
     return(NULL);
 }
 
diff --git a/src/analysisd/decoders/rootcheck.c b/src/analysisd/decoders/rootcheck.c
index b72a677..231776e 100755
--- a/src/analysisd/decoders/rootcheck.c
+++ b/src/analysisd/decoders/rootcheck.c
@@ -42,7 +42,7 @@ void RootcheckInit()
     int i = 0;
 
     rk_err = 0;
-
+    
     for(;i<MAX_AGENTS;i++)
     {
         rk_agent_ips[i] = NULL;
@@ -58,7 +58,7 @@ void RootcheckInit()
     rootcheck_dec->fts = 0;
 
     debug1("%s: RootcheckInit completed.", ARGV0);
-
+    
     return;
 }
 
@@ -80,8 +80,8 @@ FILE *RK_File(char *agent, int *agent_id)
             *agent_id = i;
             return(rk_agent_fps[i]);
         }
-
-        i++;
+        
+        i++;    
     }
 
     /* If here, our agent wasn't found */
@@ -90,7 +90,7 @@ FILE *RK_File(char *agent, int *agent_id)
     if(rk_agent_ips[i] != NULL)
     {
         snprintf(rk_buf,OS_SIZE_1024, "%s/%s", ROOTCHECK_DIR,agent);
-
+        
         /* r+ to read and write. Do not truncate */
         rk_agent_fps[i] = fopen(rk_buf,"r+");
         if(!rk_agent_fps[i])
@@ -106,7 +106,7 @@ FILE *RK_File(char *agent, int *agent_id)
         if(!rk_agent_fps[i])
         {
             merror(FOPEN_ERROR, ARGV0, rk_buf);
-
+            
             free(rk_agent_ips[i]);
             rk_agent_ips[i] = NULL;
 
@@ -164,7 +164,7 @@ int DecodeRootcheck(Eventinfo *lf)
         merror("%s: Error handling rootcheck database (fgetpos).",ARGV0);
         return(0);
     }
-
+                                    
 
     /* Reads the file and search for a possible
      * entry
@@ -187,14 +187,14 @@ int DecodeRootcheck(Eventinfo *lf)
         tmpstr = strchr(rk_buf, '\n');
         if(tmpstr)
         {
-            *tmpstr = '\0';
+            *tmpstr = '\0';    
         }
 
-
+        
         /* Old format without the time stampts */
         if(rk_buf[0] != '!')
         {
-            /* Cannot use strncmp to avoid errors with crafted files */
+            /* Cannot use strncmp to avoid errors with crafted files */    
             if(strcmp(lf->log, rk_buf) == 0)
             {
                 rootcheck_dec->fts = 0;
@@ -207,14 +207,14 @@ int DecodeRootcheck(Eventinfo *lf)
         {
             /* Going past time: !1183431603!1183431603  (last, first saw) */
             tmpstr = rk_buf + 23;
-
+            
             /* Matches, we need to upgrade last time saw */
             if(strcmp(lf->log, tmpstr) == 0)
             {
                 fsetpos(fp, &fp_pos);
                 fprintf(fp, "!%d", lf->time);
                 rootcheck_dec->fts = 0;
-                lf->decoder_info = rootcheck_dec;
+                lf->decoder_info = rootcheck_dec;        
                 return(1);
             }
         }
@@ -225,9 +225,9 @@ int DecodeRootcheck(Eventinfo *lf)
             merror("%s: Error handling rootcheck database (fgetpos3).",ARGV0);
             return(0);
         }
-    }
-
+    }                
 
+    
     /* Adding the new entry at the end of the file */
     fseek(fp, 0, SEEK_END);
     fprintf(fp,"!%d!%d %s\n",lf->time, lf->time, lf->log);
@@ -236,7 +236,7 @@ int DecodeRootcheck(Eventinfo *lf)
     rootcheck_dec->fts = 0;
     rootcheck_dec->fts |= FTS_DONE;
     lf->decoder_info = rootcheck_dec;
-    return(1);
+    return(1); 
 }
 
 
diff --git a/src/analysisd/decoders/syscheck.c b/src/analysisd/decoders/syscheck.c
index 8618813..698e373 100755
--- a/src/analysisd/decoders/syscheck.c
+++ b/src/analysisd/decoders/syscheck.c
@@ -45,7 +45,7 @@ typedef struct __sdb
     int id3;
     int idn;
     int idd;
-
+    
 
     /* Syscheck rule */
     OSDecoderInfo  *syscheck_dec;
@@ -53,7 +53,7 @@ typedef struct __sdb
 
     /* File search variables */
     fpos_t init_pos;
-
+    
 }_sdb; /* syscheck db information */
 
 
@@ -70,7 +70,7 @@ void SyscheckInit()
     int i = 0;
 
     sdb.db_err = 0;
-
+    
     for(;i <= MAX_AGENTS;i++)
     {
         sdb.agent_ips[i] = NULL;
@@ -81,7 +81,7 @@ void SyscheckInit()
     /* Clearing db memory */
     memset(sdb.buf, '\0', OS_MAXSTR +1);
     memset(sdb.comment, '\0', OS_MAXSTR +1);
-
+    
     memset(sdb.size, '\0', OS_FLSIZE +1);
     memset(sdb.perm, '\0', OS_FLSIZE +1);
     memset(sdb.owner, '\0', OS_FLSIZE +1);
@@ -96,13 +96,13 @@ void SyscheckInit()
     sdb.syscheck_dec->name = SYSCHECK_MOD;
     sdb.syscheck_dec->type = OSSEC_RL;
     sdb.syscheck_dec->fts = 0;
-
+    
     sdb.id1 = getDecoderfromlist(SYSCHECK_MOD);
     sdb.id2 = getDecoderfromlist(SYSCHECK_MOD2);
     sdb.id3 = getDecoderfromlist(SYSCHECK_MOD3);
     sdb.idn = getDecoderfromlist(SYSCHECK_NEW);
     sdb.idd = getDecoderfromlist(SYSCHECK_DEL);
-
+    
     debug1("%s: SyscheckInit completed.", ARGV0);
     return;
 }
@@ -116,7 +116,7 @@ void SyscheckInit()
 void __setcompleted(char *agent)
 {
     FILE *fp;
-
+    
     /* Getting agent file */
     snprintf(sdb.buf, OS_FLSIZE , "%s/.%s.cpt", SYSCHECK_DIR, agent);
 
@@ -163,7 +163,7 @@ void DB_SetCompleted(Eventinfo *lf)
             {
                 return;
             }
-
+            
             __setcompleted(lf->location);
 
 
@@ -194,8 +194,8 @@ FILE *DB_File(char *agent, int *agent_id)
             *agent_id = i;
             return(sdb.agent_fps[i]);
         }
-
-        i++;
+        
+        i++;    
     }
 
     /* If here, our agent wasn't found */
@@ -210,8 +210,8 @@ FILE *DB_File(char *agent, int *agent_id)
 
     /* Getting agent file */
     snprintf(sdb.buf, OS_FLSIZE , "%s/%s", SYSCHECK_DIR,agent);
-
-
+    
+        
     /* r+ to read and write. Do not truncate */
     sdb.agent_fps[i] = fopen(sdb.buf,"r+");
     if(!sdb.agent_fps[i])
@@ -224,8 +224,8 @@ FILE *DB_File(char *agent, int *agent_id)
             sdb.agent_fps[i] = fopen(sdb.buf, "r+");
         }
     }
-
-    /* Checking again */
+        
+    /* Checking again */    
     if(!sdb.agent_fps[i])
     {
         merror("%s: Unable to open '%s'",ARGV0, sdb.buf);
@@ -239,12 +239,12 @@ FILE *DB_File(char *agent, int *agent_id)
     /* Returning the opened pointer (the beginning of it) */
     fseek(sdb.agent_fps[i],0, SEEK_SET);
     *agent_id = i;
-
-
+    
+    
     /* Getting if the agent was completed */
     if(__iscompleted(agent))
     {
-        sdb.agent_cp[i][0] = '1';
+        sdb.agent_cp[i][0] = '1';    
     }
 
     return(sdb.agent_fps[i]);
@@ -259,10 +259,10 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
     int p = 0;
     int sn_size;
     int agent_id;
-
+    
     char *saved_sum;
     char *saved_name;
-
+    
     FILE *fp;
 
 
@@ -285,8 +285,8 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
         merror("%s: Error handling integrity database (fgetpos).",ARGV0);
         return(0);
     }
-
-
+    
+    
     /* Looping the file */
     while(fgets(sdb.buf, OS_MAXSTR, fp) != NULL)
     {
@@ -298,7 +298,7 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
         }
 
 
-        /* Getting name */
+        /* Getting name */    
         saved_name = strchr(sdb.buf, ' ');
         if(saved_name == NULL)
         {
@@ -308,8 +308,8 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
         }
         *saved_name = '\0';
         saved_name++;
-
-
+        
+        
         /* New format - with a timestamp */
         if(*saved_name == '!')
         {
@@ -338,7 +338,7 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
             fgetpos(fp, &sdb.init_pos);
             continue;
         }
-
+        
 
         saved_sum = sdb.buf;
 
@@ -362,10 +362,10 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
             if(saved_sum[-2] == '!')
             {
                 p++;
-                if(saved_sum[-1] == '!')
+                if(saved_sum[-1] == '!')    
                     p++;
                 else if(saved_sum[-1] == '?')
-                    p+=2;
+                    p+=2;    
             }
         }
 
@@ -425,7 +425,7 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
                     "File '%.756s' was deleted. Unable to retrieve "
                     "checksum.", f_name);
         }
-
+        
         /* If file was re-added, do not compare changes */
         else if(saved_sum[0] == '-' && saved_sum[1] == '1')
         {
@@ -434,10 +434,10 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
                      "File '%.756s' was re-added.", f_name);
         }
 
-        else
+        else    
         {
             int oldperm = 0, newperm = 0;
-
+            
             /* Providing more info about the file change */
             char *oldsize = NULL, *newsize = NULL;
             char *olduid = NULL, *newuid = NULL;
@@ -551,16 +551,16 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
                         "to '%c%c%c%c%c%c%c%c%c'\n",
                         (oldperm & S_IRUSR)? 'r' : '-',
                         (oldperm & S_IWUSR)? 'w' : '-',
-
+                        
                         (oldperm & S_ISUID)? 's' :
                         (oldperm & S_IXUSR)? 'x' : '-',
-
+                        
                         (oldperm & S_IRGRP)? 'r' : '-',
                         (oldperm & S_IWGRP)? 'w' : '-',
 
                         (oldperm & S_ISGID)? 's' :
                         (oldperm & S_IXGRP)? 'x' : '-',
-
+                        
                         (oldperm & S_IROTH)? 'r' : '-',
                         (oldperm & S_IWOTH)? 'w' : '-',
 
@@ -575,10 +575,10 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
                         (newperm & S_ISUID)? 's' :
                         (newperm & S_IXUSR)? 'x' : '-',
 
-
+                        
                         (newperm & S_IRGRP)? 'r' : '-',
                         (newperm & S_IWGRP)? 'w' : '-',
-
+                        
                         (newperm & S_ISGID)? 's' :
                         (newperm & S_IXGRP)? 'x' : '-',
 
@@ -610,7 +610,7 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
                 os_strdup(olduid, lf->owner_before);
                 os_strdup(newuid, lf->owner_after);
                 #endif
-            }
+            }    
 
             /* group ownership message */
             if(!newgid || !oldgid || strcmp(newgid, oldgid) == 0)
@@ -664,7 +664,7 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
             #endif
 
 
-            /* Provide information about the file */
+            /* Provide information about the file */    
             snprintf(sdb.comment, OS_MAXSTR, "Integrity checksum changed for: "
                     "'%.756s'\n"
                     "%s"
@@ -674,7 +674,7 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
                     "%s"
                     "%s"
                     "%s%s",
-                    f_name,
+                    f_name, 
                     sdb.size,
                     sdb.perm,
                     sdb.owner,
@@ -693,19 +693,19 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
         lf->log = lf->full_log;
         lf->data = NULL;
 
-
+        
         /* Setting decoder */
         lf->decoder_info = sdb.syscheck_dec;
+                        
 
-
-        return(1);
+        return(1); 
 
     } /* continuiing... */
 
 
     /* If we reach here, this file is not present on our database */
     fseek(fp, 0, SEEK_END);
-
+    
     fprintf(fp,"+++%s !%d %s\n", c_sum, lf->time, f_name);
 
     fflush(fp);
@@ -719,7 +719,7 @@ int DB_Search(char *f_name, char *c_sum, Eventinfo *lf)
         snprintf(sdb.comment, OS_MAXSTR,
                               "New file '%.756s' "
                               "added to the file system.", f_name);
-
+        
 
         /* Creating a new log message */
         free(lf->full_log);
@@ -747,10 +747,10 @@ int DecodeSyscheck(Eventinfo *lf)
 {
     char *c_sum;
     char *f_name;
-
-
+   
+   
     /* Every syscheck message must be in the following format:
-     * checksum filename
+     * checksum filename     
      */
     f_name = strchr(lf->log, ' ');
     if(f_name == NULL)
@@ -763,7 +763,7 @@ int DecodeSyscheck(Eventinfo *lf)
             DB_SetCompleted(lf);
             return(0);
         }
-
+         
         merror(SK_INV_MSG, ARGV0);
         return(0);
     }
@@ -785,14 +785,14 @@ int DecodeSyscheck(Eventinfo *lf)
     {
         lf->data = NULL;
     }
-
-
+    
+   
 
     /* Checking if file is supposed to be ignored */
     if(Config.syscheck_ignore)
     {
         char **ff_ig = Config.syscheck_ignore;
-
+        
         while(*ff_ig)
         {
             if(strncasecmp(*ff_ig, f_name, strlen(*ff_ig)) == 0)
@@ -800,16 +800,16 @@ int DecodeSyscheck(Eventinfo *lf)
                 lf->data = NULL;
                 return(0);
             }
-
+            
             ff_ig++;
         }
     }
-
-
+    
+    
     /* Checksum is at the beginning of the log */
     c_sum = lf->log;
-
-
+    
+    
     /* Searching for file changes */
     return(DB_Search(f_name, c_sum, lf));
 }
diff --git a/src/analysisd/dodiff.c b/src/analysisd/dodiff.c
index 2fba506..cbfe5de 100755
--- a/src/analysisd/dodiff.c
+++ b/src/analysisd/dodiff.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -35,7 +35,7 @@ static int _add2last(char *str, int strsize, char *file)
         dirrule = strrchr(file, '/');
         if(!dirrule)
         {
-            merror("%s: ERROR: Invalid file name to diff: %s",
+            merror("%s: ERROR: Invalid file name to diff: %s", 
                    ARGV0, file);
             return(0);
         }
@@ -108,8 +108,8 @@ int doDiff(RuleInfo *currently_rule, Eventinfo *lf)
         {
             *htpt = '\0';
         }
-        snprintf(flastfile, OS_SIZE_2048, "%s/%s/%d/%s", DIFF_DIR, lf->hostname+1,
-                 currently_rule->sigid, DIFF_LAST_FILE);
+        snprintf(flastfile, OS_SIZE_2048, "%s/%s/%d/%s", DIFF_DIR, lf->hostname+1, 
+                 currently_rule->sigid, DIFF_LAST_FILE); 
 
         if(htpt)
         {
@@ -119,7 +119,7 @@ int doDiff(RuleInfo *currently_rule, Eventinfo *lf)
     }
     else
     {
-        snprintf(flastfile, OS_SIZE_2048, "%s/%s/%d/%s", DIFF_DIR, lf->hostname,
+        snprintf(flastfile, OS_SIZE_2048, "%s/%s/%d/%s", DIFF_DIR, lf->hostname, 
                  currently_rule->sigid, DIFF_LAST_FILE);
     }
 
@@ -182,8 +182,8 @@ int doDiff(RuleInfo *currently_rule, Eventinfo *lf)
         {
             *htpt = '\0';
         }
-        snprintf(fdifffile, OS_SIZE_2048, "%s/%s/%d/state.%d", DIFF_DIR, lf->hostname+1,
-                 currently_rule->sigid, date_of_change);
+        snprintf(fdifffile, OS_SIZE_2048, "%s/%s/%d/state.%d", DIFF_DIR, lf->hostname+1, 
+                 currently_rule->sigid, date_of_change); 
 
         if(htpt)
         {
@@ -193,7 +193,7 @@ int doDiff(RuleInfo *currently_rule, Eventinfo *lf)
     }
     else
     {
-        snprintf(fdifffile, OS_SIZE_2048, "%s/%s/%d/state.%d", DIFF_DIR, lf->hostname,
+        snprintf(fdifffile, OS_SIZE_2048, "%s/%s/%d/state.%d", DIFF_DIR, lf->hostname, 
                  currently_rule->sigid, date_of_change);
     }
 
diff --git a/src/analysisd/eventinfo.c b/src/analysisd/eventinfo.c
index b35fd40..e759a57 100755
--- a/src/analysisd/eventinfo.c
+++ b/src/analysisd/eventinfo.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -17,7 +17,7 @@
 /* Part of the OSSEC.
  * Available at http://www.ossec.net
  */
-
+  
 
 
 #include "config.h"
@@ -34,8 +34,8 @@ Eventinfo *Search_LastSids(Eventinfo *my_lf, RuleInfo *currently_rule)
     Eventinfo *lf;
     Eventinfo *first_lf;
     OSListNode *lf_node;
-
-
+    
+    
     /* Setting frequency to 0 */
     currently_rule->__frequency = 0;
 
@@ -53,12 +53,12 @@ Eventinfo *Search_LastSids(Eventinfo *my_lf, RuleInfo *currently_rule)
         return(NULL);
     }
     first_lf = (Eventinfo *)lf_node->data;
-
+    
 
     do
     {
         lf = (Eventinfo *)lf_node->data;
-
+        
         /* If time is outside the timeframe, return */
         if((c_time - lf->time) > currently_rule->timeframe)
         {
@@ -344,16 +344,16 @@ Eventinfo *Search_LastGroups(Eventinfo *my_lf, RuleInfo *currently_rule)
 }
 
 
-/* Search LastEvents.
+/* Search LastEvents.  
  * Will look if any of the last events (inside the timeframe)
- * match the specified rule.
+ * match the specified rule. 
  */
 Eventinfo *Search_LastEvents(Eventinfo *my_lf, RuleInfo *currently_rule)
 {
     EventNode *eventnode_pt;
     Eventinfo *lf;
     Eventinfo *first_lf;
-
+    
 
     merror("XXXX : remove me!");
 
@@ -365,17 +365,17 @@ Eventinfo *Search_LastEvents(Eventinfo *my_lf, RuleInfo *currently_rule)
         /* Nothing found */
         return(NULL);
     }
-
+    
     /* Setting frequency to 0 */
     currently_rule->__frequency = 0;
     first_lf = (Eventinfo *)eventnode_pt->event;
-
-
+    
+    
     /* Searching all previous events */
     do
     {
         lf = eventnode_pt->event;
-
+        
         /* If time is outside the timeframe, return */
         if((c_time - lf->time) > currently_rule->timeframe)
         {
@@ -383,22 +383,22 @@ Eventinfo *Search_LastEvents(Eventinfo *my_lf, RuleInfo *currently_rule)
         }
 
 
-        /* We avoid multiple triggers for the same rule
+        /* We avoid multiple triggers for the same rule 
          * or rules with a lower level.
          */
         else if(lf->matched >= currently_rule->level)
         {
             return(NULL);
         }
-
-
+        
+        
         /* The category must be the same */
         else if(lf->decoder_info->type != my_lf->decoder_info->type)
         {
-            continue;
+            continue;    
         }
-
-
+        
+        
         /* If regex does not match, go to next */
         if(currently_rule->if_matched_regex)
         {
@@ -414,27 +414,27 @@ Eventinfo *Search_LastEvents(Eventinfo *my_lf, RuleInfo *currently_rule)
         {
             if((!lf->dstuser)||(!my_lf->dstuser))
                 continue;
-
+                
             if(strcmp(lf->dstuser,my_lf->dstuser) != 0)
                 continue;
         }
-
+       
         /* Checking for same id */
         if(currently_rule->context_opts & SAME_ID)
         {
             if((!lf->id) || (!my_lf->id))
                 continue;
-
+            
             if(strcmp(lf->id,my_lf->id) != 0)
-                continue;
+                continue;    
         }
-
+         
         /* Checking for repetitions from same src_ip */
         if(currently_rule->context_opts & SAME_SRCIP)
         {
             if((!lf->srcip)||(!my_lf->srcip))
                 continue;
-
+                
             if(strcmp(lf->srcip,my_lf->srcip) != 0)
                 continue;
         }
@@ -453,33 +453,33 @@ Eventinfo *Search_LastEvents(Eventinfo *my_lf, RuleInfo *currently_rule)
             }
         }
 
-
-        /* Checking if the number of matches worked */
+        
+        /* Checking if the number of matches worked */ 
         if(currently_rule->__frequency < currently_rule->frequency)
         {
             if(currently_rule->__frequency <= 10)
             {
-                currently_rule->last_events[currently_rule->__frequency]
+                currently_rule->last_events[currently_rule->__frequency] 
                             = lf->full_log;
-                currently_rule->last_events[currently_rule->__frequency+1]
+                currently_rule->last_events[currently_rule->__frequency+1] 
                             = NULL;
             }
-
+            
             currently_rule->__frequency++;
             continue;
         }
-
-
+        
+        
         /* If reached here, we matched */
         my_lf->matched = currently_rule->level;
         lf->matched = currently_rule->level;
         first_lf->matched = currently_rule->level;
-
-        return(lf);
-
+       
+        return(lf);    
+        
     }while((eventnode_pt = eventnode_pt->next) != NULL);
 
-
+    
     return(NULL);
 }
 
@@ -510,7 +510,7 @@ void Zero_Eventinfo(Eventinfo *lf)
 
     lf->time = 0;
     lf->matched = 0;
-
+    
     lf->year = 0;
     lf->mon[3] = '\0';
     lf->hour[9] = '\0';
@@ -522,18 +522,18 @@ void Zero_Eventinfo(Eventinfo *lf)
 
     #ifdef PRELUDE
     lf->filename = NULL;
-    lf->perm_before = 0;
-    lf->perm_after = 0;
-    lf->md5_before = NULL;
-    lf->md5_after = NULL;
-    lf->sha1_before = NULL;
-    lf->sha1_after = NULL;
-    lf->size_before = NULL;
-    lf->size_after = NULL;
-    lf->owner_before = NULL;
-    lf->owner_after = NULL;
-    lf->gowner_before = NULL;
-    lf->gowner_after = NULL;
+    lf->perm_before = 0;      
+    lf->perm_after = 0;          
+    lf->md5_before = NULL;                 
+    lf->md5_after = NULL;               
+    lf->sha1_before = NULL;       
+    lf->sha1_after = NULL;                 
+    lf->size_before = NULL;       
+    lf->size_after = NULL;        
+    lf->owner_before = NULL;      
+    lf->owner_after = NULL;       
+    lf->gowner_before = NULL; 
+    lf->gowner_after = NULL;  
     #endif
 
     return;
@@ -547,11 +547,11 @@ void Free_Eventinfo(Eventinfo *lf)
         merror("%s: Trying to free NULL event. Inconsistent..",ARGV0);
         return;
     }
-
+    
     if(lf->full_log)
-        free(lf->full_log);
+        free(lf->full_log);    
     if(lf->location)
-        free(lf->location);
+        free(lf->location);    
 
     if(lf->srcip)
         free(lf->srcip);
@@ -564,13 +564,13 @@ void Free_Eventinfo(Eventinfo *lf)
     if(lf->protocol)
         free(lf->protocol);
     if(lf->action)
-        free(lf->action);
+        free(lf->action);            
     if(lf->status)
         free(lf->status);
     if(lf->srcuser)
         free(lf->srcuser);
     if(lf->dstuser)
-        free(lf->dstuser);
+        free(lf->dstuser);    
     if(lf->id)
         free(lf->id);
     if(lf->command)
@@ -579,39 +579,39 @@ void Free_Eventinfo(Eventinfo *lf)
         free(lf->url);
 
     if(lf->data)
-        free(lf->data);
+        free(lf->data);    
     if(lf->systemname)
-        free(lf->systemname);
+        free(lf->systemname);    
 
     #ifdef PRELUDE
     if(lf->filename)
         free(lf->filename);
     if (lf->md5_before)
-        free(lf->md5_before);
+        free(lf->md5_before);                 
     if (lf->md5_after)
-        free(lf->md5_after);
+        free(lf->md5_after);               
     if (lf->sha1_before)
-        free(lf->sha1_before);
+        free(lf->sha1_before);       
     if (lf->sha1_after)
-        free(lf->sha1_after);
+        free(lf->sha1_after);                 
     if (lf->size_before)
-        free(lf->size_before);
+        free(lf->size_before);       
     if (lf->size_after)
-        free(lf->size_after);
+        free(lf->size_after);        
     if (lf->owner_before)
-        free(lf->owner_before);
+        free(lf->owner_before);      
     if (lf->owner_after)
-        free(lf->owner_after);
+        free(lf->owner_after);       
     if (lf->gowner_before)
-        free(lf->gowner_before);
+        free(lf->gowner_before); 
     if (lf->gowner_after)
-        free(lf->gowner_after);
+        free(lf->gowner_after);  
     #endif
 
     /* Freeing node to delete */
     if(lf->sid_node_to_delete)
     {
-        OSList_DeleteThisNode(lf->generated_rule->sid_prev_matched,
+        OSList_DeleteThisNode(lf->generated_rule->sid_prev_matched, 
                               lf->sid_node_to_delete);
     }
     else if(lf->generated_rule && lf->generated_rule->group_prev_matched)
@@ -622,16 +622,16 @@ void Free_Eventinfo(Eventinfo *lf)
         {
             OSList_DeleteOldestNode(lf->generated_rule->group_prev_matched[i]);
             i++;
-        }
+        } 
     }
-
+    
     /* We dont need to free:
      * fts
      * comment
      */
     free(lf);
-    lf = NULL;
-
+    lf = NULL; 
+    
     return;
 }	
 
diff --git a/src/analysisd/eventinfo.h b/src/analysisd/eventinfo.h
index fb5b4b6..e03fc3d 100755
--- a/src/analysisd/eventinfo.h
+++ b/src/analysisd/eventinfo.h
@@ -64,7 +64,7 @@ typedef struct _Eventinfo
 
     /* Other internal variables */
     short int matched;
-
+    
     int time;
     int day;
     int year;
diff --git a/src/analysisd/eventinfo_list.c b/src/analysisd/eventinfo_list.c
index a2d096f..b10bf2c 100755
--- a/src/analysisd/eventinfo_list.c
+++ b/src/analysisd/eventinfo_list.c
@@ -9,12 +9,12 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
 
-#include "shared.h"
+#include "shared.h" 
 #include "eventinfo.h"
 
 
@@ -44,46 +44,46 @@ EventNode *OS_GetLastEvent()
 {
     EventNode *eventnode_pt = eventnode;
 
-    return(eventnode_pt);
+    return(eventnode_pt);    
 }
 
 /* Add an event to the list -- always to the begining */
 void OS_AddEvent(Eventinfo *lf)
 {
     EventNode *tmp_node = eventnode;
-
+        
     if(tmp_node)
     {
         EventNode *new_node;
         new_node = (EventNode *)calloc(1,sizeof(EventNode));
-
+        
         if(new_node == NULL)
         {
             ErrorExit(MEM_ERROR,ARGV0);
         }
 
-        /* Always adding to the beginning of the list
+        /* Always adding to the beginning of the list 
          * The new node will become the first node and
          * new_node->next will be the previous first node
          */
         new_node->next = tmp_node;
         new_node->prev = NULL;
         tmp_node->prev = new_node;
-
+        
         eventnode = new_node;
 
         /* Adding the event to the node */
         new_node->event = lf;
 
         _memoryused++;
-
+        
         /* Need to remove the last nodes */
         if(_memoryused > _memorymaxsize)
         {
             int i = 0;
             EventNode *oldlast;
-
-            /* Remove at least the last 10 events
+            
+            /* Remove at least the last 10 events 
              * or the events that will not match anymore
              * (higher than max frequency)
              */
@@ -102,7 +102,7 @@ void OS_AddEvent(Eventinfo *lf)
             }
         }
     }
-
+    
     else
     {
         /* Adding first node */
@@ -115,8 +115,8 @@ void OS_AddEvent(Eventinfo *lf)
         eventnode->prev = NULL;
         eventnode->next = NULL;
         eventnode->event = lf;
-
-        lastnode = eventnode;
+        
+        lastnode = eventnode; 
     }
 
     return;
diff --git a/src/analysisd/fts.c b/src/analysisd/fts.c
index 9ab65c6..fc97c20 100755
--- a/src/analysisd/fts.c
+++ b/src/analysisd/fts.c
@@ -9,12 +9,12 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
 
-/* First time seen functions
+/* First time seen functions 
  */
 
 
@@ -39,8 +39,8 @@ int FTS_Init()
     char _line[OS_FLSIZE + 1];
 
     _line[OS_FLSIZE] = '\0';
-
-
+            
+    
     fts_list = OSList_Create();
     if(!fts_list)
     {
@@ -60,7 +60,7 @@ int FTS_Init()
         merror(LIST_ERROR, ARGV0);
         return(0);
     }
-
+    
 
     /* Getting default list size */
     fts_list_size = getDefine_Int("analysisd",
@@ -71,7 +71,7 @@ int FTS_Init()
     fts_minsize_for_str = getDefine_Int("analysisd",
                                         "fts_min_size_for_str",
                                         6, 128);
-
+    
     if(!OSList_SetMaxSize(fts_list, fts_list_size))
     {
         merror(LIST_SIZE_ERROR, ARGV0);
@@ -87,14 +87,8 @@ int FTS_Init()
         fp_list = fopen(FTS_QUEUE, "w+");
         if(fp_list)
             fclose(fp_list);
-
-        chmod(FTS_QUEUE, 0640);
-
-        int uid = Privsep_GetUser(USER);
-        int gid = Privsep_GetGroup(GROUPGLOBAL);
-        if(uid>=0 && gid>=0)
-            chown(FTS_QUEUE, uid, gid);
-
+        
+        chmod(FTS_QUEUE, 0777);
         fp_list = fopen(FTS_QUEUE, "r+");
         if(!fp_list)
         {
@@ -126,7 +120,7 @@ int FTS_Init()
         }
     }
 
-
+    
     /* Creating ignore list */
     fp_ignore = fopen(IG_QUEUE, "r+");
     if(!fp_ignore)
@@ -135,14 +129,8 @@ int FTS_Init()
         fp_ignore = fopen(IG_QUEUE, "w+");
         if(fp_ignore)
             fclose(fp_ignore);
-
-        chmod(IG_QUEUE, 0640);
-
-        int uid = Privsep_GetUser(USER);
-        int gid = Privsep_GetGroup(GROUPGLOBAL);
-        if(uid>=0 && gid>=0)
-            chown(IG_QUEUE, uid, gid);
-
+        
+        chmod(IG_QUEUE, 0777);
         fp_ignore = fopen(IG_QUEUE, "r+");
         if(!fp_ignore)
         {
@@ -152,7 +140,7 @@ int FTS_Init()
     }
 
     debug1("%s: DEBUG: FTSInit completed.", ARGV0);
-
+                                                            
     return(1);
 }
 
@@ -160,12 +148,12 @@ int FTS_Init()
  */
 void AddtoIGnore(Eventinfo *lf)
 {
-    fseek(fp_ignore, 0, SEEK_END);
+    fseek(fp_ignore, 0, SEEK_END);    
 
     #ifdef TESTRULE
     return;
     #endif
-
+    
     /* Assigning the values to the FTS */
     fprintf(fp_ignore, "%s %s %s %s %s %s %s %s\n",
             (lf->decoder_info->name && (lf->generated_rule->ignore & FTS_NAME))?
@@ -178,9 +166,9 @@ void AddtoIGnore(Eventinfo *lf)
             (lf->dstip && (lf->generated_rule->ignore & FTS_DSTIP))?
                         lf->dstip:"",
             (lf->data && (lf->generated_rule->ignore & FTS_DATA))?
-                        lf->data:"",
+                        lf->data:"",            
             (lf->systemname && (lf->generated_rule->ignore & FTS_SYSTEMNAME))?
-                        lf->systemname:"",
+                        lf->systemname:"",            
             (lf->generated_rule->ignore & FTS_LOCATION)?lf->location:"");
 
     fflush(fp_ignore);
@@ -215,7 +203,7 @@ int IGnore(Eventinfo *lf)
             (lf->data && (lf->generated_rule->ignore & FTS_DATA))?
                             lf->data:"",
             (lf->systemname && (lf->generated_rule->ignore & FTS_SYSTEMNAME))?
-                            lf->systemname:"",
+                            lf->systemname:"",                                
             (lf->generated_rule->ckignore & FTS_LOCATION)?lf->location:"");
 
     _fline[OS_FLSIZE] = '\0';
@@ -240,13 +228,13 @@ int IGnore(Eventinfo *lf)
 /* FTS v0.1
  *  Check if the word "msg" is present on the "queue".
  *  If it is not, write it there.
- */
+ */ 
 int FTS(Eventinfo *lf)
 {
     int number_of_matches = 0;
 
     char _line[OS_FLSIZE + 1];
-
+    
     char *line_for_list = NULL;
 
     OSListNode *fts_node;
@@ -271,9 +259,9 @@ int FTS(Eventinfo *lf)
     if(OSHash_Get(fts_store, _line))
     {
         return(0);
-    }
-
+    }        
 
+    
     /* Checking if from the last FTS events, we had
      * at least 3 "similars" before. If yes, we just
      * ignore it.
@@ -283,7 +271,7 @@ int FTS(Eventinfo *lf)
         fts_node = OSList_GetLastNode(fts_list);
         while(fts_node)
         {
-            if(OS_StrHowClosedMatch((char *)fts_node->data, _line) >
+            if(OS_StrHowClosedMatch((char *)fts_node->data, _line) > 
                     fts_minsize_for_str)
             {
                 number_of_matches++;
@@ -302,8 +290,8 @@ int FTS(Eventinfo *lf)
         os_strdup(_line, line_for_list);
         OSList_AddData(fts_list, line_for_list);
     }
-
-
+    
+    
     /* Storing new entry */
     if(line_for_list == NULL)
     {
@@ -315,12 +303,12 @@ int FTS(Eventinfo *lf)
         return(0);
     }
 
-
+    
     #ifdef TESTRULE
     return(1);
     #endif
-
-
+    
+    
     /* Saving to fts fp */	
     fseek(fp_list, 0, SEEK_END);
     fprintf(fp_list,"%s\n", _line);
diff --git a/src/analysisd/lists.c b/src/analysisd/lists.c
index 9d907dc..b7a677e 100644
--- a/src/analysisd/lists.c
+++ b/src/analysisd/lists.c
@@ -9,7 +9,7 @@
  * License (version 3) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -26,7 +26,7 @@
 void Lists_OP_CreateLists()
 {
     OS_CreateListsList();
-    return;
+    return; 
 }
 
 int Lists_OP_LoadList(char * listfile)
diff --git a/src/analysisd/lists_list.c b/src/analysisd/lists_list.c
index 55394db..78f8b5e 100644
--- a/src/analysisd/lists_list.c
+++ b/src/analysisd/lists_list.c
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 #include "shared.h"
 #include "rules.h"
 #include "cdb/cdb.h"
@@ -23,7 +23,7 @@
 ListNode *global_listnode;
 ListRule *global_listrule;
 
-/*
+/* 
  */
 ListNode *_OS_AddList(ListNode *new_listnode);
 
@@ -41,14 +41,14 @@ void OS_CreateListsList()
 ListNode *OS_GetFirstList()
 {
     ListNode *listnode_pt = global_listnode;
-
-    return(listnode_pt);
+    
+    return(listnode_pt);    
 }
 
 ListRule *OS_GetFirstListRule()
 {
-    ListRule *listrule_pt = global_listrule;
-    return listrule_pt;
+    ListRule *listrule_pt = global_listrule; 
+    return listrule_pt; 
 }
 
 void OS_ListLoadRules()
@@ -67,19 +67,19 @@ void OS_ListLoadRules()
 
 ListRule *_OS_AddListRule(ListRule *new_listrule)
 {
-
+    
     if(global_listrule == NULL)
     {
         global_listrule = new_listrule;
-    }
-    else
+    } 
+    else 
     {
         ListRule *last_list_rule = global_listrule;
         while(last_list_rule->next != NULL)
         {
-            last_list_rule = last_list_rule->next;
+            last_list_rule = last_list_rule->next; 
         }
-        last_list_rule->next = new_listrule;
+        last_list_rule->next = new_listrule; 
     }
     return(global_listrule);
 }
@@ -104,7 +104,7 @@ ListNode *_OS_AddList(ListNode *new_listnode)
             last_list_node = last_list_node->next;
         }
         last_list_node->next = new_listnode;
-
+        
     }
     return(global_listnode);
 }
@@ -123,7 +123,7 @@ ListNode *_OS_FindList(ListNode *_listnode, char *listname)
         do
         {
             if (strcmp(last_list_node->txt_filename, listname) == 0 ||
-                strcmp(last_list_node->cdb_filename, listname) == 0)
+                strcmp(last_list_node->cdb_filename, listname) == 0) 
             {
                 /* Found first match returning */
                 return(last_list_node);
@@ -133,7 +133,7 @@ ListNode *_OS_FindList(ListNode *_listnode, char *listname)
     }
     return(NULL);
 }
-
+    
 ListNode *OS_FindList(char *listname)
 {
     ListNode *matched = NULL;
@@ -141,9 +141,9 @@ ListNode *OS_FindList(char *listname)
     return matched;
 }
 
-ListRule *OS_AddListRule(ListRule *first_rule_list,
-                         int lookup_type,
-                         int field,
+ListRule *OS_AddListRule(ListRule *first_rule_list, 
+                         int lookup_type, 
+                         int field, 
                          char *listname,
                          OSMatch *matcher)
 {
@@ -152,7 +152,7 @@ ListRule *OS_AddListRule(ListRule *first_rule_list,
     new_rulelist_pt->field = field;
     new_rulelist_pt->next = NULL;
     new_rulelist_pt->matcher = matcher;
-    new_rulelist_pt->lookup_type = lookup_type;
+    new_rulelist_pt->lookup_type = lookup_type; 
     new_rulelist_pt->filename = listname;
     if((new_rulelist_pt->db = OS_FindList(listname)) == NULL)
         new_rulelist_pt->loaded = 0;
@@ -212,11 +212,11 @@ int OS_DBSearchKeyValue(ListRule *lrule, char *key)
             cdb_read(&lrule->db->cdb, val, vlen, vpos);
             result = OSMatch_Execute(val, vlen, lrule->matcher);
             free(val);
-            return result;
+            return result; 
         } else {
             return 0;
         }
-    }
+    } 
     return 0;
 }
 
@@ -228,7 +228,7 @@ int OS_DBSeachKey(ListRule *lrule, char *key)
     {
         if(_OS_CDBOpen(lrule->db) == -1) return -1;
         if( cdb_find(&lrule->db->cdb, key, strlen(key)) > 0 ) return 1;
-    }
+    } 
     return 0;
 }
 
@@ -240,12 +240,12 @@ int OS_DBSeachKeyAddress(ListRule *lrule, char *key)
     {
         if(_OS_CDBOpen(lrule->db) == -1) return -1;
         //snprintf(_ip,128,"%s",key);
-        //XXX Breka apart string on the . boundtrys a loop over to longest match.
+        //XXX Breka apart string on the . boundtrys a loop over to longest match. 
 
         if( cdb_find(&lrule->db->cdb, key, strlen(key)) > 0 ) {
             return 1;
         }
-        else
+        else 
         {
             char *tmpkey;
             os_strdup(key, tmpkey);
@@ -256,19 +256,19 @@ int OS_DBSeachKeyAddress(ListRule *lrule, char *key)
                     if( cdb_find(&lrule->db->cdb, tmpkey, strlen(tmpkey)) > 0 ) {
                         free(tmpkey);
                         return 1;
-                    }
+                    } 
                 }
                 tmpkey[strlen(tmpkey) - 1] = '\0';
             }
             free(tmpkey);
         }
-    }
+    } 
     return 0;
 }
 
 int OS_DBSearch(ListRule *lrule, char *key)
 {
-    //XXX - god damn hack!!! Jeremy Rossi
+    //XXX - god damn hack!!! Jeremy Rossi 
     if (lrule->loaded == 0)
     {
         lrule->db = OS_FindList(lrule->filename);
@@ -280,7 +280,7 @@ int OS_DBSearch(ListRule *lrule, char *key)
             //debug1("LR_STRING_MATCH");
             if(OS_DBSeachKey(lrule, key) == 1)
                 return 1;
-            else
+            else 
                 return 0;
             break;
         case LR_STRING_NOT_MATCH:
@@ -306,10 +306,10 @@ int OS_DBSearch(ListRule *lrule, char *key)
             else
                 return 0;
             break;
-        case LR_ADDRESS_MATCH_VALUE:
+        case LR_ADDRESS_MATCH_VALUE: 
             //debug1("LR_ADDRESS_MATCH_VALUE");
-            // XXX TODO
-            return 0;
+            // XXX TODO 
+            return 0; 
             break;
         default:
             debug1("lists_list.c::OS_DBSearch should never hit default");
diff --git a/src/analysisd/lists_make.c b/src/analysisd/lists_make.c
index f8fb1ab..a33bf9d 100644
--- a/src/analysisd/lists_make.c
+++ b/src/analysisd/lists_make.c
@@ -47,7 +47,7 @@ void Lists_OP_MakeCDB(char *txt_filename, char *cdb_filename, int force)
 
     str[OS_MAXSTR]= '\0';
     char tmp_filename[OS_MAXSTR];
-    tmp_filename[OS_MAXSTR - 2] = '\0';
+    tmp_filename[OS_MAXSTR - 2] = '\0'; 
     snprintf(tmp_filename, OS_MAXSTR - 2, "%s.tmp", txt_filename);
 
     /*
@@ -69,20 +69,20 @@ void Lists_OP_MakeCDB(char *txt_filename, char *cdb_filename, int force)
         }
         while((fgets(str, OS_MAXSTR-1,txt_fd)) != NULL)
         {
-            /* Removing new lines or carriage returns. */
-            tmp_str = strchr(str, '\r');
-            if(tmp_str)
-                *tmp_str = '\0';
-            tmp_str = strchr(str, '\n');
-            if(tmp_str)
-                *tmp_str = '\0';
+            /* Removing new lines or carriage returns. */                                                                                                               
+            tmp_str = strchr(str, '\r');                                                                                                                                
+            if(tmp_str)                                                                                                                                                 
+                *tmp_str = '\0';                                                                                                                                        
+            tmp_str = strchr(str, '\n');                                                                                                                                
+            if(tmp_str)                                                                                                                                                 
+                *tmp_str = '\0';                    
             if((val = strchr(str, ':')))
             {
                 *val = '\0';
                 val++;
             }
             else
-            {
+            { 
                 continue;
             }
             key = str;
diff --git a/src/analysisd/makelists.c b/src/analysisd/makelists.c
index a5afd77..731cef7 100644
--- a/src/analysisd/makelists.c
+++ b/src/analysisd/makelists.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -17,13 +17,13 @@
 /* Part of the OSSEC
  * Available at http://www.ossec.net
  */
-
+  
 
 /* ossec-analysisd.
  * Responsible for correlation and log decoding.
  */
-#ifdef ARGV0
-    #undef ARGV0
+#ifdef ARGV0   
+    #undef ARGV0   
     #define ARGV0 "ossec-testrule"
 #endif
 
@@ -144,7 +144,7 @@ int main(int argc, char **argv)
     /* Found user */
     debug1(FOUND_USER, ARGV0);
 
-
+    
     /* Reading configuration file */
     if(GlobalConf(cfg) < 0)
     {
@@ -152,7 +152,7 @@ int main(int argc, char **argv)
     }
 
     debug1(READ_CONFIG, ARGV0);
-
+    
     /* Setting the group */	
     if(Privsep_SetGroup(gid) < 0)
         ErrorExit(SETGID_ERROR,ARGV0,group);
@@ -162,8 +162,8 @@ int main(int argc, char **argv)
         ErrorExit(CHROOT_ERROR,ARGV0,dir);
 
     nowChroot();
-
-
+    
+    
 
     /* Createing the lists for use in rules */
     Lists_OP_CreateLists();
diff --git a/src/analysisd/picviz.c b/src/analysisd/picviz.c
index a98ff1b..f670e27 100644
--- a/src/analysisd/picviz.c
+++ b/src/analysisd/picviz.c
@@ -28,7 +28,7 @@ void OS_PicvizOpen(char *socket)
     if(!picviz_fp)
     {
         merror("%s: Unable to open picviz socket file '%s'.",
-               ARGV0, socket);
+               ARGV0, socket); 
     }
 }
 
diff --git a/src/analysisd/prelude.c b/src/analysisd/prelude.c
index 711c57a..4b7bcf0 100644
--- a/src/analysisd/prelude.c
+++ b/src/analysisd/prelude.c
@@ -41,7 +41,7 @@ char *(ossec2prelude_sev[])={"info","info","info","info",
                              "low","low","low","low",
                              "medium", "medium", "medium", "medium",
                              "high", "high", "high", "high", "high"};
-
+                
 
 /* Prelude client */
 static prelude_client_t *prelude_client;
@@ -59,7 +59,7 @@ void prelude_idmef_debug(idmef_message_t *idmef)
 
 
 
-static int
+static int 
 add_idmef_object(idmef_message_t *msg, const char *object, const char *value)
 {
     int ret = 0;
@@ -79,16 +79,16 @@ add_idmef_object(idmef_message_t *msg, const char *object, const char *value)
     }
 
     ret = idmef_value_new_from_path(&val, path, value);
-    if(ret < 0)
+    if(ret < 0) 
     {
         idmef_path_destroy(path);
         return(-1);
     }
 
     ret = idmef_path_set(path, msg, val);
-    if(ret < 0)
+    if(ret < 0) 
     {
-        merror("%s: OSSEC2Prelude: IDMEF: Cannot add object '%s': %s.",
+        merror("%s: OSSEC2Prelude: IDMEF: Cannot add object '%s': %s.", 
                ARGV0, object, prelude_strerror(ret));
     }
 
@@ -144,16 +144,16 @@ void prelude_start(char *profile, int argc, char **argv)
 
 
     ret = prelude_init(&argc, argv);
-    if (ret < 0)
+    if (ret < 0) 
     {
         merror("%s: %s: Unable to initialize the Prelude library: %s.",
                ARGV0, prelude_strsource(ret), prelude_strerror(ret));
         return;
     }
 
-    ret = prelude_client_new(&prelude_client,
+    ret = prelude_client_new(&prelude_client, 
                              profile!=NULL?profile:DEFAULT_ANALYZER_NAME);
-    if (!prelude_client)
+    if (!prelude_client) 
     {
         merror("%s: %s: Unable to create a prelude client object: %s.",
                ARGV0, prelude_strsource(ret), prelude_strerror(ret));
@@ -163,25 +163,25 @@ void prelude_start(char *profile, int argc, char **argv)
 
 
     ret = setup_analyzer(prelude_client_get_analyzer(prelude_client));
-    if(ret < 0)
+    if(ret < 0) 
     {
         merror("%s: %s: Unable to setup analyzer: %s",
                ARGV0, prelude_strsource(ret), prelude_strerror(ret));
 
-        prelude_client_destroy(prelude_client,
+        prelude_client_destroy(prelude_client, 
                                PRELUDE_CLIENT_EXIT_STATUS_FAILURE);
 
         return;
     }
 
 
-    ret = prelude_client_set_flags(prelude_client,
-          prelude_client_get_flags(prelude_client)
+    ret = prelude_client_set_flags(prelude_client, 
+          prelude_client_get_flags(prelude_client) 
           | PRELUDE_CLIENT_FLAGS_ASYNC_TIMER);
     if(ret < 0)
     {
         merror("%s: %s: Unable to set prelude client flags: %s.",
-               ARGV0, prelude_strsource(ret), prelude_strerror(ret));
+               ARGV0, prelude_strsource(ret), prelude_strerror(ret)); 
     }
 
 
@@ -193,12 +193,12 @@ void prelude_start(char *profile, int argc, char **argv)
 
 
     ret = prelude_client_start(prelude_client);
-    if (ret < 0)
+    if (ret < 0) 
     {
         merror("%s: %s: Unable to initialize prelude client: %s.",
                ARGV0, prelude_strsource(ret), prelude_strerror(ret));
 
-        prelude_client_destroy(prelude_client,
+        prelude_client_destroy(prelude_client, 
                                PRELUDE_CLIENT_EXIT_STATUS_FAILURE);
 
         return;
@@ -209,13 +209,13 @@ void prelude_start(char *profile, int argc, char **argv)
 
 }
 
-void FileAccess_PreludeLog(idmef_message_t *idmef,
-                           int filenum,
-                           char *filename,
-                           char *md5,
-                           char *sha1,
-                           char *owner,
-                           char *gowner,
+void FileAccess_PreludeLog(idmef_message_t *idmef, 
+                           int filenum, 
+                           char *filename, 
+                           char *md5, 
+                           char *sha1, 
+                           char *owner, 
+                           char *gowner, 
                            int perm) {
 
     int _checksum_counter = 0;
@@ -238,7 +238,7 @@ void FileAccess_PreludeLog(idmef_message_t *idmef,
         return;
     }
 
-
+    
     /* Add the hashs */
     if (md5) {
         snprintf(_prelude_section,128,"alert.target(0).file(%d).checksum(%d).algorithm",filenum, _checksum_counter);
@@ -262,7 +262,7 @@ void FileAccess_PreludeLog(idmef_message_t *idmef,
         add_idmef_object(idmef, _prelude_section,owner);
         snprintf(_prelude_section,128,"alert.target(0).file(%d).File_Access(%d).user_id.type",filenum,FILE_USER);
         add_idmef_object(idmef, _prelude_section, "user-privs");
-    }
+    } 
     /*add the group owner */
     if (gowner) {
         debug1("%s: DEBUG: gowner = %s.", ARGV0, gowner);
@@ -339,7 +339,7 @@ void OS_PreludeLog(Eventinfo *lf)
     idmef_message_t *idmef;
     RuleInfoDetail *last_info_detail;
 
-
+    
     /* Generate prelude alert */
     ret = idmef_message_new(&idmef);
     if ( ret < 0 ) {
@@ -347,14 +347,14 @@ void OS_PreludeLog(Eventinfo *lf)
         return;
     }
 
-
-    add_idmef_object(idmef, "alert.assessment.impact.description",
+    
+    add_idmef_object(idmef, "alert.assessment.impact.description", 
                             lf->generated_rule->comment);
 
-    add_idmef_object(idmef, "alert.assessment.impact.severity",
-                            (lf->generated_rule->level > 15) ? "high":
+    add_idmef_object(idmef, "alert.assessment.impact.severity", 
+                            (lf->generated_rule->level > 15) ? "high": 
                             ossec2prelude_sev[lf->generated_rule->level]);
-
+                
     add_idmef_object(idmef, "alert.assessment.impact.completion", "succeeded");
 
     if (lf->action)
@@ -380,7 +380,7 @@ void OS_PreludeLog(Eventinfo *lf)
             case 'T':
                 snprintf(_prelude_data,256,"CLOSED: %s", lf->action);
                 break;
-            /* allow, accept, */
+            /* allow, accept, */    
             case 'a':
             case 'A':
             /* pass/permitted */
@@ -388,7 +388,7 @@ void OS_PreludeLog(Eventinfo *lf)
             case 'P':
             /* open */
             case 'o':
-            case 'O':
+            case 'O':    
                 snprintf(_prelude_data,256,"ALLOW: %s", lf->action);
                 break;
             default:
@@ -406,7 +406,7 @@ void OS_PreludeLog(Eventinfo *lf)
 
     /* Begin Classification Infomations */
     {
-        add_idmef_object(idmef, "alert.classification.text",
+        add_idmef_object(idmef, "alert.classification.text", 
                                 lf->generated_rule->comment);
 
 
@@ -429,7 +429,7 @@ void OS_PreludeLog(Eventinfo *lf)
         }
 
         /* Rule sid is used to create a link to the rule on the OSSEC wiki */
-        if(lf->generated_rule->sigid)
+        if(lf->generated_rule->sigid) 
         {
             snprintf(_prelude_section,128,"alert.classification.reference(%d).origin",
                                            classification_counter);
@@ -448,17 +448,17 @@ void OS_PreludeLog(Eventinfo *lf)
                                            classification_counter);
             snprintf(_prelude_data, 256,"http://www.ossec.net/wiki/Rule:%d",
                                         lf->generated_rule->sigid);
-            add_idmef_object(idmef, _prelude_section, _prelude_data);
+            add_idmef_object(idmef, _prelude_section, _prelude_data); 
 
             classification_counter++;
         }
 
         /* Extended Info Details */
-        for (last_info_detail = lf->generated_rule->info_details;
-             last_info_detail != NULL;
+        for (last_info_detail = lf->generated_rule->info_details; 
+             last_info_detail != NULL; 
              last_info_detail = last_info_detail->next)
         {
-            if (last_info_detail->type == RULEINFODETAIL_LINK)
+            if (last_info_detail->type == RULEINFODETAIL_LINK) 
             {
                 snprintf(_prelude_section,128,"alert.classification.reference(%d).origin",
                                                classification_counter);
@@ -470,16 +470,16 @@ void OS_PreludeLog(Eventinfo *lf)
                 add_idmef_object(idmef, _prelude_section, _prelude_data);
                 snprintf(_prelude_section,128,"alert.classification.reference(%d).url",
                                                classification_counter);
-                add_idmef_object(idmef, _prelude_section, last_info_detail->data);
+                add_idmef_object(idmef, _prelude_section, last_info_detail->data); 
 
                 classification_counter++;
-            }
+            } 
             else if(last_info_detail->type == RULEINFODETAIL_TEXT)
             {
                 snprintf(_prelude_section,128,"alert.classification.reference(%d).origin",
                                                classification_counter);
                 add_idmef_object(idmef, _prelude_section, "vendor-specific");
-
+                
                 snprintf(_prelude_section,128,"alert.classification.reference(%d).name",
                                                classification_counter);
                 snprintf(_prelude_data,256,"Rule:%d info",lf->generated_rule->sigid);
@@ -494,7 +494,7 @@ void OS_PreludeLog(Eventinfo *lf)
             {
                 snprintf(_prelude_section,128,"alert.classification.reference(%d).origin",
                                                classification_counter);
-                switch(last_info_detail->type)
+                switch(last_info_detail->type) 
                 {
                     case RULEINFODETAIL_CVE:
                         add_idmef_object(idmef, _prelude_section, "cve");
@@ -516,11 +516,11 @@ void OS_PreludeLog(Eventinfo *lf)
         }
 
 
-        /* Break ok the list of groups on the "," boundry
+        /* Break ok the list of groups on the "," boundry 
          * For each section create a prelude reference classification
-         * that points back to the the OSSEC wiki for more infomation.
+         * that points back to the the OSSEC wiki for more infomation. 
          */
-        if(lf->generated_rule->group)
+        if(lf->generated_rule->group) 
         {
             char *copy_group;
             char new_generated_rule_group[256];
@@ -545,7 +545,7 @@ void OS_PreludeLog(Eventinfo *lf)
                                                classification_counter);
                 snprintf(_prelude_data,256,"http://www.ossec.net/wiki/Group:%s",
                                            copy_group);
-                add_idmef_object(idmef, _prelude_section, _prelude_data);
+                add_idmef_object(idmef, _prelude_section, _prelude_data); 
 
                 classification_counter++;
                 copy_group = strtok(NULL, ",");
@@ -556,10 +556,10 @@ void OS_PreludeLog(Eventinfo *lf)
 
 
     /* Begin Node infomation block */
-    {
+    { 
         /* Setting source info. */
         add_idmef_object(idmef, "alert.source(0).Spoofed", "no");
-        add_idmef_object(idmef, "alert.source(0).Node.Address(0).address",
+        add_idmef_object(idmef, "alert.source(0).Node.Address(0).address", 
                                 lf->srcip);
         add_idmef_object(idmef, "alert.source(0).Service.port", lf->srcport);
 
@@ -567,15 +567,15 @@ void OS_PreludeLog(Eventinfo *lf)
         {
             add_idmef_object(idmef, "alert.source(0).User.UserId(0).name", lf->srcuser);
         }
-
+        
 
         /* Setting target */
         add_idmef_object(idmef, "alert.target(0).Service.name", lf->program_name);
         add_idmef_object(idmef, "alert.target(0).Spoofed", "no");
 
-        if(lf->dstip)
+        if(lf->dstip)  
         {
-            add_idmef_object(idmef, "alert.target(0).Node.Address(0).address",
+            add_idmef_object(idmef, "alert.target(0).Node.Address(0).address", 
                                     lf->dstip);
         }
         else
@@ -596,7 +596,7 @@ void OS_PreludeLog(Eventinfo *lf)
             {
                 *tmp_str = '\0';
             }
-            add_idmef_object(idmef, "alert.target(0).Node.Address(0).address",
+            add_idmef_object(idmef, "alert.target(0).Node.Address(0).address", 
                                     new_prelude_target);
         }
         add_idmef_object(idmef, "alert.target(0).Service.name", lf->hostname);
@@ -608,14 +608,14 @@ void OS_PreludeLog(Eventinfo *lf)
             add_idmef_object(idmef, "alert.target(0).User.UserId(0).name", lf->dstuser);
         }
     } /* end Node infomation block */
-
+    
 
     /* Setting source file. */
     add_idmef_object(idmef, "alert.additional_data(0).type", "string");
     add_idmef_object(idmef, "alert.additional_data(0).meaning", "Source file");
     add_idmef_object(idmef, "alert.additional_data(0).data", lf->location);
     additional_data_counter++;
-
+    
 
     /* Setting full log. */
     add_idmef_object(idmef, "alert.additional_data(1).type", "string");
diff --git a/src/analysisd/rules.c b/src/analysisd/rules.c
index c9b155d..1aa0b18 100755
--- a/src/analysisd/rules.c
+++ b/src/analysisd/rules.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -30,13 +30,12 @@
 
 
 /* Internal functions */
-int getattributes(char **attributes,
+int getattributes(char **attributes, 
                   char **values,
-                  int *id, int *level,
+                  int *id, int *level, 
                   int *maxsize, int *timeframe,
-                  int *frequency, int *accuracy,
+                  int *frequency, int *accuracy, 
                   int *noalert, int *ignore_time, int *overwrite);
-int doesRuleExist(int sid, RuleNode *r_node);
 
 
 void Rule_AddAR(RuleInfo *config_rule);
@@ -62,15 +61,15 @@ void Rules_OP_CreateRules()
 /* Rules_OP_ReadRules, v0.3, 2005/03/21
  * Read the log rules.
  * v0.3: Fixed many memory problems.
- */
+ */ 
 int Rules_OP_ReadRules(char * rulefile)
 {
     OS_XML xml;
     XML_NODE node = NULL;
 
-    /* XML variables */
+    /* XML variables */ 
     /* These are the available options for the rule configuration */
-
+    
     char *xml_group = "group";
     char *xml_rule = "rule";
 
@@ -85,7 +84,7 @@ int Rules_OP_ReadRules(char * rulefile)
     char *xml_comment = "description";
     char *xml_ignore = "ignore";
     char *xml_check_if_ignored = "check_if_ignored";
-
+    
     char *xml_srcip = "srcip";
     char *xml_srcport = "srcport";
     char *xml_dstip = "dstip";
@@ -109,17 +108,17 @@ int Rules_OP_ReadRules(char * rulefile)
     char *xml_match_key_value = "match_key_value";
     char *xml_address_key = "address_match_key";
     char *xml_not_address_key = "not_address_match_key";
-    char *xml_address_key_value = "address_match_key_value";
+    char *xml_address_key_value = "address_match_key_value";         
 
     char *xml_if_sid = "if_sid";
     char *xml_if_group = "if_group";
     char *xml_if_level = "if_level";
     char *xml_fts = "if_fts";
-
+    
     char *xml_if_matched_regex = "if_matched_regex";
     char *xml_if_matched_group = "if_matched_group";
     char *xml_if_matched_sid = "if_matched_sid";
-
+    
     char *xml_same_source_ip = "same_source_ip";
     char *xml_same_src_port = "same_src_port";
     char *xml_same_dst_port = "same_dst_port";
@@ -129,16 +128,16 @@ int Rules_OP_ReadRules(char * rulefile)
     char *xml_dodiff = "check_diff";
 
     char *xml_different_url = "different_url";
-
+    
     char *xml_notsame_source_ip = "not_same_source_ip";
     char *xml_notsame_user = "not_same_user";
     char *xml_notsame_agent = "not_same_agent";
     char *xml_notsame_id = "not_same_id";
 
     char *xml_options = "options";
-
+    
     char *rulepath;
-
+    
     int i;
     int default_timeframe = 360;
 
@@ -161,11 +160,11 @@ int Rules_OP_ReadRules(char * rulefile)
         debug1("%s is the rulefile", rulefile);
         debug1("Not modifing the rule path");
     }
-
-
-    i = 0;
-
-    /* Reading the XML */
+    
+    
+    i = 0;    
+    
+    /* Reading the XML */       
     if(OS_ReadXML(rulepath,&xml) < 0)
     {
         merror(XML_ERROR, ARGV0, rulepath, xml.err, xml.err_line);
@@ -176,9 +175,9 @@ int Rules_OP_ReadRules(char * rulefile)
 
     /* Debug wrapper */
     debug2("%s: DEBUG: read xml for rule.", ARGV0);
+    
 
-
-
+    
     /* Applying any variable found */
     if(OS_ApplyVariables(&xml) != 0)
     {
@@ -189,7 +188,7 @@ int Rules_OP_ReadRules(char * rulefile)
 
     /* Debug wrapper */
     debug2("%s: DEBUG: XML Variables applied.", ARGV0);
-
+    
 
     /* Getting the root elements */
     node = OS_GetElementsbyNode(&xml,NULL);
@@ -197,7 +196,7 @@ int Rules_OP_ReadRules(char * rulefile)
     {
         merror(CONFIG_ERROR, ARGV0, rulepath);
         OS_ClearXML(&xml);
-        return(-1);
+        return(-1);    
     }
 
 
@@ -244,7 +243,7 @@ int Rules_OP_ReadRules(char * rulefile)
     }
 
 
-    /* Getting the rules now */
+    /* Getting the rules now */   
     i=0;
     while(node[i])
     {
@@ -252,7 +251,7 @@ int Rules_OP_ReadRules(char * rulefile)
 
         int j = 0;
 
-        /* Getting all rules for a global group */
+        /* Getting all rules for a global group */        
         rule = OS_GetElementsbyNode(&xml,node[i]);
         if(rule == NULL)
         {
@@ -265,7 +264,7 @@ int Rules_OP_ReadRules(char * rulefile)
         while(rule[j])
         {
             RuleInfo *config_ruleinfo = NULL;
-
+           
 
             /* Checking if the rule element is correct */
             if((!rule[j]->element)||
@@ -287,17 +286,17 @@ int Rules_OP_ReadRules(char * rulefile)
                 return(-1);
             }
 
-
+            
             /* Attribute block */
             {
                 int id = -1,level = -1,maxsize = 0,timeframe = 0;
                 int frequency = 0, accuracy = 1, noalert = 0, ignore_time = 0;
                 int overwrite = 0;
-
+                
                 /* Getting default time frame */
                 timeframe = default_timeframe;
 
-
+                
                 if(getattributes(rule[j]->attributes,rule[j]->values,
                             &id,&level,&maxsize,&timeframe,
                             &frequency,&accuracy,&noalert,
@@ -307,7 +306,7 @@ int Rules_OP_ReadRules(char * rulefile)
                     OS_ClearXML(&xml);
                     return(-1);
                 }
-
+                
                 if((id == -1) || (level == -1))
                 {
                     merror("%s: No rule id or level specified for "
@@ -316,26 +315,19 @@ int Rules_OP_ReadRules(char * rulefile)
                     return(-1);
                 }
 
-                if(overwrite != 1 && doesRuleExist(id, NULL))
-                {
-                    merror("%s: Rule with id %d exists allready.",ARGV0, id);
-                    OS_ClearXML(&xml);
-                    return(-1);
-                }
-
                 /* Allocating memory and initializing structure */
                 config_ruleinfo = zerorulemember(id, level, maxsize,
-                            frequency,timeframe,
+                            frequency,timeframe, 
                             noalert, ignore_time, overwrite);
-
+                
 
                 /* If rule is 0, set it to level 99 to have high priority.
-                 * set it to 0 again later
+                 * set it to 0 again later 
                  */
                  if(config_ruleinfo->level == 0)
                      config_ruleinfo->level = 99;
 
-
+                 
                  /* Each level now is going to be multiplied by 100.
                   * If the accuracy is set to 0 we don't multiply,
                   * so it will be at the end of the list. We will
@@ -353,7 +345,7 @@ int Rules_OP_ReadRules(char * rulefile)
                          config_ruleinfo->alert_opts |= DO_EXTRAINFO;
                      }
                  }
-
+                                                 
             } /* end attributes/memory allocation block */
 
 
@@ -362,7 +354,7 @@ int Rules_OP_ReadRules(char * rulefile)
              * be fine
              */
             os_strdup(node[i]->values[0], config_ruleinfo->group);
-
+            
 
             /* Rule elements block */
             {
@@ -383,7 +375,7 @@ int Rules_OP_ReadRules(char * rulefile)
                 char *hostname = NULL;
                 char *extra_data = NULL;
                 char *program_name = NULL;
-
+                
                 XML_NODE rule_opt = NULL;
                 rule_opt =  OS_GetElementsbyNode(&xml,rule[j]);
                 if(rule_opt == NULL)
@@ -393,9 +385,9 @@ int Rules_OP_ReadRules(char * rulefile)
                             "other problems for the system. Exiting.",
                             ARGV0, config_ruleinfo->sigid);
                     OS_ClearXML(&xml);
-                    return(-1);
+                    return(-1);       
                 }
-
+                
                 while(rule_opt[k])
                 {
                     if((!rule_opt[k]->element)||(!rule_opt[k]->content))
@@ -414,15 +406,15 @@ int Rules_OP_ReadRules(char * rulefile)
                     }
                     else if(strcasecmp(rule_opt[k]->element, xml_decoded)==0)
                     {
-                        config_ruleinfo->decoded_as =
+                        config_ruleinfo->decoded_as = 
                             getDecoderfromlist(rule_opt[k]->content);
-
+                        
                         if(config_ruleinfo->decoded_as == 0)
                         {
                             merror("%s: Invalid decoder name: '%s'.",
                                    ARGV0, rule_opt[k]->content);
                             OS_ClearXML(&xml);
-                            return(-1);
+                            return(-1); 
                         }
                     }
                     else if(strcasecmp(rule_opt[k]->element,xml_cve)==0)
@@ -435,7 +427,7 @@ int Rules_OP_ReadRules(char * rulefile)
                         else
                         {
                             for (last_info_detail = config_ruleinfo->info_details;
-                                    last_info_detail->next != NULL;
+                                    last_info_detail->next != NULL; 
                                     last_info_detail = last_info_detail->next)
                             {
                                 count_info_detail++;
@@ -462,13 +454,13 @@ int Rules_OP_ReadRules(char * rulefile)
 
                         if(config_ruleinfo->info_details == NULL)
                         {
-                            config_ruleinfo->info_details = zeroinfodetails(info_type,
+                            config_ruleinfo->info_details = zeroinfodetails(info_type, 
                                     rule_opt[k]->content);
                         }
                         else
                         {
                             for (last_info_detail = config_ruleinfo->info_details;
-                                    last_info_detail->next != NULL;
+                                    last_info_detail->next != NULL; 
                                     last_info_detail = last_info_detail->next) {
                                 count_info_detail++;
                             }
@@ -486,7 +478,7 @@ int Rules_OP_ReadRules(char * rulefile)
                     }
                     else if(strcasecmp(rule_opt[k]->element,xml_day_time)==0)
                     {
-                        config_ruleinfo->day_time =
+                        config_ruleinfo->day_time = 
                             OS_IsValidTime(rule_opt[k]->content);
                         if(!config_ruleinfo->day_time)
                         {
@@ -501,9 +493,9 @@ int Rules_OP_ReadRules(char * rulefile)
                     }
                     else if(strcasecmp(rule_opt[k]->element,xml_week_day)==0)
                     {
-                        config_ruleinfo->week_day =
+                        config_ruleinfo->week_day = 
                             OS_IsValidDay(rule_opt[k]->content);
-
+                            
                         if(!config_ruleinfo->week_day)
                         {
                             merror(INVALID_CONFIG, ARGV0,
@@ -529,7 +521,7 @@ int Rules_OP_ReadRules(char * rulefile)
                         {
                             *newline = ' ';
                         }
-
+                        
                         config_ruleinfo->comment=
                             loadmemory(config_ruleinfo->comment,
                                     rule_opt[k]->content);
@@ -537,27 +529,27 @@ int Rules_OP_ReadRules(char * rulefile)
                     else if(strcasecmp(rule_opt[k]->element,xml_srcip)==0)
                     {
                         int ip_s = 0;
-
+                        
                         /* Getting size of source ip list */
-                        while(config_ruleinfo->srcip &&
+                        while(config_ruleinfo->srcip && 
                               config_ruleinfo->srcip[ip_s])
                         {
                             ip_s++;
                         }
-
-                        config_ruleinfo->srcip =
+                        
+                        config_ruleinfo->srcip = 
                                     realloc(config_ruleinfo->srcip,
                                     (ip_s + 2) * sizeof(os_ip *));
-
-
+                        
+                        
                         /* Allocating memory for the individual entries */
-                        os_calloc(1, sizeof(os_ip),
+                        os_calloc(1, sizeof(os_ip), 
                                      config_ruleinfo->srcip[ip_s]);
                         config_ruleinfo->srcip[ip_s +1] = NULL;
-
-
+                        
+                        
                         /* Checking if the ip is valid */
-                        if(!OS_IsValidIP(rule_opt[k]->content,
+                        if(!OS_IsValidIP(rule_opt[k]->content, 
                                          config_ruleinfo->srcip[ip_s]))
                         {
                             merror(INVALID_IP, ARGV0, rule_opt[k]->content);
@@ -637,7 +629,7 @@ int Rules_OP_ReadRules(char * rulefile)
                         status =
                             loadmemory(status,
                                     rule_opt[k]->content);
-
+                        
                         if(!(config_ruleinfo->alert_opts & DO_EXTRAINFO))
                             config_ruleinfo->alert_opts |= DO_EXTRAINFO;
                     }
@@ -646,7 +638,7 @@ int Rules_OP_ReadRules(char * rulefile)
                         hostname =
                             loadmemory(hostname,
                                     rule_opt[k]->content);
-
+                        
                         if(!(config_ruleinfo->alert_opts & DO_EXTRAINFO))
                             config_ruleinfo->alert_opts |= DO_EXTRAINFO;
                     }
@@ -668,7 +660,7 @@ int Rules_OP_ReadRules(char * rulefile)
                     }
                     else if(strcasecmp(rule_opt[k]->element,xml_action)==0)
                     {
-                        config_ruleinfo->action =
+                        config_ruleinfo->action = 
                             loadmemory(config_ruleinfo->action,
                                     rule_opt[k]->content);
                     }
@@ -697,12 +689,12 @@ int Rules_OP_ReadRules(char * rulefile)
                                         lookup_type = LR_ADDRESS_NOT_MATCH;
                                     else if(strcasecmp(rule_opt[k]->values[list_att_num],xml_address_key_value)==0)
                                         lookup_type = LR_ADDRESS_MATCH_VALUE;
-                                    else
+                                    else 
                                     {
-                                        merror(INVALID_CONFIG, ARGV0,
-                                               rule_opt[k]->element,
+                                        merror(INVALID_CONFIG, ARGV0, 
+                                               rule_opt[k]->element, 
                                                rule_opt[k]->content);
-                                        merror("%s: List match lookup=\"%s\" is not valid.",
+                                        merror("%s: List match lookup=\"%s\" is not valid.", 
                                                 ARGV0,rule_opt[k]->values[list_att_num]);
                                         return(-1);
                                      }
@@ -731,12 +723,12 @@ int Rules_OP_ReadRules(char * rulefile)
                                         rule_type = RULE_STATUS;
                                     else if (strcasecmp(rule_opt[k]->values[list_att_num],xml_action)==0)
                                         rule_type = RULE_ACTION;
-                                    else
+                                    else 
                                     {
-                                        merror(INVALID_CONFIG, ARGV0,
-                                               rule_opt[k]->element,
+                                        merror(INVALID_CONFIG, ARGV0, 
+                                               rule_opt[k]->element, 
                                                rule_opt[k]->content);
-                                        merror("%s: List match field=\"%s\" is not valid.",
+                                        merror("%s: List match field=\"%s\" is not valid.", 
                                                 ARGV0,rule_opt[k]->values[list_att_num]);
                                         return(-1);
                                      }
@@ -746,12 +738,12 @@ int Rules_OP_ReadRules(char * rulefile)
                                     os_calloc(1, sizeof(OSMatch), matcher);
                                     if(!OSMatch_Compile(rule_opt[k]->values[list_att_num], matcher, 0))
                                     {
-                                        merror(INVALID_CONFIG, ARGV0,
-                                               rule_opt[k]->element,
+                                        merror(INVALID_CONFIG, ARGV0, 
+                                               rule_opt[k]->element, 
                                                rule_opt[k]->content);
-                                        merror(REGEX_COMPILE,
-                                               ARGV0,
-                                               rule_opt[k]->values[list_att_num],
+                                        merror(REGEX_COMPILE, 
+                                               ARGV0, 
+                                               rule_opt[k]->values[list_att_num], 
                                                matcher->error);
                                         return(-1);
                                     }
@@ -760,7 +752,7 @@ int Rules_OP_ReadRules(char * rulefile)
                                 {
                                 	merror("%s:List feild=\"%s\" is not valid",ARGV0,
                                            rule_opt[k]->values[list_att_num]);
-                                    merror(INVALID_CONFIG, ARGV0,
+                                    merror(INVALID_CONFIG, ARGV0, 
                                            rule_opt[k]->element, rule_opt[k]->content);
                                     return(-1);
                                 }
@@ -769,15 +761,15 @@ int Rules_OP_ReadRules(char * rulefile)
                             if(rule_type == 0)
                             {
                                 merror("%s:List requires the field=\"\" Attrubute",ARGV0);
-                                merror(INVALID_CONFIG, ARGV0,
+                                merror(INVALID_CONFIG, ARGV0, 
                                        rule_opt[k]->element, rule_opt[k]->content);
                                 return(-1);
                             }
 
                             /* Wow it's all ready - this seams too complex to get to this point */
                             config_ruleinfo->lists = OS_AddListRule(config_ruleinfo->lists,
-                                           lookup_type,
-                                           rule_type,
+                                           lookup_type, 
+                                           rule_type, 
                                            rule_opt[k]->content,
                                            matcher);
                             if (config_ruleinfo->lists == NULL)
@@ -790,12 +782,12 @@ int Rules_OP_ReadRules(char * rulefile)
                         {
                             merror("%s:List must have a correctly formatted feild attribute",
                                    ARGV0);
-                            merror(INVALID_CONFIG,
-                                   ARGV0,
-                                   rule_opt[k]->element,
+                            merror(INVALID_CONFIG, 
+                                   ARGV0, 
+                                   rule_opt[k]->element, 
                                    rule_opt[k]->content);
                             return(-1);
-                        }
+                        }                        
                         /* xml_list eval is done */
                     }
                     else if(strcasecmp(rule_opt[k]->element,xml_url)==0)
@@ -810,7 +802,7 @@ int Rules_OP_ReadRules(char * rulefile)
 
                         while(compiled_rules_name[it_id])
                         {
-                            if(strcmp(compiled_rules_name[it_id],
+                            if(strcmp(compiled_rules_name[it_id], 
                                       rule_opt[k]->content) == 0)
                                 break;
                             it_id++;
@@ -819,9 +811,9 @@ int Rules_OP_ReadRules(char * rulefile)
                         /* checking if the name is valid. */
                         if(!compiled_rules_name[it_id])
                         {
-                            merror("%s: ERROR: Compiled rule not found: '%s'",
-                                   ARGV0, rule_opt[k]->content);
-                            merror(INVALID_CONFIG, ARGV0,
+                            merror("%s: ERROR: Compiled rule not found: '%s'", 
+                                   ARGV0, rule_opt[k]->content); 
+                            merror(INVALID_CONFIG, ARGV0, 
                                    rule_opt[k]->element, rule_opt[k]->content);
                             return(-1);
 
@@ -879,9 +871,9 @@ int Rules_OP_ReadRules(char * rulefile)
                     {
                         if(!OS_StrIsNum(rule_opt[k]->content))
                         {
-                            merror(INVALID_CONFIG, ARGV0,
+                            merror(INVALID_CONFIG, ARGV0, 
                                     "if_level",
-                                    rule_opt[k]->content);
+                                    rule_opt[k]->content); 
                             return(-1);
                         }
 
@@ -922,7 +914,7 @@ int Rules_OP_ReadRules(char * rulefile)
                                     rule_opt[k]->content);
                             return(-1);
                         }
-                        config_ruleinfo->if_matched_sid =
+                        config_ruleinfo->if_matched_sid = 
                             atoi(rule_opt[k]->content);
 
                     }
@@ -935,7 +927,7 @@ int Rules_OP_ReadRules(char * rulefile)
                                 xml_same_src_port)==0)
                     {
                         config_ruleinfo->context_opts|= SAME_SRCPORT;
-
+                        
                         if(!(config_ruleinfo->alert_opts & SAME_EXTRAINFO))
                             config_ruleinfo->alert_opts |= SAME_EXTRAINFO;
                     }
@@ -951,7 +943,7 @@ int Rules_OP_ReadRules(char * rulefile)
                                 xml_same_dst_port) == 0)
                     {
                         config_ruleinfo->context_opts|= SAME_DSTPORT;
-
+                        
                         if(!(config_ruleinfo->alert_opts & SAME_EXTRAINFO))
                             config_ruleinfo->alert_opts |= SAME_EXTRAINFO;
                     }
@@ -968,7 +960,7 @@ int Rules_OP_ReadRules(char * rulefile)
                                    xml_different_url) == 0)
                     {
                         config_ruleinfo->context_opts|= DIFFERENT_URL;
-
+                        
                         if(!(config_ruleinfo->alert_opts & SAME_EXTRAINFO))
                             config_ruleinfo->alert_opts |= SAME_EXTRAINFO;
                     }
@@ -985,7 +977,7 @@ int Rules_OP_ReadRules(char * rulefile)
                                 xml_same_user)==0)
                     {
                         config_ruleinfo->context_opts|= SAME_USER;
-
+                        
                         if(!(config_ruleinfo->alert_opts & SAME_EXTRAINFO))
                             config_ruleinfo->alert_opts |= SAME_EXTRAINFO;
                     }
@@ -1009,7 +1001,7 @@ int Rules_OP_ReadRules(char * rulefile)
                     else if(strcasecmp(rule_opt[k]->element,
                                 xml_options) == 0)
                     {
-                        if(strcmp("alert_by_email",
+                        if(strcmp("alert_by_email", 
                                   rule_opt[k]->content) == 0)
                         {
                             if(!(config_ruleinfo->alert_opts & DO_MAILALERT))
@@ -1025,7 +1017,7 @@ int Rules_OP_ReadRules(char * rulefile)
                               config_ruleinfo->alert_opts&=0xfff-DO_MAILALERT;
                             }
                         }
-                        else if(strcmp("log_alert",
+                        else if(strcmp("log_alert", 
                                        rule_opt[k]->content) == 0)
                         {
                             if(!(config_ruleinfo->alert_opts & DO_LOGALERT))
@@ -1048,7 +1040,7 @@ int Rules_OP_ReadRules(char * rulefile)
                             }
                         }
                         else
-                        {
+                        {               
                             merror(XML_VALUEERR, ARGV0, xml_options,
                                                         rule_opt[k]->content);
 
@@ -1057,7 +1049,7 @@ int Rules_OP_ReadRules(char * rulefile)
                                    config_ruleinfo->sigid);
                             OS_ClearXML(&xml);
                             return(-1);
-                        }
+                        }   
                     }
                     else if(strcasecmp(rule_opt[k]->element,
                                 xml_ignore) == 0)
@@ -1093,7 +1085,7 @@ int Rules_OP_ReadRules(char * rulefile)
                         }
                         if(!config_ruleinfo->ignore)
                         {
-                            merror("%s: Wrong ignore option: '%s'",
+                            merror("%s: Wrong ignore option: '%s'", 
                                                     ARGV0,
                                                     rule_opt[k]->content);
                             return(-1);
@@ -1133,7 +1125,7 @@ int Rules_OP_ReadRules(char * rulefile)
                         }
                         if(!config_ruleinfo->ckignore)
                         {
-                            merror("%s: Wrong check_if_ignored option: '%s'",
+                            merror("%s: Wrong check_if_ignored option: '%s'", 
                                                     ARGV0,
                                                     rule_opt[k]->content);
                             return(-1);
@@ -1152,7 +1144,7 @@ int Rules_OP_ReadRules(char * rulefile)
 
 
                 /* Checking for a valid use of frequency */
-                if((config_ruleinfo->context_opts ||
+                if((config_ruleinfo->context_opts || 
                    config_ruleinfo->frequency) &&
                    !config_ruleinfo->context)
                 {
@@ -1162,42 +1154,42 @@ int Rules_OP_ReadRules(char * rulefile)
                     OS_ClearXML(&xml);
                     return(-1);
                 }
-
+                
 
                 /* If if_matched_group we must have a if_sid or if_group */
                 if(if_matched_group)
                 {
                     if(!config_ruleinfo->if_sid && !config_ruleinfo->if_group)
                     {
-                        os_strdup(if_matched_group,
-                                  config_ruleinfo->if_group);
+                        os_strdup(if_matched_group, 
+                                  config_ruleinfo->if_group);        
                     }
                 }
 
                 /* If_matched_sid, we need to get the if_sid */
-                if(config_ruleinfo->if_matched_sid &&
+                if(config_ruleinfo->if_matched_sid && 
                    !config_ruleinfo->if_sid &&
                    !config_ruleinfo->if_group)
                 {
                     os_calloc(16, sizeof(char), config_ruleinfo->if_sid);
-                    snprintf(config_ruleinfo->if_sid, 15, "%d",
+                    snprintf(config_ruleinfo->if_sid, 15, "%d", 
                              config_ruleinfo->if_matched_sid);
                 }
-
+                
                 /* Checking the regexes */
                 if(regex)
                 {
                     os_calloc(1, sizeof(OSRegex), config_ruleinfo->regex);
                     if(!OSRegex_Compile(regex, config_ruleinfo->regex, 0))
                     {
-                        merror(REGEX_COMPILE, ARGV0, regex,
+                        merror(REGEX_COMPILE, ARGV0, regex, 
                                 config_ruleinfo->regex->error);
                         return(-1);
                     }
                     free(regex);
                     regex = NULL;
                 }
-
+                
                 /* Adding in match */
                 if(match)
                 {
@@ -1211,14 +1203,14 @@ int Rules_OP_ReadRules(char * rulefile)
                     free(match);
                     match = NULL;
                 }
-
+                
                 /* Adding in id */
                 if(id)
                 {
                     os_calloc(1, sizeof(OSMatch), config_ruleinfo->id);
                     if(!OSMatch_Compile(id, config_ruleinfo->id, 0))
                     {
-                        merror(REGEX_COMPILE, ARGV0, id,
+                        merror(REGEX_COMPILE, ARGV0, id, 
                                               config_ruleinfo->id->error);
                         return(-1);
                     }
@@ -1232,7 +1224,7 @@ int Rules_OP_ReadRules(char * rulefile)
                     os_calloc(1, sizeof(OSMatch), config_ruleinfo->srcport);
                     if(!OSMatch_Compile(srcport, config_ruleinfo->srcport, 0))
                     {
-                        merror(REGEX_COMPILE, ARGV0, srcport,
+                        merror(REGEX_COMPILE, ARGV0, srcport, 
                                               config_ruleinfo->id->error);
                         return(-1);
                     }
@@ -1246,7 +1238,7 @@ int Rules_OP_ReadRules(char * rulefile)
                     os_calloc(1, sizeof(OSMatch), config_ruleinfo->dstport);
                     if(!OSMatch_Compile(dstport, config_ruleinfo->dstport, 0))
                     {
-                        merror(REGEX_COMPILE, ARGV0, dstport,
+                        merror(REGEX_COMPILE, ARGV0, dstport, 
                                               config_ruleinfo->id->error);
                         return(-1);
                     }
@@ -1286,7 +1278,7 @@ int Rules_OP_ReadRules(char * rulefile)
                 if(extra_data)
                 {
                     os_calloc(1, sizeof(OSMatch), config_ruleinfo->extra_data);
-                    if(!OSMatch_Compile(extra_data,
+                    if(!OSMatch_Compile(extra_data, 
                                         config_ruleinfo->extra_data, 0))
                     {
                         merror(REGEX_COMPILE, ARGV0, extra_data,
@@ -1311,7 +1303,7 @@ int Rules_OP_ReadRules(char * rulefile)
                     free(program_name);
                     program_name = NULL;
                 }
-
+                
                 /* Adding in user */
                 if(user)
                 {
@@ -1325,28 +1317,28 @@ int Rules_OP_ReadRules(char * rulefile)
                     free(user);
                     user = NULL;
                 }
-
+                
                 /* Adding in url */
                 if(url)
                 {
                     os_calloc(1, sizeof(OSMatch), config_ruleinfo->url);
                     if(!OSMatch_Compile(url, config_ruleinfo->url, 0))
                     {
-                        merror(REGEX_COMPILE, ARGV0, url,
+                        merror(REGEX_COMPILE, ARGV0, url, 
                                 config_ruleinfo->url->error);
                         return(-1);
                     }
                     free(url);
                     url = NULL;
                 }
-
+                
                 /* Adding matched_group */
                 if(if_matched_group)
                 {
-                    os_calloc(1, sizeof(OSMatch),
+                    os_calloc(1, sizeof(OSMatch), 
                                  config_ruleinfo->if_matched_group);
-
-                    if(!OSMatch_Compile(if_matched_group,
+                    
+                    if(!OSMatch_Compile(if_matched_group, 
                                         config_ruleinfo->if_matched_group,
                                         0))
                     {
@@ -1357,16 +1349,16 @@ int Rules_OP_ReadRules(char * rulefile)
                     free(if_matched_group);
                     if_matched_group = NULL;
                 }
-
+                
                 /* Adding matched_regex */
                 if(if_matched_regex)
                 {
-                    os_calloc(1, sizeof(OSRegex),
+                    os_calloc(1, sizeof(OSRegex), 
                             config_ruleinfo->if_matched_regex);
-                    if(!OSRegex_Compile(if_matched_regex,
+                    if(!OSRegex_Compile(if_matched_regex, 
                                 config_ruleinfo->if_matched_regex, 0))
                     {
-                        merror(REGEX_COMPILE, ARGV0, if_matched_regex,
+                        merror(REGEX_COMPILE, ARGV0, if_matched_regex, 
                                 config_ruleinfo->if_matched_regex->error);
                         return(-1);
                     }
@@ -1386,9 +1378,9 @@ int Rules_OP_ReadRules(char * rulefile)
             if(config_ruleinfo->context)
             {
                 int ii = 0;
-                os_calloc(MAX_LAST_EVENTS + 1, sizeof(char *),
+                os_calloc(MAX_LAST_EVENTS + 1, sizeof(char *), 
                           config_ruleinfo->last_events);
-
+                
                 /* Zeroing each entry */
                 for(;ii<=MAX_LAST_EVENTS;ii++)
                 {
@@ -1396,19 +1388,19 @@ int Rules_OP_ReadRules(char * rulefile)
                 }
             }
 
-
+            
             /* Adding the rule to the rules list.
              * Only the template rules are supposed
              * to be at the top level. All others
              * will be a "child" of someone.
              */
             if(config_ruleinfo->sigid < 10)
-            {
+            {    
                 OS_AddRule(config_ruleinfo);
             }
             else if(config_ruleinfo->alert_opts & DO_OVERWRITE)
             {
-                if(!OS_AddRuleInfo(NULL, config_ruleinfo,
+                if(!OS_AddRuleInfo(NULL, config_ruleinfo, 
                                    config_ruleinfo->sigid))
                 {
                     merror("%s: Overwrite rule '%d' not found.",
@@ -1432,13 +1424,13 @@ int Rules_OP_ReadRules(char * rulefile)
             /* Setting the event_search pointer */
             if(config_ruleinfo->if_matched_sid)
             {
-                config_ruleinfo->event_search =
+                config_ruleinfo->event_search = 
                                  (void *)Search_LastSids;
-
+            
                 /* Marking rules that match this id */
-                OS_MarkID(NULL, config_ruleinfo);
+                OS_MarkID(NULL, config_ruleinfo);                     
             }
-
+            
             /* Marking the rules that match if_matched_group */
             else if(config_ruleinfo->if_matched_group)
             {
@@ -1453,19 +1445,19 @@ int Rules_OP_ReadRules(char * rulefile)
                 OS_MarkGroup(NULL, config_ruleinfo);
 
                 /* Setting function pointer */
-                config_ruleinfo->event_search =
+                config_ruleinfo->event_search = 
                                  (void *)Search_LastGroups;
             }
             else if(config_ruleinfo->context)
             {
-                if((config_ruleinfo->context == 1) &&
+                if((config_ruleinfo->context == 1) && 
                    (config_ruleinfo->context_opts & SAME_DODIFF))
                 {
                     config_ruleinfo->context = 0;
                 }
                 else
                 {
-                    config_ruleinfo->event_search =
+                    config_ruleinfo->event_search = 
                                  (void *)Search_LastEvents;
                 }
             }
@@ -1473,7 +1465,7 @@ int Rules_OP_ReadRules(char * rulefile)
         } /* while(rule[j]) */
         OS_ClearNode(rule);
         i++;
-
+        
     } /* while (node[i]) */
 
     /* Cleaning global node */
@@ -1538,25 +1530,25 @@ char *loadmemory(char *at, char *str)
         int strsize = strlen(str);
         int atsize = strlen(at);
         int finalsize = atsize+strsize+1;
-
+        
         if((atsize > OS_SIZE_2048) || (strsize > OS_SIZE_2048))
         {
             merror(SIZE_ERROR,ARGV0,str);
             return(NULL);
         }
-
+        
         at = realloc(at, (finalsize)*sizeof(char));
-
+        
         if(at == NULL)
         {
             merror(MEM_ERROR,ARGV0);
             return(NULL);
         }
-
+        
         strncat(at,str,strsize);
-
+        
         at[finalsize-1]='\0';
-
+        
         return(at);
     }
     return(NULL);
@@ -1580,19 +1572,19 @@ RuleInfoDetail *zeroinfodetails(int type, char *data)
     os_strdup(data, info_details_pt->data);
 
     info_details_pt->next = NULL;
-
+    
 
     return(info_details_pt);
 }
 
 
-RuleInfo *zerorulemember(int id, int level,
+RuleInfo *zerorulemember(int id, int level, 
                          int maxsize, int frequency,
-                         int timeframe, int noalert,
+                         int timeframe, int noalert, 
                          int ignore_time, int overwrite)
 {
     RuleInfo *ruleinfo_pt = NULL;
-
+    
     /* Allocation memory for structure */
     ruleinfo_pt = (RuleInfo *)calloc(1,sizeof(RuleInfo));
 
@@ -1600,17 +1592,17 @@ RuleInfo *zerorulemember(int id, int level,
     {
         ErrorExit(MEM_ERROR,ARGV0);
     }
-
+    
     /* Default values */
     ruleinfo_pt->level = level;
 
     /* Default category is syslog */
     ruleinfo_pt->category = SYSLOG;
 
-    ruleinfo_pt->ar = NULL;
-
+    ruleinfo_pt->ar = NULL; 
+    
     ruleinfo_pt->context = 0;
-
+    
     ruleinfo_pt->sigid = id;
     ruleinfo_pt->firedtimes = 0;
     ruleinfo_pt->maxsize = maxsize;
@@ -1622,11 +1614,11 @@ RuleInfo *zerorulemember(int id, int level,
     ruleinfo_pt->ignore_time = ignore_time;
     ruleinfo_pt->timeframe = timeframe;
     ruleinfo_pt->time_ignored = 0;
-
-    ruleinfo_pt->context_opts = 0;
-    ruleinfo_pt->alert_opts = 0;
-    ruleinfo_pt->ignore = 0;
-    ruleinfo_pt->ckignore = 0;
+   
+    ruleinfo_pt->context_opts = 0; 
+    ruleinfo_pt->alert_opts = 0; 
+    ruleinfo_pt->ignore = 0; 
+    ruleinfo_pt->ckignore = 0; 
 
     if(noalert)
     {
@@ -1634,7 +1626,7 @@ RuleInfo *zerorulemember(int id, int level,
     }
     if(Config.mailbylevel <= level)
         ruleinfo_pt->alert_opts |= DO_MAILALERT;
-    if(Config.logbylevel <= level)
+    if(Config.logbylevel <= level)    
         ruleinfo_pt->alert_opts |= DO_LOGALERT;
 
     /* Overwriting a rule */
@@ -1655,16 +1647,16 @@ RuleInfo *zerorulemember(int id, int level,
     ruleinfo_pt->info = NULL;
     ruleinfo_pt->cve = NULL;
     ruleinfo_pt->info_details = NULL;
-
+    
     ruleinfo_pt->if_sid = NULL;
     ruleinfo_pt->if_group = NULL;
     ruleinfo_pt->if_level = NULL;
-
+    
     ruleinfo_pt->if_matched_regex = NULL;
     ruleinfo_pt->if_matched_group = NULL;
     ruleinfo_pt->if_matched_sid = 0;
-
-    ruleinfo_pt->user = NULL;
+   
+    ruleinfo_pt->user = NULL; 
     ruleinfo_pt->srcip = NULL;
     ruleinfo_pt->srcport = NULL;
     ruleinfo_pt->dstip = NULL;
@@ -1675,7 +1667,7 @@ RuleInfo *zerorulemember(int id, int level,
     ruleinfo_pt->hostname = NULL;
     ruleinfo_pt->program_name = NULL;
     ruleinfo_pt->action = NULL;
-
+    
     /* Zeroing last matched events */
     ruleinfo_pt->__frequency = 0;
     ruleinfo_pt->last_events = NULL;
@@ -1683,10 +1675,10 @@ RuleInfo *zerorulemember(int id, int level,
     /* zeroing the list of previous matches */
     ruleinfo_pt->sid_prev_matched = NULL;
     ruleinfo_pt->group_prev_matched = NULL;
-
+    
     ruleinfo_pt->sid_search = NULL;
     ruleinfo_pt->group_search = NULL;
-
+    
     ruleinfo_pt->event_search = NULL;
     ruleinfo_pt->compiled_rule = NULL;
     ruleinfo_pt->lists = NULL;
@@ -1705,7 +1697,7 @@ int get_info_attributes(char **attributes, char **values)
     {
         if (!values[k])
         {
-            merror("rules_op: Entry info type \"%s\" does not have a value",
+            merror("rules_op: Entry info type \"%s\" does not have a value", 
                     attributes[k]);
             return (-1);
         }
@@ -1714,7 +1706,7 @@ int get_info_attributes(char **attributes, char **values)
             if(strcmp(values[k], "text") == 0)
             {
                 return(RULEINFODETAIL_TEXT);
-            }
+            } 
             else if(strcmp(values[k], "link") == 0)
             {
                 return(RULEINFODETAIL_LINK);
@@ -1734,13 +1726,13 @@ int get_info_attributes(char **attributes, char **values)
 
 /* Get the attributes */
 int getattributes(char **attributes, char **values,
-                  int *id, int *level,
+                  int *id, int *level, 
                   int *maxsize, int *timeframe,
-                  int *frequency, int *accuracy,
+                  int *frequency, int *accuracy, 
                   int *noalert, int *ignore_time, int *overwrite)
 {
     int k=0;
-
+    
     char *xml_id = "id";
     char *xml_level = "level";
     char *xml_maxsize = "maxsize";
@@ -1750,8 +1742,8 @@ int getattributes(char **attributes, char **values,
     char *xml_noalert = "noalert";
     char *xml_ignore_time = "ignore";
     char *xml_overwrite = "overwrite";
-
-
+    
+   
     /* Getting attributes */
     while(attributes[k])
     {
@@ -1848,7 +1840,7 @@ int getattributes(char **attributes, char **values,
                 merror("rules_op: Invalid accuracy: %s. "
                        "Must be integer" ,
                        values[k]);
-                return(-1);
+                return(-1); 
             }
         }
          /* Rule ignore_time */
@@ -1863,7 +1855,7 @@ int getattributes(char **attributes, char **values,
                 merror("rules_op: Invalid ignore_time: %s. "
                        "Must be integer" ,
                        values[k]);
-                return(-1);
+                return(-1); 
             }
         }
         /* Rule noalert */
@@ -1909,22 +1901,22 @@ void Rule_AddAR(RuleInfo *rule_config)
     int rule_ar_size = 0;
     int mark_to_ar = 0;
     int rule_real_level = 0;
-
+    
     OSListNode *my_ars_node;
-
-
-    /* Setting the correctly levels
+    
+    
+    /* Setting the correctly levels 
      * We play internally with the rules, to set
      * the priorities... Rules with 0 of accuracy,
      * receive a low level and go down in the list
      */
     if(rule_config->level == 9900)
         rule_real_level = 0;
-
+    
     else if(rule_config->level >= 100)
         rule_real_level = rule_config->level/100;
-
-
+    
+    
     /* No AR for ignored rules */
     if(rule_real_level == 0)
     {
@@ -1941,7 +1933,7 @@ void Rule_AddAR(RuleInfo *rule_config)
     {
         return;
     }
-
+    
     /* Looping on all AR */
     my_ars_node = OSList_GetFirstNode(active_responses);
     while(my_ars_node)
@@ -1960,7 +1952,7 @@ void Rule_AddAR(RuleInfo *rule_config)
                 mark_to_ar = 1;
             }
         }
-
+       
         /* Checking if group matches */
         if(my_ar->rules_group)
         {
@@ -1969,7 +1961,7 @@ void Rule_AddAR(RuleInfo *rule_config)
                mark_to_ar = 1;
            }
         }
-
+        
         /* Checking if rule id matches */
         if(my_ar->rules_id)
         {
@@ -1992,13 +1984,13 @@ void Rule_AddAR(RuleInfo *rule_config)
                 else if(isdigit((int)*str_pt))
                 {
                     r_id = atoi(str_pt);
-
+                    
                     /* mark to ar if id matches */
                     if(r_id == rule_config->sigid)
                     {
                         mark_to_ar = 1;
                     }
-
+                    
                     str_pt = strchr(str_pt, ',');
                     if(str_pt)
                     {
@@ -2023,9 +2015,9 @@ void Rule_AddAR(RuleInfo *rule_config)
                 }
             }
         } /* eof of rules_id */
-
-
-        /* Bind AR to the rule */
+ 
+        
+        /* Bind AR to the rule */ 
         if(mark_to_ar == 1)
         {
             rule_ar_size++;
@@ -2033,12 +2025,12 @@ void Rule_AddAR(RuleInfo *rule_config)
             rule_config->ar = realloc(rule_config->ar,
                                       (rule_ar_size + 1)
                                       *sizeof(active_response *));
-
+            
             /* Always set the last node to NULL */
             rule_config->ar[rule_ar_size - 1] = my_ar;
-            rule_config->ar[rule_ar_size] = NULL;
+            rule_config->ar[rule_ar_size] = NULL;  
         }
-
+        
         my_ars_node = OSList_GetNextNode(active_responses);
     }
 
@@ -2049,9 +2041,9 @@ void Rule_AddAR(RuleInfo *rule_config)
 /* print rule */
 void printRuleinfo(RuleInfo *rule, int node)
 {
-    debug1("%d : rule:%d, level %d, timeout: %d",
+    debug1("%d : rule:%d, level %d, timeout: %d", 
             node,
-            rule->sigid,
+            rule->sigid, 
             rule->level,
             rule->ignore_time);
 }
@@ -2068,8 +2060,8 @@ int AddHash_Rule(RuleNode *node)
 
         snprintf(_id_key, 14, "%d", node->ruleinfo->sigid);
         os_strdup(_id_key, id_key);
-
-
+        
+        
         /* Adding key to hash. */
         OSHash_Add(Config.g_rules_hash, id_key, node->ruleinfo);
         if(node->child)
@@ -2098,10 +2090,10 @@ int _setlevels(RuleNode *node, int nnode)
             node->ruleinfo->level/=100;
 
         l_size++;
-
+        
         /* Rule information */
         printRuleinfo(node->ruleinfo, nnode);
-
+        
         if(node->child)
         {
             int chl_size = 0;
@@ -2116,36 +2108,5 @@ int _setlevels(RuleNode *node, int nnode)
     return(l_size);
 }
 
-/* test if a rule id exists
- * return 1 when exists
- * return 0 when not
- */
-int doesRuleExist(int sid, RuleNode *r_node)
-{
-    /* start from the beginning of the list by default */
-    if(!r_node)
-        r_node = OS_GetFirstRule();
-
-    while(r_node)
-    {
-        /* Checking if the sigid matches */
-        if(r_node->ruleinfo->sigid == sid)
-            return (1);
-
-        /* Checking if the rule has a child */
-        if(r_node->child)
-        {
-            /* check recursive */
-            if(doesRuleExist(sid, r_node->child))
-                return (1);
-        }
-
-        /* go to the next rule */
-        r_node = r_node->next;
-    }
-
-    return (0);
-}
-
 
 /* EOF */
diff --git a/src/analysisd/rules.h b/src/analysisd/rules.h
index 03204cf..fa6844e 100755
--- a/src/analysisd/rules.h
+++ b/src/analysisd/rules.h
@@ -95,7 +95,7 @@ typedef struct _RuleInfo
 
     int __frequency;
     char **last_events;
-
+    
 
     /* Not an option in the rule */
     u_int16_t alert_opts;
@@ -105,7 +105,7 @@ typedef struct _RuleInfo
 
     /* category */
     u_int8_t category;
-
+   
     /* Decoded as */
     u_int16_t decoded_as;
 
@@ -127,7 +127,7 @@ typedef struct _RuleInfo
 
     /* Function pointer to the event_search. */
     void *(*event_search)(void *lf, void *rule);
-
+    
 
     char *group;
     OSMatch *match;
@@ -149,13 +149,13 @@ typedef struct _RuleInfo
     OSMatch *program_name;
     OSMatch *extra_data;
     char *action;
-
+    
     char *comment; /* description in the xml */
     char *info;
     char *cve;
     RuleInfoDetail *info_details;
     ListRule *lists;
-
+    
     char *if_sid;
     char *if_level;
     char *if_group;
@@ -163,7 +163,7 @@ typedef struct _RuleInfo
     OSRegex *if_matched_regex;
     OSMatch *if_matched_group;
     int if_matched_sid;
-
+    
     void *(*compiled_rule)(void *lf);
     active_response **ar;
 
@@ -184,11 +184,11 @@ RuleInfoDetail *zeroinfodetails(int type, char *data);
 int get_info_attributes(char **attributes, char **values);
 
 /* RuleInfo functions */
-RuleInfo *zerorulemember(int id,
+RuleInfo *zerorulemember(int id, 
                          int level,
-                         int maxsize,
+                         int maxsize, 
                          int frequency,
-                         int timeframe,
+                         int timeframe, 
                          int noalert,
                          int ignore_time,
                          int overwrite);
@@ -222,10 +222,10 @@ RuleNode *OS_GetFirstRule();
 /** Defition of the internal rule IDS **
  ** These SIGIDs cannot be used       **
  **                                   **/
-
+   
 #define STATS_MODULE        11
 #define FTS_MODULE          12
-#define SYSCHECK_MODULE     13
+#define SYSCHECK_MODULE     13   
 #define HOSTINFO_MODULE     15
 
 
diff --git a/src/analysisd/rules_list.c b/src/analysisd/rules_list.c
index 3e4a335..2a2f5d2 100755
--- a/src/analysisd/rules_list.c
+++ b/src/analysisd/rules_list.c
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 #include "shared.h"
 #include "rules.h"
 
@@ -34,17 +34,17 @@ void OS_CreateRuleList()
 RuleNode *OS_GetFirstRule()
 {
     RuleNode *rulenode_pt = rulenode;
-
-    return(rulenode_pt);
+    
+    return(rulenode_pt);    
 }
 
 
 /* Search all rules, including childs */
-int _AddtoRule(int sid, int level, int none, char *group,
+int _AddtoRule(int sid, int level, int none, char *group, 
                RuleNode *r_node, RuleInfo *read_rule)
 {
     int r_code = 0;
-
+    
     /* If we don't have the first node, start from
      * the beginning of the list
      */
@@ -57,14 +57,14 @@ int _AddtoRule(int sid, int level, int none, char *group,
     {
         /* Checking if the sigid matches */
         if(sid)
-        {
+        {    
             if(r_node->ruleinfo->sigid == sid)
             {
-                /* Assign the category of this rule to the child
+                /* Assign the category of this rule to the child 
                  * as they must match
                  */
                 read_rule->category = r_node->ruleinfo->category;
-
+                
 
                 /* If no context for rule, check if the parent has
                  * and use it.
@@ -73,17 +73,17 @@ int _AddtoRule(int sid, int level, int none, char *group,
                 {
                     read_rule->last_events = r_node->ruleinfo->last_events;
                 }
-
+                
                 r_node->child=
                     _OS_AddRule(r_node->child, read_rule);
                 return(1);
             }
         }
-
+        
         /* Checking if the group matches */
         else if(group)
         {
-            if(OS_WordMatch(group, r_node->ruleinfo->group) &&
+            if(OS_WordMatch(group, r_node->ruleinfo->group) && 
                (r_node->ruleinfo->sigid != read_rule->sigid))
             {
                 /* If no context for rule, check if the parent has
@@ -104,7 +104,7 @@ int _AddtoRule(int sid, int level, int none, char *group,
         /* Checking if the level matches */
         else if(level)
         {
-            if((r_node->ruleinfo->level >= level) &&
+            if((r_node->ruleinfo->level >= level) && 
                (r_node->ruleinfo->sigid != read_rule->sigid))
             {
                 r_node->child=
@@ -112,10 +112,10 @@ int _AddtoRule(int sid, int level, int none, char *group,
                 r_code = 1;
             }
         }
-
-
+        
+        
         /* If we are not searching for the sid/group, the category must
-         * be the same.
+         * be the same. 
          */
         else if(read_rule->category != r_node->ruleinfo->category)
         {
@@ -123,7 +123,7 @@ int _AddtoRule(int sid, int level, int none, char *group,
             continue;
         }
 
-
+        
         /* If none of them is set, add for the category */
         else
         {
@@ -145,8 +145,8 @@ int _AddtoRule(int sid, int level, int none, char *group,
 
         r_node = r_node->next;
     }
-
-    return(r_code);
+    
+    return(r_code);    
 }
 
 
@@ -159,14 +159,14 @@ int OS_AddChild(RuleInfo *read_rule)
         return(1);
     }
 
-    /* Adding for if_sid */
+    /* Adding for if_sid */    
     if(read_rule->if_sid)
     {
         int val = 0;
         char *sid;
-
+        
         sid  = read_rule->if_sid;
-
+        
         /* Loop to read all the rules (comma or space separated */
         do
         {
@@ -218,7 +218,7 @@ int OS_AddChild(RuleInfo *read_rule)
         }
     }
 
-    /* Adding for if_group */
+    /* Adding for if_group */    
     else if(read_rule->if_group)
     {
         if(!_AddtoRule(0, 0, 0, read_rule->if_group, NULL, read_rule))
@@ -227,7 +227,7 @@ int OS_AddChild(RuleInfo *read_rule)
                       "found. Invalid 'if_group'.", read_rule->if_group);
         }
     }
-
+    
     /* Just add based on the category */
     else
     {
@@ -248,14 +248,14 @@ int OS_AddChild(RuleInfo *read_rule)
 RuleNode *_OS_AddRule(RuleNode *_rulenode, RuleInfo *read_rule)
 {
     RuleNode *tmp_rulenode = _rulenode;
-
+    
 
     if(tmp_rulenode != NULL)
     {
         int middle_insertion = 0;
         RuleNode *prev_rulenode = NULL;
         RuleNode *new_rulenode = NULL;
-
+        
         while(tmp_rulenode != NULL)
         {
             if(read_rule->level > tmp_rulenode->ruleinfo->level)
@@ -266,7 +266,7 @@ RuleNode *_OS_AddRule(RuleNode *_rulenode, RuleInfo *read_rule)
             prev_rulenode = tmp_rulenode;
             tmp_rulenode = tmp_rulenode->next;
         }
-
+        
         new_rulenode = (RuleNode *)calloc(1,sizeof(RuleNode));
 
         if(!new_rulenode)
@@ -284,21 +284,21 @@ RuleNode *_OS_AddRule(RuleNode *_rulenode, RuleInfo *read_rule)
             {
                 prev_rulenode->next = new_rulenode;
             }
-
+            
             new_rulenode->next = tmp_rulenode;
             new_rulenode->ruleinfo = read_rule;
             new_rulenode->child = NULL;
         }
-
+       
         else
         {
             prev_rulenode->next = new_rulenode;
             prev_rulenode->next->ruleinfo = read_rule;
-            prev_rulenode->next->next = NULL;
-            prev_rulenode->next->child = NULL;
+            prev_rulenode->next->next = NULL;            
+            prev_rulenode->next->child = NULL;            
         }
     }
-
+    
     else
     {
         _rulenode = (RuleNode *)calloc(1,sizeof(RuleNode));
@@ -454,7 +454,7 @@ int OS_MarkGroup(RuleNode *r_node, RuleInfo *orig_rule)
 
     while(r_node)
     {
-        if(OSMatch_Execute(r_node->ruleinfo->group,
+        if(OSMatch_Execute(r_node->ruleinfo->group, 
                            strlen(r_node->ruleinfo->group),
                            orig_rule->if_matched_group))
         {
@@ -466,18 +466,18 @@ int OS_MarkGroup(RuleNode *r_node, RuleInfo *orig_rule)
                     rule_g++;
                 }
             }
-
-            os_realloc(r_node->ruleinfo->group_prev_matched,
+            
+            os_realloc(r_node->ruleinfo->group_prev_matched, 
                        (rule_g + 2)*sizeof(OSList *),
-                       r_node->ruleinfo->group_prev_matched);
-
+                       r_node->ruleinfo->group_prev_matched); 
+            
             r_node->ruleinfo->group_prev_matched[rule_g] = NULL;
             r_node->ruleinfo->group_prev_matched[rule_g +1] = NULL;
-
+            
             /* Setting the size */
             r_node->ruleinfo->group_prev_matched_sz = rule_g +1;
-
-            r_node->ruleinfo->group_prev_matched[rule_g] =
+            
+            r_node->ruleinfo->group_prev_matched[rule_g] = 
                               orig_rule->group_search;
         }
 
diff --git a/src/analysisd/stats.c b/src/analysisd/stats.c
index 764b5ed..9ad8b27 100755
--- a/src/analysisd/stats.c
+++ b/src/analysisd/stats.c
@@ -1,6 +1,6 @@
 /* @(#) $Id: ./src/analysisd/stats.c, 2011/09/08 dcid Exp $
  */
-
+                    
 /* Copyright (C) 2009 Trend Micro Inc.
  * All right reserved.
  *
@@ -29,7 +29,7 @@ char *(weekdays[])={"Sunday","Monday","Tuesday","Wednesday","Thursday",
 		            "Friday","Saturday"};
 char *(l_month[])={"Jan","Feb","Mar","Apr","May","Jun","Jul","Aug",
                  "Sep","Oct","Nov","Dec"};
-
+                        
 
 
 /* Global vars */
@@ -63,7 +63,7 @@ void print_totals()
     char logfile[OS_FLSIZE +1];
     FILE *flog;
 
-
+        
     /* Creating the path for the logs */
     snprintf(logfile, OS_FLSIZE,"%s/%d/", STATSAVED, prev_year);
     if(IsDir(logfile) == -1)
@@ -97,7 +97,7 @@ void print_totals()
         merror(FOPEN_ERROR, ARGV0, logfile);
         return;
     }
-
+    
     /* Printing the hourly stats */
     for(i=0;i<=23;i++)
     {
@@ -105,7 +105,7 @@ void print_totals()
         totals+=_CHour[i];
     }
     fprintf(flog,"Total events for day:%d\n", totals);
-
+    
     fclose(flog);
 }
 
@@ -113,7 +113,7 @@ void print_totals()
 /* gethour: v0.2
  * Return the parameter (event_number + 20 % of it)
  * If event_number < mindiff, return mindiff
- * If event_number > maxdiff, return maxdiff
+ * If event_number > maxdiff, return maxdiff 
  */
 int gethour(int event_number)
 {
@@ -122,12 +122,12 @@ int gethour(int event_number)
     event_diff = (event_number * percent_diff)/100;
 
     event_diff++;
-
+    
     if(event_diff < mindiff)
         return(event_number + mindiff);
     else if(event_diff > maxdiff)
         return(event_number + maxdiff);
-
+        
     return(event_number + event_diff);
 }
 
@@ -137,24 +137,24 @@ void Update_Hour()
 {
     int i,j;
     int inter;
-
-
+    
+    
     /* Print total number of logs received per hour */
     print_totals();
-
-
+    
+    
     /* Hourly update */
     _RHour[24]++;
     inter = _RHour[24];
     if(inter > 7)
         inter = 7;
-
+        
     for(i=0;i<=24;i++)
     {
         char _hourly[128]; /* _hourly file */
-
+        
         FILE *fp;
-
+        
         if(i != 24)
         {
             /* If saved hourly = 0, just copy the current hourly rate */
@@ -171,7 +171,7 @@ void Update_Hour()
                 {
                     _RHour[i]=(((3*_CHour[i])+(inter*_RHour[i]))/(inter+3))+25;
                 }
-
+                
                 else
                 {
                     /* The average is going to be the number of interactions +
@@ -180,7 +180,7 @@ void Update_Hour()
                 }
             }
         }
-
+        
         snprintf(_hourly,128,"%s/%d",STATQUEUE,i);
         fp = fopen(_hourly, "w");
         if(fp)
@@ -193,7 +193,7 @@ void Update_Hour()
         {
             merror(FOPEN_ERROR, "logstats", _hourly);
         }
-
+           
         _CHour[i] = 0; /* Zeroing the currently  hour */
     }
 
@@ -207,7 +207,7 @@ void Update_Hour()
         inter = _CWHour[i][24];
         if(inter > 7)
             inter = 7;
-
+        
         for(j=0;j<=24;j++)
         {
             if(j != 24)
@@ -230,7 +230,7 @@ void Update_Hour()
                     }
                 }
             }
-
+            
             snprintf(_weekly,128,"%s/%d/%d",STATWQUEUE,i,j);
             fp = fopen(_weekly, "w");
             if(fp)
@@ -242,9 +242,9 @@ void Update_Hour()
             {
                 merror(FOPEN_ERROR, "logstats", _weekly);
             }
-
+            
             _CWHour[i][j] = 0;	
-        }
+        }   
     }
 
     _daily_errors = 0;
@@ -287,8 +287,8 @@ int Check_Hour(Eventinfo *lf)
                                      " between %d:00 and %d:00 is %d. We "
                                      "reached %d.",__crt_hour,__crt_hour+1,
                                      _RHour[__crt_hour],_CHour[__crt_hour]);
-
-
+                
+                
                 _fired = 1;
                 _daily_errors++;
                 return(1);
@@ -300,13 +300,13 @@ int Check_Hour(Eventinfo *lf)
     /* We need to have at least 3 days of stats */
     if(_RWHour[__crt_wday][24] <= 2)
         return(0);
-
+        
     /* checking for the hour during a specific day of the week */
     if(_RWHour[__crt_wday][__crt_hour] != 0)
     {
         if(_CWHour[__crt_wday][__crt_hour] > _RWHour[__crt_wday][__crt_hour])
         {
-            if(_CWHour[__crt_wday][__crt_hour] >
+            if(_CWHour[__crt_wday][__crt_hour] > 
                     gethour(_RWHour[__crt_wday][__crt_hour]))
             {
                 snprintf(__stats_comment, 191,
@@ -316,8 +316,8 @@ int Check_Hour(Eventinfo *lf)
                                      weekdays[__crt_wday],
                                      _RWHour[__crt_wday][__crt_hour],
                                      _CWHour[__crt_wday][__crt_hour]);
-
-
+                
+                
                 _fired = 1;
                 _daily_errors++;
                 return(1);
@@ -355,7 +355,7 @@ int Start_Hour()
     maxdiff = getDefine_Int("analysisd",
                             "stats_maxdiff",
                             10, 99999);
-
+    
     mindiff = getDefine_Int("analysisd",
                             "stats_mindiff",
                             10, 99999);
@@ -372,22 +372,22 @@ int Start_Hour()
     _lastmsg = NULL;
     _prevlast = NULL;
     _pprevlast = NULL;
-
-
+    
+    
     /* They should not be null */
     os_strdup(" ", _lastmsg);
     os_strdup(" ", _prevlast);
     os_strdup(" ", _pprevlast);
-
-
-    /* Creating the stat queue directories */
+                
+    
+    /* Creating the stat queue directories */        
     if(IsDir(STATWQUEUE) == -1)
         if(mkdir(STATWQUEUE,0770) == -1)
         {
             merror("%s: logstat: Unable to create stat queue: %s",
                             ARGV0, STATWQUEUE);
             return(-1);
-        }
+        }       
 
     if(IsDir(STATQUEUE) == -1)
         if(mkdir(STATQUEUE,0770) == -1)
@@ -395,7 +395,7 @@ int Start_Hour()
             merror("%s: logstat: Unable to create stat queue: %s",
                             ARGV0, STATQUEUE);
             return(-1);
-        }
+        }       
 
     /* Creating store dir */
     if(IsDir(STATSAVED) == -1)
@@ -415,7 +415,7 @@ int Start_Hour()
         _CHour[i]=0;	
         if(File_DateofChange(_hourly) < 0)
             _RHour[i] = 0;
-
+            
         else
         {
             FILE *fp;
@@ -428,7 +428,7 @@ int Start_Hour()
                     _RHour[i] = 0;
 
                 if(_RHour[i] < 0)
-                    _RHour[i] = 0;
+                    _RHour[i] = 0;    
                 fclose(fp);
             }	
         }
@@ -465,7 +465,7 @@ int Start_Hour()
                         _RWHour[i][j] = 0;
 
                     if(_RWHour[i][j] < 0)
-                        _RWHour[i][j] = 0;
+                        _RWHour[i][j] = 0;    
                     fclose(fp);
                 }	
             }	
@@ -497,7 +497,7 @@ int LastMsg_Stats(char *log)
 
 /* LastMsg_Change: v0.3: 2006/03/21
  * v0.3: 2006/03/21: Some performance fixes.
- * v0.2: 2005/03/17
+ * v0.2: 2005/03/17 
  * If the message is not repeated, rearrange the last
  * received messages
  */
@@ -505,12 +505,12 @@ void LastMsg_Change(char *log)
 {
     /* Removing the last one */
     free(_pprevlast);
-
+    
     /* Moving the second to third and the last to second */
     _pprevlast = _prevlast;
-
+    
     _prevlast = _lastmsg;
-
+    
 
     os_strdup(log, _lastmsg);
     return;
diff --git a/src/analysisd/testrule.c b/src/analysisd/testrule.c
index d2f5b25..4579783 100755
--- a/src/analysisd/testrule.c
+++ b/src/analysisd/testrule.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -17,7 +17,7 @@
 /* Part of the OSSEC
  * Available at http://www.ossec.net
  */
-
+  
 
 /* ossec-analysisd.
  * Responsible for correlation and log decoding.
@@ -123,7 +123,7 @@ int main(int argc, char **argv)
 {
     int t_config = 0;
     int c = 0, m_queue = 0;
-    char *ut_str = NULL;
+    char *ut_str = NULL; 
 
     char *dir = DEFAULTDIR;
     char *user = USER;
@@ -176,7 +176,6 @@ int main(int argc, char **argv)
                 if(!optarg)
                     ErrorExit("%s: -D needs an argument",ARGV0);
                 dir = optarg;
-                break;
             case 'c':
                 if(!optarg)
                     ErrorExit("%s: -c needs an argument",ARGV0);
@@ -184,9 +183,9 @@ int main(int argc, char **argv)
                 break;
             case 'a':
                 alert_only = 1;
-                break;
+                break;    
             case 'v':
-                full_output = 1;
+                full_output = 1;    
                 break;
             default:
                 logtest_help(ARGV0);
@@ -205,14 +204,14 @@ int main(int argc, char **argv)
     }
 
     debug1(READ_CONFIG, ARGV0);
+        
 
-
-
+    
     /* Getting servers hostname */
     memset(__shost, '\0', 512);
     if(gethostname(__shost, 512 -1) != 0)
     {
-        strncpy(__shost, OSSEC_SERVER, 512 -1);
+        strncpy(__shost, OSSEC_SERVER, 512 -1);    
     }
     else
     {
@@ -223,7 +222,7 @@ int main(int argc, char **argv)
         if(_ltmp)
             *_ltmp = '\0';
     }
-
+    
 
 
     if(chdir(dir) != 0)
@@ -231,18 +230,18 @@ int main(int argc, char **argv)
 
 
     /*
-     * Anonymous Section: Load rules, decoders, and lists
+     * Anonymous Section: Load rules, decoders, and lists 
      *
      * As lists require two pass loading of rules that make use of list lookups
-     * are created with blank database structs, and need to be filled in after
-     * completion of all rules and lists.
+     * are created with blank database structs, and need to be filled in after 
+     * completion of all rules and lists. 
      */
     {
         { /* Lad decders */
             /* Initializing the decoders list */
             OS_CreateOSDecoderList();
 
-            if(!Config.decoders)
+            if(!Config.decoders) 
             { /* Legacy loading */
                 /* Reading decoders */
                 if(!ReadDecodeXML("etc/decoder.xml"))
@@ -272,9 +271,9 @@ int main(int argc, char **argv)
                     verbose("%s: INFO: Reading decoder file %s.", ARGV0, *decodersfiles);
                     if(!ReadDecodeXML(*decodersfiles))
                         ErrorExit(CONFIG_ERROR, ARGV0, *decodersfiles);
-
-                    free(*decodersfiles);
-                    decodersfiles++;
+                    
+                    free(*decodersfiles);    
+                    decodersfiles++;    
                 }
             }
 
@@ -283,7 +282,7 @@ int main(int argc, char **argv)
         }
         { /* Load Lists */
             /* Initializing the lists of list struct */
-            Lists_OP_CreateLists();
+            Lists_OP_CreateLists(); 
             /* Load each list into list struct */
             {
                 char **listfiles;
@@ -313,31 +312,31 @@ int main(int argc, char **argv)
                     debug1("%s: INFO: Reading rules file: '%s'", ARGV0, *rulesfiles);
                     if(Rules_OP_ReadRules(*rulesfiles) < 0)
                         ErrorExit(RULES_ERROR, ARGV0, *rulesfiles);
-
-                    free(*rulesfiles);
-                    rulesfiles++;
+                        
+                    free(*rulesfiles);    
+                    rulesfiles++;    
                 }
 
                 free(Config.includes);
                 Config.includes = NULL;
             }
-
+            
             /* Find all rules with that require list lookups and attache the
-             * the correct list struct to the rule.  This keeps rules from having to
+             * the correct list struct to the rule.  This keeps rules from having to 
              * search thought the list of lists for the correct file during rule evaluation.
              */
             OS_ListLoadRules();
         }
     }
 
-
+    
     /* Fixing the levels/accuracy */
     {
         int total_rules;
         RuleNode *tmp_node = OS_GetFirstRule();
 
         total_rules = _setlevels(tmp_node, 0);
-        debug1("%s: INFO: Total rules enabled: '%d'", ARGV0, total_rules);
+        debug1("%s: INFO: Total rules enabled: '%d'", ARGV0, total_rules);    
     }
 
 
@@ -358,7 +357,7 @@ int main(int argc, char **argv)
         exit(0);
     }
 
-
+    
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, getpid());
 
@@ -368,7 +367,7 @@ int main(int argc, char **argv)
 
 
     exit(0);
-
+    
 }
 
 
@@ -384,12 +383,12 @@ void OS_ReadMSG(int m_queue, char *ut_str)
     int exit_code = 0;
     char *ut_alertlevel = NULL;
     char *ut_rulelevel = NULL;
-    char *ut_decoder_name = NULL;
+    char *ut_decoder_name = NULL; 
 
     if(ut_str)
     {
         /* XXX Break apart string */
-        ut_rulelevel = ut_str;
+        ut_rulelevel = ut_str; 
         ut_alertlevel =  strchr(ut_rulelevel, ':');
         if(!ut_alertlevel)
         {
@@ -399,7 +398,7 @@ void OS_ReadMSG(int m_queue, char *ut_str)
         else
         {
             *ut_alertlevel = '\0';
-            ut_alertlevel++;
+            ut_alertlevel++; 
         }
         ut_decoder_name = strchr(ut_alertlevel, ':');
         if(!ut_decoder_name)
@@ -431,7 +430,7 @@ void OS_ReadMSG(int m_queue, char *ut_str)
     {
         ErrorExit(FTS_LIST_ERROR, ARGV0);
     }
-
+                                
 
     __crt_ftell = 1;
 
@@ -442,17 +441,17 @@ void OS_ReadMSG(int m_queue, char *ut_str)
 
     /* Doing some cleanup */
     memset(msg, '\0', OS_MAXSTR +1);
-
+    
 
     if(!alert_only)
     print_out("%s: Type one log per line.\n", ARGV0);
-
-
+    
+    
     /* Daemon loop */
     while(1)
     {
         lf = (Eventinfo *)calloc(1,sizeof(Eventinfo));
-
+        
         /* This shouldn't happen .. */
         if(lf == NULL)
         {
@@ -462,9 +461,9 @@ void OS_ReadMSG(int m_queue, char *ut_str)
 
         /* Fixing the msg. */
         snprintf(msg, 15, "1:stdin:");
-
-
-
+        
+    
+        
         /* Receive message from queue */
         if(fgets(msg +8, OS_MAXSTR, stdin))
         {
@@ -484,10 +483,10 @@ void OS_ReadMSG(int m_queue, char *ut_str)
             {
                 continue;
             }
-
-
+            
+            
             if(!alert_only)print_out("\n");
-
+            
 
             /* Default values for the log info */
             Zero_Eventinfo(lf);
@@ -516,17 +515,17 @@ void OS_ReadMSG(int m_queue, char *ut_str)
 
             /* Decoding event. */
             DecodeEvent(lf);
-
+            
 
             /* Looping all the rules */
             rulenode_pt = OS_GetFirstRule();
-            if(!rulenode_pt)
+            if(!rulenode_pt) 
             {
                 ErrorExit("%s: Rules in an inconsistent state. Exiting.",
                         ARGV0);
             }
 
-
+            
             #ifdef TESTRULE
             if(full_output && !alert_only)
                 print_out("\n**Rule debugging:");
@@ -545,9 +544,9 @@ void OS_ReadMSG(int m_queue, char *ut_str)
                     /* We go ahead in here and process the alert. */
                     currently_rule = lf->generated_rule;
                 }
-
+                                                                                                                                                                                            
                 /* The categories must match */
-                else if(rulenode_pt->ruleinfo->category !=
+                else if(rulenode_pt->ruleinfo->category != 
                         lf->decoder_info->type)
                 {
                     continue;
@@ -555,7 +554,7 @@ void OS_ReadMSG(int m_queue, char *ut_str)
 
 
                 /* Checking each rule. */
-                else if((currently_rule = OS_CheckIfRuleMatch(lf, rulenode_pt))
+                else if((currently_rule = OS_CheckIfRuleMatch(lf, rulenode_pt)) 
                         == NULL)
                 {
                     continue;
@@ -569,13 +568,13 @@ void OS_ReadMSG(int m_queue, char *ut_str)
                   print_out("       Rule id: '%d'", currently_rule->sigid);
                   print_out("       Level: '%d'", currently_rule->level);
                   print_out("       Description: '%s'",currently_rule->comment);
-                  for (last_info_detail = currently_rule->info_details; last_info_detail != NULL; last_info_detail = last_info_detail->next)
+                  for (last_info_detail = currently_rule->info_details; last_info_detail != NULL; last_info_detail = last_info_detail->next) 
                   {
                       print_out("       Info - %s: '%s'", ruleinfodetail_text[last_info_detail->type], last_info_detail->data);
                   }
                 }
                 #endif
-
+                                            
 
 
                 /* Ignore level 0 */
@@ -585,7 +584,7 @@ void OS_ReadMSG(int m_queue, char *ut_str)
                 }
 
 
-                /* Checking ignore time */
+                /* Checking ignore time */ 
                 if(currently_rule->ignore_time)
                 {
                     if(currently_rule->time_ignored == 0)
@@ -596,7 +595,7 @@ void OS_ReadMSG(int m_queue, char *ut_str)
                      * is less than the time it should be ignored,
                      * leave (do not alert again).
                      */
-                    else if((lf->time - currently_rule->time_ignored)
+                    else if((lf->time - currently_rule->time_ignored) 
                             < currently_rule->ignore_time)
                     {
                         break;
@@ -610,7 +609,7 @@ void OS_ReadMSG(int m_queue, char *ut_str)
                 /* Pointer to the rule that generated it */
                 lf->generated_rule = currently_rule;
 
-
+                
                 /* Checking if we should ignore it */
                 if(currently_rule->ckignore && IGnore(lf))
                 {
@@ -618,7 +617,7 @@ void OS_ReadMSG(int m_queue, char *ut_str)
                     lf->generated_rule = NULL;
                     break;
                 }
-
+                
                 /* Checking if we need to add to ignore list */
                 if(currently_rule->ignore)
                 {
@@ -650,19 +649,19 @@ void OS_ReadMSG(int m_queue, char *ut_str)
                     }
                     else
                     {
-                        lf->sid_node_to_delete =
+                        lf->sid_node_to_delete = 
                             currently_rule->sid_prev_matched->last_node;
                     }
                 }
                 /* Group list */
                 else if(currently_rule->group_prev_matched)
                 {
-                    i = 0;
-
+                    i = 0;  
+                    
                     while(i < currently_rule->group_prev_matched_sz)
                     {
                         if(!OSList_AddData(
-                                currently_rule->group_prev_matched[i],
+                                currently_rule->group_prev_matched[i], 
                                 lf))
                         {
                            merror("%s: Unable to add data to grp list.",ARGV0);
@@ -670,7 +669,7 @@ void OS_ReadMSG(int m_queue, char *ut_str)
                         i++;
                     }
                 }
-
+                
                 OS_AddEvent(lf);
 
                 break;
@@ -702,7 +701,7 @@ void OS_ReadMSG(int m_queue, char *ut_str)
 
 
             /* Only clear the memory if the eventinfo was not
-             * added to the stateful memory
+             * added to the stateful memory 
              * -- message is free inside clean event --
              */
             if(lf->generated_rule == NULL)
@@ -711,7 +710,7 @@ void OS_ReadMSG(int m_queue, char *ut_str)
         }
         else
         {
-            exit(exit_code);
+            exit(exit_code);   
         }
     }
     exit(exit_code);
diff --git a/src/client-agent/._COPYRIGHT b/src/client-agent/._COPYRIGHT
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._COPYRIGHT differ
diff --git a/src/client-agent/._Makefile b/src/client-agent/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._Makefile differ
diff --git a/src/client-agent/._VERSION b/src/client-agent/._VERSION
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._VERSION differ
diff --git a/src/client-agent/._agentd.c b/src/client-agent/._agentd.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._agentd.c differ
diff --git a/src/client-agent/._agentd.h b/src/client-agent/._agentd.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._agentd.h differ
diff --git a/src/client-agent/._config.c b/src/client-agent/._config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._config.c differ
diff --git a/src/client-agent/._event-forward.c b/src/client-agent/._event-forward.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._event-forward.c differ
diff --git a/src/client-agent/._intcheck_op.c b/src/client-agent/._intcheck_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._intcheck_op.c differ
diff --git a/src/client-agent/._main.c b/src/client-agent/._main.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._main.c differ
diff --git a/src/client-agent/._notify.c b/src/client-agent/._notify.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._notify.c differ
diff --git a/src/client-agent/._receiver-win.c b/src/client-agent/._receiver-win.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._receiver-win.c differ
diff --git a/src/client-agent/._receiver.c b/src/client-agent/._receiver.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._receiver.c differ
diff --git a/src/client-agent/._sendmsg.c b/src/client-agent/._sendmsg.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._sendmsg.c differ
diff --git a/src/client-agent/._start_agent.c b/src/client-agent/._start_agent.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/client-agent/._start_agent.c differ
diff --git a/src/client-agent/agentd.c b/src/client-agent/agentd.c
index 6439250..1e08e19 100755
--- a/src/client-agent/agentd.c
+++ b/src/client-agent/agentd.c
@@ -29,30 +29,30 @@ void AgentdStart(char *dir, int uid, int gid, char *user, char *group)
 {
     int rc = 0;
     int pid = 0;
-    int maxfd = 0;
+    int maxfd = 0;   
 
     fd_set fdset;
-
+    
     struct timeval fdtimeout;
 
-
+    
     /* Going daemon */
     pid = getpid();
     available_server = 0;
     nowDaemon();
     goDaemon();
 
-
+    
     /* Setting group ID */
     if(Privsep_SetGroup(gid) < 0)
         ErrorExit(SETGID_ERROR, ARGV0, group);
 
-
+    
     /* chrooting */
     if(Privsep_Chroot(dir) < 0)
         ErrorExit(CHROOT_ERROR, ARGV0, dir);
 
-
+    
     nowChroot();
 
 
@@ -69,7 +69,7 @@ void AgentdStart(char *dir, int uid, int gid, char *user, char *group)
 
     maxfd = logr->m_queue;
     logr->sock = -1;
-
+    
 
 
     /* Creating PID file */	
@@ -79,11 +79,11 @@ void AgentdStart(char *dir, int uid, int gid, char *user, char *group)
 
     /* Reading the private keys  */
     verbose(ENC_READ, ARGV0);
-
+        
     OS_ReadKeys(&keys);
     OS_StartCounter(&keys);
 
-    /* cmoraes : changed the following call to
+    /* cmoraes : changed the following call to 
     os_write_agent_info(keys.keyentries[0]->name, NULL, keys.keyentries[0]->id);
     */
     os_write_agent_info(keys.keyentries[0]->name, NULL, keys.keyentries[0]->id,
@@ -93,14 +93,14 @@ void AgentdStart(char *dir, int uid, int gid, char *user, char *group)
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, (int)getpid());
 
-
+    
     /* Initial random numbers */
     #ifdef __OpenBSD__
     srandomdev();
     #else
     srandom( time(0) + getpid()+ pid + getppid());
     #endif
-
+                    
     random();
 
 
@@ -118,7 +118,7 @@ void AgentdStart(char *dir, int uid, int gid, char *user, char *group)
     {
         ErrorExit(UNABLE_CONN, ARGV0);
     }
-
+    
 
     /* Setting max fd for select */
     if(logr->sock > maxfd)
@@ -144,7 +144,7 @@ void AgentdStart(char *dir, int uid, int gid, char *user, char *group)
     os_setwait();
 
     start_agent(1);
-
+    
     os_delwait();
 
 
@@ -152,15 +152,15 @@ void AgentdStart(char *dir, int uid, int gid, char *user, char *group)
     intcheck_file(OSSECCONF, dir);
     intcheck_file(OSSEC_DEFINES, dir);
 
-
+   
     /* Sending first notification */
     run_notify();
-
-
+    
+     
     /* Maxfd must be higher socket +1 */
     maxfd++;
-
-
+    
+    
     /* monitor loop */
     while(1)
     {
@@ -172,28 +172,28 @@ void AgentdStart(char *dir, int uid, int gid, char *user, char *group)
         fdtimeout.tv_sec = 120;
         fdtimeout.tv_usec = 0;
 
-
+        
         /* Wait for 120 seconds at a maximum for any descriptor */
         rc = select(maxfd, &fdset, NULL, NULL, &fdtimeout);
         if(rc == -1)
         {
             ErrorExit(SELECT_ERROR, ARGV0);
         }
-
-
+       
+        
         else if(rc == 0)
         {
             continue;
-        }
-
+        }    
 
+        
         /* For the receiver */
         if(FD_ISSET(logr->sock, &fdset))
         {
             receive_msg();
         }
 
-
+        
         /* For the forwarder */
         if(FD_ISSET(logr->m_queue, &fdset))
         {
diff --git a/src/client-agent/agentd.h b/src/client-agent/agentd.h
index 87b5c92..5496a68 100755
--- a/src/client-agent/agentd.h
+++ b/src/client-agent/agentd.h
@@ -40,7 +40,7 @@ void *receive_msg();
 /* Receiver messages for Windows */
 void *receiver_thread(void *none);
 
-/* intcheck_file:
+/* intcheck_file: 
  * Sends integrity checking information about a file to the server.
  */
 int intcheck_file(char *file_name, char *dir);
@@ -64,7 +64,7 @@ void run_notify();
 /*** Global variables ***/
 
 /* Global variables. Only modified
- * during startup.
+ * during startup. 
  */
 
 #include "shared.h"
diff --git a/src/client-agent/config.c b/src/client-agent/config.c
index 7d6d151..529d57d 100755
--- a/src/client-agent/config.c
+++ b/src/client-agent/config.c
@@ -26,7 +26,7 @@
 /* ClientConf v0.2, 2005/03/03
  * Read the config file (for the remote client)
  * v0.2: New OS_XML
- */
+ */ 
 int ClientConf(char *cfgfile)
 {
     int modules = 0;
diff --git a/src/client-agent/intcheck_op.c b/src/client-agent/intcheck_op.c
index a7025c6..811212b 100755
--- a/src/client-agent/intcheck_op.c
+++ b/src/client-agent/intcheck_op.c
@@ -43,7 +43,7 @@ int intcheck_file(char *file_name, char *dir)
     if(lstat(file_name, &statbuf) < 0)
     #endif
     {
-        snprintf(newsum, 911,"%c:%s:-1 %s%s", SYSCHECK_MQ, SYSCHECK,
+        snprintf(newsum, 911,"%c:%s:-1 %s%s", SYSCHECK_MQ, SYSCHECK, 
                                               dir, file_name);
         send_msg(0, newsum);
 
@@ -71,7 +71,7 @@ int intcheck_file(char *file_name, char *dir)
         }
     }
 
-
+    
     snprintf(newsum,911,"%c:%s:%d:%d:%d:%d:%s:%s %s%s",
             SYSCHECK_MQ, SYSCHECK,
             (int)statbuf.st_size,
diff --git a/src/client-agent/main.c b/src/client-agent/main.c
index bda8ced..ae2e642 100755
--- a/src/client-agent/main.c
+++ b/src/client-agent/main.c
@@ -36,15 +36,15 @@ int main(int argc, char **argv)
 {
     int c = 0;
     int test_config = 0;
-
+    
     char *dir = DEFAULTDIR;
     char *user = USER;
     char *group = GROUPGLOBAL;
-
+    
     int uid = 0;
     int gid = 0;
 
-
+    
     /* Setting the name */
     OS_SetName(ARGV0);
 
@@ -71,7 +71,7 @@ int main(int argc, char **argv)
                 group = optarg;
                 break;		
             case 't':
-                test_config = 1;
+                test_config = 1;    
                 break;
             case 'D':
                 if(!optarg)
@@ -89,7 +89,7 @@ int main(int argc, char **argv)
         ErrorExit(MEM_ERROR, ARGV0);
     }
 
-
+    
     /* Reading config */
     if(ClientConf(DEFAULTCPATH) < 0)
     {
@@ -99,7 +99,7 @@ int main(int argc, char **argv)
     if(!logr->rip)
     {
         merror(AG_INV_IP, ARGV0);
-        ErrorExit(CLIENT_ERROR,ARGV0);
+        ErrorExit(CLIENT_ERROR,ARGV0);        
     }
 
 
@@ -109,7 +109,7 @@ int main(int argc, char **argv)
         ErrorExit(AG_NOKEYS_EXIT, ARGV0);
     }
 
-
+        
     /* Check if the user/group given are valid */
     uid = Privsep_GetUser(user);
     gid = Privsep_GetGroup(group);
@@ -132,7 +132,7 @@ int main(int argc, char **argv)
     /* Agentd Start */
     AgentdStart(dir, uid, gid, user, group);
 
-
+    
     return(0);
 }
 
diff --git a/src/client-agent/notify.c b/src/client-agent/notify.c
index e698380..1680b6b 100755
--- a/src/client-agent/notify.c
+++ b/src/client-agent/notify.c
@@ -42,9 +42,9 @@ char *getsharedfiles()
     int m_size = 512;
 
     char *ret;
-
+    
     os_md5 md5sum;
-
+    
 
     if(OS_MD5_File(SHAREDCFG_FILE, md5sum) != 0)
     {
@@ -64,7 +64,7 @@ char *getsharedfiles()
 
 
     snprintf(ret, m_size, "%s merged.mg\n", md5sum);
-
+    
 
     return(ret);
 }
@@ -113,14 +113,14 @@ void run_notify()
         return;
     }
     g_saved_time = curr_time;
-
+    
     debug1("%s: DEBUG: Sending agent notification.", ARGV0);
 
 
     /* Send the message.
-     * Message is going to be the
-     * uname\n checksum file\n checksum file\n
-     */
+     * Message is going to be the 
+     * uname\n checksum file\n checksum file\n 
+     */   
 
     /* Getting uname */
     uname = getuname();
diff --git a/src/client-agent/receiver-win.c b/src/client-agent/receiver-win.c
index 33395e4..75022be 100755
--- a/src/client-agent/receiver-win.c
+++ b/src/client-agent/receiver-win.c
@@ -20,36 +20,36 @@
 
 
 
-/* receiver_thread:
+/* receiver_thread: 
  * Receive events from the server.
  */
 void *receiver_thread(void *none)
 {
     int recv_b;
-
+    
     char file[OS_SIZE_1024 +1];
     char buffer[OS_MAXSTR +1];
-
+    
     char cleartext[OS_MAXSTR + 1];
     char *tmp_msg;
-
+   
     char file_sum[34];
 
     fd_set fdset;
     struct timeval selecttime;
-
+     
     FILE *fp;
 
 
     /* Setting FP to null, before starting */
     fp = NULL;
-
+   
     memset(cleartext, '\0', OS_MAXSTR +1);
     memset(buffer, '\0', OS_MAXSTR +1);
     memset(file, '\0', OS_SIZE_1024 +1);
     memset(file_sum, '\0', 34);
-
-
+    
+    
     while(1)
     {
         /* sock must be set. */
@@ -61,13 +61,13 @@ void *receiver_thread(void *none)
 
         FD_ZERO(&fdset);
         FD_SET(logr->sock, &fdset);
-
+        
 
         /* Wait for 30 seconds. */
         selecttime.tv_sec = 30;
         selecttime.tv_usec = 0;
 
-
+        
         /* Wait for 120 seconds at a maximum for any descriptor */
         recv_b = select(0, &fdset, NULL, NULL, &selecttime);
         if(recv_b == -1)
@@ -81,7 +81,7 @@ void *receiver_thread(void *none)
             continue;
         }
 
-        /* Read until no more messages are available */
+        /* Read until no more messages are available */ 
         while((recv_b = recv(logr->sock,buffer,OS_SIZE_1024, 0))>0)
         {
             /* Id of zero -- only one key allowed */
@@ -98,27 +98,27 @@ void *receiver_thread(void *none)
             {
                 /* This is the only thread that modifies it */
                 available_server = (int)time(NULL);
-
+                
 
                 /* Run timeout commands. */
                 if(logr->execdq >= 0)
                     WinTimeoutRun(available_server);
-
+                
                 /* If it is an active response message */
                 if(strncmp(tmp_msg, EXECD_HEADER, strlen(EXECD_HEADER)) == 0)
                 {
                     tmp_msg+=strlen(EXECD_HEADER);
-
+                    
 
                     /* Run on windows. */
                     if(logr->execdq >= 0)
                     {
                         WinExecdRun(tmp_msg);
                     }
-
-
+                    
+                        
                     continue;
-                }
+                } 
 
 
                 /* Restart syscheck. */
@@ -128,7 +128,7 @@ void *receiver_thread(void *none)
                     continue;
                 }
 
-
+                
                 /* Ack from server */
                 else if(strcmp(tmp_msg, HC_ACK) == 0)
                 {
@@ -143,7 +143,7 @@ void *receiver_thread(void *none)
                 }
 
                 /* File update message */
-                if(strncmp(tmp_msg, FILE_UPDATE_HEADER,
+                if(strncmp(tmp_msg, FILE_UPDATE_HEADER, 
                                     strlen(FILE_UPDATE_HEADER)) == 0)
                 {
                     char *validate_file;
@@ -161,7 +161,7 @@ void *receiver_thread(void *none)
                     /* copying the file sum */
                     strncpy(file_sum, tmp_msg, 33);
 
-
+                    
                     /* Setting tmp_msg to the beginning of the file name */
                     validate_file++;
                     tmp_msg = validate_file;
@@ -178,10 +178,10 @@ void *receiver_thread(void *none)
                     }
 
                     if(tmp_msg[0] == '.')
-                        tmp_msg[0] = '-';
+                        tmp_msg[0] = '-';            
 
-
-                    snprintf(file, OS_SIZE_1024, "%s/%s",
+                    
+                    snprintf(file, OS_SIZE_1024, "%s/%s", 
                             SHAREDCFG_DIR,
                             tmp_msg);
 
@@ -192,7 +192,7 @@ void *receiver_thread(void *none)
                     }
                 }
 
-                else if(strncmp(tmp_msg, FILE_CLOSE_HEADER,
+                else if(strncmp(tmp_msg, FILE_CLOSE_HEADER, 
                                          strlen(FILE_CLOSE_HEADER)) == 0)
                 {
                     /* no error */
@@ -204,7 +204,7 @@ void *receiver_thread(void *none)
                         fclose(fp);
                         fp = NULL;
                     }
-
+                    
                     if(file[0] == '\0')
                     {
                         /* nada */
@@ -221,7 +221,7 @@ void *receiver_thread(void *none)
                         if(strcmp(currently_md5, file_sum) != 0)
                         {
                             debug1("%s: Failed md5 for: %s -- deleting.",
-                                   ARGV0, file);
+                                   ARGV0, file); 
                             unlink(file);
                         }
                         else
@@ -264,10 +264,10 @@ void *receiver_thread(void *none)
                 merror("%s: WARN: Unknown message received. No action defined.",
                        ARGV0);
             }
-        }
+        }    
     }
 
-
+    
     /* Cleaning up */
     if(fp)
     {
@@ -275,7 +275,7 @@ void *receiver_thread(void *none)
         if(file[0] != '\0')
             unlink(file);
     }
-
+        
     return(NULL);
 
 }
diff --git a/src/client-agent/receiver.c b/src/client-agent/receiver.c
index 1a35484..3493e94 100755
--- a/src/client-agent/receiver.c
+++ b/src/client-agent/receiver.c
@@ -30,7 +30,7 @@ char file_sum[34] = "";
 char file[OS_SIZE_1024 +1] = "";
 
 
-/* receive_msg:
+/* receive_msg: 
  * Receive events from the server.
  */
 void *receive_msg()
@@ -48,7 +48,7 @@ void *receive_msg()
 
 
 
-    /* Read until no more messages are available */
+    /* Read until no more messages are available */ 
     while((recv_b = recv(logr->sock, buffer, OS_SIZE_1024, MSG_DONTWAIT)) > 0)
     {
         buffer[recv_b] = '\0';
@@ -84,7 +84,7 @@ void *receive_msg()
                 {
                     if(OS_SendUnix(logr->execdq, tmp_msg, 0) < 0)
                     {
-                        merror("%s: Error communicating with execd",
+                        merror("%s: Error communicating with execd", 
                                 ARGV0);
                     }
                 }
@@ -102,7 +102,7 @@ void *receive_msg()
 
 
                 continue;
-            }
+            } 
 
 
             /* Restart syscheck. */
@@ -129,7 +129,7 @@ void *receive_msg()
 
 
             /* File update message */
-            if(strncmp(tmp_msg, FILE_UPDATE_HEADER,
+            if(strncmp(tmp_msg, FILE_UPDATE_HEADER, 
                        strlen(FILE_UPDATE_HEADER)) == 0)
             {
                 char *validate_file;
@@ -165,10 +165,10 @@ void *receive_msg()
                 }
 
                 if(tmp_msg[0] == '.')
-                    tmp_msg[0] = '-';
+                    tmp_msg[0] = '-';            
 
 
-                snprintf(file, OS_SIZE_1024, "%s/%s",
+                snprintf(file, OS_SIZE_1024, "%s/%s", 
                         SHAREDCFG_DIR,
                         tmp_msg);
 
@@ -180,7 +180,7 @@ void *receive_msg()
                 }
             }
 
-            else if(strncmp(tmp_msg, FILE_CLOSE_HEADER,
+            else if(strncmp(tmp_msg, FILE_CLOSE_HEADER, 
                         strlen(FILE_CLOSE_HEADER)) == 0)
             {
                 /* no error */
@@ -209,7 +209,7 @@ void *receive_msg()
                     if(strcmp(currently_md5, file_sum) != 0)
                     {
                         debug1("%s: ERROR: Failed md5 for: %s -- deleting.",
-                                ARGV0, file);
+                                ARGV0, file); 
                         unlink(file);
                     }
                     else
@@ -253,7 +253,7 @@ void *receive_msg()
             merror("%s: WARN: Unknown message received. No action defined.",
                     ARGV0);
         }
-    }
+    }    
 
 
     return(NULL);
diff --git a/src/client-agent/sendmsg.c b/src/client-agent/sendmsg.c
index f92a457..ad0be49 100755
--- a/src/client-agent/sendmsg.c
+++ b/src/client-agent/sendmsg.c
@@ -15,7 +15,7 @@
 #include "agentd.h"
 
 #include "os_net/os_net.h"
-
+       
 
 /* Sends a message to the server */
 int send_msg(int agentid, char *msg)
diff --git a/src/client-agent/start_agent.c b/src/client-agent/start_agent.c
index 3327d9d..1b211f1 100755
--- a/src/client-agent/start_agent.c
+++ b/src/client-agent/start_agent.c
@@ -45,15 +45,15 @@ int connect_server(int initial_id)
 
         if(logr->rip[1])
         {
-            verbose("%s: INFO: Closing connection to server (%s:%d).",
+            verbose("%s: INFO: Closing connection to server (%s:%d).", 
                     ARGV0,
                     logr->rip[rc],
                     logr->port);
         }
-
+        
     }
-
-
+    
+    
     while(logr->rip[rc])
     {
         char *tmp_str;
@@ -64,7 +64,7 @@ int connect_server(int initial_id)
         {
             char *f_ip;
             *tmp_str = '\0';
-
+            
             f_ip = OS_GetHost(logr->rip[rc], 5);
             if(f_ip)
             {
@@ -72,7 +72,7 @@ int connect_server(int initial_id)
                 ip_str[127] = '\0';
 
                 snprintf(ip_str, 127, "%s/%s", logr->rip[rc], f_ip);
-
+                
                 free(f_ip);
                 free(logr->rip[rc]);
 
@@ -82,7 +82,7 @@ int connect_server(int initial_id)
             }
             else
             {
-                merror("%s: WARN: Unable to get hostname for '%s'.",
+                merror("%s: WARN: Unable to get hostname for '%s'.", 
                        ARGV0, logr->rip[rc]);
                 *tmp_str = '/';
                 tmp_str++;
@@ -92,8 +92,8 @@ int connect_server(int initial_id)
         {
             tmp_str = logr->rip[rc];
         }
-
-
+        
+        
         verbose("%s: INFO: Trying to connect to server (%s:%d).", ARGV0,
                 logr->rip[rc],
                 logr->port);
@@ -119,11 +119,11 @@ int connect_server(int initial_id)
             if(logr->rip[rc] == NULL)
             {
                 attempts += 10;
-
+                
                 /* Only log that if we have more than 1 server configured. */
                 if(logr->rip[1])
                     merror("%s: ERROR: Unable to connect to any server.",ARGV0);
-
+                    
                 sleep(attempts);
                 rc = 0;
             }
@@ -137,7 +137,7 @@ int connect_server(int initial_id)
 
             #ifdef WIN32
             int bmode = 1;
-
+            
             /* Setting socket to non-blocking */
             ioctlsocket(logr->sock, FIONBIO, (u_long FAR*) &bmode);
             #endif
@@ -164,7 +164,7 @@ void start_agent(int is_startup)
     char buffer[OS_MAXSTR +1];
     char cleartext[OS_MAXSTR +1];
     char fmsg[OS_MAXSTR +1];
-
+    
 
     memset(msg, '\0', OS_MAXSTR +2);
     memset(buffer, '\0', OS_MAXSTR +1);
@@ -176,15 +176,15 @@ void start_agent(int is_startup)
     #ifdef ONEWAY
     return;
     #endif
-
-
+    
+    
     /* Sending start message and waiting for the ack */	
     while(1)
     {
         /* Sending start up message */
         send_msg(0, msg);
         attempts = 0;
-
+        
 
         /* Read until our reply comes back */
         while(((recv_b = recv(logr->sock, buffer, OS_MAXSTR,
@@ -203,10 +203,10 @@ void start_agent(int is_startup)
                 {
                     send_msg(0, msg);
                 }
-
+                
                 continue;
             }
-
+            
             /* Id of zero -- only one key allowed */
             tmp_msg = ReadSecMSG(&keys, buffer, cleartext, 0, recv_b -1);
             if(tmp_msg == NULL)
@@ -224,16 +224,16 @@ void start_agent(int is_startup)
                 {
                     available_server = time(0);
 
-                    verbose(AG_CONNECTED, ARGV0, logr->rip[logr->rip_id],
+                    verbose(AG_CONNECTED, ARGV0, logr->rip[logr->rip_id], 
                                                  logr->port);
-
+                    
                     if(is_startup)
                     {
                         /* Send log message about start up */
-                        snprintf(msg, OS_MAXSTR, OS_AG_STARTED,
+                        snprintf(msg, OS_MAXSTR, OS_AG_STARTED, 
                                 keys.keyentries[0]->name,
                                 keys.keyentries[0]->ip->ip);
-                        snprintf(fmsg, OS_MAXSTR, "%c:%s:%s", LOCALFILE_MQ,
+                        snprintf(fmsg, OS_MAXSTR, "%c:%s:%s", LOCALFILE_MQ, 
                                                   "ossec", msg);
                         send_msg(0, fmsg);
                     }
@@ -269,11 +269,11 @@ void start_agent(int is_startup)
         {
             sleep(g_attempts);
             g_attempts+=(attempts * 3);
-
+            
             connect_server(0);
         }
     }
-
+    
 
     return;
 }
diff --git a/src/config/._Makefile b/src/config/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._Makefile differ
diff --git a/src/config/._active-response.c b/src/config/._active-response.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._active-response.c differ
diff --git a/src/config/._active-response.h b/src/config/._active-response.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._active-response.h differ
diff --git a/src/config/._agentlessd-config.c b/src/config/._agentlessd-config.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._agentlessd-config.c differ
diff --git a/src/config/._agentlessd-config.h b/src/config/._agentlessd-config.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._agentlessd-config.h differ
diff --git a/src/config/._alerts-config.c b/src/config/._alerts-config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._alerts-config.c differ
diff --git a/src/config/._client-config.c b/src/config/._client-config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._client-config.c differ
diff --git a/src/config/._client-config.h b/src/config/._client-config.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._client-config.h differ
diff --git a/src/config/._config.c b/src/config/._config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._config.c differ
diff --git a/src/config/._config.h b/src/config/._config.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._config.h differ
diff --git a/src/config/._csyslogd-config.c b/src/config/._csyslogd-config.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._csyslogd-config.c differ
diff --git a/src/config/._csyslogd-config.h b/src/config/._csyslogd-config.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._csyslogd-config.h differ
diff --git a/src/config/._dbd-config.c b/src/config/._dbd-config.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._dbd-config.c differ
diff --git a/src/config/._dbd-config.h b/src/config/._dbd-config.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._dbd-config.h differ
diff --git a/src/config/._email-alerts-config.c b/src/config/._email-alerts-config.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._email-alerts-config.c differ
diff --git a/src/config/._global-config.c b/src/config/._global-config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._global-config.c differ
diff --git a/src/config/._global-config.h b/src/config/._global-config.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._global-config.h differ
diff --git a/src/config/._localfile-config.c b/src/config/._localfile-config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._localfile-config.c differ
diff --git a/src/config/._localfile-config.h b/src/config/._localfile-config.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._localfile-config.h differ
diff --git a/src/config/._mail-config.h b/src/config/._mail-config.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._mail-config.h differ
diff --git a/src/config/._remote-config.c b/src/config/._remote-config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._remote-config.c differ
diff --git a/src/config/._remote-config.h b/src/config/._remote-config.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._remote-config.h differ
diff --git a/src/config/._reports-config.c b/src/config/._reports-config.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._reports-config.c differ
diff --git a/src/config/._reports-config.h b/src/config/._reports-config.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._reports-config.h differ
diff --git a/src/config/._rootcheck-config.c b/src/config/._rootcheck-config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._rootcheck-config.c differ
diff --git a/src/config/._rootcheck-config.h b/src/config/._rootcheck-config.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._rootcheck-config.h differ
diff --git a/src/config/._rules-config.c b/src/config/._rules-config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._rules-config.c differ
diff --git a/src/config/._syscheck-config.c b/src/config/._syscheck-config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._syscheck-config.c differ
diff --git a/src/config/._syscheck-config.h b/src/config/._syscheck-config.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/config/._syscheck-config.h differ
diff --git a/src/config/active-response.c b/src/config/active-response.c
index ee4937d..cf9f8de 100755
--- a/src/config/active-response.c
+++ b/src/config/active-response.c
@@ -10,10 +10,7 @@
  * Foundation
  */
 
-#ifndef WIN32
-#include <sys/types.h>
-#include <grp.h>
-#endif
+ 
 #include "shared.h"
 #include "os_xml/os_xml.h"
 #include "os_regex/os_regex.h"
@@ -58,27 +55,7 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
         merror(FOPEN_ERROR, ARGV0, DEFAULTARPATH);
         return(-1);
     }
-
-#ifndef WIN32
-    struct group *os_group;
-    if((os_group = getgrnam(USER)) == NULL)
-    {
-      merror("Could not get ossec gid.");
-      return(-1);
-    }
-
-    if((chown(DEFAULTARPATH, -1, os_group->gr_gid)) == -1)
-    {
-      merror("Could not change the group to ossec: %d", errno);
-      return(-1);
-    }
-#endif
-
-    if((chmod(DEFAULTARPATH, 0440)) == -1)
-    {
-      merror("Could not chmod to 0440: %d", errno);
-      return(-1);
-    }
+    chmod(DEFAULTARPATH, 0444);
 
 
     /* Allocating for the active-response */
@@ -103,7 +80,7 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
 
 
 
-    /* Searching for the commands */
+    /* Searching for the commands */ 
     while(node[i])
     {
         if(!node[i]->element)
@@ -118,12 +95,12 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
         }
 
         /* Command */
-        if(strcmp(node[i]->element, xml_ar_command) == 0)
+        if(strcmp(node[i]->element, xml_ar_command) == 0)    
         {
             tmp_ar->command = strdup(node[i]->content);
         }
         /* Target */
-        else if(strcmp(node[i]->element, xml_ar_location) == 0)
+        else if(strcmp(node[i]->element, xml_ar_location) == 0)    
         {
             tmp_location = strdup(node[i]->content);
         }
@@ -147,7 +124,7 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
                 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
                 return(OS_INVALID);
             }
-
+                                                                            
             tmp_ar->level = atoi(node[i]->content);
 
             /* Making sure the level is valid */
@@ -188,7 +165,7 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
             return(OS_INVALID);
         }
         i++;
-    }
+    } 
 
     /* Checking if ar is disabled */
     if(ar_flag == -1)
@@ -237,14 +214,14 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
     }
 
     /* If we didn't set any value for the location */
-    if(tmp_ar->location == 0)
+    if(tmp_ar->location == 0) 
     {
         merror(AR_INV_LOC, ARGV0, tmp_location);
         return(-1);
     }
 
 
-    /* cleaning tmp_location */
+    /* cleaning tmp_location */ 
     free(tmp_location);
     tmp_location = NULL;
 
@@ -297,13 +274,13 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
     {
         ErrorExit(MEM_ERROR, ARGV0);
     }
-    snprintf(tmp_ar->name, OS_FLSIZE, "%s%d",
+    snprintf(tmp_ar->name, OS_FLSIZE, "%s%d", 
             tmp_ar->ar_cmd->name,
-            tmp_ar->timeout);
+            tmp_ar->timeout);  
 
 
     /* Adding to shared file */
-    fprintf(fp, "%s - %s - %d\n",
+    fprintf(fp, "%s - %s - %d\n", 
             tmp_ar->name,
             tmp_ar->ar_cmd->executable,
             tmp_ar->timeout);
@@ -337,7 +314,7 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
     {
         ar_flag|= LOCAL_AR;
     }
-
+    
     /* Closing shared file for active response */
     fclose(fp);
 
@@ -378,7 +355,7 @@ int ReadActiveCommands(XML_NODE node, void *d1, void *d2)
     tmp_command->timeout_allowed = 0;
 
 
-    /* Searching for the commands */
+    /* Searching for the commands */ 
     while(node[i])
     {
         if(!node[i]->element)
@@ -391,11 +368,11 @@ int ReadActiveCommands(XML_NODE node, void *d1, void *d2)
             merror(XML_VALUENULL, ARGV0, node[i]->element);
             return(OS_INVALID);
         }
-        if(strcmp(node[i]->element, command_name) == 0)
+        if(strcmp(node[i]->element, command_name) == 0)    
         {
             tmp_command->name = strdup(node[i]->content);
         }
-        else if(strcmp(node[i]->element, command_expect) == 0)
+        else if(strcmp(node[i]->element, command_expect) == 0)    
         {
             tmp_str = strdup(node[i]->content);
         }
diff --git a/src/config/active-response.h b/src/config/active-response.h
index c9ca703..86f197e 100755
--- a/src/config/active-response.h
+++ b/src/config/active-response.h
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 #ifndef _CAR__H
 #define _CAR__H
 
@@ -20,7 +20,7 @@ typedef struct _ar_command
 {
     int expect;
     int timeout_allowed;
-
+    
     char *name;
     char *executable;
 }ar_command;
@@ -37,7 +37,7 @@ typedef struct _ar
     char *agent_id;
     char *rules_id;
     char *rules_group;
-
+    
     ar_command *ar_cmd;
 }active_response;
 
diff --git a/src/config/agentlessd-config.c b/src/config/agentlessd-config.c
index 6694126..abafd51 100644
--- a/src/config/agentlessd-config.c
+++ b/src/config/agentlessd-config.c
@@ -34,7 +34,7 @@ int Read_CAgentless(XML_NODE node, void *config, void *config2)
 
     agentlessd_config *lessd_config = (agentlessd_config *)config;
 
-
+     
     /* Getting any configured entry. */
     if(lessd_config->entries)
     {
@@ -42,9 +42,9 @@ int Read_CAgentless(XML_NODE node, void *config, void *config2)
             s++;
     }
 
-
+    
     /* Allocating the memory for the config. */
-    os_realloc(lessd_config->entries, (s + 2) * sizeof(agentlessd_entries *),
+    os_realloc(lessd_config->entries, (s + 2) * sizeof(agentlessd_entries *), 
                lessd_config->entries);
     os_calloc(1, sizeof(agentlessd_entries), lessd_config->entries[s]);
     lessd_config->entries[s + 1] = NULL;
@@ -61,7 +61,7 @@ int Read_CAgentless(XML_NODE node, void *config, void *config2)
     lessd_config->entries[s]->port = 0;
     lessd_config->entries[s]->error_flag = 0;
 
-
+    
     /* Reading the XML. */
     while(node[i])
     {
@@ -99,7 +99,7 @@ int Read_CAgentless(XML_NODE node, void *config, void *config2)
         {
             char s_content[1024 +1];
             s_content[1024] = '\0';
-
+            
             /* Getting any configured entry. */
             j = 0;
             if(lessd_config->entries[s]->server)
@@ -108,8 +108,8 @@ int Read_CAgentless(XML_NODE node, void *config, void *config2)
                     j++;
             }
 
-            os_realloc(lessd_config->entries[s]->server, (j + 2) *
-                       sizeof(char *),
+            os_realloc(lessd_config->entries[s]->server, (j + 2) * 
+                       sizeof(char *), 
                        lessd_config->entries[s]->server);
             if(strncmp(node[i]->content, "use_su ", 7) == 0)
             {
@@ -123,8 +123,8 @@ int Read_CAgentless(XML_NODE node, void *config, void *config2)
             {
                 snprintf(s_content, 1024, " %s", node[i]->content);
             }
-
-            os_strdup(s_content,
+            
+            os_strdup(s_content, 
                       lessd_config->entries[s]->server[j]);
             lessd_config->entries[s]->server[j + 1] = NULL;
         }
@@ -135,11 +135,11 @@ int Read_CAgentless(XML_NODE node, void *config, void *config2)
             script_path[1024] = '\0';
             snprintf(script_path, 1024, "%s/%s", AGENTLESSDIRPATH,
                                          node[i]->content);
-
+            
             if(File_DateofChange(script_path) <= 0)
             {
                 merror("%s: ERROR: Unable to find '%s' at '%s'.",
-                       ARGV0, node[i]->content, AGENTLESSDIRPATH);
+                       ARGV0, node[i]->content, AGENTLESSDIRPATH); 
                 merror(XML_VALUEERR,ARGV0, node[i]->element, node[i]->content);
                 return(OS_INVALID);
             }
@@ -191,8 +191,8 @@ int Read_CAgentless(XML_NODE node, void *config, void *config2)
         merror(XML_INV_MISSOPTS, ARGV0);
         return(OS_INVALID);
     }
-
-
+       
+    
     if((lessd_config->entries[s]->state == LESSD_STATE_PERIODIC) &&
        !lessd_config->entries[s]->frequency)
     {
diff --git a/src/config/agentlessd-config.h b/src/config/agentlessd-config.h
index c69a6b8..3c8a611 100755
--- a/src/config/agentlessd-config.h
+++ b/src/config/agentlessd-config.h
@@ -32,16 +32,16 @@ typedef struct _agentlessd_entries
     int current_state;
     int port;
     int error_flag;
-
+    
     char *type;
     char **server;
     char *options;
     char *command;
-
+    
 }agentlessd_entries;
 
 
-/* Configuration structure. */
+/* Configuration structure. */   
 typedef struct _agentlessd_config
 {
     int queue;
diff --git a/src/config/alerts-config.c b/src/config/alerts-config.c
index 353ba46..d1639e2 100755
--- a/src/config/alerts-config.c
+++ b/src/config/alerts-config.c
@@ -24,16 +24,16 @@ int Read_Alerts(XML_NODE node, void *configp, void *mailp)
     /* XML definitions */
     char *xml_email_level = "email_alert_level";
     char *xml_log_level = "log_alert_level";
-
+   
 #ifdef GEOIP
     /* GeoIP */
     char *xml_log_geoip = "use_geoip";
 #endif
 
     _Config *Config;
-
+     
     Config = (_Config *)configp;
-
+     
 
     while(node[i])
     {
diff --git a/src/config/client-config.c b/src/config/client-config.c
index b2d22f7..bc36bc4 100755
--- a/src/config/client-config.c
+++ b/src/config/client-config.c
@@ -16,19 +16,16 @@
 #include "os_net/os_net.h"
 
 
-int Read_Client(XML_NODE node, void *d1, void *d2)
+int Read_Client(XML_NODE node, void *d1, void *d2) 
 {
     int i = 0;
-
+    
     /* XML definitions */
     char *xml_client_ip = "server-ip";
     char *xml_client_hostname = "server-hostname";
     char *xml_local_ip = "local_ip";
     char *xml_client_port = "port";
     char *xml_ar_disabled = "disable-active-response";
-    char *xml_notify_time = "notify_time";
-    char *xml_max_time_reconnect_try = "time-reconnect";
-
     /* cmoraes */
     char *xml_profile_name = "config-profile";
 
@@ -36,8 +33,6 @@ int Read_Client(XML_NODE node, void *d1, void *d2)
 
     logr = (agent *)d1;
 
-    logr->notify_time = 0;
-    logr->max_time_reconnect_try = 0;
 
     while(node[i])
     {
@@ -77,7 +72,7 @@ int Read_Client(XML_NODE node, void *d1, void *d2)
             os_realloc(logr->rip, (ip_id + 2) * sizeof(char*), logr->rip);
             logr->rip[ip_id] = NULL;
             logr->rip[ip_id +1] = NULL;
-
+            
             os_strdup(node[i]->content, logr->rip[ip_id]);
             if(OS_IsValidIP(logr->rip[ip_id], NULL) != 1)
             {
@@ -105,7 +100,7 @@ int Read_Client(XML_NODE node, void *d1, void *d2)
             os_realloc(logr->rip, (ip_id + 2) * sizeof(char*),
                        logr->rip);
 
-
+            
             s_ip = OS_GetHost(node[i]->content, 5);
             if(!s_ip)
             {
@@ -115,7 +110,7 @@ int Read_Client(XML_NODE node, void *d1, void *d2)
 
                 os_strdup("invalid_ip", s_ip);
             }
-
+            
 
             f_ip[127] = '\0';
             snprintf(f_ip, 127, "%s/%s", node[i]->content, s_ip);
@@ -142,24 +137,6 @@ int Read_Client(XML_NODE node, void *d1, void *d2)
                 return(OS_INVALID);
             }
         }
-        else if(strcmp(node[i]->element,xml_notify_time) == 0)
-        {
-            if(!OS_StrIsNum(node[i]->content))
-            {
-                merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
-                return(OS_INVALID);
-            }
-            logr->notify_time = atoi(node[i]->content);
-        }
-        else if(strcmp(node[i]->element,xml_max_time_reconnect_try) == 0)
-        {
-            if(!OS_StrIsNum(node[i]->content))
-            {
-                merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
-                return(OS_INVALID);
-            }
-            logr->max_time_reconnect_try = atoi(node[i]->content);
-        }
         else if(strcmp(node[i]->element,xml_ar_disabled) == 0)
         {
             if(strcmp(node[i]->content, "yes") == 0)
diff --git a/src/config/client-config.h b/src/config/client-config.h
index c403677..ce2f558 100755
--- a/src/config/client-config.h
+++ b/src/config/client-config.h
@@ -24,8 +24,6 @@ typedef struct _agent
     int rip_id;
     char *lip;
     char **rip; /* remote (server) ip */
-    int notify_time;
-    int max_time_reconnect_try;
     char *profile;
 }agent;
 
diff --git a/src/config/config.c b/src/config/config.c
index 57a0afb..d67c8e3 100755
--- a/src/config/config.c
+++ b/src/config/config.c
@@ -22,9 +22,9 @@
 
 /* Read the main elements of the configuration.
  */
-int read_main_elements(OS_XML xml, int modules,
-                                   XML_NODE node,
-                                   void *d1,
+int read_main_elements(OS_XML xml, int modules, 
+                                   XML_NODE node, 
+                                   void *d1, 
                                    void *d2)
 {
     int i = 0;
@@ -44,11 +44,11 @@ int read_main_elements(OS_XML xml, int modules,
     char *osreports = "reports";                  /*Server Config*/
     char *osactive_response = "active-response";  /*Agent Config*/
 
-
+    
     while(node[i])
     {
         XML_NODE chld_node = NULL;
-
+        
         chld_node = OS_GetElementsbyNode(&xml,node[i]);
 
         if(!node[i]->element)
@@ -63,7 +63,7 @@ int read_main_elements(OS_XML xml, int modules,
         }
         else if(strcmp(node[i]->element, osglobal) == 0)
         {
-            if(((modules & CGLOBAL) || (modules & CMAIL))
+            if(((modules & CGLOBAL) || (modules & CMAIL)) 
                 && (Read_Global(chld_node, d1, d2) < 0))
                 return(OS_INVALID);
         }
@@ -97,7 +97,7 @@ int read_main_elements(OS_XML xml, int modules,
             if((modules & CSYSCHECK) && (Read_Syscheck(chld_node, d1,d2) < 0))
                 return(OS_INVALID);
             if((modules & CGLOBAL) && (Read_GlobalSK(chld_node, d1, d2) < 0))
-                return(OS_INVALID);
+                return(OS_INVALID);    
         }
         else if(strcmp(node[i]->element, osrootcheck) == 0)
         {
@@ -144,7 +144,7 @@ int read_main_elements(OS_XML xml, int modules,
             merror(XML_INVELEM, ARGV0, node[i]->element);
             return(OS_INVALID);
         }
-
+        
         //printf("before\n");
         OS_ClearNode(chld_node);
         //printf("after\n");
@@ -158,7 +158,7 @@ int read_main_elements(OS_XML xml, int modules,
 /* ReadConfig(int modules, char *cfgfile)
  * Read the config files
  */
-int ReadConfig(int modules, char *cfgfile, void *d1, void *d2)
+int ReadConfig(int modules, char *cfgfile, void *d1, void *d2) 
 {
     int i;
     OS_XML xml;
@@ -176,7 +176,7 @@ int ReadConfig(int modules, char *cfgfile, void *d1, void *d2)
     char *xml_agent_overwrite = "overwrite";
     /* cmoraes */
     char *xml_agent_profile = "profile";
-
+    
 
     if(OS_ReadXML(cfgfile,&xml) < 0)
     {
@@ -192,7 +192,7 @@ int ReadConfig(int modules, char *cfgfile, void *d1, void *d2)
         }
         return(OS_INVALID);
     }
-
+    
 
     node = OS_GetElementsbyNode(&xml, NULL);
     if(!node)
@@ -225,7 +225,7 @@ int ReadConfig(int modules, char *cfgfile, void *d1, void *d2)
                     return(OS_INVALID);
                 }
 
-                OS_ClearNode(chld_node);
+                OS_ClearNode(chld_node);    
             }
         }
         else if((modules & CAGENT_CONFIG) &&
@@ -239,7 +239,7 @@ int ReadConfig(int modules, char *cfgfile, void *d1, void *d2)
 
             /* Checking if this is specific to any agent. */
             if(node[i]->attributes && node[i]->values)
-            {
+            {    
                 while(node[i]->attributes[attrs] && node[i]->values[attrs])
                 {
                     /* Checking if there is an "name=" attribute */
@@ -296,12 +296,12 @@ int ReadConfig(int modules, char *cfgfile, void *d1, void *d2)
                         {
                             /* match the profile name of this <agent_config> section
                              * with a comma separated list of values in agent's
-                             * <config-profile> tag.
+                             * <config-profile> tag. 
                              */
                             if(!OS_Match2(node[i]->values[attrs], agentprofile))
                             {
                                 passed_agent_test = 0;
-                                debug2("[%s] did not match agent config profile name [%s]",
+                                debug2("[%s] did not match agent config profile name [%s]", 
                                        node[i]->values[attrs], agentprofile);
                             }
                             else
@@ -331,7 +331,7 @@ int ReadConfig(int modules, char *cfgfile, void *d1, void *d2)
 
                 /* if node does not have any attributes, it is a generic config block.
                  * check if agent has a profile name
-                 * if agent does not have profile name, then only read this generic
+                 * if agent does not have profile name, then only read this generic 
                  * agent_config block
                  */
 
@@ -351,8 +351,8 @@ int ReadConfig(int modules, char *cfgfile, void *d1, void *d2)
                     merror(CONFIG_ERROR, ARGV0, cfgfile);
                     return(OS_INVALID);
                 }
-
-                OS_ClearNode(chld_node);
+      
+                OS_ClearNode(chld_node);    
             }
         }
         else
@@ -362,7 +362,7 @@ int ReadConfig(int modules, char *cfgfile, void *d1, void *d2)
         }
         i++;
     }
-
+    
     /* Clearing node and xml */
     OS_ClearNode(node);
     OS_ClearXML(&xml);	
diff --git a/src/config/config.h b/src/config/config.h
index 83d649a..4e8e629 100755
--- a/src/config/config.h
+++ b/src/config/config.h
@@ -13,7 +13,7 @@
  * online at: http://www.ossec.net/en/licensing.html
  */
 
-
+ 
 
 #ifndef _HCONFIG__H
 #define _HCONFIG__H
@@ -31,7 +31,7 @@
 #define CDBD          0002000
 #define CSYSLOGD      0004000
 #define CAGENTLESS    0020000
-#define CREPORTS      0040000
+#define CREPORTS      0040000 
 
 #define CAGENT_CONFIG 0010000
 
diff --git a/src/config/csyslogd-config.c b/src/config/csyslogd-config.c
index 77d268e..7ee79ab 100644
--- a/src/config/csyslogd-config.c
+++ b/src/config/csyslogd-config.c
@@ -35,7 +35,7 @@ int Read_CSyslog(XML_NODE node, void *config, void *config2)
     GeneralConfig *gen_config = (GeneralConfig *)config;
     SyslogConfig **syslog_config = (SyslogConfig **)gen_config->data;
 
-
+     
     /* Getting Granular mail_to size */
     if(syslog_config)
     {
@@ -43,7 +43,7 @@ int Read_CSyslog(XML_NODE node, void *config, void *config2)
             s++;
     }
 
-
+    
     /* Allocating the memory for the config. */
     os_realloc(syslog_config, (s + 2) * sizeof(SyslogConfig *), syslog_config);
     os_calloc(1, sizeof(SyslogConfig), syslog_config[s]);
@@ -118,24 +118,24 @@ int Read_CSyslog(XML_NODE node, void *config, void *config2)
                 else if(isdigit((int)*str_pt))
                 {
                     int id_i = 0;
-
+                    
                     r_id = atoi(str_pt);
                     debug1("%s: DEBUG: Adding '%d' to syslog alerting",
                            ARGV0, r_id);
-
+                    
                     if(syslog_config[s]->rule_id)
                     {
                         while(syslog_config[s]->rule_id[id_i])
                             id_i++;
                     }
-
+                    
                     os_realloc(syslog_config[s]->rule_id,
                                (id_i +2) * sizeof(int),
                                syslog_config[s]->rule_id);
-
+                    
                     syslog_config[s]->rule_id[id_i + i] = 0;
                     syslog_config[s]->rule_id[id_i] = r_id;
-
+                         
                     str_pt = strchr(str_pt, ',');
                     if(str_pt)
                     {
@@ -191,7 +191,7 @@ int Read_CSyslog(XML_NODE node, void *config, void *config2)
         else if(strcmp(node[i]->element, xml_syslog_location) == 0)
         {
             os_calloc(1, sizeof(OSMatch),syslog_config[s]->location);
-            if(!OSMatch_Compile(node[i]->content,
+            if(!OSMatch_Compile(node[i]->content, 
                                 syslog_config[s]->location, 0))
             {
                 merror(REGEX_COMPILE, ARGV0, node[i]->content,
@@ -202,7 +202,7 @@ int Read_CSyslog(XML_NODE node, void *config, void *config2)
         else if(strcmp(node[i]->element, xml_syslog_group) == 0)
         {
             os_calloc(1, sizeof(OSMatch),syslog_config[s]->group);
-            if(!OSMatch_Compile(node[i]->content,
+            if(!OSMatch_Compile(node[i]->content, 
                                 syslog_config[s]->group, 0))
             {
                 merror(REGEX_COMPILE, ARGV0, node[i]->content,
@@ -225,7 +225,7 @@ int Read_CSyslog(XML_NODE node, void *config, void *config2)
         merror(XML_INV_CSYSLOG, ARGV0);
         return(OS_INVALID);
     }
-
+       
 
     gen_config->data = syslog_config;
     return(0);
diff --git a/src/config/csyslogd-config.h b/src/config/csyslogd-config.h
index 47a11eb..fb9fbb6 100755
--- a/src/config/csyslogd-config.h
+++ b/src/config/csyslogd-config.h
@@ -12,7 +12,7 @@
 
 
 #include "shared.h"
-
+ 
 
 #ifndef _CSYSLOGCONFIG__H
 #define _CSYSLOGCONFIG__H
diff --git a/src/config/dbd-config.c b/src/config/dbd-config.c
index 949ef5d..6b2db09 100644
--- a/src/config/dbd-config.c
+++ b/src/config/dbd-config.c
@@ -33,7 +33,7 @@ int Read_DB(XML_NODE node, void *config1, void *config2)
     char *xml_dbsock = "socket";
     char *xml_dbtype = "type";
 
-
+    
     db_config = (DBConfig *)config2;
     if(!db_config)
     {
@@ -41,7 +41,7 @@ int Read_DB(XML_NODE node, void *config1, void *config2)
     }
 
 
-    /* Reading the xml */
+    /* Reading the xml */ 
     while(node[i])
     {
         if(!node[i]->element)
diff --git a/src/config/dbd-config.h b/src/config/dbd-config.h
index 2a3d29a..7d317f3 100755
--- a/src/config/dbd-config.h
+++ b/src/config/dbd-config.h
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 
 #ifndef _DBDCONFIG__H
 #define _DBDONFIG__H
@@ -31,7 +31,7 @@ typedef struct _DBConfig
     char *pass;
     char *db;
     char *sock;
-
+    
     void *conn;
     void *location_hash;
 
diff --git a/src/config/email-alerts-config.c b/src/config/email-alerts-config.c
index 8d61e13..22eb1eb 100644
--- a/src/config/email-alerts-config.c
+++ b/src/config/email-alerts-config.c
@@ -34,7 +34,7 @@ int Read_EmailAlerts(XML_NODE node, void *configp, void *mailp)
     char *xml_email_donotgroup = "do_not_group";
 
     MailConfig *Mail;
-
+     
     Mail = (MailConfig *)mailp;
     if(!Mail)
     {
@@ -57,44 +57,44 @@ int Read_EmailAlerts(XML_NODE node, void *configp, void *mailp)
 
     if(Mail)
     {
-        os_realloc(Mail->gran_to,
+        os_realloc(Mail->gran_to, 
                    sizeof(char *)*(granto_size +1), Mail->gran_to);
-        os_realloc(Mail->gran_id,
+        os_realloc(Mail->gran_id, 
                    sizeof(int *)*(granto_size +1), Mail->gran_id);
-        os_realloc(Mail->gran_level,
+        os_realloc(Mail->gran_level, 
                    sizeof(int)*(granto_size +1), Mail->gran_level);
-        os_realloc(Mail->gran_set,
+        os_realloc(Mail->gran_set, 
                    sizeof(int)*(granto_size +1), Mail->gran_set);
-        os_realloc(Mail->gran_format,
+        os_realloc(Mail->gran_format, 
                    sizeof(int)*(granto_size +1), Mail->gran_format);
-        os_realloc(Mail->gran_location,
+        os_realloc(Mail->gran_location, 
                    sizeof(OSMatch)*(granto_size +1), Mail->gran_location);
-        os_realloc(Mail->gran_group,
+        os_realloc(Mail->gran_group, 
                    sizeof(OSMatch)*(granto_size +1), Mail->gran_group);
-
+        
         Mail->gran_to[granto_size -1] = NULL;
         Mail->gran_to[granto_size] = NULL;
-
+        
         Mail->gran_id[granto_size -1] = NULL;
         Mail->gran_id[granto_size] = NULL;
-
+        
         Mail->gran_location[granto_size -1] = NULL;
         Mail->gran_location[granto_size] = NULL;
 
         Mail->gran_group[granto_size -1] = NULL;
         Mail->gran_group[granto_size] = NULL;
-
+        
         Mail->gran_level[granto_size -1] = 0;
         Mail->gran_level[granto_size] = 0;
-
-        Mail->gran_format[granto_size -1] = FULL_FORMAT;
-        Mail->gran_format[granto_size] = FULL_FORMAT;
-
+        
+        Mail->gran_format[granto_size -1] = FULL_FORMAT; 
+        Mail->gran_format[granto_size] = FULL_FORMAT; 
+        
         Mail->gran_set[granto_size -1] = 0;
         Mail->gran_set[granto_size] = 0;
     }
-
-
+    
+    
     while(node[i])
     {
         if(!node[i]->element)
@@ -143,11 +143,11 @@ int Read_EmailAlerts(XML_NODE node, void *configp, void *mailp)
                 else if(isdigit((int)*str_pt))
                 {
                     int id_i = 0;
-
+                    
                     r_id = atoi(str_pt);
                     debug1("%s: DEBUG: Adding '%d' to granular e-mail",
                            ARGV0, r_id);
-
+                    
                     if(!Mail->gran_id[granto_size -1])
                     {
                         os_calloc(2,sizeof(int),Mail->gran_id[granto_size -1]);
@@ -160,14 +160,14 @@ int Read_EmailAlerts(XML_NODE node, void *configp, void *mailp)
                         {
                             id_i++;
                         }
-
+                        
                         os_realloc(Mail->gran_id[granto_size -1],
                                    (id_i +2) * sizeof(int),
-                                   Mail->gran_id[granto_size -1]);
+                                   Mail->gran_id[granto_size -1]);     
                         Mail->gran_id[granto_size -1][id_i +1] = 0;
                     }
                     Mail->gran_id[granto_size -1][id_i] = r_id;
-
+                    
 
                     str_pt = strchr(str_pt, ',');
                     if(str_pt)
@@ -228,7 +228,7 @@ int Read_EmailAlerts(XML_NODE node, void *configp, void *mailp)
         else if(strcmp(node[i]->element, xml_email_location) == 0)
         {
             os_calloc(1, sizeof(OSMatch),Mail->gran_location[granto_size -1]);
-            if(!OSMatch_Compile(node[i]->content,
+            if(!OSMatch_Compile(node[i]->content, 
                                 Mail->gran_location[granto_size -1], 0))
             {
                 merror(REGEX_COMPILE, ARGV0, node[i]->content,
@@ -239,7 +239,7 @@ int Read_EmailAlerts(XML_NODE node, void *configp, void *mailp)
         else if(strcmp(node[i]->element, xml_email_group) == 0)
         {
             os_calloc(1, sizeof(OSMatch),Mail->gran_group[granto_size -1]);
-            if(!OSMatch_Compile(node[i]->content,
+            if(!OSMatch_Compile(node[i]->content, 
                                 Mail->gran_group[granto_size -1], 0))
             {
                 merror(REGEX_COMPILE, ARGV0, node[i]->content,
@@ -266,7 +266,7 @@ int Read_EmailAlerts(XML_NODE node, void *configp, void *mailp)
            merror(XML_INV_GRAN_MAIL, ARGV0);
            return(OS_INVALID);
        }
-
+       
     return(0);
 }
 
diff --git a/src/config/global-config.c b/src/config/global-config.c
index 41490d1..d7f58d8 100755
--- a/src/config/global-config.c
+++ b/src/config/global-config.c
@@ -46,8 +46,8 @@ int Read_GlobalSK(XML_NODE node, void *configp, void *mailp)
     _Config *Config;
 
     Config = (_Config *)configp;
-
-
+    
+    
     /* Shouldn't be here if !Config */
     if(!Config)
         return(0);
@@ -159,7 +159,6 @@ int Read_Global(XML_NODE node, void *configp, void *mailp)
     char *xml_memorysize = "memory_size";
     char *xml_white_list = "white_list";
     char *xml_compress_alerts = "compress_alerts";
-    char *xml_custom_alert_output = "custom_alert_output";
 
     char *xml_emailto = "email_to";
     char *xml_emailfrom = "email_from";
@@ -174,10 +173,10 @@ int Read_Global(XML_NODE node, void *configp, void *mailp)
 
     _Config *Config;
     MailConfig *Mail;
-
+     
     Config = (_Config *)configp;
     Mail = (MailConfig *)mailp;
-
+    
     /* Getting right white_size */
     if(Config && Config->white_list)
     {
@@ -190,7 +189,7 @@ int Read_Global(XML_NODE node, void *configp, void *mailp)
             ww++;
         }
     }
-
+    
      /* Getting right white_size */
     if(Config && Config->hostname_white_list)
     {
@@ -203,7 +202,7 @@ int Read_Global(XML_NODE node, void *configp, void *mailp)
             ww++;
         }
     }
-
+    
     /* Getting mail_to size */
     if(Mail && Mail->to)
     {
@@ -228,25 +227,17 @@ int Read_Global(XML_NODE node, void *configp, void *mailp)
             merror(XML_VALUENULL, ARGV0, node[i]->element);
             return(OS_INVALID);
         }
-        else if(strcmp(node[i]->element, xml_custom_alert_output) == 0)
-        {
-          if(Config)
-          {
-            Config->custom_alert_output= 1;
-            os_strdup(node[i]->content, Config->custom_alert_output_format);
-          }
-        }
         /* Mail notification */
         else if(strcmp(node[i]->element, xml_mailnotify) == 0)
         {
             if(strcmp(node[i]->content, "yes") == 0)
-            {
-                if(Config) Config->mailnotify = 1;
+            { 
+                if(Config) Config->mailnotify = 1; 
                 if(Mail) Mail->mn = 1;
             }
             else if(strcmp(node[i]->content, "no") == 0)
-            {
-                if(Config) Config->mailnotify = 0;
+            { 
+                if(Config) Config->mailnotify = 0; 
                 if(Mail) Mail->mn = 0;
             }
             else
@@ -283,12 +274,12 @@ int Read_Global(XML_NODE node, void *configp, void *mailp)
         else if(strcmp(node[i]->element, xml_prelude) == 0)
         {
             if(strcmp(node[i]->content, "yes") == 0)
-            {
-                if(Config) Config->prelude = 1;
+            { 
+                if(Config) Config->prelude = 1; 
             }
             else if(strcmp(node[i]->content, "no") == 0)
-            {
-                if(Config) Config->prelude = 0;
+            { 
+                if(Config) Config->prelude = 0; 
             }
             else
             {
@@ -407,11 +398,11 @@ int Read_Global(XML_NODE node, void *configp, void *mailp)
             char *ip_address_regex =
              "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}/?"
              "([0-9]{0,2}|[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})$";
-
+                      
             if(Config && OS_PRegex(node[i]->content, ip_address_regex))
             {
                 white_size++;
-                Config->white_list =
+                Config->white_list = 
                     realloc(Config->white_list, sizeof(os_ip *)*white_size);
                 if(!Config->white_list)
                 {
@@ -421,11 +412,11 @@ int Read_Global(XML_NODE node, void *configp, void *mailp)
 
                 os_calloc(1, sizeof(os_ip), Config->white_list[white_size -2]);
                 Config->white_list[white_size -1] = NULL;
-
+                
                 if(!OS_IsValidIP(node[i]->content,
                                  Config->white_list[white_size -2]))
                 {
-                    merror(INVALID_IP, ARGV0,
+                    merror(INVALID_IP, ARGV0, 
                                        node[i]->content);
                     return(OS_INVALID);
                 }
@@ -437,20 +428,20 @@ int Read_Global(XML_NODE node, void *configp, void *mailp)
                 Config->hostname_white_list =
                     realloc(Config->hostname_white_list,
                     sizeof(OSMatch *)*hostname_white_size);
-
+                    
                 if(!Config->hostname_white_list)
                 {
                     merror(MEM_ERROR, ARGV0);
                     return(OS_INVALID);
                 }
-                os_calloc(1,
-                          sizeof(OSMatch),
+                os_calloc(1, 
+                          sizeof(OSMatch), 
                           Config->hostname_white_list[hostname_white_size -2]);
                 Config->hostname_white_list[hostname_white_size -1] = NULL;
 
                 if(!OSMatch_Compile(
-                        node[i]->content,
-                        Config->hostname_white_list[hostname_white_size -2],
+                        node[i]->content, 
+                        Config->hostname_white_list[hostname_white_size -2], 
                         0))
                 {
                     merror(REGEX_COMPILE, ARGV0, node[i]->content,
@@ -459,12 +450,12 @@ int Read_Global(XML_NODE node, void *configp, void *mailp)
                     return(-1);
                 }
             }
-
+            
             #endif
-
+                
         }
 
-        /* For the email now
+        /* For the email now 
          * email_to, email_from, smtp_Server and maxperhour.
          * We will use a separate structure for that.
          */
@@ -477,7 +468,7 @@ int Read_Global(XML_NODE node, void *configp, void *mailp)
                 return(OS_INVALID);
             }
             #endif
-
+                
             if(Mail)
             {
                 mailto_size++;
@@ -515,7 +506,7 @@ int Read_Global(XML_NODE node, void *configp, void *mailp)
                     return(OS_INVALID);
                 }
             }
-            #endif
+            #endif    
         }
         else if(strcmp(node[i]->element, xml_mailmaxperhour) == 0)
         {
diff --git a/src/config/global-config.h b/src/config/global-config.h
index ab9cf23..1833c57 100755
--- a/src/config/global-config.h
+++ b/src/config/global-config.h
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 
 #ifndef _CCONFIG__H
 #define _CCONFIG__H
@@ -30,7 +30,7 @@ typedef struct __Config
     u_int8_t mailbylevel;
     u_int8_t logbylevel;
     u_int8_t logfw;
-
+    
     /* Prelude support */
     u_int8_t prelude;
     /* which min. level the alert must be sent to prelude */
@@ -47,18 +47,14 @@ typedef struct __Config
 
     /* Mail alerting */
     short int mailnotify;
-
-    /* Custom Alert output*/
-    short int custom_alert_output;
-    char * custom_alert_output_format;
-
-    /* For the active response */
+    
+    /* For the active response */  
     int ar;
-
+    
     /* For the correlation */
     int memorysize;
-
-    /* List of files to ignore (syscheck) */
+   
+    /* List of files to ignore (syscheck) */ 
     char **syscheck_ignore;
 
     /* List of ips to never block */
diff --git a/src/config/localfile-config.c b/src/config/localfile-config.c
index b9df546..6919333 100755
--- a/src/config/localfile-config.c
+++ b/src/config/localfile-config.c
@@ -10,9 +10,9 @@
  * Foundation
  */
 
+ 
 
-
-#include "shared.h"
+#include "shared.h" 
 #include "localfile-config.h"
 
 
@@ -20,9 +20,9 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
 {
     int pl = 0;
     int i = 0;
-
-    int glob_set = 0;
-
+    
+    int glob_set = 0; 
+    
     #ifndef WIN32
     int glob_offset = 0;
     #endif
@@ -41,7 +41,7 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
     log_config = (logreader_config *)d1;
 
 
-    /* If config is not set, we need to create it */
+    /* If config is not set, we need to create it */ 
     if(!log_config->config)
     {
         os_calloc(2, sizeof(logreader), log_config->config);
@@ -62,7 +62,7 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
         {
             pl++;
         }
-
+        
         /* Allocating more memory */
         os_realloc(logf, (pl +2)*sizeof(logreader), log_config->config);
         logf = log_config->config;
@@ -71,7 +71,7 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
         logf[pl +1].alias = NULL;
         logf[pl +1].logformat = NULL;
     }
-
+    
     logf[pl].file = NULL;
     logf[pl].command = NULL;
     logf[pl].alias = NULL;
@@ -81,7 +81,7 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
     logf[pl].djb_program_name = NULL;
     logf[pl].ign = 360;
 
-
+    
     /* Searching for entries related to files */
     i = 0;
     while(node[i])
@@ -132,11 +132,11 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
             /* Expand variables on Windows. */
             if(strchr(node[i]->content, '%'))
             {
-                int expandreturn = 0;
+                int expandreturn = 0;   
                 char newfile[OS_MAXSTR +1];
 
                 newfile[OS_MAXSTR] = '\0';
-                expandreturn = ExpandEnvironmentStrings(node[i]->content,
+                expandreturn = ExpandEnvironmentStrings(node[i]->content, 
                                                         newfile, OS_MAXSTR);
 
                 if((expandreturn > 0) && (expandreturn < OS_MAXSTR))
@@ -145,7 +145,7 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
 
                     os_strdup(newfile, node[i]->content);
                 }
-            }
+            }   
             #endif
 
 
@@ -153,17 +153,17 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
              * We will call this file multiple times until
              * there is no one else available.
              */
-            #ifndef WIN32 /* No windows support for glob */
+            #ifndef WIN32 /* No windows support for glob */ 
             if(strchr(node[i]->content, '*') ||
                strchr(node[i]->content, '?') ||
                strchr(node[i]->content, '['))
             {
                 glob_t g;
-
+                
                 /* Setting ot the first entry of the glob */
                 if(glob_set == 0)
                     glob_set = pl +1;
-
+                
                 if(glob(node[i]->content, 0, NULL, &g) != 0)
                 {
                     merror(GLOB_ERROR, ARGV0, node[i]->content);
@@ -171,7 +171,7 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
                     i++;
                     continue;
                 }
-
+             
                 /* Checking for the last entry */
                 if((g.gl_pathv[glob_offset]) == NULL)
                 {
@@ -212,7 +212,7 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
                     os_strdup(g.gl_pathv[glob_offset], logf[pl].file);
                 }
 
-
+                
                 glob_offset++;
                 globfree(&g);
 
@@ -220,13 +220,13 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
                 pl++;
                 os_realloc(logf, (pl +2)*sizeof(logreader), log_config->config);
                 logf = log_config->config;
-
+                
                 logf[pl].file = NULL;
                 logf[pl].alias = NULL;
                 logf[pl].logformat = NULL;
                 logf[pl].fp = NULL;
                 logf[pl].ffile = NULL;
-
+                            
                 logf[pl +1].file = NULL;
                 logf[pl +1].alias = NULL;
                 logf[pl +1].logformat = NULL;
@@ -236,7 +236,7 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
             }
             else if(strchr(node[i]->content, '%'))
             #else
-            if(strchr(node[i]->content, '%'))
+            if(strchr(node[i]->content, '%'))    
             #endif /* WIN32 */
 
             /* We need the format file (based on date) */
@@ -259,8 +259,8 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
                 os_strdup(node[i]->content, logf[pl].ffile);
                 os_strdup(node[i]->content, logf[pl].file);
             }
-
-
+            
+            
             /* Normal file */
             else
             {
@@ -328,7 +328,7 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
 
                 while(logf[pl].logformat[0] == ' ')
                     logf[pl].logformat++;
-
+                
                 if(logf[pl].logformat[0] != ':')
                 {
                     merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
@@ -338,8 +338,8 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
 
                 while(*logf[pl].logformat == ' ')
                     logf[pl].logformat++;
-
-                while(logf[pl].logformat[x] >= '0' && logf[pl].logformat[x] <= '9')
+                
+                while(logf[pl].logformat[x] >= '0' && logf[pl].logformat[x] <= '9')    
                     x++;
 
                 while(logf[pl].logformat[x] == ' ')
@@ -378,7 +378,7 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
     if(glob_set)
     {
         char *format;
-
+        
         /* Getting log format */
         if(logf[pl].logformat)
         {
@@ -407,7 +407,7 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
                 merror(MISS_FILE, ARGV0);
                 return(OS_INVALID);
             }
-
+            
             if(logf[i].logformat == NULL)
             {
                 logf[i].logformat = format;
@@ -429,7 +429,7 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
         merror(MISS_FILE, ARGV0);
         return(OS_INVALID);
     }
-
+    
     /* Verifying a valid event log config */
     if(strcmp(logf[pl].logformat, EVENTLOG) == 0)
     {
@@ -444,7 +444,7 @@ int Read_Localfile(XML_NODE node, void *d1, void *d2)
     }
 
     if((strcmp(logf[pl].logformat, "command") == 0)||
-       (strcmp(logf[pl].logformat, "full_command") == 0))
+       (strcmp(logf[pl].logformat, "full_command") == 0)) 
     {
         if(!logf[pl].command)
         {
diff --git a/src/config/localfile-config.h b/src/config/localfile-config.h
index ee9c38d..301870d 100755
--- a/src/config/localfile-config.h
+++ b/src/config/localfile-config.h
@@ -16,7 +16,7 @@
 #define __CLOGREADER_H
 
 #define EVENTLOG    "eventlog"
-#define VCHECK_FILES    64
+#define VCHECK_FILES    64 
 #define DATE_MODIFIED   1
 
 
@@ -29,20 +29,20 @@ typedef struct _logreader
 {
     unsigned int size;
     int ign;
-
+    
     #ifdef WIN32
     HANDLE h;
     int fd;
     #else
     ino_t fd;
     #endif
-
-
-    /* ffile - format file is only used when
+    
+        
+    /* ffile - format file is only used when 
      * the file has format string to retrieve
      * the date,
-     */
-    char *ffile;
+     */    
+    char *ffile;        
     char *file;
     char *logformat;
     char *djb_program_name;
diff --git a/src/config/mail-config.h b/src/config/mail-config.h
index 8d75c24..3dfb9d9 100755
--- a/src/config/mail-config.h
+++ b/src/config/mail-config.h
@@ -9,7 +9,7 @@
  * Foundation
  */
 
-
+ 
 
 #ifndef _MCCONFIG__H
 #define _MCCONFIG__H
@@ -35,7 +35,7 @@ typedef struct _MailConfig
     int *gran_set;
     int *gran_format;
     char **gran_to;
-
+ 
 #ifdef GEOIP
     /* Use GeoIP */
     int geoip;
diff --git a/src/config/remote-config.c b/src/config/remote-config.c
index e85d625..adae495 100755
--- a/src/config/remote-config.c
+++ b/src/config/remote-config.c
@@ -53,8 +53,8 @@ int Read_Remote(XML_NODE node, void *d1, void *d2)
         while(logr->denyips[deny_size -1])
             deny_size++;
     }
-
-
+                                            
+    
     /* conn and port must not be null */
     if(!logr->conn)
     {
@@ -81,8 +81,8 @@ int Read_Remote(XML_NODE node, void *d1, void *d2)
         os_calloc(1, sizeof(char *), logr->lip);
         logr->lip[0] = NULL;
     }
-
-
+    
+    
     /* Cleaning */
     while(logr->conn[pl] != 0)
         pl++;
@@ -98,19 +98,19 @@ int Read_Remote(XML_NODE node, void *d1, void *d2)
     {
         merror(MEM_ERROR, ARGV0);
     }
-
+    
     logr->port[pl] = 0;
     logr->conn[pl] = 0;
     logr->proto[pl] = 0;
     logr->ipv6[pl] = 0;
     logr->lip[pl] = NULL;
-
+    
     logr->port[pl +1] = 0;
     logr->conn[pl +1] = 0;
     logr->proto[pl +1] = 0;
     logr->ipv6[pl +1] = 0;
     logr->lip[pl +1] = NULL;
-
+    
     while(node[i])
     {
         if(!node[i]->element)
@@ -199,7 +199,7 @@ int Read_Remote(XML_NODE node, void *d1, void *d2)
 
             os_calloc(1, sizeof(os_ip), logr->allowips[allow_size -2]);
             logr->allowips[allow_size -1] = NULL;
-
+            
             if(!OS_IsValidIP(node[i]->content,logr->allowips[allow_size -2]))
             {
                 merror(INVALID_IP, ARGV0, node[i]->content);
@@ -210,7 +210,7 @@ int Read_Remote(XML_NODE node, void *d1, void *d2)
         {
             deny_size++;
             logr->denyips = realloc(logr->denyips,sizeof(os_ip *)*deny_size);
-            if(!logr->denyips)
+            if(!logr->denyips)             
             {
                 merror(MEM_ERROR, ARGV0);
                 return(OS_INVALID);
@@ -238,14 +238,14 @@ int Read_Remote(XML_NODE node, void *d1, void *d2)
         merror(CONN_ERROR, ARGV0);
         return(OS_INVALID);
     }
-
+    
     /* Set port in here */
     if(logr->port[pl] == 0)
     {
         if(logr->conn[pl] == SECURE_CONN)
             logr->port[pl] = DEFAULT_SECURE;
         else
-            logr->port[pl] = DEFAULT_SYSLOG;
+            logr->port[pl] = DEFAULT_SYSLOG;    
     }
 
     /* set default protocol */
@@ -259,7 +259,7 @@ int Read_Remote(XML_NODE node, void *d1, void *d2)
     {
         logr->proto[pl] = UDP_PROTO;
     }
-
+    
     return(0);
 }
 
diff --git a/src/config/remote-config.h b/src/config/remote-config.h
index 7896830..6242376 100755
--- a/src/config/remote-config.h
+++ b/src/config/remote-config.h
@@ -14,7 +14,7 @@
 
 #define __CLOGREMOTE_H
 
-#define SYSLOG_CONN 1
+#define SYSLOG_CONN 1   
 #define SECURE_CONN 2
 #define UDP_PROTO   6
 #define TCP_PROTO   17
@@ -35,7 +35,7 @@ typedef struct _remoted
 
     int m_queue;
     int sock;
-    socklen_t peer_size;
+    socklen_t peer_size; 
 }remoted;
 
 #endif
diff --git a/src/config/reports-config.c b/src/config/reports-config.c
index 984b268..b93bedb 100644
--- a/src/config/reports-config.c
+++ b/src/config/reports-config.c
@@ -31,7 +31,7 @@ static int _filter_arg(char *mystr)
         if((*mystr >= 'a' && *mystr <= 'z') ||
            (*mystr >= 'A' && *mystr <= 'Z') ||
            (*mystr >= '0' && *mystr <= '9') ||
-           *mystr == '-' || *mystr == '_' || *mystr == '.')
+           *mystr == '-' || *mystr == '_')
         {
             mystr++;
         }
@@ -67,7 +67,7 @@ int Read_CReports(XML_NODE node, void *config, void *config2)
 
     monitor_config *mon_config = (monitor_config *)config;
 
-
+     
     /* Getting any configured entry. */
     if(mon_config->reports)
     {
@@ -75,9 +75,9 @@ int Read_CReports(XML_NODE node, void *config, void *config2)
             s++;
     }
 
-
+    
     /* Allocating the memory for the config. */
-    os_realloc(mon_config->reports, (s + 2) * sizeof(report_config *),
+    os_realloc(mon_config->reports, (s + 2) * sizeof(report_config *), 
                mon_config->reports);
     os_calloc(1, sizeof(report_config), mon_config->reports[s]);
     mon_config->reports[s + 1] = NULL;
@@ -106,7 +106,7 @@ int Read_CReports(XML_NODE node, void *config, void *config2)
     mon_config->reports[s]->r_filter.show_alerts = 0;
 
 
-
+    
     /* Reading the XML. */
     while(node[i])
     {
@@ -204,7 +204,7 @@ int Read_CReports(XML_NODE node, void *config, void *config2)
 
             os_strdup(node[i]->content, ncat);
 
-            if(os_report_configfilter(node[i]->element, ncat,
+            if(os_report_configfilter(node[i]->element, ncat, 
                                       &mon_config->reports[s]->r_filter, reportf) < 0)
             {
                 merror("%s: Invalid filter: %s:%s (ignored).", __local_name, node[i]->element, node[i]->content);
@@ -231,7 +231,7 @@ int Read_CReports(XML_NODE node, void *config, void *config2)
         if(mon_config->reports[s]->title)
             merror("%s: No \"email to\" configured for the report '%s'. Ignoring it.", __local_name, mon_config->reports[s]->title);
         else
-            merror("%s: No \"email to\" and title configured for report. Ignoring it.", __local_name);
+            merror("%s: No \"email to\" and title configured for report. Ignoring it.", __local_name);    
     }
 
     if(!mon_config->reports[s]->title)
diff --git a/src/config/reports-config.h b/src/config/reports-config.h
index 202a738..6db70aa 100755
--- a/src/config/reports-config.h
+++ b/src/config/reports-config.h
@@ -27,7 +27,7 @@ typedef struct _report_config
     char **emailto;
     report_filter r_filter;
 }report_config;
-
+   
 typedef struct _monitor_config
 {
     short int day_wait;
diff --git a/src/config/rootcheck-config.c b/src/config/rootcheck-config.c
index 51af27e..eeb48f1 100755
--- a/src/config/rootcheck-config.c
+++ b/src/config/rootcheck-config.c
@@ -28,12 +28,12 @@ short eval_bool(char *str)
 
 /* Read_Rootcheck: Reads the rootcheck config
  */
-int Read_Rootcheck(XML_NODE node, void *configp, void *mailp)
+int Read_Rootcheck(XML_NODE node, void *configp, void *mailp) 
 {
     int i = 0;
-
+    
     rkconfig *rootcheck;
-
+    
     /* XML Definitions */
     char *xml_rootkit_files = "rootkit_files";
     char *xml_rootkit_trojans = "rootkit_trojans";
@@ -47,7 +47,7 @@ int Read_Rootcheck(XML_NODE node, void *configp, void *mailp)
     char *xml_disabled = "disabled";
     char *xml_base_dir = "base_directory";
     char *xml_ignore = "ignore";
-
+    
     char *xml_check_dev = "check_dev";
     char *xml_check_files = "check_files";
     char *xml_check_if = "check_if";
@@ -131,12 +131,12 @@ int Read_Rootcheck(XML_NODE node, void *configp, void *mailp)
             int j = 0;
             while(rootcheck->unixaudit && rootcheck->unixaudit[j])
                 j++;
-
-            os_realloc(rootcheck->unixaudit, sizeof(char *)*(j+2),
+            
+            os_realloc(rootcheck->unixaudit, sizeof(char *)*(j+2), 
                        rootcheck->unixaudit);
             rootcheck->unixaudit[j] = NULL;
             rootcheck->unixaudit[j + 1] = NULL;
-
+                
             os_strdup(node[i]->content, rootcheck->unixaudit[j]);
         }
         else if(strcmp(node[i]->element, xml_ignore) == 0)
@@ -144,12 +144,12 @@ int Read_Rootcheck(XML_NODE node, void *configp, void *mailp)
             int j = 0;
             while(rootcheck->ignore && rootcheck->ignore[j])
                 j++;
-
-            os_realloc(rootcheck->ignore, sizeof(char *)*(j+2),
+            
+            os_realloc(rootcheck->ignore, sizeof(char *)*(j+2), 
                        rootcheck->ignore);
             rootcheck->ignore[j] = NULL;
             rootcheck->ignore[j + 1] = NULL;
-
+                
             os_strdup(node[i]->content, rootcheck->ignore[j]);
         }
         else if(strcmp(node[i]->element, xml_winmalware) == 0)
diff --git a/src/config/rootcheck-config.h b/src/config/rootcheck-config.h
index 7a45baf..2fccd7a 100755
--- a/src/config/rootcheck-config.h
+++ b/src/config/rootcheck-config.h
@@ -8,7 +8,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 
 #ifndef __CROOTCHECK_H
 
@@ -48,22 +48,22 @@ typedef struct _rkconfig
         short rc_ports;
         short rc_sys;
         short rc_trojans;
-
+        
         #ifdef WIN32
-
+        
         short rc_winaudit;
         short rc_winmalware;
         short rc_winapps;
-
+        
         #else
-
+        
         short rc_unixaudit;
-
+        
         #endif
-
-
+        
+        
     } checks;
-
+    
 }rkconfig;
 
 #endif
diff --git a/src/config/rules-config.c b/src/config/rules-config.c
index 89c0721..3d22f35 100755
--- a/src/config/rules-config.c
+++ b/src/config/rules-config.c
@@ -19,14 +19,14 @@
 
 
 
-static int cmpr(const void *a, const void *b) {
+static int cmpr(const void *a, const void *b) { 
     /*printf("%s - %s\n", *(char **)a, *(char **)b);*/
     return strcmp(*(char **)a, *(char **)b);
 }
 
 static int file_in_list(int list_size, char *f_name, char *d_name, char **alist)
 {
-    int i = 0;
+    int i = 0; 
     for(i=0; i<(list_size-1); i++)
     {
         if((strcmp(alist[i], f_name) == 0 || strcmp(alist[i], d_name) == 0))
@@ -34,7 +34,7 @@ static int file_in_list(int list_size, char *f_name, char *d_name, char **alist)
             return(1);
         }
     }
-    return(0);
+    return(0); 
 }
 
 int Read_Rules(XML_NODE node, void *configp, void *mailp)
@@ -46,14 +46,14 @@ int Read_Rules(XML_NODE node, void *configp, void *mailp)
     int lists_size = 1;
     int decoders_size = 1;
 
-
+    
     char path[PATH_MAX +2];
     char f_name[PATH_MAX +2];
-    int start_point = 0;
+    int start_point = 0; 
     int att_count = 0;
     struct dirent *entry;
-    DIR *dfd;
-    OSRegex regex;
+    DIR *dfd; 
+    OSRegex regex; 
 
 
     /* XML definitions */
@@ -65,9 +65,9 @@ int Read_Rules(XML_NODE node, void *configp, void *mailp)
     char *xml_rules_decoders_dir = "decoder_dir";
 
     _Config *Config;
-
+     
     Config = (_Config *)configp;
-
+     
     /* initialise OSRegex */
     regex.patterns = NULL;
     regex.prts_closure = NULL;
@@ -87,11 +87,11 @@ int Read_Rules(XML_NODE node, void *configp, void *mailp)
             return(OS_INVALID);
         }
         /* Mail notification */
-        else if((strcmp(node[i]->element, xml_rules_include) == 0) ||
+        else if((strcmp(node[i]->element, xml_rules_include) == 0) || 
                 (strcmp(node[i]->element, xml_rules_rule) == 0))
         {
             rules_size++;
-            Config->includes = realloc(Config->includes,
+            Config->includes = realloc(Config->includes, 
                                        sizeof(char *)*rules_size);
             if(!Config->includes)
             {
@@ -189,7 +189,7 @@ int Read_Rules(XML_NODE node, void *configp, void *mailp)
                     snprintf(f_name, PATH_MAX +1, "%s/%s", node[i]->content, entry->d_name);
 
                     /* Just ignore . and ..  */
-                    if((strcmp(entry->d_name,".") == 0) || (strcmp(entry->d_name,"..") == 0))
+                    if((strcmp(entry->d_name,".") == 0) || (strcmp(entry->d_name,"..") == 0)) 
                         continue;
 
                     /* no dups allowed */
@@ -216,7 +216,7 @@ int Read_Rules(XML_NODE node, void *configp, void *mailp)
                         debug1("Regex does not match \"%s\"",  f_name);
                     }
                 }
-
+                
                 closedir(dfd);
                 /* Sort just then newly added items */
                 qsort(Config->decoders + start_point , decoders_size- start_point -1, sizeof(char *), cmpr);
@@ -267,7 +267,7 @@ int Read_Rules(XML_NODE node, void *configp, void *mailp)
                     snprintf(f_name, PATH_MAX +1, "%s/%s", node[i]->content, entry->d_name);
 
                     /* Just ignore . and ..  */
-                    if((strcmp(entry->d_name,".") == 0) || (strcmp(entry->d_name,"..") == 0))
+                    if((strcmp(entry->d_name,".") == 0) || (strcmp(entry->d_name,"..") == 0)) 
                         continue;
 
                     /* no dups allowed */
@@ -294,7 +294,7 @@ int Read_Rules(XML_NODE node, void *configp, void *mailp)
                         debug1("Regex does not match \"%s\"",  f_name);
                     }
                 }
-
+                
                 closedir(dfd);
                 /* Sort just then newly added items */
                 qsort(Config->includes + start_point , rules_size - start_point -1, sizeof(char *), cmpr);
diff --git a/src/config/syscheck-config.c b/src/config/syscheck-config.c
index 31cbede..0d9a8b4 100755
--- a/src/config/syscheck-config.c
+++ b/src/config/syscheck-config.c
@@ -20,7 +20,7 @@
 int dump_syscheck_entry(config *syscheck, char *entry, int vals, int reg, char *restrictfile)
 {
     int pl = 0;
-
+    
     if(reg == 1)
     {
         #ifdef WIN32
@@ -28,7 +28,7 @@ int dump_syscheck_entry(config *syscheck, char *entry, int vals, int reg, char *
         {
             os_calloc(2, sizeof(char *), syscheck->registry);
             syscheck->registry[pl + 1] = NULL;
-            os_strdup(entry, syscheck->registry[pl]);
+            os_strdup(entry, syscheck->registry[pl]);        
         }
         else
         {
@@ -36,16 +36,16 @@ int dump_syscheck_entry(config *syscheck, char *entry, int vals, int reg, char *
             {
                 pl++;
             }
-            os_realloc(syscheck->registry, (pl +2) * sizeof(char *),
+            os_realloc(syscheck->registry, (pl +2) * sizeof(char *), 
                         syscheck->registry);
             syscheck->registry[pl + 1] = NULL;
             os_strdup(entry, syscheck->registry[pl]);
         }
         #endif
-
+        
     }
 
-
+    
     else
     {
         if(syscheck->dir == NULL)
@@ -57,7 +57,7 @@ int dump_syscheck_entry(config *syscheck, char *entry, int vals, int reg, char *
             os_calloc(2, sizeof(int), syscheck->opts);
             syscheck->opts[pl + 1] = 0;
             syscheck->opts[pl] = vals;
-
+            
             os_calloc(2, sizeof(OSMatch *), syscheck->filerestrict);
             syscheck->filerestrict[pl] = NULL;
             syscheck->filerestrict[pl + 1] = NULL;
@@ -68,17 +68,17 @@ int dump_syscheck_entry(config *syscheck, char *entry, int vals, int reg, char *
             {
                 pl++;
             }
-            os_realloc(syscheck->dir, (pl +2) * sizeof(char *),
+            os_realloc(syscheck->dir, (pl +2) * sizeof(char *), 
                        syscheck->dir);
             syscheck->dir[pl + 1] = NULL;
             os_strdup(entry, syscheck->dir[pl]);
 
-            os_realloc(syscheck->opts, (pl +2) * sizeof(int),
+            os_realloc(syscheck->opts, (pl +2) * sizeof(int), 
                        syscheck->opts);
             syscheck->opts[pl + 1] = 0;
-            syscheck->opts[pl] = vals;
+            syscheck->opts[pl] = vals;         
 
-            os_realloc(syscheck->filerestrict, (pl +2) * sizeof(char *),
+            os_realloc(syscheck->filerestrict, (pl +2) * sizeof(char *), 
                        syscheck->filerestrict);
             syscheck->filerestrict[pl] = NULL;
             syscheck->filerestrict[pl + 1] = NULL;
@@ -113,7 +113,7 @@ int read_reg(config *syscheck, char *entries)
     char **entry;
     char *tmp_str;
 
-
+    
     /* Getting each entry separately */
     entry = OS_StrBreak(',', entries, MAX_DIR_SIZE); /* Max number */
 
@@ -159,10 +159,10 @@ int read_reg(config *syscheck, char *entries)
         {
             int str_len_i;
             int str_len_dir;
-
+            
             str_len_dir = strlen(tmp_entry);
             str_len_i = strlen(syscheck->registry[i]);
-
+            
             if(str_len_dir > str_len_i)
             {
                 str_len_dir = str_len_i;
@@ -176,15 +176,15 @@ int read_reg(config *syscheck, char *entries)
             }
             i++;
         }
-
+        
         /* Adding new entry */
         dump_syscheck_entry(syscheck, tmp_entry, 0, 1, NULL);
-
-
+        
+        
         /* Next entry */
-        entry++;
+        entry++;    
     }
-
+    
     return(1);
 }
 #endif /* For read_reg */
@@ -192,7 +192,7 @@ int read_reg(config *syscheck, char *entries)
 
 
 
-/* Read directories attributes */
+/* Read directories attributes */            
 int read_attr(config *syscheck, char *dirs, char **g_attrs, char **g_values)
 {
     char *xml_check_all = "check_all";
@@ -231,7 +231,7 @@ int read_attr(config *syscheck, char *dirs, char **g_attrs, char **g_values)
 
         char **attrs = NULL;
         char **values = NULL;
-
+        
         tmp_dir = *dir;
         restrictfile = NULL;
 
@@ -465,18 +465,18 @@ int read_attr(config *syscheck, char *dirs, char **g_attrs, char **g_values)
             ret = 0;
             goto out_free;
         }
-
-
+        
+        
         /* Adding directory - looking for the last available */
         i = 0;
         while(syscheck->dir && syscheck->dir[i])
         {
             int str_len_i;
             int str_len_dir;
-
+            
             str_len_dir = strlen(tmp_dir);
             str_len_i = strlen(syscheck->dir[i]);
-
+            
             if(str_len_dir > str_len_i)
             {
                 str_len_dir = str_len_i;
@@ -516,13 +516,13 @@ int read_attr(config *syscheck, char *dirs, char **g_attrs, char **g_values)
                 ret = 1;
                 goto out_free;
             }
-
+            
             while(g.gl_pathv[gindex])
             {
                 dump_syscheck_entry(syscheck, g.gl_pathv[gindex], opts, 0, restrictfile);
                 gindex++;
             }
-
+            
             globfree(&g);
         }
 
@@ -539,12 +539,12 @@ int read_attr(config *syscheck, char *dirs, char **g_attrs, char **g_values)
             free(restrictfile);
             restrictfile = NULL;
         }
-
-
+        
+        
         /* Next entry */
-        dir++;
+        dir++;    
     }
-
+    
     ret = 1;
 
 out_free:
@@ -578,17 +578,17 @@ int Read_Syscheck(XML_NODE node, void *configp, void *mailp)
     char *xml_scan_on_start = "scan_on_start";
     char *xml_prefilter_cmd = "prefilter_cmd";
 
-    /* Configuration example
+    /* Configuration example 
     <directories check_all="yes">/etc,/usr/bin</directories>
-    <directories check_owner="yes" check_group="yes" check_perm="yes"
+    <directories check_owner="yes" check_group="yes" check_perm="yes" 
     check_sum="yes">/var/log</directories>
     */
 
     config *syscheck;
 
     syscheck = (config *)configp;
-
-
+    
+    
     while(node[i])
     {
         if(!node[i]->element)
@@ -606,16 +606,16 @@ int Read_Syscheck(XML_NODE node, void *configp, void *mailp)
         else if(strcmp(node[i]->element,xml_directories) == 0)
         {
             char dirs[OS_MAXSTR];
-
+            
             #ifdef WIN32
             ExpandEnvironmentStrings(node[i]->content, dirs, sizeof(dirs) -1);
             #else
             strncpy(dirs, node[i]->content, sizeof(dirs) -1);
             #endif
-
+            
             if(!read_attr(syscheck,
-                        dirs,
-                        node[i]->attributes,
+                        dirs, 
+                        node[i]->attributes, 
                         node[i]->values))
             {
                 return(OS_INVALID);
@@ -633,7 +633,7 @@ int Read_Syscheck(XML_NODE node, void *configp, void *mailp)
         }
         /* Getting frequency */
         else if(strcmp(node[i]->element,xml_time) == 0)
-        {
+        {        
             if(!OS_StrIsNum(node[i]->content))
             {
                 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
@@ -663,7 +663,7 @@ int Read_Syscheck(XML_NODE node, void *configp, void *mailp)
                 return(OS_INVALID);
             }
         }
-
+    
         /* Getting if xml_scan_on_start. */
         else if(strcmp(node[i]->element, xml_scan_on_start) == 0)
         {
@@ -677,7 +677,7 @@ int Read_Syscheck(XML_NODE node, void *configp, void *mailp)
                 return(OS_INVALID);
             }
         }
-
+        
         /* Getting if disabled. */
         else if(strcmp(node[i]->element,xml_disabled) == 0)
         {
@@ -691,7 +691,7 @@ int Read_Syscheck(XML_NODE node, void *configp, void *mailp)
                 return(OS_INVALID);
             }
         }
-
+        
         /* Getting file/dir ignore */
         else if(strcmp(node[i]->element,xml_ignore) == 0)
         {
@@ -701,22 +701,22 @@ int Read_Syscheck(XML_NODE node, void *configp, void *mailp)
             #ifdef WIN32
             char *new_ig = NULL;
             os_calloc(2048, sizeof(char), new_ig);
-
-            ExpandEnvironmentStrings(node[i]->content, new_ig, 2047);
+            
+            ExpandEnvironmentStrings(node[i]->content, new_ig, 2047);        
 
             free(node[i]->content);
             node[i]->content = new_ig;
             #endif
-
+            
             /* Adding if regex */
             if(node[i]->attributes && node[i]->values)
             {
                 if(node[i]->attributes[0] && node[i]->values[0] &&
-                   (strcmp(node[i]->attributes[0], "type") == 0) &&
+                   (strcmp(node[i]->attributes[0], "type") == 0) && 
                    (strcmp(node[i]->values[0], "sregex") == 0))
                 {
                     OSMatch *mt_pt;
-
+                    
                     if(!syscheck->ignore_regex)
                     {
                         os_calloc(2, sizeof(OSMatch *),syscheck->ignore_regex);
@@ -733,7 +733,7 @@ int Read_Syscheck(XML_NODE node, void *configp, void *mailp)
                                 syscheck->ignore_regex);
                         syscheck->ignore_regex[ign_size +1] = NULL;
                     }
-                    os_calloc(1, sizeof(OSMatch),
+                    os_calloc(1, sizeof(OSMatch), 
                             syscheck->ignore_regex[ign_size]);
 
                     if(!OSMatch_Compile(node[i]->content,
@@ -766,7 +766,7 @@ int Read_Syscheck(XML_NODE node, void *configp, void *mailp)
                     while(syscheck->ignore[ign_size] != NULL)
                         ign_size++;
 
-                    os_realloc(syscheck->ignore,
+                    os_realloc(syscheck->ignore, 
                             sizeof(char *)*(ign_size +2),
                             syscheck->ignore);
                     syscheck->ignore[ign_size +1] = NULL;
@@ -807,7 +807,7 @@ int Read_Syscheck(XML_NODE node, void *configp, void *mailp)
                                 syscheck->registry_ignore_regex);
                         syscheck->registry_ignore_regex[ign_size +1] = NULL;
                     }
-
+                    
                     os_calloc(1, sizeof(OSMatch),
                             syscheck->registry_ignore_regex[ign_size]);
 
@@ -828,7 +828,7 @@ int Read_Syscheck(XML_NODE node, void *configp, void *mailp)
                 }
             }
             /* We do not add duplicated entries */
-            else if(!os_IsStrOnArray(node[i]->content,
+            else if(!os_IsStrOnArray(node[i]->content, 
                      syscheck->registry_ignore))
             {
                 if(!syscheck->registry_ignore)
@@ -893,7 +893,7 @@ int Read_Syscheck(XML_NODE node, void *configp, void *mailp)
             return(OS_INVALID);
         }
         i++;
-    }
-
+    } 
+    
     return(0);
 }
diff --git a/src/config/syscheck-config.h b/src/config/syscheck-config.h
index 2417587..f78928c 100755
--- a/src/config/syscheck-config.h
+++ b/src/config/syscheck-config.h
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 
 #ifndef __SYSCHECKC_H
 #define __SYSCHECKC_H
@@ -49,10 +49,10 @@ typedef struct _config
     int disabled;          /* is syscheck disabled? */
     int scan_on_start;
     int realtime_count;
-
+    
     int time;              /* frequency (secs) for syscheck to run */
     int queue;             /* file descriptor of socket to write to queue */
-
+    
     int *opts;             /* attributes set in the <directories> tag element */
 
     char *workdir;         /* set to the DEFAULTDIR (/var/ossec) */
@@ -61,10 +61,10 @@ typedef struct _config
 
     char *scan_day;        /* run syscheck on this day */
     char *scan_time;       /* run syscheck at this time */
-
+    
     char **ignore;         /* list of files/dirs to ignore */
     void **ignore_regex;   /* regex of files/dirs to ignore */
-
+    
     char **dir;            /* array of directories to be scanned */
     void **filerestrict;
 
@@ -75,7 +75,7 @@ typedef struct _config
     char **registry;                /* array of registry entries to be scanned */
     FILE *reg_fp;
     #endif
-
+    
     void *fp;
 
     rtfim *realtime;
diff --git a/src/error_messages/._error_messages.h b/src/error_messages/._error_messages.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/error_messages/._error_messages.h differ
diff --git a/src/error_messages/error_messages.h b/src/error_messages/error_messages.h
index ca36538..4a6b938 100755
--- a/src/error_messages/error_messages.h
+++ b/src/error_messages/error_messages.h
@@ -29,7 +29,7 @@
 #define FOPEN_ERROR   "%s(1103): ERROR: Unable to open file '%s'."
 #define SIZE_ERROR    "%s(1104): ERROR: Maximum string size reached for: %s."
 #define NULL_ERROR    "%s(1105): ERROR: Attempted to use null string. "
-#define FORMAT_ERROR  "%s(1106): ERROR: String not correctly formated."
+#define FORMAT_ERROR  "%s(1106): ERROR: String not correctly formated."  
 #define MKDIR_ERROR   "%s(1107): ERROR: Unable to create directory: '%s'"
 #define PERM_ERROR    "%s(1108): ERROR: Permission error. Operation not completed."
 #define THREAD_ERROR  "%s(1109): ERROR: Unable to create new pthread."
@@ -107,7 +107,7 @@
 #define INVALID_RKCL_NAME  "%s(1251): ERROR: Invalid rk configuration name: '%s'."
 #define INVALID_RKCL_VALUE "%s(1252): ERROR: Invalid rk configuration value: '%s'."
 #define INVALID_ROOTDIR    "%s(1253): ERROR: Invalid rootdir (unable to retrieve)."
-#define INVALID_RKCL_VAR   "%s(1254): ERROR: Invalid rk variable: '%s'."
+#define INVALID_RKCL_VAR   "%s(1254): ERROR: Invalid rk variable: '%s'." 
 
 
 /* syscheck */
@@ -148,7 +148,7 @@
 #define AR_CMD_MISS     "%s(1280): ERROR: Missing command options. " \
                         "You must specify a 'name', 'executable' and 'expect'."
 #define AR_MISS         "%s(1281): ERROR: Missing options in the active response " \
-                        "configuration. "
+                        "configuration. "                        
 #define ARQ_ERROR       "%s(1301): ERROR: Unable to connect to active response queue."
 #define AR_INV_LOC      "%s(1302): ERROR: Invalid active response location: '%s'."
 #define AR_INV_CMD      "%s(1303): ERROR: Invalid command '%s' in the active response."
@@ -199,7 +199,7 @@
 #define ENCFILE_CHANGED "%s(1409): INFO: Authentication file changed. Updating."
 #define ENC_READ        "%s(1410): INFO: Reading authentication keys file."
 
-
+                                   
 /* Regex errors */
 #define REGEX_COMPILE   "%s(1450): ERROR: Syntax error on regex: '%s': %d."
 #define REGEX_SUBS      "%s(1451): ERROR: Missing sub_strings on regex: '%s'."
@@ -222,7 +222,7 @@
 #define DUP_REGEX       "%s(2109): ERROR: Duplicated offsets for same regex: '%s'."
 #define INV_DECOPTION   "%s(2110): ERROR: Invalid decoder argument for %s: '%s'."
 #define DECODE_ADD      "%s(2111): ERROR: Additional data to plugin decoder: '%s'."
-
+                                          
 #define INV_OFFSET      "%s(2120): ERROR: Invalid offset value: '%s'"
 #define INV_ATTR        "%s(2121): ERROR: Invalid decoder attribute: '%s'"
 
@@ -252,7 +252,7 @@
 
 
 /* Rules reading errors */
-#define RL_INV_ROOT     "%s(5101): ERROR: Invalid root element: '%s'."
+#define RL_INV_ROOT     "%s(5101): ERROR: Invalid root element: '%s'." 
 #define RL_INV_RULE     "%s(5102): ERROR: Invalid rule element: '%s'."
 #define RL_INV_ENTRY    "%s(5103): ERROR: Invalid rule on '%s'. Missing id/level."
 #define RL_EMPTY_ATTR   "%s(5104): ERROR: Rule attribute '%s' empty."
@@ -279,7 +279,7 @@
 #define DB_MISS_CONFIG  "%s(5205): ERROR: Missing database configuration. "\
                         "It requires host, user, pass and database."
 #define DB_CONFIGERR    "%s(5206): ERROR: Database configuration error."
-#define DB_COMPILED     "%s(5207): ERROR: OSSEC not compiled with support for '%s'."
+#define DB_COMPILED     "%s(5207): ERROR: OSSEC not compiled with support for '%s'." 
 #define DB_MAINERROR    "%s(5208): ERROR: Multiple database errors. Exiting."
 #define DB_CLOSING      "%s(5209): INFO: Closing connection to database."
 #define DB_ATTEMPT      "%s(5210): INFO: Attempting to reconnect to database."
@@ -296,7 +296,7 @@
 #define CONN_TO     "%s: INFO: Connected to '%s' (%s queue)"
 #define MAIL_DIS    "%s: INFO: E-Mail notification disabled. Clean Exit."
 
-
+                        
 /* Debug Messages */
 #define STARTED_MSG "%s: DEBUG: Starting ..."
 #define FOUND_USER  "%s: DEBUG: Found user/group ..."
diff --git a/src/external/zlib-1.2.3/._COPYRIGHT b/src/external/zlib-1.2.3/._COPYRIGHT
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._COPYRIGHT differ
diff --git a/src/external/zlib-1.2.3/._Makefile b/src/external/zlib-1.2.3/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._Makefile differ
diff --git a/src/external/zlib-1.2.3/._README b/src/external/zlib-1.2.3/._README
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._README differ
diff --git a/src/external/zlib-1.2.3/._adler32.c b/src/external/zlib-1.2.3/._adler32.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._adler32.c differ
diff --git a/src/external/zlib-1.2.3/._algorithm.txt b/src/external/zlib-1.2.3/._algorithm.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._algorithm.txt differ
diff --git a/src/external/zlib-1.2.3/._compress.c b/src/external/zlib-1.2.3/._compress.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._compress.c differ
diff --git a/src/external/zlib-1.2.3/._crc32.c b/src/external/zlib-1.2.3/._crc32.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._crc32.c differ
diff --git a/src/external/zlib-1.2.3/._crc32.h b/src/external/zlib-1.2.3/._crc32.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._crc32.h differ
diff --git a/src/external/zlib-1.2.3/._deflate.c b/src/external/zlib-1.2.3/._deflate.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._deflate.c differ
diff --git a/src/external/zlib-1.2.3/._deflate.h b/src/external/zlib-1.2.3/._deflate.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._deflate.h differ
diff --git a/src/external/zlib-1.2.3/._gzio.c b/src/external/zlib-1.2.3/._gzio.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._gzio.c differ
diff --git a/src/external/zlib-1.2.3/._infback.c b/src/external/zlib-1.2.3/._infback.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._infback.c differ
diff --git a/src/external/zlib-1.2.3/._inffast.c b/src/external/zlib-1.2.3/._inffast.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._inffast.c differ
diff --git a/src/external/zlib-1.2.3/._inffast.h b/src/external/zlib-1.2.3/._inffast.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._inffast.h differ
diff --git a/src/external/zlib-1.2.3/._inffixed.h b/src/external/zlib-1.2.3/._inffixed.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._inffixed.h differ
diff --git a/src/external/zlib-1.2.3/._inflate.c b/src/external/zlib-1.2.3/._inflate.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._inflate.c differ
diff --git a/src/external/zlib-1.2.3/._inflate.h b/src/external/zlib-1.2.3/._inflate.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._inflate.h differ
diff --git a/src/external/zlib-1.2.3/._inftrees.c b/src/external/zlib-1.2.3/._inftrees.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._inftrees.c differ
diff --git a/src/external/zlib-1.2.3/._inftrees.h b/src/external/zlib-1.2.3/._inftrees.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._inftrees.h differ
diff --git a/src/external/zlib-1.2.3/._trees.c b/src/external/zlib-1.2.3/._trees.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._trees.c differ
diff --git a/src/external/zlib-1.2.3/._trees.h b/src/external/zlib-1.2.3/._trees.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._trees.h differ
diff --git a/src/external/zlib-1.2.3/._uncompr.c b/src/external/zlib-1.2.3/._uncompr.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._uncompr.c differ
diff --git a/src/external/zlib-1.2.3/._zconf.h b/src/external/zlib-1.2.3/._zconf.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._zconf.h differ
diff --git a/src/external/zlib-1.2.3/._zconf.in.h b/src/external/zlib-1.2.3/._zconf.in.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._zconf.in.h differ
diff --git a/src/external/zlib-1.2.3/._zlib.h b/src/external/zlib-1.2.3/._zlib.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._zlib.h differ
diff --git a/src/external/zlib-1.2.3/._zutil.c b/src/external/zlib-1.2.3/._zutil.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._zutil.c differ
diff --git a/src/external/zlib-1.2.3/._zutil.h b/src/external/zlib-1.2.3/._zutil.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/external/zlib-1.2.3/._zutil.h differ
diff --git a/src/external/zlib-1.2.3/gzio.c b/src/external/zlib-1.2.3/gzio.c
index 3b016f6..73038f4 100755
--- a/src/external/zlib-1.2.3/gzio.c
+++ b/src/external/zlib-1.2.3/gzio.c
@@ -127,7 +127,7 @@ local gzFile gz_open (path, mode, fd)
     s->transparent = 0;
 
     path_size = strlen(path) +1;
-
+    
     s->path = (char*)ALLOC(path_size +1);
     if (s->path == NULL) {
         return destroy(s), (gzFile)Z_NULL;
@@ -1011,7 +1011,7 @@ const char * ZEXPORT gzerror (file, errnum)
 
     TRYFREE(s->msg);
     msg_size = strlen(s->path) + strlen(m) + 4;
-
+    
     s->msg = (char*)ALLOC(msg_size +1);
     if (s->msg == Z_NULL) return (const char*)ERR_MSG(Z_MEM_ERROR);
 
diff --git a/src/headers/._agent_op.h b/src/headers/._agent_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._agent_op.h differ
diff --git a/src/headers/._ar.h b/src/headers/._ar.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._ar.h differ
diff --git a/src/headers/._debug_op.h b/src/headers/._debug_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._debug_op.h differ
diff --git a/src/headers/._defs.h b/src/headers/._defs.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._defs.h differ
diff --git a/src/headers/._dirtree_op.h b/src/headers/._dirtree_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._dirtree_op.h differ
diff --git a/src/headers/._file-queue.h b/src/headers/._file-queue.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._file-queue.h differ
diff --git a/src/headers/._file_op.h b/src/headers/._file_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._file_op.h differ
diff --git a/src/headers/._hash_op.h b/src/headers/._hash_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._hash_op.h differ
diff --git a/src/headers/._help.h b/src/headers/._help.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._help.h differ
diff --git a/src/headers/._list_op.h b/src/headers/._list_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._list_op.h differ
diff --git a/src/headers/._math_op.h b/src/headers/._math_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._math_op.h differ
diff --git a/src/headers/._mem_op.h b/src/headers/._mem_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._mem_op.h differ
diff --git a/src/headers/._mq_op.h b/src/headers/._mq_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._mq_op.h differ
diff --git a/src/headers/._os_err.h b/src/headers/._os_err.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._os_err.h differ
diff --git a/src/headers/._privsep_op.h b/src/headers/._privsep_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._privsep_op.h differ
diff --git a/src/headers/._pthreads_op.h b/src/headers/._pthreads_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._pthreads_op.h differ
diff --git a/src/headers/._rc.h b/src/headers/._rc.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._rc.h differ
diff --git a/src/headers/._read-agents.h b/src/headers/._read-agents.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._read-agents.h differ
diff --git a/src/headers/._read-alert.h b/src/headers/._read-alert.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._read-alert.h differ
diff --git a/src/headers/._regex_op.h b/src/headers/._regex_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._regex_op.h differ
diff --git a/src/headers/._report_op.h b/src/headers/._report_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._report_op.h differ
diff --git a/src/headers/._rules_op.h b/src/headers/._rules_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._rules_op.h differ
diff --git a/src/headers/._sec.h b/src/headers/._sec.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._sec.h differ
diff --git a/src/headers/._shared.h b/src/headers/._shared.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._shared.h differ
diff --git a/src/headers/._sig_op.h b/src/headers/._sig_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._sig_op.h differ
diff --git a/src/headers/._store_op.h b/src/headers/._store_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._store_op.h differ
diff --git a/src/headers/._string_op.h b/src/headers/._string_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._string_op.h differ
diff --git a/src/headers/._validate_op.h b/src/headers/._validate_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._validate_op.h differ
diff --git a/src/headers/._wait_op.h b/src/headers/._wait_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/headers/._wait_op.h differ
diff --git a/src/headers/agent_op.h b/src/headers/agent_op.h
index fdce89d..a24afd4 100755
--- a/src/headers/agent_op.h
+++ b/src/headers/agent_op.h
@@ -12,7 +12,7 @@
 
 
 #ifndef __AGENT_OP_H
-#define __AGENT_OP_H
+#define __AGENT_OP_H 
 
 
 
diff --git a/src/headers/custom_output_search.h b/src/headers/custom_output_search.h
deleted file mode 100644
index f1222c4..0000000
--- a/src/headers/custom_output_search.h
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * custom_output_search.h
- *
- *  Created on: 10/10/2012
- *      Author: crosa
- */
-
-#ifndef CUSTOM_OUTPUT_SEARCH_H_
-#define CUSTOM_OUTPUT_SEARCH_H_
-/** char *searchAndReplace(char* orig, char* search, char*value)
- *  Searchs for 'search' on orig's string and replaces it by value.
- *  Returns NULL on error, otherwise returns the orig string with the replacements.
- */
-char * searchAndReplace(char* orig, char* search, char*value);
-
-
-
-#endif /* CUSTOM_OUTPUT_SEARCH_H_ */
-/*
- * custom_output_search.h
- *
- *  Created on: 10/10/2012
- *      Author: crosa
- */
-
-#ifndef CUSTOM_OUTPUT_SEARCH_H_
-#define CUSTOM_OUTPUT_SEARCH_H_
-/** char *searchAndReplace(char* orig, char* search, char*value)
- *  Searchs for 'search' on orig's string and replaces it by value.
- *  Returns NULL on error, otherwise returns the orig string with the replacements.
- */
-char * searchAndReplace(char* orig, char* search, char*value);
-
-
-
-#endif /* CUSTOM_OUTPUT_SEARCH_H_ */
-/*
- * custom_output_search.h
- *
- *  Created on: 10/10/2012
- *      Author: crosa
- */
-
-#ifndef CUSTOM_OUTPUT_SEARCH_H_
-#define CUSTOM_OUTPUT_SEARCH_H_
-/** char *searchAndReplace(char* orig, char* search, char*value)
- *  Searchs for 'search' on orig's string and replaces it by value.
- *  Returns NULL on error, otherwise returns the orig string with the replacements.
- */
-char * searchAndReplace(char* orig, char* search, char*value);
-
-
-
-#endif /* CUSTOM_OUTPUT_SEARCH_H_ */
-/*
- * custom_output_search.h
- *
- *  Created on: 10/10/2012
- *      Author: crosa
- */
-
-#ifndef CUSTOM_OUTPUT_SEARCH_H_
-#define CUSTOM_OUTPUT_SEARCH_H_
-/** char *searchAndReplace(char* orig, char* search, char*value)
- *  Searchs for 'search' on orig's string and replaces it by value.
- *  Returns NULL on error, otherwise returns the orig string with the replacements.
- */
-char * searchAndReplace(char* orig, char* search, char*value);
-
-
-
-#endif /* CUSTOM_OUTPUT_SEARCH_H_ */
diff --git a/src/headers/debug_op.h b/src/headers/debug_op.h
index 52b9f18..7cc8eed 100755
--- a/src/headers/debug_op.h
+++ b/src/headers/debug_op.h
@@ -58,7 +58,7 @@ void nowDaemon();
 int isChroot();
 
 /* Debug analysisd */
-#ifdef DEBUGAD
+#ifdef DEBUGAD 
     #define DEBUG_MSG(x,y,z) verbose(x,y,z)
 #else
     #define DEBUG_MSG(x,y,z)
diff --git a/src/headers/defs.h b/src/headers/defs.h
index 698d370..3d89b33 100755
--- a/src/headers/defs.h
+++ b/src/headers/defs.h
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -22,7 +22,7 @@
 #define __OS_HEADERS
 
 
-/* TRUE / FALSE definitions
+/* TRUE / FALSE definitions 
  */
 #define TRUE            1
 #define FALSE           0
@@ -52,7 +52,7 @@
 
 /* Some Global names */
 #define __name      "OSSEC HIDS"
-#define __version   "v2.7.1-beta-1"
+#define __version   "v2.7-beta1"
 #define __author    "Trend Micro Inc."
 #define __contact   "contact at ossec.net"
 #define __site      "http://www.ossec.net"
@@ -69,17 +69,17 @@ http://www.ossec.net/main/license/\n"
     #define MAX_PID 32768
 #endif
 
-
+    
 /* Max limit of 256 agents */
 #ifndef MAX_AGENTS
     #define MAX_AGENTS  256
-#endif
+#endif    
 
 
 /* manager notification */
 #define NOTIFY_TIME     600     /* every 10 minutes */
 
-
+        
 /* User Configuration */
 #ifndef MAILUSER
     #define MAILUSER        "ossecm"
@@ -88,15 +88,15 @@ http://www.ossec.net/main/license/\n"
 #ifndef USER
     #define USER            "ossec"
 #endif
-
+    
 #ifndef REMUSER
     #define REMUSER         "ossecr"
 #endif
-
+    
 #ifndef GROUPGLOBAL
     #define GROUPGLOBAL     "ossec"
-#endif
-
+#endif    
+                    
 #ifndef DEFAULTDIR		
 	#define DEFAULTDIR	"/var/ossec"
 #endif
@@ -117,7 +117,7 @@ http://www.ossec.net/main/license/\n"
     #define AR_BINDIR           "active-response/bin"
     #define AGENTCONFIG         "shared/agent.conf"
     #define AGENTCONFIGINT      "shared/agent.conf"
-#endif
+#endif        
 
 
 /* Exec queue */
@@ -132,7 +132,7 @@ http://www.ossec.net/main/license/\n"
 #define XML_DECODER     "/etc/decoder.xml"
 #define XML_LDECODER    "/etc/local_decoder.xml"
 
-
+        
 /* Agent information location */
 #define AGENTINFO_DIR    "/queue/agent-info"
 
@@ -184,14 +184,14 @@ http://www.ossec.net/main/license/\n"
 #else
     #define SYSCHECK_RESTART        "syscheck/.syscheck_run"
     #define SYSCHECK_RESTART_PATH   "syscheck/.syscheck_run"
-#endif
+#endif        
 
-
-/* Agentless directories. */
+    
+/* Agentless directories. */    
 #define AGENTLESSDIR    "/agentless"
 #define AGENTLESSPASS   "/agentless/.passlist"
 #define AGENTLESS_ENTRYDIR  "/queue/agentless"
-
+        
 
 /* Internal definitions files */
 #ifndef WIN32
@@ -236,8 +236,8 @@ http://www.ossec.net/main/license/\n"
 #ifndef WIN32
     #define SHAREDCFG_DIR   "/etc/shared"
 #else
-    #define SHAREDCFG_DIR   "shared"
-#endif
+    #define SHAREDCFG_DIR   "shared"       
+#endif    
 
 /* Built in defines */
 #define DEFAULTQPATH	DEFAULTDIR DEFAULTQUEUE
diff --git a/src/headers/dirtree_op.h b/src/headers/dirtree_op.h
index 7563a79..64c2540 100755
--- a/src/headers/dirtree_op.h
+++ b/src/headers/dirtree_op.h
@@ -12,9 +12,9 @@
  * License details at the LICENSE file included with OSSEC or
  * online at: http://www.ossec.net/en/licensing.html
  */
-
+ 
 /* Common API for dealing with directory trees */
-
+          
 
 #ifndef _OS_DIRTREE
 #define _OS_DIRTREE
@@ -23,7 +23,7 @@ typedef struct _OSTreeNode
 {
     struct _OSTreeNode *next;
     void *child;
-
+    
     char *value;
     void *data;
 }OSTreeNode;
@@ -39,7 +39,7 @@ typedef struct _OSDirTree
 OSDirTree *OSDirTree_Create();
 void OSDirTree_AddToTree(OSDirTree *tree, char *str, void *data, char sep);
 void *OSDirTree_SearchTree(OSDirTree *tree, char *str, char sep);
-
+         
 
 
 #endif
diff --git a/src/headers/file-queue.h b/src/headers/file-queue.h
index 0865a8f..f1f7f78 100755
--- a/src/headers/file-queue.h
+++ b/src/headers/file-queue.h
@@ -25,10 +25,10 @@ typedef struct _file_queue
     int year;
     int day;
     int flags;
-
+    
     char mon[4];
     char file_name[MAX_FQUEUE +1];
-
+    
     FILE *fp;
     struct stat f_status;
 }file_queue;
diff --git a/src/headers/hash_op.h b/src/headers/hash_op.h
index 9b0777a..3f65c5a 100755
--- a/src/headers/hash_op.h
+++ b/src/headers/hash_op.h
@@ -12,9 +12,9 @@
  * License details at the LICENSE file included with OSSEC or
  * online at: http://www.ossec.net/en/licensing.html
  */
-
+ 
 /* Common API for dealing with directory trees */
-
+          
 
 #ifndef _OS_HASHOP
 #define _OS_HASHOP
@@ -24,9 +24,9 @@
 typedef struct _OSHashNode
 {
     struct _OSHashNode *next;
-
+   
     void *key;
-    void *data;
+    void *data; 
 }OSHashNode;
 
 
@@ -35,7 +35,7 @@ typedef struct _OSHash
     unsigned int rows;
     unsigned int initial_seed;
     unsigned int constant;
-
+    
     OSHashNode **table;
 }OSHash;
 
@@ -55,7 +55,7 @@ OSHash *OSHash_Create();
  * Frees the memory used by the hash.
  */
 void *OSHash_Free(OSHash *self);
-
+  
 
 
 /** void OSHash_Add(OSHash *hash, char *key, void *data)
diff --git a/src/headers/list_op.h b/src/headers/list_op.h
index d395099..3e11e43 100755
--- a/src/headers/list_op.h
+++ b/src/headers/list_op.h
@@ -29,7 +29,7 @@ typedef struct _OSList
     OSListNode *first_node;
     OSListNode *last_node;
     OSListNode *cur_node;
-
+    
     int currently_size;
     int max_size;
 
diff --git a/src/headers/math_op.h b/src/headers/math_op.h
index e5840d9..8bea6a0 100755
--- a/src/headers/math_op.h
+++ b/src/headers/math_op.h
@@ -22,7 +22,7 @@
  * Get the first available prime after the provided value.
  * Returns 0 on error.
  */
-int os_getprime(int val);
+int os_getprime(int val); 
 
 
 #endif
diff --git a/src/headers/os_err.h b/src/headers/os_err.h
index 681ed0a..7988baf 100755
--- a/src/headers/os_err.h
+++ b/src/headers/os_err.h
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
diff --git a/src/headers/rc.h b/src/headers/rc.h
index f71a0c4..3a68648 100755
--- a/src/headers/rc.h
+++ b/src/headers/rc.h
@@ -23,7 +23,7 @@
 #define IsValidHeader(str)  ((str[0] == '#') && \
                              (str[1] == '!') && \
                              (str[2] == '-') && \
-                             (str+=3) )
+                             (str+=3) )       
 
 
 /* Exec message */
diff --git a/src/headers/read-agents.h b/src/headers/read-agents.h
index a450b72..c6feb63 100755
--- a/src/headers/read-agents.h
+++ b/src/headers/read-agents.h
@@ -30,7 +30,7 @@ typedef struct _agent_info
 
 
 /* Print syscheck db (of modified files). */
-int print_syscheck(char *sk_name, char *sk_ip, char *fname, int print_registry,
+int print_syscheck(char *sk_name, char *sk_ip, char *fname, int print_registry, 
                    int all_files, int csv_output, int update_counter);
 
 /* Print rootcheck db. */
@@ -52,7 +52,7 @@ char **get_agents(int flag);
 /* Free the agent list */
 void free_agents(char **agent_list);
 
-/** char *print_agent_status(int status)
+/** char *print_agent_status(int status) 
  * Prints the text representation of the agent status.
  */
 char *print_agent_status(int status);
@@ -66,7 +66,7 @@ int get_agent_status(char *agent_name, char *agent_ip);
  * Get information from an agent.
  */
 agent_info *get_agent_info(char *agent_name, char *agent_ip);
-
+       
 
 /** int connect_to_remoted()
  * Connects to remoted to be able to send messages to the agents.
@@ -77,15 +77,15 @@ int connect_to_remoted();
 /** int send_msg_to_agent(int socket, char *msg)
  * Sends a message to an agent.
  * returns -1 on error.
- */
+ */ 
 int send_msg_to_agent(int msocket, char *msg, char *agt_id, char *exec);
-
+   
 
 
 
 #define GA_NOTACTIVE    2
 #define GA_ACTIVE       3
-#define GA_ALL          5
+#define GA_ALL          5    
 #define GA_ALL_WSTATUS  7
 
 /* Status */
diff --git a/src/headers/read-alert.h b/src/headers/read-alert.h
index 48b415f..ff45871 100755
--- a/src/headers/read-alert.h
+++ b/src/headers/read-alert.h
@@ -15,7 +15,7 @@
 #ifndef __CRALERT_H
 #define __CRALERT_H
 
-#define CRALERT_MAIL_SET    0x001
+#define CRALERT_MAIL_SET    0x001 
 #define CRALERT_EXEC_SET    0x002
 #define CRALERT_READ_ALL    0x004
 #define CRALERT_FP_SET      0x010
diff --git a/src/headers/report_op.h b/src/headers/report_op.h
index a19ec93..c71b862 100755
--- a/src/headers/report_op.h
+++ b/src/headers/report_op.h
@@ -15,10 +15,10 @@
 #define __REPORT_OP_H
 
 
-#define REPORT_RELATED      1
+#define REPORT_RELATED      1 
 #define REPORT_FILTER       2
 
-
+                    
 #define REPORT_REL_USER          0x001
 #define REPORT_REL_SRCIP         0x002
 #define REPORT_REL_LEVEL         0x004
@@ -27,7 +27,7 @@
 #define REPORT_REL_LOCATION      0x040
 #define REPORT_TYPE_DAILY        0x100
 #define REPORT_REL_FILE          0x200
-
+           
 
 
 typedef struct _report_filter
@@ -62,13 +62,13 @@ typedef struct _report_filter
     int report_type;
     int show_alerts;
     void *fp;
-
+     
 }report_filter;
 
 
 
 
-int os_report_configfilter(char *filter_by, char *filter_value,
+int os_report_configfilter(char *filter_by, char *filter_value, 
                            report_filter *r_filter, int arg_type);
 void os_report_printtop(void *topstore, char *hname, int print_related);
 void os_ReportdStart(report_filter *r_filter);
diff --git a/src/headers/rules_op.h b/src/headers/rules_op.h
index 1b80e08..bb4762f 100755
--- a/src/headers/rules_op.h
+++ b/src/headers/rules_op.h
@@ -12,9 +12,9 @@
  * License details at the LICENSE file included with OSSEC or
  * online at: http://www.ossec.net/en/licensing.html
  */
-
+ 
 /* Common API for dealing with directory trees */
-
+          
 
 #ifndef _OS_RULESOP_H
 #define _OS_RULESOP_H
@@ -94,7 +94,7 @@ typedef struct _RuleInfo
 
     int __frequency;
     char **last_events;
-
+    
 
     /* Not an option in the rule */
     u_int16_t alert_opts;
@@ -104,7 +104,7 @@ typedef struct _RuleInfo
 
     /* category */
     u_int8_t category;
-
+   
     /* Decoded as */
     u_int16_t decoded_as;
 
@@ -126,7 +126,7 @@ typedef struct _RuleInfo
 
     /* Function pointer to the event_search. */
     void *(*event_search)(void *lf, void *rule);
-
+    
 
     char *group;
     OSMatch *match;
@@ -148,11 +148,11 @@ typedef struct _RuleInfo
     OSMatch *program_name;
     OSMatch *extra_data;
     char *action;
-
+    
     char *comment; /* description in the xml */
     char *info;
     char *cve;
-
+    
     char *if_sid;
     char *if_level;
     char *if_group;
@@ -160,14 +160,14 @@ typedef struct _RuleInfo
     OSRegex *if_matched_regex;
     OSMatch *if_matched_group;
     int if_matched_sid;
-
+    
     void **ar;
 
 }RuleInfo;
 
 
 /** Prototypes **/
-int OS_ReadXMLRules(char *rulefile,
+int OS_ReadXMLRules(char *rulefile, 
                     void *(*ruleact_function)(RuleInfo *rule, void *data),
                     void *data);
 
diff --git a/src/headers/sec.h b/src/headers/sec.h
index 841492f..4f5c67b 100755
--- a/src/headers/sec.h
+++ b/src/headers/sec.h
@@ -22,7 +22,7 @@ typedef struct _keyentry
     unsigned int local;
     unsigned int keyid;
     unsigned int global;
-
+    
     char *id;
     char *key;
     char *name;
@@ -38,8 +38,8 @@ typedef struct _keystore
 {
     /* Array with all the keys */
     keyentry **keyentries;
-
-
+    
+    
     /* Hashes, based on the id/ip to lookup the keys. */
     void *keyhash_id;
     void *keyhash_ip;
@@ -67,7 +67,7 @@ void OS_FreeKeys(keystore *keys);
 
 /* Checks if key changed. */
 int OS_CheckUpdateKeys(keystore *keys);
-
+  
 /* Update the keys if they changed on the system. */
 int OS_UpdateKeys(keystore *keys);
 
@@ -98,7 +98,7 @@ int OS_IsAllowedDynamicID(keystore *keys, char *id, char *srcip);
 /** Function prototypes -- send/recv messages **/
 
 /* Decrypt and decompress a remote message. */
-char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext,
+char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext, 
                  int id, int buffer_size);
 
 /* Creates an ossec message (encrypts and compress) */
@@ -115,7 +115,7 @@ int CreateSecMSG(keystore *keys, char *msg, char *msg_encrypted, int id);
 #endif
 
 #define SENDER_COUNTER  "sender_counter"
-#define KEYSIZE         128
+#define KEYSIZE         128 
 
 
 #endif
diff --git a/src/headers/shared.h b/src/headers/shared.h
index 4add11a..a7f7b2f 100755
--- a/src/headers/shared.h
+++ b/src/headers/shared.h
@@ -19,7 +19,7 @@
  *  The stack smashing protector defeats some BoF via: gcc -fstack-protector
  *  Reference: http://gcc.gnu.org/onlinedocs/gcc-4.1.2/cpp.pdf
  */
-
+ 
 #if defined(__GNUC__) && (((__GNUC__ == 4) && (__GNUC_MINOR__ >= 1) && (__GNUC_PATCHLEVEL__ >= 2)) || \
                           ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 2)) || \
                            (__GNUC__ >= 5))
@@ -178,7 +178,7 @@ char *__local_name;
 /*** These functions will exit on error. No need to check return code ***/
 
 /* for calloc: x = calloc(4,sizeof(char)) -> os_calloc(4,sizeof(char),x) */
-#define os_calloc(x,y,z) (z = calloc(x,y))?(void)1:ErrorExit(MEM_ERROR, ARGV0)
+#define os_calloc(x,y,z) (z = calloc(x,y))?(void)1:ErrorExit(MEM_ERROR, ARGV0) 
 
 #define os_strdup(x,y) (y = strdup(x))?(void)1:ErrorExit(MEM_ERROR, ARGV0)
 
@@ -193,9 +193,9 @@ char *__local_name;
 #ifdef CLIENT
     #define isAgent 1
 #else
-    #define isAgent 0
+    #define isAgent 0    
 #endif
-
+        
 
 
 #include "debug_op.h"
@@ -225,9 +225,8 @@ char *__local_name;
 #include "os_regex/os_regex.h"
 
 #include "error_messages/error_messages.h"
-#include "custom_output_search.h"
 
 
 #endif /* __SHARED_H */
-			
+			       
 /* EOF */
diff --git a/src/headers/store_op.h b/src/headers/store_op.h
index a8e155b..49014ba 100755
--- a/src/headers/store_op.h
+++ b/src/headers/store_op.h
@@ -42,7 +42,7 @@ typedef struct _OSStore
 
 OSStore *OSStore_Create();
 OSStore *OSStore_Free(OSStore *list);
-
+  
 int OSStore_Put(OSStore *list, char *key, void *data);
 int OSStore_Check(OSStore *list, char *key);
 int OSStore_NCheck(OSStore *list, char *key);
@@ -51,7 +51,7 @@ int OSStore_GetPosition(OSStore *list, char *key);
 void *OSStore_Get(OSStore *list, char *key);
 OSStoreNode *OSStore_GetFirstNode(OSStore *list);
 int OSStore_Sort(OSStore *list, void*(sort_data_function)(void *d1, void *d2));
-
+   
 
 
 #endif
diff --git a/src/headers/string_op.h b/src/headers/string_op.h
index 2df963e..a07b9f0 100755
--- a/src/headers/string_op.h
+++ b/src/headers/string_op.h
@@ -27,7 +27,9 @@ void os_trimcrlf(char *str);
 int os_substr(char *dest, const char *src, int position, int length);
 
 /* Remove a character from a string */
-char *os_strip_char(char *source, char remove);
+char *os_strip_char(const char *source, char remove);
+
+
 
 #endif
 
diff --git a/src/headers/validate_op.h b/src/headers/validate_op.h
index ade6afa..867150f 100755
--- a/src/headers/validate_op.h
+++ b/src/headers/validate_op.h
@@ -43,7 +43,7 @@ int getDefine_Int(char *high_name, char *low_name, int min, int max);
  */
 int OS_IPFound(char *ip_address, os_ip *that_ip);
 
-
+    
 
 /** int OS_IPFoundList(char *ip_address, char **list_of_ips)
  * Checks if ip_address is present on the "list_of_ips".
@@ -61,8 +61,8 @@ int OS_IPFoundList(char *ip_address, os_ip **list_of_ips);
  * ** On success this function may modify the value of ip_address
  */
 int OS_IsValidIP(char *ip_address, os_ip *final_ip);
-
-
+    
+    
 /** Time range validations **/
 
 /** char *OS_IsValidTime(char *time_str)
@@ -78,9 +78,9 @@ int OS_IsValidIP(char *ip_address, os_ip *final_ip);
  * hh:mm am - hh:mm pm (12 hour format)
  * hh am - hh pm (12 hour format)
  */
-char *OS_IsValidTime(char *time_str);
+char *OS_IsValidTime(char *time_str);      
 
-/* Same as above, but only accepts a unique time, not a range. */
+/* Same as above, but only accepts a unique time, not a range. */      
 char *OS_IsValidUniqueTime(char *time_str);
 
 
@@ -104,7 +104,7 @@ int OS_IsAfterTime(char *time_str, char *ossec_time);
  * range.
  */
 int OS_IsonDay(int week_day, char *ossec_day);
-
+   
 
 /** char *OS_IsValidDay(char *day_str)
  * Validates if an day is in an acceptable format
@@ -124,7 +124,7 @@ char *OS_IsValidDay(char *day_str);
 
 /* Checks if the ip is a single host, not a network with a netmask */
 #define isSingleHost(x) (x->netmask == 0xFFFFFFFF)
-
+          
 #endif
 
 /* EOF */
diff --git a/src/headers/wait_op.h b/src/headers/wait_op.h
index 8d1c4fe..5a60926 100755
--- a/src/headers/wait_op.h
+++ b/src/headers/wait_op.h
@@ -11,7 +11,7 @@
  */
 
 #ifndef __WAIT_OP_H
-#define __WAIT_OP_H
+#define __WAIT_OP_H 
 
 
 void os_setwait();
diff --git a/src/init/._darwin-addusers.pl b/src/init/._darwin-addusers.pl
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._darwin-addusers.pl differ
diff --git a/src/init/._darwin-init.sh b/src/init/._darwin-init.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._darwin-init.sh differ
diff --git a/src/init/._functions.sh b/src/init/._functions.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._functions.sh differ
diff --git a/src/init/._fw-check.sh b/src/init/._fw-check.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._fw-check.sh differ
diff --git a/src/init/._init.sh b/src/init/._init.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._init.sh differ
diff --git a/src/init/._language.sh b/src/init/._language.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._language.sh differ
diff --git a/src/init/._ossec-client.sh b/src/init/._ossec-client.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._ossec-client.sh differ
diff --git a/src/init/._ossec-hids-aix.init b/src/init/._ossec-hids-aix.init
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._ossec-hids-aix.init differ
diff --git a/src/init/._ossec-hids-debian.init b/src/init/._ossec-hids-debian.init
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._ossec-hids-debian.init differ
diff --git a/src/init/._ossec-hids-gentoo.init b/src/init/._ossec-hids-gentoo.init
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._ossec-hids-gentoo.init differ
diff --git a/src/init/._ossec-hids-rh.init b/src/init/._ossec-hids-rh.init
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._ossec-hids-rh.init differ
diff --git a/src/init/._ossec-hids-solaris.init b/src/init/._ossec-hids-solaris.init
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._ossec-hids-solaris.init differ
diff --git a/src/init/._ossec-hids-suse.init b/src/init/._ossec-hids-suse.init
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._ossec-hids-suse.init differ
diff --git a/src/init/._ossec-hids.init b/src/init/._ossec-hids.init
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._ossec-hids.init differ
diff --git a/src/init/._ossec-local.sh b/src/init/._ossec-local.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._ossec-local.sh differ
diff --git a/src/init/._ossec-server.sh b/src/init/._ossec-server.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._ossec-server.sh differ
diff --git a/src/init/._osx105-addusers.sh b/src/init/._osx105-addusers.sh
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._osx105-addusers.sh differ
diff --git a/src/init/._shared.sh b/src/init/._shared.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._shared.sh differ
diff --git a/src/init/._update.sh b/src/init/._update.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/init/._update.sh differ
diff --git a/src/init/ossec-client.sh b/src/init/ossec-client.sh
index 5e8ce5e..f58feda 100755
--- a/src/init/ossec-client.sh
+++ b/src/init/ossec-client.sh
@@ -11,7 +11,7 @@ DIR=`dirname $PWD`;
 
 ###  Do not modify bellow here ###
 NAME="OSSEC HIDS"
-VERSION="v2.7.1-beta-1"
+VERSION="v2.7-beta1"
 AUTHOR="Trend Micro Inc."
 DAEMONS="ossec-logcollector ossec-syscheckd ossec-agentd ossec-execd"
 
@@ -140,7 +140,6 @@ start()
         if [ $? = 0 ]; then
             ${DIR}/bin/${i};
             if [ $? != 0 ]; then
-		echo "${i} did not start";
                 unlock;
                 exit 1;
             fi 
diff --git a/src/init/ossec-local.sh b/src/init/ossec-local.sh
index d6fbf15..947cf37 100755
--- a/src/init/ossec-local.sh
+++ b/src/init/ossec-local.sh
@@ -22,7 +22,7 @@ fi
 
 
 NAME="OSSEC HIDS"
-VERSION="v2.7.1-beta-1"
+VERSION="v2.7-beta1"
 AUTHOR="Trend Micro Inc."
 DAEMONS="ossec-monitord ossec-logcollector ossec-syscheckd ossec-analysisd ossec-maild ossec-execd ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}"
 
@@ -226,7 +226,6 @@ start()
         if [ $? = 0 ]; then
             ${DIR}/bin/${i} ${DEBUG_CLI};
             if [ $? != 0 ]; then
-		echo "${i} did not start correctly.";
                 unlock;
                 exit 1;
             fi 
diff --git a/src/init/ossec-server.sh b/src/init/ossec-server.sh
index 42616b2..98eec56 100755
--- a/src/init/ossec-server.sh
+++ b/src/init/ossec-server.sh
@@ -22,7 +22,7 @@ fi
 
 
 NAME="OSSEC HIDS"
-VERSION="v2.7.1-beta-1"
+VERSION="v2.7-beta1"
 AUTHOR="Trend Micro Inc."
 DAEMONS="ossec-monitord ossec-logcollector ossec-remoted ossec-syscheckd ossec-analysisd ossec-maild ossec-execd ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}"
 
@@ -224,7 +224,6 @@ start()
         if [ $? = 0 ]; then
             ${DIR}/bin/${i} ${DEBUG_CLI};
             if [ $? != 0 ]; then
-		echo "${i} did not start correctly.";
                 unlock;
                 exit 1;
             fi 
diff --git a/src/init/osx105-addusers.sh b/src/init/osx105-addusers.sh
index 6bc1cab..b3bf14d 100644
--- a/src/init/osx105-addusers.sh
+++ b/src/init/osx105-addusers.sh
@@ -1,128 +1,39 @@
-#! /bin/bash
+#! /bin/sh
 # By Spransy, Derek" <DSPRANS () emory ! edu> and Charlie Scott
-#
-# alterations by bil hays 2013
-# -Switched to bash
-# -Added some sanity checks
-# -Added routine to find the first 3 contiguous UIDs above 100,
-#  starting at 600 puts this in user space
-# -Added lines to append the ossec users to the group ossec
-#  so the the list GroupMembership works properly
 
-#####
-# This checks for an error and exits with a custom message
-# Returns zero on success
-# $1 is the message
-# $2 is the error code
-
-if [[ ! -f "/usr/bin/dscl" ]]
-  then
-  echo "Error, I have no dscl, dying here";
-  exit
-fi
-
-DSCL="/usr/bin/dscl";
-
-function check_errm
-   {
-   if  [[ ${?} != "0" ]]
-      then
-      echo "${1}";
-      exit ${2};
-      fi
-   }
-
-# get unique id numbers (uid, gid) that are greater than 100
-unset -v i new_uid new_gid idvar;
-declare -i new_uid=0 new_gid=0 i=100 idvar=0;
-while [[ $idvar -eq 0 ]]; do
-   i=$[i+1]
-   j=$[i+1]
-   k=$[i+2]
-   if [[ -z "$(/usr/bin/dscl . -search /Users uid ${i})" ]] && [[ -z "$(/usr/bin/dscl . -search /Groups gid ${i})" ]] && \
-      [[ -z "$(/usr/bin/dscl . -search /Users uid ${j})" ]] && [[ -z "$(/usr/bin/dscl . -search /Groups gid ${j})" ]] && \
-      [[ -z "$(/usr/bin/dscl . -search /Users uid ${k})" ]] && [[ -z "$(/usr/bin/dscl . -search /Groups gid ${k})" ]];
-      then
-      new_uid=$i
-      new_gid=$i
-      idvar=1
-      #break
-   fi
-done
-
-echo "UIDs available are:";
-echo ${new_uid}
-echo ${j}
-echo ${k}
-
-# Verify that the uid and gid exist and match
-if [[ $new_uid -eq 0 ]] || [[ $new_gid -eq 0 ]];
-   then
-   echo "Getting unique id numbers (uid, gid) failed!";
-   exit 1;
-   fi
-if [[ ${new_uid} != ${new_gid} ]]
-   then
-   echo "I failed to find matching free uid and gid!";
-   exit 5;
-   fi
 
 
 # Creating the groups.
-sudo ${DSCL} localhost -create /Local/Default/Groups/ossec
-check_errm "Error creating group ossec" "67"
-sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec PrimaryGroupID ${new_gid}
-sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec RealName ossec
-sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec RecordName ossec
-sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec RecordType: dsRecTypeStandard:Groups
-sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec Password "*"
+sudo dscl localhost -create /Local/Default/Groups/ossec
+sudo dscl localhost -createprop /Local/Default/Groups/ossec PrimaryGroupID 600
+sudo dscl localhost -createprop /Local/Default/Groups/ossec RealName ossec
+sudo dscl localhost -createprop /Local/Default/Groups/ossec RecordName ossec
+sudo dscl localhost -createprop /Local/Default/Groups/ossec RecordType: dsRecTypeStandard:Groups
+sudo dscl localhost -createprop /Local/Default/Groups/ossec Password "*"
 
 
 # Creating the users.
-
-if [[ $(dscl . -read /Users/ossecm) ]]
-   then
-   echo "ossecm already exists";
-else
-   sudo ${DSCL} localhost -create /Local/Default/Users/ossecm
-   check_errm "Error creating user ossecm" "87"
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossecm RecordName ossecm
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossecm RealName "ossecmacct"
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossecm NFSHomeDirectory /var/ossec
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossecm UniqueID ${j}
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossecm PrimaryGroupID ${new_gid}
-   sudo ${DSCL} localhost -append /Local/Default/Groups/ossec GroupMembership ossecm
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossecm Password "*"
-fi
-
-if [[ $(dscl . -read /Users/ossecr) ]]
-   then
-   echo "ossecr already exists";
-else
-   sudo ${DSCL} localhost -create /Local/Default/Users/ossecr
-   check_errm "Error creating user ossecr" "97"
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossecr RecordName ossecr
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossecr RealName "ossecracct"
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossecr NFSHomeDirectory /var/ossec
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossecr UniqueID ${k}
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossecr PrimaryGroupID ${new_gid}
-   sudo ${DSCL} localhost -append /Local/Default/Groups/ossec GroupMembership ossecr
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossecr Password "*"
-fi
-
-if [[ $(dscl . -read /Users/ossec) ]]
-   then
-   echo "ossec already exists";
-else
-   sudo ${DSCL} localhost -create /Local/Default/Users/ossec
-   check_errm "Error creating user ossec" "77"
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec RecordName ossec
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec RealName "ossecacct"
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec NFSHomeDirectory /var/ossec
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec UniqueID ${new_uid}
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec PrimaryGroupID ${new_gid}
-   sudo ${DSCL} localhost -append /Local/Default/Groups/ossec GroupMembership ossec
-   sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec Password "*"
-fi
-
+sudo dscl localhost -create /Local/Default/Users/ossec
+sudo dscl localhost -createprop /Local/Default/Users/ossec RecordName ossec
+sudo dscl localhost -createprop /Local/Default/Users/ossec RealName "ossecacct"
+sudo dscl localhost -createprop /Local/Default/Users/ossec NFSHomeDirectory /var/ossec
+sudo dscl localhost -createprop /Local/Default/Users/ossec UniqueID 600
+sudo dscl localhost -createprop /Local/Default/Users/ossec PrimaryGroupID 600
+sudo dscl localhost -createprop /Local/Default/Users/ossec Password "*"
+
+sudo dscl localhost -create /Local/Default/Users/ossecm
+sudo dscl localhost -createprop /Local/Default/Users/ossecm RecordName ossecm
+sudo dscl localhost -createprop /Local/Default/Users/ossecm RealName "ossecmacct"
+sudo dscl localhost -createprop /Local/Default/Users/ossecm NFSHomeDirectory /var/ossec
+sudo dscl localhost -createprop /Local/Default/Users/ossecm UniqueID 601
+sudo dscl localhost -createprop /Local/Default/Users/ossecm PrimaryGroupID 600
+sudo dscl localhost -createprop /Local/Default/Users/ossecm Password "*"
+
+sudo dscl localhost -create /Local/Default/Users/ossecr
+sudo dscl localhost -createprop /Local/Default/Users/ossecr RecordName ossecr
+sudo dscl localhost -createprop /Local/Default/Users/ossecr RealName "ossecracct"
+sudo dscl localhost -createprop /Local/Default/Users/ossecr NFSHomeDirectory /var/ossec
+sudo dscl localhost -createprop /Local/Default/Users/ossecr UniqueID 602
+sudo dscl localhost -createprop /Local/Default/Users/ossecr PrimaryGroupID 600
+sudo dscl localhost -createprop /Local/Default/Users/ossecr Password "*"
 
diff --git a/src/init/update.sh b/src/init/update.sh
index 0e0b078..bcbf299 100755
--- a/src/init/update.sh
+++ b/src/init/update.sh
@@ -46,10 +46,10 @@ doUpdatecleanup()
     fi
 
     # Checking if the directory is valid.
-    _dir_pattern_update="^/[-a-zA-Z0-9/\.-]{3,128}$"
-    echo $DIRECTORY | grep -E "$_dir_pattern_update" > /dev/null 2>&1
+    local _dir_pattern="^/[-a-zA-Z0-9/\.-]{3,128}$"
+    echo $DIRECTORY | grep -E "$_dir_pattern" > /dev/null 2>&1
     if [ ! $? = 0 ]; then
-        echo "# ($FUNCNAME) ERROR: directory name ($DIRECTORY) doesn't match the pattern $_dir_pattern_update" 1>&2
+        echo "# ($FUNCNAME) ERROR: directory name ($DIRECTORY) doesn't match the pattern $_dir_pattern" 1>&2
         echo "${FALSE}"
         return 1;
     fi
@@ -133,13 +133,10 @@ UpdateOSSECRules()
     cp -pr ${OSSEC_CONF_FILE} "${OSSEC_CONF_FILE}.$$.bak"
 
     # Getting rid of old rules entries
-    grep -Ev "</*rules>|<include>|<list>|<decoder>|<decoder_dir|<rule_dir>|rules global entry" ${OSSEC_CONF_FILE} > "${OSSEC_CONF_FILE}.$$.tmp"
-
-    # Customer decoder, decoder_dir, rule_dir are carried over during upgrade
-    grep -E '<decoder>|<decoder_dir|<rule_dir>' ${OSSEC_CONF_FILE} | grep -v '<!--' >> "${OSSEC_CONF_FILE}.$$.tmp2"
+    grep -Ev "</*rules>|<include>|<list>|rules global entry" ${OSSEC_CONF_FILE} > "${OSSEC_CONF_FILE}.$$.tmp"
 
     # Check for custom files that may have been added in <rules> element
-    for i in `grep -E '<include>|<list>' ${OSSEC_CONF_FILE} | grep -v '<!--'`
+    for i in $(grep -E '<include>|<list>' ${OSSEC_CONF_FILE} | grep -v '<!--')
     do
       grep "$i" ${RULES_TEMPLATE}>/dev/null || echo "    $i" >> "${OSSEC_CONF_FILE}.$$.tmp2"
     done
diff --git a/src/logcollector/._COPYRIGHT b/src/logcollector/._COPYRIGHT
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._COPYRIGHT differ
diff --git a/src/logcollector/._Makefile b/src/logcollector/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._Makefile differ
diff --git a/src/logcollector/._VERSION b/src/logcollector/._VERSION
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._VERSION differ
diff --git a/src/logcollector/._config.c b/src/logcollector/._config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._config.c differ
diff --git a/src/logcollector/._logcollector.c b/src/logcollector/._logcollector.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._logcollector.c differ
diff --git a/src/logcollector/._logcollector.h b/src/logcollector/._logcollector.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._logcollector.h differ
diff --git a/src/logcollector/._main.c b/src/logcollector/._main.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._main.c differ
diff --git a/src/logcollector/._read_command.c b/src/logcollector/._read_command.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._read_command.c differ
diff --git a/src/logcollector/._read_djb_multilog.c b/src/logcollector/._read_djb_multilog.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._read_djb_multilog.c differ
diff --git a/src/logcollector/._read_fullcommand.c b/src/logcollector/._read_fullcommand.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._read_fullcommand.c differ
diff --git a/src/logcollector/._read_mssql_log.c b/src/logcollector/._read_mssql_log.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._read_mssql_log.c differ
diff --git a/src/logcollector/._read_multiline.c b/src/logcollector/._read_multiline.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._read_multiline.c differ
diff --git a/src/logcollector/._read_mysql_log.c b/src/logcollector/._read_mysql_log.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._read_mysql_log.c differ
diff --git a/src/logcollector/._read_nmapg.c b/src/logcollector/._read_nmapg.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._read_nmapg.c differ
diff --git a/src/logcollector/._read_ossecalert.c b/src/logcollector/._read_ossecalert.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._read_ossecalert.c differ
diff --git a/src/logcollector/._read_postgresql_log.c b/src/logcollector/._read_postgresql_log.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._read_postgresql_log.c differ
diff --git a/src/logcollector/._read_snortfull.c b/src/logcollector/._read_snortfull.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._read_snortfull.c differ
diff --git a/src/logcollector/._read_syslog.c b/src/logcollector/._read_syslog.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._read_syslog.c differ
diff --git a/src/logcollector/._read_win_el.c b/src/logcollector/._read_win_el.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/logcollector/._read_win_el.c differ
diff --git a/src/logcollector/config.c b/src/logcollector/config.c
index 8e1aee3..fb66216 100755
--- a/src/logcollector/config.c
+++ b/src/logcollector/config.c
@@ -10,12 +10,12 @@
  * Foundation
  */
 
-/* v0.3 (2005/08/23): Using the new OS_XML syntax and changing some usage
+/* v0.3 (2005/08/23): Using the new OS_XML syntax and changing some usage 
  * v0.2 (2005/01/17)
  */
+ 
 
-
-#include "shared.h"
+#include "shared.h" 
 
 #include "logcollector.h"
 
@@ -38,7 +38,7 @@ int LogCollectorConfig(char * cfgfile, int accept_remote)
 
     if(ReadConfig(modules, cfgfile, &log_config, NULL) < 0)
         return(OS_INVALID);
-
+    
     #ifdef CLIENT
     modules|= CAGENT_CONFIG;
     log_config.agent_cfg = 1;
@@ -46,7 +46,7 @@ int LogCollectorConfig(char * cfgfile, int accept_remote)
     log_config.agent_cfg = 0;
     #endif
 
-    logff = log_config.config;
+    logff = log_config.config;       
 
     return(1);
 
diff --git a/src/logcollector/logcollector.c b/src/logcollector/logcollector.c
index e456467..937990b 100755
--- a/src/logcollector/logcollector.c
+++ b/src/logcollector/logcollector.c
@@ -49,18 +49,18 @@ void LogCollectorStart()
     char keepalive[1024];
 
 
-
+    
     /* To check for inode changes */
     struct stat tmp_stat;
-
-
+    
+                
     #ifndef WIN32
-
+    
     int int_error = 0;
     struct timeval fp_timeout;
-
+    
     #else
-
+    
     /* Checking if we are on vista. */
     checkVista();
 
@@ -70,12 +70,12 @@ void LogCollectorStart()
     {
         win_read_vista_sec();
     }
-
+    
     #endif
 
     debug1("%s: DEBUG: Entering LogCollectorStart().", ARGV0);
-
-
+    
+    
     /* Initializing each file and structure */
     for(i = 0;;i++)
     {
@@ -88,7 +88,7 @@ void LogCollectorStart()
         {
             if(logff[r].file && strcmp(logff[i].file, logff[r].file) == 0)
             {
-                merror("%s: WARN: Duplicated log file given: '%s'.",
+                merror("%s: WARN: Duplicated log file given: '%s'.", 
                        ARGV0, logff[i].file);
                 logff[i].file = NULL;
                 logff[i].command = NULL;
@@ -102,14 +102,14 @@ void LogCollectorStart()
         {
             /* do nothing, duplicated entry. */
         }
-
+       
         else if(strcmp(logff[i].logformat,"eventlog") == 0)
         {
             #ifdef WIN32
-
+            
             verbose(READING_EVTLOG, ARGV0, logff[i].file);
             win_startel(logff[i].file);
-
+            
             #endif
             logff[i].file = NULL;
             logff[i].command = NULL;
@@ -135,7 +135,7 @@ void LogCollectorStart()
             }
             else
             {
-                merror("%s: ERROR: Missing command argument. Ignoring it.",
+                merror("%s: ERROR: Missing command argument. Ignoring it.", 
                        ARGV0);
             }
         }
@@ -156,16 +156,16 @@ void LogCollectorStart()
             else
             {
                 merror("%s: ERROR: Missing command argument. Ignoring it.",
-                       ARGV0);
+                       ARGV0); 
             }
         }
-
+        
         else
         {
             logff[i].command = NULL;
 
 
-            /* Initializing the files */
+            /* Initializing the files */    
             if(logff[i].ffile)
             {
                 /* Day must be zero for all files to be initialized */
@@ -178,26 +178,26 @@ void LogCollectorStart()
                 {
                     ErrorExit(PARSE_ERROR, ARGV0, logff[i].ffile);
                 }
-
+                    
             }
             else
             {
                 handle_file(i, 1, 1);
             }
-
+            
             verbose(READING_FILE, ARGV0, logff[i].file);
-
+            
             /* Getting the log type */
             if(strcmp("snort-full", logff[i].logformat) == 0)
             {
                 logff[i].read = (void *)read_snortfull;
             }
-            #ifndef WIN32
+            #ifndef WIN32 
             if(strcmp("ossecalert", logff[i].logformat) == 0)
             {
                 logff[i].read = (void *)read_ossecalert;
             }
-            #endif
+            #endif 
             else if(strcmp("nmapg", logff[i].logformat) == 0)
             {
                 logff[i].read = (void *)read_nmapg;
@@ -266,7 +266,7 @@ void LogCollectorStart()
 
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, (int)getpid());
-
+        
     max_file = i -1;
 
 
@@ -275,8 +275,8 @@ void LogCollectorStart()
     {
         max_file = 0;
     }
-
-
+    
+    
     /* Daemon loop */
     while(1)
     {
@@ -284,7 +284,7 @@ void LogCollectorStart()
         fp_timeout.tv_sec = loop_timeout;
         fp_timeout.tv_usec = 0;
 
-        /* Waiting for the select timeout */
+        /* Waiting for the select timeout */ 
         if ((r = select(0, NULL, NULL, NULL, &fp_timeout)) < 0)
         {
             merror(SELECT_ERROR, ARGV0);
@@ -297,18 +297,18 @@ void LogCollectorStart()
             continue;
         }
         #else
-
+        
         /* Windows don't like select that way */
         sleep(loop_timeout + 2);
 
-
+        
         /* Check for messages in the event viewer */
         win_readel();
         #endif
-
+        
         f_check++;
 
-
+        
         /* Checking which file is available */
         for(i = 0; i <= max_file; i++)
         {
@@ -396,7 +396,7 @@ void LogCollectorStart()
                         logff[i].ign++;
                         continue;
                     }
-
+                    
                     #ifdef WIN32
                     logff[i].read(i, &r, 1);
                     #endif
@@ -408,19 +408,19 @@ void LogCollectorStart()
             }
         }
 
-
+        
         /* Only check bellow if check > VCHECK_FILES */
         if(f_check <= VCHECK_FILES)
             continue;
 
-
+            
         /* Send keep alive message */
 
         rand_keepalive_str(keepalive, 700);
         SendMSG(logr_queue, keepalive, "ossec-keepalive", LOCALFILE_MQ);
 
 
-        /* Zeroing f_check */
+        /* Zeroing f_check */    
         f_check = 0;
 
 
@@ -430,8 +430,8 @@ void LogCollectorStart()
             /* These are the windows logs or ignored files */
             if(!logff[i].file)
                 continue;
-
-
+            
+            
             /* Files with date -- check for day change */
             if(logff[i].ffile)
             {
@@ -456,8 +456,8 @@ void LogCollectorStart()
                     continue;
                 }
             }
-
-
+            
+            
             /* Check for file change -- if the file is open already */
             if(logff[i].fp)
             {
@@ -466,7 +466,7 @@ void LogCollectorStart()
                 {
                     fclose(logff[i].fp);
                     logff[i].fp = NULL;
-
+                    
                     merror(FILE_ERROR, ARGV0, logff[i].file);
                 }
 
@@ -506,21 +506,21 @@ void LogCollectorStart()
                     snprintf(msg_alert, 512, "ossec: File rotated (inode "
                                              "changed): '%s'.",
                                              logff[i].file);
-
+                     
                     /* Send message about log rotated  */
-                    SendMSG(logr_queue, msg_alert,
+                    SendMSG(logr_queue, msg_alert, 
                             "ossec-logcollector", LOCALFILE_MQ);
-
+                            
                     debug1("%s: DEBUG: File inode changed. %s",
                             ARGV0, logff[i].file);
-
+                    
                     fclose(logff[i].fp);
 
                     #ifdef WIN32
                     CloseHandle(logff[i].h);
                     CloseHandle(h1);
                     #endif
-
+                    
                     logff[i].fp = NULL;
                     handle_file(i, 0, 1);
                     continue;
@@ -536,11 +536,11 @@ void LogCollectorStart()
                     snprintf(msg_alert, 512, "ossec: File size reduced "
                                              "(inode remained): '%s'.",
                                              logff[i].file);
-
+                     
                     /* Send message about log rotated  */
-                    SendMSG(logr_queue, msg_alert,
+                    SendMSG(logr_queue, msg_alert, 
                             "ossec-logcollector", LOCALFILE_MQ);
-
+                            
                     debug1("%s: DEBUG: File size reduced. %s",
                             ARGV0, logff[i].file);
 
@@ -556,7 +556,7 @@ void LogCollectorStart()
                     CloseHandle(logff[i].h);
                     CloseHandle(h1);
                     #endif
-
+                    
                     logff[i].fp = NULL;
                     handle_file(i, 1, 1);
                 }
@@ -567,9 +567,9 @@ void LogCollectorStart()
                 }
                 #endif
             }
-
-
-            /* Too many errors for the file */
+            
+            
+            /* Too many errors for the file */ 
             if(logff[i].ign > open_file_attempts)
             {
                 /* 999 Maximum ignore */
@@ -577,7 +577,7 @@ void LogCollectorStart()
                 {
                     continue;
                 }
-
+                
                 merror(LOGC_FILE_ERROR, ARGV0, logff[i].file);
                 if(logff[i].fp)
                 {
@@ -586,7 +586,7 @@ void LogCollectorStart()
                     CloseHandle(logff[i].h);
                     #endif
                 }
-
+                    
                 logff[i].fp = NULL;
 
 
@@ -603,9 +603,9 @@ void LogCollectorStart()
                 logff[i].ign = 999;
                 continue;
             }
-
-
-            /* File not opened */
+           
+           
+            /* File not opened */ 
             if(!logff[i].fp)
             {
                 if(logff[i].ign >= 999)
@@ -631,13 +631,13 @@ int update_fname(int i)
 {
     struct tm *p;
     time_t __ctime = time(0);
-
+    
     char lfile[OS_FLSIZE + 1];
     size_t ret;
 
 
     p = localtime(&__ctime);
-
+    
 
     /* Handle file */
     if(p->tm_mday == _cday)
@@ -652,17 +652,17 @@ int update_fname(int i)
     {
         ErrorExit(PARSE_ERROR, ARGV0, logff[i].ffile);
     }
-
-
+    
+    
     /* Update the file name */
     if(strcmp(lfile, logff[i].file) != 0)
     {
         os_free(logff[i].file);
 
-        os_strdup(lfile, logff[i].file);
+        os_strdup(lfile, logff[i].file);    
 
         verbose(VAR_LOG_MON, ARGV0, logff[i].file);
-
+        
         /* Setting cday to zero because other files may need
          * to be changed.
          */
@@ -680,7 +680,7 @@ int handle_file(int i, int do_fseek, int do_log)
 {
     int fd;
     struct stat stat_fd;
-
+    
     /* We must be able to open the file, fseek and get the
      * time of change from it.
      */
@@ -703,10 +703,10 @@ int handle_file(int i, int do_fseek, int do_log)
         logff[i].fp = NULL;
         return(-1);
     }
-
+    
     logff[i].fd = stat_fd.st_ino;
     logff[i].size =  stat_fd.st_size;
-
+    
 
     #else
     BY_HANDLE_FILE_INFORMATION lpFileInformation;
@@ -771,7 +771,7 @@ int handle_file(int i, int do_fseek, int do_log)
         }
         #endif
     }
-
+    
 
     /* Setting ignore to zero */
     logff[i].ign = 0;
diff --git a/src/logcollector/main.c b/src/logcollector/main.c
index fe143c2..8f5320b 100755
--- a/src/logcollector/main.c
+++ b/src/logcollector/main.c
@@ -12,9 +12,9 @@
 
 
 /* v0.4 (2005/11/11): Some cleanup and bug fixes
- * v0.3 (2005/08/26): Reading all files in just one process
+ * v0.3 (2005/08/26): Reading all files in just one process 
  * v0.2 (2005/04/04):
- */
+ */  
 
 
 /* Logcollector daemon.
@@ -60,7 +60,7 @@ int main(int argc, char **argv)
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
+        
 
     while((c = getopt(argc, argv, "VtdhfD:c:")) != -1)
     {
@@ -90,10 +90,10 @@ int main(int argc, char **argv)
                 break;
             case 't':
                 test_config = 1;
-                break;
+                break;    
             default:
                 help(ARGV0);
-                break;
+                break;   
         }
 
     }
@@ -108,22 +108,22 @@ int main(int argc, char **argv)
     /* Reading config file */
     if(LogCollectorConfig(cfg, accept_manager_commands) < 0)
         ErrorExit(CONFIG_ERROR, ARGV0, cfg);
-
-
+    
+    
     /* Getting loop timeout */
     loop_timeout = getDefine_Int("logcollector",
                                  "loop_timeout",
                                  1, 120);
-
+    
     open_file_attempts = getDefine_Int("logcollector", "open_attempts",
                                        2, 998);
-
+            
     debug_flag = getDefine_Int("logcollector",
                                "debug",
                                0,2);
     accept_manager_commands = getDefine_Int("logcollector", "remote_commands",
                                        0, 1);
-
+    
     /* Getting debug values */
     while(debug_flag != 0)
     {
@@ -135,7 +135,7 @@ int main(int argc, char **argv)
     /* Exit if test config */
     if(test_config)
         exit(0);
-
+        
 
     /* No file available to monitor -- continue */
     if(logff == NULL)
@@ -150,13 +150,13 @@ int main(int argc, char **argv)
 
         merror(NO_FILE, ARGV0);
     }
-
+            
 
     /* Starting signal handler */
     StartSIG(ARGV0);	
 
 
-    if (!run_foreground)
+    if (!run_foreground) 
     {
         /* Going on daemon mode */
         nowDaemon();
@@ -168,21 +168,21 @@ int main(int argc, char **argv)
     if(CreatePID(ARGV0, getpid()) < 0)
         merror(PID_ERROR, ARGV0);
 
-
-
+   
+   
     /* Waiting 6 seconds for the analysisd/agentd to settle */
     debug1("%s: DEBUG: Waiting main daemons to settle.", ARGV0);
     sleep(6);
-
-
+    
+     
     /* Starting the queue. */
     if((logr_queue = StartMQ(DEFAULTQPATH,WRITE)) < 0)
         ErrorExit(QUEUE_FATAL, ARGV0, DEFAULTQPATH);
 
 
-    /* Main loop */
+    /* Main loop */        
     LogCollectorStart();
-
+    
 
     return(0);
 }
diff --git a/src/logcollector/read_command.c b/src/logcollector/read_command.c
index f1de982..4c66af4 100755
--- a/src/logcollector/read_command.c
+++ b/src/logcollector/read_command.c
@@ -44,9 +44,9 @@ void *read_command(int pos, int *rc, int drop_it)
     }
 
 
-    snprintf(str, 256, "ossec: output: '%s': ",
-             (NULL != logff[pos].alias)
-             ? logff[pos].alias
+    snprintf(str, 256, "ossec: output: '%s': ", 
+             (NULL != logff[pos].alias) 
+             ? logff[pos].alias 
              : logff[pos].command);
     cmd_size = strlen(str);
 
@@ -54,7 +54,7 @@ void *read_command(int pos, int *rc, int drop_it)
     while(fgets(str + cmd_size, OS_MAXSTR - OS_LOG_HEADER - 256, cmd_output) != NULL)
     {
         /* Getting the last occurence of \n */
-        if ((p = strrchr(str, '\n')) != NULL)
+        if ((p = strrchr(str, '\n')) != NULL) 
         {
             *p = '\0';
         }
@@ -70,11 +70,11 @@ void *read_command(int pos, int *rc, int drop_it)
         {
             continue;
         }
-
-
+        
+        
         debug2("%s: DEBUG: Reading command message: '%s'", ARGV0, str);
 
-
+        
         /* Sending message to queue */
         if(drop_it == 0)
         {
@@ -95,7 +95,7 @@ void *read_command(int pos, int *rc, int drop_it)
 
     pclose(cmd_output);
 
-    return(NULL);
+    return(NULL); 
 }
 
 /* EOF */
diff --git a/src/logcollector/read_djb_multilog.c b/src/logcollector/read_djb_multilog.c
index be4f56f..7c5188d 100755
--- a/src/logcollector/read_djb_multilog.c
+++ b/src/logcollector/read_djb_multilog.c
@@ -24,8 +24,8 @@
 char *(djb_month[])={"Jan","Feb","Mar","Apr","May","Jun","Jul","Aug",
                      "Sep","Oct","Nov","Dec"};
 
-char djb_host[512 +1];
-
+char djb_host[512 +1];                     
+                
 
 
 /* Initializes multilog. */
@@ -58,7 +58,7 @@ int init_djbmultilog(int pos)
     #else
     strncpy(djb_host, "win32", 512 -1);
     #endif
-
+                                                                                                        
 
 
     /* Multilog must be in the following format: /path/program_name/current */
@@ -66,7 +66,7 @@ int init_djbmultilog(int pos)
     if(!tmp_str)
         return(0);
 
-
+    
     /* Must end with /current and must not be in the beginning of the string. */
     if((strcmp(tmp_str, "/current") != 0) || (tmp_str == logff[pos].file))
     {
@@ -85,7 +85,7 @@ int init_djbmultilog(int pos)
         return(0);
     }
 
-
+    
     os_strdup(djbp_name+1, logff[pos].djb_program_name);
     tmp_str[0] = '/';
 
@@ -117,19 +117,19 @@ void *read_djbmultilog(int pos, int *rc, int drop_it)
     {
         return(NULL);
     }
-
+    
 
 
     /* Getting new entry */
     while(fgets(str, OS_MAXSTR - OS_LOG_HEADER, logff[pos].fp) != NULL)
     {
-
+        
         /* Getting buffer size */
         str_len = strlen(str);
 
-
+        
         /* Getting the last occurence of \n */
-        if ((p = strrchr(str, '\n')) != NULL)
+        if ((p = strrchr(str, '\n')) != NULL) 
         {
             *p = '\0';
 
@@ -144,13 +144,13 @@ void *read_djbmultilog(int pos, int *rc, int drop_it)
         {
             need_clear = 1;
         }
-
-
+        
+        
         /* Multilog messages have the following format:
          * @40000000463246020c2ca16c xx...
          */
         if((str_len > 26) &&
-           (str[0] == '@') &&
+           (str[0] == '@') && 
            isalnum((int)str[1]) &&
            isalnum((int)str[2]) &&
            isalnum((int)str[3]) &&
@@ -163,11 +163,11 @@ void *read_djbmultilog(int pos, int *rc, int drop_it)
             {
                 p++;
             }
-
-
+                
+            
             /* If message has a valid syslog header, send as is. */
             if((str_len > 44) &&
-               (p[3] == ' ') &&
+               (p[3] == ' ') &&  
                (p[6] == ' ') &&
                (p[9] == ':') &&
                (p[12] == ':') &&
@@ -199,18 +199,18 @@ void *read_djbmultilog(int pos, int *rc, int drop_it)
                                              p);
             }
         }
-
-
+        
+        
         else
         {
             debug2("%s: DEBUG: Invalid DJB log: '%s'", ARGV0, str);
             continue;
         }
-
-
+        
+        
         debug2("%s: DEBUG: Reading DJB multilog message: '%s'", ARGV0, buffer);
 
-
+        
         /* Sending message to queue */
         if(drop_it == 0)
         {
@@ -223,11 +223,11 @@ void *read_djbmultilog(int pos, int *rc, int drop_it)
                 }
             }
         }
-
+        
         continue;
     }
 
-    return(NULL);
+    return(NULL); 
 }
 
 /* EOF */
diff --git a/src/logcollector/read_fullcommand.c b/src/logcollector/read_fullcommand.c
index c79eb22..0979e6a 100755
--- a/src/logcollector/read_fullcommand.c
+++ b/src/logcollector/read_fullcommand.c
@@ -48,8 +48,8 @@ void *read_fullcommand(int pos, int *rc, int drop_it)
 
 
     snprintf(str, 256, "ossec: output: '%s':\n",
-                (NULL != logff[pos].alias)
-                ? logff[pos].alias
+                (NULL != logff[pos].alias) 
+                ? logff[pos].alias 
                 : logff[pos].command);
     cmd_size = strlen(str);
 
@@ -59,12 +59,12 @@ void *read_fullcommand(int pos, int *rc, int drop_it)
         str[cmd_size +n] = '\0';
 
         /* Getting the last occurence of \n */
-        if ((p = strrchr(str, '\n')) != NULL)
+        if ((p = strrchr(str, '\n')) != NULL) 
         {
             *p = '\0';
         }
 
-
+        
         debug2("%s: DEBUG: Reading command message: '%s'", ARGV0, str);
 
         /* Removing empty lines. */
@@ -88,7 +88,7 @@ void *read_fullcommand(int pos, int *rc, int drop_it)
         }
         strfinal[n] = '\0';
 
-
+        
         /* Sending message to queue */
         if(drop_it == 0)
         {
@@ -107,7 +107,7 @@ void *read_fullcommand(int pos, int *rc, int drop_it)
 
     pclose(cmd_output);
 
-    return(NULL);
+    return(NULL); 
 }
 
 /* EOF */
diff --git a/src/logcollector/read_mssql_log.c b/src/logcollector/read_mssql_log.c
index ae685bb..1e85459 100755
--- a/src/logcollector/read_mssql_log.c
+++ b/src/logcollector/read_mssql_log.c
@@ -21,7 +21,7 @@
 
 
 
-/* Send mssql message and check the return code.
+/* Send mssql message and check the return code. 
  */
 void __send_mssql_msg(int pos, int drop_it, char *buffer)
 {
@@ -53,7 +53,7 @@ void *read_mssql_log(int pos, int *rc, int drop_it)
 
     /* Zeroing buffer and str */
     buffer[0] = '\0';
-    buffer[OS_MAXSTR] = '\0';
+    buffer[OS_MAXSTR] = '\0';    
     str[OS_MAXSTR]= '\0';
     *rc = 0;
 
@@ -61,20 +61,20 @@ void *read_mssql_log(int pos, int *rc, int drop_it)
     /* Getting new entry */
     while(fgets(str, OS_MAXSTR - OS_LOG_HEADER, logff[pos].fp) != NULL)
     {
-
+        
         /* Getting buffer size */
         str_len = strlen(str);
 
-
+        
         /* Checking str_len size. Very useless, but just to make sure.. */
         if(str_len >= sizeof(buffer) -2)
         {
             str_len = sizeof(buffer) -10;
         }
 
-
+        
         /* Getting the last occurence of \n */
-        if ((p = strrchr(str, '\n')) != NULL)
+        if ((p = strrchr(str, '\n')) != NULL) 
         {
             *p = '\0';
 
@@ -89,8 +89,8 @@ void *read_mssql_log(int pos, int *rc, int drop_it)
         {
             need_clear = 1;
         }
-
-
+        
+        
         #ifdef WIN32
         if ((p = strrchr(str, '\r')) != NULL)
         {
@@ -112,7 +112,7 @@ void *read_mssql_log(int pos, int *rc, int drop_it)
         }
         #endif
 
-
+       
 
         /* MSSQL messages have the following formats:
          * 2009-03-25 04:47:30.01 Server
@@ -120,17 +120,17 @@ void *read_mssql_log(int pos, int *rc, int drop_it)
          * 2009-02-06 11:48:59     Server
          */
         if((str_len > 19) &&
-           (str[4] == '-') &&
-           (str[7] == '-') &&
-           (str[10] == ' ') &&
-           (str[13] == ':') &&
-           (str[16] == ':') &&
+           (str[4] == '-') && 
+           (str[7] == '-') && 
+           (str[10] == ' ') && 
+           (str[13] == ':') && 
+           (str[16] == ':') && 
            isdigit((int)str[0]) &&
            isdigit((int)str[1]) &&
            isdigit((int)str[2]) &&
            isdigit((int)str[3]))
         {
-
+            
             /* If the saved message is empty, set it and continue. */
             if(buffer[0] == '\0')
             {
@@ -148,8 +148,8 @@ void *read_mssql_log(int pos, int *rc, int drop_it)
                 strncpy(buffer, str, str_len + 2);
             }
         }
-
-
+        
+        
         /* Query logs can be in multiple lines.
          * They always start with a tab in the additional ones.
          */
@@ -157,16 +157,16 @@ void *read_mssql_log(int pos, int *rc, int drop_it)
         {
             /* Size of the buffer */
             int buffer_len = strlen(buffer);
-
+            
             p = str;
-
+            
             /* Removing extra spaces and tabs */
             while(*p == ' ' || *p == '\t')
             {
                 p++;
             }
-
-
+           
+           
             /* Adding additional message to the saved buffer. */
             if(sizeof(buffer) - buffer_len > str_len +256)
             {
@@ -179,7 +179,7 @@ void *read_mssql_log(int pos, int *rc, int drop_it)
                  strncat(buffer, str, str_len +3);
             }
         }
-
+        
         continue;
     }
 
@@ -189,8 +189,8 @@ void *read_mssql_log(int pos, int *rc, int drop_it)
     {
         __send_mssql_msg(pos, drop_it, buffer);
     }
-
-    return(NULL);
+    
+    return(NULL); 
 }
 
 /* EOF */
diff --git a/src/logcollector/read_multiline.c b/src/logcollector/read_multiline.c
index 02d357e..d7070ad 100755
--- a/src/logcollector/read_multiline.c
+++ b/src/logcollector/read_multiline.c
@@ -46,11 +46,11 @@ void *read_multiline(int pos, int *rc, int drop_it)
         linesgot++;
 
         /* Getting the last occurence of \n */
-        if ((p = strrchr(str, '\n')) != NULL)
+        if ((p = strrchr(str, '\n')) != NULL) 
         {
             *p = '\0';
         }
-
+        
         /* If we didn't get the new line, because the
          * size is large, send what we got so far.
          */
@@ -65,17 +65,17 @@ void *read_multiline(int pos, int *rc, int drop_it)
             debug1("%s: Message not complete. Trying again: '%s'", ARGV0,str);
             fsetpos(logff[pos].fp, &fp_pos);
             break;
-        }
-
+        }    
+        
         #ifdef WIN32
         if ((p = strrchr(str, '\r')) != NULL)
         {
             *p = '\0';
         }
         #endif
-
+                      
         debug2("%s: DEBUG: Reading message: '%s'", ARGV0, str);
-
+        
 
         /* Adding to buffer. */
         buffer_size = strlen(buffer);
@@ -87,12 +87,12 @@ void *read_multiline(int pos, int *rc, int drop_it)
 
         strncpy(buffer + buffer_size, str, OS_MAXSTR - buffer_size -2);
 
-
+        
         if(linesgot < linecount)
         {
             continue;
         }
-
+                      
 
         /* Sending message to queue */
         if(drop_it == 0)
@@ -125,12 +125,12 @@ void *read_multiline(int pos, int *rc, int drop_it)
             }
             __ms = 0;
         }
-
+        
         fgetpos(logff[pos].fp, &fp_pos);
         continue;
     }
 
-    return(NULL);
+    return(NULL); 
 }
 
 /* EOF */
diff --git a/src/logcollector/read_mysql_log.c b/src/logcollector/read_mysql_log.c
index 7d76d56..bab58ee 100755
--- a/src/logcollector/read_mysql_log.c
+++ b/src/logcollector/read_mysql_log.c
@@ -41,13 +41,13 @@ void *read_mysql_log(int pos, int *rc, int drop_it)
     /* Getting new entry */
     while(fgets(str, OS_MAXSTR - OS_LOG_HEADER, logff[pos].fp) != NULL)
     {
-
+        
         /* Getting buffer size */
         str_len = strlen(str);
 
-
+        
         /* Getting the last occurence of \n */
-        if ((p = strrchr(str, '\n')) != NULL)
+        if ((p = strrchr(str, '\n')) != NULL) 
         {
             *p = '\0';
 
@@ -62,8 +62,8 @@ void *read_mysql_log(int pos, int *rc, int drop_it)
         {
             need_clear = 1;
         }
-
-
+        
+        
         #ifdef WIN32
         if ((p = strrchr(str, '\r')) != NULL)
         {
@@ -85,14 +85,14 @@ void *read_mysql_log(int pos, int *rc, int drop_it)
         }
         #endif
 
-
+       
         /* Mysql messages have the following format:
          * 070823 21:01:30 xx
          */
         if((str_len > 18) &&
-           (str[6] == ' ') &&
-           (str[9] == ':') &&
-           (str[12] == ':') &&
+           (str[6] == ' ') && 
+           (str[9] == ':') && 
+           (str[12] == ':') && 
            isdigit((int)str[0]) &&
            isdigit((int)str[1]) &&
            isdigit((int)str[2]) &&
@@ -106,21 +106,21 @@ void *read_mysql_log(int pos, int *rc, int drop_it)
             strncpy(__mysql_last_time, str, 16);
             __mysql_last_time[15] = '\0';
 
-
+            
             /* Removing spaces and tabs */
             p = str + 15;
             while(*p == ' ' || *p == '\t')
             {
                 p++;
             }
-
-
+                
+                
             /* Valid MySQL message */
-            snprintf(buffer, OS_MAXSTR, "MySQL log: %s %s",
+            snprintf(buffer, OS_MAXSTR, "MySQL log: %s %s", 
                                         __mysql_last_time, p);
         }
-
-
+        
+        
         /* Multiple events at the same second share the same
          * time stamp.
          * 0909 2020 2020 2020 20
@@ -143,20 +143,20 @@ void *read_mysql_log(int pos, int *rc, int drop_it)
             {
                 p++;
             }
-
-            /* Valid MySQL message */
-            snprintf(buffer, OS_MAXSTR, "MySQL log: %s %s",
-                                        __mysql_last_time, p);
+           
+            /* Valid MySQL message */ 
+            snprintf(buffer, OS_MAXSTR, "MySQL log: %s %s", 
+                                        __mysql_last_time, p);     
         }
         else
         {
             continue;
         }
-
-
+        
+        
         debug2("%s: DEBUG: Reading mysql messages: '%s'", ARGV0, buffer);
 
-
+        
         /* Sending message to queue */
         if(drop_it == 0)
         {
@@ -169,11 +169,11 @@ void *read_mysql_log(int pos, int *rc, int drop_it)
                 }
             }
         }
-
+        
         continue;
     }
 
-    return(NULL);
+    return(NULL); 
 }
 
 /* EOF */
diff --git a/src/logcollector/read_nmapg.c b/src/logcollector/read_nmapg.c
index c233488..eb7f1cc 100755
--- a/src/logcollector/read_nmapg.c
+++ b/src/logcollector/read_nmapg.c
@@ -28,7 +28,7 @@ static char *__get_port(char *str, char *proto, char *port, int msize);
 
 
 
-/* Get port and protocol.
+/* Get port and protocol. 
  */
 static char *__get_port(char *str, char *proto, char *port, int msize)
 {
@@ -42,7 +42,7 @@ static char *__get_port(char *str, char *proto, char *port, int msize)
         str++;
     }
 
-
+    
     /* Getting port */
     p = strchr(str, '/');
     if(!p)
@@ -50,13 +50,13 @@ static char *__get_port(char *str, char *proto, char *port, int msize)
     *p = '\0';
     p++;
 
-
+    
     /* Getting port */
     strncpy(port, str, msize);
     port[msize -1] = '\0';
 
-
-
+    
+    
     /* Checking if the port is open */
     q = __go_after(p, NMAPG_OPEN);
     if(!q)
@@ -70,14 +70,14 @@ static char *__get_port(char *str, char *proto, char *port, int msize)
         p = strchr(q, '/');
         if(!p)
             return(NULL);
-        p++;
+        p++;        
     }
     else
     {
         p = q;
     }
-
-
+    
+    
 
     /* Getting protocol */
     str = p;
@@ -89,16 +89,16 @@ static char *__get_port(char *str, char *proto, char *port, int msize)
     *p = '\0';
     p++;
 
-
+    
     strncpy(proto, str, msize);
     proto[msize -1] = '\0';
-
-
+    
+    
     /* Setting proto to null if port is not open */
     if(filtered)
-        proto[0] = '\0';
-
-
+        proto[0] = '\0';    
+    
+    
     /* Removing slashes */
     if(*p == '/')
     {
@@ -113,7 +113,7 @@ static char *__get_port(char *str, char *proto, char *port, int msize)
         return(q);
     }
 
-
+    
     return(NULL);
 }
 
@@ -128,7 +128,7 @@ static char *__go_after(char *x, char *y)
     /* X and Y must be not null */
     if(!x || !y)
         return(NULL);
-
+    
     x_s = strlen(x);
     y_s = strlen(y);
 
@@ -154,7 +154,7 @@ void *read_nmapg(int pos, int *rc, int drop_it)
 {
     int final_msg_s;
     int need_clear = 0;
-
+    
     char str[OS_MAXSTR + 1];
     char final_msg[OS_MAXSTR + 1];
     char buffer[OS_MAXSTR + 1];
@@ -164,7 +164,7 @@ void *read_nmapg(int pos, int *rc, int drop_it)
     char *ip = NULL;
     char *p;
     char *q;
-
+    
     *rc = 0;
     str[OS_MAXSTR] = '\0';
     final_msg[OS_MAXSTR] = '\0';
@@ -184,7 +184,7 @@ void *read_nmapg(int pos, int *rc, int drop_it)
             }
             continue;
         }
-
+            
         /* Removing \n at the end of the string */
         if ((q = strchr(str, '\n')) != NULL)
         {
@@ -195,22 +195,22 @@ void *read_nmapg(int pos, int *rc, int drop_it)
             need_clear = 1;
         }
 
-
+        
         /* Do not get commented lines */
         if((str[0] == '#') || (str[0] == '\0'))
         {
             continue;
         }
 
-
+        
         /* Getting host */
         q = __go_after(str, NMAPG_HOST);
         if(!q)
         {
             goto file_error;
         }
-
-
+        
+        
         /* Getting ip/hostname */
         p = strchr(q, ')');
         if(!p)
@@ -218,10 +218,10 @@ void *read_nmapg(int pos, int *rc, int drop_it)
             goto file_error;
         }
 
-
+        
         /* Setting the valid ip */
         ip = q;
-
+        
 
 
         /* Getting the ports */
@@ -236,8 +236,8 @@ void *read_nmapg(int pos, int *rc, int drop_it)
         /* Now fixing p, to have the closing parenthesis */
         p++;
         *p = '\0';
-
-
+        
+        
         /* q now should point to the ports */
         p = __go_after(q, NMAPG_PORT);
         if(!p)
@@ -257,7 +257,7 @@ void *read_nmapg(int pos, int *rc, int drop_it)
         snprintf(final_msg, OS_MAXSTR, "Host: %s, open ports:",
                             ip);
         final_msg_s = OS_MAXSTR - ((strlen(final_msg) +3));
-
+        
 
         /* Getting port and protocol */
         do
@@ -267,7 +267,7 @@ void *read_nmapg(int pos, int *rc, int drop_it)
             {
                 break;
             }
-
+            
             p = __get_port(p, proto, port, 9);
             if(!p)
             {
@@ -275,26 +275,26 @@ void *read_nmapg(int pos, int *rc, int drop_it)
                 break;
             }
 
-
+            
             /* Port not open */
             if(proto[0] == '\0')
             {
                 continue;
             }
 
-
+            
             /* Adding ports */
             snprintf(buffer, OS_MAXSTR, " %s(%s)", port, proto);
             strncat(final_msg, buffer, final_msg_s);
             final_msg_s-=(strlen(buffer) +2);
-
+            
         }while(*p == ',' && (p++));
-
+       
 
         if(drop_it == 0)
-        {
+        { 
             /* Sending message to queue */
-            if(SendMSG(logr_queue, final_msg, logff[pos].file,
+            if(SendMSG(logr_queue, final_msg, logff[pos].file, 
                         HOSTINFO_MQ) < 0)
             {
                 merror(QUEUE_SEND, ARGV0);
@@ -305,21 +305,21 @@ void *read_nmapg(int pos, int *rc, int drop_it)
             }
         }
 
-
+        
         /* Getting next */
         continue;
-
+        
 
         /* Handling errors */
         file_error:
-
+        
         merror("%s: Bad formated nmap grepable file.", ARGV0);
         *rc = -1;
         return(NULL);
-
+                
     }
 
-
+    
     return(NULL);
 }
 
diff --git a/src/logcollector/read_ossecalert.c b/src/logcollector/read_ossecalert.c
index 5b669dd..ade6ea9 100755
--- a/src/logcollector/read_ossecalert.c
+++ b/src/logcollector/read_ossecalert.c
@@ -25,7 +25,7 @@ void *read_ossecalert(int pos, int *rc, int drop_it)
     alert_data *al_data;
     char user_msg[256];
     char srcip_msg[256];
-
+    
     char syslog_msg[OS_SIZE_2048 +1];
 
     al_data = GetAlertData(0, logff[pos].fp);
@@ -40,7 +40,7 @@ void *read_ossecalert(int pos, int *rc, int drop_it)
 
 
     /* Adding source ip. */
-    if(!al_data->srcip ||
+    if(!al_data->srcip || 
        ((al_data->srcip[0] == '(') &&
         (al_data->srcip[1] == 'n') &&
         (al_data->srcip[2] == 'o')))
@@ -54,7 +54,7 @@ void *read_ossecalert(int pos, int *rc, int drop_it)
 
 
     /* Adding username. */
-    if(!al_data->user ||
+    if(!al_data->user || 
        ((al_data->user[0] == '(') &&
         (al_data->user[1] == 'n') &&
         (al_data->user[2] == 'o')))
@@ -74,7 +74,7 @@ void *read_ossecalert(int pos, int *rc, int drop_it)
           	"ossec: Alert Level: %d; Rule: %d - %s; "
                	"Location: %s;%s%s  %s",
                	al_data->level, al_data->rule, al_data->comment,
-               	al_data->location,
+               	al_data->location, 
                	srcip_msg,
                	user_msg,
                	al_data->log[0]);
@@ -83,7 +83,7 @@ void *read_ossecalert(int pos, int *rc, int drop_it)
     {
         char *tmp_msg = NULL;
         short int j = 0;
-
+        
         while(al_data->log[j] != NULL)
         {
             tmp_msg = os_LoadString(tmp_msg, al_data->log[j]);
@@ -101,12 +101,12 @@ void *read_ossecalert(int pos, int *rc, int drop_it)
             tmp_msg[1595] = '.';
             tmp_msg[1596] = '.';
             tmp_msg[1597] = '\0';
-        }
+        } 
         snprintf(syslog_msg, OS_SIZE_2048,
           	"ossec: Alert Level: %d; Rule: %d - %s; "
                	"Location: %s;%s%s  %s",
                	al_data->level, al_data->rule, al_data->comment,
-               	al_data->location,
+               	al_data->location, 
                	srcip_msg,
                	user_msg,
                	tmp_msg);
@@ -117,7 +117,7 @@ void *read_ossecalert(int pos, int *rc, int drop_it)
     FreeAlertData(al_data);
 
 
-
+        
     /* Sending message to queue */
     if(drop_it == 0)
     {
@@ -131,7 +131,7 @@ void *read_ossecalert(int pos, int *rc, int drop_it)
         }
     }
 
-    return(NULL);
+    return(NULL); 
 }
 
 
diff --git a/src/logcollector/read_postgresql_log.c b/src/logcollector/read_postgresql_log.c
index ba29919..5e88395 100755
--- a/src/logcollector/read_postgresql_log.c
+++ b/src/logcollector/read_postgresql_log.c
@@ -21,7 +21,7 @@
 
 
 
-/* Send pgsql message and check the return code.
+/* Send pgsql message and check the return code. 
  */
 void __send_pgsql_msg(int pos, int drop_it, char *buffer)
 {
@@ -53,7 +53,7 @@ void *read_postgresql_log(int pos, int *rc, int drop_it)
 
     /* Zeroing buffer and str */
     buffer[0] = '\0';
-    buffer[OS_MAXSTR] = '\0';
+    buffer[OS_MAXSTR] = '\0';    
     str[OS_MAXSTR]= '\0';
     *rc = 0;
 
@@ -61,20 +61,20 @@ void *read_postgresql_log(int pos, int *rc, int drop_it)
     /* Getting new entry */
     while(fgets(str, OS_MAXSTR - OS_LOG_HEADER, logff[pos].fp) != NULL)
     {
-
+        
         /* Getting buffer size */
         str_len = strlen(str);
 
-
+        
         /* Checking str_len size. Very useless, but just to make sure.. */
         if(str_len >= sizeof(buffer) -2)
         {
             str_len = sizeof(buffer) -10;
         }
 
-
+        
         /* Getting the last occurence of \n */
-        if ((p = strrchr(str, '\n')) != NULL)
+        if ((p = strrchr(str, '\n')) != NULL) 
         {
             *p = '\0';
 
@@ -89,8 +89,8 @@ void *read_postgresql_log(int pos, int *rc, int drop_it)
         {
             need_clear = 1;
         }
-
-
+        
+        
         #ifdef WIN32
         if ((p = strrchr(str, '\r')) != NULL)
         {
@@ -112,22 +112,22 @@ void *read_postgresql_log(int pos, int *rc, int drop_it)
         }
         #endif
 
-
+       
 
         /* PostgreSQL messages have the following format:
          * [2007-08-31 19:17:32.186 ADT] 192.168.2.99:db_name
          */
         if((str_len > 32) &&
-           (str[0] == '[') &&
-           (str[5] == '-') &&
-           (str[8] == '-') &&
-           (str[11] == ' ') &&
-           (str[14] == ':') &&
-           (str[17] == ':') &&
+           (str[0] == '[') && 
+           (str[5] == '-') && 
+           (str[8] == '-') && 
+           (str[11] == ' ') && 
+           (str[14] == ':') && 
+           (str[17] == ':') && 
            isdigit((int)str[1]) &&
            isdigit((int)str[12]))
         {
-
+            
             /* If the saved message is empty, set it and continue. */
             if(buffer[0] == '\0')
             {
@@ -145,8 +145,8 @@ void *read_postgresql_log(int pos, int *rc, int drop_it)
                 strncpy(buffer, str, str_len + 2);
             }
         }
-
-
+        
+        
         /* Query logs can be in multiple lines.
          * They always start with a tab in the additional ones.
          */
@@ -155,16 +155,16 @@ void *read_postgresql_log(int pos, int *rc, int drop_it)
         {
             /* Size of the buffer */
             int buffer_len = strlen(buffer);
-
+            
             p = str +1;
-
+            
             /* Removing extra spaces and tabs */
             while(*p == ' ' || *p == '\t')
             {
                 p++;
             }
-
-
+           
+           
             /* Adding additional message to the saved buffer. */
             if(sizeof(buffer) - buffer_len > str_len +256)
             {
@@ -177,7 +177,7 @@ void *read_postgresql_log(int pos, int *rc, int drop_it)
                  strncat(buffer, str, str_len +3);
             }
         }
-
+        
         continue;
     }
 
@@ -187,8 +187,8 @@ void *read_postgresql_log(int pos, int *rc, int drop_it)
     {
         __send_pgsql_msg(pos, drop_it, buffer);
     }
-
-    return(NULL);
+    
+    return(NULL); 
 }
 
 /* EOF */
diff --git a/src/logcollector/read_snortfull.c b/src/logcollector/read_snortfull.c
index cbb3edc..9c497c5 100755
--- a/src/logcollector/read_snortfull.c
+++ b/src/logcollector/read_snortfull.c
@@ -23,15 +23,15 @@
 void *read_snortfull(int pos, int *rc, int drop_it)
 {
     int f_msg_size = OS_MAXSTR;
-
+    
     char *one = "one";
     char *two = "two";
-
+    
     char *p = NULL;
     char *q;
     char str[OS_MAXSTR + 1];
     char f_msg[OS_MAXSTR +1];
-
+    
     *rc = 0;
     str[OS_MAXSTR]='\0';
     f_msg[OS_MAXSTR] = '\0';
@@ -76,7 +76,7 @@ void *read_snortfull(int pos, int *rc, int drop_it)
                     f_msg_size -= strlen(str)+1;
                     p = two;
                 }
-
+                
                 /* If it is a preprocessor message, it will not have
                  * the classification.
                  */
@@ -85,10 +85,10 @@ void *read_snortfull(int pos, int *rc, int drop_it)
                     strncat(f_msg, "[Classification: Preprocessor] "
                                    "[Priority: 3] ", f_msg_size);
                     strncat(f_msg, ++q, f_msg_size -40);
-
+                    
                     /* Cleaning for next event */
                     p = NULL;
-
+                    
                     /* Sending the message */
                     if(drop_it == 0)
                     {
@@ -134,7 +134,7 @@ void *read_snortfull(int pos, int *rc, int drop_it)
                             }
                         }
                     }
-
+                    
                     f_msg[0] = '\0';
                     f_msg_size = OS_MAXSTR;
                     str[0] = '\0';
diff --git a/src/logcollector/read_syslog.c b/src/logcollector/read_syslog.c
index 0d3024a..84c804b 100755
--- a/src/logcollector/read_syslog.c
+++ b/src/logcollector/read_syslog.c
@@ -40,11 +40,11 @@ void *read_syslog(int pos, int *rc, int drop_it)
     while(fgets(str, OS_MAXSTR - OS_LOG_HEADER, logff[pos].fp) != NULL)
     {
         /* Getting the last occurence of \n */
-        if ((p = strrchr(str, '\n')) != NULL)
+        if ((p = strrchr(str, '\n')) != NULL) 
         {
             *p = '\0';
         }
-
+        
         /* If we didn't get the new line, because the
          * size is large, send what we got so far.
          */
@@ -59,8 +59,8 @@ void *read_syslog(int pos, int *rc, int drop_it)
             debug1("%s: Message not complete. Trying again: '%s'", ARGV0,str);
             fsetpos(logff[pos].fp, &fp_pos);
             break;
-        }
-
+        }    
+        
         #ifdef WIN32
         if ((p = strrchr(str, '\r')) != NULL)
         {
@@ -81,10 +81,10 @@ void *read_syslog(int pos, int *rc, int drop_it)
             continue;
         }
         #endif
-
+                      
         debug2("%s: DEBUG: Reading syslog message: '%s'", ARGV0, str);
 
-
+        
         /* Sending message to queue */
         if(drop_it == 0)
         {
@@ -103,7 +103,7 @@ void *read_syslog(int pos, int *rc, int drop_it)
         if(__ms)
         {
             // strlen(str) >= (OS_MAXSTR - OS_LOG_HEADER - 2)
-            // truncate str before logging to ossec.log
+            // truncate str before logging to ossec.log 
 #define OUTSIZE 4096
             char buf[OUTSIZE + 1];
             buf[OUTSIZE] = '\0';
@@ -119,12 +119,12 @@ void *read_syslog(int pos, int *rc, int drop_it)
             }
             __ms = 0;
         }
-
+        
         fgetpos(logff[pos].fp, &fp_pos);
         continue;
     }
 
-    return(NULL);
+    return(NULL); 
 }
 
 /* EOF */
diff --git a/src/logcollector/read_win_el.c b/src/logcollector/read_win_el.c
index 8442f0e..3655825 100755
--- a/src/logcollector/read_win_el.c
+++ b/src/logcollector/read_win_el.c
@@ -10,9 +10,9 @@
  * Foundation
  */
 
-
+       
 #include "shared.h"
-#include "logcollector.h"
+#include "logcollector.h"       
 
 
 /* This is only for windows */
@@ -47,18 +47,18 @@ void *dll_hash = NULL;
 
 
 /** int startEL(char *app, os_el *el)
- * Starts the event logging for each el
+ * Starts the event logging for each el 
  */
 int startEL(char *app, os_el *el)
 {
     DWORD NumberOfRecords = 0;
-
+    
     /* Opening the event log */
     el->h = OpenEventLog(NULL, app);
     if(!el->h)
     {
         merror(EVTLOG_OPEN, ARGV0, app);
-        return(-1);	
+        return(-1);	    
     }
 
     el->name = app;
@@ -78,18 +78,18 @@ int startEL(char *app, os_el *el)
         el->h = NULL;
         return(-1);
     }
-
+    
     if(NumberOfRecords <= 0)
     {
         return(0);
     }
-
+    
     return((int)NumberOfRecords);
 }
 
 
 
-/** char *el_getCategory(int category_id)
+/** char *el_getCategory(int category_id) 
  * Returns a string related to the category id of the log.
  */
 char *el_getCategory(int category_id)
@@ -124,7 +124,7 @@ char *el_getCategory(int category_id)
 /** char *el_getEventDLL(char *evt_name, char *source, char *event)
  * Returns the event.
  */
-char *el_getEventDLL(char *evt_name, char *source, char *event)
+char *el_getEventDLL(char *evt_name, char *source, char *event) 
 {
     char *ret_str;
     HKEY key;
@@ -134,9 +134,9 @@ char *el_getEventDLL(char *evt_name, char *source, char *event)
 
     keyname[511] = '\0';
 
-    snprintf(keyname, 510,
-            "System\\CurrentControlSet\\Services\\EventLog\\%s\\%s",
-            evt_name,
+    snprintf(keyname, 510, 
+            "System\\CurrentControlSet\\Services\\EventLog\\%s\\%s", 
+            evt_name, 
             source);
 
 
@@ -148,16 +148,16 @@ char *el_getEventDLL(char *evt_name, char *source, char *event)
     }
 
 
-    /* Opening registry */	
-    if(RegOpenKeyEx(HKEY_LOCAL_MACHINE, keyname, 0,
+    /* Opening registry */	    
+    if(RegOpenKeyEx(HKEY_LOCAL_MACHINE, keyname, 0, 
                     KEY_ALL_ACCESS, &key) != ERROR_SUCCESS)
     {
-        return(NULL);
+        return(NULL);    
     }
 
 
     ret = MAX_PATH -1;	
-    if (RegQueryValueEx(key, "EventMessageFile", NULL,
+    if (RegQueryValueEx(key, "EventMessageFile", NULL, 
                 NULL, (LPBYTE)event, &ret) != ERROR_SUCCESS)
     {
         event[0] = '\0';	
@@ -172,24 +172,24 @@ char *el_getEventDLL(char *evt_name, char *source, char *event)
 
         skey = strdup(keyname + 42);
         sval = strdup(event);
-
+        
         if(skey && sval)
         {
-            OSHash_Add(dll_hash, skey, sval);
+            OSHash_Add(dll_hash, skey, sval); 
         }
         else
         {
             merror(MEM_ERROR, ARGV0);
         }
     }
-
+    
     RegCloseKey(key);
     return(event);
 }
 
 
 
-/** char *el_vista_getmessage()
+/** char *el_vista_getmessage() 
  * Returns a descriptive message of the event - Vista only.
  */
 char *el_vista_getMessage(int evt_id_int, LPTSTR *el_sstring)
@@ -209,15 +209,15 @@ char *el_vista_getMessage(int evt_id_int, LPTSTR *el_sstring)
     /* Getting descriptive message. */
     evt_id[15] = '\0';
     snprintf(evt_id, 15, "%d", evt_id_int);
-
+    
     desc_string = OSHash_Get(vista_sec_id_hash, evt_id);
     if(!desc_string)
     {
         return(NULL);
     }
+    
 
-
-    if(!FormatMessage(fm_flags, desc_string, 0, 0,
+    if(!FormatMessage(fm_flags, desc_string, 0, 0, 
                       (LPTSTR) &message, 0, el_sstring))
     {
         return(NULL);
@@ -228,11 +228,11 @@ char *el_vista_getMessage(int evt_id_int, LPTSTR *el_sstring)
 
 
 
-/** char *el_getmessage()
+/** char *el_getmessage() 
  * Returns a descriptive message of the event.
  */
-char *el_getMessage(EVENTLOGRECORD *er,  char *name,
-		    char * source, LPTSTR *el_sstring)
+char *el_getMessage(EVENTLOGRECORD *er,  char *name, 
+		    char * source, LPTSTR *el_sstring) 
 {
     DWORD fm_flags = 0;
     char tmp_str[257];
@@ -258,12 +258,12 @@ char *el_getMessage(EVENTLOGRECORD *er,  char *name,
     /* Get the file name from the registry (stored on event) */
     if(!(curr_str = el_getEventDLL(name, source, event)))
     {
-        return(NULL);	
-    }	
+        return(NULL);	    
+    }	    
 
 
 
-    /* If our event has multiple libraries, try each one of them */
+    /* If our event has multiple libraries, try each one of them */ 
     while((next_str = strchr(curr_str, ';')))
     {
         *next_str = '\0';
@@ -272,10 +272,10 @@ char *el_getMessage(EVENTLOGRECORD *er,  char *name,
 
         /* Reverting back old value. */
         *next_str = ';';
-
+        
 
         /* Loading library. */
-        hevt = LoadLibraryEx(tmp_str, NULL,
+        hevt = LoadLibraryEx(tmp_str, NULL, 
                              DONT_RESOLVE_DLL_REFERENCES |
                              LOAD_LIBRARY_AS_DATAFILE);
         if(hevt)
@@ -283,7 +283,7 @@ char *el_getMessage(EVENTLOGRECORD *er,  char *name,
             if(!FormatMessage(fm_flags, hevt, er->EventID, 0,
                               (LPTSTR) &message, 0, el_sstring))
             {
-                message = NULL;		
+                message = NULL;		  
             }
             FreeLibrary(hevt);
 
@@ -296,20 +296,20 @@ char *el_getMessage(EVENTLOGRECORD *er,  char *name,
         curr_str = next_str +1;
     }
 
-
+    
     /* Getting last value. */
     ExpandEnvironmentStrings(curr_str, tmp_str, 255);
-    hevt = LoadLibraryEx(tmp_str, NULL,
+    hevt = LoadLibraryEx(tmp_str, NULL, 
                          DONT_RESOLVE_DLL_REFERENCES |
                          LOAD_LIBRARY_AS_DATAFILE);
     if(hevt)
     {
-        int hr;
-        if(!(hr = FormatMessage(fm_flags, hevt, er->EventID,
+        int hr;    
+        if(!(hr = FormatMessage(fm_flags, hevt, er->EventID, 
                         0,
                         (LPTSTR) &message, 0, el_sstring)))
         {
-            message = NULL;		
+            message = NULL;		  
         }
         FreeLibrary(hevt);
 
@@ -325,7 +325,7 @@ char *el_getMessage(EVENTLOGRECORD *er,  char *name,
 
 /** void readel(os_el *el)
  * Reads the event log.
- */
+ */ 
 void readel(os_el *el, int printit)
 {
     DWORD _evtid = 65535;
@@ -353,7 +353,7 @@ void readel(os_el *el, int printit)
     LPSTR el_sstring[OS_FLSIZE +1];
 
     /* Er must point to the mbuffer */
-    el->er = (EVENTLOGRECORD *) &mbuffer;
+    el->er = (EVENTLOGRECORD *) &mbuffer; 
 
     /* Zeroing the values */
     el_string[OS_MAXSTR] = '\0';
@@ -370,8 +370,8 @@ void readel(os_el *el, int printit)
         return;
     }
 
-    /* Reading the event log */	
-    while(ReadEventLog(el->h,
+    /* Reading the event log */	    
+    while(ReadEventLog(el->h, 
                 EVENTLOG_FORWARDS_READ | EVENTLOG_SEQUENTIAL_READ,
                 0,
                 el->er, BUFFER_SIZE -1, &read, &needed))
@@ -383,7 +383,7 @@ void readel(os_el *el, int printit)
             continue;
         }
 
-
+        
         while(read > 0)
         {
 
@@ -396,7 +396,7 @@ void readel(os_el *el, int printit)
 
             /* Getting event id. */
             id = (int)el->er->EventID & _evtid;
-
+                            
 
 
             /* Initialing domain/user size */
@@ -431,7 +431,7 @@ void readel(os_el *el, int printit)
                     else
                     {
                         merror("%s: Invalid application string (size+)",
-                               ARGV0);
+                               ARGV0); 
                     }
                     size_left-=str_size + 2;
 
@@ -445,7 +445,7 @@ void readel(os_el *el, int printit)
                     if(sstr)
                         sstr++;
                     else
-                        break;
+                        break;     
                 }
 
                 /* Get a more descriptive message (if available) */
@@ -456,12 +456,12 @@ void readel(os_el *el, int printit)
 
                 else
                 {
-                    descriptive_msg = el_getMessage(el->er,
-                                                    el->name,
-                                                    source,
+                    descriptive_msg = el_getMessage(el->er, 
+                                                    el->name, 
+                                                    source, 
                                                     el_sstring);
                 }
-
+                
                 if(descriptive_msg != NULL)
                 {
                     /* Remove any \n or \r */
@@ -469,7 +469,7 @@ void readel(os_el *el, int printit)
                      * So whenever we have option:\tvalue\t, it will
                      * become option: value\t
                      */
-                    tmp_str = descriptive_msg;
+                    tmp_str = descriptive_msg;    
                     while(*tmp_str != '\0')
                     {
                         if(*tmp_str == '\n')
@@ -481,7 +481,7 @@ void readel(os_el *el, int printit)
                             tmp_str[1] = ' ';
                             tmp_str++;
                         }
-
+                                    
                         tmp_str++;
                     }
                 }
@@ -496,13 +496,13 @@ void readel(os_el *el, int printit)
             if(el->er->UserSidLength)
             {
                 SID_NAME_USE account_type;
-                if(!LookupAccountSid(NULL,
-                                    (SID *)((LPSTR)el->er +
+                if(!LookupAccountSid(NULL, 
+                                    (SID *)((LPSTR)el->er + 
                                     el->er->UserSidOffset),
-                                    el_user,
-                                    &user_size,
-                                    el_domain,
-                                    &domain_size,
+                                    el_user, 
+                                    &user_size, 
+                                    el_domain, 
+                                    &domain_size, 
                                     &account_type))		
                 {
                     strncpy(el_user, "(no user)", 255);
@@ -522,16 +522,16 @@ void readel(os_el *el, int printit)
                         break;
                     case 4634:
                         uid_array_id = 1;
-                        break;
+                        break;    
                     case 4647:
                         uid_array_id = 1;
-                        break;
+                        break;    
                     case 4769:
                         uid_array_id = 0;
                         break;
                 }
 
-                if((uid_array_id >= 0) &&
+                if((uid_array_id >= 0) && 
                    el_sstring[uid_array_id] &&
                    el_sstring[uid_array_id +1])
                 {
@@ -544,7 +544,7 @@ void readel(os_el *el, int printit)
                     strncpy(el_domain, "no domain", 255);
                 }
             }
-
+            
             else
             {
                 strncpy(el_user, "(no user)", 255);	
@@ -555,22 +555,22 @@ void readel(os_el *el, int printit)
             if(printit)
             {
                 DWORD _evtid = 65535;
-                int id = (int)el->er->EventID & _evtid;
-
-                final_msg[OS_MAXSTR - OS_LOG_HEADER] = '\0';
-                final_msg[OS_MAXSTR - OS_LOG_HEADER -1] = '\0';
-
-                snprintf(final_msg, OS_MAXSTR - OS_LOG_HEADER -1,
-                        "WinEvtLog: %s: %s(%d): %s: %s: %s: %s: %s",
+                int id = (int)el->er->EventID & _evtid; 
+               
+                final_msg[OS_MAXSTR - OS_LOG_HEADER] = '\0'; 
+                final_msg[OS_MAXSTR - OS_LOG_HEADER -1] = '\0'; 
+                
+                snprintf(final_msg, OS_MAXSTR - OS_LOG_HEADER -1, 
+                        "WinEvtLog: %s: %s(%d): %s: %s: %s: %s: %s", 
                         el->name,
-                        category,
+                        category, 
                         id,
                         source,
                         el_user,
                         el_domain,
                         computer_name,
                         descriptive_msg != NULL?descriptive_msg:el_string);	
-
+                
                 if(SendMSG(logr_queue, final_msg, "WinEvtLog",
                             LOCALFILE_MQ) < 0)
                 {
@@ -606,7 +606,7 @@ void readel(os_el *el, int printit)
         char msg_alert[512 +1];
         msg_alert[512] = '\0';
         merror("%s: WARN: Event log cleared: '%s'", ARGV0, el->name);
-
+        
 
         /* Send message about cleared */
         snprintf(msg_alert, 512, "ossec: Event log cleared: '%s'", el->name);
@@ -620,7 +620,7 @@ void readel(os_el *el, int printit)
         /* Reopening. */
         if(startEL(el->name, el) < 0)
         {
-            merror("%s: ERROR: Unable to reopen event log '%s'",
+            merror("%s: ERROR: Unable to reopen event log '%s'", 
                    ARGV0, el->name);
         }
     }
@@ -661,13 +661,13 @@ void win_read_vista_sec()
         exit(1);
     }
 
-
+    
     /* Reading the whole file and adding to memory. */
     while(fgets(buf, OS_MAXSTR, fp) != NULL)
     {
         char *key;
         char *desc;
-
+        
         /* Getting the last occurence of \n */
         if ((p = strrchr(buf, '\n')) != NULL)
         {
@@ -689,7 +689,7 @@ void win_read_vista_sec()
         while(*p == ' ')
             p++;
 
-
+        
         /* Allocating memory. */
         desc = strdup(p);
         key = strdup(buf);
@@ -699,9 +699,9 @@ void win_read_vista_sec()
                    "description.", ARGV0);
             continue;
         }
-
-
-        /* Inserting on hash. */
+        
+        
+        /* Inserting on hash. */    
         OSHash_Add(vista_sec_id_hash, key, desc);
     }
 
@@ -715,7 +715,7 @@ void win_read_vista_sec()
 void win_startel(char *evt_log)
 {
     int entries_count = 0;
-
+    
     /* Maximum size */
     if(el_last == 9)
     {
@@ -735,7 +735,7 @@ void win_startel(char *evt_log)
         }
     }
 
-
+    
     /* Starting event log -- going to last available record */
     if((entries_count = startEL(evt_log, &el[el_last])) < 0)
     {
@@ -750,16 +750,16 @@ void win_startel(char *evt_log)
 }
 
 
-/** void win_readel()
+/** void win_readel() 
  * Reads the event logging for windows
  */
 void win_readel()
 {
     int i = 0;
-
+    
     /* Sleep plus 2 seconds before reading again */
     Sleep(2000);
-
+    
     for(;i<el_last;i++)
         readel(&el[i],1);
 }
diff --git a/src/monitord/._Makefile b/src/monitord/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/monitord/._Makefile differ
diff --git a/src/monitord/._compress_log.c b/src/monitord/._compress_log.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/monitord/._compress_log.c differ
diff --git a/src/monitord/._generate_reports.c b/src/monitord/._generate_reports.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/monitord/._generate_reports.c differ
diff --git a/src/monitord/._main.c b/src/monitord/._main.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/monitord/._main.c differ
diff --git a/src/monitord/._manage_files.c b/src/monitord/._manage_files.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/monitord/._manage_files.c differ
diff --git a/src/monitord/._monitor_agents.c b/src/monitord/._monitor_agents.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/monitord/._monitor_agents.c differ
diff --git a/src/monitord/._monitord.c b/src/monitord/._monitord.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/monitord/._monitord.c differ
diff --git a/src/monitord/._monitord.h b/src/monitord/._monitord.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/monitord/._monitord.h differ
diff --git a/src/monitord/._report.c b/src/monitord/._report.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/monitord/._report.c differ
diff --git a/src/monitord/._sign_log.c b/src/monitord/._sign_log.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/monitord/._sign_log.c differ
diff --git a/src/monitord/compress_log.c b/src/monitord/compress_log.c
index 5ebfc68..89cd368 100755
--- a/src/monitord/compress_log.c
+++ b/src/monitord/compress_log.c
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
@@ -20,18 +20,18 @@ void OS_CompressLog(char *logfile)
 {
     FILE *log;
     gzFile *zlog;
-
+    
     char logfileGZ[OS_FLSIZE + 1];
     int len, err;
-
+    
     char buf[OS_MAXSTR + 1];
-
+    
 
     /* Do not compress */
     if(mond.compress == 0)
         return;
-
-
+        
+        
     /* Clearing the memory */
     memset(logfileGZ,'\0',OS_FLSIZE +1);
     memset(buf, '\0', OS_MAXSTR + 1);
@@ -52,7 +52,7 @@ void OS_CompressLog(char *logfile)
         /* Do not warn in here, since the alert file may not exist. */
         return;
     }
-
+    
     /* Opening compressed file */
     zlog = gzopen(logfileGZ, "w");
     if(!zlog)
@@ -61,7 +61,7 @@ void OS_CompressLog(char *logfile)
         merror(FOPEN_ERROR, ARGV0, logfileGZ);
         return;
     }
-
+    
     for(;;)
     {
         len = fread(buf, 1, OS_MAXSTR, log);
@@ -80,6 +80,6 @@ void OS_CompressLog(char *logfile)
 
     return;
 }
-	
+	  
 
 /* EOF */
diff --git a/src/monitord/generate_reports.c b/src/monitord/generate_reports.c
index 9b5f418..b858b15 100755
--- a/src/monitord/generate_reports.c
+++ b/src/monitord/generate_reports.c
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
@@ -82,7 +82,7 @@ void generate_reports(int cday, int cmon, int cyear,struct tm *p)
                 {
                     merror("%s: INFO: Report '%s' empty.", ARGV0, mond.reports[s]->title);
                 }
-                else if(OS_SendCustomEmail(mond.reports[s]->emailto, mond.reports[s]->title,
+                else if(OS_SendCustomEmail(mond.reports[s]->emailto, mond.reports[s]->title, 
                         mond.smtpserver, mond.emailfrom, mond.reports[s]->r_filter.fp, p) != 0)
                 {
                     merror("%s: WARN: Unable to send report email.", ARGV0);
diff --git a/src/monitord/main.c b/src/monitord/main.c
index a4329cd..61229d6 100755
--- a/src/monitord/main.c
+++ b/src/monitord/main.c
@@ -31,7 +31,7 @@ int main(int argc, char **argv)
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
+        
 
     while((c = getopt(argc, argv, "Vdhtfu:g:D:c:")) != -1){
         switch(c){
@@ -61,14 +61,13 @@ int main(int argc, char **argv)
                 if(!optarg)
                     ErrorExit("%s: -D needs an argument",ARGV0);
                 dir=optarg;
-                break;
             case 'c':
                 if(!optarg)
                     ErrorExit("%s: -c needs an argument",ARGV0);
                 cfg = optarg;
                 break;
             case 't':
-                test_config = 1;
+                test_config = 1;    
                 break;
             default:
                 help(ARGV0);
@@ -156,20 +155,20 @@ int main(int argc, char **argv)
     if(test_config)
         exit(0);
 
-
-    if (!run_foreground)
+        
+    if (!run_foreground) 
     {
         /* Going on daemon mode */
         nowDaemon();
         goDaemon();
     }
 
-
+    
     /* Privilege separation */	
     if(Privsep_SetGroup(gid) < 0)
         ErrorExit(SETGID_ERROR,ARGV0,group);
 
-
+    
     /* chrooting */
     if(Privsep_Chroot(dir) < 0)
         ErrorExit(CHROOT_ERROR,ARGV0,dir);
@@ -177,8 +176,8 @@ int main(int argc, char **argv)
     nowChroot();
 
 
-
-    /* Changing user */
+    
+    /* Changing user */        
     if(Privsep_SetUser(uid) < 0)
         ErrorExit(SETUID_ERROR,ARGV0,user);
 
@@ -190,16 +189,16 @@ int main(int argc, char **argv)
     /* Signal manipulation */
     StartSIG(ARGV0);
 
-
+    
 
     /* Creating PID files */
     if(CreatePID(ARGV0, getpid()) < 0)
         ErrorExit(PID_ERROR,ARGV0);
 
-
+    
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, (int)getpid());
-
+    
 
     /* the real daemon now */	
     Monitord();
diff --git a/src/monitord/manage_files.c b/src/monitord/manage_files.c
index 3a33475..283e91b 100755
--- a/src/monitord/manage_files.c
+++ b/src/monitord/manage_files.c
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
@@ -28,13 +28,13 @@ void manage_files(int cday, int cmon, int cyear)
     #ifndef SOLARIS
     struct tm p_old;
     #endif
-
+            
     char elogfile[OS_FLSIZE +1];
     char elogfile_old[OS_FLSIZE +1];
-
+    
     char alogfile[OS_FLSIZE +1];
     char alogfile_old[OS_FLSIZE +1];
-
+    
     char flogfile[OS_FLSIZE +1];
     char flogfile_old[OS_FLSIZE +1];
 
@@ -47,7 +47,7 @@ void manage_files(int cday, int cmon, int cyear)
     #else
     pp_old = localtime(&tm_old);
     #endif
-
+    
 
     memset(elogfile, '\0', OS_FLSIZE +1);
     memset(elogfile_old, '\0', OS_FLSIZE +1);
@@ -61,7 +61,7 @@ void manage_files(int cday, int cmon, int cyear)
      * before compressing the file.
      */
     sleep(mond.day_wait);
-
+    
 
     /* Event logfile */
     snprintf(elogfile, OS_FLSIZE, "%s/%d/%s/ossec-%s-%02d.log",
@@ -89,7 +89,7 @@ void manage_files(int cday, int cmon, int cyear)
             months[cmon],
             "alerts",
             cday);
-    /* alert logfile old  */
+    /* alert logfile old  */ 
     snprintf(alogfile_old, OS_FLSIZE, "%s/%d/%s/ossec-%s-%02d.log",
             ALERTS,
             pp_old->tm_year+1900,
diff --git a/src/monitord/monitor_agents.c b/src/monitord/monitor_agents.c
index fbaac58..46cef6d 100755
--- a/src/monitord/monitor_agents.c
+++ b/src/monitord/monitor_agents.c
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
@@ -40,7 +40,7 @@ void monitor_agents()
     {
         int available = 0;
         char **tmp_av;
-
+        
         tmp_av = av_agents;
         while(tmp_av && *tmp_av)
         {
@@ -56,7 +56,7 @@ void monitor_agents()
         if(available == 0)
         {
             char str[OS_SIZE_1024 +1];
-
+            
             /* Sending disconnected message */
             snprintf(str, OS_SIZE_1024 -1, OS_AG_DISCON, *cr_agents);
             if(SendMSG(mond.a_queue, str, ARGV0,
@@ -65,7 +65,7 @@ void monitor_agents()
                 merror(QUEUE_SEND, ARGV0);
             }
         }
-
+        
         cr_agents++;
     }
 
diff --git a/src/monitord/monitord.c b/src/monitord/monitord.c
index 8ae5c93..988ea24 100755
--- a/src/monitord/monitord.c
+++ b/src/monitord/monitord.c
@@ -19,10 +19,10 @@
 /* Real monitord global */
 void Monitord()
 {
-    time_t tm;
-    struct tm *p;
+    time_t tm;     
+    struct tm *p;       
 
-    int today = 0;		
+    int today = 0;		        
     int thismonth = 0;
     int thisyear = 0;
 
@@ -32,18 +32,18 @@ void Monitord()
     sleep(10);
 
     memset(str, '\0', OS_SIZE_1024 +1);
-
-
+    
+    
     /* Getting currently time before starting */
     tm = time(NULL);
     p = localtime(&tm);	
-
+    
     today = p->tm_mday;
     thismonth = p->tm_mon;
     thisyear = p->tm_year+1900;
+                
 
-
-
+    
     /* Connecting to the message queue
      * Exit if it fails.
      */
@@ -61,7 +61,7 @@ void Monitord()
         merror(QUEUE_SEND, ARGV0);
     }
 
-
+    
     /* Main monitor loop */
     while(1)
     {
@@ -74,7 +74,7 @@ void Monitord()
         {
             monitor_agents();
         }
-
+        
         /* Day changed, deal with log files */
         if(today != p->tm_mday)
         {
diff --git a/src/monitord/report.c b/src/monitord/report.c
index 5d7547a..e6fb92a 100755
--- a/src/monitord/report.c
+++ b/src/monitord/report.c
@@ -57,7 +57,7 @@ int main(int argc, char **argv)
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
+        
     r_filter.group = NULL;
     r_filter.rule = NULL;
     r_filter.level = NULL;
@@ -74,7 +74,7 @@ int main(int argc, char **argv)
     r_filter.related_srcip = 0;
     r_filter.related_user = 0;
     r_filter.related_file = 0;
-
+    
     r_filter.report_name = NULL;
 
     while((c = getopt(argc, argv, "Vdhstu:g:D:c:f:v:n:r:")) != -1)
@@ -96,8 +96,8 @@ int main(int argc, char **argv)
                 break;
             case 'r':
                 if(!optarg || !argv[optind])
-                    ErrorExit("%s: -r needs two argument",ARGV0);
-                related_of = optarg;
+                    ErrorExit("%s: -r needs two argument",ARGV0);        
+                related_of = optarg;    
                 related_values = argv[optind];
 
                 if(os_report_configfilter(related_of, related_values,
@@ -113,7 +113,7 @@ int main(int argc, char **argv)
                 filter_by = optarg;
                 filter_value = argv[optind];
 
-                if(os_report_configfilter(filter_by, filter_value,
+                if(os_report_configfilter(filter_by, filter_value, 
                                           &r_filter, REPORT_FILTER) < 0)
                 {
                     ErrorExit(CONFIG_ERROR, ARGV0, "user argument");
@@ -134,14 +134,13 @@ int main(int argc, char **argv)
                 if(!optarg)
                     ErrorExit("%s: -D needs an argument",ARGV0);
                 dir=optarg;
-                break;
             case 'c':
                 if(!optarg)
                     ErrorExit("%s: -c needs an argument",ARGV0);
                 cfg = optarg;
                 break;
             case 't':
-                test_config = 1;
+                test_config = 1;    
                 break;
             case 's':
                 r_filter.show_alerts = 1;
@@ -162,18 +161,18 @@ int main(int argc, char **argv)
     if((uid < 0)||(gid < 0))
         ErrorExit(USER_ERROR,ARGV0,user,group);
 
-
+    
 
     /* Exit here if test config is set */
     if(test_config)
         exit(0);
 
-
+        
     /* Privilege separation */	
     if(Privsep_SetGroup(gid) < 0)
         ErrorExit(SETGID_ERROR,ARGV0,group);
 
-
+    
     /* chrooting */
     if(Privsep_Chroot(dir) < 0)
         ErrorExit(CHROOT_ERROR,ARGV0,dir);
@@ -181,8 +180,8 @@ int main(int argc, char **argv)
     nowChroot();
 
 
-
-    /* Changing user */
+    
+    /* Changing user */        
     if(Privsep_SetUser(uid) < 0)
         ErrorExit(SETUID_ERROR,ARGV0,user);
 
@@ -194,16 +193,16 @@ int main(int argc, char **argv)
     /* Signal manipulation */
     StartSIG(ARGV0);
 
-
+    
 
     /* Creating PID files */
     if(CreatePID(ARGV0, getpid()) < 0)
         ErrorExit(PID_ERROR,ARGV0);
 
-
+    
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, (int)getpid());
-
+    
     /* the real stuff now */	
     os_ReportdStart(&r_filter);
     exit(0);
diff --git a/src/monitord/sign_log.c b/src/monitord/sign_log.c
index 40b37b4..aee528e 100755
--- a/src/monitord/sign_log.c
+++ b/src/monitord/sign_log.c
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
@@ -55,7 +55,7 @@ void OS_SignLog(char *logfile, char *logfile_old, int log_missing)
     /* generating sha1 of the old file.  */
     if(OS_SHA1_File(logfilesum_old, sf_sum_old) < 0)
     {
-        merror("%s: No previous sha1 checksum found: '%s'. "
+        merror("%s: No previous sha1 checksum found: '%s'. " 
                "Starting over.", ARGV0, logfilesum_old);
         strncpy(sf_sum_old, "none", 6);
     }
@@ -65,7 +65,7 @@ void OS_SignLog(char *logfile, char *logfile_old, int log_missing)
     if(OS_MD5_File(logfile, mf_sum) < 0)
     {
         if(log_missing)
-            merror("%s: File '%s' not found. MD5 checksum skipped.",
+            merror("%s: File '%s' not found. MD5 checksum skipped.", 
                                          ARGV0, logfile);
         strncpy(mf_sum, "none", 6);
     }
@@ -79,7 +79,7 @@ void OS_SignLog(char *logfile, char *logfile_old, int log_missing)
         strncpy(sf_sum, "none", 6);
     }
 
-
+    
     fp = fopen(logfilesum, "w");
     if(!fp)
     {
@@ -91,7 +91,7 @@ void OS_SignLog(char *logfile, char *logfile_old, int log_missing)
     fprintf(fp, "Current checksum:\n");
     fprintf(fp, "MD5  (%s) = %s\n", logfile, mf_sum);
     fprintf(fp, "SHA1 (%s) = %s\n\n", logfile, sf_sum);
-
+    
     fprintf(fp, "Chained checksum:\n");
     fprintf(fp, "MD5  (%s) = %s\n", logfilesum_old, mf_sum_old);
     fprintf(fp, "SHA1 (%s) = %s\n\n", logfilesum_old, sf_sum_old);
@@ -99,6 +99,6 @@ void OS_SignLog(char *logfile, char *logfile_old, int log_missing)
 
     return;
 }
-	
+	  
 
 /* EOF */
diff --git a/src/os_auth/._Makefile b/src/os_auth/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_auth/._Makefile differ
diff --git a/src/os_auth/._auth.h b/src/os_auth/._auth.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_auth/._auth.h differ
diff --git a/src/os_auth/._main-client.c b/src/os_auth/._main-client.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_auth/._main-client.c differ
diff --git a/src/os_auth/._main-server.c b/src/os_auth/._main-server.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_auth/._main-server.c differ
diff --git a/src/os_auth/._ssl-test.c b/src/os_auth/._ssl-test.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/os_auth/._ssl-test.c differ
diff --git a/src/os_auth/._ssl.c b/src/os_auth/._ssl.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_auth/._ssl.c differ
diff --git a/src/os_auth/main-client.c b/src/os_auth/main-client.c
index 453751e..424482d 100755
--- a/src/os_auth/main-client.c
+++ b/src/os_auth/main-client.c
@@ -84,7 +84,7 @@ int main(int argc, char **argv)
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
+        
     while((c = getopt(argc, argv, "Vdhu:g:D:c:m:p:A:")) != -1)
     {
         switch(c){
@@ -111,14 +111,13 @@ int main(int argc, char **argv)
                 if(!optarg)
                     ErrorExit("%s: -D needs an argument",ARGV0);
                 dir=optarg;
-                break;
             case 'c':
                 if(!optarg)
                     ErrorExit("%s: -c needs an argument",ARGV0);
                 cfg = optarg;
                 break;
             case 't':
-                test_config = 1;
+                test_config = 1;    
                 break;
             case 'm':
                if(!optarg)
@@ -155,25 +154,25 @@ int main(int argc, char **argv)
     if(gid < 0)
         ErrorExit(USER_ERROR,ARGV0,user,group);
 
-
+    
 
     /* Privilege separation */	
     if(Privsep_SetGroup(gid) < 0)
         ErrorExit(SETGID_ERROR,ARGV0,group);
 
-
+    
 
     /* Signal manipulation */
     StartSIG(ARGV0);
 
-
+    
 
     /* Creating PID files */
     if(CreatePID(ARGV0, getpid()) < 0)
         ErrorExit(PID_ERROR,ARGV0);
     #endif
 
-
+    
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, (int)getpid());
 
@@ -189,7 +188,7 @@ int main(int argc, char **argv)
         agentname = lhostname;
     }
 
-
+    
 
     /* Starting SSL */	
     ctx = os_ssl_keys(1, NULL);
@@ -204,42 +203,7 @@ int main(int argc, char **argv)
         merror("%s: ERROR: Manager IP not set.", ARGV0);
         exit(1);
     }
-
-
-    /* Check to see if manager is an IP */
-    int is_ip = 1;
-    struct sockaddr_in iptest;
-    memset(&iptest, 0, sizeof(iptest));
-
-    if(inet_pton(AF_INET, manager, &iptest.sin_addr) != 1)
-      is_ip = 0;	/* This is not an IPv4 address */
-
-    /* Not IPv4, IPv6 maybe? */
-    if(is_ip == 0)
-    {
-        struct sockaddr_in6 iptest6;
-        memset(&iptest6, 0, sizeof(iptest6));
-        if(inet_pton(AF_INET6, manager, &iptest6.sin6_addr) != 1)
-            is_ip = 0;
-        else
-            is_ip = 1;	/* This is an IPv6 address */
-    }
-    
-
-    /* If it isn't an ip, try to resolve the IP */
-    if(is_ip == 0)
-    {
-        char *ipaddress;
-        ipaddress = OS_GetHost(manager, 3);
-        if(ipaddress != NULL)
-          strncpy(manager, ipaddress, 16);
-        else
-        {
-          printf("Could not resolve hostname: %s\n", manager);
-          return(1);
-        }
-    }
-
+  
 
     /* Connecting via TCP */
     sock = OS_ConnectTCP(port, manager, 0);
@@ -264,7 +228,7 @@ int main(int argc, char **argv)
         exit(1);
     }
 
-
+    
     printf("INFO: Connected to %s:%d\n", manager, port);
     printf("INFO: Using agent name as: %s\n", agentname);
 
@@ -310,7 +274,7 @@ int main(int argc, char **argv)
                         exit(1);
                     }
                     *tmpstr = '\0';
-                    entry = OS_StrBreak(' ', key, 4);
+                    entry = OS_StrBreak(' ', key, 4); 
                     if(!OS_IsValidID(entry[0]) || !OS_IsValidName(entry[1]) ||
                        !OS_IsValidName(entry[2]) || !OS_IsValidName(entry[3]))
                     {
diff --git a/src/os_auth/main-server.c b/src/os_auth/main-server.c
index cf7982a..850bac2 100755
--- a/src/os_auth/main-server.c
+++ b/src/os_auth/main-server.c
@@ -105,7 +105,6 @@ int main(int argc, char **argv)
                 if(!optarg)
                     ErrorExit("%s: -D needs an argument",ARGV0);
                 dir = optarg;
-                break;
             case 'c':
                 if(!optarg)
                     ErrorExit("%s: -c needs an argument",ARGV0);
diff --git a/src/os_auth/ssl-test.c b/src/os_auth/ssl-test.c
index 09146d3..aff5e79 100644
--- a/src/os_auth/ssl-test.c
+++ b/src/os_auth/ssl-test.c
@@ -1,5 +1,5 @@
-/*
- *
+/* 
+ * 
  * Copyright (C) 2011 Trend Micro Inc. All rights reserved.
  *
  * OSSEC HIDS is a free software; you can redistribute it and/or modify
@@ -120,7 +120,7 @@ int main(int argc, char **argv)
         printf("ERROR - host not set.\n");
         exit(1);
     }
-
+  
     /* Connecting via TCP */
     sock = socket(AF_INET,SOCK_STREAM, IPPROTO_TCP);
     if(sock < 0)
@@ -154,7 +154,7 @@ int main(int argc, char **argv)
     }
 
     printf("Connected!\n");
-
+    
 
     ret=SSL_write(ssl,TEST, sizeof(TEST));
     if(ret < 0)
diff --git a/src/os_auth/ssl.c b/src/os_auth/ssl.c
index 9841861..2388d88 100755
--- a/src/os_auth/ssl.c
+++ b/src/os_auth/ssl.c
@@ -38,13 +38,13 @@ void *os_ssl_keys(int isclient, char *dir)
     SSL_CTX *ctx;
     char certf[1024 +1];
     char keyf[1024 +1];
-
+    
     SSL_library_init();
     SSL_load_error_strings();
     OpenSSL_add_all_algorithms();
     bio_err = BIO_new_fp(stderr,BIO_NOCLOSE);
 
-
+    
     /* Create our context */
     sslmeth = (SSL_METHOD *)SSLv23_method();
     ctx = SSL_CTX_new(sslmeth);
@@ -59,7 +59,7 @@ void *os_ssl_keys(int isclient, char *dir)
     {
         return(NULL);
     }
-
+    
 
     /* Setting final cert/key files */
     certf[1024] = '\0';
@@ -98,7 +98,7 @@ void *os_ssl_keys(int isclient, char *dir)
     #if(OPENSSL_VERSION_NUMBER < 0x00905100L)
     SSL_CTX_set_verify_depth(ctx,1);
     #endif
-
+    
     return ctx;
 }
 
diff --git a/src/os_crypto/._Makefile b/src/os_crypto/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/._Makefile differ
diff --git a/src/os_crypto/blowfish/._Makefile b/src/os_crypto/blowfish/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/blowfish/._Makefile differ
diff --git a/src/os_crypto/blowfish/._bf_enc.c b/src/os_crypto/blowfish/._bf_enc.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/blowfish/._bf_enc.c differ
diff --git a/src/os_crypto/blowfish/._bf_locl.h b/src/os_crypto/blowfish/._bf_locl.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/blowfish/._bf_locl.h differ
diff --git a/src/os_crypto/blowfish/._bf_op.c b/src/os_crypto/blowfish/._bf_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/blowfish/._bf_op.c differ
diff --git a/src/os_crypto/blowfish/._bf_op.h b/src/os_crypto/blowfish/._bf_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/blowfish/._bf_op.h differ
diff --git a/src/os_crypto/blowfish/._bf_pi.h b/src/os_crypto/blowfish/._bf_pi.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/blowfish/._bf_pi.h differ
diff --git a/src/os_crypto/blowfish/._bf_skey.c b/src/os_crypto/blowfish/._bf_skey.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/blowfish/._bf_skey.c differ
diff --git a/src/os_crypto/blowfish/._blowfish.h b/src/os_crypto/blowfish/._blowfish.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/blowfish/._blowfish.h differ
diff --git a/src/os_crypto/blowfish/._main.c b/src/os_crypto/blowfish/._main.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/blowfish/._main.c differ
diff --git a/src/os_crypto/blowfish/bf_enc.c b/src/os_crypto/blowfish/bf_enc.c
index 6467ee7..bbe5b05 100755
--- a/src/os_crypto/blowfish/bf_enc.c
+++ b/src/os_crypto/blowfish/bf_enc.c
@@ -5,21 +5,21 @@
  * This package is an SSL implementation written
  * by Eric Young (eay at cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- *
+ * 
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
+ * 
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- *
+ * 
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +34,10 @@
  *     Eric Young (eay at cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
+ * 
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
+ * 
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
diff --git a/src/os_crypto/blowfish/bf_locl.h b/src/os_crypto/blowfish/bf_locl.h
index ea7399e..0567cb5 100755
--- a/src/os_crypto/blowfish/bf_locl.h
+++ b/src/os_crypto/blowfish/bf_locl.h
@@ -10,21 +10,21 @@
  * This package is an SSL implementation written
  * by Eric Young (eay at cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- *
+ * 
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
+ * 
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- *
+ * 
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -39,10 +39,10 @@
  *     Eric Young (eay at cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
+ * 
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -54,7 +54,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
+ * 
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
diff --git a/src/os_crypto/blowfish/bf_op.c b/src/os_crypto/blowfish/bf_op.c
index d7a1118..6cbff2f 100755
--- a/src/os_crypto/blowfish/bf_op.c
+++ b/src/os_crypto/blowfish/bf_op.c
@@ -27,7 +27,7 @@
 
 typedef unsigned char uchar;
 
-int OS_BF_Str(char *input, char *output, char *charkey,
+int OS_BF_Str(char *input, char *output, char *charkey, 
                 long size, short int action)
 {
     BF_KEY key;
diff --git a/src/os_crypto/blowfish/bf_op.h b/src/os_crypto/blowfish/bf_op.h
index 4a4b2b1..58e98ab 100755
--- a/src/os_crypto/blowfish/bf_op.h
+++ b/src/os_crypto/blowfish/bf_op.h
@@ -21,7 +21,7 @@
 #define OS_DECRYPT      0
 
 
-int OS_BF_Str(char * input, char *output, char *charkey,
+int OS_BF_Str(char * input, char *output, char *charkey, 
                             long size, short int action);
 
 #endif
diff --git a/src/os_crypto/blowfish/bf_pi.h b/src/os_crypto/blowfish/bf_pi.h
index 79d23db..9949513 100755
--- a/src/os_crypto/blowfish/bf_pi.h
+++ b/src/os_crypto/blowfish/bf_pi.h
@@ -5,21 +5,21 @@
  * This package is an SSL implementation written
  * by Eric Young (eay at cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- *
+ * 
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
+ * 
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- *
+ * 
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +34,10 @@
  *     Eric Young (eay at cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
+ * 
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
+ * 
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -64,262 +64,262 @@ static const BF_KEY bf_init= {
 	0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L,
 	0x9216d5d9L, 0x8979fb1b
 	},{
-	0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L,
-	0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L,
-	0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L,
-	0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL,
-	0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL,
-	0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L,
-	0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL,
-	0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL,
-	0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L,
-	0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L,
-	0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL,
-	0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL,
-	0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL,
-	0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L,
-	0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L,
-	0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L,
-	0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L,
-	0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L,
-	0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL,
-	0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L,
-	0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L,
-	0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L,
-	0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L,
-	0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL,
-	0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L,
-	0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL,
-	0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL,
-	0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L,
-	0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL,
-	0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L,
-	0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL,
-	0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L,
-	0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L,
-	0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL,
-	0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L,
-	0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L,
-	0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL,
-	0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L,
-	0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL,
-	0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L,
-	0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L,
-	0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL,
-	0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L,
-	0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L,
-	0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L,
-	0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L,
-	0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L,
-	0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL,
-	0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL,
-	0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L,
-	0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L,
-	0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L,
-	0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L,
-	0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL,
-	0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L,
-	0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL,
-	0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL,
-	0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L,
-	0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L,
-	0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L,
-	0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L,
-	0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L,
-	0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L,
-	0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL,
-	0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L,
-	0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L,
-	0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L,
-	0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL,
-	0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L,
-	0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L,
-	0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL,
-	0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L,
-	0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L,
-	0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L,
-	0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL,
-	0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL,
-	0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L,
-	0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L,
-	0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L,
-	0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L,
-	0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL,
-	0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL,
-	0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL,
-	0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L,
-	0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL,
-	0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L,
-	0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L,
-	0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL,
-	0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL,
-	0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L,
-	0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL,
-	0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L,
-	0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL,
-	0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL,
-	0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L,
-	0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L,
-	0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L,
-	0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L,
-	0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L,
-	0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L,
-	0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L,
-	0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL,
-	0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L,
-	0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL,
-	0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L,
-	0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L,
-	0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L,
-	0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L,
-	0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L,
-	0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L,
-	0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L,
-	0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L,
-	0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L,
-	0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L,
-	0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L,
-	0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L,
-	0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L,
-	0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L,
-	0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L,
-	0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L,
-	0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL,
-	0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL,
-	0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L,
-	0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL,
-	0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L,
-	0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L,
-	0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L,
-	0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L,
-	0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L,
-	0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L,
-	0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL,
-	0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L,
-	0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L,
-	0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L,
-	0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL,
-	0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL,
-	0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL,
-	0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L,
-	0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L,
-	0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL,
-	0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L,
-	0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL,
-	0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L,
-	0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL,
-	0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L,
-	0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL,
-	0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L,
-	0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL,
-	0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L,
-	0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L,
-	0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL,
-	0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L,
-	0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L,
-	0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L,
-	0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L,
-	0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL,
-	0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L,
-	0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL,
-	0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L,
-	0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL,
-	0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L,
-	0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL,
-	0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL,
-	0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL,
-	0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L,
-	0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L,
-	0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL,
-	0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL,
-	0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL,
-	0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL,
-	0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL,
-	0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L,
-	0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L,
-	0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L,
-	0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L,
-	0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL,
-	0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL,
-	0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L,
-	0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L,
-	0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L,
-	0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L,
-	0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L,
-	0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L,
-	0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L,
-	0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L,
-	0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L,
-	0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L,
-	0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL,
-	0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L,
-	0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL,
-	0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L,
-	0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L,
-	0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL,
-	0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL,
-	0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL,
-	0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L,
-	0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L,
-	0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L,
-	0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L,
-	0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L,
-	0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L,
-	0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L,
-	0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L,
-	0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L,
-	0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L,
-	0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L,
-	0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L,
-	0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL,
-	0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL,
-	0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L,
-	0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL,
-	0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL,
-	0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL,
-	0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L,
-	0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL,
-	0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL,
-	0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L,
-	0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L,
-	0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L,
-	0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L,
-	0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL,
-	0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL,
-	0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L,
-	0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L,
-	0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L,
-	0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL,
-	0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L,
-	0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L,
-	0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L,
-	0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL,
-	0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L,
-	0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L,
-	0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L,
-	0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL,
-	0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL,
-	0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L,
-	0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L,
-	0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L,
-	0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L,
-	0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL,
-	0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L,
-	0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL,
-	0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL,
-	0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L,
-	0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L,
-	0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL,
-	0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L,
-	0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL,
-	0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L,
-	0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL,
-	0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L,
-	0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L,
-	0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL,
-	0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L,
-	0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL,
-	0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L,
+	0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L, 
+	0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L, 
+	0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L, 
+	0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL, 
+	0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL, 
+	0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L, 
+	0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL, 
+	0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL, 
+	0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L, 
+	0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L, 
+	0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL, 
+	0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL, 
+	0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL, 
+	0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L, 
+	0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L, 
+	0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L, 
+	0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L, 
+	0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L, 
+	0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL, 
+	0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L, 
+	0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L, 
+	0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L, 
+	0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L, 
+	0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL, 
+	0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L, 
+	0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL, 
+	0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL, 
+	0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L, 
+	0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL, 
+	0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L, 
+	0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL, 
+	0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L, 
+	0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L, 
+	0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL, 
+	0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L, 
+	0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L, 
+	0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL, 
+	0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L, 
+	0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL, 
+	0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L, 
+	0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L, 
+	0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL, 
+	0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L, 
+	0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L, 
+	0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L, 
+	0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L, 
+	0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L, 
+	0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL, 
+	0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL, 
+	0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L, 
+	0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L, 
+	0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L, 
+	0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L, 
+	0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL, 
+	0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L, 
+	0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL, 
+	0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL, 
+	0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L, 
+	0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L, 
+	0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L, 
+	0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L, 
+	0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L, 
+	0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L, 
+	0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL, 
+	0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L, 
+	0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L, 
+	0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L, 
+	0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL, 
+	0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L, 
+	0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L, 
+	0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL, 
+	0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L, 
+	0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L, 
+	0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L, 
+	0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL, 
+	0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL, 
+	0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L, 
+	0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L, 
+	0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L, 
+	0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L, 
+	0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL, 
+	0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL, 
+	0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL, 
+	0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L, 
+	0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL, 
+	0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L, 
+	0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L, 
+	0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL, 
+	0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL, 
+	0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L, 
+	0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL, 
+	0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L, 
+	0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL, 
+	0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL, 
+	0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L, 
+	0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L, 
+	0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L, 
+	0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L, 
+	0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L, 
+	0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L, 
+	0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L, 
+	0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL, 
+	0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L, 
+	0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL, 
+	0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L, 
+	0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L, 
+	0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L, 
+	0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L, 
+	0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L, 
+	0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L, 
+	0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L, 
+	0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L, 
+	0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L, 
+	0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L, 
+	0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L, 
+	0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L, 
+	0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L, 
+	0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L, 
+	0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L, 
+	0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L, 
+	0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL, 
+	0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL, 
+	0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L, 
+	0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL, 
+	0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L, 
+	0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L, 
+	0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L, 
+	0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L, 
+	0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L, 
+	0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L, 
+	0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL, 
+	0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L, 
+	0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L, 
+	0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L, 
+	0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL, 
+	0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL, 
+	0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL, 
+	0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L, 
+	0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L, 
+	0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL, 
+	0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L, 
+	0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL, 
+	0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L, 
+	0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL, 
+	0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L, 
+	0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL, 
+	0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L, 
+	0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL, 
+	0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L, 
+	0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L, 
+	0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL, 
+	0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L, 
+	0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L, 
+	0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L, 
+	0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L, 
+	0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL, 
+	0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L, 
+	0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL, 
+	0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L, 
+	0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL, 
+	0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L, 
+	0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL, 
+	0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL, 
+	0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL, 
+	0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L, 
+	0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L, 
+	0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL, 
+	0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL, 
+	0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL, 
+	0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL, 
+	0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL, 
+	0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L, 
+	0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L, 
+	0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L, 
+	0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L, 
+	0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL, 
+	0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL, 
+	0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L, 
+	0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L, 
+	0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L, 
+	0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L, 
+	0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L, 
+	0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L, 
+	0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L, 
+	0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L, 
+	0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L, 
+	0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L, 
+	0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL, 
+	0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L, 
+	0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL, 
+	0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L, 
+	0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L, 
+	0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL, 
+	0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL, 
+	0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL, 
+	0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L, 
+	0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L, 
+	0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L, 
+	0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L, 
+	0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L, 
+	0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L, 
+	0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L, 
+	0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L, 
+	0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L, 
+	0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L, 
+	0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L, 
+	0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L, 
+	0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL, 
+	0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL, 
+	0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L, 
+	0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL, 
+	0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL, 
+	0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL, 
+	0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L, 
+	0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL, 
+	0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL, 
+	0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L, 
+	0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L, 
+	0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L, 
+	0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L, 
+	0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL, 
+	0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL, 
+	0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L, 
+	0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L, 
+	0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L, 
+	0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL, 
+	0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L, 
+	0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L, 
+	0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L, 
+	0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL, 
+	0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L, 
+	0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L, 
+	0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L, 
+	0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL, 
+	0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL, 
+	0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L, 
+	0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L, 
+	0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L, 
+	0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L, 
+	0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL, 
+	0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L, 
+	0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL, 
+	0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL, 
+	0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L, 
+	0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L, 
+	0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL, 
+	0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L, 
+	0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL, 
+	0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L, 
+	0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL, 
+	0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L, 
+	0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L, 
+	0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL, 
+	0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L, 
+	0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL, 
+	0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L, 
 	}
 	};
 
diff --git a/src/os_crypto/blowfish/bf_skey.c b/src/os_crypto/blowfish/bf_skey.c
index f38a4ce..d3cba58 100755
--- a/src/os_crypto/blowfish/bf_skey.c
+++ b/src/os_crypto/blowfish/bf_skey.c
@@ -5,21 +5,21 @@
  * This package is an SSL implementation written
  * by Eric Young (eay at cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- *
+ * 
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
+ * 
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- *
+ * 
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +34,10 @@
  *     Eric Young (eay at cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
+ * 
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
+ * 
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
diff --git a/src/os_crypto/blowfish/blowfish.h b/src/os_crypto/blowfish/blowfish.h
index 180442a..ad6ce95 100755
--- a/src/os_crypto/blowfish/blowfish.h
+++ b/src/os_crypto/blowfish/blowfish.h
@@ -5,21 +5,21 @@
  * This package is an SSL implementation written
  * by Eric Young (eay at cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- *
+ * 
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
+ * 
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- *
+ * 
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +34,10 @@
  *     Eric Young (eay at cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
+ * 
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
+ * 
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -104,7 +104,7 @@ typedef struct bf_key_st
 	BF_LONG S[4*256];
 	} BF_KEY;
 
-
+ 
 void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
 
 void BF_encrypt(BF_LONG *data,const BF_KEY *key);
diff --git a/src/os_crypto/blowfish/main.c b/src/os_crypto/blowfish/main.c
index 6a3277c..0b34a02 100755
--- a/src/os_crypto/blowfish/main.c
+++ b/src/os_crypto/blowfish/main.c
@@ -19,13 +19,13 @@ int main(int argc, char ** argv)
         printf("%s: string key\n", argv[0]);
         exit(1);
     }
-
+    
     if((strlen(argv[1]) > 1020) || (strlen(argv[2]) > 512))
     {
         printf("%s: size err\n", argv[0]);
         exit(1);
     }
-
+    
     /* Encrypt */
     OS_BF_Str(argv[1], output, argv[2], strlen(argv[1]), OS_ENCRYPT);
 
diff --git a/src/os_crypto/md5/._Makefile b/src/os_crypto/md5/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/md5/._Makefile differ
diff --git a/src/os_crypto/md5/._main.c b/src/os_crypto/md5/._main.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/md5/._main.c differ
diff --git a/src/os_crypto/md5/._md5.c b/src/os_crypto/md5/._md5.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/md5/._md5.c differ
diff --git a/src/os_crypto/md5/._md5.h b/src/os_crypto/md5/._md5.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/md5/._md5.h differ
diff --git a/src/os_crypto/md5/._md5_op.c b/src/os_crypto/md5/._md5_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/md5/._md5_op.c differ
diff --git a/src/os_crypto/md5/._md5_op.h b/src/os_crypto/md5/._md5_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/md5/._md5_op.h differ
diff --git a/src/os_crypto/md5/main.c b/src/os_crypto/md5/main.c
index 5eab951..8265fa6 100755
--- a/src/os_crypto/md5/main.c
+++ b/src/os_crypto/md5/main.c
@@ -20,21 +20,21 @@ int main(int argc, char ** argv)
 
     if(argc < 3)
         usage(argv);
-
-
+   
+    
     if(strcmp(argv[1],"file") == 0)
     {
         OS_MD5_File(argv[2], filesum);
     }
-
+    
     else if(strcmp(argv[1],"str") == 0)
     {
         OS_MD5_Str(argv[2], filesum);
     }
-
+    
     else
         usage(argv);
-
+    
     printf("MD5Sum for \"%s\" is: %s\n",argv[2],filesum);
     return(0);
 }
diff --git a/src/os_crypto/md5/md5.c b/src/os_crypto/md5/md5.c
index 769e1fb..f2eb619 100755
--- a/src/os_crypto/md5/md5.c
+++ b/src/os_crypto/md5/md5.c
@@ -24,7 +24,7 @@
 #ifdef __BYTE_ORDER
 #if __BYTE_ORDER == __BIG_ENDIAN
     #define HIGHFIRST
-#endif /* BIG ENDIAN */
+#endif /* BIG ENDIAN */    
 #endif /* byte order */
 
 
@@ -114,7 +114,7 @@ void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len)
 }
 
 /*
- * Final wrapup - pad to 64-byte boundary with the bit pattern
+ * Final wrapup - pad to 64-byte boundary with the bit pattern 
  * 1 0* (64-bit count of bits processed, MSB-first)
  */
 void MD5Final(unsigned char digest[16], struct MD5Context *ctx)
diff --git a/src/os_crypto/md5/md5_op.c b/src/os_crypto/md5/md5_op.c
index 6785697..9e3dc5d 100755
--- a/src/os_crypto/md5/md5_op.c
+++ b/src/os_crypto/md5/md5_op.c
@@ -29,25 +29,25 @@ int OS_MD5_File(char * fname, char * output)
     unsigned char buf[1024 +1];
     unsigned char digest[16];
     int n;
-
+    
     memset(output,0, 33);
     buf[1024] = '\0';
-
+    
     fp = fopen(fname,"r");
     if(!fp)
     {
         return(-1);
     }
-
+    
     MD5Init(&ctx);
     while((n = fread(buf, 1, sizeof(buf) -1, fp)) > 0)
     {
         buf[n] = '\0';
         MD5Update(&ctx,buf,n);
     }
-
+    
     MD5Final(digest, &ctx);
-
+    
     for(n = 0;n < 16; n++)
     {
         snprintf(output, 3, "%02x", digest[n]);
@@ -56,7 +56,7 @@ int OS_MD5_File(char * fname, char * output)
 
     /* Closing it */
     fclose(fp);
-
+        
     return(0);
 }
 
@@ -64,17 +64,17 @@ int OS_MD5_File(char * fname, char * output)
 int OS_MD5_Str(char * str, char * output)
 {
     unsigned char digest[16];
-
+    
     int n;
-
+    
     MD5_CTX ctx;
 
     MD5Init(&ctx);
-
+    
     MD5Update(&ctx,(unsigned char *)str,strlen(str));
-
+    
     MD5Final(digest, &ctx);
-
+    
     output[32] = '\0';
     for(n = 0;n < 16;n++)
     {
diff --git a/src/os_crypto/md5_sha1/._Makefile b/src/os_crypto/md5_sha1/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/md5_sha1/._Makefile differ
diff --git a/src/os_crypto/md5_sha1/._main.c b/src/os_crypto/md5_sha1/._main.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/md5_sha1/._main.c differ
diff --git a/src/os_crypto/md5_sha1/._md5_sha1_op.c b/src/os_crypto/md5_sha1/._md5_sha1_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/md5_sha1/._md5_sha1_op.c differ
diff --git a/src/os_crypto/md5_sha1/._md5_sha1_op.h b/src/os_crypto/md5_sha1/._md5_sha1_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/md5_sha1/._md5_sha1_op.h differ
diff --git a/src/os_crypto/md5_sha1/main.c b/src/os_crypto/md5_sha1/main.c
index 12723dc..15d91b5 100755
--- a/src/os_crypto/md5_sha1/main.c
+++ b/src/os_crypto/md5_sha1/main.c
@@ -23,16 +23,16 @@ int main(int argc, char ** argv)
 
     if(argc < 4)
         usage(argv);
-
-
+   
+    
     if(strcmp(argv[2],"file") == 0)
     {
         OS_MD5_SHA1_File(argv[3], argv[1], filesum1, filesum2);
     }
-
+    
     else
         usage(argv);
-
+    
     printf("MD5Sha1Sum for \"%s\" is: %s - %s\n",argv[2], filesum1, filesum2);
     return(0);
 }
diff --git a/src/os_crypto/md5_sha1/md5_sha1_op.c b/src/os_crypto/md5_sha1/md5_sha1_op.c
index b3471f4..8bec676 100755
--- a/src/os_crypto/md5_sha1/md5_sha1_op.c
+++ b/src/os_crypto/md5_sha1/md5_sha1_op.c
@@ -20,7 +20,7 @@
 #include "headers/defs.h"
 
 
-
+ 
 int OS_MD5_SHA1_File(char *fname, char *prefilter_cmd, char *md5output, char *sha1output)
 {
     int n;
@@ -34,7 +34,7 @@ int OS_MD5_SHA1_File(char *fname, char *prefilter_cmd, char *md5output, char *sh
     SHA_CTX sha1_ctx;
     MD5_CTX md5_ctx;
 
-
+    
     /* Clearing the memory. */
     md5output[0] = '\0';
     sha1output[0] = '\0';
diff --git a/src/os_crypto/sha1/._Makefile b/src/os_crypto/sha1/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/sha1/._Makefile differ
diff --git a/src/os_crypto/sha1/._main.c b/src/os_crypto/sha1/._main.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/sha1/._main.c differ
diff --git a/src/os_crypto/sha1/._md32_common.h b/src/os_crypto/sha1/._md32_common.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/sha1/._md32_common.h differ
diff --git a/src/os_crypto/sha1/._sha.h b/src/os_crypto/sha1/._sha.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/sha1/._sha.h differ
diff --git a/src/os_crypto/sha1/._sha1_op.c b/src/os_crypto/sha1/._sha1_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/sha1/._sha1_op.c differ
diff --git a/src/os_crypto/sha1/._sha1_op.h b/src/os_crypto/sha1/._sha1_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/sha1/._sha1_op.h differ
diff --git a/src/os_crypto/sha1/._sha_locl.h b/src/os_crypto/sha1/._sha_locl.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/sha1/._sha_locl.h differ
diff --git a/src/os_crypto/sha1/main.c b/src/os_crypto/sha1/main.c
index e6dda51..4373f47 100755
--- a/src/os_crypto/sha1/main.c
+++ b/src/os_crypto/sha1/main.c
@@ -20,8 +20,8 @@ int main(int argc, char ** argv)
 
     if(argc < 2)
         usage(argv);
-
-
+   
+    
     if(OS_SHA1_File(argv[1], filesum) == 0)
     {
         printf("SHA1Sum for \"%s\" is: %s\n",argv[1],filesum);
diff --git a/src/os_crypto/sha1/md32_common.h b/src/os_crypto/sha1/md32_common.h
index 1f9b1ab..6fd454f 100755
--- a/src/os_crypto/sha1/md32_common.h
+++ b/src/os_crypto/sha1/md32_common.h
@@ -11,7 +11,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
+ *    notice, this list of conditions and the following disclaimer. 
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -621,7 +621,7 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c)
  * *either* case. Now declaring 'em long excuses the compiler
  * from keeping 32 MSBs zeroed resulting in 13% performance
  * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
- * Well, to be honest it should say that this *prevents*
+ * Well, to be honest it should say that this *prevents* 
  * performance degradation.
  *				<appro at fy.chalmers.se>
  * Apparently there're LP64 compilers that generate better
@@ -632,4 +632,4 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c)
 #endif
 
 
-#endif /* _MD32_COMMON__H */
+#endif /* _MD32_COMMON__H */ 
diff --git a/src/os_crypto/sha1/sha.h b/src/os_crypto/sha1/sha.h
index be021fa..ec5b62e 100755
--- a/src/os_crypto/sha1/sha.h
+++ b/src/os_crypto/sha1/sha.h
@@ -10,21 +10,21 @@
  * This package is an SSL implementation written
  * by Eric Young (eay at cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- *
+ * 
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
+ * 
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- *
+ * 
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -39,10 +39,10 @@
  *     Eric Young (eay at cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
+ * 
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -54,7 +54,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
+ * 
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
diff --git a/src/os_crypto/sha1/sha1_op.c b/src/os_crypto/sha1/sha1_op.c
index 99d74ec..97588d1 100755
--- a/src/os_crypto/sha1/sha1_op.c
+++ b/src/os_crypto/sha1/sha1_op.c
@@ -15,20 +15,20 @@
 #include <string.h>
 #include "sha1_op.h"
 
-/* Openssl sha1
+/* Openssl sha1 
  * Only use if open ssl is not available.
 #ifndef USE_OPENSSL
 #include "sha.h"
 #include "sha_locl.h"
 #else
-#include <openssl/sha.h>
+#include <openssl/sha.h>  
 #endif
 */
 
 #include "sha_locl.h"
 
 
-
+ 
 int OS_SHA1_File(char * fname, char * output)
 {
     SHA_CTX c;
@@ -36,32 +36,32 @@ int OS_SHA1_File(char * fname, char * output)
     unsigned char buf[2048 +2];
     unsigned char md[SHA_DIGEST_LENGTH];
     int n;
-
+    
     memset(output,0, 65);
     buf[2049] = '\0';
-
+    
     fp = fopen(fname,"r");
     if(!fp)
         return(-1);
-
+    
     SHA1_Init(&c);
     while((n = fread(buf, 1, 2048, fp)) > 0)
     {
         buf[n] = '\0';
         SHA1_Update(&c,buf,(unsigned long)n);
     }
-
+    
     SHA1_Final(&(md[0]),&c);
-
+    
     for (n=0; n<SHA_DIGEST_LENGTH; n++)
     {
         snprintf(output, 3, "%02x", md[n]);
         output+=2;
     }
-
+                
     /* Closing it */
     fclose(fp);
-
+        
     return(0);
 }
 
diff --git a/src/os_crypto/sha1/sha_locl.h b/src/os_crypto/sha1/sha_locl.h
index d4b919e..019f1eb 100755
--- a/src/os_crypto/sha1/sha_locl.h
+++ b/src/os_crypto/sha1/sha_locl.h
@@ -10,21 +10,21 @@
  * This package is an SSL implementation written
  * by Eric Young (eay at cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- *
+ * 
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
+ * 
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- *
+ * 
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -39,10 +39,10 @@
  *     Eric Young (eay at cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
+ * 
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -54,7 +54,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
+ * 
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -180,9 +180,9 @@ int HASH_INIT (SHA_CTX *c)
  * I've just become aware of another tweak to be made, again from Wei Dai,
  * in F_40_59, (x&a)|(y&a) -> (x|y)&a
  */
-#define	F_00_19(b,c,d)	((((c) ^ (d)) & (b)) ^ (d))
+#define	F_00_19(b,c,d)	((((c) ^ (d)) & (b)) ^ (d)) 
 #define	F_20_39(b,c,d)	((b) ^ (c) ^ (d))
-#define F_40_59(b,c,d)	(((b) & (c)) | (((b)|(c)) & (d)))
+#define F_40_59(b,c,d)	(((b) & (c)) | (((b)|(c)) & (d))) 
 #define	F_60_79(b,c,d)	F_20_39(b,c,d)
 
 #ifndef OPENSSL_SMALL_FOOTPRINT
@@ -345,7 +345,7 @@ void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, size_t num)
 	BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
 	BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
 	
-	c->h0=(c->h0+E)&0xffffffffL;
+	c->h0=(c->h0+E)&0xffffffffL; 
 	c->h1=(c->h1+T)&0xffffffffL;
 	c->h2=(c->h2+A)&0xffffffffL;
 	c->h3=(c->h3+B)&0xffffffffL;
@@ -472,7 +472,7 @@ void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
 	BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
 	BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
 	
-	c->h0=(c->h0+E)&0xffffffffL;
+	c->h0=(c->h0+E)&0xffffffffL; 
 	c->h1=(c->h1+T)&0xffffffffL;
 	c->h2=(c->h2+A)&0xffffffffL;
 	c->h3=(c->h3+B)&0xffffffffL;
@@ -548,7 +548,7 @@ void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, size_t num)
 	for (i=4;i<24;i++)
 	{ BODY_60_79(X[(i+8)&15],X[(i+10)&15],X[i&15],    X[(i+5)&15]);  }
 	
-	c->h0=(c->h0+A)&0xffffffffL;
+	c->h0=(c->h0+A)&0xffffffffL; 
 	c->h1=(c->h1+B)&0xffffffffL;
 	c->h2=(c->h2+C)&0xffffffffL;
 	c->h3=(c->h3+D)&0xffffffffL;
@@ -594,7 +594,7 @@ void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
 	for (i=4;i<24;i++)
 	{ BODY_60_79(X[(i+8)&15],X[(i+10)&15],X[i&15],    X[(i+5)&15]);  }
 
-	c->h0=(c->h0+A)&0xffffffffL;
+	c->h0=(c->h0+A)&0xffffffffL; 
 	c->h1=(c->h1+B)&0xffffffffL;
 	c->h2=(c->h2+C)&0xffffffffL;
 	c->h3=(c->h3+D)&0xffffffffL;
diff --git a/src/os_crypto/shared/._Makefile b/src/os_crypto/shared/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/shared/._Makefile differ
diff --git a/src/os_crypto/shared/._keys.c b/src/os_crypto/shared/._keys.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/shared/._keys.c differ
diff --git a/src/os_crypto/shared/._msgs.c b/src/os_crypto/shared/._msgs.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_crypto/shared/._msgs.c differ
diff --git a/src/os_crypto/shared/keys.c b/src/os_crypto/shared/keys.c
index 587f083..434782b 100755
--- a/src/os_crypto/shared/keys.c
+++ b/src/os_crypto/shared/keys.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -24,7 +24,7 @@
 
 
 
-/* __memclear: Clears keys entries.
+/* __memclear: Clears keys entries. 
  */
 void __memclear(char *id, char *name, char *ip, char *key, int size)
 {
@@ -41,10 +41,10 @@ void __chash(keystore *keys, char *id, char *name, char *ip, char *key)
 {
 	os_md5 filesum1;
 	os_md5 filesum2;
-
-    char *tmp_str;
+   
+    char *tmp_str; 
 	char _finalstr[KEYSIZE];
-
+    
 
     /* Allocating for the whole structure */
     keys->keyentries =(keyentry **)realloc(keys->keyentries,
@@ -54,32 +54,32 @@ void __chash(keystore *keys, char *id, char *name, char *ip, char *key)
         ErrorExit(MEM_ERROR, __local_name);
     }
     os_calloc(1, sizeof(keyentry), keys->keyentries[keys->keysize]);
-
-
+   
+    
     /* Setting configured values for id */
     os_strdup(id, keys->keyentries[keys->keysize]->id);
-    OSHash_Add(keys->keyhash_id,
-               keys->keyentries[keys->keysize]->id,
+    OSHash_Add(keys->keyhash_id, 
+               keys->keyentries[keys->keysize]->id, 
                keys->keyentries[keys->keysize]);
-
-
+    
+    
     /* agent ip */
     os_calloc(1, sizeof(os_ip), keys->keyentries[keys->keysize]->ip);
     if(OS_IsValidIP(ip, keys->keyentries[keys->keysize]->ip) == 0)
     {
         ErrorExit(INVALID_IP, __local_name, ip);
     }
-
+    
     /* We need to remove the "/" from the cidr */
 	if((tmp_str = strchr(keys->keyentries[keys->keysize]->ip->ip, '/')) != NULL)
     {
         *tmp_str = '\0';
     }
-    OSHash_Add(keys->keyhash_ip,
-               keys->keyentries[keys->keysize]->ip->ip,
+    OSHash_Add(keys->keyhash_ip, 
+               keys->keyentries[keys->keysize]->ip->ip, 
                keys->keyentries[keys->keysize]);
 
-
+    
     /* agent name */
     os_strdup(name, keys->keyentries[keys->keysize]->name);
 
@@ -91,15 +91,15 @@ void __chash(keystore *keys, char *id, char *name, char *ip, char *key)
     keys->keyentries[keys->keysize]->fp = NULL;
 
 	
-
+    
 	/** Generating final symmetric key **/
-
+    
 	/* MD5 from name, id and key */
 	OS_MD5_Str(name, filesum1);	
 	OS_MD5_Str(id,  filesum2);
 
 
-	/* Generating new filesum1 */
+	/* Generating new filesum1 */ 
 	snprintf(_finalstr, sizeof(_finalstr)-1, "%s%s", filesum1, filesum2);
 
 	
@@ -112,7 +112,7 @@ void __chash(keystore *keys, char *id, char *name, char *ip, char *key)
     /* Second md is just the key */
     OS_MD5_Str(key, filesum2);	
 	
-
+    
 	/* Generating final key */
 	memset(_finalstr,'\0', sizeof(_finalstr));
 	snprintf(_finalstr, 49, "%s%s", filesum2, filesum1);
@@ -128,14 +128,14 @@ void __chash(keystore *keys, char *id, char *name, char *ip, char *key)
 
 	/* ready for next */
 	keys->keysize++;	
-
-
+    
+    
 	return;
 }
 
 
-/* int OS_CheckKeys():
- * Checks if the authentication key file is present
+/* int OS_CheckKeys(): 
+ * Checks if the authentication key file is present 
  */
 int OS_CheckKeys()
 {
@@ -172,15 +172,15 @@ int OS_CheckKeys()
 void OS_ReadKeys(keystore *keys)
 {
     FILE *fp;
-
+    
     char buffer[OS_BUFFER_SIZE +1];
-
+    
     char name[KEYSIZE +1];
     char ip[KEYSIZE +1];
     char id[KEYSIZE +1];
     char key[KEYSIZE +1];
-
-
+    
+    
     /* Checking if the keys file is present and we can read it. */
     if((keys->file_change = File_DateofChange(KEYS_FILE)) < 0)
     {
@@ -222,7 +222,7 @@ void OS_ReadKeys(keystore *keys)
     {
         char *tmp_str;
         char *valid_str;
-
+        
         if((buffer[0] == '#') || (buffer[0] == ' '))
             continue;
 
@@ -245,7 +245,7 @@ void OS_ReadKeys(keystore *keys)
         {
             continue;
         }
-
+        
         /* Getting name */
         valid_str = tmp_str;
         tmp_str = strchr(tmp_str, ' ');
@@ -258,7 +258,7 @@ void OS_ReadKeys(keystore *keys)
         tmp_str++;
         strncpy(name, valid_str, KEYSIZE -1);
 
-
+         
         /* Getting ip address */
         valid_str = tmp_str;
         tmp_str = strchr(tmp_str, ' ');
@@ -271,7 +271,7 @@ void OS_ReadKeys(keystore *keys)
         tmp_str++;
         strncpy(ip, valid_str, KEYSIZE -1);
 
-
+        
         /* Getting key */
         valid_str = tmp_str;
         tmp_str = strchr(tmp_str, '\n');
@@ -288,8 +288,8 @@ void OS_ReadKeys(keystore *keys)
 
 
         /* Clearing the memory */
-        __memclear(id, name, ip, key, KEYSIZE +1);
-
+        __memclear(id, name, ip, key, KEYSIZE +1); 
+        
 
         /* Checking for maximum agent size */
         if(keys->keysize >= (MAX_AGENTS -2))
@@ -297,11 +297,11 @@ void OS_ReadKeys(keystore *keys)
             merror(AG_MAX_ERROR, __local_name, MAX_AGENTS -2);
             ErrorExit(CONFIG_ERROR, __local_name, KEYS_FILE);
         }
-
+        
         continue;
     }
-
-
+    
+    
     /* Closing key file. */
     fclose(fp);
 
@@ -344,12 +344,12 @@ void OS_FreeKeys(keystore *keys)
     keys->keysize = 0;
     keys->keyhash_id =NULL;
     keys->keyhash_ip = NULL;
-
-
+    
+    
     /* Sleeping to give time to other threads to stop using them. */
     sleep(1);
-
-
+    
+    
     /* Freeing the hashes */
     OSHash_Free(hashid);
     OSHash_Free(haship);
@@ -364,16 +364,16 @@ void OS_FreeKeys(keystore *keys)
                 free(keys->keyentries[i]->ip->ip);
                 free(keys->keyentries[i]->ip);
             }
-
-            if(keys->keyentries[i]->id)
+            
+            if(keys->keyentries[i]->id)    
                 free(keys->keyentries[i]->id);
-
+            
             if(keys->keyentries[i]->key)
                 free(keys->keyentries[i]->key);
 
             if(keys->keyentries[i]->name)
                 free(keys->keyentries[i]->name);
-
+                
             /* Closing counter */
             if(keys->keyentries[i]->fp)
                 fclose(keys->keyentries[i]->fp);
@@ -382,7 +382,7 @@ void OS_FreeKeys(keystore *keys)
             keys->keyentries[i] = NULL;
         }
     }
-
+    
     /* Freeing structure */
     free(keys->keyentries);
     keys->keyentries = NULL;
@@ -412,20 +412,20 @@ int OS_UpdateKeys(keystore *keys)
     {
         merror(ENCFILE_CHANGED, __local_name);
         debug1("%s: DEBUG: Freekeys", __local_name);
-
+        
         OS_FreeKeys(keys);
         debug1("%s: DEBUG: OS_ReadKeys", __local_name);
-
+        
         /* Reading keys */
         verbose(ENC_READ, __local_name);
 
-
+            
         OS_ReadKeys(keys);
         debug1("%s: DEBUG: OS_StartCounter", __local_name);
-
+        
         OS_StartCounter(keys);
         debug1("%s: DEBUG: OS_UpdateKeys completed", __local_name);
-
+        
         return(1);
     }
     return(0);
@@ -433,7 +433,7 @@ int OS_UpdateKeys(keystore *keys)
 
 
 /* OS_IsAllowedIP()
- * Checks if an IP address is allowed to connect.
+ * Checks if an IP address is allowed to connect. 
  */
 int OS_IsAllowedIP(keystore *keys, char *srcip)
 {
@@ -441,7 +441,7 @@ int OS_IsAllowedIP(keystore *keys, char *srcip)
 
     if(srcip == NULL)
         return(-1);
-
+   
     entry = OSHash_Get(keys->keyhash_ip, srcip);
     if(entry)
     {
@@ -477,7 +477,7 @@ int OS_IsAllowedID(keystore *keys, char *id)
 
     if(id == NULL)
         return(-1);
-
+   
     entry = OSHash_Get(keys->keyhash_id, id);
     if(entry)
     {
@@ -492,10 +492,10 @@ int OS_IsAllowedID(keystore *keys, char *id)
 int OS_IsAllowedDynamicID(keystore *keys, char *id, char *srcip)
 {
     keyentry *entry;
-
+    
     if(id == NULL)
         return(-1);
-
+    
     entry = OSHash_Get(keys->keyhash_id, id);
     if(entry)
     {
diff --git a/src/os_crypto/shared/msgs.c b/src/os_crypto/shared/msgs.c
index eab2a52..99a8229 100755
--- a/src/os_crypto/shared/msgs.c
+++ b/src/os_crypto/shared/msgs.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -51,11 +51,11 @@ void OS_StartCounter(keystore *keys)
     char rids_file[OS_FLSIZE +1];
 
     rids_file[OS_FLSIZE] = '\0';
-
+    
 
     debug1("%s: OS_StartCounter: keysize: %d", __local_name, keys->keysize);
-
-
+    
+    
     /* Starting receiving counter */
     for(i = 0; i<=keys->keysize; i++)
     {
@@ -84,7 +84,7 @@ void OS_StartCounter(keystore *keys)
             if(!keys->keyentries[i]->fp)
             {
                 int my_error = errno;
-
+                
                 /* Just in case we run out of file descriptiors */
                 if((keys->keyentries[i -1]->fp) && (i > 10))
                 {
@@ -96,7 +96,7 @@ void OS_StartCounter(keystore *keys)
                     }
                 }
 
-                merror("%s: Unable to open agent file. errno: %d",
+                merror("%s: Unable to open agent file. errno: %d", 
                        __local_name, my_error);
                 ErrorExit(FOPEN_ERROR, __local_name, rids_file);
             }
@@ -113,10 +113,10 @@ void OS_StartCounter(keystore *keys)
                 else
                 {
                     verbose("%s: INFO: No previous counter available for '%s'.",
-                                            __local_name,
+                                            __local_name, 
                                             keys->keyentries[i]->name);
                 }
-
+                
                 g_c = 0;
                 l_c = 0;
             }
@@ -132,7 +132,7 @@ void OS_StartCounter(keystore *keys)
             {
                 verbose("%s: INFO: Assigning counter for agent %s: '%d:%d'.",
                             __local_name, keys->keyentries[i]->name, g_c, l_c);
-
+                            
                 keys->keyentries[i]->global = g_c;
                 keys->keyentries[i]->local = l_c;
             }
@@ -196,7 +196,7 @@ void StoreCounter(keystore *keys, int id, int global, int local)
 }
 
 
-/* CheckSum v0.1: 2005/02/15
+/* CheckSum v0.1: 2005/02/15 
  * Verify the checksum of the message.
  * Returns NULL on error or the message on success.
  */
@@ -217,14 +217,14 @@ char *CheckSum(char *msg)
     {
         return(NULL);
     }
-
+    
     return(msg);
 }
 
 
 
 /* ReadSecMSG v0.2: 2005/02/10 */
-char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext,
+char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext, 
                                  int id, int buffer_size)
 {
     int cmp_size;
@@ -232,8 +232,8 @@ char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext,
     unsigned int msg_local = 0;
 
     char *f_msg;
-
-
+    
+    
     if(*buffer == ':')
     {
          buffer++;
@@ -243,10 +243,10 @@ char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext,
         merror(ENCFORMAT_ERROR, __local_name, keys->keyentries[id]->ip->ip);
         return(NULL);
     }
-
+    
     /* Decrypting message */
-    if(!OS_BF_Str(buffer, cleartext, keys->keyentries[id]->key,
-                  buffer_size, OS_DECRYPT))
+    if(!OS_BF_Str(buffer, cleartext, keys->keyentries[id]->key, 
+                  buffer_size, OS_DECRYPT)) 
     {
         merror(ENCKEY_ERROR, __local_name, keys->keyentries[id]->ip->ip);
         return(NULL);
@@ -266,7 +266,7 @@ char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext,
             cleartext++;
             buffer_size--;
         }
-
+        
         /* Uncompressing */
         cmp_size = os_uncompress(cleartext, buffer, buffer_size, OS_MAXSTR);
         if(!cmp_size)
@@ -302,7 +302,7 @@ char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext,
         msg_local = atoi(f_msg);
         f_msg+=5;
 
-
+        
         /* Returning the message if we don't need to verify the counbter. */
         if(!_s_verify_counter)
         {
@@ -312,7 +312,7 @@ char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext,
             if(rcv_count >= _s_recv_flush)
             {
                 StoreCounter(keys, id, msg_global, msg_local);
-                rcv_count = 0;
+                rcv_count = 0; 
             }
             rcv_count++;
             return(f_msg);
@@ -320,7 +320,7 @@ char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext,
 
 
         if((msg_global > keys->keyentries[id]->global)||
-           ((msg_global == keys->keyentries[id]->global) &&
+           ((msg_global == keys->keyentries[id]->global) && 
             (msg_local > keys->keyentries[id]->local)))
         {
             /* Updating currently counts */
@@ -418,7 +418,7 @@ char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext,
         }
 
         /* Checking if it is a duplicated message */
-        if((msg_count == keys->keyentries[id]->local) &&
+        if((msg_count == keys->keyentries[id]->local) && 
            (msg_time == keys->keyentries[id]->global))
         {
             return(NULL);
@@ -437,7 +437,7 @@ char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext,
         merror(ENCTIME_ERROR, __local_name, keys->keyentries[id]->name);
         return(NULL);
     }
-
+    
     merror(ENCFORMAT_ERROR, __local_name, keys->keyentries[id]->ip->ip);
     return(NULL);
 }
@@ -452,24 +452,24 @@ int CreateSecMSG(keystore *keys, char *msg, char *msg_encrypted, int id)
     int bfsize;
     int msg_size;
     int cmp_size;
-
+    
     u_int16_t rand1;
-
+    
     char _tmpmsg[OS_MAXSTR + 2];
     char _finmsg[OS_MAXSTR + 2];
-
+    
     os_md5 md5sum;
-
+    
     msg_size = strlen(msg);
-
-
+    
+    
     /* Checking for invalid msg sizes */
     if((msg_size > (OS_MAXSTR - OS_HEADER_SIZE))||(msg_size < 1))
     {
         merror(ENCSIZE_ERROR, __local_name, msg);
         return(0);
     }
-
+    
     /* Random number */
     rand1 = (u_int16_t)random();
 
@@ -477,7 +477,7 @@ int CreateSecMSG(keystore *keys, char *msg, char *msg_encrypted, int id)
     _tmpmsg[OS_MAXSTR +1] = '\0';
     _finmsg[OS_MAXSTR +1] = '\0';
     msg_encrypted[OS_MAXSTR] = '\0';
-
+   
 
     /* Increasing local and global counters */
     if(local_count >= 9997)
@@ -486,25 +486,25 @@ int CreateSecMSG(keystore *keys, char *msg, char *msg_encrypted, int id)
         global_count++;
     }
     local_count++;
-
-
+    
+    
     snprintf(_tmpmsg, OS_MAXSTR,"%05hu%010u:%04hu:%s",
                               rand1, global_count, local_count,
                               msg);
 
-
+    
     /* Generating md5sum of the unencrypted string */
     OS_MD5_Str(_tmpmsg, md5sum);
 
 
-
+    
     /* Generating final msg to be compressed */
     snprintf(_finmsg, OS_MAXSTR,"%s%s",md5sum,_tmpmsg);
     msg_size = strlen(_finmsg);
 
 
     /* Compressing message.
-     * We assing the first 8 bytes for padding.
+     * We assing the first 8 bytes for padding. 
      */
     cmp_size = os_compress(_finmsg, _tmpmsg + 8, msg_size, OS_MAXSTR - 12);
     if(!cmp_size)
@@ -513,7 +513,7 @@ int CreateSecMSG(keystore *keys, char *msg, char *msg_encrypted, int id)
         return(0);
     }
     cmp_size++;
-
+    
     /* Padding the message (needs to be div by 8) */
     bfsize = 8 - (cmp_size % 8);
     if(bfsize == 8)
@@ -538,7 +538,7 @@ int CreateSecMSG(keystore *keys, char *msg, char *msg_encrypted, int id)
     {
         verbose("%s: INFO: Event count after '%u': %u->%u (%d%%)", __local_name,
                     evt_count,
-                    c_orig_size,
+                    c_orig_size, 
                     c_comp_size,
                     (c_comp_size * 100)/c_orig_size);
         evt_count = 0;
@@ -546,10 +546,10 @@ int CreateSecMSG(keystore *keys, char *msg, char *msg_encrypted, int id)
         c_comp_size = 0;
     }
     evt_count++;
-
+    
     /* If the ip is dynamic (not single host, append agent id
      * to the message.
-     */
+     */ 
     if(!isSingleHost(keys->keyentries[id]->ip) && isAgent)
     {
         snprintf(msg_encrypted, 16, "!%s!:", keys->keyentries[id]->id);
@@ -567,13 +567,13 @@ int CreateSecMSG(keystore *keys, char *msg, char *msg_encrypted, int id)
      * appended to the buffer. On dynamic ips, it will
      * include the agent id.
      */
-
+    
     /* Encrypting everything */
-    OS_BF_Str(_tmpmsg + (7 - bfsize), msg_encrypted + msg_size,
-                                      keys->keyentries[id]->key,
-                                      cmp_size,
+    OS_BF_Str(_tmpmsg + (7 - bfsize), msg_encrypted + msg_size, 
+                                      keys->keyentries[id]->key, 
+                                      cmp_size, 
                                       OS_ENCRYPT);
-
+    
 
     /* Storing before leaving */
     StoreSenderCounter(keys, global_count, local_count);
diff --git a/src/os_csyslogd/._Makefile b/src/os_csyslogd/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_csyslogd/._Makefile differ
diff --git a/src/os_csyslogd/._alert.c b/src/os_csyslogd/._alert.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_csyslogd/._alert.c differ
diff --git a/src/os_csyslogd/._config.c b/src/os_csyslogd/._config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_csyslogd/._config.c differ
diff --git a/src/os_csyslogd/._csyslogd.c b/src/os_csyslogd/._csyslogd.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_csyslogd/._csyslogd.c differ
diff --git a/src/os_csyslogd/._csyslogd.h b/src/os_csyslogd/._csyslogd.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_csyslogd/._csyslogd.h differ
diff --git a/src/os_csyslogd/._main.c b/src/os_csyslogd/._main.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_csyslogd/._main.c differ
diff --git a/src/os_csyslogd/alert.c b/src/os_csyslogd/alert.c
index f271cb5..33a9907 100755
--- a/src/os_csyslogd/alert.c
+++ b/src/os_csyslogd/alert.c
@@ -117,12 +117,8 @@ int OS_Alert_SendSyslog(alert_data *al_data, SyslogConfig *syslog_config)
 
 
     /* Remove the double quotes from "dangerous" fields */
-    if( (json_safe_comment = os_strip_char(al_data->comment, '"')) == NULL ) {
-        return(0);
-    }
-    if( (json_safe_message = os_strip_char(al_data->log[0], '"')) == NULL ) {
-        return(0);
-    }
+    json_safe_comment = os_strip_char(al_data->comment, '"');
+    json_safe_message = os_strip_char(al_data->log[0], '"');
 
     /* Inserting data */
     if(syslog_config->format == DEFAULT_CSYSLOG)
@@ -171,12 +167,6 @@ int OS_Alert_SendSyslog(alert_data *al_data, SyslogConfig *syslog_config)
         field_add_string(syslog_msg, OS_SIZE_2048, " suser=%s", al_data->user );
         field_add_string(syslog_msg, OS_SIZE_2048, " dst=%s", al_data->dstip );
         field_add_truncated(syslog_msg, OS_SIZE_2048, " msg=%s", al_data->log[0], 2 );
-        if (al_data->new_md5 && al_data->new_sha1) {
-            field_add_string(syslog_msg, OS_SIZE_2048, " Previous MD5: %s", al_data->old_md5 );
-            field_add_string(syslog_msg, OS_SIZE_2048, " Current MD5: %s", al_data->new_md5 );
-            field_add_string(syslog_msg, OS_SIZE_2048, " Previous SHA1: %s", al_data->old_sha1 );
-            field_add_string(syslog_msg, OS_SIZE_2048, " Current SHA1: %s", al_data->new_sha1 );
-        }
     }
     else if(syslog_config->format == JSON_CSYSLOG)
     {
diff --git a/src/os_csyslogd/config.c b/src/os_csyslogd/config.c
index 91770e1..f5ade46 100755
--- a/src/os_csyslogd/config.c
+++ b/src/os_csyslogd/config.c
@@ -19,11 +19,11 @@
 #include "config/config.h"
 
 
-/** void *OS_SyslogConf(int test_config, char *cfgfile,
+/** void *OS_SyslogConf(int test_config, char *cfgfile, 
                         SyslogConfig **syslog_config)
  * Reads configuration.
  */
-void *OS_ReadSyslogConf(int test_config, char *cfgfile,
+void *OS_ReadSyslogConf(int test_config, char *cfgfile, 
                         SyslogConfig **syslog_config)
 {
     int modules = 0;
@@ -34,15 +34,15 @@ void *OS_ReadSyslogConf(int test_config, char *cfgfile,
     modules|= CSYSLOGD;
     gen_config.data = syslog_config;
 
-
+    
     /* Reading configuration */
     if(ReadConfig(modules, cfgfile, &gen_config, NULL) < 0)
     {
         ErrorExit(CONFIG_ERROR, ARGV0, cfgfile);
         return(NULL);
-    }
-
+    }    
 
+    
     syslog_config = gen_config.data;
 
     return(syslog_config);
diff --git a/src/os_csyslogd/csyslogd.c b/src/os_csyslogd/csyslogd.c
index 1a5a0aa..d0eff9a 100755
--- a/src/os_csyslogd/csyslogd.c
+++ b/src/os_csyslogd/csyslogd.c
@@ -15,12 +15,16 @@
 
 
 
-#include "shared.h"
-
+/* strnlen is a GNU extension */
+#ifdef __linux__
+ #define _GNU_SOURCE
+ #include <string.h>
+#endif
 #include "csyslogd.h"
 #include "os_net/os_net.h"
 
 
+
 /* OS_SyslogD: Monitor the alerts and sends them via syslog.
  * Only return in case of error.
  */
@@ -29,7 +33,6 @@ void OS_CSyslogD(SyslogConfig **syslog_config)
     int s = 0;
     time_t tm;
     struct tm *p;
-    int tries = 0;
 
     file_queue *fileq;
     alert_data *al_data;
@@ -42,17 +45,7 @@ void OS_CSyslogD(SyslogConfig **syslog_config)
 
     /* Initating file queue - to read the alerts */
     os_calloc(1, sizeof(file_queue), fileq);
-    while( (Init_FileQueue(fileq, p, 0) ) < 0 ) {
-        tries++;
-        if( tries > OS_CSYSLOGD_MAX_TRIES ) {
-            merror("%s: ERROR: Could not open queue after %d tries, exiting!",
-                   ARGV0, tries
-            );
-            exit(1);
-        }
-        sleep(1);
-    }
-    debug1("%s: INFO: File queue connected.", ARGV0 );
+    Init_FileQueue(fileq, p, 0);
 
 
     /* Connecting to syslog. */
@@ -110,7 +103,7 @@ void OS_CSyslogD(SyslogConfig **syslog_config)
 int field_add_string(char *dest, int size, const char *format, const char *value ) {
     char buffer[OS_SIZE_2048];
     int len = 0;
-    int dest_sz = size - strlen(dest); 
+    int dest_sz = size - strnlen(dest, OS_SIZE_2048);
 
     if(dest_sz <= 0 ) {
         // Not enough room in the buffer
@@ -135,7 +128,7 @@ int field_add_string(char *dest, int size, const char *format, const char *value
 int field_add_truncated(char *dest, int size, const char *format, const char *value, int fmt_size ) {
     char buffer[OS_SIZE_2048];
 
-    int available_sz = size - strlen(dest);
+    int available_sz = size - strnlen(dest, OS_SIZE_2048);
     int total_sz = strlen(value) + strlen(format) - fmt_size;
     int field_sz = available_sz - strlen(format) + fmt_size;
 
@@ -155,27 +148,24 @@ int field_add_truncated(char *dest, int size, const char *format, const char *va
                 ((value[0] != 'u') && (value[1] != 'n') && (value[4] != 'k'))
             )
     ) {
+        if( (truncated=malloc(field_sz)) == NULL ) {
+            // Memory error
+            return -3;
+        }
 
-        if( (truncated=malloc(field_sz + 1)) != NULL ) {
-            if( total_sz > available_sz ) {
-                // Truncate and add a trailer
-                os_substr(truncated, value, 0, field_sz - strlen(trailer));
-                strcat(truncated, trailer);
-            }
-            else {
-                strncpy(truncated,value,field_sz);
-            }
-
-            len = snprintf(buffer, available_sz, format, truncated);
-            strncat(dest, buffer, available_sz);
+        if( total_sz > available_sz ) {
+            // Truncate and add a trailer
+            os_substr(truncated, value, 0, field_sz - strlen(trailer) - 1);
+            strcat(truncated, trailer);
         }
         else {
-            // Memory Error
-            len = -3;
+            strncpy(truncated,value,field_sz);
         }
+
+        len = snprintf(buffer, available_sz, format, truncated);
+        strncat(dest, buffer, available_sz);
+        free(truncated);
     }
-    // Free the temporary pointer
-    free(truncated);
 
     return len;
 }
@@ -184,7 +174,7 @@ int field_add_truncated(char *dest, int size, const char *format, const char *va
 int field_add_int(char *dest, int size, const char *format, const int value ) {
     char buffer[255];
     int len = 0;
-    int dest_sz = size - strlen(dest);
+    int dest_sz = size - strnlen(dest, OS_SIZE_2048);
 
     if(dest_sz <= 0 ) {
         // Not enough room in the buffer
diff --git a/src/os_csyslogd/csyslogd.h b/src/os_csyslogd/csyslogd.h
index 28435c9..784d903 100755
--- a/src/os_csyslogd/csyslogd.h
+++ b/src/os_csyslogd/csyslogd.h
@@ -20,7 +20,6 @@
 
 #include "config/csyslogd-config.h"
 
-#define OS_CSYSLOGD_MAX_TRIES 10
 
 /** Prototypes **/
 
diff --git a/src/os_csyslogd/main.c b/src/os_csyslogd/main.c
index df3dd5a..77c0859 100755
--- a/src/os_csyslogd/main.c
+++ b/src/os_csyslogd/main.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -36,7 +36,7 @@ int main(int argc, char **argv)
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
+        
 
     while((c = getopt(argc, argv, "vVdhtfu:g:D:c:")) != -1){
         switch(c){
@@ -45,7 +45,7 @@ int main(int argc, char **argv)
                 break;
             case 'v':
                 print_version();
-                break;
+                break;    
             case 'h':
                 help(ARGV0);
                 break;
@@ -69,14 +69,13 @@ int main(int argc, char **argv)
                 if(!optarg)
                     ErrorExit("%s: -D needs an argument",ARGV0);
                 dir=optarg;
-                break;
             case 'c':
                 if(!optarg)
                     ErrorExit("%s: -c needs an argument",ARGV0);
                 cfg = optarg;
                 break;
             case 't':
-                test_config = 1;
+                test_config = 1;    
                 break;
             default:
                 help(ARGV0);
@@ -87,7 +86,7 @@ int main(int argc, char **argv)
 
 
     /* Starting daemon */
-    merror(STARTED_MSG, ARGV0);
+    debug1(STARTED_MSG, ARGV0);
 
 
     /* Check if the user/group given are valid */
@@ -118,14 +117,14 @@ int main(int argc, char **argv)
         if(ltmp)
             *ltmp = '\0';
     }
-
+                                        
 
     /* Exit here if test config is set */
     if(test_config)
         exit(0);
-
-
-    if (!run_foreground)
+        
+        
+    if (!run_foreground) 
     {
         /* Going on daemon mode */
         nowDaemon();
@@ -133,7 +132,7 @@ int main(int argc, char **argv)
     }
 
 
-
+    
     /* Not configured */
     if(!syslog_config || !syslog_config[0])
     {
@@ -142,13 +141,13 @@ int main(int argc, char **argv)
         exit(0);
     }
 
-
+    
 
     /* Privilege separation */	
     if(Privsep_SetGroup(gid) < 0)
         ErrorExit(SETGID_ERROR,ARGV0,group);
 
-
+    
     /* chrooting */
     if(Privsep_Chroot(dir) < 0)
         ErrorExit(CHROOT_ERROR,ARGV0,dir);
@@ -158,8 +157,8 @@ int main(int argc, char **argv)
     nowChroot();
 
 
-
-    /* Changing user */
+    
+    /* Changing user */        
     if(Privsep_SetUser(uid) < 0)
         ErrorExit(SETUID_ERROR,ARGV0,user);
 
@@ -171,15 +170,15 @@ int main(int argc, char **argv)
     /* Signal manipulation */
     StartSIG(ARGV0);
 
-
+    
     /* Creating PID files */
     if(CreatePID(ARGV0, getpid()) < 0)
         ErrorExit(PID_ERROR, ARGV0);
 
-
+    
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, (int)getpid());
-
+    
 
     /* the real daemon now */	
     OS_CSyslogD(syslog_config);
diff --git a/src/os_dbd/._Makefile b/src/os_dbd/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._Makefile differ
diff --git a/src/os_dbd/._README b/src/os_dbd/._README
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._README differ
diff --git a/src/os_dbd/._alert.c b/src/os_dbd/._alert.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._alert.c differ
diff --git a/src/os_dbd/._config.c b/src/os_dbd/._config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._config.c differ
diff --git a/src/os_dbd/._db_op.c b/src/os_dbd/._db_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._db_op.c differ
diff --git a/src/os_dbd/._db_op.h b/src/os_dbd/._db_op.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._db_op.h differ
diff --git a/src/os_dbd/._dbd.c b/src/os_dbd/._dbd.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._dbd.c differ
diff --git a/src/os_dbd/._dbd.h b/src/os_dbd/._dbd.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._dbd.h differ
diff --git a/src/os_dbd/._dbmake.sh b/src/os_dbd/._dbmake.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._dbmake.sh differ
diff --git a/src/os_dbd/._main.c b/src/os_dbd/._main.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._main.c differ
diff --git a/src/os_dbd/._mysql.schema b/src/os_dbd/._mysql.schema
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._mysql.schema differ
diff --git a/src/os_dbd/._postgresql.schema b/src/os_dbd/._postgresql.schema
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._postgresql.schema differ
diff --git a/src/os_dbd/._rules.c b/src/os_dbd/._rules.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._rules.c differ
diff --git a/src/os_dbd/._server.c b/src/os_dbd/._server.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_dbd/._server.c differ
diff --git a/src/os_dbd/alert.c b/src/os_dbd/alert.c
index cb3842b..da33e16 100755
--- a/src/os_dbd/alert.c
+++ b/src/os_dbd/alert.c
@@ -79,7 +79,7 @@ int __DBSelectLocation(char *location, DBConfig *db_config)
 int __DBInsertLocation(char *location, DBConfig *db_config)
 {
     char sql_query[OS_SIZE_1024];
-
+    
     memset(sql_query, '\0', OS_SIZE_1024);
 
     /* Generating SQL */
@@ -118,7 +118,7 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
     /* Clearing the memory before insert */
     sql_query[0] = '\0';
     sql_query[OS_SIZE_8192] = '\0';
-
+    
 
     /* Converting srcip to int */
     if(al_data->srcip)
@@ -157,8 +157,8 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
 
     /* We first need to insert the location */
     loc_id = OSHash_Get(db_config->location_hash, al_data->location);
-
-
+    
+    
     /* If we dont have location id, we must select and/or insert in the db */
     if(!loc_id)
     {
@@ -172,7 +172,7 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
 
         if(!location_id)
         {
-            merror("%s: Unable to insert location: '%s'.",
+            merror("%s: Unable to insert location: '%s'.", 
                    ARGV0, al_data->location);
             return(0);
         }
@@ -183,7 +183,7 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
         *loc_id = location_id;
         OSHash_Add(db_config->location_hash, al_data->location, loc_id);
     }
-
+    
 
     i = 0;
     while(al_data->log[i])
@@ -191,10 +191,10 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
         long len = strlen(al_data->log[i]);
         char templog[len+2];
         if (al_data->log[i+1]) {
-            snprintf(templog, len+2, "%s\n", al_data->log[i]);
+            snprintf(templog, len, "%s\n", al_data->log[i]);
         }
         else {
-            snprintf(templog, len+1, "%s", al_data->log[i]);
+            snprintf(templog, len, "%s", al_data->log[i]);
         }
         fulllog = os_LoadString(fulllog, templog);
 //      fulllog = os_LoadString(fulllog, al_data->log[i]);
@@ -217,7 +217,7 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
                 "INSERT INTO "
                 "data(id, server_id, \"user\", full_log) "
                 "VALUES ('%u', '%u', '%s', '%s') ",
-                db_config->alert_id, db_config->server_id,
+                db_config->alert_id, db_config->server_id, 
                 al_data->user, fulllog);
     }
     else
@@ -226,20 +226,20 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
                 "INSERT INTO "
                 "data(id, server_id, user, full_log) "
                 "VALUES ('%u', '%u', '%s', '%s') ",
-                db_config->alert_id, db_config->server_id,
+                db_config->alert_id, db_config->server_id, 
                 al_data->user, fulllog);
     }
 
     free(fulllog);
     fulllog = NULL;
-
-
+    
+    
     /* Inserting into the db */
     if(!osdb_query_insert(db_config->conn, sql_query))
     {
         merror(DB_GENERROR, ARGV0);
     }
-
+                                
 
 
     /* Generating final SQL */
@@ -260,7 +260,7 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
         merror(DB_GENERROR, ARGV0);
     }
 
-
+    
     db_config->alert_id++;
     return(1);
 }
diff --git a/src/os_dbd/config.c b/src/os_dbd/config.c
index 9fed903..6ea78e9 100755
--- a/src/os_dbd/config.c
+++ b/src/os_dbd/config.c
@@ -32,7 +32,7 @@ int OS_ReadDBConf(int test_config, char *cfgfile, DBConfig *db_config)
     modules|= CDBD;
     modules|= CRULES;
 
-
+    
     /* Allocating config just to get the rules. */
     os_calloc(1, sizeof(_Config), tmp_config);
 
@@ -54,7 +54,7 @@ int OS_ReadDBConf(int test_config, char *cfgfile, DBConfig *db_config)
     if(ReadConfig(modules, cfgfile, tmp_config, db_config) < 0)
         return(OS_INVALID);
 
-
+    
     /* Here, we assign the rules to db_config and free the rest
      * of the Config.
      */
@@ -73,7 +73,7 @@ int OS_ReadDBConf(int test_config, char *cfgfile, DBConfig *db_config)
     {
         return(0);
     }
-
+    
 
     /* Checking for a valid config. */
     if(!db_config->host ||
@@ -98,7 +98,7 @@ int OS_ReadDBConf(int test_config, char *cfgfile, DBConfig *db_config)
         osdb_close = mysql_osdb_close;
     }
     #endif
-
+    
     #ifdef UPOSTGRES
     if(db_config->db_type == POSTGDB)
     {
@@ -117,17 +117,17 @@ int OS_ReadDBConf(int test_config, char *cfgfile, DBConfig *db_config)
     {
         #ifndef UMYSQL
         merror(DB_COMPILED, ARGV0, "mysql");
-        return(OS_INVALID);
+        return(OS_INVALID); 
         #endif
     }
     else if(db_config->db_type == POSTGDB)
     {
         #ifndef UPOSTGRES
         merror(DB_COMPILED, ARGV0, "postgresql");
-        return(OS_INVALID);
+        return(OS_INVALID); 
         #endif
     }
-
+    
 
     if(osdb_connect == NULL)
     {
diff --git a/src/os_dbd/db_op.c b/src/os_dbd/db_op.c
index df73ade..cfbea52 100755
--- a/src/os_dbd/db_op.c
+++ b/src/os_dbd/db_op.c
@@ -12,7 +12,7 @@
  * License details at the LICENSE file included with OSSEC or
  * online at: http://www.ossec.net/en/licensing.html
  */
-
+          
 
 /* Common lib for dealing with databases */
 
@@ -47,7 +47,7 @@ void osdb_escapestr(char *str)
     {
         return;
     }
-
+    
     while(*str)
     {
         if(*str == '\'')
@@ -85,27 +85,27 @@ void osdb_checkerror()
         ErrorExit(DB_MAINERROR, ARGV0);
     }
 
-
+    
     /* If error count is too large, we try to reconnect. */
     if(db_config_pt->error_count > 0)
     {
         int i = 0;
         if(db_config_pt->conn)
         {
-            osdb_close(db_config_pt->conn);
+            osdb_close(db_config_pt->conn);       
             db_config_pt->conn = NULL;
         }
 
         while(i <= db_config_pt->maxreconnect)
         {
             merror(DB_ATTEMPT, ARGV0);
-            db_config_pt->conn = osdb_connect(db_config_pt->host,
+            db_config_pt->conn = osdb_connect(db_config_pt->host, 
                                               db_config_pt->user,
-                                              db_config_pt->pass,
+                                              db_config_pt->pass, 
                                               db_config_pt->db,
                                               db_config_pt->port,
                                               db_config_pt->sock);
-
+            
             /* If we were able to reconnect, keep going. */
             if(db_config_pt->conn)
             {
@@ -122,11 +122,11 @@ void osdb_checkerror()
         {
             ErrorExit(DB_MAINERROR, ARGV0);
         }
-
-
+        
+        
         verbose("%s: Connected to database '%s' at '%s'.",
                 ARGV0, db_config_pt->db, db_config_pt->host);
-
+        
     }
 }
 
@@ -183,8 +183,8 @@ void *mysql_osdb_connect(char *host, char *user, char *pass, char *db,
             unsigned int p_type = MYSQL_PROTOCOL_TCP;
             mysql_options(conn, MYSQL_OPT_PROTOCOL, (char *)&p_type);
         }
-    }
-    if(mysql_real_connect(conn, host, user, pass, db,
+    }    
+    if(mysql_real_connect(conn, host, user, pass, db, 
                           port, sock, 0) == NULL)
     {
         merror(DBCONN_ERROR, ARGV0, host, db, mysql_error(conn));
@@ -209,7 +209,7 @@ void *mysql_osdb_close(void *db_conn)
 
 
 /** int mysql_osdb_query_insert(void *db_conn, char *query)
- * Sends insert query to database.
+ * Sends insert query to database. 
  */
 int mysql_osdb_query_insert(void *db_conn, char *query)
 {
@@ -235,7 +235,7 @@ int mysql_osdb_query_select(void *db_conn, char *query)
     int result_int = 0;
     MYSQL_RES *result_data;
     MYSQL_ROW result_row;
-
+    
 
     /* Sending the query. It can not fail. */
     if(mysql_query(db_conn, query) != 0)
@@ -246,7 +246,7 @@ int mysql_osdb_query_select(void *db_conn, char *query)
         return(0);
     }
 
-
+    
     /* Getting result */
     result_data = mysql_use_result(db_conn);
     if(result_data == NULL)
@@ -256,7 +256,7 @@ int mysql_osdb_query_select(void *db_conn, char *query)
         osdb_seterror();
         return(0);
     }
-
+    
 
     /* Getting row. We only care about the first result. */
     result_row = mysql_fetch_row(result_data);
@@ -264,7 +264,7 @@ int mysql_osdb_query_select(void *db_conn, char *query)
     {
         result_int = atoi(result_row[0]);
     }
-
+    
 
     mysql_free_result(result_data);
 
@@ -281,11 +281,11 @@ int mysql_osdb_query_select(void *db_conn, char *query)
 #if defined UPOSTGRES
 
 
-/** void *postgresql_osdb_connect(char *host, char *user, char *pass, char *db)
- * Create the PostgreSQL database connection.
+/** void *postgresql_osdb_connect(char *host, char *user, char *pass, char *db) 
+ * Create the PostgreSQL database connection. 
  * Return NULL on error
  */
-void *postgresql_osdb_connect(char *host, char *user, char *pass, char *db,
+void *postgresql_osdb_connect(char *host, char *user, char *pass, char *db, 
                               int port, char *sock)
 {
     PGconn *conn;
@@ -317,13 +317,13 @@ void *postgresql_osdb_close(void *db_conn)
 
 
 /** int postgresql_osdb_query_insert(void *db_conn, char *query)
- * Sends insert query to database.
+ * Sends insert query to database. 
  */
 int postgresql_osdb_query_insert(void *db_conn, char *query)
 {
     PGresult *result;
-
-
+    
+    
     result = PQexec(db_conn,query);
     if(!result)
     {
@@ -331,8 +331,8 @@ int postgresql_osdb_query_insert(void *db_conn, char *query)
         osdb_seterror();
         return(0);
     }
-
-
+    
+    
     if(PQresultStatus(result) != PGRES_COMMAND_OK)
     {
         merror(DBQUERY_ERROR, ARGV0, query, PQerrorMessage(db_conn));
@@ -341,7 +341,7 @@ int postgresql_osdb_query_insert(void *db_conn, char *query)
         return(0);
     }
 
-
+    
     PQclear(result);
     return(1);
 }
@@ -364,7 +364,7 @@ int postgresql_osdb_query_select(void *db_conn, char *query)
         osdb_seterror();
         return(0);
     }
-
+    
     if((PQresultStatus(result) == PGRES_TUPLES_OK))
     {
         if(PQntuples(result) == 1)
@@ -396,7 +396,7 @@ int postgresql_osdb_query_select(void *db_conn, char *query)
 
 
 
-void *none_osdb_connect(char *host, char *user, char *pass, char *db,
+void *none_osdb_connect(char *host, char *user, char *pass, char *db, 
                         int port, char *sock)
 {
     char *tmp;
@@ -404,8 +404,8 @@ void *none_osdb_connect(char *host, char *user, char *pass, char *db,
 
     /* Just to avoid warnings. */
     tmp = host; tmp = user; tmp = pass; tmp = db;
-
-
+    
+    
     merror("%s: ERROR: Database support not enabled. Exiting.", ARGV0);
     return(NULL);
 }
@@ -431,7 +431,7 @@ void *none_osdb_query_select(void *db_conn, char *query)
     void *tmp;
 
     tmp = db_conn; tmp = query;
-
+    
     merror("%s: ERROR: Database support not enabled. Exiting.", ARGV0);
     return(0);
 }
diff --git a/src/os_dbd/db_op.h b/src/os_dbd/db_op.h
index a6031fc..2458e80 100755
--- a/src/os_dbd/db_op.h
+++ b/src/os_dbd/db_op.h
@@ -12,7 +12,7 @@
  * License details at the LICENSE file included with OSSEC or
  * online at: http://www.ossec.net/en/licensing.html
  */
-
+ 
 /* Common API for dealing with databases */
 
 
diff --git a/src/os_dbd/dbd.c b/src/os_dbd/dbd.c
index dff139c..8bc1ab1 100755
--- a/src/os_dbd/dbd.c
+++ b/src/os_dbd/dbd.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -32,8 +32,8 @@
  */
 void OS_DBD(DBConfig *db_config)
 {
-    time_t tm;
-    struct tm *p;
+    time_t tm;     
+    struct tm *p;       
 
     file_queue *fileq;
     alert_data *al_data;
diff --git a/src/os_dbd/dbd.h b/src/os_dbd/dbd.h
index 0defbfb..40ef2bf 100755
--- a/src/os_dbd/dbd.h
+++ b/src/os_dbd/dbd.h
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -31,7 +31,7 @@ int OS_ReadDBConf(int test_config, char *cfgfile, DBConfig *db_config);
 
 /* Inserts server info to the db. */
 int OS_Server_ReadInsertDB(void *db_config);
-
+   
 
 /* Insert rules in to the database */
 int OS_InsertRulesDB(DBConfig *db_config);
diff --git a/src/os_dbd/main.c b/src/os_dbd/main.c
index 6e0b2a2..a2415b8 100755
--- a/src/os_dbd/main.c
+++ b/src/os_dbd/main.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -31,7 +31,7 @@ void db_info()
 {
     print_out(" ");
     print_out("%s %s - %s", __name, __version, __author);
-
+    
     #ifdef UMYSQL
     print_out("Compiled with MySQL support.");
     #endif
@@ -43,7 +43,7 @@ void db_info()
     #if !defined(UMYSQL) && !defined(UPOSTGRES)
     print_out("Compiled without any Database support.");
     #endif
-
+    
     print_out(" ");
     print_out("%s",__license);
 
@@ -71,7 +71,7 @@ int main(int argc, char **argv)
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
+        
 
     while((c = getopt(argc, argv, "vVdhtfu:g:D:c:")) != -1){
         switch(c){
@@ -80,7 +80,7 @@ int main(int argc, char **argv)
                 break;
             case 'v':
                 db_info();
-                break;
+                break;    
             case 'h':
                 help(ARGV0);
                 break;
@@ -104,14 +104,13 @@ int main(int argc, char **argv)
                 if(!optarg)
                     ErrorExit("%s: -D needs an argument",ARGV0);
                 dir=optarg;
-                break;
             case 'c':
                 if(!optarg)
                     ErrorExit("%s: -c needs an argument",ARGV0);
                 cfg = optarg;
                 break;
             case 't':
-                test_config = 1;
+                test_config = 1;    
                 break;
             default:
                 help(ARGV0);
@@ -144,9 +143,9 @@ int main(int argc, char **argv)
     /* Exit here if test config is set */
     if(test_config)
         exit(0);
-
-
-    if(!run_foreground)
+        
+        
+    if(!run_foreground) 
     {
         /* Going on daemon mode */
         nowDaemon();
@@ -154,7 +153,7 @@ int main(int argc, char **argv)
     }
 
 
-
+    
     /* Not configured */
     if(c == 0)
     {
@@ -162,10 +161,10 @@ int main(int argc, char **argv)
         exit(0);
     }
 
-
+    
     /* Maybe disable this debug? */
     debug1("%s: DEBUG: Connecting to '%s', using '%s', '%s', '%s', %d,'%s'.",
-           ARGV0, db_config.host, db_config.user,
+           ARGV0, db_config.host, db_config.user, 
            db_config.pass, db_config.db,db_config.port,db_config.sock);
 
 
@@ -176,13 +175,13 @@ int main(int argc, char **argv)
     /* Getting maximum reconned attempts */
     db_config.maxreconnect = getDefine_Int("dbd",
                                            "reconnect_attempts", 1, 9999);
-
-
+    
+    
     /* Connecting to the database */
     c = 0;
     while(c <= (db_config.maxreconnect * 10))
     {
-        db_config.conn = osdb_connect(db_config.host, db_config.user,
+        db_config.conn = osdb_connect(db_config.host, db_config.user, 
                                       db_config.pass, db_config.db,
                                       db_config.port,db_config.sock);
 
@@ -194,7 +193,7 @@ int main(int argc, char **argv)
 
         c++;
         sleep(c * 60);
-
+        
     }
 
 
@@ -204,18 +203,18 @@ int main(int argc, char **argv)
         merror(DB_CONFIGERR, ARGV0);
         ErrorExit(CONFIG_ERROR, ARGV0, cfg);
     }
-
+    
 
     /* We must notify that we connected -- easy debugging */
-    verbose("%s: Connected to database '%s' at '%s'.",
+    verbose("%s: Connected to database '%s' at '%s'.", 
             ARGV0, db_config.db, db_config.host);
 
-
+    
     /* Privilege separation */	
     if(Privsep_SetGroup(gid) < 0)
         ErrorExit(SETGID_ERROR,ARGV0,group);
 
-
+    
     /* chrooting */
     if(Privsep_Chroot(dir) < 0)
         ErrorExit(CHROOT_ERROR,ARGV0,dir);
@@ -239,8 +238,8 @@ int main(int argc, char **argv)
         ErrorExit(CONFIG_ERROR, ARGV0, cfg);
     }
 
-
-    /* Changing user */
+    
+    /* Changing user */        
     if(Privsep_SetUser(uid) < 0)
         ErrorExit(SETUID_ERROR,ARGV0,user);
 
@@ -252,15 +251,15 @@ int main(int argc, char **argv)
     /* Signal manipulation */
     StartSIG(ARGV0);
 
-
+    
     /* Creating PID files */
     if(CreatePID(ARGV0, getpid()) < 0)
         ErrorExit(PID_ERROR,ARGV0);
 
-
+    
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, (int)getpid());
-
+    
 
     /* the real daemon now */	
     OS_DBD(&db_config);
diff --git a/src/os_dbd/rules.c b/src/os_dbd/rules.c
index bce942a..eae49ab 100755
--- a/src/os_dbd/rules.c
+++ b/src/os_dbd/rules.c
@@ -52,7 +52,7 @@ int __Groups_SelectGroup(char *group, DBConfig *db_config)
 int __Groups_InsertGroup(char *group, DBConfig *db_config)
 {
     char sql_query[OS_SIZE_1024];
-
+    
     memset(sql_query, '\0', OS_SIZE_1024);
 
     /* Generating SQL */
@@ -137,7 +137,7 @@ void _Groups_ReadInsertDB(RuleInfo *rule, DBConfig *db_config)
     char *tmp_group;
     char *tmp_str;
 
-
+    
     debug1("%s: DEBUG: entering _Groups_ReadInsertDB", ARGV0);
 
 
@@ -146,7 +146,7 @@ void _Groups_ReadInsertDB(RuleInfo *rule, DBConfig *db_config)
     {
         return;
     }
-
+    
     tmp_str = strchr(rule->group, ',');
     tmp_group = rule->group;
 
@@ -164,7 +164,7 @@ void _Groups_ReadInsertDB(RuleInfo *rule, DBConfig *db_config)
         while(*tmp_group == ' ')
             tmp_group++;
 
-
+        
         /* Checking for empty group */
         if(*tmp_group == '\0')
         {
@@ -201,7 +201,7 @@ void _Groups_ReadInsertDB(RuleInfo *rule, DBConfig *db_config)
             }
         }
 
-
+        
         /* Getting next category */
         tmp_group = tmp_str;
         if(tmp_group)
@@ -209,7 +209,7 @@ void _Groups_ReadInsertDB(RuleInfo *rule, DBConfig *db_config)
             tmp_str = strchr(tmp_group, ',');
         }
     }
-
+    
     return;
 }
 
@@ -224,7 +224,7 @@ void *_Rules_ReadInsertDB(RuleInfo *rule, void *db_config)
     char sql_query[OS_SIZE_1024];
     memset(sql_query, '\0', OS_SIZE_1024);
 
-
+    
     /* Escaping strings */
     osdb_escapestr(rule->group);
     osdb_escapestr(rule->comment);
@@ -235,11 +235,11 @@ void *_Rules_ReadInsertDB(RuleInfo *rule, void *db_config)
         rule->level = 20;
     if(rule->level < 0)
         rule->level = 0;
-
-
+    
+    
     debug1("%s: DEBUG: entering _Rules_ReadInsertDB()", ARGV0);
-
-
+    
+    
     /* Checking rule limit */
     if(rule->sigid < 0 || rule->sigid > 9999999)
     {
@@ -250,18 +250,18 @@ void *_Rules_ReadInsertDB(RuleInfo *rule, void *db_config)
 
     /* Inserting group into the signature mapping */
     _Groups_ReadInsertDB(rule, db_config);
-
-
-
+    
+    
+    
     debug2("%s: DEBUG: Inserting: %d", ARGV0, rule->sigid);
 
-
+    
     /* Generating SQL */
     snprintf(sql_query, OS_SIZE_1024 -1,
              "SELECT id FROM signature "
              "where rule_id = %u",
              rule->sigid);
-
+    
     if(osdb_query_select(dbc->conn, sql_query) == 0)
     {
         snprintf(sql_query, OS_SIZE_1024 -1,
@@ -278,7 +278,7 @@ void *_Rules_ReadInsertDB(RuleInfo *rule, void *db_config)
                 rule->level, rule->comment,rule->sigid);
     }
 
-
+    
     /* Checking return code. */
     if(!osdb_query_insert(dbc->conn, sql_query))
     {
@@ -292,12 +292,12 @@ void *_Rules_ReadInsertDB(RuleInfo *rule, void *db_config)
 int OS_InsertRulesDB(DBConfig *db_config)
 {
     char **rulesfiles;
-
+    
     rulesfiles = db_config->includes;
     while(rulesfiles && *rulesfiles)
     {
         debug1("%s: Reading rules file: '%s'", ARGV0, *rulesfiles);
-
+        
         if(OS_ReadXMLRules(*rulesfiles, _Rules_ReadInsertDB, db_config) < 0)
         {
             merror(RULES_ERROR, ARGV0, *rulesfiles);
diff --git a/src/os_dbd/server.c b/src/os_dbd/server.c
index 0f9f855..08c1466 100755
--- a/src/os_dbd/server.c
+++ b/src/os_dbd/server.c
@@ -51,14 +51,14 @@ int __DBSelectServer(char *server, DBConfig *db_config)
 int __DBInsertServer(char *server, char *info, DBConfig *db_config)
 {
     char sql_query[OS_SIZE_1024];
-
+    
     memset(sql_query, '\0', OS_SIZE_1024);
 
     /* Checking if the server is present */
     snprintf(sql_query, OS_SIZE_1024 -1,
             "SELECT id from server where hostname = '%s'",
             server);
-
+    
     /* If not present, we insert */
     if(osdb_query_select(db_config->conn, sql_query) == 0)
     {
@@ -106,10 +106,10 @@ int OS_Server_ReadInsertDB(void *db_config)
     int server_id = 0;
     char *info;
 
-
+   
     debug1("%s: DEBUG: entering OS_Server_ReadInsertDB()", ARGV0);
 
-
+    
     /* Getting servers hostname */
     memset(__shost, '\0', 512);
     if(gethostname(__shost, 512 -1) != 0)
@@ -139,8 +139,8 @@ int OS_Server_ReadInsertDB(void *db_config)
 
     /* Getting server id */
     server_id = __DBSelectServer(__shost, (DBConfig *)db_config);
-
-
+    
+    
     return(server_id);
 }
 
diff --git a/src/os_execd/._Makefile b/src/os_execd/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_execd/._Makefile differ
diff --git a/src/os_execd/._config.c b/src/os_execd/._config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_execd/._config.c differ
diff --git a/src/os_execd/._exec.c b/src/os_execd/._exec.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_execd/._exec.c differ
diff --git a/src/os_execd/._execd.c b/src/os_execd/._execd.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_execd/._execd.c differ
diff --git a/src/os_execd/._execd.h b/src/os_execd/._execd.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_execd/._execd.h differ
diff --git a/src/os_execd/._win_execd.c b/src/os_execd/._win_execd.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_execd/._win_execd.c differ
diff --git a/src/os_execd/config.c b/src/os_execd/config.c
index 17c1166..537f6f3 100755
--- a/src/os_execd/config.c
+++ b/src/os_execd/config.c
@@ -11,7 +11,7 @@
  */
 
 
-#include "shared.h"
+#include "shared.h" 
 #include "execd.h"
 
 
@@ -56,8 +56,8 @@ int ExecdConfig(char * cfgfile)
         else
         {
             merror(XML_VALUEERR, ARGV0,
-                    "disabled",
-                    disable_entry);
+                    "disabled", 
+                    disable_entry); 
             return(-1);
         }
     }
@@ -71,11 +71,11 @@ int ExecdConfig(char * cfgfile)
         if(!repeated_a)
         {
             merror(XML_VALUEERR, ARGV0,
-                    "repeated_offenders",
-                    disable_entry);
+                    "repeated_offenders", 
+                    disable_entry); 
             return(-1);
         }
-
+        
         while(repeated_a[i] != NULL)
         {
             char *tmpt = repeated_a[i];
@@ -102,8 +102,8 @@ int ExecdConfig(char * cfgfile)
             i++;
         }
     }
-
-
+    
+    
     OS_ClearXML(&xml);
     return(is_disabled);
 }
diff --git a/src/os_execd/exec.c b/src/os_execd/exec.c
index 7b0a673..6ca5b71 100755
--- a/src/os_execd/exec.c
+++ b/src/os_execd/exec.c
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
@@ -22,9 +22,9 @@ int  exec_size = 0;
 int  f_time_reading = 1;
 
 
-/** int ReadExecConfig() v0.1:
+/** int ReadExecConfig() v0.1: 
  * Reads the shared exec config.
- * Returns 1 on success or 0 on failure.
+ * Returns 1 on success or 0 on failure. 
  * Format of the file is 'name - command - timeout'
  */
 int ReadExecConfig()
@@ -42,8 +42,8 @@ int ReadExecConfig()
         exec_timeout[i] = 0;
     }
     exec_size = 0;
-
-
+    
+    
     /* Opening file */
     fp = fopen(DEFAULTARPATH, "r");
     if(!fp)
@@ -71,7 +71,7 @@ int ReadExecConfig()
         *tmp_str = '\0';
         tmp_str++;
 
-
+        
         /* Searching for ' ' and - */
         if(*tmp_str == '-')
         {
@@ -84,12 +84,12 @@ int ReadExecConfig()
         }
 
 
-
+        
         /* Setting the name */
         strncpy(exec_names[exec_size], str_pt, OS_FLSIZE);
         exec_names[exec_size][OS_FLSIZE] = '\0';
 
-
+        
         str_pt = tmp_str;
 
         tmp_str = strchr(tmp_str, ' ');
@@ -100,11 +100,11 @@ int ReadExecConfig()
         }
         *tmp_str = '\0';
 
-
+        
         /* Writting the full command path */
-        snprintf(exec_cmd[exec_size], OS_FLSIZE,
-                                      "%s/%s",
-                                      AR_BINDIRPATH,
+        snprintf(exec_cmd[exec_size], OS_FLSIZE, 
+                                      "%s/%s", 
+                                      AR_BINDIRPATH, 
                                       str_pt);
         process_file = fopen(exec_cmd[exec_size], "r");
         if(!process_file)
@@ -116,14 +116,14 @@ int ReadExecConfig()
                         ARGV0, exec_cmd[exec_size]);
             }
 
-            exec_cmd[exec_size][0] = '\0';
+            exec_cmd[exec_size][0] = '\0'; 
         }
         else
         {
             fclose(process_file);
         }
 
-
+        
         /* Searching for ' ' and - */
         tmp_str++;
         if(*tmp_str == '-')
@@ -135,14 +135,14 @@ int ReadExecConfig()
             merror(EXEC_INV_CONF, ARGV0, DEFAULTARPATH);
             continue;
         }
-
-
-        str_pt = tmp_str;
+        
+       
+        str_pt = tmp_str; 
         tmp_str = strchr(tmp_str, '\n');
         if(tmp_str)
             *tmp_str = '\0';
 
-
+        
         /* Getting the exec timeout */
         exec_timeout[exec_size] = atoi(str_pt);
 
@@ -166,7 +166,7 @@ int ReadExecConfig()
                 }
             }
         }
-
+        
         if(dup_entry)
         {
             exec_cmd[exec_size][0] = '\0';
diff --git a/src/os_execd/execd.c b/src/os_execd/execd.c
index 765ec89..67dd356 100755
--- a/src/os_execd/execd.c
+++ b/src/os_execd/execd.c
@@ -35,17 +35,17 @@ OSList *timeout_list;
 OSListNode *timeout_node;
 OSHash *repeated_hash;
 int repeated_offenders_timeout[] = {0,0,0,0,0,0,0};
+            
 
 
-
-/**
- * Shutdowns execd properly.
+/** 
+ * Shudowns execd properly.
  */
 void execd_shutdown()
 {
     /* Removing pending active responses. */
     merror(EXEC_SHUTDOWN, ARGV0);
-
+    
     timeout_node = OSList_GetFirstNode(timeout_list);
     while(timeout_node)
     {
@@ -85,7 +85,7 @@ int main(int argc, char **argv)
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
+        
 
     while((c = getopt(argc, argv, "Vtdhfu:g:D:c:")) != -1){
         switch(c){
@@ -110,7 +110,6 @@ int main(int argc, char **argv)
                 if(!optarg)
                     ErrorExit("%s: -D needs an argument.",ARGV0);
                 dir = optarg;
-                break;
             case 'c':
                 if(!optarg)
                     ErrorExit("%s: -c needs an argument.",ARGV0);
@@ -118,7 +117,7 @@ int main(int argc, char **argv)
                 break;
             case 't':
                 test_config = 1;
-                break;
+                break;    
             default:
                 help(ARGV0);
                 break;
@@ -134,7 +133,7 @@ int main(int argc, char **argv)
         ErrorExit(USER_ERROR,ARGV0,"",group);
 
 
-    /* Privilege separation */
+    /* Privilege separation */  
     if(Privsep_SetGroup(gid) < 0)
         ErrorExit(SETGID_ERROR,ARGV0,group);
 
@@ -149,18 +148,18 @@ int main(int argc, char **argv)
     /* Exit if test_config */
     if(test_config)
         exit(0);
-
-
+        
+        
     /* Signal manipulation */
     StartSIG2(ARGV0, execd_shutdown);
 
-
-    if (!run_foreground)
+    
+    if (!run_foreground) 
     {
         /* Going daemon */
         nowDaemon();
         goDaemon();
-    }
+    } 
 
 
     /* Active response disabled */
@@ -169,12 +168,12 @@ int main(int argc, char **argv)
         verbose(EXEC_DISABLED, ARGV0);
         exit(0);
     }
-
+    
     /* Creating the PID file */
     if(CreatePID(ARGV0, getpid()) < 0)
         merror(PID_ERROR, ARGV0);
 
-
+    
     /* Starting queue (exec queue) */
     if((m_queue = StartMQ(EXECQUEUEPATH,READ)) < 0)
         ErrorExit(QUEUE_ERROR, ARGV0, EXECQUEUEPATH, strerror(errno));
@@ -182,11 +181,11 @@ int main(int argc, char **argv)
 
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, (int)getpid());
+        
 
-
-    /* The real daemon Now */
+    /* The real daemon Now */  
     ExecdStart(m_queue);
-
+    
     exit(0);
 }
 
@@ -210,7 +209,7 @@ void FreeTimeoutEntry(void *timeout_entry_pt)
     {
         return;
     }
-
+    
     tmp_str = timeout_entry->command;
 
     /* Clearing the command arguments */
@@ -243,7 +242,7 @@ void ExecdStart(int q)
 {
     int i, childcount = 0;
     time_t curr_time;
-
+    
     char buffer[OS_MAXSTR + 1];
     char *tmp_msg = NULL;
     char *name;
@@ -255,20 +254,20 @@ void ExecdStart(int q)
     fd_set fdset;
     struct timeval socket_timeout;
 
-
+    
     /* Clearing the buffer */
     memset(buffer, '\0', OS_MAXSTR +1);
-
-
+    
+    
     /* Initializing the cmd arguments */
     for(i = 0; i<= MAX_ARGS +1; i++)
     {
         cmd_args[i] = NULL;
     }
-
-
+   
+    
     /* Creating list for timeout */
-    timeout_list = OSList_Create();
+    timeout_list = OSList_Create(); 
     if(!timeout_list)
     {
         ErrorExit(LIST_ERROR, ARGV0);
@@ -284,14 +283,14 @@ void ExecdStart(int q)
         repeated_hash = NULL;
     }
 
-
-
+    
+   
     /* Main loop. */
     while(1)
     {
         int timeout_value;
         int added_before = 0;
-
+    
         char **timeout_args;
         timeout_data *timeout_entry;
 
@@ -331,13 +330,13 @@ void ExecdStart(int q)
             timeout_data *list_entry;
 
             list_entry = (timeout_data *)timeout_node->data;
-
+            
             /* Timeouted */
-            if((curr_time - list_entry->time_of_addition) >
+            if((curr_time - list_entry->time_of_addition) > 
                     list_entry->time_to_block)
             {
                 ExecCmd(list_entry->command);
-
+                
                 /* Deletecurrently node already sets the pointer to next */
                 OSList_DeleteCurrentlyNode(timeout_list);
                 timeout_node = OSList_GetCurrentlyNode(timeout_list);
@@ -354,7 +353,7 @@ void ExecdStart(int q)
             }
         }
 
-
+        
         /* Setting timeout to EXECD_TIMEOUT */
         socket_timeout.tv_sec = EXECD_TIMEOUT;
         socket_timeout.tv_usec= 0;
@@ -395,8 +394,8 @@ void ExecdStart(int q)
 
         /* Getting application name */
         name = buffer;
-
-
+        
+        
         /* Zeroing the name */
         tmp_msg = strchr(buffer, ' ');
         if(!tmp_msg)
@@ -429,10 +428,10 @@ void ExecdStart(int q)
 
         /* Allocating memory for the timeout argument */
         os_calloc(MAX_ARGS+2, sizeof(char *), timeout_args);
-
+        
 
         /* Adding initial variables to the cmd_arg and to the timeout cmd */
-        cmd_args[0] = command;
+        cmd_args[0] = command; 
         cmd_args[1] = ADD_ENTRY;
         os_strdup(command, timeout_args[0]);
         os_strdup(DELETE_ENTRY, timeout_args[1]);
@@ -463,7 +462,7 @@ void ExecdStart(int q)
 
             i++;
         }
-
+        
 
         /* Check this command was already executed. */
         timeout_node = OSList_GetFirstNode(timeout_list);
@@ -477,15 +476,15 @@ void ExecdStart(int q)
             merror("%s: Invalid number of arguments.", ARGV0);
         }
 
-
-
+        
+        
         while(timeout_node)
         {
             timeout_data *list_entry;
 
             list_entry = (timeout_data *)timeout_node->data;
             if((strcmp(list_entry->command[3], timeout_args[3]) == 0) &&
-               (strcmp(list_entry->command[0], timeout_args[0]) == 0))
+               (strcmp(list_entry->command[0], timeout_args[0]) == 0)) 
             {
                 /* Means we executed this command before
                  * and we don't need to add it again.
@@ -496,7 +495,7 @@ void ExecdStart(int q)
                 /* updating the timeout */
                 list_entry->time_of_addition = curr_time;
 
-                if(repeated_offenders_timeout[0] != 0 &&
+                if(repeated_offenders_timeout[0] != 0 && 
                    repeated_hash != NULL &&
                    strncmp(timeout_args[3],"-", 1) != 0)
                 {
@@ -584,7 +583,7 @@ void ExecdStart(int q)
                   else
                   {
                       /* Adding to the repeated offenders list. */
-                      OSHash_Add(repeated_hash,
+                      OSHash_Add(repeated_hash, 
                            strdup(rkey),strdup("0"));
                   }
                 }
@@ -602,9 +601,9 @@ void ExecdStart(int q)
                 {
                     merror(LIST_ADD_ERROR, ARGV0);
                     FreeTimeoutEntry(timeout_entry);
-                }
+                } 
             }
-
+            
             /* If no timeout, we still need to free it in here */
             else
             {
@@ -620,7 +619,7 @@ void ExecdStart(int q)
 
             childcount++;
         }
-
+        
         /* We didn't add it to the timeout list */
         else
         {
diff --git a/src/os_execd/execd.h b/src/os_execd/execd.h
index 3eedd30..8977fd6 100755
--- a/src/os_execd/execd.h
+++ b/src/os_execd/execd.h
@@ -32,7 +32,7 @@
 
 
 /* Maximum number of command arguments */
-#define MAX_ARGS    32
+#define MAX_ARGS    32 
 
 
 /* Execd select timeout -- in seconds */
diff --git a/src/os_execd/win_execd.c b/src/os_execd/win_execd.c
index 1af0f1b..66b1f9d 100755
--- a/src/os_execd/win_execd.c
+++ b/src/os_execd/win_execd.c
@@ -24,9 +24,9 @@
 #ifdef ARGV0
    #undef ARGV0
 #endif
-
+      
 #define ARGV0 "ossec-execd"
-
+   
 
 
 
@@ -42,7 +42,7 @@ typedef struct _timeout_data
 /* Timeout list */
 OSList *timeout_list;
 OSListNode *timeout_node;
-
+            
 
 
 
@@ -67,15 +67,15 @@ int WinExecd_Start()
     /* Exit if test_config */
     if(test_config)
         return(0);
-
-
+        
+        
     /* Active response disabled */
     if(c == 1)
     {
         verbose(EXEC_DISABLED, ARGV0);
         return(0);
     }
-
+    
 
     /* Creating list for timeout */
     timeout_list = OSList_Create();
@@ -83,12 +83,12 @@ int WinExecd_Start()
     {
         ErrorExit(LIST_ERROR, ARGV0);
     }
-
-
+                                    
+    
 
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, getpid());
-
+        
 
     return(1);
 }
@@ -106,7 +106,7 @@ void WinTimeoutRun(int curr_time)
         list_entry = (timeout_data *)timeout_node->data;
 
         /* Timeouted */
-        if((curr_time - list_entry->time_of_addition) >
+        if((curr_time - list_entry->time_of_addition) > 
             list_entry->time_to_block)
         {
             ExecCmd_Win32(list_entry->command[0]);
@@ -147,7 +147,7 @@ void WinExecdRun(char *exec_msg)
     char *cmd_user;
     char *cmd_ip;
     char buffer[OS_MAXSTR + 1];
-
+    
 
     timeout_data *timeout_entry;
 
@@ -195,7 +195,7 @@ void WinExecdRun(char *exec_msg)
     }
     *tmp_msg = '\0';
     tmp_msg++;
-
+    
 
     /* Getting the command to execute (valid name) */
     command = GetCommandbyName(name, &timeout_value);
@@ -221,11 +221,11 @@ void WinExecdRun(char *exec_msg)
 
 
     /* Adding initial variables to the timeout cmd */
-    snprintf(buffer, OS_MAXSTR, "\"%s\" %s \"%s\" \"%s\" \"%s\"",
-             command, DELETE_ENTRY, cmd_user, cmd_ip, tmp_msg);
+    snprintf(buffer, OS_MAXSTR, "\"%s\" %s \"%s\" \"%s\" \"%s\"", 
+             command, DELETE_ENTRY, cmd_user, cmd_ip, tmp_msg); 
     os_strdup(buffer, timeout_args[0]);
     timeout_args[1] = NULL;
-
+    
 
 
     /* Getting size for the strncmp */
@@ -234,12 +234,12 @@ void WinExecdRun(char *exec_msg)
     {
         if(buffer[i] == ' ')
             j++;
-
+        
         i++;
         if(j == 4)
             break;
     }
-
+    
 
     /* Check this command was already executed. */
     timeout_node = OSList_GetFirstNode(timeout_list);
@@ -272,7 +272,7 @@ void WinExecdRun(char *exec_msg)
     /* If it wasn't added before, do it now */
     if(!added_before)
     {
-        snprintf(buffer, OS_MAXSTR, "\"%s\" %s \"%s\" \"%s\" \"%s\"", command,
+        snprintf(buffer, OS_MAXSTR, "\"%s\" %s \"%s\" \"%s\" \"%s\"", command, 
                                     ADD_ENTRY, cmd_user, cmd_ip, tmp_msg);
         /* executing command */
 
@@ -293,7 +293,7 @@ void WinExecdRun(char *exec_msg)
             {
                 merror(LIST_ADD_ERROR, ARGV0);
                 FreeTimeoutEntry(timeout_entry);
-            }
+            } 
         }
 
         /* If no timeout, we still need to free it in here */
diff --git a/src/os_maild/._Makefile b/src/os_maild/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_maild/._Makefile differ
diff --git a/src/os_maild/._config.c b/src/os_maild/._config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_maild/._config.c differ
diff --git a/src/os_maild/._mail_list.c b/src/os_maild/._mail_list.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_maild/._mail_list.c differ
diff --git a/src/os_maild/._mail_list.h b/src/os_maild/._mail_list.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_maild/._mail_list.h differ
diff --git a/src/os_maild/._maild.c b/src/os_maild/._maild.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_maild/._maild.c differ
diff --git a/src/os_maild/._maild.h b/src/os_maild/._maild.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_maild/._maild.h differ
diff --git a/src/os_maild/._os_maild_client.c b/src/os_maild/._os_maild_client.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_maild/._os_maild_client.c differ
diff --git a/src/os_maild/._sendcustomemail.c b/src/os_maild/._sendcustomemail.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_maild/._sendcustomemail.c differ
diff --git a/src/os_maild/._sendmail.c b/src/os_maild/._sendmail.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_maild/._sendmail.c differ
diff --git a/src/os_maild/config.c b/src/os_maild/config.c
index a3a20f3..6ab75b0 100755
--- a/src/os_maild/config.c
+++ b/src/os_maild/config.c
@@ -53,7 +53,7 @@ int MailConf(int test_config, char *cfgfile, MailConfig *Mail)
         {
             verbose(MAIL_DIS, ARGV0);
         }
-        exit(0);
+        exit(0);        
     }
 
     return(0);
diff --git a/src/os_maild/mail_list.c b/src/os_maild/mail_list.c
index b96c8ef..477957e 100755
--- a/src/os_maild/mail_list.c
+++ b/src/os_maild/mail_list.c
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -36,7 +36,7 @@ void OS_CreateMailList(int maxsize)
     _memorymaxsize = maxsize;
 
     _memoryused = 0;
-
+    
     return;
 }
 
@@ -59,13 +59,13 @@ MailNode *OS_PopLastMail()
         n_node = NULL;
         return(NULL);
     }
-
+    
     _memoryused--;
-
+    
     lastnode = lastnode->prev;
 
     /* Remove the last */
-    return(oldlast);
+    return(oldlast);    
 }
 
 
@@ -73,14 +73,14 @@ void FreeMailMsg(MailMsg *ml)
 {
     if(ml == NULL)
         return;
-
+    
     if(ml->subject)
         free(ml->subject);
-
+    
     if(ml->body)
         free(ml->body);
-
-    free(ml);
+        
+    free(ml);            
 }
 
 
@@ -91,11 +91,11 @@ void FreeMail(MailNode *ml)
         return;
     if(ml->mail->subject)
         free(ml->mail->subject);
-
+    
     if(ml->mail->body)
         free(ml->mail->body);
 
-    free(ml->mail);
+    free(ml->mail);    
     free(ml);
 }
 
@@ -104,32 +104,32 @@ void FreeMail(MailNode *ml)
 void OS_AddMailtoList(MailMsg *ml)
 {
     MailNode *tmp_node = n_node;
-
+        
     if(tmp_node)
     {
         MailNode *new_node;
         new_node = (MailNode *)calloc(1,sizeof(MailNode));
-
+        
         if(new_node == NULL)
         {
             ErrorExit(MEM_ERROR,ARGV0);
         }
 
-        /* Always adding to the beginning of the list
+        /* Always adding to the beginning of the list 
          * The new node will become the first node and
          * new_node->next will be the previous first node
          */
         new_node->next = tmp_node;
         new_node->prev = NULL;
         tmp_node->prev = new_node;
-
+        
         n_node = new_node;
 
         /* Adding the event to the node */
         new_node->mail = ml;
 
         _memoryused++;
-
+        
         /* Need to remove the last node */
         if(_memoryused > _memorymaxsize)
         {
@@ -137,14 +137,14 @@ void OS_AddMailtoList(MailMsg *ml)
 
             oldlast = lastnode;
             lastnode = lastnode->prev;
-
+            
             /* free last node */
             FreeMail(oldlast);
-
+            
             _memoryused--;
         }
     }
-
+    
     else
     {
         /* Adding first node */
@@ -157,8 +157,8 @@ void OS_AddMailtoList(MailMsg *ml)
         n_node->prev = NULL;
         n_node->next = NULL;
         n_node->mail = ml;
-
-        lastnode = n_node;
+        
+        lastnode = n_node; 
     }
 
     return;
diff --git a/src/os_maild/mail_list.h b/src/os_maild/mail_list.h
index 6d2587a..2fd7786 100755
--- a/src/os_maild/mail_list.h
+++ b/src/os_maild/mail_list.h
@@ -9,8 +9,8 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
-
+       
+       
 #ifndef _MAILIST__H
 #define _MAILIST__H
 
@@ -27,7 +27,7 @@ typedef struct _MailNode
 /* Add an email to the list  */
 void OS_AddMailtoList(MailMsg *ml);
 
-/* Return the last event from the Event list
+/* Return the last event from the Event list 
  * removing it from there
  */
 MailNode *OS_PopLastMail();
diff --git a/src/os_maild/maild.c b/src/os_maild/maild.c
index 15bfc30..0097d6e 100755
--- a/src/os_maild/maild.c
+++ b/src/os_maild/maild.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -43,7 +43,7 @@ int main(int argc, char **argv)
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
+        
 
     while((c = getopt(argc, argv, "Vdhtfu:g:D:c:")) != -1){
         switch(c){
@@ -73,14 +73,13 @@ int main(int argc, char **argv)
                 if(!optarg)
                     ErrorExit("%s: -D needs an argument",ARGV0);
                 dir=optarg;
-                break;
             case 'c':
                 if(!optarg)
                     ErrorExit("%s: -c needs an argument",ARGV0);
                 cfg = optarg;
                 break;
             case 't':
-                test_config = 1;
+                test_config = 1;    
                 break;
             default:
                 help(ARGV0);
@@ -107,12 +106,12 @@ int main(int argc, char **argv)
     mail.strict_checking = getDefine_Int("maild",
                                          "strict_checking",
                                           0, 1);
-
+    
     /* Get groupping */
     mail.groupping = getDefine_Int("maild",
                                    "groupping",
                                     0, 1);
-
+    
     /* Getting subject type */
     mail.subject_full = getDefine_Int("maild",
                                       "full_subject",
@@ -124,25 +123,25 @@ int main(int argc, char **argv)
                                "geoip",
                                0, 1);
 #endif
-
-
+    
+    
     /* Exit here if test config is set */
     if(test_config)
         exit(0);
 
-
-    if(!run_foreground)
+        
+    if(!run_foreground) 
     {
         nowDaemon();
         goDaemon();
     }
 
-
+    
     /* Privilege separation */	
     if(Privsep_SetGroup(gid) < 0)
         ErrorExit(SETGID_ERROR,ARGV0,group);
 
-
+    
     /* chrooting */
     if(Privsep_Chroot(dir) < 0)
         ErrorExit(CHROOT_ERROR,ARGV0,dir);
@@ -150,8 +149,8 @@ int main(int argc, char **argv)
     nowChroot();
 
 
-
-    /* Changing user */
+    
+    /* Changing user */        
     if(Privsep_SetUser(uid) < 0)
         ErrorExit(SETUID_ERROR,ARGV0,user);
 
@@ -163,16 +162,16 @@ int main(int argc, char **argv)
     /* Signal manipulation */
     StartSIG(ARGV0);
 
-
+    
 
     /* Creating PID files */
     if(CreatePID(ARGV0, getpid()) < 0)
         ErrorExit(PID_ERROR, ARGV0);
 
-
+    
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, (int)getpid());
-
+    
 
     /* the real daemon now */	
     OS_Run(&mail);
@@ -189,13 +188,13 @@ void OS_Run(MailConfig *mail)
     MailMsg *s_msg = NULL;
     MailMsg *msg_sms = NULL;
 
-    time_t tm;
-    struct tm *p;
+    time_t tm;     
+    struct tm *p;       
 
     int i = 0;
     int mailtosend = 0;
     int childcount = 0;
-    int today = 0;		
+    int today = 0;		        
     int thishour = 0;
 
     int n_errs = 0;
@@ -218,13 +217,13 @@ void OS_Run(MailConfig *mail)
 
 
     /* Creating the list */
-    OS_CreateMailList(MAIL_LIST_SIZE);
-
-
+    OS_CreateMailList(MAIL_LIST_SIZE);    
+    
+ 
     /* Setting default timeout */
     mail_timeout = DEFAULT_TIMEOUT;
 
-
+    
     /* Clearing global vars */
     _g_subject_level = 0;
     memset(_g_subject, '\0', SUBJECT_SIZE +2);
@@ -235,14 +234,14 @@ void OS_Run(MailConfig *mail)
         tm = time(NULL);
         p = localtime(&tm);
 
-
+        
         /* SMS messages are sent without delay */
         if(msg_sms)
         {
             pid_t pid;
-
+            
             pid = fork();
-
+            
             if(pid < 0)
             {
                 merror("%s: Fork failed. cause: %d - %s", ARGV0, errno, strerror(errno));
@@ -267,7 +266,7 @@ void OS_Run(MailConfig *mail)
             /* Increasing child count */
             childcount++;
         }
-
+        
 
         /* If mail_timeout == NEXTMAIL_TIMEOUT, we will try to get
          * more messages, before sending anything
@@ -276,9 +275,9 @@ void OS_Run(MailConfig *mail)
         {
             /* getting more messages */
         }
-
-
-        /* Hour changed. Send all supressed mails */
+        
+        
+        /* Hour changed. Send all supressed mails */ 
         else if(((mailtosend < mail->maxperhour) && (mailtosend != 0))||
                 ((p->tm_hour != thishour) && (childcount < MAXCHILDPROCESS)))
         {
@@ -305,29 +304,29 @@ void OS_Run(MailConfig *mail)
             {
                 if(OS_Sendmail(mail, p) < 0)
                     merror(SNDMAIL_ERROR,ARGV0,mail->smtpserver);
-
-                exit(0);
+                
+                exit(0);    
             }
-
+          
             /* Cleaning the memory */
-            mailmsg = OS_PopLastMail();
+            mailmsg = OS_PopLastMail(); 
             do
             {
-                FreeMail(mailmsg);
+                FreeMail(mailmsg); 
                 mailmsg = OS_PopLastMail();
             }while(mailmsg);
-
-
-            /* Increasing child count */
-            childcount++;
+    
+    
+            /* Increasing child count */        
+            childcount++; 
 
 
             /* Clearing global vars */
             _g_subject[0] = '\0';
             _g_subject[SUBJECT_SIZE -1] = '\0';
             _g_subject_level = 0;
-
-
+            
+           
             /* Cleaning up set values */
             if(mail->gran_to)
             {
@@ -350,12 +349,12 @@ void OS_Run(MailConfig *mail)
             /* If we sent everything */
             if(p->tm_hour != thishour)
             {
-                thishour = p->tm_hour;
+                thishour = p->tm_hour;    
 
                 mailtosend = 0;
             }
         }
-
+        
         /* Saved message for the do_not_group option.
          */
         if(s_msg)
@@ -375,15 +374,15 @@ void OS_Run(MailConfig *mail)
                     i++;
                 }
             }
-
+            
             OS_AddMailtoList(s_msg);
 
             s_msg = NULL;
             mailtosend++;
             continue;
         }
-
-
+        
+        
         /* Receive message from queue */
         if((msg = OS_RecvMailQ(fileq, p, mail, &msg_sms)) != NULL)
         {
@@ -400,7 +399,7 @@ void OS_Run(MailConfig *mail)
             {
                 OS_AddMailtoList(msg);
             }
-
+            
 
             /* Change timeout to see if any new message is coming shortly */
             if(mail->groupping)
@@ -443,19 +442,19 @@ void OS_Run(MailConfig *mail)
 
 
         /* Waiting for the childs .. */
-        while (childcount)
+        while (childcount) 
         {
             int wp;
             int p_status;
             wp = waitpid((pid_t) -1, &p_status, WNOHANG);
             if (wp < 0)
             {
-                merror(WAITPID_ERROR, ARGV0);
+                merror(WAITPID_ERROR, ARGV0);  
                 n_errs++;
             }
 
-            /* if = 0, we still need to wait for the child process */
-            else if (wp == 0)
+            /* if = 0, we still need to wait for the child process */    
+            else if (wp == 0) 
                 break;
             else
             {
@@ -476,7 +475,7 @@ void OS_Run(MailConfig *mail)
                 exit(1);
             }
         }
-
+            
     }
 }
 
diff --git a/src/os_maild/maild.h b/src/os_maild/maild.h
index efa09fd..6215c26 100755
--- a/src/os_maild/maild.h
+++ b/src/os_maild/maild.h
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -22,7 +22,7 @@
 
 /* Each timeout is x * 5 */
 #define NEXTMAIL_TIMEOUT    2    /* Time to check for next msg - 5 */
-#define DEFAULT_TIMEOUT     18   /* socket read timeout - 18 (*5)*/
+#define DEFAULT_TIMEOUT     18   /* socket read timeout - 18 (*5)*/ 
 #define SUBJECT_SIZE        128  /* Maximum subject size */
 
  /* Maximum body size */
@@ -66,7 +66,7 @@ typedef struct _MailMsg
 #include "config/mail-config.h"
 
 
-/* Config function */
+/* Config function */    
 int MailConf(int test_config, char *cfgfile, MailConfig *Mail);
 
 
diff --git a/src/os_maild/os_maild_client.c b/src/os_maild/os_maild_client.c
index 641b0cd..7ff11e0 100755
--- a/src/os_maild/os_maild_client.c
+++ b/src/os_maild/os_maild_client.c
@@ -19,12 +19,12 @@
 #include "config/config.h"
 #endif
 
-/* OS_RecvMailQ,
+/* OS_RecvMailQ, 
  * v0.1, 2005/03/15
  * Receive a Message on the Mail queue
  * v0,2: Using the new file-queue.
  */
-MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p,
+MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p, 
                       MailConfig *Mail, MailMsg **msg_sms)
 {
     int i = 0, body_size = OS_MAXSTR -3, log_size, sms_set = 0,donotgroup = 0;
@@ -34,7 +34,7 @@ MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p,
     char geoip_msg_src[OS_SIZE_1024 +1];
     char geoip_msg_dst[OS_SIZE_1024 +1];
 #endif
-
+    
     MailMsg *mail;
     alert_data *al_data;
 
@@ -56,68 +56,23 @@ MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p,
     /* Generating the logs */
     logs[0] = '\0';
     logs[OS_MAXSTR] = '\0';
-
+    
     while(al_data->log[i])
     {
         log_size = strlen(al_data->log[i]) + 4;
-
+        
         /* If size left is small than the size of the log, stop it */
         if(body_size <= log_size)
         {
             break;
         }
-
+        
         strncat(logs, al_data->log[i], body_size);
         strncat(logs, "\r\n", body_size);
         body_size -= log_size;
         i++;
     }
 
-    if (al_data->old_md5) 
-    {
-        log_size = strlen(al_data->old_md5) + 16 + 4;
-        if(body_size > log_size)
-        {
-            strncat(logs, "Old md5sum was: ", 16);
-            strncat(logs, al_data->old_md5, body_size);
-            strncat(logs, "\r\n", 4);
-            body_size -= log_size;
-        }
-    }
-    if (al_data->new_md5) 
-    {
-        log_size = strlen(al_data->new_md5) + 16 + 4;
-        if(body_size > log_size)
-        {
-            strncat(logs, "New md5sum is : ", 16);
-            strncat(logs, al_data->new_md5, body_size);
-            strncat(logs, "\r\n", 4);
-            body_size -= log_size;
-        }
-    }
-    if (al_data->old_sha1) 
-    {
-        log_size = strlen(al_data->old_sha1) + 17 + 4;
-        if(body_size > log_size)
-        {
-            strncat(logs, "Old sha1sum was: ", 17);
-            strncat(logs, al_data->old_sha1, body_size);
-            strncat(logs, "\r\n", 4);
-            body_size -= log_size;
-        }
-    }
-    if (al_data->new_sha1) 
-    {
-        log_size = strlen(al_data->new_sha1) + 17 + 4;
-        if(body_size > log_size)
-        {
-            strncat(logs, "New sha1sum is : ", 17);
-            strncat(logs, al_data->new_sha1, body_size);
-            strncat(logs, "\r\n", 4);
-            body_size -= log_size;
-        }
-    }
-
 
     /* Subject */
     subject_host = strchr(al_data->location, '>');
@@ -132,12 +87,12 @@ MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p,
     {
         /* Option for a clean full subject (without ossec in the name) */
         #ifdef CLEANFULL
-        snprintf(mail->subject, SUBJECT_SIZE -1, MAIL_SUBJECT_FULL2,
+        snprintf(mail->subject, SUBJECT_SIZE -1, MAIL_SUBJECT_FULL2, 
                                 al_data->level,
                                 al_data->comment,
                                 al_data->location);
         #else
-        snprintf(mail->subject, SUBJECT_SIZE -1, MAIL_SUBJECT_FULL,
+        snprintf(mail->subject, SUBJECT_SIZE -1, MAIL_SUBJECT_FULL, 
                                 al_data->location,
                                 al_data->level,
                                 al_data->comment);
@@ -145,12 +100,12 @@ MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p,
     }
     else
     {
-        snprintf(mail->subject, SUBJECT_SIZE -1, MAIL_SUBJECT,
+        snprintf(mail->subject, SUBJECT_SIZE -1, MAIL_SUBJECT, 
                                              al_data->location,
                                              al_data->level);
     }
 
-
+    
     /* fixing subject back */
     if(subject_host)
     {
@@ -176,7 +131,7 @@ MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p,
        geoip_msg_dst[0] = '\0';
     }
 #endif
-
+    
     /* Body */
 #ifdef GEOIP
     snprintf(mail->body, BODY_SIZE -1, MAIL_BODY,
@@ -197,7 +152,6 @@ MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p,
             al_data->comment,
             logs);
 #endif
-    debug2("OS_RecvMailQ: mail->body[%s]", mail->body);
 
     /* Checking for granular email configs */
     if(Mail->gran_to)
@@ -206,7 +160,7 @@ MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p,
         while(Mail->gran_to[i] != NULL)
         {
             int gr_set = 0;
-
+            
             /* Looking if location is set */
             if(Mail->gran_location[i])
             {
@@ -222,7 +176,7 @@ MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p,
                     continue;
                 }
             }
-
+            
             /* Looking for the level */
             if(Mail->gran_level[i])
             {
@@ -262,7 +216,7 @@ MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p,
                     continue;
                 }
             }
-
+            
 
             /* Looking for the group */
             if(Mail->gran_group[i])
@@ -336,13 +290,13 @@ MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p,
             _g_subject_level = al_data->level;
         }
     }
-
-
+    
+    
     /* If sms is set, create the sms output */
     if(sms_set)
     {
         MailMsg *msg_sms_tmp;
-
+        
         /* Allocate memory for sms */
         os_calloc(1,sizeof(MailMsg), msg_sms_tmp);
         os_calloc(BODY_SIZE, sizeof(char), msg_sms_tmp->body);
@@ -356,17 +310,17 @@ MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p,
 
         strncpy(msg_sms_tmp->body, logs, 128);
         msg_sms_tmp->body[127] = '\0';
-
+        
         /* Assigning msg_sms */
         *msg_sms = msg_sms_tmp;
     }
-
-
-
+    
+    
+    
     /* Clearing the memory */
     FreeAlertData(al_data);
 
-
+    
     return(mail);
 
 }
diff --git a/src/os_maild/sendcustomemail.c b/src/os_maild/sendcustomemail.c
index 36d96f5..b1d4bc2 100755
--- a/src/os_maild/sendcustomemail.c
+++ b/src/os_maild/sendcustomemail.c
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
@@ -35,7 +35,6 @@
 #define TO			    "To: <%s>\r\n"
 #define CC			    "Cc: <%s>\r\n"
 #define SUBJECT			"Subject: %s\r\n"
-#define ENDHEADER               "\r\n"
 #define ENDDATA			"\r\n.\r\n"
 #define QUITMSG 		"QUIT\r\n"
 
@@ -114,7 +113,7 @@ int OS_SendCustomEmail(char **to, char *subject, char *smtpserver, char *from, F
                     if(msg)
                         free(msg);
                     close(socket);
-                    return(OS_INVALID);
+                    return(OS_INVALID);    
                 }
             }
             else
@@ -211,7 +210,7 @@ int OS_SendCustomEmail(char **to, char *subject, char *smtpserver, char *from, F
             {
                 break;
             }
-
+            
             memset(snd_msg,'\0',128);
             snprintf(snd_msg,127, TO, to[i]);
             OS_SendTCP(socket,snd_msg);
@@ -231,7 +230,7 @@ int OS_SendCustomEmail(char **to, char *subject, char *smtpserver, char *from, F
     #else
     strftime(snd_msg, 127, "Date: %a, %d %b %Y %T %z\r\n",p);
     #endif
-
+                            
     OS_SendTCP(socket,snd_msg);
 
 
@@ -241,7 +240,6 @@ int OS_SendCustomEmail(char **to, char *subject, char *smtpserver, char *from, F
 
     OS_SendTCP(socket, snd_msg);
 
-    OS_SendTCP(socket,ENDHEADER);
 
 
      /* Sending body */
@@ -249,7 +247,7 @@ int OS_SendCustomEmail(char **to, char *subject, char *smtpserver, char *from, F
      while(fgets(buffer, 2048, fp) != NULL)
      {
          OS_SendTCP(socket,buffer);
-     }
+     }    
 
 
     /* Sending end of data \r\n.\r\n */
diff --git a/src/os_maild/sendmail.c b/src/os_maild/sendmail.c
index d743900..0e51df9 100755
--- a/src/os_maild/sendmail.c
+++ b/src/os_maild/sendmail.c
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
@@ -36,7 +36,6 @@
 #define TO			    "To: <%s>\r\n"
 #define CC			    "Cc: <%s>\r\n"
 #define SUBJECT			"Subject: %s\r\n"
-#define ENDHEADER               "\r\n"
 #define ENDDATA			"\r\n.\r\n"
 #define QUITMSG 		"QUIT\r\n"
 
@@ -111,7 +110,7 @@ int OS_Sendsms(MailConfig *mail, struct tm *p, MailMsg *sms_msg)
                     if(msg)
                         free(msg);
                     close(socket);
-                    return(OS_INVALID);
+                    return(OS_INVALID);    
                 }
             }
             else
@@ -154,7 +153,7 @@ int OS_Sendsms(MailConfig *mail, struct tm *p, MailMsg *sms_msg)
     /* Additional RCPT to */
     final_to[0] = '\0';
     final_to_sz = sizeof(final_to) -2;
-
+    
     if(mail->gran_to)
     {
         i = 0;
@@ -187,7 +186,7 @@ int OS_Sendsms(MailConfig *mail, struct tm *p, MailMsg *sms_msg)
             snprintf(snd_msg,127, TO, mail->gran_to[i]);
             strncat(final_to, snd_msg, final_to_sz);
             final_to_sz -= strlen(snd_msg) +2;
-
+            
             i++;
             continue;
         }
@@ -220,7 +219,7 @@ int OS_Sendsms(MailConfig *mail, struct tm *p, MailMsg *sms_msg)
 
     /* Sending date */
     memset(snd_msg,'\0',128);
-
+    
 
     /* Solaris doesn't have the "%z", so we set the timezone to 0. */
     #ifdef SOLARIS
@@ -228,7 +227,7 @@ int OS_Sendsms(MailConfig *mail, struct tm *p, MailMsg *sms_msg)
     #else
     strftime(snd_msg, 127, "Date: %a, %d %b %Y %T %z\r\n",p);
     #endif
-
+    
     OS_SendTCP(socket,snd_msg);
 
 
@@ -237,7 +236,6 @@ int OS_Sendsms(MailConfig *mail, struct tm *p, MailMsg *sms_msg)
     snprintf(snd_msg, 127, SUBJECT, sms_msg->subject);
     OS_SendTCP(socket,snd_msg);
 
-    OS_SendTCP(socket,ENDHEADER);
 
 
     /* Sending body */
@@ -290,7 +288,7 @@ int OS_Sendmail(MailConfig *mail, struct tm *p)
     MailNode *mailmsg;
 
     additional_to[0] = '\0';
-
+    
     /* If there is no sms message, we attempt to get from the
      * email list.
      */
@@ -300,7 +298,7 @@ int OS_Sendmail(MailConfig *mail, struct tm *p)
     {
         merror("%s: No email to be sent. Inconsistent state.",ARGV0);
     }
-
+    
 
     /* Connecting to the smtp server */	
     socket = OS_ConnectTCP(SMTP_DEFAULT_PORT, mail->smtpserver, 0);
@@ -348,7 +346,7 @@ int OS_Sendmail(MailConfig *mail, struct tm *p)
                     if(msg)
                         free(msg);
                     close(socket);
-                    return(OS_INVALID);
+                    return(OS_INVALID);    
                 }
             }
             else
@@ -441,9 +439,9 @@ int OS_Sendmail(MailConfig *mail, struct tm *p)
                     free(msg);
 
                 i++;
-                continue;
+                continue;    
             }
-
+            
             MAIL_DEBUG("DEBUG: Sent '%s', received: '%s'", snd_msg, msg);
             free(msg);
             i++;
@@ -487,7 +485,7 @@ int OS_Sendmail(MailConfig *mail, struct tm *p)
             {
                 break;
             }
-
+            
             memset(snd_msg,'\0',128);
             snprintf(snd_msg,127, TO, mail->to[i]);
             OS_SendTCP(socket,snd_msg);
@@ -528,7 +526,7 @@ int OS_Sendmail(MailConfig *mail, struct tm *p)
     #else
     strftime(snd_msg, 127, "Date: %a, %d %b %Y %T %z\r\n",p);
     #endif
-
+                            
     OS_SendTCP(socket,snd_msg);
 
 
@@ -551,7 +549,6 @@ int OS_Sendmail(MailConfig *mail, struct tm *p)
     }
     OS_SendTCP(socket,snd_msg);
 
-    OS_SendTCP(socket,ENDHEADER);
 
 
     /* Sending body */
diff --git a/src/os_net/._COPYRIGHT b/src/os_net/._COPYRIGHT
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_net/._COPYRIGHT differ
diff --git a/src/os_net/._Makefile b/src/os_net/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_net/._Makefile differ
diff --git a/src/os_net/._VERSION b/src/os_net/._VERSION
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_net/._VERSION differ
diff --git a/src/os_net/._os_err.h b/src/os_net/._os_err.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_net/._os_err.h differ
diff --git a/src/os_net/._os_net.c b/src/os_net/._os_net.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_net/._os_net.c differ
diff --git a/src/os_net/._os_net.h b/src/os_net/._os_net.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_net/._os_net.h differ
diff --git a/src/os_net/os_err.h b/src/os_net/os_err.h
index 78fcb92..365cd65 100755
--- a/src/os_net/os_err.h
+++ b/src/os_net/os_err.h
@@ -6,7 +6,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  */
 
diff --git a/src/os_net/os_net.c b/src/os_net/os_net.c
index c282b9f..3591fb8 100755
--- a/src/os_net/os_net.c
+++ b/src/os_net/os_net.c
@@ -6,18 +6,18 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software 
  * Foundation
  *
  * License details at the LICENSE file included with OSSEC or
  * online at: http://www.ossec.net/en/licensing.html
  */
 
-/* OS_net Library.
+/* OS_net Library. 
  * APIs for many network operations.
  */
-
-
+ 
+ 
 
 
 #include "shared.h"
@@ -57,7 +57,7 @@ int OS_Bindport(unsigned int _port, unsigned int _proto, char *_ip, int ipv6)
     ipv6 = 0;
     #endif
 
-
+    
     if(_proto == IPPROTO_UDP)
     {
         if((ossock = socket(ipv6 == 1?PF_INET6:PF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0)
@@ -72,8 +72,8 @@ int OS_Bindport(unsigned int _port, unsigned int _proto, char *_ip, int ipv6)
         {
             return(int)(OS_SOCKTERR);
         }
-
-        if(setsockopt(ossock, SOL_SOCKET, SO_REUSEADDR,
+            
+        if(setsockopt(ossock, SOL_SOCKET, SO_REUSEADDR, 
                               (char *)&flag,  sizeof(flag)) < 0)
         {
             return(OS_SOCKTERR);
@@ -127,8 +127,8 @@ int OS_Bindport(unsigned int _port, unsigned int _proto, char *_ip, int ipv6)
             return(OS_SOCKTERR);
         }
     }
-
-
+    
+    
     return(ossock);
 }
 
@@ -162,7 +162,7 @@ int OS_BindUnixDomain(char * path, int mode, int max_msg_size)
 
     /* Making sure the path isn't there */
     unlink(path);
-
+    
     memset(&n_us, 0, sizeof(n_us));
     n_us.sun_family = AF_UNIX;
     strncpy(n_us.sun_path, path, sizeof(n_us.sun_path)-1);
@@ -175,23 +175,23 @@ int OS_BindUnixDomain(char * path, int mode, int max_msg_size)
         close(ossock);
         return(OS_SOCKTERR);
     }
-
+    
     /* Changing permissions */
     chmod(path,mode);
-
-
+    
+    
     /* Getting current maximum size */
     if(getsockopt(ossock, SOL_SOCKET, SO_RCVBUF, &len, &optlen) == -1)
         return(OS_SOCKTERR);
-
-
+    
+                    
     /* Setting socket opt */
     if(len < max_msg_size)
     {
         len = max_msg_size;
         setsockopt(ossock, SOL_SOCKET, SO_RCVBUF, &len, optlen);
     }
-
+                                            
     return(ossock);
 }
 
@@ -235,8 +235,8 @@ int OS_ConnectUnixDomain(char * path, int max_msg_size)
         len = max_msg_size;
         setsockopt(ossock, SOL_SOCKET, SO_SNDBUF, &len, optlen);
     }
-
-
+    
+    
     /* Returning the socket */	
     return(ossock);
 }
@@ -250,14 +250,14 @@ int OS_getsocketsize(int ossock)
     /* Getting current maximum size */
     if(getsockopt(ossock, SOL_SOCKET, SO_SNDBUF, &len, &optlen) == -1)
         return(OS_SOCKTERR);
-
-    return(len);
+    
+    return(len);    
 }
 
 #endif
 
 /* OS_Connect v 0.1, 2004/07/21
- * Open a TCP/UDP client socket
+ * Open a TCP/UDP client socket 
  */
 int OS_Connect(unsigned int _port, unsigned int protocol, char *_ip, int ipv6)
 {
@@ -296,7 +296,7 @@ int OS_Connect(unsigned int _port, unsigned int protocol, char *_ip, int ipv6)
 
 
     if((_ip == NULL)||(_ip[0] == '\0'))
-        return(OS_INVALID);
+        return(OS_INVALID);        
 
 
     if(ipv6 == 1)
@@ -338,7 +338,7 @@ int OS_ConnectTCP(unsigned int _port, char *_ip, int ipv6)
 
 
 /* OS_ConnectUDP, v0.1
- * Open a UDP socket
+ * Open a UDP socket 
  */
 int OS_ConnectUDP(unsigned int _port, char *_ip, int ipv6)
 {
@@ -363,7 +363,7 @@ int OS_SendTCPbySize(int socket, int size, char *msg)
 {
     if((send(socket, msg, size, 0)) < size)
         return (OS_SOCKTERR);
-
+        
     return(0);
 }
 
@@ -383,11 +383,11 @@ int OS_SendUDPbySize(int socket, int size, char *msg)
             return(OS_SOCKTERR);
         }
 
-        i++;
+        i++;    
         merror("%s: INFO: Remote socket busy, waiting %d s.", __local_name, i);
-        sleep(i);
+        sleep(i);    
     }
-
+        
     return(0);
 }
 
@@ -401,7 +401,7 @@ int OS_AcceptTCP(int socket, char *srcip, int addrsize)
     int clientsocket;
     struct sockaddr_in _nc;
     socklen_t _ncl;
-
+    
     memset(&_nc, 0, sizeof(_nc));
     _ncl = sizeof(_nc);
 
@@ -428,7 +428,7 @@ char *OS_RecvTCP(int socket, int sizet)
     ret = (char *) calloc((sizet), sizeof(char));
     if(ret == NULL)
         return(NULL);
-
+        
     if((retsize = recv(socket, ret, sizet-1,0)) <= 0)
         return(NULL);
 
@@ -465,7 +465,7 @@ int OS_RecvTCPBuffer(int socket, char *buffer, int sizet)
 char *OS_RecvUDP(int socket, int sizet)
 {
     char *ret;
-
+    
     ret = (char *) calloc((sizet), sizeof(char));
     if(ret == NULL)
         return(NULL);
@@ -487,8 +487,8 @@ int OS_RecvConnUDP(int socket, char *buffer, int buffer_size)
     recv_b = recv(socket, buffer, buffer_size, 0);
     if(recv_b < 0)
         return(0);
-
-    return(recv_b);
+    
+    return(recv_b);    
 }
 
 
@@ -499,7 +499,7 @@ int OS_RecvConnUDP(int socket, char *buffer, int buffer_size)
 int OS_RecvUnix(int socket, int sizet, char *ret)
 {
     ssize_t recvd;
-    if((recvd = recvfrom(socket, ret, sizet -1, 0,
+    if((recvd = recvfrom(socket, ret, sizet -1, 0, 
                          (struct sockaddr*)&n_us,&us_l)) < 0)
         return(0);
 
@@ -510,13 +510,13 @@ int OS_RecvUnix(int socket, int sizet, char *ret)
 
 /* OS_SendUnix, v0.1, 2004/07/29
  * Send a message using a Unix socket.
- * Returns the OS_SOCKETERR if it
- */
+ * Returns the OS_SOCKETERR if it 
+ */ 
 int OS_SendUnix(int socket, char * msg, int size)
 {
     if(size == 0)
         size = strlen(msg)+1;
-
+        
     if(send(socket, msg, size,0) < size)
     {
         if(errno == ENOBUFS)
@@ -524,7 +524,7 @@ int OS_SendUnix(int socket, char * msg, int size)
 
         return(OS_SOCKTERR);
     }
-
+    
     return(OS_SUCCESS);
 }
 #endif
@@ -537,13 +537,13 @@ char *OS_GetHost(char *host, int attempts)
 {
     int i = 0;
     int sz;
-
+    
     char *ip;
     struct hostent *h;
 
     if(host == NULL)
         return(NULL);
-
+    
     while(i <= attempts)
     {
         if((h = gethostbyname(host)) == NULL)
diff --git a/src/os_net/os_net.h b/src/os_net/os_net.h
index 33d27fb..d366488 100755
--- a/src/os_net/os_net.h
+++ b/src/os_net/os_net.h
@@ -30,9 +30,9 @@ int OS_Bindportudp(unsigned int _port, char *_ip, int ipv6);
 /* OS_BindUnixDomain
  * Bind to a specific file, using the "mode" permissions in
  * a Unix Domain socket.
- */
+ */ 
 int OS_BindUnixDomain(char * path, int mode, int max_msg_size);
-int OS_ConnectUnixDomain(char * path, int max_msg_size);
+int OS_ConnectUnixDomain(char * path, int max_msg_size); 
 int OS_getsocketsize(int ossock);
 
 
@@ -52,7 +52,7 @@ int OS_RecvConnUDP(int socket, char *buffer, int buffer_size);
 /* OS_RecvUnix
  * Receive a message via a Unix socket
  */
-int OS_RecvUnix(int socket, int sizet, char *ret);
+int OS_RecvUnix(int socket, int sizet, char *ret); 
 
 
 /* OS_RecvTCP
@@ -61,9 +61,9 @@ int OS_RecvUnix(int socket, int sizet, char *ret);
 int OS_AcceptTCP(int socket, char *srcip, int addrsize);
 char *OS_RecvTCP(int socket, int sizet);
 int OS_RecvTCPBuffer(int socket, char *buffer, int sizet);
+  
 
-
-/* OS_SendTCP
+/* OS_SendTCP 
  * Send a TCP/UDP/UnixSocket packet (in a open socket)
  */
 int OS_SendTCP(int socket, char *msg);
@@ -73,7 +73,7 @@ int OS_SendUnix(int socket, char * msg, int size);
 
 int OS_SendUDP(int socket, char *msg);
 int OS_SendUDPbySize(int socket, int size, char *msg);
-
+    
 
 /* OS_GetHost
  * Calls gethostbyname
diff --git a/src/os_regex/._COPYRIGHT b/src/os_regex/._COPYRIGHT
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._COPYRIGHT differ
diff --git a/src/os_regex/._Makefile b/src/os_regex/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._Makefile differ
diff --git a/src/os_regex/._README b/src/os_regex/._README
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._README differ
diff --git a/src/os_regex/._VERSION b/src/os_regex/._VERSION
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._VERSION differ
diff --git a/src/os_regex/._os_match.c b/src/os_regex/._os_match.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_match.c differ
diff --git a/src/os_regex/._os_match_compile.c b/src/os_regex/._os_match_compile.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_match_compile.c differ
diff --git a/src/os_regex/._os_match_execute.c b/src/os_regex/._os_match_execute.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_match_execute.c differ
diff --git a/src/os_regex/._os_match_free_pattern.c b/src/os_regex/._os_match_free_pattern.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_match_free_pattern.c differ
diff --git a/src/os_regex/._os_regex.c b/src/os_regex/._os_regex.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_regex.c differ
diff --git a/src/os_regex/._os_regex.h b/src/os_regex/._os_regex.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_regex.h differ
diff --git a/src/os_regex/._os_regex_compile.c b/src/os_regex/._os_regex_compile.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_regex_compile.c differ
diff --git a/src/os_regex/._os_regex_execute.c b/src/os_regex/._os_regex_execute.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_regex_execute.c differ
diff --git a/src/os_regex/._os_regex_free_pattern.c b/src/os_regex/._os_regex_free_pattern.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_regex_free_pattern.c differ
diff --git a/src/os_regex/._os_regex_free_substrings.c b/src/os_regex/._os_regex_free_substrings.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_regex_free_substrings.c differ
diff --git a/src/os_regex/._os_regex_internal.h b/src/os_regex/._os_regex_internal.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_regex_internal.h differ
diff --git a/src/os_regex/._os_regex_maps.h b/src/os_regex/._os_regex_maps.h
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_regex_maps.h differ
diff --git a/src/os_regex/._os_regex_match.c b/src/os_regex/._os_regex_match.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_regex_match.c differ
diff --git a/src/os_regex/._os_regex_str.c b/src/os_regex/._os_regex_str.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_regex_str.c differ
diff --git a/src/os_regex/._os_regex_strbreak.c b/src/os_regex/._os_regex_strbreak.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/._os_regex_strbreak.c differ
diff --git a/src/os_regex/examples/._Makefile b/src/os_regex/examples/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/examples/._Makefile differ
diff --git a/src/os_regex/examples/._match.c b/src/os_regex/examples/._match.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/examples/._match.c differ
diff --git a/src/os_regex/examples/._regex.c b/src/os_regex/examples/._regex.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/examples/._regex.c differ
diff --git a/src/os_regex/examples/._regex_str.c b/src/os_regex/examples/._regex_str.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/examples/._regex_str.c differ
diff --git a/src/os_regex/examples/._run.sh b/src/os_regex/examples/._run.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/examples/._run.sh differ
diff --git a/src/os_regex/examples/._validate.pl b/src/os_regex/examples/._validate.pl
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/examples/._validate.pl differ
diff --git a/src/os_regex/examples/match.c b/src/os_regex/examples/match.c
index 2579dd1..d63ffe7 100755
--- a/src/os_regex/examples/match.c
+++ b/src/os_regex/examples/match.c
@@ -2,7 +2,7 @@
  * Under the public domain. It is just an example.
  * Some examples of the usage for the os_regex library.
  */
-
+ 
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
diff --git a/src/os_regex/examples/regex.c b/src/os_regex/examples/regex.c
index a26eb9f..6200e33 100755
--- a/src/os_regex/examples/regex.c
+++ b/src/os_regex/examples/regex.c
@@ -2,7 +2,7 @@
  * Under the public domain. It is just an example.
  * Some examples of the usage for the os_regex library.
  */
-
+ 
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
diff --git a/src/os_regex/examples/regex_str.c b/src/os_regex/examples/regex_str.c
index 08e6044..c28346f 100755
--- a/src/os_regex/examples/regex_str.c
+++ b/src/os_regex/examples/regex_str.c
@@ -2,12 +2,12 @@
  * Under the public domain. It is just an example.
  * Some examples of usage for the os_regex library.
  */
-
+ 
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
-
-/* Must be included */
+ 
+/* Must be included */ 
 #include "os_regex.h"
 
 int main(int argc,char **argv)
@@ -17,7 +17,7 @@ int main(int argc,char **argv)
 
     /* OSRegex structure */
     OSRegex reg;
-
+    
     /* checking for arguments */
     if(argc != 3)
     {
@@ -33,7 +33,7 @@ int main(int argc,char **argv)
     if(OSRegex_Compile(argv[1], &reg, OS_RETURN_SUBSTRING))
     {
         char *retv;
-        /* If the execution succeeds, the substrings will be
+        /* If the execution succeeds, the substrings will be 
          * at reg.sub_strings
          */
         if((retv = OSRegex_Execute(argv[2], &reg)))
@@ -45,7 +45,7 @@ int main(int argc,char **argv)
             printf("next pt: '%s'\n", retv);
             /* Assigning reg.sub_strings to ret */
             ret = reg.sub_strings;
-
+            
             printf("substrings:\n");
             while(*ret)
             {
@@ -63,13 +63,13 @@ int main(int argc,char **argv)
 
         OSRegex_FreePattern(&reg);
     }
-
+   
     /* Compilation error */
     else
     {
         printf("Error: Regex Compile Error: %d\n", reg.error);
     }
-
+    
     return(r_code);
 }
 /* EOF */
diff --git a/src/os_regex/examples/tests/._false.regex b/src/os_regex/examples/tests/._false.regex
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/examples/tests/._false.regex differ
diff --git a/src/os_regex/examples/tests/._false.tests b/src/os_regex/examples/tests/._false.tests
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/examples/tests/._false.tests differ
diff --git a/src/os_regex/examples/tests/._str.regex b/src/os_regex/examples/tests/._str.regex
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/examples/tests/._str.regex differ
diff --git a/src/os_regex/examples/tests/._true.regex b/src/os_regex/examples/tests/._true.regex
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/examples/tests/._true.regex differ
diff --git a/src/os_regex/examples/tests/._true.tests b/src/os_regex/examples/tests/._true.tests
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_regex/examples/tests/._true.tests differ
diff --git a/src/os_regex/os_match.c b/src/os_regex/os_match.c
index 3687523..35e0edf 100755
--- a/src/os_regex/os_match.c
+++ b/src/os_regex/os_match.c
@@ -39,7 +39,7 @@ int OS_Match2(char *pattern, char *str)
 
         OSMatch_FreePattern(&reg);
     }
-
+    
     return(r_code);
 }
 
@@ -57,7 +57,7 @@ int OS_Match3(char *pattern, char *str, char *delimiter)
     char *token = NULL;
     char *dupstr = NULL;
     char *saveptr = NULL;
-
+   
     /* debug2("1. str [%s], dupstr [%s], token[%s], delim [%s]", str, dupstr, token, delimiter); */
 
     os_strdup(str, dupstr);
@@ -77,7 +77,7 @@ int OS_Match3(char *pattern, char *str, char *delimiter)
 
         token = strtok_r(NULL, delimiter, &saveptr);
     }
-
+    
     /* debug2("4. str [%s], dupstr [%s], token[%s], delim [%s]", str, dupstr, token, delimiter); */
     free(dupstr);
     return(r_code);
diff --git a/src/os_regex/os_match_compile.c b/src/os_regex/os_match_compile.c
index 2fc552a..366e79e 100755
--- a/src/os_regex/os_match_compile.c
+++ b/src/os_regex/os_match_compile.c
@@ -40,18 +40,18 @@ int OSMatch_Compile(char *pattern, OSMatch *reg, int flags)
     int i = 0;
     int count = 0;
     int end_of_string = 0;
-
+    
     char *pt;
     char *new_str;
     char *new_str_free = NULL;
 
-
+    
     /* Checking for references not initialized */
     if(reg == NULL)
     {
         return(0);
     }
-
+    
 
     /* Initializing OSRegex structure */
     reg->error = 0;
@@ -73,8 +73,8 @@ int OSMatch_Compile(char *pattern, OSMatch *reg, int flags)
         reg->error = OS_REGEX_MAXSIZE;
         goto compile_error;
     }
-
-
+    
+    
     /* Duping the pattern for our internal work */
     new_str = strdup(pattern);
     if(!new_str)
@@ -84,21 +84,21 @@ int OSMatch_Compile(char *pattern, OSMatch *reg, int flags)
     }
     new_str_free = new_str;
     pt = new_str;
+    
 
-
-
+    
     /* Getting the number of sub patterns */
     while(*pt != '\0')
     {
-        /* The pattern must be always lower case if
+        /* The pattern must be always lower case if 
          * case sensitive is set
          */
         if(!(flags & OS_CASE_SENSITIVE))
         {
             *pt = charmap[(uchar)*pt];
         }
-
-        /* Number of sub patterns */
+       
+        /* Number of sub patterns */ 
         if(*pt == OR)
         {
             count++;
@@ -107,17 +107,17 @@ int OSMatch_Compile(char *pattern, OSMatch *reg, int flags)
         {
             usstrstr = 1;
         }
-        pt++;
+        pt++;    
     }
-
-
+    
+    
     /* For the last pattern */
     count++;
     reg->patterns = calloc(count +1, sizeof(char *));
     reg->size = calloc(count +1, sizeof(int));
     reg->match_fp = calloc(count +1, sizeof(void *));
-
-
+    
+    
     /* Memory allocation error check */
     if(!reg->patterns || !reg->size || !reg->match_fp)
     {
@@ -134,12 +134,12 @@ int OSMatch_Compile(char *pattern, OSMatch *reg, int flags)
         reg->size[i] = 0;
     }
     i = 0;
-
-
+    
+    
     /* Reassigning pt to the beginning of the string */
     pt = new_str;
 
-
+    
     /* Getting the sub patterns */
     do
     {
@@ -155,7 +155,7 @@ int OSMatch_Compile(char *pattern, OSMatch *reg, int flags)
             /* Dupping the string */
             if(*new_str == BEGINREGEX)
                 reg->patterns[i] = strdup(new_str +1);
-            else
+            else     
                 reg->patterns[i] = strdup(new_str);
 
             /* Memory error */
@@ -199,7 +199,7 @@ int OSMatch_Compile(char *pattern, OSMatch *reg, int flags)
                 reg->match_fp[i] = _os_strstr;
                 reg->size[i] = strlen(reg->patterns[i]);
             }
-
+            
             else
             {
                 reg->match_fp[i] = _OS_Match;
@@ -223,16 +223,16 @@ int OSMatch_Compile(char *pattern, OSMatch *reg, int flags)
     /* Success return */
     free(new_str_free);
     return(1);
-
-
+    
+    
     /* Error handling */
     compile_error:
-
+    
     if(new_str_free)
     {
         free(new_str_free);
     }
-
+    
     OSMatch_FreePattern(reg);
 
     return(0);
diff --git a/src/os_regex/os_match_execute.c b/src/os_regex/os_match_execute.c
index 8977484..d61f0cb 100755
--- a/src/os_regex/os_match_execute.c
+++ b/src/os_regex/os_match_execute.c
@@ -39,10 +39,10 @@ int _OS_Match(char *pattern, char *str, int str_len, int size)
             {
                 if(str[j] == '\0')
                     return(FALSE);
-
+                    
                 else if(*pt != charmap[(uchar)str[j]])
                 {
-                    pt = pattern;
+                    pt = pattern;           
                     goto nnext;
                 }
                 j++;pt++;
@@ -62,8 +62,8 @@ int _os_strncmp(char *pattern, char *str, int str_len, int size)
 {
     if(strncasecmp(pattern, str, size) == 0)
         return(TRUE);
-
-    return(FALSE);
+        
+    return(FALSE);    
 }
 
 /** Internal matching **/
@@ -71,8 +71,8 @@ int _os_strcmp(char *pattern, char *str, int str_len, int size)
 {
     if(strcasecmp(pattern, str) == 0)
         return(TRUE);
-
-    return(FALSE);
+    
+    return(FALSE);    
 }
 
 int _os_strmatch(char *pattern, char *str, int str_len, int size)
@@ -96,11 +96,11 @@ int _os_strcmp_last(char *pattern, char *str, int str_len, int size)
     /* Size of the string must be bigger */
     if((str_len - size) < 0)
         return(FALSE);
-
+    
     if(strcasecmp(pattern, str + (str_len - size)) == 0)
         return(TRUE);
-
-    return(FALSE);
+    
+    return(FALSE);            
 }
 
 
@@ -113,7 +113,7 @@ int _os_strcmp_last(char *pattern, char *str, int str_len, int size)
 int OSMatch_Execute(char *str, int str_len, OSMatch *reg)
 {
     short int i = 0;
-
+    
     /* The string can't be NULL */
     if(str == NULL)
     {
@@ -125,9 +125,9 @@ int OSMatch_Execute(char *str, int str_len, OSMatch *reg)
     /* Looping on all sub patterns */
     while(reg->patterns[i])
     {
-        if(reg->match_fp[i](reg->patterns[i],
-                            str,
-                            str_len,
+        if(reg->match_fp[i](reg->patterns[i], 
+                            str, 
+                            str_len, 
                             reg->size[i]) == TRUE)
         {
             return(1);
@@ -136,7 +136,7 @@ int OSMatch_Execute(char *str, int str_len, OSMatch *reg)
     }
 
     return(0);
-}
+}    
 
 
 /* EOF */
diff --git a/src/os_regex/os_match_free_pattern.c b/src/os_regex/os_match_free_pattern.c
index a9939f3..7131f08 100755
--- a/src/os_regex/os_match_free_pattern.c
+++ b/src/os_regex/os_match_free_pattern.c
@@ -33,7 +33,7 @@ void OSMatch_FreePattern(OSMatch *reg)
         {
             if(*pattern)
                 free(*pattern);
-            pattern++;
+            pattern++;    
         }
 
         free(reg->patterns);
diff --git a/src/os_regex/os_regex.c b/src/os_regex/os_regex.c
index 8e871ad..c429271 100755
--- a/src/os_regex/os_regex.c
+++ b/src/os_regex/os_regex.c
@@ -39,7 +39,7 @@ int OS_Regex(char *pattern, char *str)
 
         OSRegex_FreePattern(&reg);
     }
-
+    
     return(r_code);
 }
 
diff --git a/src/os_regex/os_regex.h b/src/os_regex/os_regex.h
index 0d68c8c..50827f4 100755
--- a/src/os_regex/os_regex.h
+++ b/src/os_regex/os_regex.h
@@ -22,12 +22,12 @@
 
 
 /* Pattern maximum size */
-#define OS_PATTERN_MAXSIZE      2048
+#define OS_PATTERN_MAXSIZE      2048   
 
 
 /* Error codes */
 #define OS_REGEX_REG_NULL       1
-#define OS_REGEX_PATTERN_NULL   2
+#define OS_REGEX_PATTERN_NULL   2 
 #define OS_REGEX_MAXSIZE        3
 #define OS_REGEX_OUTOFMEMORY    4
 #define OS_REGEX_STR_NULL       5
@@ -70,7 +70,7 @@ typedef struct _OSMatch
  * The error code is set on reg->error.
  */
 int OSRegex_Compile(char *pattern, OSRegex *reg, int flags);
-
+       
 
 /** char *OSRegex_Execute(char *str, OSRegex *reg) v0.1
  * Compare an already compiled regular expression with
@@ -93,7 +93,7 @@ void OSRegex_FreePattern(OSRegex *reg);
  * Release all the memory created to store the sub strings.
  * Returns void.
  */
-void OSRegex_FreeSubStrings(OSRegex *reg);
+void OSRegex_FreeSubStrings(OSRegex *reg);   
 
 
 /** int OS_Regex(char *pattern, char *str) v0.4
@@ -105,7 +105,7 @@ void OSRegex_FreeSubStrings(OSRegex *reg);
 int OS_Regex(char *pattern, char *str);
 
 
-
+      
 /** int OSMatch_Compile(char *pattern, OSMatch *reg, int flags) v0.1
  * Compile a pattern to be used later.
  * Allowed flags are:
@@ -137,7 +137,7 @@ int OS_Match2(char *pattern, char *str);
 
 int OS_Match3(char *pattern, char *str, char* delimiter);
 
-
+    
 /* OS_WordMatch v0.3:
  * Searches for  pattern in the string
  */
@@ -150,7 +150,7 @@ int OS_WordMatch(char *pattern, char *str);
  * Returns a NULL terminated array on success or NULL on error.
  */
 char **OS_StrBreak(char match, char *str, int size);
-
+  
 
 /** int OS_StrHowClosedMatch(char *str1, char *str2) v0.1
  * Returns the number of characters that both strings
@@ -158,7 +158,7 @@ char **OS_StrBreak(char match, char *str, int size);
  */
 int OS_StrHowClosedMatch(char *str1, char *str2);
 
-
+  
 /** Inline prototypes **/
 
 
@@ -181,7 +181,7 @@ int OS_StrIsNum(char *str);
  * Checks if a specified char is in the following range:
  * a-z, A-Z, 0-9, _-.
  */
-#include "os_regex_maps.h"
+#include "os_regex_maps.h" 
 #define isValidChar(x) (hostname_map[(unsigned char)x])
 
 
diff --git a/src/os_regex/os_regex_compile.c b/src/os_regex/os_regex_compile.c
index 10ae154..12b04cd 100755
--- a/src/os_regex/os_regex_compile.c
+++ b/src/os_regex/os_regex_compile.c
@@ -35,18 +35,18 @@ int OSRegex_Compile(char *pattern, OSRegex *reg, int flags)
     int parenthesis = 0;
     int prts_size = 0;
     int max_prts_size = 0;
-
+    
     char *pt;
     char *new_str;
     char *new_str_free = NULL;
 
-
+    
     /* Checking for references not initialized */
     if(reg == NULL)
     {
         return(0);
     }
-
+    
 
     /* Initializing OSRegex structure */
     reg->error = 0;
@@ -71,8 +71,8 @@ int OSRegex_Compile(char *pattern, OSRegex *reg, int flags)
         reg->error = OS_REGEX_MAXSIZE;
         goto compile_error;
     }
-
-
+    
+    
     /* Duping the pattern for our internal work */
     new_str = strdup(pattern);
     if(!new_str)
@@ -82,8 +82,8 @@ int OSRegex_Compile(char *pattern, OSRegex *reg, int flags)
     }
     new_str_free = new_str;
     pt = new_str;
-
-
+    
+    
     /* Getting the number of sub patterns */
     do
     {
@@ -91,12 +91,12 @@ int OSRegex_Compile(char *pattern, OSRegex *reg, int flags)
         {
             pt++;
             if(!((*pt == 'w') ||
-                 (*pt == 'W') ||
-                 (*pt == 's') ||
-                 (*pt == 'S') ||
-                 (*pt == 'd') ||
-                 (*pt == 'D') ||
-                 (*pt == '.') ||
+                 (*pt == 'W') || 
+                 (*pt == 's') || 
+                 (*pt == 'S') || 
+                 (*pt == 'd') || 
+                 (*pt == 'D') || 
+                 (*pt == '.') || 
                  (*pt == '(') ||
                  (*pt == ')') ||
                  (*pt == 'p') ||
@@ -144,22 +144,22 @@ int OSRegex_Compile(char *pattern, OSRegex *reg, int flags)
             parenthesis--;
             prts_size++;
         }
-
+        
         /* We only allow one level of parenthesis */
         if(parenthesis != 0 && parenthesis != 1)
         {
             reg->error = OS_REGEX_BADPARENTHESIS;
             goto compile_error;
         }
-
-        /* The pattern must be always lower case if
+        
+        /* The pattern must be always lower case if 
          * case sensitive is set
          */
         if(!(flags & OS_CASE_SENSITIVE))
         {
             *pt = charmap[(uchar)*pt];
         }
-
+        
         if(*pt == OR)
         {
             /* Each sub pattern must be closed on parenthesis */
@@ -170,9 +170,9 @@ int OSRegex_Compile(char *pattern, OSRegex *reg, int flags)
             }
             count++;
         }
-        pt++;
+        pt++;    
     }while(*pt != '\0');
-
+    
 
     /* After the whole pattern is read, the parenthesis must all be closed */
     if(parenthesis != 0)
@@ -180,14 +180,14 @@ int OSRegex_Compile(char *pattern, OSRegex *reg, int flags)
         reg->error = OS_REGEX_BADPARENTHESIS;
         goto compile_error;
     }
-
-
+    
+                                                                     
     /* Allocating the memory for the sub patterns */
     count++;
     reg->patterns = calloc(count +1, sizeof(char *));
     reg->flags = calloc(count +1, sizeof(int));
-
-
+    
+    
     /* For the substrings */
     if((prts_size > 0) && (flags & OS_RETURN_SUBSTRING))
     {
@@ -199,8 +199,8 @@ int OSRegex_Compile(char *pattern, OSRegex *reg, int flags)
             goto compile_error;
         }
     }
-
-
+    
+    
     /* Memory allocation error check */
     if(!reg->patterns || !reg->flags)
     {
@@ -222,12 +222,12 @@ int OSRegex_Compile(char *pattern, OSRegex *reg, int flags)
         }
     }
     i = 0;
-
-
+    
+    
     /* Reassigning pt to the beginning of the string */
     pt = new_str;
 
-
+    
     /* Getting the sub patterns */
     do
     {
@@ -297,7 +297,7 @@ int OSRegex_Compile(char *pattern, OSRegex *reg, int flags)
                 {
                     max_prts_size = prts_size;
                 }
-
+                
                 /* Allocating the memory */
                 reg->prts_closure[i] = calloc(prts_size + 1, sizeof(char *));
                 reg->prts_str[i] = calloc(prts_size + 1, sizeof(char *));
@@ -351,20 +351,20 @@ int OSRegex_Compile(char *pattern, OSRegex *reg, int flags)
         reg->error = OS_REGEX_OUTOFMEMORY;
         goto compile_error;
     }
-
+    
     /* Success return */
     free(new_str_free);
     return(1);
-
-
+    
+    
     /* Error handling */
     compile_error:
-
+    
     if(new_str_free)
     {
         free(new_str_free);
     }
-
+    
     OSRegex_FreePattern(reg);
 
     return(0);
diff --git a/src/os_regex/os_regex_execute.c b/src/os_regex/os_regex_execute.c
index 5fef327..c2a86fd 100755
--- a/src/os_regex/os_regex_execute.c
+++ b/src/os_regex/os_regex_execute.c
@@ -34,7 +34,7 @@ char *OSRegex_Execute(char *str, OSRegex *reg)
 {
     char *ret;
     int i = 0;
-
+    
     /* The string can't be NULL */
     if(str == NULL)
     {
@@ -77,7 +77,7 @@ char *OSRegex_Execute(char *str, OSRegex *reg)
                         OSRegex_FreeSubStrings(reg);
                         return(NULL);
                     }
-
+                    
                     /* Set the next one to null */
                     reg->prts_str[i][j+1][0] = str_char;
                     k++;
@@ -95,13 +95,13 @@ char *OSRegex_Execute(char *str, OSRegex *reg)
         return(0);
 
     }
-
+   
     /* If we don't need the sub strings */
-
+     
     /* Looping on all sub patterns */
     while(reg->patterns[i])
     {
-        if((ret = _OS_Regex(reg->patterns[i], str, NULL, NULL, reg->flags[i])))
+        if((ret = _OS_Regex(reg->patterns[i], str, NULL, NULL, reg->flags[i]))) 
         {
             return(ret);
         }
@@ -109,7 +109,7 @@ char *OSRegex_Execute(char *str, OSRegex *reg)
     }
 
     return(NULL);
-}
+}    
 
 #define PRTS(x) ((prts(*x) && x++) || 1)
 #define ENDOFFILE(x) ( PRTS(x) && (*x == '\0'))
@@ -120,26 +120,26 @@ char *OSRegex_Execute(char *str, OSRegex *reg)
  * Returns 1 on success and 0 on failure.
  * If prts_closure is set, the parenthesis locations will be
  * written on prts_str (which must not be NULL)
- */
-char *_OS_Regex(char *pattern, char *str, char **prts_closure,
+ */              
+char *_OS_Regex(char *pattern, char *str, char **prts_closure, 
               char **prts_str, int flags)
 {
     char *r_code = NULL;
-
+    
     int ok_here;
     int _regex_matched = 0;
-
+    
     int prts_int;
 
     char *st = str;
     char *st_error = NULL;
-
+    
     char *pt = pattern;
     char *next_pt;
 
     char *pt_error[4] = {NULL, NULL, NULL, NULL};
     char *pt_error_str[4];
-
+    
 
     /* Will loop the whole string, trying to find a match */
     do
@@ -183,7 +183,7 @@ char *_OS_Regex(char *pattern, char *str, char **prts_closure,
             if(Regex((uchar)*(pt+1), (uchar)*st))
             {
                 next_pt = pt+2;
-
+                
                 /* If we don't have a '+' or '*', we should skip
                  * searching using this pattern.
                  */
@@ -202,7 +202,7 @@ char *_OS_Regex(char *pattern, char *str, char **prts_closure,
                     r_code = st;
                     continue;
                 }
-
+                
                 /* If it is a '*', we need to set the _regex_matched
                  * for the first pattern even.
                  */
@@ -213,7 +213,7 @@ char *_OS_Regex(char *pattern, char *str, char **prts_closure,
 
 
                 /* If our regex matches and we have a "+" set, we will
-                 * try the next one to see if it matches. If yes, we
+                 * try the next one to see if it matches. If yes, we 
                  * can jump to it, but saving our currently location
                  * in case of error.
                  * _regex_matched will set set to true after the first
@@ -231,7 +231,7 @@ char *_OS_Regex(char *pattern, char *str, char **prts_closure,
                     {
                         next_pt++;
                     }
-
+                    
                     if(*next_pt == '\0')
                     {
                         ok_here = 1;
@@ -272,7 +272,7 @@ char *_OS_Regex(char *pattern, char *str, char **prts_closure,
                                 {
                                     if(*(st+1) == '\0')
                                         prts_str[prts_int] = st+1;
-                                    else
+                                    else    
                                         prts_str[prts_int] = st;
                                     break;
                                 }
@@ -287,14 +287,14 @@ char *_OS_Regex(char *pattern, char *str, char **prts_closure,
                             continue;
                         }
 
-
+                            
                         /* Each "if" will increment the amount
                          * necessary for the next pattern in ok_here
                          */
-                        if(ok_here)
+                        if(ok_here) 
                             next_pt+=ok_here;
-
-
+                        
+                        
                         if(!pt_error[0])
                         {
                             pt_error[0] = pt;
@@ -345,18 +345,18 @@ char *_OS_Regex(char *pattern, char *str, char **prts_closure,
 
                     _regex_matched = 1;
                 }
-
+                
                 r_code = st;
                 continue;
             }
-
+            
             else if((*(pt+3) == '\0') && (_regex_matched == 1)&&(r_code))
             {
                 r_code = st;
                 if(!(flags & END_SET) || (flags & END_SET && (*st == '\0')))
                     return(r_code);
             }
-
+            
             /* If we didn't match regex, but _regex_matched == 1, jump
              * to the next available pattern
              */
@@ -438,7 +438,7 @@ char *_OS_Regex(char *pattern, char *str, char **prts_closure,
             }
             pt = pattern;
             r_code = NULL;
-
+        
     }while(*(++st) != '\0');
 
 
@@ -450,9 +450,9 @@ char *_OS_Regex(char *pattern, char *str, char **prts_closure,
             if(*pt == BACKSLASH && *(pt+2) == '*')
                 pt+=3;
             else
-                break;
+                break;    
         }
-
+        
         if(prts(*pt))
         {
             prts_int = 0;
@@ -469,28 +469,28 @@ char *_OS_Regex(char *pattern, char *str, char **prts_closure,
     }
 
     /* Cleaning up */
-    if(ENDOFFILE(pt) ||
-        (*pt == BACKSLASH &&
-        _regex_matched &&
-        (pt+=2) &&
-        isPlus(*pt) &&
-        (pt++) &&
-        ((ENDOFFILE(pt)) ||
-        ((*pt == BACKSLASH) &&
-        (pt+=2) &&
-        (*pt == '*') &&
+    if(ENDOFFILE(pt) || 
+        (*pt == BACKSLASH && 
+        _regex_matched && 
+        (pt+=2) && 
+        isPlus(*pt) && 
         (pt++) &&
+        ((ENDOFFILE(pt)) || 
+        ((*pt == BACKSLASH) && 
+        (pt+=2) && 
+        (*pt == '*') && 
+        (pt++) && 
         (ENDOFFILE(pt)) ))) ||
         (*pt == BACKSLASH &&
         (pt+=2) &&
         (*pt == '*') &&
         (pt++) &&
         ENDOFFILE(pt))
-        )
+        ) 
     {
         return(r_code);
     }
-
+   
     return(NULL);
 }
 
diff --git a/src/os_regex/os_regex_free_pattern.c b/src/os_regex/os_regex_free_pattern.c
index 6ee085e..305dde3 100755
--- a/src/os_regex/os_regex_free_pattern.c
+++ b/src/os_regex/os_regex_free_pattern.c
@@ -35,7 +35,7 @@ void OSRegex_FreePattern(OSRegex *reg)
         {
             if(*pattern)
                 free(*pattern);
-            pattern++;
+            pattern++;    
         }
 
         free(reg->patterns);
@@ -74,7 +74,7 @@ void OSRegex_FreePattern(OSRegex *reg)
     /* Freeing the sub strings */
     if(reg->sub_strings)
     {
-        OSRegex_FreeSubStrings(reg);
+        OSRegex_FreeSubStrings(reg);    
         free(reg->sub_strings);
         reg->sub_strings = NULL;
     }
diff --git a/src/os_regex/os_regex_internal.h b/src/os_regex/os_regex_internal.h
index 299e5c2..0102f91 100755
--- a/src/os_regex/os_regex_internal.h
+++ b/src/os_regex/os_regex_internal.h
@@ -25,13 +25,13 @@
 #define OR          '|'
 #define AND         '&'
 
-#define TRUE         1
+#define TRUE         1 
 #define FALSE        0
 
 
 /* Pattern flags */
 #define BEGIN_SET   0000200
-#define END_SET     0000400
+#define END_SET     0000400     
 
 
 /* uchar */
@@ -48,7 +48,7 @@ typedef unsigned char uchar;
  */
 #define _IsW(x) ((x >= 48 && x <= 57 )|| \
 		         (x >= 65 && x <= 90 )|| \
-		         (x >= 97 && x <= 122))
+		         (x >= 97 && x <= 122)) 
 
 
 /* Is it a ' ' (blank)
@@ -133,25 +133,25 @@ static const uchar charmap[] = {
 
 
 
-/* Regex mapping
+/* Regex mapping 
  * 0  = none
  * 1  = \d
  * 2  = \w
  * 3  = \s
  * 4  = \p
- * 5  = \(
+ * 5  = \( 
  * 6  = \)
  * 7  = \\
  * 8  = \D
  * 9  = \W
  * 10 = \S
- * 11 = \.
+ * 11 = \. 
  * 12 = \t
  * 13 = \$
  * 14 = |
  * 15 = <
  */
-static const uchar regexmap[][256] =
+static const uchar regexmap[][256] = 
 {
     {
         '\000', '\000', '\000', '\000', '\000', '\000', '\000', '\000',
@@ -252,8 +252,8 @@ static const uchar regexmap[][256] =
         '\330', '\331', '\332', '\333', '\334', '\335', '\336', '\337',
         '\340', '\341', '\342', '\343', '\344', '\345', '\346', '\347',
         '\350', '\351', '\352', '\353', '\354', '\355', '\356', '\357',
-        '\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367',
-        '\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367',
+        '\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367',    
+        '\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367',    
     },
     {
         '\000', '\000', '\002', '\003', '\004', '\005', '\006', '\007',
@@ -707,4 +707,4 @@ static const uchar regexmap[][256] =
 #endif
 
 
-/* EOF */
+/* EOF */ 
diff --git a/src/os_regex/os_regex_maps.h b/src/os_regex/os_regex_maps.h
index 13286af..609b9f4 100644
--- a/src/os_regex/os_regex_maps.h
+++ b/src/os_regex/os_regex_maps.h
@@ -51,12 +51,12 @@ static const unsigned char hostname_map[] =
         '\330', '\331', '\332', '\333', '\334', '\335', '\336', '\337',
         '\340', '\341', '\342', '\343', '\344', '\345', '\346', '\347',
         '\350', '\351', '\352', '\353', '\354', '\355', '\356', '\357',
-        '\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367',
-        '\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367',
+        '\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367',    
+        '\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367',    
     };
 
 
 #endif
 
 
-/* EOF */
+/* EOF */ 
diff --git a/src/os_regex/os_regex_match.c b/src/os_regex/os_regex_match.c
index dfc24af..8932cff 100755
--- a/src/os_regex/os_regex_match.c
+++ b/src/os_regex/os_regex_match.c
@@ -18,7 +18,7 @@
 
 /* Algorithm:
  *       Go as faster as you can :)
- *
+ * 
  * Supports:
  *      '|' to separate multiple OR patterns
  *      '^' to match the begining of a string
@@ -29,8 +29,8 @@
 int _InternalMatch(char *pattern, char *str,int count);
 
 
-/* OS_WordMatch v0.3:
- * Searches for  pattern in the string
+/* OS_WordMatch v0.3: 
+ * Searches for  pattern in the string 
  */
 int OS_WordMatch(char *pattern, char *str)
 {
@@ -57,9 +57,9 @@ int OS_WordMatch(char *pattern, char *str)
                 continue;
             }
         }
-
+       
         count++;
-
+       
     }while(pattern[count] != '\0');
 
     /* Last check until end of string */
@@ -73,19 +73,19 @@ int _InternalMatch(char *pattern, char *str, int pattern_size)
     uchar *st = (uchar *)str;
 
     uchar last_char = pattern[pattern_size];
+   
 
-
-    /* Return true for some odd expressions */
+    /* Return true for some odd expressions */ 
     if(*pattern == '\0')
         return(TRUE);
 
-
+    
     /* If '^' specified, just do a strncasecmp */
     else if(*pattern == '^')
     {
         pattern++;
         pattern_size --;
-
+         
         /* Compare two string */
         if(strncasecmp(pattern,str,pattern_size) == 0)
             return(TRUE);
@@ -96,8 +96,8 @@ int _InternalMatch(char *pattern, char *str, int pattern_size)
     /* Null line */
     else if(*st == '\0')
         return(FALSE);
-
-
+        
+        
     /* Look to match the first pattern */
     do
     {
@@ -106,27 +106,27 @@ int _InternalMatch(char *pattern, char *str, int pattern_size)
         {
             str = (char *)st++;
             pt++;
-
+            
             while(*pt != last_char)
             {
                 if(*st == '\0')
                     return(FALSE);
-
+                    
                 else if(charmap[*pt] != charmap[*st])
                     goto error;
-
-                st++;pt++;
+                
+                st++;pt++;    
             }
 
             /* Return here if pt == last_char */
             return(TRUE);
-
+            
             error:
                 st = (uchar *)str;
                 pt = (uchar *)pattern;
-
+            
         }
-
+        
         st++;
     }while(*st != '\0');
 
diff --git a/src/os_regex/os_regex_str.c b/src/os_regex/os_regex_str.c
index 2bc2212..4b5ddbc 100755
--- a/src/os_regex/os_regex_str.c
+++ b/src/os_regex/os_regex_str.c
@@ -23,12 +23,12 @@ int OS_StrIsNum(char *str)
 {
     if(str == NULL)
         return(FALSE);
-
+        
     while(*str != '\0')
     {
         if(!_IsD(*str))
             return(FALSE); /* 0 */
-        str++;
+        str++;    
     }
 
     return(TRUE);
@@ -37,12 +37,12 @@ int OS_StrIsNum(char *str)
 
 /** int OS_StrHowClosedMatch(char *str1, char *str2) v0.1
  * Returns the number of characters that both strings
- * have in similar.
+ * have in similar. 
  */
 int OS_StrHowClosedMatch(char *str1, char *str2)
 {
     int count = 0;
-
+    
     /* They don't match if any of them is null */
     if(!str1 || !str2)
     {
@@ -58,7 +58,7 @@ int OS_StrHowClosedMatch(char *str1, char *str2)
 
         count++;
     }while((str1[count] != '\0') && (str2[count] != '\0'));
-
+    
     return(count);
 }
 
@@ -68,7 +68,7 @@ int OS_StrHowClosedMatch(char *str1, char *str2)
  * Verifies if a string starts with the provided pattern.
  * Returns 1 on success or 0 on failure.
  */
-#define startswith(x,y) (strncmp(x,y,strlen(y)) == 0?1:0)
-#define OS_StrStartsWith startswith
+#define startswith(x,y) (strncmp(x,y,strlen(y)) == 0?1:0)  
+#define OS_StrStartsWith startswith 
 
 /* EOF */
diff --git a/src/os_regex/os_regex_strbreak.c b/src/os_regex/os_regex_strbreak.c
index e6905c0..2294c2c 100755
--- a/src/os_regex/os_regex_strbreak.c
+++ b/src/os_regex/os_regex_strbreak.c
@@ -24,7 +24,7 @@ char **OS_StrBreak(char match, char *str, int size)
 {
     int count = 0;
     int i = 0;
-
+    
     char *tmp_str = str;
 
     char **ret;
@@ -40,7 +40,7 @@ char **OS_StrBreak(char match, char *str, int size)
         /* Memory error. Should provice a better way to detect it */
         return(NULL);
     }
-
+    
     /* Allocating memory to null */
     while(i <= size)
     {
@@ -62,13 +62,13 @@ char **OS_StrBreak(char match, char *str, int size)
                 goto error;
             }
 
-            /* Copying the string */
+            /* Copying the string */   
             ret[count][i-1] = '\0';
             strncpy(ret[count],tmp_str,i-1);
 
             tmp_str = ++str;
             count++;
-            i=0;
+            i=0; 
 
             continue;
         }
diff --git a/src/os_xml/._COPYRIGHT b/src/os_xml/._COPYRIGHT
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/._COPYRIGHT differ
diff --git a/src/os_xml/._Makefile b/src/os_xml/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/._Makefile differ
diff --git a/src/os_xml/._README b/src/os_xml/._README
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/._README differ
diff --git a/src/os_xml/._VERSION b/src/os_xml/._VERSION
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/._VERSION differ
diff --git a/src/os_xml/._os_xml.c b/src/os_xml/._os_xml.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/._os_xml.c differ
diff --git a/src/os_xml/._os_xml.h b/src/os_xml/._os_xml.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/._os_xml.h differ
diff --git a/src/os_xml/._os_xml_access.c b/src/os_xml/._os_xml_access.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/._os_xml_access.c differ
diff --git a/src/os_xml/._os_xml_node_access.c b/src/os_xml/._os_xml_node_access.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/._os_xml_node_access.c differ
diff --git a/src/os_xml/._os_xml_variables.c b/src/os_xml/._os_xml_variables.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/._os_xml_variables.c differ
diff --git a/src/os_xml/._os_xml_writer.c b/src/os_xml/._os_xml_writer.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/._os_xml_writer.c differ
diff --git a/src/os_xml/._os_xml_writer.h b/src/os_xml/._os_xml_writer.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/._os_xml_writer.h differ
diff --git a/src/os_xml/examples/._mem_test.c b/src/os_xml/examples/._mem_test.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/examples/._mem_test.c differ
diff --git a/src/os_xml/examples/._test.c b/src/os_xml/examples/._test.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/examples/._test.c differ
diff --git a/src/os_xml/examples/._test.xml b/src/os_xml/examples/._test.xml
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_xml/examples/._test.xml differ
diff --git a/src/os_xml/examples/mem_test.c b/src/os_xml/examples/mem_test.c
index d6938db..437eb3d 100755
--- a/src/os_xml/examples/mem_test.c
+++ b/src/os_xml/examples/mem_test.c
@@ -15,13 +15,13 @@ int main(int argc, char ** argv)
         printf("usage: %s file\n",argv[0]);
         return(-1);
     }
-
+    
     while(1)
     {
         usleep(10);
         printf(".");
         fflush(stdout);
-
+        
         if(OS_ReadXML(argv[1],&xml) < 0)
         {
             printf("Error reading XML!%s\n",xml.err);
@@ -36,7 +36,7 @@ int main(int argc, char ** argv)
         }
 
         i = 0;
-
+        
         while(node[i])
         {
             xml_node **cnode = NULL;
@@ -52,15 +52,15 @@ int main(int argc, char ** argv)
                 /* */
                 j++;
             }
-
+            
             OS_ClearNode(cnode);
             i++;
         }
-
+        
         OS_ClearNode(node);
-
+        
         node = NULL;
-
+        
         OS_ClearXML(&xml);
     }
     return(0);
diff --git a/src/os_xml/examples/test.c b/src/os_xml/examples/test.c
index 166a2b6..89369d5 100755
--- a/src/os_xml/examples/test.c
+++ b/src/os_xml/examples/test.c
@@ -10,7 +10,7 @@ int main(int argc, char ** argv)
     OS_XML xml;
     XML_NODE node = NULL;
 
-
+    
     /* File name must be given */
     if(argc < 2)
     {
@@ -18,8 +18,8 @@ int main(int argc, char ** argv)
         return(-1);
     }
 
-
-    /* Reading the XML. Printing error and line number */
+    
+    /* Reading the XML. Printing error and line number */ 
     if(OS_ReadXML(argv[1],&xml) < 0)
     {
         printf("OS_ReadXML error: %s, line :%d\n",xml.err, xml.err_line);
@@ -46,17 +46,17 @@ int main(int argc, char ** argv)
     {
         int j = 0;
         XML_NODE cnode;
-
+        
         cnode = OS_GetElementsbyNode(&xml, node[i]);
         if(cnode == NULL)
         {
             i++;
             continue;
         }
-
+        
         while(cnode[j])
         {
-            printf("Element: %s -> %s\n",
+            printf("Element: %s -> %s\n", 
                     cnode[j]->element,
                     cnode[j]->content);
             if(cnode[j]->attributes && cnode[j]->values)
diff --git a/src/os_xml/os_xml.c b/src/os_xml/os_xml.c
index 9a3f959..c370d58 100755
--- a/src/os_xml/os_xml.c
+++ b/src/os_xml/os_xml.c
@@ -51,8 +51,8 @@ int _xml_fgetc(FILE *fp)
 
     if(c == '\n') /* add new line */
         _line++;
-
-    return(c);
+    
+    return(c);    
 }
 
 #define FGETC(fp) _xml_fgetc(fp)
@@ -75,7 +75,7 @@ void xml_error(OS_XML *_lxml, const char *msg,...)
     vfprintf(stderr, msg, args);
     fprintf(stderr, "\n\n");
 #endif
-
+    
     memset(_lxml->err,'\0', 128);
     vsnprintf(_lxml->err,127,msg,args);
     va_end(args);
@@ -106,9 +106,9 @@ void OS_ClearXML(OS_XML *_lxml)
     free(_lxml->ck);
     free(_lxml->ln);
     memset(_lxml->err,'\0', 128);
-
+    
     return;	
-
+    
 }
 
 
@@ -160,7 +160,7 @@ int OS_ReadXML(char *file, OS_XML *_lxml)
             return(-1);
         }
     }
-
+    
     fclose(fp);
     return(0);
 }
@@ -213,7 +213,7 @@ int _ReadElem(FILE *fp, int position, int parent, OS_XML *_lxml)
     char closedelem[XML_MAXSIZE +1];
 
 
-
+    
     memset(elem,'\0',XML_MAXSIZE +1);
     memset(cont,'\0',XML_MAXSIZE +1);
     memset(closedelem,'\0',XML_MAXSIZE +1);
@@ -249,7 +249,7 @@ int _ReadElem(FILE *fp, int position, int parent, OS_XML *_lxml)
             else if(r == 1)
                 continue;
         }
-
+        
         /* real checking */
         if((location == -1) && (prevv == 0))
         {
@@ -268,7 +268,7 @@ int _ReadElem(FILE *fp, int position, int parent, OS_XML *_lxml)
             else
                 continue;
         }
-
+        
         else if((location == 0) && ((c == _R_CONFE) || (c == ' ')))
         {
             int _ge = 0;
@@ -281,7 +281,7 @@ int _ReadElem(FILE *fp, int position, int parent, OS_XML *_lxml)
                 _ge = '/';
                 elem[count -1] = '\0';
             }
-
+            
             _writememory(elem, XML_ELEM, count+1, parent, _lxml);
             _currentlycont=_lxml->cur-1;
             if(c == ' ')
@@ -298,11 +298,11 @@ int _ReadElem(FILE *fp, int position, int parent, OS_XML *_lxml)
                 _currentlycont = 0;
                 count = 0;
                 location = -1;
-
+             
                 memset(elem,'\0',XML_MAXSIZE);
                 memset(closedelem,'\0',XML_MAXSIZE);
                 memset(cont,'\0',XML_MAXSIZE);
-
+                
                 if(parent > 0)
                     return(0);
             }
@@ -310,9 +310,9 @@ int _ReadElem(FILE *fp, int position, int parent, OS_XML *_lxml)
             {
                 count = 0;
                 location = 1;
-            }
+            }    
         }
-
+        
         else if((location == 2) &&(c == _R_CONFE))
         {
             closedelem[count]='\0';
@@ -400,7 +400,7 @@ int _writememory(char *str, short int type, unsigned int size,
     /* Allocating for the line */
     _lxml->ln = realloc(_lxml->ln,(_lxml->cur+1)*sizeof(int));
     _lxml->ln[_lxml->cur] = _line;
-
+    
     /* Attributes does not need to be closed */
     if(type == XML_ATTR)
         _lxml->ck[_lxml->cur] = 1;
@@ -452,7 +452,7 @@ int _getattributes(FILE *fp,int parent,OS_XML *_lxml)
     int count = 0;
     int c;
     int c_to_match = 0;
-
+    
     char attr[XML_MAXSIZE+1];
     char value[XML_MAXSIZE+1];
 
@@ -464,7 +464,7 @@ int _getattributes(FILE *fp,int parent,OS_XML *_lxml)
         if(count >= XML_MAXSIZE)
         {
             attr[count-1] = '\0';
-            xml_error(_lxml,
+            xml_error(_lxml, 
                     "XMLERR: Overflow attempt at attribute '%s'.",attr);
             return(-1);
         }
@@ -521,11 +521,11 @@ int _getattributes(FILE *fp,int parent,OS_XML *_lxml)
         else if((location == 1)&&(c == c_to_match))
         {
             value[count]='\0';
-
+            
             location = 0;
             c_to_match = 0;
-
-            _writememory(attr, XML_ATTR, strlen(attr)+1,
+            
+            _writememory(attr, XML_ATTR, strlen(attr)+1, 
                     parent, _lxml);	
             _writecontent(value,count+1,_lxml->cur-1,_lxml);
             c = FGETC(fp);
@@ -548,7 +548,7 @@ int _getattributes(FILE *fp,int parent,OS_XML *_lxml)
             value[count++]=c;
 
     }
-
+    
     xml_error(_lxml, "XMLERR: End of file while reading an attribute.");
     return(-1);
 }
diff --git a/src/os_xml/os_xml_access.c b/src/os_xml/os_xml_access.c
index 5a6d529..61ed5cd 100755
--- a/src/os_xml/os_xml_access.c
+++ b/src/os_xml/os_xml_access.c
@@ -26,7 +26,7 @@ char **_GetElementContent(OS_XML *_lxml, char **element_name, char *attr);
 
 
 /* OS_ElementExist: v1.0: 2005/02/26
- * Check if a element exists
+ * Check if a element exists 
  * The element_name must be NULL terminated (last char)
  */
 int OS_ElementExist(OS_XML *_lxml, char **element_name)
@@ -66,7 +66,7 @@ int OS_ElementExist(OS_XML *_lxml, char **element_name)
 
 
 /* RootElementExist: v1.0: 2005/02/26
- * Check if a root element exists
+ * Check if a root element exists 
  */
 int OS_RootElementExist(OS_XML *_lxml, char *element_name)
 {
@@ -201,7 +201,7 @@ char *OS_GetOneContentforElement(OS_XML *_lxml, char **element_name)
     {
         uniqret = ret[0];
     }
-
+    
     /* Freeing memory */
     while(ret[i])
     {
@@ -210,7 +210,7 @@ char *OS_GetOneContentforElement(OS_XML *_lxml, char **element_name)
         i++;
     }
     free(ret);
-
+    
     return(uniqret);
 }
 
@@ -242,7 +242,7 @@ char **OS_GetContents(OS_XML *_lxml, char **element_name)
 
 
 /* OS_GetAttributeContent: v0.1: 2005/03/01
- * Get one value for a specific attribute
+ * Get one value for a specific attribute 
  */
 char *OS_GetAttributeContent(OS_XML *_lxml, char **element_name,
 	                         char *attribute_name)
@@ -279,7 +279,7 @@ char *OS_GetAttributeContent(OS_XML *_lxml, char **element_name,
     }
     if(success)
         return(uniqret);
-
+        
     return(NULL);
 }
 
@@ -312,7 +312,7 @@ char **_GetElementContent(OS_XML *_lxml, char **element_name, char *attr)
         }
         i = _lxml->fol;
     }
-    else
+    else 
     {
         i = 0;
     }
@@ -326,7 +326,7 @@ char **_GetElementContent(OS_XML *_lxml, char **element_name, char *attr)
             if(matched !=1)
                 break;
         }
-
+        
         /* Setting maximum depth of 16. */
         if(j > 16)
             return(NULL);
@@ -352,7 +352,7 @@ char **_GetElementContent(OS_XML *_lxml, char **element_name, char *attr)
             }
         }
 
-
+        
         /* If the element name matches what we are looking for. */
         else if(strcmp(_lxml->el[i], element_name[j]) == 0)
         {
@@ -372,7 +372,7 @@ char **_GetElementContent(OS_XML *_lxml, char **element_name, char *attr)
                         {
                             break;
                         }
-
+                        
                         if(strcmp(attr, _lxml->el[k]) == 0)
                         {
                             i = k;
@@ -389,7 +389,7 @@ char **_GetElementContent(OS_XML *_lxml, char **element_name, char *attr)
                     {
                         return(NULL);
                     }
-
+                    
                     /* Adding new entry. */
                     ret[k] = strdup(_lxml->ct[i]);
                     ret[k + 1] = NULL;
@@ -398,15 +398,15 @@ char **_GetElementContent(OS_XML *_lxml, char **element_name, char *attr)
                         free(ret);
                         return(NULL);
                     }
-
+                    
                     matched = 1;
                     k++;
-
+                    
                     if(attr != NULL)
                     {
-                        break;
+                        break; 
                     }
-
+                    
                     else if(_lxml->fol != 0)
                     {
                         _lxml->fol = i+1;
@@ -429,7 +429,7 @@ char **_GetElementContent(OS_XML *_lxml, char **element_name, char *attr)
             matched = 0;
         }
     }
-
+    
     if(ret == NULL)
         return(NULL);
 
diff --git a/src/os_xml/os_xml_node_access.c b/src/os_xml/os_xml_node_access.c
index 6fba555..a8da66d 100755
--- a/src/os_xml/os_xml_node_access.c
+++ b/src/os_xml/os_xml_node_access.c
@@ -23,12 +23,12 @@
 
 
 /* OS_ClearNode v0,1
- * Clear the Node structure
+ * Clear the Node structure 
  */
 void OS_ClearNode(xml_node **node)
 {
     if(node)
-    {
+    {   
         int i=0;
         while(node[i])
         {
@@ -67,7 +67,7 @@ void OS_ClearNode(xml_node **node)
             node[i]->values=NULL;
             free(node[i]);
             node[i]=NULL;
-            i++;
+            i++;    
         }
         free(node);
         node=NULL;
@@ -93,8 +93,8 @@ xml_node **OS_GetElementsbyNode(OS_XML *_lxml, xml_node *node)
         i = node->key;
         j = _lxml->rl[i++];
     }
-
-
+        
+            
     for(;i<_lxml->cur;i++)
     {
         if(_lxml->tp[i] == XML_ELEM)
@@ -106,17 +106,17 @@ xml_node **OS_GetElementsbyNode(OS_XML *_lxml, xml_node *node)
                 ret = (xml_node**)realloc(ret,(k+1)*sizeof(xml_node*));
                 if(ret == NULL)
                     return(NULL);
-
+                    
                 /* Allocating for the xml_node * */
                 ret[k] = (xml_node *)calloc(1,sizeof(xml_node));
                 if(ret[k] == NULL)
                     return(NULL);
-
+    
                 ret[k]->element = NULL;
                 ret[k]->content = NULL;
                 ret[k]->attributes = NULL;
                 ret[k]->values = NULL;
-
+                                
                 /* Getting the element */
                 ret[k]->element=strdup(_lxml->el[i]);
                 if(ret[k]->element == NULL)
@@ -124,7 +124,7 @@ xml_node **OS_GetElementsbyNode(OS_XML *_lxml, xml_node *node)
                     free(ret);
                     return(NULL);
                 }
-
+                
                 /* Getting the content */
                 if(_lxml->ct[i])
                 {
@@ -141,13 +141,13 @@ xml_node **OS_GetElementsbyNode(OS_XML *_lxml, xml_node *node)
                     if((_lxml->tp[l] == XML_ATTR)&&(_lxml->rl[l] == j+1)&&
                         (_lxml->el[l]) && (_lxml->ct[l]))
                         {
-                            ret[k]->attributes =
+                            ret[k]->attributes = 
                                 (char**)realloc(ret[k]->attributes,
                                                 (l-i+1)*sizeof(char*));
-                            ret[k]->values =
+                            ret[k]->values = 
                                 (char**)realloc(ret[k]->values,
                                                 (l-i+1)*sizeof(char*));
-                            if(!(ret[k]->attributes) ||
+                            if(!(ret[k]->attributes) || 
                                     !(ret[k]->values))
                                 return(NULL);
                             ret[k]->attributes[l-i-1]=strdup(_lxml->el[l]);
@@ -155,7 +155,7 @@ xml_node **OS_GetElementsbyNode(OS_XML *_lxml, xml_node *node)
                             if(!(ret[k]->attributes[l-i-1]) ||
                                     !(ret[k]->values[l-i-1]))
                                 return(NULL);
-                            l++;
+                            l++;                    
                         }
                     else
                     {
@@ -179,7 +179,7 @@ xml_node **OS_GetElementsbyNode(OS_XML *_lxml, xml_node *node)
                 break;
         }
     }
-
+    
     if(ret ==NULL)
         return(NULL);
 
diff --git a/src/os_xml/os_xml_variables.c b/src/os_xml/os_xml_variables.c
index 2fd8069..b5a7e09 100755
--- a/src/os_xml/os_xml_variables.c
+++ b/src/os_xml/os_xml_variables.c
@@ -51,19 +51,19 @@ int OS_ApplyVariables(OS_XML *_lxml)
                     {
                         if(!_lxml->ct[j])
                             break;
-
-                        /* If not used, it will be cleaned latter */
+                
+                        /* If not used, it will be cleaned latter */        
                         snprintf(_lxml->err, 128, "XML_ERR: Memory error");
-
+                            
                         var = (char**)realloc(var,(s+1)*sizeof(char *));
                         if(var == NULL)
                             return (-1);
-
+                        
                         var[s] = strdup(_lxml->ct[j]);
                         if(var[s] == NULL)
                             return(-1);
-
-                        /* Cleaning the lxml->err */
+                       
+                        /* Cleaning the lxml->err */ 
                         strncpy(_lxml->err," ", 3);
 
                         _found_var = 1;
@@ -71,46 +71,46 @@ int OS_ApplyVariables(OS_XML *_lxml)
                     }
                     else
                     {
-                        snprintf(_lxml->err, 128,
+                        snprintf(_lxml->err, 128, 
                                  "XML_ERR: Only \"name\" is allowed"
                                  " as an attribute for a variable");
                         return(-1);
                     }
                 }
             } /* Attribute FOR */
-
-
+            
+            
             if((_found_var == 0)||(!_lxml->ct[i]))
             {
-                snprintf(_lxml->err,128,
+                snprintf(_lxml->err,128, 
                          "XML_ERR: Bad formed variable. No value set");
                 return(-1);
             }
-
-
+            
+            
             snprintf(_lxml->err,128, "XML_ERR: Memory error");
-
+        
             value = (char**)realloc(value,(s+1)*sizeof(char *));
             if (value == NULL)
                 return(-1);
-
+        
             value[s] = strdup(_lxml->ct[i]);
             if(value[s] == NULL)
-                return(-1);
-
+                return(-1);    
+        
             strncpy(_lxml->err," ", 3);
             s++;
         }
     } /* initial FOR to get the variables  */
-
-
+  
+  
     /* No variable */
     if(s == 0)
         return(0);
 
 
     /* Looping again and modifying where found the variables */
-    i = 0;
+    i = 0; 
     for(;i<_lxml->cur;i++)
     {
         if(((_lxml->tp[i] == XML_ELEM) || (_lxml->tp[i] == XML_ATTR))&&
@@ -120,23 +120,23 @@ int OS_ApplyVariables(OS_XML *_lxml)
             char *p = NULL;
             char *p2= NULL;
             char lvar[256]; /* MAX Var size */
-
-
+          
+            
             if(strlen(_lxml->ct[i]) <= 2)
                 continue;
-
-
-            /* Duplicating string */
+            
+            
+            /* Duplicating string */     
             p = strdup(_lxml->ct[i]);
             p2= p;
-
+            
             if(p == NULL)
             {
                 snprintf(_lxml->err, 128, "XML_ERR: Memory error");
                 return(-1);
             }
-
-
+            
+            
             /* Reading the whole string */
             while(*p != '\0')
             {
@@ -145,7 +145,7 @@ int OS_ApplyVariables(OS_XML *_lxml)
                     tp = 0;
                     p++;
                     memset(lvar, '\0', 256);
-
+                    
                     while(1)
                     {
                         if((*p == XML_VARIABLE_BEGIN)
@@ -158,7 +158,7 @@ int OS_ApplyVariables(OS_XML *_lxml)
                             lvar[tp]='\0';
 
                             final = init+tp;
-
+                            
                             /* Looking for var */
                             for(j=0; j<s; j++)
                             {
@@ -177,16 +177,16 @@ int OS_ApplyVariables(OS_XML *_lxml)
                                 }
 
 
-                                tsize = strlen(_lxml->ct[i]) +
+                                tsize = strlen(_lxml->ct[i]) + 
                                         strlen(value[j]) - tp + 1;
 
                                 var_placeh = strdup(_lxml->ct[i]);
 
                                 free(_lxml->ct[i]);
 
-                                _lxml->ct[i] = (char*)calloc(tsize +2,
+                                _lxml->ct[i] = (char*)calloc(tsize +2, 
                                                              sizeof(char));
-
+                                
                                 if(_lxml->ct[i] == NULL || var_placeh == NULL)
                                 {
                                     snprintf(_lxml->err,128, "XML_ERR: Memory "
@@ -196,26 +196,26 @@ int OS_ApplyVariables(OS_XML *_lxml)
 
 
                                 strncpy(_lxml->ct[i], var_placeh, tsize);
-
+                                
 
                                 _lxml->ct[i][init] = '\0';
                                 strncat(_lxml->ct[i], value[j],tsize - init);
 
 
                                 init = strlen(_lxml->ct[i]);
-                                strncat(_lxml->ct[i], p,
+                                strncat(_lxml->ct[i], p, 
                                          tsize - strlen(_lxml->ct[i]));
-
+                                
 
                                 free(var_placeh);
 
                                 break;
                             }
-
+                            
                             /* Variale not found */
                             if((j == s) && (strlen(lvar) >= 1))
                             {
-                                snprintf(_lxml->err,128,
+                                snprintf(_lxml->err,128, 
                                                 "XML_ERR: Unknown variable"
                                                 ": %s", lvar);
                                 return(-1);
@@ -224,10 +224,10 @@ int OS_ApplyVariables(OS_XML *_lxml)
                             {
                                 init++;
                             }
-
+                            
                             goto go_next;
                         }
-
+                        
                         /* Maximum size for a variable */
                         if(tp >= 255)
                         {
@@ -236,21 +236,21 @@ int OS_ApplyVariables(OS_XML *_lxml)
                             return(-1);
 
                         }
-
+                        
                         lvar[tp] = *p;
                         tp++;
                         p++;
                     }
                 } /* IF XML_VAR_BEGIN */
-
+                
                 p++;
                 init++;
 
                 go_next:
                 continue;
-
+                
             } /* WHILE END */
-
+            
             if(p2 != NULL)
             {
                 free(p2);
@@ -271,11 +271,11 @@ int OS_ApplyVariables(OS_XML *_lxml)
         }
         if((value)&&(value[i]))
         {
-            free(value[i]);
+            free(value[i]);    
             value[i] = NULL;
         }
     }
-
+    
     if(var != NULL)
     {
         free(var);
@@ -283,7 +283,7 @@ int OS_ApplyVariables(OS_XML *_lxml)
     }
     if(value != NULL)
     {
-        free(value);
+        free(value);    
         value = NULL;
     }
 
diff --git a/src/os_xml/os_xml_writer.c b/src/os_xml/os_xml_writer.c
index 0e460e4..bcd47f1 100755
--- a/src/os_xml/os_xml_writer.c
+++ b/src/os_xml/os_xml_writer.c
@@ -34,7 +34,7 @@
 
 /* Internal functions */
 int _oswcomment(FILE *fp_in, FILE *fp_out);
-int _WReadElem(FILE *fp_in, FILE *fp_out, int position, int parent,
+int _WReadElem(FILE *fp_in, FILE *fp_out, int position, int parent, 
                char **node, char *value, int node_pos);
 
 
@@ -56,8 +56,8 @@ int _xml_wfgetc(FILE *fp_in, FILE *fp_out)
 
     if(c == '\n') /* add new line */
         _line++;
-
-    return(c);
+    
+    return(c);    
 }
 
 #define FWGETC(fp_in, fp_out) _xml_wfgetc(fp_in, fp_out)
@@ -112,10 +112,10 @@ int OS_WriteXML(char *infile, char *outfile, char **nodes, char *attr,
     {
         int r = 0;
         int rwidth = 0;
-
+        
         fseek(fp_out, 0, SEEK_END);
         fprintf(fp_out, "\n");
-
+        
         /* Printing each node. */
         while(nodes[r])
         {
@@ -126,13 +126,13 @@ int OS_WriteXML(char *infile, char *outfile, char **nodes, char *attr,
             if(nodes[r])
                 fprintf(fp_out, "\n");
         }
-
+    
         /* Printing val. */
         r--;
         rwidth -=6;
         fprintf(fp_out, "%s</%s>\n", newval, nodes[r]);
         r--;
-
+        
 
         /* Closing each node. */
         while(r >= 0)
@@ -142,7 +142,7 @@ int OS_WriteXML(char *infile, char *outfile, char **nodes, char *attr,
             rwidth -= 3;
         }
     }
-
+    
     fclose(fp_in);
     fclose(fp_out);
     return(0);
@@ -202,7 +202,7 @@ int _oswcomment(FILE *fp_in, FILE *fp_out)
 
 
 
-int _WReadElem(FILE *fp_in, FILE *fp_out,
+int _WReadElem(FILE *fp_in, FILE *fp_out, 
               int position, int parent, char **nodes, char *val, int node_pos)
 {
     int c;
@@ -240,8 +240,8 @@ int _WReadElem(FILE *fp_in, FILE *fp_out,
                 continue;
             }
         }
-
-
+        
+        
         /* Real checking */
         if(location == -1)
         {
@@ -263,7 +263,7 @@ int _WReadElem(FILE *fp_in, FILE *fp_out,
                 continue;
             }
         }
-
+        
 
         /* Looking for the closure */
         else if((location == 0) && ((c == _R_CONFE) || (c == ' ')))
@@ -278,7 +278,7 @@ int _WReadElem(FILE *fp_in, FILE *fp_out,
                 _ge = '/';
                 elem[count -1] = '\0';
             }
-
+            
 
             /* If we may have more attributes */
             if(c == ' ')
@@ -299,11 +299,11 @@ int _WReadElem(FILE *fp_in, FILE *fp_out,
             {
                 count = 0;
                 location = -1;
-
+             
                 memset(elem,'\0',XML_MAXSIZE);
                 memset(closedelem,'\0',XML_MAXSIZE);
                 memset(cont,'\0',XML_MAXSIZE);
-
+                
                 if(parent > 0)
                 {
                     return(ret_code);
@@ -314,7 +314,7 @@ int _WReadElem(FILE *fp_in, FILE *fp_out,
             {
                 count = 0;
                 location = 1;
-            }
+            }    
 
 
             /* Checking position of the node */
@@ -324,7 +324,7 @@ int _WReadElem(FILE *fp_in, FILE *fp_out,
             }
 
             /* Checking if the element name matches */
-            if(node_pos == position &&
+            if(node_pos == position && 
                nodes[node_pos] && strcmp(elem, nodes[node_pos]) == 0)
             {
                 node_pos++;
@@ -346,7 +346,7 @@ int _WReadElem(FILE *fp_in, FILE *fp_out,
                 }
             }
         }
-
+        
         else if((location == 2) &&(c == _R_CONFE))
         {
             closedelem[count]='\0';
@@ -358,7 +358,7 @@ int _WReadElem(FILE *fp_in, FILE *fp_out,
             memset(elem,'\0',XML_MAXSIZE);
             memset(closedelem,'\0',XML_MAXSIZE);
             memset(cont,'\0',XML_MAXSIZE);
-
+            
             count = 0;	
             location = -1;
             if(parent > 0)
@@ -396,7 +396,7 @@ int _WReadElem(FILE *fp_in, FILE *fp_out,
                 {
                     ret_code = 1;
                 }
-
+                
                 count = 0;
             }
         }
@@ -416,7 +416,7 @@ int _WReadElem(FILE *fp_in, FILE *fp_out,
             }
         }
     }
-
+    
     if(location == -1)
     {
         return(ret_code);
diff --git a/src/os_xml/os_xml_writer.h b/src/os_xml/os_xml_writer.h
index ce413c6..59c41e9 100755
--- a/src/os_xml/os_xml_writer.h
+++ b/src/os_xml/os_xml_writer.h
@@ -38,7 +38,7 @@
  */
 int OS_WriteXML(char *infile, char *outfile, char **nodes, char *attr,
                 char *oldval, char *newval,  int type);
-
+  
 
 #endif
 
diff --git a/src/os_zlib/._Makefile b/src/os_zlib/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_zlib/._Makefile differ
diff --git a/src/os_zlib/._os_zlib.c b/src/os_zlib/._os_zlib.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_zlib/._os_zlib.c differ
diff --git a/src/os_zlib/._os_zlib.h b/src/os_zlib/._os_zlib.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_zlib/._os_zlib.h differ
diff --git a/src/os_zlib/._zlib-test.c b/src/os_zlib/._zlib-test.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/os_zlib/._zlib-test.c differ
diff --git a/src/os_zlib/os_zlib.c b/src/os_zlib/os_zlib.c
index ad208fb..46f8e69 100755
--- a/src/os_zlib/os_zlib.c
+++ b/src/os_zlib/os_zlib.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 #include "shared.h"
 #include "os_zlib.h"
 
@@ -17,10 +17,10 @@
 int os_compress(char *src, char *dst, int src_size, int dst_size)
 {
     unsigned long int zl_dst = dst_size;
-
+    
     /* We make sure to do not allow long sizes */
-    if(compress2((unsigned char *)dst,
-                 &zl_dst,
+    if(compress2((unsigned char *)dst, 
+                 &zl_dst, 
                  (unsigned char *)src,
                  (unsigned long int)src_size, 9) == Z_OK)
     {
@@ -36,10 +36,10 @@ int os_compress(char *src, char *dst, int src_size, int dst_size)
 int os_uncompress(char *src, char *dst, int src_size, int dst_size)
 {
     unsigned long int zl_dst = dst_size;
-
-    if(uncompress((unsigned char *)dst,
+    
+    if(uncompress((unsigned char *)dst, 
                   &zl_dst,
-                  (unsigned char *)src,
+                  (unsigned char *)src, 
                   (unsigned long int)src_size) == Z_OK)
     {
         dst[zl_dst] = '\0';
diff --git a/src/os_zlib/os_zlib.h b/src/os_zlib/os_zlib.h
index 17d8d0b..5645996 100755
--- a/src/os_zlib/os_zlib.h
+++ b/src/os_zlib/os_zlib.h
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 
 #ifndef __OS_ZLIB_H
 #define __OS_ZLIB_H
diff --git a/src/os_zlib/zlib-test.c b/src/os_zlib/zlib-test.c
index fcbaabe..42ac1d1 100755
--- a/src/os_zlib/zlib-test.c
+++ b/src/os_zlib/zlib-test.c
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 #include "shared.h"
 #include "os_zlib.h"
 
@@ -21,7 +21,7 @@
 /* Zlib test */
 int main(int argc, char **argv)
 {
-    int ret, srcsize, dstsize = 2010;
+    int ret, srcsize, dstsize = 2010; 
     char dst[2048];
     char dst2[2048];
 
@@ -33,7 +33,7 @@ int main(int argc, char **argv)
         printf("%s: string\n", argv[0]);
         exit(1);
     }
-
+    
     srcsize = strlen(argv[1]);
     if(srcsize > 2000)
     {
@@ -41,7 +41,7 @@ int main(int argc, char **argv)
         exit(1);
 
     }
-
+    
     if((ret = os_compress(argv[1], dst, srcsize, dstsize)))
     {
         printf("Compressed, from %d->%d\n",srcsize, ret);
@@ -54,11 +54,11 @@ int main(int argc, char **argv)
 
     /* Setting new srcsize for decompression */
     srcsize = ret;
-
+    
     if((ret = os_uncompress(dst, dst2, srcsize, dstsize)))
     {
-        printf("Uncompressed ok. String: '%s', size %d->%d\n",
-                                        dst2, srcsize, ret);
+        printf("Uncompressed ok. String: '%s', size %d->%d\n", 
+                                        dst2, srcsize, ret); 
     }
     else
     {
diff --git a/src/remoted/._COPYRIGHT b/src/remoted/._COPYRIGHT
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._COPYRIGHT differ
diff --git a/src/remoted/._Makefile b/src/remoted/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._Makefile differ
diff --git a/src/remoted/._README b/src/remoted/._README
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._README differ
diff --git a/src/remoted/._VERSION b/src/remoted/._VERSION
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._VERSION differ
diff --git a/src/remoted/._ar-forward.c b/src/remoted/._ar-forward.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._ar-forward.c differ
diff --git a/src/remoted/._config.c b/src/remoted/._config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._config.c differ
diff --git a/src/remoted/._main.c b/src/remoted/._main.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._main.c differ
diff --git a/src/remoted/._manager.c b/src/remoted/._manager.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._manager.c differ
diff --git a/src/remoted/._remoted.c b/src/remoted/._remoted.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._remoted.c differ
diff --git a/src/remoted/._remoted.h b/src/remoted/._remoted.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._remoted.h differ
diff --git a/src/remoted/._secure.c b/src/remoted/._secure.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._secure.c differ
diff --git a/src/remoted/._sendmsg.c b/src/remoted/._sendmsg.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._sendmsg.c differ
diff --git a/src/remoted/._syslog.c b/src/remoted/._syslog.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._syslog.c differ
diff --git a/src/remoted/._syslogtcp.c b/src/remoted/._syslogtcp.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/remoted/._syslogtcp.c differ
diff --git a/src/remoted/ar-forward.c b/src/remoted/ar-forward.c
index df76769..ab261b3 100755
--- a/src/remoted/ar-forward.c
+++ b/src/remoted/ar-forward.c
@@ -29,9 +29,9 @@ void *AR_Forward(void *arg)
     int arq = 0;
     int agent_id = 0;
     int ar_location = 0;
-
+    
     char msg_to_send[OS_SIZE_1024 +1];
-
+    
     char msg[OS_SIZE_1024 +1];
     char *location = NULL;
     char *ar_location_str = NULL;
@@ -54,8 +54,8 @@ void *AR_Forward(void *arg)
         {
             /* Always zeroing the location */
             ar_location = 0;
-
-
+            
+            
             /* Getting the location */
             location = msg;
 
@@ -105,8 +105,8 @@ void *AR_Forward(void *arg)
             {
                 ar_location|=SPECIFIC_AGENT;
             }
-
-
+            
+            
             /*** Extracting the active response location ***/
             tmp_str = strchr(ar_location_str, ' ');
             if(!tmp_str)
@@ -128,28 +128,28 @@ void *AR_Forward(void *arg)
             }
             *tmp_str = '\0';
             tmp_str++;
-
-
+            
+            
             /*** Creating the new message ***/
             if(ar_location & NO_AR_MSG)
             {
-                snprintf(msg_to_send, OS_SIZE_1024, "%s%s",
+                snprintf(msg_to_send, OS_SIZE_1024, "%s%s", 
                                       CONTROL_HEADER,
                                       tmp_str);
             }
             else
             {
-                snprintf(msg_to_send, OS_SIZE_1024, "%s%s%s",
+                snprintf(msg_to_send, OS_SIZE_1024, "%s%s%s", 
                                       CONTROL_HEADER,
                                       EXECD_HEADER,
                                       tmp_str);
             }
 
-
+            
             /* Lock use of keys */
             key_lock();
-
-
+            
+            
             /* Sending to ALL agents */
             if(ar_location & ALL_AGENTS)
             {
@@ -169,7 +169,7 @@ void *AR_Forward(void *arg)
                     merror(AR_NOAGENT_ERROR, ARGV0, location);
                     continue;
                 }
-
+                
                 send_msg(agent_id, msg_to_send);
             }
 
@@ -179,7 +179,7 @@ void *AR_Forward(void *arg)
                 ar_location++;
 
                 agent_id = OS_IsAllowedID(&keys, ar_agent_id);
-
+                
                 if(agent_id < 0)
                 {
                     key_unlock();
@@ -196,6 +196,6 @@ void *AR_Forward(void *arg)
     }
 }
 
-
+ 
 
 /* EOF */
diff --git a/src/remoted/config.c b/src/remoted/config.c
index 3328023..f1283bb 100755
--- a/src/remoted/config.c
+++ b/src/remoted/config.c
@@ -26,7 +26,7 @@
  * v0.2: New OS_XML
  * v0.3: Some improvements and cleanup
  * v0.4: Move everything to the global config validator.
- */
+ */ 
 int RemotedConfig(char *cfgfile, remoted *logr)
 {
     int modules = 0;
diff --git a/src/remoted/main.c b/src/remoted/main.c
index 008eacd..e85fe0b 100755
--- a/src/remoted/main.c
+++ b/src/remoted/main.c
@@ -21,17 +21,17 @@ int main(int argc, char **argv)
     int i = 0,c = 0;
     int uid = 0, gid = 0;
     int test_config = 0,run_foreground = 0;
-
+    
     char *cfg = DEFAULTCPATH;
     char *dir = DEFAULTDIR;
     char *user = REMUSER;
     char *group = GROUPGLOBAL;
 
-
+    
     /* Setting the name -- must be done ASAP */
     OS_SetName(ARGV0);
 
-
+    
     while((c = getopt(argc, argv, "Vdthfu:g:c:D:")) != -1){
         switch(c){
             case 'V':
@@ -57,7 +57,7 @@ int main(int argc, char **argv)
                 group = optarg;
                 break;		
             case 't':
-                test_config = 1;
+                test_config = 1;    
                 break;
             case 'c':
                 if (!optarg)
@@ -72,8 +72,8 @@ int main(int argc, char **argv)
     }
 
     debug1(STARTED_MSG,ARGV0);
-
-
+    
+    
     /* Return 0 if not configured */
     if(RemotedConfig(cfg, &logr) < 0)
     {
@@ -90,7 +90,7 @@ int main(int argc, char **argv)
         /* Not configured. */
         exit(0);
     }
-
+        
     /* Check if the user and group given are valid */
     uid = Privsep_GetUser(user);
     gid = Privsep_GetGroup(group);
@@ -102,13 +102,13 @@ int main(int argc, char **argv)
     i = getpid();
 
 
-    if(!run_foreground)
+    if(!run_foreground) 
     {
         nowDaemon();
         goDaemon();
     }
 
-
+    
     /* Setting new group */
     if(Privsep_SetGroup(gid) < 0)
             ErrorExit(SETGID_ERROR, ARGV0, group);
@@ -131,21 +131,21 @@ int main(int argc, char **argv)
     #else
     srandom( time(0) + getpid()+ i);
     #endif
-
+    
     random();
-
+    
 
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, (int)getpid());
 
 
     /* Really starting the program. */
-    i = 0;
+    i = 0; 
     while(logr.conn[i] != 0)
     {
         /* Forking for each connection handler */
         if(fork() == 0)
-        {
+        {   
             /* On the child */
             debug1("%s: DEBUG: Forking remoted: '%d'.",ARGV0, i);
             HandleRemote(i, uid);
diff --git a/src/remoted/manager.c b/src/remoted/manager.c
index 3008401..41ddc18 100755
--- a/src/remoted/manager.c
+++ b/src/remoted/manager.c
@@ -63,7 +63,7 @@ void save_controlmsg(int agentid, char *r_msg)
 {
     char msg_ack[OS_FLSIZE +1];
 
-
+    
     /* Replying to the agent. */
     snprintf(msg_ack, OS_FLSIZE, "%s%s", CONTROL_HEADER, HC_ACK);
     send_msg(agentid, msg_ack);
@@ -75,12 +75,12 @@ void save_controlmsg(int agentid, char *r_msg)
     {
         utimes(_keep_alive[agentid], NULL);
     }
-
+        
     else if(strcmp(r_msg, HC_STARTUP) == 0)
     {
         return;
     }
-
+    
     else
     {
         FILE *fp;
@@ -144,7 +144,7 @@ void save_controlmsg(int agentid, char *r_msg)
 
             os_strdup(agent_file, _keep_alive[agentid]);
         }
-
+        
 
         /* Writing to the file. */
         fp = fopen(_keep_alive[agentid], "w");
@@ -155,7 +155,7 @@ void save_controlmsg(int agentid, char *r_msg)
         }
     }
 
-
+    
     /* Locking now to notify of change.  */
     if(pthread_mutex_lock(&lastmsg_mutex) != 0)
     {
@@ -163,7 +163,7 @@ void save_controlmsg(int agentid, char *r_msg)
         return;
     }
 
-
+     
     /* Assign new values */
     _changed[agentid] = 1;
     modified_agentid = agentid;
@@ -172,7 +172,7 @@ void save_controlmsg(int agentid, char *r_msg)
     /* Signal that new data is available */
     pthread_cond_signal(&awake_mutex);
 
-
+    
     /* Unlocking mutex */
     if(pthread_mutex_unlock(&lastmsg_mutex) != 0)
     {
@@ -180,9 +180,9 @@ void save_controlmsg(int agentid, char *r_msg)
         return;
     }
 
-
+    
     return;
-}
+}    
 
 
 
@@ -193,14 +193,14 @@ void f_files()
     int i;
     if(!f_sum)
         return;
-    for(i = 0;;i++)
+    for(i = 0;;i++)    
     {
         if(f_sum[i] == NULL)
             break;
-
+        
         if(f_sum[i]->name)
             free(f_sum[i]->name);
-
+            
         free(f_sum[i]);
         f_sum[i] = NULL;
     }
@@ -219,9 +219,9 @@ void c_files()
     DIR *dp;
 
     struct dirent *entry;
-
+    
     os_md5 md5sum;
-
+    
     int f_size = 0;
 
 
@@ -241,21 +241,21 @@ void c_files()
 
     /* Opening the directory given */
     dp = opendir(SHAREDCFG_DIR);
-    if(!dp)
+    if(!dp) 
     {
         merror("%s: Error opening directory: '%s': %s ",
                 ARGV0,
                 SHAREDCFG_DIR,
                 strerror(errno));
         return;
-    }
+    }   
 
 
     /* Reading directory */
     while((entry = readdir(dp)) != NULL)
     {
         char tmp_dir[512];
-
+        
         /* Just ignore . and ..  */
         if((strcmp(entry->d_name,".") == 0) ||
            (strcmp(entry->d_name,"..") == 0))
@@ -272,14 +272,14 @@ void c_files()
             continue;
         }
 
-
+        
         if(OS_MD5_File(tmp_dir, md5sum) != 0)
         {
             merror("%s: Error accessing file '%s'",ARGV0, tmp_dir);
             continue;
         }
-
-
+        
+        
         f_sum = (file_sum **)realloc(f_sum, (f_size +2) * sizeof(file_sum *));
         if(!f_sum)
         {
@@ -292,7 +292,7 @@ void c_files()
             ErrorExit(MEM_ERROR,ARGV0);
         }
 
-
+        
         strncpy(f_sum[f_size]->sum, md5sum, 32);
         os_strdup(entry->d_name, f_sum[f_size]->name);
         f_sum[f_size]->mark = 0;
@@ -301,7 +301,7 @@ void c_files()
         MergeAppendFile(SHAREDCFG_FILE, tmp_dir);
         f_size++;
     }
-
+    
     if(f_sum != NULL)
         f_sum[f_size] = NULL;
 
@@ -313,15 +313,15 @@ void c_files()
         merror("%s: Error accessing file '%s'",ARGV0, SHAREDCFG_FILE);
         f_sum[0]->sum[0] = '\0';
     }
-    strncpy(f_sum[0]->sum, md5sum, 32);
+    strncpy(f_sum[0]->sum, md5sum, 32);    
 
 
     os_strdup(SHAREDCFG_FILENAME, f_sum[0]->name);
 
-    return;
+    return;    
 }
 
-
+ 
 
 /* send_file_toagent: Sends a file to the agent.
  * Returns -1 on error
@@ -331,10 +331,10 @@ int send_file_toagent(int agentid, char *name, char *sum)
     int i = 0, n = 0;
     char file[OS_SIZE_1024 +1];
     char buf[OS_SIZE_1024 +1];
-
+    
     FILE *fp;
 
-
+    
     snprintf(file, OS_SIZE_1024, "%s/%s",SHAREDCFG_DIR, name);
     fp = fopen(file, "r");
     if(!fp)
@@ -345,7 +345,7 @@ int send_file_toagent(int agentid, char *name, char *sum)
 
 
     /* Sending the file name first */
-    snprintf(buf, OS_SIZE_1024, "%s%s%s %s\n",
+    snprintf(buf, OS_SIZE_1024, "%s%s%s %s\n", 
                              CONTROL_HEADER, FILE_UPDATE_HEADER, sum, name);
 
     if(send_msg(agentid, buf) == -1)
@@ -377,7 +377,7 @@ int send_file_toagent(int agentid, char *name, char *sum)
         i++;
     }
 
-
+    
     /* Sending the message to close the file */
     snprintf(buf, OS_SIZE_1024, "%s%s", CONTROL_HEADER, FILE_CLOSE_HEADER);
     if(send_msg(agentid, buf) == -1)
@@ -386,10 +386,10 @@ int send_file_toagent(int agentid, char *name, char *sum)
         fclose(fp);
         return(-1);
     }
-
+    
 
     fclose(fp);
-
+    
     return(0);
 }
 
@@ -400,7 +400,7 @@ int send_file_toagent(int agentid, char *name, char *sum)
  * the agent.
  */
 void read_controlmsg(int agentid, char *msg)
-{
+{   
     int i;
 
 
@@ -424,7 +424,7 @@ void read_controlmsg(int agentid, char *msg)
     }
 
 
-    /* Parse message */
+    /* Parse message */ 
     while(*msg != '\0')
     {
         char *md5;
@@ -437,7 +437,7 @@ void read_controlmsg(int agentid, char *msg)
         if(!msg)
         {
             merror("%s: Invalid message from '%s' (strchr \\n)",
-                        ARGV0,
+                        ARGV0, 
                         keys.keyentries[agentid]->ip->ip);
             break;
         }
@@ -449,7 +449,7 @@ void read_controlmsg(int agentid, char *msg)
         if(!file)
         {
             merror("%s: Invalid message from '%s' (strchr ' ')",
-                        ARGV0,
+                        ARGV0, 
                         keys.keyentries[agentid]->ip->ip);
             break;
         }
@@ -463,7 +463,7 @@ void read_controlmsg(int agentid, char *msg)
         {
             if(strcmp(f_sum[0]->sum, md5) != 0)
             {
-                debug1("%s: DEBUG Sending file '%s' to agent.", ARGV0,
+                debug1("%s: DEBUG Sending file '%s' to agent.", ARGV0, 
                        f_sum[0]->name);
                 if(send_file_toagent(agentid,f_sum[0]->name,f_sum[0]->sum)<0)
                 {
@@ -476,7 +476,7 @@ void read_controlmsg(int agentid, char *msg)
             i = 0;
             while(f_sum[i])
             {
-                f_sum[i]->mark = 0;
+                f_sum[i]->mark = 0;        
                 i++;
             }
 
@@ -499,7 +499,7 @@ void read_controlmsg(int agentid, char *msg)
             {
                 f_sum[i]->mark = 2;
             }
-            break;
+            break;        
         }
     }
 
@@ -513,7 +513,7 @@ void read_controlmsg(int agentid, char *msg)
         if((f_sum[i]->mark == 1) ||
            (f_sum[i]->mark == 0))
         {
-
+            
             debug1("%s: Sending file '%s' to agent.", ARGV0, f_sum[i]->name);
             if(send_file_toagent(agentid,f_sum[i]->name,f_sum[i]->sum) < 0)
             {
@@ -523,11 +523,11 @@ void read_controlmsg(int agentid, char *msg)
             }
         }
 
-        f_sum[i]->mark = 0;
+        f_sum[i]->mark = 0;        
     }
 
-
-    return;
+    
+    return; 
 }
 
 
@@ -540,17 +540,17 @@ void *wait_for_msgs(void *none)
 {
     int id, i;
     char msg[OS_SIZE_1024 +2];
-
+    
 
     /* Initializing the memory */
     memset(msg, '\0', OS_SIZE_1024 +2);
 
-
+    
     /* should never leave this loop */
     while(1)
     {
         /* Every NOTIFY * 30 minutes, re read the files.
-         * If something changed, notify all agents
+         * If something changed, notify all agents 
          */
         _ctime = time(0);
         if((_ctime - _stime) > (NOTIFY_TIME*30))
@@ -560,8 +560,8 @@ void *wait_for_msgs(void *none)
 
             _stime = _ctime;
         }
-
-
+        
+        
         /* locking mutex */
         if(pthread_mutex_lock(&lastmsg_mutex) != 0)
         {
@@ -591,9 +591,9 @@ void *wait_for_msgs(void *none)
             {
                 continue;
             }
-
+            
             id = 0;
-
+            
             /* locking mutex */
             if(pthread_mutex_lock(&lastmsg_mutex) != 0)
             {
@@ -614,7 +614,7 @@ void *wait_for_msgs(void *none)
 
                 id = 1;
             }
-
+            
             /* Unlocking mutex */
             if(pthread_mutex_unlock(&lastmsg_mutex) != 0)
             {
@@ -658,7 +658,7 @@ void manager_init(int isUpdate)
         pthread_mutex_init(&lastmsg_mutex, NULL);
         pthread_cond_init(&awake_mutex, NULL);
     }
-
+    
     modified_agentid = -1;
 
     return;
diff --git a/src/remoted/remoted.c b/src/remoted/remoted.c
index 0800f1c..4719e59 100755
--- a/src/remoted/remoted.c
+++ b/src/remoted/remoted.c
@@ -9,14 +9,14 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
 
 
 /* remote daemon.
- * Listen to remote packets and forward them to the analysis
+ * Listen to remote packets and forward them to the analysis 
  * system
  */
 
@@ -55,12 +55,12 @@ void HandleRemote(int position, int uid)
             }
         }
     }
+    
 
-
-    /* Bind TCP */
+    /* Bind TCP */ 
     if(logr.proto[position] == TCP_PROTO)
     {
-        if((logr.sock =
+        if((logr.sock = 
             OS_Bindporttcp(logr.port[position],logr.lip[position], logr.ipv6[position])) < 0)
         {
             ErrorExit(BIND_ERROR, ARGV0, logr.port[position]);
@@ -69,22 +69,22 @@ void HandleRemote(int position, int uid)
     else
     {
         /* Using UDP. Fast, unreliable.. perfect */
-        if((logr.sock =
+        if((logr.sock = 
             OS_Bindportudp(logr.port[position], logr.lip[position], logr.ipv6[position])) < 0)
         {
             ErrorExit(BIND_ERROR, ARGV0, logr.port[position]);
         }
     }
 
-
-
+   
+   
     /* Revoking the privileges */
     if(Privsep_SetUser(uid) < 0)
     {
         ErrorExit(SETUID_ERROR,ARGV0, REMUSER);
     }
-
-
+                    
+    
     /* Creating PID */
     if(CreatePID(ARGV0, getpid()) < 0)
     {
@@ -94,25 +94,25 @@ void HandleRemote(int position, int uid)
 
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, (int)getpid());
-
+        
 
     /* If Secure connection, deal with it */
     if(logr.conn[position] == SECURE_CONN)
     {
         HandleSecure();
     }
-
+    
     else if(logr.proto[position] == TCP_PROTO)
     {
         HandleSyslogTCP();
     }
-
+    
     /* If not, deal with syslog */
     else
     {
         HandleSyslog();
     }
-
+    
     return;
 }
 
diff --git a/src/remoted/remoted.h b/src/remoted/remoted.h
index d26e289..e0b5963 100755
--- a/src/remoted/remoted.h
+++ b/src/remoted/remoted.h
@@ -29,7 +29,7 @@
 int RemotedConfig(char *cfgfile, remoted *logr);
 
 /* Handle Remote connections */
-void HandleRemote(int position, int uid);
+void HandleRemote(int position, int uid); 
 
 /* Handle Syslog */
 void HandleSyslog();
diff --git a/src/remoted/secure.c b/src/remoted/secure.c
index 39f4269..208da03 100755
--- a/src/remoted/secure.c
+++ b/src/remoted/secure.c
@@ -27,7 +27,7 @@ void HandleSecure()
     int agentid;
 
     char buffer[OS_MAXSTR +1];
-    char cleartext_msg[OS_MAXSTR +1];
+    char cleartext_msg[OS_MAXSTR +1]; 
     char srcip[IPSIZE +1];
     char *tmp_msg;
     char srcmsg[OS_FLSIZE +1];
@@ -56,7 +56,7 @@ void HandleSecure()
     {
         ErrorExit(THREAD_ERROR, ARGV0);
     }
-
+    
     /* Creating wait_for_msgs thread */
     if(CreateThread(wait_for_msgs, (void *)NULL) != 0)
     {
@@ -71,16 +71,16 @@ void HandleSecure()
     {
         ErrorExit(QUEUE_FATAL, ARGV0, DEFAULTQUEUE);
     }
+        
+    
+    verbose(AG_AX_AGENTS, ARGV0, MAX_AGENTS);    
 
-
-    verbose(AG_AX_AGENTS, ARGV0, MAX_AGENTS);
-
-
+    
     /* Reading authentication keys */
     verbose(ENC_READ, ARGV0);
-
+        
     OS_ReadKeys(&keys);
-
+    
     debug1("%s: DEBUG: OS_StartCounter.", ARGV0);
     OS_StartCounter(&keys);
     debug1("%s: DEBUG: OS_StartCounter completed.", ARGV0);
@@ -96,14 +96,14 @@ void HandleSecure()
     memset(cleartext_msg, '\0', OS_MAXSTR +1);
     memset(srcmsg, '\0', OS_FLSIZE +1);
     tmp_msg = NULL;
-
-
-
+    
+    
+    
     /* loop in here */
     while(1)
     {
         /* Receiving message  */
-        recv_b = recvfrom(logr.sock, buffer, OS_MAXSTR, 0,
+        recv_b = recvfrom(logr.sock, buffer, OS_MAXSTR, 0, 
                 (struct sockaddr *)&peer_info, &peer_size);
 
 
@@ -120,13 +120,13 @@ void HandleSecure()
 
 
 
-        /* Getting a valid agentid */
+        /* Getting a valid agentid */ 
         if(buffer[0] == '!')
         {
             tmp_msg = buffer;
             tmp_msg++;
-
-
+            
+            
             /* We need to make sure that we have a valid id
              * and that we reduce the recv buffer size.
              */
@@ -167,7 +167,7 @@ void HandleSecure()
         }
         else
         {
-            agentid = OS_IsAllowedIP(&keys, srcip);
+            agentid = OS_IsAllowedIP(&keys, srcip); 
             if(agentid < 0)
             {
                 if(check_keyupdate())
@@ -187,9 +187,9 @@ void HandleSecure()
             }
             tmp_msg = buffer;
         }
+        
 
-
-        /* Decrypting the message */
+        /* Decrypting the message */    
         tmp_msg = ReadSecMSG(&keys, tmp_msg, cleartext_msg,
                              agentid, recv_b -1);
         if(tmp_msg == NULL)
@@ -199,7 +199,7 @@ void HandleSecure()
         }
 
 
-        /* Check if it is a control message */
+        /* Check if it is a control message */ 
         if(IsValidHeader(tmp_msg))
         {
             /* We need to save the peerinfo if it is a control msg */
@@ -213,14 +213,14 @@ void HandleSecure()
 
 
         /* Generating srcmsg */
-        snprintf(srcmsg, OS_FLSIZE,"(%s) %s",keys.keyentries[agentid]->name,
+        snprintf(srcmsg, OS_FLSIZE,"(%s) %s",keys.keyentries[agentid]->name, 
                                              keys.keyentries[agentid]->ip->ip);
-
+        
 
         /* If we can't send the message, try to connect to the
          * socket again. If it not exit.
          */
-        if(SendMSG(logr.m_queue, tmp_msg, srcmsg,
+        if(SendMSG(logr.m_queue, tmp_msg, srcmsg, 
                    SECURE_MQ) < 0)
         {
             merror(QUEUE_ERROR, ARGV0, DEFAULTQUEUE, strerror(errno));
diff --git a/src/remoted/sendmsg.c b/src/remoted/sendmsg.c
index 0c6e2ad..571180e 100755
--- a/src/remoted/sendmsg.c
+++ b/src/remoted/sendmsg.c
@@ -65,9 +65,9 @@ int check_keyupdate()
     {
         return(0);
     }
-
+    
     key_lock();
-
+    
     /* Locking before using */
     if(pthread_mutex_lock(&sendmsg_mutex) != 0)
     {
@@ -75,7 +75,7 @@ int check_keyupdate()
         merror(MUTEX_ERROR, ARGV0);
         return(0);
     }
-
+                                            
     if(OS_UpdateKeys(&keys))
     {
         if(pthread_mutex_unlock(&sendmsg_mutex) != 0)
@@ -91,7 +91,7 @@ int check_keyupdate()
         merror(MUTEX_ERROR, ARGV0);
     }
     key_unlock();
-
+    
     return(0);
 }
 
@@ -106,7 +106,7 @@ void send_msg_init()
 }
 
 
-/* send_msg()
+/* send_msg() 
  * Send message to an agent.
  * Returns -1 on error
  */
@@ -122,7 +122,7 @@ int send_msg(int agentid, char *msg)
         return(-1);
     }
 
-
+    
     msg_size = CreateSecMSG(&keys, msg, crypt_msg, agentid);
     if(msg_size == 0)
     {
@@ -130,7 +130,7 @@ int send_msg(int agentid, char *msg)
         return(-1);
     }
 
-
+    
     /* Locking before using */
     if(pthread_mutex_lock(&sendmsg_mutex) != 0)
     {
@@ -142,19 +142,19 @@ int send_msg(int agentid, char *msg)
     /* Sending initial message */
     if(sendto(logr.sock, crypt_msg, msg_size, 0,
                        (struct sockaddr *)&keys.keyentries[agentid]->peer_info,
-                       logr.peer_size) < 0)
+                       logr.peer_size) < 0) 
     {
         merror(SEND_ERROR,ARGV0, keys.keyentries[agentid]->id);
     }
-
-
+    
+    
     /* Unlocking mutex */
     if(pthread_mutex_unlock(&sendmsg_mutex) != 0)
     {
         merror(MUTEX_ERROR, ARGV0);
         return(-1);
     }
-
+                                        
 
     return(0);
 }
diff --git a/src/remoted/syslog.c b/src/remoted/syslog.c
index 7011aa8..b66df4b 100755
--- a/src/remoted/syslog.c
+++ b/src/remoted/syslog.c
@@ -19,7 +19,7 @@
 
 
 
-/* OS_IPNotAllowed, v0.1, 2005/02/11
+/* OS_IPNotAllowed, v0.1, 2005/02/11 
  * Checks if an IP is not allowed.
  */
 static int OS_IPNotAllowed(char *srcip)
@@ -67,7 +67,7 @@ void HandleSyslog()
     /* Initializing some variables */
     memset(buffer, '\0', OS_SIZE_1024 +2);
 
-
+    
     /* Connecting to the message queue
      * Exit if it fails.
      */
@@ -75,13 +75,13 @@ void HandleSyslog()
     {
         ErrorExit(QUEUE_FATAL,ARGV0, DEFAULTQUEUE);
     }
-
+        
 
     /* Infinite loop in here */
     while(1)
     {
         /* Receiving message  */
-        recv_b = recvfrom(logr.sock, buffer, OS_SIZE_1024, 0,
+        recv_b = recvfrom(logr.sock, buffer, OS_SIZE_1024, 0, 
                 (struct sockaddr *)&peer_info, &peer_size);
 
         /* Nothing received */
@@ -120,7 +120,7 @@ void HandleSyslog()
         else
         {
             buffer_pt = buffer;
-        }
+        }    
 
         /* Checking if IP is allowed here */
         if(OS_IPNotAllowed(srcip))
diff --git a/src/remoted/syslogtcp.c b/src/remoted/syslogtcp.c
index cce947f..0ad7429 100755
--- a/src/remoted/syslogtcp.c
+++ b/src/remoted/syslogtcp.c
@@ -19,7 +19,7 @@
 
 
 
-/* OS_IPNotAllowed, v0.1, 2005/02/11
+/* OS_IPNotAllowed, v0.1, 2005/02/11 
  * Checks if an IP is not allowed.
  */
 static int OS_IPNotAllowed(char *srcip)
@@ -51,14 +51,14 @@ static void HandleClient(int client_socket, char *srcip)
 {
     int sb_size = OS_MAXSTR;
     int r_sz = 0;
-
+    
     char buffer[OS_MAXSTR +2];
     char storage_buffer[OS_MAXSTR +2];
     char tmp_buffer[OS_MAXSTR +2];
 
     char *buffer_pt = NULL;
 
-
+    
     /* Initializing some variables */
     memset(buffer, '\0', OS_MAXSTR +2);
     memset(storage_buffer, '\0', OS_MAXSTR +2);
@@ -86,12 +86,12 @@ static void HandleClient(int client_socket, char *srcip)
                 storage_buffer[0] = '\0';
                 continue;
             }
-
+            
             strncat(storage_buffer, buffer, sb_size);
             sb_size -= r_sz;
-            continue;
+            continue; 
         }
-
+        
         /* Seeing if we received more then just one message */
         if(*(buffer_pt +1) != '\0')
         {
@@ -112,14 +112,14 @@ static void HandleClient(int client_socket, char *srcip)
         }
 
         strncat(storage_buffer, buffer, sb_size);
-
+        
 
         /* Removing carriage returns too */
         buffer_pt = strchr(storage_buffer, '\r');
         if(buffer_pt)
             *buffer_pt = '\0';
 
-
+        
         /* Removing syslog header */
         if(storage_buffer[0] == '<')
         {
@@ -173,13 +173,13 @@ void HandleSyslogTCP()
     int client_socket = 0;
     int st_errors = 0;
     int childcount = 0;
-
+    
     char srcip[IPSIZE +1];
 
     /* Initializing some variables */
     memset(srcip, '\0', IPSIZE + 1);
 
-
+    
     /* Connecting to the message queue
      * Exit if it fails.
      */
@@ -187,7 +187,7 @@ void HandleSyslogTCP()
     {
         ErrorExit(QUEUE_FATAL,ARGV0, DEFAULTQUEUE);
     }
-
+        
 
     /* Infinit loop in here */
     while(1)
@@ -223,7 +223,7 @@ void HandleSyslogTCP()
         }
 
 
-        /* Forking to deal with new client */
+        /* Forking to deal with new client */ 
         if(fork() == 0)
         {
             HandleClient(client_socket, srcip);
diff --git a/src/rootcheck/._Makefile b/src/rootcheck/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._Makefile differ
diff --git a/src/rootcheck/._check_open_ports.c b/src/rootcheck/._check_open_ports.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._check_open_ports.c differ
diff --git a/src/rootcheck/._check_rc_dev.c b/src/rootcheck/._check_rc_dev.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._check_rc_dev.c differ
diff --git a/src/rootcheck/._check_rc_files.c b/src/rootcheck/._check_rc_files.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._check_rc_files.c differ
diff --git a/src/rootcheck/._check_rc_if.c b/src/rootcheck/._check_rc_if.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._check_rc_if.c differ
diff --git a/src/rootcheck/._check_rc_pids.c b/src/rootcheck/._check_rc_pids.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._check_rc_pids.c differ
diff --git a/src/rootcheck/._check_rc_policy.c b/src/rootcheck/._check_rc_policy.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._check_rc_policy.c differ
diff --git a/src/rootcheck/._check_rc_ports.c b/src/rootcheck/._check_rc_ports.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._check_rc_ports.c differ
diff --git a/src/rootcheck/._check_rc_readproc.c b/src/rootcheck/._check_rc_readproc.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._check_rc_readproc.c differ
diff --git a/src/rootcheck/._check_rc_sys.c b/src/rootcheck/._check_rc_sys.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._check_rc_sys.c differ
diff --git a/src/rootcheck/._check_rc_trojans.c b/src/rootcheck/._check_rc_trojans.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._check_rc_trojans.c differ
diff --git a/src/rootcheck/._common.c b/src/rootcheck/._common.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._common.c differ
diff --git a/src/rootcheck/._common_rcl.c b/src/rootcheck/._common_rcl.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._common_rcl.c differ
diff --git a/src/rootcheck/._config.c b/src/rootcheck/._config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._config.c differ
diff --git a/src/rootcheck/._os_string.c b/src/rootcheck/._os_string.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._os_string.c differ
diff --git a/src/rootcheck/._rootcheck-config.c b/src/rootcheck/._rootcheck-config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._rootcheck-config.c differ
diff --git a/src/rootcheck/._rootcheck.c b/src/rootcheck/._rootcheck.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._rootcheck.c differ
diff --git a/src/rootcheck/._rootcheck.conf b/src/rootcheck/._rootcheck.conf
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._rootcheck.conf differ
diff --git a/src/rootcheck/._rootcheck.h b/src/rootcheck/._rootcheck.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._rootcheck.h differ
diff --git a/src/rootcheck/._run_rk_check.c b/src/rootcheck/._run_rk_check.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._run_rk_check.c differ
diff --git a/src/rootcheck/._unix-process.c b/src/rootcheck/._unix-process.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._unix-process.c differ
diff --git a/src/rootcheck/._win-common.c b/src/rootcheck/._win-common.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._win-common.c differ
diff --git a/src/rootcheck/._win-process.c b/src/rootcheck/._win-process.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/._win-process.c differ
diff --git a/src/rootcheck/check_open_ports.c b/src/rootcheck/check_open_ports.c
index 97091ee..4be5678 100755
--- a/src/rootcheck/check_open_ports.c
+++ b/src/rootcheck/check_open_ports.c
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 #include "shared.h"
 #include "headers/defs.h"
 #include "headers/debug_op.h"
@@ -26,7 +26,7 @@ char open_ports_str[OS_SIZE_1024 + 1];
 int connect_to_port(int proto, int port)
 {
     int rc = 0;
-
+    
     int ossock;
     struct sockaddr_in server;
 
@@ -50,10 +50,10 @@ int connect_to_port(int proto, int port)
     {
         rc = 1;
     }
+    
+    close(ossock);  
 
-    close(ossock);
-
-    return(rc);
+    return(rc);  
 }
 
 /* try_to_access_ports */
@@ -76,7 +76,7 @@ void try_to_access_ports()
                 snprintf(port_proto, 64, "%d (tcp),", i);
             }
             strncat(open_ports_str, port_proto, open_ports_size);
-            open_ports_size -= strlen(port_proto) +1;
+            open_ports_size -= strlen(port_proto) +1;            
 
             _ports_open++;
         }
@@ -116,18 +116,18 @@ void check_open_ports()
     memset(open_ports_str, '\0', OS_SIZE_1024 +1);
     open_ports_size = OS_SIZE_1024 - 1;
     _ports_open = 0;
-
+    
     #ifndef OSSECHIDS
     snprintf(open_ports_str, OS_SIZE_1024, "The following ports are open:");
     open_ports_size-=strlen(open_ports_str) +1;
-
-    /* Testing All ports */
+    
+    /* Testing All ports */ 
     try_to_access_ports();
 
     open_ports_str[strlen(open_ports_str) -1] = '\0';
 
     notify_rk(ALERT_OK, open_ports_str);
-
+    
     #endif
     return;
 }
diff --git a/src/rootcheck/check_rc_dev.c b/src/rootcheck/check_rc_dev.c
index 071b470..cdf5024 100755
--- a/src/rootcheck/check_rc_dev.c
+++ b/src/rootcheck/check_rc_dev.c
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 #ifndef WIN32
 #include "shared.h"
 #include "rootcheck.h"
@@ -24,12 +24,12 @@ int read_dev_dir(char *dir_name);
 int read_dev_file(char *file_name)
 {
     struct stat statbuf;
-
+    
     if(lstat(file_name, &statbuf) < 0)
     {
         return(-1);
     }
-
+    
     if(S_ISDIR(statbuf.st_mode))
     {
         #ifdef DEBUG
@@ -38,7 +38,7 @@ int read_dev_file(char *file_name)
 
         return(read_dev_dir(file_name));
     }
-
+        
     else if(S_ISREG(statbuf.st_mode))
     {
         char op_msg[OS_SIZE_1024 +1];
@@ -59,11 +59,11 @@ int read_dev_file(char *file_name)
 int read_dev_dir(char *dir_name)
 {
     int i;
-
+    
     DIR *dp;
-
+    
 	struct dirent *entry;
-
+    
     /* when will these people learn that dev is not
      * meant to store log files or other kind of texts..
      */
@@ -72,7 +72,7 @@ int read_dev_dir(char *dir_name)
                             ".udev.tdb", ".initramfs-tools",
                             "MAKEDEV.local", ".udev", ".initramfs",
                             "oprofile","fd","cgroup",
-    #ifdef SOLARIS
+    #ifdef SOLARIS                            
                             ".devfsadm_dev.lock",
                             ".devlink_db_lock",
                             ".devlink_db",
@@ -81,22 +81,22 @@ int read_dev_dir(char *dir_name)
                             ".devfsadm_synch_door",
                             ".zone_reg_door",
     #endif
-                            NULL};
-
+                            NULL};    
+    
 
     /* Full path ignore */
     char *(ignore_dev_full_path[]) = {"/dev/shm/sysconfig",
-                                      "/dev/bus/usb/.usbfs",
+                                      "/dev/bus/usb/.usbfs",  
                                       "/dev/shm",
                                       "/dev/gpmctl",
                                       NULL};
-
+    
     if((dir_name == NULL)||(strlen(dir_name) > PATH_MAX))
     {
         merror("%s: Invalid directory given.",ARGV0);
         return(-1);
     }
-
+    
     /* Opening the directory given */
     dp = opendir(dir_name);
 	if(!dp)
@@ -110,24 +110,24 @@ int read_dev_dir(char *dir_name)
 
         /* Just ignore . and ..  */
         if((strcmp(entry->d_name,".") == 0) ||
-           (strcmp(entry->d_name,"..") == 0))
+           (strcmp(entry->d_name,"..") == 0))  
             continue;
-
+       
         _dev_total++;
-
+         
         /* Do not look for the ignored files */
         for(i = 0;ignore_dev[i] != NULL;i++)
         {
             if(strcmp(ignore_dev[i], entry->d_name) == 0)
                 break;
         }
-
+       
         if(ignore_dev[i] != NULL)
             continue;
-
-        f_name[PATH_MAX +1] = '\0';
+             
+        f_name[PATH_MAX +1] = '\0';     
         snprintf(f_name, PATH_MAX +1, "%s/%s",dir_name, entry->d_name);
-
+       
 
         /* Do not look for the full ignored files */
         for(i = 0;ignore_dev_full_path[i] != NULL;i++)
@@ -136,20 +136,20 @@ int read_dev_dir(char *dir_name)
                 break;
         }
 
-
+        
         /* Checking against the full path. */
         if(ignore_dev_full_path[i] != NULL)
         {
             continue;
         }
 
-
+        
         read_dev_file(f_name);
 
     }
 
     closedir(dp);
-
+    
     return(0);
 }
 
@@ -160,7 +160,7 @@ int read_dev_dir(char *dir_name)
 void check_rc_dev(char *basedir)
 {
     char file_path[OS_SIZE_1024 +1];
-
+    
     _dev_total = 0, _dev_errors = 0;
 
     debug1("%s: DEBUG: Starting on check_rc_dev", ARGV0);
@@ -173,11 +173,11 @@ void check_rc_dev(char *basedir)
     {
         char op_msg[OS_SIZE_1024 +1];
         snprintf(op_msg, OS_SIZE_1024, "No problem detected on the /dev "
-                                    "directory. Analyzed %d files",
+                                    "directory. Analyzed %d files", 
                                     _dev_total);
         notify_rk(ALERT_OK, op_msg);
     }
-
+    
     return;
 }
 
diff --git a/src/rootcheck/check_rc_files.c b/src/rootcheck/check_rc_files.c
index b8c6f64..3fd7193 100755
--- a/src/rootcheck/check_rc_files.c
+++ b/src/rootcheck/check_rc_files.c
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 #include "shared.h"
 #include "rootcheck.h"
 
@@ -28,17 +28,17 @@ void check_rc_files(char *basedir, FILE *fp)
     char *file;
     char *name;
     char *link;
-
+   
     int _errors = 0;
     int _total = 0;
-
-
+     
+     
     debug1("%s: DEBUG: Starting on check_rc_files", ARGV0);
-
+     
     while(fgets(buf, OS_SIZE_1024, fp) != NULL)
     {
         char *nbuf;
-
+    
         /* Removing end of line */
         nbuf = strchr(buf, '\n');
         if(nbuf)
@@ -48,8 +48,8 @@ void check_rc_files(char *basedir, FILE *fp)
 
         /* Assigning buf to be used */
         nbuf = buf;
-
-        /* Excluding commented lines or blanked ones */
+       
+        /* Excluding commented lines or blanked ones */ 
         while(*nbuf != '\0')
         {
             if(*nbuf == ' ' || *nbuf == '\t')
@@ -62,15 +62,15 @@ void check_rc_files(char *basedir, FILE *fp)
             else
                 break;
         }
-
+       
         if(*nbuf == '\0')
             goto newline;
-
+             
         /* File now may be valid */
         file = nbuf;
-        name = nbuf;
-
-
+        name = nbuf; 
+         
+         
         /* Getting the file and the rootkit name */
         while(*nbuf != '\0')
         {
@@ -86,12 +86,12 @@ void check_rc_files(char *basedir, FILE *fp)
                 nbuf++;
             }
         }
-
+   
         if(*nbuf == '\0')
             goto newline;
-
-
-        /* Some ugly code to remove spaces and \t */
+             
+        
+        /* Some ugly code to remove spaces and \t */ 
         while(*nbuf != '\0')
         {
            if(*nbuf == '!')
@@ -116,21 +116,21 @@ void check_rc_files(char *basedir, FILE *fp)
            }
         }
 
-
+        
         /* Getting the link (if present) */
         link = strchr(nbuf, ':');
         if(link)
         {
             *link = '\0';
-
-            link++;
+           
+            link++; 
             if(*link == ':')
             {
                 link++;
             }
         }
-
-
+       
+         
         /* Cleaning any space of \t at the end */
         nbuf = strchr(nbuf, ' ');
         if(nbuf)
@@ -143,7 +143,7 @@ void check_rc_files(char *basedir, FILE *fp)
         {
             *nbuf = '\0';
         }
-
+        
         _total++;
 
 
@@ -154,15 +154,15 @@ void check_rc_files(char *basedir, FILE *fp)
             {
                 merror(MAX_RK_MSG, ARGV0, MAX_RK_SYS);
             }
-
+            
             else
             {
                 /* Removing * / from the file */
                 file++;
                 if(*file == '/')
                     file++;
-
-                /* Memory assignment */
+                
+                /* Memory assignment */    
                 rk_sys_file[rk_sys_count] = strdup(file);
                 rk_sys_name[rk_sys_count] = strdup(name);
 
@@ -170,16 +170,16 @@ void check_rc_files(char *basedir, FILE *fp)
                    !rk_sys_file[rk_sys_count] )
                 {
                     merror(MEM_ERROR, ARGV0);
-
+                    
                     if(rk_sys_file[rk_sys_count])
                         free(rk_sys_file[rk_sys_count]);
                     if(rk_sys_name[rk_sys_count])
                         free(rk_sys_name[rk_sys_count]);
-
+                    
                     rk_sys_file[rk_sys_count] = NULL;
-                    rk_sys_name[rk_sys_count] = NULL;
+                    rk_sys_name[rk_sys_count] = NULL;        
                 }
-
+                
                 rk_sys_count++;
 
                 /* Always assigning the last as NULL */
@@ -188,23 +188,23 @@ void check_rc_files(char *basedir, FILE *fp)
             }
             continue;
         }
-
+        
         snprintf(file_path, OS_SIZE_1024, "%s/%s",basedir, file);
-
-        /* Checking if file exists */
+        
+        /* Checking if file exists */        
         if(is_file(file_path))
         {
             char op_msg[OS_SIZE_1024 +1];
-
+            
             _errors = 1;
             snprintf(op_msg, OS_SIZE_1024, "Rootkit '%s' detected "
                      "by the presence of file '%s'.",name, file_path);
-
+            
             notify_rk(ALERT_ROOTKIT_FOUND, op_msg);
         }
-
+        
         newline:
-            continue;
+            continue;        
     }
 
     if(_errors == 0)
diff --git a/src/rootcheck/check_rc_if.c b/src/rootcheck/check_rc_if.c
index 1d4dd62..9c80ee1 100755
--- a/src/rootcheck/check_rc_if.c
+++ b/src/rootcheck/check_rc_if.c
@@ -14,7 +14,7 @@
 #include <sys/types.h>
 #include <sys/socket.h>
 
-#include <sys/ioctl.h>
+#include <sys/ioctl.h>       
 #include <net/if.h>
 
 #include <stdio.h>
@@ -50,9 +50,9 @@ int run_ifconfig(char *ifconfig)
     if(system(nt) == 0)
         return(1);
 
-    return(0);
+    return(0);    
 }
-
+                                                                                                                    
 
 /*  check_rc_if: v0.1
  *  Check all interfaces for promiscuous mode
@@ -61,7 +61,7 @@ void check_rc_if()
 {
     int _fd, _errors = 0, _total = 0;
     struct ifreq tmp_str[16];
-
+    
     struct ifconf _if;
     struct ifreq *_ir;
     struct ifreq *_ifend;
@@ -74,34 +74,34 @@ void check_rc_if()
         return;
     }
 
-
+ 
     memset(tmp_str, 0, sizeof(struct ifreq)*16);
     _if.ifc_len = sizeof(tmp_str);
     _if.ifc_buf = (caddr_t)(tmp_str);
-
+    
     if (ioctl(_fd, SIOCGIFCONF, &_if) < 0)
     {
         close(_fd);
         merror("%s: Error checking interfaces (ioctl)", ARGV0);
         return;
     }
-
+                                     
     _ifend = (struct ifreq*) ((char*)tmp_str + _if.ifc_len);
     _ir = tmp_str;
 
     /* Looping on all interfaces */
-    for (; _ir < _ifend; _ir++)
+    for (; _ir < _ifend; _ir++) 
     {
         strncpy(_ifr.ifr_name, _ir->ifr_name, sizeof(_ifr.ifr_name));
 
         /* Getting information from each interface */
-        if (ioctl(_fd, SIOCGIFFLAGS, (char*)&_ifr) == -1)
+        if (ioctl(_fd, SIOCGIFFLAGS, (char*)&_ifr) == -1) 
         {
             continue;
         }
 
         _total++;
-
+        
 
         if ((_ifr.ifr_flags & IFF_PROMISC) )
         {
@@ -121,7 +121,7 @@ void check_rc_if()
             }
             _errors++;
         }
-    }
+    }                                                                              
     close(_fd);
 
     if(_errors == 0)
@@ -131,7 +131,7 @@ void check_rc_if()
                                     " Analyzed %d interfaces.", _total);
         notify_rk(ALERT_OK, op_msg);
     }
-
+    
     return;
 }
 
diff --git a/src/rootcheck/check_rc_pids.c b/src/rootcheck/check_rc_pids.c
index bd06f2d..c5372e3 100755
--- a/src/rootcheck/check_rc_pids.c
+++ b/src/rootcheck/check_rc_pids.c
@@ -27,7 +27,7 @@ int proc_read(int pid)
 
     if(noproc)
         return(0);
-
+        
     snprintf(dir, OS_SIZE_1024, "%d", pid);
     if(isfile_ondir(dir, "/proc"))
     {
@@ -48,15 +48,15 @@ int proc_chdir(int pid)
 
     if(noproc)
         return(0);
-
+    
     if(!getcwd(curr_dir, OS_SIZE_1024))
     {
         return(0);
     }
-
+    
     if(chdir("/proc") == -1)
-        return(0);
-
+        return(0);    
+        
     snprintf(dir, OS_SIZE_1024, "/proc/%d", pid);
     if(chdir(dir) == 0)
     {
@@ -65,8 +65,8 @@ int proc_chdir(int pid)
 
     /* Returning to the previous directory */
     chdir(curr_dir);
-
-    return(ret);
+    
+    return(ret);    
 }
 
 
@@ -76,12 +76,12 @@ int proc_chdir(int pid)
 int proc_stat(int pid)
 {
     char proc_dir[OS_SIZE_1024 + 1];
-
+    
     if(noproc)
         return(0);
-
+        
     snprintf(proc_dir, OS_SIZE_1024, "%s/%d", "/proc", pid);
-
+    
     if(is_file(proc_dir))
     {
         return(1);
@@ -106,21 +106,21 @@ void loop_all_pids(char *ps, pid_t max_pid, int *_errors, int *_total)
     int _proc_stat  = 0;
     int _proc_read  = 0;
     int _proc_chdir = 0;
-
+    
     pid_t i = 1;
     pid_t my_pid;
 
     char command[OS_SIZE_1024 +1];
 
     my_pid = getpid();
-
+    
     for(;;i++)
     {
         if((i <= 0)||(i > max_pid))
             break;
 
         (*_total)++;
-
+        
         _kill0 = 0;
         _kill1 = 0;
         _gsid0 = 0;
@@ -131,15 +131,15 @@ void loop_all_pids(char *ps, pid_t max_pid, int *_errors, int *_total)
         _proc_stat  = 0;
         _proc_read  = 0;
         _proc_chdir = 0;
-
+        
 
         /* kill test */
         if(!((kill(i, 0) == -1)&&(errno == ESRCH)))
         {
             _kill0 = 1;
         }
-
-        /* getsid to test */
+       
+        /* getsid to test */ 
         if(!((getsid(i) == -1)&&(errno == ESRCH)))
         {
             _gsid0 = 1;
@@ -150,20 +150,20 @@ void loop_all_pids(char *ps, pid_t max_pid, int *_errors, int *_total)
         {
             _gpid0 = 1;
         }
-
+        
 
         /* proc stat */
         _proc_stat = proc_stat(i);
-
+        
         /* proc readdir */
         _proc_read = proc_read(i);
 
         /* proc chdir */
-        _proc_chdir = proc_chdir(i);
-
-
+        _proc_chdir = proc_chdir(i); 
+        
+               
         /* IF PID does not exist, keep going */
-        if(!_kill0 && !_gsid0 && !_gpid0 &&
+        if(!_kill0 && !_gsid0 && !_gpid0 && 
            !_proc_stat && !_proc_read && !_proc_chdir)
         {
             continue;
@@ -174,8 +174,8 @@ void loop_all_pids(char *ps, pid_t max_pid, int *_errors, int *_total)
         {
             continue;
         }
-
-        /* Checking the number of errors */
+       
+        /* Checking the number of errors */ 
         if((*_errors) > 15)
         {
             char op_msg[OS_SIZE_1024 +1];
@@ -185,13 +185,13 @@ void loop_all_pids(char *ps, pid_t max_pid, int *_errors, int *_total)
             notify_rk(ALERT_SYSTEM_CRIT, op_msg);
             return;
         }
-
-
+                                                                                
+        
         /* checking if process appears on ps */
         if(*ps)
         {
-            snprintf(command, OS_SIZE_1024, "%s -p %d > /dev/null 2>&1",
-                                                        ps,
+            snprintf(command, OS_SIZE_1024, "%s -p %d > /dev/null 2>&1", 
+                                                        ps, 
                                                         (int)i);
 
             /* Found PID on ps */
@@ -199,20 +199,20 @@ void loop_all_pids(char *ps, pid_t max_pid, int *_errors, int *_total)
             if(system(command) == 0)
                 _ps0 = 1;
         }
-
+       
         /* If we are being run by the ossec hids, sleep here (no rush) */
         #ifdef OSSECHIDS
         sleep(2);
         #endif
-
+        
         /* Everyone returned ok */
         if(_ps0 && _kill0 && _gsid0 && _gpid0 && _proc_stat && _proc_read)
         {
             continue;
         }
-
-
-
+                
+                
+        
         /* If our kill or getsid system call, got the
          * PID , but ps didn't, we need to find if it was a problem
          * with a PID being deleted (not used anymore)
@@ -222,7 +222,7 @@ void loop_all_pids(char *ps, pid_t max_pid, int *_errors, int *_total)
             {
                 _gsid1 = 1;
             }
-
+            
             if(!((kill(i, 0) == -1)&&(errno == ESRCH)))
             {
                 _kill1 = 1;
@@ -232,14 +232,14 @@ void loop_all_pids(char *ps, pid_t max_pid, int *_errors, int *_total)
             {
                 _gpid1 = 1;
             }
-
+            
 
             _proc_stat = proc_stat(i);
-
+            
             _proc_read = proc_read(i);
 
             _proc_chdir = proc_chdir(i);
-
+            
             /* If it matches, process was terminated */
             if(!_gsid1 &&!_kill1 &&!_gpid1 &&!_proc_stat &&
                !_proc_read &&!_proc_chdir)
@@ -247,14 +247,14 @@ void loop_all_pids(char *ps, pid_t max_pid, int *_errors, int *_total)
                 continue;
             }
         }
-
+        
         #ifdef AIX
         /* Ignoring AIX wait and sched programs. */
         if((_gsid0 == _gsid1) &&
            (_kill0 == _kill1) &&
            (_gpid0 == _gpid1) &&
-           (_ps0 == 1) &&
-           (_gsid0 == 1) &&
+           (_ps0 == 1) && 
+           (_gsid0 == 1) && 
            (_kill0 == 0))
         {
             /* The wait and sched programs do not respond to kill 0.
@@ -267,7 +267,7 @@ void loop_all_pids(char *ps, pid_t max_pid, int *_errors, int *_total)
         }
         #endif
 
-
+        
         if((_gsid0 == _gsid1)&&
            (_kill0 == _kill1)&&
            (_gsid0 != _kill0))
@@ -326,8 +326,8 @@ void loop_all_pids(char *ps, pid_t max_pid, int *_errors, int *_total)
                 snprintf(op_msg, OS_SIZE_1024, "Process '%d' hidden from "
                              "ps. Possible trojaned version installed.",
                              (int)i);
-
-                notify_rk(ALERT_ROOTKIT_FOUND, op_msg);
+           
+                notify_rk(ALERT_ROOTKIT_FOUND, op_msg); 
                 (*_errors)++;
             }
         }
@@ -342,16 +342,16 @@ void check_rc_pids()
 {
     int _total = 0;
     int _errors = 0;
-
+    
     char ps[OS_SIZE_1024 +1];
-
+    
     char proc_0[] = "/proc";
     char proc_1[] = "/proc/1";
 
     pid_t max_pid = MAX_PID;
 
     noproc = 1;
-
+    
     /* Checking where ps is */
     memset(ps, '\0', OS_SIZE_1024 +1);
     strncpy(ps, "/bin/ps", OS_SIZE_1024);
@@ -361,14 +361,14 @@ void check_rc_pids()
         if(!is_file(ps))
             ps[0] = '\0';
     }
-
-
+    
+    
     /* Proc is mounted */
     if(is_file(proc_0) && is_file(proc_1))
     {
         noproc = 0;
     }
-
+    
     loop_all_pids(ps, max_pid, &_errors, &_total);
 
     if(_errors == 0)
@@ -379,7 +379,7 @@ void check_rc_pids()
                                     "Analyzed %d processes.", ps, _total);
         notify_rk(ALERT_OK, op_msg);
     }
-
+    
     return;
 }
 
diff --git a/src/rootcheck/check_rc_policy.c b/src/rootcheck/check_rc_policy.c
index 8d7cf65..ed59660 100755
--- a/src/rootcheck/check_rc_policy.c
+++ b/src/rootcheck/check_rc_policy.c
@@ -10,12 +10,12 @@
  * Foundation
  */
 
-
+ 
 #include "shared.h"
 #include "rootcheck.h"
 
 
-
+ 
 /* check_rc_unixaudit:
  * Read the file pointer specified
  * and check if the configured file is there
@@ -23,9 +23,9 @@
 void check_rc_unixaudit(FILE *fp, void *p_list)
 {
     debug1("%s: DEBUG: Starting on check_rc_unixaudit", ARGV0);
-
+     
     rkcl_get_entry(fp, "System Audit:", p_list);
-
+    
 }
 
 
@@ -37,9 +37,9 @@ void check_rc_unixaudit(FILE *fp, void *p_list)
 void check_rc_winaudit(FILE *fp, void *p_list)
 {
     debug1("%s: DEBUG: Starting on check_rc_winaudit", ARGV0);
-
+     
     rkcl_get_entry(fp, "Windows Audit:", p_list);
-
+    
 }
 
 /* check_rc_winmalware:
@@ -49,9 +49,9 @@ void check_rc_winaudit(FILE *fp, void *p_list)
 void check_rc_winmalware(FILE *fp, void *p_list)
 {
     debug1("%s: DEBUG: Starting on check_rc_winmalware", ARGV0);
-
+     
     rkcl_get_entry(fp, "Windows Malware:", p_list);
-
+    
 }
 
 /* check_rc_winapps:
@@ -61,7 +61,7 @@ void check_rc_winmalware(FILE *fp, void *p_list)
 void check_rc_winapps(FILE *fp, void *p_list)
 {
     debug1("%s: DEBUG: Starting on check_rc_winapps", ARGV0);
-
+     
     rkcl_get_entry(fp, "Application Found:", p_list);
 }
 
diff --git a/src/rootcheck/check_rc_ports.c b/src/rootcheck/check_rc_ports.c
index d40356d..a511079 100755
--- a/src/rootcheck/check_rc_ports.c
+++ b/src/rootcheck/check_rc_ports.c
@@ -10,9 +10,9 @@
  * Foundation
  */
 
-
+ 
 #ifndef WIN32
-
+ 
 #include "shared.h"
 #include "rootcheck.h"
 
@@ -31,7 +31,7 @@
 #define NETSTAT_LIST "netstat -an | grep \"^%s\" | "\
                      "cut -d ':' -f 2 | cut -d ' ' -f 1"
 #define NETSTAT "netstat -an | grep \"^%s\" | " \
-                "grep \"[^0-9]%d \" > /dev/null 2>&1"
+                "grep \"[^0-9]%d \" > /dev/null 2>&1"                          
 #endif
 
 #ifndef NETSTAT
@@ -57,14 +57,14 @@ int run_netstat(int proto, int port)
 
     ret = system(nt);
 
-    if(ret == 0)
+    if(ret == 0)    
         return(1);
 
     else if(ret == 1)
     {
         return(0);
     }
-
+    
     return(1);
 }
 
@@ -92,7 +92,7 @@ int conn_port(int proto, int port)
     server.sin_port = htons( port );
     server.sin_addr.s_addr = htonl(INADDR_ANY);
 
-
+    
     /* If we can't bind, it means the port is open */
     if(bind(ossock, (struct sockaddr *) &server, sizeof(server)) < 0)
     {
@@ -108,10 +108,10 @@ int conn_port(int proto, int port)
     {
         total_ports_udp[port] = rc;
     }
+    
+    close(ossock);  
 
-    close(ossock);
-
-    return(rc);
+    return(rc);  
 }
 
 
@@ -130,7 +130,7 @@ void test_ports(int proto, int *_errors, int *_total)
             if(run_netstat(proto, i))
             {
                 continue;
-
+                
                 #ifdef OSSECHIDS
                 sleep(2);
                 #endif
@@ -149,7 +149,7 @@ void test_ports(int proto, int *_errors, int *_total)
 
                 snprintf(op_msg, OS_SIZE_1024, "Port '%d'(%s) hidden. "
                         "Kernel-level rootkit or trojaned "
-                        "version of netstat.", i,
+                        "version of netstat.", i, 
                         (proto == IPPROTO_UDP)? "udp" : "tcp");
 
                 notify_rk(ALERT_ROOTKIT_FOUND, op_msg);
@@ -187,8 +187,8 @@ void check_rc_ports()
         total_ports_udp[i] = 0;
         i++;
     }
-
-    /* Trsting TCP ports */
+    
+    /* Trsting TCP ports */ 
     test_ports(IPPROTO_TCP, &_errors, &_total);
 
     /* Testing UDP ports */
@@ -202,7 +202,7 @@ void check_rc_ports()
                                     " Analyzed %d ports.", _total);
         notify_rk(ALERT_OK, op_msg);
     }
-
+    
     return;
 }
 
diff --git a/src/rootcheck/check_rc_readproc.c b/src/rootcheck/check_rc_readproc.c
index 6cc763e..7291bc3 100755
--- a/src/rootcheck/check_rc_readproc.c
+++ b/src/rootcheck/check_rc_readproc.c
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 #ifndef WIN32
 #include "shared.h"
 #include "rootcheck.h"
@@ -29,18 +29,18 @@ int read_proc_dir(char *dir_name, char *pid, int position);
 int read_proc_file(char *file_name, char *pid, int position)
 {
     struct stat statbuf;
-
+   
     if(lstat(file_name, &statbuf) < 0)
     {
         return(-1);
     }
-
+    
     /* If directory, read the directory */
     else if(S_ISDIR(statbuf.st_mode))
     {
         return(read_proc_dir(file_name, pid, position));
     }
-
+    
     return(0);
 }
 
@@ -50,16 +50,16 @@ int read_proc_file(char *file_name, char *pid, int position)
 int read_proc_dir(char *dir_name, char *pid, int position)
 {
     DIR *dp;
-
+    
 	struct dirent *entry;
 	
-
+    
     if((dir_name == NULL)||(strlen(dir_name) > PATH_MAX))
     {
         merror("%s: Invalid directory given",ARGV0);
         return(-1);
     }
-
+    
     /* Opening the directory given */
     dp = opendir(dir_name);
 	if(!dp)
@@ -73,7 +73,7 @@ int read_proc_dir(char *dir_name, char *pid, int position)
 
         /* Just ignore . and ..  */
         if((strcmp(entry->d_name,".") == 0) ||
-           (strcmp(entry->d_name,"..") == 0))
+           (strcmp(entry->d_name,"..") == 0))  
             continue;
 
         if(position == PROC)
@@ -91,8 +91,8 @@ int read_proc_dir(char *dir_name, char *pid, int position)
 
             if(*tmp_str != '\0')
                 continue;
-
-
+           
+            
             snprintf(f_name, PATH_MAX +1, "%s/%s",dir_name, entry->d_name);
 
             read_proc_file(f_name, pid, position+1);
@@ -123,7 +123,7 @@ int read_proc_dir(char *dir_name, char *pid, int position)
     }
 
     closedir(dp);
-
+    
     return(0);
 }
 
@@ -137,17 +137,17 @@ int check_rc_readproc(int pid)
     char char_pid[32];
 
     proc_pid_found = 0;
-
-    /* NL threads */
+   
+    /* NL threads */ 
     snprintf(char_pid, 31, "/proc/.%d", pid);
     if(is_file(char_pid))
         return(1);
-
-
+    
+    
     snprintf(char_pid, 31, "%d", pid);
-
+    
     read_proc_dir("/proc", char_pid, PROC);
-
+    
     return(proc_pid_found);
 }
 
diff --git a/src/rootcheck/check_rc_sys.c b/src/rootcheck/check_rc_sys.c
index 7b5edf5..1434f16 100755
--- a/src/rootcheck/check_rc_sys.c
+++ b/src/rootcheck/check_rc_sys.c
@@ -11,7 +11,7 @@
  */
 
 
-#include "shared.h"
+#include "shared.h" 
 #include "rootcheck.h"
 
 int _sys_errors;
@@ -28,7 +28,7 @@ int read_sys_dir(char *dir_name, int do_read);
 int read_sys_file(char *file_name, int do_read)
 {
     struct stat statbuf;
-
+   
     _sys_total++;
 
 
@@ -52,7 +52,7 @@ int read_sys_file(char *file_name, int do_read)
         #endif
         return(-1);
     }
-
+   
     /* If directory, read the directory */
     else if(S_ISDIR(statbuf.st_mode))
     {
@@ -115,19 +115,19 @@ int read_sys_file(char *file_name, int do_read)
             }
         }
     }
-
-
+     
+    
     /* If has OTHER write and exec permission, alert */
     #ifndef WIN32
-    if(((statbuf.st_mode & S_IWOTH) == S_IWOTH) &&
+    if(((statbuf.st_mode & S_IWOTH) == S_IWOTH) && 
          (S_ISREG(statbuf.st_mode)))
     {
         if((statbuf.st_mode & S_IXUSR) == S_IXUSR)
         {
             if(_wx)
                 fprintf(_wx, "%s\n",file_name);
-
-            _sys_errors++;
+                
+            _sys_errors++;    
         }
         else
         {
@@ -173,16 +173,16 @@ int read_sys_dir(char *dir_name, int do_read)
     unsigned int entry_count = 0;
     int did_changed = 0;
     DIR *dp;
-
+    
 	struct dirent *entry;
     struct stat statbuf;	
-
+   
     #ifndef WIN32
     char *(dirs_to_doread[]) = { "/bin", "/sbin", "/usr/bin",
-                                 "/usr/sbin", "/dev", "/etc",
+                                 "/usr/sbin", "/dev", "/etc", 
                                  "/boot", NULL };
     #endif
-
+    
     if((dir_name == NULL)||(strlen(dir_name) > PATH_MAX))
     {
         merror("%s: Invalid directory given.",ARGV0);
@@ -204,8 +204,8 @@ int read_sys_dir(char *dir_name, int do_read)
         i = 0;
     }
 
-
-
+    
+    
     /* Getting the number of nodes. The total number on opendir
      * must be the same
      */
@@ -213,8 +213,8 @@ int read_sys_dir(char *dir_name, int do_read)
     {
         return(-1);
     }
-
-
+    
+    
     /* Currently device id */
     if(did != statbuf.st_dev)
     {
@@ -222,13 +222,13 @@ int read_sys_dir(char *dir_name, int do_read)
             did_changed = 1;
         did = statbuf.st_dev;
     }
-
-
+    
+    
     if(!S_ISDIR(statbuf.st_mode))
     {
         return(-1);
     }
-
+   
 
     #ifndef WIN32
     /* Check if the do_read is valid for this directory */
@@ -244,14 +244,14 @@ int read_sys_dir(char *dir_name, int do_read)
     #else
     do_read = 0;
     #endif
-
-
+     
+     
     /* Opening the directory given */
     dp = opendir(dir_name);
 	if(!dp)
     {
         if((strcmp(dir_name, "") == 0)&&
-           (dp = opendir("/")))
+           (dp = opendir("/"))) 
         {
             /* ok */
         }
@@ -270,7 +270,7 @@ int read_sys_dir(char *dir_name, int do_read)
 
         /* Just ignore . and ..  */
         if((strcmp(entry->d_name,".") == 0) ||
-           (strcmp(entry->d_name,"..") == 0))
+           (strcmp(entry->d_name,"..") == 0))  
         {
             entry_count++;
             continue;
@@ -295,7 +295,7 @@ int read_sys_dir(char *dir_name, int do_read)
 	        #ifndef Darwin
             if(S_ISDIR(statbuf_local.st_mode))
 	        #else
-	        if(S_ISDIR(statbuf_local.st_mode) ||
+	        if(S_ISDIR(statbuf_local.st_mode) || 
  	           S_ISREG(statbuf_local.st_mode) ||
 	           S_ISLNK(statbuf_local.st_mode))
 	        #endif
@@ -304,7 +304,7 @@ int read_sys_dir(char *dir_name, int do_read)
             }
         }
 
-
+        
         /* Checking every file against the rootkit database */
         for(i = 0; i<= rk_sys_count; i++)
         {
@@ -334,15 +334,15 @@ int read_sys_dir(char *dir_name, int do_read)
     /* Entry count for directory different than the actual
      * link count from stats.
      */
-    if((entry_count != statbuf.st_nlink) &&
+    if((entry_count != statbuf.st_nlink) && 
        ((did_changed == 0) || ((entry_count + 1) != statbuf.st_nlink)))
     {
         #ifndef WIN32
         struct stat statbuf2;
         char op_msg[OS_SIZE_1024 +1];
+        
 
-
-        if((lstat(dir_name, &statbuf2) == 0) &&
+        if((lstat(dir_name, &statbuf2) == 0) && 
             (statbuf2.st_nlink != entry_count))
         {
             snprintf(op_msg, OS_SIZE_1024, "Files hidden inside directory "
@@ -357,12 +357,12 @@ int read_sys_dir(char *dir_name, int do_read)
                 notify_rk(ALERT_ROOTKIT_FOUND, op_msg);
                 _sys_errors++;
             }
-            #elif Darwin || FreeBSD
+            #elif Darwin
             if(strncmp(dir_name, "/dev", strlen("/dev")) != 0)
             {
                 notify_rk(ALERT_ROOTKIT_FOUND, op_msg);
                 _sys_errors++;
-            }
+            } 
             #else
             notify_rk(ALERT_ROOTKIT_FOUND, op_msg);
 
@@ -372,9 +372,9 @@ int read_sys_dir(char *dir_name, int do_read)
 
         #endif
     }
-
+    
     closedir(dp);
-
+    
     return(0);
 }
 
@@ -391,7 +391,7 @@ void check_rc_sys(char *basedir)
     _sys_errors = 0;
     _sys_total = 0;
     did = 0; /* device id */
-
+    
     snprintf(file_path, OS_SIZE_1024, "%s", basedir);
 
 
@@ -410,9 +410,9 @@ void check_rc_sys(char *basedir)
     }
 
 
-
+        
     /* Scan the whole file system -- may be slow */
-    if(rootcheck.scanall)
+    if(rootcheck.scanall)    
     {
         #ifndef WIN32
         snprintf(file_path, 3, "%s", "/");
@@ -421,43 +421,43 @@ void check_rc_sys(char *basedir)
         read_sys_dir(file_path, rootcheck.readall);
     }
 
-
+    
     /* Scan only specific directories */
     else
     {
         int _i = 0;
-
+        
         #ifndef WIN32
         char *(dirs_to_scan[]) = {"/bin", "/sbin", "/usr/bin",
                                   "/usr/sbin", "/dev", "/lib",
                                   "/etc", "/root", "/var/log",
                                   "/var/mail", "/var/lib", "/var/www",
                                   "/usr/lib", "/usr/include",
-                                  "/tmp", "/boot", "/usr/local",
+                                  "/tmp", "/boot", "/usr/local", 
                                   "/var/tmp", "/sys", NULL};
 
         #else
         char *(dirs_to_scan[]) = {"C:\\WINDOWS", "C:\\Program Files", NULL};
         #endif
-
+        
         for(_i = 0; _i <= 24; _i++)
         {
             if(dirs_to_scan[_i] == NULL)
                 break;
-
-            #ifndef WIN32
-            snprintf(file_path, OS_SIZE_1024, "%s%s",
-                                            basedir,
+                
+            #ifndef WIN32    
+            snprintf(file_path, OS_SIZE_1024, "%s%s", 
+                                            basedir, 
                                             dirs_to_scan[_i]);
             read_sys_dir(file_path, rootcheck.readall);
 
             #else
             read_sys_dir(dirs_to_scan[_i], rootcheck.readall);
             #endif
-
+            
         }
     }
-
+    
     if(_sys_errors == 0)
     {
         char op_msg[OS_SIZE_1024 +1];
@@ -471,13 +471,13 @@ void check_rc_sys(char *basedir)
         char op_msg[OS_SIZE_1024 +1];
         snprintf(op_msg, OS_SIZE_1024, "Check the following files for more "
             "information:\n%s%s%s",
-            (ftell(_wx) == 0)?"":
+            (ftell(_wx) == 0)?"":       
             "       rootcheck-rw-rw-rw-.txt (list of world writable files)\n",
             (ftell(_ww) == 0)?"":
             "       rootcheck-rwxrwxrwx.txt (list of world writtable/executable files)\n",
-            (ftell(_suid) == 0)?"":
+            (ftell(_suid) == 0)?"":        
             "       rootcheck-suid-files.txt (list of suid files)");
-
+        
         notify_rk(ALERT_SYSTEM_ERROR, op_msg);
     }
 
@@ -487,21 +487,21 @@ void check_rc_sys(char *basedir)
             unlink("rootcheck-rw-rw-rw-.txt");
         fclose(_wx);
     }
-
+    
     if(_ww)
     {
         if(ftell(_ww) == 0)
             unlink("rootcheck-rwxrwxrwx.txt");
         fclose(_ww);
     }
-
+    
     if(_suid)
     {
         if(ftell(_suid) == 0)
             unlink("rootcheck-suid-files.txt");
-        fclose(_suid);
+        fclose(_suid); 
     }
-
+               
     return;
 }
 
diff --git a/src/rootcheck/check_rc_trojans.c b/src/rootcheck/check_rc_trojans.c
index 1ee24ef..b10d9fe 100755
--- a/src/rootcheck/check_rc_trojans.c
+++ b/src/rootcheck/check_rc_trojans.c
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+ 
 #include "shared.h"
 #include "rootcheck.h"
 
@@ -54,7 +54,7 @@ void check_rc_trojans(char *basedir, FILE *fp)
 
         /* Normalizing line */
         nbuf = normalize_string(buf);
-
+        
 
         if(*nbuf == '\0' || *nbuf == '#')
         {
@@ -70,7 +70,7 @@ void check_rc_trojans(char *basedir, FILE *fp)
         {
             continue;
         }
-
+        
         *string_to_look = '\0';
         string_to_look++;
 
@@ -81,26 +81,26 @@ void check_rc_trojans(char *basedir, FILE *fp)
         }
         *message = '\0';
         message++;
-
+        
         string_to_look = normalize_string(string_to_look);
         file = normalize_string(file);
         message = normalize_string(message);
-
-
+        
+        
         if(*file == '\0' || *string_to_look == '\0')
         {
             continue;
         }
-
+        
         _total++;
-
-
+        
+        
         /* Trying with all possible paths */
         while(all_paths[i] != NULL)
         {
             if(*file != '/')
             {
-                snprintf(file_path, OS_SIZE_1024, "%s/%s/%s",basedir,
+                snprintf(file_path, OS_SIZE_1024, "%s/%s/%s",basedir, 
                         all_paths[i],
                         file);
             }
@@ -109,15 +109,15 @@ void check_rc_trojans(char *basedir, FILE *fp)
                 strncpy(file_path, file, OS_SIZE_1024);
                 file_path[OS_SIZE_1024 -1] = '\0';
             }
-
+            
             /* Checking if entry is found */
             if(is_file(file_path) && os_string(file_path, string_to_look))
             {
                 char op_msg[OS_SIZE_1024 +1];
                 _errors = 1;
-
+            
                 snprintf(op_msg, OS_SIZE_1024, "Trojaned version of file "
-                        "'%s' detected. Signature used: '%s' (%s).",
+                        "'%s' detected. Signature used: '%s' (%s).", 
                                         file_path,
                                         string_to_look,
                                         *message == '\0'?
@@ -132,7 +132,7 @@ void check_rc_trojans(char *basedir, FILE *fp)
             }
             i++;
         }
-        continue;
+        continue;        
     }
 
 
diff --git a/src/rootcheck/common.c b/src/rootcheck/common.c
index eec625a..0ab1206 100755
--- a/src/rootcheck/common.c
+++ b/src/rootcheck/common.c
@@ -9,14 +9,14 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/main/license/ .
  */
 
-
+ 
 #include "shared.h"
 #include "rootcheck.h"
-#include "os_regex/os_regex.h"
+#include "os_regex/os_regex.h" 
 
 
 
@@ -60,7 +60,7 @@ int rk_check_dir(char *dir, char *file, char *pattern)
     {
         /* Just ignore . and ..  */
         if((strcmp(entry->d_name,".") == 0) ||
-           (strcmp(entry->d_name,"..") == 0))
+           (strcmp(entry->d_name,"..") == 0)) 
         {
             continue;
         }
@@ -69,7 +69,7 @@ int rk_check_dir(char *dir, char *file, char *pattern)
         /* Creating new file + path string */
         snprintf(f_name, PATH_MAX +1, "%s/%s",dir, entry->d_name);
 
-
+        
         /* Checking if the read entry, matches the provided file name. */
         if(strncasecmp(file, "r:", 2) == 0)
         {
@@ -81,7 +81,7 @@ int rk_check_dir(char *dir, char *file, char *pattern)
                 }
             }
         }
-
+        
         /* Trying without regex. */
         else
         {
@@ -94,7 +94,7 @@ int rk_check_dir(char *dir, char *file, char *pattern)
             }
         }
 
-
+        
         /* Checking if file is a directory */
         if(lstat(f_name, &statbuf_local) == 0)
         {
@@ -120,13 +120,13 @@ int rk_check_dir(char *dir, char *file, char *pattern)
 int rk_check_file(char *file, char *pattern)
 {
     char *split_file;
-    int full_negate = 0;
-    int pt_result = 0;
-
+    int full_negate = 0; 
+    int pt_result = 0; 
+    
     FILE *fp;
     char buf[OS_SIZE_2048 +1];
-
-
+    
+    
     /* If string is null, we don't match */
     if(file == NULL)
     {
@@ -146,7 +146,7 @@ int rk_check_file(char *file, char *pattern)
     /* Getting each file */
     do
     {
-
+        
 
         /* If we don't have a pattern, just check if the file/dir is there */
         if(pattern == NULL)
@@ -168,7 +168,7 @@ int rk_check_file(char *file, char *pattern)
 
                 while(rootcheck.alert_msg[i] && (i < 255))
                     i++;
-
+                
                 if(!rootcheck.alert_msg[i])
                     os_strdup(_b_msg, rootcheck.alert_msg[i]);
 
@@ -178,14 +178,14 @@ int rk_check_file(char *file, char *pattern)
 
         else
         {
-            full_negate = pt_check_negate(pattern);
+            full_negate = pt_check_negate(pattern); 
             /* Checking for a content in the file */
-            debug1("checking file: %s", file);
+            debug1("checking file: %s", file); 
             fp = fopen(file, "r");
             if(fp)
             {
 
-                debug1(" starting new file: %s", file);
+                debug1(" starting new file: %s", file); 
                 buf[OS_SIZE_2048] = '\0';
                 while(fgets(buf, OS_SIZE_2048, fp) != NULL)
                 {
@@ -211,7 +211,7 @@ int rk_check_file(char *file, char *pattern)
 
                     /* Matched */
                     pt_result = pt_matches(buf, pattern);
-                    debug1("Buf == \"%s\"", buf);
+                    debug1("Buf == \"%s\"", buf); 
                     debug1("Pattern == \"%s\"", pattern);
                     debug1("pt_result == %d and full_negate == %d", pt_result, full_negate);
                     if((pt_result == 1 && full_negate == 0) )
@@ -228,7 +228,7 @@ int rk_check_file(char *file, char *pattern)
                         _b_msg[OS_SIZE_1024] = '\0';
                         snprintf(_b_msg, OS_SIZE_1024, " File: %s.",
                                  file);
-
+                        
                         /* Already present. */
                         if(_is_str_in_array(rootcheck.alert_msg, _b_msg))
                         {
@@ -246,18 +246,18 @@ int rk_check_file(char *file, char *pattern)
                     else if((pt_result == 0 && full_negate == 1) )
                     {
                         /* found a full+negate match so no longer need to search
-                         * break out of loop and amke sure the full negate does
-                         * not alertin
+                         * break out of loop and amke sure the full negate does 
+                         * not alertin 
                          */
                         debug1("found a complete match for full_negate");
-                        full_negate = 0;
-                        break;
+                        full_negate = 0; 
+                        break; 
                     }
                 }
 
                 fclose(fp);
 
-                if(full_negate == 1)
+                if(full_negate == 1) 
                 {
                     debug1("full_negate alerting - file %s",file);
                     int i = 0;
@@ -267,7 +267,7 @@ int rk_check_file(char *file, char *pattern)
                     _b_msg[OS_SIZE_1024] = '\0';
                     snprintf(_b_msg, OS_SIZE_1024, " File: %s.",
                              file);
-
+                    
                     /* Already present. */
                     if(_is_str_in_array(rootcheck.alert_msg, _b_msg))
                     {
@@ -294,8 +294,8 @@ int rk_check_file(char *file, char *pattern)
                 split_file++;
             }
         }
-
-
+        
+        
     }while(split_file);
 
 
@@ -312,7 +312,7 @@ int pt_check_negate(char *pattern)
     char *mypattern = NULL;
     os_strdup(pattern, mypattern);
     char *tmp_pt = mypattern;
-    char *tmp_pattern = mypattern;
+    char *tmp_pattern = mypattern; 
     char *tmp_ret = NULL;
 
 
@@ -322,9 +322,9 @@ int pt_check_negate(char *pattern)
         tmp_pt = strchr(tmp_pattern, ' ');
         if(tmp_pt && tmp_pt[1] == '&' && tmp_pt[2] == '&' && tmp_pt[3] == ' ')
         {
-            /* Marking pointer to clean it up */
+            /* Marking pointer to clean it up */        
             tmp_ret = tmp_pt;
-
+                    
             *tmp_pt = '\0';
             tmp_pt += 4;
         }
@@ -338,7 +338,7 @@ int pt_check_negate(char *pattern)
             free(mypattern);
             return 0;
         }
-
+        
         tmp_pattern = tmp_pt;
     }
 
@@ -353,7 +353,7 @@ int pt_check_negate(char *pattern)
  *                                =: (for equal) - default - strcasecmp
  *                                r: (for ossec regexes)
  *                                >: (for strcmp greater)
- *                                <: (for strcmp  lower)
+ *                                <: (for strcmp  lower)    
  *
  * Multiple patterns can be specified by using " && " between them.
  * All of them must match for it to return true.
@@ -371,16 +371,16 @@ int pt_matches(char *str, char *pattern)
     {
         return(0);
     }
-
+    
     while(tmp_pt != NULL)
     {
         /* We first look for " && " */
         tmp_pt = strchr(pattern, ' ');
         if(tmp_pt && tmp_pt[1] == '&' && tmp_pt[2] == '&' && tmp_pt[3] == ' ')
         {
-            /* Marking pointer to clean it up */
+            /* Marking pointer to clean it up */        
             tmp_ret = tmp_pt;
-
+                    
             *tmp_pt = '\0';
             tmp_pt += 4;
         }
@@ -398,7 +398,7 @@ int pt_matches(char *str, char *pattern)
             pattern++;
             neg = 1;
         }
-
+        
 
         /* Doing strcasecmp */
         if(strncasecmp(pattern, "=:", 2) == 0)
@@ -438,7 +438,7 @@ int pt_matches(char *str, char *pattern)
         {
             #ifdef WIN32
             char final_file[2048 +1];
-
+            
             /* Try to get Windows variable */
             if(*pattern == '%')
             {
@@ -457,7 +457,7 @@ int pt_matches(char *str, char *pattern)
             {
                 ret_code = 1;
             }
-
+            
             #else
             if(strcasecmp(pattern, str) == 0)
             {
@@ -474,7 +474,7 @@ int pt_matches(char *str, char *pattern)
             tmp_ret = NULL;
         }
 
-
+        
         /* If we have "!", return true if we don't match */
         if(neg == 1)
         {
@@ -492,7 +492,7 @@ int pt_matches(char *str, char *pattern)
                 break;
             }
         }
-
+        
         ret_code = 1;
         pattern = tmp_pt;
     }
@@ -508,30 +508,15 @@ int pt_matches(char *str, char *pattern)
  */
 char *normalize_string(char *str)
 {
-    unsigned int str_sz = strlen(str);
-    // return zero-length str as is
-    if (str_sz == 0) {
-       return str;
-    } else {
-        str_sz--;
-    }
-    // remove trailing spaces
-    while(str[str_sz] == ' ' || str[str_sz] == '\t')
-    {
-        if(str_sz == 0)
-            break;
-
+    int str_sz = strlen(str) -1;
+    while(str[str_sz] == ' ' || str[str_sz] == '\t') {
         str[str_sz--] = '\0';
     }
-    // ignore leading spaces
-    while(*str != '\0')
-    {
-        if(*str == ' ' || *str == '\t')
-        {
+
+    while(*str != '\0') {
+        if(*str == ' ' || *str == '\t') {
             str++;
-        }
-        else
-        {
+        } else {
             break;
         }
     }
@@ -551,7 +536,7 @@ int isfile_ondir(char *file, char *dir)
     DIR *dp = NULL;
     struct dirent *entry;
     dp = opendir(dir);
-
+    
     if(!dp)
         return(0);
 
@@ -563,7 +548,7 @@ int isfile_ondir(char *file, char *dir)
             return(1);
         }
     }
-
+    
     closedir(dp);
     return(0);
 }
@@ -576,19 +561,19 @@ int isfile_ondir(char *file, char *dir)
 int is_file(char *file_name)
 {
     int ret = 0;
-
+    
     struct stat statbuf;
     FILE *fp = NULL;
     DIR *dp = NULL;
 
 
     #ifndef WIN32
-
+    
     char curr_dir[1024];
-
+    
     char *file_dirname;
     char *file_basename;
-
+    
 
     curr_dir[1023] = '\0';
 
@@ -605,7 +590,7 @@ int is_file(char *file_name)
         return(0);
     }
 
-
+    
     /* If file_basename == file_name, then the file
      * only has one slash at the beginning.
      */
@@ -666,7 +651,7 @@ int is_file(char *file_name)
             ret = 1;
         }
     }
-
+    
     #else
     dp = opendir(file_name);
     if(dp)
@@ -674,10 +659,10 @@ int is_file(char *file_name)
         closedir(dp);
         ret = 1;
     }
-
+                                                                                
     #endif /* WIN32 */
 
-
+    
     /* Trying other calls */
     if( (stat(file_name, &statbuf) < 0) &&
         #ifndef WIN32
@@ -691,7 +676,7 @@ int is_file(char *file_name)
     /* must close it over here */
     if(fp)
         fclose(fp);
-
+    
     return(1);
 }
 
@@ -726,7 +711,7 @@ int del_plist(void *p_list_p)
         {
             free(pinfo->p_path);
         }
-
+        
         free(l_node->data);
 
         if(p_node)
@@ -782,7 +767,7 @@ int is_process(char *value, void *p_list_p)
             char _b_msg[OS_SIZE_1024 +1];
 
             _b_msg[OS_SIZE_1024] = '\0';
-
+            
             snprintf(_b_msg, OS_SIZE_1024, " Process: %s.",
                      pinfo->p_path);
 
@@ -791,7 +776,7 @@ int is_process(char *value, void *p_list_p)
             {
                 return(1);
             }
-
+            
             while(rootcheck.alert_msg[i] && (i< 255))
                 i++;
 
@@ -807,7 +792,7 @@ int is_process(char *value, void *p_list_p)
     return(0);
 
 }
-
-
+ 
+ 
 
 /* EOF */
diff --git a/src/rootcheck/common_rcl.c b/src/rootcheck/common_rcl.c
index 3677d78..b7e8155 100755
--- a/src/rootcheck/common_rcl.c
+++ b/src/rootcheck/common_rcl.c
@@ -9,11 +9,11 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/main/license/
  */
 
-
+ 
 #include "shared.h"
 #include "rootcheck.h"
 
@@ -27,7 +27,7 @@
 #define RKCL_COND_ALL       0x001
 #define RKCL_COND_ANY       0x002
 #define RKCL_COND_REQ       0x004
-#define RKCL_COND_INV       0x010
+#define RKCL_COND_INV       0x010 
 
 
 
@@ -41,7 +41,7 @@ char *_rkcl_getrootdir(char *root_dir, int dir_size)
 
     final_file[0] = '\0';
     final_file[2048] = '\0';
-
+    
     ExpandEnvironmentStrings("%WINDIR%", final_file, 2047);
 
     tmp = strchr(final_file, '\\');
@@ -51,7 +51,7 @@ char *_rkcl_getrootdir(char *root_dir, int dir_size)
         strncpy(root_dir, final_file, dir_size);
         return(root_dir);
     }
-
+    
     return(NULL);
 
     #endif
@@ -133,7 +133,7 @@ int _rkcl_get_vars(OSStore *vars, char *nbuf)
     char *var_name;
     char *var_value;
     char *tmp;
-
+    
     /* If not a variable, return 0 */
     if(*nbuf != '$')
     {
@@ -151,7 +151,7 @@ int _rkcl_get_vars(OSStore *vars, char *nbuf)
     {
         return(-1);
     }
-
+    
 
     /* Getting value. */
     tmp = strchr(nbuf, '=');
@@ -184,7 +184,7 @@ char *_rkcl_get_name(char *buf, char *ref, int *condition)
 {
     char *tmp_location;
     char *tmp_location2;
-
+    
     *condition = 0;
 
     /* Checking if name is valid */
@@ -201,8 +201,8 @@ char *_rkcl_get_name(char *buf, char *ref, int *condition)
         return(NULL);
     }
     *tmp_location = '\0';
-
-
+    
+    
     /* Getting condition */
     tmp_location++;
     if(*tmp_location != ' ' && tmp_location[1] != '[')
@@ -218,8 +218,8 @@ char *_rkcl_get_name(char *buf, char *ref, int *condition)
     }
     *tmp_location2 = '\0';
     tmp_location2++;
-
-
+    
+    
     /* Getting condition */
     if(strcmp(tmp_location, "all") == 0)
     {
@@ -261,7 +261,7 @@ char *_rkcl_get_name(char *buf, char *ref, int *condition)
     *tmp_location = '\0';
 
     /* Copying reference */
-    strncpy(ref, tmp_location2, 255);
+    strncpy(ref, tmp_location2, 255);    
 
     return(strdup(buf));
 }
@@ -310,21 +310,21 @@ char *_rkcl_get_value(char *buf, int *type)
 
     *value = '\0';
     value++;
-
+    
     tmp_str = strchr(value, ';');
     if(tmp_str == NULL)
     {
         return(NULL);
     }
     *tmp_str = '\0';
-
+    
 
     /* Getting types - removing negate flag (using later) */
     if(*buf == '!')
     {
         buf++;
     }
-
+    
     if(strcmp(buf, "f") == 0)
     {
         *type = RKCL_TYPE_FILE;
@@ -375,7 +375,7 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
     memset(final_file, '\0', sizeof(final_file));
     memset(ref, '\0', sizeof(ref));
 
-
+    
     root_dir_len = sizeof(root_dir) -1;
 
 
@@ -384,14 +384,14 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
     _rkcl_getrootdir(root_dir, root_dir_len);
     if(root_dir[0] == '\0')
     {
-        merror(INVALID_ROOTDIR, ARGV0);
+        merror(INVALID_ROOTDIR, ARGV0);    
     }
-    #endif
+    #endif    
 
 
     /* Getting variables */
     vars = OSStore_Create();
-
+    
 
     /* We first read all variables -- they must be defined at the top. */
     while(1)
@@ -423,15 +423,15 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
         merror(INVALID_RKCL_NAME, ARGV0, nbuf);
         goto clean_return;
     }
-
+                                                                                
 
 
     /* Getting the real entries. */
     do
     {
         int g_found = 0;
-
-
+        
+        
         /* Getting entry name */
         if(name == NULL)
         {
@@ -448,21 +448,21 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
             int negate = 0;
             int found = 0;
             value = NULL;
-
+            
             nbuf = _rkcl_getfp(fp, buf);
             if(nbuf == NULL)
             {
                 break;
             }
 
-
+            
             /* We first try to get the name, looking for new entries */
             if(_rkcl_is_name(nbuf))
             {
                 break;
             }
-
-
+            
+            
             /* Getting value to look for */
             value = _rkcl_get_value(nbuf, &type);
             if(value == NULL)
@@ -501,15 +501,15 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
                         continue;
                     }
                 }
-
+                
 
                 #ifdef WIN32
                 else if(value[0] == '\\')
                 {
                     final_file[0] = '\0';
                     final_file[sizeof(final_file) -1] = '\0';
-
-                    snprintf(final_file, sizeof(final_file) -2, "%s%s",
+                    
+                    snprintf(final_file, sizeof(final_file) -2, "%s%s", 
                              root_dir, value);
                     f_value = final_file;
                 }
@@ -517,8 +517,8 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
                 {
                     final_file[0] = '\0';
                     final_file[sizeof(final_file) -1] = '\0';
-
-                    ExpandEnvironmentStrings(value, final_file,
+                     
+                    ExpandEnvironmentStrings(value, final_file, 
                                              sizeof(final_file) -2);
                     f_value = final_file;
                 }
@@ -532,15 +532,15 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
                     found = 1;
                 }
             }
-
+            
 
             /* Checking for a registry entry */
             else if(type == RKCL_TYPE_REGISTRY)
             {
                 char *entry = NULL;
                 char *pattern = NULL;
-
-
+            
+                
                 /* Looking for additional entries in the registry
                  * and a pattern to match.
                  */
@@ -549,8 +549,8 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
                 {
                     pattern = _rkcl_get_pattern(entry);
                 }
-
-
+            
+            
                 #ifdef WIN32
                 debug2("%s: DEBUG: Checking registry: '%s'.", ARGV0, value);
                 if(is_registry(value, entry, pattern))
@@ -570,7 +570,7 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
                 char *f_value = NULL;
                 char *dir = NULL;
 
-
+                
                 file = _rkcl_get_pattern(value);
                 if(file)
                 {
@@ -593,7 +593,7 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
                     f_value = value;
                 }
 
-
+                
                 /* Checking for multiple, comma separated directories. */
                 dir = f_value;
                 f_value = strchr(dir, ',');
@@ -601,7 +601,7 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
                 {
                     *f_value = '\0';
                 }
-
+                
 
                 while(dir)
                 {
@@ -611,14 +611,14 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
                         debug2("%s: DEBUG: Found dir.", ARGV0);
                         found = 1;
                     }
-
+                    
                     if(f_value)
                     {
                         *f_value = ',';
                         f_value++;
-
+                        
                         dir = f_value;
-
+                        
                         f_value = strchr(dir, ',');
                         if(f_value)
                         {
@@ -631,7 +631,7 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
                     }
                 }
             }
-
+            
 
             /* Checking for a process. */
             else if(type == RKCL_TYPE_PROCESS)
@@ -682,8 +682,8 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
                 }
             }
         }while(value != NULL);
-
-
+        
+        
         /* Alerting if necessary */
         if(g_found == 1)
         {
@@ -691,18 +691,18 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
             char op_msg[OS_SIZE_1024 +1];
             char **p_alert_msg = rootcheck.alert_msg;
 
-            while(1)
+            while(1) 
             {
                 if(ref[0] != '\0')
                 {
                     snprintf(op_msg, OS_SIZE_1024, "%s %s.%s"
-                            " Reference: %s .",msg, name,
+                            " Reference: %s .",msg, name, 
                             p_alert_msg[j]?p_alert_msg[j]:"\0",
                             ref);
                 }
                 else
                 {
-                    snprintf(op_msg, OS_SIZE_1024, "%s %s.%s",msg,
+                    snprintf(op_msg, OS_SIZE_1024, "%s %s.%s",msg, 
                             name, p_alert_msg[j]?p_alert_msg[j]:"\0");
                 }
 
@@ -743,7 +743,7 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
                 goto clean_return;
             }
         }
-
+        
 
         /* Ending if we don't have anything else. */
         if(!nbuf)
@@ -758,7 +758,7 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
             free(name);
             name = NULL;
         }
-
+        
 
         /* Getting name already read */
         name = _rkcl_get_name(nbuf, ref, &condition);
@@ -779,8 +779,8 @@ int rkcl_get_entry(FILE *fp, char *msg, void *p_list_p)
         name = NULL;
     }
     vars = OSStore_Free(vars);
-
-
+    
+    
     return(1);
 }
 
diff --git a/src/rootcheck/config.c b/src/rootcheck/config.c
index 9cf9e6c..4142050 100755
--- a/src/rootcheck/config.c
+++ b/src/rootcheck/config.c
@@ -34,7 +34,7 @@ int Read_Rootcheck_Config(char * cfgfile)
     modules|= CAGENT_CONFIG;
     ReadConfig(modules, AGENTCONFIG, &rootcheck, NULL);
     #endif
-
+                  
     return(0);
 }
 
diff --git a/src/rootcheck/db/._cis_debian_linux_rcl.txt b/src/rootcheck/db/._cis_debian_linux_rcl.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/db/._cis_debian_linux_rcl.txt differ
diff --git a/src/rootcheck/db/._cis_rhel5_linux_rcl.txt b/src/rootcheck/db/._cis_rhel5_linux_rcl.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/db/._cis_rhel5_linux_rcl.txt differ
diff --git a/src/rootcheck/db/._cis_rhel_linux_rcl.txt b/src/rootcheck/db/._cis_rhel_linux_rcl.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/db/._cis_rhel_linux_rcl.txt differ
diff --git a/src/rootcheck/db/._rootkit_files.txt b/src/rootcheck/db/._rootkit_files.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/db/._rootkit_files.txt differ
diff --git a/src/rootcheck/db/._rootkit_trojans.txt b/src/rootcheck/db/._rootkit_trojans.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/db/._rootkit_trojans.txt differ
diff --git a/src/rootcheck/db/._system_audit_rcl.txt b/src/rootcheck/db/._system_audit_rcl.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/db/._system_audit_rcl.txt differ
diff --git a/src/rootcheck/db/._win_applications_rcl.txt b/src/rootcheck/db/._win_applications_rcl.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/db/._win_applications_rcl.txt differ
diff --git a/src/rootcheck/db/._win_audit_rcl.txt b/src/rootcheck/db/._win_audit_rcl.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/db/._win_audit_rcl.txt differ
diff --git a/src/rootcheck/db/._win_malware_rcl.txt b/src/rootcheck/db/._win_malware_rcl.txt
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/db/._win_malware_rcl.txt differ
diff --git a/src/rootcheck/os_string.c b/src/rootcheck/os_string.c
index 069f5bd..a34846d 100755
--- a/src/rootcheck/os_string.c
+++ b/src/rootcheck/os_string.c
@@ -4,7 +4,7 @@
 /* Included and modified strings.c from the OpenBSD project.
  * Copyright bellow.
  */
-
+ 
 /*
  * Copyright (c) 1980, 1987, 1993
  *	The Regents of the University of California.  All rights reserved.
@@ -136,9 +136,9 @@ struct exec
 
 
 #ifdef AIX
-typedef struct aouthdr EXEC;
+typedef struct aouthdr EXEC;    
 #else
-typedef struct exec EXEC;
+typedef struct exec EXEC;    
 #endif
 
 typedef struct _os_strings
@@ -162,25 +162,25 @@ int os_getch(os_strings *oss);
 int os_string(char *file, char *regex)
 {
     int ch, cnt;
-
+    
     unsigned char *C;
     unsigned char *bfr;
-
+ 
     char line[OS_SIZE_1024 +1];
     char *buf;
-
+    
     EXEC *head;
 
     os_strings oss;
-
+   
     /* Return didn't match */
     if(!file || !regex)
     {
         return(0);
     }
-
-
-    /* Allocating for the buffer */
+    
+    
+    /* Allocating for the buffer */ 
     bfr = calloc(STR_MINLEN + 2, sizeof(char *));
     if (!bfr)
     {
@@ -198,21 +198,21 @@ int os_string(char *file, char *regex)
 
     /* cleaning the line */
     memset(line, '\0', OS_SIZE_1024 +1);
-
+    
     /* starting .. (from old strings.c) */
     oss.foff = 0;
     oss.head_len = 0;
-
+    
     oss.read_len = -1;
     head = (EXEC *)oss.hbfr;
 
-
+    
     if ((oss.head_len = read(fileno(oss.fp), head, sizeof(EXEC))) == -1)
     {
         oss.head_len = 0;
         oss.read_len = -1;
     }
-    else if (oss.head_len == sizeof(EXEC) && !N_BADMAG(*head))
+    else if (oss.head_len == sizeof(EXEC) && !N_BADMAG(*head)) 
     {
         oss.foff = N_TXTOFF(*head);
         if (fseek(stdin, oss.foff, SEEK_SET) == -1)
@@ -236,20 +236,20 @@ int os_string(char *file, char *regex)
     }
 
     /* Read the file and perform the regex comparison */
-    for (cnt = 0; (ch = os_getch(&oss)) != EOF;)
+    for (cnt = 0; (ch = os_getch(&oss)) != EOF;) 
     {
-        if (ISSTR(ch))
+        if (ISSTR(ch)) 
         {
             if (!cnt)
                 C = bfr;
             *C++ = ch;
             if (++cnt < STR_MINLEN)
                 continue;
-
+            
             strncpy(line, (char *)bfr, STR_MINLEN +1);
             buf = line;
             buf+=strlen(line);
-
+            
 
             while ((ch = os_getch(&oss)) != EOF && ISSTR(ch))
             {
@@ -294,7 +294,7 @@ int os_string(char *file, char *regex)
 int os_getch(os_strings *oss)
 {
 	++oss->foff;
-	if (oss->head_len)
+	if (oss->head_len) 
     {
 		if (oss->hcnt < oss->head_len)
 			return((int)oss->hbfr[oss->hcnt++]);
diff --git a/src/rootcheck/rootcheck-config.c b/src/rootcheck/rootcheck-config.c
index 46ad77e..7b1059a 100755
--- a/src/rootcheck/rootcheck-config.c
+++ b/src/rootcheck/rootcheck-config.c
@@ -31,14 +31,14 @@
 short eval_bool2(char *str, short default_val)
 {
     short ret = default_val;
-
+    
     if (str == NULL)
         return(ret);
     else if (strcmp(str, "yes") == 0)
         ret = 1;
     else if (strcmp(str, "no") == 0)
         ret = 0;
-
+    
     free(str);
     return(ret);
 }
@@ -67,7 +67,7 @@ int Read_Rootcheck_Config(char * cfgfile)
     char *(xml_scanall[])={xml_rootcheck, "scanall", NULL};
     char *(xml_readall[])={xml_rootcheck, "readall", NULL};
     char *(xml_time[])={xml_rootcheck, "frequency", NULL};
-
+    
     char *(xml_check_dev[])={xml_rootcheck, "check_dev", NULL};
     char *(xml_check_files[])={xml_rootcheck, "check_files", NULL};
     char *(xml_check_if[])={xml_rootcheck, "check_if", NULL};
@@ -75,22 +75,22 @@ int Read_Rootcheck_Config(char * cfgfile)
     char *(xml_check_ports[])={xml_rootcheck, "check_ports", NULL};
     char *(xml_check_sys[])={xml_rootcheck, "check_sys", NULL};
     char *(xml_check_trojans[])={xml_rootcheck, "check_trojans", NULL};
-
+    
     #ifdef WIN32
-
+    
     char *(xml_check_winapps[])={xml_rootcheck, "check_winapps", NULL};
     char *(xml_check_winaudit[])={xml_rootcheck, "check_winaudit", NULL};
     char *(xml_check_winmalware[])={xml_rootcheck, "check_winmalware", NULL};
-
+    
     #else
-
+    
     char *(xml_check_unixaudit[])={xml_rootcheck, "check_unixaudit", NULL};
-
+    
     #endif
 
     /* :) */
     xml_time[2] = NULL;
-
+    
     if(OS_ReadXML(cfgfile,&xml) < 0)
     {
         merror("config_op: XML error: %s",xml.err);
@@ -126,8 +126,8 @@ int Read_Rootcheck_Config(char * cfgfile)
         str = NULL;
     }
     #endif
-
-
+    
+    
     /* Scan all flag */
     if(!rootcheck.scanall)
     {
@@ -140,8 +140,8 @@ int Read_Rootcheck_Config(char * cfgfile)
     {
         rootcheck.readall = eval_bool2(OS_GetOneContentforElement(&xml,xml_readall), 0);
     }
-
-
+    
+    
     /* Notifications type */
     str  = OS_GetOneContentforElement(&xml,xml_notify);
     if(str)
@@ -156,9 +156,9 @@ int Read_Rootcheck_Config(char * cfgfile)
                       "'syslog' or 'queue' are allowed.",ARGV0);
             return(-1);
         }
-
+        
         free(str);
-        str = NULL;
+        str = NULL;           
     }
     else
     {
@@ -168,15 +168,15 @@ int Read_Rootcheck_Config(char * cfgfile)
 
     /* Getting work directory */
     if(!rootcheck.workdir)
-        rootcheck.workdir  = OS_GetOneContentforElement(&xml,xml_workdir);
-
-
+        rootcheck.workdir  = OS_GetOneContentforElement(&xml,xml_workdir);    
+    
+    
     rootcheck.rootkit_files  = OS_GetOneContentforElement
                                (&xml,xml_rootkit_files);
     rootcheck.rootkit_trojans  = OS_GetOneContentforElement
                                (&xml,xml_rootkit_trojans);
-
-    rootcheck.unixaudit = OS_GetContents
+    
+    rootcheck.unixaudit = OS_GetContents 
                                 (&xml,xml_rootkit_unixaudit);
 
     rootcheck.winaudit  = OS_GetOneContentforElement
@@ -187,7 +187,7 @@ int Read_Rootcheck_Config(char * cfgfile)
 
     rootcheck.winmalware  = OS_GetOneContentforElement
                                 (&xml,xml_rootkit_winmalware);
-
+                                
     rootcheck.basedir  = OS_GetOneContentforElement(&xml, xml_base_dir);
 
     rootcheck.checks.rc_dev = eval_bool2(OS_GetOneContentforElement(&xml,xml_check_dev), 1);
@@ -199,22 +199,22 @@ int Read_Rootcheck_Config(char * cfgfile)
     rootcheck.checks.rc_trojans = eval_bool2(OS_GetOneContentforElement(&xml,xml_check_trojans), 1);
 
     #ifdef WIN32
-
+    
     rootcheck.checks.rc_winapps = eval_bool2(OS_GetOneContentforElement(&xml,xml_check_winapps), 1);
     rootcheck.checks.rc_winaudit = eval_bool2(OS_GetOneContentforElement(&xml,xml_check_winaudit), 1);
     rootcheck.checks.rc_winmalware = eval_bool2(OS_GetOneContentforElement(&xml,xml_check_winmalware), 1);
-
+    
     #else
-
+    
     rootcheck.checks.rc_unixaudit = eval_bool2(OS_GetOneContentforElement(&xml,xml_check_unixaudit), 1);
-
+    
     #endif
 
     OS_ClearXML(&xml);
-
+ 
     debug1("%s: DEBUG: Daemon set to '%d'",ARGV0, rootcheck.daemon);
     debug1("%s: DEBUG: alert set to '%d'",ARGV0, rootcheck.notify);
-
+       
     return(0);
 }
 
diff --git a/src/rootcheck/rootcheck.c b/src/rootcheck/rootcheck.c
index 00831b6..0c78da7 100755
--- a/src/rootcheck/rootcheck.c
+++ b/src/rootcheck/rootcheck.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 /*
  * Rootcheck v 0.3
  * Copyright (C) 2003 Daniel B. Cid <daniel at underlinux.com.br>
@@ -66,15 +66,15 @@ int main(int argc, char **argv)
 int rootcheck_init(int test_config)
 {
     int c;
-
-#endif
-
-    #ifdef OSSECHIDS
+    
+#endif    
+   
+    #ifdef OSSECHIDS 
     char *cfg = DEFAULTCPATH;
     #else
     char *cfg = "./rootcheck.conf";
     #endif
-
+    
     /* Zeroing the structure, initializing default values */
     rootcheck.workdir = NULL;
     rootcheck.basedir = NULL;
@@ -101,19 +101,19 @@ int rootcheck_init(int test_config)
     rootcheck.checks.rc_ports = 1;
     rootcheck.checks.rc_sys = 1;
     rootcheck.checks.rc_trojans = 1;
-
+    
     #ifdef WIN32
-
+    
     rootcheck.checks.rc_winaudit = 1;
     rootcheck.checks.rc_winmalware = 1;
     rootcheck.checks.rc_winapps = 1;
-
+    
     #else
-
+    
     rootcheck.checks.rc_unixaudit = 1;
-
+    
     #endif
-
+    
     /* We store up to 255 alerts in there. */
     os_calloc(256, sizeof(char *), rootcheck.alert_msg);
     c = 0;
@@ -122,7 +122,7 @@ int rootcheck_init(int test_config)
         rootcheck.alert_msg[c] = NULL;
         c++;
     }
-
+    
 
     #ifndef OSSECHIDS
     rootcheck.notify = SYSLOG;
@@ -155,18 +155,18 @@ int rootcheck_init(int test_config)
                 break;
             case 't':
                 test_config = 1;
-                break;
+                break;        
             case 'r':
                 rootcheck.readall = 1;
-                break;
+                break;    
             default:
                 rootcheck_help();
-                break;
+                break;   
         }
 
     }
 
-
+    
     #ifdef WIN32
     /* Starting Winsock */
     {
@@ -177,10 +177,10 @@ int rootcheck_init(int test_config)
         }
     }
     #endif
-
-
+    
+                                    
     #endif /* OSSECHIDS */
-
+    
 
     /* Staring message */
     debug1(STARTED_MSG,ARGV0);
@@ -212,8 +212,8 @@ int rootcheck_init(int test_config)
         verbose("%s: Rootcheck disabled. Exiting.", ARGV0);
         return(1);
     }
-
-
+    
+    
     /* Checking if Unix audit file is configured. */
     if(!rootcheck.unixaudit)
     {
@@ -221,32 +221,32 @@ int rootcheck_init(int test_config)
         log2file("%s: System audit file not configured.", ARGV0);
         #endif
     }
-
-
+    
+    
     /* Setting default values */
     if(rootcheck.workdir == NULL)
         rootcheck.workdir = DEFAULTDIR;
 
 
     #ifdef OSSECHIDS
-
+    
 
     /* Start up message */
     #ifdef WIN32
     verbose(STARTUP_MSG, "ossec-rootcheck", getpid());
     #else
 
-
+        
     /* Connect to the queue if configured to do so */
     if(rootcheck.notify == QUEUE)
     {
         debug1("%s: Starting queue ...",ARGV0);
-
+        
         /* Starting the queue. */
         if((rootcheck.queue = StartMQ(DEFAULTQPATH,WRITE)) < 0)
-        {
+        {   
             merror(QUEUE_ERROR,ARGV0,DEFAULTQPATH, strerror(errno));
-
+            
             /* 5 seconds to see if the agent starts */
             sleep(5);
             if((rootcheck.queue = StartMQ(DEFAULTQPATH,WRITE)) < 0)
@@ -261,7 +261,7 @@ int rootcheck_init(int test_config)
     }
 
     #endif /* Not win32 */
-
+    
     #endif /* ossec hids */
 
 
@@ -277,7 +277,7 @@ int rootcheck_init(int test_config)
 
 
     #ifndef OSSECHIDS
-
+    
     #ifndef WIN32
     /* Start the signal handling */
     StartSIG(ARGV0);
@@ -285,17 +285,17 @@ int rootcheck_init(int test_config)
 
     #else
     return(0);
-
+        
     #endif
 
-
+    
     debug1("%s: DEBUG: Running run_rk_check",ARGV0);
-    run_rk_check();
+    run_rk_check(); 
 
+   
+    debug1("%s: DEBUG:  Leaving...",ARGV0); 
 
-    debug1("%s: DEBUG:  Leaving...",ARGV0);
-
-    return(0);
+    return(0);        
 }
 
 /* EOF */
diff --git a/src/rootcheck/rootcheck.h b/src/rootcheck/rootcheck.h
index ca9b279..04494a4 100755
--- a/src/rootcheck/rootcheck.h
+++ b/src/rootcheck/rootcheck.h
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 
 #ifndef __ROOTCHECK_H
 #define __ROOTCHECK_H
@@ -29,7 +29,7 @@ rkconfig rootcheck;
 
 /* rk_types */
 #define ALERT_OK                0
-#define ALERT_SYSTEM_ERROR      1
+#define ALERT_SYSTEM_ERROR      1 
 #define ALERT_SYSTEM_CRIT       2
 #define ALERT_ROOTKIT_FOUND     3
 #define ALERT_POLICY_VIOLATION  4
@@ -52,11 +52,11 @@ int rk_check_file(char *file, char *pattern);
 
 /* int rk_check_dir(char *dir, char *file, char *pattern) */
 int rk_check_dir(char *dir, char *file, char *pattern);
-
+ 
 /* pt_matches: Checks if pattern is present on string */
 int pt_matches(char *str, char *pattern);
 
-/* pt_check_negate: checks if the patterns is made up
+/* pt_check_negate: checks if the patterns is made up 
  * completely of negate matches */
 int pt_check_negate(char *pattern);
 
@@ -68,37 +68,37 @@ int is_registry(char *entry_name, char *reg_option, char *reg_value);
 
 /* int rkcl_get_entry: Reads cl configuration file. */
 int rkcl_get_entry(FILE *fp, char *msg, void *p_list);
-
+ 
 
 /** char *normalize_string
  * Normalizes a string, removing white spaces and tabs
  * from the begining and the end of it.
  */
 char *normalize_string(char *str);
-
+   
 
 /* Check if regex is present on the file.
  * Similar to `strings file | grep -r regex`
- */
+ */ 
 int os_string(char *file, char *regex);
 
 /* check for NTFS ADS (Windows only)
  */
 int os_check_ads(char *full_path);
 
-/* os_get_process_list: Get list of processes
+/* os_get_process_list: Get list of processes 
  */
 void *os_get_process_list();
 
 /* is_process: Check is a process is running.
  */
 int is_process(char *value, void *p_list);
-
+ 
 
 /*  del_plist:. Deletes the process list
  */
 int del_plist(void *p_list);
-
+ 
 
 /* Used to report messages */
 int notify_rk(int rk_type, char *msg);
@@ -139,7 +139,7 @@ void check_rc_sys(char *basedir);
 void check_rc_pids();
 
 /* Verifies if "pid" is in the proc directory */
-int check_rc_readproc(int pid);
+int check_rc_readproc(int pid); 
 
 void check_rc_ports();
 
diff --git a/src/rootcheck/run_rk_check.c b/src/rootcheck/run_rk_check.c
index 0e2c805..f915f09 100755
--- a/src/rootcheck/run_rk_check.c
+++ b/src/rootcheck/run_rk_check.c
@@ -10,7 +10,7 @@
  * Foundation
  */
 
-
+  
 #include "shared.h"
 #include "rootcheck.h"
 
@@ -28,7 +28,7 @@ int notify_rk(int rk_type, char *msg)
         else if(rk_type == ALERT_SYSTEM_ERROR)
             printf("[ERR]: %s\n", msg);
         else if(rk_type == ALERT_POLICY_VIOLATION)
-            printf("[INFO]: %s\n", msg);
+            printf("[INFO]: %s\n", msg);    
         else
         {
             printf("[FAILED]: %s\n", msg);
@@ -37,12 +37,12 @@ int notify_rk(int rk_type, char *msg)
         printf("\n");
         return(0);
     }
-
+   
     /* No need to alert on that to the server */
     if(rk_type <= ALERT_SYSTEM_ERROR)
         return(0);
 
-    #ifdef OSSECHIDS
+    #ifdef OSSECHIDS    
     if(SendMSG(rootcheck.queue, msg, ROOTCHECK, ROOTCHECK_MQ) < 0)
     {
         merror(QUEUE_SEND, ARGV0);
@@ -59,17 +59,17 @@ int notify_rk(int rk_type, char *msg)
     }
     #endif
 
-    return(0);
+    return(0);        
 }
 
-
+ 
 /* start_rk_daemon
  * Start the rootkit daemon variables
  */
 void start_rk_daemon()
 {
     return;
-
+        
     if(rootcheck.notify == QUEUE)
     {
     }
@@ -86,9 +86,9 @@ void run_rk_check()
 
     FILE *fp;
     OSList *plist;
-
+   
     #ifndef WIN32
-    /* Hard coding basedir */
+    /* Hard coding basedir */ 
     int i;
     char basedir[] = "/";
 
@@ -102,22 +102,22 @@ void run_rk_check()
         }
     }
     #else
-
+    
     /* Basedir for Windows */
     char basedir[] = "C:\\";
-
+    
     #endif
-
-
+    
+  
     /* Setting basedir */
     if(rootcheck.basedir == NULL)
     {
         rootcheck.basedir = basedir;
     }
 
-
+    
     time1 = time(0);
-
+    
     /*** Initial message ***/
     if(rootcheck.notify != QUEUE)
     {
@@ -128,15 +128,15 @@ void run_rk_check()
         printf("Be patient, it may take a few minutes to complete...\n");
         printf("\n");
     }
-
-
+    
+ 
     /* Cleaning the global variables */
     rk_sys_count = 0;
     rk_sys_file[rk_sys_count] = NULL;
     rk_sys_name[rk_sys_count] = NULL;
 
-
-
+    
+    
     /* Sending scan start message */
     notify_rk(ALERT_POLICY_VIOLATION, "Starting rootcheck scan.");
     if(rootcheck.notify == QUEUE)
@@ -162,7 +162,7 @@ void run_rk_check()
             fp = fopen(rootcheck.rootkit_files, "r");
             if(!fp)
             {
-                merror("%s: No rootcheck_files file: '%s'",ARGV0,
+                merror("%s: No rootcheck_files file: '%s'",ARGV0, 
                         rootcheck.rootkit_files);
             }
 
@@ -175,8 +175,8 @@ void run_rk_check()
         }
     }
 
-
-
+  
+  
     /*** Second check. look for trojan entries in common binaries ***/
     if (rootcheck.checks.rc_trojans)
     {
@@ -186,7 +186,7 @@ void run_rk_check()
             merror("%s: No rootcheck_trojans file configured.", ARGV0);
             #endif
         }
-
+        
         else
         {
             fp = fopen(rootcheck.rootkit_trojans, "r");
@@ -210,7 +210,7 @@ void run_rk_check()
 
 
     #ifdef WIN32
-
+    
     /*** Getting process list ***/
     plist = os_get_process_list();
 
@@ -260,7 +260,7 @@ void run_rk_check()
             }
         }
     }
-
+    
     /* Windows Apps */
     if (rootcheck.checks.rc_winapps)
     {
@@ -283,7 +283,7 @@ void run_rk_check()
             }
         }
     }
-
+    
 
     /* Freeing process list */
     del_plist((void *)plist);
@@ -292,13 +292,13 @@ void run_rk_check()
 
     /** Checks for other non Windows. **/
     #else
-
+    
 
 
     /*** Unix audit check ***/
     if (rootcheck.checks.rc_unixaudit)
     {
-        if(rootcheck.unixaudit)
+        if(rootcheck.unixaudit) 
         {
             /* Getting process list. */
             plist = os_get_process_list();
@@ -330,53 +330,53 @@ void run_rk_check()
         }
     }
 
-
+    
     #endif
-
-
+    
+   
     /*** Third check, looking for files on the /dev ***/
     if (rootcheck.checks.rc_dev)
     {
         debug1("%s: DEBUG: Going into check_rc_dev", ARGV0);
         check_rc_dev(rootcheck.basedir);
     }
-
+    
     /*** Fourth check,  scan the whole system looking for additional issues */
     if (rootcheck.checks.rc_sys)
     {
         debug1("%s: DEBUG: Going into check_rc_sys", ARGV0);
         check_rc_sys(rootcheck.basedir);
     }
-
+    
     /*** Process checking ***/
     if (rootcheck.checks.rc_pids)
     {
-        debug1("%s: DEBUG: Going into check_rc_pids", ARGV0);
+        debug1("%s: DEBUG: Going into check_rc_pids", ARGV0); 
         check_rc_pids();
     }
 
     /*** Check all the ports ***/
     if (rootcheck.checks.rc_ports)
     {
-        debug1("%s: DEBUG: Going into check_rc_ports", ARGV0);
-        check_rc_ports();
+        debug1("%s: DEBUG: Going into check_rc_ports", ARGV0); 
+        check_rc_ports(); 
 
         /*** Check open ports ***/
-        debug1("%s: DEBUG: Going into check_open_ports", ARGV0);
+        debug1("%s: DEBUG: Going into check_open_ports", ARGV0); 
         check_open_ports();
     }
-
+        
     /*** Check interfaces ***/
     if (rootcheck.checks.rc_if)
     {
-        debug1("%s: DEBUG: Going into check_rc_if", ARGV0);
+        debug1("%s: DEBUG: Going into check_rc_if", ARGV0); 
         check_rc_if();
     }
-
-
-    debug1("%s: DEBUG: Completed with all checks.", ARGV0);
-
-
+    
+    
+    debug1("%s: DEBUG: Completed with all checks.", ARGV0);    
+   
+   
     /* Cleaning the global memory */
     {
         int li;
@@ -384,7 +384,7 @@ void run_rk_check()
         {
             if(!rk_sys_file[li] ||
                !rk_sys_name[li])
-                break;
+                break; 
 
             free(rk_sys_file[li]);
             free(rk_sys_name[li]);
@@ -393,7 +393,7 @@ void run_rk_check()
 
     /*** Final message ***/
     time2 = time(0);
-
+    
     if(rootcheck.notify != QUEUE)
     {
         printf("\n");
@@ -411,9 +411,9 @@ void run_rk_check()
     {
         merror("%s: INFO: Ending rootcheck scan.", ARGV0);
     }
-
-
-    debug1("%s: DEBUG: Leaving run_rk_check",ARGV0);
+    
+            
+    debug1("%s: DEBUG: Leaving run_rk_check",ARGV0); 
     return;
 }
 
diff --git a/src/rootcheck/unix-process.c b/src/rootcheck/unix-process.c
index 3b873d3..7c098ca 100755
--- a/src/rootcheck/unix-process.c
+++ b/src/rootcheck/unix-process.c
@@ -9,11 +9,11 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/main/license/ .
  */
 
-
+ 
 #include "shared.h"
 #include "rootcheck.h"
 
@@ -25,13 +25,13 @@ char *_os_get_runps(char *ps, int mpid)
     char buf[OS_SIZE_2048 +1];
     char command[OS_SIZE_1024 +1];
     FILE *fp;
-
-
+    
+    
     buf[0] = '\0';
     command[0] = '\0';
-    command[OS_SIZE_1024] = '\0';
-
-
+    command[OS_SIZE_1024] = '\0'; 
+    
+    
     snprintf(command, OS_SIZE_1024, "%s -p %d 2> /dev/null", ps, mpid);
 
     fp = popen(command, "r");
@@ -59,9 +59,9 @@ char *_os_get_runps(char *ps, int mpid)
             while(*tmp_str == ' ')
                  tmp_str++;
 
-
+                 
             nbuf = tmp_str;
-
+            
 
             tmp_str = strchr(nbuf, '\n');
             if(tmp_str)
@@ -87,7 +87,7 @@ void *os_get_process_list()
     int i = 1;
     pid_t max_pid = MAX_PID;
     OSList *p_list = NULL;
-
+    
     char ps[OS_SIZE_1024 +1];
 
 
@@ -110,7 +110,7 @@ void *os_get_process_list()
     if(!p_list)
     {
         merror(LIST_ERROR, ARGV0);
-        return(NULL);
+        return(NULL); 
     }
 
 
@@ -136,11 +136,11 @@ void *os_get_process_list()
              OSList_AddData(p_list, p_info);
          }
     }
-
+    
     return((void *)p_list);
 }
-
-
+         
+ 
 #endif
 
 /* EOF */
diff --git a/src/rootcheck/util/._ads_dump.c b/src/rootcheck/util/._ads_dump.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/rootcheck/util/._ads_dump.c differ
diff --git a/src/rootcheck/util/ads_dump.c b/src/rootcheck/util/ads_dump.c
index 68316bd..c7996a0 100644
--- a/src/rootcheck/util/ads_dump.c
+++ b/src/rootcheck/util/ads_dump.c
@@ -9,11 +9,11 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+ 
 #include <stdio.h>
 #include <string.h>
 #include <sys/stat.h>
-#include <dirent.h>
+#include <dirent.h> 
 #include <windows.h>
 
 
@@ -29,18 +29,18 @@ int ads_found = 0;
 /* Print out streams of a file */
 int os_get_streams(char *full_path)
 {
-    HANDLE file_h;
+    HANDLE file_h; 
     WIN32_STREAM_ID sid;
     void *context = NULL;
 
-    char stream_name[MAX_PATH +1];
-    char final_name[MAX_PATH +1];
+    char stream_name[MAX_PATH +1]; 
+    char final_name[MAX_PATH +1]; 
 
     DWORD dwRead, shs, dw1, dw2;
 
 
     /* Opening file */
-    file_h = CreateFile(full_path,
+    file_h = CreateFile(full_path, 
             GENERIC_READ,
             FILE_SHARE_READ,
             NULL,
@@ -48,8 +48,8 @@ int os_get_streams(char *full_path)
             FILE_FLAG_BACKUP_SEMANTICS | FILE_FLAG_POSIX_SEMANTICS,
             NULL);
 
-    if (file_h == INVALID_HANDLE_VALUE)
-    {
+    if (file_h == INVALID_HANDLE_VALUE) 
+    { 
         return 0;
     }
 
@@ -63,7 +63,7 @@ int os_get_streams(char *full_path)
 
     while(1)
     {
-        if(BackupRead(file_h, (LPBYTE) &sid, shs, &dwRead,
+        if(BackupRead(file_h, (LPBYTE) &sid, shs, &dwRead, 
                     FALSE, FALSE, &context) == 0)
         {
             break;
@@ -75,14 +75,14 @@ int os_get_streams(char *full_path)
 
         stream_name[0] = '\0';
         stream_name[MAX_PATH] = '\0';
-        if(BackupRead(file_h, (LPBYTE)stream_name,
-                    sid.dwStreamNameSize,
+        if(BackupRead(file_h, (LPBYTE)stream_name, 
+                    sid.dwStreamNameSize, 
                     &dwRead, FALSE, FALSE, &context))
         {
             if(dwRead != 0)
             {
                 char *tmp_pt;
-                snprintf(final_name, MAX_PATH, "%s%S", full_path,
+                snprintf(final_name, MAX_PATH, "%s%S", full_path, 
                         (WCHAR *)stream_name);
                 tmp_pt = strrchr(final_name, ':');
                 if(tmp_pt)
@@ -95,7 +95,7 @@ int os_get_streams(char *full_path)
         }
 
         /* Getting next */			
-        if(!BackupSeek(file_h, sid.Size.LowPart, sid.Size.HighPart,
+        if(!BackupSeek(file_h, sid.Size.LowPart, sid.Size.HighPart, 
                     &dw1, &dw2, &context))
         {
             break;
@@ -115,7 +115,7 @@ int read_sys_file(char *file_name)
     /* Getting streams */
     os_get_streams(file_name);
 
-
+    
     if(stat(file_name, &statbuf) < 0)
     {
         return(0);
@@ -171,7 +171,7 @@ int read_sys_dir(char *dir_name)
 
         /* Just ignore . and ..  */
         if((strcmp(entry->d_name,".") == 0) ||
-                (strcmp(entry->d_name,"..") == 0))
+                (strcmp(entry->d_name,"..") == 0))  
         {
             continue;
         }
diff --git a/src/rootcheck/win-common.c b/src/rootcheck/win-common.c
index 10a4545..9b1a5cb 100644
--- a/src/rootcheck/win-common.c
+++ b/src/rootcheck/win-common.c
@@ -9,19 +9,19 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
-
+ 
+ 
 #include "shared.h"
 #include "rootcheck.h"
 
-#ifdef WIN32
+#ifdef WIN32 
 
 
 /** Registry checking values **/
 
 /* Global variables */
 HKEY rk_sub_tree;
-
+ 
 /* Default values */
 #define MAX_KEY_LENGTH 255
 #define MAX_KEY	2048
@@ -34,18 +34,18 @@ HKEY rk_sub_tree;
  */
 int os_check_ads(char *full_path)
 {
-    HANDLE file_h;
+    HANDLE file_h; 
     WIN32_STREAM_ID sid;
     void *context = NULL;
 
-    char stream_name[MAX_PATH +1];
-    char final_name[MAX_PATH +1];
+    char stream_name[MAX_PATH +1]; 
+    char final_name[MAX_PATH +1]; 
 
     DWORD dwRead, shs, dw1, dw2;
 
 
     /* Opening file */
-    file_h = CreateFile(full_path,
+    file_h = CreateFile(full_path, 
             GENERIC_READ,
             FILE_SHARE_READ,
             NULL,
@@ -53,8 +53,8 @@ int os_check_ads(char *full_path)
             FILE_FLAG_BACKUP_SEMANTICS | FILE_FLAG_POSIX_SEMANTICS,
             NULL);
 
-    if (file_h == INVALID_HANDLE_VALUE)
-    {
+    if (file_h == INVALID_HANDLE_VALUE) 
+    { 
         return 0;
     }
 
@@ -68,7 +68,7 @@ int os_check_ads(char *full_path)
 
     while(1)
     {
-        if(BackupRead(file_h, (LPBYTE) &sid, shs, &dwRead,
+        if(BackupRead(file_h, (LPBYTE) &sid, shs, &dwRead, 
                     FALSE, FALSE, &context) == 0)
         {
             break;
@@ -80,8 +80,8 @@ int os_check_ads(char *full_path)
 
         stream_name[0] = '\0';
         stream_name[MAX_PATH] = '\0';
-        if(BackupRead(file_h, (LPBYTE)stream_name,
-                    sid.dwStreamNameSize,
+        if(BackupRead(file_h, (LPBYTE)stream_name, 
+                    sid.dwStreamNameSize, 
                     &dwRead, FALSE, FALSE, &context))
         {
             if(dwRead != 0)
@@ -91,9 +91,9 @@ int os_check_ads(char *full_path)
                 char op_msg[OS_SIZE_1024 +1];
 
                 snprintf(final_name, MAX_PATH, "%s", full_path);
-
+                
                 max_path_size = strlen(final_name);
-
+                
 
                 /* Copying from wide char to char. */
                 while((i < dwRead) && (max_path_size < MAX_PATH))
@@ -123,7 +123,7 @@ int os_check_ads(char *full_path)
         }
 
         /* Getting next */			
-        if(!BackupSeek(file_h, sid.Size.LowPart, sid.Size.HighPart,
+        if(!BackupSeek(file_h, sid.Size.LowPart, sid.Size.HighPart, 
                     &dw1, &dw2, &context))
         {
             break;
@@ -154,7 +154,7 @@ char *__os_winreg_getkey(char *reg_entry)
 
     /* Setting sub tree */
     if((strcmp(reg_entry, "HKEY_LOCAL_MACHINE") == 0) ||
-       (strcmp(reg_entry, "HKLM") == 0))
+       (strcmp(reg_entry, "HKLM") == 0)) 
     {
         rk_sub_tree = HKEY_LOCAL_MACHINE;
     }
@@ -179,7 +179,7 @@ char *__os_winreg_getkey(char *reg_entry)
     {
         /* Setting sub tree to null */
         rk_sub_tree = NULL;
-
+        
         /* Returning tmp_str to the previous value */
         if(tmp_str && (*tmp_str == '\0'))
             *tmp_str = '\\';
@@ -264,7 +264,7 @@ int __os_winreg_querykey(HKEY hKey, char *p_key, char *full_key_name,
         value_buffer[MAX_VALUE_NAME] = '\0';
         data_buffer[MAX_VALUE_NAME] = '\0';
         var_storage[MAX_VALUE_NAME] = '\0';
-
+        
 
         /* Getting each value */
         for(i=0;i<value_count;i++)
@@ -306,22 +306,22 @@ int __os_winreg_querykey(HKEY hKey, char *p_key, char *full_key_name,
              */
             if(!reg_value)
             {
-                return(1);
+                return(1); 
             }
-
+            
 
 
             /* Writing value into a string */
             switch(data_type)
             {
                 int size_available;
-
+                
                 case REG_SZ:
                 case REG_EXPAND_SZ:
                     snprintf(var_storage, MAX_VALUE_NAME, "%s", data_buffer);
                     break;
                 case REG_MULTI_SZ:
-
+                
                     /* Printing multiple strings */
                     size_available = MAX_VALUE_NAME -3;
                     mt_data = data_buffer;
@@ -332,15 +332,15 @@ int __os_winreg_querykey(HKEY hKey, char *p_key, char *full_key_name,
                         {
                             strncat(var_storage, mt_data, size_available);
                             strncat(var_storage, " ", 2);
-                            size_available = MAX_VALUE_NAME -
+                            size_available = MAX_VALUE_NAME - 
                                              (strlen(var_storage) +2);
                         }
                         mt_data += strlen(mt_data) +1;
                     }
-
+                     
                     break;
                 case REG_DWORD:
-                    snprintf(var_storage, MAX_VALUE_NAME,
+                    snprintf(var_storage, MAX_VALUE_NAME, 
                             "%x",(unsigned int)*data_buffer);
                     break;
                 default:
@@ -375,19 +375,19 @@ int __os_winreg_querykey(HKEY hKey, char *p_key, char *full_key_name,
 
     return(0);
 }
-
+  
 
 
 /* int __os_winreg_open_key(char *subkey)
  * Open the registry key
  */
-int __os_winreg_open_key(char *subkey, char *full_key_name,
+int __os_winreg_open_key(char *subkey, char *full_key_name, 
                          char *reg_option, char *reg_value)
 {
     int ret = 1;
     HKEY oshkey;
 
-
+    
     if(RegOpenKeyEx(rk_sub_tree, subkey, 0, KEY_READ,&oshkey) != ERROR_SUCCESS)
     {
         return(0);
@@ -400,8 +400,8 @@ int __os_winreg_open_key(char *subkey, char *full_key_name,
         ret = __os_winreg_querykey(oshkey, subkey, full_key_name,
                                    reg_option, reg_value);
     }
-
-
+    
+    
     RegCloseKey(oshkey);
     return(ret);
 }
@@ -414,7 +414,7 @@ int is_registry(char *entry_name, char *reg_option, char *reg_value)
 {
 
     char *rk;
-
+    
     rk = __os_winreg_getkey(entry_name);
     if(rk_sub_tree == NULL || rk == NULL)
     {
diff --git a/src/rootcheck/win-process.c b/src/rootcheck/win-process.c
index 5b3908f..1d073c9 100644
--- a/src/rootcheck/win-process.c
+++ b/src/rootcheck/win-process.c
@@ -29,7 +29,7 @@ int os_win32_setdebugpriv(HANDLE h, int en)
     LUID luid;
     DWORD cbPrevious = sizeof(TOKEN_PRIVILEGES);
 
-    if(!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid))
+    if(!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid)) 
     {
         return(0);
     }
@@ -51,11 +51,11 @@ int os_win32_setdebugpriv(HANDLE h, int en)
 
 
     /* If en is set to true, we enable the privilege */
-    if(en)
+    if(en) 
     {
         tpPrevious.Privileges[0].Attributes |= (SE_PRIVILEGE_ENABLED);
     }
-    else
+    else 
     {
         tpPrevious.Privileges[0].Attributes ^= (SE_PRIVILEGE_ENABLED &
                 tpPrevious.Privileges[0].Attributes);
@@ -76,7 +76,7 @@ int os_win32_setdebugpriv(HANDLE h, int en)
 void *os_get_process_list()
 {
     OSList *p_list = NULL;
-
+    
     HANDLE hsnap;
     HANDLE hpriv;
     PROCESSENTRY32 p_entry;
@@ -84,7 +84,7 @@ void *os_get_process_list()
 
 
     /* Getting token for enable debug priv */
-    if(!OpenThreadToken(GetCurrentThread(),
+    if(!OpenThreadToken(GetCurrentThread(), 
                         TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY, FALSE, &hpriv))
     {
         if(GetLastError() == ERROR_NO_TOKEN)
@@ -97,7 +97,7 @@ void *os_get_process_list()
             }
 
             if(!OpenThreadToken(GetCurrentThread(),
-                                TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY,
+                                TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY, 
                                 FALSE, &hpriv))
             {
                 merror("%s: ERROR: os_get_win32_process_list -> "
@@ -111,7 +111,7 @@ void *os_get_process_list()
             return(NULL);
         }
     }
-
+    
 
     /* Enabling debug privilege */
     if(!os_win32_setdebugpriv(hpriv, 1))
@@ -149,7 +149,7 @@ void *os_get_process_list()
         merror(LIST_ERROR, ARGV0);
         return(0);
     }
-
+                                            
 
     /* Getting each process name and path */
     while(Process32Next( hsnap, &p_entry))
@@ -160,15 +160,15 @@ void *os_get_process_list()
 
         /* Setting process name */
         os_strdup(p_entry.szExeFile, p_name);
-
-
+        
+        
         /* Getting additional information from modules */
         HANDLE hmod = INVALID_HANDLE_VALUE;
         MODULEENTRY32 m_entry;
         m_entry.dwSize = sizeof(MODULEENTRY32);
-
+        
         /* Snapshot of the process */
-        hmod = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,
+        hmod = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, 
                                         p_entry.th32ProcessID);
         if(hmod == INVALID_HANDLE_VALUE)
         {
diff --git a/src/shared/._Makefile b/src/shared/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._Makefile differ
diff --git a/src/shared/._agent_op.c b/src/shared/._agent_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._agent_op.c differ
diff --git a/src/shared/._debug_op.c b/src/shared/._debug_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._debug_op.c differ
diff --git a/src/shared/._dirtree_op.c b/src/shared/._dirtree_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._dirtree_op.c differ
diff --git a/src/shared/._file-queue.c b/src/shared/._file-queue.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._file-queue.c differ
diff --git a/src/shared/._file_op.c b/src/shared/._file_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._file_op.c differ
diff --git a/src/shared/._hash_op.c b/src/shared/._hash_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._hash_op.c differ
diff --git a/src/shared/._help.c b/src/shared/._help.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._help.c differ
diff --git a/src/shared/._list_op.c b/src/shared/._list_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._list_op.c differ
diff --git a/src/shared/._math_op.c b/src/shared/._math_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._math_op.c differ
diff --git a/src/shared/._mem_op.c b/src/shared/._mem_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._mem_op.c differ
diff --git a/src/shared/._mq_op.c b/src/shared/._mq_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._mq_op.c differ
diff --git a/src/shared/._privsep_op.c b/src/shared/._privsep_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._privsep_op.c differ
diff --git a/src/shared/._pthreads_op.c b/src/shared/._pthreads_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._pthreads_op.c differ
diff --git a/src/shared/._read-agents.c b/src/shared/._read-agents.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._read-agents.c differ
diff --git a/src/shared/._read-alert.c b/src/shared/._read-alert.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._read-alert.c differ
diff --git a/src/shared/._regex_op.c b/src/shared/._regex_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._regex_op.c differ
diff --git a/src/shared/._report_op.c b/src/shared/._report_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._report_op.c differ
diff --git a/src/shared/._rules_op.c b/src/shared/._rules_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._rules_op.c differ
diff --git a/src/shared/._sig_op.c b/src/shared/._sig_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._sig_op.c differ
diff --git a/src/shared/._store_op.c b/src/shared/._store_op.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._store_op.c differ
diff --git a/src/shared/._string_op.c b/src/shared/._string_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._string_op.c differ
diff --git a/src/shared/._validate_op.c b/src/shared/._validate_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._validate_op.c differ
diff --git a/src/shared/._wait_op.c b/src/shared/._wait_op.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/._wait_op.c differ
diff --git a/src/shared/agent_op.c b/src/shared/agent_op.c
index 229043b..00af15c 100755
--- a/src/shared/agent_op.c
+++ b/src/shared/agent_op.c
@@ -18,7 +18,7 @@
 /** Checks if syscheck is to be executed/restarted.
  *  Returns 1 on success or 0 on failure (shouldn't be executed now).
  */
-int os_check_restart_syscheck()
+int os_check_restart_syscheck() 
 {
     struct stat restart_status;
 
@@ -29,19 +29,19 @@ int os_check_restart_syscheck()
     {
         if(stat(SYSCHECK_RESTART, &restart_status) == -1)
             return(0);
-
-        unlink(SYSCHECK_RESTART);
+        
+        unlink(SYSCHECK_RESTART);    
     }
     else
     {
         if(stat(SYSCHECK_RESTART_PATH, &restart_status) == -1)
             return(0);
-
-        unlink(SYSCHECK_RESTART_PATH);
+        
+        unlink(SYSCHECK_RESTART_PATH);    
     }
+    
 
-
-    return(1);
+    return(1);    
 }
 
 
@@ -84,8 +84,8 @@ char* os_read_agent_name()
         fp = fopen(AGENT_INFO_FILE, "r");
     else
         fp = fopen(AGENT_INFO_FILEP, "r");
-
-    /* We give 1 second for the file to be created... */
+        
+    /* We give 1 second for the file to be created... */ 
     if(!fp)
     {
         sleep(1);
@@ -93,9 +93,9 @@ char* os_read_agent_name()
         if(isChroot())
             fp = fopen(AGENT_INFO_FILE, "r");
         else
-            fp = fopen(AGENT_INFO_FILEP, "r");
+            fp = fopen(AGENT_INFO_FILEP, "r");        
     }
-
+    
     if(!fp)
     {
         debug1(FOPEN_ERROR, __local_name, AGENT_INFO_FILE);
@@ -111,7 +111,7 @@ char* os_read_agent_name()
         char *ret = NULL;
         os_strdup(buf, ret);
         fclose(fp);
-
+        
         debug2("%s: os_read_agent_name returned (%s).", __local_name, ret);
 
         return(ret);
@@ -203,12 +203,12 @@ char *os_read_agent_id()
  *  Returns NULL on error.
  *
  *  Description:
- *  Comma separated list of strings that used to identify what type
+ *  Comma separated list of strings that used to identify what type 
  *  of configuration is used for this agent.
  *  The profile name is set in the agent's etc/ossec.conf file
  *  It is matched with the ossec manager's agent.conf file to read
  *  configuration only applicable to this profile name.
- *
+ *  
  */
 char* os_read_agent_profile()
 {
@@ -233,7 +233,7 @@ char* os_read_agent_profile()
 
 
     /* Getting profile */
-    if(fgets(buf, 1024, fp) && fgets(buf, 1024, fp) &&
+    if(fgets(buf, 1024, fp) && fgets(buf, 1024, fp) && 
        fgets(buf, 1024, fp) && fgets(buf, 1024, fp))
     {
         char *ret = NULL;
@@ -260,7 +260,7 @@ char* os_read_agent_profile()
  *  Returns 1 on success or <= 0 on failure.
  */
 /* cmoraes: changed function. added cfg_profile_name parameter */
-int os_write_agent_info(char *agent_name, char *agent_ip,
+int os_write_agent_info(char *agent_name, char *agent_ip, 
                         char *agent_id,   char *cfg_profile_name)
 {
     FILE *fp;
diff --git a/src/shared/custom_output_search_replace.c b/src/shared/custom_output_search_replace.c
deleted file mode 100644
index 1f593e9..0000000
--- a/src/shared/custom_output_search_replace.c
+++ /dev/null
@@ -1,158 +0,0 @@
-#include "shared.h"
-char * searchAndReplace2(char* orig, char* search, char*value)
-{
-  char *p;
-  size_t total_len = strlen(orig);
-  size_t token_len = strlen(search);
-  size_t value_len = strlen(value);
-
-  int inx_start = 0;
-  char * tmp = NULL;
-  int tmp_offset = 0;
-  int total_bytes_allocated = 0;
-  int from = 0;
-  p = strstr(orig, search);
-  if(p==NULL)
-  {
-    os_strdup(orig,tmp);
-
-    return tmp;
-  }
-  if (value==NULL)
-  {
-    value="";
-  }
-  inx_start = p - orig;
-
-  while (p != NULL)
-  {
-    if (inx_start > 0)
-    {
-      if (tmp == NULL)
-      {
-        int len_to_add = (inx_start);
-
-        tmp = (char*) malloc(sizeof(char) * len_to_add);
-        total_bytes_allocated += len_to_add;
-
-        strncpy(tmp, orig + tmp_offset, inx_start);
-        tmp_offset = inx_start;
-      }
-
-      total_bytes_allocated += value_len;
-      tmp = (char*) realloc(tmp, total_bytes_allocated);
-
-      strncpy(tmp + tmp_offset, value, value_len);
-      tmp_offset += value_len;
-
-
-      p = strstr(orig + inx_start + token_len, search);
-
-      if(p!=NULL)
-      {
-        inx_start = p - orig;
-        from = inx_start + token_len;
-        if (inx_start - tmp_offset > 0)
-        {
-          total_bytes_allocated += inx_start - from;
-          tmp = (char*) realloc(tmp, total_bytes_allocated);
-          strncpy(tmp + tmp_offset, orig + from, inx_start - from);
-          tmp_offset += inx_start - from;
-        }
-      }//No more coincidences.
-      else
-      {
-        from = inx_start + token_len;
-      }
-    }
-
-  }
-  if ((from  < total_len) && from>0)
-  {
-    total_bytes_allocated += total_len - from;//((from - (int)token_len) + (int)value_len);
-    tmp = (char*) realloc(tmp, total_bytes_allocated+1);
-    strncpy(tmp + tmp_offset, orig + from, total_len - from);
-  }
-  tmp[total_bytes_allocated]='\0';
-
-  return tmp;
-}
-#include "shared.h"
-char * searchAndReplace(char* orig, char* search, char*value)
-{
-  char *p;
-  size_t total_len = strlen(orig);
-  size_t token_len = strlen(search);
-  size_t value_len = strlen(value);
-
-  int inx_start = 0;
-  char * tmp = NULL;
-  int tmp_offset = 0;
-  int total_bytes_allocated = 0;
-  int from = 0;
-  p = strstr(orig, search);
-  if(p==NULL)
-  {
-    os_strdup(orig,tmp);
-
-    return tmp;
-  }
-  if (value==NULL)
-  {
-    value="";
-  }
-  inx_start = p - orig;
-
-  while (p != NULL)
-  {
-    if (inx_start > 0)
-    {
-      if (tmp == NULL)
-      {
-        int len_to_add = (inx_start);
-
-        tmp = (char*) malloc(sizeof(char) * len_to_add);
-        total_bytes_allocated += len_to_add;
-
-        strncpy(tmp, orig + tmp_offset, inx_start);
-        tmp_offset = inx_start;
-      }
-
-      total_bytes_allocated += value_len;
-      tmp = (char*) realloc(tmp, total_bytes_allocated);
-
-      strncpy(tmp + tmp_offset, value, value_len);
-      tmp_offset += value_len;
-
-
-      p = strstr(orig + inx_start + token_len, search);
-
-      if(p!=NULL)
-      {
-        inx_start = p - orig;
-        from = inx_start + token_len;
-        if (inx_start - tmp_offset > 0)
-        {
-          total_bytes_allocated += inx_start - from;
-          tmp = (char*) realloc(tmp, total_bytes_allocated);
-          strncpy(tmp + tmp_offset, orig + from, inx_start - from);
-          tmp_offset += inx_start - from;
-        }
-      }//No more coincidences.
-      else
-      {
-        from = inx_start + token_len;
-      }
-    }
-
-  }
-  if ((from  < total_len) && from>0)
-  {
-    total_bytes_allocated += total_len - from;//((from - (int)token_len) + (int)value_len);
-    tmp = (char*) realloc(tmp, total_bytes_allocated+1);
-    strncpy(tmp + tmp_offset, orig + from, total_len - from);
-  }
-  tmp[total_bytes_allocated]='\0';
-
-  return tmp;
-}
diff --git a/src/shared/debug_op.c b/src/shared/debug_op.c
index 6be1f8c..8b492c8 100755
--- a/src/shared/debug_op.c
+++ b/src/shared/debug_op.c
@@ -42,13 +42,13 @@ void _log(const char * msg,va_list args)
     va_list args2;
 
     FILE *fp;
-
+    
     tm = time(NULL);
     p = localtime(&tm);
 
     /* Duplicating args */
     va_copy(args2, args);
-
+    
 
     /* If under chroot, log directly to /logs/ossec.log */
     if(chroot_flag == 1)
@@ -70,7 +70,7 @@ void _log(const char * msg,va_list args)
     if(fp)
     {
         (void)fprintf(fp,"%d/%02d/%02d %02d:%02d:%02d ",
-                      p->tm_year+1900,p->tm_mon+1,
+                      p->tm_year+1900,p->tm_mon+1, 
                       p->tm_mday,p->tm_hour,p->tm_min,p->tm_sec);
         (void)vfprintf(fp, msg, args);
         #ifdef WIN32
@@ -157,15 +157,15 @@ void log2file(const char * msg,... )
     _log(msg, args);
 
     daemon_flag = dbg_tmp;
-
+    
     va_end(args);
 }
 
 void ErrorExit(const char *msg, ...)
 {
     va_list args;
-
-    #ifdef WIN32
+   
+    #ifdef WIN32 
         /* If not MA */
         #ifndef MA
         WinSetError();
@@ -198,13 +198,13 @@ void print_out(const char *msg, ...)
 
     /* Print to stderr */
     (void)vfprintf(stderr, msg, args);
-
+    
     #ifdef WIN32
     (void)fprintf(stderr, "\r\n");
     #else
     (void)fprintf(stderr, "\n");
     #endif
-
+    
     va_end(args);
 }
 
diff --git a/src/shared/dirtree_op.c b/src/shared/dirtree_op.c
index 47adbb4..4ff5e0b 100755
--- a/src/shared/dirtree_op.c
+++ b/src/shared/dirtree_op.c
@@ -12,15 +12,15 @@
  * License details at the LICENSE file included with OSSEC or
  * online at: http://www.ossec.net/en/licensing.html
  */
+          
 
-
-/* Common API for dealing with directory trees */
+/* Common API for dealing with directory trees */ 
 
 
 #include "shared.h"
 
 
-/* Create the tree
+/* Create the tree 
  * Return NULL on error
  */
 OSDirTree *OSDirTree_Create()
@@ -32,16 +32,16 @@ OSDirTree *OSDirTree_Create()
     {
         return(NULL);
     }
-
+    
     my_tree->first_node = NULL;
     my_tree->last_node = NULL;
-
+    
     return(my_tree);
 }
 
 
 
-/* Get first node from tree (starting from parent)
+/* Get first node from tree (starting from parent) 
  * Returns null on invalid tree (not initialized)
  */
 OSTreeNode *OSDirTree_GetFirstNode(OSDirTree *tree)
@@ -55,7 +55,7 @@ OSTreeNode *OSDirTree_GetFirstNode(OSDirTree *tree)
  * Internal call, looks up for an entry in the middle of the tree.
  * Should not be called directly.
  */
-OSDirTree *_OSTreeNode_Add(OSDirTree *tree, char *str,
+OSDirTree *_OSTreeNode_Add(OSDirTree *tree, char *str, 
                            void *data, char sep)
 {
     char *tmp_str;
@@ -83,7 +83,7 @@ OSDirTree *_OSTreeNode_Add(OSDirTree *tree, char *str,
         tree->first_node = NULL;
         tree->last_node = NULL;
     }
-
+    
 
     curnode = tree->first_node;
 
@@ -109,7 +109,7 @@ OSDirTree *_OSTreeNode_Add(OSDirTree *tree, char *str,
     {
         os_calloc(1, sizeof(OSTreeNode), newnode);
         //printf("XXXX Adding node: %s\n", str);
-
+        
 
         if(!tree->first_node && !tree->last_node)
         {
@@ -147,11 +147,11 @@ OSDirTree *_OSTreeNode_Add(OSDirTree *tree, char *str,
     {
         *tmp_str = sep;
     }
-
+                                
 
     return(tree);
 }
-
+        
 
 
 /** void OSDirTree_AddToTree
@@ -169,16 +169,16 @@ void OSDirTree_AddToTree(OSDirTree *tree, char *str, void *data, char sep)
     char *tmp_str;
     OSTreeNode *newnode;
     OSTreeNode *curnode;
-
-
+    
+    
     /* First character doesn't count as a separator */
     tmp_str = strchr(str +1, sep);
     if(tmp_str)
     {
         *tmp_str = '\0';
     }
-
-
+    
+    
     curnode = tree->first_node;
     while(curnode)
     {
@@ -187,7 +187,7 @@ void OSDirTree_AddToTree(OSDirTree *tree, char *str, void *data, char sep)
             /* If we have other elements, keep going */
             if(tmp_str)
             {
-                curnode->child = _OSTreeNode_Add(curnode->child,
+                curnode->child = _OSTreeNode_Add(curnode->child, 
                                                  tmp_str +1, data, sep);
             }
             break;
@@ -214,7 +214,7 @@ void OSDirTree_AddToTree(OSDirTree *tree, char *str, void *data, char sep)
             tree->last_node->next = newnode;
             tree->last_node = newnode;
         }
-
+        
         newnode->next = NULL;
         os_strdup(str, newnode->value);
 
@@ -222,7 +222,7 @@ void OSDirTree_AddToTree(OSDirTree *tree, char *str, void *data, char sep)
         /* If we have other elements, keep going */
         if(tmp_str)
         {
-            newnode->child = _OSTreeNode_Add(newnode->child,
+            newnode->child = _OSTreeNode_Add(newnode->child, 
                                              tmp_str +1, data, sep);
             newnode->data = NULL;
         }
@@ -291,7 +291,7 @@ void *OSDirTree_SearchTree(OSDirTree *tree, char *str, char sep)
     {
         *tmp_str = sep;
     }
-
+                                
 
     return(ret);
 }
diff --git a/src/shared/file-queue.c b/src/shared/file-queue.c
index d0c316d..cf07d2d 100755
--- a/src/shared/file-queue.c
+++ b/src/shared/file-queue.c
@@ -33,13 +33,13 @@ void file_sleep()
 {
     #ifndef WIN32
     struct timeval fp_timeout;
-
+        
     fp_timeout.tv_sec = FQ_TIMEOUT;
     fp_timeout.tv_usec = 0;
 
     /* Waiting for the select timeout */
     select(0, NULL, NULL, NULL, &fp_timeout);
-
+    
     #else
     /* Windows don't like select that way */
     Sleep((FQ_TIMEOUT + 2) * 1000);
@@ -71,7 +71,7 @@ void GetFile_Queue(file_queue *fileq)
                                    ALERTS,
                                    fileq->year,
                                    fileq->mon,
-                                   fileq->day);
+                                   fileq->day);  
     }
 }
 
@@ -80,7 +80,7 @@ void GetFile_Queue(file_queue *fileq)
 /** int Handle_Queue(file_queue *fileq)
  * Re Handle the file queue.
  */
-int Handle_Queue(file_queue *fileq, int flags)
+int Handle_Queue(file_queue *fileq, int flags) 
 {
     /* Closing if it is open */
     if(!(flags & CRALERT_FP_SET))
@@ -116,7 +116,7 @@ int Handle_Queue(file_queue *fileq, int flags)
         }
     }
 
-
+   
     /* File change time */
     if(fstat(fileno(fileq->fp), &fileq->f_status) < 0)
     {
@@ -125,9 +125,9 @@ int Handle_Queue(file_queue *fileq, int flags)
         fileq->fp = NULL;
         return(-1);
     }
-
+    
     fileq->last_change = fileq->f_status.st_mtime;
-
+    
     return(1);
 }
 
@@ -145,29 +145,29 @@ int Init_FileQueue(file_queue *fileq, struct tm *p, int flags)
     }
     fileq->last_change = 0;
     fileq->flags = 0;
-
+    
     fileq->day = p->tm_mday;
     fileq->year = p->tm_year+1900;
-
+    
     strncpy(fileq->mon, s_month[p->tm_mon], 4);
     memset(fileq->file_name, '\0',MAX_FQUEUE + 1);
 
 
     /* Setting the supplied flags */
     fileq->flags = flags;
-
+    
 
     /* Getting latest file */
     GetFile_Queue(fileq);
 
-
+    
     /* Always seek end when starting the queue */
     if(Handle_Queue(fileq, fileq->flags) < 0)
     {
         return(-1);
     }
 
-    return(0);
+    return(0);    
 }
 
 
@@ -180,7 +180,7 @@ alert_data *Read_FileMon(file_queue *fileq, struct tm *p, int timeout)
     int i = 0;
     alert_data *al_data;
 
-
+    
     /* If the file queue is not available, try to access it */
     if(!fileq->fp)
     {
@@ -191,7 +191,7 @@ alert_data *Read_FileMon(file_queue *fileq, struct tm *p, int timeout)
         }
     }
 
-
+    
     /* Getting currently file */
     if(p->tm_mday != fileq->day)
     {
@@ -218,7 +218,7 @@ alert_data *Read_FileMon(file_queue *fileq, struct tm *p, int timeout)
         }
     }
 
-
+    
     /* Try up to timeout times to get an event */
     while(i < timeout)
     {
@@ -227,12 +227,12 @@ alert_data *Read_FileMon(file_queue *fileq, struct tm *p, int timeout)
         {
             return(al_data);
         }
-
-        i++;
+            
+        i++;    
         file_sleep();
     }
 
-
+    
     /* Returning NULL if timeout expires. */
     return(NULL);
 }
diff --git a/src/shared/file_op.c b/src/shared/file_op.c
index 17778e2..1bb7efd 100755
--- a/src/shared/file_op.c
+++ b/src/shared/file_op.c
@@ -11,7 +11,7 @@
  */
 
 
-/* Functions to handle operation with files
+/* Functions to handle operation with files 
  */
 
 
@@ -53,7 +53,7 @@
 #ifndef PRODUCT_DATACENTER_SERVER_CORE_V
 #define PRODUCT_DATACENTER_SERVER_CORE_V 0x00000027
 #define PRODUCT_DATACENTER_SERVER_CORE_V_C "Datacenter Edition (core) "
-#endif
+#endif 
 
 #ifndef PRODUCT_DATACENTER_SERVER_V
 #define PRODUCT_DATACENTER_SERVER_V 0x00000025
@@ -251,7 +251,7 @@ int CreatePID(char *name, int pid)
 {
     char file[256];
     FILE *fp;
-
+    
     if(isChroot())
     {
         snprintf(file,255,"%s/%s-%d.pid",OS_PIDFILE,name,pid);
@@ -265,20 +265,18 @@ int CreatePID(char *name, int pid)
     fp = fopen(file,"a");
     if(!fp)
         return(-1);
-
+        
     fprintf(fp,"%d\n",pid);
-
-    chmod(file, 0640);
-
+    
     fclose(fp);
-
+    
     return(0);
 }
 
 int DeletePID(char *name)
 {
     char file[256];
-
+    
     if(isChroot())
     {
         snprintf(file,255,"%s/%s-%d.pid",OS_PIDFILE,name,(int)getpid());
@@ -291,9 +289,9 @@ int DeletePID(char *name)
 
     if(File_DateofChange(file) < 0)
         return(-1);
-
+    
     unlink(file);	
-
+    
     return(0);
 }
 
@@ -312,7 +310,7 @@ int UnmergeFiles(char *finalpath, char *optdir)
     finalfp = fopen(finalpath, "r");
     if(!finalfp)
     {
-        merror("%s: ERROR: Unable to read merged file: '%s'.",
+        merror("%s: ERROR: Unable to read merged file: '%s'.", 
                 __local_name, finalpath);
         return(0);
     }
@@ -325,7 +323,7 @@ int UnmergeFiles(char *finalpath, char *optdir)
             break;
         }
 
-
+        
         /* Initiator. */
         if(buf[0] != '!')
             continue;
@@ -363,7 +361,7 @@ int UnmergeFiles(char *finalpath, char *optdir)
         if(!fp)
         {
             ret = 0;
-            merror("%s: ERROR: Unable to unmerge file '%s'.",
+            merror("%s: ERROR: Unable to unmerge file '%s'.", 
                     __local_name, final_name);
         }
 
@@ -433,7 +431,7 @@ int MergeAppendFile(char *finalpath, char *files)
         finalfp = fopen(finalpath, "w");
         if(!finalfp)
         {
-            merror("%s: ERROR: Unable to create merged file: '%s'.",
+            merror("%s: ERROR: Unable to create merged file: '%s'.", 
                     __local_name, finalpath);
             return(0);
         }
@@ -446,7 +444,7 @@ int MergeAppendFile(char *finalpath, char *files)
     finalfp = fopen(finalpath, "a");
     if(!finalfp)
     {
-        merror("%s: ERROR: Unable to create merged file: '%s'.",
+        merror("%s: ERROR: Unable to create merged file: '%s'.", 
                 __local_name, finalpath);
         return(0);
     }
@@ -504,7 +502,7 @@ int MergeFiles(char *finalpath, char **files)
     finalfp = fopen(finalpath, "w");
     if(!finalfp)
     {
-        merror("%s: ERROR: Unable to create merged file: '%s'.",
+        merror("%s: ERROR: Unable to create merged file: '%s'.", 
                __local_name, finalpath);
         return(0);
     }
@@ -569,7 +567,7 @@ char *getuname()
         if(ret == NULL)
             return(NULL);
 
-        snprintf(ret, 255, "%s %s %s %s %s - %s %s",
+        snprintf(ret, 255, "%s %s %s %s %s - %s %s", 
                                  uts_buf.sysname,
                                  uts_buf.nodename,
                                  uts_buf.release,
@@ -585,9 +583,9 @@ char *getuname()
         ret = calloc(256, sizeof(char));
         if(ret == NULL)
             return(NULL);
-
+        
         snprintf(ret, 255, "No system info available -  %s %s",
-                           __name, __version);
+                           __name, __version);     
 
         return(ret);
     }
@@ -644,7 +642,7 @@ void goDaemonLight()
     /* Going to / */
     chdir("/");
 
-
+    
     return;
 }
 
@@ -702,7 +700,7 @@ void goDaemon()
     /* Going to / */
     chdir("/");
 
-
+    
     /* Closing stdin, stdout and stderr */
     /*
     fclose(stdin);
@@ -716,7 +714,7 @@ void goDaemon()
     open("/dev/null", O_RDWR);
     open("/dev/null", O_RDWR);
     */
-
+    
     return;
 }
 
@@ -741,7 +739,7 @@ int checkVista()
        strstr(m_uname, "Windows 7"))
     {
         isVista = 1;
-        verbose("%s: INFO: System is Vista or Windows Server 2008.",
+        verbose("%s: INFO: System is Vista or Windows Server 2008.", 
                 __local_name);
     }
 
@@ -763,7 +761,7 @@ char *getuname()
     typedef BOOL (WINAPI *PGPI)(DWORD, DWORD, DWORD, DWORD, PDWORD);
 
 
-    /* Extracted from ms web site
+    /* Extracted from ms web site 
      * http://msdn.microsoft.com/library/en-us/sysinfo/base/getting_the_system_version.asp
      */
     OSVERSIONINFOEX osvi;
@@ -779,14 +777,14 @@ char *getuname()
     if(!(bOsVersionInfoEx = GetVersionEx ((OSVERSIONINFO *) &osvi)))
     {
         osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
-        if (!GetVersionEx((OSVERSIONINFO *)&osvi))
+        if (!GetVersionEx((OSVERSIONINFO *)&osvi)) 
             return(NULL);
     }
 
     /* Allocating the memory */
     os_calloc(OS_SIZE_1024 +1, sizeof(char), ret);
     ret[OS_SIZE_1024] = '\0';
-
+    
     switch(osvi.dwPlatformId)
     {
         /* Test for the Windows NT product family. */
@@ -817,7 +815,7 @@ char *getuname()
 
                 /* Getting product version. */
                 pGPI = (PGPI) GetProcAddress(
-                              GetModuleHandle(TEXT("kernel32.dll")),
+                              GetModuleHandle(TEXT("kernel32.dll")), 
                                                    "GetProductInfo");
 
                 pGPI( 6, 0, 0, 0, &dwType);
@@ -942,7 +940,7 @@ char *getuname()
                         strncat(ret, PRODUCT_WEB_SERVER_CORE_C, ret_size -1);
                         break;
                 }
-
+                
 
                 ret_size-=strlen(ret) +1;
             }
@@ -950,18 +948,18 @@ char *getuname()
             else if(osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 2)
             {
                 pGNSI = (PGNSI) GetProcAddress(
-                        GetModuleHandle("kernel32.dll"),
+                        GetModuleHandle("kernel32.dll"), 
                         "GetNativeSystemInfo");
                 if(NULL != pGNSI)
                     pGNSI(&si);
 
                 if( GetSystemMetrics(89) )
-                    strncat(ret, "Microsoft Windows Server 2003 R2 ",
+                    strncat(ret, "Microsoft Windows Server 2003 R2 ", 
                                  ret_size -1);
                 else if(osvi.wProductType == VER_NT_WORKSTATION &&
                         si.wProcessorArchitecture==PROCESSOR_ARCHITECTURE_AMD64)
                 {
-                    strncat(ret,
+                    strncat(ret, 
                             "Microsoft Windows XP Professional x64 Edition ",
                            ret_size -1 );
                 }
@@ -969,7 +967,7 @@ char *getuname()
                 {
                     strncat(ret, "Microsoft Windows Server 2003, ",ret_size-1);
                 }
-
+                
                 ret_size-=strlen(ret) +1;
             }
 
@@ -979,7 +977,7 @@ char *getuname()
 
                 ret_size-=strlen(ret) +1;
             }
-
+            
             else if(osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 0)
             {
                 strncat(ret, "Microsoft Windows 2000 ", ret_size -1);
@@ -1011,15 +1009,15 @@ char *getuname()
                         strncat(ret, "Workstation 4.0 ", ret_size -1);
                     else if( osvi.wSuiteMask & VER_SUITE_PERSONAL )
                         strncat(ret, "Home Edition ", ret_size -1);
-                    else
+                    else 
                         strncat(ret, "Professional ",ret_size -1);
 
                     /* Fixing size */
-                    ret_size-=strlen(ret) +1;
+                    ret_size-=strlen(ret) +1;    
                 }
 
                 /* Test for the server type. */
-                else if( osvi.wProductType == VER_NT_SERVER ||
+                else if( osvi.wProductType == VER_NT_SERVER || 
                         osvi.wProductType == VER_NT_DOMAIN_CONTROLLER )
                 {
                     if(osvi.dwMajorVersion==5 && osvi.dwMinorVersion==2)
@@ -1028,7 +1026,7 @@ char *getuname()
                             PROCESSOR_ARCHITECTURE_IA64 )
                         {
                             if( osvi.wSuiteMask & VER_SUITE_DATACENTER )
-                                strncat(ret,
+                                strncat(ret, 
                                 "Datacenter Edition for Itanium-based Systems ",
                                 ret_size -1);
                             else if( osvi.wSuiteMask & VER_SUITE_ENTERPRISE )
@@ -1036,7 +1034,7 @@ char *getuname()
                                 "Enterprise Edition for Itanium-based Systems ",
                                  ret_size -1);
 
-                            ret_size-=strlen(ret) +1;
+                            ret_size-=strlen(ret) +1;    
                         }
 
                         else if ( si.wProcessorArchitecture==
@@ -1048,11 +1046,11 @@ char *getuname()
                             else if( osvi.wSuiteMask & VER_SUITE_ENTERPRISE )
                                 strncat(ret, "Enterprise x64 Edition ",
                                              ret_size -1 );
-                            else
+                            else 
                                 strncat(ret, "Standard x64 Edition ",
                                              ret_size -1 );
 
-                            ret_size-=strlen(ret) +1;
+                            ret_size-=strlen(ret) +1;    
                         }
 
                         else
@@ -1064,10 +1062,10 @@ char *getuname()
                                 strncat(ret,"Enterprise Edition ",ret_size -1);
                             else if ( osvi.wSuiteMask == VER_SUITE_BLADE )
                                 strncat(ret,"Web Edition ",ret_size -1 );
-                            else
+                            else 
                                 strncat(ret, "Standard Edition ",ret_size -1);
 
-                            ret_size-=strlen(ret) +1;
+                            ret_size-=strlen(ret) +1;    
                         }
                     }
                     else if(osvi.dwMajorVersion==5 && osvi.dwMinorVersion==0)
@@ -1076,25 +1074,25 @@ char *getuname()
                             strncat(ret, "Datacenter Server ",ret_size -1);
                         else if( osvi.wSuiteMask & VER_SUITE_ENTERPRISE )
                             strncat(ret, "Advanced Server ",ret_size -1 );
-                        else
+                        else 
                             strncat(ret, "Server ",ret_size -1);
 
-                        ret_size-=strlen(ret) +1;
+                        ret_size-=strlen(ret) +1;        
                     }
                     else if(osvi.dwMajorVersion <= 4)  /* Windows NT 4.0  */
                     {
                         if( osvi.wSuiteMask & VER_SUITE_ENTERPRISE )
                             strncat(ret, "Server 4.0, Enterprise Edition ",
                                          ret_size -1 );
-                        else
+                        else 
                             strncat(ret, "Server 4.0 ",ret_size -1);
-
+                        
                         ret_size-=strlen(ret) +1;
                     }
                 }
             }
             /* Test for specific product on Windows NT 4.0 SP5 and earlier */
-            else
+            else  
             {
                 HKEY hKey;
                 char szProductType[81];
@@ -1107,7 +1105,7 @@ char *getuname()
                 if(lRet == ERROR_SUCCESS)
                 {
                     char __wv[32];
-
+                    
                     lRet = RegQueryValueEx( hKey, "ProductType", NULL, NULL,
                             (LPBYTE) szProductType, &dwBufLen);
                     RegCloseKey( hKey );
@@ -1124,7 +1122,7 @@ char *getuname()
                         ret_size-=strlen(ret) +1;
 
                         memset(__wv, '\0', 32);
-                        snprintf(__wv, 31,
+                        snprintf(__wv, 31, 
                                 "%d.%d ",
                                 (int)osvi.dwMajorVersion,
                                 (int)osvi.dwMinorVersion);
@@ -1137,9 +1135,9 @@ char *getuname()
 
             /* Display service pack (if any) and build number. */
 
-            if( osvi.dwMajorVersion == 4 &&
+            if( osvi.dwMajorVersion == 4 && 
                     lstrcmpi( osvi.szCSDVersion, "Service Pack 6" ) == 0 )
-            {
+            { 
                 HKEY hKey;
                 LONG lRet;
                 char __wp[64];
@@ -1150,8 +1148,8 @@ char *getuname()
                         "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Hotfix\\Q246009",
                         0, KEY_QUERY_VALUE, &hKey );
                 if( lRet == ERROR_SUCCESS )
-                    snprintf(__wp, 63, "Service Pack 6a (Build %d)",
-                            (int)osvi.dwBuildNumber & 0xFFFF );
+                    snprintf(__wp, 63, "Service Pack 6a (Build %d)", 
+                            (int)osvi.dwBuildNumber & 0xFFFF );         
                 else /* Windows NT 4.0 prior to SP6a */
                 {
                     snprintf(__wp, 63, "%s (Build %d)",
@@ -1185,13 +1183,13 @@ char *getuname()
             {
                 strncat(ret, "Microsoft Windows 95 ", ret_size -1);
                 ret_size-=strlen(ret) +1;
-            }
+            } 
 
             if (osvi.dwMajorVersion == 4 && osvi.dwMinorVersion == 10)
             {
                 strncat(ret, "Microsoft Windows 98 ", ret_size -1);
                 ret_size-=strlen(ret) +1;
-            }
+            } 
 
             if (osvi.dwMajorVersion == 4 && osvi.dwMinorVersion == 90)
             {
@@ -1199,7 +1197,7 @@ char *getuname()
                         ret_size -1);
 
                 ret_size-=strlen(ret) +1;
-            }
+            } 
             break;
 
         case VER_PLATFORM_WIN32s:
@@ -1213,10 +1211,10 @@ char *getuname()
     /* Adding ossec version */
     snprintf(os_v, 128, " - %s %s", __name, __version);
     strncat(ret, os_v, ret_size -1);
-
-
+     
+     
     /* Returning system information */
-    return(ret);
+    return(ret); 
 
 }
 #endif
diff --git a/src/shared/hash_op.c b/src/shared/hash_op.c
index 20b7392..36edfef 100755
--- a/src/shared/hash_op.c
+++ b/src/shared/hash_op.c
@@ -12,9 +12,9 @@
  * License details at the LICENSE file included with OSSEC or
  * online at: http://www.ossec.net/en/licensing.html
  */
+          
 
-
-/* Common API for dealing with hashes/maps */
+/* Common API for dealing with hashes/maps */ 
 
 
 #include "shared.h"
@@ -68,7 +68,7 @@ OSHash *OSHash_Create()
     self->initial_seed = os_getprime(random() % self->rows);
     self->constant = os_getprime(random() % self->rows);
 
-
+    
     return(self);
 }
 
@@ -82,8 +82,8 @@ void *OSHash_Free(OSHash *self)
     int i = 0;
     OSHashNode *curr_node;
     OSHashNode *next_node;
-
-
+    
+    
     /* Freeing each entry */
     while(i <= self->rows)
     {
@@ -103,7 +103,7 @@ void *OSHash_Free(OSHash *self)
     free(self->table);
 
     free(self);
-    return(NULL);
+    return(NULL); 
 }
 
 
@@ -144,7 +144,7 @@ int OSHash_setSize(OSHash *self, int new_size)
         return(1);
     }
 
-
+    
     /* Getting next prime */
     self->rows = os_getprime(new_size);
     if(self->rows == 0)
@@ -152,7 +152,7 @@ int OSHash_setSize(OSHash *self, int new_size)
         return(0);
     }
 
-
+    
     /* If we fail, the hash should not be used anymore */
     self->table = realloc(self->table, (self->rows +1) * sizeof(OSHashNode *));
     if(!self->table)
@@ -187,7 +187,7 @@ int OSHash_Update(OSHash *self, char *key, void *data)
     unsigned int index;
 
     OSHashNode *curr_node;
-
+    
 
     /* Generating hash of the message */
     hash_key = _os_genhash(self, key);
@@ -195,7 +195,7 @@ int OSHash_Update(OSHash *self, char *key, void *data)
 
     /* Getting array index */
     index = hash_key % self->rows;
-
+         
 
     /* Checking for duplicated entries in the index */
     curr_node = self->table[index];
@@ -228,7 +228,7 @@ int OSHash_Add(OSHash *self, char *key, void *data)
 
     OSHashNode *curr_node;
     OSHashNode *new_node;
-
+    
 
     /* Generating hash of the message */
     hash_key = _os_genhash(self, key);
@@ -236,7 +236,7 @@ int OSHash_Add(OSHash *self, char *key, void *data)
 
     /* Getting array index */
     index = hash_key % self->rows;
-
+         
 
     /* Checking for duplicated entries in the index */
     curr_node = self->table[index];
@@ -251,7 +251,7 @@ int OSHash_Add(OSHash *self, char *key, void *data)
         curr_node = curr_node->next;
     }
 
-
+    
     /* Creating new node */
     new_node = calloc(1, sizeof(OSHashNode));
     if(!new_node)
@@ -274,7 +274,7 @@ int OSHash_Add(OSHash *self, char *key, void *data)
         new_node->next = self->table[index];
         self->table[index] = new_node;
     }
-
+    
     return(2);
 }
 
@@ -291,7 +291,7 @@ void *OSHash_Get(OSHash *self, char *key)
     unsigned int index;
 
     OSHashNode *curr_node;
-
+    
 
     /* Generating hash of the message */
     hash_key = _os_genhash(self, key);
@@ -299,7 +299,7 @@ void *OSHash_Get(OSHash *self, char *key)
 
     /* Getting array index */
     index = hash_key % self->rows;
-
+         
 
     /* Getting entry */
     curr_node = self->table[index];
@@ -310,7 +310,7 @@ void *OSHash_Get(OSHash *self, char *key)
         {
             return(curr_node->data);
         }
-
+        
         curr_node = curr_node->next;
     }
 
diff --git a/src/shared/list_op.c b/src/shared/list_op.c
index 660dfbb..9273358 100755
--- a/src/shared/list_op.c
+++ b/src/shared/list_op.c
@@ -10,13 +10,13 @@
  * Foundation
  */
 
-/* Common API for dealing with lists */
+/* Common API for dealing with lists */ 
 
 
 #include "shared.h"
 
 
-/* Create the list
+/* Create the list 
  * Return NULL on error
  */
 OSList *OSList_Create()
@@ -26,14 +26,14 @@ OSList *OSList_Create()
     my_list = calloc(1, sizeof(OSList));
     if(!my_list)
         return(NULL);
-
+    
     my_list->first_node = NULL;
     my_list->last_node = NULL;
     my_list->cur_node = NULL;
     my_list->currently_size = 0;
     my_list->max_size = 0;
     my_list->free_data_function = NULL;
-
+    
     return(my_list);
 }
 
@@ -48,7 +48,7 @@ int OSList_SetMaxSize(OSList *list, int max_size)
     {
         return(0);
     }
-
+    
     /* Minimum size is 1 */
     if(max_size <= 1)
     {
@@ -70,7 +70,7 @@ int OSList_SetFreeDataPointer(OSList *list, void *free_data_function)
     {
         return(0);
     }
-
+    
     list->free_data_function = free_data_function;
     return(1);
 }
@@ -104,12 +104,12 @@ OSListNode *OSList_GetNextNode(OSList *list)
 {
     if(list->cur_node == NULL)
         return(NULL);
-
+        
     list->cur_node = list->cur_node->next;
-
+    
     return(list->cur_node);
 }
-
+  
 
 /* Get the prev node from the list
  * Returns NULL at the beginning
@@ -123,11 +123,11 @@ OSListNode *OSList_GetPrevNode(OSList *list)
 
     return(list->cur_node);
 }
-
+    
 
 /* Get the currently node.
  * Returns null when no currently node is available
- */
+ */  
 OSListNode *OSList_GetCurrentlyNode(OSList *list)
 {
     return(list->cur_node);
@@ -138,15 +138,15 @@ OSListNode *OSList_GetCurrentlyNode(OSList *list)
 void OSList_DeleteOldestNode(OSList *list)
 {
     OSListNode *next;
-
+    
     if(list->first_node)
     {
         next = list->first_node->next;
         if(next)
             next->prev = NULL;
         else
-            list->last_node = next;
-
+            list->last_node = next;    
+        
         free(list->first_node);
         list->first_node = next;
     }
@@ -216,14 +216,14 @@ void OSList_DeleteCurrentlyNode(OSList *list)
 {
     OSListNode *prev;
     OSListNode *next;
-
+   
     if(list->cur_node == NULL)
         return;
-
+    
     prev = list->cur_node->prev;
     next = list->cur_node->next;
 
-
+     
     /* Setting the previous node of the next one
      * and the next node of the previous one.. :)
      */
@@ -247,7 +247,7 @@ void OSList_DeleteCurrentlyNode(OSList *list)
         list->last_node = NULL;
         list->first_node = NULL;
     }
-
+            
     /* Freeing the node memory */
     free(list->cur_node);
 
@@ -263,7 +263,7 @@ void OSList_DeleteCurrentlyNode(OSList *list)
  */
 int OSList_AddData(OSList *list, void *data)
 {
-    OSListNode *newnode;
+    OSListNode *newnode;    
 
 
     /* Allocating memory for new node */
@@ -284,20 +284,20 @@ int OSList_AddData(OSList *list, void *data)
     {
         list->first_node = newnode;
     }
-
+    
     /* If we have a last node, set the next to new node */
     if(list->last_node)
     {
         list->last_node->next = newnode;
     }
-
-
+    
+    
     /* newnode become last node */
     list->last_node = newnode;
 
     /* Increment list size */
     list->currently_size++;
-
+    
     /* if currently_size higher than the maximum size, remove the
      * oldest node (first one)
      */
@@ -315,10 +315,10 @@ int OSList_AddData(OSList *list, void *data)
             {
                 list->free_data_function(list->first_node->data);
             }
-
+            
             /* Clearing the memory */
             free(list->first_node);
-
+            
             /* First node become the ex first->next */
             list->first_node = newnode;
 
@@ -326,7 +326,7 @@ int OSList_AddData(OSList *list, void *data)
             list->currently_size--;
         }
     }
-
+    
     return(1);
 }
 
diff --git a/src/shared/math_op.c b/src/shared/math_op.c
index b08f854..52b0f27 100755
--- a/src/shared/math_op.c
+++ b/src/shared/math_op.c
@@ -25,14 +25,14 @@ int os_getprime(int val)
 {
     int i;
     int max_i;
-
+    
     /* Value can't be even */
     if((val % 2) == 0)
     {
         val++;
     }
-
-
+   
+   
     do
     {
         /* We just need to check odd numbers up until half
diff --git a/src/shared/mem_op.c b/src/shared/mem_op.c
index 8ba4ccb..9cb1597 100755
--- a/src/shared/mem_op.c
+++ b/src/shared/mem_op.c
@@ -86,22 +86,22 @@ void os_FreeArray(char *ch1, char **ch2)
         free(ch1);
         ch1 = NULL;
     }
-
+    
     /* Cleaning chat ** */
     if(ch2)
     {
         char **nch2 = ch2;
-
+            
         while(*ch2 != NULL)
         {
             free(*ch2);
             ch2++;
         }
-
+    
         free(nch2);
         nch2 = NULL;
     }
-
+    
     return;
 }
 
diff --git a/src/shared/mq_op.c b/src/shared/mq_op.c
index 3f1d037..6e1c7e0 100755
--- a/src/shared/mq_op.c
+++ b/src/shared/mq_op.c
@@ -22,12 +22,12 @@
  */
 int StartMQ(char * path, short int type)
 {
-
+    
     if(type == READ)
     {
         return(OS_BindUnixDomain(path, 0660, OS_MAXSTR + 512));
     }
-
+    
     /* We give up to 21 seconds for the other end to
      * start
      */
@@ -63,7 +63,7 @@ int StartMQ(char * path, short int type)
                 sleep(2);
                 if((rc = OS_ConnectUnixDomain(path, OS_MAXSTR + 256)) < 0)
                 {
-                    merror(QUEUE_ERROR, __local_name, path,
+                    merror(QUEUE_ERROR, __local_name, path, 
                            strerror(errno));
                     return(-1);
                 }
@@ -89,8 +89,8 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
 
     /* Checking for global locks */
     os_wait();
-
-
+    
+    
     if(loc == SECURE_MQ)
     {
         loc = message[0];
@@ -101,14 +101,14 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
             merror(FORMAT_ERROR, __local_name);
             return(0);
         }
-
+        
         message++; /* Pointing now to the location */
 
         if(strncmp(message, "keepalive",9) == 0)
         {
             return(0);
         }
-
+        
         snprintf(tmpstr,OS_MAXSTR,"%c:%s->%s",loc, locmsg, message);
     }
     else
@@ -119,7 +119,7 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
     if(queue < 0)
         return(-1);
 
-
+        
     /* We attempt 5 times to send the message if
      * the receiver socket is busy.
      * After the first error, we wait 1 second.
@@ -140,7 +140,7 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
             return(-1);
         }
 
-
+        
         /* Unable to send. Socket busy */
         sleep(1);
         if(OS_SendUnix(queue, tmpstr, 0) < 0)
@@ -163,10 +163,10 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
                     {
                         /* Message is going to be lost
                          * if the application does not care
-                         * about checking the error
-                         */
+                         * about checking the error 
+                         */ 
                         close(queue);
-                        queue = -1;
+                        queue = -1; 
                         return(-1);
                     }
                 }
diff --git a/src/shared/privsep_op.c b/src/shared/privsep_op.c
index b24cb31..1e0ce18 100755
--- a/src/shared/privsep_op.c
+++ b/src/shared/privsep_op.c
@@ -29,30 +29,30 @@
 int Privsep_GetUser(char * name)
 {
     int os_uid = -1;
-
+    
     struct passwd *pw;
     pw = getpwnam(name);
     if(pw == NULL)
         return(OS_INVALID);
 
     os_uid = (int)pw->pw_uid;
-    endpwent();
-
+    endpwent();    
+    
     return(os_uid);
 }
 
 int Privsep_GetGroup(char * name)
 {
     int os_gid = -1;
-
+    
     struct group *grp;
     grp = getgrnam(name);
     if(grp == NULL)
         return(OS_INVALID);
 
     os_gid = (int)grp->gr_gid;
-    endgrent();
-
+    endgrent();    
+    
     return(os_gid);
 }
 
@@ -72,16 +72,16 @@ int Privsep_SetUser(uid_t uid)
 int Privsep_SetGroup(gid_t gid)
 {
     if (setgroups(1, &gid) == -1)
-        return(OS_INVALID);
-
+        return(OS_INVALID);    
+        
     #ifndef HPUX
     if(setegid(gid) < 0)
         return(OS_INVALID);
     #endif
-
+        
     if(setgid(gid) < 0)
         return(OS_INVALID);
-
+        
     return(OS_SUCCESS);
 }
 
@@ -89,12 +89,12 @@ int Privsep_Chroot(char * path)
 {
     if(chdir(path) < 0)
         return(OS_INVALID);
-
+        
     if(chroot(path) < 0)
         return(OS_INVALID);
-
+        
     chdir("/");
-
+        
     return(OS_SUCCESS);
 }
 
diff --git a/src/shared/read-agents.c b/src/shared/read-agents.c
index 814fb9d..e92b8d0 100755
--- a/src/shared/read-agents.c
+++ b/src/shared/read-agents.c
@@ -22,7 +22,7 @@ void free_agents(char **agent_list)
     int i;
     if(!agent_list)
         return;
-
+        
     for(i = 0;;i++)
     {
         if(agent_list[i] == NULL)
@@ -40,8 +40,8 @@ void free_agents(char **agent_list)
 #ifndef WIN32
 
 /* Print syscheck attributes. */
-#define sk_strchr(x,y,z) z = strchr(x, y); if(z == NULL) return(0); else { *z = '\0'; z++; }
-int _do_print_attrs_syscheck(char *prev_attrs, char *attrs, int csv_output,
+#define sk_strchr(x,y,z) z = strchr(x, y); if(z == NULL) return(0); else { *z = '\0'; z++; } 
+int _do_print_attrs_syscheck(char *prev_attrs, char *attrs, int csv_output, 
                              int is_win, int number_of_changes)
 {
     char *p_size, *p_perm, *p_uid, *p_gid, *p_md5, *p_sha1;
@@ -64,7 +64,7 @@ int _do_print_attrs_syscheck(char *prev_attrs, char *attrs, int csv_output,
     sk_strchr(uid, ':', gid);
     sk_strchr(gid, ':', md5);
     sk_strchr(md5, ':', sha1);
-
+    
     p_size = size;
     p_perm = perm;
     p_uid = uid;
@@ -106,14 +106,14 @@ int _do_print_attrs_syscheck(char *prev_attrs, char *attrs, int csv_output,
             case 1:
                 printf("- 1st time modified.\n");
                 break;
-            case 2:
+            case 2:    
                 printf("- 2nd time modified.\n");
                 break;
-            case 3:
+            case 3:    
                 printf("- 3rd time modified.\n");
                 break;
             default:
-                printf("- Being ignored (3 or more changes).\n");
+                printf("- Being ignored (3 or more changes).\n");       
         }
     }
     else
@@ -124,22 +124,22 @@ int _do_print_attrs_syscheck(char *prev_attrs, char *attrs, int csv_output,
 
     perm_str[35] = '\0';
     perm_int = atoi(perm);
-    snprintf(perm_str, 35,
+    snprintf(perm_str, 35, 
              "%c%c%c%c%c%c%c%c%c",
              (perm_int & S_IRUSR)? 'r' : '-',
              (perm_int & S_IWUSR)? 'w' : '-',
-
+             
              (perm_int & S_ISUID)? 's' :
              (perm_int & S_IXUSR)? 'x' : '-',
 
-
+             
              (perm_int & S_IRGRP)? 'r' : '-',
              (perm_int & S_IWGRP)? 'w' : '-',
-
+             
              (perm_int & S_ISGID)? 's' :
              (perm_int & S_IXGRP)? 'x' : '-',
-
-
+             
+             
              (perm_int & S_IROTH)? 'r' : '-',
              (perm_int & S_IWOTH)? 'w' : '-',
              (perm_int & S_ISVTX)? 't' :
@@ -156,7 +156,7 @@ int _do_print_attrs_syscheck(char *prev_attrs, char *attrs, int csv_output,
     }
     printf("   Md5: %s%s\n", (strcmp(md5,p_md5) == 0)? " ": " >", md5);
     printf("   Sha1:%s%s\n", (strcmp(sha1,p_sha1) == 0)? " ": " >", sha1);
-
+    
 
     /* Fixing entries. */
     perm[-1] = ':';
@@ -171,12 +171,12 @@ int _do_print_attrs_syscheck(char *prev_attrs, char *attrs, int csv_output,
 
 
 /* Print information about a specific file. */
-int _do_print_file_syscheck(FILE *fp, char *fname,
+int _do_print_file_syscheck(FILE *fp, char *fname, 
                             int update_counter, int csv_output)
 {
     int f_found = 0;
     struct tm *tm_time;
-
+    
     char read_day[24 +1];
     char buf[OS_MAXSTR + 1];
 
@@ -184,7 +184,7 @@ int _do_print_file_syscheck(FILE *fp, char *fname,
     OSStore *files_list;
 
     fpos_t init_pos;
-
+    
     buf[OS_MAXSTR] = '\0';
     read_day[24] = '\0';
 
@@ -212,8 +212,8 @@ int _do_print_file_syscheck(FILE *fp, char *fname,
         printf("\n** ERROR: fgetpos failed.\n");
         return(0);
     }
-
-
+                                                    
+    
     while(fgets(buf, OS_MAXSTR, fp) != NULL)
     {
         if(buf[0] == '!' || buf[0] == '#' || buf[0] == '+')
@@ -224,15 +224,15 @@ int _do_print_file_syscheck(FILE *fp, char *fname,
             char *changed_attrs;
             char *prev_attrs;
 
-
+            
             if(strlen(buf) < 16)
             {
                 fgetpos(fp, &init_pos);
                 continue;
             }
-
-            /* Removing new line. */
-            buf[strlen(buf) -1] = '\0';
+                
+            /* Removing new line. */    
+            buf[strlen(buf) -1] = '\0';    
 
 
             /* with update counter, we only modify the last entry. */
@@ -259,26 +259,26 @@ int _do_print_file_syscheck(FILE *fp, char *fname,
 
             changed_attrs = buf + 3;
 
-
+            
             changed_file_name = strchr(changed_attrs, '!');
             if(!changed_file_name)
             {
                 fgetpos(fp, &init_pos);
                 continue;
             }
-
-
+            
+            
             /* Getting time of change. */
             changed_file_name[-1] = '\0';
             changed_file_name++;
             change_time = (time_t)atoi(changed_file_name);
-
+            
             changed_file_name = strchr(changed_file_name, ' ');
-            changed_file_name++;
-
+            changed_file_name++; 
+    
 
             /* Checking if the name should be printed. */
-            if(!OSMatch_Execute(changed_file_name, strlen(changed_file_name),
+            if(!OSMatch_Execute(changed_file_name, strlen(changed_file_name), 
                                 &reg))
             {
                 fgetpos(fp, &init_pos);
@@ -287,8 +287,8 @@ int _do_print_file_syscheck(FILE *fp, char *fname,
 
 
             f_found = 1;
-
-
+            
+            
             /* Reset the values. */
             if(update_counter)
             {
@@ -319,45 +319,45 @@ int _do_print_file_syscheck(FILE *fp, char *fname,
                     }
                 }
 
-                printf("\n**Counter updated for file '%s'\n\n",
+                printf("\n**Counter updated for file '%s'\n\n", 
                        changed_file_name);
                 return(0);
             }
 
-
+            
             tm_time = localtime(&change_time);
             strftime(read_day, 23, "%Y %h %d %T", tm_time);
-
-            if(!csv_output)
-                printf("\n%s,%d - %s\n", read_day, number_changes,
+            
+            if(!csv_output)           
+                printf("\n%s,%d - %s\n", read_day, number_changes, 
                                        changed_file_name);
-            else
-                printf("%s,%s,%d\n", read_day, changed_file_name,
+            else    
+                printf("%s,%s,%d\n", read_day, changed_file_name, 
                                      number_changes);
-
-
+            
+           
             prev_attrs = OSStore_Get(files_list, changed_file_name);
             if(prev_attrs)
             {
                 char *new_attrs;
                 os_strdup(changed_attrs, new_attrs);
-                _do_print_attrs_syscheck(prev_attrs, changed_attrs,
-                                         csv_output,
+                _do_print_attrs_syscheck(prev_attrs, changed_attrs, 
+                                         csv_output, 
                                          changed_file_name[0] == '/'?0:1,
                                          number_changes);
-
+                
                 free(files_list->cur_node->data);
-                files_list->cur_node->data = new_attrs;
+                files_list->cur_node->data = new_attrs;    
             }
             else
             {
                 char *new_name;
                 char *new_attrs;
-
+                
                 os_strdup(changed_attrs, new_attrs);
                 os_strdup(changed_file_name, new_name);
                 OSStore_Put(files_list, new_name, new_attrs);
-                _do_print_attrs_syscheck(NULL,
+                _do_print_attrs_syscheck(NULL, 
                                          changed_attrs, csv_output,
                                          changed_file_name[0] == '/'?0:1,
                                          number_changes);
@@ -372,7 +372,7 @@ int _do_print_file_syscheck(FILE *fp, char *fname,
         printf("\n** No entries found.\n");
     }
     OSMatch_FreePattern(&reg);
-
+    
     return(0);
 }
 
@@ -383,16 +383,16 @@ int _do_print_syscheck(FILE *fp, int all_files, int csv_output)
 {
     int f_found = 0;
     struct tm *tm_time;
-
+    
     char read_day[24 +1];
     char saved_read_day[24 +1];
     char buf[OS_MAXSTR + 1];
-
+    
     buf[OS_MAXSTR] = '\0';
     read_day[24] = '\0';
     saved_read_day[0] = '\0';
     saved_read_day[24] = '\0';
-
+    
     while(fgets(buf, OS_MAXSTR, fp) != NULL)
     {
         if(buf[0] == '!' || buf[0] == '#')
@@ -401,13 +401,13 @@ int _do_print_syscheck(FILE *fp, int all_files, int csv_output)
             time_t change_time = 0;
             char *changed_file_name;
 
-
+            
             if(strlen(buf) < 16)
                 continue;
-
-            /* Removing new line. */
-            buf[strlen(buf) -1] = '\0';
-
+                
+            /* Removing new line. */    
+            buf[strlen(buf) -1] = '\0';    
+                
 
             /* Checking number of changes. */
             if(buf[1] == '!')
@@ -422,23 +422,23 @@ int _do_print_syscheck(FILE *fp, int all_files, int csv_output)
                     number_changes = 4;
                 }
             }
-
+            
 
             changed_file_name = strchr(buf +3, '!');
             if(!changed_file_name)
                 continue;
-
-
+    
+    
             f_found = 1;
-
-
+                    
+            
             /* Getting time of change. */
             changed_file_name++;
             change_time = atoi(changed_file_name);
-
+            
             changed_file_name = strchr(changed_file_name, ' ');
-            changed_file_name++;
-
+            changed_file_name++; 
+    
             tm_time = localtime(&change_time);
             strftime(read_day, 23, "%Y %h %d", tm_time);
             if(strcmp(read_day, saved_read_day) != 0)
@@ -448,12 +448,12 @@ int _do_print_syscheck(FILE *fp, int all_files, int csv_output)
                 strncpy(saved_read_day, read_day, 23);
             }
             strftime(read_day, 23, "%Y %h %d %T", tm_time);
-
-            if(!csv_output)
-                printf("%s,%d - %s\n", read_day, number_changes,
+            
+            if(!csv_output)           
+                printf("%s,%d - %s\n", read_day, number_changes, 
                                        changed_file_name);
-            else
-                printf("%s,%s,%d\n", read_day, changed_file_name,
+            else    
+                printf("%s,%s,%d\n", read_day, changed_file_name, 
                                      number_changes);
         }
     }
@@ -462,13 +462,13 @@ int _do_print_syscheck(FILE *fp, int all_files, int csv_output)
     {
         printf("\n** No entries found.\n");
     }
-
+                            
     return(0);
 }
 
 
 /* Print syscheck db (of modified files. */
-int print_syscheck(char *sk_name, char *sk_ip, char *fname, int print_registry,
+int print_syscheck(char *sk_name, char *sk_ip, char *fname, int print_registry, 
                    int all_files, int csv_output, int update_counter)
 {
     FILE *fp;
@@ -493,7 +493,7 @@ int print_syscheck(char *sk_name, char *sk_ip, char *fname, int print_registry,
 
         fp = fopen(tmp_file, "r+");
     }
-
+    
     else if(!print_registry)
     {
         /* Printing database */
@@ -560,12 +560,12 @@ int _do_get_rootcheckscan(FILE *fp)
 
 
 /* Print syscheck db (of modified files. */
-int _do_print_rootcheck(FILE *fp, int resolved, int time_last_scan,
+int _do_print_rootcheck(FILE *fp, int resolved, int time_last_scan, 
                         int csv_output, int show_last)
 {
     int i = 0;
     int f_found = 0;
-
+    
     /* Current time. */
     time_t c_time;
 
@@ -573,7 +573,7 @@ int _do_print_rootcheck(FILE *fp, int resolved, int time_last_scan,
     time_t s_time = 0;
     time_t i_time = 0;
     struct tm *tm_time;
-
+    
     char old_day[24 +1];
     char read_day[24 +1];
     char buf[OS_MAXSTR + 1];
@@ -589,14 +589,14 @@ int _do_print_rootcheck(FILE *fp, int resolved, int time_last_scan,
     char *(ns_events[]) = {"Application Found:",
                            "Windows Audit:",
                            "Windows Malware:",
-                           NULL};
-
+                           NULL}; 
+                           
 
     buf[OS_MAXSTR] = '\0';
     old_day[24] = '\0';
     read_day[24] = '\0';
 
-
+    
     c_time = time(0);
     fseek(fp, 0, SEEK_SET);
 
@@ -607,13 +607,13 @@ int _do_print_rootcheck(FILE *fp, int resolved, int time_last_scan,
         {
             tm_time = localtime((time_t *)&time_last_scan);
             strftime(read_day, 23, "%Y %h %d %T", tm_time);
-
+                    
             printf("\nLast scan: %s\n\n", read_day);
         }
         else if(resolved)
             printf("\nResolved events: \n\n");
         else
-            printf("\nOutstanding events: \n\n");
+            printf("\nOutstanding events: \n\n");    
     }
 
 
@@ -629,7 +629,7 @@ int _do_print_rootcheck(FILE *fp, int resolved, int time_last_scan,
         if(tmp_str)
             *tmp_str = '\0';
 
-
+        
         /* Getting initial time. */
         tmp_str = strchr(buf + 1, '!');
         if(!tmp_str)
@@ -643,10 +643,10 @@ int _do_print_rootcheck(FILE *fp, int resolved, int time_last_scan,
         tmp_str = strchr(tmp_str, ' ');
         if(!tmp_str)
             continue;
-        tmp_str++;
-
-
+        tmp_str++;    
+                
 
+       
         /* Checking for resolved. */
         if(time_last_scan > (s_time + 86400))
         {
@@ -670,12 +670,12 @@ int _do_print_rootcheck(FILE *fp, int resolved, int time_last_scan,
         {
             if(strncmp(tmp_str, ig_events[i], strlen(ig_events[i]) -1) == 0)
                 break;
-            i++;
+            i++;        
         }
         if(ig_events[i])
             continue;
 
-
+        
         /* Checking events that are not system audit. */
         i = 0;
         while(ns_events[i])
@@ -684,13 +684,13 @@ int _do_print_rootcheck(FILE *fp, int resolved, int time_last_scan,
                 break;
             i++;
         }
-
+        
 
         tm_time = localtime((time_t *)&s_time);
         strftime(read_day, 23, "%Y %h %d %T", tm_time);
         tm_time = localtime((time_t *)&i_time);
         strftime(old_day, 23, "%Y %h %d %T", tm_time);
-
+        
 
         if(!csv_output)
         {
@@ -711,11 +711,11 @@ int _do_print_rootcheck(FILE *fp, int resolved, int time_last_scan,
             printf("%s,%s,%s,%s%s\n", resolved == 0?"outstanding":"resolved",
                                        read_day, old_day,
                                        ns_events[i] != NULL?"":"System Audit: ",
-                                       tmp_str);
+                                       tmp_str); 
         }
-
-
-
+        
+        
+        
         f_found++;
     }
 
@@ -723,14 +723,14 @@ int _do_print_rootcheck(FILE *fp, int resolved, int time_last_scan,
     {
         printf("** No entries found.\n");
     }
-
+                            
     return(0);
 }
 
 
 
 /* Print rootcheck db */
-int print_rootcheck(char *sk_name, char *sk_ip, char *fname, int resolved,
+int print_rootcheck(char *sk_name, char *sk_ip, char *fname, int resolved, 
                     int csv_output, int show_last)
 {
     int ltime = 0;
@@ -748,7 +748,7 @@ int print_rootcheck(char *sk_name, char *sk_ip, char *fname, int resolved,
 
         fp = fopen(tmp_file, "r+");
     }
-
+    
     else
     {
         /* Printing database */
@@ -793,14 +793,14 @@ int print_rootcheck(char *sk_name, char *sk_ip, char *fname, int resolved,
 #endif
 
 
-/* Delete syscheck db */
+/* Delete syscheck db */ 
 int delete_syscheck(char *sk_name, char *sk_ip, int full_delete)
 {
     FILE *fp;
     char tmp_file[513];
 
     tmp_file[512] = '\0';
-
+    
     /* Deleting related files */
     snprintf(tmp_file, 512, "%s/(%s) %s->syscheck",
             SYSCHECK_DIR,
@@ -811,7 +811,7 @@ int delete_syscheck(char *sk_name, char *sk_ip, int full_delete)
     if(fp)
         fclose(fp);
 
-    if(full_delete)
+    if(full_delete)    
         unlink(tmp_file);
 
 
@@ -856,14 +856,14 @@ int delete_syscheck(char *sk_name, char *sk_ip, int full_delete)
 
 
 
-/* Delete rootcheck db */
+/* Delete rootcheck db */ 
 int delete_rootcheck(char *sk_name, char *sk_ip, int full_delete)
 {
     FILE *fp;
     char tmp_file[513];
 
     tmp_file[512] = '\0';
-
+    
     /* Deleting related files */
     snprintf(tmp_file, 512, "%s/(%s) %s->rootcheck",
             ROOTCHECK_DIR,
@@ -874,7 +874,7 @@ int delete_rootcheck(char *sk_name, char *sk_ip, int full_delete)
     if(fp)
         fclose(fp);
 
-    if(full_delete)
+    if(full_delete)    
         unlink(tmp_file);
 
 
@@ -911,11 +911,11 @@ int delete_agentinfo(char *name)
 
     /* Deleting syscheck */
     delete_syscheck(sk_name, sk_ip, 1);
-
+    
     return(1);
 }
 
-
+ 
 
 /** char *print_agent_status(int status)
  * Prints the text representation of the agent status.
@@ -951,7 +951,7 @@ int send_msg_to_agent(int msocket, char *msg, char *agt_id, char *exec)
     char agt_msg[OS_SIZE_1024 +1];
 
     agt_msg[OS_SIZE_1024] = '\0';
-
+    
 
     if(!exec)
     {
@@ -977,7 +977,7 @@ int send_msg_to_agent(int msocket, char *msg, char *agt_id, char *exec)
 
     }
 
-
+    
     if((rc = OS_SendUnix(msocket, agt_msg, 0)) < 0)
     {
         if(rc == OS_SOCKBUSY)
@@ -1006,7 +1006,7 @@ int send_msg_to_agent(int msocket, char *msg, char *agt_id, char *exec)
 int connect_to_remoted()
 {
     int arq = -1;
-
+    
     if((arq = StartMQ(ARQUEUE, WRITE)) < 0)
     {
         merror(ARQ_ERROR, __local_name);
@@ -1030,15 +1030,15 @@ int _get_time_rkscan(char *agent_name, char *agent_ip, agent_info *agt_info)
     /* Agent name of null, means it is the server info. */
     if(agent_name == NULL)
     {
-        snprintf(buf, 1024, "%s/rootcheck",
+        snprintf(buf, 1024, "%s/rootcheck", 
                       ROOTCHECK_DIR);
     }
     else
     {
-        snprintf(buf, 1024, "%s/(%s) %s->rootcheck",
+        snprintf(buf, 1024, "%s/(%s) %s->rootcheck", 
                       ROOTCHECK_DIR, agent_name, agent_ip);
     }
-
+    
 
     /* If file is not there, set to unknown. */
     fp = fopen(buf, "r");
@@ -1050,7 +1050,7 @@ int _get_time_rkscan(char *agent_name, char *agent_ip, agent_info *agt_info)
         os_strdup("Unknown", agt_info->syscheck_endtime);
         return(0);
     }
-
+    
 
     while(fgets(buf, 1024, fp) != NULL)
     {
@@ -1076,7 +1076,7 @@ int _get_time_rkscan(char *agent_name, char *agent_ip, agent_info *agt_info)
             tmp_str = strchr(agt_info->syscheck_time, '\n');
             if(tmp_str)
                 *tmp_str = '\0';
-
+                
             continue;
         }
 
@@ -1094,10 +1094,10 @@ int _get_time_rkscan(char *agent_name, char *agent_ip, agent_info *agt_info)
             tmp_str = strchr(agt_info->syscheck_endtime, '\n');
             if(tmp_str)
                 *tmp_str = '\0';
-
+                
             continue;
         }
-
+        
 
         tmp_str = strstr(buf, "Starting rootcheck scan");
         if(tmp_str)
@@ -1146,7 +1146,7 @@ int _get_time_rkscan(char *agent_name, char *agent_ip, agent_info *agt_info)
         os_strdup("Unknown", agt_info->syscheck_time);
     if(!agt_info->syscheck_endtime)
         os_strdup("Unknown", agt_info->syscheck_endtime);
-
+            
     fclose(fp);
     return(0);
 }
@@ -1165,7 +1165,7 @@ char *_get_agent_keepalive(char *agent_name, char *agent_ip)
     {
         return(strdup("Not available"));
     }
-
+    
     snprintf(buf, 1024, "%s/%s-%s", AGENTINFO_DIR, agent_name, agent_ip);
     if(stat(buf, &file_status) < 0)
     {
@@ -1184,7 +1184,7 @@ int _get_agent_os(char *agent_name, char *agent_ip, agent_info *agt_info)
     FILE *fp;
     char buf[1024 +1];
 
-
+    
     /* Getting server info. */
     if(!agent_name)
     {
@@ -1217,7 +1217,7 @@ int _get_agent_os(char *agent_name, char *agent_ip, agent_info *agt_info)
         return(0);
     }
 
-
+    
     snprintf(buf, 1024, "%s/%s-%s", AGENTINFO_DIR, agent_name, agent_ip);
     fp = fopen(buf, "r");
     if(!fp)
@@ -1226,8 +1226,8 @@ int _get_agent_os(char *agent_name, char *agent_ip, agent_info *agt_info)
         os_strdup("Unknown", agt_info->version);
         return(0);
     }
-
-
+    
+    
     if(fgets(buf, 1024, fp))
     {
         char *ossec_version = NULL;
@@ -1236,8 +1236,8 @@ int _get_agent_os(char *agent_name, char *agent_ip, agent_info *agt_info)
         ossec_version = strchr(buf, '\n');
         if(ossec_version)
             *ossec_version = '\0';
-
-
+        
+        
         ossec_version = strstr(buf, " - ");
         if(ossec_version)
         {
@@ -1263,10 +1263,10 @@ int _get_agent_os(char *agent_name, char *agent_ip, agent_info *agt_info)
     }
 
     fclose(fp);
-
+    
     os_strdup("Unknown", agt_info->os);
     os_strdup("Unknown", agt_info->version);
-
+    
     return(0);
 }
 
@@ -1280,7 +1280,7 @@ agent_info *get_agent_info(char *agent_name, char *agent_ip)
     char tmp_file[513];
     char *agent_ip_pt = NULL;
     char *tmp_str = NULL;
-
+    
     agent_info *agt_info = NULL;
 
     tmp_file[512] = '\0';
@@ -1318,7 +1318,7 @@ agent_info *get_agent_info(char *agent_name, char *agent_ip)
     if(tmp_str)
         *tmp_str = '\0';
 
-
+        
 
     /* Setting back the ip address. */
     if(agent_ip_pt)
@@ -1339,7 +1339,7 @@ int get_agent_status(char *agent_name, char *agent_ip)
 {
     char tmp_file[513];
     char *agent_ip_pt = NULL;
-
+    
     struct stat file_status;
 
     tmp_file[512] = '\0';
@@ -1348,9 +1348,9 @@ int get_agent_status(char *agent_name, char *agent_ip)
     /* Server info. */
     if(agent_name == NULL)
     {
-        return(GA_STATUS_ACTIVE);
+        return(GA_STATUS_ACTIVE);     
     }
-
+    
 
     /* Removing the  "/", since it is not present on the file. */
     if((agent_ip_pt = strchr(agent_ip, '/')))
@@ -1372,7 +1372,7 @@ int get_agent_status(char *agent_name, char *agent_ip)
     {
         return(GA_STATUS_INV);
     }
-
+    
 
     if(file_status.st_mtime > (time(0) - (3*NOTIFY_TIME + 30)))
     {
@@ -1383,28 +1383,28 @@ int get_agent_status(char *agent_name, char *agent_ip)
 }
 
 
-
+ 
 /* List available agents.
  */
 char **get_agents(int flag)
 {
     int f_size = 0;
-
+    
     char **f_files = NULL;
     DIR *dp;
 
     struct dirent *entry;
-
+    
     /* Opening the directory given */
     dp = opendir(AGENTINFO_DIR);
-    if(!dp)
+    if(!dp) 
     {
         merror("%s: Error opening directory: '%s': %s ",
                 __local_name,
                 AGENTINFO_DIR,
                 strerror(errno));
         return(NULL);
-    }
+    }   
 
 
     /* Reading directory */
@@ -1413,7 +1413,7 @@ char **get_agents(int flag)
         int status = 0;
         char tmp_file[513];
         tmp_file[512] = '\0';
-
+        
         /* Just ignore . and ..  */
         if((strcmp(entry->d_name,".") == 0) ||
            (strcmp(entry->d_name,"..") == 0))
@@ -1428,7 +1428,7 @@ char **get_agents(int flag)
 
             if(stat(tmp_file, &file_status) < 0)
                 continue;
-
+            
             if(file_status.st_mtime > (time(0) - (3*NOTIFY_TIME + 30)))
             {
                 status = 1;
@@ -1441,7 +1441,7 @@ char **get_agents(int flag)
                     continue;
             }
         }
-
+        
         f_files = (char **)realloc(f_files, (f_size +2) * sizeof(char *));
         if(!f_files)
         {
@@ -1453,9 +1453,9 @@ char **get_agents(int flag)
         if(flag == GA_ALL_WSTATUS)
         {
            char agt_stat[512];
-
+           
            snprintf(agt_stat, sizeof(agt_stat) -1, "%s %s",
-                    entry->d_name, status == 1?"active":"disconnected");
+                    entry->d_name, status == 1?"active":"disconnected"); 
 
            os_strdup(agt_stat, f_files[f_size]);
         }
@@ -1463,15 +1463,15 @@ char **get_agents(int flag)
         {
             os_strdup(entry->d_name, f_files[f_size]);
         }
-
+        
         f_files[f_size +1] = NULL;
-
+        
         f_size++;
     }
-
+    
     closedir(dp);
     return(f_files);
 }
 
-
+ 
 /* EOF */
diff --git a/src/shared/read-alert.c b/src/shared/read-alert.c
index b5d8a3b..fbf84d0 100755
--- a/src/shared/read-alert.c
+++ b/src/shared/read-alert.c
@@ -48,9 +48,9 @@
 #define NEWMD5_BEGIN      "New md5sum is : "
 #define NEWMD5_BEGIN_SZ   16
 #define OLDSHA1_BEGIN     "Old sha1sum was: "
-#define OLDSHA1_BEGIN_SZ  17
+#define OLDSHA1_BEGIN_SZ  17 
 #define NEWSHA1_BEGIN     "New sha1sum is : "
-#define NEWSHA1_BEGIN_SZ  17
+#define NEWSHA1_BEGIN_SZ  17 
 
 
 /** void FreeAlertData(alert_data *al_data)
@@ -59,7 +59,7 @@
 void FreeAlertData(alert_data *al_data)
 {
     char **p;
-
+ 
     if(al_data->alertid)
     {
         free(al_data->alertid);
@@ -124,7 +124,7 @@ void FreeAlertData(alert_data *al_data)
     {
         free(al_data->new_sha1);
         al_data->new_sha1 = NULL;
-    }
+    }    
     if(al_data->log)
     {
         p = al_data->log;
@@ -182,15 +182,15 @@ alert_data *GetAlertData(int flag, FILE *fp)
     char *geoipdatadst = NULL;
 #endif
     int level, rule, srcport = 0, dstport = 0;
-
-
+  
+    
     char str[OS_BUFFER_SIZE+1];
     str[OS_BUFFER_SIZE]='\0';
 
 
     while(fgets(str, OS_BUFFER_SIZE, fp) != NULL)
     {
-
+        
         /* Enf of alert */
         if(strcmp(str, "\n") == 0 && log_size > 0)
         {
@@ -222,13 +222,13 @@ alert_data *GetAlertData(int flag, FILE *fp)
                 al_data->old_sha1 = old_sha1;
                 al_data->new_sha1 = new_sha1;
 
-
+               
                 return(al_data);
             }
             _r = 0;
         }
-
-
+        
+        
         /* Checking for the header */
         if(strncmp(ALERT_BEGIN, str, ALERT_BEGIN_SZ) == 0)
         {
@@ -246,7 +246,7 @@ alert_data *GetAlertData(int flag, FILE *fp)
             os_realloc(alertid, (z + 1)*sizeof(char *), alertid);
             strncpy(alertid, p, z);
             alertid[z] = '\0';
-
+            
             /* Searching for email flag */
             p = strchr(p, ' ');
             if(!p)
@@ -255,10 +255,10 @@ alert_data *GetAlertData(int flag, FILE *fp)
             }
 
             p++;
-
-
-            /* Checking for the flags */
-            if((flag & CRALERT_MAIL_SET) &&
+        
+        
+            /* Checking for the flags */    
+            if((flag & CRALERT_MAIL_SET) && 
                (strncmp(ALERT_MAIL, p, ALERT_MAIL_SZ) != 0))
             {
                 continue;
@@ -286,16 +286,16 @@ alert_data *GetAlertData(int flag, FILE *fp)
 
         if(_r < 1)
             continue;
-
-
+            
+            
         /*** Extract information from the event ***/
-
+        
         /* r1 means: 2006 Apr 13 16:15:17 /var/log/auth.log */
         if(_r == 1)
         {
             /* Clear new line */
             os_clearnl(str, p);
-
+             
             p = strchr(str, ':');
             if(p)
             {
@@ -318,22 +318,22 @@ alert_data *GetAlertData(int flag, FILE *fp)
             /* If not, str is date and p is the location */
             if(date || location)
                 merror("ZZZ Merror date or location not NULL");
-
+            
             os_strdup(str, date);
-            os_strdup(p, location);
+            os_strdup(p, location);    
             _r = 2;
             log_size = 0;
             continue;
         }
 
-
+        
         else if(_r == 2)
         {
             /* Rule begin */
             if(strncmp(RULE_BEGIN, str, RULE_BEGIN_SZ) == 0)
             {
                 os_clearnl(str,p);
-
+                
                 p = str + RULE_BEGIN_SZ;
                 rule = atoi(p);
 
@@ -348,17 +348,17 @@ alert_data *GetAlertData(int flag, FILE *fp)
 
                 if(!p)
                     goto l_error;
-
+                
                 level = atoi(p);
-
+                
                 /* Getting the comment */
                 p = strchr(p, '\'');
                 if(!p)
                     goto l_error;
-
+                
                 p++;
                 os_strdup(p, comment);
-
+                
                 /* Must have the closing \' */
                 p = strrchr(comment, '\'');
                 if(p)
@@ -370,12 +370,12 @@ alert_data *GetAlertData(int flag, FILE *fp)
                     goto l_error;
                 }
             }
-
+            
             /* srcip */
             else if(strncmp(SRCIP_BEGIN, str, SRCIP_BEGIN_SZ) == 0)
             {
                 os_clearnl(str,p);
-
+                
                 p = str + SRCIP_BEGIN_SZ;
                 os_strdup(p, srcip);
             }
@@ -392,7 +392,7 @@ alert_data *GetAlertData(int flag, FILE *fp)
             else if(strncmp(SRCPORT_BEGIN, str, SRCPORT_BEGIN_SZ) == 0)
             {
                 os_clearnl(str,p);
-
+                
                 p = str + SRCPORT_BEGIN_SZ;
                 srcport = atoi(p);
             }
@@ -400,7 +400,7 @@ alert_data *GetAlertData(int flag, FILE *fp)
             else if(strncmp(DSTIP_BEGIN, str, DSTIP_BEGIN_SZ) == 0)
             {
                 os_clearnl(str,p);
-
+                
                 p = str + DSTIP_BEGIN_SZ;
                 os_strdup(p, dstip);
             }
@@ -417,7 +417,7 @@ alert_data *GetAlertData(int flag, FILE *fp)
             else if(strncmp(DSTPORT_BEGIN, str, DSTPORT_BEGIN_SZ) == 0)
             {
                 os_clearnl(str,p);
-
+                
                 p = str + DSTPORT_BEGIN_SZ;
                 dstport = atoi(p);
             }
@@ -425,7 +425,7 @@ alert_data *GetAlertData(int flag, FILE *fp)
             else if(strncmp(USER_BEGIN, str, USER_BEGIN_SZ) == 0)
             {
                 os_clearnl(str,p);
-
+                
                 p = str + USER_BEGIN_SZ;
                 os_strdup(p, user);
             }
@@ -475,12 +475,12 @@ alert_data *GetAlertData(int flag, FILE *fp)
                         {
                             filename[strlen(filename) -1] = '\0';
                         }
-                    }
+                    } 
                     issyscheck = 0;
                 }
-
+                
                 os_realloc(log, (log_size +2)*sizeof(char *), log);
-                os_strdup(str, log[log_size]);
+                os_strdup(str, log[log_size]); 
                 log_size++;
                 log[log_size] = NULL;
             }
@@ -488,7 +488,7 @@ alert_data *GetAlertData(int flag, FILE *fp)
 
         continue;
         l_error:
-
+        
         /* Freeing the memory */
         _r = 0;
         if(date)
@@ -561,6 +561,11 @@ alert_data *GetAlertData(int flag, FILE *fp)
             free(new_sha1);
             new_sha1 = NULL;
         }
+        if(alertid)
+	{
+	    free(alertid);
+	    alertid = NULL;
+	}
         while(log_size > 0)
         {
             log_size--;
@@ -572,12 +577,6 @@ alert_data *GetAlertData(int flag, FILE *fp)
         }
     }
 
-    if(alertid)
-	{
-		free(alertid);
-		alertid = NULL;
-	}
-
     /* We need to clean end of file before returning */
     clearerr(fp);
     return(NULL);
diff --git a/src/shared/regex_op.c b/src/shared/regex_op.c
index 8bb0322..c0ddaaf 100755
--- a/src/shared/regex_op.c
+++ b/src/shared/regex_op.c
@@ -24,11 +24,11 @@
 int OS_PRegex(char *str, char *regex)
 {
     regex_t preg;
-
+    
     if(!str || !regex)
         return(0);
-
-
+    
+    
     if(regcomp(&preg, regex, REG_EXTENDED|REG_NOSUB) != 0)
     {
         merror("%s: Posix Regex compile error (%s).", __local_name, regex);
@@ -44,7 +44,7 @@ int OS_PRegex(char *str, char *regex)
 
     regfree(&preg);
     return(1);
-
+    
 }
 
 #endif
diff --git a/src/shared/report_op.c b/src/shared/report_op.c
index 0b20d37..1c4eea7 100755
--- a/src/shared/report_op.c
+++ b/src/shared/report_op.c
@@ -36,12 +36,12 @@ void l_print_out(const char *msg, ...)
 
 
 /* Sort function used by OSStore sort.
- * Returns if d1 > d2.
+ * Returns if d1 > d2. 
  */
 void *_os_report_sort_compare(void *d1, void *d2)
 {
    OSList *d1l = (OSList *)d1;
-   OSList *d2l = (OSList *)d2;
+   OSList *d2l = (OSList *)d2; 
 
    if(d1l->currently_size > d2l->currently_size)
    {
@@ -72,7 +72,7 @@ void _os_header_print(int t, char *hname)
 int _os_report_str_int_compare(char *str, int id)
 {
     int pt_check = 0;
-
+    
     do
     {
         if((*str == ',')||(*str == ' '))
@@ -227,7 +227,7 @@ int _report_filter_value(char *filter_by, int prev_filter)
     {
         merror("%s: ERROR: Invalid relation '%s'.", __local_name, filter_by);
         return(-1);
-    }
+    }   
 }
 
 
@@ -238,13 +238,13 @@ int _os_report_print_related(int print_related, OSList *st_data)
     OSListNode *list_entry;
     alert_data *list_aldata;
     alert_data *saved_aldata;
-
-
+    
+                
     list_entry = OSList_GetFirstNode(st_data);
     while(list_entry)
     {
         saved_aldata = (alert_data *)list_entry->data;
-
+        
         /* Removing duplicates. */
         list_entry = list_entry->prev;
         while(list_entry)
@@ -382,7 +382,7 @@ void os_report_printtop(void *topstore_pt, char *hname, int print_related)
     int dopdout = 0;
     OSStore *topstore = (OSStore *)topstore_pt;
     OSStoreNode *next_node;
-
+    
     next_node = OSStore_GetFirstNode(topstore);
     while(next_node)
     {
@@ -393,11 +393,11 @@ void os_report_printtop(void *topstore_pt, char *hname, int print_related)
         /* With location we leave more space to be clearer. */
         if(!print_related)
         {
-            if(strlen(lkey) > 76)
+            if(strlen(lkey) > 46)
             {
-                lkey[74] = '.';
-                lkey[75] = '.';
-                lkey[76] = '\0';
+                lkey[44] = '.';
+                lkey[45] = '.';
+                lkey[46] = '\0';
             }
 
             if(!dopdout)
@@ -405,7 +405,7 @@ void os_report_printtop(void *topstore_pt, char *hname, int print_related)
                 _os_header_print(print_related, hname);
                 dopdout = 1;
             }
-            l_print_out("%-78s|%-8d|", (char *)next_node->key, st_data->currently_size);
+            l_print_out("%-48s|%-8d|", (char *)next_node->key, st_data->currently_size);
         }
 
 
@@ -417,7 +417,7 @@ void os_report_printtop(void *topstore_pt, char *hname, int print_related)
                 _os_header_print(print_related, hname);
                 dopdout = 1;
             }
-            l_print_out("%-78s|%-8d|", (char *)next_node->key, st_data->currently_size);
+            l_print_out("%-48s|%-8d|", (char *)next_node->key, st_data->currently_size);
 
             if(print_related & REPORT_REL_LOCATION)
                 _os_report_print_related(REPORT_REL_LOCATION, st_data);
@@ -445,7 +445,7 @@ void os_report_printtop(void *topstore_pt, char *hname, int print_related)
         l_print_out(" ");
         l_print_out(" ");
     }
-    return;
+    return; 
 }
 
 
@@ -457,11 +457,11 @@ void os_ReportdStart(report_filter *r_filter)
     char *first_alert = NULL;
     char *last_alert = NULL;
     void **data_to_clean = NULL;
-
-
-    time_t tm;
-    struct tm *p;
-
+    
+    
+    time_t tm;     
+    struct tm *p;       
+    
 
     file_queue *fileq;
     alert_data *al_data;
@@ -504,7 +504,7 @@ void os_ReportdStart(report_filter *r_filter)
     r_filter->top_group = OSStore_Create();
     r_filter->top_location = OSStore_Create();
     r_filter->top_files = OSStore_Create();
-
+    
     Init_FileQueue(fileq, p, CRALERT_READ_ALL|CRALERT_FP_SET);
 
 
@@ -520,7 +520,7 @@ void os_ReportdStart(report_filter *r_filter)
         }
 
         alerts_processed++;
-
+        
 
         /* Checking the filters. */
         if(!_os_report_check_filters(al_data, r_filter))
@@ -528,8 +528,8 @@ void os_ReportdStart(report_filter *r_filter)
             FreeAlertData(al_data);
             continue;
         }
-
-
+        
+        
         alerts_filtered++;
         data_to_clean = os_AddPtArray(al_data, data_to_clean);
 
@@ -538,13 +538,13 @@ void os_ReportdStart(report_filter *r_filter)
         if(!first_alert)
             first_alert = al_data->date;
         last_alert = al_data->date;
-
-
+        
+        
         /* Adding source ip if it is set properly. */
         if(al_data->srcip != NULL && strcmp(al_data->srcip, "(none)") != 0)
             _os_report_add_tostore(al_data->srcip, r_filter->top_srcip, al_data);
 
-
+        
         /* Adding user if it is set properly. */
         if(al_data->user != NULL && strcmp(al_data->user, "(none)") != 0)
             _os_report_add_tostore(al_data->user, r_filter->top_user, al_data);
@@ -557,10 +557,10 @@ void os_ReportdStart(report_filter *r_filter)
             mrule[76] = '\0';
             snprintf(mlevel, 16, "Severity %d" , al_data->level);
             snprintf(mrule, 76, "%d - %s" , al_data->rule, al_data->comment);
-
-            _os_report_add_tostore(strdup(mlevel), r_filter->top_level,
+            
+            _os_report_add_tostore(strdup(mlevel), r_filter->top_level, 
                                    al_data);
-            _os_report_add_tostore(strdup(mrule), r_filter->top_rule,
+            _os_report_add_tostore(strdup(mrule), r_filter->top_rule, 
                                    al_data);
         }
 
@@ -582,8 +582,8 @@ void os_ReportdStart(report_filter *r_filter)
                         mgroup++;
                         continue;
                     }
-
-                    _os_report_add_tostore(tmp_str, r_filter->top_group,
+                    
+                    _os_report_add_tostore(tmp_str, r_filter->top_group, 
                                            al_data);
                     mgroup++;
                 }
@@ -595,21 +595,21 @@ void os_ReportdStart(report_filter *r_filter)
                     tmp_str++;
                 if(*tmp_str != '\0')
                 {
-                    _os_report_add_tostore(tmp_str, r_filter->top_group,
+                    _os_report_add_tostore(tmp_str, r_filter->top_group, 
                                            al_data);
                 }
             }
         }
 
 
-        /* Adding to the location top filter. */
-        _os_report_add_tostore(al_data->location, r_filter->top_location,
+        /* Adding to the location top filter. */        
+        _os_report_add_tostore(al_data->location, r_filter->top_location, 
                                al_data);
 
-
+        
         if(al_data->filename != NULL)
         {
-            _os_report_add_tostore(al_data->filename, r_filter->top_files,
+            _os_report_add_tostore(al_data->filename, r_filter->top_files, 
                                    al_data);
         }
     }
@@ -620,15 +620,15 @@ void os_ReportdStart(report_filter *r_filter)
         if(!r_filter->report_name)
             merror("%s: INFO: Report completed and zero alerts post-filter.", __local_name);
         else
-            merror("%s: INFO: Report '%s' completed and zero alerts post-filter.", __local_name, r_filter->report_name);
+            merror("%s: INFO: Report '%s' completed and zero alerts post-filter.", __local_name, r_filter->report_name);    
         return;
     }
 
-
+    
     if(r_filter->report_name)
         verbose("%s: INFO: Report '%s' completed. Creating output...", __local_name, r_filter->report_name);
     else
-        verbose("%s: INFO: Report completed. Creating output...", __local_name);
+        verbose("%s: INFO: Report completed. Creating output...", __local_name);    
 
 
     l_print_out(" ");
@@ -637,14 +637,14 @@ void os_ReportdStart(report_filter *r_filter)
     else
         l_print_out("Report completed. ==");
     l_print_out("------------------------------------------------");
-
+            
     l_print_out("->Processed alerts: %d", alerts_processed);
     l_print_out("->Post-filtering alerts: %d", alerts_filtered);
     l_print_out("->First alert: %s", first_alert);
     l_print_out("->Last alert: %s", last_alert);
     l_print_out(" ");
     l_print_out(" ");
-
+    
     OSStore_Sort(r_filter->top_srcip, _os_report_sort_compare);
     OSStore_Sort(r_filter->top_user,  _os_report_sort_compare);
     OSStore_Sort(r_filter->top_level, _os_report_sort_compare);
@@ -652,22 +652,22 @@ void os_ReportdStart(report_filter *r_filter)
     OSStore_Sort(r_filter->top_location, _os_report_sort_compare);
     OSStore_Sort(r_filter->top_rule, _os_report_sort_compare);
     OSStore_Sort(r_filter->top_files, _os_report_sort_compare);
-
+    
     if(r_filter->top_srcip)
         os_report_printtop(r_filter->top_srcip, "Source ip", 0);
-
+    
     if(r_filter->top_user)
         os_report_printtop(r_filter->top_user, "Username", 0);
-
+    
     if(r_filter->top_level)
         os_report_printtop(r_filter->top_level, "Level", 0);
-
+    
     if(r_filter->top_group)
         os_report_printtop(r_filter->top_group, "Group", 0);
-
+    
     if(r_filter->top_location)
         os_report_printtop(r_filter->top_location, "Location", 0);
-
+    
     if(r_filter->top_rule)
         os_report_printtop(r_filter->top_rule, "Rule", 0);
 
@@ -677,34 +677,34 @@ void os_ReportdStart(report_filter *r_filter)
 
     /* Print related events. */
     if(r_filter->related_srcip)
-        os_report_printtop(r_filter->top_srcip, "Source ip",
+        os_report_printtop(r_filter->top_srcip, "Source ip", 
                            r_filter->related_srcip);
 
     if(r_filter->related_user)
-        os_report_printtop(r_filter->top_user, "Username",
+        os_report_printtop(r_filter->top_user, "Username", 
                            r_filter->related_user);
 
     if(r_filter->related_level)
-        os_report_printtop(r_filter->top_level, "Level",
+        os_report_printtop(r_filter->top_level, "Level", 
                            r_filter->related_level);
 
     if(r_filter->related_group)
-        os_report_printtop(r_filter->top_group, "Group",
+        os_report_printtop(r_filter->top_group, "Group", 
                            r_filter->related_group);
-
+    
     if(r_filter->related_location)
-        os_report_printtop(r_filter->top_location, "Location",
+        os_report_printtop(r_filter->top_location, "Location", 
                            r_filter->related_location);
-
+    
     if(r_filter->related_rule)
-        os_report_printtop(r_filter->top_rule, "Rule",
+        os_report_printtop(r_filter->top_rule, "Rule", 
                            r_filter->related_rule);
 
     if(r_filter->related_file)
-        os_report_printtop(r_filter->top_files, "Filename",
+        os_report_printtop(r_filter->top_files, "Filename", 
                            r_filter->related_file);
-
-
+    
+    
     /* If we have to dump the alerts. */
     if(data_to_clean)
     {
@@ -736,43 +736,43 @@ void os_ReportdStart(report_filter *r_filter)
  *                              report_filter *r_filter)
  * Checks the configuration filters.
  */
-int os_report_configfilter(char *filter_by, char *filter_value,
+int os_report_configfilter(char *filter_by, char *filter_value, 
                            report_filter *r_filter, int arg_type)
 {
     if(!filter_by || !filter_value)
     {
         return(-1);
     }
-
+    
     if(arg_type == REPORT_FILTER)
     {
         if(strcmp(filter_by, "group") == 0)
         {
-            r_filter->group = filter_value;
+            r_filter->group = filter_value;    
         }
         else if(strcmp(filter_by, "rule") == 0)
         {
-            r_filter->rule = filter_value;
+            r_filter->rule = filter_value;    
         }
         else if(strcmp(filter_by, "level") == 0)
         {
-            r_filter->level = filter_value;
+            r_filter->level = filter_value;    
         }
         else if(strcmp(filter_by, "location") == 0)
         {
-            r_filter->location = filter_value;
+            r_filter->location = filter_value;    
         }
         else if(strcmp(filter_by, "user") == 0)
         {
-            r_filter->user = filter_value;
+            r_filter->user = filter_value;    
         }
         else if(strcmp(filter_by, "srcip") == 0)
         {
-            r_filter->srcip = filter_value;
+            r_filter->srcip = filter_value;    
         }
         else if(strcmp(filter_by, "filename") == 0)
         {
-            r_filter->files = filter_value;
+            r_filter->files = filter_value;    
         }
         else
         {
@@ -784,7 +784,7 @@ int os_report_configfilter(char *filter_by, char *filter_value,
     {
         if(strcmp(filter_by, "group") == 0)
         {
-            r_filter->related_group =
+            r_filter->related_group = 
             _report_filter_value(filter_value, r_filter->related_group);
 
             if(r_filter->related_group == -1)
@@ -792,7 +792,7 @@ int os_report_configfilter(char *filter_by, char *filter_value,
         }
         else if(strcmp(filter_by, "rule") == 0)
         {
-            r_filter->related_rule =
+            r_filter->related_rule = 
             _report_filter_value(filter_value, r_filter->related_rule);
 
             if(r_filter->related_rule == -1)
@@ -800,7 +800,7 @@ int os_report_configfilter(char *filter_by, char *filter_value,
         }
         else if(strcmp(filter_by, "level") == 0)
         {
-            r_filter->related_level =
+            r_filter->related_level = 
             _report_filter_value(filter_value, r_filter->related_level);
 
             if(r_filter->related_level == -1)
@@ -808,7 +808,7 @@ int os_report_configfilter(char *filter_by, char *filter_value,
         }
         else if(strcmp(filter_by, "location") == 0)
         {
-            r_filter->related_location =
+            r_filter->related_location = 
             _report_filter_value(filter_value, r_filter->related_location);
 
             if(r_filter->related_location == -1)
@@ -816,7 +816,7 @@ int os_report_configfilter(char *filter_by, char *filter_value,
         }
         else if(strcmp(filter_by, "srcip") == 0)
         {
-            r_filter->related_srcip =
+            r_filter->related_srcip = 
             _report_filter_value(filter_value, r_filter->related_srcip);
 
             if(r_filter->related_srcip == -1)
@@ -824,17 +824,17 @@ int os_report_configfilter(char *filter_by, char *filter_value,
         }
         else if(strcmp(filter_by, "user") == 0)
         {
-            r_filter->related_user =
+            r_filter->related_user = 
             _report_filter_value(filter_value, r_filter->related_user);
-
+        
             if(r_filter->related_user == -1)
                 return(-1);
         }
         else if(strcmp(filter_by, "filename") == 0)
         {
-            r_filter->related_file =
+            r_filter->related_file = 
             _report_filter_value(filter_value, r_filter->related_file);
-
+        
             if(r_filter->related_file == -1)
                 return(-1);
         }
diff --git a/src/shared/rules_op.c b/src/shared/rules_op.c
index d4a6b5f..ed83480 100755
--- a/src/shared/rules_op.c
+++ b/src/shared/rules_op.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -25,7 +25,7 @@
 
 
 /** Prototypes **/
-int _OS_GetRulesAttributes(char **attributes,
+int _OS_GetRulesAttributes(char **attributes, 
                            char **values,
                            RuleInfo *ruleinfo_pt);
 RuleInfo *_OS_AllocateRule();
@@ -36,8 +36,8 @@ RuleInfo *_OS_AllocateRule();
 /* Rules_OP_ReadRules, v0.3, 2005/03/21
  * Read the log rules.
  * v0.3: Fixed many memory problems.
- */
-int OS_ReadXMLRules(char *rulefile,
+ */ 
+int OS_ReadXMLRules(char *rulefile, 
                     void *(*ruleact_function)(RuleInfo *rule, void *data),
                     void *data)
 {
@@ -45,9 +45,9 @@ int OS_ReadXMLRules(char *rulefile,
     XML_NODE node = NULL;
 
 
-    /** XML variables **/
+    /** XML variables **/ 
     /* These are the available options for the rule configuration */
-
+    
     char *xml_group = "group";
     char *xml_rule = "rule";
 
@@ -62,7 +62,7 @@ int OS_ReadXMLRules(char *rulefile,
     char *xml_comment = "description";
     char *xml_ignore = "ignore";
     char *xml_check_if_ignored = "check_if_ignored";
-
+    
     char *xml_srcip = "srcip";
     char *xml_srcport = "srcport";
     char *xml_dstip = "dstip";
@@ -76,16 +76,16 @@ int OS_ReadXMLRules(char *rulefile,
     char *xml_status = "status";
     char *xml_action = "action";
     char *xml_compiled = "compiled_rule";
-
+    
     char *xml_if_sid = "if_sid";
     char *xml_if_group = "if_group";
     char *xml_if_level = "if_level";
     char *xml_fts = "if_fts";
-
+    
     char *xml_if_matched_regex = "if_matched_regex";
     char *xml_if_matched_group = "if_matched_group";
     char *xml_if_matched_sid = "if_matched_sid";
-
+    
     char *xml_same_source_ip = "same_source_ip";
     char *xml_same_src_port = "same_src_port";
     char *xml_same_dst_port = "same_dst_port";
@@ -95,16 +95,16 @@ int OS_ReadXMLRules(char *rulefile,
     char *xml_dodiff = "check_diff";
 
     char *xml_different_url = "different_url";
-
+    
     char *xml_notsame_source_ip = "not_same_source_ip";
     char *xml_notsame_user = "not_same_user";
     char *xml_notsame_agent = "not_same_agent";
     char *xml_notsame_id = "not_same_id";
 
     char *xml_options = "options";
-
+    
     char *rulepath;
-
+    
     int i;
 
 
@@ -126,9 +126,9 @@ int OS_ReadXMLRules(char *rulefile,
         debug1("%s is the rulefile", rulefile);
         debug1("Not modifing the rule path");
     }
-
-
-    /* Reading the XML */
+    
+    
+    /* Reading the XML */       
     if(OS_ReadXML(rulepath,&xml) < 0)
     {
         merror(XML_ERROR, __local_name, rulepath, xml.err, xml.err_line);
@@ -139,7 +139,7 @@ int OS_ReadXMLRules(char *rulefile,
 
     /* Debug wrapper */
     debug1("%s: DEBUG: read xml for rule '%s'.", __local_name, rulepath);
-
+    
 
     /* Applying any variable found */
     if(OS_ApplyVariables(&xml) != 0)
@@ -151,7 +151,7 @@ int OS_ReadXMLRules(char *rulefile,
 
     /* Debug wrapper */
     debug1("%s: DEBUG: XML Variables applied.", __local_name);
-
+    
 
     /* Getting the root elements */
     node = OS_GetElementsbyNode(&xml, NULL);
@@ -159,13 +159,13 @@ int OS_ReadXMLRules(char *rulefile,
     {
         merror(CONFIG_ERROR, __local_name, rulepath);
         OS_ClearXML(&xml);
-        return(-1);
+        return(-1);    
     }
 
 
     /* Zeroing the rule memory -- not used anymore */
     free(rulepath);
-
+    
 
     /* Checking if there is any invalid global option */
     i = 0;
@@ -201,7 +201,7 @@ int OS_ReadXMLRules(char *rulefile,
     }
 
 
-    /* Getting the rules now */
+    /* Getting the rules now */   
     i = 0;
     while(node[i])
     {
@@ -209,7 +209,7 @@ int OS_ReadXMLRules(char *rulefile,
         XML_NODE rule = NULL;
 
 
-        /* Getting all rules for a global group */
+        /* Getting all rules for a global group */        
         rule = OS_GetElementsbyNode(&xml,node[i]);
         if(rule == NULL)
         {
@@ -222,15 +222,15 @@ int OS_ReadXMLRules(char *rulefile,
         {
             /* Rules options */
             int k = 0;
-            char *regex = NULL, *match = NULL, *url = NULL,
+            char *regex = NULL, *match = NULL, *url = NULL, 
                  *if_matched_regex = NULL, *if_matched_group = NULL,
                  *user = NULL, *id = NULL, *srcport = NULL,
                  *dstport = NULL, *status = NULL, *hostname = NULL,
                  *extra_data = NULL, *program_name = NULL;
-
+            
             RuleInfo *config_ruleinfo = NULL;
             XML_NODE rule_opt = NULL;
-
+           
 
             /* Checking if the rule element is correct */
             if((!rule[j]->element)||
@@ -245,12 +245,12 @@ int OS_ReadXMLRules(char *rulefile,
             /* Checking for the attributes of the rule */
             if((!rule[j]->attributes) || (!rule[j]->values))
             {
-                merror(RL_INV_RULE, __local_name, rulefile);
+                merror(RL_INV_RULE, __local_name, rulefile); 
                 OS_ClearXML(&xml);
                 return(-1);
             }
 
-
+            
             /* Attribute block */
             config_ruleinfo = _OS_AllocateRule();
 
@@ -276,19 +276,19 @@ int OS_ReadXMLRules(char *rulefile,
              * be fine
              */
             os_strdup(node[i]->values[0], config_ruleinfo->group);
+            
 
-
-            /* Getting rules options */
+            /* Getting rules options */    
             rule_opt =  OS_GetElementsbyNode(&xml, rule[j]);
             if(rule_opt == NULL)
             {
                 merror(RL_NO_OPT, __local_name, config_ruleinfo->sigid);
                 OS_ClearXML(&xml);
-                return(-1);
+                return(-1);       
             }
+                
 
-
-            /* Reading the whole rule block */
+            /* Reading the whole rule block */    
             while(rule_opt[k])
             {
                 if((!rule_opt[k]->element)||(!rule_opt[k]->content))
@@ -318,7 +318,7 @@ int OS_ReadXMLRules(char *rulefile,
                 }
                 else if(strcasecmp(rule_opt[k]->element,xml_day_time) == 0)
                 {
-                    config_ruleinfo->day_time =
+                    config_ruleinfo->day_time = 
                                      OS_IsValidTime(rule_opt[k]->content);
                     if(!config_ruleinfo->day_time)
                     {
@@ -333,7 +333,7 @@ int OS_ReadXMLRules(char *rulefile,
                 }
                 else if(strcasecmp(rule_opt[k]->element,xml_week_day) == 0)
                 {
-                    config_ruleinfo->week_day =
+                    config_ruleinfo->week_day = 
                         OS_IsValidDay(rule_opt[k]->content);
 
                     if(!config_ruleinfo->week_day)
@@ -376,25 +376,25 @@ int OS_ReadXMLRules(char *rulefile,
                     int ip_s = 0;
 
                     /* Getting size of source ip list */
-                    while(config_ruleinfo->srcip &&
+                    while(config_ruleinfo->srcip && 
                             config_ruleinfo->srcip[ip_s])
                     {
                         ip_s++;
                     }
 
-                    config_ruleinfo->srcip =
+                    config_ruleinfo->srcip = 
                                 realloc(config_ruleinfo->srcip,
                                 (ip_s + 2) * sizeof(os_ip *));
 
 
                     /* Allocating memory for the individual entries */
-                    os_calloc(1, sizeof(os_ip),
+                    os_calloc(1, sizeof(os_ip), 
                                  config_ruleinfo->srcip[ip_s]);
                     config_ruleinfo->srcip[ip_s +1] = NULL;
 
 
                     /* Checking if the ip is valid */
-                    if(!OS_IsValidIP(rule_opt[k]->content,
+                    if(!OS_IsValidIP(rule_opt[k]->content, 
                                      config_ruleinfo->srcip[ip_s]))
                     {
                         merror(INVALID_IP, __local_name, rule_opt[k]->content);
@@ -451,7 +451,7 @@ int OS_ReadXMLRules(char *rulefile,
                 else if(strcasecmp(rule_opt[k]->element,xml_srcport) == 0)
                 {
                     srcport = os_LoadString(srcport, rule_opt[k]->content);
-
+                    
                     if(!(config_ruleinfo->alert_opts & DO_PACKETINFO))
                         config_ruleinfo->alert_opts |= DO_PACKETINFO;
                 }
@@ -491,7 +491,7 @@ int OS_ReadXMLRules(char *rulefile,
                 }
                 else if(strcasecmp(rule_opt[k]->element,xml_action) == 0)
                 {
-                    config_ruleinfo->action =
+                    config_ruleinfo->action = 
                                 os_LoadString(config_ruleinfo->action,
                                 rule_opt[k]->content);
                 }
@@ -552,9 +552,9 @@ int OS_ReadXMLRules(char *rulefile,
                 {
                     if(!OS_StrIsNum(rule_opt[k]->content))
                     {
-                        merror(INVALID_CONFIG, __local_name,
+                        merror(INVALID_CONFIG, __local_name, 
                                 xml_if_level,
-                                rule_opt[k]->content);
+                                rule_opt[k]->content); 
                         return(-1);
                     }
 
@@ -595,7 +595,7 @@ int OS_ReadXMLRules(char *rulefile,
                                 rule_opt[k]->content);
                         return(-1);
                     }
-                    config_ruleinfo->if_matched_sid =
+                    config_ruleinfo->if_matched_sid = 
                         atoi(rule_opt[k]->content);
 
                 }
@@ -684,7 +684,7 @@ int OS_ReadXMLRules(char *rulefile,
                 else if(strcasecmp(rule_opt[k]->element,
                             xml_options) == 0)
                 {
-                    if(strcmp("alert_by_email",
+                    if(strcmp("alert_by_email", 
                                 rule_opt[k]->content) == 0)
                     {
                         if(!(config_ruleinfo->alert_opts & DO_MAILALERT))
@@ -700,7 +700,7 @@ int OS_ReadXMLRules(char *rulefile,
                             config_ruleinfo->alert_opts&=0xfff-DO_MAILALERT;
                         }
                     }
-                    else if(strcmp("log_alert",
+                    else if(strcmp("log_alert", 
                                 rule_opt[k]->content) == 0)
                     {
                         if(!(config_ruleinfo->alert_opts & DO_LOGALERT))
@@ -723,7 +723,7 @@ int OS_ReadXMLRules(char *rulefile,
                         }
                     }
                     else
-                    {
+                    {               
                         merror(XML_VALUEERR, __local_name, xml_options,
                                 rule_opt[k]->content);
 
@@ -732,7 +732,7 @@ int OS_ReadXMLRules(char *rulefile,
                                                 rule_opt[k]->content);
                         OS_ClearXML(&xml);
                         return(-1);
-                    }
+                    }   
                 }
                 else if(strcasecmp(rule_opt[k]->element,
                             xml_ignore) == 0)
@@ -816,13 +816,13 @@ int OS_ReadXMLRules(char *rulefile,
                         return(-1);
                     }
                 }
-                /* XXX As new features are added into ../analysisd/rules.c
-                 * This code needs to be updated to match, but is out of date
-                 * it's become a nightmare to correct with out just make the
-                 * problem for someone later.
+                /* XXX As new features are added into ../analysisd/rules.c 
+                 * This code needs to be updated to match, but is out of date 
+                 * it's become a nightmare to correct with out just make the 
+                 * problem for someone later.   
                  *
-                 * This hack will allow any crap xml to pass without an
-                 * error.  The correct fix is to refactor the code so that
+                 * This hack will allow any crap xml to pass without an 
+                 * error.  The correct fix is to refactor the code so that 
                  * ../analysisd/rules* and this code are not duplicates
                  *
                 else
@@ -858,7 +858,7 @@ int OS_ReadXMLRules(char *rulefile,
                     os_strdup(if_matched_group, config_ruleinfo->if_group);
                 }
             }
-
+                
 
             /* If_matched_sid, we need to get the if_sid */
             if(config_ruleinfo->if_matched_sid &&
@@ -1075,14 +1075,14 @@ int OS_ReadXMLRules(char *rulefile,
             /* Calling the function provided. */
             ruleact_function(config_ruleinfo, data);
 
-
+            
             j++; /* next rule */
 
 
         } /* while(rule[j]) */
         OS_ClearNode(rule);
         i++;
-
+        
     } /* while (node[i]) */
 
     /* Cleaning global node */
@@ -1102,15 +1102,15 @@ int OS_ReadXMLRules(char *rulefile,
 RuleInfo *_OS_AllocateRule()
 {
     RuleInfo *ruleinfo_pt = NULL;
-
-
+    
+    
     /* Allocation memory for structure */
     ruleinfo_pt = (RuleInfo *)calloc(1,sizeof(RuleInfo));
     if(ruleinfo_pt == NULL)
     {
         ErrorExit(MEM_ERROR,__local_name);
     }
-
+    
 
     /* Default values */
     ruleinfo_pt->level = -1;
@@ -1118,10 +1118,10 @@ RuleInfo *_OS_AllocateRule()
     /* Default category is syslog */
     ruleinfo_pt->category = SYSLOG;
 
-    ruleinfo_pt->ar = NULL;
-
+    ruleinfo_pt->ar = NULL; 
+    
     ruleinfo_pt->context = 0;
-
+    
     /* Default sigid of -1 */
     ruleinfo_pt->sigid = -1;
     ruleinfo_pt->firedtimes = 0;
@@ -1130,11 +1130,11 @@ RuleInfo *_OS_AllocateRule()
     ruleinfo_pt->ignore_time = 0;
     ruleinfo_pt->timeframe = 0;
     ruleinfo_pt->time_ignored = 0;
-
-    ruleinfo_pt->context_opts = 0;
-    ruleinfo_pt->alert_opts = 0;
-    ruleinfo_pt->ignore = 0;
-    ruleinfo_pt->ckignore = 0;
+   
+    ruleinfo_pt->context_opts = 0; 
+    ruleinfo_pt->alert_opts = 0; 
+    ruleinfo_pt->ignore = 0; 
+    ruleinfo_pt->ckignore = 0; 
 
     ruleinfo_pt->day_time = NULL;
     ruleinfo_pt->week_day = NULL;
@@ -1147,16 +1147,16 @@ RuleInfo *_OS_AllocateRule()
     ruleinfo_pt->comment = NULL;
     ruleinfo_pt->info = NULL;
     ruleinfo_pt->cve = NULL;
-
+    
     ruleinfo_pt->if_sid = NULL;
     ruleinfo_pt->if_group = NULL;
     ruleinfo_pt->if_level = NULL;
-
+    
     ruleinfo_pt->if_matched_regex = NULL;
     ruleinfo_pt->if_matched_group = NULL;
     ruleinfo_pt->if_matched_sid = 0;
-
-    ruleinfo_pt->user = NULL;
+   
+    ruleinfo_pt->user = NULL; 
     ruleinfo_pt->srcip = NULL;
     ruleinfo_pt->srcport = NULL;
     ruleinfo_pt->dstip = NULL;
@@ -1167,7 +1167,7 @@ RuleInfo *_OS_AllocateRule()
     ruleinfo_pt->hostname = NULL;
     ruleinfo_pt->program_name = NULL;
     ruleinfo_pt->action = NULL;
-
+    
     /* Zeroing last matched events */
     ruleinfo_pt->__frequency = 0;
     ruleinfo_pt->last_events = NULL;
@@ -1175,10 +1175,10 @@ RuleInfo *_OS_AllocateRule()
     /* zeroing the list of previous matches */
     ruleinfo_pt->sid_prev_matched = NULL;
     ruleinfo_pt->group_prev_matched = NULL;
-
+    
     ruleinfo_pt->sid_search = NULL;
     ruleinfo_pt->group_search = NULL;
-
+    
     ruleinfo_pt->event_search = NULL;
 
     return(ruleinfo_pt);
@@ -1193,7 +1193,7 @@ int _OS_GetRulesAttributes(char **attributes, char **values,
                            RuleInfo *ruleinfo_pt)
 {
     int k = 0;
-
+    
     char *xml_id = "id";
     char *xml_level = "level";
     char *xml_maxsize = "maxsize";
@@ -1203,8 +1203,8 @@ int _OS_GetRulesAttributes(char **attributes, char **values,
     char *xml_noalert = "noalert";
     char *xml_ignore_time = "ignore";
     char *xml_overwrite = "overwrite";
-
-
+    
+   
     /* Getting attributes */
     while(attributes[k])
     {
@@ -1218,7 +1218,7 @@ int _OS_GetRulesAttributes(char **attributes, char **values,
         {
             if(OS_StrIsNum(values[k]) && (strlen(values[k]) <= 6 ))
             {
-                ruleinfo_pt->sigid = atoi(values[k]);
+                ruleinfo_pt->sigid = atoi(values[k]);    
             }
             else
             {
@@ -1247,7 +1247,7 @@ int _OS_GetRulesAttributes(char **attributes, char **values,
                 ruleinfo_pt->maxsize = atoi(values[k]);
 
                 /* adding EXTRAINFO options */
-                if(ruleinfo_pt->maxsize > 0 &&
+                if(ruleinfo_pt->maxsize > 0 && 
                    !(ruleinfo_pt->alert_opts & DO_EXTRAINFO))
                 {
                     ruleinfo_pt->alert_opts |= DO_EXTRAINFO;
@@ -1288,7 +1288,7 @@ int _OS_GetRulesAttributes(char **attributes, char **values,
         /* Rule accuracy */
         else if(strcasecmp(attributes[k],xml_accuracy) == 0)
         {
-            merror("%s: XXX: Use of 'accuracy' isn't supported. Ignoring.",
+            merror("%s: XXX: Use of 'accuracy' isn't supported. Ignoring.", 
                    __local_name);
         }
          /* Rule ignore_time */
@@ -1301,7 +1301,7 @@ int _OS_GetRulesAttributes(char **attributes, char **values,
             else
             {
                 merror(XML_VALUEERR,__local_name, attributes[k], values[k]);
-                return(-1);
+                return(-1); 
             }
         }
         /* Rule noalert */
@@ -1339,9 +1339,9 @@ int _OS_GetRulesAttributes(char **attributes, char **values,
 /* print rule */
 void OS_PrintRuleinfo(RuleInfo *rule)
 {
-    debug1("%s: __local_name: Print Rule:%d, level %d, ignore: %d, frequency:%d",
+    debug1("%s: __local_name: Print Rule:%d, level %d, ignore: %d, frequency:%d", 
             __local_name,
-            rule->sigid,
+            rule->sigid, 
             rule->level,
             rule->ignore_time,
             rule->frequency);
diff --git a/src/shared/sig_op.c b/src/shared/sig_op.c
index f31a654..424a8cc 100755
--- a/src/shared/sig_op.c
+++ b/src/shared/sig_op.c
@@ -31,9 +31,9 @@ char *pidfile = NULL;
 void HandleSIG()
 {
     merror(SIGNAL_RECV, pidfile);
-
+    
     DeletePID(pidfile);
-
+    
     exit(1);
 }
 
@@ -50,7 +50,7 @@ void StartSIG(char *process_name)
        go to HandleSIG() */
     pidfile = process_name;
 
-    signal(SIGHUP, SIG_IGN);
+    signal(SIGHUP, SIG_IGN);    
     signal(SIGINT, HandleSIG);
     signal(SIGQUIT, HandleSIG);
     signal(SIGTERM, HandleSIG);
diff --git a/src/shared/store_op.c b/src/shared/store_op.c
index c3feacc..92d7894 100644
--- a/src/shared/store_op.c
+++ b/src/shared/store_op.c
@@ -12,13 +12,13 @@
 
 /* Common API for dealing with ordered lists.
  * Provides a fast search on average (n/2).
- */
+ */ 
 
 
 #include "shared.h"
 
 
-/* Create the list storage
+/* Create the list storage 
  * Return NULL on error
  */
 OSStore *OSStore_Create()
@@ -28,20 +28,20 @@ OSStore *OSStore_Create()
     my_list = calloc(1, sizeof(OSStore));
     if(!my_list)
         return(NULL);
-
+    
     my_list->first_node = NULL;
     my_list->last_node = NULL;
     my_list->cur_node = NULL;
     my_list->currently_size = 0;
     my_list->max_size = 0;
     my_list->free_data_function = NULL;
-
+    
     return(my_list);
 }
 
 
 
-/* Deletes the list storage
+/* Deletes the list storage 
  * Return NULL on error
  */
 OSStore *OSStore_Free(OSStore *list)
@@ -73,7 +73,7 @@ OSStore *OSStore_Free(OSStore *list)
 
     free(list);
     list = NULL;
-
+    
     return(list);
 }
 
@@ -89,7 +89,7 @@ int OSStore_SetMaxSize(OSStore *list, int max_size)
     {
         return(0);
     }
-
+    
     /* Minimum size is 1 */
     if(max_size <= 1)
     {
@@ -112,7 +112,7 @@ int OSStore_SetFreeDataPointer(OSStore *list, void *free_data_function)
     {
         return(0);
     }
-
+    
     list->free_data_function = free_data_function;
     return(1);
 }
@@ -144,34 +144,34 @@ int OSStore_Sort(OSStore *list, void*(sort_data_function)(void *d1, void *d2))
             /* In here, this node should stay where it is. */
             else if(movenode == list->cur_node->prev)
             {
-                break;
+                break;   
             }
 
             /* In here we need to replace the nodes. */
             else
             {
                 newnode = list->cur_node;
-
+                
                 if(list->cur_node->prev)
                     list->cur_node->prev->next = list->cur_node->next;
-
+                        
                 if(list->cur_node->next)
                     list->cur_node->next->prev = list->cur_node->prev;
                 else
-                    list->last_node = list->cur_node->prev;
-
-                list->cur_node = list->cur_node->prev;
-
+                    list->last_node = list->cur_node->prev;    
+                
+                list->cur_node = list->cur_node->prev;       
 
+                
                 newnode->next = movenode->next;
                 newnode->prev = movenode;
 
                 if(movenode->next)
                     movenode->next->prev = newnode;
-
+                    
                 movenode->next = newnode;
 
-
+                
                 break;
             }
         }
@@ -184,21 +184,21 @@ int OSStore_Sort(OSStore *list, void*(sort_data_function)(void *d1, void *d2))
 
             if(list->cur_node->prev)
                 list->cur_node->prev->next = list->cur_node->next;
-
+            
             if(list->cur_node->next)
                 list->cur_node->next->prev = list->cur_node->prev;
-            else
-                list->last_node = list->cur_node->prev;
-
+            else    
+                list->last_node = list->cur_node->prev;    
+            
             list->cur_node = list->cur_node->prev;
-
+            
             newnode->prev = NULL;
             newnode->next = list->first_node;
             list->first_node->prev = newnode;
-
-            list->first_node = newnode;
+            
+            list->first_node = newnode;    
         }
-
+        
         list->cur_node = list->cur_node->next;
     }
 
@@ -254,7 +254,7 @@ void *OSStore_Get(OSStore *list, char *key)
 {
     int chk_rc;
     list->cur_node = list->first_node;
-
+    
     while(list->cur_node)
     {
         if((chk_rc = strcmp(list->cur_node->key, key)) >= 0)
@@ -263,7 +263,7 @@ void *OSStore_Get(OSStore *list, char *key)
             if(chk_rc == 0)
                 return(list->cur_node->data);
 
-            /* Not found */
+            /* Not found */    
             return(NULL);
         }
 
@@ -281,7 +281,7 @@ int OSStore_Check(OSStore *list, char *key)
 {
     int chk_rc;
     list->cur_node = list->first_node;
-
+    
     while(list->cur_node)
     {
         if((chk_rc = strcmp(list->cur_node->key, key)) >= 0)
@@ -290,7 +290,7 @@ int OSStore_Check(OSStore *list, char *key)
             if(chk_rc == 0)
                 return(1);
 
-            /* Not found */
+            /* Not found */    
             return(0);
         }
 
@@ -311,7 +311,7 @@ int OSStore_NCheck(OSStore *list, char *key)
 
     while(list->cur_node)
     {
-        if((chk_rc = strncmp(list->cur_node->key, key,
+        if((chk_rc = strncmp(list->cur_node->key, key, 
                              list->cur_node->key_size)) >= 0)
         {
             /* Found */
@@ -368,7 +368,7 @@ void OSStore_Delete(OSStore *list, char *key)
 int OSStore_Put(OSStore *list, char *key, void *data)
 {
     int chk_rc;
-    OSStoreNode *newnode;
+    OSStoreNode *newnode;    
 
 
     /* Allocating memory for new node */
@@ -392,9 +392,9 @@ int OSStore_Put(OSStore *list, char *key, void *data)
         list->first_node = newnode;
         list->last_node = newnode;
     }
-
-
-    /* Store the data in order */
+    
+ 
+    /* Store the data in order */ 
     else
     {
         list->cur_node = list->first_node;
@@ -407,18 +407,18 @@ int OSStore_Put(OSStore *list, char *key, void *data)
                 {
                     return(1);
                 }
-
+                
                 /* If there is no prev node, it is because
-                 * this is the first node.
+                 * this is the first node. 
                  */
                 if(list->cur_node->prev)
                     list->cur_node->prev->next = newnode;
                 else
                     list->first_node = newnode;
-
-
+                                            
+                
                 newnode->prev = list->cur_node->prev;
-
+                
                 list->cur_node->prev = newnode;
                 newnode->next = list->cur_node;
                 break;
@@ -435,11 +435,11 @@ int OSStore_Put(OSStore *list, char *key, void *data)
             list->last_node = newnode;
         }
     }
-
+    
 
     /* Increment list size */
     list->currently_size++;
-
+    
     return(1);
 }
 
diff --git a/src/shared/string_op.c b/src/shared/string_op.c
index f458793..274da39 100755
--- a/src/shared/string_op.c
+++ b/src/shared/string_op.c
@@ -35,34 +35,17 @@ void os_trimcrlf(char *str)
 }
 
 /* Remove offending char (e.g., double quotes) from source */
-char *os_strip_char(char *source, char remove) {
-    char *clean;
-    char *iterator = source;
-    int length = 0;
+char *os_strip_char(const char *source, char remove) {
+    char *clean = malloc( strlen(source) + 1 );
     int i;
 
-    // Figure out how much memory to allocate
-    for( ; *iterator; iterator++ ) {
-        if ( *iterator != remove ) {
-            length++;
-        }
-    }
-
-    // Allocate the memory
-    if( (clean = malloc( length + 1 )) == NULL ) {
-        // Return NULL
-        return NULL;
-    }
-    memset(clean, '\0', length + 1);
-
-    // Remove the characters
-    iterator=source;
-    for( i=0; *iterator; iterator++ ) {
-        if ( *iterator != remove ) {
-            clean[i] = *iterator;
+    for( i=0; *source; source++ ) {
+        if ( *source != remove ) {
+            clean[i] = *source;
             i++;
         }
     }
+    clean[i] = 0;
 
     return clean;
 }
@@ -71,14 +54,10 @@ char *os_strip_char(char *source, char remove) {
 int os_substr(char *dest, const char *src, int position, int length) {
     dest[0]='\0';
 
-    if( length <= 0  ) {
-        // Unsupported negative length string
-        return -3;
-    }
     if( src == NULL ) {
         return -2;
     }
-    if( position >= strlen(src) ) {
+    if( position > strlen(src) ) {
         return -1;
     }
 
diff --git a/src/shared/tests/._Makefile b/src/shared/tests/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/tests/._Makefile differ
diff --git a/src/shared/tests/._hash_test.c b/src/shared/tests/._hash_test.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/tests/._hash_test.c differ
diff --git a/src/shared/tests/._ip_test.c b/src/shared/tests/._ip_test.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/tests/._ip_test.c differ
diff --git a/src/shared/tests/._merge_test.c b/src/shared/tests/._merge_test.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/tests/._merge_test.c differ
diff --git a/src/shared/tests/._prime_test.c b/src/shared/tests/._prime_test.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/shared/tests/._prime_test.c differ
diff --git a/src/shared/tests/hash_test.c b/src/shared/tests/hash_test.c
index 367d028..d1464cf 100755
--- a/src/shared/tests/hash_test.c
+++ b/src/shared/tests/hash_test.c
@@ -9,7 +9,7 @@ int main(int argc, char **argv)
     char *tmp;
     char buf[1024];
     OSHash *mhash;
-
+    
     mhash = OSHash_Create();
 
     while(1)
@@ -22,13 +22,13 @@ int main(int argc, char **argv)
         if(strncmp(buf, "get ", 4) == 0)
         {
             printf("Getting key: '%s'\n", buf + 4);
-            printf("Found: '%s'\n", (char *)OSHash_Get(mhash, buf + 4));
+            printf("Found: '%s'\n", (char *)OSHash_Get(mhash, buf + 4));   
         }
         else
         {
             printf("Adding key: '%s'\n", buf);
             i = OSHash_Add(mhash, strdup(buf), strdup(buf));
-
+            
             printf("rc = %d\n", i);
         }
     }
diff --git a/src/shared/tests/ip_test.c b/src/shared/tests/ip_test.c
index 685905a..149f1b9 100755
--- a/src/shared/tests/ip_test.c
+++ b/src/shared/tests/ip_test.c
@@ -14,7 +14,7 @@ int main(int argc, char **argv)
     {
         printf("Invalid ip\n");
     }
-
+    
     if(OS_IPFound(argv[2], &myip))
     {
         printf("IP MATCHED!\n");
diff --git a/src/shared/validate_op.c b/src/shared/validate_op.c
index 25132ee..2e60434 100755
--- a/src/shared/validate_op.c
+++ b/src/shared/validate_op.c
@@ -17,8 +17,8 @@
 
 
 #include "shared.h"
-char *ip_address_regex =
-     "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}/?"
+char *ip_address_regex = 
+     "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}/?" 
      "([0-9]{0,2}|[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})$";
 
 /* Global vars */
@@ -38,7 +38,7 @@ static char *_read_file(char *high_name, char *low_name, char *defines_file)
     char *buf_pt;
     char *tmp_buffer;
     char *ret;
-
+    
     #ifndef WIN32
     if(isChroot())
     {
@@ -52,7 +52,7 @@ static char *_read_file(char *high_name, char *low_name, char *defines_file)
     snprintf(def_file,OS_FLSIZE,"%s", defines_file);
     #endif
 
-
+                                                        
     fp = fopen(def_file, "r");
     if(!fp)
     {
@@ -97,7 +97,7 @@ static char *_read_file(char *high_name, char *low_name, char *defines_file)
         }
 
         tmp_buffer = buf_pt;
-
+        
         /* Getting the equal */
         buf_pt = strchr(buf_pt, '=');
         if(!buf_pt)
@@ -125,12 +125,12 @@ static char *_read_file(char *high_name, char *low_name, char *defines_file)
         {
             *tmp_buffer = '\0';
         }
-
+        
         os_strdup(buf_pt, ret);
         fclose(fp);
         return(ret);
     }
-
+    
     fclose(fp);
     return(NULL);
 }
@@ -214,7 +214,7 @@ int getDefine_Int(char *high_name, char *low_name, int min, int max)
     char *value;
     char *pt;
 
-
+    
     /* We first try to read from the local define file. */
     value = _read_file(high_name, low_name, OSSEC_LDEFINES);
     if(!value)
@@ -261,13 +261,13 @@ int OS_IPFound(char *ip_address, os_ip *that_ip)
     {
         return(!_true);
     }
-
+                                
     /* If negate is set */
     if(that_ip->ip[0] == '!')
     {
         _true = 0;
     }
-
+    
     /* Checking if ip is in thatip & netmask */
     if((net.s_addr & that_ip->netmask) == that_ip->ip_address)
     {
@@ -278,7 +278,7 @@ int OS_IPFound(char *ip_address, os_ip *that_ip)
     return(!_true);
 }
 
-
+     
 /** int OS_IPFoundList(char *ip_address, os_ip **list_of_ips)
  * Checks if ip_address is present on the "list_of_ips".
  * Returns 1 on success or 0 on failure.
@@ -294,16 +294,16 @@ int OS_IPFoundList(char *ip_address, os_ip **list_of_ips)
     {
         return(!_true);
     }
-
+                                        
     while(*list_of_ips)
     {
         os_ip *l_ip = *list_of_ips;
-
+        
         if(l_ip->ip[0] == '!')
         {
             _true = 0;
         }
-
+    
         if((net.s_addr & l_ip->netmask) == l_ip->ip_address)
         {
             return(_true);
@@ -312,9 +312,9 @@ int OS_IPFoundList(char *ip_address, os_ip **list_of_ips)
     }
 
     return(!_true);
-}
-
+}    
 
+     
 /** int OS_IsValidIP(char *ip)
  * Validates if an ip address is in the right
  * format.
@@ -337,13 +337,13 @@ int OS_IsValidIP(char *ip_address, os_ip *final_ip)
     {
         os_strdup(ip_address, final_ip->ip);
     }
-
+    
     if(*ip_address == '!')
     {
         ip_address++;
     }
-
-    #ifndef WIN32
+   
+    #ifndef WIN32 
     /* checking against the basic regex */
     if(!OS_PRegex(ip_address, ip_address_regex))
     {
@@ -361,8 +361,8 @@ int OS_IsValidIP(char *ip_address, os_ip *final_ip)
         tmp_ip = ip_address;
         while(*tmp_ip != '\0')
         {
-            if((*tmp_ip < '0' ||
-               *tmp_ip > '9') &&
+            if((*tmp_ip < '0' || 
+               *tmp_ip > '9') &&   
                *tmp_ip != '.' &&
                *tmp_ip != '/')
             {
@@ -380,13 +380,13 @@ int OS_IsValidIP(char *ip_address, os_ip *final_ip)
 
 
 
-    /* Getting the cidr/netmask if available */
+    /* Getting the cidr/netmask if available */ 
     tmp_str = strchr(ip_address,'/');
     if(tmp_str)
     {
         int cidr;
         struct in_addr net;
-
+        
         *tmp_str = '\0';
         tmp_str++;
 
@@ -425,7 +425,7 @@ int OS_IsValidIP(char *ip_address, os_ip *final_ip)
                 }
             }
         }
-
+        
         if((net.s_addr = inet_addr(ip_address)) <= 0)
         {
             if(strcmp("0.0.0.0", ip_address) == 0)
@@ -455,7 +455,7 @@ int OS_IsValidIP(char *ip_address, os_ip *final_ip)
     {
         struct in_addr net;
         nmask = 32;
-
+        
         if(strcmp("any", ip_address) == 0)
         {
             net.s_addr = 0;
@@ -465,14 +465,14 @@ int OS_IsValidIP(char *ip_address, os_ip *final_ip)
         {
             return(0);
         }
-
+        
         if(final_ip)
         {
             final_ip->ip_address = net.s_addr;
 
             if(!_mask_inited)
                 _init_masks();
-
+        
             final_ip->netmask = htonl(_netmasks[nmask]);
         }
 
@@ -506,11 +506,11 @@ int OS_IsonTime(char *time_str, char *ossec_time)
 
     /* Comparing against min/max value */
     if((strncmp(time_str, ossec_time, 5) >= 0)&&
-      (strncmp(time_str, ossec_time+5,5) <= 0))
+      (strncmp(time_str, ossec_time+5,5) <= 0))  
     {
         return(_true);
     }
-
+    
     return(!_true);
 }
 
@@ -534,13 +534,13 @@ char *__gethour(char *str, char *ossec_hour)
     int _size = 0;
     int chour = 0;
     int cmin = 0;
-
+    
     /* Invalid time format */
     if(!isdigit((int)*str))
     {
         merror(INVALID_TIME, __local_name, str);
     }
-
+    
 
     /* Hour */
     chour = atoi(str);
@@ -553,7 +553,7 @@ char *__gethour(char *str, char *ossec_hour)
         return(NULL);
 
     }
-
+    
     /* Going after the hour */
     while(isdigit((int)*str))
     {
@@ -567,8 +567,8 @@ char *__gethour(char *str, char *ossec_hour)
         merror(INVALID_TIME, __local_name, str);
         return(NULL);
     }
-
-
+    
+    
     /* Getting minute */
     if(*str == ':')
     {
@@ -586,7 +586,7 @@ char *__gethour(char *str, char *ossec_hour)
 
     /* Removing spaces */
     RM_WHITE(str);
-
+    
     if((*str == 'a') || (*str == 'A'))
     {
         str++;
@@ -603,19 +603,19 @@ char *__gethour(char *str, char *ossec_hour)
         if((*str == 'm') || (*str == 'M'))
         {
             chour += 12;
-
+            
             /* New hour must be valid */
             if(chour < 0 || chour >= 24)
             {
                 merror(INVALID_TIME, __local_name, str);
                 return(NULL);
             }
-
+                                                
             snprintf(ossec_hour, 6, "%02d:%02d", chour, cmin);
             str++;
             return(str);
         }
-
+        
     }
     else
     {
@@ -635,17 +635,17 @@ char *OS_IsValidTime(char *time_str)
     char first_hour[7];
     char second_hour[7];
     int ng = 0;
-
+    
     /* Must be not null */
     if(!time_str)
         return(NULL);
-
-
+    
+        
     /* Clearing memory */
     memset(first_hour, '\0', 7);
     memset(second_hour, '\0', 7);
-
-
+    
+    
     /* Removing white spaces */
     RM_WHITE(time_str);
 
@@ -660,7 +660,7 @@ char *OS_IsValidTime(char *time_str)
         RM_WHITE(time_str);
     }
 
-
+    
     /* Getting first hour */
     time_str = __gethour(time_str, first_hour);
     if(!time_str)
@@ -668,7 +668,7 @@ char *OS_IsValidTime(char *time_str)
 
     /* Removing white spaces */
     RM_WHITE(time_str);
-
+    
     if(*time_str != '-')
     {
         return(NULL);
@@ -683,7 +683,7 @@ char *OS_IsValidTime(char *time_str)
     time_str = __gethour(time_str, second_hour);
     if(!time_str)
         return(NULL);
-
+    
     RM_WHITE(time_str);
     if(*time_str != '\0')
     {
@@ -691,14 +691,14 @@ char *OS_IsValidTime(char *time_str)
     }
 
     os_calloc(13, sizeof(char), ret);
-
+    
     /* Fixing dump hours */
     if(strcmp(first_hour,second_hour) > 0)
     {
         snprintf(ret, 12, "!%s%s", second_hour, first_hour);
         return(ret);
     }
-
+    
     /* For the normal times */
     snprintf(ret, 12, "%c%s%s", ng == 0?'.':'!', first_hour, second_hour);
     return(ret);
@@ -715,8 +715,8 @@ int OS_IsAfterTime(char *time_str, char *ossec_time)
     /* Unique times can't have a !. */
     if(*ossec_time == '!')
         return(0);
-
-
+    
+        
     ossec_time++;
 
     /* Comparing against min/max value */
@@ -760,7 +760,7 @@ int OS_IsonDay(int week_day, char *ossec_day)
     /* Negative */
     if(ossec_day[7] == '!')
         _true = 0;
-
+    
     if(week_day < 0 || week_day > 7)
     {
         return(0);
@@ -769,8 +769,8 @@ int OS_IsonDay(int week_day, char *ossec_day)
     /* It is on the right day */
     if(ossec_day[week_day] == 1)
         return(_true);
-
-    return(!_true);
+    
+    return(!_true);    
 }
 
 
@@ -793,7 +793,7 @@ char *OS_IsValidDay(char *day_str)
     int i = 0, ng = 0;
     char *ret;
     char day_ret[9] = {0,0,0,0,0,0,0,0,0};
-    char *(days[]) =
+    char *(days[]) = 
     {
         "sunday", "sun", "monday", "mon", "tuesday", "tue",
         "wednesday", "wed", "thursday", "thu", "friday",
@@ -804,10 +804,10 @@ char *OS_IsValidDay(char *day_str)
     /* Must be a valid string */
     if(!day_str)
         return(NULL);
-
-
+    
+    
     RM_WHITE(day_str);
-
+    
     /* checking for negatives */
     if(*day_str == '!')
     {
@@ -851,7 +851,7 @@ char *OS_IsValidDay(char *day_str)
             merror(INVALID_DAY, __local_name, day_str);
             return(NULL);
         }
-
+        
         day_str += strlen(days[i]);
 
         if(IS_SEP(day_str))
@@ -892,7 +892,7 @@ char *OS_IsValidDay(char *day_str)
         merror(INVALID_DAY, __local_name, day_str);
         return(NULL);
     }
-
+    
     return(ret);
 }
 
diff --git a/src/shared/wait_op.c b/src/shared/wait_op.c
index 53bc664..bc5c0c2 100755
--- a/src/shared/wait_op.c
+++ b/src/shared/wait_op.c
@@ -24,7 +24,7 @@ void os_setwait()
     /* For same threads. */
     __wait_lock = 1;
 
-
+    
     if(isChroot())
     {
         fp = fopen(WAIT_FILE, "w");
@@ -48,7 +48,7 @@ void os_setwait()
 void os_delwait()
 {
     __wait_lock = 0;
-
+    
     if(isChroot())
     {
         unlink(WAIT_FILE);
@@ -66,7 +66,7 @@ void os_delwait()
  * Works as a simple inter process lock (only the main
  * process is allowed to lock).
  */
-#ifdef WIN32
+#ifdef WIN32 
 void os_wait()
 {
     if(!__wait_lock)
@@ -95,7 +95,7 @@ void os_wait()
 void os_wait()
 {
     struct stat file_status;
-
+    
 
     /* If the wait file is not present, keep going.
      */
@@ -109,7 +109,7 @@ void os_wait()
         if(stat(WAIT_FILE_PATH, &file_status) == -1)
             return;
     }
-
+    
 
     /* Wait until the lock is gone. */
     verbose(WAITING_MSG, __local_name);
diff --git a/src/syscheckd/._Makefile b/src/syscheckd/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/syscheckd/._Makefile differ
diff --git a/src/syscheckd/._config.c b/src/syscheckd/._config.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/syscheckd/._config.c differ
diff --git a/src/syscheckd/._create_db.c b/src/syscheckd/._create_db.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/syscheckd/._create_db.c differ
diff --git a/src/syscheckd/._run_check.c b/src/syscheckd/._run_check.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/syscheckd/._run_check.c differ
diff --git a/src/syscheckd/._run_realtime.c b/src/syscheckd/._run_realtime.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/syscheckd/._run_realtime.c differ
diff --git a/src/syscheckd/._seechanges.c b/src/syscheckd/._seechanges.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/syscheckd/._seechanges.c differ
diff --git a/src/syscheckd/._syscheck-baseline.c b/src/syscheckd/._syscheck-baseline.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/syscheckd/._syscheck-baseline.c differ
diff --git a/src/syscheckd/._syscheck.c b/src/syscheckd/._syscheck.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/syscheckd/._syscheck.c differ
diff --git a/src/syscheckd/._syscheck.h b/src/syscheckd/._syscheck.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/syscheckd/._syscheck.h differ
diff --git a/src/syscheckd/._win-registry.c b/src/syscheckd/._win-registry.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/syscheckd/._win-registry.c differ
diff --git a/src/syscheckd/config.c b/src/syscheckd/config.c
index 0ee30e4..2a33b15 100755
--- a/src/syscheckd/config.c
+++ b/src/syscheckd/config.c
@@ -55,7 +55,7 @@ int Read_Syscheck_Config(char * cfgfile)
     modules|= CAGENT_CONFIG;
     ReadConfig(modules, AGENTCONFIG, &syscheck, NULL);
     #endif
-
+              
 
     #ifndef WIN32
     /* We must have at least one directory to check */
@@ -78,7 +78,7 @@ int Read_Syscheck_Config(char * cfgfile)
         return(1);
     }
     #endif
-
+                                        
 
     return(0);
 }
diff --git a/src/syscheckd/create_db.c b/src/syscheckd/create_db.c
index 16e5eef..7cbbaad 100755
--- a/src/syscheckd/create_db.c
+++ b/src/syscheckd/create_db.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -40,7 +40,7 @@ int check_file(char *file_name)
 
     /* New file */
     sleep(1);
-
+    
     debug2("%s: DEBUG: new file '%s'.", ARGV0, file_name);
     return(0);
 }
@@ -55,7 +55,7 @@ int read_file(char *file_name, int opts, OSMatch *restriction)
     char *buf;
     char sha1s = '+';
     struct stat statbuf;
-
+    
 
     /* Checking if file is to be ignored */
     if(syscheck.ignore)
@@ -63,10 +63,10 @@ int read_file(char *file_name, int opts, OSMatch *restriction)
         int i = 0;
         while(syscheck.ignore[i] != NULL)
         {
-            if(strncasecmp(syscheck.ignore[i], file_name,
+            if(strncasecmp(syscheck.ignore[i], file_name, 
                            strlen(syscheck.ignore[i])) == 0)
             {
-                return(0);
+                return(0);            
             }
 
             i++;
@@ -79,7 +79,7 @@ int read_file(char *file_name, int opts, OSMatch *restriction)
         int i = 0;
         while(syscheck.ignore_regex[i] != NULL)
         {
-            if(OSMatch_Execute(file_name, strlen(file_name),
+            if(OSMatch_Execute(file_name, strlen(file_name), 
                                           syscheck.ignore_regex[i]))
             {
                 return(0);
@@ -99,7 +99,7 @@ int read_file(char *file_name, int opts, OSMatch *restriction)
         merror("%s: Error accessing '%s'.",ARGV0, file_name);
         return(-1);
     }
-
+    
     if(S_ISDIR(statbuf.st_mode))
     {
         #ifdef DEBUG
@@ -113,20 +113,20 @@ int read_file(char *file_name, int opts, OSMatch *restriction)
     /* restricting file types. */
     if(restriction)
     {
-        if(!OSMatch_Execute(file_name, strlen(file_name),
+        if(!OSMatch_Execute(file_name, strlen(file_name), 
                             restriction))
         {
             return(0);
         }
     }
-
-
+    
+    
     /* No S_ISLNK on windows */
     #ifdef WIN32
     if(S_ISREG(statbuf.st_mode))
     #else
     if(S_ISREG(statbuf.st_mode) || S_ISLNK(statbuf.st_mode))
-    #endif
+    #endif    
     {
         os_md5 mf_sum;
         os_sha1 sf_sum;
@@ -166,7 +166,7 @@ int read_file(char *file_name, int opts, OSMatch *restriction)
             #else
             if(OS_MD5_SHA1_File(file_name, syscheck.prefilter_cmd, mf_sum, sf_sum) < 0)
             #endif
-
+            
             {
                 strncpy(mf_sum, "xxx", 4);
                 strncpy(sf_sum, "xxx", 4);
@@ -183,16 +183,16 @@ int read_file(char *file_name, int opts, OSMatch *restriction)
             if(opts & CHECK_SEECHANGES)
                 sha1s = 'n';
             else
-                sha1s = '-';
+                sha1s = '-';    
         }
-
-
+        
+        
         buf = OSHash_Get(syscheck.fp, file_name);
         if(!buf)
         {
-            char alert_msg[916 +1];	/* 912 -> 916 to accommodate a long */
-
-            alert_msg[916] = '\0';
+            char alert_msg[912 +1];
+           
+            alert_msg[912] = '\0';
 
             if(opts & CHECK_SEECHANGES)
             {
@@ -204,15 +204,15 @@ int read_file(char *file_name, int opts, OSMatch *restriction)
                 }
             }
 
-
-            snprintf(alert_msg, 916, "%c%c%c%c%c%c%ld:%d:%d:%d:%s:%s",
+                   
+            snprintf(alert_msg, 912, "%c%c%c%c%c%c%d:%d:%d:%d:%s:%s",
                 opts & CHECK_SIZE?'+':'-',
                 opts & CHECK_PERM?'+':'-',
                 opts & CHECK_OWNER?'+':'-',
                 opts & CHECK_GROUP?'+':'-',
                 opts & CHECK_MD5SUM?'+':'-',
                 sha1s,
-                opts & CHECK_SIZE?(long)statbuf.st_size:0,
+                opts & CHECK_SIZE?(int)statbuf.st_size:0,
                 opts & CHECK_PERM?(int)statbuf.st_mode:0,
                 opts & CHECK_OWNER?(int)statbuf.st_uid:0,
                 opts & CHECK_GROUP?(int)statbuf.st_gid:0,
@@ -226,11 +226,9 @@ int read_file(char *file_name, int opts, OSMatch *restriction)
 
 
             /* Sending the new checksum to the analysis server */
-            alert_msg[916] = '\0';
-
-            /* changed by chris st_size int to long, 912 to 916*/
-            snprintf(alert_msg, 916, "%ld:%d:%d:%d:%s:%s %s",
-                     opts & CHECK_SIZE?(long)statbuf.st_size:0,
+            alert_msg[912] = '\0';
+            snprintf(alert_msg, 912, "%d:%d:%d:%d:%s:%s %s", 
+                     opts & CHECK_SIZE?(int)statbuf.st_size:0,
                      opts & CHECK_PERM?(int)statbuf.st_mode:0,
                      opts & CHECK_OWNER?(int)statbuf.st_uid:0,
                      opts & CHECK_GROUP?(int)statbuf.st_gid:0,
@@ -243,7 +241,7 @@ int read_file(char *file_name, int opts, OSMatch *restriction)
         {
             char alert_msg[OS_MAXSTR +1];
             char c_sum[256 +2];
-
+            
             c_sum[0] = '\0';
             c_sum[256] = '\0';
             alert_msg[0] = '\0';
@@ -269,18 +267,18 @@ int read_file(char *file_name, int opts, OSMatch *restriction)
                     }
                     else
                     {
-                        snprintf(alert_msg, 916, "%s %s", c_sum, file_name);
+                        snprintf(alert_msg, 912, "%s %s", c_sum, file_name);
                     }
                 }
                 else
                 {
-                    snprintf(alert_msg, 916, "%s %s", c_sum, file_name);
+                    snprintf(alert_msg, 912, "%s %s", c_sum, file_name);
                 }
                 send_syscheck_msg(alert_msg);
             }
         }
-
-
+        
+        
         /* Sleeping in here too */
         if(__counter >= (syscheck.sleep_after))
         {
@@ -290,7 +288,7 @@ int read_file(char *file_name, int opts, OSMatch *restriction)
         __counter++;
 
 
-        #ifdef DEBUG
+        #ifdef DEBUG 
         verbose("%s: file '%s %s'",ARGV0, file_name, mf_sum);
         #endif
     }
@@ -311,10 +309,10 @@ int read_file(char *file_name, int opts, OSMatch *restriction)
 int read_dir(char *dir_name, int opts, OSMatch *restriction)
 {
     int dir_size;
-
-    char f_name[PATH_MAX +2];
+   
+    char f_name[PATH_MAX +2]; 
     DIR *dp;
-
+    
     struct dirent *entry;
 
     f_name[PATH_MAX +1] = '\0';
@@ -324,11 +322,11 @@ int read_dir(char *dir_name, int opts, OSMatch *restriction)
     if((dir_name == NULL)||((dir_size = strlen(dir_name)) > PATH_MAX))
     {
         merror(NULL_ERROR, ARGV0);
-
+        
         return(-1);
     }
-
-
+    
+    
     /* Opening the directory given */
     dp = opendir(dir_name);
     if(!dp)
@@ -338,7 +336,7 @@ int read_dir(char *dir_name, int opts, OSMatch *restriction)
             if(read_file(dir_name, opts, restriction) == 0)
                 return(0);
         }
-
+        
         #ifdef WIN32
         int di = 0;
         char *(defaultfilesn[])= {
@@ -362,20 +360,20 @@ int read_dir(char *dir_name, int opts, OSMatch *restriction)
         if(defaultfilesn[di] == NULL)
         {
             merror("%s: WARN: Error opening directory: '%s': %s ",
-                    ARGV0, dir_name, strerror(errno));
+                    ARGV0, dir_name, strerror(errno)); 
         }
-
+            
         #else
-
+            
         merror("%s: WARN: Error opening directory: '%s': %s ",
                                           ARGV0,
                                           dir_name,
                                           strerror(errno));
         #endif
-
+        
         return(-1);
     }
-
+    
 
     /* Checking for real time flag. */
     if(opts & CHECK_REALTIME)
@@ -389,25 +387,25 @@ int read_dir(char *dir_name, int opts, OSMatch *restriction)
     while((entry = readdir(dp)) != NULL)
     {
         char *s_name;
-
+        
         /* Just ignore . and ..  */
         if((strcmp(entry->d_name,".") == 0) ||
-           (strcmp(entry->d_name,"..") == 0))
+           (strcmp(entry->d_name,"..") == 0))  
             continue;
-
+            
         strncpy(f_name, dir_name, PATH_MAX);
-
+       
         s_name = f_name;
-
+        
         s_name += dir_size;
 
 
         /* checking if the file name is already null terminated */
         if(*(s_name-1) != '/')
             *s_name++ = '/';
-
+            
         *s_name = '\0';
-
+        
         strncpy(s_name, entry->d_name, PATH_MAX - dir_size -2);
 
         /* Check integrity of the file */
@@ -448,7 +446,7 @@ int create_db()
     {
         ErrorExit("%s: Unable to create syscheck database."
                   ". Exiting.",ARGV0);
-        return(0);
+        return(0);    
     }
 
     if(!OSHash_setSize(syscheck.fp, 2048))
@@ -457,14 +455,14 @@ int create_db()
         return(0);
     }
 
-
+    
     /* dir_name can't be null */
     if((syscheck.dir == NULL) || (syscheck.dir[0] == NULL))
     {
         merror("%s: No directories to check.",ARGV0);
         return(-1);
     }
-
+    
 
     merror("%s: INFO: Starting syscheck database (pre-scan).", ARGV0);
 
@@ -489,7 +487,7 @@ int create_db()
     if(syscheck.realtime && (syscheck.realtime->fd >= 0))
         verbose("%s: INFO: Real time file monitoring started.", ARGV0);
     #endif
-
+    
     merror("%s: INFO: Finished creating syscheck database (pre-scan "
            "completed).", ARGV0);
     return(0);
diff --git a/src/syscheckd/run_check.c b/src/syscheckd/run_check.c
index fa5e77e..685284a 100755
--- a/src/syscheckd/run_check.c
+++ b/src/syscheckd/run_check.c
@@ -92,7 +92,7 @@ void send_sk_db()
     }
 
     create_db(1);
-
+        
 
     /* Sending scan ending message */
     sleep(syscheck.tsleep +10);
@@ -103,26 +103,26 @@ void send_sk_db()
         send_rootcheck_msg("Ending syscheck scan.");
     }
 }
+     
 
-
-
+ 
 /* start_daemon
- * Run periodicaly the integrity checking
+ * Run periodicaly the integrity checking 
  */
 void start_daemon()
 {
     int day_scanned = 0;
     int curr_day = 0;
-
+    
     time_t curr_time = 0;
-
+    
     time_t prev_time_rk = 0;
     time_t prev_time_sk = 0;
 
     char curr_hour[12];
 
     struct tm *p;
-
+   
 
     /* To be used by select. */
     #ifdef USEINOTIFY
@@ -130,11 +130,11 @@ void start_daemon()
     fd_set rfds;
     #endif
 
-
+    
     /*
-     * SCHED_BATCH forces the kernel to assume this is a cpu intensive
+     * SCHED_BATCH forces the kernel to assume this is a cpu intensive 
      * process
-     * and gives it a lower priority. This keeps ossec-syscheckd
+     * and gives it a lower priority. This keeps ossec-syscheckd 
      * from reducing
      * the interactity of an ssh session when checksumming large files.
      * This is available in kernel flavors >= 2.6.16
@@ -142,28 +142,28 @@ void start_daemon()
     #ifdef SCHED_BATCH
     struct sched_param pri;
     int status;
-
+    
     pri.sched_priority = 0;
     status = sched_setscheduler(0, SCHED_BATCH, &pri);
-
+    
     debug1("%s: Setting SCHED_BATCH returned: %d", ARGV0, status);
     #endif
-
-
+    
+            
     #ifdef DEBUG
     verbose("%s: Starting daemon ..",ARGV0);
     #endif
-
-
-
+  
+  
+    
     /* Some time to settle */
     memset(curr_hour, '\0', 12);
     sleep(syscheck.tsleep * 10);
 
 
 
-    /* If the scan time/day is set, reset the
-     * syscheck.time/rootcheck.time
+    /* If the scan time/day is set, reset the 
+     * syscheck.time/rootcheck.time 
      */
     if(syscheck.scan_time || syscheck.scan_day)
     {
@@ -183,20 +183,20 @@ void start_daemon()
     {
         prev_time_rk = time(0);
     }
+               
 
-
-
+    
     /* Before entering in daemon mode itself */
     prev_time_sk = time(0);
     sleep(syscheck.tsleep * 10);
-
+    
 
     /* If the scan_time or scan_day is set, we need to handle the
      * current day/time on the loop.
      */
     if(syscheck.scan_time || syscheck.scan_day)
     {
-        curr_time = time(0);
+        curr_time = time(0); 
         p = localtime(&curr_time);
 
 
@@ -210,7 +210,7 @@ void start_daemon()
         curr_day = p->tm_mday;
 
 
-
+        
         if(syscheck.scan_time && syscheck.scan_day)
         {
             if((OS_IsAfterTime(curr_hour, syscheck.scan_time)) &&
@@ -236,18 +236,18 @@ void start_daemon()
         }
     }
 
-
-    /* Checking every SYSCHECK_WAIT */
+    
+    /* Checking every SYSCHECK_WAIT */    
     while(1)
     {
         int run_now = 0;
         curr_time = time(0);
-
+        
 
         /* Checking if syscheck should be restarted, */
         run_now = os_check_restart_syscheck();
 
-
+        
         /* Checking if a day_time or scan_time is set. */
         if(syscheck.scan_time || syscheck.scan_day)
         {
@@ -260,8 +260,8 @@ void start_daemon()
                 day_scanned = 0;
                 curr_day = p->tm_mday;
             }
-
-
+            
+            
             /* Checking for the time of the scan. */
             if(!day_scanned && syscheck.scan_time && syscheck.scan_day)
             {
@@ -272,11 +272,11 @@ void start_daemon()
                     run_now = 1;
                 }
             }
-
+            
             else if(!day_scanned && syscheck.scan_time)
             {
                 /* Assign hour/min/sec values */
-                snprintf(curr_hour, 9, "%02d:%02d:%02d",
+                snprintf(curr_hour, 9, "%02d:%02d:%02d", 
                                     p->tm_hour, p->tm_min, p->tm_sec);
 
                 if(OS_IsAfterTime(curr_hour, syscheck.scan_time))
@@ -296,8 +296,8 @@ void start_daemon()
                 }
             }
         }
-
-
+        
+        
 
         /* If time elapsed is higher than the rootcheck_time,
          * run it.
@@ -311,7 +311,7 @@ void start_daemon()
             }
         }
 
-
+        
         /* If time elapsed is higher than the syscheck time,
          * run syscheck time.
          */
@@ -326,8 +326,8 @@ void start_daemon()
 
                 syscheck.scan_on_start = 1;
             }
-
-
+            
+            
             else
             {
                 /* Sending scan start message */
@@ -348,7 +348,7 @@ void start_daemon()
                 run_dbcheck();
             }
 
-
+            
             /* Sending scan ending message */
             sleep(syscheck.tsleep + 20);
             if(syscheck.dir[0])
@@ -356,16 +356,16 @@ void start_daemon()
                 merror("%s: INFO: Ending syscheck scan.", ARGV0);
                 send_rootcheck_msg("Ending syscheck scan.");
             }
-
+                
 
 
             /* Sending database completed message */
             send_syscheck_msg(HC_SK_DB_COMPLETED);
             debug2("%s: DEBUG: Sending database completed message.", ARGV0);
 
-
+            
             prev_time_sk = time(0);
-        }
+        } 
 
 
         #ifdef USEINOTIFY
@@ -379,7 +379,7 @@ void start_daemon()
 
             FD_SET(syscheck.realtime->fd, &rfds);
 
-            run_now = select(syscheck.realtime->fd + 1, &rfds,
+            run_now = select(syscheck.realtime->fd + 1, &rfds, 
                              NULL, NULL, &selecttime);
             if(run_now < 0)
             {
@@ -436,7 +436,7 @@ void start_daemon()
 int c_read_file(char *file_name, char *oldsum, char *newsum)
 {
     int size = 0, perm = 0, owner = 0, group = 0, md5sum = 0, sha1sum = 0, seechanges = 0;
-
+    
     struct stat statbuf;
 
     os_md5 mf_sum;
@@ -446,8 +446,8 @@ int c_read_file(char *file_name, char *oldsum, char *newsum)
     /* Cleaning sums */
     strncpy(mf_sum, "xxx", 4);
     strncpy(sf_sum, "xxx", 4);
-
-
+                    
+    
 
     /* Stating the file */
     #ifdef WIN32
@@ -477,12 +477,12 @@ int c_read_file(char *file_name, char *oldsum, char *newsum)
 
     /* owner */
     if(oldsum[2] == '+')
-        owner = 1;
-
+        owner = 1;     
+    
     /* group */
     if(oldsum[3] == '+')
         group = 1;
-
+        
     /* md5 sum */
     if(oldsum[4] == '+')
         md5sum = 1;
@@ -501,8 +501,8 @@ int c_read_file(char *file_name, char *oldsum, char *newsum)
         sha1sum = 0;
         seechanges = 1;
     }
-
-
+    
+    
     /* Generating new checksum */
     #ifdef WIN32
     if(S_ISREG(statbuf.st_mode))
@@ -542,12 +542,11 @@ int c_read_file(char *file_name, char *oldsum, char *newsum)
         }
     }
     #endif
-
+    
     newsum[0] = '\0';
     newsum[255] = '\0';
-    /* chris: changed st_size int to long */
-    snprintf(newsum,255,"%ld:%d:%d:%d:%s:%s",
-            size == 0?0:(long)statbuf.st_size,
+    snprintf(newsum,255,"%d:%d:%d:%d:%s:%s",
+            size == 0?0:(int)statbuf.st_size,
             perm == 0?0:(int)statbuf.st_mode,
             owner== 0?0:(int)statbuf.st_uid,
             group== 0?0:(int)statbuf.st_gid,
diff --git a/src/syscheckd/run_realtime.c b/src/syscheckd/run_realtime.c
index 839e5b8..9f5b42f 100755
--- a/src/syscheckd/run_realtime.c
+++ b/src/syscheckd/run_realtime.c
@@ -140,7 +140,7 @@ int realtime_start()
         merror("%s: ERROR: Unable to initialize inotify.", ARGV0);
         return(-1);
     }
-    #endif
+    #endif    
 
     return(1);
 }
@@ -167,10 +167,10 @@ int realtime_adddir(char *dir)
 
         wd = inotify_add_watch(syscheck.realtime->fd,
                                dir,
-                               REALTIME_MONITOR_FLAGS);
+                               REALTIME_MONITOR_FLAGS); 
         if(wd < 0)
         {
-            merror("%s: ERROR: Unable to add directory to real time "
+            merror("%s: ERROR: Unable to add directory to real time " 
                    "monitoring: '%s'. %d %d", ARGV0, dir, wd, errno);
         }
         else
@@ -212,13 +212,13 @@ int realtime_process()
 
 
     len = read(syscheck.realtime->fd, buf, REALTIME_EVENT_BUFFER);
-    if (len < 0)
+    if (len < 0) 
     {
         merror("%s: ERROR: Unable to read from real time buffer.", ARGV0);
-    }
+    } 
     else if (len > 0)
     {
-        while (i < len)
+        while (i < len) 
         {
             event = (struct inotify_event *) &buf[i];
 
@@ -232,7 +232,7 @@ int realtime_process()
 
                 snprintf(wdchar, 32, "%d", event->wd);
 
-                snprintf(final_name, MAX_LINE, "%s/%s",
+                snprintf(final_name, MAX_LINE, "%s/%s", 
                          (char *)OSHash_Get(syscheck.realtime->dirtb, wdchar),
                          event->name);
                 realtime_checksumfile(final_name);
@@ -281,7 +281,7 @@ void CALLBACK RTCallBack(DWORD dwerror, DWORD dwBytes, LPOVERLAPPED overlap)
 
     if(dwerror != ERROR_SUCCESS)
     {
-        merror("%s: ERROR: real time call back called, but error is set.",
+        merror("%s: ERROR: real time call back called, but error is set.", 
                ARGV0);
         return;
     }
@@ -293,12 +293,12 @@ void CALLBACK RTCallBack(DWORD dwerror, DWORD dwBytes, LPOVERLAPPED overlap)
     rtlocald = OSHash_Get(syscheck.realtime->dirtb, wdchar);
     if(rtlocald == NULL)
     {
-        merror("%s: ERROR: real time call back called, but hash is empty.",
+        merror("%s: ERROR: real time call back called, but hash is empty.", 
                ARGV0);
         return;
     }
 
-
+        
 
     do
     {
@@ -370,11 +370,11 @@ int realtime_win32read(win32rtfim *rtlocald)
                                TRUE,
                                FILE_NOTIFY_CHANGE_FILE_NAME|FILE_NOTIFY_CHANGE_DIR_NAME|FILE_NOTIFY_CHANGE_SIZE|FILE_NOTIFY_CHANGE_LAST_WRITE,
                                0,
-                               &rtlocald->overlap,
+                               &rtlocald->overlap, 
                                RTCallBack);
     if(rc == 0)
     {
-        merror("%s: ERROR: Unable to set directory for monitoring: %s",
+        merror("%s: ERROR: Unable to set directory for monitoring: %s", 
                ARGV0, rtlocald->dir);
         sleep(2);
     }
@@ -404,7 +404,7 @@ int realtime_adddir(char *dir)
 
 
     os_calloc(1, sizeof(win32rtfim), rtlocald);
-
+    
 
     rtlocald->h = CreateFile(dir,
                              FILE_LIST_DIRECTORY,
@@ -415,8 +415,8 @@ int realtime_adddir(char *dir)
                              NULL);
 
 
-    if(rtlocald->h == INVALID_HANDLE_VALUE ||
-       rtlocald->h == NULL)
+    if(rtlocald->h == INVALID_HANDLE_VALUE || 
+       rtlocald->h == NULL) 
     {
         free(rtlocald);
         rtlocald = NULL;
@@ -436,7 +436,7 @@ int realtime_adddir(char *dir)
 
     if(OSHash_Get(syscheck.realtime->dirtb, wdchar))
     {
-        merror("%s: ERROR: Entry already in the real time hash: %s",
+        merror("%s: ERROR: Entry already in the real time hash: %s", 
                ARGV0, wdchar);
         CloseHandle(rtlocald->overlap.hEvent);
         free(rtlocald);
diff --git a/src/syscheckd/seechanges.c b/src/syscheckd/seechanges.c
index 15496c8..aa1249c 100755
--- a/src/syscheckd/seechanges.c
+++ b/src/syscheckd/seechanges.c
@@ -31,7 +31,7 @@ char *gen_diff_alert(char *filename, int alert_diff_time)
 
     snprintf(buf, OS_MAXSTR, "%s/local/%s/diff.%d",
              DIFF_DIR_PATH, filename,  alert_diff_time);
-
+    
     fp = fopen(buf, "r");
     if(!fp)
     {
@@ -56,7 +56,7 @@ char *gen_diff_alert(char *filename, int alert_diff_time)
         else
         {
             /* Weird diff with only one large line. */
-            buf[256] = '\0';
+            buf[256] = '\0';    
         }
     }
     else
@@ -70,19 +70,19 @@ char *gen_diff_alert(char *filename, int alert_diff_time)
     /* Getting up to 20 line changes. */
     tmp_str = buf;
 
-
+    
     while(tmp_str && (*tmp_str != '\0'))
     {
         tmp_str = strchr(tmp_str, '\n');
         if(!tmp_str)
-            break;
+            break;    
         else if(n >= 19)
         {
-            *tmp_str = '\0';
+            *tmp_str = '\0';    
             break;
         }
         n++;
-        tmp_str++;
+        tmp_str++;    
     }
 
 
@@ -91,8 +91,8 @@ char *gen_diff_alert(char *filename, int alert_diff_time)
              buf, n>=19?
              "\nMore changes..":
              "");
-
-
+    
+    
     fclose(fp);
     return(strdup(diff_alert));
 }
@@ -134,7 +134,7 @@ int seechanges_createpath(char *filename)
     char *tmpstr = NULL;
     char *newdir = NULL;
 
-
+    
     os_strdup(filename, buffer);
     newdir = buffer;
     tmpstr = strchr(buffer +1, '/');
@@ -154,9 +154,9 @@ int seechanges_createpath(char *filename)
         {
             #ifndef WIN32
             if(mkdir(newdir, 0770) == -1)
-            #else
+            #else    
             if(mkdir(newdir) == -1)
-            #endif
+            #endif    
             {
                 merror(MKDIR_ERROR, ARGV0, newdir);
                 free(buffer);
@@ -194,7 +194,7 @@ char *seechanges_addfile(char *filename)
 
     os_md5 md5sum_old;
     os_md5 md5sum_new;
-
+    
     old_location[OS_MAXSTR] = '\0';
     tmp_location[OS_MAXSTR] = '\0';
     diff_cmd[OS_MAXSTR] = '\0';
@@ -222,7 +222,7 @@ char *seechanges_addfile(char *filename)
     if(OS_MD5_File(filename, md5sum_new) != 0)
     {
         //merror("%s: ERROR: Invalid internal state (missing '%s').",
-        //       ARGV0, filename);
+        //       ARGV0, filename); 
         return(NULL);
     }
 
@@ -248,15 +248,15 @@ char *seechanges_addfile(char *filename)
 
     /* Run diff. */
     date_of_change = File_DateofChange(old_location);
-    snprintf(diff_cmd, 2048, "diff \"%s\" \"%s\" > \"%s/local/%s/diff.%d\" "
+    snprintf(diff_cmd, 2048, "diff \"%s\" \"%s\" > \"%s/local/%s/diff.%d\" " 
              "2>/dev/null",
-             tmp_location, old_location,
+             tmp_location, old_location, 
              DIFF_DIR_PATH, filename +1, date_of_change);
     if(system(diff_cmd) != 256)
     {
         merror("%s: ERROR: Unable to run diff for %s",
                ARGV0,  filename);
-        return(NULL);
+        return(NULL); 
     }
 
 
diff --git a/src/syscheckd/syscheck-baseline.c b/src/syscheckd/syscheck-baseline.c
index 059aa25..642c103 100755
--- a/src/syscheckd/syscheck-baseline.c
+++ b/src/syscheckd/syscheck-baseline.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -59,20 +59,20 @@ int main(int argc, char **argv)
 {
     int c,r,no_stop = 1;
     int test_config = 0;
-
+    
     char *cfg = DEFAULTCPATH;
     char *input_f = NULL;
     char *output_f = NULL;
-
-
+    
+    
     /* Zeroing the structure */
     syscheck.workdir = NULL;
 
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
-
+        
+    
     while((c = getopt(argc, argv, "VtdshD:c:i:o:")) != -1)
     {
         switch(c)
@@ -85,7 +85,7 @@ int main(int argc, char **argv)
                 break;
             case 's':
                 no_stop = 0;
-                break;
+                break;    
             case 'd':
                 nowDebug();
                 break;
@@ -111,10 +111,10 @@ int main(int argc, char **argv)
                 break;
             case 't':
                 test_config = 1;
-                break;
+                break;        
             default:
                 help(ARGV0);
-                break;
+                break;   
         }
     }
 
@@ -141,13 +141,13 @@ int main(int argc, char **argv)
 
     /* Reading internal options */
     read_internal(no_stop);
-
-
+        
+    
     /* Exit if testing config */
     if(test_config)
         exit(0);
 
-
+        
     /* Setting default values */
     if(syscheck.workdir == NULL)
         syscheck.workdir = DEFAULTDIR;
@@ -157,7 +157,7 @@ int main(int argc, char **argv)
     syscheck.db = (char *)calloc(1024,sizeof(char));
     if(syscheck.db == NULL)
         ErrorExit(MEM_ERROR,ARGV0);
-
+        
     snprintf(syscheck.db,1023, output_f);
 
 
@@ -182,20 +182,20 @@ int main(int argc, char **argv)
 
     /* Start the signal handling */
     StartSIG(ARGV0);
-
+    
 
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, getpid());
 
-
+    
     /* Create local database */
     create_db(0);
-
+    
 
     fflush(syscheck.fp);
 
 
-    return(0);
+    return(0);        
 }
 
 
diff --git a/src/syscheckd/syscheck.c b/src/syscheckd/syscheck.c
index d66aa10..3568ac1 100755
--- a/src/syscheckd/syscheck.c
+++ b/src/syscheckd/syscheck.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -108,18 +108,18 @@ int Start_win32_Syscheck()
         syscheck.rootcheck = 0;
         merror("%s: WARN: Rootcheck module disabled.", ARGV0);
     }
-
+                                                            
 
 
     /* Printing options */
     r = 0;
     while(syscheck.registry[r] != NULL)
     {
-        verbose("%s: INFO: Monitoring registry entry: '%s'.",
+        verbose("%s: INFO: Monitoring registry entry: '%s'.", 
                 ARGV0, syscheck.registry[r]);
         r++;
     }
-
+    
     r = 0;
     while(syscheck.dir[r] != NULL)
     {
@@ -131,9 +131,9 @@ int Start_win32_Syscheck()
 
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, getpid());
-
-
-
+            
+        
+        
     /* Some sync time */
     sleep(syscheck.tsleep + 10);
 
@@ -141,35 +141,35 @@ int Start_win32_Syscheck()
     /* Waiting if agent started properly. */
     os_wait();
 
-
+    
     start_daemon();
 
 
     exit(0);
-}
+}                
 #endif
 
 
 
 /* Syscheck unix main.
  */
-#ifndef WIN32
+#ifndef WIN32 
 int main(int argc, char **argv)
 {
     int c,r;
     int test_config = 0,run_foreground = 0;
-
+    
     char *cfg = DEFAULTCPATH;
-
-
+    
+    
     /* Zeroing the structure */
     syscheck.workdir = NULL;
 
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
-
+        
+    
     while((c = getopt(argc, argv, "VtdhfD:c:")) != -1)
     {
         switch(c)
@@ -198,10 +198,10 @@ int main(int argc, char **argv)
                 break;
             case 't':
                 test_config = 1;
-                break;
+                break;        
             default:
                 help(ARGV0);
-                break;
+                break;   
         }
     }
 
@@ -239,8 +239,8 @@ int main(int argc, char **argv)
 
     /* Reading internal options */
     read_internal();
-
-
+        
+    
 
     /* Rootcheck config */
     if(rootcheck_init(test_config) == 0)
@@ -253,30 +253,30 @@ int main(int argc, char **argv)
         merror("%s: WARN: Rootcheck module disabled.", ARGV0);
     }
 
-
+        
     /* Exit if testing config */
     if(test_config)
         exit(0);
 
-
+        
     /* Setting default values */
     if(syscheck.workdir == NULL)
         syscheck.workdir = DEFAULTDIR;
 
 
-    if(!run_foreground)
+    if(!run_foreground) 
     {
         nowDaemon();
         goDaemon();
     }
-
+   
     /* Initial time to settle */
-    sleep(syscheck.tsleep + 2);
-
-
+    sleep(syscheck.tsleep + 2); 
+    
+    
     /* Connect to the queue  */
     if((syscheck.queue = StartMQ(DEFAULTQPATH,WRITE)) < 0)
-    {
+    {   
         merror(QUEUE_ERROR, ARGV0, DEFAULTQPATH, strerror(errno));
 
         sleep(5);
@@ -293,7 +293,7 @@ int main(int argc, char **argv)
 
     /* Start the signal handling */
     StartSIG(ARGV0);
-
+    
 
     /* Creating pid */
     if(CreatePID(ARGV0, getpid()) < 0)
@@ -337,8 +337,8 @@ int main(int argc, char **argv)
         }
         r++;
     }
-
-
+        
+    
     /* Some sync time */
     sleep(syscheck.tsleep + 10);
 
@@ -346,7 +346,7 @@ int main(int argc, char **argv)
     /* Start the daemon */
     start_daemon();
 
-    return(0);
+    return(0);        
 }
 #endif /* ifndef WIN32 */
 
diff --git a/src/syscheckd/syscheck.h b/src/syscheckd/syscheck.h
index df51f0e..4c2758b 100755
--- a/src/syscheckd/syscheck.h
+++ b/src/syscheckd/syscheck.h
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 
 #ifndef __SYSCHECK_H
 
@@ -50,11 +50,11 @@ int create_db();
 /* int run_dbcheck()
  * Checks database for changes.
  */
-int run_dbcheck();
-
+int run_dbcheck(); 
+  
 /** void os_winreg_check()
  * Checks the registry for changes.
- */
+ */  
 void os_winreg_check();
 
 /* starts real time */
diff --git a/src/syscheckd/win-registry.c b/src/syscheckd/win-registry.c
index 25791d7..c100bda 100644
--- a/src/syscheckd/win-registry.c
+++ b/src/syscheckd/win-registry.c
@@ -9,20 +9,20 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
-
+       
 /* Windows only */
 #ifdef WIN32
 
-
+       
 #include "shared.h"
 #include "syscheck.h"
 #include "os_crypto/md5/md5_op.h"
 #include "os_crypto/sha1/sha1_op.h"
-#include "os_crypto/md5_sha1/md5_sha1_op.h"
+#include "os_crypto/md5_sha1/md5_sha1_op.h"       
 
 
 /* Default values */
@@ -34,8 +34,8 @@
 #define SYS_WIN_REG     "syscheck/syscheckregistry.db"
 #define SYS_REG_TMP     "syscheck/syscheck_sum.tmp"
 
-
-
+ 
+ 
 /* Global variables */
 HKEY sub_tree;
 int ig_count = 0;
@@ -51,7 +51,7 @@ void os_winreg_open_key(char *subkey, char *fullkey_name);
 int os_winreg_changed(char *key, char *md5, char *sha1)
 {
     char buf[MAX_LINE +1];
-
+    
     buf[MAX_LINE] = '\0';
 
 
@@ -69,17 +69,17 @@ int os_winreg_changed(char *key, char *md5, char *sha1)
             if(n_buf == NULL)
                 continue;
 
-            *n_buf = '\0';
-
+            *n_buf = '\0';    
+            
             n_buf = strchr(buf, ' ');
             if(n_buf == NULL)
                 continue;
-
+            
             if(strcmp(n_buf +1, key) != 0)
                 continue;
-
+            
             /* Entry found, checking if checksum is the same */
-            *n_buf = '\0';
+            *n_buf = '\0';    
             if((strncmp(buf, md5, sizeof(os_md5) -1) == 0)&&
                (strcmp(buf + sizeof(os_md5) -1, sha1) == 0))
             {
@@ -165,11 +165,11 @@ char *os_winreg_sethkey(char *reg_entry)
     /* Checking if ret has nothing else. */
     if(ret && (*ret == '\0'))
         ret = NULL;
-
-    /* fixing tmp_str and the real name of the registry */
+    
+    /* fixing tmp_str and the real name of the registry */    
     if(tmp_str && (*tmp_str == '\0'))
             *tmp_str = '\\';
-
+            
     return(ret);
 }
 
@@ -177,7 +177,7 @@ char *os_winreg_sethkey(char *reg_entry)
 /* void os_winreg_querykey(HKEY hKey, char *p_key)
  * Query the key and get all its values.
  */
-void os_winreg_querykey(HKEY hKey, char *p_key, char *full_key_name)
+void os_winreg_querykey(HKEY hKey, char *p_key, char *full_key_name) 
 {
     int i, rc;
     DWORD j;
@@ -195,8 +195,8 @@ void os_winreg_querykey(HKEY hKey, char *p_key, char *full_key_name)
     DWORD value_count;
 
     /* Variables for RegEnumValue */
-    TCHAR value_buffer[MAX_VALUE_NAME +1];
-    TCHAR data_buffer[MAX_VALUE_NAME +1];
+    TCHAR value_buffer[MAX_VALUE_NAME +1]; 
+    TCHAR data_buffer[MAX_VALUE_NAME +1]; 
     DWORD value_size;
     DWORD data_size;
 
@@ -210,7 +210,7 @@ void os_winreg_querykey(HKEY hKey, char *p_key, char *full_key_name)
     sub_key_name_b[0] = '\0';
     sub_key_name_b[MAX_KEY_LENGTH] = '\0';
     sub_key_name_b[MAX_KEY_LENGTH +1] = '\0';
-
+    
 
     /* We use the class_name, subkey_count and the value count. */
     rc = RegQueryInfoKey(hKey, class_name_b, &class_name_s, NULL,
@@ -229,14 +229,14 @@ void os_winreg_querykey(HKEY hKey, char *p_key, char *full_key_name)
     if(subkey_count)
     {
         /* We open each subkey and call open_key */
-        for(i=0;i<subkey_count;i++)
-        {
+        for(i=0;i<subkey_count;i++) 
+        { 
             sub_key_name_s = MAX_KEY_LENGTH;
             rc = RegEnumKeyEx(hKey, i, sub_key_name_b, &sub_key_name_s,
-                              NULL, NULL, NULL, NULL);
-
+                              NULL, NULL, NULL, NULL); 
+            
             /* Checking for the rc. */
-            if(rc == ERROR_SUCCESS)
+            if(rc == ERROR_SUCCESS) 
             {
                 char new_key[MAX_KEY + 2];
                 char new_key_full[MAX_KEY + 2];
@@ -245,15 +245,15 @@ void os_winreg_querykey(HKEY hKey, char *p_key, char *full_key_name)
 
                 if(p_key)
                 {
-                    snprintf(new_key, MAX_KEY,
+                    snprintf(new_key, MAX_KEY, 
                              "%s\\%s", p_key, sub_key_name_b);
-                    snprintf(new_key_full, MAX_KEY,
+                    snprintf(new_key_full, MAX_KEY, 
                              "%s\\%s", full_key_name, sub_key_name_b);
                 }
                 else
                 {
                     snprintf(new_key, MAX_KEY, "%s", sub_key_name_b);
-                    snprintf(new_key_full, MAX_KEY,
+                    snprintf(new_key_full, MAX_KEY, 
                              "%s\\%s", full_key_name, sub_key_name_b);
                 }
 
@@ -262,9 +262,9 @@ void os_winreg_querykey(HKEY hKey, char *p_key, char *full_key_name)
             }
         }
     }
-
+    
     /* Getting Values (if available) */
-    if (value_count)
+    if (value_count) 
     {
         /* md5 and sha1 sum */
         os_md5 mf_sum;
@@ -286,9 +286,9 @@ void os_winreg_querykey(HKEY hKey, char *p_key, char *full_key_name)
         }
 
         /* Getting each value */
-        for(i=0;i<value_count;i++)
-        {
-            value_size = MAX_VALUE_NAME;
+        for(i=0;i<value_count;i++) 
+        { 
+            value_size = MAX_VALUE_NAME; 
             data_size = MAX_VALUE_NAME;
 
             value_buffer[0] = '\0';
@@ -358,7 +358,7 @@ void os_winreg_querykey(HKEY hKey, char *p_key, char *full_key_name)
         {
             char reg_changed[MAX_LINE +1];
             snprintf(reg_changed, MAX_LINE, "0:0:0:0:%s:%s %s",
-                                  mf_sum, sf_sum, full_key_name);
+                                  mf_sum, sf_sum, full_key_name); 
 
             /* Notifying server */
             notify_registry(reg_changed, 0);
@@ -385,7 +385,7 @@ void os_winreg_open_key(char *subkey, char *full_key_name)
     }
     ig_count++;
 
-
+    
     /* Registry ignore list */
     if(full_key_name && syscheck.registry_ignore)
     {
@@ -435,11 +435,11 @@ void os_winreg_check()
 
     /* Debug entries */
     debug1("%s: DEBUG: Starting os_winreg_check", ARGV0);
-
-
+    
+    
     /* Zeroing ig_count before checking */
     ig_count = 1;
-
+    
 
     /* Checking if the registry fp is open */
     if(syscheck.reg_fp == NULL)
@@ -458,19 +458,19 @@ void os_winreg_check()
     {
         sub_tree = NULL;
         rk = NULL;
-
+        
         /* Ignored entries are zeroed */
         if(*syscheck.registry[i] == '\0')
         {
             i++;
             continue;
         }
-
-
+        
+            
         /* Reading syscheck registry entry */
         debug1("%s: DEBUG: Attempt to read: %s", ARGV0, syscheck.registry[i]);
-
-
+        
+        
         rk = os_winreg_sethkey(syscheck.registry[i]);
         if(sub_tree == NULL)
         {
diff --git a/src/sysinfo/._df.c b/src/sysinfo/._df.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/sysinfo/._df.c differ
diff --git a/src/sysinfo/._statfs.c b/src/sysinfo/._statfs.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/sysinfo/._statfs.c differ
diff --git a/src/sysinfo/._statfs.h b/src/sysinfo/._statfs.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/sysinfo/._statfs.h differ
diff --git a/src/sysinfo/statfs.c b/src/sysinfo/statfs.c
index 732117a..2e3200a 100755
--- a/src/sysinfo/statfs.c
+++ b/src/sysinfo/statfs.c
@@ -47,14 +47,14 @@ int getstatfs(char *path)
     struct statfs fs;
     int percentbfree=0;
     int percentnfree=0;
-
+ 
     if(statfs(path, &fs) != 0)
 	return(-1);
 
     if((fs.f_bfree == 0)||(fs.f_ffree == 0))
 	    return(-1);
-    percentbfree = (int)(100*fs.f_bfree)/fs.f_blocks;
-    percentnfree = (int)(100*fs.f_ffree)/fs.f_files;
+    percentbfree = (int)(100*fs.f_bfree)/fs.f_blocks;     
+    percentnfree = (int)(100*fs.f_ffree)/fs.f_files;     
     printf("file system for %s has %d free blocks out of a total of %d - %d. Total of %d%% FREE \n",path,fs.f_ffree,fs.f_blocks,percentbfree,percentnfree);
    return(0);
 }
diff --git a/src/util/._Makefile b/src/util/._Makefile
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/util/._Makefile differ
diff --git a/src/util/._agent_control.c b/src/util/._agent_control.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/util/._agent_control.c differ
diff --git a/src/util/._clear_stats.c b/src/util/._clear_stats.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/util/._clear_stats.c differ
diff --git a/src/util/._list_agents.c b/src/util/._list_agents.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/util/._list_agents.c differ
diff --git a/src/util/._ossec-regex.c b/src/util/._ossec-regex.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/util/._ossec-regex.c differ
diff --git a/src/util/._rootcheck_control.c b/src/util/._rootcheck_control.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/util/._rootcheck_control.c differ
diff --git a/src/util/._syscheck_control.c b/src/util/._syscheck_control.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/util/._syscheck_control.c differ
diff --git a/src/util/._syscheck_update.c b/src/util/._syscheck_update.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/util/._syscheck_update.c differ
diff --git a/src/util/._verify-agent-conf.c b/src/util/._verify-agent-conf.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/util/._verify-agent-conf.c differ
diff --git a/src/util/agent_control.c b/src/util/agent_control.c
index e48a9a8..c229b0e 100755
--- a/src/util/agent_control.c
+++ b/src/util/agent_control.c
@@ -53,19 +53,19 @@ int main(int argc, char **argv)
     int gid = 0;
     int uid = 0;
     int c = 0, restart_syscheck = 0, restart_all_agents = 0, list_agents = 0;
-    int info_agent = 0, agt_id = 0, active_only = 0, csv_output = 0;
+    int info_agent = 0, agt_id = 0, active_only = 0, csv_output = 0; 
     int list_responses = 0, end_time = 0, restart_agent = 0;
 
     char shost[512];
-
+    
     keystore keys;
-
-
+    
+    
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
-
+        
+    
     /* user arguments */
     if(argc < 2)
     {
@@ -87,10 +87,10 @@ int main(int argc, char **argv)
                 break;
             case 'L':
                 list_responses = 1;
-                break;
+                break;    
             case 'e':
                 end_time = 1;
-                break;
+                break;     
             case 'r':
                 restart_syscheck = 1;
                 break;
@@ -98,11 +98,11 @@ int main(int argc, char **argv)
                 list_agents++;
                 break;
             case 's':
-                csv_output = 1;
-                break;
+                csv_output = 1;    
+                break;    
             case 'c':
                 active_only++;
-                break;
+                break;    
             case 'i':
                 info_agent++;
             case 'u':
@@ -136,7 +136,7 @@ int main(int argc, char **argv)
                     helpmsg();
                 }
                 agent_id = optarg;
-                restart_agent = 1;
+                restart_agent = 1;    
             case 'a':
                 restart_all_agents = 1;
                 break;
@@ -146,8 +146,8 @@ int main(int argc, char **argv)
         }
 
     }
-
-
+    
+    
     /* Getting the group name */
     gid = Privsep_GetGroup(group);
     uid = Privsep_GetUser(user);
@@ -156,14 +156,14 @@ int main(int argc, char **argv)
 	    ErrorExit(USER_ERROR, ARGV0, user, group);
     }
 	
-
+    
     /* Setting the group */
     if(Privsep_SetGroup(gid) < 0)
     {
 	    ErrorExit(SETGID_ERROR,ARGV0, group);
     }
-
-
+    
+    
     /* Chrooting to the default directory */
     if(Privsep_Chroot(dir) < 0)
     {
@@ -173,7 +173,7 @@ int main(int argc, char **argv)
 
     /* Inside chroot now */
     nowChroot();
-
+ 
 
     /* Setting the user */
     if(Privsep_SetUser(uid) < 0)
@@ -200,7 +200,7 @@ int main(int argc, char **argv)
         {
             printf("\nOSSEC HIDS %s. Available active responses:\n", ARGV0);
         }
-
+        
         fp = fopen(DEFAULTAR, "r");
         if(fp)
         {
@@ -216,7 +216,7 @@ int main(int argc, char **argv)
                 r_cmd = strchr(buffer, ' ');
                 if(!r_cmd)
                     continue;
-
+                
                 *r_cmd = '\0';
                 r_cmd++;
                 if(*r_cmd == '-')
@@ -227,8 +227,8 @@ int main(int argc, char **argv)
                 r_timeout = strchr(r_cmd, ' ');
                 if(!r_timeout)
                     continue;
-                *r_timeout = '\0';
-
+                *r_timeout = '\0';        
+                            
                 if(strcmp(r_name, "restart-ossec0") == 0)
                 {
                     continue;
@@ -247,13 +247,13 @@ int main(int argc, char **argv)
         exit(0);
     }
 
-
+    
     /* Listing available agents. */
     if(list_agents)
     {
         if(!csv_output)
         {
-            printf("\nOSSEC HIDS %s. List of available agents:",
+            printf("\nOSSEC HIDS %s. List of available agents:", 
                     ARGV0);
             printf("\n   ID: 000, Name: %s (server), IP: 127.0.0.1, Active/Local\n",
                     shost);
@@ -266,11 +266,11 @@ int main(int argc, char **argv)
         printf("\n");
         exit(0);
     }
-
+    
 
 
     /* Checking if the provided ID is valid. */
-    if(agent_id != NULL)
+    if(agent_id != NULL) 
     {
         if(strcmp(agent_id, "000") != 0)
         {
@@ -289,7 +289,7 @@ int main(int argc, char **argv)
             agt_id = -1;
         }
     }
-
+   
 
 
     /* Printing information from an agent. */
@@ -299,10 +299,10 @@ int main(int argc, char **argv)
         char final_ip[128 +1];
         char final_mask[128 +1];
         agent_info *agt_info;
-
+        
         final_ip[128] = '\0';
         final_mask[128] = '\0';
-
+        
 
         if(!csv_output)
             printf("\nOSSEC HIDS %s. Agent information:", ARGV0);
@@ -317,7 +317,7 @@ int main(int argc, char **argv)
 
             /* Getting netmask from ip. */
             getNetmask(keys.keyentries[agt_id]->ip->netmask, final_mask, 128);
-            snprintf(final_ip, 128, "%s%s",keys.keyentries[agt_id]->ip->ip,
+            snprintf(final_ip, 128, "%s%s",keys.keyentries[agt_id]->ip->ip, 
                                            final_mask);
 
 
@@ -330,16 +330,16 @@ int main(int argc, char **argv)
             }
             else
             {
-                printf("%s,%s,%s,%s,",
+                printf("%s,%s,%s,%s,", 
                        keys.keyentries[agt_id]->id,
                        keys.keyentries[agt_id]->name,
                        final_ip,
-                       print_agent_status(agt_status));
+                       print_agent_status(agt_status)); 
             }
         }
         else
         {
-            agt_status = get_agent_status(NULL, NULL);
+            agt_status = get_agent_status(NULL, NULL); 
             agt_info = get_agent_info(NULL, "127.0.0.1");
 
             if(!csv_output)
@@ -355,17 +355,17 @@ int main(int argc, char **argv)
                 printf("000,%s,127.0.0.1,%s/Local,",
                         shost,
                         print_agent_status(agt_status));
-
+                        
             }
         }
 
-
+        
         if(!csv_output)
         {
         printf("   Operating system:    %s\n", agt_info->os);
         printf("   Client version:      %s\n", agt_info->version);
         printf("   Last keep alive:     %s\n\n", agt_info->last_keepalive);
-
+        
 
         if(end_time)
         {
@@ -382,14 +382,14 @@ int main(int argc, char **argv)
         }
         else
         {
-            printf("%s,%s,%s,%s,%s,\n",
+            printf("%s,%s,%s,%s,%s,\n", 
                    agt_info->os,
                    agt_info->version,
                    agt_info->last_keepalive,
                    agt_info->syscheck_time,
                    agt_info->rootcheck_time);
         }
-
+        
         exit(0);
     }
 
@@ -424,7 +424,7 @@ int main(int argc, char **argv)
 
         exit(0);
     }
-
+    
 
 
     if(restart_syscheck && agent_id)
@@ -467,8 +467,8 @@ int main(int argc, char **argv)
 
         exit(0);
     }
-
-
+    
+    
     if(restart_agent && agent_id)
     {
         /* Connecting to remoted. */
@@ -524,7 +524,7 @@ int main(int argc, char **argv)
 
         exit(0);
     }
-
+    
 
     printf("\n** Invalid argument combination.\n");
     helpmsg();
diff --git a/src/util/clear_stats.c b/src/util/clear_stats.c
index 068b573..b91d392 100755
--- a/src/util/clear_stats.c
+++ b/src/util/clear_stats.c
@@ -37,24 +37,24 @@ int main(int argc, char **argv)
 {
     int clear_daily = 0;
     int clear_weekly = 0;
-
+    
     char *dir = DEFAULTDIR;
     char *group = GROUPGLOBAL;
     char *user = USER;
     int gid;
     int uid;
-
+    
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
-
+        
+    
     /* user arguments */
     if(argc != 2)
     {
         helpmsg();
     }
-
+    
     /* Getting the group name */
     gid = Privsep_GetGroup(group);
     uid = Privsep_GetUser(user);
@@ -63,14 +63,14 @@ int main(int argc, char **argv)
 	    ErrorExit(USER_ERROR, ARGV0, user, group);
     }
 	
-
+    
     /* Setting the group */
     if(Privsep_SetGroup(gid) < 0)
     {
 	    ErrorExit(SETGID_ERROR,ARGV0, group);
     }
-
-
+    
+    
     /* Chrooting to the default directory */
     if(Privsep_Chroot(dir) < 0)
     {
@@ -80,14 +80,14 @@ int main(int argc, char **argv)
 
     /* Inside chroot now */
     nowChroot();
-
+ 
 
     /* Setting the user */
     if(Privsep_SetUser(uid) < 0)
     {
         ErrorExit(SETUID_ERROR, ARGV0, user);
     }
-
+  
     /* User options */
     if(strcmp(argv[1], "-h") == 0)
     {
@@ -125,28 +125,28 @@ int main(int argc, char **argv)
         {
             ErrorExit("%s: Unable to open: '%s'", ARGV0, daily_dir);
         }
-
+        
         while((entry = readdir(daily)) != NULL)
         {
             char full_path[OS_MAXSTR +1];
-
-            /* Do not even attempt to delete . and .. :) */
+           
+            /* Do not even attempt to delete . and .. :) */ 
             if((strcmp(entry->d_name,".") == 0)||
                (strcmp(entry->d_name,"..") == 0))
             {
                 continue;
             }
-
+                                                            
             /* Remove file */
             full_path[OS_MAXSTR] = '\0';
             snprintf(full_path, OS_MAXSTR, "%s/%s", daily_dir, entry->d_name);
             unlink(full_path);
         }
-
+        
         closedir(daily);
     }
-
-
+    
+   
     /* Clear weekly averages */
     if(clear_weekly)
     {
@@ -162,7 +162,7 @@ int main(int argc, char **argv)
             daily = opendir(dir_path);
             if(!daily)
             {
-                ErrorExit("%s: Unable to open: '%s' (no stats)",
+                ErrorExit("%s: Unable to open: '%s' (no stats)", 
                            ARGV0, dir_path);
             }
 
@@ -179,17 +179,17 @@ int main(int argc, char **argv)
 
                 /* Remove file */
                 full_path[OS_MAXSTR] = '\0';
-                snprintf(full_path, OS_MAXSTR, "%s/%s", dir_path,
+                snprintf(full_path, OS_MAXSTR, "%s/%s", dir_path, 
                                                         entry->d_name);
                 unlink(full_path);
             }
-
+            
             i++;
             closedir(daily);
         }
     }
-
-    printf("\n** Internal stats clear.\n\n");
+    
+    printf("\n** Internal stats clear.\n\n"); 
     return(0);
 }
 
diff --git a/src/util/list_agents.c b/src/util/list_agents.c
index c363ab6..5078f2e 100755
--- a/src/util/list_agents.c
+++ b/src/util/list_agents.c
@@ -36,24 +36,24 @@ int main(int argc, char **argv)
     char *dir = DEFAULTDIR;
     char *group = GROUPGLOBAL;
     char *user = USER;
-
+    
     char *msg;
     char **agent_list;
     int gid;
     int uid;
     int flag;
-
+    
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
-
+        
+    
     /* user arguments */
     if(argc < 2)
     {
         helpmsg();
     }
-
+    
     /* Getting the group name */
     gid = Privsep_GetGroup(group);
     uid = Privsep_GetUser(user);
@@ -62,14 +62,14 @@ int main(int argc, char **argv)
 	    ErrorExit(USER_ERROR, ARGV0, user, group);
     }
 	
-
+    
     /* Setting the group */
     if(Privsep_SetGroup(gid) < 0)
     {
 	    ErrorExit(SETGID_ERROR,ARGV0, group);
     }
-
-
+    
+    
     /* Chrooting to the default directory */
     if(Privsep_Chroot(dir) < 0)
     {
@@ -79,14 +79,14 @@ int main(int argc, char **argv)
 
     /* Inside chroot now */
     nowChroot();
-
+ 
 
     /* Setting the user */
     if(Privsep_SetUser(uid) < 0)
     {
         ErrorExit(SETUID_ERROR, ARGV0, user);
     }
-
+  
     /* User options */
     if(strcmp(argv[1], "-h") == 0)
     {
@@ -118,7 +118,7 @@ int main(int argc, char **argv)
     if(agent_list)
     {
         char **agent_list_pt = agent_list;
-
+        
         while(*agent_list)
         {
             printf("%s %s\n", *agent_list, msg);
diff --git a/src/util/ossec-regex.c b/src/util/ossec-regex.c
index bffba67..d01601b 100644
--- a/src/util/ossec-regex.c
+++ b/src/util/ossec-regex.c
@@ -31,22 +31,22 @@ void helpmsg()
 int main(int argc, char **argv)
 {
     char *pattern;
-
+    
     char msg[OS_MAXSTR +1];
     memset(msg, '\0', OS_MAXSTR +1);
-    OSRegex regex;
-    OSMatch matcher;
+    OSRegex regex; 
+    OSMatch matcher; 
 
     OS_SetName(ARGV0);
-
-
+        
+    
     /* user arguments */
     if(argc != 2)
     {
         helpmsg();
         return(-1);
     }
-
+    
     /* User options */
     if(strcmp(argv[1], "-h") == 0)
     {
@@ -55,10 +55,10 @@ int main(int argc, char **argv)
     }
 
     os_strdup(argv[1], pattern);
-    if(!OSRegex_Compile(pattern, &regex, 0))
-    {
+    if(!OSRegex_Compile(pattern, &regex, 0)) 
+    { 
         printf("pattern does not compile with OSRegex_Compile\n");
-        return(-1);
+        return(-1); 
     }
     if(!OSMatch_Compile(pattern, &matcher, 0))
     {
@@ -68,33 +68,33 @@ int main(int argc, char **argv)
 
 
     while((fgets(msg, OS_MAXSTR, stdin)) != NULL)
-    {
-        /* Removing new line. */
+    {        
+        /* Removing new line. */                                                                                                                                       
         if(msg[strlen(msg) -1] == '\n')
             msg[strlen(msg) -1] = '\0';
 
-        /* Make sure we ignore blank lines. */
-        if(strlen(msg) < 2) { continue; }
+        /* Make sure we ignore blank lines. */                                                                                                                         
+        if(strlen(msg) < 2) { continue; }                                                            
 
         if(OSRegex_Execute(msg, &regex))
-            printf("+OSRegex_Execute: %s\n",msg);
+            printf("+OSRegex_Execute: %s\n",msg); 
         /*
         else
-            printf("-OSRegex_Execute: \n");
+            printf("-OSRegex_Execute: \n"); 
             */
 
-        if(OS_Regex(pattern, msg))
+        if(OS_Regex(pattern, msg)) 
             printf("+OS_Regex       : %s\n", msg);
         /*
         else
-            printf("-OS_Regex: \n");
+            printf("-OS_Regex: \n"); 
             */
 
-        if(OSMatch_Execute(msg, strlen(msg), &matcher))
-            printf("+OSMatch_Compile: %s\n", msg);
-
-        if(OS_Match2(pattern, msg))
-            printf("+OS_Match2      : %s\n", msg);
+        if(OSMatch_Execute(msg, strlen(msg), &matcher)) 
+            printf("+OSMatch_Compile: %s\n", msg); 
+        
+        if(OS_Match2(pattern, msg)) 
+            printf("+OS_Match2      : %s\n", msg); 
     }
     return(0);
 }
diff --git a/src/util/rootcheck_control.c b/src/util/rootcheck_control.c
index dc1c62f..fbc4b98 100755
--- a/src/util/rootcheck_control.c
+++ b/src/util/rootcheck_control.c
@@ -22,7 +22,7 @@
 /** help **/
 void helpmsg()
 {
-    printf("\nOSSEC HIDS %s: Manages the policy and auditing database.\n",
+    printf("\nOSSEC HIDS %s: Manages the policy and auditing database.\n", 
            ARGV0);
     printf("Available options:\n");
     printf("\t-h          This help message.\n");
@@ -55,13 +55,13 @@ int main(int argc, char **argv)
     int active_only = 0, csv_output = 0;
 
     char shost[512];
-
-
-
+    
+    
+    
     /* Setting the name */
     OS_SetName(ARGV0);
-
-
+        
+    
     /* user arguments */
     if(argc < 2)
     {
@@ -85,17 +85,17 @@ int main(int argc, char **argv)
                 list_agents++;
                 break;
             case 's':
-                csv_output = 1;
+                csv_output = 1;    
                 break;
             case 'c':
                 active_only++;
-                break;
+                break;    
             case 'r':
                 resolved_only = 1;
-                break;
+                break;    
             case 'q':
                 resolved_only = 2;
-                break;
+                break;    
             case 'L':
                 show_last = 1;
                 break;
@@ -123,8 +123,8 @@ int main(int argc, char **argv)
         }
 
     }
-
-
+    
+    
     /* Getting the group name */
     gid = Privsep_GetGroup(group);
     uid = Privsep_GetUser(user);
@@ -133,14 +133,14 @@ int main(int argc, char **argv)
 	    ErrorExit(USER_ERROR, ARGV0, user, group);
     }
 	
-
+    
     /* Setting the group */
     if(Privsep_SetGroup(gid) < 0)
     {
 	    ErrorExit(SETGID_ERROR,ARGV0, group);
     }
-
-
+    
+    
     /* Chrooting to the default directory */
     if(Privsep_Chroot(dir) < 0)
     {
@@ -150,7 +150,7 @@ int main(int argc, char **argv)
 
     /* Inside chroot now */
     nowChroot();
-
+ 
 
     /* Setting the user */
     if(Privsep_SetUser(uid) < 0)
@@ -169,13 +169,13 @@ int main(int argc, char **argv)
     }
 
 
-
+    
     /* Listing available agents. */
     if(list_agents)
     {
         if(!csv_output)
         {
-            printf("\nOSSEC HIDS %s. List of available agents:",
+            printf("\nOSSEC HIDS %s. List of available agents:", 
                     ARGV0);
             printf("\n   ID: 000, Name: %s (server), IP: 127.0.0.1, "
                    "Active/Local\n", shost);
@@ -188,7 +188,7 @@ int main(int argc, char **argv)
         printf("\n");
         exit(0);
     }
-
+    
 
 
     /* Update rootcheck database. */
@@ -218,7 +218,7 @@ int main(int argc, char **argv)
                     continue;
                 }
 
-                snprintf(full_path, OS_MAXSTR,"%s/%s", ROOTCHECK_DIR,
+                snprintf(full_path, OS_MAXSTR,"%s/%s", ROOTCHECK_DIR, 
                          entry->d_name);
 
                 fp = fopen(full_path, "w");
@@ -237,7 +237,7 @@ int main(int argc, char **argv)
             exit(0);
         }
 
-        else if((strcmp(agent_id, "000") == 0) ||
+        else if((strcmp(agent_id, "000") == 0) || 
                 (strcmp(agent_id, "local") == 0))
         {
             char final_dir[1024];
@@ -278,7 +278,7 @@ int main(int argc, char **argv)
         }
     }
 
-
+    
     /* Printing information from an agent. */
     if(info_agent)
     {
@@ -294,9 +294,9 @@ int main(int argc, char **argv)
             if(!csv_output)
             printf("\nPolicy and auditing events for local system '%s - %s':\n",
                     shost, "127.0.0.1");
-
+            
             print_rootcheck(NULL,
-                            NULL, NULL, resolved_only, csv_output, show_last);
+                            NULL, NULL, resolved_only, csv_output, show_last); 
         }
         else
         {
@@ -313,7 +313,7 @@ int main(int argc, char **argv)
             /* Getting netmask from ip. */
             final_ip[128] = '\0';
             final_mask[128] = '\0';
-            getNetmask(keys.keyentries[i]->ip->netmask,
+            getNetmask(keys.keyentries[i]->ip->netmask, 
                        final_mask, 128);
             snprintf(final_ip, 128, "%s%s",keys.keyentries[i]->ip->ip,
                      final_mask);
@@ -321,20 +321,20 @@ int main(int argc, char **argv)
             if(!csv_output)
             printf("\nPolicy and auditing events for agent "
                        "'%s (%s) - %s':\n",
-                       keys.keyentries[i]->name, keys.keyentries[i]->id,
+                       keys.keyentries[i]->name, keys.keyentries[i]->id, 
                        final_ip);
 
             print_rootcheck(keys.keyentries[i]->name,
-                            keys.keyentries[i]->ip->ip, NULL,
+                            keys.keyentries[i]->ip->ip, NULL, 
                             resolved_only, csv_output, show_last);
 
         }
-
+        
         exit(0);
     }
 
 
-
+    
     printf("\n** Invalid argument combination.\n");
     helpmsg();
 
diff --git a/src/util/syscheck_control.c b/src/util/syscheck_control.c
index 43b2e38..d6b1147 100755
--- a/src/util/syscheck_control.c
+++ b/src/util/syscheck_control.c
@@ -22,7 +22,7 @@
 /** help **/
 void helpmsg()
 {
-    printf("\nOSSEC HIDS %s: Manages the integrity checking database.\n",
+    printf("\nOSSEC HIDS %s: Manages the integrity checking database.\n", 
            ARGV0);
     printf("Available options:\n");
     printf("\t-h          This help message.\n");
@@ -58,13 +58,13 @@ int main(int argc, char **argv)
     int active_only = 0, csv_output = 0;
 
     char shost[512];
-
-
-
+    
+    
+    
     /* Setting the name */
     OS_SetName(ARGV0);
-
-
+        
+    
     /* user arguments */
     if(argc < 2)
     {
@@ -92,15 +92,15 @@ int main(int argc, char **argv)
                 break;
             case 'd':
                 zero_counter = 2;
-                break;
+                break;        
             case 's':
-                csv_output = 1;
+                csv_output = 1;    
             case 'c':
                 active_only++;
-                break;
+                break;    
             case 'r':
                 registry_only = 1;
-                break;
+                break;    
             case 'i':
                 info_agent++;
                 if(!optarg)
@@ -133,8 +133,8 @@ int main(int argc, char **argv)
         }
 
     }
-
-
+    
+    
     /* Getting the group name */
     gid = Privsep_GetGroup(group);
     uid = Privsep_GetUser(user);
@@ -143,14 +143,14 @@ int main(int argc, char **argv)
 	    ErrorExit(USER_ERROR, ARGV0, user, group);
     }
 	
-
+    
     /* Setting the group */
     if(Privsep_SetGroup(gid) < 0)
     {
 	    ErrorExit(SETGID_ERROR,ARGV0, group);
     }
-
-
+    
+    
     /* Chrooting to the default directory */
     if(Privsep_Chroot(dir) < 0)
     {
@@ -160,7 +160,7 @@ int main(int argc, char **argv)
 
     /* Inside chroot now */
     nowChroot();
-
+ 
 
     /* Setting the user */
     if(Privsep_SetUser(uid) < 0)
@@ -179,13 +179,13 @@ int main(int argc, char **argv)
     }
 
 
-
+    
     /* Listing available agents. */
     if(list_agents)
     {
         if(!csv_output)
         {
-            printf("\nOSSEC HIDS %s. List of available agents:",
+            printf("\nOSSEC HIDS %s. List of available agents:", 
                     ARGV0);
             printf("\n   ID: 000, Name: %s (server), IP: 127.0.0.1, "
                    "Active/Local\n", shost);
@@ -198,7 +198,7 @@ int main(int argc, char **argv)
         printf("\n");
         exit(0);
     }
-
+    
 
 
     /* Update syscheck database. */
@@ -228,7 +228,7 @@ int main(int argc, char **argv)
                     continue;
                 }
 
-                snprintf(full_path, OS_MAXSTR,"%s/%s", SYSCHECK_DIR,
+                snprintf(full_path, OS_MAXSTR,"%s/%s", SYSCHECK_DIR, 
                          entry->d_name);
 
                 fp = fopen(full_path, "w");
@@ -247,7 +247,7 @@ int main(int argc, char **argv)
             exit(0);
         }
 
-        else if((strcmp(agent_id, "000") == 0) ||
+        else if((strcmp(agent_id, "000") == 0) || 
                 (strcmp(agent_id, "local") == 0))
         {
             char final_dir[1024];
@@ -300,7 +300,7 @@ int main(int argc, char **argv)
         }
     }
 
-
+    
     /* Printing information from an agent. */
     if(info_agent)
     {
@@ -317,19 +317,19 @@ int main(int argc, char **argv)
                     shost, "127.0.0.1");
             if(fname)
             {
-                printf("Detailed information for entries matching: '%s'\n",
+                printf("Detailed information for entries matching: '%s'\n", 
                        fname);
             }
-
+            
             print_syscheck(NULL,
-                           NULL, fname, 0, 0,
+                           NULL, fname, 0, 0, 
                            csv_output, zero_counter);
         }
         else if(strchr(agent_id, '@'))
         {
             if(fname)
             {
-                printf("Detailed information for entries matching: '%s'\n",
+                printf("Detailed information for entries matching: '%s'\n", 
                        fname);
             }
             print_syscheck(agent_id, NULL, fname, registry_only, 0,
@@ -358,33 +358,33 @@ int main(int argc, char **argv)
             {
                 printf("\nIntegrity changes for 'Windows Registry' of"
                        " agent '%s (%s) - %s':\n",
-                       keys.keyentries[i]->name, keys.keyentries[i]->id,
-                       final_ip);
+                       keys.keyentries[i]->name, keys.keyentries[i]->id, 
+                       final_ip);   
             }
             else
             {
                 printf("\nIntegrity changes for agent "
                        "'%s (%s) - %s':\n",
-                       keys.keyentries[i]->name, keys.keyentries[i]->id,
+                       keys.keyentries[i]->name, keys.keyentries[i]->id, 
                        final_ip);
             }
 
             if(fname)
             {
-                printf("Detailed information for entries matching: '%s'\n",
+                printf("Detailed information for entries matching: '%s'\n", 
                        fname);
             }
             print_syscheck(keys.keyentries[i]->name,
-                    keys.keyentries[i]->ip->ip, fname,
+                    keys.keyentries[i]->ip->ip, fname, 
                     registry_only, 0, csv_output, zero_counter);
 
         }
-
+        
         exit(0);
     }
 
 
-
+    
     printf("\n** Invalid argument combination.\n");
     helpmsg();
 
diff --git a/src/util/syscheck_update.c b/src/util/syscheck_update.c
index e39e3c8..ee1bf7a 100755
--- a/src/util/syscheck_update.c
+++ b/src/util/syscheck_update.c
@@ -39,18 +39,18 @@ int main(int argc, char **argv)
     char *user = USER;
     int gid;
     int uid;
-
+    
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
-
+        
+    
     /* user arguments */
     if(argc < 2)
     {
         helpmsg();
     }
-
+    
     /* Getting the group name */
     gid = Privsep_GetGroup(group);
     uid = Privsep_GetUser(user);
@@ -59,14 +59,14 @@ int main(int argc, char **argv)
 	    ErrorExit(USER_ERROR, ARGV0, user, group);
     }
 	
-
+    
     /* Setting the group */
     if(Privsep_SetGroup(gid) < 0)
     {
 	    ErrorExit(SETGID_ERROR,ARGV0, group);
     }
-
-
+    
+    
     /* Chrooting to the default directory */
     if(Privsep_Chroot(dir) < 0)
     {
@@ -76,14 +76,14 @@ int main(int argc, char **argv)
 
     /* Inside chroot now */
     nowChroot();
-
+ 
 
     /* Setting the user */
     if(Privsep_SetUser(uid) < 0)
     {
         ErrorExit(SETUID_ERROR, ARGV0, user);
     }
-
+  
     /* User options */
     if(strcmp(argv[1], "-h") == 0)
     {
@@ -91,7 +91,7 @@ int main(int argc, char **argv)
     }
     else if(strcmp(argv[1], "-l") == 0)
     {
-        printf("\nOSSEC HIDS %s: Updates the integrity check database.",
+        printf("\nOSSEC HIDS %s: Updates the integrity check database.", 
                                  ARGV0);
         print_agents(0, 0, 0);
         printf("\n");
@@ -129,7 +129,7 @@ int main(int argc, char **argv)
             }
 
             snprintf(full_path, OS_MAXSTR,"%s/%s", SYSCHECK_DIR, entry->d_name);
-
+            
             fp = fopen(full_path, "w");
             if(fp)
             {
@@ -142,7 +142,7 @@ int main(int argc, char **argv)
         }
 
         closedir(sys_dir);
-        printf("\n** Integrity check database updated.\n\n");
+        printf("\n** Integrity check database updated.\n\n"); 
         exit(0);
     }
     else
@@ -151,14 +151,14 @@ int main(int argc, char **argv)
         helpmsg();
     }
 
-
+    
     /* local */
     if(strcmp(argv[2],"local") == 0)
     {
         char final_dir[1024];
         FILE *fp;
         snprintf(final_dir, 1020, "/%s/syscheck", SYSCHECK_DIR);
-
+        
         fp = fopen(final_dir, "w");
         if(fp)
         {
@@ -169,7 +169,7 @@ int main(int argc, char **argv)
 
         /* Deleting cpt file */
         snprintf(final_dir, 1020, "/%s/.syscheck.cpt", SYSCHECK_DIR);
-
+        
         fp = fopen(final_dir, "w");
         if(fp)
         {
@@ -192,12 +192,12 @@ int main(int argc, char **argv)
             printf("\n** Invalid agent id '%s'.\n", argv[2]);
             helpmsg();
         }
-
+        
         /* Deleting syscheck */
         delete_syscheck(keys.keyentries[i]->name,keys.keyentries[i]->ip->ip,0);
     }
-
-    printf("\n** Integrity check database updated.\n\n");
+   
+    printf("\n** Integrity check database updated.\n\n"); 
     return(0);
 }
 
diff --git a/src/util/verify-agent-conf.c b/src/util/verify-agent-conf.c
index f76745e..2c9c6df 100755
--- a/src/util/verify-agent-conf.c
+++ b/src/util/verify-agent-conf.c
@@ -48,7 +48,7 @@ int main(int argc, char **argv)
 
     /* Setting the name */
     OS_SetName(ARGV0);
-
+        
 
     /* printf ("Agrc [%d], Argv [%s]\n", argc, *argv); */
 
@@ -79,12 +79,12 @@ int main(int argc, char **argv)
                     helpmsg();
                     break;
             }
-
+    
         }
     }
 
-
-
+    
+    
     printf("\n%s: Verifying [%s].\n\n", ARGV0, ar);
 
     modules|= CLOCALFILE;
@@ -95,7 +95,7 @@ int main(int argc, char **argv)
         return(OS_INVALID);
     }
 
-    logff = log_config.config;
+    logff = log_config.config;       
 
     return(0);
 
diff --git a/src/win32/._add-localfile.c b/src/win32/._add-localfile.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._add-localfile.c differ
diff --git a/src/win32/._doc.html b/src/win32/._doc.html
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._doc.html differ
diff --git a/src/win32/._extract-win-el.c b/src/win32/._extract-win-el.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._extract-win-el.c differ
diff --git a/src/win32/._favicon.ico b/src/win32/._favicon.ico
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._favicon.ico differ
diff --git a/src/win32/._favicon2.ico b/src/win32/._favicon2.ico
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._favicon2.ico differ
diff --git a/src/win32/._gen_win.cmd b/src/win32/._gen_win.cmd
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._gen_win.cmd differ
diff --git a/src/win32/._gen_win.sh b/src/win32/._gen_win.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._gen_win.sh differ
diff --git a/src/win32/._help.txt b/src/win32/._help.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._help.txt differ
diff --git a/src/win32/._icofile.rc b/src/win32/._icofile.rc
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._icofile.rc differ
diff --git a/src/win32/._iis-logs.bat b/src/win32/._iis-logs.bat
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._iis-logs.bat differ
diff --git a/src/win32/._make.bat b/src/win32/._make.bat
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._make.bat differ
diff --git a/src/win32/._make.sh b/src/win32/._make.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._make.sh differ
diff --git a/src/win32/._os_win.h b/src/win32/._os_win.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._os_win.h differ
diff --git a/src/win32/._ossec-installer.nsi b/src/win32/._ossec-installer.nsi
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._ossec-installer.nsi differ
diff --git a/src/win32/._ossec-uninstall.ico b/src/win32/._ossec-uninstall.ico
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._ossec-uninstall.ico differ
diff --git a/src/win32/._ossec.conf b/src/win32/._ossec.conf
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._ossec.conf differ
diff --git a/src/win32/._read-registry.c b/src/win32/._read-registry.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._read-registry.c differ
diff --git a/src/win32/._service-start.c b/src/win32/._service-start.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._service-start.c differ
diff --git a/src/win32/._service-stop.c b/src/win32/._service-stop.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._service-stop.c differ
diff --git a/src/win32/._setup-iis.c b/src/win32/._setup-iis.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._setup-iis.c differ
diff --git a/src/win32/._setup-shared.c b/src/win32/._setup-shared.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._setup-shared.c differ
diff --git a/src/win32/._setup-shared.h b/src/win32/._setup-shared.h
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._setup-shared.h differ
diff --git a/src/win32/._setup-syscheck.c b/src/win32/._setup-syscheck.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._setup-syscheck.c differ
diff --git a/src/win32/._setup-win.c b/src/win32/._setup-win.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._setup-win.c differ
diff --git a/src/win32/._ui.nsi b/src/win32/._ui.nsi
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._ui.nsi differ
diff --git a/src/win32/._unix2dos.pl b/src/win32/._unix2dos.pl
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._unix2dos.pl differ
diff --git a/src/win32/._vista_sec.csv b/src/win32/._vista_sec.csv
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._vista_sec.csv differ
diff --git a/src/win32/._win-files.txt b/src/win32/._win-files.txt
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._win-files.txt differ
diff --git a/src/win32/._win_agent.c b/src/win32/._win_agent.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._win_agent.c differ
diff --git a/src/win32/._win_service.c b/src/win32/._win_service.c
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/._win_service.c differ
diff --git a/src/win32/add-localfile.c b/src/win32/add-localfile.c
index 8cf11e4..867baff 100755
--- a/src/win32/add-localfile.c
+++ b/src/win32/add-localfile.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -49,7 +49,7 @@ int dogrep(char *file, char *str)
     /* Clearing memory */
     memset(line, '\0', OS_MAXSTR +1);
 
-    /* Reading file and looking for str */
+    /* Reading file and looking for str */ 
     while(fgets(line, OS_MAXSTR, fp) != NULL)
     {
         if(OS_Match(str, line))
@@ -72,7 +72,7 @@ int config_file(char *name, char *file, int quiet)
     FILE *fp;
 
     ffile[255] = '\0';
-
+    
 
     /* Checking if the file has a variable format */
     if(strchr(file, '%') != NULL)
@@ -92,8 +92,8 @@ int config_file(char *name, char *file, int quiet)
     {
         strncpy(ffile, file, 255);
     }
-
-
+    
+    
     /* Looking for ffile */
     if(!fileexist(ffile))
     {
@@ -103,26 +103,26 @@ int config_file(char *name, char *file, int quiet)
         }
         return(-1);
     }
-
+    
     if(dogrep(OSSECCONF, file))
     {
-        printf("%s: Log file already configured: '%s'.\n",
+        printf("%s: Log file already configured: '%s'.\n", 
                     name, file);
         return(0);
     }
-
-
+    
+    
     /* Add iis config config */
     fp = fopen(OSSECCONF, "a");
     if(!fp)
     {
         printf("%s: Unable to edit configuration file.\n", name);
-        return(0);
+        return(0); 
     }
-
+   
     printf("%s: Adding log file to be monitored: '%s'.\n", name,file);
-    fprintf(fp, "\r\n"
-    "\r\n"
+    fprintf(fp, "\r\n" 
+    "\r\n"    
     "<!-- Extra log file -->\r\n"
     "<ossec_config>\r\n"
     "  <localfile>\r\n"
@@ -136,14 +136,14 @@ int config_file(char *name, char *file, int quiet)
     fclose(fp);
 
     return(0);
-
+                    
 }
 
 /* Setup windows after install */
 int main(int argc, char **argv)
 {
     int quiet = 0;
-
+    
     if(argc < 2)
     {
         printf("%s: Invalid syntax.\n", argv[0]);
@@ -156,7 +156,7 @@ int main(int argc, char **argv)
         quiet = 1;
     }
 
-
+    
     /* Checking if ossec was installed already */
     if(!fileexist(OSSECCONF))
     {
@@ -167,6 +167,6 @@ int main(int argc, char **argv)
     {
         config_file(argv[0], argv[1], quiet);
     }
-
+    
     return(0);
 }
diff --git a/src/win32/extract-win-el.c b/src/win32/extract-win-el.c
index ee4c98d..bc3fa58 100755
--- a/src/win32/extract-win-el.c
+++ b/src/win32/extract-win-el.c
@@ -41,7 +41,7 @@ int el_last = 0;
 
 
 /** int startEL(char *app, os_el *el)
- * Starts the event logging for each el
+ * Starts the event logging for each el 
  */
 int startEL(char *app, os_el *el)
 {
@@ -49,7 +49,7 @@ int startEL(char *app, os_el *el)
     el->h = OpenEventLog(NULL, app);
     if(!el->h)
     {
-        return(0);	
+        return(0);	    
     }
 
     el->name = app;
@@ -60,7 +60,7 @@ int startEL(char *app, os_el *el)
 
 
 
-/** char *el_getCategory(int category_id)
+/** char *el_getCategory(int category_id) 
  * Returns a string related to the category id of the log.
  */
 char *el_getCategory(int category_id)
@@ -94,7 +94,7 @@ char *el_getCategory(int category_id)
 /** int el_getEventDLL(char *evt_name, char *source, char *event)
  * Returns the event.
  */
-int el_getEventDLL(char *evt_name, char *source, char *event)
+int el_getEventDLL(char *evt_name, char *source, char *event) 
 {
     HKEY key;
     DWORD ret;
@@ -103,21 +103,21 @@ int el_getEventDLL(char *evt_name, char *source, char *event)
 
     keyname[255] = '\0';
 
-    snprintf(keyname, 254,
-            "System\\CurrentControlSet\\Services\\EventLog\\%s\\%s",
-            evt_name,
+    snprintf(keyname, 254, 
+            "System\\CurrentControlSet\\Services\\EventLog\\%s\\%s", 
+            evt_name, 
             source);
 
-    /* Opening registry */	
+    /* Opening registry */	    
     if(RegOpenKeyEx(HKEY_LOCAL_MACHINE, keyname, 0, KEY_ALL_ACCESS, &key)
             != ERROR_SUCCESS)
     {
-        return(0);
+        return(0);    
     }
 
 
     ret = MAX_PATH -1;	
-    if (RegQueryValueEx(key, "EventMessageFile", NULL,
+    if (RegQueryValueEx(key, "EventMessageFile", NULL, 
                 NULL, (LPBYTE)event, &ret) != ERROR_SUCCESS)
     {
         event[0] = '\0';	
@@ -130,11 +130,11 @@ int el_getEventDLL(char *evt_name, char *source, char *event)
 
 
 
-/** char *el_getmessage()
+/** char *el_getmessage() 
  * Returns a descriptive message of the event.
  */
-char *el_getMessage(EVENTLOGRECORD *er,  char *name,
-		    char * source, LPTSTR *el_sstring)
+char *el_getMessage(EVENTLOGRECORD *er,  char *name, 
+		    char * source, LPTSTR *el_sstring) 
 {
     DWORD fm_flags = 0;
     char tmp_str[257];
@@ -157,12 +157,12 @@ char *el_getMessage(EVENTLOGRECORD *er,  char *name,
     /* Get the file name from the registry (stored on event) */
     if(!el_getEventDLL(name, source, event))
     {
-        return(NULL);	
-    }	
+        return(NULL);	    
+    }	    
 
     curr_str = event;
 
-    /* If our event has multiple libraries, try each one of them */
+    /* If our event has multiple libraries, try each one of them */ 
     while((next_str = strchr(curr_str, ';')))
     {
         *next_str = '\0';
@@ -172,11 +172,11 @@ char *el_getMessage(EVENTLOGRECORD *er,  char *name,
         hevt = LoadLibraryEx(tmp_str, NULL, DONT_RESOLVE_DLL_REFERENCES);
         if(hevt)
         {
-            if(!FormatMessage(fm_flags, hevt, er->EventID,
+            if(!FormatMessage(fm_flags, hevt, er->EventID, 
                         0,
                         (LPTSTR) &message, 0, el_sstring))
             {
-                message = NULL;		
+                message = NULL;		  
             }
             FreeLibrary(hevt);
 
@@ -192,12 +192,12 @@ char *el_getMessage(EVENTLOGRECORD *er,  char *name,
     hevt = LoadLibraryEx(tmp_str, NULL, DONT_RESOLVE_DLL_REFERENCES);
     if(hevt)
     {
-        int hr;
-        if(!(hr = FormatMessage(fm_flags, hevt, er->EventID,
+        int hr;    
+        if(!(hr = FormatMessage(fm_flags, hevt, er->EventID, 
                         0,
                         (LPTSTR) &message, 0, el_sstring)))
         {
-            message = NULL;		
+            message = NULL;		  
         }
         FreeLibrary(hevt);
 
@@ -213,7 +213,7 @@ char *el_getMessage(EVENTLOGRECORD *er,  char *name,
 
 /** void readel(os_el *el)
  * Reads the event log.
- */
+ */ 
 void readel(os_el *el, int printit)
 {
     DWORD nstr;
@@ -239,7 +239,7 @@ void readel(os_el *el, int printit)
     LPSTR el_sstring[57];
 
     /* Er must point to the mbuffer */
-    el->er = (EVENTLOGRECORD *) &mbuffer;
+    el->er = (EVENTLOGRECORD *) &mbuffer; 
 
     /* Zeroing the last values */
     el_string[1024] = '\0';
@@ -248,8 +248,8 @@ void readel(os_el *el, int printit)
     final_msg[1023] = '\0';
     el_sstring[56] = NULL;
 
-    /* Reading the event log */	
-    while(ReadEventLog(el->h,
+    /* Reading the event log */	    
+    while(ReadEventLog(el->h, 
                 EVENTLOG_FORWARDS_READ | EVENTLOG_SEQUENTIAL_READ,
                 0,
                 el->er, BUFFER_SIZE -1, &read, &needed))
@@ -295,27 +295,27 @@ void readel(os_el *el, int printit)
                         el_sstring[nstr] = (LPSTR)sstr;
 
                     sstr = strchr( (LPSTR)sstr, '\0');
-                    sstr++;
+                    sstr++; 
                 }
 
                 /* Get a more descriptive message (if available) */
-                descriptive_msg = el_getMessage(el->er, el->name, source,
+                descriptive_msg = el_getMessage(el->er, el->name, source, 
                                                         el_sstring);
                 if(descriptive_msg != NULL)
                 {
                     /* Remove any \n or \r */
-                    tmp_str = descriptive_msg;
+                    tmp_str = descriptive_msg;    
                     while((tmp_str = strchr(tmp_str, '\n')))
                     {
                         *tmp_str = ' ';
-                        tmp_str++;		
+                        tmp_str++;		    
                     }			
 
-                    tmp_str = descriptive_msg;
+                    tmp_str = descriptive_msg;    
                     while((tmp_str = strchr(tmp_str, '\r')))
                     {
                         *tmp_str = ' ';
-                        tmp_str++;		
+                        tmp_str++;		    
                     }			
                 }
             }
@@ -347,20 +347,20 @@ void readel(os_el *el, int printit)
 
             if(printit)
             {
-                DWORD _evtid = 65535;
-                int id = (int)el->er->EventID & _evtid;
-
-                snprintf(final_msg, 1022,
+                DWORD _evtid = 65535;   
+                int id = (int)el->er->EventID & _evtid;                  
+                
+                snprintf(final_msg, 1022, 
                         "%d WinEvtLog: %s: %s(%d): %s: %s(%s): %s",
         		        (int)el->er->TimeGenerated,	
                         el->name,
-                        category,
+                        category, 
                         id,
                         source,
                         el_user,
                         el_domain,
                         descriptive_msg != NULL?descriptive_msg:el_string);	
-
+               
 	       	fprintf(fp, "%s\n", final_msg);	
             }
 
@@ -405,18 +405,18 @@ int main(int argc, char **argv)
    }
    else if((argc == 3)&&(strcmp(argv[1], "-f") == 0))
    {
-      file = argv[2];	
-   }
+      file = argv[2];	   
+   }  
    else
       help();
-
+   
    fp = fopen(file, "w");
    if(!fp)
    {
       printf("Unable to open file '%s'\n", file);
       exit(1);
    }
-
+   
    win_startel("Application");	
    win_startel("System");	
    win_startel("Security");	
diff --git a/src/win32/help.txt b/src/win32/help.txt
index 23a772d..92e81e8 100755
--- a/src/win32/help.txt
+++ b/src/win32/help.txt
@@ -1,8 +1,8 @@
-** OSSEC Windows Agent v2.7.1 **
-** Copyright (C) 2013 Trend Micro Inc. **
+** OSSEC Windows Agent v2.7-beta1 **
+** Copyright (C) 2012 Trend Micro Inc. **
 
 
-Thanks for installing 'OSSEC Windows Agent version 2.7'. Before you continue,
+Thanks for installing 'OSSEC Windows Agent version 2.7-beta1'. Before you continue,
 make sure that you have an instance of the OSSEC server running and configured
 to accept this system as an agent.
 
diff --git a/src/win32/os_win.h b/src/win32/os_win.h
index 70934f1..b4e31a5 100755
--- a/src/win32/os_win.h
+++ b/src/win32/os_win.h
@@ -23,11 +23,11 @@ int InstallService(char *path);
 /** int UninstallService()
  * Uninstall the OSSEC HIDS agent service.
  */
-int UninstallService();
+int UninstallService(); 
 
 
-/** int QueryService():
- * Checks if service is running.
+/** int QueryService(): 
+ * Checks if service is running. 
  * Return 1 on success (running) or 0 if not.
  */
 int CheckServiceRunning();
diff --git a/src/win32/ossec-installer.nsi b/src/win32/ossec-installer.nsi
index 66e8e82..fa5f891 100755
--- a/src/win32/ossec-installer.nsi
+++ b/src/win32/ossec-installer.nsi
@@ -8,12 +8,12 @@
 
 !define MUI_ICON favicon.ico
 !define MUI_UNICON ossec-uninstall.ico
-!define VERSION "v2.7.1-beta-1"
+!define VERSION "2.7-beta1"
 !define NAME "OSSEC HIDS"
 !define /date CDATE "%b %d %Y at %H:%M:%S"
 
 Name "${NAME} Windows Agent v${VERSION}"
-BrandingText "Copyright (C) 2003 - 2013 Trend Micro Inc."
+BrandingText "Copyright (C) 2012 Trend Micro Inc."
 OutFile "ossec-win32-agent.exe"
 
 InstallDir "$PROGRAMFILES\ossec-agent"
diff --git a/src/win32/read-registry.c b/src/win32/read-registry.c
index b946100..b5f4d68 100755
--- a/src/win32/read-registry.c
+++ b/src/win32/read-registry.c
@@ -6,13 +6,13 @@
 #define MAX_KEY_LENGTH 255
 #define MAX_KEY	2048
 #define MAX_VALUE_NAME 16383
-
+ 
 char *(os_winreg_ignore_list[]) = {"SOFTWARE\\Classes","test123",NULL};
 
 HKEY sub_tree;
 int os_winreg_open_key(char *subkey);
 
-void os_winreg_querykey(HKEY hKey, char *p_key)
+void os_winreg_querykey(HKEY hKey, char *p_key) 
 {
     int i, rc;
     DWORD j;
@@ -30,8 +30,8 @@ void os_winreg_querykey(HKEY hKey, char *p_key)
     DWORD value_count;
 
     /* Variables for RegEnumValue */
-    TCHAR value_buffer[MAX_VALUE_NAME +1];
-    TCHAR data_buffer[MAX_VALUE_NAME +1];
+    TCHAR value_buffer[MAX_VALUE_NAME +1]; 
+    TCHAR data_buffer[MAX_VALUE_NAME +1]; 
     DWORD value_size;
     DWORD data_size;
 
@@ -44,7 +44,7 @@ void os_winreg_querykey(HKEY hKey, char *p_key)
     class_name_b[MAX_PATH] = '\0';
     sub_key_name_b[0] = '\0';
     sub_key_name_b[MAX_KEY_LENGTH] = '\0';
-
+    
 
     /* We use the class_name, subkey_count and the value count. */
     rc = RegQueryInfoKey(hKey, class_name_b, &class_name_s, NULL,
@@ -63,21 +63,21 @@ void os_winreg_querykey(HKEY hKey, char *p_key)
     if(subkey_count)
     {
         /* We open each subkey and call open_key */
-        for(i=0;i<subkey_count;i++)
-        {
+        for(i=0;i<subkey_count;i++) 
+        { 
             sub_key_name_s = MAX_KEY_LENGTH;
             rc = RegEnumKeyEx(hKey, i, sub_key_name_b, &sub_key_name_s,
-                              NULL, NULL, NULL, NULL);
-
+                              NULL, NULL, NULL, NULL); 
+            
             /* Checking for the rc. */
-            if(rc == ERROR_SUCCESS)
+            if(rc == ERROR_SUCCESS) 
             {
                 char new_key[MAX_KEY_LENGTH + 2];
                 new_key[MAX_KEY_LENGTH +1] = '\0';
 
                 if(p_key)
                 {
-                    snprintf(new_key, MAX_KEY_LENGTH,
+                    snprintf(new_key, MAX_KEY_LENGTH, 
                                       "%s\\%s", p_key, sub_key_name_b);
                 }
                 else
@@ -90,22 +90,22 @@ void os_winreg_querykey(HKEY hKey, char *p_key)
             }
         }
     }
-
+    
     /* Getting Values (if available) */
-    if (value_count)
+    if (value_count) 
     {
         /* md5 and sha1 sum */
         os_md5 mf_sum;
         os_sha1 sf_sum;
-
+        
 
         /* Clearing the values for value_size and data_size */
         value_buffer[MAX_VALUE_NAME] = '\0';
         data_buffer[MAX_VALUE_NAME] = '\0';
 
-        for(i=0;i<value_count;i++)
-        {
-            value_size = MAX_VALUE_NAME;
+        for(i=0;i<value_count;i++) 
+        { 
+            value_size = MAX_VALUE_NAME; 
             data_size = MAX_VALUE_NAME;
 
             value_buffer[0] = '\0';
@@ -182,7 +182,7 @@ int os_winreg_open_key(char *subkey)
             {
                 return(0);
             }
-            i++;
+            i++;      
         }
     }
 
diff --git a/src/win32/service-start.c b/src/win32/service-start.c
index 057f142..c92d59a 100644
--- a/src/win32/service-start.c
+++ b/src/win32/service-start.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -23,7 +23,7 @@ int main(int argc, char **argv)
     printf("%s: Attempting to start ossec.", argv[0]);
 
     system("net start OssecSvc");
-
+    
     system("pause");
     return(0);
 }
diff --git a/src/win32/service-stop.c b/src/win32/service-stop.c
index 1ffbb37..01e27a0 100644
--- a/src/win32/service-stop.c
+++ b/src/win32/service-stop.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -23,7 +23,7 @@ int main(int argc, char **argv)
     printf("%s: Attempting to stop ossec.", argv[0]);
 
     system("net stop OssecSvc");
-
+    
     system("pause");
     return(0);
 }
diff --git a/src/win32/setup-iis.c b/src/win32/setup-iis.c
index bfe87d8..b4b5d03 100755
--- a/src/win32/setup-iis.c
+++ b/src/win32/setup-iis.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -32,14 +32,14 @@ int total;
 int direxist(char *dir)
 {
     DIR *dp;
-
+    
     /* Opening dir */
     dp = opendir(dir);
     if(dp == NULL)
         return(0);
-
+    
     closedir(dp);
-    return(1);
+    return(1);    
 }
 
 
@@ -69,7 +69,7 @@ int dogrep(char *file, char *str)
     /* Clearing memory */
     memset(line, '\0', OS_MAXSTR +1);
 
-    /* Reading file and looking for str */
+    /* Reading file and looking for str */ 
     while(fgets(line, OS_MAXSTR, fp) != NULL)
     {
         if(OS_Match(str, line))
@@ -163,7 +163,7 @@ int config_iis(char *name, char *file, char *vfile)
 
     if(dogrep(OSSECCONF, vfile))
     {
-        printf("%s: Log file already configured: '%s'.\n",
+        printf("%s: Log file already configured: '%s'.\n", 
                 name, vfile);
         return(1);
     }
@@ -176,11 +176,11 @@ int config_iis(char *name, char *file, char *vfile)
     if(!fp)
     {
         printf("%s: Unable to edit configuration file.\n", name);
-        return(1);
+        return(1); 
     }
 
-    fprintf(fp, "\r\n"
-            "\r\n"
+    fprintf(fp, "\r\n" 
+            "\r\n"    
             "<!-- IIS log file -->\r\n"
             "<ossec_config>\r\n"
             "  <localfile>\r\n"
@@ -203,10 +203,10 @@ int main(int argc, char **argv)
 
     time_t tm;
     struct tm *p;
-
-    char win_dir[2048];
-
-
+    
+    char win_dir[2048];    
+    
+    
     if(argc >= 2)
     {
         if(chdir(argv[1]) != 0)
@@ -215,7 +215,7 @@ int main(int argc, char **argv)
             return(0);
         }
     }
-
+    
     /* Checking if ossec was installed already */
     if(!fileexist(OSSECCONF))
     {
@@ -226,20 +226,20 @@ int main(int argc, char **argv)
     /* Getting todays day */
     tm = time(NULL);
     p = localtime(&tm);
+        
+    total = 0;    
 
-    total = 0;
-
-    printf("%s: Looking for IIS log files to monitor.\r\n",
+    printf("%s: Looking for IIS log files to monitor.\r\n", 
                 argv[0]);
-    printf("%s: For more information: http://www.ossec.net/en/win.html\r\n",
+    printf("%s: For more information: http://www.ossec.net/en/win.html\r\n", 
                 argv[0]);
     printf("\r\n");
-
-
+    
+    
     /* Getting windows directory */
     get_win_dir(win_dir, sizeof(win_dir) -1);
-
-
+    
+    
     /* Looking for IIS log files */
     while(i <= 254)
     {
@@ -249,30 +249,30 @@ int main(int argc, char **argv)
         i++;
 
         /* Searching for NCSA */
-        snprintf(lfile,
-                OS_MAXSTR,
+        snprintf(lfile, 
+                OS_MAXSTR, 
                 "%s\\System32\\LogFiles\\W3SVC%d\\nc%02d%02d%02d.log",
                 win_dir,i, (p->tm_year+1900)-2000, p->tm_mon+1, p->tm_mday);
-        snprintf(vfile,
-                OS_MAXSTR,
+        snprintf(vfile, 
+                OS_MAXSTR, 
                 "%s\\System32\\LogFiles\\W3SVC%d\\nc%%y%%m%%d.log",
                 win_dir, i);
-
+        
         /* Try dir-based */
         config_iis(argv[0], lfile, vfile);
 
 
         /* Searching for W3C extended */
-        snprintf(lfile,
-                OS_MAXSTR,
+        snprintf(lfile, 
+                OS_MAXSTR, 
                 "%s\\System32\\LogFiles\\W3SVC%d\\ex%02d%02d%02d.log",
                 win_dir, i, (p->tm_year+1900)-2000, p->tm_mon+1, p->tm_mday);
-
-        snprintf(vfile,
-                OS_MAXSTR,
+    
+        snprintf(vfile, 
+                OS_MAXSTR, 
                 "%s\\System32\\LogFiles\\W3SVC%d\\ex%%y%%m%%d.log",
                 win_dir, i);
-
+        
         /* Try dir-based */
         if(config_iis(argv[0], lfile, vfile) == 0)
         {
@@ -284,13 +284,13 @@ int main(int argc, char **argv)
 
 
         /* Searching for FTP Extended format */
-        snprintf(lfile,
-             OS_MAXSTR,
+        snprintf(lfile, 
+             OS_MAXSTR, 
              "%s\\System32\\LogFiles\\MSFTPSVC%d\\ex%02d%02d%02d.log",
              win_dir, i, (p->tm_year+1900)-2000, p->tm_mon+1, p->tm_mday);
-
-        snprintf(vfile,
-             OS_MAXSTR,
+        
+        snprintf(vfile, 
+             OS_MAXSTR, 
              "%s\\System32\\LogFiles\\MSFTPSVC%d\\ex%%y%%m%%d.log",
              win_dir, i);
         if(config_iis(argv[0], lfile, vfile) == 0)
@@ -303,13 +303,13 @@ int main(int argc, char **argv)
 
 
         /* Searching for IIS SMTP logs */
-        snprintf(lfile,
-             OS_MAXSTR,
+        snprintf(lfile, 
+             OS_MAXSTR, 
              "%s\\System32\\LogFiles\\SMTPSVC%d\\ex%02d%02d%02d.log",
              win_dir, i, (p->tm_year+1900)-2000, p->tm_mon+1, p->tm_mday);
-
-        snprintf(vfile,
-             OS_MAXSTR,
+        
+        snprintf(vfile, 
+             OS_MAXSTR, 
              "%s\\System32\\LogFiles\\SMTPSVC%d\\ex%%y%%m%%d.log",
              win_dir, i);
         if(config_iis(argv[0], lfile, vfile) == 0)
@@ -326,6 +326,6 @@ int main(int argc, char **argv)
         printf("%s: No IIS log added. Look at the link above for more "
                "information.\r\n", argv[0]);
     }
-
+    
     return(0);
 }
diff --git a/src/win32/setup-shared.c b/src/win32/setup-shared.c
index 8b450ae..f8f86ff 100755
--- a/src/win32/setup-shared.c
+++ b/src/win32/setup-shared.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -54,7 +54,7 @@ int dogrep(char *file, char *str)
     /* Clearing memory */
     memset(line, '\0', OS_MAXSTR +1);
 
-    /* Reading file and looking for str */
+    /* Reading file and looking for str */ 
     while(fgets(line, OS_MAXSTR, fp) != NULL)
     {
         if(OS_Match(str, line))
diff --git a/src/win32/setup-shared.h b/src/win32/setup-shared.h
index 7fb1a15..7ca45a2 100755
--- a/src/win32/setup-shared.h
+++ b/src/win32/setup-shared.h
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 
 #include <stdio.h>
 #include <stdlib.h>
diff --git a/src/win32/setup-syscheck.c b/src/win32/setup-syscheck.c
index c20bcfe..fee82c2 100755
--- a/src/win32/setup-syscheck.c
+++ b/src/win32/setup-syscheck.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 
 #include "setup-shared.h"
 #include "os_xml/os_xml.h"
@@ -23,7 +23,7 @@ int main(int argc, char **argv)
 {
     char *status;
     char *(xml_syscheck_status[])={"ossec_config","syscheck","disabled", NULL};
-
+    
     if(argc < 3)
     {
         printf("%s: Invalid syntax.\n", argv[0]);
diff --git a/src/win32/setup-win.c b/src/win32/setup-win.c
index c31b9c4..a5b5ace 100755
--- a/src/win32/setup-win.c
+++ b/src/win32/setup-win.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
-
+       
 
 #include "setup-shared.h"
 
@@ -23,19 +23,19 @@ int main(int argc, char **argv)
         printf("Try: '%s directory'\n\n", argv[0]);
         return(0);
     }
-
+    
     /* Trying to chdir to ossec directory. */
     if(chdir(argv[1]) != 0)
     {
         printf("%s: Invalid directory: '%s'.\n", argv[0], argv[1]);
         return(0);
     }
-
+    
     /* Checking if ossec was installed already (upgrade) */
     if(!fileexist(OSSECCONF))
     {
         char cmd[OS_MAXSTR +1];
-
+        
         /* Copy default config to ossec.conf */
         snprintf(cmd, OS_MAXSTR, "copy %s %s", OSSECDEF, OSSECCONF);
         system(cmd);
@@ -45,7 +45,7 @@ int main(int argc, char **argv)
     /* Setting up local files */
     system("add-localfile.exe \"C:\\Windows\\pfirewall.log\" --quiet");
     system("add-localfile.exe \"C:\\Documents and Settings\\All Users\\Application Data\\Symantec\\Symantec AntiVirus Corporate Edition\\7.5\\Logs\\\%m\%d20\%y.log\" --quiet");
-
+    
 
     /* Configure ossec for automatic startup */
     system("sc config OssecSvc start= auto");
@@ -54,7 +54,7 @@ int main(int argc, char **argv)
     /* Changing permissions. */
     checkVista();
 
-
+    
     if(isVista)
     {
         char cmd[OS_MAXSTR +1];
@@ -79,7 +79,7 @@ int main(int argc, char **argv)
         /* Changing permissions. */
         system("echo y|cacls * /T /G Administrators:f ");
 
-
+        
         /* Copying them back. */
         snprintf(cmd, OS_MAXSTR, "move ..\\os_win32ui.exe .");
         system(cmd);
diff --git a/src/win32/ui.nsi b/src/win32/ui.nsi
index 87e4c6d..33e1507 100644
--- a/src/win32/ui.nsi
+++ b/src/win32/ui.nsi
@@ -2,7 +2,7 @@
 ; my template correctly. 
 
 !include "MUI.nsh"
-!define VERSION "2.7"
+!define VERSION "2.7-beta1"
 !define NAME "OSSEC HIDS"
 !define /date CDATE "%b %d %Y at %H:%M:%S"
 
diff --git a/src/win32/ui/._common.c b/src/win32/ui/._common.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/ui/._common.c differ
diff --git a/src/win32/ui/._favicon.ico b/src/win32/ui/._favicon.ico
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/ui/._favicon.ico differ
diff --git a/src/win32/ui/._make.bat b/src/win32/ui/._make.bat
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/ui/._make.bat differ
diff --git a/src/win32/ui/._make.sh b/src/win32/ui/._make.sh
new file mode 100755
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/ui/._make.sh differ
diff --git a/src/win32/ui/._os_win32ui.c b/src/win32/ui/._os_win32ui.c
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/ui/._os_win32ui.c differ
diff --git a/src/win32/ui/._os_win32ui.exe.manifest b/src/win32/ui/._os_win32ui.exe.manifest
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/ui/._os_win32ui.exe.manifest differ
diff --git a/src/win32/ui/._os_win32ui.h b/src/win32/ui/._os_win32ui.h
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/ui/._os_win32ui.h differ
diff --git a/src/win32/ui/._win32ui.rc b/src/win32/ui/._win32ui.rc
new file mode 100644
index 0000000..48cbba1
Binary files /dev/null and b/src/win32/ui/._win32ui.rc differ
diff --git a/src/win32/ui/common.c b/src/win32/ui/common.c
index b714a9c..76b8902 100644
--- a/src/win32/ui/common.c
+++ b/src/win32/ui/common.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -27,11 +27,11 @@
 int gen_server_info(HWND hwnd)
 {
     memset(ui_server_info, '\0', 2048 +1);
-    snprintf(ui_server_info, 2048,
+    snprintf(ui_server_info, 2048, 
             "Agent: %s (%s)  -  %s\r\n\r\n"
             "Status: %s",
-            config_inst.agentname,
-            config_inst.agentid,
+            config_inst.agentname, 
+            config_inst.agentid, 
             config_inst.agentip,
             config_inst.status);
 
@@ -42,14 +42,14 @@ int gen_server_info(HWND hwnd)
         SetDlgItemText(hwnd, UI_SERVER_TOP, config_inst.version);
         SetDlgItemText(hwnd, UI_SERVER_INFO, ui_server_info);
     }
-
+    
     /* Initializing auth key */
     SetDlgItemText(hwnd, UI_SERVER_AUTH, config_inst.key);
 
     /* Initializing server ip */
     SetDlgItemText(hwnd, UI_SERVER_TEXT, config_inst.server);
 
-    SendMessage(hStatus, SB_SETTEXT, 0, (LPARAM)"http://www.ossec.net");
+    SendMessage(hStatus, SB_SETTEXT, 0, (LPARAM)"http://www.ossec.net");                                                                                    
     return(0);
 }
 
@@ -194,7 +194,7 @@ void init_config()
     }
 
 
-    /* Testing for permission - this is a vista thing.
+    /* Testing for permission - this is a vista thing. 
      * For some reason vista is not reporting the return codes
      * properly.
      */
@@ -218,7 +218,7 @@ void init_config()
             {
                 config_inst.admin_access = 0;
             }
-
+            
             fclose(fp);
 
             /* trying to open it to read. */
@@ -231,7 +231,7 @@ void init_config()
             {
                 config_inst.admin_access = 0;
             }
-
+            
             if(unlink(".test-file.tst"))
             {
                 config_inst.admin_access = 0;
@@ -250,7 +250,7 @@ int config_read(HWND hwnd)
 {
     char *tmp_str;
 
-
+    
     /* Clearing config */
     config_clear();
 
@@ -267,7 +267,7 @@ int config_read(HWND hwnd)
 
 
     /* Getting version/install date */
-    config_inst.version = cat_file(VERSION_FILE, NULL);
+    config_inst.version = cat_file(VERSION_FILE, NULL); 
     if(config_inst.version)
     {
         config_inst.install_date = strchr(config_inst.version, '-');
@@ -280,7 +280,7 @@ int config_read(HWND hwnd)
 
 
     /* Getting number of messages sent */
-    tmp_str = cat_file(SENDER_FILE, NULL);
+    tmp_str = cat_file(SENDER_FILE, NULL); 
     if(tmp_str)
     {
         unsigned long int tmp_val = 0;
@@ -419,7 +419,7 @@ int get_ossec_server()
             free(str);
             str = NULL;
         }
-
+        
         str = OS_GetOneContentforElement(&xml, xml_serverhost);
         if(str)
         {
@@ -443,7 +443,7 @@ int get_ossec_server()
 
     /* Setting up final server name when not available */
     config_inst.server = strdup(FL_NOSERVER);
-
+    
 
     OS_ClearXML(&xml);
     return(0);
@@ -456,7 +456,7 @@ int set_ossec_server(char *ip, HWND hwnd)
     char **xml_pt = NULL;
     char *(xml_serverip[])={"ossec_config","client","server-ip", NULL};
     char *(xml_serverhost[])={"ossec_config","client","server-hostname", NULL};
-
+    
 
     /* Verifying IP Address */
     if(OS_IsValidIP(ip, NULL) != 1)
@@ -484,7 +484,7 @@ int set_ossec_server(char *ip, HWND hwnd)
 
 
     /* Reading the XML. Printing error and line number */
-    if(OS_WriteXML(CONFIG, NEWCONFIG, xml_pt,
+    if(OS_WriteXML(CONFIG, NEWCONFIG, xml_pt, 
                    NULL, NULL, ip, 0) != 0)
     {
         MessageBox(hwnd, "Unable to set OSSEC Server IP Address.\r\n"
diff --git a/src/win32/ui/os_win32ui.c b/src/win32/ui/os_win32ui.c
index e19b969..008157d 100644
--- a/src/win32/ui/os_win32ui.c
+++ b/src/win32/ui/os_win32ui.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -21,7 +21,7 @@
 
 
 /* Dialog -- About OSSEC */
-BOOL CALLBACK AboutDlgProc(HWND hwnd, UINT Message,
+BOOL CALLBACK AboutDlgProc(HWND hwnd, UINT Message, 
                            WPARAM wParam, LPARAM lParam)
 {
     switch(Message)
@@ -54,7 +54,7 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
 {
     int ret_code = 0;
 
-
+    
     switch(Message)
     {
         case WM_INITDIALOG:
@@ -99,17 +99,17 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
 
 
             hStatus = CreateWindowEx(0, STATUSCLASSNAME, NULL,
-                    WS_CHILD|WS_VISIBLE|SBARS_SIZEGRIP,
+                    WS_CHILD|WS_VISIBLE|SBARS_SIZEGRIP, 
                     0, 0, 0, 0,
-                    hwnd, (HMENU)IDC_MAIN_STATUS,
+                    hwnd, (HMENU)IDC_MAIN_STATUS, 
                     GetModuleHandle(NULL), NULL);
 
-            SendMessage(hStatus, SB_SETPARTS,
-                    sizeof(statwidths)/sizeof(int),
+            SendMessage(hStatus, SB_SETPARTS, 
+                    sizeof(statwidths)/sizeof(int), 
                     (LPARAM)statwidths);
             SendMessage(hStatus, SB_SETTEXT, 0, (LPARAM)"http://www.ossec.net");
 
-	
+	    
 
             /* Initializing config */
             config_read(hwnd);
@@ -117,11 +117,11 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
 
 
             /* Setting the icons */
-            SendMessage(hwnd, WM_SETICON, ICON_SMALL,
-                    (LPARAM)LoadIcon(GetModuleHandle(NULL),
+            SendMessage(hwnd, WM_SETICON, ICON_SMALL, 
+                    (LPARAM)LoadIcon(GetModuleHandle(NULL), 
                                      MAKEINTRESOURCE(IDI_OSSECICON)));
-            SendMessage(hwnd, WM_SETICON, ICON_BIG,
-                    (LPARAM)LoadIcon(GetModuleHandle(NULL),
+            SendMessage(hwnd, WM_SETICON, ICON_BIG, 
+                    (LPARAM)LoadIcon(GetModuleHandle(NULL), 
                                      MAKEINTRESOURCE(IDI_OSSECICON)));
 
             if(config_inst.admin_access == 0)
@@ -131,7 +131,7 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
                         "Admin access required.", MB_OK);
                 break;
             }
-
+                                                                                            
         }
         break;
 
@@ -153,10 +153,10 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
                     break;
                 }
 
-                /** Getting values from the user (if chosen save)
+                /** Getting values from the user (if chosen save) 
                  * We should probably create another function for it...
                  **/
-
+                
                 /* Getting server ip */
                 len = GetWindowTextLength(GetDlgItem(hwnd, UI_SERVER_TEXT));
                 if(len > 0)
@@ -170,7 +170,7 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
                     {
                         exit(-1);
                     }
-
+                    
                     GetDlgItemText(hwnd, UI_SERVER_TEXT, buf, len + 1);
 
                     /* If auth key changed, set it */
@@ -186,8 +186,8 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
                         GlobalFree(buf);
                     }
                 }
-
-
+                
+                
                 /* Getting auth key */
                 len = GetWindowTextLength(GetDlgItem(hwnd, UI_SERVER_AUTH));
                 if(len > 0)
@@ -225,8 +225,8 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
                             id = decd_buf;
                             name = strchr(id, ' ');
                             if(name)
-                            {
-                                *name = '\0';
+                            { 
+                                *name = '\0'; 
                                 name++;
 
                                 ip = strchr(name, ' ');
@@ -250,21 +250,21 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
                         if(!ip)
                         {
                             MessageBox(hwnd, "Unable to import "
-                                             "authentication key. Invalid.",
+                                             "authentication key. Invalid.", 
                                              "Error Saving.", MB_OK);
                         }
                         else
                         {
                             char mbox_msg[1024 +1];
                             mbox_msg[1024] = '\0';
-
+                            
                             snprintf(mbox_msg, 1024, "Adding key for:\r\n\r\n"
-                                               "Agent ID: %s\r\n"
-                                               "Agent Name: %s\r\n"
+                                               "Agent ID: %s\r\n" 
+                                               "Agent Name: %s\r\n" 
                                                "IP Address: %s\r\n",
                                                id, name, ip);
-
-                            ret = MessageBox(hwnd, mbox_msg,
+                             
+                            ret = MessageBox(hwnd, mbox_msg, 
                                          "Confirm Importing Key", MB_OKCANCEL);
                             if(ret == IDOK)
                             {
@@ -278,7 +278,7 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
                                 }
                             }
 
-
+                            
                         }
 
                         /* Free used memory */
@@ -325,10 +325,10 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
                                 (LPARAM)"Auth key and server ip saved ..");
 
                     }
-                }
+                }         
             }
             break;
-
+            
             case UI_MENU_MANAGE_EXIT:
                 PostMessage(hwnd, WM_CLOSE, 0, 0);
                 break;
@@ -336,7 +336,7 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
             case UI_MENU_VIEW_LOGS:
                 _spawnlp( _P_NOWAIT, "notepad", "notepad " OSSECLOGS, NULL );
                 break;
-            case UI_MENU_VIEW_CONFIG:
+            case UI_MENU_VIEW_CONFIG:    
                 _spawnlp( _P_NOWAIT, "notepad", "notepad " CONFIG, NULL );
                 break;
             case UI_MENU_HELP_HELP:
@@ -344,17 +344,17 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
                 break;
             case UI_MENU_HELP_ABOUT:
                 {
-                    DialogBox(GetModuleHandle(NULL),
+                    DialogBox(GetModuleHandle(NULL), 
                             MAKEINTRESOURCE(IDD_ABOUT), hwnd, AboutDlgProc);
                 }
                 break;
             case IDC_CANCEL:
-                config_read(hwnd);
+                config_read(hwnd);    
                 gen_server_info(hwnd);
                 break;
-
+                
             case UI_MENU_MANAGE_START:
-
+            
                 /* Starting OSSEC  -- must have a valid config before. */
                 if((strcmp(config_inst.key, FL_NOKEY) != 0) &&
                    (strcmp(config_inst.server, FL_NOSERVER) != 0))
@@ -365,7 +365,7 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
                 {
                     ret_code = 0;
                 }
-
+                
                 if(ret_code == 0)
                 {
                     MessageBox(hwnd, "Unable to start OSSEC (check config).",
@@ -386,9 +386,9 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
                     MessageBox(hwnd, "Agent already running (try restart).",
                                      "Already running..", MB_OK);
                 }
-                break;
+                break;    
             case UI_MENU_MANAGE_STOP:
-
+                
                 /* Stopping OSSEC */
                 ret_code = os_stop_service();
                 if(ret_code == 1)
@@ -420,18 +420,18 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
                 }
                 break;
             case UI_MENU_MANAGE_RESTART:
-
+                
                 if((strcmp(config_inst.key, FL_NOKEY) == 0) ||
                    (strcmp(config_inst.server, FL_NOSERVER) == 0))
                 {
                     MessageBox(hwnd, "Unable to restart OSSEC (check config).",
                                      "Error -- Unable to restart", MB_OK);
                     break;
-
+                    
                 }
-
+                                                                            
                 ret_code = os_stop_service();
-
+                
                 /* Starting OSSEC */
                 ret_code = os_start_service();
                 if(ret_code == 0)
@@ -448,14 +448,14 @@ BOOL CALLBACK DlgProc(HWND hwnd, UINT Message, WPARAM wParam, LPARAM lParam)
                     MessageBox(hwnd, "OSSEC Agent Restarted.",
                                      "Restarted..", MB_OK);
                 }
-                break;
+                break;        
         }
         break;
-
+        
         case WM_CLOSE:
             EndDialog(hwnd, 0);
             break;
-
+        
         default:
             return FALSE;
     }
diff --git a/src/win32/ui/os_win32ui.h b/src/win32/ui/os_win32ui.h
index eef7efc..46a842c 100644
--- a/src/win32/ui/os_win32ui.h
+++ b/src/win32/ui/os_win32ui.h
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -50,7 +50,7 @@
 #define ST_MISSING_ALL      "Require import of authentication key.\r\n" \
                             "            Missing OSSEC Server IP address.\r\n" \
                             "            - Not Running..."
-
+                        
 
 
 /* Pre-def fields */
diff --git a/src/win32/win_agent.c b/src/win32/win_agent.c
index a4b498f..ff2b2fa 100755
--- a/src/win32/win_agent.c
+++ b/src/win32/win_agent.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -71,7 +71,6 @@ int main(int argc, char **argv)
 {
     char *tmpstr;
     char mypath[OS_MAXSTR +1];
-    char myfinalpath[OS_MAXSTR +1];
     char myfile[OS_MAXSTR +1];
 
     /* Setting the name */
@@ -80,10 +79,9 @@ int main(int argc, char **argv)
 
     /* Find where I'm */
     mypath[OS_MAXSTR] = '\0';
-    myfinalpath[OS_MAXSTR] = '\0';
     myfile[OS_MAXSTR] = '\0';
-
-
+    
+    
     /* mypath is going to be the whole path of the file */
     strncpy(mypath, argv[0], OS_MAXSTR);
     tmpstr = strrchr(mypath, '\\');
@@ -102,14 +100,15 @@ int main(int argc, char **argv)
     }
     chdir(mypath);
     getcwd(mypath, OS_MAXSTR -1);
-    snprintf(myfinalpath, OS_MAXSTR, "\"%s\\%s\"", mypath, myfile);
-
-
+    strncat(mypath, "\\", OS_MAXSTR - (strlen(mypath) + 2));
+    strncat(mypath, myfile, OS_MAXSTR - (strlen(mypath) + 2));
+    
+     
     if(argc > 1)
     {
         if(strcmp(argv[1], "install-service") == 0)
         {
-            return(InstallService(myfinalpath));
+            return(InstallService(mypath));
         }
         else if(strcmp(argv[1], "uninstall-service") == 0)
         {
@@ -164,6 +163,7 @@ int local_start()
     }
     logr->port = DEFAULT_SECURE;
 
+
     /* Getting debug level */
     debug_level = getDefine_Int("windows","debug", 0, 2);
     while(debug_level != 0)
@@ -171,12 +171,12 @@ int local_start()
         nowDebug();
         debug_level--;
     }
-    accept_manager_commands = getDefine_Int("logcollector",
+    accept_manager_commands = getDefine_Int("logcollector", 
                               "remote_commands", 0, 1);
 
-
-
-
+    
+    
+    
     /* Configuration file not present */
     if(File_DateofChange(cfg) < 0)
         ErrorExit("%s: Configuration file '%s' not found",ARGV0,cfg);
@@ -187,7 +187,7 @@ int local_start()
     {
         ErrorExit("%s: WSAStartup() failed", ARGV0);
     }
-
+                                
 
     /* Read agent config */
     debug1("%s: DEBUG: Reading agent configuration.", ARGV0);
@@ -195,20 +195,7 @@ int local_start()
     {
         ErrorExit(CLIENT_ERROR,ARGV0);
     }
-    if(logr->notify_time == 0)
-    {
-        logr->notify_time = NOTIFY_TIME;
-    }
-    if(logr->max_time_reconnect_try == 0 )
-    {
-      logr->max_time_reconnect_try = NOTIFY_TIME * 3;
-    }
-    if(logr->max_time_reconnect_try <= logr->notify_time)
-    {
-      logr->max_time_reconnect_try = (logr->notify_time * 3);
-      verbose("%s Max time to reconnect can't be less than notify_time(%d), using notify_time*3 (%d)",ARGV0,logr->notify_time,logr->max_time_reconnect_try);
-    }
-    verbose("%s Using notify time: %d and max time to reconnect: %d",ARGV0,logr->notify_time,logr->max_time_reconnect_try);
+
 
     /* Reading logcollector config file */
     debug1("%s: DEBUG: Reading logcollector configuration.", ARGV0);
@@ -223,7 +210,7 @@ int local_start()
     {
         ErrorExit(AG_NOKEYS_EXIT, ARGV0);
     }
-
+                                
 
 
     /* If there is not file to monitor, create a clean entry
@@ -248,11 +235,11 @@ int local_start()
     {
         logr->execdq = -1;
     }
-
-
+    
+    
     /* Reading keys */
     verbose(ENC_READ, ARGV0);
-
+        
     OS_ReadKeys(&keys);
     OS_StartCounter(&keys);
     os_write_agent_info(keys.keyentries[0]->name, NULL, keys.keyentries[0]->id, NULL);
@@ -279,47 +266,47 @@ int local_start()
 
 
     /* Starting syscheck thread */
-    if(CreateThread(NULL,
-                    0,
-                    (LPTHREAD_START_ROUTINE)skthread,
-                    NULL,
-                    0,
+    if(CreateThread(NULL, 
+                    0, 
+                    (LPTHREAD_START_ROUTINE)skthread, 
+                    NULL, 
+                    0, 
                     (LPDWORD)&threadID) == NULL)
     {
         merror(THREAD_ERROR, ARGV0);
     }
 
-
+    
 
     /* Checking if server is connected */
     os_setwait();
-
+        
     start_agent(1);
-
+            
     os_delwait();
 
 
     /* Sending integrity message for agent configs */
     intcheck_file(cfg, "");
     intcheck_file(OSSEC_DEFINES, "");
-
+                
 
     /* Starting receiver thread */
-    if(CreateThread(NULL,
-                    0,
-                    (LPTHREAD_START_ROUTINE)receiver_thread,
-                    NULL,
-                    0,
+    if(CreateThread(NULL, 
+                    0, 
+                    (LPTHREAD_START_ROUTINE)receiver_thread, 
+                    NULL, 
+                    0, 
                     (LPDWORD)&threadID2) == NULL)
     {
         merror(THREAD_ERROR, ARGV0);
     }
-
-
+    
+    
     /* Sending agent information message */
     send_win32_info(time(0));
-
-
+    
+    
     /* Startting logcollector -- main process here */
     LogCollectorStart();
 
@@ -332,26 +319,27 @@ int local_start()
 int SendMSG(int queue, char *message, char *locmsg, char loc)
 {
     int _ssize;
-
+    
     time_t cu_time;
-
+    
     char *pl;
     char tmpstr[OS_MAXSTR+2];
     char crypt_msg[OS_MAXSTR +2];
-
-    DWORD dwWaitResult;
+    
+    DWORD dwWaitResult; 
 
     tmpstr[OS_MAXSTR +1] = '\0';
     crypt_msg[OS_MAXSTR +1] = '\0';
 
-    debug2("%s: DEBUG: Attempting to send message to server.", ARGV0);
 
+    debug2("%s: DEBUG: Attempting to send message to server.", ARGV0);
+    
     /* Using a mutex to synchronize the writes */
     while(1)
     {
         dwWaitResult = WaitForSingleObject(hMutex, 1000000L);
 
-        if(dwWaitResult != WAIT_OBJECT_0)
+        if(dwWaitResult != WAIT_OBJECT_0) 
         {
             switch(dwWaitResult)
             {
@@ -362,8 +350,8 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
                 case WAIT_ABANDONED:
                     merror("%s: Error waiting mutex (abandoned).", ARGV0);
                     return(0);
-                default:
-                    merror("%s: Error waiting mutex.", ARGV0);
+                default:    
+                    merror("%s: Error waiting mutex.", ARGV0);    
                     return(0);
             }
         }
@@ -372,29 +360,28 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
             /* Lock acquired */
             break;
         }
-    }	/*end - while for mutex...*/
+    }
 
-    cu_time = time(0);
 
+    cu_time = time(0);
+    
 
     #ifndef ONEWAY
     /* Check if the server has responded */
-    if((cu_time - available_server) > logr->notify_time)
+    if((cu_time - available_server) > (NOTIFY_TIME - 180))
     {
         debug1("%s: DEBUG: Sending info to server (c1)...", ARGV0);
-        verbose("%s More than %d seconds without server response...sending win32info", ARGV0,logr->notify_time);
         send_win32_info(cu_time);
 
 
         /* Attempting to send message again. */
-        if((cu_time - available_server) > logr->notify_time)
+        if((cu_time - available_server) > NOTIFY_TIME)
         {
-            /* Try again... */
             sleep(1);
             send_win32_info(cu_time);
             sleep(1);
 
-            if((cu_time - available_server) > logr->notify_time)
+            if((cu_time - available_server) > NOTIFY_TIME)
             {
                 send_win32_info(cu_time);
             }
@@ -402,16 +389,16 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
 
 
         /* If we reached here, the server is unavailable for a while. */
-        if((cu_time - available_server) > logr->max_time_reconnect_try)
+        if((cu_time - available_server) > ((3 * NOTIFY_TIME) - 180))
         {
             int wi = 1;
-            verbose("%s More than %d seconds without server response...is server alive? and Is there connection?", ARGV0,logr->max_time_reconnect_try);
+
 
             /* Last attempt before going into reconnect mode. */
             debug1("%s: DEBUG: Sending info to server (c3)...", ARGV0);
             sleep(1);
             send_win32_info(cu_time);
-            if((cu_time - available_server) > logr->max_time_reconnect_try)
+            if((cu_time - available_server) > ((3 * NOTIFY_TIME) - 180))
             {
                 sleep(1);
                 send_win32_info(cu_time);
@@ -421,7 +408,7 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
 
             /* Checking and generating log if unavailable. */
             cu_time = time(0);
-            if((cu_time - available_server) > logr->max_time_reconnect_try)
+            if((cu_time - available_server) > ((3 * NOTIFY_TIME) - 180))
             {
                 int global_sleep = 1;
                 int mod_sleep = 12;
@@ -433,7 +420,7 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
 
 
                 /* Going into reconnect mode. */
-                while((cu_time - available_server) > logr->max_time_reconnect_try)
+                while((cu_time - available_server) > ((3*NOTIFY_TIME) - 180))
                 {
                     /* Sending information to see if server replies */
                     if(logr->sock != -1)
@@ -459,12 +446,12 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
                     {
                         int curr_rip = logr->rip_id;
                         merror("%s: INFO: Trying next server ip in "
-                               "line: '%s'.",
+                               "line: '%s'.", 
                                ARGV0,
                                logr->rip[logr->rip_id + 1] != NULL?
                                logr->rip[logr->rip_id + 1]:
                                logr->rip[0]);
-
+                        
                         connect_server(logr->rip_id +1);
 
                         if(logr->rip_id != curr_rip)
@@ -492,7 +479,7 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
                     }
                 }
 
-                verbose(AG_CONNECTED, ARGV0, logr->rip[logr->rip_id],
+                verbose(AG_CONNECTED, ARGV0, logr->rip[logr->rip_id], 
                                              logr->port);
                 verbose(SERVER_UP, ARGV0);
             }
@@ -513,7 +500,7 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
     }
 
 
-
+    
     /* locmsg cannot have the C:, as we use it as delimiter */
     pl = strchr(locmsg, ':');
     if(pl)
@@ -526,9 +513,9 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
         pl = locmsg;
     }
 
-
+    
     debug2("%s: DEBUG: Sending message to server: '%s'", ARGV0, message);
-
+    
     snprintf(tmpstr,OS_MAXSTR,"%c:%s:%s", loc, pl, message);
 
     _ssize = CreateSecMSG(&keys, tmpstr, crypt_msg, 0);
@@ -540,9 +527,9 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
         merror(SEC_ERROR,ARGV0);
         if(!ReleaseMutex(hMutex))
         {
-            merror("%s: Error releasing mutex.", ARGV0);
+            merror("%s: Error releasing mutex.", ARGV0);        
         }
-
+        
         return(-1);
     }
 
@@ -557,7 +544,7 @@ int SendMSG(int queue, char *message, char *locmsg, char loc)
     {
         merror("%s: Error releasing mutex.", ARGV0);
     }
-    return(0);
+    return(0);        
 }
 
 
@@ -566,12 +553,12 @@ int StartMQ(char * path, short int type)
 {
     /* Connecting to the server. */
     connect_server(0);
-
+    
     if((path == NULL) && (type == 0))
     {
         return(0);
     }
-
+    
     return(0);
 }
 
@@ -588,7 +575,7 @@ void send_win32_info(time_t curr_time)
 
 
     debug1("%s: DEBUG: Sending keep alive message.", ARGV0);
-    verbose("%s Sending keep alive message....", ARGV0);
+
 
     /* fixing time */
     __win32_curr_time = curr_time;
@@ -617,8 +604,8 @@ void send_win32_info(time_t curr_time)
 
         __win32_shared_time = __win32_curr_time;
     }
-
-
+    
+    
     /* get shared files */
     if(!__win32_shared)
     {
diff --git a/src/win32/win_service.c b/src/win32/win_service.c
index 1989c4e..e4f3e58 100755
--- a/src/win32/win_service.c
+++ b/src/win32/win_service.c
@@ -9,7 +9,7 @@
  * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or 
  * online at: http://www.ossec.net/en/licensing.html
  */
 
@@ -63,7 +63,7 @@ int os_start_service()
                     rc = -1;
                 }
             }
-
+            
             CloseServiceHandle(schService);
         }
 
@@ -90,13 +90,13 @@ int os_stop_service()
         if(schService)
         {
             SERVICE_STATUS lpServiceStatus;
-
-            if(ControlService(schService,
+            
+            if(ControlService(schService, 
                               SERVICE_CONTROL_STOP, &lpServiceStatus))
             {
                 rc = 1;
             }
-
+            
             CloseServiceHandle(schService);
         }
 
@@ -124,7 +124,7 @@ int CheckServiceRunning()
         {
             /* Checking status */
             SERVICE_STATUS lpServiceStatus;
-
+            
             if(QueryServiceStatus(schService, &lpServiceStatus))
             {
                 if(lpServiceStatus.dwCurrentState == SERVICE_RUNNING)
@@ -134,14 +134,14 @@ int CheckServiceRunning()
             }
             CloseServiceHandle(schService);
         }
-
+        
         CloseServiceHandle(schSCManager);
     }
 
     return(rc);
 }
 
-
+                    
 /* int InstallService()
  * Install the OSSEC HIDS agent service.
  */
@@ -152,17 +152,17 @@ int InstallService(char *path)
     SC_HANDLE schSCManager, schService;
     LPCTSTR lpszBinaryPathName = NULL;
     SERVICE_DESCRIPTION sdBuf;
-
+    
 
     /* Cleaning up some variables */
     buffer[MAX_PATH] = '\0';
-
-
+    
+    
     /* Executable path -- it must be called with the
      * full path
      */
     lpszBinaryPathName = path;
-
+ 
     /* Opening the services database */
     schSCManager = OpenSCManager(NULL,NULL,SC_MANAGER_ALL_ACCESS);
 
@@ -172,7 +172,7 @@ int InstallService(char *path)
     }
 
     /* Creating the service */
-    schService = CreateService(schSCManager,
+    schService = CreateService(schSCManager, 
                                g_lpszServiceName,
                                g_lpszServiceDisplayName,
                                SERVICE_ALL_ACCESS,
@@ -181,7 +181,7 @@ int InstallService(char *path)
                                SERVICE_ERROR_NORMAL,
                                lpszBinaryPathName,
                                NULL, NULL, NULL, NULL, NULL);
-
+    
     if (schService == NULL)
     {
         goto install_error;
@@ -193,7 +193,7 @@ int InstallService(char *path)
     {
         goto install_error;
     }
-
+    
     CloseServiceHandle(schService);
     CloseServiceHandle(schSCManager);
 
@@ -205,7 +205,7 @@ int InstallService(char *path)
     {
         char local_msg[1025];
         LPVOID lpMsgBuf;
-
+        
         memset(local_msg, 0, 1025);
 
         FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER |
@@ -228,11 +228,11 @@ int InstallService(char *path)
 /* int UninstallService()
  * Uninstall the OSSEC HIDS agent service.
  */
-int UninstallService()
+int UninstallService() 
 {
     SC_HANDLE schSCManager, schService;
 
-
+    
     /* Removing from the services database */
     schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
     if (schSCManager)
@@ -257,7 +257,7 @@ int UninstallService()
 
     fprintf(stderr, " [%s] Error removing from "
                     "the Services database.\n", ARGV0);
-
+    
     return(0);
 }
 
@@ -285,7 +285,7 @@ VOID WINAPI OssecServiceCtrlHandler(DWORD dwOpcode)
     }
     return;
 }
-
+ 
 
 /** void WinSetError()
  * Sets the error code in the services
@@ -295,11 +295,11 @@ void WinSetError()
     OssecServiceCtrlHandler(SERVICE_CONTROL_STOP);
 }
 
-
+ 
 /** int os_WinMain(int argc, char **argv)
  * Initializes OSSEC dispatcher
  */
-int os_WinMain(int argc, char **argv)
+int os_WinMain(int argc, char **argv) 
 {
     SERVICE_TABLE_ENTRY   steDispatchTable[] =
     {
@@ -330,8 +330,8 @@ void WINAPI OssecServiceStart (DWORD argc, LPTSTR *argv)
     ossecServiceStatus.dwCheckPoint             = 0;
     ossecServiceStatus.dwWaitHint               = 0;
 
-    ossecServiceStatusHandle =
-        RegisterServiceCtrlHandler(g_lpszServiceName,
+    ossecServiceStatusHandle = 
+        RegisterServiceCtrlHandler(g_lpszServiceName, 
                                    OssecServiceCtrlHandler);
 
     if (ossecServiceStatusHandle == (SERVICE_STATUS_HANDLE)0)

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ossec/pkg-ossec.git



More information about the Pkg-ossec-devel mailing list