TODO

 * Include Makefiles to make
  + dist (release)
  + agent-pkg (tarball to install an alff-agent)
  + install-rulegen
  + install-agent

 * New Alff mode 'host' for simple host security.
  + Update alff setupPlugins to read 'fw_type'
  ~ Maybe it would be way more usefull to give a complete network topology
    to alff and let it build rulesets for firewalls and hosts based on this.

 * Add munin-like autoconf option to plugins.

 * Add extra granularity for allow_icmp option.

 * Fiddle around with tcp_pre_analysis and improve scan detection/prevention

 * addService:
  + Write README to explain, why to use DNS instead of NSS for hostname lookups

 * alff-cat:
  + Add TRAP to handle problems and restore old ruleset.

 * alff.conf:
  ? Add information about routes for networks behind a router
  ? Think about possibility to generate network/interfaces from alff.conf
   o <connected> {yes,no} </connected> for networks, to indicate if a network
     is directly connected
   o <ip_offset> [n] </ip_offset> for firewalls, to indicate that [n] has to be
     added to the first IP of every network, an interface stanza is generated for.
     Example: Network 192.168.0.0/24 with connected=yes and ip_offset=1 will result
              in 192.168.0.2 as IP for that interface on that firewall machine.
	      Rational: First IP is virtual and switched via VRRPD/Hearbteat/...