From nobody Wed Sep 17 14:15:41 2025
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cRglx6Z7lz67SQt;
	Wed, 17 Sep 2025 14:15:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4cRglx53Lqz44Jq;
	Wed, 17 Sep 2025 14:15:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1758118541;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=GlycE29InmmlL9sx49ZL06zm0ZGXgmoEWn8api7I+xk=;
	b=lov8VPtB+IydRV4BVTTRsy7Vfv/ptRfGKj+no6ZzP0lkAPn4jr1orDGuzoNqBpavYbePpH
	6PqiCGfbP+ldfmYhMGhGBOm7eaXIgw7x60wlp6i0bAwqXhqLXnhAMBc8qQf/vm5OvQ5j/K
	EGA+2ZI/1Z0hHkJjvGOWftMNagb83sAN+SJ+YtFGc+m5vgDGm3xDHzLec1HEkVsdgkd0SE
	H1QFJFVKkiOWBN4oPwTDhgfVCn3tp7c7hkMcWM04yXpeNAGxvQ4eFIG6zSy/0qV3QsAoWO
	EU/tPdOgMfTqqVKJFAsRtq0Mc/7n+W6Bo+N9wWhGOyOx+w4HcpdP78jAiK90Ig==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1758118541;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=GlycE29InmmlL9sx49ZL06zm0ZGXgmoEWn8api7I+xk=;
	b=P9gFa6FWxeWIyUJKeFqlDqk5rfuh1RY9cvcPEq5sRsVUUTyn0NXxw+1JQwDFEKgrtSFlnt
	FDt+xVgfTMNK3trB1NOgDVSdHvntgl6A2qno+PXww7+XkR220o+29okIJHUsICyLLuyNcs
	NLtoFr7Dd9BHw52uoc/VYp+eKF4CSv43cDCL1zAQF8mCF6O9B8tNpjR7q2DCJmEjnxHk2A
	4FeaNQmyiE60m6Gbgsz2Z2n8vXCPqO23hd4kXePAR1fbY2YDnR5XYGfPDQWbMzykGMwMI3
	phoqlayfJWlJqjVgb5JqqhQub4+ShQ7WdU972rpBaYfY5gxjrMgzO8f266yhAg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1758118541; a=rsa-sha256; cv=none;
	b=o7rtRFwADAMlcZtAhx45P8rexAAqLv1bVFxTPpgExL8gHD1X6hgnl6Zwx6v+yRWn98S0Zw
	JhW3QS8JacMxa/pMJiHWTlb6csL0AHoc5XG919+zONA3HyqXbZjbnT/2wZlY1E90pvvon4
	3MI/L/K0SSLWEUlRTlbXXTCrPprWe9czXicbqKi2cjto9olWDgA5/49beeRGuVhtUisdmy
	ZvoDsciXsyrHOupUjiKA+POC2OLLUl+wIzO5d4LIZmNVABpnNJ2PDZbRm7FMepsVlhqWnw
	tI8i1T5zsn70M7T+6LFY7cLmAKMe82gmHLVysvdMwV1eAW1dS0AX8YHleVh1eQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4cRglx4Y5QzDGY;
	Wed, 17 Sep 2025 14:15:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 58HEFf1q010218;
	Wed, 17 Sep 2025 14:15:41 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 58HEFfCI010215;
	Wed, 17 Sep 2025 14:15:41 GMT
	(envelope-from git)
Date: Wed, 17 Sep 2025 14:15:41 GMT
Message-Id: <202509171415.58HEFfCI010215@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Kristof Provost <kp@FreeBSD.org>
Subject: git: 05e99f5d1751 - main - pfctl.8: omit preceding flag
  from command/modifier lists to get tags
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kp
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 05e99f5d175117fb095ee62352903d5157cb1796
Auto-Submitted: auto-generated

The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=05e99f5d175117fb095ee62352903d5157cb1796

commit 05e99f5d175117fb095ee62352903d5157cb1796
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2025-08-25 09:21:49 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2025-09-17 14:15:14 +0000

    pfctl.8: omit preceding flag from command/modifier lists to get tags
    
    reads odd to repeat, e.g. -F, when listing all its modifiers.
    as a consequence, automatic tagging wouldn't work, e.g. no "zero"
    tag would exist to jump to that -F modifier's definition.
    
    also add manual tags for -R and -T as get explained together with
    -s and -t, respectively, where only the first flag gets tagged.
    
    Obtained from:  OpenBSD, kn <kn@openbsd.org>, e08605c7f2
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 sbin/pfctl/pfctl.8 | 92 +++++++++++++++++++++++++++---------------------------
 1 file changed, 46 insertions(+), 46 deletions(-)

diff --git a/sbin/pfctl/pfctl.8 b/sbin/pfctl/pfctl.8
index 5a74a8fd3444..8e152f90d616 100644
--- a/sbin/pfctl/pfctl.8
+++ b/sbin/pfctl/pfctl.8
@@ -24,7 +24,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd August 5, 2025
+.Dd August 25, 2025
 .Dt PFCTL 8
 .Os
 .Sh NAME
@@ -211,31 +211,31 @@ Flush the filter parameters specified by
 .Ar modifier
 (may be abbreviated):
 .Pp
-.Bl -tag -width xxxxxxxxxxxx -compact
-.It Fl F Cm nat
+.Bl -tag -width xxxxxxxxx -compact
+.It Cm nat
 Flush the NAT rules.
-.It Fl F Cm queue
+.It Cm queue
 Flush the queue rules.
-.It Fl F Cm ethernet
+.It Cm ethernet
 Flush the Ethernet filter rules.
-.It Fl F Cm rules
+.It Cm rules
 Flush the filter rules.
-.It Fl F Cm states
+.It Cm states
 Flush the state table (NAT and filter).
-.It Fl F Cm Sources
+.It Cm Sources
 Flush the source tracking table.
-.It Fl F Cm info
+.It Cm info
 Flush the filter information (statistics that are not bound to rules).
-.It Fl F Cm Tables
+.It Cm Tables
 Flush the tables.
-.It Fl F Cm osfp
+.It Cm osfp
 Flush the passive operating system fingerprints.
-.It Fl F Cm Reset
+.It Cm Reset
 Reset limits, timeouts and other options back to default settings.
 See the OPTIONS section in
 .Xr pf.conf 5
 for details.
-.It Fl F Cm all
+.It Cm all
 Flush all of the above.
 .El
 .Pp
@@ -401,13 +401,13 @@ Other rules and options are ignored.
 .It Fl o Ar level
 Control the ruleset optimizer, overriding any rule file settings.
 .Pp
-.Bl -tag -width xxxxxxxxxxxx -compact
-.It Fl o Cm none
+.Bl -tag -width xxxxxxxxx -compact
+.It Cm none
 Disable the ruleset optimizer.
-.It Fl o Cm basic
+.It Cm basic
 Enable basic ruleset optimizations.
 This is the default behaviour.
-.It Fl o Cm profile
+.It Cm profile
 Enable basic ruleset optimizations with profiling.
 .El
 .Pp
@@ -437,10 +437,10 @@ Show the filter parameters specified by
 .Ar modifier
 (may be abbreviated):
 .Pp
-.Bl -tag -width xxxxxxxxxxxxx -compact
-.It Fl s Cm nat
+.Bl -tag -width xxxxxxxxxxx -compact
+.It Cm nat
 Show the currently loaded NAT rules.
-.It Fl s Cm queue
+.It Cm queue
 Show the currently loaded queue rules.
 When used together with
 .Fl v ,
@@ -450,13 +450,13 @@ When used together with
 .Nm
 will loop and show updated queue statistics every five seconds, including
 measured bandwidth and packets per second.
-.It Fl s Cm ether
+.It Cm ether
 Show the currently loaded Ethernet rules.
 When used together with
 .Fl v ,
 the per-rule statistics (number of evaluations,
 packets, and bytes) are also shown.
-.It Fl s Cm rules
+.It Cm rules
 Show the currently loaded filter rules.
 When used together with
 .Fl v ,
@@ -469,7 +469,7 @@ will skip evaluation of rules where possible.
 Packets passed statefully are counted in the rule that created the state
 (even though the rule is not evaluated more than once for the entire
 connection).
-.It Fl s Cm Anchors
+.It Cm Anchors
 Show the currently loaded anchors directly attached to the main ruleset.
 If
 .Fl a Ar anchor
@@ -480,11 +480,11 @@ If
 .Fl v
 is specified, all anchors attached under the target anchor will be
 displayed recursively.
-.It Fl s Cm states
+.It Cm states
 Show the contents of the state table.
-.It Fl s Cm Sources
+.It Cm Sources
 Show the contents of the source tracking table.
-.It Fl s Cm info
+.It Cm info
 Show filter information (statistics and counters).
 When used together with
 .Fl v ,
@@ -492,21 +492,21 @@ source tracking statistics, the firewall's 32-bit hostid number and the
 main ruleset's MD5 checksum for use with
 .Xr pfsync 4
 are also shown.
-.It Fl s Cm Running
+.It Cm Running
 Show the running status and provide a non-zero exit status when disabled.
-.It Fl s Cm labels
+.It Cm labels
 Show per-rule statistics (label, evaluations, packets total, bytes total,
 packets in, bytes in, packets out, bytes out, state creations) of
 filter rules with labels, useful for accounting.
-.It Fl s Cm timeouts
+.It Cm timeouts
 Show the current global timeouts.
-.It Fl s Cm memory
+.It Cm memory
 Show the current pool memory hard limits.
-.It Fl s Cm Tables
+.It Cm Tables
 Show the list of tables.
-.It Fl s Cm osfp
+.It Cm osfp
 Show the list of operating system fingerprints.
-.It Fl s Cm Interfaces
+.It Cm Interfaces
 Show the list of interfaces and interface groups available to PF.
 When used together with
 .Fl v ,
@@ -516,7 +516,7 @@ When used together with
 interface statistics are also shown.
 .Fl i
 can be used to select an interface or a group of interfaces.
-.It Fl s Cm all
+.It Cm all
 Show all of the above, except for the lists of interfaces and operating
 system fingerprints.
 .El
@@ -571,38 +571,38 @@ Specify the
 .Ar table .
 Commands include:
 .Pp
-.Bl -tag -width "-T expire number" -compact
-.It Fl T Cm add
+.Bl -tag -width "expire number" -compact
+.It Cm add
 Add one or more addresses to a table.
 Automatically create a persistent table if it does not exist.
-.It Fl T Cm delete
+.It Cm delete
 Delete one or more addresses from a table.
-.It Fl T Cm expire Ar number
+.It Cm expire Ar number
 Delete addresses which had their statistics cleared more than
 .Ar number
 seconds ago.
 For entries which have never had their statistics cleared,
 .Ar number
 refers to the time they were added to the table.
-.It Fl T Cm flush
+.It Cm flush
 Flush all addresses in a table.
-.It Fl T Cm kill
+.It Cm kill
 Kill a table.
-.It Fl T Cm replace
+.It Cm replace
 Replace the addresses of the table.
 Automatically create a persistent table if it does not exist.
-.It Fl T Cm show
+.It Cm show
 Show the content (addresses) of a table.
-.It Fl T Cm test
+.It Cm test
 Test if the given addresses match a table.
-.It Fl T Cm zero Op Ar address ...
+.It Cm zero Op Ar address ...
 Clear all the statistics of a table, or only for specified addresses.
-.It Fl T Cm reset
+.It Cm reset
 Clear statistics only for addresses with non-zero statistics. Addresses
 with counter values at zero and their
 .Dq Cleared
 timestamp are left untouched.
-.It Fl T Cm load
+.It Cm load
 Load only the table definitions from
 .Xr pf.conf 5 .
 This is used in conjunction with the