aboutsummaryrefslogtreecommitdiff
path: root/share/man/man5
diff options
context:
space:
mode:
Diffstat (limited to 'share/man/man5')
-rw-r--r--share/man/man5/pf.conf.522
-rw-r--r--share/man/man5/rc.conf.56
-rw-r--r--share/man/man5/src.conf.536
-rw-r--r--share/man/man5/style.Makefile.58
4 files changed, 44 insertions, 28 deletions
diff --git a/share/man/man5/pf.conf.5 b/share/man/man5/pf.conf.5
index fe848b030484..11e22ebc78bf 100644
--- a/share/man/man5/pf.conf.5
+++ b/share/man/man5/pf.conf.5
@@ -27,7 +27,7 @@
.\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd July 2, 2025
+.Dd July 9, 2025
.Dt PF.CONF 5
.Os
.Sh NAME
@@ -2047,6 +2047,21 @@ connections:
block out proto { tcp, udp } all
pass out proto { tcp, udp } all user { < 1000, dhartmei }
.Ed
+.Pp
+The example below permits users with uid between 1000 and 1500
+to open connections:
+.Bd -literal -offset indent
+block out proto tcp all
+pass out proto tcp from self user { 999 >< 1501 }
+.Ed
+.Pp
+The
+.Sq \&:
+operator, which works for port number matching, does not work for
+.Cm user
+and
+.Cm group
+match.
.It Xo Ar flags Aq Ar a
.Pf / Ns Aq Ar b
.No \*(Ba / Ns Aq Ar b
@@ -2107,10 +2122,10 @@ options, or scrubbed with
will also not be recoverable from intermediate packets.
Such connections will stall and time out.
.It Xo Ar icmp-type Aq Ar type
-.Ar code Aq Ar code
+.Ar Op code Aq Ar code
.Xc
.It Xo Ar icmp6-type Aq Ar type
-.Ar code Aq Ar code
+.Ar Op code Aq Ar code
.Xc
This rule only applies to ICMP or ICMPv6 packets with the specified type
and code.
@@ -2559,6 +2574,7 @@ will not work if
.Xr pf 4
operates on a
.Xr bridge 4 .
+Also they act on incoming SYN packets only.
.Pp
Example:
.Bd -literal -offset indent
diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5
index 2fd63e4f743d..de2181d638d1 100644
--- a/share/man/man5/rc.conf.5
+++ b/share/man/man5/rc.conf.5
@@ -22,7 +22,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd May 21, 2025
+.Dd July 15, 2025
.Dt RC.CONF 5
.Os
.Sh NAME
@@ -1164,8 +1164,8 @@ and
is not found.
Multiple rules can be set as follows:
.Bd -literal
-pf_fallback_rules="\\
- block drop log all\\
+pf_fallback_rules="
+ block drop log all
pass in quick on em0"
.Pp
.Ed
diff --git a/share/man/man5/src.conf.5 b/share/man/man5/src.conf.5
index 63e9f471f1f1..a3db00aed42f 100644
--- a/share/man/man5/src.conf.5
+++ b/share/man/man5/src.conf.5
@@ -1,5 +1,5 @@
.\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman.
-.Dd July 5, 2025
+.Dd July 14, 2025
.Dt SRC.CONF 5
.Os
.Sh NAME
@@ -493,7 +493,7 @@ Do not build
.Xr cxgbetool 8
.Pp
This is a default setting on
-arm/armv7, powerpc/powerpc and riscv/riscv64.
+arm/armv7 and riscv/riscv64.
.It Va WITH_CXGBETOOL
Build
.Xr cxgbetool 8
@@ -655,7 +655,7 @@ and
.Xr efivar 8 .
.Pp
This is a default setting on
-i386/i386, powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le.
+i386/i386, powerpc/powerpc64 and powerpc/powerpc64le.
.It Va WITH_EFI
Build
.Xr efivar 3
@@ -687,7 +687,7 @@ Build Flattened Device Tree support as part of the base system.
This includes the device tree compiler (dtc) and libfdt support library.
.Pp
This is a default setting on
-arm/armv7, arm64/aarch64, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
+arm/armv7, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
.It Va WITHOUT_FILE
Do not build
.Xr file 1
@@ -750,7 +750,7 @@ Do not build HTML docs.
Do not build or install HyperV utilities.
.Pp
This is a default setting on
-arm/armv7, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
+arm/armv7, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
.It Va WITH_HYPERV
Build or install HyperV utilities.
.Pp
@@ -916,7 +916,7 @@ On 64-bit platforms, do not build 32-bit library set and a
runtime linker.
.Pp
This is a default setting on
-arm/armv7, i386/i386, powerpc/powerpc, powerpc/powerpc64le and riscv/riscv64.
+arm/armv7, i386/i386, powerpc/powerpc64le and riscv/riscv64.
.It Va WITH_LIB32
On 64-bit platforms, build the 32-bit library set and a
.Nm ld-elf32.so.1
@@ -935,7 +935,7 @@ arm/armv7 and riscv/riscv64.
Build the LLDB debugger.
.Pp
This is a default setting on
-amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le.
+amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le.
.It Va WITHOUT_LLD_BOOTSTRAP
Do not build the LLD linker during the bootstrap phase of
the build.
@@ -1038,7 +1038,7 @@ with support for verification based on certificates obtained from UEFI.
Disable inclusion of GELI crypto support in the boot chain binaries.
.Pp
This is a default setting on
-powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le.
+powerpc/powerpc64 and powerpc/powerpc64le.
.It Va WITH_LOADER_GELI
Build GELI bootloader support.
.Pp
@@ -1048,7 +1048,7 @@ amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64.
Do not build the 32-bit UEFI loader.
.Pp
This is a default setting on
-arm/armv7, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
+arm/armv7, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
.It Va WITH_LOADER_IA32
Build the 32-bit UEFI loader.
.Pp
@@ -1058,7 +1058,7 @@ amd64/amd64.
Do not build kboot, a linuxboot environment loader
.Pp
This is a default setting on
-arm/armv7, i386/i386, powerpc/powerpc, powerpc/powerpc64le and riscv/riscv64.
+arm/armv7, i386/i386, powerpc/powerpc64le and riscv/riscv64.
.It Va WITH_LOADER_KBOOT
Build kboot, a linuxboot environment loader
.Pp
@@ -1068,7 +1068,7 @@ amd64/amd64, arm64/aarch64 and powerpc/powerpc64.
Do not build LUA bindings for the boot loader.
.Pp
This is a default setting on
-powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le.
+powerpc/powerpc64 and powerpc/powerpc64le.
.It Va WITH_LOADER_LUA
Build LUA bindings for the boot loader.
.Pp
@@ -1083,7 +1083,7 @@ amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64.
Build openfirmware bootloader components.
.Pp
This is a default setting on
-powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le.
+powerpc/powerpc64 and powerpc/powerpc64le.
.It Va WITHOUT_LOADER_PXEBOOT
Do not build pxeboot on i386/amd64.
When the pxeboot is too large, or unneeded, it may be disabled with this option.
@@ -1104,7 +1104,7 @@ amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64le and riscv/riscv64.
Build ubldr.
.Pp
This is a default setting on
-arm/armv7, powerpc/powerpc and powerpc/powerpc64.
+arm/armv7 and powerpc/powerpc64.
.It Va WITH_LOADER_VERBOSE
Build with extra verbose debugging in the loader.
May explode already nearly too large loader over the limit.
@@ -1309,7 +1309,7 @@ Do not build
.Xr mlx5tool 8
.Pp
This is a default setting on
-arm/armv7, powerpc/powerpc and riscv/riscv64.
+arm/armv7 and riscv/riscv64.
.It Va WITH_MLX5TOOL
Build
.Xr mlx5tool 8
@@ -1401,7 +1401,7 @@ Build the
InfiniBand software stack, including kernel modules and userspace libraries.
.Pp
This is a default setting on
-amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
+amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
.It Va WITH_OFED_EXTRA
Build the non-essential components of the
.Dq "OpenFabrics Enterprise Distribution"
@@ -1412,7 +1412,7 @@ Enable building LDAP support for kerberos using an openldap client from ports.
Do not build LLVM's OpenMP runtime.
.Pp
This is a default setting on
-arm/armv7 and powerpc/powerpc.
+arm/armv7.
.It Va WITH_OPENMP
Build LLVM's OpenMP runtime.
.Pp
@@ -1465,7 +1465,7 @@ is set explicitly)
Do not include kernel TLS support in OpenSSL.
.Pp
This is a default setting on
-arm/armv7, i386/i386, powerpc/powerpc and riscv/riscv64.
+arm/armv7, i386/i386 and riscv/riscv64.
.It Va WITH_OPENSSL_KTLS
Include kernel TLS support in OpenSSL.
.Pp
@@ -1502,7 +1502,7 @@ Do not build dynamically linked binaries as
Position-Independent Executable (PIE).
.Pp
This is a default setting on
-arm/armv7, i386/i386 and powerpc/powerpc.
+arm/armv7 and i386/i386.
.It Va WITH_PIE
Build dynamically linked binaries as
Position-Independent Executable (PIE).
diff --git a/share/man/man5/style.Makefile.5 b/share/man/man5/style.Makefile.5
index cc5d2f6bb28a..fe8754924575 100644
--- a/share/man/man5/style.Makefile.5
+++ b/share/man/man5/style.Makefile.5
@@ -1,3 +1,6 @@
+.\"
+.\" SPDX-License-Identifier: BSD-3-Clause
+.\"
.\" Copyright (c) 2002-2003, 2023 David O'Brien <obrien@FreeBSD.org>
.\" All rights reserved.
.\"
@@ -30,10 +33,7 @@
.Os
.Sh NAME
.Nm style.Makefile
-.Nd
-.Fx
-.Pa Makefile
-file style guide
+.Nd FreeBSD Makefile style guide
.Sh DESCRIPTION
This file specifies the preferred style for makefiles in the
.Fx
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-15 23:57:13 +0000