2 FILE ::= EMPTY | FILE STMT [`;']
3 STMT ::= OPTION-STMT | FW-STMT
4 FW-STMT ::= `fw' SOURCE OPTIONS [`to'|`->'] TARGET OPTIONS
5 OPTIONS ::= `{' OPTION-SEQ `}'
6 OPTION-SEQ ::= EMPTY | OPTION-STMT [`;'] OPTION-SEQ
9 OPTION-STMT ::= Q-OPTION
12 | PREFIX `{' OPTION-SEQ `}'
15 File source and target
18 FILE ::= `file' [`.'] FSPEC [`,' FSPEC]
19 FSPEC ::= FD-SPEC | NAME-SPEC | NULL-SPEC
20 FD-SPEC ::= [[`:']`fd'[`:']] NUMBER|`stdin'|`stdout'
21 NAME-SPEC ::= [[`:']`file'[`:']] FILE-NAME
22 FILE-NAME ::= PATH-SEQ | [ PATH-SEQ ]
23 PATH-SEQ ::= PATH-ELT | PATH-SEQ PATH-ELT
24 PATH-ELT ::= `/' | WORD
25 NULL-SPEC ::= [`:']`null'[`:']
27 Exec source and target
30 EXEC ::= `exec' [`.'] CMD-SPEC
31 CMD-SPEC ::= SHELL-CMD | [PROG-NAME] `[' ARGV0 ARG-SEQ `]'
32 ARG-SEQ ::= WORD | ARG-SEQ WORD
36 Socket source and target
37 SOURCE ::= SOCKET-SOURCE
38 TARGET ::= SOCKET-TARGET
39 SOCKET-SOURCE ::= [`socket'[`.']] [[`:']ADDR-TYPE[`:']] SOURCE-ADDR
40 SOCKET-TARGET ::= [`socket'[`.']] [[`:']ADDR-TYPE[`:']] TARGET-ADDR
42 INET-SOURCE-ADDR ::= [`port'] PORT
43 INET-TARGET-ADDR ::= ADDRESS [`:'] PORT
44 ADDRESS ::= ADDR-ELT | ADDRESS ADDR-ELT
45 ADDR-ELT ::= `.' | WORD
47 UNIX-SOURCE-ADDR ::= FILE-NAME
48 UNIX-TARGET-ADDR ::= FILE-NAME
50 File attributes (`fattr')
51 PREFIX.fattr.mode [=] MODE
52 PREFIX.fattr.owner [=] USER
53 PREFIX.fattr.group [=] GROUP
56 file.create [=] yes|no
57 file.open [=] no|truncate|append
61 exec.logging [=] yes|no
62 exec.dir [=] FILE-NAME
63 exec.root [=] FILE-NAME
66 exec.rlimit.LIMIT[.hard|.soft] [=] VALUE
69 exec.env.[set] VAR [=] VALUE
72 socket.conn [=] NUMBER|unlimited|one-shot
73 socket.logging [=] yes|no
75 socket.inet.source.[allow|deny] priv-port
76 socket.inet.source.[allow|deny] [host] ADDR [/ ADDR]
77 socket.inet.source.addr [=] any|ADDR
78 socket.inet.dest.addr [=] any|ADDR
79 oscket.inet.dest.priv-port [=] yes|no
81 socket.unix.source.fattr.*