...
 
Commits (2078)
......@@ -3,6 +3,7 @@ tags
TAGS
*.o
*.o.c
*.orig
*.a
*.so
*.dll
......@@ -34,6 +35,8 @@ Doc/help
Doc/help.txt
Doc/help/[_a-zA-Z0-9]*
Doc/intro.pdf
Doc/intro.ps
Doc/intro.a4.pdf
Doc/intro.a4.ps
Doc/intro.us.pdf
......@@ -58,6 +61,8 @@ Doc/zsh.vr
Doc/zsh.vrs
Doc/zsh.log
Doc/zsh.dvi
Doc/zsh_a4.dvi
Doc/zsh_us.dvi
Doc/zsh.tp
Doc/zsh.tps
Doc/zsh.idx
......
This diff is collapsed.
This diff is collapsed.
......@@ -2,6 +2,7 @@
local -a shortcuts
shortcuts=(
api
'console:utilities to customize the behavior of the system console'
'defaultrouter:default router/gateway'
'diskmgmt:manage disk partitions and/or labels using sade(8)'
......@@ -12,6 +13,7 @@ shortcuts=(
'groupedit:edit/view groups'
'groupmgmt:utilities to add/change/view/delete group accounts'
'hostname:set hostname/domainname'
includes
'kern_securelevel:set kern.securelevel variable'
'mouse:utilities for configuring, exploring, and enabling console mouse support'
'mouse_disable:disable mouse support'
......@@ -43,13 +45,19 @@ shortcuts=(
'userdel:delete users'
'useredit:edit/view users'
'usermgmt:utilities to add/edit/view/delete user accounts'
vt_font
vt_keymap
vt_repeat
vt_saver
vt_screenmap
vt_ttys
)
_arguments -s -w -A '-*' : \
'-d[debug mode]' \
'-D[send debug info to file]: :{ compset -P 1 +; _files }' \
'-f[load file as script then exit]: : _files' \
'-h[print usage then exit]' \
'-h[display help information]' \
'-S[secure X11 mode]' \
'-X[use Xdialog(1)]' \
'1:bsdconfig(8) menus:(( $shortcuts ))'
'1:bsdconfig(8) menu:(( $shortcuts ))'
#compdef chflags
local flags own='-g *(-u$EUID)'
local args own='-g *(-u$EUID)'
flags=(
'(noopaque)opaque[set the opaque flag]'
'(opaque)noopaque[unset the opaque flag]'
'(dump)nodump[set the nodump flag]'
'(nodump)dump[unset the nodump flag]'
'(nouappnd)uappnd[set the user append-only flag]'
'(uappnd)nouappnd[unset the user append-only flag]'
'(nouchg)uchg[set the user immutable flag]'
'(uchg)nouchg[unset the user immutable flag]'
)
(( ! EUID || $+_comp_priv_prefix )) && own=
if (( ! EUID )); then
flags=( $flags[@]
'(noarch)arch[set the archived flag]'
'(arch)noarch[unset the archived flag]'
'(nosappnd)sappnd[set the system append-only flag]'
'(sappnd)nosappnd[unset the system append-only flag]'
'(noschg)schg[set the system immutable flag]'
'(schg)noschg[unset the system immutable flag]'
if [[ $OSTYPE = (darwin|dragonfly|freebsd)* ]]; then
args=(
"-f[don't display diagnostic messages]"
'-v[verbose output]'
)
unset own
fi
if [[ $OSTYPE = (freebsd|dragonfly|darwin)* ]]; then
flags=( $flags[@]
'(nouunlnk)uunlnk[set the user undeletable flag]'
'(uunlnk)nouunlnk[unset the user undeletable flag]'
'(nohidden)hidden[set the hidden flag]'
'(hidden)nohidden[unset the hidden flag]'
)
(( EUID )) || flags=( $flags[@]
'(nosunlnk)sunlnk[set the system undeletable flag]'
'(sunlnk)nosunlnk[unset the system undeletable flag]'
)
fi
_arguments -s -A "-*" \
_arguments -s -A "-*" : $args \
': :_file_flags' \
'*:file:_files "$own"' \
- opth \
'-h[act on symlinks]' \
- optR \
'-R[recurse directories]' \
'(-L -P)-H[follow symlinks on the command line (specify with -R)]' \
'(-H -P)-L[follow all symlinks (specify with -R)]' \
'(-L -H)-P[do not follow symlinks (specify with -R)]' \
'-R[recurse directories]' \
':file flag:_values -s , "file flags" $flags[@]' \
'*:file:_files "$own"'
'(-L -H)-P[do not follow symlinks (specify with -R)]'
#compdef cu
local variant ign
local -a args
_pick_variant -r variant taylor='Taylor UUCP' $OSTYPE --version
case $variant in
openbsd*)
args+=(
"-d[don't block waiting for a carrier to be detected]"
'-r[start cu in restricted mode - prevent local operations]'
)
;;
taylor|(net|free)bsd*)
args+=(
'(-o -P --parity)-e[use even parity]'
'(-e -P --parity)-o[use odd parity]'
)
;|
(net|free)bsd*)
args+=( '-t[connect via a hard-wired connection to a host on a dial-up line]' )
;|
taylor|netbsd*)
(( $#words > 2 )) && ign='!'
args+=(
"${ign}--help[display usage information]"
'(-s)--speed=[set line speed for the connection]:line speed [9600]:_baudrates'
'(-e -o -P)--parity=[set parity]:parity [none]:(even odd none)'
'(-h --halfduplex)'{-h,--halfduplex}'[echo characters locally]'
'--nostop[turn off XON/XOFF handling]'
'(-E --escape)'{-E+,--escape=}'[specify escape character]:escape character [~]'
'(-a -p --port)'{-a+,-p+,--port=}'[specify the port]:port'
'(-c --phone -n --prompt)'{-c+,--phone=}'[specify phone number to call]:phone number'
'(1 -l -z --system)--line=[specify line to use]:line:(/dev/(cuaU#<->|ttyS<->|tty.*|cu.*)(N%c))'
)
;|
taylor)
args+=(
"${ign}(-v --version)"{-v,--version}"[display version information]"
'(-n --prompt -c --phone)'{-n,--prompt}'[prompt for the phone number to use]'
'(-x --debug)-d[enter debugging mode]'
'(-d -x --debug)'{-x+,--debug=}'[turn on particular debugging types]:debug type:_sequence compadd - all abnormal chat handshake port config incoming outgoing'
'(-I --config)'{-I+,--config=}'[specify configuration file]:configuration file:_files'
'(1 -z --system)'{-z+,--system=}'[specify system to call]:system'
)
;;
netbsd*)
args+=(
'(-E --escape)-n+[disable escape character processing]'
'(-f -F --flow)'{-F+,--flow=}'[set flow control]:flow control:(hard soft none)'
'(-F --flow)-f[use no flow control]'
'(-e -o --parity)-P+[set parity]:parity [none]:(even odd none)'
)
;;
freebsd*)
args=( -A "-*" $args
'-a[set the acu port]:acu'
'-h[echo characters locally]'
)
;;
esac
_arguments -s $args \
'(--speed)-s+[set line speed for the connection]:line speed [9600]:_baudrates' \
'(1 --line -z --system)-l+[specify line to use]:line:(/dev/(cuaU#<->|ttyS<->|tty.*|cu.*)(N%c))' \
'1: :_guard "^-*" system'
#compdef fetch
# Deprecated arguments are removed from the completion
_arguments -s \
'-1[stop and return exit code 0 at the first successfully retrieved file]' \
'-4[forces fetch to use IPv4 addresses only]' \
'-6[forces fetch to use IPv6 addresses only]' \
'-A[do not automatically follow "temporary" (302) redirects]' \
'-a[automatically retry the transfer upon soft failures]' \
'-B[specify the read buffer size in bytes]:bytes:' \
'-d[use a direct connection even if a proxy is configured]' \
'-F[in combination with the -r flag, forces a restart]' \
'-l[if the target is a file-scheme URL, make a symbolic link to the target]' \
'-M' \
'-m[mirror mode]' \
'-N[use file instead of ~/.netrc to look up login names and pass- words for FTP sites]' \
'-n[do not preserve the modification time]' \
'-o[set the output file name]:file:_files' \
'-P' \
'-p[use passive FTP]' \
'-q[quiet mode]' \
'-R[do not delete the output file in any circumstances]' \
'-r[restart a previously interrupted transfer]' \
'-S[require the file size reported by the server to match the specified value]' \
'-s[print the size in bytes, without fetching it]' \
'-T[set timeout value]:seconds:' \
'-U[when using passive FTP, allocate the port for the data connection from the low port range]' \
'-v[increase verbosity level]' \
'-w[wait successive retries]:seconds:' \
'*:URL to fetch:_urls'
# Deprecated arguments are prefixed with ! so they aren't listed but their arguments are completed
_arguments -s -S \
'(-1 --one-file)'{-1,--one-file}'[stop and return exit code 0 at the first successfully retrieved file]' \
'(-4 --ipv4-only)'{-4,--ipv4-only}'[forces fetch to use IPv4 addresses only]' \
'(-6 --ipv6-only)'{-6,--ipv6-only}'[forces fetch to use IPv6 addresses only]' \
'(-A --no-redirect)'{-A,--no-redirect}"[don't automatically follow "temporary" (302) redirects]" \
'(-a --retry)'{-a,--retry}'[automatically retry the transfer upon soft failures]' \
'(-B --buffer-size)'{-B+,--buffer-size=}'[specify the read buffer size in bytes]:buffer size (bytes)' \
'--bind-address=[specify address to which outgoing connections will be bound]:host:_hosts' \
'--ca-cert=[specify certificate bundle containing trusted CA certificates]:file:_files' \
'--ca-path=[specify directory containing trusted CA hashes]:path:_directories' \
'--cert=[specify PEM encoded client key for authentication]:file:_files -g "*.pem(-.)"' \
'--crl=[specify certificate revocation list file]:file:_files' \
'(-d --direct)'{-d,--direct}'[use a direct connection even if a proxy is configured]' \
'(-F --force-restart)'{-F,--force-restart}'[in combination with the -r flag, forces a restart]' \
'(-i --if-modified-since)'{-i+,--if-modified-since=}'[only retrieve if remote file newer than specified local file]:file:_files' \
'--key=[specify PEM encoded client key]:key file:_files -g "*.pem(-.)"' \
'(-l --symlink)'{-l,--symlink}'[if the target is a file-scheme URL, make a symbolic link to the target]' \
'-M' \
'(-m --mirror -r --restart)'{-m,--mirror}'[mirror mode]' \
'(-N --netrc)'{-N+,--netrc=}'[use file instead of ~/.netrc to look up login names and pass- words for FTP sites]' \
'(-n --no-mtime)'{-n,--no-mtime}"[don't preserve the modification time]" \
'--no-passive[force FTP code to use active mode]' \
'--no-proxy=[hosts on which to disable proxoes]:host:_sequence _hosts' \
'--no-sslv3' '--no-tlsv1' --no-verify-hostname --no-verify-peer \
'(-o --output)'{-o+,--output=}'[set the output file name]:file:_files' \
'-P' \
'(-p --passive)'{-p,--passive}'[use passive FTP]' \
'--referer=:URL:_urls' \
'(-q --quiet)'{-q,--quiet}'[quiet mode]' \
'(-R --keep-output)'{-R,--keep-output}"[don't delete the output file in any circumstances]" \
'(-r --restart -m --mirror)'{-r,--restart}'[restart a previously interrupted transfer]' \
'(-S --require-size)'{-S+,--require-size=}'[require the file size reported by the server to match the specified value]' \
'(-s --print-size)'{-s,--print-size}'[print the size in bytes, without fetching it]' \
'(-T --timeout)'{-T+,--timeout=}'[set timeout value]:seconds:' \
'(-U --passive-portrange-default)'{-U,--passive-portrange-default}'[when using passive FTP, allocate the port for the data connection from the low port range]' \
'--user-agent=:user agent' \
'(-v --verbose)'{-v,--verbose}'[increase verbosity level]' \
'(-w --retry-delay)'{-w+,--retry-delay=}'[wait successive retries]:delay (seconds)' \
'!(*)-h+:host:_hosts' '!(*)-f+:file:_files' '!(*)-c+:remote directory:_directories' \
'*:URL to fetch:_urls'
......@@ -7,14 +7,17 @@ flags=(
'(install rollback)upgrade[fetch files necessary for upgrading to a new release]'
'(upgrade rollback)install[install the most recently fetched updates or upgrade]'
'(upgrade install)rollback[uninstall the most recently installed updates]'
'IDS[compare the system against an index of "known good" files]'
)
_arguments -s \
_arguments \
'-b[operate on a system mounted at basedir]:basedir:_files -/' \
'-d[store working files in workdir]:workdir:_files -/' \
'-f[read configuration options from conffile]:conf file:_files' \
'-k[trust an RSA key with SHA256 of KEY]:RSA key:' \
'-r[specify the new release]:new release:' \
'-F[force freebsd-update fetch to proceed where it normally would not]' \
'-k[trust an RSA key with SHA256 of KEY]:RSA key' \
'-r[specify the new release]:new release' \
'-s[fetch files from the specified server or server pool]:server:_hosts' \
'-f[mail output of cron command, if any, to address]:address:' \
':command:_values -S " " -w "commands" $flags[@]'
'-t[mail output of cron command, if any, to address]:address' \
'--currently-running[assume specified release as current]:release' \
'*:command:_values -S " " -w "commands" $flags[@]'
#compdef fstat
local pids
pids=(${${${(f)"$(/usr/bin/procstat -ah)"}/[[:space:]]#/}/[[:space:]]*[[:space:]](ELF[[:digit:]]#[[:space:]]|-[[:space:]]#)/:})
_arguments -s \
'-f[restrict examination to files open in the same file systems as the named file arguments]' \
'-M[extract values associated with the name list from the specified core]:core:_files' \
'-N[extract the name list from the specified system]:system:' \
'-M+[extract values associated with the name list from the specified core]:core:_files' \
'-N+[extract the name list from the specified system]:system' \
'-m[include memory-mapped files in the listing]' \
'-n[numerical format]' \
'-p[report all files open by the specified process]:process id:(($pids))' \
'-u[report all files open by the specified user]:user:_users' \
'-p+[report all files open by the specified process]:process id:_pids' \
'-u+[report all files open by the specified user]:user:_users' \
'-v[verbose mode]' \
'*:files:_files'
'*: :_files'
#compdef fw_update
_arguments -s -S -A "-*" \
'(*)-a[install or update firmware for all drivers]' \
'-d[delete drivers instead of adding them]' \
'-i[display information]' \
'-n[dry run]' \
'-p[use the firmware at specified path]:path:' \
'*-v[verbose output]' \
'(-a)*:driver:'
#compdef gstat
_arguments -s : \
'-a[only display providers that are at least 0.1% busy]' \
'(-B)-b[batch mode]' \
'(-b)-B[endless batch mode]' \
'-c[enable the display geom(4) consumers]' \
'-d[enable the display delete operations]' \
'-f+[filter by regex]:regex' \
'-o[enable the display for other operations]' \
"-s[enable blocks' size statistics]" \
'-I+[display refresh rate]:interval (ms)' \
'-p[only display physical providers]'
#compdef jail
local curcontext="$curcontext" ret=1
local -a state state_descr line jails running alts suf
local -A opt_args
_arguments -C -s \
'-c[create a new jail]' \
'-m[modify an existing jail]' \
'-r[remove specified jail]' \
'-d[allow changes to a dying jail]' \
'-f+[specify configuration file]:config file [/etc/jail.conf]:_files' \
'-h[resolve host.hostname and use IP addresses for the jail]' \
'(-q)-i[output jail ID of new jails]' \
'-J+[write a file containing parameters used to start the jail]:file:_files' \
'-p+[limit the number of commands from exec.* that can run simultaneously]:limit' \
'(-i -v)-q[suppress the message printed when a jail is created, modified or removed]' \
'-R[remove jail without using the configuration file]' \
'(-q)-v[print a message on every operation]' \
'!-n+:name' '!-l' '!-s+:secure level' \!-{u,U}'+:user:_users' \
'*:: :->args' && ret=0
if [[ -n $state ]]; then
if compset -P 1 '(^name)='; then
case ${IPREFIX%=} in
command|exec.*st(art|op)*) _cmdstring && ret=0 ;;
depend) _jails && ret=0 ;;
path) _directories && ret=0 ;;
host|vnet) alts=( 'values:value:(inherit new)' ) ;;
ip[46]) alts=( 'values:value:(inherit new disable)' ) ;;
*_user) _users && ret=0 ;;
*) _message -e values 'value' ;;
esac
elif compset -P name= || [[ $#line = 1 ]]; then
if (( $+opt_args[-r] || $+opt_args[-m] )); then
alts=( 'jails:jail:_jails' )
elif (( $+opt_args[-c] )); then
running=( ${${(f)"$(_call_program jails jls name)"}/ /:} )
jails=( ${${(M)${(f)"$(<${opt_args[-f]:-/etc/jail.conf})"}:#[a-z]# #\{#(#e)}%% *} )
alts=( "jails:jail:compadd - ${jails:|running}" )
fi
fi
if [[ -z $IPREFIX ]]; then
compset -S '=*' || suf=( -qS = )
alts+=(
'parameters:parameter:compadd -r "\n\t\- =" - persist allow.{set_hostname,sysvipc,raw_sockets,chflags,mount{,.devfs,.fdescfs,.nullfs,.procfs,.linprocfs,.linsysfs,.tmpfs,.zfs},quotas,socket_af} mount.{devfs,fdescfs,procfs}'
'parameters:parameter:compadd $suf - jid name path ip{4,6}{,.addr{,sel}} vnet host.hostname host securelevel devfs_ruleset children.{max,cur} enforce_statfs cpuset.id osrelease osreldate command exec.{{,pre,post}{start,stop},clean,jail_user,system{,_jail}_user,timeout,consolelog,fib} stop.timeout {vnet.,}interface ip_hostname mount{,.fstab} depend'
)
fi
(( $#alts )) && _alternative $alts && ret=0
fi
return ret
......@@ -2,14 +2,16 @@
_jexec_normal() {
local PATH=$PATH
local -a _comp_priv_prefix
# relative paths are relative to the jail's root
path=( "$(command jls -j $words[1] path)"/$^path )
path=( "$(_call_program paths jls -j $words[1] path)"/$^path )
shift 1 words; (( CURRENT-- ))
_normal
}
_jexec() {
_arguments -s -w -A "-*" : \
_arguments -s -S -A "-*" : \
'-l[execute in a clean environment]' \
'(-U)-u[host environment user whom command runs as]:host user:_users' \
'(-u)-U[jail environment user whom command runs as]:jail user:_users' \
'1:jail:_jails' \
......
#compdef jot
local curcontext="$curcontext" state state_descr line ret=1
local -A opt_args
_arguments -s -C : \
'(-b)-r[generate random data instead of the default sequential data]' \
'(-c -p -r -w)-b+[just print the specified word repeatedly]:word:' \
'(-b -c -p)-w+[specify output format as in printf]:output format:->format' \
'(-b -p -w)-c[same as -w %c]' \
'-s+[separate the data by the specified string instead of newline]:string:' \
'-n[do not print the final newline]' \
'(-b -c -w)-p+[specify number of digits after decimal point]:precision:' \
'(-)1: :_guard "^-*" "number of data"' \
'2::lower bound:' \
'3::upper bound:' \
'4:: :->lastarg' && ret=0
case $state in
(format)
local -a flags digits conversions
flags=(
'#:alternative form'
' :leave a blank before a positive number'
'+:always place a sign before a number'
'-:left adjust'
)
digits=(0 1 2 3 4 5 6 7 8 9 .)
conversions=(
{d,i}':signed decimal'
'o:unsigned octal'
'u:unsigned decimal'
{x,X}':unsigned hexadecimal'
'l'{d,i}':long signed decimal'
'lo:long unsigned octal'
'lu:long unsigned decimal'
'l'{x,X}':long unsigned hexadecimal'
'f:double number'
{e,E}':double number in scientific notation'
{g,G}':use %f or %e, whichever is more appropriate'
'c:character'
)
compset -P '([^%]#%%)#'
if compset -P '[^%]#%'; then
# flags: (|\#)(| )(|+|-)
compset -P '(\#|\\\#)' && flags=( ${(@)flags:#\#*} )
compset -P '( |\\ )' && flags=( ${(@)flags:#(\#| )*} )
compset -P '(+|-)' || compset -P '[0-9]##' && flags=()
# width.precision: [0-9]#(|.[0-9]#)
if compset -P '.'; then
flags=()
digits=( ${(@)digits:#.} )
fi
compset -P '[0-9]#'
# conversion specifier: ((|l)[diouxX]|[feEgGc])
if compset -P '((|l)[diouxX]|[feEgGc])'; then
_message -e format-rest 'rest of the format' && ret=0
else
local opts=( -S '' )
_alternative -O opts 'flags:flag:(( $flags ))' \
"width-precision:width.precision:($digits)" \
'conversion-specifiers:conversion specifier:(( $conversions ))' \
&& ret=0
fi
else
local expl
compset -P '*'
_wanted start-specification expl 'start specification' \
compadd -S '' % && ret=0
fi
;;
(lastarg)
if (( $+opt_args[-r] )); then
_message -e seeds 'random number seed' && ret=0
else
_message -e steps 'step size' && ret=0
fi
;;
esac
return ret
......@@ -24,14 +24,17 @@ _kld() {
unset _cache_sysctlvars
case "$service" in
kldload)
_arguments -s \
kldload)
_arguments -s -S -A "-*" \
"-n[don't try to load module if already loaded]" \
'-v[be verbose]' \
'-q[silence any extraneous warnings]' \
'*:module to load:_kld_module'
;;
kldunload)
_arguments -s \
kldunload)
_arguments -s -S -A "-*" \
'-f[force the unload]' \
'-v[be verbose]' \
'(-n)-i:module id to unload:_kld_unload_id' \
'(-i)-n:module to unload:_kld_unload' \
......
#compdef ldap
local -a commands scopes
commands=(
search:'search a directory'
)
scopes=(
base:'base object only'
one:'one level'
sub:subtree
)
_ldap_url() {
local nm=$compstate[nmatches]
local -a expl protocols suf_proto suf_scope tags
protocols=(
ldap:'TCP in plaintext'
ldaps:'TLS'
ldap+tls:'TCP and use StartTLS'
ldapi:'connect to a socket'
)
# [protocol://]host[:port][/basedn[?[attribute,...][?[scope][?[filter]]]]]
if ! compset -P '*://'; then
tags=(protocol)
compset -S ':*' || suf_proto=( -S :// )
fi
if ! compset -P '*/'; then
if compset -P '*:'; then
tags=(port)
compset -S '/*'
else
if ! compset -S '://*'; then
tags+=(host)
compset -S '[:/]*'
fi
fi
else
case $PREFIX in
*\?*\?*\?*) tags=(filter);;
*\?*\?*) tags=(scope); [[ -suffix \?* ]] || suf_scope=( -qS \? );;
*\?*) tags=(attribute);;
*) tags=(basedn);;
esac
compset -P '*\?'
compset -S '\?*'
fi
_tags $tags
while _tags; do
_requested protocol && _describe -t protocol protocol protocols $suf_proto
_requested host && _hosts -S ''
_requested port expl port
_requested basedn expl 'base DN'
_requested attribute expl attribute
_requested scope && _describe -t scope scope scopes $suf_scope
_requested filter expl filter
[[ nm -ne compstate[nmatches] ]] && return 0
done
}
if (( CURRENT == 2 )); then
_describe command commands
else
shift words; (( CURRENT-- ))
case $words[1] in
search)
_arguments -s -S -A '-*' \
'-b+[specify base DN]:base DN:' \
'-c+[specify CA file]:CA file:' \
'-D+[specify bind DN]:bind DN:' \
'-H+[specify URL]: :_ldap_url' \
'-L[output in LDIF]' \
'-l+[specify time limit or 0 for no limit]:time limit [0]:' \
'-s+[specify scope]:scope [sub]:(($scopes))' \
'-v[be verbose]' \
'-W[prompt for bind secret]' \
'-w+[specify bind secret]:bind secret:' \
'-x[use simple authentication]' \
'-Z[use StartTLS]' \
'-z+[specify maximum number of results or 0 for no limit]:size limit [0]:' \
'::filter:' \
'*:attribute:'
;;
esac
fi
#compdef pfctl
local pfctl_flush_modifiers pfctl_optimizer_level pfctl_show_modifiers pfctl_tables_command pfctl_debug_level
local -a args
pfctl_flush_modifiers=(
'all:flush all'
'info:flush the filter information'
'nat:flush the NAT rules'
'osfp:flush the passive operating system fingerprints'
'queue:flush the queue rules'
'rules:flush the filter rules'
'state:flush the stable table'
'Sources:flush the source tracking table'
'Tables:flush the tables'
'rules:flush the filter rules'
'states:flush the stable table'
'Sources:flush the source tracking table'
'info:flush the filter information'
'Tables:flush the tables'
'osfp:flush the passive operating system fingerprints'
'all:flush all'
)
pfctl_show_modifiers=(
'nat:show the currently loaded NAT rules'
'queue:show the currently loaded queue rules'
'rules:show the currently loaded filter rules'
'Anchors:show the currently loaded anchors directly attached to the main ruleset'
'state:show the contents of the state table'
'states:show the contents of the state table'
'Sources:show the contents of the source tracking table'
'info:show filter information'
'labels:show per-rule statistics of filter rules with labels'
......@@ -36,6 +34,7 @@ pfctl_optimizer_level=(
'basic:enable basic ruleset optimizations'
'profile:enable basic ruleset optimizations with profiling'
)
pfctl_tables_command=(
'kill:kill a table'
'flush:flush all addresses of a table'
......@@ -48,49 +47,75 @@ pfctl_tables_command=(
'zero:clear all the statistics of a table'
'load:load only the table definitions from pf.conf(5)'
)
pfctl_debug_level=(
"none:don\'t generate debug messages"
'urgent:generate debug messages only for serious errors'
'misc:generate debug messages for various errors'
'loud:generate debug messages for common conditions'
)
_iface() {
local pfctl_iface
pfctl_iface=($(pfctl -s Interfaces))
compadd $pfctl_iface
_pf_ifaces() {
compadd "$@" - $(_call_program tables pfctl -s Interfaces)
}
_tables() {
local pfctl_tables
pfctl_tables=($(pfctl -s Tables))
compadd $pfctl_tables
_pf_tables() {
compadd "$@" - $(_call_program tables pfctl -s Tables)
}
# TODO:
# Missing -a
#
_arguments -s \
'-F[flush the filter parameters specified by modifier]:modifier:(($pfctl_flush_modifiers))' \
'-A[load only the queue rules present in the rule file]' \
'-D[define macro to be set to value]:macro:' \
'-d[disable the packet filter]' \
'-e[enable the packet filter]' \
'-f[load the rules contained in a file]:configuration file:_files' \
'-g[include output helpful for debugging]' \
'-h[help]' \
'-i[restrict the operation to the given interface]:interface:_iface' \
'-K[kill all of the source tracking entries originating from the specified host or network]:host or network:_hosts' \
'-k[kill all of the state entries originating from the specified host or network]:host or network:_hosts' \
'-m[merge in explicitly given options]' \
'-N[load only the NAT rules present in the rule file]' \
'-n[do not actually load rules, just parse them]' \
'-O[load only the options present in the rule file]' \
'-o[control the ruleset optimizer]:level:(($pfctl_optimizer_level))' \
'-p[use the device file device instead of the default /dev/pf]:device:_files' \
'-q[only print errors and warnings]' \
'-R[load only the filter rules present in the rule file]' \
'-r[perform reverse DNS lookups on states when displaying them]' \
'-s[show the filter parameters specified by modifier]:modifier:(($pfctl_show_modifiers ))' \
'-T[specify the command to apply to the table]:command:(($pfctl_tables_command))' \
'-t[specify the name of the table]:table:_tables' \
'-v[produce more verbose output]' \
'-x[set the debug level]:debug level:(($pfctl_debug_level))' \
'-z[clear per-rule statistics]'
case $OSTYPE in
openbsd*)
pfctl_debug_level=(
emerg alert crit err warning notice info debug
)
args=(
'-L+[load pf states from specified state file]:file:_files'
"-N[don't perform domain name resolution]"
'-P[display ports using service names]'
'-S+[store pf state table in the specified file]:file:_files'
'-V+[select routing domain to be used to kill states]:routing domain'
)
;;
(free|net)bsd*)
pfctl_debug_level=(
"none:don\'t generate debug messages"
'urgent:generate debug messages only for serious errors'
'misc:generate debug messages for various errors'
'loud:generate debug messages for common conditions'
)
pfctl_flush_modifiers+=(
'nat:flush the NAT rules'
'queue:flush the queue rules'
)
pfctl_show_modifiers+=(
'nat:show the currently loaded NAT rules'
)
args=(
'-A[load only the queue rules present in the rule file]'
'-N[load only the NAT rules present in the rule file]'
'-O[load only the options present in the rule file]'
'-R[load only the filter rules present in the rule file]'
)
;|
freebsd*)
args+=( '-P[display ports numerically]' )
;;
esac
_arguments -s $args \
'-a[apply flags -f, -F, and -s only to the rules in the specified anchor]:anchor' \
'-F+[flush the filter parameters specified by modifier]:modifier:(($pfctl_flush_modifiers))' \
'-D+[define macro to be set to value]:macro' \
'(-e)-d[disable the packet filter]' \
'(-D)-e[enable the packet filter]' \
'-f+[load the rules contained in a file]:configuration file:_files' \
'-g[include output helpful for debugging]' \
'(-)-h[display help information]' \
'-i[restrict the operation to the given interface]:interface:_pf_ifaces' \
'*-K[kill all of the source tracking entries originating from the specified host or network]:host or network:_hosts' \
'*-k[kill all of the state entries originating from the specified host or network]:host or network:_hosts' \
'-m[merge in explicitly given options without disturbing others]' \
"-n[don't actually load rules, just parse them]" \
'-o+[control the ruleset optimizer]:level:(($pfctl_optimizer_level))' \
'-p+[use the device file device instead of the default /dev/pf]:device:_files' \
'-q[only print errors and warnings]' \
'-r[perform reverse DNS lookups on states when displaying them]' \
'-s+[show the filter parameters specified by modifier]:modifier:(($pfctl_show_modifiers))' \
'-T+[specify the command to apply to the table]:command:(($pfctl_tables_command))' \
'-t[specify the name of the table]:table:_pf_tables' \
'-v[produce more verbose output]' \
'-x+[set the debug level]:debug level:(($pfctl_debug_level))' \
'-z[clear per-rule statistics]'