omit preceding flag from command/modifier lists to get tags; OK jmc

reads odd to repeat, e.g. -F, when listing all its modifiers.
as a consequence, automatic tagging wouldn't work, e.g. no "zero"
tag would exist to jump to that -F modifier's definition.

also add manual tags for -R and -T as get explained together with
-s and -t, respectively, where only the first flag gets tagged.

1 files changed, 41 insertions, 39 deletions

diff --git a/sbin/pfctl/pfctl.8 b/sbin/pfctl/pfctl.8
index 649a6f3ff03..5f76097b982 100644
--- a/sbin/pfctl/pfctl.8
+++ b/sbin/pfctl/pfctl.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: pfctl.8,v 1.184 2024/11/20 13:57:29 kirill Exp $
+.\" $OpenBSD: pfctl.8,v 1.185 2024/11/21 18:16:01 kn Exp $
 .\"
 .\" Copyright (c) 2001 Kjell Wooding.  All rights reserved.
 .\"
@@ -24,7 +24,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: November 20 2024 $
+.Dd $Mdocdate: November 21 2024 $
 .Dt PFCTL 8
 .Os
 .Sh NAME
@@ -191,25 +191,25 @@ Flush the filter parameters specified by
 .Ar modifier
 (may be abbreviated):
 .Pp
-.Bl -tag -width xxxxxxxxxxxx -compact
-.It Fl F Cm rules
+.Bl -tag -width xxxxxxxxx -compact
+.It Cm rules
 Flush the filter rules.
-.It Fl F Cm states
+.It Cm states
 Flush the state table (NAT and filter).
-.It Fl F Cm Sources
+.It Cm Sources
 Flush the source tracking table.
-.It Fl F Cm info
+.It Cm info
 Flush the filter information (statistics that are not bound to rules).
-.It Fl F Cm Tables
+.It Cm Tables
 Flush the tables.
-.It Fl F Cm osfp
+.It Cm osfp
 Flush the passive operating system fingerprints.
-.It Fl F Cm Reset
+.It Cm Reset
 Reset limits, timeouts and other options back to default settings.
 See the OPTIONS section in
 .Xr pf.conf 5
 for details.
-.It Fl F Cm all
+.It Cm all
 Flush all of the above.
 .El
 .Pp
@@ -316,13 +316,13 @@ Do not actually load rules, just parse them.
 .It Fl o Ar level
 Control the ruleset optimizer, overriding any rule file settings.
 .Pp
-.Bl -tag -width xxxxxxxxxxxx -compact
-.It Fl o Cm none
+.Bl -tag -width xxxxxxxxx -compact
+.It Cm none
 Disable the ruleset optimizer.
-.It Fl o Cm basic
+.It Cm basic
 Enable basic ruleset optimizations.
 This is the default behaviour.
-.It Fl o Cm profile
+.It Cm profile
 Enable basic ruleset optimizations with profiling.
 .El
 .Pp
@@ -348,13 +348,14 @@ are mutually exclusive.
 .It Fl S Ar statefile
 Store the pf state table in the file specified by
 .Ar statefile .
+.Tg R
 .It Fl s Ar modifier Op Fl R Ar id
 Show the filter parameters specified by
 .Ar modifier
 (may be abbreviated):
 .Pp
-.Bl -tag -width xxxxxxxxxxxxxx -compact
-.It Fl s Cm queue
+.Bl -tag -width xxxxxxxxxxx -compact
+.It Cm queue
 Show the currently loaded queue definitions.
 When used together with
 .Fl v ,
@@ -364,7 +365,7 @@ When used together with
 .Nm
 will loop and show updated queue statistics every five seconds, including
 measured bandwidth and packets per second.
-.It Fl s Cm rules
+.It Cm rules
 Show the currently loaded filter rules.
 If
 .Fl R Ar id
@@ -388,7 +389,7 @@ will skip evaluation of rules where possible.
 Packets passed statefully are counted in the rule that created the state
 (even though the rule isn't evaluated more than once for the entire
 connection).
-.It Fl s Cm Anchors
+.It Cm Anchors
 Show the currently loaded anchors directly attached to the main ruleset.
 If
 .Fl a Ar anchor
@@ -399,15 +400,15 @@ If
 .Fl v
 is specified, all anchors attached under the target anchor will be
 displayed recursively.
-.It Fl s Cm states
+.It Cm states
 Show the contents of the state table.
 If
 .Fl R Ar id
 is specified as well,
 only states created by the rule with the specified numeric ID are shown.
-.It Fl s Cm Sources
+.It Cm Sources
 Show the contents of the source tracking table.
-.It Fl s Cm info
+.It Cm info
 Show filter information (statistics and counters).
 When used together with
 .Fl v ,
@@ -415,7 +416,7 @@ source tracking statistics, the firewall's 32-bit hostid number and the
 main ruleset's MD5 checksum for use with
 .Xr pfsync 4
 are also shown.
-.It Fl s Cm labels
+.It Cm labels
 Show per-rule statistics (label, evaluations, packets total, bytes total,
 packets in, bytes in, packets out, bytes out, state creations) of
 filter rules with labels, useful for accounting.
@@ -423,15 +424,15 @@ If
 .Fl R Ar id
 is specified as well,
 only the statistics for the rule with the specified numeric ID are shown.
-.It Fl s Cm timeouts
+.It Cm timeouts
 Show the current global timeouts.
-.It Fl s Cm memory
+.It Cm memory
 Show the current pool memory hard limits.
-.It Fl s Cm Tables
+.It Cm Tables
 Show the list of tables.
-.It Fl s Cm osfp
+.It Cm osfp
 Show the list of operating system fingerprints.
-.It Fl s Cm Interfaces
+.It Cm Interfaces
 Show the list of interfaces and interface groups available to PF.
 When used together with
 .Fl v ,
@@ -441,7 +442,7 @@ When used together with
 interface statistics are also shown.
 .Fl i
 can be used to select an interface or a group of interfaces.
-.It Fl s Cm all
+.It Cm all
 Show all of the above, except for the lists of interfaces and operating
 system fingerprints.
 .El
@@ -486,6 +487,7 @@ no free ports in translation port range
 .It no-route
 dropped by no-route
 .El
+.Tg T
 .It Fl t Ar table Fl T Ar command Op Ar address ...
 Specify the
 .Ar command
@@ -493,31 +495,31 @@ Specify the
 .Ar table .
 Commands include:
 .Pp
-.Bl -tag -width "-T expire number" -compact
-.It Fl T Cm add
+.Bl -tag -width "expire number" -compact
+.It Cm add
 Add one or more addresses to a table.
 Automatically create a persistent table if it does not exist.
-.It Fl T Cm delete
+.It Cm delete
 Delete one or more addresses from a table.
-.It Fl T Cm expire Ar number
+.It Cm expire Ar number
 Delete addresses which had their statistics cleared more than
 .Ar number
 seconds ago.
 For entries which have never had their statistics cleared,
 .Ar number
 refers to the time they were added to the table.
-.It Fl T Cm flush
+.It Cm flush
 Flush all addresses in a table.
-.It Fl T Cm kill
+.It Cm kill
 Kill a table.
-.It Fl T Cm replace
+.It Cm replace
 Replace the addresses of the table.
 Automatically create a persistent table if it does not exist.
-.It Fl T Cm show
+.It Cm show
 Show the content (addresses) of a table.
-.It Fl T Cm test
+.It Cm test
 Test if the given addresses match a table.
-.It Fl T Cm zero
+.It Cm zero
 Clear all the statistics of a table, or only for specified addresses.
 .El
 .Pp