Document the file system firewall interface library functions.

Sponsored by:	DARPA, Network Associates Laboratories

6 files changed, 515 insertions, 0 deletions

diff --git a/lib/libugidfw/Makefile b/lib/libugidfw/Makefile
index 51dfeb9da1e1..1eb43d0fe24e 100644
--- a/lib/libugidfw/Makefile
+++ b/lib/libugidfw/Makefile
@@ -5,4 +5,12 @@ SHLIB_MAJOR=	1
 SRCS=		ugidfw.c
 INCS=		ugidfw.h
 
+MAN+=		bsde_get_rule.3 bsde_get_rule_count.3 bsde_parse_rule.3 \
+		bsde_rule_to_string.3 libugidfw.3
+
+MLINKS= 	bsde_get_rule.3 bsde_delete_rule.3
+MLINKS+=	bsde_get_rule.3 bsde_set_rule.3
+MLINKS+=	bsde_get_rule_count.3 bsde_get_rule_slots.3
+MLINKS+=	bsde_parse_rule.3 bsde_parse_rule_string.3
+
 .include <bsd.lib.mk>
diff --git a/lib/libugidfw/bsde_get_rule.3 b/lib/libugidfw/bsde_get_rule.3
new file mode 100644
index 000000000000..72136528f13d
--- /dev/null
+++ b/lib/libugidfw/bsde_get_rule.3
@@ -0,0 +1,122 @@
+.\" Copyright (c) 2003 Networks Associates Technology, Inc.
+.\" All rights reserved.
+.\" 
+.\" This software was developed for the FreeBSD Project by Chris
+.\" Costello at Safeport Network Services and Network Associates
+.\" Laboratories, the Security Research Division of Network Associates,
+.\" Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part
+.\" of the DARPA CHATS research program.
+.\" 
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\" 
+.\" $FreeBSD$
+.Dd JANUARY 7, 2003
+.Os
+.Dt BSDE_GET_RULE 3
+.Sh NAME
+.Nm bsde_get_rule ,
+.Nm bsde_set_rule ,
+.Nm bsde_delete_rule
+.Nd file system firewall rules list management
+.Sh LIBRARY
+.Lb libugidfw
+.Sh SYNOPSIS
+.In ugidfw.h
+.Ft int
+.Fn bsde_get_rule "int rulenum" "struct mac_bsdextended_rule *rule" "size_t errlen" "char *errstr"
+.Ft int
+.Fn bsde_set_rule "int rulenum" "struct mac_bsdextended_rule *rule" "size_t errlen" "char *errstr"
+.Ft int
+.Fn bsde_delete_rule "int rulenum" "size_t errlen" "char *errstr"
+.Sh DESCRIPTION
+The
+.Fn bsde_get_rule
+function fills in
+.Fa *rule
+with the rule numbered
+.Fa rulenum .
+If an error occurs,
+.Fa *errstr
+is filled in with the error string
+(up to
+.Fa errlen
+characters, including the terminating NUL).
+.Pp
+The
+.Fn bsde_set_rule
+function fills the slot numbered
+.Fa rulenum
+with the specified rule
+(in
+.Vt "struct mac_bsdextended_rule"
+form, either from
+.Xr bsde_get_rule 3
+or
+.Xr bsde_parse_rule 3 ) .
+If an error occurs,
+.Fa *errstr
+is filled with the error string
+(up to
+.Fa errlen
+characters, including the terminating NUL).
+.Pp
+The
+.Fn bsde_delete_rule
+function deletes the rule numbered
+.Fa rulenum .
+If an error occurs,
+.Fa *errstr
+is filled with the error string
+(up to
+.Fa errlen
+characters, including the terminating NUL).
+.Sh RETURN VALUES
+The
+.Fn bsde_get_rule ,
+.Fn bsde_set_rule ,
+and
+.Fn bsde_delete_rule
+functions return
+.Li 0
+if successful;
+otherwise the value
+.Li \&-1
+is returned and the value of
+.Fa *errstr
+is filled in as documented in
+.Sx DESCRIPTION .
+.Sh SEE ALSO
+.Xr bsde_get_rule_count 3 ,
+.Xr bsde_get_rule_slots 3 ,
+.Xr bsde_parse_rule 3 ,
+.Xr bsde_parse_rule_string 3 ,
+.Xr bsde_rule_to_string 3 ,
+.Xr libugidfw 3 ,
+.Xr mac_bsdextended 4 ,
+.Xr ugidfw 8
+.Sh AUTHORS
+This software was contributed to the
+.Fx
+Project by Network Associates Labs,
+the Security Research Division of Network Associates
+Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
+as part of the DARPA CHATS research program.
diff --git a/lib/libugidfw/bsde_get_rule_count.3 b/lib/libugidfw/bsde_get_rule_count.3
new file mode 100644
index 000000000000..2152f6aafbed
--- /dev/null
+++ b/lib/libugidfw/bsde_get_rule_count.3
@@ -0,0 +1,90 @@
+.\" Copyright (c) 2003 Networks Associates Technology, Inc.
+.\" All rights reserved.
+.\" 
+.\" This software was developed for the FreeBSD Project by Chris
+.\" Costello at Safeport Network Services and Network Associates
+.\" Laboratories, the Security Research Division of Network Associates,
+.\" Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part
+.\" of the DARPA CHATS research program.
+.\" 
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\" 
+.\" $FreeBSD$
+.Dd JANUARY 7, 2003
+.Os
+.Dt BSDE_GET_RULE_COUNT 3
+.Sh NAME
+.Nm bsde_get_rule_count ,
+.Nm bsde_get_rule_slots
+.Nd file system firewall statistics
+.Sh LIBRARY
+.Lb libugidfw
+.Sh SYNOPSIS
+.In ugidfw.h
+.Ft int
+.Fn bsde_get_rule_count "size_t errlen" "char *errstr"
+.Ft int
+.Fn bsde_get_rule_slots "size_t errlen" "char *errstr"
+.Sh DESCRIPTION
+The
+.Fn bsde_get_rule_count
+and
+.Fn bsde_get_rule_slots
+return the total number of enforced rules
+and the total number of used rule slots, respectively.
+If an error occurs,
+.Fa *errstr
+is filled in with the error string
+(up to
+.Fa errlen
+characters, including the terminating NUL).
+.Sh RETURN VALUES
+The
+.Fn bsde_get_rule_count
+and
+.Fn bsde_get_rule_slots
+functions return
+the number of enforced rules and rule slots (respectively)
+if successful;
+otherwise the value
+.Li \&-1
+is returned and the value of
+.Fa *errstr
+is filled in as documented in
+.Sx DESCRIPTION .
+.Sh SEE ALSO
+.Xr bsde_delete_rule 3 ,
+.Xr bsde_get_rule 3 ,
+.Xr bsde_parse_rule 3 ,
+.Xr bsde_parse_rule_string 3 ,
+.Xr bsde_rule_to_string 3 ,
+.Xr bsde_set_rule 3 ,
+.Xr libugidfw 3 ,
+.Xr mac_bsdextended 4 ,
+.Xr ugidfw 8
+.Sh AUTHORS
+This software was contributed to the
+.Fx
+Project by Network Associates Labs,
+the Security Research Division of Network Associates
+Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
+as part of the DARPA CHATS research program.
diff --git a/lib/libugidfw/bsde_parse_rule.3 b/lib/libugidfw/bsde_parse_rule.3
new file mode 100644
index 000000000000..47610bf128d0
--- /dev/null
+++ b/lib/libugidfw/bsde_parse_rule.3
@@ -0,0 +1,99 @@
+.\" Copyright (c) 2003 Networks Associates Technology, Inc.
+.\" All rights reserved.
+.\" 
+.\" This software was developed for the FreeBSD Project by Chris
+.\" Costello at Safeport Network Services and Network Associates
+.\" Laboratories, the Security Research Division of Network Associates,
+.\" Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part
+.\" of the DARPA CHATS research program.
+.\" 
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\" 
+.\" $FreeBSD$
+.Dd JANUARY 7, 2003
+.Os
+.Dt BSDE_PARSE_RULE 3
+.Sh NAME
+.Nm bsde_parse_rule ,
+.Nm bsde_parse_rule_string
+.Nd parse file system firewall rules
+.Sh LIBRARY
+.Lb libugidfw
+.Sh SYNOPSIS
+.In ugidfw.h
+.Ft int
+.Fn bsde_parse_rule "int argc" "char *argv[]" "struct mac_bsdextended_rule *rule" "size_t buflen" "char *errstr"
+.Ft int
+.Fn bsde_parse_rule_string "const char *string" "struct mac_bsdextended_rule *rule" "size_t buflen" "char *errstr"
+.Sh DESCRIPTION
+The
+.Fn bsde_parse_rule
+function parses an argument vector
+(e.g.
+.Fa argv
+as passed to
+.Fn main )
+into
+.Fa rule .
+If an error occurs,
+.Fa *errstr
+is filled in with the error string
+(up to
+.Fa errlen
+characters, including the terminating NUL).
+.Pp
+The
+.Fn bsde_parse_rule_string
+function is identical to
+.Fn bsde_parse_rule ,
+except that it parse a single string, rather than an array of arguments.
+.Sh RETURN VALUES
+The
+.Fn bsde_parse_rule_string
+and
+.Fn bsde_parse_rule
+functions return
+.Li 0
+if successful;
+otherwise the value
+.Li \&-1
+is returned and the value of
+.Fa *errstr
+is filled in as documented in
+.Sx DESCRIPTION .
+.Sh SEE ALSO
+.Xr bsde_delete_rule 3 ,
+.Xr bsde_get_rule 3 ,
+.Xr bsde_get_rule_count 3 ,
+.Xr bsde_get_rule_slots 3 ,
+.Xr bsde_rule_to_string 3 ,
+.Xr bsde_set_rule 3 ,
+.Xr libugidfw 3 ,
+.Xr mac_bsdextended 4 ,
+.Xr ugidfw 8
+.Sh AUTHORS
+This software was contributed to the
+.Fx
+Project by Network Associates Labs,
+the Security Research Division of Network Associates
+Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
+as part of the DARPA CHATS research program.
diff --git a/lib/libugidfw/bsde_rule_to_string.3 b/lib/libugidfw/bsde_rule_to_string.3
new file mode 100644
index 000000000000..e022fd63381b
--- /dev/null
+++ b/lib/libugidfw/bsde_rule_to_string.3
@@ -0,0 +1,80 @@
+.\" Copyright (c) 2003 Networks Associates Technology, Inc.
+.\" All rights reserved.
+.\" 
+.\" This software was developed for the FreeBSD Project by Chris
+.\" Costello at Safeport Network Services and Network Associates
+.\" Laboratories, the Security Research Division of Network Associates,
+.\" Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part
+.\" of the DARPA CHATS research program.
+.\" 
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\" 
+.\" $FreeBSD$
+.Dd JANUARY 7, 2003
+.Os
+.Dt BSDE_RULE_TO_STRING 3
+.Sh NAME
+.Nm bsde_rule_to_string
+.Nd converts a ugidfw rule into its text representation
+.Sh LIBRARY
+.Lb libugidfw
+.Sh SYNOPSIS
+.In ugidfw.h
+.Ft int
+.Fn bsde_rule_to_string "struct mac_bsdextended_rule *rule" "char *buf" "size_t buflen"
+.Sh DESCRIPTION
+The
+.Fn bsde_rule_to_string
+function converts a rule in its internal representation
+.Vt ( "struct mac_bsdextended_rule" )
+into its text representation and writes up to
+.Fa buflen
+bytes of it to
+.Fa buf
+(including the terminating NUL).
+.Sh RETURN VALUES
+The
+.Fn bsde_rule_to_string
+function returns
+.Li \&-1
+if the conversion was truncated;
+otherwise the value
+.Li 0
+is returned.
+.Sh SEE ALSO
+.Xr bsde_delete_rule 3 ,
+.Xr bsde_get_rule 3 ,
+.Xr bsde_get_rule_count 3 ,
+.Xr bsde_get_rule_slots 3 ,
+.Xr bsde_parse_rule 3 ,
+.Xr bsde_parse_rule_string 3 ,
+.Xr bsde_set_rule 3 ,
+.Xr libugidfw 3 ,
+.Xr mac_bsdextended 4 ,
+.Xr ugidfw 8
+.Sh AUTHORS
+This software was contributed to the
+.Fx
+Project by Network Associates Labs,
+the Security Research Division of Network Associates
+Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
+as part of the DARPA CHATS research program.
diff --git a/lib/libugidfw/libugidfw.3 b/lib/libugidfw/libugidfw.3
new file mode 100644
index 000000000000..36dbc9b6db34
--- /dev/null
+++ b/lib/libugidfw/libugidfw.3
@@ -0,0 +1,116 @@
+.\" Copyright (c) 2003 Networks Associates Technology, Inc.
+.\" All rights reserved.
+.\" 
+.\" This software was developed for the FreeBSD Project by Chris
+.\" Costello at Safeport Network Services and Network Associates
+.\" Laboratories, the Security Research Division of Network Associates,
+.\" Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part
+.\" of the DARPA CHATS research program.
+.\" 
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\" 
+.\" $FreeBSD$
+.Dd JANUARY 5, 2003
+.Os
+.Dt LIBUGIDFW 3
+.Sh NAME
+.Nm libugidfw
+.Nd library interface to the fire system firewall MAC policy
+.Sh LIBRARY
+.Lb libugidfw
+.Sh SYNOPSIS
+.In ugidfw.h
+.Sh DESCRIPTION
+The
+.Nm
+library routines provide an interface to the
+.Xr mac_bsdextended 4
+file system firewall MAC policy.
+.Pp
+The
+.Nm
+library defines the following functions:
+.Bl -tag -width "bsde_parse_rule_strong"
+.It Fn bsde_rule_to_string
+Converts the internal representation of a rule
+.Vt ( "struct mac_bsdextended_rule" )
+into its text representation;
+see
+.Xr bsde_rule_to_string 3 .
+.It Fn bsde_parse_identity
+Parses the identity of a subject or object;
+see
+.Xr bsde_parse_identity 3 .
+.It Fn bsde_parse_mode
+Parses the access mode for a ugidfw rule;
+see
+.Xr bsde_parse_mode 3 .
+.It Fn bsde_parse_rule
+Parses an entire rule
+(in argument array form);
+see
+.Xr bsde_parse_rule 3 .
+.It Fn bsde_parse_rule_string
+Parse an entire rule string;
+see
+.Xr bsde_parse_rule_string 3 .
+.It Fn bsde_get_rule_count
+Returns the total number of ugidfw rules being enforced in the system;
+see
+.Xr bsde_get_rule_count 3 .
+.It Fn bsde_get_rule_slots
+Returns the total number of used rule slots;
+see
+.Xr bsde_get_rule_slots 3 .
+.It Fn bsde_get_rule
+Returns a rule by its rule number;
+see
+.Xr bsde_get_rule 3 .
+.It Fn bsde_delete_rule
+Deletes a rule by its rule number;
+see
+.Xr bsde_delete_rule 3 .
+.It Fn bsde_set_rule
+Uploads the rule to the
+.Xr mac_bsdextended 4
+module and applies it;
+see
+.Xr bsde_set_rule 3 .
+.El
+.Sh SEE ALSO
+.Xr bsde_delete_rule 3 ,
+.Xr bsde_get_rule 3 ,
+.Xr bsde_get_rule_count 3 ,
+.Xr bsde_get_rule_slots 3 ,
+.Xr bsde_parse_identity 3 ,
+.Xr bsde_parse_mode 3 ,
+.Xr bsde_parse_rule 3 ,
+.Xr bsde_parse_rule_string 3 ,
+.Xr bsde_rule_to_string 3 ,
+.Xr bsde_set_rule 3
+.Sh AUTHORS
+This software was contributed to the
+.Fx
+Project by Network Associates Labs,
+the Security Research Division of Network Associates
+Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
+as part of the DARPA CHATS research program.