Basic syntax
	file ::= empty | file stmt [`;']
	stmt ::= option-stmt | fw-stmt
	fw-stmt ::= `fw' source options [`to'|`->'] target options
	options ::= `{' option-seq `}'
	option-seq ::= empty | option-stmt [`;'] option-seq

Option syntax
	option-stmt ::= q-option
	q-option ::= option
	     | prefix `.' q-option
	     | prefix `{' option-seq `}'
	prefix ::= word

File source and target
	source ::= file
	target ::= file
	file ::= `file' [`.'] fspec [`,' fspec]
	fspec ::= fd-spec | name-spec | null-spec
	fd-spec ::= [[`:']`fd'[`:']] number|`stdin'|`stdout'
	name-spec ::= [[`:']`file'[`:']] file-name
	file-name ::= path-seq | [ path-seq ]
	path-seq ::= path-elt | path-seq path-elt
	path-elt ::= `/' | word
	null-spec ::= [`:']`null'[`:']

Exec source and target
	source ::= exec
	target ::= exec
	exec ::= `exec' [`.'] cmd-spec
	cmd-spec ::= shell-cmd | [prog-name] `[' argv0 arg-seq `]'
	arg-seq ::= word | arg-seq word
	shell-cmd ::= word
	argv0 ::= word

Socket source and target
	source ::= socket-source
	target ::= socket-target
	socket-source ::= [`socket'[`.']] [[`:']addr-type[`:']] source-addr
	socket-target ::= [`socket'[`.']] [[`:']addr-type[`:']] target-addr

	inet-source-addr ::= [port] port
	inet-target-addr ::= address [`:'] port
	address ::= addr-elt | address addr-elt
	addr-elt ::= `.' | word

	unix-source-addr ::= file-name
	unix-target-addr ::= file-name

File attributes (`fattr')
	prefix.fattr.mode [=] mode
	prefix.fattr.owner [=] user
	prefix.fattr.group [=] group

File options
	file.create [=] yes|no
	file.open [=] no|truncate|append
	file.fattr.*

Exec options
	exec.logging [=] yes|no
	exec.dir [=] file-name
	exec.root [=] file-name
	exec.user [=] user
	exec.group [=] group
	exec.rlimit.limit[.hard|.soft] [=] value
	exec.env.clear
	exec.env.unset var
	exec.env.[set] var [=] value

Socket options
	socket.conn [=] number|unlimited|one-shot
	socket.logging [=] yes|no
	socket.inet.[allow|deny] [from] address [/ address]
	socket.unix.fattr.*