target      = 4738;
listen      = 4737;
directory   = .;
logfile     = broker.log;
debug-level = server=1;
admin-name  = "Perforce Admins";
admin-phone = 999/911;
admin-email = perforce-admins@example.com;

compress = false;

# Optional user account to authenticate the broker to the target server with.
#service-user = "svc-user-broker";

# Optional alternate P4TICKETS location.
#ticket-file = "/p4/broker/.p4tickets";

redirection  = selective;

#-------------------------------------------------------------------------------
# Definitions of all altservers in the environment.
#-------------------------------------------------------------------------------

# Note that the altserver name can not be 'random' as that is reserved for use
# in the destination field of command handlers to specify that the altserver
# should be chosen randomly.
#
#altserver: replica_name
#{
#    # 
#    # Address of target server. Note that target servers must be configured
#    # to use P4AUTH to ensure that login tickets are valid for all servers in
#    # the brokered environment.  I.e. the target and alternate servers must
#    # share their authentication.
#    #
#    target = localhost:1669;
#}

#-------------------------------------------------------------------------------
# Command policies
#-------------------------------------------------------------------------------

#
# The general syntax is:
#
# command: <regex pattern>
# {
# 	# Conditions for the command to meet (optional)
#	# Note that with the exception of 'flags', these are regex patterns.
#	# See 'p4 help grep' for an explanation of the regex syntax.
# 	flags     = <required flags>;
# 	args      = <required arguments>;
#	user      = <required user>;
#	workspace = <required client workspace>;
#	prog      = <required client program>;
#	version   = <required version of client program>;
#
#	# What to do with matching commands (required)
#	action = pass | reject | redirect | filter ;
#
#	# How to go about it
#	destination = <altserver>;          # Required for action = redirect
#	execute	= <path to filter program>; # Required for action = filter
#	message = <rejection message>;      # Required for action = reject
#}
#
# Note that when specifying regex patterns, bare strings like 'integ' will also
# match 'integrate'.  To match an exact string, append the beginning/end of line
# anchors.  E.g. '^integ$'.

#
# Uncomment the lines below to block all access to the server during
# periods of maintenance.
#
#command: .*
#{
#    action  = reject;
#    message = "Server down for maintenance. Back soon";
#}

#
# Allow user 'tony' to run 'p4 opened -a'.
# 
#command: opened
#{
#    flags  = -a;
#    user   = tony;
#    action = pass;
#}
#
#
# Forbid the use of 'p4 opened -a' to everyone else.
#
#command: opened
#{
#    flags   = -a;
#    action  = reject;
#    message = "You don't need to know that";
#}

#
# Use of the 'p4 changes' command is filtered. The script might decide
# that requests for information about older changes can be served by
# an alternate server.
#
#command: changes
#{
#    action  = filter;
#    execute = ./check_changes.rb;
#}

#
# Redirect all 'p4 users' commands to another server. Not a very useful
# example; good cases for wholesale redirection are hard to come by and
# great care should be exercised when using this action.
# 
#command: users
#{
#    action      = redirect;
#    destination = replica;
#}

# When the destination is 'random', the altserver is chosen arbitrarily.
# 
#command: fixes
#{
#    action      = redirect;
#    destination = random;
#}

#
# The combination of the following two command handlers lets you create two
# classes of super user - one with full 'super' privileges, and another that
# can only run a subset of the full 'super' command set.  This separation is
# only effective if all user requests are passing through the broker.
#
# The first rule assumes a naming scheme where full super users have names
# prefixed by 'super-'.  The second one rejects all requests for the 'super'
# commands that we don't want the rest of the super users (or anyone else)
# to run.  Note that we're specifically not matching 'protects' since P4V
# requires it to log in.
#
#command: admin|protect|obliterate
#{
#    user   = ^super-;
#    action = pass;
#}
#
#command: admin|^protect$|obliterate
#{
#    action  = reject;
#    message = "permission denied.";
#}

#
# Reject programs that don't identify themselves.
#
#command: .*
#{
#    prog    = ^$|unknown;
#    action  = reject;
#    message = "Unnamed programs disallowed.  API programs can call SetProg().";
#}

#
# Reject commands with arguments against //... and //some_depot/...
#
# Note that this will also match //client/ syntax, which is often of a much
# smaller scope than a path in depot syntax.  Client software such as P4V
# relies on client syntax, so one might want to list out the depot names
# explicitly instead of using the generic regex.
#
#command: .*
#{
#    args = ^//[^/]*/?\.\.\.;
#    action = reject;
#    message = "Some commands just want to watch the database churn.";
#}