I want useres from "smena-rw" group be allowed to execute "clear ip bgp neighbor x.x.x.x" ( particular neighbor)
But not allowed "clear bgp neighbor" - all neighbors.
user@router# show system login class smena-rw permissions [ clear configure firewall-control interface-control network rollback routing-control view view-configuration ]; allow-commands "(clear bgp neighbor .*)"; deny-commands "(clear bgp neighbor$)";
Config above doesn't accomplish my goal ...
rw@router> clear bgp neighbor ^ missing argument.
rw@router> clear bgp neighbor ? Possible completions: as Autonomous system (1..65535) instance Name of BGP instance logical-router Name of logical router, or 'all' soft Soft reset outbound state soft-inbound Soft reset inbound state by issuing Refresh
I'm not allowed to clear all bgp session, but also i'm not allowed to clear particular neighbor.