Posts: 2
Registered: ‎06-27-2012

Class permissions commands.



I need to configure class commans permissions. 


I want useres from "smena-rw" group be allowed to execute  "clear ip bgp neighbor x.x.x.x" ( particular neighbor)

But not allowed  "clear bgp neighbor"  -  all neighbors.



user@router# show system login class smena-rw
permissions [ clear configure firewall-control interface-control network rollback routing-control view view-configuration ];
allow-commands "(clear bgp neighbor .*)";
deny-commands "(clear bgp neighbor$)";

Config above doesn't accomplish my goal ...


rw@router> clear bgp neighbor
missing argument.

rw@router> clear bgp neighbor ?
Possible completions:
  as                   Autonomous system (1..65535)
  instance             Name of BGP instance
  logical-router       Name of logical router, or 'all'
  soft                 Soft reset outbound state
  soft-inbound         Soft reset inbound state by issuing Refresh

I'm not allowed to clear all bgp session, but also i'm not allowed to clear particular neighbor.


Posts: 2
Registered: ‎06-27-2012

Re: Class permissions commands.

[ Edited ]

Could anybody answer my question please ?

Or ... i was wrong with a thread ? Smiley Wink

Copyright© 1999-2015 Juniper Networks, Inc. All rights reserved.