[tac_plus] need help with crafting a cmd with some regex
heasley
heas at shrubbery.net
Tue Feb 20 22:12:49 UTC 2018
Tue, Feb 20, 2018 at 02:28:46PM -0500, Asif Iqbal:
> All users can execute ip route A.A.A.A B.B.B.B <VlanX/GigabitX> <next-hop
> IP>. However, without <VlanX/GigabitX>, tacacs should reject it.
>
> Meaning the ip route command would have to contain a VLAN or Interface
> specifier , or be rejected.
>
> Here are some examples:
>
> Good static route – accepted:
> ip route 192.168.1.128 255.255.255.192 Vlan1686 192.168.1.6 name foo_to_bar
> ip route 192.168.2.0 255.255.255.0 TenGigabitEthernet4/16.689 192.168.2.12
> ip route vrf S609150:1678 172.26.0.0 255.255.0.0 Vlan1682 10.35.174.33
>
> Bad static route: - rejected:
> ip route vrf s617:securities-micro:B 192.168.7.60 255.255.255.255
> 192.168.7.58
> ip route 172.29.141.48 255.255.255.240 172.26.250.73 name bar_to_foo
permit ip route ip ip interface ip name
permit ip route ip ip interface ip$
permit ip route vrf word ip ip interface ip$
deny ip route
> Thanks
>
> --
> Asif Iqbal
> PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
> A: Because it messes up the order in which people normally read text.
> Q: Why is top-posting such a bad thing?
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20180220/ed55e83f/attachment.html>
> _______________________________________________
> tac_plus mailing list
> tac_plus at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/tac_plus
More information about the tac_plus
mailing list