4000 Router Series Fundamentals Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

Any rule modification, addition, or removal for a user role takes effect only on the users that log in with

the user role after the change.

When you specify a command string, follow the guidelines in Table 3.

Table 3 Command stri

ng configuration rules

Rule Guidelines

Semicolon (;) is the delimiter.

Use a semicolon to separate the command of each view that you must

enter before you access a command or a set of commands, except for the

commands (for example, display and dir) available in user view or any

view.

Each semicolon-separated segment must have at least one printable

character.

To specify the commands in a view but not the commands in its subviews,

use a semicolon as the last printable character in the last segment. To

specify the commands in a view and its subviews, the last printable

character in the last segment must not be a semicolon.

For example, you must enter system view before you enter interface view.

To specify all the commands that start with ip in any interface view, you

must use the "system ; interface * ; ip * ;" command string.

For another example, the "system ; radius scheme * ;" command string

represents all the commands that start with radius scheme in system view.

The "system ; radius scheme *" command string represents all the

commands that start with radius scheme in system view and all the

commands in RADIUS scheme view.

Asterisk (*) is the wildcard.

An asterisk represents zero or multiple characters.

In a non-last segment, you can use an asterisk only at the end of the

segment.

In the last segment, you can use an asterisk in any position of the segment.

If the asterisk appears at the beginning, you cannot specify any printable

characters behind it.

For example, the "system ; *" command string represents all the

commands available in system view and all its subviews, and the

"debugging * event" command string represents all event debugging

commands available in user view.

Keyword abbreviation is allowed.

You can specify a keyword by entering its first few characters. Any

command that starts with this character string matches the rule.

For example, "rule 1 deny command dis mpls lsp protocol static asbr"

denies access to the commands display mpls lsp protocol static asbr and

display mpls lsp protocol static-cr asbr.

To control the access to a

command, you must specify the

command immediately after the

view that has the command.

To control access to a command, you must specify the command

immediately behind the view to which the command is assigned. The rules

that control command access for any subview do not apply to the

command.

For example, the "rule 1 deny command system ; interface * ; *"

command string disables access to any command that is assigned to

interface view, but you can still execute the acl number command in

interface view, because this command is assigned to system view rather

than interface view. To disable access to this command, use "rule 1 deny

command system ; acl *;".