22
rule
Use
rule
to create or change a user role rule.
Use
undo rule
to delete user role rules.
Syntax
rule
number
{
deny
|
permit
}
{
command command-string
|
{
execute
|
read
|
write
}
*
{
feature
[
feature-name
]
|
feature-group
feature-group-name
|
oid
oid-string
|
web-menu
[
web-string
]
|
xml-element
[
xml-string
]
}
}
undo rule
{
number
|
all
}
Default
A user-defined user role does not have any rules and cannot access any resources.
Views
User role view
Predefined user roles
network-admin
Parameters
number
: Specifies a rule number in the range of 1 to 256.
deny
: Denies access to the specified commands, Web menus, XML elements, or MIB nodes.
permit
: Permits access to the specified commands, Web menus, XML elements, or MIB nodes.
command command-string
: Specifies a command string. The command string can represent a
command or a group of commands. The
command-string
argument is a case-sensitive string of 1
to 128 characters, including the following characters:
•
The wildcard asterisk (*).
•
The delimiters space and tab.
•
All printable characters.
execute
: Specifies the execute commands, Web menus, XML elements, or MIB nodes to execute
a specific function or program. The
ping
command is an example of execute commands.
read
: Specifies the read commands, Web menus, XML elements, or MIB nodes to display
configuration or maintenance information. The
display
,
dir
,
more
, and
pwd
commands are
examples of read commands.
write
: Specifies the write commands, Web menus, XML elements, or MIB nodes to configure the
system. The
ssh server enable
command is an example of write commands.
feature
[
feature-name
]
: Specifies one or all features. The
feature-name
argument is a
case-sensitive character string. If you do not specify a feature name, you specify all the features in
the system.
feature-group
feature-group-name
: Specifies a user-defined or predefined feature group.
The
feature-group-name
argument represents the feature group name, a case-sensitive string
of 1 to 31 characters. If the feature group has not been created, the rule takes effect after the group
is created. To display the feature groups that have been created, use the
display role
feature-group
command.
oid
oid-string
: Specifies an OID of a MIB node. The
oid-string
argument represents the
OID, a case-insensitive string of 1 to 255 characters. The OID is a dotted numeric string that uniquely
identifies the path from the root node to this node. For example, 1.3.6.1.4.1.25506.8.35.14.19.1.1.
Summary of Contents for SOHO IE4300
Page 285: ...i Contents Tcl commands 1 cli 1 tclquit 1 tclsh 2...
Page 288: ...i Contents Python commands 1 exit 1 python 1 python filename 2...
Page 291: ...i Contents Automatic configuration commands 1 autodeploy udisk enable 1...
Page 323: ...25 Sysname Ten GigabitEthernet1 0 51 undo shutdown Related commands irf port...
Page 465: ...ii stp vlan enable 55 vlan mapping modulo 55...
Page 602: ...12 Related commands display mvrp statistics...
Page 609: ...i Contents VLAN mapping commands 1 display vlan mapping 1 vlan mapping 2...
Page 678: ...9 Related commands reset pppoe relay statistics...
Page 846: ...i Contents Basic IP forwarding commands 1 display fib 1 ip forwarding table save 2...
Page 1770: ...i Contents Time range commands 1 display time range 1 time range 1...
Page 2026: ...34 Related commands display mac authentication...
Page 2028: ...ii...
Page 2143: ...i Contents User profile commands 1 display user profile 1 user profile 2...
Page 2308: ...61 ipsec transform set...
Page 2531: ...i Contents SAVI commands 1 ipv6 savi down delay 1 ipv6 savi log enable 1 ipv6 savi strict 2...
Page 2534: ...3 Sysname ipv6 savi strict Related commands ipv6 verify source...
Page 2791: ...14 Sysname track 1 Related commands delay display track...
Page 2939: ...9 sntp authentication keyid sntp reliable authentication keyid...
Page 2967: ...27 Related commands apply poe profile poe enable poe max power interface view poe priority...