From 62687ff1cd3d4460cdbd4b0fbf1e3298fe277ad2 Mon Sep 17 00:00:00 2001 From: Paul Jakma Date: Sat, 23 Aug 2008 14:27:06 +0100 Subject: [vty] Add support for a 'restricted mode' with anonymous vty connections * lib/command.h: Add a RESTRICTED_NODE, intended for use with anonymous, 'no login' vtys, to provide a subset of 'view' mode commands. * lib/command.c: Add RESTRICTED_NODE bits, nothing special, just following VIEW_NODE. * lib/vty.c: (vty_auth) enable authentication should fall back to restricted/view node as appropriate. (vty_create) init vty's to restricted/view node as appropriate, for the 'no login' case. (vty_{no_,}restricted_mode_cmd) config commands to enable 'anonymous restricted' in vty configuration. (vty_config_write) 'anonymous restricted' config. (vty_init) Install some commands to restricted mode, and the 'anonymous restricted' config commands into VTY_NODE. * bgpd/*.c: Install some of the safe(r) BGP commands into 'restricted mode', i.e. lookup commands of non-sensitive data. Useful with looking-glass route-servers. --- lib/memory.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'lib/memory.c') diff --git a/lib/memory.c b/lib/memory.c index 28b3d896..f5d0cba6 100644 --- a/lib/memory.c +++ b/lib/memory.c @@ -444,6 +444,16 @@ DEFUN (show_memory_isis, void memory_init (void) { + install_element (RESTRICTED_NODE, &show_memory_cmd); + install_element (RESTRICTED_NODE, &show_memory_all_cmd); + install_element (RESTRICTED_NODE, &show_memory_lib_cmd); + install_element (RESTRICTED_NODE, &show_memory_rip_cmd); + install_element (RESTRICTED_NODE, &show_memory_ripng_cmd); + install_element (RESTRICTED_NODE, &show_memory_bgp_cmd); + install_element (RESTRICTED_NODE, &show_memory_ospf_cmd); + install_element (RESTRICTED_NODE, &show_memory_ospf6_cmd); + install_element (RESTRICTED_NODE, &show_memory_isis_cmd); + install_element (VIEW_NODE, &show_memory_cmd); install_element (VIEW_NODE, &show_memory_all_cmd); install_element (VIEW_NODE, &show_memory_lib_cmd); -- cgit v1.2.1