Hi Erdem,
Unfortunately that will open up the whole firewall configuration for the
user and I want to restrict it to the access_in firewall only!
Thanks.
Otto
Erdem Sener wrote:
Hey Otto,
You need to add "firewall-control" to your class' permissions, and
you should be fine.
Cheers,
Erdem
On Thu, Aug 14, 2008 at 1:49 PM, Otto Kreiter <[EMAIL PROTECTED]> wrote:
Hi,
I'm trying to create a user with limited rights to access a single firewall
filter in the firewall configuration. I have (partially) managed to find the
most convenient way of doing it by committing the following configuration:
class test {
permissions configure;
allow-configuration "firewall family inet filter access_in";
}
user test {
uid 2002;
class test;
authentication {
encrypted-password "xxx";
}
}
This nicely allows test user to configure the access_in filter and to
*create* new terms. However here comes the problem. When a new term is
created this is placed automatically at the end of the filter (fair enough -
is there is any way to specify his place?). But then when the user tries to
insert it in the right place:
[EMAIL PROTECTED] insert term Test-1 before ?
No valid completions
Yes there are many other terms, even created by the same user in the same
session. I've tried countless allow-configurations and permission
configuration options and variations but I'm missing something and can't get
to the bottom of the problem.
I would be grateful if somebody can point me in the right direction!
Thank you and regards,
Otto
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
--
Otto Kreiter
Service Introduction Manager
DANTE Ltd.
Phone: +44 (0)1223 371300
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
