The RESTRICTED_NODE command is not used, introduces code
complexity and provides no additional levels of security.
The only way to get into RESTRICTED_NODE is to add, under
vty configuration the command 'anonymous restricted', and
then telnet to a daemon, provide a password, then type
'enable' and fail to enter the password three times.
Then the user can enter a very limited set of commands to
monitor bgp and only bgp behavior.
This commit removes both the RESTRICTED_NODE usage as well
as the lib/* usage of the code
Signed-off-by: Donald Sharp <sha...@cumulusnetworks.com>
---
bgpd/bgp_nexthop.c | 1 -
bgpd/bgp_route.c | 123 -----------------------------------------------------
bgpd/bgp_vty.c | 46 +-------------------
lib/command.c | 21 ---------
lib/command.h | 1 -
lib/memory.c | 2 -
lib/vty.c | 46 +-------------------
7 files changed, 3 insertions(+), 237 deletions(-)
diff --git a/bgpd/bgp_nexthop.c b/bgpd/bgp_nexthop.c
index 2406814..6e7f2b4 100644
--- a/bgpd/bgp_nexthop.c
+++ b/bgpd/bgp_nexthop.c
@@ -1420,7 +1420,6 @@ bgp_scan_init (void)
install_element (BGP_NODE, &no_bgp_scan_time_val_cmd);
install_element (VIEW_NODE, &show_ip_bgp_scan_cmd);
install_element (VIEW_NODE, &show_ip_bgp_scan_detail_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_scan_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_scan_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_scan_detail_cmd);
}
diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c
index c364372..d1bf900 100644
--- a/bgpd/bgp_route.c
+++ b/bgpd/bgp_route.c
@@ -15923,48 +15923,6 @@ bgp_route_init (void)
install_element (VIEW_NODE, &show_bgp_view_ipv4_safi_rsclient_route_cmd);
install_element (VIEW_NODE, &show_bgp_view_ipv4_safi_rsclient_prefix_cmd);
- /* Restricted node: VIEW_NODE - (set of dangerous commands) */
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_vpn_rd_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_vpn_rd_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_rd_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_rd_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_vpn_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_vpn_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_encap_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_encap_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_rd_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_rd_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_afi_safi_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_afi_safi_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_community_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_community2_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_community3_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_community4_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_community_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_community2_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_community3_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_community4_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_afi_safi_community_all_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_afi_safi_community_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_afi_safi_community2_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_afi_safi_community3_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_afi_safi_community4_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_community_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_community2_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_community3_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_community4_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_community_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_community2_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_community3_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_community4_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_rsclient_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_rsclient_prefix_cmd);
- install_element (RESTRICTED_NODE,
&show_bgp_view_ipv4_safi_rsclient_route_cmd);
- install_element (RESTRICTED_NODE,
&show_bgp_view_ipv4_safi_rsclient_prefix_cmd);
-
install_element (ENABLE_NODE, &show_bgp_ipv4_safi_cmd);
install_element (ENABLE_NODE, &show_bgp_ipv4_safi_route_cmd);
install_element (ENABLE_NODE, &show_bgp_ipv4_vpn_route_cmd);
@@ -16165,33 +16123,6 @@ bgp_route_init (void)
install_element (VIEW_NODE, &show_bgp_view_ipv6_rsclient_prefix_cmd);
install_element (VIEW_NODE, &show_bgp_view_ipv6_safi_rsclient_prefix_cmd);
- /* Restricted:
- * VIEW_NODE - (set of dangerous commands) - (commands dependent on prev)
- */
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_community_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_community2_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_community3_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_community4_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_community_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_community2_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_community3_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_community4_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_rsclient_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_rsclient_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_rsclient_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_rsclient_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_ipv6_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_ipv6_prefix_cmd);
- install_element (RESTRICTED_NODE,
&show_bgp_view_ipv6_neighbor_received_prefix_filter_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_ipv6_rsclient_route_cmd);
- install_element (RESTRICTED_NODE,
&show_bgp_view_ipv6_safi_rsclient_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_ipv6_rsclient_prefix_cmd);
- install_element (RESTRICTED_NODE,
&show_bgp_view_ipv6_safi_rsclient_prefix_cmd);
-
install_element (ENABLE_NODE, &show_bgp_ipv6_safi_cmd);
install_element (ENABLE_NODE, &show_bgp_ipv6_route_cmd);
install_element (ENABLE_NODE, &show_bgp_ipv6_safi_route_cmd);
@@ -16396,35 +16327,6 @@ bgp_route_init (void)
install_element (VIEW_NODE, &show_ip_bgp_view_rsclient_cmd);
install_element (VIEW_NODE, &show_ip_bgp_view_rsclient_route_cmd);
install_element (VIEW_NODE, &show_ip_bgp_view_rsclient_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_route_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_ipv4_route_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_vpnv4_rd_route_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_ipv4_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_vpnv4_all_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_vpnv4_rd_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_view_route_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_view_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_community_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_community2_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_community3_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_community4_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_ipv4_community_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_ipv4_community2_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_ipv4_community3_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_ipv4_community4_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_community_exact_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_community2_exact_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_community3_exact_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_community4_exact_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_ipv4_community_exact_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_ipv4_community2_exact_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_ipv4_community3_exact_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_ipv4_community4_exact_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_rsclient_route_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_rsclient_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_view_rsclient_route_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_view_rsclient_prefix_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_ipv4_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_route_cmd);
@@ -16552,19 +16454,6 @@ bgp_route_init (void)
install_element (VIEW_NODE, &show_bgp_view_neighbor_flap_cmd);
install_element (VIEW_NODE, &show_bgp_view_neighbor_damp_cmd);
install_element (VIEW_NODE, &show_bgp_view_rsclient_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_community_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_community2_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_community3_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_community4_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_community_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_community2_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_community3_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_community4_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_prefix_cmd);
- install_element (RESTRICTED_NODE,
&show_bgp_view_neighbor_received_prefix_filter_cmd);
install_element (ENABLE_NODE, &show_bgp_cmd);
install_element (ENABLE_NODE, &show_bgp_ipv6_cmd);
install_element (ENABLE_NODE, &show_bgp_route_cmd);
@@ -16698,14 +16587,6 @@ bgp_route_init (void)
install_element (VIEW_NODE, &show_bgp_ipv6_community2_exact_cmd);
install_element (VIEW_NODE, &show_bgp_ipv6_community3_exact_cmd);
install_element (VIEW_NODE, &show_bgp_ipv6_community4_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_community_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_community2_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_community3_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_community4_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_community_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_community2_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_community3_exact_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_community4_exact_cmd);
install_element (ENABLE_NODE, &show_bgp_ipv6_community_cmd);
install_element (ENABLE_NODE, &show_bgp_ipv6_community2_cmd);
install_element (ENABLE_NODE, &show_bgp_ipv6_community3_cmd);
@@ -16721,15 +16602,11 @@ bgp_route_init (void)
install_element (VIEW_NODE, &show_bgp_rsclient_route_cmd);
install_element (VIEW_NODE, &show_bgp_rsclient_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_rsclient_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_rsclient_prefix_cmd);
install_element (ENABLE_NODE, &show_bgp_rsclient_route_cmd);
install_element (ENABLE_NODE, &show_bgp_rsclient_prefix_cmd);
install_element (VIEW_NODE, &show_bgp_view_rsclient_route_cmd);
install_element (VIEW_NODE, &show_bgp_view_rsclient_prefix_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_rsclient_route_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_view_rsclient_prefix_cmd);
install_element (ENABLE_NODE, &show_bgp_view_rsclient_route_cmd);
install_element (ENABLE_NODE, &show_bgp_view_rsclient_prefix_cmd);
}
diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c
index 6db3dcb..35b245d 100644
--- a/bgpd/bgp_vty.c
+++ b/bgpd/bgp_vty.c
@@ -10960,11 +10960,9 @@ bgp_vty_init (void)
/* "show ip bgp summary" commands. */
install_element (VIEW_NODE, &show_bgp_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_summary_cmd);
install_element (ENABLE_NODE, &show_bgp_summary_cmd);
install_element (VIEW_NODE, &show_bgp_summary_1w_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_summary_1w_cmd);
install_element (ENABLE_NODE, &show_bgp_summary_1w_cmd);
install_element (VIEW_NODE, &show_bgp_ipv4_safi_summary_cmd);
@@ -10980,19 +10978,7 @@ bgp_vty_init (void)
install_element (VIEW_NODE, &show_bgp_ipv6_safi_summary_cmd);
install_element (VIEW_NODE, &show_bgp_instance_ipv6_summary_cmd);
install_element (VIEW_NODE, &show_bgp_instance_ipv6_safi_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_instance_ipv4_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_instance_ipv4_safi_summary_cmd);
-
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_vpn_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_encap_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_vpn_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_encap_summary_cmd);
-
- install_element (RESTRICTED_NODE, &show_bgp_instance_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_instance_ipv6_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_instance_ipv6_safi_summary_cmd);
+
install_element (ENABLE_NODE, &show_bgp_ipv4_safi_summary_cmd);
install_element (ENABLE_NODE, &show_bgp_instance_ipv4_summary_cmd);
install_element (ENABLE_NODE, &show_bgp_instance_ipv4_safi_summary_cmd);
@@ -11014,39 +11000,28 @@ bgp_vty_init (void)
install_element (VIEW_NODE, &show_bgp_neighbors_cmd);
install_element (VIEW_NODE, &show_bgp_neighbors_peer_cmd);
install_element (VIEW_NODE, &show_bgp_instance_neighbors_peer_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_neighbors_peer_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_instance_neighbors_peer_cmd);
install_element (ENABLE_NODE, &show_bgp_neighbors_cmd);
install_element (ENABLE_NODE, &show_bgp_neighbors_peer_cmd);
install_element (ENABLE_NODE, &show_bgp_instance_neighbors_peer_cmd);
install_element (VIEW_NODE, &show_bgp_instance_ipv6_neighbors_cmd);
install_element (VIEW_NODE, &show_bgp_instance_ipv6_neighbors_peer_cmd);
- install_element (RESTRICTED_NODE,
&show_bgp_instance_ipv6_neighbors_peer_cmd);
install_element (ENABLE_NODE, &show_bgp_instance_ipv6_neighbors_cmd);
install_element (ENABLE_NODE, &show_bgp_instance_ipv6_neighbors_peer_cmd);
/* "show ip bgp rsclient" commands. */
install_element (VIEW_NODE,
&show_bgp_instance_ipv4_safi_rsclient_summary_cmd);
install_element (VIEW_NODE, &show_bgp_ipv4_safi_rsclient_summary_cmd);
- install_element (RESTRICTED_NODE,
&show_bgp_instance_ipv4_safi_rsclient_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv4_safi_rsclient_summary_cmd);
install_element (ENABLE_NODE,
&show_bgp_instance_ipv4_safi_rsclient_summary_cmd);
install_element (ENABLE_NODE, &show_bgp_ipv4_safi_rsclient_summary_cmd);
install_element (VIEW_NODE, &show_bgp_rsclient_summary_cmd);
install_element (VIEW_NODE, &show_bgp_instance_rsclient_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_rsclient_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_instance_rsclient_summary_cmd);
install_element (ENABLE_NODE, &show_bgp_rsclient_summary_cmd);
install_element (ENABLE_NODE, &show_bgp_instance_rsclient_summary_cmd);
install_element (VIEW_NODE, &show_bgp_ipv6_rsclient_summary_cmd);
install_element (VIEW_NODE, &show_bgp_instance_ipv6_rsclient_summary_cmd);
install_element (VIEW_NODE,
&show_bgp_instance_ipv6_safi_rsclient_summary_cmd);
install_element (VIEW_NODE, &show_bgp_ipv6_safi_rsclient_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_rsclient_summary_cmd);
- install_element (RESTRICTED_NODE,
&show_bgp_instance_ipv6_rsclient_summary_cmd);
- install_element (RESTRICTED_NODE,
&show_bgp_instance_ipv6_safi_rsclient_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_safi_rsclient_summary_cmd);
install_element (ENABLE_NODE, &show_bgp_ipv6_rsclient_summary_cmd);
install_element (ENABLE_NODE, &show_bgp_instance_ipv6_rsclient_summary_cmd);
install_element (ENABLE_NODE,
&show_bgp_instance_ipv6_safi_rsclient_summary_cmd);
@@ -11092,12 +11067,10 @@ bgp_vty_init (void)
/* "show bgp memory" commands. */
install_element (VIEW_NODE, &show_bgp_memory_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_memory_cmd);
install_element (ENABLE_NODE, &show_bgp_memory_cmd);
/* "show bgp views" commands. */
install_element (VIEW_NODE, &show_bgp_views_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_views_cmd);
install_element (ENABLE_NODE, &show_bgp_views_cmd);
/* non afi/safi forms of commands */
@@ -11108,13 +11081,6 @@ bgp_vty_init (void)
install_element (VIEW_NODE, &show_ip_bgp_vpnv4_all_summary_cmd);
install_element (VIEW_NODE, &show_ip_bgp_vpnv4_rd_summary_cmd);
install_element (VIEW_NODE, &show_bgp_ipv6_summary_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_summary_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_instance_summary_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_ipv4_summary_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_instance_ipv4_summary_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_vpnv4_all_summary_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_vpnv4_rd_summary_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_summary_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_summary_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_instance_summary_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_ipv4_summary_cmd);
@@ -11132,11 +11098,6 @@ bgp_vty_init (void)
install_element (VIEW_NODE, &show_ip_bgp_vpnv4_rd_neighbors_peer_cmd);
install_element (VIEW_NODE, &show_ip_bgp_instance_neighbors_cmd);
install_element (VIEW_NODE, &show_ip_bgp_instance_neighbors_peer_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_neighbors_peer_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_ipv4_neighbors_peer_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_vpnv4_all_neighbors_peer_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_vpnv4_rd_neighbors_peer_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_instance_neighbors_peer_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_neighbors_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_ipv4_neighbors_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_neighbors_peer_cmd);
@@ -11149,7 +11110,6 @@ bgp_vty_init (void)
install_element (ENABLE_NODE, &show_ip_bgp_instance_neighbors_peer_cmd);
install_element (VIEW_NODE, &show_bgp_ipv6_neighbors_cmd);
install_element (VIEW_NODE, &show_bgp_ipv6_neighbors_peer_cmd);
- install_element (RESTRICTED_NODE, &show_bgp_ipv6_neighbors_peer_cmd);
install_element (ENABLE_NODE, &show_bgp_ipv6_neighbors_cmd);
install_element (ENABLE_NODE, &show_bgp_ipv6_neighbors_peer_cmd);
install_element (VIEW_NODE, &show_ipv6_bgp_summary_cmd);
@@ -11160,10 +11120,6 @@ bgp_vty_init (void)
install_element (VIEW_NODE, &show_ip_bgp_instance_rsclient_summary_cmd);
install_element (VIEW_NODE, &show_ip_bgp_ipv4_rsclient_summary_cmd);
install_element (VIEW_NODE, &show_ip_bgp_instance_ipv4_rsclient_summary_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_rsclient_summary_cmd);
- install_element (RESTRICTED_NODE,
&show_ip_bgp_instance_rsclient_summary_cmd);
- install_element (RESTRICTED_NODE, &show_ip_bgp_ipv4_rsclient_summary_cmd);
- install_element (RESTRICTED_NODE,
&show_ip_bgp_instance_ipv4_rsclient_summary_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_rsclient_summary_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_instance_rsclient_summary_cmd);
install_element (ENABLE_NODE, &show_ip_bgp_ipv4_rsclient_summary_cmd);
diff --git a/lib/command.c b/lib/command.c
index 8089360..8c8bf1b 100644
--- a/lib/command.c
+++ b/lib/command.c
@@ -79,12 +79,6 @@ static struct cmd_node view_node =
"%s> ",
};
-static struct cmd_node restricted_node =
-{
- RESTRICTED_NODE,
- "%s$ ",
-};
-
static struct cmd_node auth_enable_node =
{
AUTH_ENABLE_NODE,
@@ -2069,7 +2063,6 @@ cmd_try_do_shortcut (enum node_type node, char*
first_word) {
node != VIEW_NODE &&
node != AUTH_ENABLE_NODE &&
node != ENABLE_NODE &&
- node != RESTRICTED_NODE &&
0 == strcmp( "do", first_word ) )
return 1;
return 0;
@@ -2934,7 +2927,6 @@ DEFUN (config_exit,
{
case VIEW_NODE:
case ENABLE_NODE:
- case RESTRICTED_NODE:
if (vty_shell (vty))
exit (0);
else
@@ -2995,7 +2987,6 @@ DEFUN (config_end,
{
case VIEW_NODE:
case ENABLE_NODE:
- case RESTRICTED_NODE:
/* Nothing to do. */
break;
case CONFIG_NODE:
@@ -4149,7 +4140,6 @@ cmd_init (int terminal)
install_node (&enable_node, NULL);
install_node (&auth_node, NULL);
install_node (&auth_enable_node, NULL);
- install_node (&restricted_node, NULL);
install_node (&config_node, config_write_host);
/* Each node's basic commands. */
@@ -4166,16 +4156,6 @@ cmd_init (int terminal)
install_element (VIEW_NODE, &show_logging_cmd);
install_element (VIEW_NODE, &show_commandtree_cmd);
install_element (VIEW_NODE, &echo_cmd);
-
- install_element (RESTRICTED_NODE, &config_list_cmd);
- install_element (RESTRICTED_NODE, &config_exit_cmd);
- install_element (RESTRICTED_NODE, &config_quit_cmd);
- install_element (RESTRICTED_NODE, &config_help_cmd);
- install_element (RESTRICTED_NODE, &config_enable_cmd);
- install_element (RESTRICTED_NODE, &config_terminal_length_cmd);
- install_element (RESTRICTED_NODE, &config_terminal_no_length_cmd);
- install_element (RESTRICTED_NODE, &show_commandtree_cmd);
- install_element (RESTRICTED_NODE, &echo_cmd);
}
if (terminal)
@@ -4244,7 +4224,6 @@ cmd_init (int terminal)
install_element (VIEW_NODE, &show_thread_cpu_cmd);
install_element (ENABLE_NODE, &show_thread_cpu_cmd);
- install_element (RESTRICTED_NODE, &show_thread_cpu_cmd);
install_element (ENABLE_NODE, &clear_thread_cpu_cmd);
install_element (VIEW_NODE, &show_work_queues_cmd);
diff --git a/lib/command.h b/lib/command.h
index 6a20e23..0f044c8 100644
--- a/lib/command.h
+++ b/lib/command.h
@@ -63,7 +63,6 @@ struct host
enum node_type
{
AUTH_NODE, /* Authentication mode of vty interface. */
- RESTRICTED_NODE, /* Restricted view mode */
VIEW_NODE, /* View node. Default mode of vty interface. */
AUTH_ENABLE_NODE, /* Authentication mode for change enable. */
ENABLE_NODE, /* Enable node. */
diff --git a/lib/memory.c b/lib/memory.c
index 269520d..aacff83 100644
--- a/lib/memory.c
+++ b/lib/memory.c
@@ -422,8 +422,6 @@ DEFUN (show_memory,
void
memory_init (void)
{
- install_element (RESTRICTED_NODE, &show_memory_cmd);
-
install_element (VIEW_NODE, &show_memory_cmd);
install_element (ENABLE_NODE, &show_memory_cmd);
diff --git a/lib/vty.c b/lib/vty.c
index e4510f8..59ba398 100644
--- a/lib/vty.c
+++ b/lib/vty.c
@@ -83,10 +83,6 @@ static int vty_config;
/* Login password check. */
static int no_password_check = 0;
-/* Restrict unauthenticated logins? */
-static const u_char restricted_mode_default = 0;
-static u_char restricted_mode = 0;
-
/* Integrated configuration file path */
char integrate_default[] = SYSCONFDIR INTEGRATE_DEFAULT_CONFIG;
@@ -388,7 +384,7 @@ vty_auth (struct vty *vty, char *buf)
/* AUTH_ENABLE_NODE */
vty->fail = 0;
vty_out (vty, "%% Bad enable passwords, too many failures!%s",
VTY_NEWLINE);
- vty->node = restricted_mode ? RESTRICTED_NODE : VIEW_NODE;
+ vty->status = VTY_CLOSE;
}
}
}
@@ -726,7 +722,6 @@ vty_end_config (struct vty *vty)
{
case VIEW_NODE:
case ENABLE_NODE:
- case RESTRICTED_NODE:
/* Nothing to do. */
break;
case CONFIG_NODE:
@@ -1139,7 +1134,6 @@ vty_stop_input (struct vty *vty)
{
case VIEW_NODE:
case ENABLE_NODE:
- case RESTRICTED_NODE:
/* Nothing to do. */
break;
case CONFIG_NODE:
@@ -1693,9 +1687,7 @@ vty_create (int vty_sock, union sockunion *su)
strcpy (vty->address, buf);
if (no_password_check)
{
- if (restricted_mode)
- vty->node = RESTRICTED_NODE;
- else if (host.advanced)
+ if (host.advanced)
vty->node = ENABLE_NODE;
else
vty->node = VIEW_NODE;
@@ -2844,26 +2836,6 @@ DEFUN (no_vty_login,
return CMD_SUCCESS;
}
-/* initial mode. */
-DEFUN (vty_restricted_mode,
- vty_restricted_mode_cmd,
- "anonymous restricted",
- "Restrict view commands available in anonymous, unauthenticated vty\n")
-{
- restricted_mode = 1;
- return CMD_SUCCESS;
-}
-
-DEFUN (vty_no_restricted_mode,
- vty_no_restricted_mode_cmd,
- "no anonymous restricted",
- NO_STR
- "Enable password checking\n")
-{
- restricted_mode = 0;
- return CMD_SUCCESS;
-}
-
DEFUN (service_advanced_vty,
service_advanced_vty_cmd,
"service advanced-vty",
@@ -2962,14 +2934,6 @@ vty_config_write (struct vty *vty)
if (no_password_check)
vty_out (vty, " no login%s", VTY_NEWLINE);
- if (restricted_mode != restricted_mode_default)
- {
- if (restricted_mode_default)
- vty_out (vty, " no anonymous restricted%s", VTY_NEWLINE);
- else
- vty_out (vty, " anonymous restricted%s", VTY_NEWLINE);
- }
-
vty_out (vty, "!%s", VTY_NEWLINE);
return CMD_SUCCESS;
@@ -3082,8 +3046,6 @@ vty_init (struct thread_master *master_thread)
/* Install bgp top node. */
install_node (&vty_node, vty_config_write);
- install_element (RESTRICTED_NODE, &config_who_cmd);
- install_element (RESTRICTED_NODE, &show_history_cmd);
install_element (VIEW_NODE, &config_who_cmd);
install_element (VIEW_NODE, &show_history_cmd);
install_element (ENABLE_NODE, &config_who_cmd);
@@ -3104,12 +3066,8 @@ vty_init (struct thread_master *master_thread)
install_element (VTY_NODE, &no_vty_access_class_cmd);
install_element (VTY_NODE, &vty_login_cmd);
install_element (VTY_NODE, &no_vty_login_cmd);
- install_element (VTY_NODE, &vty_restricted_mode_cmd);
- install_element (VTY_NODE, &vty_no_restricted_mode_cmd);
-#ifdef HAVE_IPV6
install_element (VTY_NODE, &vty_ipv6_access_class_cmd);
install_element (VTY_NODE, &no_vty_ipv6_access_class_cmd);
-#endif /* HAVE_IPV6 */
}
void
--
1.9.1
_______________________________________________
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev
