User guide
16-18 E
XTREME
W
ARE
S
OFTWARE
U
SER
G
UIDE
A
CCESS
P
OLICIES
P
ERMIT
AND
D
ENY
E
NTRIES
If you have configured the access profile mode to be
none
, you must specify each entry
type as either ‘permit’ or ‘deny’. If you do not specify the entry type, it is added as a
permit entry. If you have configured the access profile mode to be
permit
or
deny
, it is
not necessary to specify a type for each entry.
A
UTONOMOUS
S
YSTEM
E
XPRESSIONS
The
AS-path
keyword uses a regular expression string to match against the AS path.
Regular expression notation can include any of the characters listed in Table 16- 2.
D
ELETING
AN
A
CCESS
P
ROFILE
E
NTRY
To delete an access profile entry, use the following command:
config access-profile <access_profile> delete <seq_number>
A
PPLYING
A
CCESS
P
ROFILES
Once the access profile is defined, apply it to one or more routing protocols or VLANs.
When an access profile is applied to a protocol function (for example, the export of RIP
routes) or a VLAN, this forms an access policy. A profile can be used by multiple
routing protocol functions or VLANs, but a protocol function or VLAN can use only
one access profile.
Table 16-2: Regular Expression Notation
Character Definition
[,] Specifies a range of numbers to be matched.
. Matches any number
^ Matches the beginning of the AS path
$ Matches the end of the AS path
– Matches the beginning or end, or a space
- Separates the beginning and end of a range
of numbers
* Matches 0 or more instances
+ Matches 1 or more instances
? Matches 0 or 1 instance