Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Default rule set

The vRouter is preconfigured with a default rule set for RBAC. The following example shows the default rule set in RBAC.
super@vyatta# show system acm
 create-default deny
 delete-default deny
 enable
 exec-default allow
 operational-ruleset {
     rule 9988 {
         action deny
         command /show/configuration
         group vyattaop
     }
     rule 9989 {
         action allow
         command "/clear/*"
         group vyattaop
     }
     rule 9990 {
         action allow
         command "/show/*"
         group vyattaop
     }
     rule 9991 {
         action allow
         command "/monitor/*"
         group vyattaop
     }
     rule 9992 {
         action allow
         command "/ping/*"
         group vyattaop
     }
     rule 9993 {
         action allow
         command "/reset/*"
         group vyattaop
     }
     rule 9994 {
         action allow
         command "/release/*"
         group vyattaop
     }
     rule 9995 {
         action allow
         command "/renew/*"
         group vyattaop
     }
     rule 9996 {
         action allow
         command "/telnet/*"
         group vyattaop
     }
     rule 9997 {
         action allow
         command "/traceroute/*"
         group vyattaop
     }
     rule 9998 {
         action allow
         command "/update/*"
         group vyatta-op
     }
     rule 9999 {
         action deny
         command "*"
         group vyattaop
     }
 }
 read-default allow
 ruleset {
     rule 9999 {
         action allow
         group vyattacfg
         operation "*"
         path "*"
     }
 }
 update-default deny
}