I'm currently testing a software based AAA(authentication, authorization, accounting) server from http://www.tacacs.net/ and this requires me to use regular expression to authorize specific Cisco commands when users are logged in to our switches.
I'm very new to regular expression and I need help to make the "authorization" part of this AAA server works. I've been searching the Internet and trying different syntax of regular expression for XML but I was unsuccessful.
What I'm trying do is, match the exact command "show running-config interface fasthethernet 1/0/1".(the "1/0/1" entry is up to "1/0/52"). Also, I would like to match the same command when the user type the shortcut method like "sh run int fa1/0/1". If I could make this work, I could apply the same syntax to other commands that I would like to either permit or deny.
If someone could give me an idea how I can make it work, I would appreciate. I attached the authorization.xml file and if you need additional information, just let me know. Based on the attached file, the <Shell> </Shell> section is what I'm working on:
<!--note that the login and exit commands are always permitted-->
<Permit>configure terminal</Permit> <Permit/>