I have modified
confd/examples.confd/dp/find_next/ports.yang
adding taif:hidden full;
(attached updated_ports.yang
)
when i do make query
,which calls
netconf-console --get -x ‘/port[slot>2]/status’
I get the response
Showing the port numbers ,but only the status field is hidden
I expect here even the query to port to fail , I wish hide everything in the list element from the netconf client …
Also tried
netconf-console --get -x ‘/’
This works as expected, i.e the port list or its contents are not visible at all .
Hi ascesh,
Try add something like below to your nacm config:
<config xmlns="http://tail-f.com/ns/config/1.0">
<nacm xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-acm">
<rule-list>
<name>any-group</name>
<rule>
<name>deny-ports</name>
<path>/port</path>
<action>deny</action>
</rule>
</rule-list>
</nacm>
</config>
Now we try to get something from the port list as the user ‘oper’:
$ netconf-console -u oper -p oper --get -x '/port[slot>2]/status
<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1">
<data/>
</rpc-reply>