> I vision a nested tree of matches (acl) and operators
> (allow/deny/refresh_pattern/outgoing_ip/tos/no-cache/ignore-xxx/deny_info/logmessage/peergroup/...).
>
> But it requires a different parser which is not single line oriented as
> you can not express a tree on a single line in a meaningful manner..
>
>
> request_access {
> if [!]acls.. {
> if [!]acls.. {
> ...
> }
> ...
> accept
> }
> deny
> }
YES please..
I'm quite familiar with the JunOS ACL format and it resembes this
pretty closely, it's very flexible..
--
/kinkie
