Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?




Hierarchy Level


Enable additive logic (that is, deny by default / allow some as specified) to be used in regular expressions in the allow-configuration-regexps and deny-configuration-regexps statements at the [edit system login class class-name] hierarchy level.

When you enable additive logic, the allow-configuration-regexps statement takes precedence over the deny-configuration-regexps statement. Thus, if you configure the regex-additive-logic statement and the same configuration hierarchy is referenced in both the allow-configuration-regexps statement and the deny-configuration-regexps statement, then the configuration hierarchy is allowed. If you do not configure the regex-additive-logic, then the same hierarchy would be denied in this case because the deny-configuration-regexps statement takes precedence by default.


By default, this statement is disabled; the deny-configuration-regexps statement takes precedence over the allow-configuration-regexps statement.

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 16.1.