beautypg.com

Mac address filter logging command syntax, Configuring mac filter accounting – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 250

background image

MAC address filter logging command syntax

To configure MAC address filter logging globally, enter the following CLI commands at the global
CONFIG level.

device(config)#mac filter log-enable

device(config)#write memory

Syntax: [no] mac filter log-enable

To configure MAC address filter logging for MAC address filters applied to ports 1 and 3, enter the
following CLI commands.

device(config)#int ethernet 1

device(config-if-e1000-1)#mac filter-group log-enable

device(config-if-e1000-1)#int ethernet 3

device(config-if-e1000-3)#mac filter-group log-enable

device(config-if-e1000-3)#write memory

Syntax: [no] mac filter-group log-enable

Configuring MAC filter accounting

Steps to configure and display Layer 2 MAC filter accounting

1. To enable ACL accounting on a Layer 2 MAC filter, use the mac filter in the global configuration

mode.

2. To display MAC accounting information, use the show access list accounting command. The

accounting statistics is collected every five seconds and is synchronized to standby unit every one
minute.

device#show access-list accounting ethernet 3/1/2 in

MAC Filters Accounting Information

0: DA ANY SA 0000.0000.0001 - MASK FFFF.FFFF.FFFF

action to take : DENY

Hit Count: (1Min) 0 (5Sec) 0

(PktCnt) 0 (ByteCnt) 0

-------------------------------------------------------

65535: Implicit Rule deny any any

Hit Count: (1Min) 5028 (5Sec) 2129

(PktCnt) 5028 (ByteCnt) 643584

--------------------------------------------------------

3. To clear ACL accounting statistics for ACLs configured, choose one of the following options.

• For ACLs configured on a specific interface, use the clear access list accounting command in

the global configuration mode.

• For all ACLs configured in the device, use the clear access list accounting all command in the

global configuration mode.

device(config)#clear access-list accounting ethernet 1/5 in

device(config)#clear access list accounting all

The following example shows MAC filter "10" on which ACL accounting is
enabled.

device(config)#mac filter 10 enable-accounting

MAC address filter logging command syntax

250

FastIron Ethernet Switch Security Configuration Guide

53-1003088-03

See also other documents in the category Brocade Computer Accessories: