318 PowerConnect B-Series FCX Configuration Guide
Defining MAC address filters
When a MAC address filter is applied to or removed from an interface, a Syslog message such as
the following is generated.
SYSLOG: <14>Jan 1 00:00:00 MAC Filter applied to port 0/1/2 by tester
from telnet session (filter id=5 ).
SYSLOG: <14>Jan 1 00:00:00 MAC Filter removed from port 0/1/2 by tester
from telnet session (filter id=5 ).
The Syslog messages indicate that a MAC address filter was applied to the specified port by the
specified user during the specified session type. Session type can be Console, Telnet, SSH, Web,
SNMP, or others. The filter IDs that were added or removed are listed.
Enabling logging of management traffic permitted by MAC address
You can configure the Dell PowerConnect device to generate Syslog entries and SNMP traps for
management traffic that is permitted by MAC address filters. Management traffic applies to
packets that are destined for the CPU, such as control packets. You can enable logging of
permitted management traffic on a global basis or an individual port basis.
The first time an entry in a MAC address filter permits a management packet and logging is
enabled for that entry, the software generates a Syslog message and an SNMP trap. Messages for
management packets permitted by MAC address filters are at the warning level of the Syslog.
When the first Syslog entry for a management packet permitted by a MAC address filter is
generated, the software starts a five-minute timer. After this, the software sends Syslog messages
every five minutes. The messages list the number of management packets permitted by each MAC
address filter during the previous five-minute interval. If a MAC address filter does not permit any
packets during the five-minute interval, the software does not generate a Syslog entry for that MAC
address filter.
For a MAC address filter to be eligible to generate a Syslog entry for permitted management packets,
logging must be enabled for the filter. The Syslog contains entries only for the MAC address filters
that permit packets and have logging enabled.
When the software places the first entry in the log, the software also starts the five-minute timer for
subsequent log entries. Thus, five minutes after the first log entry, the software generates another
log entry and SNMP trap for permitted management packets.
Command syntax
To configure MAC address filter logging globally, enter the following CLI commands at the global
CONFIG level.
PowerConnect(config)#mac filter log-enable
PowerConnect(config)#write memory
Syntax: [no] mac filter log-enable
To configure MAC address filter logging for MAC address filters applied to ports 1 and 3, enter the
following CLI commands.