====== MAC Address Whitelist ======

====== White-list Policies ======
  - Only ACM members can be added to the white-list permanently 
  - Guest access can be given out temporarily for events
  - Devices must be registered using the users account name
  - Everyone must fill out the network registration form {{:network-application-11-02-12.odt|}}

====== Managing the white-list ======

Management of the LAN/WLAN white-list is done using a script called mac_filter

  - SSH into acm.cs.uic.edu/chopin.acm.cs
  - Run the mac_filter command as root with sudo ie "sudo mac_filter -opts"
  - Use the -h flag for check the **current** command instructions
  - The command will automatically add that user to the white-list, regenerate the list for the DHCP server, and then restart it.

====== Banning a user ======

People given DHCP admin access have the ability to ban user accounts that our on the whitelist, but **ONLY** if they broken the network usage rules listed on the network access form or if they are not longer eligible for access as deemed so by the ACM officers. 

__ACM officers and systems admins are to be informed of infractions.__

Ban a user
<code>
sudo mac_filter -B <user_name>
</code>

__Un-banning is to be decided on by the ACM Officers/SysAdmin__

Un-ban a user
<code>
sudo mac_filter -W 
</code>

====== Giving a non Admin white-list permissions ======

  - Log onto the ACM Windows Server
  - Find that users account and move them into the Admins OU located inside the PAID OU
  - Right click->add to group
  - Add then to the group ACMDHCPAdmins
  - They now have access to edit the white-list

====== Notes on temp access ======

  * Non-members get temp network access via the 'temp' account used with the command
  * Temp access is good until 1am Monday of every week, the list is cleared automatically
  * Non-members must reapply for access after each event