User Tools

Site Tools


network:mac_address_filtering

MAC Address Whitelist

White-list Policies

  1. Only ACM members can be added to the white-list permanently
  2. Guest access can be given out temporarily for events
  3. Devices must be registered using the users account name
  4. Everyone must fill out the network registration form network-application-11-02-12.odt

Managing the white-list

Management of the LAN/WLAN white-list is done using a script called mac_filter

  1. SSH into acm.cs.uic.edu/chopin.acm.cs
  2. Run the mac_filter command as root with sudo ie “sudo mac_filter -opts”
  3. Use the -h flag for check the current command instructions
  4. The command will automatically add that user to the white-list, regenerate the list for the DHCP server, and then restart it.

Banning a user

People given DHCP admin access have the ability to ban user accounts that our on the whitelist, but ONLY if they broken the network usage rules listed on the network access form or if they are not longer eligible for access as deemed so by the ACM officers.

ACM officers and systems admins are to be informed of infractions.

Ban a user

sudo mac_filter -B <user_name>

Un-banning is to be decided on by the ACM Officers/SysAdmin

Un-ban a user

sudo mac_filter -W 

Giving a non Admin white-list permissions

  1. Log onto the ACM Windows Server
  2. Find that users account and move them into the Admins OU located inside the PAID OU
  3. Right click→add to group
  4. Add then to the group ACMDHCPAdmins
  5. They now have access to edit the white-list

Notes on temp access

  • Non-members get temp network access via the 'temp' account used with the command
  • Temp access is good until 1am Monday of every week, the list is cleared automatically
  • Non-members must reapply for access after each event
network/mac_address_filtering.txt · Last modified: 2021/05/02 21:36 (external edit)