network:mac_address_filtering
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
network:mac_address_filtering [2010/03/31 20:52] walter |
network:mac_address_filtering [2021/05/02 21:36] (current) |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | Log on to amadaeus | + | ====== MAC Address Whitelist ====== |
| + | ====== White-list Policies ====== | ||
| + | - Only ACM members can be added to the white-list permanently | ||
| + | - Guest access can be given out temporarily for events | ||
| + | - Devices must be registered using the users account name | ||
| + | - Everyone must fill out the network registration form {{:network-application-11-02-12.odt|}} | ||
| - | This file is just a description of each mac address. | + | ====== Managing the white-list ====== |
| - | edit C:\calloutddl\macs.txt | + | |
| - | edit C:\calloutdll\MAClist.txt | + | Management of the LAN/WLAN white-list is done using a script called mac_filter |
| - | This is the actual file that has the mac address. **Lower case** is important here. | + | - SSH into acm.cs.uic.edu/chopin.acm.cs |
| + | - Run the mac_filter command as root with sudo ie "sudo mac_filter -opts" | ||
| + | - Use the -h flag for check the **current** command instructions | ||
| + | - The command will automatically add that user to the white-list, regenerate the list for the DHCP server, and then restart it. | ||
| - | \\ | + | ====== Banning a user ====== |
| - | Entries should follow this syntax, | + | People given DHCP admin access have the ability to ban user accounts that our on the whitelist, but **ONLY** if they broken the network usage rules listed on the network access form or if they are not longer eligible for access as deemed so by the ACM officers. |
| - | ''[mac address] - [persons full name] - [type of machine] (optional) - [machine name]'' | + | |
| - | \\ | + | __ACM officers and systems admins are to be informed of infractions.__ |
| - | In the server manager (AMADEUS) >> Configuration >> Services | + | Ban a user |
| + | <code> | ||
| + | sudo mac_filter -B <user_name> | ||
| + | </code> | ||
| + | |||
| + | __Un-banning is to be decided on by the ACM Officers/SysAdmin__ | ||
| + | |||
| + | Un-ban a user | ||
| + | <code> | ||
| + | sudo mac_filter -W | ||
| + | </code> | ||
| + | |||
| + | ====== Giving a non Admin white-list permissions ====== | ||
| + | |||
| + | - Log onto the ACM Windows Server | ||
| + | - Find that users account and move them into the Admins OU located inside the PAID OU | ||
| + | - Right click->add to group | ||
| + | - Add then to the group ACMDHCPAdmins | ||
| + | - They now have access to edit the white-list | ||
| + | |||
| + | ====== Notes on temp access ====== | ||
| + | |||
| + | * Non-members get temp network access via the 'temp' account used with the command | ||
| + | * Temp access is good until 1am Monday of every week, the list is cleared automatically | ||
| + | * Non-members must reapply for access after each event | ||
| - | rigth click DHCP Server >> Restart | ||
network/mac_address_filtering.1270068725.txt.gz · Last modified: 2021/05/02 21:36 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
