This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
network:mac_address_filtering [2012/04/09 16:34] walter [White-list Policies] |
network:mac_address_filtering [2021/05/02 21:36] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== MAC Address Whitelist ====== | ||
+ | |||
====== White-list Policies ====== | ====== White-list Policies ====== | ||
- Only ACM members can be added to the white-list permanently | - Only ACM members can be added to the white-list permanently | ||
- Guest access can be given out temporarily for events | - Guest access can be given out temporarily for events | ||
- Devices must be registered using the users account name | - Devices must be registered using the users account name | ||
- | - Everyone must fill out the network registration form {{:network-application-04-09-12.odt|}} | + | - Everyone must fill out the network registration form {{:network-application-11-02-12.odt|}} |
====== Managing the white-list ====== | ====== Managing the white-list ====== | ||
Line 9: | Line 11: | ||
Management of the LAN/WLAN white-list is done using a script called mac_filter | Management of the LAN/WLAN white-list is done using a script called mac_filter | ||
- | - SSH into dvorak.cs.uic.edu/dvorak.acm.cs | + | - SSH into acm.cs.uic.edu/chopin.acm.cs |
- Run the mac_filter command as root with sudo ie "sudo mac_filter -opts" | - Run the mac_filter command as root with sudo ie "sudo mac_filter -opts" | ||
- | - Use the -h flag for instructions | + | - Use the -h flag for check the **current** command instructions |
- The command will automatically add that user to the white-list, regenerate the list for the DHCP server, and then restart it. | - The command will automatically add that user to the white-list, regenerate the list for the DHCP server, and then restart it. | ||
+ | |||
+ | ====== Banning a user ====== | ||
+ | |||
+ | People given DHCP admin access have the ability to ban user accounts that our on the whitelist, but **ONLY** if they broken the network usage rules listed on the network access form or if they are not longer eligible for access as deemed so by the ACM officers. | ||
+ | |||
+ | __ACM officers and systems admins are to be informed of infractions.__ | ||
+ | |||
+ | Ban a user | ||
+ | <code> | ||
+ | sudo mac_filter -B <user_name> | ||
+ | </code> | ||
+ | |||
+ | __Un-banning is to be decided on by the ACM Officers/SysAdmin__ | ||
+ | |||
+ | Un-ban a user | ||
+ | <code> | ||
+ | sudo mac_filter -W | ||
+ | </code> | ||
====== Giving a non Admin white-list permissions ====== | ====== Giving a non Admin white-list permissions ====== | ||
Line 21: | Line 41: | ||
- Add then to the group ACMDHCPAdmins | - Add then to the group ACMDHCPAdmins | ||
- They now have access to edit the white-list | - They now have access to edit the white-list | ||
+ | |||
+ | ====== Notes on temp access ====== | ||
+ | |||
+ | * Non-members get temp network access via the 'temp' account used with the command | ||
+ | * Temp access is good until 1am Monday of every week, the list is cleared automatically | ||
+ | * Non-members must reapply for access after each event | ||