Log entry time 11:41:59 on December 12, 2011

Entry number 359748

Someone (Ole, Alex?) has to compile a list of Hall A IP addresses and verify that they are on the exclusion list. Jack may have a useful list already available. The exclusion list should include:

• all coda machines
• all ROCs, IOCs
• all portservers
• hacweb5 (which is running the HV backend for the beamline crate)
• any machine running the java HV gui (I see connections to the GUI from the scanning subnet).

It would be reasonable to tell the kernel drop connections from the scanning subnet on the adaq machines. I did this on hacweb5 a while back since I have root on that machine. I do not have root on the rest of the adaq cluster though. The command is:

iptables -A INPUT -s 129.57.71.0/24 -j DROP
/etc/init.d/iptables save

It may be that only one or two IPs are missing from the list and we got unlucky with the HV GUI, but this needs to be verified.