Operators can create a file called /batm/config/ip_ban_whitelist that contains comma-separated values of IP addresses or masks. The owner and group for the file is batm. It will be automatically implemented after 30 seconds.
Normally, when a user fails to enter the correct password 5 times while logging in to CAS, they get banned for 24 hours and their IP address is also banned.
However, if the user's IP address matches an address or mask in the whitelist file, then their IP address will not be banned and other users will still be able to log in.