Hi Mehul.
the way you detect "Accounting ON/OFF" in pmacct affects possible
recommendations. Same applies to other preconditions/requirements you may have.
If we don't need to care about them I would think you can filter out all IPs
that you don't want accounting enabled for - this assumes there is no dynamic
assignment from users to IP addresses.
With such a dynamic assignment a solution could be: assign the user groups
("accounting on" vs "accounting off") different IP blocks and have pmacct
collect the data only for the IP block for users with "accounting on".
In case your situation is more complicated and you can't take one of these ways
it is helpful to know how you "receive some event i.e. Accounting ON in PMacct"
and process it. Depending on if you're allowed to keep data about users with
"accounting off" you also may solve it on MySQL side (presuming this is your
data store). Receiving an "accounting on" you put the user/IP address for it in
table1. Accounting data for this IP address is only stored in table2 if an
appropriate entry in table1 is there. Receiving an "accounting off" you remove
user/IP address for it in table1 and if required all appropriate entries from
table2. This behavior should be possible with DB triggers / helper table.
Regards,
Mario
From: pmacct-discussion [mailto:[email protected]] On Behalf
Of Mehul Prajapati
Sent: Tuesday, July 26, 2016 11:48 AM
To: [email protected]
Subject: Re: [pmacct-discussion] Dynamic filtering of packets
Hi Mario,
Remote Authentication Dial-In User Service (RADIUS) is a networking
protocol<https://en.wikipedia.org/wiki/Communications_protocol> that provides
centralized Authentication, Authorization, and Accounting
(AAA<https://en.wikipedia.org/wiki/AAA_protocol>) management for users who
connect and use a network service.
You can ignore the RADIUS decoding part.
Requirement:
I want to do accounting for only selective users/IP addresses.
Let say, I receive some event i.e. Accounting ON in PMacct. Now, processing
this event, I want to start accounting for only this IP address/user.
After some time, I receive Accounting OFF event in PMacct. Now, processing this
event, I want to stop accounting for only this IP address/user.
Is there any mechanism to achieve it ?
From: pmacct-discussion [mailto:[email protected]] On Behalf
Of Jentsch, Mario
Sent: Tuesday, July 26, 2016 2:55 PM
To: [email protected]<mailto:[email protected]>
Subject: Re: [pmacct-discussion] Dynamic filtering of packets
Hi Mehul,
> I have explored about "refresh_maps" config key.
> If I use it, then I need to make changes in map file at run time.
that is working fine in one of our setups. We detect changes in the network,
re-create the map file and have the daemon reload it without restart.
> But, I want to make filtering such that changes reside in memory only.
That sounds like you need to patch pmacct what IMHO is the least best solution.
> I am decoding RADIUS packet in PMacct at run-time. Therefore, I
> want to make account filtering after decoding RADIUS packet data.
Can you show us your configuration for that?
> I have looked into code and there is not handler for DELETE query in mysql.
> I want to delete records from code itself when Accounting OFF is received.
I think you need to create your own plugin for such actions based on collected
data.
> Would you suggest any other suitable way?
Right now I can't - have to admit that I don't understand your use case and
what your RADIUS packets are :\
Regards,
Mario
From: pmacct-discussion [mailto:[email protected]] On Behalf
Of Mehul Prajapati
Sent: Tuesday, July 26, 2016 10:27 AM
To: [email protected]<mailto:[email protected]>
Subject: Re: [pmacct-discussion] Dynamic filtering of packets
Hi,
Thanks for your inputs.
1) I have explored about "refresh_maps" config key.
If I use it, then I need to make changes in map file at run time.
But, I want to make filtering such that changes reside in memory only.
I am decoding RADIUS packet in PMacct at run-time. Therefore, I want to make
account filtering after decoding RADIUS packet data.
2) I have looked into code and there is not handler for DELETE query in
mysql.
I want to delete records from code itself when Accounting OFF is received.
Would you suggest any other suitable way?
From: pmacct-discussion [mailto:[email protected]] On Behalf
Of Jentsch, Mario
Sent: Tuesday, July 26, 2016 12:46 PM
To: [email protected]<mailto:[email protected]>
Subject: Re: [pmacct-discussion] Dynamic filtering of packets
Hi Mehul,
> Is there any mechanism available such that I can apply tagging and
> filtering at run time after decoding of RADIUS packet ?
Have a look at the "refresh_maps" config key. You can update your map at run
time and have pmacct reload it by sending SIGUSR2.
> After decoding, is there any way to remove records from database
> at run time ?
Depends on the used database. With an SQL one you can, with a memory table not.
I would consider to evaluate the "Accounting ON/OFF" flag when creating the
report.
Regards,
Mario
From: pmacct-discussion [mailto:[email protected]] On Behalf
Of Mehul Prajapati
Sent: Tuesday, July 26, 2016 8:43 AM
To: [email protected]<mailto:[email protected]>
Subject: [pmacct-discussion] Dynamic filtering of packets
Hi,
I have one Query regarding to Dynamic filtering and aggregation
Requirements:
1) Account for only those IP addresses/users for which Accounting ON
request is received in RADIUS packet
2) Purge records from database for which Accounting OFF request is
received in RADIUS packet
I have explored pre-tagging section of PMacct.
According to my understanding, it takes filtering from configuration file once
and afterwards filtering remains same at run time.
I am decoding and processing RADIUS packet at run time.
1. Is there any mechanism available such that I can apply tagging and
filtering at run time after decoding of RADIUS packet ?
2. After decoding, is there any way to remove records from database at
run time ?
Regards,
Mehul
Mehul Prajapati
Mehul Prajapati
Mehul Prajapati
_______________________________________________
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists
