I've been trying to figure out recently if it's at all possible to write the
flow exporter's IP address into the database (I'm using MySQL for the PoC but
may end up using something different). The reason for this is that I'm
intending to create a database with a front-end that separate organisations
will login and check their organisations usage/flows, etc. The organisation
will only be allowed to view their associated flow exporters, and their traffic
is segregated off from the other organisations.
As it currently stands, this is possible with the pretag maps and aggregating
by tag + other primitives, so I can allocate an ID or label to each exporter;
however it does complicate matters as I'm going to need to find a way to pass
this information from the web frontend, down to the pretag file and then
presumably reload the daemon. The main people that are going to be
administering this are going to be helpdesk people, so I'd rather not grant
them access to modify this file directly and instead give them a nice front-end
where they can just add an IP address for the organisation's access list.
I feel like I'm missing something, or I'm just not thinking about the solution
correctly. Any suggestions are very welcome.
pmacct-discussion mailing list