netflow per connection

Igor Smitran igor at
Tue Aug 15 18:21:44 CEST 2006

> Peter Nixon <listuser at> wrote:
>> Aside from tinkering with FreeRADIUS code (and running a large number of
>> production servers) I also tinker with and run pmacct which I highly
>> recommend as a netflow/sflow solution. We have a number of deployments of
>> both on the same Postgresql backend and as long as your DB server is 
>> specced
>> correctly you shouldn't have any trouble.
>  That looks like a fantastic tool, which should be mentioned in the
> FAQ, as "how to get protocol-specific accounting information".
>  I we were suckers for punishment, we could write a radius plugin for
> pmacct, so that the RADIUS server could see that traffic, too.  But
> it's probably better to integrate things at the DB layer, rather than
> the protocol layer.
>  Alan DeKok.

It would be good to have all data imidiately accessible, that way one can 
use exec-wait and do accounting imidiately upon disconnect? Or am i missing 
the point? :)

i am just trying to share some ideas and do some brain storming. My idea was 
something like this:
1. user tries to authenticate
2. radius authenticates user and starts accounting
3. radius pulls netflow data for particular IP in some time intervals and 
inserts those into some database table

I am not very familiar with freeradius. I've seted it up to do what i want 
but don't have time to learn more :( so if i am missing the point please let 
me know :)


More information about the Freeradius-Users mailing list