FreeRADIUS 2.X.X small functionality extensions

Herwin Weststrate herwin at
Wed Jun 4 16:19:07 CEST 2014

There are often more ways to reach a goal, I think this e-mail is a nice
example of this.

On 04-06-14 15:39, Kostas Zorbadelos wrote:
> One of our requirements in authentication/authorization is DSLAM port
> checking. The port info comes in NAS-Port-Id in our case and can be
> extracted in a normalized form with a regular expression. The problem
> was that FreeRADIUS provided in variables only the first 8 matching
> groups in %{0}..%{8}, whereas in our setup we needed up until %{12} to
> get the port information.

The standard trick to do this (often used with mod_rewrite in the Apache
HTTP server) is to do the rewriting in multiple steps. Disadvantage here
is that unlang doesn't have a while-statement, so we'd have to know
beforehand how many matches we expect.

> - make available a new xlat function tonumber() to translate strings as
>   numbers   
> In our case the port info coming from the regular expression is a string
> of the form 15243:1/1/02/04 and we want to transform it to
> 15243:1/1/2/4. 

This is about the same as matching (.*?)0*(\d+)(.*) and overwriting the
value with "%{1}%{2}%{3}".

When more flexibility is required, it's pretty easy to do a call to
rlm_perl (rlm_python works probably just as good, but I've never tried
that). It's pretty easy to work them up from the examples that are given
in the default config.

Herwin Weststrate

More information about the Freeradius-Users mailing list