Old "problem" with backquote and Mikrotik-Rate-Limit (fixed)

Rafael Labiak Olivastro rolivastro at hotmail.com
Fri Sep 28 14:34:23 CEST 2018


Hello Alan,

I was facing a problem with backquotes and the Mikrotik-Rate-Limit atribute, this problem happened when I put  something like “%{sql: select....}” in the attribute´s value, everything worked fine BUT in the final result the backquotes is not removed, causing problems in the NAS.

Well, at first sight I thought that was a FreeRadius problem, BUT it wasn´t. FreeRadius is so well forged that sometimes we need to do a deep dive into it to figure out how to overcome some “problems”.

So, this is what I did to “fix” this, note that NOTHING WAS CHANGED in FreeRadius source code, just the CONFIGURATION was done to adapt everything.

1 – Create a new file called “/usr/bin/echo2” with following contents and make it executable (chmod 755 /usr/sbin/echo2):

#!/bin/bash
echo $1 | sed -r "s/\`//g"

2 – Edit file /etc/raddb/sites-available/default and ADD the following in the post-auth section:

        if (reply:Mikrotik-Rate-Limit =~ /.*\`$/i) {
            update reply {
                &Mikrotik-Rate-Limit := `/usr/bin/echo2 %{0}`
            }
        }

3 – Restart radius.

So, the “1” is just a way to execute echo and sed together, because “inside” the FreeRadius conf this doesn´t work, number “2” just identify where exist backquotes in the EXPANSION of the atribute, and, in afirmative case, remove they.

SO SIMPLE....

Again, thanks a lot for the work with FreeRadius, you and your team deserve all my respects.

Best regards,

Rafael Labiak Olivastro
http://www.vigo.com.br




More information about the Freeradius-Users mailing list