Unlang Syntax
Many new unlang keywords have been added.
Data type casts have changed from <ipaddr> … to (ipaddr) …
"&" is Deprecated
In FreeRADIUS v4, the ampersand (&) is no longer used in configuration files. It doesn’t reference specific attributes or define virtual attributes anymore. New features replace the "&" and allow for a more structured configuration.
The main reasons for removing the "&" are to improve clarity and structure. In v3, attribute names were in a flat list, which could lead to naming conflicts. FreeRADIUS v4 introduces hierarchical attributes, making the old syntax unnecessary.
The developers moved the functionality of the "&" into Unlang and other parts of the configuration.
Attribute Aliases
Old v3 attribute names are available through "alias" dictionaries for compatibility. However, using the new v4 hierarchical names is recommended.
Keyword Changes
foreach
The foreach keyword has changed syntax.
Instead of
foreach &reply.Filter-Id {
if ("%{Foreach-Variable-0}" == ...) {
}
You can define a local variable using the following syntax:
foreach thing (reply.Filter-Id[*]) {
if (thing == ...) {
}
The result is much simpler and clearer.
update
The update sections are deprecated. The new way to
edit is much simpler.
See the update documentation for a
description of what has changed, and how to use the attribute new
edit functionality.
The server has limited support for "auto-conversion" of update
sections to the new syntax. Documentation is TBD.
It is now possible to just edit attributes "in place". For example, instead of doing this:
if (User-Name == "bob") {
update reply {
Reply-Message := "Hello, %{User-Name}"
}
}You can now do this:
if (User-Name == "bob") {
reply.Reply-Message := "Hello, %{User-Name}"
}As with any upgrade across major version numbers, there are caveats. See the full update documentation for further guidance.