Fatal编程技术网
  • webrtc/
  • Webrtc coturn STUN请求在本地工作,但不适用于远程连接

Webrtc coturn STUN请求在本地工作,但不适用于远程连接

webrtc

Webrtc coturn STUN请求在本地工作,但不适用于远程连接,webrtc,nat,stun,turn,coturn,Webrtc,Nat,Stun,Turn,Coturn,我已成功地向coturn服务器()发出了一个回合请求,但在执行STUN请求时失败。如果我尝试使用从运行服务器的同一台计算机上关闭连接到coturn服务器,服务器将以 RFC 5780 response 1 0: IPv4. Response origin: : IP1:3478 0: IPv4. Other addr: : IP2:3479 0: IPv4. UDP reflexive addr: IP1:36457 ======================================

我已成功地向coturn服务器()发出了一个回合请求,但在执行STUN请求时失败。如果我尝试使用从运行服务器的同一台计算机上关闭连接到coturn服务器,服务器将以

RFC 5780 response 1
0: IPv4. Response origin: : IP1:3478
0: IPv4. Other addr: : IP2:3479
0: IPv4. UDP reflexive addr: IP1:36457

========================================
RFC 5780 response 2
0: IPv4. Response origin: : IP2:3479
0: IPv4. Other addr: : IP2:3479
0: IPv4. UDP reflexive addr: IP1:36457

========================================
RFC 5780 response 3
0: IPv4. Response origin: : IP2:3479
0: IPv4. Other addr: : IP2:3479
0: IPv4. UDP reflexive addr: IP1:36458
,太棒了!为了远程测试眩晕请求,我还在笔记本电脑上安装了coturn。如果我从我的笔记本电脑发出相同的请求,stun服务器只响应一个响应,然后挂起

RFC 5780 response 1
0: IPv4. Response origin: : IP1:3478
0: IPv4. Other addr: : IP2:3479
0: IPv4. UDP reflexive addr: IP1:36457
没有第二条和第三条消息,命令行被阻止

运行javascript请求时会进一步确认该问题:

function checkTURNServer(turnConfig, timeout){ 
  return new Promise(function(resolve, reject){
    setTimeout(function(){
        if(promiseResolved) return;
        resolve(false);
        promiseResolved = true;
    }, timeout || 5000);

    var promiseResolved = false
      , myPeerConnection = window.RTCPeerConnection || window.mozRTCPeerConnection || window.webkitRTCPeerConnection   //compatibility for firefox and chrome
      , pc = new myPeerConnection({iceServers:[turnConfig]})
      , noop = function(){};
    pc.createDataChannel("");    //create a bogus data channel
    pc.createOffer(function(sdp){
      if(sdp.sdp.indexOf('typ relay') > -1){ // sometimes sdp contains the ice candidates...
        promiseResolved = true;
        resolve(true);
      }
      pc.setLocalDescription(sdp, noop, noop);
    }, noop);    // create offer and set local description
    pc.onicecandidate = function(ice){  //listen for candidate events
      if(promiseResolved || !ice || !ice.candidate || !ice.candidate.candidate || !(ice.candidate.candidate.indexOf('typ relay')>-1))  return;
      promiseResolved = true;
      resolve(true);
    };
  });   
}

checkTURNServer({"url":"stun:IP1:3478"}).then(function(bool){
    console.log('is TURN server active? ', bool? 'yes':'no'); // prints no!!
}).catch(console.error.bind(console));
我应该怎么做才能使晕眩请求生效?你能给我指一下正确的方向吗

-----------其他信息----------------- 我已经测试了just TURN功能,并且能够连接:

checkTURNServer({"url":"turn:IP1:3478",username: 'mainuser',
    credential: 'mainpassword' }).then(function(bool){
    console.log('is TURN server active? ', bool? 'yes':'no'); // prints yes
}).catch(console.error.bind(console));
我已经安装了
coturn
,并将其配置为服务。这是我的
/etc/systemd/system/coturn.service
文件的内容:

[Unit]
Description=turnserver Service
After=network.target
[Service]
Type=simple
User=root
ExecStart=/usr/local/bin/turnserver -c /usr/local/etc/turnserver.conf
Restart=on-abort
[Install]
WantedBy=multi-user.target
当我运行
systemctl start coturn时,
服务正常启动

/usr/local/etc/turnserver.conf的内容


listening-ip=IP1
listening-ip=IP2
lt-cred-mech
user=mainuser:mainpassword
realm=mydomain.com
max-bps=128000
cert=/etc/letsencrypt/live/mydomain.com/cert.pem
pkey=/etc/letsencrypt/live/mydomain.com/privkey.pem



iptables-S的结果


-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N FORWARD_IN_ZONES
-N FORWARD_IN_ZONES_SOURCE
-N FORWARD_OUT_ZONES
-N FORWARD_OUT_ZONES_SOURCE
-N FORWARD_direct
-N FWDI_iredmail
-N FWDI_iredmail_allow
-N FWDI_iredmail_deny
-N FWDI_iredmail_log
-N FWDO_iredmail
-N FWDO_iredmail_allow
-N FWDO_iredmail_deny
-N FWDO_iredmail_log
-N INPUT_ZONES
-N INPUT_ZONES_SOURCE
-N INPUT_direct
-N IN_iredmail
-N IN_iredmail_allow
-N IN_iredmail_deny
-N IN_iredmail_log
-N OUTPUT_direct