Benjamin

静以修身,俭以养德,非澹薄无以明志,非宁静无以致远。
随笔 - 397, 文章 - 0, 评论 - 196, 引用 - 0
数据加载中……

centos安装turnserver

一、下载依赖库(非必须)
yum install -y make auomake gcc cc gcc-c++ wget
yum install -y openssl-devel libevent libevent-devel mysql-devel mysql-server
wget https://github.com/downloads/libevent/libevent/libevent-2.0.21-stable.tar.gz
tar xvfz libevent-2.0.21-stable.tar.gz
cd libevent-2.0.21-stable && ./configure
make && make install && cd ..
二、下载安装turnserver(在http://turnserver.open-sys.org/downloads/页面选择合适版本下载,这里载3.2.3.95)
wget http://turnserver.open-sys.org/downloads/v3.2.3.95/turnserver-3.2.3.95.tar.gz
tar -xvzf turnserver-3.2.3.95.tar.gz
cd turnserver-3.2.3.95
./configure
make && make install 
三、创建配置文件
cp /usr/local/etc/turnserver.conf.default /etc/turnserver.conf
cp /usr/local/etc/turnuserdb.conf.default /etc/turnuserdb.conf(非必须)
四、编辑配置turnserverconf
external-ip=54.95.37.26/172.31.43.68 (前者为服务器公网ip,后者为内网IP)
fingerprint (开启指纹)
lt-cred-mech (开启长期验证机制)
user=testuser:123456 (设置一个测试用户名及密码)
五、端口开放
3478(tcp 、udp),5349(tcp、udp),49152-65535(udp)
六、开启turnserver
 turnserver -v -r foo.org -c /etc/turnserver.conf (-f参数必须)
 七、测试
 1、官网测试:https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
    add server之后,点击gather candidates,这个工具如果测试不成功或
 2、candidates type:host:本机物理网卡或逻辑网卡地址和端口 srflx:发送Binding请求到STUN/TURN Server经过NAT时,NAT上分配的地址和端口
    prflx:端发送Binding请求到对等端经过NAT时,NAT上分配的地址和端口  relay:端发送Allocate请求到TURN Server,由TURN server用于中继的地址和端口
 3、测试:代码测试(html页面) 打开开发工具如在控制台输出The TURN server is reachable !  is TURN server active?  yes 即表示服务器正常
    <html>
    <header>
        <title>ice测试</title>
    </header>
    <body>
    <label for="serverAddress"></label>
    <input id="serverAddress" value="turn:127.0.0.1:13902"/>
    <br/>
    <label for="username"></label><input id="username" value="foo"/>
    <br/>
    <label for="password"></label><input id="password" value="bar"/>
    <br/>
    <button onclick="window.test()">Test</button>
    <script>
        function checkTURNServer(turnConfig, timeout) {
            return new Promise(function (resolve, reject) {
                let promiseResolved;
                setTimeout(function () {
                    if (promiseResolved) return;
                    resolve(false);
                    promiseResolved = true;
                }, timeout || 5000);
                promiseResolved = false;
                let myPeerConnection = window.RTCPeerConnection || window.mozRTCPeerConnection || window.webkitRTCPeerConnection   //compatibility for firefox and chrome
                    , pc = new myPeerConnection({iceServers: [turnConfig]})
                    , noop = function () {
                };
                pc.createDataChannel("");    //create a bogus data channel
                pc.createOffer({}).then((offer) => {
                    if (offer.sdp.indexOf('typ relay') > -1) { // sometimes sdp contains the ice candidates...
                        promiseResolved = true;
                        resolve(true);
                    }
                    pc.setLocalDescription(offer)
                })
                pc.onicecandidate = function (ice) {  //listen for candidate events
                    if (promiseResolved || !ice || !ice.candidate
                        || !ice.candidate.candidate
                        || !(ice.candidate.candidate.indexOf('typ relay') > -1)) return;
                    console.log("ice candidate=", ice.candidate)
                    // If a relay candidate was found, notify that the TURN server works!
                    if (ice.candidate.type === "relay") {
                        console.log("The TURN server is reachable !");
                    }
                    promiseResolved = true;
                    resolve(true);
                };
            });
        }
        window.test = () => {
            let serverAddress = document.getElementById("serverAddress").value;
            let username = document.getElementById("username").value;
            let password = document.getElementById("password").value;
            console.log("Trigger ice test. Server address=", serverAddress,
                ", username=", username, ", password=", password)
            checkTURNServer({
                urls: serverAddress,
                username: username,
                credential: password
            }).then(function (bool) {
                console.log('is TURN server active? ', bool ? 'yes' : 'no');
            }).catch(console.error.bind(console));
        }
    </script>
    </body>
    </html>
  4、http://你自己的公网ip:3478/ 输出 TURN Server即表示正常
  5、命令行测试 turnutils_uclient -v -u testuser -w 123456 54.249.95.226(外网ip)
  turnserver的终端出现以下类似结果,则显示测试成功
  830: handle_udp_packet: New UDP endpoint: local addr 172.31.33.19:3478, remote addr 54.249.95.226:37748
  830: session 003000000000000001: user <>: incoming packet message processed, error 401: Unauthorised
  830: IPv4. Local relay addr: 172.31.33.19:55550
  830: IPv4. Local reserved relay addr: 172.31.33.19:55551
  830: session 003000000000000001: new, username=<testuser>, lifetime=800
  830: session 003000000000000001: user <testuser>: incoming packet ALLOCATE processed, success
  830: session 003000000000000001: refreshed, username=<testuser>, lifetime=600
  830: session 003000000000000001: user <testuser>: incoming packet REFRESH processed, success
  830: handle_udp_packet: New UDP endpoint: local addr 172.31.33.19:3478, remote addr 54.249.95.226:33309
  830: session 003000000000000002: user <>: incoming packet message processed, error 401: Unauthorised
  
  八、signal服务中使用它,还需要修改相关配置
  external-ip=54.249.95.226/172.31.43.68 (前者为服务器公网ip,后者为内网IP)
  fingerprint (开启指纹)
  lt-cred-mech (开启长期验证机制)
  use-auth-secret  (开启secret形式授权 )
  static-auth-secret=12345(# 设置secret,这个和signal服务配置文件里的turnserver的secret要一致,最好复杂点,注意最后别留空格
  九、守护进程运行turnserver 
   turnserver -v -r foo.org -c /etc/turnserver.conf -o 
   # 后台运行的话下面这句
   # nohup turnserver -c etc/turnserver.conf &
  十、开机启动配置
    1、创建turnserver.service文件,内容如下
      [Unit]
      Description=turnserver for webrtc
      After=network.target
      [Service]
      Type=forking
      User=tester
      Group=tester
      ExecStart=/home/tester/coturn/coturn/bin/turnserver -o -a -f -user=test:123456 -r Hangzhou
      Restart=always
      RestartSec=5
      [Install]
      WantedBy=multi-user.target
    2、拷贝文件   cp turnserver.service  /lib/systemd/system/
    3、重新加载  systemctl daemon-reload
    4、检查是否加载成功  systemctl list-unit-files --type=service | grep turn 返回正常显示turnserver相关内容
      trunserver.service                     disabled
    5、运行:    systemctl status turnserver.service
    6、检测状态:systemctl status turnserver.service

posted on 2022-12-23 15:44 Benjamin 阅读(258) 评论(0)  编辑 收藏 引用 所属分类: linux


只有注册用户登录后才能发表评论。
网站导航: 博客园   IT新闻   BlogJava   知识库   博问   管理