From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from weser.webweaving.org (weser.webweaving.org [148.251.234.232]) by mail.toke.dk (Postfix) with ESMTPS id 7C243AD38BA for ; Wed, 15 Jan 2025 17:00:14 +0100 (CET) Authentication-Results: mail.toke.dk; dkim=pass (1024-bit key; unprotected) header.d=webweaving.org header.i=@webweaving.org header.a=rsa-sha256 header.s=shared header.b=Y7JcGy63 Received: from smtpclient.apple (83-85-39-103.cable.dynamic.v4.ziggo.nl [83.85.39.103]) (authenticated bits=0) by weser.webweaving.org (8.18.1/8.18.1) with ESMTPSA id 50FFuQBl045066 (version=TLSv1.2 cipher=ECDHE-ECDSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 15 Jan 2025 16:56:27 +0100 (CET) (envelope-from dirkx@webweaving.org) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=webweaving.org; s=shared; t=1736956587; bh=teY4a9KB5wgNCosUh2q8e+drijImO/AvP3XhsEW/hBY=; h=From:Subject:Date:In-Reply-To:Cc:To:References; b=Y7JcGy635eFn25z3spn6yAFbsqMMz7MTYpfFzrXiB1dPPWdhe6xUN6ql7nu29CkYW iebh3ulWOyTvbSWi36SpBuAvkP2iexfb+EFbCtAMlSKYQDlt8lpLDUN7brVz11xBrq 5iRMHjtiX6MzWAx1HndPE3XZIlzLHeRSGnPJZiQU= X-Authentication-Warning: weser.webweaving.org: Host 83-85-39-103.cable.dynamic.v4.ziggo.nl [83.85.39.103] claimed to be smtpclient.apple From: Dirk-Willem van Gulik Message-Id: <255B813A-A1F3-48A5-B4C8-4A340919BDCC@webweaving.org> Content-Type: multipart/alternative; boundary="Apple-Mail=_FB2AFEBC-EA14-4B53-994D-FC332A8EFFC4" Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.300.87.4.3\)) Date: Wed, 15 Jan 2025 16:56:26 +0100 In-Reply-To: <87o708uqb4.wl-jch@irif.fr> To: Juliusz Chroboczek References: <03C86732-394C-4EF9-99A9-1643BB3AD6DB@webweaving.org> <87o708uqb4.wl-jch@irif.fr> X-Mailer: Apple Mail (2.3826.300.87.4.3) X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (weser.webweaving.org [148.251.234.232]); Wed, 15 Jan 2025 16:56:27 +0100 (CET) Message-ID-Hash: XJFJY7HJZROBCVGTWPZQNJPNUZYOIULV X-Message-ID-Hash: XJFJY7HJZROBCVGTWPZQNJPNUZYOIULV X-MailFrom: dirkx@webweaving.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: galene@lists.galene.org X-Mailman-Version: 3.3.10 Precedence: list Subject: [Galene] Re: Turn binding to the ANY Address - even when specified List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --Apple-Mail=_FB2AFEBC-EA14-4B53-994D-FC332A8EFFC4 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On 15 Jan 2025, at 15:03, Juliusz Chroboczek wrote: >=20 >> When starting galene with an explcit IP Address on a machine with = multiple Ip addresses; e.g. with: >>=20 >> ./galene -turn 11.123.4.123:1194 .... >>=20 >> netstat/lsof shows that it is still bound to the ANY address: >>=20 >> # lsof -n | grep LISTEN >> .... >> galene 49935 galene 7u IPv4 0xfffff80019daf000 = 0 TCP *:1194->*:* (LISTEN) >>=20 >> Is this the expected behaviour (i.e. intentional and for a reason) - = or >> a blemish/thing that I should try to fix ? >=20 > Only the address you specified is advertised to clients, but the = server > listens on the wildcard address. This allows us to change the = server's > address without tearing down the socket when running with "-turn = auto". So I think below is a fairly simple change - where the 'auto' case is = kept as is - and the listener is ONLY bound to a specific IP if it is = specified. Otherwise it becomes *:1234 or a found public IP address. So now [-turn [ip|fqdn]:] behaves exactly like -http. > So let me know if it's important for you. So being able to bind it is convenient on a machine with multiple IPs or = a machine that straddles networks. As otherwise the galene starting = `second' looses the race for 0.0.0.0. . Or a machine with an anal = firewall/ACL system - the listen() gets a permission error. With kind regards, Dw. diff --git a/turnserver/turnserver.go b/turnserver/turnserver.go index 1dcebe0..2210801 100644 --- a/turnserver/turnserver.go +++ b/turnserver/turnserver.go @@ -132,7 +132,7 @@ func Start() error { if a =3D=3D nil { return errors.New("couldn't parse address") } - pcc, lc :=3D listener(net.IP{0, 0, 0, 0}, addr.Port, a) + pcc, lc :=3D listener(a, addr.Port, a) if pcc !=3D nil { pccs =3D append(pccs, *pcc) server.addresses =3D append(server.addresses, = &net.UDPAddr{ --Apple-Mail=_FB2AFEBC-EA14-4B53-994D-FC332A8EFFC4 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii

On 15 Jan 2025, at 15:03, Juliusz Chroboczek = <jch@irif.fr> wrote:

When starting galene with an explcit IP Address on a = machine with multiple Ip addresses; e.g. with:

./galene =  -turn 11.123.4.123:1194 ....

netstat/lsof shows that it is = still bound to the ANY address:

 # lsof -n | grep = LISTEN
=   ....
  galene =    49935 galene    7u =     IPv4 0xfffff80019daf000 =        0     TCP = *:1194->*:* (LISTEN)

Is this the expected behaviour (i.e. = intentional and for a reason) - or
a blemish/thing that I should try = to fix ?

Only the address you specified is = advertised to clients, but the server
listens on the wildcard = address.  This allows us to change the server's
address without = tearing down the socket when running with "-turn = auto".

So I think below = is a fairly simple change - where the 'auto' case is kept as is - and = the listener is ONLY bound to a specific IP if it is specified. = Otherwise it becomes *:1234 or a found public IP = address.

So now [-turn = [ip|fqdn]:<port>] behaves exactly like = -http.

So let me = know if it's important for = you.

So being able = to bind it is convenient on a machine with multiple IPs or a machine = that straddles networks. As otherwise the galene starting `second' = looses the race for 0.0.0.0. . Or a machine with an anal firewall/ACL = system - the listen() gets a permission = error.

With kind = regards,

Dw.


<= div>

diff --git = a/turnserver/turnserver.go = b/turnserver/turnserver.go

index = 1dcebe0..2210801 100644

--- = a/turnserver/turnserver.go

+++ = b/turnserver/turnserver.go

@@ = -132,7 +132,7 @@ func Start() error {

    =             if a =3D=3D nil {

    =                     = return errors.New("couldn't parse address")

    =             }

-     =           pcc, lc :=3D listener(net.IP{0, 0, 0, = 0}, addr.Port, a)

+ =               pcc, lc :=3D = listener(a, addr.Port, a)

    =             if pcc !=3D nil {

    =                     = pccs =3D append(pccs, *pcc)

    =                     = server.addresses =3D append(server.addresses, = &net.UDPAddr{


= --Apple-Mail=_FB2AFEBC-EA14-4B53-994D-FC332A8EFFC4--