On 15 Jan 2025, at 16:56, Dirk-Willem van Gulik <dirkx@webweaving.org> wrote:

On 15 Jan 2025, at 15:03, Juliusz Chroboczek <jch@irif.fr> wrote:

When starting galene with an explcit IP Address on a machine with multiple Ip addresses; e.g. with:

./galene  -turn 11.123.4.123:1194 ....

netstat/lsof shows that it is still bound to the ANY address:

  # lsof -n | grep LISTEN
   ....
   galene    49935 galene    7u     IPv4 0xfffff80019daf000        0     TCP *:1194->*:* (LISTEN)

Is this the expected behaviour (i.e. intentional and for a reason) - or
a blemish/thing that I should try to fix ?

Only the address you specified is advertised to clients, but the server
listens on the wildcard address.  This allows us to change the server's
address without tearing down the socket when running with "-turn auto".

So I think below is a fairly simple change - where the 'auto' case is kept as is - and the listener is ONLY bound to a specific IP if it is specified. Otherwise it becomes *:1234 or a found public IP address.

So now [-turn [ip|fqdn]:<port>] behaves exactly like -http.

So let me know if it's important for you.

So being able to bind it is convenient on a machine with multiple IPs or a machine that straddles networks. As otherwise the galene starting `second' looses the race for 0.0.0.0. . Or a machine with an anal firewall/ACL system - the listen() gets a permission error.

Ignore this - there is a whole general class of cases when you have VLANs, IPv6 or an iSCSI that surfaces as an interface on a machine which goes wrong.

Will repost with a better solution once I've gone through all the edge cases.

Dw