[Galene] Re: udp-port range and subsequent "turn" use of ports outside that range (Fix: use RelayAddressGeneratorPortRange ?)

[pabr2749409@pabr.org]

Hello,

I might have encountered the same problem.  Galène (with built-in TURN) is behind a NAT router.  Only a limited range of public-facing UDP ports are redirected to the Galène host.  Galène emits ICE candidates with UDP port numbers outside the command-line -udp-range.  So upstream traffic does not reach it.

I had to patch galene/turnserver/turnserver.go to use RelayAddressGeneratorPortRange (from pion/turn/relay_address_generator_range.go) instead of RelayAddressGeneratorStatic.

Not sure I fully understand the problem nor the intent of -udp-range, but I hope this helps.

Huge thanks to the Galène developers btw, it's been a pleasure to install and tinker with.

Pascal


Dirk-Willem van Gulik writes:
 > I've got a minor puzzle in a fairly simple setup; where galene is behind a reverse proxy & in a freebsd jail (to co-exist with another video/blackboard/sip servers).
 > 
 > The web and web-socket proportion is fine; as is, I think TURN:
 > 
 > 	... 2024/02/11 13:44:29 Starting built-in TURN server on 127.0.1.12:1194
 > 	... 2024/02/11 13:44:29 Relay test successful in 6.018877ms, RTT = 71.363µs
 > 
 > The latter is given a limited range with
 > 
 > 	 -turn <outside-ip-address>:1194 -udp-range 18100-19100
 > 
 > which is let through by the firewall (as is 1194 of course), etc in both directions. 
 > 
 > But I am seeing errors:
 > 
 > 	turn ERROR: 2024/02/11 14:26:36 Failed to handle datagram: 
 > 		unable to handle ChannelData from 127.0.1.12:32895: 
 > 		failed writing to socket: write udp4 127.0.1.12:24074->DESTINATION_IP:54924: 
 > 			sendto: permission denied
 > 
 > and note that the port numbers under control of Galene appear to be outside the provided 18100-19100 range.
 > 
 > Does the range also be specified somewhere else ? This is 'stock' galene against the https://github.com/jech/galene/releases/tag/galene-0.8 tag.
 > 
 > With kind regards,
 > 
 > Dw.
 > 
 > 
 > galene-0.8_1
 > Name           : galene
 > Version        : 0.8_1
 > Installed on   : Sun Feb 11 12:55:49 2024 UTC
 > Origin         : www/galene
 > Architecture   : FreeBSD:13:amd64
 > Prefix         : /usr/local
 > Categories     : www net-im
 > Licenses       : MIT
 > Maintainer     : bapt@FreeBSD.org
 > WWW            : https://galene.org
 > Comment        : The Galène videoconference server
 > Options        :
 > DOCS           : on
 > Annotations    :
 > FreeBSD_version: 1302001
 > build_timestamp: 2024-01-07T22:34:10+0000
 > built_by       : poudriere-git-3.4.0
 > port_checkout_unclean: no
 > port_git_hash  : 756e18783
 > ports_top_checkout_unclean: no
 > ports_top_git_hash: 756e18783
 > repo_type      : binary
 > repository     : FreeBSD
 > Flat size      : 12.2MiB
 >