From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mail.toke.dk; spf=permerror smtp.mailfrom=pabr.org; dkim=fail; arc=none (Message is not ARC signed); dmarc=none Received: from smtp5-g21.free.fr (smtp5-g21.free.fr [IPv6:2a01:e0c:1:1599::14]) by mail.toke.dk (Postfix) with ESMTPS id 7CBA7B65B34 for ; Fri, 18 Jul 2025 12:06:47 +0200 (CEST) Received: from localhost (unknown [82.64.195.128]) by smtp5-g21.free.fr (Postfix) with ESMTPS id E22335FFBA; Fri, 18 Jul 2025 12:06:43 +0200 (CEST) Message-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Fri, 18 Jul 2025 12:06:43 +0200 From: pabr2749409@pabr.org To: Dirk-Willem van Gulik Cc: galene@lists.galene.org In-Reply-To: References: Message-ID-Hash: 7DEOVDDE73SUOG5VOG6E3W5UYVB6NJIU X-Message-ID-Hash: 7DEOVDDE73SUOG5VOG6E3W5UYVB6NJIU X-MailFrom: pabr2749409@pabr.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list Subject: [Galene] Re: udp-port range and subsequent "turn" use of ports outside that range (Fix: use RelayAddressGeneratorPortRange ?) List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Hello, I might have encountered the same problem. Gal=E8ne (with built-in TURN) i= s behind a NAT router. Only a limited range of public-facing UDP ports are= redirected to the Gal=E8ne host. Gal=E8ne emits ICE candidates with UDP p= ort numbers outside the command-line -udp-range. So upstream traffic does = not reach it. I had to patch galene/turnserver/turnserver.go to use RelayAddressGenerator= PortRange (from pion/turn/relay_address_generator_range.go) instead of Rela= yAddressGeneratorStatic. Not sure I fully understand the problem nor the intent of -udp-range, but I= hope this helps. Huge thanks to the Gal=E8ne developers btw, it's been a pleasure to install= and tinker with. Pascal Dirk-Willem van Gulik writes: > I've got a minor puzzle in a fairly simple setup; where galene is behind= a reverse proxy & in a freebsd jail (to co-exist with another video/blackb= oard/sip servers). >=20 > The web and web-socket proportion is fine; as is, I think TURN: >=20 > ... 2024/02/11 13:44:29 Starting built-in TURN server on 127.0.1.12:1194 > ... 2024/02/11 13:44:29 Relay test successful in 6.018877ms, RTT =3D 71= .363=B5s >=20 > The latter is given a limited range with >=20 > -turn :1194 -udp-range 18100-19100 >=20 > which is let through by the firewall (as is 1194 of course), etc in both= directions.=20 >=20 > But I am seeing errors: >=20 > turn ERROR: 2024/02/11 14:26:36 Failed to handle datagram:=20 > unable to handle ChannelData from 127.0.1.12:32895:=20 > failed writing to socket: write udp4 127.0.1.12:24074->DESTINATION_IP:= 54924:=20 > sendto: permission denied >=20 > and note that the port numbers under control of Galene appear to be outs= ide the provided 18100-19100 range. >=20 > Does the range also be specified somewhere else ? This is 'stock' galene= against the https://github.com/jech/galene/releases/tag/galene-0.8 tag. >=20 > With kind regards, >=20 > Dw. >=20 >=20 > galene-0.8_1 > Name : galene > Version : 0.8_1 > Installed on : Sun Feb 11 12:55:49 2024 UTC > Origin : www/galene > Architecture : FreeBSD:13:amd64 > Prefix : /usr/local > Categories : www net-im > Licenses : MIT > Maintainer : bapt@FreeBSD.org > WWW : https://galene.org > Comment : The Gal=E8ne videoconference server > Options : > DOCS : on > Annotations : > FreeBSD_version: 1302001 > build_timestamp: 2024-01-07T22:34:10+0000 > built_by : poudriere-git-3.4.0 > port_checkout_unclean: no > port_git_hash : 756e18783 > ports_top_checkout_unclean: no > ports_top_git_hash: 756e18783 > repo_type : binary > repository : FreeBSD > Flat size : 12.2MiB >=20