做个记录

1、从"../examples/etc/" 目录拷贝turnserver.conf文件到"/usr/local/etc/"目录

2、修改配置文件

主要配置  "username","password","listening-port" "listening-ip".

 vi /etc/turnserver/turnserver.conf

 # setting static accounts
# Remember, "static" accounts are not dynamically checked by the turnserver process.
user=username:password # listen ports
listening-port=2222
listening-ip=127.1.1 # Now press "insert" key; then "Esc" key
# Then type:
:wq #-- this command will save your settings and close turnserver.conf file # if you don't want to save settings; and quite. Simply type:
:q

3、启动TurnServer服务

 turnserver: unknown option -- help
: log file opened: /var/log/turn_5112_2017--.log
:
RFC ///// STUN/TURN Server
Version Coturn-4.5.0.4 'dan Eider'
:
Max number of open files/sockets allowed for this process:
:
Due to the open files/sockets limitation,
max supported number of TURN Sessions possible is: (approximately)
: ==== Show him the instruments, Practical Frost: ==== : TLS supported
: DTLS supported
: DTLS 1.2 supported
: TURN/STUN ALPN supported
: Third-party authorization (oAuth) supported
: GCM (AEAD) supported
: OpenSSL compile-time version: OpenSSL 1.0.2k Jan
:
: SQLite supported, default database location is /usr/local/var/db/turndb
: Redis is not supported
: PostgreSQL supported
: MySQL supported
: MongoDB is not supported
:
: Default Net Engine version: (UDP thread per network endpoint) ===================================================== : Config file found: /usr/local/etc/turnserver.conf
: Listener address to use: 192.168.1.103
turnserver: unknown option -- help Usage: turnserver [options]
Options:
-d, --listening-device <device-name> Listener interface device (NOT RECOMMENDED. Optional, Linux only).
-p, --listening-port <port> TURN listener port (Default: ).
Note: actually, TLS & DTLS sessions can connect to the "plain" TCP & UDP port(s), too,
if allowed by configuration.
--tls-listening-port <port> TURN listener port for TLS & DTLS listeners
(Default: ).
Note: actually, "plain" TCP & UDP sessions can connect to the TLS & DTLS port(s), too,
if allowed by configuration. The TURN server
"automatically" recognizes the type of traffic. Actually, two listening
endpoints (the "plain" one and the "tls" one) are equivalent in terms of
functionality; but we keep both endpoints to satisfy the RFC specs.
For secure TCP connections, we currently support SSL version and
TLS versions 1.0, 1.1 and 1.2. For secure UDP connections, we support
DTLS version .
--alt-listening-port<port> <port> Alternative listening port for STUN CHANGE_REQUEST (in RFC sense,
or in old RFC sense, default is "listening port plus one").
--alt-tls-listening-port <port> Alternative listening port for TLS and DTLS,
the default is "TLS/DTLS port plus one".
-L, --listening-ip <ip> Listener IP address of relay server. Multiple listeners can be specified.
--aux-server <ip:port> Auxiliary STUN/TURN server listening endpoint.
Auxiliary servers do not have alternative ports and
they do not support RFC functionality (CHANGE REQUEST).
Valid formats are 1.2.3.4: for IPv4 and [::::]: for IPv6.
--udp-self-balance (recommended for older Linuxes only) Automatically balance UDP traffic
over auxiliary servers (if configured).
The load balancing is using the ALTERNATE-SERVER mechanism.
The TURN client must support ALTERNATE-SERVER response for this functionality.
-i, --relay-device <device-name> Relay interface device for relay sockets (NOT RECOMMENDED. Optional, Linux only).
-E, --relay-ip <ip> Relay address (the local IP address that will be used to relay the
packets to the peer).
Multiple relay addresses may be used.
The same IP(s) can be used as both listening IP(s) and relay IP(s).
If no relay IP(s) specified, then the turnserver will apply the default
policy: it will decide itself which relay addresses to be used, and it
will always be using the client socket IP address as the relay IP address
of the TURN session (if the requested relay address family is the same
as the family of the client socket).
-X, --external-ip <public-ip[/private-ip]> TURN Server public/private address mapping, if the server is behind NAT.
In that situation, if a -X is used in form "-X ip" then that ip will be reported
as relay IP address of all allocations. This scenario works only in a simple case
when one single relay address is be used, and no STUN CHANGE_REQUEST
functionality is required.
That single relay address must be mapped by NAT to the 'external' IP.
For that 'external' IP, NAT must forward ports directly (relayed port
must be always mapped to the same 'external' port ).
In more complex case when more than one IP address is involved,
that option must be used several times in the command line, each entry must
have form "-X public-ip/private-ip", to map all involved addresses.
--no-loopback-peers Disallow peers on the loopback addresses (.x.x.x and ::).
--no-multicast-peers Disallow peers on well-known broadcast addresses (224.0.0.0 and above, and FFXX:*).
-m, --relay-threads <number> Number of relay threads to handle the established connections
(in addition to authentication thread and the listener thread).
If explicitly set to then application runs in single-threaded mode.
If not set then a default OS-dependent optimal algorithm will be employed.
The default thread number is the number of CPUs.
In older systems (pre-Linux 3.9) the number of UDP relay threads always equals
the number of listening endpoints (unless -m is set).
--min-port <port> Lower bound of the UDP port range for relay endpoints allocation.
Default value is , according to RFC .
--max-port <port> Upper bound of the UDP port range for relay endpoints allocation.
Default value is , according to RFC .
-v, --verbose 'Moderate' verbose mode.
-V, --Verbose Extra verbose mode, very annoying (for debug purposes only).
-o, --daemon Start process as daemon (detach from current shell).
-f, --fingerprint Use fingerprints in the TURN messages.
-a, --lt-cred-mech Use the long-term credential mechanism.
-z, --no-auth Do not use any credential mechanism, allow anonymous access.
-u, --user <user:pwd> User account, in form 'username:password', for long-term credentials.
Cannot be used with TURN REST API.
-r, --realm <realm> The default realm to be used for the users when no explicit
origin/realm relationship was found in the database.
Must be used with long-term credentials
mechanism or with TURN REST API.
--check-origin-consistency The flag that sets the origin consistency check:
across the session, all requests must have the same
main ORIGIN attribute value (if the ORIGIN was
initially used by the session).
-q, --user-quota <number> Per-user allocation quota: how many concurrent allocations a user can create.
This option can also be set through the database, for a particular realm.
-Q, --total-quota <number> Total allocations quota: global limit on concurrent allocations.
This option can also be set through the database, for a particular realm.
-s, --max-bps <number> Default max bytes-per-second bandwidth a TURN session is allowed to handle
(input and output network streams are treated separately). Anything above
that limit will be dropped or temporary suppressed
(within the available buffer limits).
This option can also be set through the database, for a particular realm.
-B, --bps-capacity <number> Maximum server capacity.
Total bytes-per-second bandwidth the TURN server is allowed to allocate
for the sessions, combined (input and output network streams are treated separately).
-c <filename> Configuration file name (default - turnserver.conf).
-b, , --db, --userdb <filename> SQLite database file name; default - /var/db/turndb or
/usr/local/var/db/turndb or /var/lib/turn/turndb.
-e, --psql-userdb, --sql-userdb <conn-string> PostgreSQL database connection string, if used (default - empty, no PostreSQL DB used).
This database can be used for long-term credentials mechanism users,
and it can store the secret value(s) for secret-based timed authentication in TURN RESP A
See http://www.postgresql.org/docs/8.4/static/libpq-connect.html for 8.x PostgreSQL
versions format, see
http://www.postgresql.org/docs/9.2/static/libpq-connect.html#LIBPQ-CONNSTRING
for .x and newer connection string formats.
-M, --mysql-userdb <connection-string> MySQL database connection string, if used (default - empty, no MySQL DB used).
This database can be used for long-term credentials mechanism users,
and it can store the secret value(s) for secret-based timed authentication in TURN RESP A
The connection string my be space-separated list of parameters:
"host=<ip-addr> dbname=<database-name> user=<database-user> \
password=<database-user-password> port=<db-port> connect_timeout=<seconds The connection string parameters for the secure communications (SSL):
ca, capath, cert, key, cipher
(see http://dev.mysql.com/doc/refman/5.1/en/ssl-options.html for the
command options description). All connection-string parameters are optional. --use-auth-secret TURN REST API flag.
Flag that sets a special authorization option that is based upon authentication secret
(TURN Server REST API, see TURNServerRESTAPI.pdf). This option is used with timestamp.
--static-auth-secret <secret> 'Static' authentication secret value (a string) for TURN REST API only.
If not set, then the turn server will try to use the 'dynamic' value
in turn_secret table in user database (if present).
That database value can be changed on-the-fly
by a separate program, so this is why it is 'dynamic'.
Multiple shared secrets can be used (both in the database and in the "static" fashion).
--server-name Server name used for
the oAuth authentication purposes.
The default value is the realm name.
--oauth Support oAuth authentication.
-n Do not use configuration file, take all parameters from the command line only.
--cert <filename> Certificate file, PEM format. Same file search rules
applied as for the configuration file.
If both --no-tls and --no_dtls options
are specified, then this parameter is not needed.
--pkey <filename> Private key file, PEM format. Same file search rules
applied as for the configuration file.
If both --no-tls and --no-dtls options
--pkey-pwd <password> If the private key file is encrypted, then this password to be used.
--cipher-list <"cipher-string"> Allowed OpenSSL cipher list for TLS/DTLS connections.
Default value is "DEFAULT".
--CA-file <filename> CA file in OpenSSL format.
Forces TURN server to verify the client SSL certificates.
By default, no CA is set and no client certificate check is performed.
--ec-curve-name <curve-name> Curve name for EC ciphers, if supported by OpenSSL
library (TLS and DTLS). The default value is prime256v1,
if pre-OpenSSL 1.0. is used. With OpenSSL 1.0.+,
an optimal curve will be automatically calculated, if not defined
by this option.
--dh566 Use bits predefined DH TLS key. Default size of the predefined key is .
--dh2066 Use bits predefined DH TLS key. Default size of the predefined key is .
--dh-file <dh-file-name> Use custom DH TLS key, stored in PEM format in the file.
Flags --dh566 and --dh2066 are ignored when the DH key is taken from a file.
--no-tlsv1 Do not allow TLSv1/DTLSv1 protocol.
--no-tlsv1_1 Do not allow TLSv1. protocol.
--no-tlsv1_2 Do not allow TLSv1./DTLSv1. protocol.
--no-udp Do not start UDP client listeners.
--no-tcp Do not start TCP client listeners.
--no-tls Do not start TLS client listeners.
--no-dtls Do not start DTLS client listeners.
--no-udp-relay Do not allow UDP relay endpoints, use only TCP relay option.
--no-tcp-relay Do not allow TCP relay endpoints, use only UDP relay options.
-l, --log-file <filename> Option to set the full path name of the log file.
By default, the turnserver tries to open a log file in
/var/log/turnserver/, /var/log, /var/tmp, /tmp and . (current) directories
(which open operation succeeds first that file will be used).
With this option you can set the definite log file name.
The special names are "stdout" and "-" - they will force everything
to the stdout; and "syslog" name will force all output to the syslog.
--no-stdout-log Flag to prevent stdout log messages.
By default, all log messages are going to both stdout and to
a log file. With this option everything will be going to the log file only
(unless the log file itself is stdout).
--syslog Output all log information into the system log (syslog), do not use the file output.
--simple-log This flag means that no log file rollover will be used, and the log file
name will be constructed as-is, without PID and date appendage.
This option can be used, for example, together with the logrotate tool.
--stale-nonce Use extra security with nonce value having limited lifetime ( secs).
-S, --stun-only Option to set standalone STUN operation only, all TURN requests will be ignored.
--no-stun Option to suppress STUN functionality, only TURN requests will be processed.
--alternate-server <ip:port> Set the TURN server to redirect the allocate requests (UDP and TCP services).
Multiple alternate-server options can be set for load balancing purposes.
See the docs for more information.
--tls-alternate-server <ip:port> Set the TURN server to redirect the allocate requests (DTLS and TLS services).
Multiple alternate-server options can be set for load balancing purposes.
See the docs for more information.
-C, --rest-api-separator <SYMBOL> This is the timestamp/username separator symbol (character) in TURN REST API.
The default value is ':'.
--max-allocate-timeout=<seconds> Max time, in seconds, allowed for full allocation establishment. Default is .
--allowed-peer-ip=<ip[-ip]> Specifies an ip or range of ips that are explicitly allowed to connect to the
turn server. Multiple allowed-peer-ip can be set.
--denied-peer-ip=<ip[-ip]> Specifies an ip or range of ips that are not allowed to connect to the turn server.
Multiple denied-peer-ip can be set.
--pidfile <"pid-file-name"> File name to store the pid of the process.
Default is /var/run/turnserver.pid (if superuser account is used) or
/var/tmp/turnserver.pid .
--secure-stun Require authentication of the STUN Binding request.
By default, the clients are allowed anonymous access to the STUN Binding functionality.
--proc-user <user-name> User name to run the turnserver process.
After the initialization, the turnserver process
will make an attempt to change the current user ID to that user.
--proc-group <group-name> Group name to run the turnserver process.
After the initialization, the turnserver process
will make an attempt to change the current group ID to that group.
--mobility Mobility with ICE (MICE) specs support.
--no-cli Turn OFF the CLI support. By default it is always ON.
--cli-ip=<IP> Local system IP address to be used for CLI server endpoint. Default value
is 127.0.0.1.
--cli-port=<port> CLI server port. Default is .
--cli-password=<password> CLI access password. Default is empty (no password).
For the security reasons, it is recommended to use the encrypted
for of the password (see the -P command in the turnadmin utility).
The dollar signs in the encrypted form must be escaped.
--server-relay Server relay. NON-STANDARD AND DANGEROUS OPTION. Only for those applications
when we want to run server applications on the relay endpoints.
This option eliminates the IP permissions check on the packets
incoming to the relay endpoints.
--cli-max-output-sessions Maximum number of output sessions in ps CLI command.
This value can be changed on-the-fly in CLI. The default value is .
--ne=[||] Set network engine type for the process (for internal purposes).
-h Help For more information, see the wiki pages: https://github.com/coturn/coturn/wiki/

4、测试STUN服务

使用 https://sourceforge.net/projects/stun/files/

中的工程文件,或者直接下载0.97版源码

地址为:https://sourceforge.net/projects/stun/files/latest/download?source=files

编译生成winStun.exe或者client.exe在命令行中测试

coTurn 使用测试方法的更多相关文章

  1. Web 常用功能测试方法

    功能测试就是对产品的各功能进行验证,根据功能测试用例,逐项测试,检查产品是否达到用户要求的功能.常用的测试方法如下: 1. 页面链接检查:每一个链接是否都有对应的页面,并且页面之间切换正确. 2. 相 ...

  2. 【转】Web测试方法

    看到好文章,拿过来给大家分享分享! 一.输入框 1.字符型输入框: (1)字符型输入框:英文全角.英文半角.数字.空或者空格.特殊字符“~!@#¥%……&*?[]{}”特别要注意单引号和&am ...

  3. Web系统的常用测试方法

    在51上看到一篇不错的文章,拿过来分享一下,学习学习! Web系统的常用测试方法如下: 1. 页面链接检查:每一个链接是否都有对应的页面,并且页面之间切换正确. 2. 相关性检查:删除/增加一项会不会 ...

  4. 常用的web功能测试方法

    功能测试就是对产品各功能进行验证,根据功能测试用例,逐项测试,检查产品是否达到用户要求功能,即是否满足需求.常用的测试方法如下: 1.页面连接检查:每一个连接是否都有对应的页面,并且页面之间切换正确. ...

  5. web测试方法总结

    链接地址:http://www.cnblogs.com/Jessy/p/3539638.html 一.输入框 1.字符型输入框: (1)字符型输入框:英文全角.英文半角.数字.空或者空格.特殊字符“~ ...

  6. TestNG 三 测试方法

    一.设置参数 测试方法是可以带有参数的.每个测试方法都可以带有任意数量的参数,并且可以通过使用TestNG的@Parameters向方法传递正确的参数. 设置方式有两种方法:使用testng.xml或 ...

  7. TestNG官方文档中文版(5)-测试方法/类和组

    5 - Test methods, Test classes and Test groups 5.1 - Test groups TestNG容许执行复杂的测试方法分组.不仅可以申明方法属于组,而且可 ...

  8. web测试方法

    首先互联网B/S系统一般分为三层,即表示层.业务逻辑层.数据层,下面是我整理的关于web的测试方法. 表示层 一.功能测试 1.链接测试 确认每个链接有效且正确跳转 2.表单测试 确认表单能正常提交, ...

  9. web前端本地测试方法

    在大型项目中的前端测试与开发,通常使用git clone将整个工程目录下载下来,然后本地运行调试. 然而,当一个项目已经发布到测试机上,需要临时查看某个页面的效果或修改某个页面时,clone整个工程目 ...

随机推荐

  1. deque源码3(deque的构造与内存、ctor、push_back、push_front)

    deque源码1(deque概述.deque中的控制器) deque源码2(deque迭代器.deque的数据结构) deque源码3(deque的构造与内存.ctor.push_back.push_ ...

  2. unittest单元测试框架

    unittest单元测试框架 概述: 单元测试框架主要用来完成以下三件事: 提供用例组织与执行:当测试用例只有几条时,可以不必考虑用例的组织,但是当用例达到成百上千条时,大量的用例堆砌在一起,就产生了 ...

  3. 支付宝PC端单笔支付同步回调session失效问题

    一次调用支付宝PC场景下单笔支付之后同步回调遇到的session失效问题记录 问题描述: 调用支付宝接口:alipay.trade.page.pay,该接口请求参数中有两个返回地址需要设置,retur ...

  4. SpringCloud2.0入门3-新的eureka依赖

    前言 Springboot2.0推出有一段时间了,是要学习1.5+还是从2.0开始?犹豫的原因是资料不全,目前现有的资料大部分是1.0的.但作为学习者,肯定要学习最新的.不如,先试试. 搭建Eurek ...

  5. 【Go】strings.Replace 与 bytes.Replace 调优

    原文链接:https://blog.thinkeridea.com/201902/go/replcae_you_hua.html 标准库中函数大多数情况下更通用,性能并非最好的,还是不能过于迷信标准库 ...

  6. mybatis-generator插件执行报错:Cannot resolve classpath entry

    记录一个小问题 使用了mybatis-generator插件自动生成实体类,DAO,Mapper,在执行时报错.报错信息如下 Failed to execute goal org.mybatis.ge ...

  7. zookeeper高可用集群搭建

    前提:已经在master01配置好hadoop:在各个slave节点配置好hadoop和zookeeper: (该文是将zookeeper配置在各slave节点上的,其实也可以配置在各master上, ...

  8. Windows 10 安装 Mongod

    因为新换了Windows 10 电脑,需要在新电脑重新安装所有的软件,包括mongodb 下载文件:首先在mongodb的官方网站上下载最新版本的mongodb安装程序,https://www.mon ...

  9. Hibernate-在Eclipse(Oxygen)中安装Hibernatetools插件

    Eclipse(Luna)中是没有Hibernate插件的,该插件是需要自己进行添加. 在网上找了一下关于如何在Eclipse中安装Hibernatetools插件的方法,很多都是先找到Hiberna ...

  10. Javascript继承6:终极继承者----寄生组合式继承

    /* * 寄生式继承依托于原型继承,原型继承又与类式继承想象. * 即: 原型与构造函数的组合继承 * 寄生式继承 继承原型 * 传递参数 childClass 子类 * 传递参数 parentCla ...