[Pkg-voip-commits] [resiprocate] 05/09: Update reTurnServer.config for Debian users

Daniel Pocock pocock at alioth.debian.org
Sat Sep 28 21:17:59 UTC 2013 

This is an automated email from the git hooks/post-receive script.

pocock pushed a commit to annotated tag debian-experimental/1.9.0_beta2-1
in repository resiprocate.

commit ea4dc8538767b401ebeb27dbcb01b3acea443026
Author: Daniel Pocock <daniel at pocock.com.au>
Date:   Sat Sep 28 22:27:49 2013 +0200

    Update reTurnServer.config for Debian users
---
 debian/conf/reTurnServer.config |  169 ++++++++++++++++++++++++++++++++++-----
 1 file changed, 148 insertions(+), 21 deletions(-)

diff --git a/debian/conf/reTurnServer.config b/debian/conf/reTurnServer.config
index 0f8f573..6bd3736 100644
--- a/debian/conf/reTurnServer.config
+++ b/debian/conf/reTurnServer.config
@@ -1,35 +1,162 @@
+########################################################
+# reTurnServer configuration file
+########################################################
+
+########################################################
+# Transport settings
+########################################################
+
+# Local IP Address to bind base STUN/TURN transports to.
+# Note:  This is the IP Address that clients should be configured to
+#        send STUN/TURN traffic to.
+# Warning:  If you are enabling RFC3489 backwards compatability
+#           (see AltStunAddress and AltStunPort settings), then do
+#           not leave this set to INADDR_ANY (0.0.0.0), place
+#           a valid IP address from a local NIC here.
+TurnAddress = 0.0.0.0
+
+# Local IPv6 Address to bind base STUN/TURN transports to.
+# Note:  This is the IP Address that IPv6 clients should be configured to
+#        send STUN/TURN traffic to.
+#        Not currently supported with RFC3489 backwards compatability
+TurnV6Address = ::0
+
+# Local UDP/TCP Port to bind base STUN/TURN transports to.
+# Note:  This is the port that clients should be configured to
+#        send STUN/TURN traffic over UDP and TCP.
 TurnPort = 3478
+
+# Local TLS Port to bind base STUN/TURN transports to.
+# Note:  This is the port that clients should be configured to
+#        send STUN/TURN traffic over TLS.
 TlsTurnPort = 5349
-AltStunPort = 0
-TurnAddress = 0.0.0.0
+
+# Local IP Address to bind the transports used in Classic Stun
+# NAT type discovery.  Note:  This address is only required if
+# you need Classic Stun (RFC3489) support.
+# It must be different from the TurnAddress setting, and a valid
+# local IP Address.  Use 0.0.0.0 to disable RFC3489 backwards compatbility
+# support.
+# Note:  The STUN/TURN Client should not be configured with this
+#        address anywhere.  This address is discovered by clients
+#        in Binding responses that are sent to the TurnAddress.
 AltStunAddress = 0.0.0.0
-AuthenticationMode = 2
-AuthenticationRealm = reTurn
-NonceLifetime = 3600
-AllocationPortRangeMin = 49152
-AllocationPortRangeMax = 65535
-DefaultAllocationLifetime = 600
-MaxAllocationLifetime = 3600
-MaxAllocationsPerUser = 0
-TlsServerCertificateFilename = server.pem
-TlsTempDhFilename = dh512.pem
-# leave blank if key is not encrypted
-#TlsPrivateKeyPassword = 
+
+# Local UDP Port to bind classic STUN (RFC3489) transports to.
+# Set AltStunPort to 0 to disable any RFC3489 backwards compatibility,
+# if you do not have a need to support the NAT type discovery procedures
+# of RFC3489.
+# Note:  STUN/TURN Client should not be configured with this port anywhere.
+#        This port is discovered by clients in Binding responses that are
+#        sent to the TurnAddress/TurnPort.
+AltStunPort = 0
+
+
+########################################################
+# Logging settings
+########################################################
+
 # Logging Type: syslog|cerr|cout|file
 LoggingType = syslog
+
 # Logging level: NONE|CRIT|ERR|WARNING|INFO|DEBUG|STACK
 LoggingLevel = INFO
+
+# Log Filename
 LogFilename = reTurnServer.log
+
+# Log file Max Size
 LogFileMaxLines = 50000
-# It is highly recommended that these values are NOT left at their
-# default setting
-LongTermAuthUsername = test
-LongTermAuthPassword = 1234
+
+
+########################################################
+# UNIX related settings
+########################################################
+
 # Must be true or false, default = false, not supported on Windows
 Daemonize = true
+
 # On UNIX it is normal to create a PID file
 # if unspecified, no attempt will be made to create a PID file
-PidFile = /var/run/reTurnServer/reTurnServer.pid
-RunAsUser = return
-RunAsGroup = return
+#PidFile = /var/run/reTurnServer/reTurnServer.pid
+
+# UNIX account information to run process as
+#RunAsUser = return
+#RunAsGroup = return
+
+
+########################################################
+# Authentication settings
+########################################################
+
+# Authentication Realm for Long Term Passwords
+AuthenticationRealm = reTurn
+
+# File containing user authentication data.
+# The format of each line is:
+#
+#    login:password:realm:state
+#
+# Typically, the realm field must match the value of AuthenticationRealm
+# defined above.
+#
+# The state field can be one of:
+#
+#   authorized   (user authorized)
+#   refused      (user denied access)
+#   restricted   (for when bandwidth limiting is implemented)
+#
+# This file format is interchangeable with TurnServer.org's user database
+#
+#UserDatabaseFile = /etc/reTurnServer-users.txt
+
+
+########################################################
+# TURN Allocation settings
+########################################################
+
+NonceLifetime = 3600
+
+# The starting port number to use for TURN allocations.
+# This number MUST be an even number, in order to ensure
+# proper operation for allocation of RTP port pairs.
+# Default: 49152 (start of the Dynamic and/or Private Port range
+#                 - recommended by RFC)
+AllocationPortRangeMin = 49152
+
+# The ending port number to use for TURN allocations.
+# This number MUST be an odd number, in order to ensure
+# proper operation for allocation of RTP port pairs.
+# Default: 65535 (end of the Dynamic and/or Private Port range
+#                 - recommended by RFC)
+AllocationPortRangeMax = 65535
+
+# Default time (in seconds) that an allocation will expire if an allocation
+# refresh request is not sent.  Default is 600 (10 minutes).
+DefaultAllocationLifetime = 600
+
+# Maximum time (in seconds) allowed that will be accepted in an allocation requests
+# lifetime header (ie. between TURN allocation refreshes).  If an allocation is
+# received with a higher lifetime, then the response will be returned with this
+# value instead.  Default is 3600 (1 hour).
+MaxAllocationLifetime = 3600
+
+
+########################################################
+# SSL/TLS Certificate settings
+########################################################
+
+# TLS Server Certificate Filename (loaded from working directory)
+# The PEM formated file that contains the private and public
+# key of the certificate that will be presented to clients
+# connecting over TLS.
+TlsServerCertificateFilename = server.pem
+
+# TLS temporary Diffie-Hellman parameters file (loaded from working directory)
+TlsTempDhFilename = dh512.pem
+
+# TLS server private key certificate password required to read
+# from PEM file.  Leave blank if key is not encrypted.
+TlsPrivateKeyPassword =
+
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-voip/resiprocate.git

More information about the Pkg-voip-commits mailing list