/[resiprocate]/main/reTurn/reTurnServer.config
ViewVC logotype

Annotation of /main/reTurn/reTurnServer.config

Parent Directory Parent Directory | Revision Log Revision Log


Revision 10219 - (hide annotations) (download)
Mon May 20 20:59:51 2013 UTC (6 years, 8 months ago) by sgodin
File size: 5650 byte(s)
-short term authentication makes no sense for a TURN server, since credential information
 needs to be exchanged out of band (ie. as with ICE) - remove short term auth option from
 return server - Long Term authentication is enabled by default
1 sgodin 10129 ########################################################
2     # reTurnServer configuration file
3     ########################################################
4    
5     ########################################################
6     # Transport settings
7     ########################################################
8    
9     # Local IP Address to bind base STUN/TURN transports to.
10     # Note: This is the IP Address that clients should be configured to
11     # send STUN/TURN traffic to.
12     # Warning: If you are enabling RFC3489 backwards compatability
13     # (see AltStunAddress and AltStunPort settings), then do
14     # not leave this set to INADDR_ANY (0.0.0.0), place
15     # a valid IP address from a local NIC here.
16     TurnAddress = 0.0.0.0
17    
18     # Local UDP/TCP Port to bind base STUN/TURN transports to.
19     # Note: This is the port that clients should be configured to
20     # send STUN/TURN traffic over UDP and TCP.
21     TurnPort = 3478
22    
23     # Local TLS Port to bind base STUN/TURN transports to.
24     # Note: This is the port that clients should be configured to
25     # send STUN/TURN traffic over TLS.
26     TlsTurnPort = 5349
27    
28     # Local IP Address to bind the transports used in Classic Stun
29     # NAT type discovery. Note: This address is only required if
30     # you need Classic Stun (RFC3489) support.
31     # It must be different from the TurnAddress setting, and a valid
32     # local IP Address. Use 0.0.0.0 to disable RFC3489 backwards compatbility
33     # support.
34     # Note: The STUN/TURN Client should not be configured with this
35     # address anywhere. This address is discovered by clients
36     # in Binding responses that are sent to the TurnAddress.
37     AltStunAddress = 0.0.0.0
38    
39     # Local UDP Port to bind classic STUN (RFC3489) transports to.
40     # Set AltStunPort to 0 to disable any RFC3489 backwards compatibility,
41     # if you do not have a need to support the NAT type discovery procedures
42     # of RFC3489.
43     # Note: STUN/TURN Client should not be configured with this port anywhere.
44     # This port is discovered by clients in Binding responses that are
45     # sent to the TurnAddress/TurnPort.
46     AltStunPort = 0
47    
48    
49     ########################################################
50     # Logging settings
51     ########################################################
52    
53     # Logging Type: syslog|cerr|cout|file
54     LoggingType = file
55    
56     # Logging level: NONE|CRIT|ERR|WARNING|INFO|DEBUG|STACK
57     LoggingLevel = DEBUG
58    
59     # Log Filename
60     LogFilename = reTurnServer.log
61    
62     # Log file Max Size
63     LogFileMaxLines = 50000
64    
65    
66     ########################################################
67     # UNIX related settings
68     ########################################################
69    
70     # Must be true or false, default = false, not supported on Windows
71     Daemonize = false
72    
73     # On UNIX it is normal to create a PID file
74     # if unspecified, no attempt will be made to create a PID file
75     #PidFile = /var/run/reTurnServer/reTurnServer.pid
76    
77     # UNIX account information to run process as
78     #RunAsUser = return
79     #RunAsGroup = return
80    
81    
82     ########################################################
83     # Authentication settings
84     ########################################################
85    
86     # Authentication Realm for Long Term Passwords
87     AuthenticationRealm = reTurn
88    
89     ########################################################
90     # TURN Allocation settings
91     ########################################################
92    
93     NonceLifetime = 3600
94    
95     # The starting port number to use for TURN allocations.
96     # This number MUST be an even number, in order to ensure
97     # proper operation for allocation of RTP port pairs.
98     # Default: 49152 (start of the Dynamic and/or Private Port range
99     # - recommended by RFC)
100     AllocationPortRangeMin = 49152
101    
102     # The ending port number to use for TURN allocations.
103     # This number MUST be an odd number, in order to ensure
104     # proper operation for allocation of RTP port pairs.
105     # Default: 65535 (end of the Dynamic and/or Private Port range
106     # - recommended by RFC)
107     AllocationPortRangeMax = 65535
108    
109     # Default time (in seconds) that an allocation will expire if an allocation
110     # refresh request is not sent. Default is 600 (10 minutes).
111     DefaultAllocationLifetime = 600
112    
113     # Maximum time (in seconds) allowed that will be accepted in an allocation requests
114     # lifetime header (ie. between TURN allocation refreshes). If an allocation is
115     # received with a higher lifetime, then the response will be returned with this
116     # value instead. Default is 3600 (1 hour).
117     MaxAllocationLifetime = 3600
118    
119    
120     ########################################################
121     # SSL/TLS Certificate settings
122     ########################################################
123    
124     # TLS Server Certificate Filename (loaded from working directory)
125     # The PEM formated file that contains the private and public
126     # key of the certificate that will be presented to clients
127     # connecting over TLS.
128     TlsServerCertificateFilename = server.pem
129    
130     # TLS temporary Diffie-Hellman parameters file (loaded from working directory)
131     TlsTempDhFilename = dh512.pem
132    
133     # TLS server private key certificate password required to read
134     # from PEM file. Leave blank if key is not encrypted.
135     TlsPrivateKeyPassword =
136 dpocock 10208
137     # File containing user authentication data.
138     # The format of each line is:
139 Dpocock 10212 #
140     # login:password:realm:state
141     #
142     # Typically, the realm field must match the value of AuthenticationRealm
143     # defined above.
144     #
145     # The state field can be one of:
146     #
147     # authorized (user authorized)
148     # refused (user denied access)
149     # restricted (for when bandwidth limiting is implemented)
150     #
151     # This file format is interchangeable with TurnServer.org's user database
152     #
153 dpocock 10208 UserDatabaseFile = users.txt
154 Dpocock 10212

webmaster AT resiprocate DOT org
ViewVC Help
Powered by ViewVC 1.1.27