/[resiprocate]/main/reTurn/reTurnServer.config
ViewVC logotype

Contents of /main/reTurn/reTurnServer.config

Parent Directory Parent Directory | Revision Log Revision Log


Revision 10864 - (show annotations) (download)
Mon Jan 13 22:07:48 2014 UTC (5 years, 10 months ago) by Dpocock
File size: 8449 byte(s)
reTurn: reTurnServer.config: fix typo
1 ########################################################
2 # reTurnServer configuration file
3 ########################################################
4
5 # Software name to include in STUN messages
6 # Set this to an empty string to reveal no software
7 # name information in STUN messages.
8 # Default: reTURNServer (RFC5389)
9 # The default also includes the software version on
10 # those platforms where PACKAGE_VERSION is defined
11 # at compile time.
12 #SoftwareName =
13
14 # Whether or not to pad the SoftwareName value to
15 # a multiple of four bytes for compatibility with
16 # legacy clients. Default: true
17 #PadSoftwareName = true
18
19 ########################################################
20 # Transport settings
21 ########################################################
22
23 # Local IP Address to bind base STUN/TURN transports to.
24 # Note: This is the IP Address that clients should be configured to
25 # send STUN/TURN traffic to.
26 # Warning: If you are enabling RFC3489 backwards compatability
27 # (see AltStunAddress and AltStunPort settings), then do
28 # not leave this set to INADDR_ANY (0.0.0.0), place
29 # a valid IP address from a local NIC here.
30 TurnAddress = 0.0.0.0
31
32 # Local IPv6 Address to bind base STUN/TURN transports to.
33 # Note: This is the IP Address that IPv6 clients should be configured to
34 # send STUN/TURN traffic to.
35 # Not currently supported with RFC3489 backwards compatability
36 TurnV6Address = ::0
37
38 # Local UDP/TCP Port to bind base STUN/TURN transports to.
39 # Note: This is the port that clients should be configured to
40 # send STUN/TURN traffic over UDP and TCP.
41 # reTurn will always bind on this port using both UDP and TCP.
42 TurnPort = 3478
43
44 # Local TLS Port to bind base STUN/TURN transports to.
45 # Note: This is the port that clients should be configured to
46 # send STUN/TURN traffic over TLS.
47 # Set this to 0 to disable TLS support.
48 # The default port for STUN over TLS is 5349
49 # It is often necessary to use port 443 instead so that
50 # users can connect through a HTTP proxy that only allows
51 # traffic that appears to be going to a HTTPS server.
52 TlsTurnPort = 5349
53
54 # Local IP Address to bind the transports used in Classic Stun
55 # NAT type discovery. Note: This address is only required if
56 # you need Classic Stun (RFC3489) support.
57 # It must be different from the TurnAddress setting, and a valid
58 # local IP Address. Use 0.0.0.0 to disable RFC3489 backwards compatbility
59 # support.
60 # Note: The STUN/TURN Client should not be configured with this
61 # address anywhere. This address is discovered by clients
62 # in Binding responses that are sent to the TurnAddress.
63 AltStunAddress = 0.0.0.0
64
65 # Local UDP Port to bind classic STUN (RFC3489) transports to.
66 # Set AltStunPort to 0 to disable any RFC3489 backwards compatibility,
67 # if you do not have a need to support the NAT type discovery procedures
68 # of RFC3489.
69 # Note: STUN/TURN Client should not be configured with this port anywhere.
70 # This port is discovered by clients in Binding responses that are
71 # sent to the TurnAddress/TurnPort.
72 AltStunPort = 0
73
74
75 ########################################################
76 # Logging settings
77 ########################################################
78
79 # Logging Type: syslog|cerr|cout|file
80 LoggingType = file
81
82 # Logging level: NONE|CRIT|ERR|WARNING|INFO|DEBUG|STACK
83 LoggingLevel = DEBUG
84
85 # Log Filename
86 LogFilename = reTurnServer.log
87
88 # Log file Max Size
89 LogFileMaxLines = 50000
90
91
92 ########################################################
93 # UNIX related settings
94 ########################################################
95
96 # Must be true or false, default = false, not supported on Windows
97 Daemonize = false
98
99 # On UNIX it is normal to create a PID file
100 # if unspecified, no attempt will be made to create a PID file
101 #PidFile = /var/run/reTurnServer/reTurnServer.pid
102
103 # UNIX account information to run process as
104 #RunAsUser = return
105 #RunAsGroup = return
106
107
108 ########################################################
109 # Authentication settings
110 ########################################################
111
112 # Authentication Realm for Long Term Passwords
113 AuthenticationRealm = reTurn
114
115 # File containing user authentication data.
116 # The format of each line is:
117 #
118 # login:password:realm:state
119 #
120 # Typically, the realm field must match the value of AuthenticationRealm
121 # defined above.
122 #
123 # The state field can be one of:
124 #
125 # authorized (user authorized)
126 # refused (user denied access)
127 # restricted (for when bandwidth limiting is implemented)
128 #
129 # This file format is interchangeable with TurnServer.org's user database
130 #
131 UserDatabaseFile = users.txt
132
133 # Hashed passwords in the user database file
134 # This option specifies whether the passwords are plain text
135 # or hashed with the scheme H(A1)
136 #
137 # When hashed passwords are enabled by this configuration setting,
138 # the values in the password column are the MD5 hash
139 # represented in hexadecimal
140 #
141 # To create a hashed password for the following credentials:
142 #
143 # user: bob
144 # realm: example.org
145 # password: foobar
146 #
147 # you can issue a command such as:
148 #
149 # echo -n bob:example.org:foobar | md5sum
150 #
151 # WARNING: the hashing scheme prevents recovery of the plain text
152 # password. However, H(A1) hash values must still be kept
153 # secret as they can be used to impersonate the user.
154 # Therefore, the user database file should always be readable
155 # only by the reTurn process and no other regular users.
156 #
157 UserDatabaseHashedPasswords = false
158
159 # How frequently to check the user database file for changes
160 # Set to 0 to only load the file once at startup
161 # Default = 60 seconds
162 UserDatabaseCheckInterval = 60
163
164 ########################################################
165 # TURN Allocation settings
166 ########################################################
167
168 NonceLifetime = 3600
169
170 # The starting port number to use for TURN allocations.
171 # This number MUST be an even number, in order to ensure
172 # proper operation for allocation of RTP port pairs.
173 # Default: 49152 (start of the Dynamic and/or Private Port range
174 # - recommended by RFC)
175 AllocationPortRangeMin = 49152
176
177 # The ending port number to use for TURN allocations.
178 # This number MUST be an odd number, in order to ensure
179 # proper operation for allocation of RTP port pairs.
180 # Default: 65535 (end of the Dynamic and/or Private Port range
181 # - recommended by RFC)
182 AllocationPortRangeMax = 65535
183
184 # Default time (in seconds) that an allocation will expire if an allocation
185 # refresh request is not sent. Default is 600 (10 minutes).
186 DefaultAllocationLifetime = 600
187
188 # Maximum time (in seconds) allowed that will be accepted in an allocation requests
189 # lifetime header (ie. between TURN allocation refreshes). If an allocation is
190 # received with a higher lifetime, then the response will be returned with this
191 # value instead. Default is 3600 (1 hour).
192 MaxAllocationLifetime = 3600
193
194
195 ########################################################
196 # SSL/TLS Certificate settings
197 ########################################################
198
199 # TLS Server Certificate Filename (loaded from working directory)
200 # The PEM formated file that contains the server certificate.
201 # If the CA supplies an intermediate certificate chain, those
202 # certificates should also be appened to this file.
203 # The private key may optionally be included in this file
204 # or in a separate key file specified by TlsServerPrivateKeyFilename
205 TlsServerCertificateFilename = server.pem
206
207 # TLS Server Private Key Filename (loaded from working directory)
208 # The PEM formated file that contains the private key of the certificate
209 # that will be presented to clients connecting over TLS.
210 # If not specified, reTurn will also try to find the private key
211 # in the file specified by TlsServerCertificateFilename
212 TlsServerPrivateKeyFilename = server-key.pem
213
214 # TLS temporary Diffie-Hellman parameters file (loaded from working directory)
215 # Can be generated with the command:
216 #
217 # openssl dhparam -outform PEM -out dh512.pem 512
218 #
219 TlsTempDhFilename = dh512.pem
220
221 # TLS server private key certificate password required to read
222 # from PEM file. Leave blank if key is not encrypted.
223 TlsPrivateKeyPassword =
224
225

webmaster AT resiprocate DOT org
ViewVC Help
Powered by ViewVC 1.1.27