搭建turnserver

参考文件：

http://blog.csdn.net/kl222/article/details/20145423

为什么要搭建TURN服务器？

　　因为我们编写的sip客户端再和南瑞的sip服务器进行通信的时候，中间经过一个安全平台，这个安全平台具有NAT和防火墙功能。RTP和RTCP包传递不了。所以要增加一个TURN服务器。同时在sip客户端侧要实现TURN客户端功能。

搭建TURN服务器的步骤：

要安装两个软件 libConfuse和TURN server

1，下载

　　别人说通过svn和git方式下载，但是这个地址都下载不下来，提示地址错误。我是在windows下访问下面的两个网站，直接下载的文件。

官网：http://turnserver.sourceforge.net/

官网: http://www.nongnu.org/confuse/

下载的两个文件如下：

confuse-2.7.tar.gz

turnserver-0.7.3.tar.bz2

2，传输

我在windows下面使用的是xshell，  配置xshell下面的ZMODEM的上传和下载目录，就可以使用rz命令向CentOS主机传输文件了。

我是在根目录下创建了一个turnserver目录。

mkdir turnserver

3，解压

tar -xzvf confuse-2.7.tar.gz

tar -jxvf turnserver-0.7.3.tar.bz2

解压后的目录如下：

4，编译安装confuse-2.7

cd confuse-2.7

./configure //这里不要指定目录，使用默认目录进行安装。默认是安装在/usr/local目录下面。

make

sudo make install

没有报错，安装成功。

5，编译安装turnserver-0.7.3

cd turnserver-0.7.3

./configure //这里不要指定目录，使用默认目录进行安装。默认是安装在/usr/local目录下面。

make

sudo make install

这两个只所以没有指定安装目录是因为设置了安装目录后，再安装turnserver的时候，提示前面的confuse没有安装。

6，熟悉、建立、修改配置文件。

6.1 在turnserver源码根目录下的extra目录下有配置模板可以参考。

turnserver.fedora.initd #fedora平台的启动脚本

turnserver.spec         #fedora平台的启动脚本

turnserver.debian.initd #debian平台的启动脚本

turnserver.conf.template#配置文件

turnusers.txt.template  #用户名、密码配置文件

6.2  建立配置文件：

[hy@localhost-turnserver]$ cd extra/

[hy@localhost-extra]$ cp turnserver.conf.template /usr/local/etc/turnserver.conf

[hy@localhost-extra]$ cp turnusers.txt.template /usr/local/etc/turnusers.txt

[hy@localhost-extra]$ cd /usr/local/etc

6.3修改配置文件

cd /usr/local/etc

chmod 777 turnserver.conf

chmod 777 turnusers.txt

 

vi turnserver.conf

listen_address = {"183.62.225.76" }           #把对应公网网卡的IP地址写入(如果公网地址是用镜像的,则用镜像的那个IP地址)，一般只要改这个配置，其它的用默认值就可以了。

## Account method.

account_method = "file"                        #配置账户数据为文件

## Account file (if account_method = file).

account_file ="/usr/local/etc/turnusers.txt" #指定账户文件位置

[root@rlnf-76etc]# vi turnusers.txt

foo:bar:domain.org:authorized

用户名：密码：领域：需要验证的

领域的值应与配置文件(turnserver.conf)中的

## Realm value.
realm = "domain.org"

的值相同.这个值用于密码确认的.

7，启动turnserver

[root@rlnf-76etc]# cd ../sbin

[root@rlnf-76sbin]# ./turnserver -c /usr/local/etc/turnserver.conf

8   启动回显服务：

在服务器上启动回显测试服务端程序:

[root@rlnf-76bin]# ./test_echo_server

UDP Echo server started on port 4588

9     测试服务器是否正常

在其它机器上(客户机器)启动测试程序：

rdc@rdc-Virtual-Machine:/home/turnserver/src$./test_turn_client -t udp -s 183.62.225.76 -p 183.62.225.76 -w 4588 -u foo -g 1234-d domain.org  

Protocol: udp (17) use TLS: 0.

sock: 3 speer: (nil) connected!

Send Allocate request.

Send Allocate request.

Probably wrong credentials or requestedfamily not supported.

这个是说权限错误，一般是用户或密码不对。修改用户和密码，再次运行：

rdc@rdc-Virtual-Machine:/home/turnserver/src$./test_turn_client -t udp -s 183.62.225.76 -p 183.62.225.76 -w 4588 -u foo -gbar -d domain.org

Protocol: udp (17) use TLS: 0.

sock: 3 speer: (nil) connected!

Send Allocate request.

Send Allocate request.

Allocate an address!

Send CreatePermission request.

Permission installed!

Send Send indication.

Receive data: 1024

Send CreatePermission request.

Channel bound to 16393.

Send ChannelData.

Received ChannelData: 1024 bytes

Send Refresh request.

Cleanup and exit.

10    服务端打印的日志：

::26.632297 [turnserver_main:]  Received UDP on listening address

::26.632336[turnserver_listen_recv:]   Nomessage integrity

::26.636506 [turnserver_main:]  Received UDP on listening address

::26.636534[turnserver_listen_recv:]   OK basicvalidation are done, process the TURN message

::26.636546 [turnserver_process_turn:]  Process a TURN message

::26.636559[turnserver_process_allocate_request:]     Allocate request received!

::26.636573[turnserver_process_allocate_request:]     lifetime:  seconds

::26.636667 [turnserver_process_allocate_request:]      Account foo, allocations used: 

::26.636719[turnserver_process_allocate_request:]     Allocation successful, send success allocate response

::26.640733 [turnserver_main:]  Received UDP on listening address

::26.640758[turnserver_listen_recv:]   OK basicvalidation are done, process the TURN message

::26.640770[turnserver_process_turn:]  Process aTURN message

::26.640781[turnserver_process_createpermission_request:]      CreatePermission request received

::26.640807[turnserver_process_createpermission_request:]      Install permission for 183.62.225.76 

::26.640828[turnserver_process_createpermission_request:]      CreatePermission successful, send successCreatePermission response

::26.645088 [turnserver_main:]  Received UDP on listening address

::26.645110[turnserver_listen_recv:]   OK basicvalidation are done, process the TURN message

::26.645121[turnserver_process_turn:]  Process aTURN message

::26.645131[turnserver_process_send_indication:]      Send indication received!

::26.645143[turnserver_check_bandwidth_limit:] Tokendown bucket available: , tokens requested: 

::26.645154[turnserver_process_send_indication:]      Will not set DF flag

::26.645166[turnserver_process_send_indication:]      Send data to peer

::26.645224 [turnserver_main:]  Received UDP on a relayed address

::26.645241[turnserver_check_bandwidth_limit:] Tokenup bucket available: , tokens requested: 

::26.645314[turnserver_relayed_recv:]  Send datato client

::26.649140 [turnserver_main:]  Received UDP on listening address

::26.649165[turnserver_listen_recv:]   OK basicvalidation are done, process the TURN message

::26.649177[turnserver_process_turn:]  Process aTURN message

::26.649187[turnserver_process_channelbind_request:]  ChannelBind request received!

::26.649199[turnserver_process_channelbind_request:]  Client request a ChannelBinding for 183.62.225.76 

::26.649234[turnserver_process_channelbind_request:]  ChannelBind successful, send success ChannelBind response

::26.653515 [turnserver_main:]  Received UDP on listening address

::26.653532[turnserver_process_channeldata:]  ChannelData received!

::26.653544[turnserver_check_bandwidth_limit:] Tokendown bucket available: , tokens requested: 

::26.653557[turnserver_process_channeldata:]  Send ChannelData to peer

::26.653596 [turnserver_main:]  Received UDP on a relayed address

::26.653611[turnserver_check_bandwidth_limit:] Tokenup bucket available: , tokens requested: 

::26.653623[turnserver_relayed_recv:]  Send datato client

::26.657563 [turnserver_main:]  Received UDP on listening address

::26.657586[turnserver_listen_recv:]   OK basicvalidation are done, process the TURN message

::26.657598[turnserver_process_turn:]  Process aTURN message

::26.657608[turnserver_process_refresh_request:]      Refresh request received!

::26.657618[turnserver_process_refresh_request:]      lifetime:  seconds

::26.657664[turnserver_process_refresh_request:]      Account foo, allocations used: 

::26.657677[turnserver_process_refresh_request:]      Explicit delete of allocation

::26.657692[turnserver_process_refresh_request:]      Refresh successful, send success refresh response

服务端打印的日志