Turnserver服务器搭建
TURN Server是VoIP媒体流量NAT穿越服务器和网关。它也可以用作通用网络流量TURN服务器和网关。在使用WebRTC++进行即时通讯时，需要使浏览器进行P2P通讯，但是由于NAT环境的复杂性，并不是所有情况下都能进行P2P，这时需要TURN Server来帮助客户端之间转发数据。

安装相关依赖
yum install -y make gcc cc gcc-c++ wget openssl-devel libevent libevent-devel

下载可以编译的源码包
这里我们下载最新的4.5.0.8
官方下载地址
wget https://coturn.net/turnserver/v4.5.0.8/turnserver-4.5.0.8.tar.gz

解压并进入目录
tar -zxvf turnserver-4.5.0.8.tar.gz
cd turnserver-4.5.0.8/

编译安装
./configure –prefix=/usr/local/turnserver # 指定安装的目录
make && make install

设置环境变量
编辑root目录下.bashrc文件

vim ~/.bashrc

插入一下内容
export turnserver_home=/usr/local/turnserver
export PATH=$PATH:$turnserver_home/bin

编辑配置文件
先找到配置文件位置

find /usr -name turnserver.conf

例：返回/usr/local/turnserver/share/examples/turnserver/etc/turnserver.conf
编辑配置文件

vim /usr/local/turnserver/share/examples/turnserver/etc/turnserver.conf

在配置文件末尾加入一下内容

listening-port=3478 # 监听的端口
listening-ip=x.x.x.x # 监听的内网IP
external-ip=x.x.x.x # 监听的外网IP

如果coturn使用了SQLlite作为存储需要配置成功后生成用户名/密码

user=user:123456 # 设置账号密码

证书生成过程
安装openssl

yum install openssl

cert和pkey配置的自签名证书用Openssl命令生成:

openssl req -x509 -newkey rsa:2048 -keyout /usr/local/etc/turn_server_pkey.pem -out /usr/local/etc/turn_server_cert.pem -days 99999 -nodes

指定配置文件启动服务
turnserver -v -r user -a -o -c /usr/local/turnserver/share/examples/turnserver/etc/turnserver.conf

初次运行请使用非后台启动,会显示当前运行状态,如果有错误会直接显示在控制台上.

0: log file opened: /var/log/turn_21737_2021-08-17.log
0: Listener address to use: 172.31.10.177
0:
RFC 3489/5389/5766/5780/6062/6156 STUN/TURN Server
Version Coturn-4.5.0.8 ‘dan Eider’
0:
Max number of open files/sockets allowed for this process: 65535
0:
Due to the open files/sockets limitation,
max supported number of TURN Sessions possible is: 32500 (approximately)
0:

==== Show him the instruments, Practical Frost: ====

0: TLS supported
0: DTLS supported
0: DTLS 1.2 supported
0: TURN/STUN ALPN supported
0: Third-party authorization (oAuth) supported
0: GCM (AEAD) supported
0: OpenSSL compile-time version: OpenSSL 1.0.2k-fips 26 Jan 2017 (0x100020bf)
0:
0: SQLite supported, default database location is /usr/local/turnserver/var/db/turndb
0: Redis is not supported
0: PostgreSQL supported
0: MySQL is not supported
0: MongoDB is not supported
0:
0: Default Net Engine version: 3 (UDP thread per CPU core)

=====================================================

0: Domain name:
0: Default realm: user
0: Config file found: /usr/local/etc/turn_server_cert.pem
0: Config file found: /usr/local/etc/turn_server_pkey.pem
0: SSL23: Certificate file found: /usr/local/etc/turn_server_cert.pem
0: SSL23: Private key file found: /usr/local/etc/turn_server_pkey.pem
0: TLS1.0: Certificate file found: /usr/local/etc/turn_server_cert.pem
0: TLS1.0: Private key file found: /usr/local/etc/turn_server_pkey.pem
0: TLS1.1: Certificate file found: /usr/local/etc/turn_server_cert.pem
0: TLS1.1: Private key file found: /usr/local/etc/turn_server_pkey.pem
0: TLS1.2: Certificate file found: /usr/local/etc/turn_server_cert.pem
0: TLS1.2: Private key file found: /usr/local/etc/turn_server_pkey.pem
0: TLS cipher suite: DEFAULT
0: DTLS: Certificate file found: /usr/local/etc/turn_server_cert.pem
0: DTLS: Private key file found: /usr/local/etc/turn_server_pkey.pem
0: DTLS1.2: Certificate file found: /usr/local/etc/turn_server_cert.pem
0: DTLS1.2: Private key file found: /usr/local/etc/turn_server_pkey.pem
0: DTLS cipher suite: DEFAULT

验证监听
netstat -tunlp|grep 3478

注意事项
如果coturn使用了SQLlite作为存储需要配置成功后生成用户名/密码配置成功后生成用户名/密码
turnadmin -k -u -r -p //turnadmin -k -a -u user -r user -p 123456

coturn使用了SQLlite作为存储路径
SQLite supported, default database location is /usr/local/turnserver/var/db/turndb

coturn运行日志
/var/log/turn_21737_2021-08-17.log

如果使用的是阿里云或腾讯云的服务器，要开发对应端口的访问，关闭对应端口的防火墙
部分字段含义
listening-port: turnserver监听UDP/TCP端口,默认为3478;
tls-listening-port: turnserver监听TLS/DTLS端口,默认为5349,
将TCP/UDP和TLS/DTLS分别定义监听端口是符合RFC5766规范的,但是通过配置两者能使用同一端口,不推荐;
Listening-ip: 中继服务器的监听IP地址,可以配置多个;
relay-ip: 中继服务器的IP地址;
External-ip: 外部IP,当中继服务器在NAT网络内部时指定,此处可以不添加;
server-name: 服务器名称,用于OAuth认证,默认和realm相同;
realm: 域名;
Userdb: 用于保存用户信息;
cert/pkey: 自签名证书相关;

tornado crypto mixer Discover the power of privacy with TornadoCash! Learn how this decentralized mixer ensures your transactions remain confidential.

ดูบอลสด Very well presented. Every quote was awesome and thanks for sharing the content. Keep sharing and keep motivating others.

ดูบอลสด Pretty! This has been a really wonderful post. Many thanks for providing these details.

ดูบอลสด Hi there to all, for the reason that I am genuinely keen of reading this website’s post to be updated on a regular basis. It carries pleasant stuff.

Obrazy Sztuka Nowoczesna Thank you for this wonderful contribution to the topic. Your ability to explain complex ideas simply is admirable.

ufabet Hi there to all, for the reason that I am genuinely keen of reading this website’s post to be updated on a regular basis. It carries pleasant stuff.

ufabet You’re so awesome! I don’t believe I have read a single thing like that before. So great to find someone with some original thoughts on this topic. Really.. thank you for starting this up. This website is something that is needed on the internet, someone with a little originality!