From 763889ae45efa4dc3ded6473c950487c73ab168b Mon Sep 17 00:00:00 2001 From: Simon Eisenmann Date: Fri, 26 Aug 2016 17:59:23 +0200 Subject: [PATCH] Add script to block UDP for TURN testing Use this script for TURN testing. Make sure Spreed WebRTC has a TURN server configured which also supports tcp. Make a call and check chrome://webrtc-internals or about:webrtc to see if TURN is actually in use (also make sure that audio and video is coming through in both directions). https://github.com/strukturag/docker-webrtc-turnserver/issues/5 --- doc/turn/block-udp-for-turn-test.sh | 51 +++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100755 doc/turn/block-udp-for-turn-test.sh diff --git a/doc/turn/block-udp-for-turn-test.sh b/doc/turn/block-udp-for-turn-test.sh new file mode 100755 index 00000000..54f457bf --- /dev/null +++ b/doc/turn/block-udp-for-turn-test.sh @@ -0,0 +1,51 @@ +#!/bin/sh +# +# This script blocks all outbound and inbound DNS except DNS. If all UDP is +# blocked, the only way to do a peer to peer connection is with a TURN server +# which supports tcp. +# +# NOTE: this script requires Linux and must be run as root/sudo. +# +# (c)2016 struktur AG +# http://www.struktur.de + +set -e +RETVAL=0 + +run() { + set -x + local mode=$1 + iptables $mode INPUT -p udp --sport 53 -j ACCEPT + iptables $mode INPUT -p udp --dport 53 -j ACCEPT + iptables $mode OUTPUT -p udp --sport 53 -j ACCEPT + iptables $mode OUTPUT -p udp --dport 53 -j ACCEPT + + iptables $mode INPUT -p udp -j DROP + iptables $mode OUTPUT -p udp -j DROP + set +x +} + +start() { + run -A +} + +stop() { + set +e + run -D + set -e +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + *) + echo "Usage: $0 [start|stop]" + RETVAL=1 + ;; +esac + +exit $RETVAL