diff options
| author | Matthew Wild <mwild1@gmail.com> | 2022-03-05 20:34:58 +0000 |
|---|---|---|
| committer | Matthew Wild <mwild1@gmail.com> | 2022-03-05 20:34:58 +0000 |
| commit | 046b4085cbaa221c007b21fc93fa11bea3657f17 (patch) | |
| tree | 58b1da9aaad313ce65173e8ee9a48f9de2f0d988 | |
| parent | f7adea50405a26cd92ee43ee1c6d124d1d7bde19 (diff) | |
| download | prosody-046b4085cbaa221c007b21fc93fa11bea3657f17.tar.gz prosody-046b4085cbaa221c007b21fc93fa11bea3657f17.zip | |
prosodyctl: check turn: Add check for private IP returned from STUN.
| -rw-r--r-- | util/prosodyctl/check.lua | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/util/prosodyctl/check.lua b/util/prosodyctl/check.lua index 7400ba07..56c2c3f8 100644 --- a/util/prosodyctl/check.lua +++ b/util/prosodyctl/check.lua @@ -63,6 +63,7 @@ end local function check_turn_service(turn_service, ping_service) local stun = require "net.stun"; + local ip = require "util.ip"; -- Create UDP socket for communication with the server local sock = assert(require "socket".udp()); @@ -103,6 +104,9 @@ local function check_turn_service(turn_service, ping_service) result.error = "STUN server did not return an address"; return result; end + if ip.new_ip(result.external_ip.address).private then + table.insert(result.warnings, "STUN returned a private IP! Is the TURN server behind a NAT and misconfigured?"); + end -- Send a TURN "allocate" request. Expected to fail due to auth, but -- necessary to obtain a valid realm/nonce from the server. |