5 jaren geleden · 2f841fab73
--- a/doc/debian/jitsi-meet-turn/turnserver.conf
+++ b/doc/debian/jitsi-meet-turn/turnserver.conf
@@ -5,7 +5,10 @@ static-auth-secret=__turnSecret__
 
				
				 realm=jitsi-meet.example.com
			
 
				
				 cert=/etc/jitsi/meet/jitsi-meet.example.com.crt
			
 
				
				 pkey=/etc/jitsi/meet/jitsi-meet.example.com.key
			
 
				
				-
			
 
				
				+no-multicast-peers
			
 
				
				+no-cli
			
 
				
				+no-loopback-peers
			
 
				
				+no-tcp-relay
			
 
				
				 no-tcp
			
 
				
				 listening-port=4446
			
 
				
				 tls-listening-port=4445
			
@@ -14,5 +17,19 @@ no-tlsv1
 
				
				 no-tlsv1_1
			
 
				
				 # https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4
			
 
				
				 cipher-list=ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
			
 
				
				-
			
 
				
				+denied-peer-ip=0.0.0.0-0.255.255.255
			
 
				
				+denied-peer-ip=10.0.0.0-10.255.255.255
			
 
				
				+denied-peer-ip=100.64.0.0-100.127.255.255
			
 
				
				+denied-peer-ip=127.0.0.0-127.255.255.255
			
 
				
				+denied-peer-ip=169.254.0.0-169.254.255.255
			
 
				
				+denied-peer-ip=127.0.0.0-127.255.255.255
			
 
				
				+denied-peer-ip=172.16.0.0-172.31.255.255
			
 
				
				+denied-peer-ip=192.0.0.0-192.0.0.255
			
 
				
				+denied-peer-ip=192.0.2.0-192.0.2.255
			
 
				
				+denied-peer-ip=192.88.99.0-192.88.99.255
			
 
				
				+denied-peer-ip=192.168.0.0-192.168.255.255
			
 
				
				+denied-peer-ip=198.18.0.0-198.19.255.255
			
 
				
				+denied-peer-ip=198.51.100.0-198.51.100.255
			
 
				
				+denied-peer-ip=203.0.113.0-203.0.113.255
			
 
				
				+denied-peer-ip=240.0.0.0-255.255.255.255
			
 
				
				 syslog