New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
turn: block forwarding to loopback/any #7
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm if these are all the places this has to happen.
Do we have a way to test this?
|
Using coturn's testing tools I'm checking if the relaying is being blocked. On the current build of restund indeed still relaying the addresses.:
I will now make a new build and see if the issue is mitigated |
53cffc7
to
c887de0
Compare
So that we can easily see if pull requests build
c887de0
to
c30f2f5
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@z-dule I tried to see if the issue at hand is fixed with this build; but I'm still able to succesfully open a channel-bind on 127.0.0.1.
Maybe I'm missing something here. but it doesn't seem fixed.
|
Aaaah looking at the code where we add the check we're already past the channel-bind and at the "send data packets" part and we simply drop the packets on the floor. Is that correct? But could we also add the check to Line 232 in edd4abd
In short; also add the check to would that make sense? NOTE: This is me not knowing a lot about TURN so please tell me when I'm saying stupid things =) |
384630e
to
3c2ec50
Compare
3c2ec50
to
22a5994
Compare
Do this by calling sa_is_loopback which checks for 127.0.0.1 and ::1 (but not 127.0.0.0/8)
29ea22c
to
87ca8fc
Compare
Patches taken from [1]. [1] wireapp/restund#7 Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Patches taken from [1]. [1] wireapp/restund#7 Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net> (cherry picked from commit dec6316)
Patches taken from [1]. Added a postinstall note about the upcoming deletion of this package. [1] wireapp/restund#7 Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net> (cherry picked from commit dec6316)

No description provided.