Closed Alozxy closed 2 years ago
Hey, thanks for raising this, I will look into it in a week or two. I'm also happy to guide any contributions if you're up for it.
On a side note, what is your use case for TCP STUN servers? I've always thought of them as rather useless, since punching a TCP hole through NAT is very rarely successful these days. Do you need it purely for NAT detection in networks that ban UDP traffic?
Actually, I found a way to greatly increase the success rate of tcp traversal in full cone nat, with some additional measures. Use a client with a fixed local port to send packets to another server constantly (in this case is the stun client and the stun server), which will keep the nat mapping of the local port open. So, the external port is the equivalent of an open port on the public network. Using the REDIRECT target of iptables to forward inbound traffic to any other local port, which is also the equivalent of being exposed on the public network. UDP can certainly be used in this way, but it is more practical to expose a tcp port to the public network.
Hey, just to let you know that I haven't forgotten about your request, it's just that the STUN client I'm using doesn't support TCP, so I decided to build my own one, and it's taking some time
@Alozxy done
Only a few servers support tcp protocol, for example, stun.mixvoip.com:3478. Hope to add a list of whether the server supports stun over tcp protocol. Thank you.