diff --git a/cmd/derper/derper.go b/cmd/derper/derper.go index a2bb59606..5513a2062 100644 --- a/cmd/derper/derper.go +++ b/cmd/derper/derper.go @@ -39,7 +39,8 @@ var ( dev = flag.Bool("dev", false, "run in localhost development mode") addr = flag.String("a", ":443", "server HTTPS listen address, in form \":port\", \"ip:port\", or for IPv6 \"[ip]:port\". If the IP is omitted, it defaults to all interfaces.") - httpPort = flag.Int("http-port", 80, "The port on which to serve HTTP. Set to -1 to disable") + httpPort = flag.Int("http-port", 80, "The port on which to serve HTTP. Set to -1 to disable. The listener is bound to the same IP (if any) as specified in the -a flag.") + stunPort = flag.Int("stun-port", 3478, "The UDP port on which to serve STUN. The listener is bound to the same IP (if any) as specified in the -a flag.") configPath = flag.String("c", "", "config file path") certMode = flag.String("certmode", "letsencrypt", "mode for getting a cert. possible options: manual, letsencrypt") certDir = flag.String("certdir", tsweb.DefaultCertDir("derper-certs"), "directory to store LetsEncrypt certs, if addr's port is :443") @@ -212,7 +213,7 @@ func main() { debug.Handle("traffic", "Traffic check", http.HandlerFunc(s.ServeDebugTraffic)) if *runSTUN { - go serveSTUN(listenHost) + go serveSTUN(listenHost, *stunPort) } httpsrv := &http.Server{ @@ -322,8 +323,8 @@ func probeHandler(w http.ResponseWriter, r *http.Request) { } } -func serveSTUN(host string) { - pc, err := net.ListenPacket("udp", net.JoinHostPort(host, "3478")) +func serveSTUN(host string, port int) { + pc, err := net.ListenPacket("udp", net.JoinHostPort(host, fmt.Sprint(port))) if err != nil { log.Fatalf("failed to open STUN listener: %v", err) }