µMurmur

µMurmur or uMurmur is a minimalistic Mumble (software) server primarily targeted to run on embedded devices with an open OS like OpenWrt.

Project page for more info and most up-to-date documentation at http://code.google.com/p/umurmur/

Preparation

Prerequisites

So far there are two uMurmur packages available in the repos, one compiled against the PolarSSL library and one against the OpenSSL library. The PolarSSL variant needs less storage and less RAM:

opkg info umurmur-polarssl
opkg info umurmur-openssl

Firewall: The default ports are 64738 tcp and 64738 udp. open them up in /etc/config/firewall.

Required Packages

The following list specifies package versions for latest stable release of OpenWRT. At time of writing Backfire 10.03.1.

Server (OpenWrt)

Name Version Size Description
umurmur-polarssl 0.2.6-1 39696 Minimalistic Mumble server daemon. Uses the PolarSSL library for SSL and crypto.
libpolarssl 0.14.3-1 95679 Embedded SSL (library)
libconfig 1.4.7-1 19143 Libconfig is a simple library for manipulating structured configuration files. This file format is more compact and more readable than XML. And unlike XML, it is type-aware, so it is not necessary to do string parsing in application code. Libconfig is very compact – just 38K for the stripped C shared library (less than one-fourth the size of the expat XML parser library) and 66K for the stripped C++ shared library. This makes it well-suited for memory-constrained systems like handheld devices.
Name Version Size Description
umurmur-openssl 0.2.6-1 40391 Minimalistic Mumble server daemon. Uses OpenSSL library for SSL and crypto.
libopenssl 0.9.8r-1 510041 The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. This package contains the OpenSSL shared libraries, needed by other programs.
libconfig 1.4.7-1 19143 Libconfig is a simple library for manipulating structured configuration files. This file format is more compact and more readable than XML. And unlike XML, it is type-aware, so it is not necessary to do string parsing in application code. Libconfig is very compact – just 38K for the stripped C shared library (less than one-fourth the size of the expat XML parser library) and 66K for the stripped C++ shared library. This makes it well-suited for memory-constrained systems like handheld devices.

Client (your PC)

On Linux you need to install the mumble package, like this one. On Windows or MacOSX you have to download it: http://mumble.sourceforge.net/.

Note that uMurmur version 0.2.x is compatible with Mumble version 1.2.x series. Mumble version 1.1.x series is not compatible.

Installation

Example using shell access:

opkg install umurmur-polarssl
vi /etc/umurmur.conf
/etc/init.d/umurmur enable
/etc/init.d/umurmur start
logread
Check log output that the uMurmurd started up OK.

open port 64738 for TCP and UDP in /etc/config/firewall.

vi /etc/config/firewall
/etc/init.d/firewall reload
You should now be able to connect via the mumble protocol.

Configuration

cat /etc/umurmur.conf

max_bandwidth = 48000; welcometext = "Welcome to uMurmur!"; certificate = "/etc/umurmur/cert.crt"; private_key = "/etc/umurmur/key.key"; password = ""; max_users = 10; # Root channel must always be defined first. # If a channel has a parent, the parent must be defined before the child channel(s). channels = ( { name = "Root"; parent = ""; description = "The Root of all channels"; }, { name = "Lobby"; parent = "Root"; description = "Lobby channel"; }, { name = "Red team"; parent = "Lobby"; description = "The Red team channel"; }, { name = "Blue team"; parent = "Lobby"; description = "The Blue team channel"; } ); # Channel links configuration. channel_links = ( { source = "Lobby"; destination = "Red team"; }, { source = "Lobby"; destination = "Blue team"; } ); default_channel = "Lobby";

Start on boot

To enable/disable start on boot: /etc/init.d/umurmur enable this simply creates a symlink to umurmur in "/etc/rc.d/" /etc/init.d/umurmur disable this removes the symlink again

Administration

There is no privilege system implemented in uMurmur version < 0.2.10 meaning that users cannot be kicked, banned or muted by other users. If you have a need for this kind of functionality the options are:

  • Set a server password
  • Add the IP of misbehaving users to your firewall.

Since uMurmur 0.2.10 there is a password based administration scheme. A package is available in OpenWRT trunk. For this to work you'd need to install the dependencies from trunk as well if you are running Backfire.

Troubleshooting

The most common error is the firewall. Double check connection problems with

iptables -n -v
and check those counters.

If users cannot connect and you get this error in the log

WARN: SSL handshake failed: -28672
you're probably running Backfire 10.03.1-rc4 with Polarssl 0.14. Upgrade to Backfire 10.03.1-RC5 or later.

Notes

  1. Read about certificates in general. Do it! Public key certificate
  2. enlighten your friends, there is no point in security if not all users understand the principle of operation

Back to top

doc/howto/umurmur.txt · Last modified: 2012/06/25 20:51 by fatbob