Hi there, apologies if this question has been answered, but could not find it. We are wondering if it is possible to implement some JS code that would be able to intercept, transform, or filter data channel traffic. In our case, our server is an authoritative game server and it would be fantastic to be able to inject custom logic to, for example, authorize certain data channel messages before sending them onto the consumers. Is there any facility to do this in the SFU C++ IPC APIs? It seems not possible in the existing client JS, but if its fundamentally possible via the SFU we could work on trying to implement the new client APIs. Thanks!
Ah I did find a little integration test of SCTP over UDP doing raw SCTP traffic, but in that case I believe the test is acting as a ‘peer’ to the SFU library. Perhaps using data producer/data consumer over UDP on the server side is the proper method vs IPC? And in that case, the end-user browser clients just connecting to the same router, but not consuming directly from the other peer producers, but instead from a server generated producer that just unions all the messages?
Not sure if I understand properly, so correct me if I am wrong:
You want your peers to communicate over data channels using mediasoup (which you control - both server and client), but you want to intercept, transform or filter the data that passes through these channels.
This seems like application layer logic. One way to achieve it (on the server side) would be to make the peers consume some channels that you monitor. In those channels you inject the “legal” data from the peers channels, restrict it or do whatever you want. The peers will never directly consume other peers channels.
Yep, that makes sense. What actual transport (eg UDP, IPC) and relevant JS library abstractions would be the ideal ones to use for that scenario? This is very exciting if possible to do with existing code!
Transport is irrelevant here, choose whatever fits best your use case.
Not sure about what you mean with the libraries.
You still need to write code: your application layer logic.
Gotcha. Concretely, I found this example: https://github.com/versatica/mediasoup/blob/v3/test/test-node-sctp.js
It is possible to do that same kind of orchestration of SCTP messaging over UNIX sockets with the local SFU process, vs a UDP connection? Probably not a huge deal, but I suspect that would be an efficiency win.
Also thanks for the quick responses!
I don’t understand what you’re trying to do with the UNIX sockets here.
Please explain in more detail, ideally step by step, what you’re trying to do.
Sure. We are implementing an online game and would like to have users use WebRTC data channels as the transport mechanism for the game networking, which would be sent to a central server. The messages users send to the server need to be authorized and potentially transformed. For example, if a user wants to create an object in the virtual room, the server needs to check their permission before sending the ‘create object’ message onto other users.
So basically the idea would be to create a node.js server similar to the basic mediasoup examples to enable a data channel SFU. However, unlike a naive SFU, this node.js server would also need to have code that runs against every incoming data channel message from users, to process it, authorize it, etc, before it is published to the end users consuming this traffic.
Also please read the doc. What you need can be implemented (today) using node-sctp as documented in the mediasoup website and implemented in the mediasoup-demo project
Thanks. I’ve been looking at the docs, code, and the minimal SFU example but did not get to the full rich demo code. Appreciate the reference!
Mediasoup website -> GitHub section.
Hi, I’ve been reading through the documentation and what you said doesn’t make sense or my problem is different.
I’m trying to add abuse protection mechanisms such as per user chat message limiting using Data Channels. Can you point me to an example of how to do this or provide some guidance?
You basically need to:
- Create a DirectTransport on the router in order to have direct communication between the Node application and the worker.
- Create the DataProducer on the corresponding peer’s Transport.
- Consume such DataProducer on the DirectTransport, solely.
This way you get all the messages sent by the peer to the Node application via the direct transport. You can there inspect/drop/modify the messages before forwarding them to the rest of the peers, which you need to do explicitly.
Iñaki already pointed you to the implementation of the DirectTransport and a current usage in mediasoup-demo. You can find more info in the docs.