How can I block websocket protocol with pfsense?
-
I've seen some corporate on-prem networks block websockets protocol and I'd like to create a test lab with pfsense configured in such a way. How can I block websockets? I've searched and can't seem to find a way to do this.
-
You could probably block it with Snort given enough tuning. Snort was triggering on that anyway at one time.
Possibly OpenAppID though I don't see a definition for that.
Steve
-
Websocket runs over standard HTTP/S connection, so your only option is DPI systems.
Snort and, probably, Squid (denying Upgrade request).