Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How can I block websocket protocol with pfsense?

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 3 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      suaroman
      last edited by

      I've seen some corporate on-prem networks block websockets protocol and I'd like to create a test lab with pfsense configured in such a way.  How can I block websockets?  I've searched and can't seem to find a way to do this.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        You could probably block it with Snort given enough tuning. Snort was triggering on that anyway at one time.

        Possibly OpenAppID though I don't see a definition for that.

        Steve

        1 Reply Last reply Reply Quote 0
        • S
          Soyokaze
          last edited by

          Websocket runs over standard HTTP/S connection, so your only option is DPI systems.
          Snort and, probably, Squid (denying Upgrade request).

          Need full pfSense in a cloud? PM for details!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.