Mozilla.org defines WebSockets as the following: The WebSocket API is an advanced technology that makes it possible to open a two-way interactive communication session between the user's browser and a server. With this API, you can send messages to a server and receive event-driven responses without having to poll the server for a reply. (https://developer.mozilla.org/en-US/docs/Web/API/WebSockets_API)
WebSocket uptake is relatively slow. However, some websites do use this protocol and this does sometimes have issues when the traffic goes through the Web Filter.
The following steps discuss what is needed to ensure that WebSocket traffic works through the Smoothwall as expected.
- Create a new category which to store the WebSocket domains. Go to Guardian -> Policy Object -> Categories.
- Enter a name for the new category. For example, Websocket.
- Enter the Domains or Subdomains that use WebSockets into Domain/URL filtering and click Save.
- Go to Guardian -> HTTPS Inspection -> Policy Wizard and enter the following options:
- Who: Everyone*
- What: Websocket
- Where: Everywhere*
- When: Always
- Action: Do no inspect
*Change as appropriate
- Make sure Enable Policy is selected and click Confirm.
- Move the newly created policy above any policies for 'Decrypt and Inspect'.
NOTE: You should only add in WebSocket sources that you trust.