Firewall Blocks WebSockets: HTTP-only Mode or Recommended Alternatives?
100 views
Skip to first unread message
noVNC Fan
Dec 2, 2024, 8:13:24 PM12/2/24
to noVNC
Hi:
Long-time user of noVNC here. Thanks for the great software over the years.
I recently moved under a new network that has an aggressive firewall and blocks all websockets and pretty much anything outside of standard HTTP/S. TCP and UDP are also all blocked, outside of authorized software.
I've tried a plethora of other solutions from non-websockets approaches (like noVNC WebRTC) to tunnelers. So far I've only gotten Apache Guacamole to work but using the HTTP-only mode is unbearably slow. It takes about 3-5 seconds for a graphical update to come through on a simple window move/update refresh. I asked in the mailing list there for any ways to speed up the HTTP method and there isn't.
I know that WebSockets are a core part of noVNC with WebSockify but I figured it was worth a shot to ask if there is a way to run it with a pure HTTP-only approach. I'm running out of ideas for things to try so I wanted to ask the community for any suggestions.
Thanks!
Long-time user of noVNC here. Thanks for the great software over the years.
I recently moved under a new network that has an aggressive firewall and blocks all websockets and pretty much anything outside of standard HTTP/S. TCP and UDP are also all blocked, outside of authorized software.
I've tried a plethora of other solutions from non-websockets approaches (like noVNC WebRTC) to tunnelers. So far I've only gotten Apache Guacamole to work but using the HTTP-only mode is unbearably slow. It takes about 3-5 seconds for a graphical update to come through on a simple window move/update refresh. I asked in the mailing list there for any ways to speed up the HTTP method and there isn't.
I know that WebSockets are a core part of noVNC with WebSockify but I figured it was worth a shot to ask if there is a way to run it with a pure HTTP-only approach. I'm running out of ideas for things to try so I wanted to ask the community for any suggestions.
Thanks!
Pierre Ossman
Dec 4, 2024, 3:12:53 AM12/4/24
to no...@googlegroups.com, noVNC Fan
On 03/12/2024 02:13, noVNC Fan wrote:
>
> I know that WebSockets are a core part of noVNC with WebSockify but I
> figured it was worth a shot to ask if there is a way to run it with a pure
> HTTP-only approach. I'm running out of ideas for things to try so I wanted
> to ask the community for any suggestions.
>
noVNC has no such support, no. And it is very unlikely we'll add any
>
> I know that WebSockets are a core part of noVNC with WebSockify but I
> figured it was worth a shot to ask if there is a way to run it with a pure
> HTTP-only approach. I'm running out of ideas for things to try so I wanted
> to ask the community for any suggestions.
>
such support since WebSockets is a core feature of the modern web. Any
firewall blocking it will break many things.
In theory, someone could hack up something to work over normal HTTP
request. But it will likely be very inefficient, as you've seen with
Guacamole.
Regards,
--
Pierre Ossman Software Development
Cendio AB https://cendio.com
Teknikringen 8 https://twitter.com/ThinLinc
583 30 Linköping https://facebook.com/ThinLinc
Phone: +46-13-214600
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
noVNC Fan
Dec 4, 2024, 2:41:54 PM12/4/24
to noVNC
Thanks Pierre.
NoVNC Fan
Dec 12, 2024, 9:32:33 PM12/12/24
to noVNC
Pierre/Other:
Are there any other commonly used protocols that could be used as an alternative over WebSockets (SSE, WebRTC, etc.)?
I don't know much about web programing so I figured I would ask if there are any "theoretical" options if someone were to try and take something like noVNC and try to replace the websocket core with an alternative method.
Thanks.
Are there any other commonly used protocols that could be used as an alternative over WebSockets (SSE, WebRTC, etc.)?
I don't know much about web programing so I figured I would ask if there are any "theoretical" options if someone were to try and take something like noVNC and try to replace the websocket core with an alternative method.
Thanks.
Pierre Ossman
Jan 29, 2025, 7:42:55 AMJan 29
to no...@googlegroups.com, NoVNC Fan
On 13/12/2024 03:32, NoVNC Fan wrote:
> Pierre/Other:
>
> Are there any other commonly used protocols that could be used as an
> alternative over WebSockets (SSE, WebRTC, etc.)?
>
> I don't know much about web programing so I figured I would ask if there
> are any "theoretical" options if someone were to try and take something
> like noVNC and try to replace the websocket core with an alternative method.
>
We do have some basic plumbing in place for WebRTC. But there is no
> Pierre/Other:
>
> Are there any other commonly used protocols that could be used as an
> alternative over WebSockets (SSE, WebRTC, etc.)?
>
> I don't know much about web programing so I figured I would ask if there
> are any "theoretical" options if someone were to try and take something
> like noVNC and try to replace the websocket core with an alternative method.
>
setup code in the UI. And I'd say it's likely that it will also be
blocked by your firewall. :/
Reply all
Reply to author
Forward
0 new messages