WebSocket Server

Go To Product Page

WebSocket Server is the server-side counterpart of WebSocket Client. It is used to accept incoming WebSocket connections, turning IO Ninja into a configurable WebSocket server-side terminal.

Basic Setup

  1. In IO Ninja, click the “New Session” dropdown and select “WebSocket Server”.

_images/websocket-server-new-session.png
  1. Select your network adapter from the dropdown and enter a port.

_images/websocket-server-adapter.png
  1. Press the “Start Listening” button and wait for incoming connections.

_images/websocket-server-start.png
  1. Use the “Transmit” pane to send any packet to connected WebSocket clients.

_images/websocket-server-transmit.png
  1. Adjust settings as needed via the “Settings” button (see “Settings” section below for details).

Settings

_images/websocket-server-settings.png

Setting

Description

Default

Extra headers

Specify extra headers for the WebSocket handshake.

Transmit mode

Specify the WebSocket transmission mode. Transmission modes determine how the WebSocket client interprets and sends messages. See available options.

Auto

Close mode

Specify the WebSocket close mode. Close modes define how a connection is terminated. See available options.

Graceful

Close timeout

Specify how long until a WebSocket timeout occurs.

3000 (ms)

Adapter

Local network adapter to bind to. Pick one from the list of installed network adapters (or bind to all installed IP4 or all IP6 adapters at once).

Auto

Local port

Local port to bind to. Setting this to 0 auto-selects an available port.

8080

Reuse address

Allow multiple sockets to share the same local address. Maps to the SO_REUSEADDR socket option. Please note, the support and details of implementation for this option are highly platform-specific.

False

TCP Nagle algorithm

Delay transmission to reduce the number of small TCP packets. Maps to the TCP_NODELAY socket option.

False

TCP reset

Drop TCP connections abruptly with a TCP RST packet. Maps to the SO_LINGER socket option.

False

TCP keep-alives

Detect connection loss with TCP keep-alive probes. Maps to the TCP_KEEPALIVE socket option.

False

Security level

Specify OpenSSL security level. Read more about OpenSSL security levels here.

1

Cipher suite

Select an OpenSSL cipher mode. OpenSSL ciphers refer to the cryptographic algorithms supported by the OpenSSL library for securing data in transit, typically over SSL/TLS connections. Read more about OpenSSL ciphers here. See available options.

ALL

Use certificate

Whether or not to use a certificate for the SSL connection.

False

Certificate

Specify the file path of the certificate.

Private key

Specify the private key for the certificate.

Verify certificates

Whether or not to verify the certificate of the target SSL server.

False

CA certificate

Specify the file path of the CA certificate to be used for verification.

CA directory

Specify a directory of CA certificates to be used for verification.

Verify depth

Specify the maximum certificate certificate chain length. A certificate chain is a sequence of certificates—starting with the SSL/TLS certificate and followed by one or more Certificate Authority (CA) certificates—that allows the recipient to verify the authenticity and trustworthiness of both the sender and the issuing CAs.

10

Read block size (B)

The size of each individual read block submitted to the underlying transport.

4KB

RX buffer size (B)

The full size of the incoming data (RX) buffer. Affects read throughput.

16KB

TX buffer size (B)

The full size of the outbound data (TX) buffer. Affects write throughput.

16KB

Keep read block size

Don’t merge read blocks in RX buffer. Incoming data blocks coming in quick succession can be merged together so that IO Ninja writes them to log as a whole. When this option is set to True, blocks are written to the log without merging, i.e., exactly as they are received from the underlying transport.

False

Keep write block size

Don’t merge write blocks in TX buffer. Outbound data blocks sent in quick succession can be merged together before submission to the underlying transport. When this option is set to True, blocks are submitted to the transport without merging, i.e., exactly as they are sent by the Transmit or Script panes.

False

RX buffer full notifications

Toggle warnings in log about the incoming data (RX) buffer getting full.

False

Note

All SSL related options only apply when connecting to a secure WebSocket. To make your WebSocket server secure, click the green lock button in the toolbar or enable SSL in “Settings”.

Transmit Mode Options

Setting

Description

Auto

The plugin automatically determines whether to send the payload as text or binary based on its content.

Text

Forces the plugin to send all outgoing data as text frames.

Binary

Forces the plugin to send all outgoing data as binary frames.

Close Mode Options

Setting

Description

Graceful

A graceful close follows the proper WebSocket protocol for connection termination. Both client and server exchange close frames, allowing for a clean shutdown.

Abrupt

An abrupt close terminates the WebSocket connection without sending a Close frame.

Cipher Suite Options

Cipher Suite

Cipher Strings

Description

Encrypted

ALL

All cipher suites are included except for the eNULL ciphers, which must be explicitly enabled if required. Since OpenSSL 1.0.0, the ALL cipher suites are ordered in a reasonable default sequence.

Encrypted & authenticated

ALL !aNULL

Refers to all cipher suites supported by OpenSSL that provide both encryption and authentication. This is achieved by including ALL, which covers all cipher suites except those offering no encryption (eNULL), and excluding aNULL, which represents cipher suites with no authentication. This combination ensures that only secure ciphers that encrypt data and verify the identity of the communicating parties are used.

OpenSSL default

ALL !EXPORT !LOW !aNULL !eNULL !SSLv2

Includes all the ciphers from the ALL category while further excluding specific categories considered insecure or outdated: EXPORT (export-grade weak ciphers), LOW (low-strength ciphers like 64-bit or 56-bit encryption), aNULL (unauthenticated ciphers), eNULL (unencrypted ciphers), and SSLv2 (obsolete and insecure SSL version 2). This selection aims to maintain a high level of compatibility while avoiding known insecure or deprecated cipher suites.

All (including unencrypted)

ALL eNULL

Uses the ALL cipher suite list and explicitly includes eNULL, thereby enabling cipher suites that offer no encryption at all. This setting allows every possible cipher supported by OpenSSL, including those that provide no data confidentiality, which is highly insecure and generally only used for testing or debugging purposes.

Read more about OpenSSL ciphers here.