WebSocket Server

Go To Product Page

WebSocket Server is the server-side counterpart of WebSocket Client. It is used to accept incoming WebSocket connections, turning IO Ninja into a configurable WebSocket server-side terminal.

Basic Setup

In IO Ninja, click the “New Session” dropdown and select “WebSocket Server”.

_images/websocket-server-new-session.png

Select your network adapter from the dropdown and enter a port.

Press the “Start Listening” button and wait for incoming connections.

Use the “Transmit” pane to send any packet to connected WebSocket clients.

Adjust settings as needed via the “Settings” button (see “Settings” section below for details).

Settings

Setting	Description	Default
Extra headers	Specify extra headers for the WebSocket handshake.
Transmit mode	Specify the WebSocket transmission mode. Transmission modes determine how the WebSocket client interprets and sends messages. See available options.	Auto
Close mode	Specify the WebSocket close mode. Close modes define how a connection is terminated. See available options.	Graceful
Close timeout	Specify how long until a WebSocket timeout occurs.	3000 (ms)
Adapter	Local network adapter to bind to. Pick one from the list of installed network adapters (or bind to all installed `IP4` or all `IP6` adapters at once).	Auto
Local port	Local port to bind to. Setting this to `0` auto-selects an available port.	8080
Reuse address	Allow multiple sockets to share the same local address. Maps to the `SO_REUSEADDR` socket option. Please note, the support and details of implementation for this option are highly platform-specific.	False
TCP Nagle algorithm	Delay transmission to reduce the number of small TCP packets. Maps to the `TCP_NODELAY` socket option.	False
TCP reset	Drop TCP connections abruptly with a TCP RST packet. Maps to the `SO_LINGER` socket option.	False
TCP keep-alives	Detect connection loss with TCP keep-alive probes. Maps to the `TCP_KEEPALIVE` socket option.	False
Security level	Specify OpenSSL security level. Read more about OpenSSL security levels here.	1
Cipher suite	Select an OpenSSL cipher mode. OpenSSL ciphers refer to the cryptographic algorithms supported by the OpenSSL library for securing data in transit, typically over SSL/TLS connections. Read more about OpenSSL ciphers here. See available options.	ALL
Use certificate	Whether or not to use a certificate for the SSL connection.	False
Certificate	Specify the file path of the certificate.
Private key	Specify the private key for the certificate.
Verify certificates	Whether or not to verify the certificate of the target SSL server.	False
CA certificate	Specify the file path of the CA certificate to be used for verification.
CA directory	Specify a directory of CA certificates to be used for verification.
Verify depth	Specify the maximum certificate certificate chain length. A certificate chain is a sequence of certificates—starting with the SSL/TLS certificate and followed by one or more Certificate Authority (CA) certificates—that allows the recipient to verify the authenticity and trustworthiness of both the sender and the issuing CAs.	10
Read block size (B)	The size of each individual read block submitted to the underlying transport.	4KB
RX buffer size (B)	The full size of the incoming data (RX) buffer. Affects read throughput.	16KB
TX buffer size (B)	The full size of the outbound data (TX) buffer. Affects write throughput.	16KB
Keep read block size	Don’t merge read blocks in RX buffer. Incoming data blocks coming in quick succession can be merged together so that IO Ninja writes them to log as a whole. When this option is set to `True`, blocks are written to the log without merging, i.e., exactly as they are received from the underlying transport.	False
Keep write block size	Don’t merge write blocks in TX buffer. Outbound data blocks sent in quick succession can be merged together before submission to the underlying transport. When this option is set to `True`, blocks are submitted to the transport without merging, i.e., exactly as they are sent by the Transmit or Script panes.	False
RX buffer full notifications	Toggle warnings in log about the incoming data (RX) buffer getting full.	False

Note

All SSL related options only apply when connecting to a secure WebSocket. To make your WebSocket server secure, click the green lock button in the toolbar or enable SSL in “Settings”.

Transmit Mode Options

Setting	Description
Auto	The plugin automatically determines whether to send the payload as text or binary based on its content.
Text	Forces the plugin to send all outgoing data as text frames.
Binary	Forces the plugin to send all outgoing data as binary frames.

Close Mode Options

Setting	Description
Graceful	A graceful close follows the proper WebSocket protocol for connection termination. Both client and server exchange close frames, allowing for a clean shutdown.
Abrupt	An abrupt close terminates the WebSocket connection without sending a Close frame.

Cipher Suite Options

Cipher Suite	Cipher Strings	Description
Encrypted	`ALL`	All cipher suites are included except for the `eNULL` ciphers, which must be explicitly enabled if required. Since OpenSSL 1.0.0, the `ALL` cipher suites are ordered in a reasonable default sequence.
Encrypted & authenticated	`ALL` `!aNULL`	Refers to all cipher suites supported by OpenSSL that provide both encryption and authentication. This is achieved by including `ALL`, which covers all cipher suites except those offering no encryption (`eNULL`), and excluding `aNULL`, which represents cipher suites with no authentication. This combination ensures that only secure ciphers that encrypt data and verify the identity of the communicating parties are used.
OpenSSL default	`ALL` `!EXPORT` `!LOW` `!aNULL` `!eNULL` `!SSLv2`	Includes all the ciphers from the `ALL` category while further excluding specific categories considered insecure or outdated: `EXPORT` (export-grade weak ciphers), `LOW` (low-strength ciphers like 64-bit or 56-bit encryption), `aNULL` (unauthenticated ciphers), `eNULL` (unencrypted ciphers), and `SSLv2` (obsolete and insecure SSL version 2). This selection aims to maintain a high level of compatibility while avoiding known insecure or deprecated cipher suites.
All (including unencrypted)	`ALL` `eNULL`	Uses the `ALL` cipher suite list and explicitly includes `eNULL`, thereby enabling cipher suites that offer no encryption at all. This setting allows every possible cipher supported by OpenSSL, including those that provide no data confidentiality, which is highly insecure and generally only used for testing or debugging purposes.