Use Properties and an Event in Rules for a SOCKS Proxy
Two properties and an event are available to create rules for controlling the behavior of Web Gateway when it runs as a SOCKS proxy.
NOTE: There is no preconfigured SOCKS proxy rule set available in the default rule set system or the rule set library. If you want to use such rules, you need to create them and insert them in an existing rule set or create a rule set for them.
- ProtocolDetector.DetectedProtocol — This property can be used to detect the embedded protocol that is followed in web traffic under the SOCKS protocol, for example, HTTP or HTTPS.
Its value is the protocol name in string format. When the embedded protocol cannot be detected, the string is empty.
- ProtocolDetector.ProtocolFilterable — This property can be used to find out whether filtering is supported for web traffic following the embedded protocol that has been detected.
Its value is true if this traffic is filterable and false otherwise.
If this property is processed in a rule, the ProtocolDetector.DetectedProtocol property is also filled with a value.If this value is an empty string for the latter property, which means no the embedded protocol could not be detected, the value of the ProtocolDetector.ProtocolFilterable property is, consequently, set to false.
- ProtocolDetector.ApplyFiltering — This event can be used to enable processing of other rules that are configured on Web Gateway for filtering web traffic under the protocol that has been detected.
Accordingly, the following rule enables processing of other rules for filtering web traffic under the SOCKS protocol if an embedded protocol has been detected that is filterable.
Name Enable filtering for SOCKS traffic following an embedded protocol that is filterable Criteria Action Event ProtocolDetector.ProtocolFilterable is true –> StopCycle ProtocolDetector.ApplyFiltering
The following rule blocks SOCKS traffic if no embedded protocol is detected.
Name Block SOCKS traffic if no embedded protocol can be detected Criteria Action ProtocolDetector.DetectedProtocol equals " " –> Block
If no rule is configured that would enable the filtering of SOCKS traffic or block it if no embedded protocol is detected, this traffic is allowed.
This means that if a request for web access is received from a SOCKS client on Web Gateway, it is forwarded to the requested web server without any further processing.