Chisel traffic rejected due to "Potential Threat Detected"
yaakov-berkovitch opened this issue · comments
All,
We are facing an issue where chisel client failed to communicate with the server because the traffic is suspected as malicious. From the capture we did we can see:
No. Time Source Destination Protocol Length Info Port
30 2023-06-06 20:39:32.904515 1.1.3.4 4.5.6.7 HTTP 295 GET / HTTP/1.1 8082
31 2023-06-06 20:39:32.905755 4.5.6.7 1.2.3.4 HTTP 381 HTTP/1.1 401 Access Denied (text/html) 30108
and the following body appears: "Potential Threat Detected"
Does anybody failed on the same ? Not clear the root cause because no traffic scanner or threat detection is running.
Any idea will be welcome.
Thanks
I thought the same regarding the "chisel" string used for the Websocket protocol - Will give a try.
@jpillora the WS renaming helped fixing the issue - Do you agree to rename it and not using "chisel" as part of the name ? Or to allow customizing this name using command line option. WDYT ? Do you want me to create a PR for that ?
@yaakov-berkovitch can you point me to where the WS renaming is done ? I don't know the Go language.