Blocking WhatsApp and other IM traffic

linux iptables router wifi
35,079

Solution 1

It looks like this application has been designed to try and avoid being blocked.

You could block this at layer 8 using an AUP that employees sign up to, which excludes using your equipment for services like this and which details sanctions for breach of said policy. This is the best solution as, when all is said and done this is a management issue not a technical one.

You could try layer 7 blocking DNS packets that request addresses in the whatsapp.net/.com/.whatever domains (sro.whatsapp in particular may be useful to block).

It uses ports 80,443,5222,5223 and 5228. You may get some mileage blocking some of them but it's unlikely you'll be able to block 80,443 reasonably.

I've read that some people have had success by blocking the whole of 184.173/16 but if that's a bit blunt then ipdb.at have a list too.

Solution 2

Apply a filter using the official IP list: https://www.whatsapp.com/cidr.txt

Use QoS instead of blocking.

Solution 3

Like @Iain says, this should be solved at layer 8. But if you insist on a technical solution, you can also mandate that all wireless traffic must go through a proxy you control, and you can block WhatsApp traffic on that proxy.

Share:
35,079

Related videos on Youtube

amrit
Author by

amrit

Updated on September 18, 2022

Comments

  • amrit
    amrit over 1 year

    In my office, I have set up a linux machine as router and provide internet connectivity to all clients. Behind this linux router I have set up a cisco wireless router, with which I have made internet connectivity available to mobile phones of some employees in my office.

    Now i want to block access to WhatsApp and other IM services (we chat, line). Is it possible to block these android applications using iptables?

    • amrit
      amrit over 10 years
      whats app, we chat, line
    • MadHatter
      MadHatter over 10 years
      OK. I'm not familiar with those particular apps, but the way this usually works is that you have to find out how those apps communicate with the internet. If it's to a particular centralised server or block of servers, you can block those with iptables by IP address. If it's to particular ports, you can block those ports. But if they use, say, regular HTTP to port 80, iptables can't help you, because it doesn't operate at the application layer. So step one is: find out how those apps communicate.
    • amrit
      amrit over 10 years
      i know but it is quit difficult to get the ip addresses of theirs server.
    • amrit
      amrit over 10 years
      i am using ntopng for monitoring all clients and i am not able to get ip addresses relating to these applications
    • Rob Moir
      Rob Moir over 10 years
      The fact that its difficult doesn't alter the fact that this is what you need to do if you want to use IPtables. If you want to easily block these kind of web apps then you need to look at devices that allow you to filter by web app traffic pattern.
    • amrit
      amrit over 10 years
      i want to know , how can i prevent it by my linux router. i can easily block it if i got the ip addresses.
    • Aaron
      Aaron about 7 years
      iptables alone would not work. It might make whatsapp less reliable and would make a support headache for you. overriding dns for them may help for desktops, but mobile clients will have cached dns from outside of your network or may be using their data cell network. Short of forcing all traffic through a mitm https proxy (expensive), there is no guarenteed solution. Most trendy things are on public cloud or CDN, so blocking IP's will block many other sites. overriding dns is probably your best poor man solution.
  • amrit
    amrit over 10 years
    i found the ip address and port using tcpdump......i am trying to block this ip and port.
  • amrit
    amrit over 10 years
    now ip is different and port is different , so block ip is not a solution.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to use iptables to connect proxy server
Connected to hostapd hotspot but no Internet
Allow only one website using iptables in a linux router
backup static route on linux router
Purpose built router/firewall vs Linux iptables/Shorewall
Linux - two subnets, one interface, one gateway - NAT the additional subnet
Using iptables to block ALL outgoing traffic from one NIC?
Where is iptables script stored on DD-WRT filesystem?
OpenWRT and iptables: redirect all traffic from ip1 to ip2
iptables duplicate traffic to another ip