10
4
I need to block the users from accessing Whatsapp Android application who have logged in to my network. I tried to take Wireshark logs and tried to find the server's IP Address and port number, but I couldn't find any clue. Actually I am naive to Wireshark usage and network administrator domain too, so suggestions would be great!
I have a Basic Netgear Router installed in my workplace with an internet connection.
Nandhan
Posted 2014-01-01T11:19:41.437
Reputation: 101
5
c.whatsapp.net - WhatsApp Sever which is used for connection.
WhatsApp connects first then logs in then reading/writing data will be done. So blocking this stops at the initial stage.
Thiagaraj
Posted 2014-01-01T11:19:41.437
Reputation: 51
From whatsapi.js: host: 'e{0}.whatsapp.net', server: 's.whatsapp.net'. {0} can be any integer in 1-16 – André Chalella – 2015-06-05T05:51:05.733
3
Apply a filter using the official IP list: https://www.whatsapp.com/cidr.txt, which (as of 2018-02-018) directs you where to get the list:
Dear partners, Please note that we have migrated the latest IP pools of WhatsApp to Facebook Mobile Partner Portal. Feel free to browse to the Settings page of the portal and download the latest WhatsApp IP pool: https://fb.me/mpp_support
Further IP pool updates are also done through the portal and are no longer distributed via email or through WhatsApp web site. If you have not yet registered on the Mobile Partner Portal or have difficulties accessing it - please request access through the following form and we'll be happy to assist: https://fb.me/mpp_access
For any technical requests please contact us through the Support section of the portal: https://fb.me/mpp_support
WhatsApp team
Use QoS instead of blocking.
brauliobo
Posted 2014-01-01T11:19:41.437
Reputation: 129
2
Some answers for the opposite question "how to block Whatsapp" suggest the ports TCP/5222, TCP/5223 and TCP/5228 as needed for Whatsapp.
So try to block those ports.
Fran Leiro
Posted 2014-01-01T11:19:41.437
Reputation: 21
1These are standard ports for xmpp. Do not block these ports as many people make legitimate use of this protocol. – moebius_eye – 2016-02-17T08:59:03.260
-1
WhatsApp runs over the SSL port 443; if you block the port you won't be able to use the app, however it will also block any sort of SSL secured website (credit card sites, e-mail, facebook, etc).
Assuming you use DHCP for the network, I would apply an exception for static addresses, and simply block port 443 on all dynamic addresses.
If that's not possible for your applications, then I recommend you get an iboss filter, or another filtering-specific device.
The fact of the matter is, a router, while having filtering capabilities, is not designed with filtering in mind, and is not the most effective choice.
Finally, in case there IS some magick filtering option on your router, would you include the model number?
Woody
Posted 2014-01-01T11:19:41.437
Reputation: 126
2Blocking port 443 is really a bad idea. You may as well block internet access entirely for dynamic addresses. – Poma – 2015-03-24T08:34:27.320
you might try asking on serverfault.com, it is on-topic for that site – Robin Green – 2014-01-01T16:21:38.083
Actually I was directed to SuperUser by experts. Fine I shall give a try in ServerFault as per your suggestion. – Nandhan – 2014-01-02T17:39:11.267
4Are you able to blacklist certain DNS records? If so, you can actually block *.whatsapp.net. While DNS blocks are far from foolproof, it's better than tracking a moving target. WhatsApp leases capacity from SoftLayer, and WhatsApp has many different IP addresses. – yjwong – 2014-01-02T19:00:52.643