Community discussions

 
gmsaud
just joined
Topic Author
Posts: 2
Joined: Mon Jul 29, 2013 5:19 pm

Block Whatsapp

Tue Jul 30, 2013 4:28 am

Could anyone help me how I can block whatsapp from Mikrotik router RB450G??
 
CameronE
just joined
Posts: 12
Joined: Sun Jul 28, 2013 8:32 pm

Re: Block Whatsapp

Wed Jul 31, 2013 12:33 pm

Hard mode: Try using the packet sniffer on the router to find how whatsapp communicates and then block it with the firewall.

I haven't used the packet sniffer on RouterOS, but looking at it quickly, I would set whatsapp up on a control device and then filter the packet sniffer on the interface you're connecting to and the MAC address of your control device.

When you're sniffing, start sending messages and making calls etc etc. That should give you enough information to block it through the firewall.
 
CameronE
just joined
Posts: 12
Joined: Sun Jul 28, 2013 8:32 pm

Re: Block Whatsapp

Thu Aug 01, 2013 11:50 am

BTW: easy mode would be to Google around and see if anyone else has done it. Sometimes publishers even have a write up on how to do so for school admins etc.
 
Ehman
Member
Member
Posts: 363
Joined: Mon Nov 15, 2010 10:49 pm

Re: Block Whatsapp

Wed Sep 11, 2013 6:36 pm

I'm looking for the same thing, I've noticed that it uses a bunch of IP's and port 443 and maybe 5222

But I'm looking for a solution and haven't found one yet, so have anyone found something yet?
 
Ehman
Member
Member
Posts: 363
Joined: Mon Nov 15, 2010 10:49 pm

Re: Block Whatsapp

Wed Sep 11, 2013 6:55 pm

http://rickey-g.blogspot.com/2011/05/wh ... tails.html

there's some info on how to do something, but those IP's aint the same then those that I saw on my log
 
deejayq
Member Candidate
Member Candidate
Posts: 195
Joined: Wed Feb 23, 2011 8:33 am

Re: Block Whatsapp

Thu Sep 12, 2013 10:03 am

if the link you provided above is up to date, you could easily block packets sent to any dns server, which contain "sro.whatsapp.net", by creating a layer-7 regexp.
 
Ehman
Member
Member
Posts: 363
Joined: Mon Nov 15, 2010 10:49 pm

Re: Block Whatsapp

Thu Sep 12, 2013 11:41 am

if the link you provided above is up to date, you could easily block packets sent to any dns server, which contain "sro.whatsapp.net", by creating a layer-7 regexp.
I'm having big issue's with layer 7 on certain sites, the only site I can bock on layer 7 is facebook, everything else refuses to get blocked :(

I've managed to block whatsapp by range blocking the entire hosting company that they use, this is a aggressive and dirty method, but hey, It worked

firewall rule, drop 184.173.0.0/16 ..boom no SOFTLAYER anymore

https://isc.sans.edu/ipinfo.html?ip=184.173.0.0
 
deejayq
Member Candidate
Member Candidate
Posts: 195
Joined: Wed Feb 23, 2011 8:33 am

Re: Block Whatsapp

Thu Sep 12, 2013 1:22 pm

are you blocking dns requests too? or just trying regexp in blocking http traffic?
 
Ehman
Member
Member
Posts: 363
Joined: Mon Nov 15, 2010 10:49 pm

Re: Block Whatsapp

Thu Sep 12, 2013 1:38 pm

are you blocking dns requests too? or just trying regexp in blocking http traffic?
can't do that in my case, because I'm running a hotspot with free users and paid users on the same router with different subnets


You drop this is your terminal and whatsapp will be blocked and so will all the servers that belong to that IP range
/ip firewall filter
add action=drop chain=forward comment="Block Whatsapp" protocol=tcp src-address=184.173.0.0/16
I hope the rule works, I removed some stuff out of it
 
Rudios
Forum Veteran
Forum Veteran
Posts: 966
Joined: Mon Mar 11, 2013 12:58 pm
Location: The Netherlands

Re: Block Whatsapp

Fri Sep 13, 2013 7:28 pm

are you blocking dns requests too? or just trying regexp in blocking http traffic?
can't do that in my case, because I'm running a hotspot with free users and paid users on the same router with different subnets


You drop this is your terminal and whatsapp will be blocked and so will all the servers that belong to that IP range
/ip firewall filter
add action=drop chain=forward comment="Block Whatsapp" protocol=tcp src-address=184.173.0.0/16
I hope the rule works, I removed some stuff out of it
Why dropping the packets that came from the servers (src-address) and not block traffic to the servers (dst-address)
Testing setup with: 2 x RB750UP | 2 x RB750GL | 1 x RB951G-2HnD | 1 x RB2011UiAS-IN
 
Ehman
Member
Member
Posts: 363
Joined: Mon Nov 15, 2010 10:49 pm

Re: Block Whatsapp

Fri Sep 13, 2013 8:50 pm

forward rule on blocking source: 184.173.0.0/16 from destination: Address-list IP

so my method is wrong you say?
 
Rudios
Forum Veteran
Forum Veteran
Posts: 966
Joined: Mon Mar 11, 2013 12:58 pm
Location: The Netherlands

Re: Block Whatsapp

Fri Sep 13, 2013 10:15 pm

It is not really wrong. Maybe we're both right 50%
Maybe it is best to block both ways. Block initiated connection from both inside and outside.
Testing setup with: 2 x RB750UP | 2 x RB750GL | 1 x RB951G-2HnD | 1 x RB2011UiAS-IN
 
Ehman
Member
Member
Posts: 363
Joined: Mon Nov 15, 2010 10:49 pm

Re: Block Whatsapp

Fri Sep 13, 2013 10:19 pm

It is not really wrong. Maybe we're both right 50%
Maybe it is best to block both ways. Block initiated connection from both inside and outside.
lol..you've got a point there :) , yea its probably better to block it both ways

EDIT: naah I'm sticking with my one way rule, just tested it again.. I doubt that the server will start the initiated connection with a device that cant even pass packets to the server in the first place.. So 100%.. :lol:
 
Rudios
Forum Veteran
Forum Veteran
Posts: 966
Joined: Mon Mar 11, 2013 12:58 pm
Location: The Netherlands

Re: Block Whatsapp

Fri Sep 13, 2013 10:47 pm

I think server will initiate connection when a message is to be delivered.
Nevertheless communication back is indeed needed.
Testing setup with: 2 x RB750UP | 2 x RB750GL | 1 x RB951G-2HnD | 1 x RB2011UiAS-IN
 
User avatar
Takv
just joined
Posts: 24
Joined: Sun Apr 19, 2015 5:37 pm

Re: Block Whatsapp

Mon Apr 20, 2015 7:42 pm

Hi, you only need to make a address-list containing the folowing addresses:

(taken from www.whatsapp.com/cidr.txt)

31.13.69.240/32
31.13.70.49/32
31.13.71.49/32
31.13.73.49/32
31.13.74.49/32
31.13.76.81/32
31.13.77.49/32
50.22.75.192/27
50.22.93.192/27
50.22.198.204/30
50.22.210.32/30
50.22.210.128/27
50.22.225.64/27
50.22.235.248/30
50.22.240.160/27
50.23.90.128/27
50.97.57.128/27
75.126.39.32/27
108.168.174.0/27
108.168.176.192/26
108.168.177.0/27
108.168.180.96/27
108.168.254.65/32
108.168.255.224/32
108.168.255.227/32
158.85.0.96/27
158.85.5.192/27
158.85.46.128/27
158.85.48.224/27
158.85.58.0/25
158.85.61.192/27
158.85.224.160/27
158.85.233.32/27
158.85.249.128/27
158.85.249.224/27
158.85.254.64/27
169.53.29.128/27
169.53.250.128/26
169.54.2.160/27
169.54.210.0/27
169.54.222.128/27
173.192.162.32/27
173.192.219.128/27
173.192.222.160/27
173.192.231.32/27
173.193.205.0/27
173.193.230.96/27
173.193.230.128/27
173.193.230.192/27
173.193.239.0/27
174.36.208.128/27
174.36.210.32/27
174.36.251.192/27
174.37.199.192/27
174.37.217.64/27
174.37.231.64/27
174.37.243.64/27
174.37.251.0/27
184.173.73.176/28
184.173.136.64/27
184.173.147.32/27
184.173.161.64/32
184.173.161.160/27
184.173.173.116/32
184.173.179.32/27
184.173.195.32/27
184.173.201.32/27
184.173.204.32/27
192.155.212.192/27
198.11.193.182/31
198.11.212.0/27
198.11.217.192/27
198.11.251.32/27
198.23.80.0/27
198.23.86.224/27
198.23.87.64/27
208.43.115.192/27
208.43.117.79/32
208.43.117.136/32
208.43.122.128/27
2607:f0d0:1b01:d4::/64
2607:f0d0:3004:136::/64
2607:f0d0:3005:183::/64
2607:f0d0:3006:84::/64
2607:f0d0:3006:af::/64
 
loveman
Member Candidate
Member Candidate
Posts: 299
Joined: Tue Mar 10, 2015 9:32 pm

Re: Block Whatsapp

Thu Sep 17, 2015 7:25 pm

Hi, you only need to make a address-list containing the folowing addresses:

(taken from http://www.whatsapp.com/cidr.txt)

31.13.69.240/32
31.13.70.49/32
31.13.71.49/32
31.13.73.49/32
31.13.74.49/32
31.13.76.81/32
31.13.77.49/32
50.22.75.192/27
50.22.93.192/27
50.22.198.204/30
50.22.210.32/30
50.22.210.128/27
50.22.225.64/27
50.22.235.248/30
50.22.240.160/27
50.23.90.128/27
50.97.57.128/27
75.126.39.32/27
108.168.174.0/27
108.168.176.192/26
108.168.177.0/27
108.168.180.96/27
108.168.254.65/32
108.168.255.224/32
108.168.255.227/32
158.85.0.96/27
158.85.5.192/27
158.85.46.128/27
158.85.48.224/27
158.85.58.0/25
158.85.61.192/27
158.85.224.160/27
158.85.233.32/27
158.85.249.128/27
158.85.249.224/27
158.85.254.64/27
169.53.29.128/27
169.53.250.128/26
169.54.2.160/27
169.54.210.0/27
169.54.222.128/27
173.192.162.32/27
173.192.219.128/27
173.192.222.160/27
173.192.231.32/27
173.193.205.0/27
173.193.230.96/27
173.193.230.128/27
173.193.230.192/27
173.193.239.0/27
174.36.208.128/27
174.36.210.32/27
174.36.251.192/27
174.37.199.192/27
174.37.217.64/27
174.37.231.64/27
174.37.243.64/27
174.37.251.0/27
184.173.73.176/28
184.173.136.64/27
184.173.147.32/27
184.173.161.64/32
184.173.161.160/27
184.173.173.116/32
184.173.179.32/27
184.173.195.32/27
184.173.201.32/27
184.173.204.32/27
192.155.212.192/27
198.11.193.182/31
198.11.212.0/27
198.11.217.192/27
198.11.251.32/27
198.23.80.0/27
198.23.86.224/27
198.23.87.64/27
208.43.115.192/27
208.43.117.79/32
208.43.117.136/32
208.43.122.128/27
2607:f0d0:1b01:d4::/64
2607:f0d0:3004:136::/64
2607:f0d0:3005:183::/64
2607:f0d0:3006:84::/64
2607:f0d0:3006:af::/64
are you tried this all ip range ?
blocked whatsapp or working ?
 
freemannnn
Long time Member
Long time Member
Posts: 655
Joined: Sun Oct 13, 2013 7:29 pm

Block Whatsapp

Fri Sep 18, 2015 9:28 pm

Can i ask where did u find all these addresses?


Sent from my iPhone using Tapatalk
 
PeterDoBrasil
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Aug 23, 2015 6:55 pm

Re: Block Whatsapp

Sun Sep 20, 2015 6:56 am

I have a very Powerfull Option for You! Add the following Script to the New Terminal, Mikrotik will create a New Scheduler and automatic put all Whatsapp DNS Entrys to the Firewall Address List !!

/system scheduler
add comment="Whatsapp Blocker" interval=2m name="Whatsapp Blocker" on-event="#\
\_Use DNS Entrys and add Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=Whatsapp co\
mment=\$cacheName;\r\
\n}\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup

O.K ?
Now You must create a new Firewall Filter Rule to take effect!

/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"


When your Network is a Hotspot Network!

/ip firewall filter add chain=forward action=jump jump-target=hs_whatsapp_filter dst-address-list=Whatsapp comment=\
"JUMP TO hs_whatsapp_filter " disabled=no
/ip firewall filter add chain=hs_whatsapp_filter action=drop comment="ACTION = DROP WHATSAPP" disabled=no



You only must copy and past to your system, very easy and effectiv to do this!!!!!!!!!!!!!!!
 
loveman
Member Candidate
Member Candidate
Posts: 299
Joined: Tue Mar 10, 2015 9:32 pm

Re: Block Whatsapp

Thu Sep 24, 2015 4:40 pm

I have a very Powerfull Option for You! Add the following Script to the New Terminal, Mikrotik will create a New Scheduler and automatic put all Whatsapp DNS Entrys to the Firewall Address List !!

/system scheduler
add comment="Whatsapp Blocker" interval=2m name="Whatsapp Blocker" on-event="#\
\_Use DNS Entrys and add Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=Whatsapp co\
mment=\$cacheName;\r\
\n}\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup

O.K ?
Now You must create a new Firewall Filter Rule to take effect!

/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"


When your Network is a Hotspot Network!

/ip firewall filter add chain=forward action=jump jump-target=hs_whatsapp_filter dst-address-list=Whatsapp comment=\
"JUMP TO hs_whatsapp_filter " disabled=no
/ip firewall filter add chain=hs_whatsapp_filter action=drop comment="ACTION = DROP WHATSAPP" disabled=no



You only must copy and past to your system, very easy and effectiv to do this!!!!!!!!!!!!!!!

if I need not use hotspot

How can I complete this rule after
/ip firewall filter add chain=hs_whatsapp_filter action=drop comment="ACTION = DROP WHATSAPP" disabled=no
 
PeterDoBrasil
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Aug 23, 2015 6:55 pm

Re: Block Whatsapp

Wed Oct 07, 2015 1:16 pm

You do not use Hotspot? Add this Firewall Filter!


/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"
 
PeterDoBrasil
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Aug 23, 2015 6:55 pm

Re: Block Whatsapp

Wed Oct 07, 2015 1:25 pm

# Copy and Paste the above to WinBox New Terminal #

/system scheduler
add comment="Whatsapp Blocker" interval=2m name="Whatsapp Blocker" on-event="#\
\_Use DNS Entrys and add Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=Whatsapp co\
mment=\$cacheName;\r\
\n}\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup

/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"
 
loveman
Member Candidate
Member Candidate
Posts: 299
Joined: Tue Mar 10, 2015 9:32 pm

Re: Block Whatsapp

Wed Oct 07, 2015 10:19 pm

# Copy and Paste the above to WinBox New Terminal #

/system scheduler
add comment="Whatsapp Blocker" interval=2m name="Whatsapp Blocker" on-event="#\
\_Use DNS Entrys and add Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=Whatsapp co\
mment=\$cacheName;\r\
\n}\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup

/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"
I need to ask you if you tried this method?
your method is true working (blocked whatsapp) or not working the whatsapp will working without drop
because on this time i don't try , later i will try
i wait your answer for method drop whatsapp or no
Thank you
 
PeterDoBrasil
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Aug 23, 2015 6:55 pm

Re: Block Whatsapp

Fri Oct 16, 2015 2:12 am

For me It works very well! Drop whatsapp is not dificult!
 
loveman
Member Candidate
Member Candidate
Posts: 299
Joined: Tue Mar 10, 2015 9:32 pm

Re: Block Whatsapp

Fri Oct 16, 2015 2:51 am

For me It works very well! Drop whatsapp is not dificult!
Thats right
Good for you.
Whats you using to drop it,,?
Only schedule?
 
PeterDoBrasil
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Aug 23, 2015 6:55 pm

Re: Block Whatsapp

Fri Oct 16, 2015 3:16 pm

/ip firewall filter add chain=forward protocol=tcp action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"

without schedule, use this firewall filter rule
set your IP DNS to static!
set your DHCP server Network dns-server field to your Lan address, in my case 10.63.240.1 !!
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1651
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: Block Whatsapp

Fri Oct 16, 2015 8:21 pm

im curious
whats your motivation to block whats app??
 
loveman
Member Candidate
Member Candidate
Posts: 299
Joined: Tue Mar 10, 2015 9:32 pm

Re: Block Whatsapp

Fri Oct 16, 2015 10:39 pm

im curious
whats your motivation to block whats app??
Our company need to block app..
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1651
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: Block Whatsapp

Fri Oct 16, 2015 11:23 pm

im curious
whats your motivation to block whats app??
Our company need to block app..

ok then why your company need to block app??
 
loveman
Member Candidate
Member Candidate
Posts: 299
Joined: Tue Mar 10, 2015 9:32 pm

Re: Block Whatsapp

Sat Oct 17, 2015 9:47 am

im curious
whats your motivation to block whats app??
Our company need to block app..

ok then why your company need to block app??
Do not wish for this program so it is blocked.
I need to block program for computer
You know "connectify hotspot" how can block.
 
User avatar
enggheisar
Trainer
Trainer
Posts: 20
Joined: Sun Mar 29, 2015 10:12 am
Location: Austin, TX
Contact:

Re: Block Whatsapp

Mon Oct 19, 2015 3:33 pm

you can see http://www.imfirewall.us/ to find all of the regular expression
example for viber : ^.*viber\.com$.
/ip firewall layer7-protocol add comment="" name=viber regexp="^^.*viber\.com$"
Mohammad Tayyebi
Mikrotik Certified Trainer & Consultant & Academic Trainer
MohammadTayyebi@Gmail.Com

Cert : CCNA-rs, CCNP-rs, VCP, EMC ISM, EMCSA, MCSE, Lync, Exchange, MTCNA, MTCRE, MTCWE, MTCTCE, MTCUME, MTCINE, MTCIPV6E, MTCSE, MTCTR, MTCATR
 
loveman
Member Candidate
Member Candidate
Posts: 299
Joined: Tue Mar 10, 2015 9:32 pm

Re: Block Whatsapp

Tue Oct 20, 2015 7:52 pm

you can see http://www.imfirewall.us/ to find all of the regular expression
example for viber : ^.*viber\.com$.
/ip firewall layer7-protocol add comment="" name=viber regexp="^^.*viber\.com$"
Thank you
In website i am not see filter for mikrotik..
Your method block viber,,!!
From where you have?
Plz i want all layer 7
I wait you
 
PeterDoBrasil
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Aug 23, 2015 6:55 pm

Re: Block Whatsapp

Tue Nov 03, 2015 3:14 am

# IMPORTANT ! THIS SCRIPT ONLY WORKS WITH STATIC DNS CONFIGURATION #
# if you use the dhcp-client, go to and uncheck the field ,, use-peer-dns"#
# then go to ip dns and set your static dns server #
# 208.67.222.222, 208.67.220.220, Open DNS #
# Whatsapp Finder Script RouterOS v6.33rc33 #
# This here is the Version for New Terminal #
# add to Scheduler and run with Time Interval 00:01:00 #
{
# STEP 1 set your prefered List Name here or leave it as it is #
:global lst "Whatsapp";
# Use DNS Entrys and add dst Address to the Firewall Address-list #
:foreach i in=[/ip dns cache all find where (name~"whatsapp" || name~"whatscom") && (type="A") ] do={
:local tmpAddress [/ip dns cache get $i address];
delay delay-time=10ms
# prevent script from using all cpu time #
:if ( [/ip firewall address-list find where address=$tmpAddress] = "") do={
:local cacheName [/ip dns cache get $i name] ;
:log info ("added entry: $cacheName $tmpAddress");
/ip firewall address-list add address=$tmpAddress list="$lst" comment=$cacheName;
}
}
}

# Whatsapp Blocker RouterOS v6.33rc33 #
# This here is the Version for New Terminal #
# add to Scheduler and run with Time Interval 01:00:00 #
{
# STEP 2 set your in-interface here #
:local iif "bridge";
# STEP 3 set your jump target name for fw-mangle here, the same name will be the new chain or leave it as it is #
:local jt "whatsapp_mangle";
# STEP 4 set your jump rule comment here or leave it as it is #
:local jtc "Jump to Whatsapp Chain";
# STEP 5 set dst-address-here, you must get the same name which from STEP 1 or leave it as it is #
:local dal "Whatsapp";
# STEP 6 set your new-connection-mark name here or leave it as it is #
:local ncm "whats_con";
# STEP 7 determine the size in bytes here, connection is determined as valid after reaching size #
:local size "100";
# STEP 8 set your prefered connection-mark comment here or leave it as it is #
:local cmc "Whatsapp Connection";
# STEP 9 set your prefered src-address-list Name here or leave it as it is, this list will display your client IP addresses #
:local sal "Whatsapp User";
# STEP 10 set your prefered add-src-to-address-list comment here or leave it as it is #
:local sl "Whatsapp Add Src to Address List";
# STEP 11 set your own comment for drop rule, after reached Limit of STEP 7 the Malware connection will be closed #
:local mwc "Drop Whatsapp Con";
# STEP 12 set your jump target name for fw-filter here, the same name will be the new chain or leave it as it is #
:local fwf "whatsapp_chain";
# DO NOT EDIT NOTHING BELOW, THIS CAN BREAK THE SCRIPT !!! #
:log warning ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
:put ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
/ip firewall mangle remove [ find comment="$jtc" ];
/ip firewall mangle remove [ find comment="$cmc" ];
/ip firewall mangle remove [ find comment="$sl" ];
/ip firewall filter remove [ find comment="$jtc" ];
/ip firewall filter remove [ find comment="$mwc" ];
:log warning ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
:put ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
/ip firewall mangle
add chain="forward" protocol=tcp in-interface=$iif action=jump jump-target="$jt" comment="$jtc"
add chain="$jt" protocol=tcp in-interface=$iif connection-state=established,new dst-address-list="$dal" \
action=mark-connection new-connection-mark="$ncm" connection-bytes="$size-0" passthrough=yes comment="$cmc"
add chain="$jt" dst-address-list="$dal" action=add-src-to-address-list address-list="$sal" address-list-timeout=6h \
connection-mark="$ncm" comment="$sl"
/ip firewall filter
add chain=forward protocol=tcp in-interface=$iif connection-mark="$ncm" action=jump jump-target="$fwf" comment="$jtc"
add chain="$fwf" protocol=tcp dst-port=80 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
add chain="$fwf" protocol=tcp dst-port=443 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
add chain="$fwf" protocol=tcp dst-port=5222-5228 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
}
 
loveman
Member Candidate
Member Candidate
Posts: 299
Joined: Tue Mar 10, 2015 9:32 pm

Re: Block Whatsapp

Tue Nov 03, 2015 1:54 pm

# IMPORTANT ! THIS SCRIPT ONLY WORKS WITH STATIC DNS CONFIGURATION #
# if you use the dhcp-client, go to and uncheck the field ,, use-peer-dns"#
# then go to ip dns and set your static dns server #
# 208.67.222.222, 208.67.220.220, Open DNS #
# Whatsapp Finder Script RouterOS v6.33rc33 #
# This here is the Version for New Terminal #
# add to Scheduler and run with Time Interval 00:01:00 #
{
# STEP 1 set your prefered List Name here or leave it as it is #
:global lst "Whatsapp";
# Use DNS Entrys and add dst Address to the Firewall Address-list #
:foreach i in=[/ip dns cache all find where (name~"whatsapp" || name~"whatscom") && (type="A") ] do={
:local tmpAddress [/ip dns cache get $i address];
delay delay-time=10ms
# prevent script from using all cpu time #
:if ( [/ip firewall address-list find where address=$tmpAddress] = "") do={
:local cacheName [/ip dns cache get $i name] ;
:log info ("added entry: $cacheName $tmpAddress");
/ip firewall address-list add address=$tmpAddress list="$lst" comment=$cacheName;
}
}
}

# Whatsapp Blocker RouterOS v6.33rc33 #
# This here is the Version for New Terminal #
# add to Scheduler and run with Time Interval 01:00:00 #
{
# STEP 2 set your in-interface here #
:local iif "bridge";
# STEP 3 set your jump target name for fw-mangle here, the same name will be the new chain or leave it as it is #
:local jt "whatsapp_mangle";
# STEP 4 set your jump rule comment here or leave it as it is #
:local jtc "Jump to Whatsapp Chain";
# STEP 5 set dst-address-here, you must get the same name which from STEP 1 or leave it as it is #
:local dal "Whatsapp";
# STEP 6 set your new-connection-mark name here or leave it as it is #
:local ncm "whats_con";
# STEP 7 determine the size in bytes here, connection is determined as valid after reaching size #
:local size "100";
# STEP 8 set your prefered connection-mark comment here or leave it as it is #
:local cmc "Whatsapp Connection";
# STEP 9 set your prefered src-address-list Name here or leave it as it is, this list will display your client IP addresses #
:local sal "Whatsapp User";
# STEP 10 set your prefered add-src-to-address-list comment here or leave it as it is #
:local sl "Whatsapp Add Src to Address List";
# STEP 11 set your own comment for drop rule, after reached Limit of STEP 7 the Malware connection will be closed #
:local mwc "Drop Whatsapp Con";
# STEP 12 set your jump target name for fw-filter here, the same name will be the new chain or leave it as it is #
:local fwf "whatsapp_chain";
# DO NOT EDIT NOTHING BELOW, THIS CAN BREAK THE SCRIPT !!! #
:log warning ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
:put ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
/ip firewall mangle remove [ find comment="$jtc" ];
/ip firewall mangle remove [ find comment="$cmc" ];
/ip firewall mangle remove [ find comment="$sl" ];
/ip firewall filter remove [ find comment="$jtc" ];
/ip firewall filter remove [ find comment="$mwc" ];
:log warning ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
:put ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
/ip firewall mangle
add chain="forward" protocol=tcp in-interface=$iif action=jump jump-target="$jt" comment="$jtc"
add chain="$jt" protocol=tcp in-interface=$iif connection-state=established,new dst-address-list="$dal" \
action=mark-connection new-connection-mark="$ncm" connection-bytes="$size-0" passthrough=yes comment="$cmc"
add chain="$jt" dst-address-list="$dal" action=add-src-to-address-list address-list="$sal" address-list-timeout=6h \
connection-mark="$ncm" comment="$sl"
/ip firewall filter
add chain=forward protocol=tcp in-interface=$iif connection-mark="$ncm" action=jump jump-target="$fwf" comment="$jtc"
add chain="$fwf" protocol=tcp dst-port=80 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
add chain="$fwf" protocol=tcp dst-port=443 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
add chain="$fwf" protocol=tcp dst-port=5222-5228 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
}
Your method
Whats you can block only whatsapp?
 
PeterDoBrasil
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Aug 23, 2015 6:55 pm

Re: Block Whatsapp

Tue Nov 03, 2015 10:10 pm

:D You can Block what you need to Block, only edit the Script!
 
loveman
Member Candidate
Member Candidate
Posts: 299
Joined: Tue Mar 10, 2015 9:32 pm

Re: Block Whatsapp

Fri Nov 06, 2015 11:26 pm

:D You can Block what you need to Block, only edit the Script!
I need to block "Viber" application for call,, how can i edit our your method
 
PeterDoBrasil
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Aug 23, 2015 6:55 pm

Re: Block Whatsapp

Fri Nov 06, 2015 11:32 pm

What is Viber my Friend ???
:?
 
loveman
Member Candidate
Member Candidate
Posts: 299
Joined: Tue Mar 10, 2015 9:32 pm

Re: Block Whatsapp

Fri Nov 06, 2015 11:38 pm

What is Viber my Friend ???
:?
Viber is application call for smart phone, Looks like skype,Tango.. Etc
Thank you
 
PeterDoBrasil
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Aug 23, 2015 6:55 pm

Re: Block Whatsapp

Sat Nov 07, 2015 5:21 am

test
 
loveman
Member Candidate
Member Candidate
Posts: 299
Joined: Tue Mar 10, 2015 9:32 pm

Re: Block Whatsapp

Sat Nov 07, 2015 7:24 am

test
Ok,, i will test soon,,
But i have other program,, that program working on computer,,
Name of program "connectify hotspot" meaning sharing the line of internet in computer,
When you setup in pc,, the computer change to router..
I need to block it?
 
MohamedHassan
just joined
Posts: 1
Joined: Mon Dec 28, 2015 5:04 pm

Re: Block Whatsapp

Mon Dec 28, 2015 5:09 pm

 
PeterDoBrasil
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Aug 23, 2015 6:55 pm

Re: Block Whatsapp

Tue Jan 05, 2016 2:12 am

Yes
 
hablasip
just joined
Posts: 1
Joined: Sat Dec 05, 2015 3:59 pm

Re: Block Whatsapp

Sun Mar 13, 2016 6:08 pm

I have a very Powerfull Option for You! Add the following Script to the New Terminal, Mikrotik will create a New Scheduler and automatic put all Whatsapp DNS Entrys to the Firewall Address List !!

/system scheduler
add comment="Whatsapp Blocker" interval=2m name="Whatsapp Blocker" on-event="#\
\_Use DNS Entrys and add Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=Whatsapp co\
mment=\$cacheName;\r\
\n}\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup

O.K ?
Now You must create a new Firewall Filter Rule to take effect!

/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"


When your Network is a Hotspot Network!

/ip firewall filter add chain=forward action=jump jump-target=hs_whatsapp_filter dst-address-list=Whatsapp comment=\
"JUMP TO hs_whatsapp_filter " disabled=no
/ip firewall filter add chain=hs_whatsapp_filter action=drop comment="ACTION = DROP WHATSAPP" disabled=no



You only must copy and past to your system, very easy and effectiv to do this!!!!!!!!!!!!!!!
Hello PeterDoBrasil,

I am using this Script but en v6.34.1 sometimes work, but sometimes not,
i am using scheduler interval=1m, DNS static #208.67.222.222, 208.67.220.220,

Coud you tell me where is my error.

Thanks so much.
 
wcsnet
Frequent Visitor
Frequent Visitor
Posts: 59
Joined: Mon Apr 29, 2013 12:43 pm
Location: South Africa

Re: Block Whatsapp

Sun Mar 13, 2016 9:58 pm

I have had great sucess with blocking all sorts of things useing dns, for whatsapp i have a script that adds all ip found in the dns cashe to a address list abvously my script is dynamic and can do this for anything
Kind Regards

WERNER VENTER
Technical Support Engineer

Werner.venter.mail@gmail.com
 
Zorro
Long time Member
Long time Member
Posts: 676
Joined: Wed Apr 16, 2014 2:43 pm

Re: Block Whatsapp

Mon Mar 14, 2016 1:48 am

I have had great sucess with blocking all sorts of things useing dns, for whatsapp i have a script that adds all ip found in the dns cashe to a address list abvously my script is dynamic and can do this for anything
isn't that simply put DNS static override and blocking DNS bypassing/sneaking ?
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1651
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: Block Whatsapp

Mon Mar 14, 2016 2:01 am

I have had great sucess with blocking all sorts of things useing dns, for whatsapp i have a script that adds all ip found in the dns cashe to a address list abvously my script is dynamic and can do this for anything

agree

opendns can help a lot too as a compliment
 
wcsnet
Frequent Visitor
Frequent Visitor
Posts: 59
Joined: Mon Apr 29, 2013 12:43 pm
Location: South Africa

Re: Block Whatsapp

Mon Mar 14, 2016 7:36 am

I have had great sucess with blocking all sorts of things useing dns, for whatsapp i have a script that adds all ip found in the dns cashe to a address list abvously my script is dynamic and can do this for anything
isn't that simply put DNS static override and blocking DNS bypassing/sneaking ?

Well i fore users to a specific dns so no dns override :-)
Kind Regards

WERNER VENTER
Technical Support Engineer

Werner.venter.mail@gmail.com
 
PeterDoBrasil
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Aug 23, 2015 6:55 pm

Re: Block Whatsapp

Wed Mar 16, 2016 1:56 am

I have a very Powerfull Option for You! Add the following Script to the New Terminal, Mikrotik will create a New Scheduler and automatic put all Whatsapp DNS Entrys to the Firewall Address List !!

/system scheduler
add comment="Whatsapp Blocker" interval=2m name="Whatsapp Blocker" on-event="#\
\_Use DNS Entrys and add Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=Whatsapp co\
mment=\$cacheName;\r\
\n}\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup

O.K ?
Now You must create a new Firewall Filter Rule to take effect!

/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"


When your Network is a Hotspot Network!

/ip firewall filter add chain=forward action=jump jump-target=hs_whatsapp_filter dst-address-list=Whatsapp comment=\
"JUMP TO hs_whatsapp_filter " disabled=no
/ip firewall filter add chain=hs_whatsapp_filter action=drop comment="ACTION = DROP WHATSAPP" disabled=no



You only must copy and past to your system, very easy and effectiv to do this!!!!!!!!!!!!!!!
Hello PeterDoBrasil,

I am using this Script but en v6.34.1 sometimes work, but sometimes not,
i am using scheduler interval=1m, DNS static #208.67.222.222, 208.67.220.220,

Coud you tell me where is my error.

Thanks so much.
Have you find any in Logs? Google DNS is much faster 8.8.8.8,8.8.4.4
 
imtiazahmed
just joined
Posts: 14
Joined: Thu Mar 17, 2016 4:50 pm

Re: Block Whatsapp

Tue Mar 22, 2016 6:49 am

Hi, Thanks for very valuable information available here. Although I have not tried yet but sure that it will work.

One very basis query : Do RB750Gr2 support these filters. and secondly I can use it with any DSL provided by ISP in routing mode.?

Regards
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24042
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: Block Whatsapp

Tue Mar 22, 2016 11:55 am

Hi, Thanks for very valuable information available here. Although I have not tried yet but sure that it will work.

One very basis query : Do RB750Gr2 support these filters. and secondly I can use it with any DSL provided by ISP in routing mode.?

Regards
yes and yes
No answer to your question? How to write posts
 
imtiazahmed
just joined
Posts: 14
Joined: Thu Mar 17, 2016 4:50 pm

Re: Block Whatsapp

Wed Mar 23, 2016 10:13 am

means no need to turn DSL into bridge mode.? then how filters will be applied on users direct connected to NAT ports of DSL router.

Who is online

Users browsing this forum: Google [Bot] and 19 guests