Page 1 of 1

Block Whatsapp

Posted: Tue Jul 30, 2013 4:28 am
by gmsaud
Could anyone help me how I can block whatsapp from Mikrotik router RB450G??

Re: Block Whatsapp

Posted: Wed Jul 31, 2013 12:33 pm
by CameronE
Hard mode: Try using the packet sniffer on the router to find how whatsapp communicates and then block it with the firewall.

I haven't used the packet sniffer on RouterOS, but looking at it quickly, I would set whatsapp up on a control device and then filter the packet sniffer on the interface you're connecting to and the MAC address of your control device.

When you're sniffing, start sending messages and making calls etc etc. That should give you enough information to block it through the firewall.

Re: Block Whatsapp

Posted: Thu Aug 01, 2013 11:50 am
by CameronE
BTW: easy mode would be to Google around and see if anyone else has done it. Sometimes publishers even have a write up on how to do so for school admins etc.

Re: Block Whatsapp

Posted: Wed Sep 11, 2013 6:36 pm
by Ehman
I'm looking for the same thing, I've noticed that it uses a bunch of IP's and port 443 and maybe 5222

But I'm looking for a solution and haven't found one yet, so have anyone found something yet?

Re: Block Whatsapp

Posted: Wed Sep 11, 2013 6:55 pm
by Ehman
http://rickey-g.blogspot.com/2011/05/wh ... tails.html

there's some info on how to do something, but those IP's aint the same then those that I saw on my log

Re: Block Whatsapp

Posted: Thu Sep 12, 2013 10:03 am
by deejayq
if the link you provided above is up to date, you could easily block packets sent to any dns server, which contain "sro.whatsapp.net", by creating a layer-7 regexp.

Re: Block Whatsapp

Posted: Thu Sep 12, 2013 11:41 am
by Ehman
if the link you provided above is up to date, you could easily block packets sent to any dns server, which contain "sro.whatsapp.net", by creating a layer-7 regexp.
I'm having big issue's with layer 7 on certain sites, the only site I can bock on layer 7 is facebook, everything else refuses to get blocked :(

I've managed to block whatsapp by range blocking the entire hosting company that they use, this is a aggressive and dirty method, but hey, It worked

firewall rule, drop 184.173.0.0/16 ..boom no SOFTLAYER anymore

https://isc.sans.edu/ipinfo.html?ip=184.173.0.0

Re: Block Whatsapp

Posted: Thu Sep 12, 2013 1:22 pm
by deejayq
are you blocking dns requests too? or just trying regexp in blocking http traffic?

Re: Block Whatsapp

Posted: Thu Sep 12, 2013 1:38 pm
by Ehman
are you blocking dns requests too? or just trying regexp in blocking http traffic?
can't do that in my case, because I'm running a hotspot with free users and paid users on the same router with different subnets


You drop this is your terminal and whatsapp will be blocked and so will all the servers that belong to that IP range
/ip firewall filter
add action=drop chain=forward comment="Block Whatsapp" protocol=tcp src-address=184.173.0.0/16
I hope the rule works, I removed some stuff out of it

Re: Block Whatsapp

Posted: Fri Sep 13, 2013 7:28 pm
by Rudios
are you blocking dns requests too? or just trying regexp in blocking http traffic?
can't do that in my case, because I'm running a hotspot with free users and paid users on the same router with different subnets


You drop this is your terminal and whatsapp will be blocked and so will all the servers that belong to that IP range
/ip firewall filter
add action=drop chain=forward comment="Block Whatsapp" protocol=tcp src-address=184.173.0.0/16
I hope the rule works, I removed some stuff out of it
Why dropping the packets that came from the servers (src-address) and not block traffic to the servers (dst-address)

Re: Block Whatsapp

Posted: Fri Sep 13, 2013 8:50 pm
by Ehman
forward rule on blocking source: 184.173.0.0/16 from destination: Address-list IP

so my method is wrong you say?

Re: Block Whatsapp

Posted: Fri Sep 13, 2013 10:15 pm
by Rudios
It is not really wrong. Maybe we're both right 50%
Maybe it is best to block both ways. Block initiated connection from both inside and outside.

Re: Block Whatsapp

Posted: Fri Sep 13, 2013 10:19 pm
by Ehman
It is not really wrong. Maybe we're both right 50%
Maybe it is best to block both ways. Block initiated connection from both inside and outside.
lol..you've got a point there :) , yea its probably better to block it both ways

EDIT: naah I'm sticking with my one way rule, just tested it again.. I doubt that the server will start the initiated connection with a device that cant even pass packets to the server in the first place.. So 100%.. :lol:

Re: Block Whatsapp

Posted: Fri Sep 13, 2013 10:47 pm
by Rudios
I think server will initiate connection when a message is to be delivered.
Nevertheless communication back is indeed needed.

Re: Block Whatsapp

Posted: Mon Apr 20, 2015 7:42 pm
by Takv
Hi, you only need to make a address-list containing the folowing addresses:

(taken from www.whatsapp.com/cidr.txt)

31.13.69.240/32
31.13.70.49/32
31.13.71.49/32
31.13.73.49/32
31.13.74.49/32
31.13.76.81/32
31.13.77.49/32
50.22.75.192/27
50.22.93.192/27
50.22.198.204/30
50.22.210.32/30
50.22.210.128/27
50.22.225.64/27
50.22.235.248/30
50.22.240.160/27
50.23.90.128/27
50.97.57.128/27
75.126.39.32/27
108.168.174.0/27
108.168.176.192/26
108.168.177.0/27
108.168.180.96/27
108.168.254.65/32
108.168.255.224/32
108.168.255.227/32
158.85.0.96/27
158.85.5.192/27
158.85.46.128/27
158.85.48.224/27
158.85.58.0/25
158.85.61.192/27
158.85.224.160/27
158.85.233.32/27
158.85.249.128/27
158.85.249.224/27
158.85.254.64/27
169.53.29.128/27
169.53.250.128/26
169.54.2.160/27
169.54.210.0/27
169.54.222.128/27
173.192.162.32/27
173.192.219.128/27
173.192.222.160/27
173.192.231.32/27
173.193.205.0/27
173.193.230.96/27
173.193.230.128/27
173.193.230.192/27
173.193.239.0/27
174.36.208.128/27
174.36.210.32/27
174.36.251.192/27
174.37.199.192/27
174.37.217.64/27
174.37.231.64/27
174.37.243.64/27
174.37.251.0/27
184.173.73.176/28
184.173.136.64/27
184.173.147.32/27
184.173.161.64/32
184.173.161.160/27
184.173.173.116/32
184.173.179.32/27
184.173.195.32/27
184.173.201.32/27
184.173.204.32/27
192.155.212.192/27
198.11.193.182/31
198.11.212.0/27
198.11.217.192/27
198.11.251.32/27
198.23.80.0/27
198.23.86.224/27
198.23.87.64/27
208.43.115.192/27
208.43.117.79/32
208.43.117.136/32
208.43.122.128/27
2607:f0d0:1b01:d4::/64
2607:f0d0:3004:136::/64
2607:f0d0:3005:183::/64
2607:f0d0:3006:84::/64
2607:f0d0:3006:af::/64

Re: Block Whatsapp

Posted: Thu Sep 17, 2015 7:25 pm
by loveman
Hi, you only need to make a address-list containing the folowing addresses:

(taken from http://www.whatsapp.com/cidr.txt)

31.13.69.240/32
31.13.70.49/32
31.13.71.49/32
31.13.73.49/32
31.13.74.49/32
31.13.76.81/32
31.13.77.49/32
50.22.75.192/27
50.22.93.192/27
50.22.198.204/30
50.22.210.32/30
50.22.210.128/27
50.22.225.64/27
50.22.235.248/30
50.22.240.160/27
50.23.90.128/27
50.97.57.128/27
75.126.39.32/27
108.168.174.0/27
108.168.176.192/26
108.168.177.0/27
108.168.180.96/27
108.168.254.65/32
108.168.255.224/32
108.168.255.227/32
158.85.0.96/27
158.85.5.192/27
158.85.46.128/27
158.85.48.224/27
158.85.58.0/25
158.85.61.192/27
158.85.224.160/27
158.85.233.32/27
158.85.249.128/27
158.85.249.224/27
158.85.254.64/27
169.53.29.128/27
169.53.250.128/26
169.54.2.160/27
169.54.210.0/27
169.54.222.128/27
173.192.162.32/27
173.192.219.128/27
173.192.222.160/27
173.192.231.32/27
173.193.205.0/27
173.193.230.96/27
173.193.230.128/27
173.193.230.192/27
173.193.239.0/27
174.36.208.128/27
174.36.210.32/27
174.36.251.192/27
174.37.199.192/27
174.37.217.64/27
174.37.231.64/27
174.37.243.64/27
174.37.251.0/27
184.173.73.176/28
184.173.136.64/27
184.173.147.32/27
184.173.161.64/32
184.173.161.160/27
184.173.173.116/32
184.173.179.32/27
184.173.195.32/27
184.173.201.32/27
184.173.204.32/27
192.155.212.192/27
198.11.193.182/31
198.11.212.0/27
198.11.217.192/27
198.11.251.32/27
198.23.80.0/27
198.23.86.224/27
198.23.87.64/27
208.43.115.192/27
208.43.117.79/32
208.43.117.136/32
208.43.122.128/27
2607:f0d0:1b01:d4::/64
2607:f0d0:3004:136::/64
2607:f0d0:3005:183::/64
2607:f0d0:3006:84::/64
2607:f0d0:3006:af::/64
are you tried this all ip range ?
blocked whatsapp or working ?

Block Whatsapp

Posted: Fri Sep 18, 2015 9:28 pm
by freemannnn
Can i ask where did u find all these addresses?


Sent from my iPhone using Tapatalk

Re: Block Whatsapp

Posted: Sun Sep 20, 2015 6:56 am
by PeterDoBrasil
I have a very Powerfull Option for You! Add the following Script to the New Terminal, Mikrotik will create a New Scheduler and automatic put all Whatsapp DNS Entrys to the Firewall Address List !!

/system scheduler
add comment="Whatsapp Blocker" interval=2m name="Whatsapp Blocker" on-event="#\
\_Use DNS Entrys and add Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=Whatsapp co\
mment=\$cacheName;\r\
\n}\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup

O.K ?
Now You must create a new Firewall Filter Rule to take effect!

/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"


When your Network is a Hotspot Network!

/ip firewall filter add chain=forward action=jump jump-target=hs_whatsapp_filter dst-address-list=Whatsapp comment=\
"JUMP TO hs_whatsapp_filter " disabled=no
/ip firewall filter add chain=hs_whatsapp_filter action=drop comment="ACTION = DROP WHATSAPP" disabled=no



You only must copy and past to your system, very easy and effectiv to do this!!!!!!!!!!!!!!!

Re: Block Whatsapp

Posted: Thu Sep 24, 2015 4:40 pm
by loveman
I have a very Powerfull Option for You! Add the following Script to the New Terminal, Mikrotik will create a New Scheduler and automatic put all Whatsapp DNS Entrys to the Firewall Address List !!

/system scheduler
add comment="Whatsapp Blocker" interval=2m name="Whatsapp Blocker" on-event="#\
\_Use DNS Entrys and add Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=Whatsapp co\
mment=\$cacheName;\r\
\n}\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup

O.K ?
Now You must create a new Firewall Filter Rule to take effect!

/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"


When your Network is a Hotspot Network!

/ip firewall filter add chain=forward action=jump jump-target=hs_whatsapp_filter dst-address-list=Whatsapp comment=\
"JUMP TO hs_whatsapp_filter " disabled=no
/ip firewall filter add chain=hs_whatsapp_filter action=drop comment="ACTION = DROP WHATSAPP" disabled=no



You only must copy and past to your system, very easy and effectiv to do this!!!!!!!!!!!!!!!

if I need not use hotspot

How can I complete this rule after
/ip firewall filter add chain=hs_whatsapp_filter action=drop comment="ACTION = DROP WHATSAPP" disabled=no

Re: Block Whatsapp

Posted: Wed Oct 07, 2015 1:16 pm
by PeterDoBrasil
You do not use Hotspot? Add this Firewall Filter!


/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"

Re: Block Whatsapp

Posted: Wed Oct 07, 2015 1:25 pm
by PeterDoBrasil
# Copy and Paste the above to WinBox New Terminal #

/system scheduler
add comment="Whatsapp Blocker" interval=2m name="Whatsapp Blocker" on-event="#\
\_Use DNS Entrys and add Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=Whatsapp co\
mment=\$cacheName;\r\
\n}\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup

/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"

Re: Block Whatsapp

Posted: Wed Oct 07, 2015 10:19 pm
by loveman
# Copy and Paste the above to WinBox New Terminal #

/system scheduler
add comment="Whatsapp Blocker" interval=2m name="Whatsapp Blocker" on-event="#\
\_Use DNS Entrys and add Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=Whatsapp co\
mment=\$cacheName;\r\
\n}\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup

/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"
I need to ask you if you tried this method?
your method is true working (blocked whatsapp) or not working the whatsapp will working without drop
because on this time i don't try , later i will try
i wait your answer for method drop whatsapp or no
Thank you

Re: Block Whatsapp

Posted: Fri Oct 16, 2015 2:12 am
by PeterDoBrasil
For me It works very well! Drop whatsapp is not dificult!

Re: Block Whatsapp

Posted: Fri Oct 16, 2015 2:51 am
by loveman
For me It works very well! Drop whatsapp is not dificult!
Thats right
Good for you.
Whats you using to drop it,,?
Only schedule?

Re: Block Whatsapp

Posted: Fri Oct 16, 2015 3:16 pm
by PeterDoBrasil
/ip firewall filter add chain=forward protocol=tcp action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"

without schedule, use this firewall filter rule
set your IP DNS to static!
set your DHCP server Network dns-server field to your Lan address, in my case 10.63.240.1 !!

Re: Block Whatsapp

Posted: Fri Oct 16, 2015 8:21 pm
by chechito
im curious
whats your motivation to block whats app??

Re: Block Whatsapp

Posted: Fri Oct 16, 2015 10:39 pm
by loveman
im curious
whats your motivation to block whats app??
Our company need to block app..

Re: Block Whatsapp

Posted: Fri Oct 16, 2015 11:23 pm
by chechito
im curious
whats your motivation to block whats app??
Our company need to block app..

ok then why your company need to block app??

Re: Block Whatsapp

Posted: Sat Oct 17, 2015 9:47 am
by loveman
im curious
whats your motivation to block whats app??
Our company need to block app..

ok then why your company need to block app??
Do not wish for this program so it is blocked.
I need to block program for computer
You know "connectify hotspot" how can block.

Re: Block Whatsapp

Posted: Mon Oct 19, 2015 3:33 pm
by enggheisar
you can see http://www.imfirewall.us/ to find all of the regular expression
example for viber : ^.*viber\.com$.
/ip firewall layer7-protocol add comment="" name=viber regexp="^^.*viber\.com$"

Re: Block Whatsapp

Posted: Tue Oct 20, 2015 7:52 pm
by loveman
you can see http://www.imfirewall.us/ to find all of the regular expression
example for viber : ^.*viber\.com$.
/ip firewall layer7-protocol add comment="" name=viber regexp="^^.*viber\.com$"
Thank you
In website i am not see filter for mikrotik..
Your method block viber,,!!
From where you have?
Plz i want all layer 7
I wait you

Re: Block Whatsapp

Posted: Tue Nov 03, 2015 3:14 am
by PeterDoBrasil
# IMPORTANT ! THIS SCRIPT ONLY WORKS WITH STATIC DNS CONFIGURATION #
# if you use the dhcp-client, go to and uncheck the field ,, use-peer-dns"#
# then go to ip dns and set your static dns server #
# 208.67.222.222, 208.67.220.220, Open DNS #
# Whatsapp Finder Script RouterOS v6.33rc33 #
# This here is the Version for New Terminal #
# add to Scheduler and run with Time Interval 00:01:00 #
{
# STEP 1 set your prefered List Name here or leave it as it is #
:global lst "Whatsapp";
# Use DNS Entrys and add dst Address to the Firewall Address-list #
:foreach i in=[/ip dns cache all find where (name~"whatsapp" || name~"whatscom") && (type="A") ] do={
:local tmpAddress [/ip dns cache get $i address];
delay delay-time=10ms
# prevent script from using all cpu time #
:if ( [/ip firewall address-list find where address=$tmpAddress] = "") do={
:local cacheName [/ip dns cache get $i name] ;
:log info ("added entry: $cacheName $tmpAddress");
/ip firewall address-list add address=$tmpAddress list="$lst" comment=$cacheName;
}
}
}

# Whatsapp Blocker RouterOS v6.33rc33 #
# This here is the Version for New Terminal #
# add to Scheduler and run with Time Interval 01:00:00 #
{
# STEP 2 set your in-interface here #
:local iif "bridge";
# STEP 3 set your jump target name for fw-mangle here, the same name will be the new chain or leave it as it is #
:local jt "whatsapp_mangle";
# STEP 4 set your jump rule comment here or leave it as it is #
:local jtc "Jump to Whatsapp Chain";
# STEP 5 set dst-address-here, you must get the same name which from STEP 1 or leave it as it is #
:local dal "Whatsapp";
# STEP 6 set your new-connection-mark name here or leave it as it is #
:local ncm "whats_con";
# STEP 7 determine the size in bytes here, connection is determined as valid after reaching size #
:local size "100";
# STEP 8 set your prefered connection-mark comment here or leave it as it is #
:local cmc "Whatsapp Connection";
# STEP 9 set your prefered src-address-list Name here or leave it as it is, this list will display your client IP addresses #
:local sal "Whatsapp User";
# STEP 10 set your prefered add-src-to-address-list comment here or leave it as it is #
:local sl "Whatsapp Add Src to Address List";
# STEP 11 set your own comment for drop rule, after reached Limit of STEP 7 the Malware connection will be closed #
:local mwc "Drop Whatsapp Con";
# STEP 12 set your jump target name for fw-filter here, the same name will be the new chain or leave it as it is #
:local fwf "whatsapp_chain";
# DO NOT EDIT NOTHING BELOW, THIS CAN BREAK THE SCRIPT !!! #
:log warning ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
:put ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
/ip firewall mangle remove [ find comment="$jtc" ];
/ip firewall mangle remove [ find comment="$cmc" ];
/ip firewall mangle remove [ find comment="$sl" ];
/ip firewall filter remove [ find comment="$jtc" ];
/ip firewall filter remove [ find comment="$mwc" ];
:log warning ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
:put ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
/ip firewall mangle
add chain="forward" protocol=tcp in-interface=$iif action=jump jump-target="$jt" comment="$jtc"
add chain="$jt" protocol=tcp in-interface=$iif connection-state=established,new dst-address-list="$dal" \
action=mark-connection new-connection-mark="$ncm" connection-bytes="$size-0" passthrough=yes comment="$cmc"
add chain="$jt" dst-address-list="$dal" action=add-src-to-address-list address-list="$sal" address-list-timeout=6h \
connection-mark="$ncm" comment="$sl"
/ip firewall filter
add chain=forward protocol=tcp in-interface=$iif connection-mark="$ncm" action=jump jump-target="$fwf" comment="$jtc"
add chain="$fwf" protocol=tcp dst-port=80 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
add chain="$fwf" protocol=tcp dst-port=443 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
add chain="$fwf" protocol=tcp dst-port=5222-5228 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
}

Re: Block Whatsapp

Posted: Tue Nov 03, 2015 1:54 pm
by loveman
# IMPORTANT ! THIS SCRIPT ONLY WORKS WITH STATIC DNS CONFIGURATION #
# if you use the dhcp-client, go to and uncheck the field ,, use-peer-dns"#
# then go to ip dns and set your static dns server #
# 208.67.222.222, 208.67.220.220, Open DNS #
# Whatsapp Finder Script RouterOS v6.33rc33 #
# This here is the Version for New Terminal #
# add to Scheduler and run with Time Interval 00:01:00 #
{
# STEP 1 set your prefered List Name here or leave it as it is #
:global lst "Whatsapp";
# Use DNS Entrys and add dst Address to the Firewall Address-list #
:foreach i in=[/ip dns cache all find where (name~"whatsapp" || name~"whatscom") && (type="A") ] do={
:local tmpAddress [/ip dns cache get $i address];
delay delay-time=10ms
# prevent script from using all cpu time #
:if ( [/ip firewall address-list find where address=$tmpAddress] = "") do={
:local cacheName [/ip dns cache get $i name] ;
:log info ("added entry: $cacheName $tmpAddress");
/ip firewall address-list add address=$tmpAddress list="$lst" comment=$cacheName;
}
}
}

# Whatsapp Blocker RouterOS v6.33rc33 #
# This here is the Version for New Terminal #
# add to Scheduler and run with Time Interval 01:00:00 #
{
# STEP 2 set your in-interface here #
:local iif "bridge";
# STEP 3 set your jump target name for fw-mangle here, the same name will be the new chain or leave it as it is #
:local jt "whatsapp_mangle";
# STEP 4 set your jump rule comment here or leave it as it is #
:local jtc "Jump to Whatsapp Chain";
# STEP 5 set dst-address-here, you must get the same name which from STEP 1 or leave it as it is #
:local dal "Whatsapp";
# STEP 6 set your new-connection-mark name here or leave it as it is #
:local ncm "whats_con";
# STEP 7 determine the size in bytes here, connection is determined as valid after reaching size #
:local size "100";
# STEP 8 set your prefered connection-mark comment here or leave it as it is #
:local cmc "Whatsapp Connection";
# STEP 9 set your prefered src-address-list Name here or leave it as it is, this list will display your client IP addresses #
:local sal "Whatsapp User";
# STEP 10 set your prefered add-src-to-address-list comment here or leave it as it is #
:local sl "Whatsapp Add Src to Address List";
# STEP 11 set your own comment for drop rule, after reached Limit of STEP 7 the Malware connection will be closed #
:local mwc "Drop Whatsapp Con";
# STEP 12 set your jump target name for fw-filter here, the same name will be the new chain or leave it as it is #
:local fwf "whatsapp_chain";
# DO NOT EDIT NOTHING BELOW, THIS CAN BREAK THE SCRIPT !!! #
:log warning ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
:put ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
/ip firewall mangle remove [ find comment="$jtc" ];
/ip firewall mangle remove [ find comment="$cmc" ];
/ip firewall mangle remove [ find comment="$sl" ];
/ip firewall filter remove [ find comment="$jtc" ];
/ip firewall filter remove [ find comment="$mwc" ];
:log warning ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
:put ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
/ip firewall mangle
add chain="forward" protocol=tcp in-interface=$iif action=jump jump-target="$jt" comment="$jtc"
add chain="$jt" protocol=tcp in-interface=$iif connection-state=established,new dst-address-list="$dal" \
action=mark-connection new-connection-mark="$ncm" connection-bytes="$size-0" passthrough=yes comment="$cmc"
add chain="$jt" dst-address-list="$dal" action=add-src-to-address-list address-list="$sal" address-list-timeout=6h \
connection-mark="$ncm" comment="$sl"
/ip firewall filter
add chain=forward protocol=tcp in-interface=$iif connection-mark="$ncm" action=jump jump-target="$fwf" comment="$jtc"
add chain="$fwf" protocol=tcp dst-port=80 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
add chain="$fwf" protocol=tcp dst-port=443 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
add chain="$fwf" protocol=tcp dst-port=5222-5228 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
}
Your method
Whats you can block only whatsapp?

Re: Block Whatsapp

Posted: Tue Nov 03, 2015 10:10 pm
by PeterDoBrasil
:D You can Block what you need to Block, only edit the Script!

Re: Block Whatsapp

Posted: Fri Nov 06, 2015 11:26 pm
by loveman
:D You can Block what you need to Block, only edit the Script!
I need to block "Viber" application for call,, how can i edit our your method

Re: Block Whatsapp

Posted: Fri Nov 06, 2015 11:32 pm
by PeterDoBrasil
What is Viber my Friend ???
:?

Re: Block Whatsapp

Posted: Fri Nov 06, 2015 11:38 pm
by loveman
What is Viber my Friend ???
:?
Viber is application call for smart phone, Looks like skype,Tango.. Etc
Thank you

Re: Block Whatsapp

Posted: Sat Nov 07, 2015 5:21 am
by PeterDoBrasil
test

Re: Block Whatsapp

Posted: Sat Nov 07, 2015 7:24 am
by loveman
test
Ok,, i will test soon,,
But i have other program,, that program working on computer,,
Name of program "connectify hotspot" meaning sharing the line of internet in computer,
When you setup in pc,, the computer change to router..
I need to block it?

Re: Block Whatsapp

Posted: Mon Dec 28, 2015 5:09 pm
by MohamedHassan

Re: Block Whatsapp

Posted: Tue Jan 05, 2016 2:12 am
by PeterDoBrasil
Yes

Re: Block Whatsapp

Posted: Sun Mar 13, 2016 6:08 pm
by hablasip
I have a very Powerfull Option for You! Add the following Script to the New Terminal, Mikrotik will create a New Scheduler and automatic put all Whatsapp DNS Entrys to the Firewall Address List !!

/system scheduler
add comment="Whatsapp Blocker" interval=2m name="Whatsapp Blocker" on-event="#\
\_Use DNS Entrys and add Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=Whatsapp co\
mment=\$cacheName;\r\
\n}\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup

O.K ?
Now You must create a new Firewall Filter Rule to take effect!

/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"


When your Network is a Hotspot Network!

/ip firewall filter add chain=forward action=jump jump-target=hs_whatsapp_filter dst-address-list=Whatsapp comment=\
"JUMP TO hs_whatsapp_filter " disabled=no
/ip firewall filter add chain=hs_whatsapp_filter action=drop comment="ACTION = DROP WHATSAPP" disabled=no



You only must copy and past to your system, very easy and effectiv to do this!!!!!!!!!!!!!!!
Hello PeterDoBrasil,

I am using this Script but en v6.34.1 sometimes work, but sometimes not,
i am using scheduler interval=1m, DNS static #208.67.222.222, 208.67.220.220,

Coud you tell me where is my error.

Thanks so much.

Re: Block Whatsapp

Posted: Sun Mar 13, 2016 9:58 pm
by wcsnet
I have had great sucess with blocking all sorts of things useing dns, for whatsapp i have a script that adds all ip found in the dns cashe to a address list abvously my script is dynamic and can do this for anything

Re: Block Whatsapp

Posted: Mon Mar 14, 2016 1:48 am
by Zorro
I have had great sucess with blocking all sorts of things useing dns, for whatsapp i have a script that adds all ip found in the dns cashe to a address list abvously my script is dynamic and can do this for anything
isn't that simply put DNS static override and blocking DNS bypassing/sneaking ?

Re: Block Whatsapp

Posted: Mon Mar 14, 2016 2:01 am
by chechito
I have had great sucess with blocking all sorts of things useing dns, for whatsapp i have a script that adds all ip found in the dns cashe to a address list abvously my script is dynamic and can do this for anything

agree

opendns can help a lot too as a compliment

Re: Block Whatsapp

Posted: Mon Mar 14, 2016 7:36 am
by wcsnet
I have had great sucess with blocking all sorts of things useing dns, for whatsapp i have a script that adds all ip found in the dns cashe to a address list abvously my script is dynamic and can do this for anything
isn't that simply put DNS static override and blocking DNS bypassing/sneaking ?

Well i fore users to a specific dns so no dns override :-)

Re: Block Whatsapp

Posted: Wed Mar 16, 2016 1:56 am
by PeterDoBrasil
I have a very Powerfull Option for You! Add the following Script to the New Terminal, Mikrotik will create a New Scheduler and automatic put all Whatsapp DNS Entrys to the Firewall Address List !!

/system scheduler
add comment="Whatsapp Blocker" interval=2m name="Whatsapp Blocker" on-event="#\
\_Use DNS Entrys and add Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=Whatsapp co\
mment=\$cacheName;\r\
\n}\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup

O.K ?
Now You must create a new Firewall Filter Rule to take effect!

/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"


When your Network is a Hotspot Network!

/ip firewall filter add chain=forward action=jump jump-target=hs_whatsapp_filter dst-address-list=Whatsapp comment=\
"JUMP TO hs_whatsapp_filter " disabled=no
/ip firewall filter add chain=hs_whatsapp_filter action=drop comment="ACTION = DROP WHATSAPP" disabled=no



You only must copy and past to your system, very easy and effectiv to do this!!!!!!!!!!!!!!!
Hello PeterDoBrasil,

I am using this Script but en v6.34.1 sometimes work, but sometimes not,
i am using scheduler interval=1m, DNS static #208.67.222.222, 208.67.220.220,

Coud you tell me where is my error.

Thanks so much.
Have you find any in Logs? Google DNS is much faster 8.8.8.8,8.8.4.4

Re: Block Whatsapp

Posted: Tue Mar 22, 2016 6:49 am
by imtiazahmed
Hi, Thanks for very valuable information available here. Although I have not tried yet but sure that it will work.

One very basis query : Do RB750Gr2 support these filters. and secondly I can use it with any DSL provided by ISP in routing mode.?

Regards

Re: Block Whatsapp

Posted: Tue Mar 22, 2016 11:55 am
by normis
Hi, Thanks for very valuable information available here. Although I have not tried yet but sure that it will work.

One very basis query : Do RB750Gr2 support these filters. and secondly I can use it with any DSL provided by ISP in routing mode.?

Regards
yes and yes

Re: Block Whatsapp

Posted: Wed Mar 23, 2016 10:13 am
by imtiazahmed
means no need to turn DSL into bridge mode.? then how filters will be applied on users direct connected to NAT ports of DSL router.

Re: Block Whatsapp

Posted: Wed Mar 23, 2016 1:01 pm
by munkitkat
It is not really wrong. Maybe we're both right 50%
Maybe it is best to block both ways. Block initiated connection from both inside and outside.

Re: Block Whatsapp

Posted: Tue Apr 26, 2016 9:33 am
by tfj88
How to setup a script to add all list in firewall filter ??
Hi, you only need to make a address-list containing the folowing addresses:

(taken from http://www.whatsapp.com/cidr.txt)

31.13.69.240/32
31.13.70.49/32
31.13.71.49/32
31.13.73.49/32
31.13.74.49/32
31.13.76.81/32
31.13.77.49/32
50.22.75.192/27
50.22.93.192/27
50.22.198.204/30
50.22.210.32/30
50.22.210.128/27
50.22.225.64/27
50.22.235.248/30
50.22.240.160/27
50.23.90.128/27
50.97.57.128/27
75.126.39.32/27
108.168.174.0/27
108.168.176.192/26
108.168.177.0/27
108.168.180.96/27
108.168.254.65/32
108.168.255.224/32
108.168.255.227/32
158.85.0.96/27
158.85.5.192/27
158.85.46.128/27
158.85.48.224/27
158.85.58.0/25
158.85.61.192/27
158.85.224.160/27
158.85.233.32/27
158.85.249.128/27
158.85.249.224/27
158.85.254.64/27
169.53.29.128/27
169.53.250.128/26
169.54.2.160/27
169.54.210.0/27
169.54.222.128/27
173.192.162.32/27
173.192.219.128/27
173.192.222.160/27
173.192.231.32/27
173.193.205.0/27
173.193.230.96/27
173.193.230.128/27
173.193.230.192/27
173.193.239.0/27
174.36.208.128/27
174.36.210.32/27
174.36.251.192/27
174.37.199.192/27
174.37.217.64/27
174.37.231.64/27
174.37.243.64/27
174.37.251.0/27
184.173.73.176/28
184.173.136.64/27
184.173.147.32/27
184.173.161.64/32
184.173.161.160/27
184.173.173.116/32
184.173.179.32/27
184.173.195.32/27
184.173.201.32/27
184.173.204.32/27
192.155.212.192/27
198.11.193.182/31
198.11.212.0/27
198.11.217.192/27
198.11.251.32/27
198.23.80.0/27
198.23.86.224/27
198.23.87.64/27
208.43.115.192/27
208.43.117.79/32
208.43.117.136/32
208.43.122.128/27
2607:f0d0:1b01:d4::/64
2607:f0d0:3004:136::/64
2607:f0d0:3005:183::/64
2607:f0d0:3006:84::/64
2607:f0d0:3006:af::/64

Re: Block Whatsapp

Posted: Tue Apr 26, 2016 10:12 am
by TomosRider
Hard mode: Try using the packet sniffer on the router to find how whatsapp communicates and then block it with the firewall.

I haven't used the packet sniffer on RouterOS, but looking at it quickly, I would set whatsapp up on a control device and then filter the packet sniffer on the interface you're connecting to and the MAC address of your control device.

When you're sniffing, start sending messages and making calls etc etc. That should give you enough information to block it through the firewall.

This guy....love it! :D

Re: Block Whatsapp

Posted: Wed Apr 27, 2016 1:46 am
by PeterDoBrasil
# Try my Whatsapp Blocker Script #

# IMPORTANT ! THIS SCRIPT ONLY WORKS WITH STATIC DNS CONFIGURATION #
# if you use the dhcp-client, go to and uncheck the field ,, use-peer-dns"#
# then go to ip dns and set your static dns server #
# 8.8.8.8 or 8.8.4.4 , Google DNS #
# Whatsapp Finder Script RouterOS v6.33rc33 #
# This here is the Version for New Terminal #
# add to Scheduler and run with Time Interval 00:01:00 #
{
# STEP 1 set your prefered List Name here or leave it as it is #
:global lst "Whatsapp";
# Use DNS Entrys and add dst Address to the Firewall Address-list #
:foreach i in=[/ip dns cache all find where (name~"whatsapp" || name~"whatscom") && (type="A") ] do={
:local tmpAddress [/ip dns cache get $i address];
delay delay-time=10ms
# prevent script from using all cpu time #
:if ( [/ip firewall address-list find where address=$tmpAddress] = "") do={
:local cacheName [/ip dns cache get $i name] ;
:log info ("added entry: $cacheName $tmpAddress");
/ip firewall address-list add address=$tmpAddress list="$lst" comment=$cacheName;
}
}
}

# Whatsapp Blocker RouterOS v6.33rc33 #
# This here is the Version for New Terminal #
# add to Scheduler and run with Time Interval 01:00:00 #
{
# STEP 2 set your in-interface here #
:local iif "bridge";
# STEP 3 set your jump target name for fw-mangle here, the same name will be the new chain or leave it as it is #
:local jt "whatsapp_mangle";
# STEP 4 set your jump rule comment here or leave it as it is #
:local jtc "Jump to Whatsapp Chain";
# STEP 5 set dst-address-here, you must get the same name which from STEP 1 or leave it as it is #
:local dal "Whatsapp";
# STEP 6 set your new-connection-mark name here or leave it as it is #
:local ncm "whats_con";
# STEP 7 determine the size in bytes here, connection is determined as valid after reaching size #
:local size "100";
# STEP 8 set your prefered connection-mark comment here or leave it as it is #
:local cmc "Whatsapp Connection";
# STEP 9 set your prefered src-address-list Name here or leave it as it is, this list will display your client IP addresses #
:local sal "Whatsapp User";
# STEP 10 set your prefered add-src-to-address-list comment here or leave it as it is #
:local sl "Whatsapp Add Src to Address List";
# STEP 11 set your own comment for drop rule, after reached Limit of STEP 7 the Malware connection will be closed #
:local mwc "Drop Whatsapp Con";
# STEP 12 set your jump target name for fw-filter here, the same name will be the new chain or leave it as it is #
:local fwf "whatsapp_chain";
# DO NOT EDIT NOTHING BELOW, THIS CAN BREAK THE SCRIPT !!! #
:log warning ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
:put ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
/ip firewall mangle remove [ find comment="$jtc" ];
/ip firewall mangle remove [ find comment="$cmc" ];
/ip firewall mangle remove [ find comment="$sl" ];
/ip firewall filter remove [ find comment="$jtc" ];
/ip firewall filter remove [ find comment="$mwc" ];
:log warning ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
:put ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
/ip firewall mangle
add chain="forward" protocol=tcp in-interface=$iif action=jump jump-target="$jt" comment="$jtc"
add chain="$jt" protocol=tcp in-interface=$iif connection-state=established,new dst-address-list="$dal" \
action=mark-connection new-connection-mark="$ncm" connection-bytes="$size-0" passthrough=yes comment="$cmc"
add chain="$jt" dst-address-list="$dal" action=add-src-to-address-list address-list="$sal" address-list-timeout=6h \
connection-mark="$ncm" comment="$sl"
/ip firewall filter
add chain=forward protocol=tcp in-interface=$iif connection-mark="$ncm" action=jump jump-target="$fwf" comment="$jtc"
add chain="$fwf" protocol=tcp dst-port=80 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
add chain="$fwf" protocol=tcp dst-port=443 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
add chain="$fwf" protocol=tcp dst-port=5222-5228 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
}

Re: Block Whatsapp

Posted: Thu Apr 28, 2016 6:21 pm
by Zorro
means no need to turn DSL into bridge mode.? then how filters will be applied on users direct connected to NAT ports of DSL router.
all consumers - connect to DNS-resolved resources.
which in turn thanks to static DNS override and DNS bypassing/forwarding blocking combo - ensure that Nobody can access something w/o 3rd party DNS-alike service/replacement(from host-files to various "services", like used in darknet or by govt spies and various p2p/adhoc replacements for DNS(with or witout "DNS Sub" to mimic it in deployment).

Re: Block Whatsapp

Posted: Sat May 07, 2016 11:12 am
by loveman
# Copy and Paste the above to WinBox New Terminal #

/system scheduler
add comment="Whatsapp Blocker" interval=2m name="Whatsapp Blocker" on-event="#\
\_Use DNS Entrys and add Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=Whatsapp co\
mment=\$cacheName;\r\
\n}\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup

/ip firewall filter add chain=forward action=drop dst-address-list=Whatsapp disabled=no comment="Whatsapp Blocker"

Thanks
what you mean that
interval=2m in /system scheduler ?

interval=2m ????

Re: Block Whatsapp

Posted: Sun May 08, 2016 2:59 am
by PeterDoBrasil
yes, interval 2 minutes

Re: Block Whatsapp

Posted: Tue May 10, 2016 11:08 pm
by loveman
yes, interval 2 minutes
Whats difference between interval 2 m
Or change to equal interval 10 m?

Re: Block Whatsapp

Posted: Fri May 13, 2016 3:02 am
by PeterDoBrasil
you can set your prefered interval time, I think when you set menor interval time the script works better in the first hours 8)

Re: Block Whatsapp

Posted: Sat Oct 29, 2016 1:23 am
by Takv
Hi, you only need to make a address-list containing the folowing addresses:

(taken from http://www.whatsapp.com/cidr.txt)

31.13.69.240/32
31.13.70.49/32
31.13.71.49/32
31.13.73.49/32
31.13.74.49/32
31.13.76.81/32
31.13.77.49/32
50.22.75.192/27
50.22.93.192/27
50.22.198.204/30
50.22.210.32/30
50.22.210.128/27
50.22.225.64/27
50.22.235.248/30
50.22.240.160/27
50.23.90.128/27
50.97.57.128/27
75.126.39.32/27
108.168.174.0/27
108.168.176.192/26
108.168.177.0/27
108.168.180.96/27
108.168.254.65/32
108.168.255.224/32
108.168.255.227/32
158.85.0.96/27
158.85.5.192/27
158.85.46.128/27
158.85.48.224/27
158.85.58.0/25
158.85.61.192/27
158.85.224.160/27
158.85.233.32/27
158.85.249.128/27
158.85.249.224/27
158.85.254.64/27
169.53.29.128/27
169.53.250.128/26
169.54.2.160/27
169.54.210.0/27
169.54.222.128/27
173.192.162.32/27
173.192.219.128/27
173.192.222.160/27
173.192.231.32/27
173.193.205.0/27
173.193.230.96/27
173.193.230.128/27
173.193.230.192/27
173.193.239.0/27
174.36.208.128/27
174.36.210.32/27
174.36.251.192/27
174.37.199.192/27
174.37.217.64/27
174.37.231.64/27
174.37.243.64/27
174.37.251.0/27
184.173.73.176/28
184.173.136.64/27
184.173.147.32/27
184.173.161.64/32
184.173.161.160/27
184.173.173.116/32
184.173.179.32/27
184.173.195.32/27
184.173.201.32/27
184.173.204.32/27
192.155.212.192/27
198.11.193.182/31
198.11.212.0/27
198.11.217.192/27
198.11.251.32/27
198.23.80.0/27
198.23.86.224/27
198.23.87.64/27
208.43.115.192/27
208.43.117.79/32
208.43.117.136/32
208.43.122.128/27
2607:f0d0:1b01:d4::/64
2607:f0d0:3004:136::/64
2607:f0d0:3005:183::/64
2607:f0d0:3006:84::/64
2607:f0d0:3006:af::/64
are you tried this all ip range ?
blocked whatsapp or working ?
From Whatsapp cidr...

Always works, both to QoS or block it

Cheers.

Re: Block Whatsapp

Posted: Sat Nov 05, 2016 11:55 pm
by loveman
Hi, you only need to make a address-list containing the folowing addresses:

(taken from http://www.whatsapp.com/cidr.txt)

31.13.69.240/32
31.13.70.49/32
31.13.71.49/32
31.13.73.49/32
31.13.74.49/32
31.13.76.81/32
31.13.77.49/32
50.22.75.192/27
50.22.93.192/27
50.22.198.204/30
50.22.210.32/30
50.22.210.128/27
50.22.225.64/27
50.22.235.248/30
50.22.240.160/27
50.23.90.128/27
50.97.57.128/27
75.126.39.32/27
108.168.174.0/27
108.168.176.192/26
108.168.177.0/27
108.168.180.96/27
108.168.254.65/32
108.168.255.224/32
108.168.255.227/32
158.85.0.96/27
158.85.5.192/27
158.85.46.128/27
158.85.48.224/27
158.85.58.0/25
158.85.61.192/27
158.85.224.160/27
158.85.233.32/27
158.85.249.128/27
158.85.249.224/27
158.85.254.64/27
169.53.29.128/27
169.53.250.128/26
169.54.2.160/27
169.54.210.0/27
169.54.222.128/27
173.192.162.32/27
173.192.219.128/27
173.192.222.160/27
173.192.231.32/27
173.193.205.0/27
173.193.230.96/27
173.193.230.128/27
173.193.230.192/27
173.193.239.0/27
174.36.208.128/27
174.36.210.32/27
174.36.251.192/27
174.37.199.192/27
174.37.217.64/27
174.37.231.64/27
174.37.243.64/27
174.37.251.0/27
184.173.73.176/28
184.173.136.64/27
184.173.147.32/27
184.173.161.64/32
184.173.161.160/27
184.173.173.116/32
184.173.179.32/27
184.173.195.32/27
184.173.201.32/27
184.173.204.32/27
192.155.212.192/27
198.11.193.182/31
198.11.212.0/27
198.11.217.192/27
198.11.251.32/27
198.23.80.0/27
198.23.86.224/27
198.23.87.64/27
208.43.115.192/27
208.43.117.79/32
208.43.117.136/32
208.43.122.128/27
2607:f0d0:1b01:d4::/64
2607:f0d0:3004:136::/64
2607:f0d0:3005:183::/64
2607:f0d0:3006:84::/64
2607:f0d0:3006:af::/64
are you tried this all ip range ?
blocked whatsapp or working ?
From Whatsapp cidr...

Always works, both to QoS or block it

Cheers.
Ok
Any idea to block psiphon vpn program?