Apps from Network with Squid transparent SSL Mode and blocked http/https Ports

NethServer Version: 7.3.1611 Final
Module: Squid

good morning,
since a couple of days i try to figure out how i can bypass only a range of IP Addresses for Apps and Programs like Whatsapp. At my Side the Messages comes in with activated Wi-Fi but often with a long delay. I see that Whatsapp are using Servers by IP Address in my logs but don’t get a working Solution to bypass only that IP Addresses. Same is with Telegram Messenger.

1 Like

What about sites without proxy? I’d like to call here also these guys
@MadCat @vhinzsanchez@acsel10 @jgjimenezs @Renan_Azedo_de_Olive @mansoor.tariq @cswain @Mario_Spang @GG_jr @telekomiker @Protagon_Antagon @Provolino72 @prostream @ssabbath @Walter_Schoenly

Regarding telegram, there’s faq:
http://wiki.squid-cache.org/ConfigExamples/Chat/Telegram

In NethServer create two CIDR firewall objects with telegram networks from the faq and add them to Sites without proxy.

Probably a similar config can be adopted for whatsapp. Do you know their ip ranges?

I try it with CIDR firewall objects and have add it to sites without proxy, but it did not work for me.

the ip´s from whatsapp are here https://www.whatsapp.com/cidr-all.txt

Well, sorry for the late response, i did that in a network i was working with firewall rules.

Creating a group of IP(firewall objects) and accepting Whatsapp/Telegram protocol… and denying for the rest of the network… it is working. Sometimes, some people on the (accept rule) are having trouble to download videos… but thats ok in that network.

BTW, i think you need DPI installed on your firewall to make this kind of rules :slight_smile:

1 Like

hey walter, thanks for your reply, i test it right now, but not sure if i do it right. i create a group of ip´s from my internal network in firewallobjects. after that i create a firewall rule where i accept the ip´s from the internal network to communicate all with the whatsapp protocol. is that right?

See, like that and another rule to reject it.

Worked for me.

1 Like

okay, thanks for the image, i will test it :slight_smile: