pfSense firewall rules for WhatsApp

For simplicity, you can also follow the step by step instructions from your pfSense WebGUI below:

1. Create a PORT alias:

Firewall -> Aliases -> Ports -> + AddName: WhatsAppPortsTCP
Port: 443
-> + Add PortPort: 5222
Save (bottom) -> Apply Changes (top right)

2. Create a URL alias:

Firewall -> Aliases – URLs -> + AddName: WhatsAppIPv4_URL
Type: URL Table (IPs)
URL Table (IPs): https://adamnetworks.dev/pub/fwaliases/raw/master/ips/whatsapp.txt /(update frequency): 1
Save (bottom) -> Apply Changes (top right)

3. Create an IP alias:

Firewall -> Aliases – IP -> + AddName: Facebook_IPv4_STUN
Type: Network(s)
Network or FQDN: 31.0.0.0 / 8
Save (bottom) -> Apply Changes (top right)

4. Create a TCP-based firewall rule:

Firewall -> Rules -> LAN -> Add
Under Edit Firewall RuleProtocol: TCP
Under DestinationChange any to Single host or alias
Destination Address: WhatsAppIPv4_URL (alias)
Custom (From Port): WhatsAppPortsTCP
Custom (To Port): WhatsAppPortsTCP
Under Extra OptionsDescription: adam:ONE Enabler for WhatsApp for Android App compatibility
Save (bottom) -> Apply Changes (top right)

5. Create a UDP-based firewall rule:

Firewall -> Rules -> LAN -> Add
Under Edit Firewall RuleProtocol: UDP
Under DestinationChange any to Single host or alias
Destination Address: Facebook_IPv4_STUN (alias)
From (Port): STUN (3478)
To (Port): STUN (3478)
Under Extra OptionsDescription: adam:ONE Enabler for WhatsApp Audio and Video
Save (bottom) -> Apply Changes (top right)

Note: If you have existing “block” rules, make sure to place or drag this rule above them.te that we should define at some point.

Src:
https://support.adamnet.works/t/pfsense-firewall-rules-for-whatsapp-on-android/224

Share

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.