For simplicity, you can also follow the step by step instructions from your pfSense WebGUI below:
1. Create a PORT alias:
Firewall -> Aliases -> Ports -> + AddName: WhatsAppPortsTCP
Port: 443
-> + Add PortPort: 5222
Save (bottom) -> Apply Changes (top right)
2. Create a URL alias:
Firewall -> Aliases – URLs -> + AddName: WhatsAppIPv4_URL
Type: URL Table (IPs)
URL Table (IPs): https://adamnetworks.dev/pub/fwaliases/raw/master/ips/whatsapp.txt /(update frequency): 1
Save (bottom) -> Apply Changes (top right)
3. Create an IP alias:
Firewall -> Aliases – IP -> + AddName: Facebook_IPv4_STUN
Type: Network(s)
Network or FQDN: 31.0.0.0 / 8
Save (bottom) -> Apply Changes (top right)
4. Create a TCP-based firewall rule:
Firewall -> Rules -> LAN -> Add
Under Edit Firewall RuleProtocol: TCP
Under DestinationChange any to Single host or alias
Destination Address: WhatsAppIPv4_URL (alias)
Custom (From Port): WhatsAppPortsTCP
Custom (To Port): WhatsAppPortsTCP
Under Extra OptionsDescription: adam:ONE Enabler for WhatsApp for Android App compatibility
Save (bottom) -> Apply Changes (top right)
5. Create a UDP-based firewall rule:
Firewall -> Rules -> LAN -> Add
Under Edit Firewall RuleProtocol: UDP
Under DestinationChange any to Single host or alias
Destination Address: Facebook_IPv4_STUN (alias)
From (Port): STUN (3478)
To (Port): STUN (3478)
Under Extra OptionsDescription: adam:ONE Enabler for WhatsApp Audio and Video
Save (bottom) -> Apply Changes (top right)
Note: If you have existing “block” rules, make sure to place or drag this rule above them.te that we should define at some point.
Src:
https://support.adamnet.works/t/pfsense-firewall-rules-for-whatsapp-on-android/224