Date: Sat, 27 Feb 2016 12:42:46 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Mark Felder <feld@freebsd.org> Cc: User Questions <freebsd-questions@freebsd.org> Subject: Re: WhatsApp Calls through IPFilter - How do I allow? Message-ID: <CAAdA2WPopvs9iyTqN1%2BoRH3MBbP0-fro_zbEj6=4veEFp4ydUg@mail.gmail.com> In-Reply-To: <6458F1DB-6E78-44E3-92F2-3E684BEA16FA@FreeBSD.org> References: <CAAdA2WNVXpe0S-rx3kFNYOP1S7LPj41xSoaaFeRosZ8uoOD4gg@mail.gmail.com> <1456412447.3227197.531722746.2BC3D996@webmail.messagingengine.com> <CAAdA2WO9HhBS-EOWdeTbgOKOW8Fctb9jPshfY6QaWbyW1LE7uA@mail.gmail.com> <6458F1DB-6E78-44E3-92F2-3E684BEA16FA@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 26 February 2016 at 15:49, Mark Felder <feld@freebsd.org> wrote: > > > On Feb 26, 2016, at 01:56, Odhiambo Washington <odhiambo@gmail.com> wrote: > > > > On 25 February 2016 at 18:00, Mark Felder <feld@freebsd.org> wrote: > >> >> >> On Thu, Feb 25, 2016, at 05:04, Odhiambo Washington wrote: >> > I have a network where FreeBSD acts as the gateway. I use IPFilter as >> the >> > firewall. >> > >> > I have users with smartphones who'd like to use Whatsapp call feature >> but >> > the firewall is blocking these. I have googled and found >> > https://github.com/ukanth/afwall/issues/358 which seems to talk about >> the >> > ports that I need to open, but even after following that, I still cannot >> > get this working. My IPFilter rules are these -> >> > http://pastebin.com/77YrMEEG >> > >> > Hopefully someone can see what I am missing or knows what I should do. >> > I am currently away from the box and with bad Internet, I cannot easily >> > do >> > packet capture to analyze... I know iy sounds lazy, but I also hope this >> > wheel has already been invented and is spinning already... >> > >> > >> >> Do you end up getting log entries for the blocked traffic? >> >> -- >> Mark Felder >> ports-secteam member >> feld@FreeBSD.org <feld@freebsd.org> >> > > I do't see anything written to the logfile. > However, I have identified the rules blocking the traffic. I just need to > get the ports used by Whatsapp for calls and I'll get this sorted. > > > After some searching I was able to find someone who claims "The voice > server connects only, as mentioned, 59437 - 59581 (the first time) and this > goes through port 5222." > > I also came across this URL containing all the whatsapp IPs: > http://www.whatsapp.com/cidr.txt > > If you still can't get this sorted out I can try emailing a contact I have > at Whatsapp to see if he can provide further details. > The version of IPFilter on my server (FreeBSD 8.4-STABLE) does not support variable definitions/substitutions else I could have used the CIDR. My latest attempt at opening the relevant ports can be seen at http://goo.gl/0xnhw8 but still it did not work! Maybe it's me who's getting confused with the rules?? I have to literally leave the firewall open for Whatsapp calls to work, which is pretty bad! I'll appreciate any info from your contact at Whatsapp.. But also take a look at my rules and lemme know if you can act as my 3rd eye to see where I could be missing the point/going wrong with the rules - which are derived from http://freebsd.therek.net/handbook/firewalls-ipf.html, to be precise. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAdA2WPopvs9iyTqN1%2BoRH3MBbP0-fro_zbEj6=4veEFp4ydUg>