Bloquear totalmente o Whatsapp da Rede Mikrotik

[5gnetnovoprogresso]

# Whatsapp Finder Script RouterOS v6.33rc33 ## This here is the Version for New Terminal # # add to Scheduler and run with Time Interval 00:01:00 ## copie e cole esta parte aqui para o schedule, rodar no intervale de um minuto ## Importante! Primeiro configure seu ip-dns in Statico, se não o rastreamento não vai funcionar #{# STEP 1 set your prefered List Name here or leave it as it is #:global lst "Whatsapp";# Use DNS Entrys and add dst Address to the Firewall Address-list #:foreach i in=[/ip dns cache all find where (name~"whatsapp" || name~"whatscom") && (type="A") ] do={ :local tmpAddress [/ip dns cache get $i address];delay delay-time=10ms# prevent script from using all cpu time # :if ( [/ip firewall address-list find where address=$tmpAddress] = "") do={ :local cacheName [/ip dns cache get $i name] ; :log info ("added entry: $cacheName $tmpAddress"); /ip firewall address-list add address=$tmpAddress list="$lst" comment=$cacheName; } }}# Whatsapp Blocker RouterOS v6.33rc33 ## This here is the Version for New Terminal # # add to Scheduler and run with Time Interval 06:00:00 ## copie e cole também p.o scheduler, intervalo de 6 horas ## as regras só comerça a funcionar a partida de 100 bytes de fluxo de dados do Whatsapp #{# Passo 2 coloque o nome da sua in-interface aqui ## STEP 2 set your in-interface here #:local iif "in-interface";# STEP 3 set your jump target name for fw-mangle here, the same name will be the new chain or leave it as it is #:local jt "whatsapp_mangle";# STEP 4 set your jump rule comment here or leave it as it is #:local jtc "Jump to Whatsapp Chain";# STEP 5 set dst-address-here, you must get the same name which from STEP 1 or leave it as it is #:local dal "Whatsapp";# STEP 6 set your new-connection-mark name here or leave it as it is #:local ncm "whats_con";# STEP 7 determine the size in bytes here, connection is determined as valid after reaching size #:local size "100";# STEP 8 set your prefered connection-mark comment here or leave it as it is #:local cmc "Whatsapp Connection"; # STEP 9 set your prefered src-address-list Name here or leave it as it is, this list will display your client IP addresses #:local sal "Whatsapp User";# STEP 10 set your prefered add-src-to-address-list comment here or leave it as it is #:local sl "Whatsapp Add Src to Address List";# STEP 11 set your own comment for drop rule, after reached Limit of STEP 7 the Malware connection will be closed #:local mwc "Drop Whatsapp Con";# STEP 12 set your jump target name for fw-filter here, the same name will be the new chain or leave it as it is #:local fwf "whatsapp_chain";# DO NOT EDIT NOTHING BELOW, THIS CAN BREAK THE SCRIPT !!! #:log warning ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");:put ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");/ip firewall mangle remove [ find comment="$jtc" ];/ip firewall mangle remove [ find comment="$cmc" ];/ip firewall mangle remove [ find comment="$sl" ];/ip firewall filter remove [ find comment="$jtc" ];/ip firewall filter remove [ find comment="$mwc" ];:log warning ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");:put ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");/ip firewall mangleadd chain="forward" protocol=tcp in-interface=$iif dst-address-list="$dal" action=jump jump-target="$jt" comment="$jtc"add chain="$jt" protocol=tcp in-interface=$iif connection-state=established,new dst-address-list="$dal" \ action=mark-connection new-connection-mark="$ncm" connection-bytes="$size-0" passthrough=yes comment="$cmc"add chain="$jt" dst-address-list="$dal" action=add-src-to-address-list address-list="$sal" address-list-timeout=6h \ connection-mark="$ncm" comment="$sl"/ip firewall filteradd chain=forward protocol=tcp in-interface=$iif connection-mark="$ncm" action=jump jump-target="$fwf" comment="$jtc"add chain="$fwf" protocol=tcp dst-port=80 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"add chain="$fwf" protocol=tcp dst-port=443 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"add chain="$fwf" protocol=tcp dst-port=5222-5228 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"}# Esta versão aqui poce copiar e colar por new terminal, vai criar automaticamente as tarefas do scheduler ## Mas não esqueça depois de ir ao scheduler é acertar os intervalos é o nome da sua in-interface ## This is the version made by System, Insert to New Terminal and it generate ready schedule Rules ## oct/27/2015 16:45:21 by RouterOS 6.33rc33 ## software id = KPNX-1FGN #/system scheduleradd comment="Whatsapp Finder" interval=1m name="Whatsapp Finder" on-event="# W\ hatsapp Finder Script RouterOS v6.33rc33 #\r\ \n# This here is the Version for New Terminal # \r\ \n# add to Scheduler and run with Time Interval 00:01:00 #\r\ \n{\r\ \n# STEP 1 set your prefered List Name here or leave it as it is #\r\ \n:global lst \"Whatsapp\";\r\ \n# Use DNS Entrys and add dst Address to the Firewall Address-list #\r\ \n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\ =\"A\") ] do={\r\ \n :local tmpAddress [/ip dns cache get \$i address];\r\ \ndelay delay-time=10ms\r\ \n# prevent script from using all cpu time #\r\ \n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \ \"\") do={ \r\ \n :local cacheName [/ip dns cache get \$i name] ;\r\ \n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\ \n /ip firewall address-list add address=\$tmpAddress list=\"\$lst\" c\ omment=\$cacheName;\r\ \n }\r\ \n }\r\ \n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \ start-time=startupadd comment="Whatsapp Blocker" interval=1h name="Whatsapp Blocker" on-event="#\ \_Whatsapp Blocker RouterOS v6.33rc33 #\r\ \n# This here is the Version for New Terminal # \r\ \n# add to Scheduler and run with Time Interval 06:00:00 #\r\ \n{\r\ \n# STEP 2 set your in-interface here #\r\ \n:local iif \"in-interface\";\r\ \n# STEP 3 set your jump target name for fw-mangle here, the same name wil\ l be the new chain or leave it as it is #\r\ \n:local jt \"whatsapp_mangle\";\r\ \n# STEP 4 set your jump rule comment here or leave it as it is #\r\ \n:local jtc \"Jump to Whatsapp Chain\";\r\ \n# STEP 5 set dst-address-here, you must get the same name which from STE\ P 1 or leave it as it is #\r\ \n:local dal \"Whatsapp\";\r\ \n# STEP 6 set your new-connection-mark name here or leave it as it is #\r\ \n:local ncm \"whats_con\";\r\ \n# STEP 7 determine the size in bytes here, connection is determined as v\ alid after reaching size #\r\ \n:local size \"100\";\r\ \n# STEP 8 set your prefered connection-mark comment here or leave it as i\ t is #\r\ \n:local cmc \"Whatsapp Connection\"; \r\ \n# STEP 9 set your prefered src-address-list Name here or leave it as it \ is, this list will display your client IP addresses #\r\ \n:local sal \"Whatsapp User\";\r\ \n# STEP 10 set your prefered add-src-to-address-list comment here or leav\ e it as it is #\r\ \n:local sl \"Whatsapp Add Src to Address List\";\r\ \n# STEP 11 set your own comment for drop rule, after reached Limit of STE\ P 7 the Malware connection will be closed #\r\ \n:local mwc \"Drop Whatsapp Con\";\r\ \n# STEP 12 set your jump target name for fw-filter here, the same name wi\ ll be the new chain or leave it as it is #\r\ \n:local fwf \"whatsapp_chain\";\r\ \n# DO NOT EDIT NOTHING BELOW, THIS CAN BREAK THE SCRIPT !!! #\r\ \n:log warning (\"Removing old Mangle=\$jtc \" . \"Mangle=\$cmc \" . \ \"Mangle=\$sl \" . \"and Filter \$jtc \" . \"else \$mwc\");\r\ \n:put (\"Removing old Mangle=\$jtc \" . \"Mangle=\$cmc \" . \"Mangle=\ \$sl \" . \"and Filter \$jtc \" . \"else \$mwc\");\r\ \n/ip firewall mangle remove [ find comment=\"\$jtc\" ];\r\ \n/ip firewall mangle remove [ find comment=\"\$cmc\" ];\r\ \n/ip firewall mangle remove [ find comment=\"\$sl\" ];\r\ \n/ip firewall filter remove [ find comment=\"\$jtc\" ];\r\ \n/ip firewall filter remove [ find comment=\"\$mwc\" ];\r\ \n:log warning (\"Adding new Mangle=\$jtc \" . \"Mangle=\$cmc \" . \"M\ angle=\$sl \" . \"and Filter \$jtc \" . \"else \$mwc\");\r\ \n:put (\"Adding new Mangle=\$jtc \" . \"Mangle=\$cmc \" . \"Mangle=\$\ sl \" . \"and Filter \$jtc \" . \"else \$mwc\");\r\ \n/ip firewall mangle\r\ \nadd chain=\"forward\" protocol=tcp in-interface=\$iif action=jump jump-t\ arget=\"\$jt\" comment=\"\$jtc\"\r\ \nadd chain=\"\$jt\" protocol=tcp in-interface=\$iif connection-state=esta\ blished,new dst-address-list=\"\$dal\" \\ \r\ \naction=mark-connection new-connection-mark=\"\$ncm\" connection-bytes=\"\ \$size-0\" passthrough=yes comment=\"\$cmc\"\r\ \nadd chain=\"\$jt\" dst-address-list=\"\$dal\" action=add-src-to-address-\ list address-list=\"\$sal\" address-list-timeout=6h \\ \ \_ \r\ \nconnection-mark=\"\$ncm\" comment=\"\$sl\"\r\ \n/ip firewall filter\r\ \nadd chain=forward protocol=tcp in-interface=\$iif connection-mark=\"\$nc\ m\" action=jump jump-target=\"\$fwf\" comment=\"\$jtc\"\r\ \nadd chain=\"\$fwf\" protocol=tcp dst-port=80 connection-mark=\"\$ncm\" a\ ction=drop dst-address-list=\"\$dal\" src-address-list=\"\$sal\" comment=\ \"\$mwc\"\r\ \nadd chain=\"\$fwf\" protocol=tcp dst-port=443 connection-mark=\"\$ncm\" \ action=drop dst-address-list=\"\$dal\" src-address-list=\"\$sal\" comment=\ \"\$mwc\"\r\ \nadd chain=\"\$fwf\" protocol=tcp dst-port=5222-5228 connection-mark=\"\$\ ncm\" action=drop dst-address-list=\"\$dal\" src-address-list=\"\$sal\" co\ mment=\"\$mwc\"\r\ \n}\r\ \n\r\ \n\r\ \n\r\ \n" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \ start-time=startup# CUIDADO!! POIS ESTE SCRIPT BLOQUEIA O WHATS MESMO ## Da! Estão dizendo que não bloqueia nem Fotos? Eu ficei acordado as noites inteira durante dias, só observando as conexões no Firewall, sempre a conexoes mais na porta 443, algumas na porta 5222 é 5228 é quase nunca na porta 80, tomei litros de café e fumei maços de cigarro para ficar acordado, dai eu fiz o bloqueio e as conexões só mostrava, closed é waiting é não estabilished! Outra as Pessoas ficava perguntando por que o Whats deles não funciona!

[deson00]

Outra opção pode ser esta a baixo.

[surfinhu]

Creio que seja mais coisa pra sua RB processar.

Apenas bloqueie esses IPs: https://www.whatsapp.com/cidr.txt

[dougtog]

Creio que seja mais coisa pra sua RB processar.

Apenas bloqueie esses IPs: https://www.whatsapp.com/cidr.txt

Este citado acima, que usa o CIDR.TXT não está eficiente... uso ele no momento e está passando mensagens e fotos normalmente.. so que demoram um pouco mais..


Amigo, quero o bloqueio total... O tutorial do TÓPICO está funcionando perfeito???

[deson00]

Esta testando em rede interna ou seja o whats usa wifi interno para se comunicar caso esteja na mesma rede com quem esta enviando a msg ou foto.