Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid blocks images and video transfer via whatsapp

    Scheduled Pinned Locked Moved Cache/Proxy
    2 Posts 2 Posters 2.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rick_men
      last edited by

      Squid blocks images and video transfer via whatsapp
      We have Squid proxy server 3.3 running on a linux open suse 13.1 configured to work as a ACL. We don't do any kind of SSL interception or man in the middle. We simply receive a request and according to the MAC address and ACL allow access or block access to the requested page.

      The problem we are facing is that only 3 of the mobiles all of them incidentally, iphones, cannot send images/videos/any multimedia via whatsapp. Squid blocks these requests and says: forbidden, miss from cache etc

      The environment for the wifi (for whats app usage) is designed in a 'deny all' except a few domains and whatsapp.net is one of the domains that is allowed for text and multimedia transfer. All the android phones and even newer iphones (iphone 5s or 5 or 6) are able to send images and videos but these 3 phones. I even managed to capture the send request through TCP dump for an iphone that works and an iphone that squid blocks the sending. Here's the output

      iPhone/Android phone that is successful in forwarding or sending image via whatsapp - Attached image squid_image_transfer_passes_OK.png

      Observe that the request is done always to a domain – mmi261.whatsapp.net:443 and that further below packet is sent via TLS I.e SSL encryption

      On the other hand what I observed is that when a similar request to send an image is done via whatsapp through any of these three phones in question that squid blocks, here is the tcp dump

      attached image -  squid_blocks_request.png

      attached image 2 -  squid_blocks_image_response.png

      Above, it can be seen that the CONNECT is done to a URL and the reply returns by SQUID as forbidden.

      What I have come to understand (I could be wrong) hence is that Squid blocks image and video requests to these 3 iphones as they send CONNECT to IP addresses (and not to domain addresses) and also does not pass this request through an SSL like it does in the first image.
      Could anyone please help to resolve this issue. I attach below my squid.conf

      squid_blocks_image_response.png
      squid_blocks_request.png_thumb
      squid_blocks_request.png
      squid_image_transfer_passes_OK.png_thumb
      squid_image_transfer_passes_OK.png
      squid_blocks_image_response.png_thumb
      squidconf.txt

      1 Reply Last reply Reply Quote 0
      • P
        Polle
        last edited by

        Hi,
        Did you manage to solve this ? I'm facing the same problem, tried a couple of things but no luck so far …

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.