Show Posts
1
General Discussion / Re: OPN Sense Network for application messages only (WhatsApp, WeChat)
« on: April 23, 2018, 12:26:48 pm »
Update ~ Successful initial trial!
So this is how I did it
Via Firewall Aliases set up the following domains list:
• whatsapp.com
• whatsapp.net
• wechat.com
• wechat.net
• messenger.com
• www.facebook.com
• orcart.facebook.com
• fbstatic-a.akamaihd.net
• api.facebook.com
• orcart.facebook.com
• fbexternal-a.akamaihd.net
• fbcdn-profile-a.akamaihd.net
• graph.facebook.com
Open the following ports (both TCP and UDP) on the firewall for outgoing traffic:
• 80
• 443
• 5222
• 5223
• 5228
Next, setup traffic shaping.
Pipe all download on the network (destination) at 256kbps
Pipe all upload on the network (destination) at 64kbps
Add these firewall Rules along with the outgoing ports
https://www.dropbox.com/s/9je3c8th3d3klom/Screenshot%202018-04-23%2012.22.14.png
(Ignore the first one thats just the default Open Kimono I use before cracking down on my firewalls)
And voila!
Results
Now the network has only been functioning for about 24 hours.
So far, text messaging is possible on Whatsapp, We Chat and Facebook Messenger.
Voice messages are only allowed through on WeChat if they are short enough.
Image transfer fails on all 3.
Voice calls fails on all 3.
Video chat fails on all 3.
No browsing is possible so far.
We have not seen any http traffic, and the network is wide open on the WiFi no authentication.
Note: On cellphones you may get a warning that the network doesn't have a connection to the internet since its locked down so tight, just ignore it and add an exception in the device.
I'll do another update once there's customer feedback.
Line wasn't ever necessary for this system, but I still haven't figured out how to let it through thats sort of a pet project of mine, might try again in the future.
So this is how I did it
Via Firewall Aliases set up the following domains list:
• whatsapp.com
• whatsapp.net
• wechat.com
• wechat.net
• messenger.com
• www.facebook.com
• orcart.facebook.com
• fbstatic-a.akamaihd.net
• api.facebook.com
• orcart.facebook.com
• fbexternal-a.akamaihd.net
• fbcdn-profile-a.akamaihd.net
• graph.facebook.com
Open the following ports (both TCP and UDP) on the firewall for outgoing traffic:
• 80
• 443
• 5222
• 5223
• 5228
Next, setup traffic shaping.
Pipe all download on the network (destination) at 256kbps
Pipe all upload on the network (destination) at 64kbps
Add these firewall Rules along with the outgoing ports
https://www.dropbox.com/s/9je3c8th3d3klom/Screenshot%202018-04-23%2012.22.14.png
(Ignore the first one thats just the default Open Kimono I use before cracking down on my firewalls)
And voila!
Results
Now the network has only been functioning for about 24 hours.
So far, text messaging is possible on Whatsapp, We Chat and Facebook Messenger.
Voice messages are only allowed through on WeChat if they are short enough.
Image transfer fails on all 3.
Voice calls fails on all 3.
Video chat fails on all 3.
No browsing is possible so far.
We have not seen any http traffic, and the network is wide open on the WiFi no authentication.
Note: On cellphones you may get a warning that the network doesn't have a connection to the internet since its locked down so tight, just ignore it and add an exception in the device.
I'll do another update once there's customer feedback.
Line wasn't ever necessary for this system, but I still haven't figured out how to let it through thats sort of a pet project of mine, might try again in the future.