# Squid blocks images and video transfer via whatsapp



## rick_men (Jun 7, 2016)

We have Squid proxy server 3.3 running on a linux open suse 13.1 configured to work as a ACL. We don't do any kind of SSL interception or man in the middle. We simply receive a request and according to the MAC address and ACL allow access or block access to the requested page. 



The problem we are facing is that only 3 of the mobiles all of them incidentally, iphones, cannot send images/videos/any multimedia via whatsapp. Squid blocks these requests and says: forbidden, miss from cache etc


The environment for the wifi (for whats app usage) is designed in a 'deny all' except a few domains and whatsapp.net is one of the domains that is allowed for text and multimedia transfer. All the android phones and even newer iphones (iphone 5s or 5 or 6) are able to send images and videos but these 3 phones. I even managed to capture the send request through TCP dump for an iphone that works and an iphone that squid blocks the sending. Here's the output


iPhone/Android phone that is successful in forwarding or sending image via whatsapp



Observe that the request is done always to a domain – mmi261.whatsapp.net:443 and that further below packet is sent via TLS I.e SSL encryption




On the other hand what I observed is that when a similar request to send an image is done via whatsapp through any of these three phones in question that squid blocks, here is the tcp dump








Above, it can be seen that the CONNECT is done to a URL and the reply returns by SQUID as forbidden. 



What I have come to understand (I could be wrong) hence is that Squid blocks image and video requests to these 3 iphones as they send CONNECT to IP addresses (and not to domain addresses) and also does not pass this request through an SSL like it does in the first image. 
Could anyone please help to resolve this issue. I attach below my squid.conf


----------

