Skip to content

Instantly share code, notes, and snippets.

@techotaku
Created January 8, 2018 14:18
Show Gist options
  • Save techotaku/4f39ff047d1da8a1c5199a609edff300 to your computer and use it in GitHub Desktop.
Save techotaku/4f39ff047d1da8a1c5199a609edff300 to your computer and use it in GitHub Desktop.
SNI Proxy for Netflix
# sudo docker run -d --name unblocker-ha -v $HOME/unblocker:/usr/local/etc/haproxy -p 443:443/tcp --link unblocker-sni \
# --log-opt max-size=1m --restart=unless-stopped tarot13/haproxy
defaults
timeout connect 5s
timeout client 24h
timeout server 24h
global
log /dev/log local0
frontend ssl
log global
mode tcp
option tcplog
option dontlognull
bind 0.0.0.0:443
acl whitelist src 0.0.0.0/0 # configure as needed
tcp-request connection reject if !whitelist
tcp-request inspect-delay 3s
tcp-request content accept if { req.ssl_hello_type 1 }
default_backend sniproxy
backend sniproxy
mode tcp
server sni unblocker-sni:443
# sudo docker run -d --name unblocker-sni -v $HOME/unblocker:/etc/sniproxy \
# --log-opt max-size=1m --restart=unless-stopped tarot13/sniproxy
pidfile /var/tmp/sniproxy.pid
resolver {
nameserver 8.8.8.8 # local dns should be better
mode ipv4_only
}
listener 0.0.0.0:443 {
proto tls
}
table {
.*iplocation\.net *
.*netflix\.com *
.*netflix\.net *
.*nflximg\.net *
.*nflxvideo\.net *
.*nflxso\.net *
.*nflxext\.com *
}
@0neday
Copy link

0neday commented Oct 25, 2020

table netflix {

    (.*\.|)fast(.*)\.com$ *
    (.*\.|)netflix\.com$ *
    (.*\.|)nflx(.*)\.net$ *
    (.*\.|)nflx(.*)\.com$ *




    }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment