Created
January 8, 2018 14:18
-
-
Save techotaku/4f39ff047d1da8a1c5199a609edff300 to your computer and use it in GitHub Desktop.
SNI Proxy for Netflix
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # sudo docker run -d --name unblocker-ha -v $HOME/unblocker:/usr/local/etc/haproxy -p 443:443/tcp --link unblocker-sni \ | |
| # --log-opt max-size=1m --restart=unless-stopped tarot13/haproxy | |
| defaults | |
| timeout connect 5s | |
| timeout client 24h | |
| timeout server 24h | |
| global | |
| log /dev/log local0 | |
| frontend ssl | |
| log global | |
| mode tcp | |
| option tcplog | |
| option dontlognull | |
| bind 0.0.0.0:443 | |
| acl whitelist src 0.0.0.0/0 # configure as needed | |
| tcp-request connection reject if !whitelist | |
| tcp-request inspect-delay 3s | |
| tcp-request content accept if { req.ssl_hello_type 1 } | |
| default_backend sniproxy | |
| backend sniproxy | |
| mode tcp | |
| server sni unblocker-sni:443 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # sudo docker run -d --name unblocker-sni -v $HOME/unblocker:/etc/sniproxy \ | |
| # --log-opt max-size=1m --restart=unless-stopped tarot13/sniproxy | |
| pidfile /var/tmp/sniproxy.pid | |
| resolver { | |
| nameserver 8.8.8.8 # local dns should be better | |
| mode ipv4_only | |
| } | |
| listener 0.0.0.0:443 { | |
| proto tls | |
| } | |
| table { | |
| .*iplocation\.net * | |
| .*netflix\.com * | |
| .*netflix\.net * | |
| .*nflximg\.net * | |
| .*nflxvideo\.net * | |
| .*nflxso\.net * | |
| .*nflxext\.com * | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
table netflix {