Re: [squid-users] Using squid to get netflix access on iPhone (or boxee box) from Amos Jeffries on 2013-02-25 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 26 Feb 2013 13:20:18 +1300

On 25/02/2013 12:24 p.m., Henning Reich wrote:
> Hi, I hope its the correct address for my problem.
>
> I'm living in germany and want to get access to the us-netflix.
>
> So, i set up a amazon EC2 instance in the united states and install
> openvpn/pptpd and squid3.
>
> Openvpn works fine (of corse only if i habe a client for it), pptpd
> works also great and its supported by my devices. *happy, so it works
> @home*
>
> But in our campus-network, only outgoing TCP is allowd. For my PC no
> problem (thanks openvpn) but with my devices, i got trouble.
>
> So my idee was to use squid as a proxy. On my PC in works also. But
> not on my iPhone, I can browse through the movies/tv-shows but if i
> want to play a movie, i got error 207, which means something like
> "wrong location detected"
>
> Any Ideas how I should configure the squid-proxy to hilde all
> "location" informations and it looks like the squid the requesting
> client?
>
> Thank You and I'm sorry for my english. But I haven't a good teacher ;)
>
>
>
> PS.: my last configuration (tried different ones)
>
> auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/squid_passwd
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
> auth_param basic casesensitive off
>
> acl ncsa_users proxy_auth REQUIRED
> http_access allow ncsa_users
> http_access deny all
>
> http_port 31280
> forwarded_for off
> VIA off

Squid configuration directives are case-sensitive, so VIA will not be
doing anything useful.

One alternative you can try with Squid-3.2+ which might work better is:
forwarded_for delete

That can be achieved in older vesions with:
request_header_access X-Forwarded-For deny all

You will also want to erase these headers which contain location hints:
request_header_access Accept-Language deny all

maybe also the Accept: header whih can have duplicate location details.

Also, avoid using Chrome web browser which embeds language and location
details using a few places where HTTP permits ... like its User-Agent
string and Cookie headers timezone field.

Amos
Received on Tue Feb 26 2013 - 00:20:25 MST

This archive was generated by hypermail 2.2.0 : Tue Feb 26 2013 - 12:00:04 MST