-
利用开源 SNI PROXY+DNSMASQ 工具链实战 Netflix 流媒体解锁
本文采用 SNI PROXY 开源工具为 “liulilittle/sniproxy: Enhanced sni-proxy supports "HTTP, HTTP-SSL" and reverse proxy, and can be used to unlock streaming media resources of "Netflix, Disney+, TVB and TikTok". (github.com)”,它支持 “HTTP、HTTP SSL”、反向代理。
准备工作:
1、寻找一台已经解锁 Netflix 流媒体的公共互联网IP服务器,甲骨文韩国首尔,或许会是一个不错的选项。
2、服务器操作系统部署为 Ubuntu 16/18/20/22,可以为 “CentOS 7”、“Debian 9/10”。
3、从 Github 上面下载已编译的,SNI PROXY目标平台二进制程序,目前有以下列举的平台编译二进制程序。
3.4、sniproxy-linux-aarch64.zip
不相信编译的二进制程序安全性,那你可以自行配置编译环境编译程序,具体参考:CMakeLists.txt 上配置的库依赖,VS 2022编译,库依赖,可以由 vcpkg 管理部署。
4、配置解压缩 sniproxy 以后的 appsettings.json BSON格式配置文件
配置选项(注解:)
concurrent,最大并发数量,缺省:<= 0 则为设备CPU核心数
backlog, 连接请求队列
fast-open,TFO连接快速打开
turbo.lan,加速本地方向
turbo.wan,加速远程方向
listen.http,服务器监听的HTTP前置代理(同时支持IPV6/IPV4)
listen.http-ssl,服务器监听的HTTPS前置代理(同时支持IPV6/IPV4)
reverse-proxy.host,反向代理服务器域名(遇到请求该域名资源则反向代理转发)
reverse-proxy.http,反向代理转发的HTTP服务器(用户访问HTTP时)
reverse-proxy.http-ssl,反向代理转发的HTTPS服务器(用户访问HTTPS时)
connect.timeout,连接超时时间
5、安装 DNSMASQ 本地DNS查询服务器
sudo apt-get install dnsmasq -y
6、修改 DNSMASQ 全局配置
nano /etc/dnsmasq.conf
配置内容为:
domain-needed
bogus-priv
no-resolv
no-poll
all-servers
server=8.8.8.8
server=1.1.1.1
server=208.67.222.222
server=4.2.2.1
cache-size=2048
local-ttl=60
interface=*
conf-dir=/etc/dnsmasq.d/,smu.conf
resolv-file=/etc/resolv.dnsmasq.conf7、配置上游DNS服务器
nano /etc/resolv.dnsmasq.conf
配置内容为:
nameserver 8.8.8.8
nameserver 1.1.1.1
nameserver 208.67.222.222
nameserver 4.2.2.18、配置流媒体解锁DNS清单,设解锁流媒体的服务器IP为:“152.70.252.14(甲骨文韩国首尔)”
nano /etc/dnsmasq.d/smu.conf
配置内容为:address=/akadns.net/152.70.252.14
address=/akam.net/152.70.252.14
address=/akamai.com/152.70.252.14
address=/akamai.net/152.70.252.14
address=/akamaiedge.net/152.70.252.14
address=/akamaihd.net/152.70.252.14
address=/akamaistream.net/152.70.252.14
address=/akamaitech.net/152.70.252.14
address=/akamaitechnologies.com/152.70.252.14
address=/akamaitechnologies.fr/152.70.252.14
address=/akamaized.net/152.70.252.14
address=/edgekey.net/152.70.252.14
address=/edgesuite.net/152.70.252.14
address=/srip.net/152.70.252.14
address=/footprint.net/152.70.252.14
address=/level3.net/152.70.252.14
address=/llnwd.net/152.70.252.14
address=/edgecastcdn.net/152.70.252.14
address=/cloudfront.net/152.70.252.14
address=/netflix.com/152.70.252.14
address=/netflix.net/152.70.252.14
address=/nflximg.com/152.70.252.14
address=/nflximg.net/152.70.252.14
address=/nflxvideo.net/152.70.252.14
address=/nflxso.net/152.70.252.14
address=/nflxext.com/152.70.252.14
address=/hulu.com/152.70.252.14
address=/huluim.com/152.70.252.14
address=/hbonow.com/152.70.252.14
address=/hbogo.com/152.70.252.14
address=/hbo.com/152.70.252.14
address=/amazon.com/152.70.252.14
address=/amazon.co.uk/152.70.252.14
address=/amazonvideo.com/152.70.252.14
address=/crackle.com/152.70.252.14
address=/pandora.com/152.70.252.14
address=/vudu.com/152.70.252.14
address=/blinkbox.com/152.70.252.14
address=/abc.com/152.70.252.14
address=/fox.com/152.70.252.14
address=/theplatform.com/152.70.252.14
address=/nbc.com/152.70.252.14
address=/nbcuni.com/152.70.252.14
address=/ip2location.com/152.70.252.14
address=/pbs.org/152.70.252.14
address=/warnerbros.com/152.70.252.14
address=/southpark.cc.com/152.70.252.14
address=/cbs.com/152.70.252.14
address=/brightcove.com/152.70.252.14
address=/cwtv.com/152.70.252.14
address=/spike.com/152.70.252.14
address=/go.com/152.70.252.14
address=/mtv.com/152.70.252.14
address=/mtvnservices.com/152.70.252.14
address=/playstation.net/152.70.252.14
address=/uplynk.com/152.70.252.14
address=/maxmind.com/152.70.252.14
address=/disney.com/152.70.252.14
address=/disneyjunior.com/152.70.252.14
address=/adobedtm.com/152.70.252.14
address=/bam.nr-data.net/152.70.252.14
address=/bamgrid.com/152.70.252.14
address=/braze.com/152.70.252.14
address=/cdn.optimizely.com/152.70.252.14
address=/cdn.registerdisney.go.com/152.70.252.14
address=/cws.conviva.com/152.70.252.14
address=/d9.flashtalking.com/152.70.252.14
address=/disney-plus.net/152.70.252.14
address=/disney-portal.my.onetrust.com/152.70.252.14
address=/disney.demdex.net/152.70.252.14
address=/disney.my.sentry.io/152.70.252.14
address=/disneyplus.bn5x.net/152.70.252.14
address=/disneyplus.com/152.70.252.14
address=/disneyplus.com.ssl.sc.omtrdc.net/152.70.252.14
address=/disneystreaming.com/152.70.252.14
address=/dssott.com/152.70.252.14
address=/execute-api.us-east-1.amazonaws.com/152.70.252.14
address=/js-agent.newrelic.com/152.70.252.14
address=/xboxlive.com/152.70.252.14
address=/lovefilm.com/152.70.252.14
address=/turner.com/152.70.252.14
address=/amctv.com/152.70.252.14
address=/sho.com/152.70.252.14
address=/mog.com/152.70.252.14
address=/wdtvlive.com/152.70.252.14
address=/beinsportsconnect.tv/152.70.252.14
address=/beinsportsconnect.net/152.70.252.14
address=/fig.bbc.co.uk/152.70.252.14
address=/open.live.bbc.co.uk/152.70.252.14
address=/sa.bbc.co.uk/152.70.252.14
address=/www.bbc.co.uk/152.70.252.14
address=/crunchyroll.com/152.70.252.14
address=/ifconfig.co/152.70.252.14
address=/omtrdc.net/152.70.252.14
address=/sling.com/152.70.252.14
address=/movetv.com/152.70.252.14
address=/happyon.jp/152.70.252.14
address=/abema.tv/152.70.252.14
address=/hulu.jp/152.70.252.14
address=/optus.com.au/152.70.252.14
address=/optusnet.com.au/152.70.252.14
address=/gamer.com.tw/152.70.252.14
address=/bahamut.com.tw/152.70.252.14
address=/hinet.net/152.70.252.14
9、查看监听UDP:53端口的进程及进程PID
lsof -Pnl +M -i4 | grep 53
lsof -Pnl +M -i6 | grep 53
10、进程不是DNSMASQ在监听UDP:53端口则:
kill -9 $PID && systemctl restart dnsmasq 或 kill -9 $PID && service dnsmasq restart
进程是DNSMASQ在监听UDP:53端口则:
systemctl restart dnsmasq 或 service dnsmasq restart
补充:systemctl restart NetworkManager.service (CentOS 8 系统用该方法)
11、检查DNSMASQ状态是否重启成功?
service dnsmasq status 或 systemctl status dnsmasq
12、测试服务器本地环路上的DNSMASQ配置的 Netflix 解锁的DNS查询是否正确?
# nslookup netflix.com 127.0.0.1
Server: 127.0.0.53
Address: 127.0.0.53#53Name: netflix.com
Address: 152.70.252.14
Name: netflix.com
Address: 2600:1f14:62a:de81:b848:82ee:2416:447e
Name: netflix.com
Address: 2600:1f14:62a:de80:69a8:7b12:8e5f:855d
Name: netflix.com
Address: 2600:1f14:62a:de82:822d:a423:9e4c:da8d13、配置本地服务器的 nano /etc/resolv.conf,其它机器或设备DNS服务器配置为本机公共IP地址且本机服务器上面开放UDP:53端口的公共网络访问权限(防火墙)
nameserver 127.0.0.53 # 或:: nameserver 127.0.0.1
14、上述环境均配置正确以后可以使用以下的URL进行测试,查看 Netflix 流媒体的资源是否在用户端被解锁。
解锁检查URL:Breaking Bad | 넷플릭스 (netflix.com)
如果显示类似上面的界面,恭喜你,大功告成,你已成功的,解锁了 Netflix 流媒体的访问权限! 如果没有这个界面,则按照上述步骤自行检查故障,出现在哪里,直到被解决!
-
相关阅读:
Stable Diffusion 模型分享:CG texture light and shadow(CG纹理光影)
Java 后台重定向一个带参数的地址,前端要在地址中获取参数,并保存在Vue中,以便跳转到界面的时候世界使用
解释器模式——化繁为简的翻译机
夯实算法-整数转罗马数字
【STM32】读写内部Flash初步使用
2023.11.13 信息学日志
Humanoid Robotics Whole Body Control(WBC)全身控制
Hibernate多表的关联关系、懒加载
基于低代码平台的OA系统,更灵活高效!
GFS 分布式文件系统
- 原文地址:https://blog.csdn.net/liulilittle/article/details/126354520