Since yesterday I started getting "You seem to be using an unblocker or proxy" error on all devices.
I live in the UK, just accessing regular UK Netflix with no VPN or region related DNS configuration.
My ISP gives me a /29 which I use to SNAT the outbound requests for my clients, what I found is that the only way to prevent the proxy error is to SNAT with the primary WAN IP assigned to my router (which I don't want to do).
I can only put this down to:
1) My /29 has incorrectly been added to some sort of 'proxy blacklist' that Netflix use
or
2) Netflix added some sort of DNS verification that only allows a client to request content if the same source IP requested one of the required name records - since I use AB-Solution all DNS requests appear to come from the primary WAN IP
I'd appreciate any feedback if anyone has any experience/insight - one question that came up as part of this is how can I get the outbound name requests from my router to appear to come from one of my /29 addresses, I tried adding a SNAT rule to POSTROUTING and saw hitcounts following requests but only saw return INPUT hits directed to the primary WAN IP so looks like that SNAT wasn't working - would outbound requests from WAN interface even go through any aspect of iptables?
I am aware that one potential solution is to change DNS server on WAN page to IP of local DNS server and then SNAT outbound requests from that server but I would prefer to keep this functionality local to the router if possible.
AC88U - 380.62 beta1 - AB-Solution 2.0.1
I live in the UK, just accessing regular UK Netflix with no VPN or region related DNS configuration.
My ISP gives me a /29 which I use to SNAT the outbound requests for my clients, what I found is that the only way to prevent the proxy error is to SNAT with the primary WAN IP assigned to my router (which I don't want to do).
I can only put this down to:
1) My /29 has incorrectly been added to some sort of 'proxy blacklist' that Netflix use
or
2) Netflix added some sort of DNS verification that only allows a client to request content if the same source IP requested one of the required name records - since I use AB-Solution all DNS requests appear to come from the primary WAN IP
I'd appreciate any feedback if anyone has any experience/insight - one question that came up as part of this is how can I get the outbound name requests from my router to appear to come from one of my /29 addresses, I tried adding a SNAT rule to POSTROUTING and saw hitcounts following requests but only saw return INPUT hits directed to the primary WAN IP so looks like that SNAT wasn't working - would outbound requests from WAN interface even go through any aspect of iptables?
I am aware that one potential solution is to change DNS server on WAN page to IP of local DNS server and then SNAT outbound requests from that server but I would prefer to keep this functionality local to the router if possible.
AC88U - 380.62 beta1 - AB-Solution 2.0.1
