Skip to content

Setup netflix proxy on DD WRT

Jump to bottom
Anton Belodedenko edited this page Nov 25, 2018 · 1 revision

NOTE: This can also be done via the terminal by using ssh, if you have a good router then you do not necessarily need a dd-wrt compatible router, a lot of non dd-wrt routers can use DNSmasq and iptables but you may have to access these advanced settings via ssh/telnet.

Changing your routers DNS settings so that all traffic goes through your proxy is far from ideal and can slow you down in some cases.

Here is how to make only selected domains go through your proxy if you have dd-wrt.

On your routers web interface go to Services > Services

Scroll down to DNSmasq and make sure it is enabled

In 'Additional DNSMasq Options' you need to set up what dns you want selected domains to use.

The correct syntax for this is as follows

strict-order
log-queries
server=/secure.hulu.com/208.67.222.222
server=/hulu.com/youproxiesiphere
server=/ipinfo.io/youproxiesiphere
server=/nflxvideo.net/youproxiesiphere
server=/netflix.com/youproxiesiphere
server=/nflximg.net/youproxiesiphere
server=/netflix.com/youproxiesiphere
server=/nflxext.com/youproxiesiphere
server=/amazon.com/youproxiesiphere

Click 'Apply Settings', then Click 'Save'

Notice I included an ip for secure.hulu.com, this is a useful IP that solves issues some people might be having logging into hulu from some devices such as android, roku and chromecast.

Some devices and apps have a hardcoded DNS, for example the chromecast, Roku and android app. We can redirect all DNS queries to unauthorised DNS servers such as 8.8.8.8 and 8.8.4.4 using iptables, we will redirect the queries to the DNS server on the dd-wrt router so that DNSmasq can do its thing and forward it to our 'smart dns'.

Go to Administration > Commands

In Command copy and past the following, this should work for "tagged" accounts.

  iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to yourddwrtrouterIPhere
  iptables -t nat -A PREROUTING -i br0 -p tcp --dport 53 -j DNAT --to yourddwrtrouterIPhere

And now you should be good to go.

Regarding non dd-wrt routers. You might find the dnsmasq configuration file in /etc/dnsmasq.conf or /tmp/dnsmasq.conf You might need to make some changes to /etc/resolv.conf to get dnsmasq working correctly. There is plenty of documentation for using iptables and dnsmasq on the internet.

ab1 ab1

Clone this wiki locally