[Guide] Block updates while retaining online play, app updates, eshop on Switch & others with Proxy

Discussion in 'Switch - Tutorials' started by Type_O_Dev, Jul 1, 2018.

  1. Type_O_Dev
    OP

    Type_O_Dev GBAtemp Advanced Fan

    Member
    6
    Dec 12, 2017
    United States
    This guide is a updated version of @Tgames [TUTORIAL] Blocking online updates and play online with CCProxy over at GBAtemp
    A DNS workaround didnt seem to work so this is the solution.
    Game updates will only work on latest firmware as this cannot avoid Nintendo firmware check
    Supernag can be cleared using this



    INSTRUCTIONS



    • Windows


      Requirements:
      • Windows XP or above (tested and running on 10)
      • A PC with same wifi access point as 3ds,wiiu and/or switch
      • PC needs to stay on to keep proxy running
      • Download Nintendo Server List
      • Download and install CCProxy v8.0


      Click on "Options"
      image

      Fill it like the picture:
      • Set the proxy port to 8080, the other related ports will change.
      • You can set to different port if 8080 is being used (808, 1080, etc)
      • The ip address to the right of the port should show your ip. may work on 0.0.0.0
      image
      Click on "Advanced" then choose "Networks" tab.
      Check "Disable External Users" for security reasons.

      If you want to allow external users (friends, family, internet) to use your proxy server, uncheck this. You may need router modifications for this to work.

      Click on "OK" and then again on "OK"
      image
      You come back here:
      image

      Click "Account"

      Under Permit Category Set the option to "Permit only" users using proxy based on Auth Type "MAC Address"
      Click on "Web Filter"
      image
      Fill it like the picture:
      • Set the name for your filter
      • Check "Site Filter"
      • Set "Forbidden Sites" radio choice
      • Click the ... and select downloaded nintendo_filter.txt This list will block all Nintendo eShop access and updates on wii, wiiu, 3ds and switch. You can open nintendo_filter.txt and add more
      • Click on "OK"
      image
      You will come back here
      Click on "New"
      image
      Fill it like the picture:
      • Set a User name for this account (Nintendo Switch)
      • Enable this account
      • Filter by MAC Address (enter the WiiU or Switch MAC address here)
      • Check "Web Filter" and select the previously defined filter rule.
      image
      In this picture, the MAC address for CCProxy is 8ccde8886752 (no spaces, hyphen or colon)
      image

      Click "OK"
      image

      You can create another Account for another console if you want. Just follow above steps with New name and MAC address, be sure you check Web Filter and select previously used rule.

      Now the PC is hosting a proxy server

      Lets move onto the switch, Click the "Configure switch proxy tab

      If everything went correct you should now see a active connection in your CCProxy panel. To truly see if Nintendo update server request are ignored.
      image
      Click "Monitor"
      image

      You should see all traffic with rejections in red.

      Done!
      Now Configure Switch

      This will block firmware downloading from nintendo's update server. This will work with Nintendo 3ds, Wii U and Switch

      If anyone figures out more addresses to block post results here
      for nintendo switch following two servers were denied i also added google sun.hac.lp1.d4c.nintendo.net beach.hac.lp1.eshop.nintendo.net googletagmanager.com google-analytics.com


    • Linux


      Requirements:
      • Linux or your favorite distro
      • A Device with same wifi access point as 3ds,wiiu and/or switch
      • Device needs to stay on to keep proxy running
      • Squid3


      • Update and download package lists
      • Install Squid3
      Code:
      sudo apt-get update
      sudo apt-get upgrade
      Code:
      sudo apt install squid3
      Code:
      sudo apt-get install wget
      cd /etc/squid3/
      wget https://nofile.io/f/yXnHxDBqWUm/nintendont-squid.conf.txt
      mv nintendont-squid.conf.txt squid.conf
      Code:
      cd /etc/squid3/
      wget https://nofile.io/f/rVocC7oPN1c/nintendont-squid-blacklist.txt or goto download location
      mv nintendont-squid-blacklist.txt nintendont-blacklist.aci
      • Restart squid
      Code:
      systemctl restart squid3
      
      or
      
      /etc/init.d/squid3 restart
      Configure proxy in Switch Settings (Port: 3128, no authentication)

      Confirmed working using Squid Version 3.3.8 (Docker image: sameersbn/squid)

      If you want to use your own squid.conf, just add these two lines to your existing squid.conf:
      Code:
      acl bad_url dstdomain "/etc/squid3/nintendont-blacklist.acl"
      http_access deny bad_url
      Done!
      Now configure Switch

    • Macintosh


      Requirements:
      • MacOS
      • A Device with same wifi access point as 3ds,wiiu and/or switch
      • Computer needs to stay on to keep proxy running
      • Squidman
      • nintendont-squid-blacklist



      After downloading SquidMan open the dmg file and move the SquidMan application into your Applications folder.
      image
      • Configure your proxy
      image
      • Click Clients > Preferences. Then click on "New" and add your IP range.
      • Add ip adresses of your console range
        • exp: switch is 192.168.1.24 and 3ds is 192.168.1.11
          • So range we will cover is 192.168.1.0 to 192.168.1.24
      image
      • Click Template
      Find and edit ACCESS CONTROL scroll down look for %DIRECTHOSTS%
      image

      and under put in
      As shown in example below.
      image
      Scroll a little down from above to http_access par and add
      image
      Your Template should look like this
      Template
      Start the proxy server
      image

      Done!
      Now configure Switch

    • Switch


      • Click "System Settings"
      • Select "internet"

      image

      • Click "Internet Settings"
      • Click "Wireless network name"
      • Click "Change Settings"
      image
      • Turn "Proxy Settings" to ON
      Set server to the ip address of your computer (your internal network ip 192.168.*.*)

      Set the port to 8080 if you didn't use alternative 808, 1080 or 3128 (Linux)

      Leave "Auto-authentication" OFF
      • Click Save
      CONGRATULATIONS!
     
    Last edited by Type_O_Dev, Aug 24, 2018
  2. huma_dawii

    huma_dawii GBAtemp Addict

    Member
    8
    Apr 3, 2014
    United States
    Planet Earth
    PC needs to stay on to keep proxy running

    That's a no right there...
     
  3. DiscostewSM

    DiscostewSM GBAtemp Guru

    Member
    12
    Feb 10, 2009
    United States
    Sacramento, California
    We need a RPi alternative.
     
  4. quacka

    quacka Newbie

    Newcomer
    1
    Jul 1, 2018
    Australia
    If you want this on RPI, get squid proxy and apply the same web filter. Should achieve the same result.
     
  5. Type_O_Dev
    OP

    Type_O_Dev GBAtemp Advanced Fan

    Member
    6
    Dec 12, 2017
    United States
    yes as it will be proxy server
    That will work
     
  6. ShinAbo

    ShinAbo Member

    Newcomer
    3
    Feb 19, 2013
    Can i do this with my router ? adding the sites to the firewall ?
     
  7. Jungle_Jon

    Jungle_Jon GBAtemp Regular

    Member
    1
    Dec 26, 2015
    I assume this does nothing to block firmware updates ?
     
  8. Type_O_Dev
    OP

    Type_O_Dev GBAtemp Advanced Fan

    Member
    6
    Dec 12, 2017
    United States
    Yes
    Read the title
     
  9. Moquedami

    Moquedami GBAtemp Regular

    Member
    4
    Nov 16, 2006
    Argentina
    So with this method i would be able to update games in my 4.1 switch without upgrading. is that right?
     
    Last edited by Moquedami, Jul 1, 2018
  10. Type_O_Dev
    OP

    Type_O_Dev GBAtemp Advanced Fan

    Member
    6
    Dec 12, 2017
    United States
    Correct
     
  11. Moquedami

    Moquedami GBAtemp Regular

    Member
    4
    Nov 16, 2006
    Argentina
    That's just what i needed.
    I am going to try this tonight when i get home
     
  12. Rob Blou

    Rob Blou GBAtemp Advanced Fan

    Member
    5
    Jul 16, 2013
    Canada
    Incorrect. You'll get the error message saying that you need to update your system to proceed. Same with eShop and everything else.
    I rememeber on Vita we had a similar method where you could also spoof you firmware version directly within the proxy. I wonder if something similar would work.
     
  13. Type_O_Dev
    OP

    Type_O_Dev GBAtemp Advanced Fan

    Member
    6
    Dec 12, 2017
    United States
    You can update games with this method
     
  14. Rob Blou

    Rob Blou GBAtemp Advanced Fan

    Member
    5
    Jul 16, 2013
    Canada
    He was asking if he could upgrade games on FW 4.1 and you can't. You can on 5.1 though.
     
  15. Jungle_Jon

    Jungle_Jon GBAtemp Regular

    Member
    1
    Dec 26, 2015
    if you are on 5.1 you can update anyway this method does nothing
     
  16. Rel

    Rel GBAtemp Regular

    Member
    2
    Jun 4, 2018
    United States
    Nice, this will come in handy in case I need to update my games and not update my firmware.
     
    Last edited by Rel, Jul 2, 2018
  17. willhack

    willhack Advanced Member

    Newcomer
    2
    Apr 27, 2018
    United States
    But let's say ninty pushes a new update (i.e 5.2.0) will we be able to still update games on 5.1 with this method ?
     
  18. Type_O_Dev
    OP

    Type_O_Dev GBAtemp Advanced Fan

    Member
    6
    Dec 12, 2017
    United States
    This blocks the server that pushes updates, You may still get the update nag. When the console goes to do a update it will fail to download. You can also monitor traffic and add more addresses to list
     
  19. maxx488

    maxx488 Advanced Member

    Newcomer
    2
    Jun 15, 2018
    Argentina
    I used to do this, its a copy paste from a reddit post.

    I dont see the point of this anymore... just update jeezzz
     
  20. Type_O_Dev
    OP

    Type_O_Dev GBAtemp Advanced Fan

    Member
    6
    Dec 12, 2017
    United States
    The reddit post is mine and this is still useful
     
Loading...