Squid

How to configure Squid proxy for Google Play?

Good day. There was a following problem. VPS needs to be configured as a proxy to connect the Android simulator. Installed Squid on VPS (Squid config below). Registered access to the VPS in the ProxyCap program. Launched all simulator traffic using ProxyCap through VPS. If you start the simulator and go to the browser, then everything is OK, there is Internet. 2ip shows the ip of the VPS (just what you need). Next, I go to the simulator in Google play. I'm trying to install any application and an error pops up during installation, they say you can't install the application, because. an error occurred(403). If you disable ProxyCap, i.e. let all traffic not through VPS, then the application is quietly installed. From which I concluded that the problem is with the Squid setup. And since Internet in the browser of the simulator is, then apparently the problem is with Google Play.

acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
acl mypc src "/etc/squid/allow_ips.txt"

acl SSL_ports port 443
acl Safe_ports port 80		# http
acl Safe_ports port 21		# ftp
acl Safe_ports port 443		# https
acl Safe_ports port 70		# gopher
acl Safe_ports port 210		# wais
acl Safe_ports port 1025-65535	# unregistered ports
acl Safe_ports port 280		# http-mgmt
acl Safe_ports port 488		# gss-http
acl Safe_ports port 591		# filemaker
acl Safe_ports port 777		# multiling http
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager

http_access allow localnet
http_access allow localhost
http_access allow mypc

http_port 3128 transparent
access_log /var/log/squid/access.log squid

hierarchy_stoplist cgi-bin ?

coredump_dir /var/spool/squid

refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern .		0	20%	4320

A list of allowed IPs is pulled into this config. The list connects and works fine (at least in the simulator's browser, the internet works as it should).
Here is another iptables config (from the articles on configuring Squid, I realized that it also matters):

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3128 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Actually the question =) What needs to be done to make Google Play work through Squid. Perhaps you need to add some settings to Squid, or somewhere else. Please help, I will be very grateful =)