Home Short Notes About Login   

install dante-server

علی ذوالفقار
1401/11/24 15:45:43 (380) 
Install GetPageSpeed repository:
    # dnf install https://extras.getpagespeed.com/release-latest.rpm
Install dante-server rpm package:
    # dnf install dante-server

apt install dante-server 

systemctl restart danted 

# no login user 
sudo useradd -r -s /bin/false test
sudo passwd test


# test : 
curl -v -x socks5://test:pass@127.0.0.1:1080 http://www.google.com/


# /etc/danted.conf 
full minimal config : 
#logging
logoutput: /var/log/sockd.log
#debug: 1

#server address specification
internal: 192.0.2.1 port = 1080
external: eth1

#server identities (not needed on solaris)
#user.privileged: root
user.notprivileged: socks
#user.libwrap: libwrap

#reverse dns lookup
#srchost: nodnsmismatch

#authentication methods
clientmethod: none
method: none

##
## SOCKS client access rules
##
#rule processing stops at the first match, no match results in blocking

#block access to socks server from 192.0.2.22 (exception for pass rule below)
# client block {
#       #block connections from 192.0.2.22/32
#       from: 192.0.2.22/24 to: 0.0.0.0/0
#       log: error # connect disconnect
# }

#allow connections from local network (192.0.2.0/24)
client pass {
        from: 192.0.2.0/24 to: 0.0.0.0/0
	log: error # connect disconnect
}

##
## SOCKS command rules
##
#rule processing stops at the first match, no match results in blocking

#block communication with www.example.org
# block {
#        from: 0.0.0.0/0 to: www.example.org
#        command: bind connect udpassociate
#        log: error # connect disconnect iooperation
# }

#generic pass statement - bind/outgoing traffic
pass {  
        from: 0.0.0.0/0 to: 0.0.0.0/0
        command: bind connect udpassociate
        log: error # connect disconnect iooperation
}

#block incoming connections/packets from ftp.example.org 
# block {
#        from: 0.0.0.0/0 to: ftp.example.org
#        command: bindreply udpreply
#        log: error # connect disconnect iooperation
# }

#generic pass statement for incoming connections/packets
pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        command: bindreply udpreply
        log: error # connect disconnect iooperation
}


logoutput: syslog
user.privileged: root
user.unprivileged: nobody

# The listening network interface or address.
internal: 0.0.0.0 port=1080

# The proxying network interface or address.
external: ens160

# socks-rules determine what is proxied through the external interface.
socksmethod: username
# socksmethod: none

# client-rules determine who can connect to the internal interface.
clientmethod: none

client pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
}

socks pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
}

#forwarding route to SOCKS server (which supports both SOCKS version 4 and 5)
route {
    from: 0.0.0.0/0 to: 0.0.0.0/0 via: 127.0.0.1 port = 1081
    proxyprotocol: socks_v4 socks_v5
    command: connect
    protocol: tcp #udp not supported
    method: none
}
Back