Menu Close

Configuring a SOCKS Proxy and Tunneling With Dante

Obtaining Dante from repository

Dante is a fully functional SOCKS proxy server and as such has many nobs. Fortunately, setting up a basic configuration that will allow tunneling of things like HTTP is relatively simple. If you’re running Debian GNU/Linux, simply run:

# apt-get update
# apt-get install dante-server

Configuring Dante

remember! Dante is a SOCKS host NOT an HTTP proxy, you are going to get all sorts of weird errors if you get this wrong.

The configuration file is locate in

# cat /etc/danted.conf

 

This is a simple of the configuration file:

#Where are we going to log all those useful error messages?
logoutput: /var/log/dante.log

#What ip and port should Dante listen on,
# since I am only going to be using this via SSH
#I only want to allow connections over the loopback
internal: 123.123.123.123 port = 8080

#Bind to the eth0 interface
external: venet0:0

#Since I am only accepting connections over the loopback,
# the only people that COULD connect
# would already be authenticated,
# no need to have dante authenticate also
method: username none

#Which unprivileged user will Dante impersonate if need-be?
user.notprivileged: nobody

# Who can access this proxy?
# Accept only connections from the loopback, all ports
client pass {
# from: 127.0.0.0/8 port 1-65535 to: 0.0.0.0/0
from: 10.10.10.10/8 port 1-65535 to: 0.0.0.0/0
}

#Block all other connection attempts
client block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}

# Once connected, where can they go?
block {
from: 0.0.0.0/0 to: 127.0.0.0/8
log: connect error
}

#Pass from the internal IP to anywhere
pass {
# from: 192.168.0.0/16 to: 0.0.0.0/0
from: 10.10.10.10/8 port 1-65535 to: 0.0.0.0/0
protocol: tcp udp
}

#Pass from the loopback going anywhere
pass {
#from: 127.0.0.0/8 to: 0.0.0.0/0
from: 10.10.10.10/8 port 1-65535 to: 0.0.0.0/0
protocol: tcp udp
}

# Block everything else
block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}

Take a look at the first part:

internal: 123.123.123.123 port = 8080

#Bind to the eth0 interface
external: venet0:0
this dante configuration enable the proxy on port 8080 of a server ( example 123.123.123.123) and listing on interface venet0:0.
In most of case,  the default interface is eth0.
This configuration enable the proxy only for a single example ip: 10.10.10.10.

Starting Dante

For starting dante server the command is:
# /etc/init.d/danted start
And it have to response:
Starting Dante SOCKS daemon: danted.
If it doen’t response with this message you have to check the log:
# cat /var/log/dante.log
In my case sometime it give me this error:
symbolfunction(): compiletime configuration error?  Failed to open "libc.so": libc.so: cannot open shared object file: No such file or directory
For solve this issue launch this command:
/bin/ln -sf /lib/x86_64-linux-gnu/libc-2.15.so /usr/lib/x86_64-linux-gnu/libc.so
if the command belove doesn’t work, try this:
ln -s /lib/i386-linux-gnu/libc.so.6 /lib/i386-linux-gnu/libc.so
Keep attention on where LN file is locate, in my case is on /bin/ln.
Now, you can start again dante server and configure your browser for connect with SOCKS5 on the port that you have configured in the file above.

 

I suggest “Proxy Switchy!” for google chrome.
Posted in Linux, News

Leave a Reply

Your e-mail address will not be published. Required fields are marked *