kashif - March 22, 2017
How to Setup a SOCKS5 Proxy Server using Dante
Dante is a free SOCKS server and a flexible product developed by Inferno Nettverk A/S that can be used to provide convenient and secure network connectivity. Its combination of a SOCKS server and a SOCKS client, implementing RFC 1928 and other related standards. The Dante is an Open Source SOCKS server that can be used together with many popular network applications which already have SOCKS support built in to them, such as most web-browsers, Bloomberg terminals, instant messaging programs, and many others. Dante is used by Fortune 100 companies and large international organizations, both as a standard forward proxy server and as a reverse proxy server. There are several commercial modules are available for the Dante server that can be used to enhance its functionality. Your data will be routed through the Danted proxy server that generates an arbitrary IP address before it reach your destination. The socks proxy server is a generic proxy and supports nearly every application which requires the application to run socksified. The socks server listens by default on port ‘1080’ and the applications that want to use the socks server have to be sockified. The socks client wraps the original request into a socks request which means that all traffic will be redirected to the socks server at port 1080.
The Dante SOCKS server have a lot of benefits, including security and TCP/IP termination that is there will be no direct contact between hosts inside and outside of the customer network. It helps in resource control including bandwidth, sessions and logging about host information and data transferred. Let’s see how can install and use the SOCKS5 proxy server using Dante on Ubuntu 16.04 Operating System.
Prerequisites
In this tutorial we will be using Ubuntu 16.04 LTS as it’s one of the major Linux distributions, which will make sure you get the most out of your resources on your VPS to have a smooth proxy with small budget VPS services.
First of all connect to your Ubuntu 16.04 server using root user credentials and make sure you have your apt packages are updated and fully patched. You can update your Ubuntu server using below command.
Find the perfect Proxy Product.
# apt-get update && apt-get upgradePress 'Y' key to continue your system updates and upgrade process by hitting ‘Enter’ key. Once your system is back with latest updates and upgrades, move to the next section to start installing Dante Socks5 proxy server on Ubuntu.
Check out our full range of Residential Proxies
Check out our full range of Datacenter Proxies
Installing Dante Proxy Server on Ubuntu 16.04
The default Ubuntu repositories have an outdated Dante-server package that is the version 1.1.19 which also has some bugs, like the authentication feature does not work properly in this version of Dante server.
So, if you don’t need authentication then you can install it using the below ‘apt’ command in your command line terminal.
# sudo apt-get install dante-serverOnce the installation is complete, you can restart its services and then check its status to find if the services are up or not by issuing below commands as shown.
# service danted restart# service danted statusTo check the version of the installed danted server, use below command.
# danted -v
danted: dante v1.1.19
Installing Dante from source on Ubuntu 16.04
The best way to install Dante is to use its source package for the latest available version which is currently version 1.4.2 . You can download the latest version from this Link to Dante Download Page. Copy the source link and download the Dante package using below ‘wget’ command.
# cd /usr/src# wget http://www.inet.no/dante/files/dante-1.4.2.tar.gzOnce the package has been downloaded, then extract it within the current directory using below command.
# tar -zxf dante-1.4.2.tar.gzChange directory to the extracted folder to compile and install the package.
# cd dante-1.4.2/Make sure that you have 'gcc' and 'make' utilities installed on your system prior to compile and installation of Dante package. You can use below command to install.
# apt-get install gcc makeNow let’s run the below command to compile the source with required prefix as shown.
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --disable-client --without-libwrap --without-bsdauth --without-gssapi --without-krb5 --without-upnp --without-pamAt the end of the compilation process, you will get its configuration status as shown below.
Configure status:
Client: Disabled, using --disable-client
Server: Enabled
Preloading: Enabled
Libwrap: Disabled, using --without-libwrap
BSD Auth: Disabled, using --without-bsdauth
PAM: Disabled, using --without-pam
GSSAPI: Not found/disabled
KRB5: Not found/disabled
SASL: Not found/disabled
UPNP: Not found/disabled
Compatability: issetugid setproctitle strlcpy strvis
Modules:
redirect: Not found
bandwidth: Not found
ldap: Not foundAfter that run the following ‘make’ command to install the compiled packages.
# make && make installYou can check the installed version of Dante using below command.
# /usr/sbin/sockd -v
Dante v1.4.2. Copyright (c) 1997 - 2014 Inferno Nettverk A/S, NorwayConfiguring Dante-server service script
Now we are going to create the configuration file for the dante-server’s start/stop script. To do so create a new file in ‘/etc/init.d/’ directory and place the following contents in it using your command line editor.
# vim /etc/init.d/sockd#! /bin/sh
### BEGIN INIT INFO
# Provides: sockd
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start the dante SOCKS server.
# Description: SOCKS (v4 and v5) proxy server daemon (sockd).
# This server allows clients to connect to it and
# request proxying of TCP or UDP network traffic
# with extensive configuration possibilities.
### END INIT INFO
#
# dante SOCKS server init.d file. Based on /etc/init.d/skeleton:
# Version: @(#)skeleton 1.8 03-Mar-1998 miquels@cistron.nl
# Via: https://gitorious.org/dante/pkg-debian
PATH=/sbin:/usr/sbin:/bin:/usr/bin
NAME=sockd
DAEMON=/usr/sbin/$NAME
DAEMON_ARGS="-D"
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
DESC="Dante SOCKS daemon"
CONFFILE=/etc/$NAME.conf
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
# and status_of_proc is working.
. /lib/lsb/init-functions
set -e
# This function makes sure that the Dante server can write to the pid-file.
touch_pidfile ()
{
if [ -r $CONFFILE ]; then
uid="`sed -n -e 's/[[:space:]]//g' -e 's/#.*//' -e '/^user\.privileged/{s/[^:]*://p;q;}' $CONFFILE`"
if [ -n "$uid" ]; then
touch $PIDFILE
chown $uid $PIDFILE
fi
fi
}
case "$1" in
start)
if ! egrep -cve '^ *(#|$)' \
-e '^(logoutput|user\.((not)?privileged|libwrap)):' \
$CONFFILE > /dev/null
then
echo "Not starting $DESC: not configured."
exit 0
fi
echo -n "Starting $DESC: "
touch_pidfile
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
$DAEMON_ARGS \
|| return 2
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
[ "$?" = 2 ] && return 2
echo "$NAME."
;;
reload|force-reload)
#
# If the daemon can reload its config files on the fly
# for example by sending it SIGHUP, do it here.
#
# Make this a do-nothing entry, if the daemon responds to changes in its config file
# directly anyway.
#
echo "Reloading $DESC configuration files."
start-stop-daemon --stop --signal 1 --quiet --pidfile \
$PIDFILE --exec $DAEMON -- -D
;;
restart)
#
# If the "reload" option is implemented, move the "force-reload"
# option to the "reload" entry above. If not, "force-reload" is
# just the same as "restart".
#
echo -n "Restarting $DESC: "
start-stop-daemon --stop --quiet --pidfile $PIDFILE --exec $DAEMON
sleep 1
touch_pidfile
start-stop-daemon --start --quiet --pidfile $PIDFILE \
--exec $DAEMON -- -D
echo "$NAME."
;;
status)
status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
;;
*)
N=/etc/init.d/$NAME
# echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2
echo "Usage: $N {start|stop|restart|status|force-reload}" >&2
exit 1
;;
esac
exit 0Save and close the file using 'wq!' and give it execution permissions and update thh startup script using below commands.
# chmod +x /etc/init.d/sockd# update-rc.d sockd defaultsDante-server Sockd Configuration
First we start the global server settings before going to configure the advance settings of access rules. There are two types of rules that have to be defined in its configuration file. Client rules are mainly designed to specify which client is granted access to which socks server. In the socks rule section the actual application request is evaluated. By adding port numbers or rages access to the specific hosts or networks can be limited.
Let’s create the sockd configuration by placing the following parameters into the 'sockd.conf' file.
# vim /etc/sockd.conflogoutput: /var/log/socks.log
internal: ens160 port = 1080
external: ens160
method: username
user.privileged: root
user.notprivileged: nobody
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}
client block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}
pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}
block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}Save and close the configuration file, then move to the next step to start its services.
Starting Dante-server service
Once you have configured the danted-server sockd configuration file, then start its service and check the status its started without any error.
# /etc/init.d/sockd start# /etc/init.d/sockd statusUse below command to check its listening state of port ‘1080’.
# netstat -tulptcp 0 0 k-vm:socks *:* LISTEN 70839/sockdIn case you are unable to start your sockd service, then check your logs from ‘/var/log/socks.log’ file and modify 'sockd.conf' file.
To stop 'sockd' service you can kill its process number or use below command.
# /etc/init.d/sockd stop
[ ok ] Stopping sockd (via systemctl): sockd.service.Conclusion
Congratulations, Socks5 Dante server has been installed and successfully configured on Ubuntu 16.04 server. You can also enable some external modules modules to an extra functionality and can also be purchased for use with Dante. The modules are licensed on a per IP address basis which is the Dante server’s external IP addresses which can be configured in its 'sockd.conf' file. Let’s configure your web browsers to use your Dante server socks5 proxy for your clients. The Dante client library can be used either by being compiled into an application, or through on-the-fly socksification with the socksify script included in the Dante distribution which will communicate with other machines through a SOCKS server rather than directly.
