FAQ » Servers
How can I install Dante SOCKS Proxy Server on RedHat/CentOS Linux?
Introduction
In today's interconnected world, the need for secure and efficient internet access is paramount. SOCKS proxy servers, like Dante, provide a reliable solution for managing network traffic and enhancing privacy. This guide will walk you through the process of installing and configuring Dante SOCKS Proxy Server on a Linux server.
Installation
Prerequisites:
- A server running Linux with root access.
- Basic knowledge of working with the Linux command line.
- Development Tools
sudo yum groupinstall "Development Tools"
sudo yum install gcc make
To install Dante on CentOS 7, you can't use the EPEL (Extra Packages for Enterprise Linux) repository and it's not included in the default CentOS repositories, so here's how you can install Dante on CentOS 7:
Install Dante: Step 1: Download Dante Source Code
Start by downloading the Dante source code from the official website or repository. You can use a web browser or command-line tools like wget or curl. Navigate to the directory where you want to store the source code and execute the following command to download the tarball:
wget https://www.inet.no/dante/files/dante-1.4.3.tar.gz
Step 2: Extract the Source Code Once the download is complete, extract the contents of the tarball using the tar command:
tar -zxvf dante-1.4.3.tar.gz
This command will create a directory named dante-1.4.3 containing the source code.
Step 3: Compile and Install Dante Navigate to the directory containing the extracted source code and configure the build using the ./configure command. This step ensures that Dante is compiled with the necessary options and libraries:
cd dante-1.4.3
./configure
Once the configuration is complete, compile Dante by running the make command:
make
Finally, install Dante on your system using the make install command:
make install
Configure Dante:
After installing Dante, you'll need to configure it to meet your specific requirements. The main configuration file for
Dante is located at /etc/sockd.conf. Use a text editor to open this file:
nano /etc/sockd.conf
In the configuration file, you can define various parameters such as listening ports, access control rules, authentication methods, and logging settings. Customize the configuration according to your needs. Here's a basic example of a Dante configuration:
# Log output location
logoutput: stderr
# Listen on all interfaces on port 1080
internal: 0.0.0.0 port = 1080
# External interface
external: eth0
# SOCKS authentication method
socksmethod: username
# Client authentication method
clientmethod: none
# Privileged and unprivileged users
user.privileged: root
user.unprivileged: nobody
# Client pass rule: Allow all clients
client pass {
from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0
log: error
}
# SOCKS pass rule: Allow all SOCKS connections
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error
}
Note: This example configuration allows SOCKS connections from any client to any destination.
Create a System User: Use the adduser or useradd command to create a new system user. For example, to add a user named "danteuser," you can use:
sudo useradd -r -s /bin/false danteuser
Follow the prompts to set a password for the new user.
Having compiled Dante from source and installed it manually, the systemd service unit file might not have been created automatically. You can create and configure the systemd service unit file for Dante manually.
Here's how you can create a systemd service unit file for Dante:
Create a systemd Service Unit File: Create a new systemd service unit file for Dante:
sudo nano /etc/systemd/system/danted.service
Add Service Unit Configuration:
Add the following content to the danted.service file:
[Unit]
Description=Dante SOCKS server
#After=network.target
After=network-online.target
Wants=network-online.target
[Service]
Type=simple
ExecStart=/usr/local/sbin/sockd
[Install]
WantedBy=multi-user.target
Adjust the ExecStart path if Dante is installed in a different location.
Save the File and Exit:
Save the changes to the danted.service file and exit the editor.
Reload systemd Configuration: Reload systemd configuration to ensure the new service unit file is recognized:
sudo systemctl daemon-reload
Start and Enable Dante:
After configuring Dante, save the changes to the configuration file and start the Dante service using the following command:
sudo systemctl start danted
You can also enable Dante to start automatically at boot time by running:
sudo systemctl enable danted
Adjust Firewall Rules: Open the port you specified in the Dante configuration file (default is 1080) in your firewall settings to allow SOCKS5 traffic.
sudo firewall-cmd --zone=public --add-port=1080/tcp --permanent
sudo firewall-cmd --reload
Test SOCKS5 Proxy: You can now test your SOCKS5 proxy server by configuring your applications to use it. For example, you can configure your web browser to use SOCKS5 with the server's IP address and port.
sudo netstat -tuln | grep 1080
If Dante is running properly, you should see output indicating that Dante is listening on the specified port.
Using the curl browser to test the proxy:
% curl --proxy socks5://<user>:<pass>@<server>:1080 http://whatismyip.akamai.com/
Ensure to secure your proxy server and monitor it regularly for any unusual activity.
By following these steps, you should have Dante installed and configured as a SOCKS5 proxy server on CentOS 7.
Last updated: 2020-05-01