Skip to content

Install a SOCKS5 server (Dante) on Debian Wheezy

Jump to bottom Edit New page
duketwo edited this page May 5, 2016 · 4 revisions

install a SOCKS5 server (Dante) on Debian Wheezy

Compile

# apt-get install make gcc
# cd /usr/src
# wget http://www.inet.no/dante/files/dante-1.4.1.tar.gz 
# tar xvfz dante-1.4.1.tar.gz
# cd dante-1.4.1
# ./configure \
--prefix=/usr \
--sysconfdir=/etc \
--localstatedir=/var \
--disable-client \
--without-libwrap \
--without-bsdauth \
--without-gssapi \
--without-krb5 \
--without-upnp \
--without-pam

# make && make install

Install

# nano /etc/init.d/sockd

#! /bin/sh
### BEGIN INIT INFO
# Provides:          sockd
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start the dante SOCKS server.
# Description:       SOCKS (v4 and v5) proxy server daemon (sockd).
#                    This server allows clients to connect to it and
#                    request proxying of TCP or UDP network traffic
#                    with extensive configuration possibilities.
### END INIT INFO
#
# dante SOCKS server init.d file. Based on /etc/init.d/skeleton:
# Version:	@(#)skeleton  1.8  03-Mar-1998  [email protected] 
# Via: https://gitorious.org/dante/pkg-debian

PATH=/sbin:/usr/sbin:/bin:/usr/bin
NAME=sockd
DAEMON=/usr/sbin/$NAME
DAEMON_ARGS="-D"
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
DESC="Dante SOCKS daemon"
CONFFILE=/etc/$NAME.conf

# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0

# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh

# Define LSB log_* functions.
# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
# and status_of_proc is working.
. /lib/lsb/init-functions

set -e

# This function makes sure that the Dante server can write to the pid-file.
touch_pidfile ()
{
  if [ -r $CONFFILE ]; then
    uid="`sed -n -e 's/[[:space:]]//g' -e 's/#.*//' -e '/^user\.privileged/{s/[^:]*://p;q;}' $CONFFILE`"
    if [ -n "$uid" ]; then
      touch $PIDFILE
      chown $uid $PIDFILE
    fi
  fi
}
		
case "$1" in
  start)
	if ! egrep -cve '^ *(#|$)' \
	    -e '^(logoutput|user\.((not)?privileged|libwrap)):' \
	    $CONFFILE > /dev/null
	then
		echo "Not starting $DESC: not configured."
		exit 0
	fi
	echo -n "Starting $DESC: "
	touch_pidfile
	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
		|| return 1
	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
		$DAEMON_ARGS \
		|| return 2
	echo "$NAME."
	;;
  stop)
	echo -n "Stopping $DESC: "
	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
	RETVAL="$?"
	[ "$RETVAL" = 2 ] && return 2
	start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
	[ "$?" = 2 ] && return 2
	echo "$NAME."
	;;
  reload|force-reload)
	#
	#	If the daemon can reload its config files on the fly
	#	for example by sending it SIGHUP, do it here.
	#
	#	If the daemon responds to changes in its config file
	#	directly anyway, make this a do-nothing entry.
	#
	 echo "Reloading $DESC configuration files."
	 start-stop-daemon --stop --signal 1 --quiet --pidfile \
		$PIDFILE --exec $DAEMON -- -D
  ;;
  restart)
	#
	#	If the "reload" option is implemented, move the "force-reload"
	#	option to the "reload" entry above. If not, "force-reload" is
	#	just the same as "restart".
	#
	echo -n "Restarting $DESC: "
	start-stop-daemon --stop --quiet --pidfile $PIDFILE --exec $DAEMON
	sleep 1
	touch_pidfile
	start-stop-daemon --start --quiet --pidfile $PIDFILE \
	  --exec $DAEMON -- -D
	echo "$NAME."
	;;
  status)
	status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
	;;
  *)
	N=/etc/init.d/$NAME
	# echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2
	echo "Usage: $N {start|stop|restart|status|force-reload}" >&2
	exit 1
	;;
esac

exit 0

# chmod +x /etc/init.d/sockd
# update-rc.d sockd defaults

# nano /etc/sockd.conf

internal: 192.168.1.1   port = 1080

user.privileged:   root
user.unprivileged: nobody
socksmethod:       none
logoutput:         /var/log/sockd.log


# LAN
client pass {
    from: 192.168.1.0/24 to: 0.0.0.0/0
    log: error
}

# allow connect from anywhere as long as client was authed previously
socks pass {  
    from: 0.0.0.0/0 to: 0.0.0.0/0
    command: connect
    log: error
}

Start

# /etc/init.d/sockd start

Example Conf with rotation: same-same

method: username
internal: eth0 port = 31337
internal: eth0:1 port = 31337
internal: eth0:2 port = 31337
internal: eth0:3 port = 31337
internal: eth0:4 port = 31337
internal: eth0:5 port = 31337
internal: eth0:6 port = 31337
internal: eth0:7 port = 31337
internal: eth0:8 port = 31337
internal: eth0:9 port = 31337
external: eth0
external: eth0:1
external: eth0:2
external: eth0:3
external: eth0:4
external: eth0:5
external: eth0:6
external: eth0:7
external: eth0:8
external: eth0:9
external.rotation: same-same
client pass {
from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0
}
pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
method: username
user: VALID_LINUX_USER
protocol: tcp udp
}
Add a custom footer
Add a custom sidebar
Clone this wiki locally