Start with an update (debian/ubuntu)
apt-get update
Make sure you have the following (debian/ubuntu):
C Compiler, Make and a Text Editor (I choose vim):
apt-get install make gcc vim
Now download & Install
cd /var wget http://www.inet.no/dante/files/dante-1.3.2.tar.gz tar xvfz dante-* cd dante-* ./configure make make install
Copy the default configuration file over for easy config:
cd /var/dante-*/example cp sockd.conf /etc/sockd.conf vim /etc/sockd.conf
You’re probably going to want to see your adapter name(s) for the next step:
ifconfig
Now set (uncomment & change) the following:
logoutput: syslog internal: 127.0.0.1 port = 1080 internal: venet0:0 port = 1080 external: 1.2.3.4 # or external: eth0
Where 1.2.3.4 is your server’s external IP address.
To set-up without authentication:
method: username none # Not using authentication, so unnecessary #user.privileged: proxy user.notprivileged: nobody
Finally, it’s time to configure authentication (acces control). It’s probably a bad idea to allow everyone access to your proxy server.
The first three directives control which IP ranges can speak to the server. The from: option is obviously the IP space the clients live in. The to: option is one of the IPs the proxy server is bound to that the given IP range can speak to.
client pass { from: 1.2.3.4/0 port 1-65535 to: 1.2.3.4/0 } client block { from: 0.0.0.0/0 to: 0.0.0.0/0 log: connect error }
Where 1.2.3.4 is your client‘s external IP address.
These next four directives control who can speak to what.
block { from: 0.0.0.0/0 to: 127.0.0.0/8 log: connect error } pass { from: 1.2.3.4/0 to: 1.2.3.4/0 protocol: tcp udp } block { from: 0.0.0.0/0 to: 0.0.0.0/0 log: connect error }
Where 1.2.3.4 is your client‘s external IP address.
Now start Dante!
sockd -V (or the danted binary on Debian) sockd -D
Now try to connect:
yourServerIP:1080
Can’t connect? Check the log file out!
vim /var/log/syslog
To stop the proxy server (I didn’t find a ‘normal’ way):
killall sockd
Source(s):
http://blog.edseek.com/~jasonb/articles/dante_tunnel.shtml
UPDATE:
If you’re feeling lazy, I made this bash to pretty much automate the whole process:
dante_install.sh
#!/bin/bash apt-get -y --force-yes update apt-get -y --force-yes install make gcc vim cd /var wget http://www.inet.no/dante/files/dante-1.3.2.tar.gz tar xvfz dante-* cd dante-* ./configure make make install echo -e "logoutput: syslog\n\n internal: 127.0.0.1 port = 1080\ninternal: venet0:0 port = 1080\n\nexternal: venet0:0\n\nmethod: username none\nuser.notprivileged: nobody\n\nclient pass {\n from: 1.2.3.4/0 port 1-65535 to: 1.2.3.4/0\n }\n\nclient block {\n from: 0.0.0.0/0 to: 0.0.0.0/0\n log: connect error\n }\n\nblock {\n from: 0.0.0.0/0 to: 127.0.0.0/8\n log: connect error\n}\n\npass {\n from: 1.2.3.4/0 to: 1.2.3.4/0\n protocol: tcp udp\n}\n\nblock {\n from: 0.0.0.0/0 to: 0.0.0.0/0\n log: connect error\n}" > /etc/sockd.conf sockd -V sockd -D
Remember to chmod u+x dante_install.sh prior to running it with ./dante_install.sh
Also don’t forget to vim /etc/sockd.conf afterwards to edit out the IP of your client.
thanks, very helpful
How do you configure this for a Debian VPS with multiple external IP addresses? I tried the following as my sockd.conf (in v1.4.1, based off of a combination of the example sockd.conf and danted.conf that works with v1.1.9 on my other servers that have just a single external IP address), but it doesn’t work for multiple addresses and nothing is logged on the server with v1.4.1. My goal is that if I connect to the VPS on externalIP#1, it would proxy connections on externalIP#1 and that if I connect to the VPS on externalIP#2, it would proxy connections on externalIP#2:
###############################
sockd.conf (v1.4.1):
logoutput: syslog stdout /var/log/sockd.log
internal: venet0:0 port =
external:
internal: venet0:1 port =
external:
external.rotation: same-same
socksmethod: username #rfc931
clientmethod: none
user.privileged: root
user.notprivileged: nobody
user.libwrap: nobody
client pass {
from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0
}
pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
protocol: tcp udp
}
###############################
danted.conf (v1.1.9):
logoutput: /var/log/socks.log
internal: venet0:0 port =
external:
internal: venet0:1 port =
external:
external.rotation: same-same
method: username #rfc931
clientmethod: none
user.privileged: root
user.notprivileged: nobody
user.libwrap: nobody
client pass {
from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0
log: connect disconnect error
}
pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
protocol: tcp udp
}