Dante is a stable, popular, open-source SOCKS proxy. The vast majority of SOCKS5 proxy providers will use Dante. In this tutorial, you will install and configure Dante to provide a SOCKS proxy on CentOS 7 x64Bit.
The first thing we need to do is install the development tools for CentOS by running the command below:
yum groupinstall 'Development Tools'-yNow let’s install Dante from the source. Follow the commands below in order.
a) wget https://www.inet.no/dante/files/dante-1.4.3.tar.gz
b) tar -xvf dante-1.4.3.tar.gz
c) cd dante-1.4.3
d) ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --disable-client --without-libwrap --without-bsdauth --without-gssapi --without-krb5 --without-upnp --without-pam
e) make
f) make installInstall the dante stop-start-daemon to make it easier to control dante.
wget https://vpnextra.com/download/start-stop-daemon -O /usr/sbin/start-stop-daemonSet the appropriate permissions.
chmod +x /usr/sbin/start-stop-daemonDownload the danted daemon file.
a) wget https://vpnextra.com/download/sockd -O /etc/init.d/sockd
b) sed -i -e 's/\r$//' /etc/init.d/sockdSet the appropriate permissions.
chmod +x /etc/init.d/sockdEnable sockd and start it.
systemctl enable sockd
systemctl start sockdCreate the Dante configuration file using the command below:
vi /etc/sockd.confAdd the following contents:
logoutput: stderr
internal: 0.0.0.0 port = 1080
external: eth0
clientmethod: none
socksmethod: none
user.privileged: root
user.notprivileged: nobody
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}
client block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}
socks block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}Restart the daemon to reload the config.
service danted restartTest your proxy using curl and check the output in the header as per below.
curl –socks5-hostname 127.0.0.1:1080 google.com
The output should be similar to the below header.
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>
You can also set up in FoxyProxy in Firefox or Chrome to test it in your browser. For example, add a new proxy as SOCKS5, add the proxy server IP and then add the proxy port, usually 1080. Leave the username and password fields empty.
If you want to limit who can connect to your proxy, you can do so in several ways.
Limit by Username/Password.
Edit the danted configuration in file /etc/sockd.conf, and change this section:
# socksmethod: none // for non-authentication
socksmethod: username
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
command: bind connect udpassociate
log: error connect disconnect
socksmethod: username
}
Now create the user, for example:
useradd vpnextra -r
passwd vpnextraNow test using the following command:
curl -x socks5://<your_username>:<your_password>@<your_ip_server>:<your_danted_port> ifconfig.co
Limit by IP.
If you want to restrict what IP can connect to your proxy, edit /etc/sockd.conf, and change
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}
To:
client pass {
from: 11.11.11.11/32 to: 0.0.0.0/0
log: error connect disconnect
}
11.11.11.11/32 is the single IP you want to allow access to your proxy server.
Restart dante for the changes to take effect.
systemctl restart sockdYou can also find out how to set up to authenticate off FreeRADIUS here.
4 comments On How to Set Up a SOCKS5 Proxy Server with Dante on CentOS 7
does not work
Hey there, what issues are you facing?
In CentOS 7 there is no eth0 device use enp2s0f0 instead in /etc/sockd.conf
Thanks, we will update the guide but it really depends on the distribution you are using.