The Donte proxy server works using the Socks5 protocol, which is a more secure alternative to http proxy servers. The Socks5 protocol is more anonymous. In this tutorial, we will install Dante proxy server on Debian 12 operating system.
1. Installing the service
apt update
apt upgrade
apt install dante-server
2. Setting up the service
We will replace the configuration file while maintaining the original
cp /etc/danted.conf /etc/danted.conf_orig
rm /etc/danted.conf
Let's create a new configuration file with the following configuration, where you need to replace xxx.123.xxx.123 with the IP address of your server:
nano /etc/danted.conf
logoutput: syslog
user.privileged: root
user.unprivileged: nobody
# The listening network interface or address.
internal: 0.0.0.0 port=1080
# The proxying network interface or address.
external: xxx.123.xxx.123
# socks-rules determine what is proxied through the external interface.
socksmethod: username
# client-rules determine who can connect to the internal interface.
clientmethod: none
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
}
2.1 Add a user for authorization using login and password
We will use these parameters for authorization on our proxy server, since in the configuration file we allow connections only with authorization.
useradd -r -s /bin/false proxy_user
passwd proxy_user
2.2 Adding IP addresses (if desired)
If you want to allow connection to the proxy for certain IP addresses, you can add the following parameters to the configuration file, where xxx.111.xxx.222 is the IP of the device from which the connection will occur:
...
client pass {
from: xxx.111.xxx.222/0 to: 0.0.0.0/0
}
2.3 Add a rule to the firewall
Let's add permission to port 1080 for our proxy to work.
2.3.1 For iptables
iptables -I INPUT -p tcp --dport 1080 -j ACCEPT
iptables -I OUTPUT -p tcp --sport 1080 -j ACCEPT
service iptables save
2.3.2 For ufw
ufw allow 1080
2.4 Restart the dante service
systemctl restart danted.service
Let's make sure the service is running:
systemctl status danted.service
3. Connect to the server
You can connect to the proxy server using your browser settings; we recommend using browsers such as FireFox or WaterFox, since they have their own proxy server settings that do not affect the operating system.
To connect from the console, use this command, where:
- proxy_user - the name of the user we created
- password - proxy_user user password
- xxx.123.xxx.123 - ip address of the proxy server
curl -v -x socks5://proxy_user:password@xxx.123.xxx.123:1080 http://google.com