Knowledge base → Installing and configuring Dante Socks5 proxy server on Debian 12

Date of publication: 24.01.2024

The Donte proxy server works using the Socks5 protocol, which is a more secure alternative to http proxy servers. The Socks5 protocol is more anonymous. In this tutorial, we will install Dante proxy server on Debian 12 operating system.

1. Installing the service

apt update
apt upgrade
apt install dante-server

2. Setting up the service

We will replace the configuration file while maintaining the original

cp /etc/danted.conf /etc/danted.conf_orig
rm /etc/danted.conf

Let's create a new configuration file with the following configuration, where you need to replace xxx.123.xxx.123 with the IP address of your server:

nano /etc/danted.conf

logoutput: syslog
user.privileged: root
user.unprivileged: nobody

# The listening network interface or address.
internal: 0.0.0.0 port=1080

# The proxying network interface or address.
external: xxx.123.xxx.123

# socks-rules determine what is proxied through the external interface.
socksmethod: username

# client-rules determine who can connect to the internal interface.
clientmethod: none

client pass {
     from: 0.0.0.0/0 to: 0.0.0.0/0
}

socks pass {
     from: 0.0.0.0/0 to: 0.0.0.0/0
}

2.1 Add a user for authorization using login and password

We will use these parameters for authorization on our proxy server, since in the configuration file we allow connections only with authorization.

useradd -r -s /bin/false proxy_user
passwd proxy_user

2.2 Adding IP addresses (if desired)

If you want to allow connection to the proxy for certain IP addresses, you can add the following parameters to the configuration file, where xxx.111.xxx.222 is the IP of the device from which the connection will occur:

...
client pass {
     from: xxx.111.xxx.222/0 to: 0.0.0.0/0
}

2.3 Add a rule to the firewall

Let's add permission to port 1080 for our proxy to work.

2.3.1 For iptables

iptables -I INPUT -p tcp --dport 1080 -j ACCEPT
iptables -I OUTPUT -p tcp --sport 1080 -j ACCEPT

service iptables save

2.3.2 For ufw

ufw allow 1080

2.4 Restart the dante service

systemctl restart danted.service

Let's make sure the service is running:

systemctl status danted.service

● danted.service - SOCKS (v4 and v5) proxy daemon (danted)
      Loaded: loaded (/lib/systemd/system/danted.service; enabled; preset: enabled)
      Active: active (running) since Wed 2024-01-24 13:24:42 MSK; 56min ago

3. Connect to the server

You can connect to the proxy server using your browser settings; we recommend using browsers such as FireFox or WaterFox, since they have their own proxy server settings that do not affect the operating system.

To connect from the console, use this command, where:

proxy_user - the name of the user we created
password - proxy_user user password
xxx.123.xxx.123 - ip address of the proxy server

curl -v -x socks5://proxy_user:password@xxx.123.xxx.123:1080 http://google.com

* Trying xxx.123.xxx.123:1080...
* Connected to xxx.123.xxx.123 (xxx.123.xxx.123) port 1080 (#0)
* SOCKS5 connect to IPv4 64.233.165.106:80 (locally resolved)
* SOCKS5 request granted.
* Connected to xxx.123.xxx.123 (xxx.123.xxx.123) port 1080 (#0)
>GET/HTTP/1.1
> Host: google.com
> User-Agent: curl/7.88.1
> Accept: */*
>
< HTTP/1.1 200 OK

No Comments Yet