Dante Socks proxy – how to install and manage on RHEL or other distros

Installing socks proxy is usually not very good documented. There are only a few materials on internet and most of it won’t simply work, so here is mine.

First thing we should go through is why do we need a socks proxy? Sometimes it happens that we have a server (for example in DMZ) which has many connections and provide connectivity for ssh or other services which won’t be able to go through HTTP proxy.

So here is a short tutorial:

1. Download and compile dante socks proxy

From website https://www.inet.no/dante/download.html download source code, compile it and configure, e.g.

cd
wget https://www.inet.no/dante/files/dante-1.4.1.tar.gz
cd dante-1.4.1/
./configure
make
make install

2. Create a config file

Documentation to dante is not really clear but you have to bear in mind one thing. You are not only allowing access to socks proxy, but you also need to allow access from socks proxy to outside world. So you basically need two access lists. My example is below.

vi /etc/sockd.conf
internal: eth0 port = 3000
external: (external-ip)
socksmethod: none
logoutput: syslog stdout /var/log/sockd.log

client pass {
  from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0
  clientmethod: none
  log: connect error
}

socks pass {
  from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0
  clientmethod: none
  log: connect error
}

3. How to use it as service

Last thing is pretty easy, mostly if you use systemd.

vi /usr/lib/systemd/system/sockd.service
[Unit]
Description=Sockd Service

[Service]
Type=normal
ExecStart=/usr/local/sbin/sockd

[Install]
WantedBy=multi-user.target

Just start the service and you are done.

systemctl start sockd
systemctl enable sockd