Skip to main content
HashnodeTechnopathyTechnopathy

Command Palette

Search for a command to run...

Installation and Configuration of SOCKS Proxy Danted on Redhat/CentOS/AWS EC2 from Source Code

Updated
3 min read
Installation and Configuration of SOCKS Proxy Danted on Redhat/CentOS/AWS EC2 from Source Code
O
Oliver Zehentleitner
I build systems that work — technically sound, security-first, and actually useful to the people who depend on them. Creator of the UNICORN Binance Suite — 6 open source Python libraries with 2.8M+ PyPI downloads and 388+ dependent public projects. Currently pioneering AI-driven open source maintenance: running a controlled AI agent that maintains production code and documenting what it means for engineering teams. Vienna, Austria 🇦🇹
Part of seriesNetwork Edge

The goal of this tutorial is to describe the installation and configuration of the SOCKS5 Proxy Dante on a CentOS, Redhat, AWS EC2 or similar Linux distribution using the yum package manager to end up with a working SOCKS5 proxy.

For Debian and Ubuntu please follow these instructions.

If you are still looking for a server for this project, I can recommend the cx31 server for 4.51 EUR/month with 20TB traffic volume from the European provider HETZNER CLOUD.

Log into your server, access root privileges and run a system update:

sudo -i
yum update -y

Step 1 — Installation

The dante-server package is not available in the Amazon Linux package repository by default. Instead, build it from source following these steps.

Install the build tools and dependencies:

yum groupinstall "Development Tools"
yum install libevent-devel

Download the Dante source code:

curl -O https://www.inet.no/dante/files/dante-1.4.2.tar.gz

Extract the source code:

tar xvzf dante-1.4.2.tar.gz
cd dante-1.4.2

Configure and compile dante-server:

./configure
make
make install

Verify the installation:

sockd -v

Step 2 — Configuration

Copy the sockd.conf file to the appropriate location:

cp /home/ec2-user/dante-1.4.2/example/sockd.conf /etc/sockd.conf

To find the IP address of the eth0 interface run:

ip add show eth0

Example output:

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 06:72:6b:5d:09:dd brd ff:ff:ff:ff:ff:ff
    inet 172.1.2.3/20 brd 172.1.2.255 scope global dynamic eth0
    valid_lft 3451sec preferred_lft 3451sec
    inet6 fe80::472:6bff:fe5d:9dd/64 scope link
    valid_lft forever preferred_lft forever

Replace 172.1.2.3 with your server IP and 1.2.3.4 with your client IP from where you want to connect.

Edit the config file:

vi /etc/sockd.conf

internal: 0.0.0.0 port = 1080
external: 172.1.2.3
logoutput: stderr
logoutput: /var/log/danted.log
clientmethod: none
socksmethod: none
user.privileged: root
user.notprivileged: nobody

client pass {
    from: 1.2.3.4/32 to: 0.0.0.0/0
    log: error connect disconnect
}
client block {
    from: 1.2.3.4/32 to: 0.0.0.0/0
    log: connect error
}
socks pass {
    from: 1.2.3.4/32 to: 0.0.0.0/0
    log: error connect disconnect
}
socks block {
    from: 1.2.3.4/32 to: 0.0.0.0/0
    log: connect error
}

The system service file is not included, so create one:

vi /etc/systemd/system/sockd.service

[Unit]
Description=SOCKS5 Proxy Server
After=network.target

[Service]
ExecStart=/usr/local/sbin/sockd -D
Restart=on-failure

[Install]
WantedBy=multi-user.target

Reload the system configuration and start the SOCKS5 proxy:

systemctl daemon-reload
systemctl start sockd.service
systemctl enable sockd.service

Check the status to confirm it's running:

systemctl status sockd

If everything worked, you now have a working SOCKS5 proxy server that only accepts connections from IP 1.2.3.4 and forwards to any destination address.

Additionally you can enable proper authentication — more info can be found here.

I hope you found this informative and useful.

Follow me on Binance Square, GitHub, X, and LinkedIn, or join Telegram for updates on my latest publications. Constructive feedback is always appreciated.

Thank you for reading, and happy coding! ¯\_(ツ)_/¯

Image source: pixabay.com

Comments

Join the discussion

No comments yet. Be the first to comment.

Network Edge

Part 2 of 2

Technical notes on proxies, connectivity, routing, access paths, and the messy edge between applications and the network they depend on.

Start from the beginning

Installation and Configuration of Dante on Debian/Ubuntu with `apt`

Instructions for installing and configuring a Dante SOCKS5 proxy on Debian/Ubuntu on the command line. The following instructions are for Debian and Ubuntu — for CentOS, RedHat, AWS EC2 and other Linu

More from this blog

T

Technopathy

28 posts

DevSecOps · Python · AI-driven Development · Real-world findings from production systems.