Technitium DNS server zone high-availability

on
0

Personal SOCKS Proxy using danted with Oracle Cloud VPS

on

1. Install danted services.

sudo apt-get install nano dante-server rsyslog dnsutils

2. Edit /etc/danted.conf with below settings. Change internal and external network interface according to your server/VPS setup. Restart the service afterward.

logoutput: syslog

internal: enp0s3 port = 1080
external: enp0s3

socksmethod: none
clientmethod: none

user.privileged: proxy
user.unprivileged: nobody
user.libwrap: nobody

client pass {
	# allow all connection
	from: 0.0.0.0/0 to: 0.0.0.0/0
	log: connect disconnect error
}

socks pass {
	# allow all connection
	from: 0.0.0.0/0 to: 0.0.0.0/0
	log: connect disconnect error
} 

3. Allow incoming 1080 port in iptables firewall rule.

-A INPUT -p tcp -m state --state NEW --dport 1080 -j ACCEPT

4. To secure your personal SOCKS proxy service, configure your iptables rules to only incoming access from your own public IP.

-A INPUT -p tcp -m state --state NEW -m tcp --dport 1080 -s xxx.xxx.xxx.xxx -j ACCEPT

5. For those who only have dynamic public IP, follow this guide to dynamic update the iptables rules using cron and ddns service.

6. Remember to allow port 1080 (ingress rules) on the Oracle Cloud's VPS/Virtual Cloud Network (VCN).

7. Configure manual proxy in your browser like Firefox.

8. (Optional) Based on above danted's configuration, all danted log will store at /var/log/syslog. Configure rsyslog by create config file /etc/rsyslog.d/22-danted.conf to store danted log at another file (/var/log/sockd.log)

# Log danted generated log messages to file
:programname, startswith, "danted" /var/log/sockd.log

# comment out the following line to allow danted messages through.
# Doing so means you'll also get danted messages in /var/log/syslog
& stop

9. (Optional) If you create another log file for danted. Consider to compress and housekeep the log file using logrotate. Install logrotate via apt-get if not installed.

sudo apt-get install logrotate

10. Create /etc/logrotate.d/danted.conf.

/var/log/sockd.log {
        rotate 14
        daily
        compress
        missingok
        postrotate
                invoke-rc.d --quiet danted reload > /dev/null
        endscript
        notifempty
}

Comments

hepohi6449 said…
Is there a way to add a username and password for SOCKS5?
August 28, 2023 at 12:13 PM
Lee Pak Hong said…
Check the official documentation on authentication

https://www.inet.no/dante/doc/1.4.x/config/auth.html
October 6, 2023 at 1:52 PM
James09 said…
Thanks for the video. Please is there a way of adding multiple outgoing ips to the dante socks5 server?
August 13, 2024 at 7:35 AM
Post a Comment