====== Dante_Socks_Server ======

When working on a private LAN with no direct internet access available, squid is normally used a proxy server for internet and ftp traffic. SSH or scp (or other traffic) however, will require a SOCKS server in order to reach the internet.

Dante socks server provides just that. 
====== How to install dante socks server on debian (ubuntu is similar): ======
 apt-get install dante-server

This installs dante onto your debian server. By default it will not start (it will try to start - but will fail saying "no internal interfaces are configured etc..."). 

====== To configure Dante socks server: ======
 vi /etc/danted.conf

By default - most required lines will be uncommented. The following lines need to be inserted/ uncommented in danted.conf

 #logoutput: stderr
 logoutput: syslog
 #the above line will send any logs to /var/log/syslog instead to a terminal
 
 internal: eth0 port = 1080
 internal: 127.0.0.1 port = 1080
 
 external: eth0
 
 method: username none
 #the above puts no username or password. Access will instead be controlled via client ip address/range.
 #if there is no username or password - then danted socks server needs to run as nobody, i.e.
 
 #method: pam
 # if you choose to use pam instead - a valid username&password as required for sshing to the socks server is required.
 #Note: not sure if proxy login details are sent in clear text.
 
 #user.privileged: proxy
 user.notprivileged: nobody
 
 client pass {
         from: 136.201.251.21/0 port 1-65535 to: 0.0.0.0/0
         # 136.201.251.21/0 = specific ip address.
 } 
 
 client pass {
         from: 127.0.0.0/8 port 1-65535 to: 0.0.0.0/0
 }
 
 client block {
         from: 0.0.0.0/0 to: 0.0.0.0/0
         log: connect error
 }
 
 #Finally block other traffic
 block {
   from: 0.0.0.0/0 to: 127.0.0.0/8
   log: connect error
 }
 
 pass {
   from: 136.201.251.21/0 to: 0.0.0.0/0
   protocol: tcp udp
 }
 
 pass {
   from: 127.0.0.0/8 to: 0.0.0.0/0
   protocol: tcp udp
 }
 
 block {
   from: 0.0.0.0/0 to: 0.0.0.0/0
   log: connect error
 }

Once the config is complete. Start/Restart dante socks server:
 /etc/init.d/danted start
If there is a problem with the config - it will tell you immediately on trying to start the danted daemon.

====== Test Dante Socks Server ======
 netstat -n -a
 #check to see if server is listening on 1080
Make sure the firewall is open. Add appropriate rule as on [[Iptables_Firewall]].
Test also with winscp or putty.

====== Other SOCKS Servers ======
Note that putty itself can provide a SOCKS 5 server!! (But putty needs to be able to connect to an external server/computer firstly!)

**To configure socks to act as a socks v5 server:**

 Open Putty, Go to CONNECTION -> SSH -> TUNNELS
 In the Source Port - put 1080
 In the Destination Port - put 1080
 Click on the **Dynamic** radio button for "Dynamic Port Forwarding"

Connect to an server with external access. Telnet localhost 1080 and it should connect.

Also note - SOCKS v5 can be setup using ssh on the command line.
 ssh user@server.com -D 1080
 # -D is for Dynamic Port Forwarding.

----
More info on Dante's Config at:

http://trekweb.com/~jasonb/articles/dante_tunnel.shtml