在 GNU/Linux 上部署 Dante 代理服务器,可提供 SOCKS5 代理。
配置环境
CentOS / RadHat
yum install gcc openssl-devel pcre-devel zlib-devel libtool c++ pam-devel pam -yDebian / Ubuntu
apt install build-essential -y
编译安装
下载源码
wget http://www.inet.no/dante/files/dante-1.4.2.tar.gz解压源码
tar xf dante-1.4.2.tar.gz编译参数
cd dante-1.* && ./configure && make && make install添加用户
useradd -s /sbin/nologin sockd写入配置
cat > /etc/sockd.conf <<'EOF'
#logging
#errorlog: /var/log/sockd.errlog
logoutput: /var/log/sockd.log
#debug: 2
#server address specification
internal: eth0 port = 1080
external: eth0
#server identities (not needed on solaris)
user.privileged: root
#user.notprivileged: socks
#user.libwrap: libwrap
#reverse dns lookup
#srchost: nodnsmismatch
#authentication methods
socksmethod: username none
##
## SOCKS client access rules
##
#rule processing stops at the first match, no match results in blocking
#block access to socks server from 192.0.2.22 (exception for pass rule below)
# client block {
# #block connections from 192.0.2.22/32
# from: 192.0.2.22/24 to: 0.0.0.0/0
# log: error # connect disconnect
# }
#allow connections from local network (192.0.2.0/24)
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error # connect disconnect
}
pass {
from: 0.0.0.0/0 to: 0.0.0.0/0 port gt 1023
command: bind
log: connect disconnect
}
pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
command: connect udpassociate
log: connect disconnect
}
block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}
EOF启动服务
使用以下命令即可启动 sockd,日志存在 /etc/sockd.conf。
/usr/local/sbin/sockd -f /etc/sockd.conf &注意:设置开启自启动把启动命令,添加到/etc/rc.local即可。查看日志
tail -f /var/log/sockd.log检查进程启动
ss -lntp若看到指定的(111.111.111.111为示例IP)端口被 dante 进程监听即表示成功启动。
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 795/sshd
tcp 0 0 111.111.111.111:1080 0.0.0.0:* LISTEN 907/sockd 附录
参考链接
本文由 柒 创作,采用 知识共享署名4.0
国际许可协议进行许可。
转载本站文章前请注明出处,文章作者保留所有权限。
最后编辑时间: 2017-10-15 21:52 PM