[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

SOCKS on debian etch: should i use dante?

Hello,
I'd like to run a SOCKS proxy on my etch box so I can easily configure firefox or others services to have an unlimited access to the internet while I'm behind restricted firewall.
I want to restrict use with username and password not from a specific IP, so I can really connect from everywhere. Though I noticed that in firefox do not allow to set username/password for proxies. Fortunately gnome does. Any advise on that? 

So my choice was dante. Here is the two doc I used:
1.- http://blog.edseek.com/~jasonb/articles/dante_tunnel.shtml
2.- http://wiki.kartbuilding.net/index.php/Dante_Socks_Server
as well as the man pages

=============== start of /etc/danted.conf ===============

# the server will log both via syslog, to stdout and to /var/log/lotsoflogs
logoutput: syslog stdout /var/log/lotsoflogs
#logoutput: stderr

# The server will bind to the address 10.1.1.1, port 1080 and will only
# accept connections going to that address.
#internal: 10.1.1.1 port = 1080
# Alternatively, the interface name can be used instead of the address.
internal: eth0 port = 11080

# all outgoing connections from the server will use the IP address
# 195.168.1.1
#external: 192.168.1.1
external: eth0

# list over acceptable methods, order of preference.
# A method not set here will never be selected.
#
# If the method field is not set in a rule, the global
# method is filled in for that rule.
#

# methods for socks-rules.
#method: username none #rfc931
method: username

# methods for client-rules.
#clientmethod: none

#or if you want to allow rfc931 (ident) too
#method: username rfc931 none

#or for PAM authentification
#method: pam

#
# An important section, pay attention.
#

# when doing something that can require privilege, it will use the
# userid:
user.privileged: proxy

# when running as usual, it will use the unprivileged userid of:
user.notprivileged: nobody

# If you compiled with libwrap support, what userid should it use
# when executing your libwrap commands?  "libwrap".
user.libwrap: nobody

=============== I removed some commented lines ===============

# netstat -n -a
show that something is listening on port 11080

my etch box his behind a NAT, but port 11080 was redirected in TCP/UDP
The problem is that when I setup the the proxy in firefox or in gnome from the outside, I don't get internet access
I don't know how to spot the problem. Is there a telnet command or something that allow to check if the proxy is running OK? 

I tried to configure socks4-server without much success either.

Any help would be appreciated

Best regards,
V.
Reply to: