Skip to main content

configure a SOCKS proxy server

By
Inspired by my wife's difficulty connecting to the internet due to new security policies at her organization, I decided to try a proxy to allow her to use Windows Live Messenger.


The Linux SOCKS proxy server implementation these days is made under the name DANTE
  • edit the config file (/etc/socks/sockd.conf). 
  • It is in this file logging is enabled via the syslog mechanism and internal and external addresses are bound. Whereas the internal bindings include a port specification, the external one does not.
     
  • The comments are well formed I'd also spend a little time looking them over.

    The details:
    logoutput: syslog

internal: eth1 port = 1080
internal: 127.0.0.1 port = 1080

external: 1.2.3.4
# or
external: eth0
    To achieve full access (no username/password).
    method: username none

# Not using authentication, so unnecessary
#user.privileged: proxy

user.notprivileged: nobody
     
    The access controls for sockd daemon are last. They are checked against in the order they appear in the configuration file. Notice, don't open your proxy server to the wild world - you've been warned.The first three directives control which IP ranges that have accesss to the server.

    - The from: is were the details of the IPs are added. In my cause it is the IP space the clients live in.
    - The to: option is one of the IPs the proxy server is bound to that the given IP range can speak to. It is set to the addresses Dante/sockd is listening on.
    The last of the three drops any requests that don't match either of the first two directives. 


    client pass {
from:  192.168.0.0/16 port 1-65535 to: 0.0.0.0/0
}

client pass {
from:  127.0.0.0/8 port 1-65535 to: 0.0.0.0/0
}

client block {
from:  0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}
     
    The next four configuration points control who 'routing'.
    - Requests from anywhere to the loopback addresses are dropped.
    - From the loopback addresses and 192.168.0.0/16 are allowed to communicated over tcp or udp protocols.
    - Finally, drop everything else. 

    block {
from:  0.0.0.0/0 to: 127.0.0.0/8
log: connect error
}

pass {
from:  192.168.0.0/16 to: 0.0.0.0/0
protocol: tcp udp
}

pass {
from:  127.0.0.0/8 to: 0.0.0.0/0
protocol: tcp udp
}

block {
from:  0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}
  • Start Dante/sockd. 
    sockd -V 
sockd -d

Comments

Post a Comment

Popular posts from this blog

Word to PDF Convertor

By
 A Word document may be easily converted to a PDF file However, what happens if you need to convert a ton of Word files into PDFs? It will take a long time to open every file by hand and save it to PDF.  You may quickly and easily convert large amounts of Word to PDF with the help of this method. And without utilizing any outside tools either. Ms. Word is all you need. Copy the following code into Notepad or Notepad++, then save the file as "PDF.js" in a folder var obj = new ActiveXObject("Scripting.FileSystemObject"); var docPath = WScript.Arguments(0); docPath = obj.GetAbsolutePathName(docPath); var pdfPath = docPath.replace(/\.doc[^.]*$/, ".pdf"); var objWord = null; try {     objWord = new ActiveXObject("Word.Application");     objWord.Visible = false;     var objDoc = objWord.Documents.Open(docPath);     var format = 17;     objDoc.SaveAs(pdfPath, format);     objDoc.Close();     WScript.Echo("Saving '" + docPath + "'
Post a Comment
Read more

BACKUPPC INSTALLATION AND CONFIGURATIONS

By
BACKUPPC INSTALLATION AND CONFIGURATIONS BackupPC is a backup solution that can be configured to back up remote Linux and Windows systems. It can use a variety of different protocols and has a flexible scheduler to coordinate full and incremental backups. I have installed this on ubutnu 14.04 LTS and its running fine for me for a long time since the installation Open a terminal and enter the following commands: sudo apt-get update sudo apt-get install backuppc During the installation, you will be asked what kind of mail server configuration is needed. We can select the "Local only" option, because we will not be configuring internet-aware mail ???????? Postfix Configuration ????????? ? General type of mail configuration: ? ? ? ? No configuration ? ? Internet Site ? ? Internet wi
2 comments
Read more

Flash For EVONY 2021

By
Flash is now officially dead.   with this way you can still use Flash. if you have any problem while installing or working on this please feel free to contact me to help you first we have to go to pale moon https://www.palemoon.org/ Download and install PaleMoon then lets go to adobe archive page  https://web.archive.org/web/20200630185339/https://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html go to bottom of the page until you find the  Flash Player archives this site is little bit slower than others  Download this version,after May it is not working (Released 5/12/2020)  Flash Player 32.0.0.371  (425 MB)    https://web.archive.org/web/20200630185339/https://fpdownload.macromedia.com/pub/flashplayer/installers/archive/fp_32.0.0.371_archive.zip Unzip the archive and install the flash player for windows, Goto control panel and find the flash adon there Click on never check for updates  then open your c drive  and search where adobe is get installed. in here i am usi
4 comments
Read more