How do I configure a SOCKS proxy on a Debian box such that I can enter the host address in the firefox proxy configuration page, and use my box as a SOCKS proxy?
I've heard of dante-server, but I don't know how to make it allow connections from and to everywhere.
Best Answer
First you need to understand configuration basics.
there are 3 main sections: first global settings, you need to set "external", "internal" and "method" (deadly required)
second "client pass rules": means who will able to connect to your socks server.
third is pass/block rules: means which client can connect to where.
2. & 3. works like iptables. both needs to be ended with a block phrase.
config file is /etc/danted.conf mostly, sometimes /etc/socksd.conf
i assume that you have 2 interfaces. 1 is local network. the other 1 is outside. eg: eth0: 192.168.1.1 eth1: 220.12.13.50. your first section should contains these values.
only local interface will accept to be connected to dante.
client pass { from: 192.168.1.0/24 port 1-65535 to: 0.0.0.0/0 } client pass { from: 127.0.0.0/8 port 1-65535 to: 0.0.0.0/0 } client block { from: 0.0.0.0/0 to: 0.0.0.0/0 log: connect disconnect error }last rule means no1 else is able to connect.
pass { from: 192.168.1.0/24 to: 0.0.0.0/0 protocol: tcp udp } pass { from: 127.0.0.0/8 to: 0.0.0.0/0 protocol: tcp udp } block { from: 0.0.0.0/0 to: 127.0.0.0/8 log: connect disconnect error } block { from: 0.0.0.0/0 to: 0.0.0.0/0 log: connect disconnect error }only clients from local network will able to use danted as a socks server to establish tunnel connection. & last rule means no1 is able to request or tunnel to anywhere.
also you need to edit startup script of danted. uncomment the line "enabled=yes"
in fact you are free to use 1 interface. or force danted to listen all interfaces. but i advice you to set danted tight enough. because any proxy is open public use is a big security risk for it's owner.
& here is a simple guide that you can get help: http://wiki.kartbuilding.net/index.php/Dante_Socks_Server