I
I
Ilya T2018-04-21 13:37:54
Debian
Ilya T, 2018-04-21 13:37:54

Why doesn't socks 5 (Dante) proxy work on Debian?

Did according to similar manuals, but always a similar error:
either
danted.service: Failed to read PID from file /var/run/danted.pid: Invalid argument
Here's how I put on a clean Debian 9_64 system:
apt-get update
apt-get upgrade
apt-get install build-essential libwrap0-dev libpam0g-dev libkrb5-dev libsasl2-dev
apt-get install dante-server
here I get

look
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
  dante-server
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 373 kB of archives.
After this operation, 993 kB of additional disk space will be used.
Get:1 http://ftp.uk.debian.org/debian stretch/main amd64 dante-server amd64 1.4.1+dfsg-5 [373 kB]
Fetched 373 kB in 0s (1600 kB/s)
apt-listchanges: Can't set locale; make sure $LC_* and $LANG are correct!
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
  LANGUAGE = "en_GB:en",
  LC_ALL = (unset),
  LC_CTYPE = "ru_RU.UTF-8",
  LANG = "en_GB.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("en_GB.UTF-8").
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
Selecting previously unselected package dante-server.
(Reading database ... 45643 files and directories currently installed.)
Preparing to unpack .../dante-server_1.4.1+dfsg-5_amd64.deb ...
Unpacking dante-server (1.4.1+dfsg-5) ...
Processing triggers for systemd (232-25+deb9u3) ...
Setting up dante-server (1.4.1+dfsg-5) ...
Job for danted.service failed because the control process exited with error code.
See "systemctl status danted.service" and "journalctl -xe" for details.
invoke-rc.d: initscript danted, action "start" failed.
● danted.service - SOCKS (v4 and v5) proxy daemon (danted)
   Loaded: loaded (/lib/systemd/system/danted.service; disabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Sat 2018-04-21 11:21:54 BST; 16ms ago
     Docs: man:danted(8)
           man:danted.conf(5)
  Process: 6893 ExecStart=/usr/sbin/danted -D (code=exited, status=1/FAILURE)
  Process: 6887 ExecStartPre=/bin/sh -c   	uid=`sed -n -e "s///g" -e "s/#.*//" -e "/^user\.privileged/{s/[^:]*://p;q;}" /etc/danted.conf`;  	if [ -n "$uid" ]; then  		touch /var/run/danted.pid;  		chown $uid /var/run/danted.pid;  	fi  	 (code=exited, status=0/SUCCESS)

Apr 21 11:21:54 admin systemd[1]: Starting SOCKS (v4 and v5) proxy daemon (danted)...
Apr 21 11:21:54 admin danted[6893]: Apr 21 11:21:54 (1524306114.152530) danted[6893]: warning: checkconfig(): no socks authentication methods enabled.  This…not intended?
Apr 21 11:21:54 admin danted[6893]: Apr 21 11:21:54 (1524306114.153252) danted[6893]: error: checkconfig(): no internal address given for server to listen for clients on
Apr 21 11:21:54 admin danted[6893]: Apr 21 11:21:54 (1524306114.153766) danted[6893]: alert: mother[1/1]: shutting down
Apr 21 11:21:54 admin systemd[1]: danted.service: Control process exited, code=exited status=1
Apr 21 11:21:54 admin systemd[1]: Failed to start SOCKS (v4 and v5) proxy daemon (danted).
Apr 21 11:21:54 admin systemd[1]: danted.service: Unit entered failed state.
Apr 21 11:21:54 admin systemd[1]: danted.service: Failed with result 'exit-code'.
Hint: Some lines were ellipsized, use -l to show in full.
Please edit the Dante server config file /etc/danted.conf and specify at least the following directives: internal external
Processing triggers for man-db (2.7.6.1-2) ...
Processing triggers for systemd (232-25+deb9u3) ...

then I put the
nano config /etc/danted.conf
like this
look

# $Id: sockd.conf,v 1.52.10.2 2014/09/03 14:49:13 michaels Exp $

logoutput: stderr

internal: eth0 port = 7077
external: eth0
socksmethod: username
user.privileged: root
user.unprivileged: nobody

client pass {
       from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0
       log: error
       socksmethod: username
}



socks pass {
       from: 0.0.0.0/0 to: 0.0.0.0/0
       command: bind connect udpassociate
       log: error
       socksmethod: username
}

socks pass {
       from: 0.0.0.0/0 to: 0.0.0.0/0
       command: bindreply udpreply
       log: error
}


then I add the user
useradd -m sockduser && passwd sockduser
set the password
service danted start
service danted status
I get:
look
danted.service - SOCKS (v4 and v5) proxy daemon (danted)
   Loaded: loaded (/lib/systemd/system/danted.service; disabled; vendor preset: enabled)
   Active: active (running) since Sat 2018-04-21 11:30:21 BST; 6s ago
     Docs: man:danted(8)
           man:danted.conf(5)
  Process: 7153 ExecStart=/usr/sbin/danted -D (code=exited, status=0/SUCCESS)
  Process: 7147 ExecStartPre=/bin/sh -c         uid=`sed -n -e "s///g" -e "s/#.*//" -e "/^user\.privileged/{s/[^:]*://p;q;}" /etc/danted.conf`;      if [ -n "$
 Main PID: 7154 (danted)
    Tasks: 20 (limit: 4915)
   CGroup: /system.slice/danted.service
           ├─7154 /usr/sbin/danted -D
           ├─7155 danted: monitor-ch
           ├─7156 danted: negotiate-
           ├─7157 danted: request-ch
           ├─7158 danted: request-ch
           ├─7159 danted: request-ch
           ├─7160 danted: request-ch
           ├─7161 danted: request-ch
           ├─7162 danted: request-ch
           ├─7163 danted: request-ch
           ├─7164 danted: request-ch
           ├─7165 danted: request-ch
           ├─7166 danted: request-ch
           ├─7167 danted: request-ch
           ├─7168 danted: request-ch
           ├─7169 danted: request-ch
           ├─7170 danted: request-ch
           ├─7171 danted: request-ch
           ├─7172 danted: request-ch
           └─7173 danted: io-child:

Apr 21 11:30:21 admin systemd[1]: Starting SOCKS (v4 and v5) proxy daemon (danted)...
Apr 21 11:30:21 admin systemd[1]: danted.service: Failed to read PID from file /var/run/danted.pid: Invalid argument
Apr 21 11:30:21 admin systemd[1]: Started SOCKS (v4 and v5) proxy daemon (danted).


protocol type checked
ip link show
spoiler

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 00:50:56:8f:20:1b brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:50:56:8f:51:4c brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:50:56:8f:0c:0b brd ff:ff:ff:ff:ff:ff


Thank you all in advance!

Answer the question

In order to leave comments, you need to log in

3 answer(s)
S
stetzen, 2018-05-04
@stetzen

The problem here is not in the config of Dante itself, but in the script (more precisely, the systemd unit) for launching it. Ran into a similar problem; it is likely caused by something similar to the very similar situation with nginx - systemd tries to find the Dante pid file before it can create it. The cure (in any case, it helped me) is not to bind the pid-file to the service, but to delete this file "by hand" when the service is stopped. In practice, you need to do the following: in the /lib/systemd/system/danted.service file, delete the line
AND add (in the Service section) the line
ExecStopPost=/bin/rm -f /var/run/danted.pid

U
Uno, 2018-04-21
@Noizefan

Because Dante is, unfortunately, quite an old product, as far as I know. I recommend looking for the sources of socks on crosses or any compiled language convenient for you and compiling it yourself - it will be much more reliable.

V
Vladimir Mukovoz, 2018-04-21
@castomi

Everything is working fine, the water is a good article.
https://klink0v.livejournal.com/464293.html
If you want to allow everything at all, then here is the config for version 1.4.1

logoutput: /var/log/danted.log
# IP или имя и порт "внутреннего" интерфейса
internal: 1.2.3.4 port = 1080
# IP "внешнего" интерфейса
# Скорее всего, он будет точно таким же
external: 1.2.3.4

socksmethod: username
clientmethod: none

user.privileged: root
user.notprivileged: nobody
user.libwrap: nobody

# На первой стадии соединения всем всё можно
client pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
}

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question