Add Dante server config

1 files changed, 43 insertions, 0 deletions

diff --git a/dante/sockd.conf b/dante/sockd.conf
new file mode 100644
index 0000000..b2d3d0b
--- /dev/null
+++ b/dante/sockd.conf
@@ -0,0 +1,43 @@
+# Log locations (what to log is defined below)
+logoutput: stdout /var/log/sockd.log
+
+# Traffic comes to "proxy" interface to get sent via "eth0"
+internal: proxy port = 1080
+external: eth0
+
+# No authentication, let the VPN handle this
+socksmethod: none
+clientmethod: none
+
+# Don't run as root, you dummy
+user.privileged: sockd
+user.unprivileged: sockd
+
+# Use same port as client, uncomment to do this for <1024 too
+#compatibility: sameport
+
+# Rules when a client is trying to connect
+client pass {
+	from: 172.16.0.0/24 port 1024-65535 to: 0.0.0.0/0
+	log: connect disconnect
+}
+client block {
+	from: 0.0.0.0/0 to: 0.0.0.0/0
+	log: connect error
+}
+
+# Rules once a client has connected
+socks block {
+	from: 0.0.0.0/0 to: 127.0.0.1/8
+	log: connect error
+}
+socks pass {
+	from: 172.16.0.0/24 to: 0.0.0.0/0
+	protocol: tcp udp
+	log: connect disconnect
+}
+socks block {
+	from: 0.0.0.0/0 to: 0.0.0.0/0
+	log: connect error
+}
+