/docker-dante

Dante SOCKS proxy server

Apache License 2.0Apache-2.0

Supported tags and respective Dockerfile links

What is Dante

Dante consists of a SOCKS server and a SOCKS client, implementing RFC 1928 and related standards. It can in most cases be made transparent to clients, providing functionality somewhat similar to what could be described as a non-transparent Layer 4 router. For customers interested in controlling and monitoring access in or out of their network, the Dante SOCKS server can provide several benefits, including security and TCP/IP termination (no direct contact between hosts inside and outside of the customer network), resource control (bandwidth, sessions), logging (host information, data transferred), and authentication.

Usage example

$ docker run -d -p 1080:1080 wernight/dante

Change its configuration by mounting a custom /etc/sockd.conf (see sample config files).

Client-side set up

Set your browser or application to use SOCKS v4 or v5 proxy localhost on port 1080, like for example:

$ curl --proxy socks5://localhost:1080 https://example.com

... or set to use PAC script like:

function FindProxyForURL(url, host) {
  return "SOCKS localhost:1080";
}

Requiring authentication

The default config in this image allows everyone to use the proxy. You can add a simple authentication (which will send data unencrypted) by setting up a Dockerfile like:

FROM wernight/dante

# TODO: Replace 'john' and 'MyPassword' by any username/password you want.
RUN printf 'MyPassword\nMyPassword\n' | adduser john

Uncomment line in sockd.conf:

socksmethod: username

Starting

docker build . -t sock
docker service create --publish mode=host,target=1080,published=1080  --name sock sock

Then use SOCKS v5, for example:

$ curl --proxy socks5://john:MyPassword@localhost:1080 https://example.com

Note: SOCKS v4 will be blocked.

WARNING: Many browsers do not support SOCKS authentication (e.g. see this Chrome bug).

Feedbacks

Suggestions are welcome on our GitHub issue tracker.