Dante Server: Difference between revisions
No edit summary |
No edit summary |
||
| Line 28: | Line 28: | ||
And it didn't work the second time either. I looked at the system log file (/var/log/messages) and noticed an error related to a PID file. The default "init.d" script wanted to create the following PID file: /var/run/sockd/sockd.pid The /var/run/sockd directory did not exist. I thought about creating that directory, but remembered the trap I'd fallen into before where directories created there in CentOS 7 (and I assume other flavors of Linux) are not persistent (IE, they disappear when the system is rebooted). My solution (instead of going to the trouble of having a directory named sockd created under /var/run every time the system reboots) was to modify the /etc/init.d/sockd file lines that referred to the PID to this: /var/run/sockd.pid. | And it didn't work the second time either. I looked at the system log file (/var/log/messages) and noticed an error related to a PID file. The default "init.d" script wanted to create the following PID file: /var/run/sockd/sockd.pid The /var/run/sockd directory did not exist. I thought about creating that directory, but remembered the trap I'd fallen into before where directories created there in CentOS 7 (and I assume other flavors of Linux) are not persistent (IE, they disappear when the system is rebooted). My solution (instead of going to the trouble of having a directory named sockd created under /var/run every time the system reboots) was to modify the /etc/init.d/sockd file lines that referred to the PID to this: /var/run/sockd.pid. | ||
I did change | I did change two items, requests as it seemed a bit more secure to only accept SOCK requests from my subnet instead of everywhere (0.0.0.0);<blockquote>#generic pass statement - bind/outgoing traffic</blockquote><blockquote>socks pass { </blockquote><blockquote> from: 192.168.2.0/24 to: 0.0.0.0/0</blockquote><blockquote> command: bind connect udpassociate</blockquote><blockquote> log: error # connect disconnect iooperation</blockquote><blockquote>}</blockquote><blockquote>#generic pass statement for incoming connections/packets</blockquote><blockquote>socks pass {</blockquote><blockquote> from: 192.168.2.0/24 to: 0.0.0.0/0</blockquote><blockquote> command: bindreply udpreply</blockquote><blockquote> log: error # connect disconnect iooperation</blockquote><blockquote>} | ||
----------------------------</blockquote>UDP Related Stuff;<blockquote>socks pass {</blockquote><blockquote> from: 0.0.0.0/0 to: 192.168.2.0/24</blockquote><blockquote> command: bindreply udpreply</blockquote><blockquote> log: connect error</blockquote><blockquote>}</blockquote><blockquote></blockquote> | |||
== My Client Software == | |||
The following command was very helpful and accurate in checking the configuration file: sockd -V (that's a capital V) | |||
==My Client Software== | |||
Everything noted for the client software I use is accurate in the SS5 article, except DNS requests work with Dante, so left that enabled. | Everything noted for the client software I use is accurate in the SS5 article, except DNS requests work with Dante, so left that enabled. | ||