second

templates/Debian/Gateway/etc/rc.local

@@ -0,0 +1,22 @@
+#!/bin/sh
+
+setfont /usr/share/consolefonts/Lat15-TerminusBold22x11.psf.gz
+
+echo nameserver 127.0.0.1> /etc/resolv.conf
+
+IP=`ifconfig eth0 | grep inet | sed -e 's/.*inet //' -e 's/ .*//'`
+[ $? -eq 0 ] || return 1$?
+[ -n "$IP" ] || return 2$?
+
+if ! iptables-save | grep -q 'iptables -A INPUT -i eth0 -p udp -m udp --dport 9053 -j ACCEPT' ; then
+    iptables -D INPUT -j DROP
+    iptables -A INPUT -i eth0 -p udp -m udp --dport 9053 -j ACCEPT
+    iptables -A INPUT -j DROP    
+  fi
+
+ps ax | grep -q 'su -c tor -s /bin/sh debian-tor' || \
+  sh /usr/local/bin/proxy_whonix_tor_start.bash
+
+dig @$IP -p 9053 -b $IP google.com
+
+exit 0

templates/cntlm-proxy.conf

@@ -0,0 +1,92 @@
+#
+# Cntlm Authentication Proxy Configuration
+#
+# NOTE: all values are parsed literally, do NOT escape spaces,
+# do not quote. Use 0600 perms if you use plaintext password.
+#
+
+Username	testuser
+Domain		corp-uk
+Password	password
+# NOTE: Use plaintext password only at your own risk
+# Use hashes instead. You can use a "cntlm -M" and "cntlm -H"
+# command sequence to get the right config for your environment.
+# See cntlm man page
+# Example secure config shown below.
+# PassLM          1AD35398BE6565DDB5C4EF70C0593492
+# PassNT          77B9081511704EE852F94227CF48A793
+### Only for user 'testuser', domain 'corp-uk'
+# PassNTLMv2      D5826E9C665C37C80B53397D5C07BBCB
+
+# Specify the netbios hostname cntlm will send to the parent
+# proxies. Normally the value is auto-guessed.
+#
+# Workstation	netbios_hostname
+
+# List of parent proxies to use. More proxies can be defined
+# one per line in format <proxy_ip>:<proxy_port>
+#
+Proxy		10.0.0.41:8080
+Proxy		10.0.0.42:8080
+
+# List addresses you do not want to pass to parent proxies
+# * and ? wildcards can be used
+#
+NoProxy		localhost, 127.0.0.*, 10.*, 192.168.*
+
+# Specify the port cntlm will listen on
+# You can bind cntlm to specific interface by specifying
+# the appropriate IP address also in format <local_ip>:<local_port>
+# Cntlm listens on 127.0.0.1:3128 by default
+#
+Listen		3128
+
+# If you wish to use the SOCKS5 proxy feature as well, uncomment
+# the following option. It can be used several times
+# to have SOCKS5 on more than one port or on different network
+# interfaces (specify explicit source address for that).
+#
+# WARNING: The service accepts all requests, unless you use
+# SOCKS5User and make authentication mandatory. SOCKS5User
+# can be used repeatedly for a whole bunch of individual accounts.
+#
+#SOCKS5Proxy	8010
+#SOCKS5User	dave:password
+
+# Use -M first to detect the best NTLM settings for your proxy.
+# Default is to use the only secure hash, NTLMv2, but it is not
+# as available as the older stuff.
+#
+# This example is the most universal setup known to man, but it
+# uses the weakest hash ever. I won't have it's usage on my
+# conscience. :) Really, try -M first.
+#
+#Auth		LM
+#Flags		0x06820000
+
+# Enable to allow access from other computers
+#
+#Gateway	yes
+
+# Useful in Gateway mode to allow/restrict certain IPs
+# Specifiy individual IPs or subnets one rule per line.
+#
+#Allow		127.0.0.1
+#Deny		0/0
+
+# GFI WebMonitor-handling plugin parameters, disabled by default
+#
+#ISAScannerSize     1024
+#ISAScannerAgent    Wget/
+#ISAScannerAgent    APT-HTTP/
+#ISAScannerAgent    Yum/
+
+# Headers which should be replaced if present in the request
+#
+#Header		User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)
+
+# Tunnels mapping local port to a machine behind the proxy.
+# The format is <local_port>:<remote_host>:<remote_port>
+# 
+#Tunnel		11443:remote.com:443
+

templates/usr/local/src/usr_local_python2.sed

@@ -0,0 +1,3 @@
+1,1s@^#./usr/bin/env python@#!/usr/local/bin/python2.sh@
+1,1s@^#./usr/bin/python2.7@#!/usr/local/bin/python2.sh@
+1,1s@^#./usr/lib/python-exec/python2.7/python@#!/usr/local/bin/python2.sh@

templates/usr/local/src/usr_local_python3.sed

@@ -0,0 +1,3 @@
+1,1s@^#./usr/bin/env python@#!/usr/local/bin/python3.bash@
+1,1s@^#./usr/bin/python3.4@#!/usr/local/bin/python3.bash@
+1,1s@^#./usr/lib/python-exec/python3.4/python@#!/usr/local/bin/python3.bash@