david415

#!/usr/bin/env python

from zope.interface import implements
from twisted.plugin import IPlugin
from twisted.internet.protocol import Protocol, Factory
from twisted.internet import reactor
from twisted.internet.interfaces import IStreamClientEndpointStringParser
from twisted.internet.endpoints import clientFromString
from twisted.internet.endpoints import TCP4ClientEndpoint

david415

#!/usr/bin/env python

from zope.interface import implementer
from twisted.plugin import IPlugin
from twisted.internet.protocol import Protocol, Factory
from twisted.internet import reactor
from twisted.internet.interfaces import IStreamClientEndpointStringParser
from twisted.internet.endpoints import clientFromString
from twisted.internet.endpoints import TCP4ClientEndpoint

david415

---
- hosts: tor-relays
  roles:
    - { role: david415.ansible-tor,
        tor_distribution_release: "wheezy",
        tor_ExitPolicy: "reject *:*",
        tor_instance_parent_dir: "/etc/tor/instances",
        tor_instances: [ {
                          name: "relay1",
                          tor_ORPort: ["192.168.1.1:9002"],

david415

Log notice stdout
SocksPort 0
ORPort 7001
ExitPolicy reject *:*
DataDirectory ./bridge-data
 
BridgeRelay 1
PublishServerDescriptor 0
 
ServerTransportListenAddr vpn-ponydns 127.0.0.1:4703

david415

Log notice stdout
SocksPort 8040
DataDirectory ./client-data
 
UseBridges 1
 
Bridge vpn-ponydns 127.0.0.1:4703 tundevice=tun0 tun_local_ip=10.9.6.1 tun_remote_ip=10.9.6.2 tun_netmask=255.255.255.0 dns_name=my.cute.pony.bridge.dns_root

ClientTransportPlugin vpn-ponydns exec /usr/local/bin/obfsproxy --log-min-severity=info --log-file=/var/log/tor/dawuud-obfsproxy/obfsproxy-client.log --role=vpnclient managed

david415

# /etc/default/ufw
#

# Set to yes to apply rules to support IPv6 (no means only IPv6 on loopback
# accepted). You will need to 'disable' and then 'enable' the firewall for
# the changes to take affect.
IPV6=yes

# Set the default input policy to ACCEPT, ACCEPT_NO_TRACK, DROP, or REJECT.
# ACCEPT enables connection tracking for NEW inbound packets on the INPUT

david415

#
# rules.before
#
# Rules that should be run before the ufw command line added rules. Custom
# rules should be added to one of these chains:
#   ufw-before-input
#   ufw-before-output
#   ufw-before-forward
#

david415

Log notice stdout
SocksPort 8040
#ORPort 8001
DataDirectory ./client-data

UseBridges 1

Bridge bananaphone 127.0.0.1:4703 modelName=markov corpus=/usr/share/dict/words encodingSpec=words,sha1,4 order=1

david415

Log notice stdout
SocksPort 0
ORPort 7001
ExitPolicy reject *:*
DataDirectory ./bridge-data

BridgeRelay 1
PublishServerDescriptor 0

david415

#!/bin/bash

apt-get update
apt-get install xorg openbox wicd sysstat wireshark macchanger openvpn xlockmore emacs23 chromium-browser nmap netcat -y

# after install grsec kernel
paxctl -m -x -e  /usr/lib/chromium-browser/chrome-sandbox -c
paxctl -P -m -x -e -R /usr/lib/chromium-browser/chromium-browser -c

# edit /etc/default/grub