diff --git a/cbox-build.sh b/cbox-build.sh
index 88a9de1..8dd379d 100755
--- a/cbox-build.sh
+++ b/cbox-build.sh
@@ -37,9 +37,19 @@
 #   the test-suite are deactivated, some packages get removed)
 #
 
-
 set -ue
 
+# get the path of a configuration file - local configuration files
+# supersede default files
+# parameter: base name of the configuration file
+function get_config_file()
+{
+	[ -e "$LOCALCONF_DIR/$1" ] && echo "$LOCALCONF_DIR/$1" && return 0
+	[ -e "$DEFAULTCONF_DIR/$1" ] && echo "$DEFAULTCONF_DIR/$1" && return 0
+	echo "configuration file ($1) not found!" >&2
+	exit 1
+}
+
 # the base directory of your local development files
 ROOT_DIR=$(dirname "$0")
 
@@ -83,8 +93,11 @@ CHROOTSTART="/usr/lib/cryptobox/chroot-start.sh"
 # for burning a CD
 CDWRITER="0,0,0"
 
-# for development diffs and merges from a running cryptobox
-SSH_CONFIG_FILE="$LOCALCONF_DIR/ssh_config"
+# qemu network configuration file
+QEMU_IFUP_FILE=$(get_config_file qemu-ifup)
+
+# to connect to a development cryptobox with ssh
+SSH_CONFIG_FILE=$(get_config_file ssh_config)
 
 # extract the hostname of the cryptobox from the ssh_config file
 SSH_HOST=$(grep "^Host " $SSH_CONFIG_FILE | head -1 | sed 's/^Host *\(.*\)$/\1/')
@@ -97,6 +110,8 @@ DEVEL_FEATURES_SCRIPT="/usr/lib/cryptobox/devel-features.sh"
 CUSTOM_CONFIGURE_DIR="$ROOT_DIR/configure-local.d"
 
 
+####################### functions ######################
+
 function run_dfsbuild()
 {
 	[ ! -e "$BUILDDIR" ] && mkdir -p "$BUILDDIR" && echo "das BuildDir ($BUILDDIR) wurde angelegt ..."
@@ -121,15 +136,10 @@ function qemu_boot()
 		then	echo "Creating temporary harddisk image ..."
 			dd if=/dev/zero of="$HD_IMAGE" bs=1M count=20
 	  fi
-	# create default qemu-ifup
-	if [ ! -e "$LOCALCONF_DIR/qemu-ifup" ]
-		then	[ ! -d "$LOCALCONF_DIR" ] && mkdir "$LOCALCONF_DIR"
-			cp "misc/qemu-ifup.default" "$LOCALCONF_DIR/qemu-ifup"
-	  fi
 	echo "Starting qemu ..."
-	qemu -cdrom "$IMAGE_FILE" -m 96 -hda "$IMAGE_FILE" -boot d -n "$LOCALCONF_DIR/qemu-ifup" || true
+	qemu -cdrom "$IMAGE_FILE" -m 96 -hda "$IMAGE_FILE" -boot d -n "$QEMU_IFUP_FILE" || true
 	# remove iptables rules
-	"$LOCALCONF_DIR/qemu-ifup" stop
+	"$QEMU_IFUP_FILE" stop
 }
 
 
@@ -181,17 +191,8 @@ function configure_cb()
 
 function fetch_revision()
 {
-	svn -R info| grep ^Revision| cut -f2 -d " " | sort | tail -1
-}
-
-
-function check_ssh_defaults()
-{
-	[ ! -d "$LOCALCONF_DIR" ] && mkdir "$LOCALCONF_DIR"
-	if [ ! -e "$SSH_CONFIG_FILE" ]
-		then	echo "Copying default ssh_config file to '$SSH_CONFIG_FILE' ..."
-			cp misc/ssh-options.default "$SSH_CONFIG_FILE"
-	  fi
+	svn -R info 2>&1 | grep ^Revision| cut -f2 -d " " | sort | tail -1 \
+		|| echo "unknown release"
 }
 
 
@@ -204,7 +205,6 @@ function upload2devel()
 # of course, only the directories that are mapped to tmpfs can
 # be updated this way
 {
-	check_ssh_defaults
 	local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox"
 	[ -e "$TMP_DIR" ] || mkdir -p "$TMP_DIR"
 	for a in $DIRS
@@ -217,7 +217,7 @@ function upload2devel()
 	echo "Copying local files to the cryptobox ... "
 	if scp -F "$SSH_CONFIG_FILE" -rpq "$TMP_DIR/." cryptobox:/tmp/mirror 
 		then	echo "Set the base for future diffs to current state ..."
-			ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT set_diff_base
+			ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEVEL_FEATURES_SCRIPT" set_diff_base
 		else	echo 'ERROR: copying failed!'
 	  fi
 	rm -rf "$TMP_DIR"
@@ -228,20 +228,26 @@ function merge_from_devel()
 # merge a diff from a running development cryptobox into
 # this working directory
 {
-	check_ssh_defaults
 	echo "Check for collisions ... (dry-run)"
-	if ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT diff | patch --dry-run -p1 -d "$TEMPLATE_DIR"
+	if devel_diff | patch --dry-run -p1 -d "$TEMPLATE_DIR"
 	  then	echo
 	  	echo "Applying diff ..."
-		ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT diff | patch -p1 -d "$TEMPLATE_DIR"
+		devel_diff | patch -p1 -d "$TEMPLATE_DIR"
 		echo
 		echo "Set the base for future diffs to current state ..."
-		ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT set_diff_base
+		ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEVEL_FEATURES_SCRIPT" set_diff_base
 	  else	echo "Merging will fail - do it manually!"
 	 fi
 }
 
 
+# get the diff of a running cryptobox system between its current state
+# and its original content
+function devel_diff(
+{
+	ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEVEL_FEATURES_SCRIPT" diff
+}
+
 function blanknburn_cdrw()
 {
 	cdrecord -v dev=$CDWRITER blank=fast
@@ -271,8 +277,7 @@ while [ $# -gt 0 ]
 		;;
 	    diff )
 	    	# get a diff from a running development cryptobox
-		check_ssh_defaults
-		ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT diff
+		devel_diff
 		;;
 	    merge )
 	 	merge_from_devel
diff --git a/cbox-tree.d/usr/lib/cryptobox/configure-cryptobox.sh b/cbox-tree.d/usr/lib/cryptobox/configure-cryptobox.sh
index b9900d6..7685d0b 100755
--- a/cbox-tree.d/usr/lib/cryptobox/configure-cryptobox.sh
+++ b/cbox-tree.d/usr/lib/cryptobox/configure-cryptobox.sh
@@ -33,15 +33,6 @@ function configure_normal()
 	# change thttpd-user from www-data to root (permissions for mount, cryptsetup, ...)
 	sed -i "s/^user=.*/user=root/" /etc/thttpd/thttpd.conf
 
-	######### bashrc ###########
-	# remove dfshints from bashrc
-	sed -i "/^dfshints$/d" "$RUNTIMEDIR/root/.bashrc"
-
-	########### TERM ###########
-	# set a usable default
-	sed -i '/^export TERM=/d' "$RUNTIMEDIR/root/.profile"
-	echo 'export TERM=vt100' >>"$RUNTIMEDIR/root/.profile"
-
 	########## sshd ############
 	if [ -e "/etc/ssh" ]; then
 	    # allow empty passwords for ssh
diff --git a/defaults.conf.d/custom-configure.d/README b/etc-defaults.d/custom-configure.d/README
similarity index 100%
rename from defaults.conf.d/custom-configure.d/README
rename to etc-defaults.d/custom-configure.d/README
diff --git a/defaults.conf.d/custom-configure.d/import_authorized_keys b/etc-defaults.d/custom-configure.d/import_authorized_keys
similarity index 100%
rename from defaults.conf.d/custom-configure.d/import_authorized_keys
rename to etc-defaults.d/custom-configure.d/import_authorized_keys
diff --git a/defaults.conf.d/custom-configure.d/set_root_pw b/etc-defaults.d/custom-configure.d/set_root_pw
similarity index 100%
rename from defaults.conf.d/custom-configure.d/set_root_pw
rename to etc-defaults.d/custom-configure.d/set_root_pw
diff --git a/defaults.conf.d/dfs.cbox.conf b/etc-defaults.d/dfs.cbox.conf
similarity index 98%
rename from defaults.conf.d/dfs.cbox.conf
rename to etc-defaults.d/dfs.cbox.conf
index 38daeef..8b295c0 100644
--- a/defaults.conf.d/dfs.cbox.conf
+++ b/etc-defaults.d/dfs.cbox.conf
@@ -217,8 +217,7 @@ arch = amd64
 
 /etc/issue = This is the CryptoBox!
 
-/root/.bashrc = export WWW_HOME="file:///opt/dfsruntime/home.html"
- dfshints
+/etc/profile = export TERM=vt100
 
 ######################################################################
 # Files to create or truncate
diff --git a/defaults.conf.d/qemu-ifup b/etc-defaults.d/qemu-ifup
similarity index 100%
rename from defaults.conf.d/qemu-ifup
rename to etc-defaults.d/qemu-ifup
diff --git a/etc-defaults.d/qemu-ifup.default b/etc-defaults.d/qemu-ifup.default
new file mode 100755
index 0000000..b3d5664
--- /dev/null
+++ b/etc-defaults.d/qemu-ifup.default
@@ -0,0 +1,55 @@
+#!/bin/sh
+#
+# this is the qemu-ifup script that should be run at qemu's boot
+#
+
+# determine the interface to the outside
+IF_WORLD=`/sbin/route -n | grep " UG " | sed "s/  */ /g" | cut -d " " -f 8 | head -1`
+# nothing found? - sorry!
+[ -z "$IF_WORLD" ] && IF_WORLD=eth0
+
+
+if [ "$UID" -ne 0 ] 
+	then	sudo $0 $*
+		exit 0
+  fi
+
+echo "Laufe als root ..."
+
+IPT=/sbin/iptables
+[ ! -x $IPT ] && IPT=/usr/sbin/iptables
+
+IPT_RULES="	FORWARD -i tun0 -o $IF_WORLD -j ACCEPT
+		FORWARD -i $IF_WORLD -o tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT
+		POSTROUTING -t nat -o $IF_WORLD -j MASQUERADE
+		INPUT -i tun0 -j ACCEPT
+		OUTPUT -o tun0 -j ACCEPT"
+
+aktiviere_forward()
+{
+	echo "$IPT_RULES" | while read a
+		do	$IPT -A $a
+	  done
+	echo 1 >/proc/sys/net/ipv4/ip_forward
+}
+
+deaktiviere_forward()
+{
+	echo "$IPT_RULES" | while read a
+		do	$IPT -D $a
+	  done
+	echo 0 >/proc/sys/net/ipv4/ip_forward
+}
+
+case "$1" in
+	stop )
+		deaktiviere_forward
+		#/etc/init.d/dhcp stop
+		;;
+	* )
+		/sbin/ifconfig $1 192.168.0.1
+		#/etc/init.d/dhcp start
+		aktiviere_forward
+		;;
+  esac
+
diff --git a/defaults.conf.d/ssh_config b/etc-defaults.d/ssh-options.default
similarity index 100%
rename from defaults.conf.d/ssh_config
rename to etc-defaults.d/ssh-options.default
diff --git a/etc-defaults.d/ssh_config b/etc-defaults.d/ssh_config
new file mode 100644
index 0000000..de831bd
--- /dev/null
+++ b/etc-defaults.d/ssh_config
@@ -0,0 +1,17 @@
+Host cryptobox
+
+# change this part according to your needs
+HostName 192.168.0.23
+Port 22
+
+# maybe you want to use rsa authentication?
+# see misc/custom-configure.s/README for examples
+#IdentityFile local.conf.d/id_rsa
+
+# this should be valid for everyone
+User root
+CheckHostIP no
+StrictHostKeyChecking no
+
+# nice for frequently changing server key due to a rebuild of the base system
+UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts
diff --git a/etc-defaults.d/userdocexport.sh b/etc-defaults.d/userdocexport.sh
new file mode 100755
index 0000000..fc58d25
--- /dev/null
+++ b/etc-defaults.d/userdocexport.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+set -u
+
+## diese Seiten aus dem Wiki ziehen und entschlacken
+SITES="CryptoBox CryptoBoxDev"
+DEST_PATH="cryptobox.conf.d/var/www/userdoc/"
+[ ! -e $DEST_PATH ] && echo "$DEST_PATH does not exist" && exit
+
+for SITE in $SITES; do
+	SITE_SRC="https://systemausfall.org/wikis/howto/$SITE"
+	SITE_TMP="/tmp/$SITE"
+	SITE_DEST="${DEST_PATH}${SITE}.html"
+
+	[ -e $SITE_TMP ] && echo "$SITE_TMP exists" && exit
+	wget -O $SITE_TMP $SITE_SRC || exit 
+	sed -n "1,/\<title\>/p" $SITE_TMP > $SITE_DEST
+	echo "<link rel="stylesheet" type="text/css" charset="utf-8" media="all" href="../cryptobox.css">" >> $SITE_DEST
+	echo -e "</head>\n<body>\n" >> $SITE_DEST
+	sed -n /\<\!--\ start\ page\ --\>/,/\<\!--\ end\ page\ --\>/p $SITE_TMP >> $SITE_DEST
+	echo -e "</body>\n</html>\n" >> $SITE_DEST
+	rm $SITE_TMP
+done