From a016a099d4d803f129d7e814de98c7d281ae5042 Mon Sep 17 00:00:00 2001 From: System Administrator Date: Mon, 22 Apr 2024 21:42:35 +0200 Subject: [PATCH] /diag_backup.php made changes @ 2024-04-22T21:42:34.763200 (root@192.168.1.10) --- config.xml | 942 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 942 insertions(+) create mode 100644 config.xml diff --git a/config.xml b/config.xml new file mode 100644 index 0000000..afead15 --- /dev/null +++ b/config.xml @@ -0,0 +1,942 @@ + + + cicada + + + Increase UFS read-ahead speeds to match the state of hard drives and NCQ. + vfs.read_max + default + + + Set the ephemeral port range to be lower. + net.inet.ip.portrange.first + default + + + Drop packets to closed TCP ports without returning a RST + net.inet.tcp.blackhole + default + + + Do not send ICMP port unreachable messages for closed UDP ports + net.inet.udp.blackhole + default + + + Randomize the ID field in IP packets + net.inet.ip.random_id + default + + + + Source routing is another way for an attacker to try to reach non-routable addresses behind your box. + It can also be used to probe for information about your internal networks. These functions come enabled + as part of the standard FreeBSD core system. + + net.inet.ip.sourceroute + default + + + + Source routing is another way for an attacker to try to reach non-routable addresses behind your box. + It can also be used to probe for information about your internal networks. These functions come enabled + as part of the standard FreeBSD core system. + + net.inet.ip.accept_sourceroute + default + + + + This option turns off the logging of redirect packets because there is no limit and this could fill + up your logs consuming your whole hard drive. + + net.inet.icmp.log_redirect + default + + + Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway) + net.inet.tcp.drop_synfin + default + + + Enable sending IPv6 redirects + net.inet6.ip6.redirect + default + + + Enable privacy settings for IPv6 (RFC 4941) + net.inet6.ip6.use_tempaddr + default + + + Prefer privacy addresses and use them over the normal addresses + net.inet6.ip6.prefer_tempaddr + default + + + Generate SYN cookies for outbound SYN-ACK packets + net.inet.tcp.syncookies + default + + + Maximum incoming/outgoing TCP datagram size (receive) + net.inet.tcp.recvspace + default + + + Maximum incoming/outgoing TCP datagram size (send) + net.inet.tcp.sendspace + default + + + Do not delay ACK to try and piggyback it onto a data packet + net.inet.tcp.delayed_ack + default + + + Maximum outgoing UDP datagram size + net.inet.udp.maxdgram + default + + + Handling of non-IP packets which are not passed to pfil (see if_bridge(4)) + net.link.bridge.pfil_onlyip + default + + + Set to 1 to additionally filter on the physical interface for locally destined packets + net.link.bridge.pfil_local_phys + default + + + Set to 0 to disable filtering on the incoming and outgoing member interfaces. + net.link.bridge.pfil_member + default + + + Set to 1 to enable filtering on the bridge interface + net.link.bridge.pfil_bridge + default + + + Allow unprivileged access to tap(4) device nodes + net.link.tap.user_open + default + + + Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid()) + kern.randompid + default + + + Disable CTRL+ALT+Delete reboot from keyboard. + hw.syscons.kbd_reboot + default + + + Enable TCP extended debugging + net.inet.tcp.log_debug + default + + + Set ICMP Limits + net.inet.icmp.icmplim + default + + + TCP Offload Engine + net.inet.tcp.tso + default + + + UDP Checksums + net.inet.udp.checksum + default + + + Maximum socket buffer size + kern.ipc.maxsockbuf + default + + + Page Table Isolation (Meltdown mitigation, requires reboot.) + vm.pmap.pti + default + + + Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation) + hw.ibrs_disable + default + + + Hide processes running as other groups + security.bsd.see_other_gids + default + + + Hide processes running as other users + security.bsd.see_other_uids + default + + + Enable/disable sending of ICMP redirects in response to IP packets for which a better, + and for the sender directly reachable, route and next hop is known. + + net.inet.ip.redirect + default + + + + Redirect attacks are the purposeful mass-issuing of ICMP type 5 packets. In a normal network, redirects + to the end stations should not be required. This option enables the NIC to drop all inbound ICMP redirect + packets without returning a response. + + net.inet.icmp.drop_redirect + 1 + + + Maximum outgoing UDP datagram size + net.local.dgram.maxdgram + default + + + + normal + hellfire + ramanet.al + + admins + System Administrators + system + 1999 + 0 + 2000 + page-all + + + root + System Administrator + system + admins + $2y$11$uEpk0P3slRkzHHlUMJOAFe05tpUeppr1Fbz9HnSr39QE14uSB9um6 + 0 + + + $2y$11$k3VIrWrzhadZph33ruwc5uAzQrApkzoY5wfFWPAFUOXwKWh4cMybG + user + mshillam + Matthew Shillam + + + + matthew@shillam.me.uk + 2000 + + 2001 + 2000 + Europe/Amsterdam + 0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org + + https + 6626b18379cdc + + yes + 1 + + 1 + 1 + 1 + 1 + + hadp + hadp + hadp + + monthly + + 1 + 1 + + admins + + -1 + -1 + + + + os-git-backup,os-qemu-guest-agent,os-theme-cicada,os-theme-rebellion + + + + + en_US + 8.8.8.8 + 8.8.4.4 + none + none + none + none + none + none + none + none + 1 + + + 1 + https://gitea.shillam.me.uk/mshillam/OPNSense-ramanet-router-core-backup.git + master + + mshillam + Syfhcefh1 + + + + + + vtnet2 + + 1 + + 1 + dhcp + + + 32 + + + + + + + + SavedCfg + + + + + + + + + + vtnet0 + + 1 + + 192.168.1.1 + 24 + + + 1 + Loopback + 1 + lo0 + 127.0.0.1 + ::1 + 8 + 128 + none + 1 + + + LAND + vtnet1 + + + + + hmac-md5 + + + + + 192.168.1.10 + 192.168.1.245 + + + + + + + + + + public + + + + automatic + + + + + pass + inet + Default allow LAN to any rule + lan + + lan + + + + + + + pass + inet6 + Default allow LAN IPv6 to any rule + lan + + lan + + + + + + + + + + + + ICMP + icmp + ICMP + + + + TCP + tcp + Generic TCP + + + + HTTP + http + Generic HTTP + + / + + 200 + + + + HTTPS + https + Generic HTTPS + + / + + 200 + + + + SMTP + send + Generic SMTP + + + 220 * + + + + + 0.opnsense.pool.ntp.org + + + system_information-container:00000000-col3:show,services_status-container:00000001-col4:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show + 2 + WAN_GW + 1 + + + root@192.168.1.10 + /diag_backup.php made changes + + + + + + + + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + v9 + + + + 0 + + 1800 + 15 + + + + + + + + + 0 + 0 + 0 + wan + 192.168.0.0/16,10.0.0.0/8,172.16.0.0/12 + + + W0D23 + 4 + + + + + + + 0 + 0 + 0 + + + + + + + + + + + + 0 + 127.0.0.1 + 8000 + + + + + 0 + + 4000 + 1 + + + 0 + + + + + + + + + + 0 + 120 + 120 + 127.0.0.1 + 25 + + + 0 + auto + 1 + + + + + 0 + root + wHvLJw9sTchiJSjl9mtclfwI6dr4PAt + 2812 + + + 5 + 1 + + + 0 + root@localhost.local + 0 + + + + + + + 1 + $HOST + + system + + + + 300 + 30 +
+ + + + d154a552-cf23-45b4-8547-b8413dcc1d73,9e6aa406-ed77-4743-9869-8bb4489214f8,203ec5f2-5fbc-4874-b803-5fc2a40e0188,921cb3eb-3e54-472f-9d24-7bf20d7704f9 + + + + + 1 + RootFs + + filesystem + + + / + 300 + 30 +
+ + + + e1175c29-6370-46ad-bf39-18328561b9d4 + + + + + 0 + carp_status_change + + custom + + + /usr/local/opnsense/scripts/OPNsense/Monit/carp_status + 300 + 30 +
+ + + + 5aed87b3-eaa7-46cd-9242-71131b4e82f0 + + + + + 0 + gateway_alert + + custom + + + /usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert + 300 + 30 +
+ + + + b4e15ae9-5709-4885-835f-74acc95630d1 + + + + + Ping + NetworkPing + failed ping + alert + + + + NetworkLink + NetworkInterface + failed link + alert + + + + NetworkSaturation + NetworkInterface + saturation is greater than 75% + alert + + + + MemoryUsage + SystemResource + memory usage is greater than 75% + alert + + + + CPUUsage + SystemResource + cpu usage is greater than 75% + alert + + + + LoadAvg1 + SystemResource + loadavg (1min) is greater than 8 + alert + + + + LoadAvg5 + SystemResource + loadavg (5min) is greater than 6 + alert + + + + LoadAvg15 + SystemResource + loadavg (15min) is greater than 4 + alert + + + + SpaceUsage + SpaceUsage + space usage is greater than 75% + alert + + + + ChangedStatus + ProgramStatus + changed status + alert + + + + NonZeroStatus + ProgramStatus + status != 0 + alert + + + + + + 0 + WAN_GW + WAN Gateway + wan + inet + + 1 + 0 + 0 + 0 + + 0 + 255 + 1 + + + + + + + + + + + + + 1 + 1 + 31 + + + + + + + + + + + + 1 + 53 + + + + + + + + + + + + + + transparent + + + + + + + + + + 1 + + + + + + + + + + + + + 1 + 0 + + 0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10 + + + + + + + + + + + + + + + + + + allow + + + 0 + + + + + + +
+ + + + + + + + + + + + + + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 6626b18379cdc + Web GUI TLS certificate + LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVUk9iV2UrSGliZm1JSGliZHgzMm1ZWTkzUWdvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5EQTBNakl4T0RVd05EZGFGdzB5TlRBMU1qUXhPRFV3TkRkYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUUNhRlVZNGZzL0U5MDhROVdPMUJmNFJaa1lqZUd1akdMc3JYRlo4MEhtdFpWWlBGMi9RCkpSTm1rVWNuRjJPRzhwa29JaURvdDNVdU1NOXB0RWRHZy94VkVZNjkwdEZkeVFhbGd4cWNIVlIvb0tJNnBmbnUKYmprak0wSW9CWXdzMzZGMHpqQi9vZmFHblQ1dXhSd3BqVXhreDNzRG80R1k4SmVjRjVTamMrTW1kZFdaZU1JdgpBTjRtVVhRSkdEOUl5MkQ4SmZENWt0T2hyMmMyQWxyUzB0UHo0S1U3ZlhkNDJycWlKTUgxYU5PSVc1Q3RFZGIzCnNkRjdtMmhWK2ZHU21QSXFybitSQXhhN3VjeVNoUExlQUJUWFRPOUtKbjVGeWxmSGRra0tBT0NHbnN2TTd5Y28KRXF3K2JQNEN2OHAzQzVSRExDSERpdVFyUitWOWkrWlB6czN0M0R2YWthd0lWOU5IWHNPSFJFL29aUFp5OFQ1Uwo2Y3QyUHNRODlQK2llWXNiR2xRUWkvYTlrMkRQVEFvdERtZWxDMWV4TkZyVWVxMFg5dkpucytFUzJTTTRId2plClhvb05jMEU3bkxPQWlDOEpSaGNNZEZ5cFJSU3lQRHFYRmVzVElQL2w5b0ZBSE1RZkNzbkNJQS80RWlsNjN3WVYKUnhFNDNQbXhPWjNvWU1vN2JDRzJNRUhjL1F3NWFwOURzNXNobXJPS3FPUFJyS3VyWHRzNDZTeStJZ1YvSjR2cAowVll4YmRsNTBYWWFUOE8wTU9sUHcyZlJMZXFXWmZSQmp6ZzlFZ0RTM2dNcmp6YUlFT1RaR254NTZoVlM2YnNSCm5EeVNhQ21iYmFsS2RtbGQ0bGRoYVMxRUl5MFBueGlvS2ZDZ1NRT25iQTJrYSt6cWgyaDZWUitIcndJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkNKekVZNngyU1hnNEx1ZExKVlFhVmMwemxLV01JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVVJPYlcKZStIaWJmbUlIaWJkeDMybVlZOTNRZ293SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQU5HcDZVWkJ4WEdIcjdxb09pcC9mZ3A1QVhidVpPN1ZlQU02RlExU1IKVGI5anYzQlNybHZydUh6R2NhOFV5a3dIWWlNL000enRlWndBNXVjWVZBQi8rbnovblVaakV6VG4zT2EvN2RJZgpxc0R1NTZ0OWdCVGNXWXJVdGp4NHFDVGlsSXdLOGIwK0xYNEV4MFRWRFFoWmJTdG1udU82ZEhPWk1mQk1lMk5uCllpbWdNMytVZUVWZkkzQlk5bDRXb1RSM082eS9EMzFjaGxRS1NHWExXay9HaXp3V3gyZXF6VC8waXhmZmxNY3MKKzQxaU5UVUpLQzh4Tlh4R3lvek9aS0xNcjc0RFB1QjJ3OEtVcTdMNlVnVlA5V3RydHE0NGlTU3E4dXpoa0N1cwpRb3ZTeTQzaFhMVVhZMFE3Qzljd21xUk5SeTJGUm5KNnkyWjNVbFV0UEJtd3d1M2c2SWsrV0VSM0Jhak1ZaGF5ClY0eWFGYVRtcXZGOGtRZUhUTGFWZVBNSVczV2FqbVhmc0M5NlNNVTV5b3RQT1pXb2pITXloNEtJM2NTc1laRGwKNzFnSnJmRHl0TUVWdGE0Uk9sZVZ1RVl2TGhsamRTTnFKWFd6N29DcnBKOGowOEVhRWowaGVkVk1STGZCbVcrdgppUk45NHcvTFNKTFpZRGJqUEJPWU1nbW5rWFlUV283dlp5Rm1HZWJwOHZIVGRZdGg0K3lINzRkY1d6N1l1ZkVWClZPUzBhd2s0Qk4rZVJxUWdubll0OEZRclVuM1pzd2pldUttL2QyYnc0M20rUnhzcmJFN1o2VkZ1bUlrZWRNZ1AKWDNGZTY5NXZPM3lWNlc2ejJwRkRrNTVWUXh3MG1RK2UzYWx6d3E0dDkvYWgzVGpIVzdWR1E3QWZBODg5cEczbgoweDA9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRQ2FGVVk0ZnMvRTkwOFEKOVdPMUJmNFJaa1lqZUd1akdMc3JYRlo4MEhtdFpWWlBGMi9RSlJObWtVY25GMk9HOHBrb0lpRG90M1V1TU05cAp0RWRHZy94VkVZNjkwdEZkeVFhbGd4cWNIVlIvb0tJNnBmbnViamtqTTBJb0JZd3MzNkYwempCL29mYUduVDV1CnhSd3BqVXhreDNzRG80R1k4SmVjRjVTamMrTW1kZFdaZU1JdkFONG1VWFFKR0Q5SXkyRDhKZkQ1a3RPaHIyYzIKQWxyUzB0UHo0S1U3ZlhkNDJycWlKTUgxYU5PSVc1Q3RFZGIzc2RGN20yaFYrZkdTbVBJcXJuK1JBeGE3dWN5UwpoUExlQUJUWFRPOUtKbjVGeWxmSGRra0tBT0NHbnN2TTd5Y29FcXcrYlA0Q3Y4cDNDNVJETENIRGl1UXJSK1Y5CmkrWlB6czN0M0R2YWthd0lWOU5IWHNPSFJFL29aUFp5OFQ1UzZjdDJQc1E4OVAraWVZc2JHbFFRaS9hOWsyRFAKVEFvdERtZWxDMWV4TkZyVWVxMFg5dkpucytFUzJTTTRId2plWG9vTmMwRTduTE9BaUM4SlJoY01kRnlwUlJTeQpQRHFYRmVzVElQL2w5b0ZBSE1RZkNzbkNJQS80RWlsNjN3WVZSeEU0M1BteE9aM29ZTW83YkNHMk1FSGMvUXc1CmFwOURzNXNobXJPS3FPUFJyS3VyWHRzNDZTeStJZ1YvSjR2cDBWWXhiZGw1MFhZYVQ4TzBNT2xQdzJmUkxlcVcKWmZSQmp6ZzlFZ0RTM2dNcmp6YUlFT1RaR254NTZoVlM2YnNSbkR5U2FDbWJiYWxLZG1sZDRsZGhhUzFFSXkwUApueGlvS2ZDZ1NRT25iQTJrYSt6cWgyaDZWUitIcndJREFRQUJBb0lDQUMxWkJZbXJDTXNYWGhYSG9zaXNNdEk4CkgzaGhBSXpId281SVpzdmxMMnB3NEszMlg5b0tqMk1vYnFCNnFiZ1Z2aTJwbmJYZ0NJVEhxTU9iWXo3RnFZWC8KM05yUktQMUpKTU9oaWp0WUJuNXBjRldDYzhSUWZGQjN6WWlwMlU5N29iRVczZjh5VTdQYW8zMUdWYnVFOG03Vwpwc1d6WVhqNWxpVkNhMlNQdnRLYTYzcDNwKzdkZW9RY2hPSUlXTmU3dzVkeU16SEFuTGlCUHdjT09sekIzODl1CjFqSmtBcjEyNG1iR0dxOTNZb3BIS0pWSEl0VlRhQ3ZRMlN3MG0zeGh0eVFJcDFLdWJncGg3R3RTNVllZ3pvRnYKQ3gzdnBrb3oreEdoSm0zalJERmFtdkI5a2pDaERrQnhJM0Q3c1VMSURhS1hZbmlDY0JTczNFWE8zc0d1UTd6QQpUYVNTYzJBRzE5QzZsV2pmNTFVSFZ6VlB1aFFHRWxyelZ1NVRYRGNQRDllSENKNWtDWncxYXFXenFWM00wTXFuCkFRZjdQbXhMMnlIdDRNZkdZTWdpTnJuREdVL2h2bm9WeTZBeWdBL05XYzNScEk4VzVPNWZUa0lTVXJTOXRuZjAKbjdsRjBmcFBSYVo5bGsxSSthZXNxaHZ3UmNCWTdScHNzWUtJOFlBZGRYMEQ5Z3U0MzdETHB5SjNkVzV4N2R0YgphVGxhRW5mVUxkQVdTOFAwRFNabnN0ak5IUjQwbm54KzhvQ3k5TG5vWm5UbUFGWXZIaUxaaFpDejdvTTBpdk05CjY2RFc1cjlkVEl3WVdiUG5mWEtCVjAvMlpBMVRiVDhRUnphbUEzQTFhVXlUZE9ZaXRIRVdmQ29JZFdUZ1ZkOE4KTjVvVlZ4WGQ2Y21lVlc2NFcvc0JBb0lCQVFEV1dHa3c3WlRWa1lSTkZ3K1c5WTlicThNMStoYjFVeG1BQ1AwYQo2S3RUcHN3UDVLTjIyb09qd0VEc0FDa3JrenVLd2RBUFRldW52U0E5aGZmaFQ3aHJrVlZnaFYxa0NoMFl3ak45CmcwNTFxTmFsZ3JqOGthNVVHNGdnSm9QNmlMT2lBV1g3clFudGhaSlI2S0pDODlXYnFEK1lKVWQvLzU2aTFSMXIKRzFJaUVtRS8yUzlRbXhhY0N3cmR3WmlkNkQwa3ltTEpHUjV5Y1UvaXFhM3h0SWhFbFV0NHVOd3V2dHlVaG54NApOL2N5ZVk0anZWWDdHbjBNemhndGQ4MnR4dEttWlk3bUh3cVNaeWNCSnhPY0hUL2xIZzFOYjBTTHRTaFdwM1NRClFLRHVacGJSMlZvRkhKSXJDODJCOEpzdit2b2Z4RDhRVEdXVksxSjQzcUJkRGtmeEFvSUJBUUM0QnRlZ3hXMGIKeTViZHhzRVZUT2RWeXBKVmNyRDJuWU1BSFFUa1A5QUh3RlVib20wN3AxR2dpY3JRWTlMMkVTZDJCbFpxdWNiUQo3WExoTklMWEJSdjBVOUxtTHloSEU4djd0VFhOMmRjM2RCcm5RNE5xWEdCLzFJT2NtVmZNeExvR3pYa0JLQmVXCmp0bjZiMTRZUkNmbWdFU1d6eXR5S0psYWxPMFNUam5oMTZ4ajRZbFVncWJNa041TC9jTXlORUYxRzFEUTREcTcKS1dzSi83YnRlVmlGZ1M4ZUlQSUJXUDB0cFBjZUluYy9ReTAyYUFTZXVuU2YvYXZic2ZxVkg4UWhnZ0xZcmdBRQpuWS90bEorU1VOMm9xOTNuTkxYc215RjVZQlVRUGNvQzExTFhJckZqN01HSjg1Z083NWtxQmN2cmt6RmwwNUp4ClFMS1pwWnFBcjJtZkFvSUJBUUNseUpIcnJ3WmJ2UVlvSGZzSDFudi8ralN0VGZadDNzMHRVMFo0aHBia3gzQ3oKcGpLc1hjeE5YZ2lZd0hNWGFmUTJtVHNVYXo4bWFNaEQ3WmRRcERsT3NZVG9kNTVKSHUxc1ZlQS9ac3pMZ2tBcQptWlg4ZTZ6ckRyUlZzWlNJdFN6QzAvUU9HY05BKy91MDhJcDM0R0pKMTNNQWVXejQyanZYVTZCQ1ZFcE5ZZ3ZuCnQxSzZOSW5qUFVNMVMyU0FWYnpjOU5BOUcvbUpxSXlTRW8wZ0VuTUhJTFhUOUo4UVpMejAvNlBMMC9XVkM2RmQKa1Rhc1ZjdDhtUGJvUys1QVJ6UnNVTWFheEUySCtOS1pPS0VaTVNKWFVzd1ZKVWRPQzFyYzB2MzhDSkN3YzVhWgpUbFFxK2ZNdjZod1VNWVhHTVljK0JLcUdMNkN1SkdqUVpkaUF3T2Z4QW9JQkFEVGFFamVrTzgvTnlzaHErcTBwClp3OG1uSnhaMGlVaDI2dStxZGI3MUwxRktheEVHK2NVQ01kNGkzMEtEbDZKVXJIODQvakczaWpHNlVWd2xWczMKcG0yblhWeXFrb0RIV01BenJQNHY0RFdXN05zYWNyV3JUak9vVHh3OGxoREROMElZNVBYR0UvQXptcnJvSFRnTwo2djZ5UEFDc0F5aElMTEx0THFFaFFsSndaSnhTKytQL21mUUtieTJYOWVXSFNIMWZtUGhFVGRuTzdXVHp3ZysxCjJBeVBxMzZWcTZ0amFXTWdpN0JsNmFXTG40S09vVFVOQzgyZlJ5cFRsVW9hMDNOa0tYa2RqL2ZEWU1DMC9KZEQKRGtZUkJpd080V2pRck81MC85ZW9SMHBGbVE4Y2NhSG5MeloxZFdoa3U3SnI4OEwyaFN0ZmRpRjhtVTZ6VndvNgpWclVDZ2dFQUwvdkhOa2V0dlFRZi9vZkZ5VlhtR2NKcEkzcmhpQmZjR2hMUDN0ZmNraklwRnVpVnIzMmJoZkN6Cm9hNFpaamh5VXJMbEpuQzZHc3VSUVhIMGpIU3BSS2VMclg0emlCLy9zckxGL0JFQVhCTzBwZytiYXd3YmtQNXUKT1pnNlBXeG1DZlg4NnJ1ZXAzaUJ6ZzZ5WC85ckg3WnltV3oxNEU4ZGhFNi94b2pxRHdDUVJ6ZmlJekdsaGlSKwpjc2JxOFZQTkQ1QzFUM1pxeTVsS2tpRWljNzNRV3h2RU5SaElCa0FKdEgzUE1iOWxuTXlFbHgwQWZkS1RFOVVDCmpKL1VjQ04rV3ROQk9Na3RNY25GTEY4NVU1bFBBNi9uTjMyRmdLMDFIRVNidUFWNEZvaEc3YWRLRGhiaGx5U0wKb0U5RVhCWHRMSnNuZ0ZoajlTUUJDOGR2R2RBdUNRPT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo= + +