commit 880269094fcfb1d809a984737851983127815a35 Author: System Administrator Date: Fri Dec 6 14:01:46 2024 +0000 /diag_backup.php made changes @ 2024-12-06T14:01:46.825800 (root@192.168.1.100) diff --git a/config.xml b/config.xml new file mode 100644 index 0000000..9f92215 --- /dev/null +++ b/config.xml @@ -0,0 +1,1730 @@ + + + rebellion + + + Increase UFS read-ahead speeds to match the state of hard drives and NCQ. + vfs.read_max + default + + + Set the ephemeral port range to be lower. + net.inet.ip.portrange.first + default + + + Drop packets to closed TCP ports without returning a RST + net.inet.tcp.blackhole + default + + + Do not send ICMP port unreachable messages for closed UDP ports + net.inet.udp.blackhole + default + + + Randomize the ID field in IP packets + net.inet.ip.random_id + default + + + + Source routing is another way for an attacker to try to reach non-routable addresses behind your box. + It can also be used to probe for information about your internal networks. These functions come enabled + as part of the standard FreeBSD core system. + + net.inet.ip.sourceroute + default + + + + Source routing is another way for an attacker to try to reach non-routable addresses behind your box. + It can also be used to probe for information about your internal networks. These functions come enabled + as part of the standard FreeBSD core system. + + net.inet.ip.accept_sourceroute + default + + + + This option turns off the logging of redirect packets because there is no limit and this could fill + up your logs consuming your whole hard drive. + + net.inet.icmp.log_redirect + default + + + Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway) + net.inet.tcp.drop_synfin + default + + + Enable sending IPv6 redirects + net.inet6.ip6.redirect + default + + + Enable privacy settings for IPv6 (RFC 4941) + net.inet6.ip6.use_tempaddr + default + + + Prefer privacy addresses and use them over the normal addresses + net.inet6.ip6.prefer_tempaddr + default + + + Generate SYN cookies for outbound SYN-ACK packets + net.inet.tcp.syncookies + default + + + Maximum incoming/outgoing TCP datagram size (receive) + net.inet.tcp.recvspace + default + + + Maximum incoming/outgoing TCP datagram size (send) + net.inet.tcp.sendspace + default + + + Do not delay ACK to try and piggyback it onto a data packet + net.inet.tcp.delayed_ack + default + + + Maximum outgoing UDP datagram size + net.inet.udp.maxdgram + default + + + Handling of non-IP packets which are not passed to pfil (see if_bridge(4)) + net.link.bridge.pfil_onlyip + default + + + Set to 1 to additionally filter on the physical interface for locally destined packets + net.link.bridge.pfil_local_phys + default + + + Set to 0 to disable filtering on the incoming and outgoing member interfaces. + net.link.bridge.pfil_member + default + + + Set to 1 to enable filtering on the bridge interface + net.link.bridge.pfil_bridge + default + + + Allow unprivileged access to tap(4) device nodes + net.link.tap.user_open + default + + + Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid()) + kern.randompid + default + + + Disable CTRL+ALT+Delete reboot from keyboard. + hw.syscons.kbd_reboot + default + + + Enable TCP extended debugging + net.inet.tcp.log_debug + default + + + Set ICMP Limits + net.inet.icmp.icmplim + default + + + TCP Offload Engine + net.inet.tcp.tso + default + + + UDP Checksums + net.inet.udp.checksum + default + + + Maximum socket buffer size + kern.ipc.maxsockbuf + default + + + Page Table Isolation (Meltdown mitigation, requires reboot.) + vm.pmap.pti + default + + + Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation) + hw.ibrs_disable + default + + + Hide processes running as other groups + security.bsd.see_other_gids + default + + + Hide processes running as other users + security.bsd.see_other_uids + default + + + Enable/disable sending of ICMP redirects in response to IP packets for which a better, + and for the sender directly reachable, route and next hop is known. + + net.inet.ip.redirect + default + + + + Redirect attacks are the purposeful mass-issuing of ICMP type 5 packets. In a normal network, redirects + to the end stations should not be required. This option enables the NIC to drop all inbound ICMP redirect + packets without returning a response. + + net.inet.icmp.drop_redirect + 1 + + + Maximum outgoing UDP datagram size + net.local.dgram.maxdgram + default + + + + normal + OPNsense + lan + + admins + System Administrators + system + 1999 + 0 + 2000 + page-all + + + root + System Administrator + system + admins + $2y$11$iPjVjQ6qeXicKxg54K5NTO3R8xmMcJLmyc7C5WVxSc9Ve.1Ddxyme + 0 + + + $2y$11$iZJkQAOm.8cwWzGkTWCYGOE3MYK1I4l2KqrHhaD8OShs3NJ/J/yc6 + user + waylon + Waylon Walker + + + + waylon@waylonwalker.com + 2000 + + + aE3Pbp40Qi1xUbE4aBepKKywGc3Emq1bKW8afvzCwBW+KGy+2hvE5TZWS7H20tgA+icvgodt5t5vSGok + $6$$IPl5k7jG1izlt4xJRZwD/2pwGig9atr6yhgtrZfTA0JUwjQFGuQrBNIABrzuRWK1myfapN1C8T9wgHBqKMJYb. + + + + 2001 + 2000 + Etc/UTC + 0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org + + https + 661bb4ae115fd + + + + + + yes + 1 + 1 + 1 + 1 + 1 + 1 + + hadp + hadp + hadp + + monthly + + 1 + 1 + + admins + 1 + + + + + + + enabled + 1 + 1 + + -1 + -1 + + + + os-git-backup,os-theme-rebellion + + + + + en_US + + none + none + none + none + none + none + none + none + 115200 + video + + + 1 + https://github.com/WaylonWalker/opnsense + master + -----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW +QyNTUxOQAAACC0UzxgWWw2Uo3qppmxk652WtO8V4g++nxBsOKft0Ms1QAAAJhepAAtXqQA +LQAAAAtzc2gtZWQyNTUxOQAAACC0UzxgWWw2Uo3qppmxk652WtO8V4g++nxBsOKft0Ms1Q +AAAEAvlL9FtOFhRh91VV3/8ni0M8knsYAcBtjgBF5zeuj/0bRTPGBZbDZSjeqmmbGTrnZa +07xXiD76fEGw4p+3QyzVAAAAEXdheWxvbkByYXpvcmNyZXN0AQIDBA== +-----END OPENSSH PRIVATE KEY----- + + waylonwalker + + + + + + + igc1 + + 1 + 1 + + 1 + 1 + dhcp + + + 32 + + + + + + + + SavedCfg + + + + + + + + dhcp6 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + igc0 + + 1 + 1 + + 192.168.1.1 + 24 + track6 + wan + 0 + + + 1 + Loopback + 1 + lo0 + 127.0.0.1 + ::1 + 8 + 128 + none + 1 + + + tailscale0 + tailscale + 1 + 1 + + + + + + 1 + hmac-md5 + 192.168.1.106 + netboot.xyz.efi + 1 + 192.168.1.106 + netboot.xyz.kpxe + netboot.xyz.efi + netboot.xyz.efi + + + + + 192.168.1.10 + 192.168.1.245 + + + + + + a8:a1:59:2b:04:68 + 192.168.1.100 + razorcrest + Waylon's Desktop + + + + + + 38:60:77:37:b1:42 + 192.168.1.106 + falcon-FX6860 + 1 + + + + + + 08:9e:08:f7:61:90 + 192.168.1.107 + + + + + + 9c:8e:cd:3d:7d:17 + Office-Camera + 192.168.1.108 + AMC091A453B0598297 + Office Amcrest Camera + + + + + + d8:9c:67:94:f3:47 + 192.168.1.132 + wyatt-HP-Pavilion-Gaming-Desktop-690-00xx + + + + + + 9c:8e:cd:3d:89:58 + 192.168.1.159 + AMC091CB203950F639 + driveway amcrest camera + + + + + + 9c:8e:cd:3d:87:f1 + 192.168.1.160 + AMC091C68497D0A541 + front door amcrest camera + + + + + + 9c:8e:cd:3d:90:ca + Anns-Corner + 192.168.1.161 + AMC091E3BB673A9616 + Anns Corner Amcrest Camera + + + + + + f6:b0:2c:bd:7f:5b + 192.168.1.168 + falcon2 + falcon2 7050 mt server + falcon2.lan + + + + + + 52:54:00:9d:d6:40 + 192.168.1.169 + k3s-p1 + k3s-p1 vm + k3s-p1 + + + + + + 52:54:00:10:56:ec + 192.168.1.170 + lb-p1 + lb-p1 vm + lb-p1.lan + + + + + + 52:54:00:19:f9:e8 + 192.168.1.171 + nfs-p1 + nfs-p1 vm + + + + + + + + + + public + + + + hybrid + + + + + + pass + inet + Default allow LAN to any rule + lan + + lan + + + + + + + pass + inet6 + Default allow LAN IPv6 to any rule + lan + + lan + + + + + + + + + + + + ICMP + icmp + ICMP + + + + TCP + tcp + Generic TCP + + + + HTTP + http + Generic HTTP + + / + + 200 + + + + HTTPS + https + Generic HTTPS + + / + + 200 + + + + SMTP + send + Generic SMTP + + + 220 * + + + + + 0.opnsense.pool.ntp.org + + + system_information-container:00000000-col3:show,services_status-container:00000001-col4:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show,log-container:00000004-col4:show,thermal_sensors-container:00000005-col4:show,traffic_graphs-container:00000006-col4:show,carp_status-container:00000007-col4:show + 2 + + + root@192.168.1.100 + /diag_backup.php made changes + + + + + + 1 + 53 + 1 + + + + + + + + + + + + + transparent + + + + + + + + + + 1 + + + + + + + + + + + + + 1 + 0 + + 0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10 + + + + + + + + + + + + + + + + + + allow + + + 1 + 0 + atf,bla0,blf,blm,blp,blp1,blr,blr0,bls,pa,pt + + itch.io + + +
+ 0 + + + + + + + 1 + dot + + 1.1.1.1 + 853 + cloudflare-dns.com + + + 1 + dot + + 1.0.0.1 + 853 + cloudflare-dns.com + + + 1 + dot + + 2606:4700:4700::1111 + 853 + cloudflare-dns.com + + + 1 + dot + + 2606:4700:4700::1001 + 853 + cloudflare-dns.com + + + + + 0 + registry + wayl.one + A + + + 192.168.1.106 + registry-direct + + + 0 + my + home + A + + + 192.168.1.106 + + + + 0 + home + localdomain + A + + + 192.168.1.106 + + + + 0 + test + localdomain + A + + + 192.168.1.106 + + + + 0 + office + wayl.one + A + + + 192.168.1.108 + + + + 0 + wyatt + lan + A + + + 192.168.1.132 + + + + 0 + jellyfin + wayl.one + A + + + 192.168.1.106 + + + + 0 + jellyfin + lan + A + + + 192.168.1.106 + + + + 0 + prometheus + wayl.one + A + + + 192.168.1.106 + prometheus-direct + + + 0 + whoami + wayl.one + A + + + 192.168.1.106 + frigate-direct + + + 0 + localfrigate + wayl.one + A + + + 192.168.1.106 + frigate-direct + + + 0 + f + wayl.one + A + + + 192.168.1.106 + frigate-direct + + + 0 + t + wayl.one + A + + + 192.168.1.106 + traefik-direct + + + 0 + traefik + wayl.one + A + + + 192.168.1.106 + traefik-direct + + + 0 + argocd + wayl.one + A + + + 192.168.1.106 + argocd-direct + + + 0 + argocd + wayl.one + A + + + 192.168.1.106 + argocd-direct + + + 0 + argo-workflows + wayl.one + A + + + 192.168.1.106 + argo-workflows-direct + + + 0 + registry-ui + wayl.one + A + + + 192.168.1.106 + registry-ui-direct + + + 1 + speed + wayl.one + A + + + 192.168.1.169 + speed-direct + + + + + + 1 + terraria.wayl.one + 192.168.1.106 + 0 + + + + 0 + jellyfin.lan + 192.168.1.106 + 0 + + + + + + + + 0 + + 4000 + 1 + + + 0 + + + + + + + + + 0 + 127.0.0.1 + 8000 + + + + + + + + + + opnsense.uncategorized.rules + 1 + + + opnsense.test.rules + 1 + + + opnsense.social_media.rules + 1 + + + opnsense.messaging.rules + 1 + + + opnsense.media_streaming.rules + 1 + + + opnsense.mail.rules + 1 + + + opnsense.file_transfer.rules + 1 + + + tor.rules + 1 + + + threatview_CS_c2.rules + 1 + + + emerging-worm.rules + 1 + + + emerging-web_specific_apps.rules + 1 + + + emerging-web_server.rules + 1 + + + emerging-web_client.rules + 1 + + + emerging-voip.rules + 1 + + + emerging-user_agents.rules + 1 + + + emerging-tftp.rules + 1 + + + emerging-telnet.rules + 1 + + + emerging-sql.rules + 1 + + + emerging-snmp.rules + 1 + + + emerging-smtp.rules + 1 + + + emerging-shellcode.rules + 1 + + + emerging-scan.rules + 1 + + + emerging-scada.rules + 1 + + + emerging-rpc.rules + 1 + + + emerging-pop3.rules + 1 + + + emerging-policy.rules + 1 + + + emerging-phishing.rules + 1 + + + emerging-p2p.rules + 1 + + + emerging-netbios.rules + 1 + + + emerging-mobile_malware.rules + 1 + + + emerging-misc.rules + 1 + + + emerging-malware.rules + 1 + + + emerging-ja3.rules + 1 + + + emerging-info.rules + 1 + + + emerging-inappropriate.rules + 1 + + + emerging-imap.rules + 1 + + + emerging-icmp_info.rules + 1 + + + emerging-icmp.rules + 1 + + + emerging-hunting.rules + 1 + + + emerging-games.rules + 1 + + + emerging-ftp.rules + 1 + + + emerging-exploit_kit.rules + 1 + + + emerging-exploit.rules + 1 + + + emerging-dos.rules + 1 + + + emerging-dns.rules + 1 + + + emerging-deleted.rules + 1 + + + emerging-current_events.rules + 1 + + + emerging-coinminer.rules + 1 + + + emerging-chat.rules + 1 + + + emerging-attack_response.rules + 1 + + + emerging-adware_pup.rules + 1 + + + emerging-activex.rules + 1 + + + dshield.rules + 1 + + + drop.rules + 1 + + + compromised.rules + 1 + + + ciarmy.rules + 1 + + + botcc.portgrouped.rules + 1 + + + botcc.rules + 1 + + + 3coresec.rules + 1 + + + abuse.ch.urlhaus.rules + 1 + + + abuse.ch.threatfox.rules + 1 + + + abuse.ch.sslipblacklist.rules + 1 + + + abuse.ch.sslblacklist.rules + 1 + + + abuse.ch.feodotracker.rules + 1 + + + + + 1 + 1 + 1 + wan + 192.168.0.0/16,10.0.0.0/8,172.16.0.0/12 + + 624e940a-0a93-4f9c-88c2-a343c9828dbc + W0D23 + 4 + hs + + + + + + 1 + 0 + 0 + + + + + + + + 0 + entrance-cam + aFlcQ76AD1ioKKdrW72vFLpQfcZVyADcCUQObC3CLRI= + 4GEAVqthEzF97LpZxmsWl4M9DJhpr+JZjAI2JbXmmVM= + 10.0.0.0/24,192.168.1.1/24,0.0.0.0/0,::/0 + 10.0.0.15 + 51820 + + + + 0 + kitchen-cam + +Rg1jvykOkrlVAntpjwyOHS4H86cGZK5/jz43hlGuFs= + L8RO9fvOsNWr5Sk+HAO1v3Ekww3rF6D2OvsuOkFvMok= + 0.0.0.0/0,::/0 + 10.0.0.30 + 51820 + + + + + + + + 0 + entrance-camera + 0 + aFlcQ76AD1ioKKdrW72vFLpQfcZVyADcCUQObC3CLRI= + 4GEAVqthEzF97LpZxmsWl4M9DJhpr+JZjAI2JbXmmVM= + 51820 + + + + 0 + + + 77d56a59-51c9-4c2e-9519-8fcaa4a6ec69,2f8fb9b4-1af3-4dbf-b20d-b43238b1ce6d + 192.168.1.1:51820 + + + + + + 0 + + + + + + + + + + + + + + + + + + 0 + GOOGLE_HOME_NETWORK + network + + + 0 + + 10.0.0.0/24 + + Google Home Wifi Network + + + 1 + test + host + + + + + 192.168.1.168 + + test from python + + + + + + + + + + + + + + + + + + + 1 + 1 + 31 + + + + + + + 0 + WAN_GW + WAN Gateway + wan + inet + + 1 + + 1 + + + + 255 + 1 + + + + + + + + + + + 0 + GOOGLE_HOME_GW + Google Home Wifi + lan + inet + 192.168.1.107 + 0 + 0 + 1 + 0 + + 0 + 255 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IDS + 1 + 0 + 0 + * + * + * + root + ids update + + ids rule updates + + + + + + + + + + + + + + + 0 + 120 + 120 + 127.0.0.1 + 25 + + + 0 + auto + 1 + + + + + 0 + root + OcGut1BQhu5R73uEHM2 + 2812 + + + 5 + 1 + + + 0 + root@localhost.local + 0 + + + + + + + 1 + $HOST + + system + + + + 300 + 30 +
+ + + + f9e81280-2dd6-495a-b9ee-5b68db054dc8,b5a47d22-0b91-414c-a127-a13f133ba9b7,7f0100bb-5580-4858-acda-5140cce9cb9f,9f8709cd-33c9-42e4-ac1f-5ca53ee15241 + + + + + 1 + RootFs + + filesystem + + + / + 300 + 30 +
+ + + + 455b8b34-a939-4425-b059-7b2f0036bb94 + + + + + 0 + carp_status_change + + custom + + + /usr/local/opnsense/scripts/OPNsense/Monit/carp_status + 300 + 30 +
+ + + + 2810c9cb-1873-4bd4-944a-ee7aeab99ed6 + + + + + 0 + gateway_alert + + custom + + + /usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert + 300 + 30 +
+ + + + a3261e02-14b7-4336-aebb-2c028101adb7 + + + + + Ping + NetworkPing + failed ping + alert + + + + NetworkLink + NetworkInterface + failed link + alert + + + + NetworkSaturation + NetworkInterface + saturation is greater than 75% + alert + + + + MemoryUsage + SystemResource + memory usage is greater than 75% + alert + + + + CPUUsage + SystemResource + cpu usage is greater than 75% + alert + + + + LoadAvg1 + SystemResource + loadavg (1min) is greater than 8 + alert + + + + LoadAvg5 + SystemResource + loadavg (5min) is greater than 6 + alert + + + + LoadAvg15 + SystemResource + loadavg (15min) is greater than 4 + alert + + + + SpaceUsage + SpaceUsage + space usage is greater than 75% + alert + + + + ChangedStatus + ProgramStatus + changed status + alert + + + + NonZeroStatus + ProgramStatus + status != 0 + alert + + + + + + + + v9 + + + + 0 + + 1800 + 15 + + + + + + + + 10.0.0.0/24 + GOOGLE_HOME_GW + Google Home Wifi Gateway + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + 6751e71aed27c + cert1 + LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURYekNDQWtlZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFqTVFzd0NRWURWUVFHRXdKQlJERVUKTUJJR0ExVUVBd3dMYVc1MFpYSnVZV3d0WTJFd0hoY05NalF4TWpBMU1UYzBOekEzV2hjTk1qY3dNekV3TVRjMApOekEzV2pBak1Rc3dDUVlEVlFRR0V3SkJSREVVTUJJR0ExVUVBd3dMYVc1MFpYSnVZV3d0WTJFd2dnRWlNQTBHCkNTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDY0g1WGpJUm1uNnhNbnpzV1JzRU9DaHpYWmgwbkQKcTh5d3FEdWtIVE44RTFVTmJ1clVUZFF5czFOV1FTWEhHTm1Xc05BSTZuMzNtcmtvVk14QmtLQ01zbHhmMVR2Vwo4N1lkT3IwVVBhNWhUZ3dDYXUrQ2lCaWtFL1RLQ2dwdEdoTHNMUHZhckNaRzVCU3k4UFlEbGZ4VVlkNElrREg1CnVsZk1uVHV0OG1pRkh5RkJXYkZ6WkZ5eFIybjdpdEhhTStsMERSajZSRFJTdE8zMFphUnh2SmlpeXhHVVAyNjEKU3I1VXM1eHU4MFF2VHQ0WVREa0xlRTh4NmpKRERLaG1mUEZtMGZTaVl4NTFDR0M1TTk4UWRvdGdTWUt0d3VUbApGY2thVTZacmQ4NmVmQzYzUGdRQXpaYTllMUJlbFhGenlVTkRtUlJGUHFUVjIyUnRuMk5Ddi9raEFnTUJBQUdqCmdaMHdnWm93TndZSllJWklBWWI0UWdFTkJDb1dLRTlRVG5ObGJuTmxJRWRsYm1WeVlYUmxaQ0JEWlhKMGFXWnAKWTJGMFpTQkJkWFJvYjNKcGRIa3dIUVlEVlIwT0JCWUVGUERnWHdHMjZ3M2QwQ1d1Q2JQWlpxVDVRZlRDTUI4RwpBMVVkSXdRWU1CYUFGUERnWHdHMjZ3M2QwQ1d1Q2JQWlpxVDVRZlRDTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3CkRnWURWUjBQQVFIL0JBUURBZ0dHTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCOWhKWjJYSGx4R2tHV1BWZGMKSi9ROG1LZ1JZclNzWFZDVEdmNVZLbDFOWG8yVk9CTWtYODNCdlphR0dPa0NOcGQwdTdXWkx0Skkya1cxcmNYcApWVFlQdlZnTC9PdGw3NUIySFo3L282NzRzYzY5aGt1RDlYdUlYc2srMVVWV1pES3BNVFpROGg2T0hZbmF5eVpmClhpNDFCRisreVJLbWtFZzV6YjlRQXR4WGVLeGdORG9TMWovYXE2a3dHdjdJTksyWGFNam50QlJXNW4vU3QwT28KRmtqZzlQUFo3cDk0UjZEa2JxMGFScDl3ektVUUE2NTVDUzI0OUJnWWdBcWlSTFAwc09laDN4bnRjblNwMEN1RApDSm8vMHFSRlhETGg4bG9LQjBvWTI5YlRRWGFydWxObW5uRGlnTmRQbEFrVE1GWVVvT2ltMEszRmtVK2RTME9LCm1kRnoKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQ2NINVhqSVJtbjZ4TW4KenNXUnNFT0NoelhaaDBuRHE4eXdxRHVrSFROOEUxVU5idXJVVGRReXMxTldRU1hIR05tV3NOQUk2bjMzbXJrbwpWTXhCa0tDTXNseGYxVHZXODdZZE9yMFVQYTVoVGd3Q2F1K0NpQmlrRS9US0NncHRHaExzTFB2YXJDWkc1QlN5CjhQWURsZnhVWWQ0SWtESDV1bGZNblR1dDhtaUZIeUZCV2JGelpGeXhSMm43aXRIYU0rbDBEUmo2UkRSU3RPMzAKWmFSeHZKaWl5eEdVUDI2MVNyNVVzNXh1ODBRdlR0NFlURGtMZUU4eDZqSkRES2htZlBGbTBmU2lZeDUxQ0dDNQpNOThRZG90Z1NZS3R3dVRsRmNrYVU2WnJkODZlZkM2M1BnUUF6WmE5ZTFCZWxYRnp5VU5EbVJSRlBxVFYyMlJ0Cm4yTkN2L2toQWdNQkFBRUNnZ0VBTjhKbUo0a21YeDBycWIrRk80dlBDTHJleGpLMTZ5OGNPNG5TUjBKd3BXTkkKTUxTSkpVc291dlRtRWp2UlVNTDB6NGVWdldGMm5PekRMWDdmdHBqL1psQzdnalNubXhWTzJUQ2w0Q2xKY3hKTApZcityakJ5c1pFbUdWM1J2bGRqR29saE1tU1I3eFR6bmthTlMwaVFLeTE1cXpQY25DakI5OUNQQjhWWE84NkFFClJJOEROT3dBQUVndVg1OEFIdDJnL3NONkJid3VpckJRRDhKa3A1b05hcSt2czRXQXI2WCtIdXh0VThXcDlBTlYKZW15REM0T2tyV0p6MzJ1UzF6YzNucVZ3UkkxVEdKMzBNK01td20rc3VybS9kVUlTOWd0YUgxK05Zd3kyR05TUAo1VnJaN2xQTW91UEt3RWJlWDBwaGt3U0o1UG9qYUpsZlBBVUt6RmRTV3dLQmdRRE4zQXlwbStNRDYwdXNqcmpZCnFZMEpmVTlsZUU1UlhYS3pjaWJxWXdXWUI0RW9jUS9JNVYvMENMQU5OMXlFR2hUUllrUzlGK0h1QUJlM0NOT24KU0hCVE5TSnp6NmluNGYvMVF4emFQdHpLSkYzYXN1RjdDUXg1K3hQYVp0ZVczV3hzMjBEU3ZrOGtlZGIyV1JWQgoybldGNkE1SUVRZlVFcGgvYXh6L0hJSmp2d0tCZ1FEQ0psYVdOM2NrclQzWG55WVgvWS9Rd0Y5eWhGTitsQlY0Cmw3V3JScWZ4RlkzRmVCeFl5L1M1UWY2MktCaTFWZExrQmFnNlFlRDYwVGxaQmQ5bmpvOFd1OVR6OFNwWHpFTEoKcWgvNjdqMStLY2FzKzlJZGs4S25RdytaZ1BsNVlHR0s3RXNvL1VQTDNyNEZBYU43NE5OcWNGYUFzd1RWZ3lmYwpHN0JtZHI5Ykh3S0JnUUNSd3JHa2xxQlRjaE9QQnkrVEdkcW5VWGNhWGVqMmE3aC9udUEzTGc0VDY1eGtTa25tCjhhTFRaQ05qK0VNbHRtSHZNQ21EeXBsS3IvNGF0OEZGdldEclNjQXZTR1lmR1VMbklySVhSbE9IUGVER3JjcEMKRjlJaHZNbjk1cnZZTXNoRys2Z1drSEh4WGVQN1luQk94S1JhUUVsOGRiS1pVdUZ2dHlRODdxN1VlUUtCZ0ZwaAptSnR6bEs1cFM4bk9GK0RCTktzY2N4S1BrWUx5a3hCQnA5dmxGNWQrempIb1dXSHBDTE1aaXVibndhRGhKRHpzCmVVVXRsL3VMWE9RWmZNZnJzS2NIcC9vc0FlYy9lclFBMDhSd0ZnWmVrbFBESXl5THRlbEJxY2h2SnpRZTd5bksKR0s4clA5MXZnd3czbUJDNk9CRnIzSWtyVFl2TDg4bGV4bjdjdHZaSEFvR0FCbUhJVitadnUvZkk1VGc0WUJDdQpYQk5SeFU0ekdjNFZZTFVpUkdNMXhMQkw1Uyt1dEcxNHpnQ3YrbUZQdHF3ZXR6KzBOUzRtNW9Xakk3UEJlYVNrCnB4YVpJTGNNUFNJN1ZOWVZPdFl6UDNDRUJreGdwMGRxM0lBS014V2JaeTl3TFd2dUs5VHZnaXNQd29FeEhiUmEKK3hxbzFielBxUDljdGxQZlhyVXBhR1E9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + v3_ca + 0 + + + + 661bb4ae115fd + Web GUI TLS certificate + LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVU2s5MUNyaUlZUkw5a2QzWmV6aXdnYk9PaURNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5EQTBNVFF4TURRNU1UbGFGdzB5TlRBMU1UWXhNRFE1TVRsYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURSd3VjR24wWnM3a0xkWmNZY1J4aFhYSkV4UDh0RkdZZ0RNMExhVHVVTmZrUmVEakVGCmhGSjl3NkdJODFBQ1k5bHBKVkk4NTFqNzNUQ1h0UDVsM0w4WFEzaS8xMjUyOGV2ZldoenZKclhVejkyYlFXb2MKUEl0bHdPVW1rL0VubzZVN1cwVFBsRFNla3NQY3JHUUd5V1Vxd3E3UUg5OXE5SGMrT29BaUdQME82bXZNU0FMKwpEbVFMci9iNGhtek5mQVE2c1RsbkFVa3BBb3lla1ZYMlo1RDVmNWEwUHRvZmtLM3JPY3RJNXcxbldFeWFpSzVKCnBFOWFvbmJXbGUrdDFJNG5tTEx6Mnc1eUNBTHpORTNGejhiMTgvTGVaUHFNb043MXNQUEMrQ0tYTUw2U05YRUcKc0NES0toWExGSEVjVXhYVVVRU21LNlNuU3NMdlI2L285ZUZpVU15bXhwbWgrWW81b05DUWZZZnQ3TlJub2FHVAo2V0t6K1ZzbVhkV3pHTWVqazJxV0lYcnJjSmJvVWE2WFd0VzFKQXY1c3l0R0xFNHRVenkwWWtuKytvMDNJRTJGCjcrNWNnR2F4Skpad1VPdHkzZjhmZGY2QUllN0NKanBMS0NWMEZZVGpMRmgxd203L3REWEFKRDlqbjRMQjFDaEUKeTV3VW5NRVJwYmNQSWdjeFEzejMzU0UvQlhsb0RvTjZuckI0ME9UYWdFc3BZUmJ2ZDlRYnYvQ3Z5WGZRakMxUwowTmJJczg1T21iRFBSWFlGRmQ0NmY1ZmlhQTV1L3BWNTlBVFdrL2JFUU03a3lNTXhmR0UwNzZibVZaRGJIblNiCnlOMm51Q2VIc2x5eS9hc05oMjlFTkVhWDA1d1JVNTlIOE9QSXRIeVdFQVNqNUtzQnVwRGhkV2YxQndJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkhjd3RyaWxLM01MV3hkSTlsTkZyMmVLeUhOSk1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVVNrOTEKQ3JpSVlSTDlrZDNaZXppd2diT09pRE13SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVZQYUdsdElFWXNOU1diT2M5bzdid2tlUk85NWNLSUdnMFU5WEZRN2IKTGRsZ0YrWUwxRnJPZUQycnQ1QTh4bWVqR3dOMGttUDI2RHpOL2xyMHBOOE9Vc1RqSEFLbkhucmJPWWFIM0dKNgoxZUdDdkpaS0pzZjNoS0x2cGoreWxrT0kzMllTdnpiZXF2NVJqdXJtSStZcTlMVE9sMlBudGh4QjNSeVMraGsxClU3STdROER3NWNwdHYxK2tUSm1nWkFXSmptMWE2UDR0d3VKcXRCRHduSk9FZWtpRFB4RTN2SG00UkxaTXlYeHQKRnREYi9JWFh2QnA2RHBxVWNwaXZTZEtTanlhOEllaUFzZm9zdlVvams2VW8yZ3VSUUwvNlVNREtSVXhTMnZxTQpSdk16WEcyazhhcEN2VCtmbUNuZTFwWlZpYmZJd2V0QjhLNDRWb2RVWkltUDJPNGdGN244UlY0YUc4ZUFQS2JQCmlPWmhZcGJxeE1hdmVKM3oxV2VJWDQvSlVuU3dxVnJRTWhZZ1B3Z3NxeW1SaUdFbmVocVNKU3Q3czFUN2VZVHQKREVCQnBUUTRLd1VadUVlVnNldWlGTE03TDN6Tng3OHhhWEN5UHdvR0phSFF6dUlEc3pqU2J1bXJ4SFVsNmx2QQppcWRJWU5Mdnd1cy9leUtLYzBET3dIVHptMTBDUXZCeTZXVXZ2RTBtZDhPVCt3TzExRnl2TmZ0dzYyM3hDbG9iClVsS1cxekNueHpyc3dvQWhVbUFrbHlkNUYzWW8rMS9VdTZGODFoL0lsYmdCTjlHTTBNcCt2QnBBR0d2OVJJc2QKaDI2aStiU0EzUDQ0dk5tNXVWTnZHZ004RktNNkJxR0Mrcm0rdVhxdWF6NlFLdjduWFBnS2NBeXY4SUh0VkxybApwa0E9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRRFJ3dWNHbjBaczdrTGQKWmNZY1J4aFhYSkV4UDh0RkdZZ0RNMExhVHVVTmZrUmVEakVGaEZKOXc2R0k4MUFDWTlscEpWSTg1MWo3M1RDWAp0UDVsM0w4WFEzaS8xMjUyOGV2ZldoenZKclhVejkyYlFXb2NQSXRsd09VbWsvRW5vNlU3VzBUUGxEU2Vrc1BjCnJHUUd5V1Vxd3E3UUg5OXE5SGMrT29BaUdQME82bXZNU0FMK0RtUUxyL2I0aG16TmZBUTZzVGxuQVVrcEFveWUKa1ZYMlo1RDVmNWEwUHRvZmtLM3JPY3RJNXcxbldFeWFpSzVKcEU5YW9uYldsZSt0MUk0bm1MTHoydzV5Q0FMegpORTNGejhiMTgvTGVaUHFNb043MXNQUEMrQ0tYTUw2U05YRUdzQ0RLS2hYTEZIRWNVeFhVVVFTbUs2U25Tc0x2ClI2L285ZUZpVU15bXhwbWgrWW81b05DUWZZZnQ3TlJub2FHVDZXS3orVnNtWGRXekdNZWprMnFXSVhycmNKYm8KVWE2WFd0VzFKQXY1c3l0R0xFNHRVenkwWWtuKytvMDNJRTJGNys1Y2dHYXhKSlp3VU90eTNmOGZkZjZBSWU3QwpKanBMS0NWMEZZVGpMRmgxd203L3REWEFKRDlqbjRMQjFDaEV5NXdVbk1FUnBiY1BJZ2N4UTN6MzNTRS9CWGxvCkRvTjZuckI0ME9UYWdFc3BZUmJ2ZDlRYnYvQ3Z5WGZRakMxUzBOYklzODVPbWJEUFJYWUZGZDQ2ZjVmaWFBNXUKL3BWNTlBVFdrL2JFUU03a3lNTXhmR0UwNzZibVZaRGJIblNieU4ybnVDZUhzbHl5L2FzTmgyOUVORWFYMDV3UgpVNTlIOE9QSXRIeVdFQVNqNUtzQnVwRGhkV2YxQndJREFRQUJBb0lDQUFxeWRxZFM5N3VndWtrM0lrOXVpQkpyCklUNW40MGUwQWNpRC96ZEozd3JTbmMyY0gxVGUzQ1FYYTIvNVZJMjMrNE9PQ0lVY1ErQ2RvRUpFVTlXWEF5bSsKWWtuZm1kTU5ZRkF2ZE1WS0dKWWJQdnU4R01ZSzNRMnZOTXNaci8vV1ZuRlIrZzdmU2RXdEQyUlJhRTBqb25uMwo4VmxNeVhuWFcyaThMQUpSSlpWSCt0VUdvUnh3QXhzZUpLbFBsYWMwV1YrSU5UQ3pFMERqcFRuYTdlTFhMT3RaCnN6SksrRU1KZjZKbmUvTk0rOVVzTkJxTXVOMVVPS0J3ZU90VmtjMEZjaUJ1ZkVYTkF6aStmdGxaN3FqQUFWbisKcGF2cmJnN281S1hyN3hVZmVWMXplaGNwRERRTDhiTE5vRXlQSk5Eakl5Y0U0TE5SWU1xNm1IbFh2YmxTMGcrMwo3SUZ6Wko4dVMwZHhHcDAxaVF1anRCWW5aWEdsZnhiS2hleWVqSkIyb0I0VDhkbXN5dWprUzVOOXppdmpzUFBjCjI3Rm5VYSs2ejRZZ3ZVNWJveVZzVXRaUmw5QWg4dU5WZ1lMUlFWS3h6ZTd0N3hpUWs4eEZoLzN2NVVubXBxeVoKTWtKcVM2VW01dmRZRldJVnZHN2RlZU0xQjA4VG83M3ExcndncEZJTG95ditDa0d2VFNiUDlMU0N6blNjT2tMaAp0VUorMEpITGx4Q2FQUDlEUnVQWTJvSmFISnhvc3BRZlJ0RUMxbVZoYVBkcGlZazFuMnR2R0dLbUJyNUhFY0xkCmRmVXNobXgrNUV0VUlVa1g2dzdidEdRY0tIV1A0L0lZRzZjNEJzWncvUXA3eTNrWStpR3JNSThDYmNRcmI4dWIKWXpES1FzWloxdGM4d0N3RmRTTXBBb0lCQVFEODFxSkcwYUsyQzFRTEhCS0NhYnhmRmRjeFVEVmxVVVZOcnI0dgo3L3NVTHFLaW5rQTJnWjdjMXdHS3dId0VlYnpiMmdGMFdxbEd2QzRmQzBZSHVSSWpvYktzaVF3cDFSMHJWcFJkCnNrMjVqWUxITXJRREFvQmtGOTlnVVNuS25ocGI0ZkQ2NTlyNk0rY0lkQkZwUkdSSEZnTE9FRmVUWCs2Mm1GTlAKU0RKTFBmOWFCd215ckpseitQSlByT0h0NUZPZWpoZjJ3RGFyVmNvMmtkVkVacFJ2dGl2UUowdXJLbkFIVS8rUAovczgrYkxDbkRYcFdHUGphMTh4L0JUTFdUSlg5OXhicXYwdzNtb3NTTWxUQ0Faa0k0bTdSNUNtWGRLZzZ4TGxlClZFZE1PQVlCYlhST1l5aGlLc2d0M3JuK003VExxcDFSLzhhNEN6MEEySXZDV0g0cEFvSUJBUURVWWwrb1NHRisKTmRzenU3R2J6ODhFb1pWS2pFdG8xU1FsV0JhWHZZZXJzMXp0eW5ac0gyZWdMN0xLSHpkUmk3WVF6R3VaZkhFWQpwQjNtSzl1SXpndUJsVy9kb0pLY0NGTEZRRXJ1aURqNUx5N1lUbUVpTXFNU2YwbHI5S2syKzF6enZ3a3VTRERpCkZnZXpiS1dlZFo4YnM4bms3UHhuRC9rRkVURkg2TDFjWVVmN0w4TlV0aURrNDVyRU55UCthYThwdVVMSHo2ankKbFUzMHJnV084Zk03d1JEbjNZdDRiS3QxN3NDaDJZSHBuMFR5ZlZzYkQySDVSN1hCcGtuMjY1MllsQXhIalJLegp5L2FyTVVWNW13ZVFPSWRsM0lxR0tnWVBiTDBSUU9hU3FKKzR0N1oxZHZtOWIxUjhHMkRVWHU3Q045Ryt6amRZCmhtaXpMWTcxWk4rdkFvSUJBRitia2ZXUnBDT09tUk15WkZWb1FsRDZZMHRFZDB4K3RPUXhKYjNlMDJUSVZidUUKZCtla2tEd1dHWUVzVkRrbEI2TmpCcFhIQ3FleTFRWHNMMmtRTktuQXBWM1UzUUtja2RFbmhpY0FHNkFFd09VdQphUitTUEphYzZGejFsQVlJVHhOYmx0SnFCa1lDaG1TTjcxK00reFplWG1VcGpOUXZ2SWJUaHYwOTRiYk9GTmNvClBpU1FXOTZjenBRT1hjaWxSSEY2YmRsaXljbDBRV2p0TUdZVEhDSTZFc3M5Y01HaTVJWUEzMnpGLy93dEFZZkoKOHU3SHRxS2FZN3ZNYlhMWHR3ZzMvVFI3YmdqQXFjSVJ3amN5ZjNuNmxjbE1xK1dYdVYydnNpRFhZYmFTb01LOQpidk9OVDJIL3AzNmc4RmdObVZwQ2hBYlQzNE1Nek42YkJBNVRoREVDZ2dFQkFMaG1xWE50Vk9qR1RncCszdGpQCjk0aW4ydjJkRGlSNVd5YnBjc1JSRlNqcFZMaEozOFJGQ0M0Mis5OHVkMU5nSUxZNUp2dGU1cnRrVTJsemp1c2IKS3paWno0VDRWQk1SenZ2Z3RLNmlyQVQvQ0lkYWxrK2c4Nkd0enN2aTQ4RVBRa2VJQ0txY2w0VFZaOTVMYVFsSwpTdGs4b3dFWEdwZEpjUWNMUkdTUkdVaktWanNyMzBiLzAxT29vc25Xcm5QSXd3TlJEVUI3ZHM4WS8xU0FlK2IvCkFCZFRyQ0FGWllFcnFUdCtEdGI0Q1NvVTFVSk53UHFmd29zenpnWFRJY2s0RGQ5YU84Y3NINTdvYXNWOHhEdXYKZFVPdE1USXA2RVJRM0c0c0ZZU1RleDYvTmQ2bDg4L05lMDBWQ3ArdkRjV1duMnNXR0JDNDc2ajNHcFRuNjRYNQpEWlVDZ2dFQVRnYkRFUXl6V0NVRkJtSWFheUkrUFgydDNLNS91Tzl4blZxa1ZTUkdqT1NmckNaaHRLbkhNOHZqCm9TZy9MOWg5RFBXQnh4czI4TTkvUXdxb0RFQ2FnVDRMVEdOZEwrNm5oeHFIQzA4MVlNZk5sZjBaS3BtRDIwdW8KTDFzRnQxbll3RG9QVi9jZ2R0QkxGWkhGWFR5V0J0ZlZWbEh5UzBjbmp0a05hRmphZGVoN2JjeGRhM3d3Z2NDdAorL0dtMXU5OXRDbTA5aktMUmpVMmVDNmFBaGFrNjg0cjBsQWtDeGlHL3ljOVFGNGlYZzJXSmo2NUhYaC9OdGhSCk9vM2JhZ09jWExBSnFEd2J0eE02ZC95VllsaTc4a0NRL0xnOE5PTllkUjVleTU2eFdzWjZ5MVA0eCtUMmlzRk0KTVZUL0tHNERmYm13V2Vxb1NaNTh2eU51VXY0Vlp3PT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo= + + + +