rebellion Increase UFS read-ahead speeds to match the state of hard drives and NCQ. vfs.read_max default Set the ephemeral port range to be lower. net.inet.ip.portrange.first default Drop packets to closed TCP ports without returning a RST net.inet.tcp.blackhole default Do not send ICMP port unreachable messages for closed UDP ports net.inet.udp.blackhole default Randomize the ID field in IP packets net.inet.ip.random_id default Source routing is another way for an attacker to try to reach non-routable addresses behind your box. It can also be used to probe for information about your internal networks. These functions come enabled as part of the standard FreeBSD core system. net.inet.ip.sourceroute default Source routing is another way for an attacker to try to reach non-routable addresses behind your box. It can also be used to probe for information about your internal networks. These functions come enabled as part of the standard FreeBSD core system. net.inet.ip.accept_sourceroute default This option turns off the logging of redirect packets because there is no limit and this could fill up your logs consuming your whole hard drive. net.inet.icmp.log_redirect default Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway) net.inet.tcp.drop_synfin default Enable sending IPv6 redirects net.inet6.ip6.redirect default Enable privacy settings for IPv6 (RFC 4941) net.inet6.ip6.use_tempaddr default Prefer privacy addresses and use them over the normal addresses net.inet6.ip6.prefer_tempaddr default Generate SYN cookies for outbound SYN-ACK packets net.inet.tcp.syncookies default Maximum incoming/outgoing TCP datagram size (receive) net.inet.tcp.recvspace default Maximum incoming/outgoing TCP datagram size (send) net.inet.tcp.sendspace default Do not delay ACK to try and piggyback it onto a data packet net.inet.tcp.delayed_ack default Maximum outgoing UDP datagram size net.inet.udp.maxdgram default Handling of non-IP packets which are not passed to pfil (see if_bridge(4)) net.link.bridge.pfil_onlyip default Set to 1 to additionally filter on the physical interface for locally destined packets net.link.bridge.pfil_local_phys default Set to 0 to disable filtering on the incoming and outgoing member interfaces. net.link.bridge.pfil_member default Set to 1 to enable filtering on the bridge interface net.link.bridge.pfil_bridge default Allow unprivileged access to tap(4) device nodes net.link.tap.user_open default Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid()) kern.randompid default Disable CTRL+ALT+Delete reboot from keyboard. hw.syscons.kbd_reboot default Enable TCP extended debugging net.inet.tcp.log_debug default Set ICMP Limits net.inet.icmp.icmplim default TCP Offload Engine net.inet.tcp.tso default UDP Checksums net.inet.udp.checksum default Maximum socket buffer size kern.ipc.maxsockbuf default Page Table Isolation (Meltdown mitigation, requires reboot.) vm.pmap.pti default Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation) hw.ibrs_disable default Hide processes running as other groups security.bsd.see_other_gids default Hide processes running as other users security.bsd.see_other_uids default Enable/disable sending of ICMP redirects in response to IP packets for which a better, and for the sender directly reachable, route and next hop is known. net.inet.ip.redirect default Redirect attacks are the purposeful mass-issuing of ICMP type 5 packets. In a normal network, redirects to the end stations should not be required. This option enables the NIC to drop all inbound ICMP redirect packets without returning a response. net.inet.icmp.drop_redirect 1 Maximum outgoing UDP datagram size net.local.dgram.maxdgram default normal OPNsense lan admins System Administrators system 1999 0 2000 page-all root System Administrator system admins $2y$11$iPjVjQ6qeXicKxg54K5NTO3R8xmMcJLmyc7C5WVxSc9Ve.1Ddxyme 0 $2y$11$iZJkQAOm.8cwWzGkTWCYGOE3MYK1I4l2KqrHhaD8OShs3NJ/J/yc6 user waylon Waylon Walker waylon@waylonwalker.com 2000 aE3Pbp40Qi1xUbE4aBepKKywGc3Emq1bKW8afvzCwBW+KGy+2hvE5TZWS7H20tgA+icvgodt5t5vSGok $6$$IPl5k7jG1izlt4xJRZwD/2pwGig9atr6yhgtrZfTA0JUwjQFGuQrBNIABrzuRWK1myfapN1C8T9wgHBqKMJYb. 2001 2000 Etc/UTC 0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org https

661bb4ae115fd

yes 1 1 1 1 1 1 hadp hadp hadp monthly 1 1 admins 1 enabled 1 1 -1 -1 os-git-backup,os-theme-rebellion en_US none none none none none none none none 115200 video 1 ssh://github.com/waylonwalker/opnsense.git main -----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW QyNTUxOQAAACC0UzxgWWw2Uo3qppmxk652WtO8V4g++nxBsOKft0Ms1QAAAJhepAAtXqQA LQAAAAtzc2gtZWQyNTUxOQAAACC0UzxgWWw2Uo3qppmxk652WtO8V4g++nxBsOKft0Ms1Q AAAEAvlL9FtOFhRh91VV3/8ni0M8knsYAcBtjgBF5zeuj/0bRTPGBZbDZSjeqmmbGTrnZa 07xXiD76fEGw4p+3QyzVAAAAEXdheWxvbkByYXpvcmNyZXN0AQIDBA== -----END OPENSSH PRIVATE KEY----- git igc1 1 1 1 1 dhcp

SavedCfg dhcp6

igc0 1 1 192.168.1.1 24 track6

wan

1 Loopback 1 lo0 127.0.0.1 ::1 8 128 none 1 tailscale0 tailscale 1 1 1 hmac-md5 192.168.1.106 netboot.xyz.efi 1 192.168.1.106 netboot.xyz.kpxe netboot.xyz.efi netboot.xyz.efi 192.168.1.10 192.168.1.245 a8:a1:59:2b:04:68 192.168.1.100 razorcrest Waylon's Desktop 38:60:77:37:b1:42 192.168.1.106 falcon-FX6860 1 08:9e:08:f7:61:90 192.168.1.107 9c:8e:cd:3d:7d:17 Office-Camera 192.168.1.108 AMC091A453B0598297 Office Amcrest Camera d8:9c:67:94:f3:47 192.168.1.132 wyatt-HP-Pavilion-Gaming-Desktop-690-00xx 9c:8e:cd:3d:89:58 192.168.1.159 AMC091CB203950F639 driveway amcrest camera 9c:8e:cd:3d:87:f1 192.168.1.160 AMC091C68497D0A541 front door amcrest camera 9c:8e:cd:3d:90:ca Anns-Corner 192.168.1.161 AMC091E3BB673A9616 Anns Corner Amcrest Camera f6:b0:2c:bd:7f:5b 192.168.1.168 falcon2 falcon2 7050 mt server falcon2.lan 52:54:00:9d:d6:40 192.168.1.169 k3s-p1 k3s-p1 vm k3s-p1 52:54:00:10:56:ec 192.168.1.170 lb-p1 lb-p1 vm lb-p1.lan 52:54:00:19:f9:e8 192.168.1.171 nfs-p1 nfs-p1 vm public hybrid pass inet Default allow LAN to any rule lan lan pass inet6 Default allow LAN IPv6 to any rule lan lan ICMP icmp ICMP TCP tcp Generic TCP HTTP http Generic HTTP / 200 HTTPS https Generic HTTPS / 200 SMTP send Generic SMTP 220 * 0.opnsense.pool.ntp.org system_information-container:00000000-col3:show,services_status-container:00000001-col4:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show,log-container:00000004-col4:show,thermal_sensors-container:00000005-col4:show,traffic_graphs-container:00000006-col4:show,carp_status-container:00000007-col4:show 2 root@192.168.1.100 /diag_backup.php made changes 1733494584.0934 1 53 1 transparent 1 1 0 0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10 allow 1 0 atf,bla0,blf,blm,blp,blp1,blr,blr0,bls,pa,pt itch.io

0 1 dot 1.1.1.1 853 cloudflare-dns.com 1 dot 1.0.0.1 853 cloudflare-dns.com 1 dot 2606:4700:4700::1111 853 cloudflare-dns.com 1 dot 2606:4700:4700::1001 853 cloudflare-dns.com 0 registry wayl.one A 192.168.1.106 registry-direct 0 my home A 192.168.1.106 0 home localdomain A 192.168.1.106 0 test localdomain A 192.168.1.106 0 office wayl.one A 192.168.1.108 0 wyatt lan A 192.168.1.132 0 jellyfin wayl.one A 192.168.1.106 0 jellyfin lan A 192.168.1.106 0 prometheus wayl.one A 192.168.1.106 prometheus-direct 0 whoami wayl.one A 192.168.1.106 frigate-direct 0 localfrigate wayl.one A 192.168.1.106 frigate-direct 0 f wayl.one A 192.168.1.106 frigate-direct 0 t wayl.one A 192.168.1.106 traefik-direct 0 traefik wayl.one A 192.168.1.106 traefik-direct 0 argocd wayl.one A 192.168.1.106 argocd-direct 0 argocd wayl.one A 192.168.1.106 argocd-direct 0 argo-workflows wayl.one A 192.168.1.106 argo-workflows-direct 0 registry-ui wayl.one A 192.168.1.106 registry-ui-direct 1 speed wayl.one A 192.168.1.169 speed-direct 1 terraria.wayl.one 192.168.1.106 0 0 jellyfin.lan 192.168.1.106 0 0 4000 1 0 0 127.0.0.1 8000 opnsense.uncategorized.rules 1 opnsense.test.rules 1 opnsense.social_media.rules 1 opnsense.messaging.rules 1 opnsense.media_streaming.rules 1 opnsense.mail.rules 1 opnsense.file_transfer.rules 1 tor.rules 1 threatview_CS_c2.rules 1 emerging-worm.rules 1 emerging-web_specific_apps.rules 1 emerging-web_server.rules 1 emerging-web_client.rules 1 emerging-voip.rules 1 emerging-user_agents.rules 1 emerging-tftp.rules 1 emerging-telnet.rules 1 emerging-sql.rules 1 emerging-snmp.rules 1 emerging-smtp.rules 1 emerging-shellcode.rules 1 emerging-scan.rules 1 emerging-scada.rules 1 emerging-rpc.rules 1 emerging-pop3.rules 1 emerging-policy.rules 1 emerging-phishing.rules 1 emerging-p2p.rules 1 emerging-netbios.rules 1 emerging-mobile_malware.rules 1 emerging-misc.rules 1 emerging-malware.rules 1 emerging-ja3.rules 1 emerging-info.rules 1 emerging-inappropriate.rules 1 emerging-imap.rules 1 emerging-icmp_info.rules 1 emerging-icmp.rules 1 emerging-hunting.rules 1 emerging-games.rules 1 emerging-ftp.rules 1 emerging-exploit_kit.rules 1 emerging-exploit.rules 1 emerging-dos.rules 1 emerging-dns.rules 1 emerging-deleted.rules 1 emerging-current_events.rules 1 emerging-coinminer.rules 1 emerging-chat.rules 1 emerging-attack_response.rules 1 emerging-adware_pup.rules 1 emerging-activex.rules 1 dshield.rules 1 drop.rules 1 compromised.rules 1 ciarmy.rules 1 botcc.portgrouped.rules 1 botcc.rules 1 3coresec.rules 1 abuse.ch.urlhaus.rules 1 abuse.ch.threatfox.rules 1 abuse.ch.sslipblacklist.rules 1 abuse.ch.sslblacklist.rules 1 abuse.ch.feodotracker.rules 1 1 1 1 wan 192.168.0.0/16,10.0.0.0/8,172.16.0.0/12 624e940a-0a93-4f9c-88c2-a343c9828dbc W0D23 4 hs 1 0 0 0 entrance-cam aFlcQ76AD1ioKKdrW72vFLpQfcZVyADcCUQObC3CLRI= 4GEAVqthEzF97LpZxmsWl4M9DJhpr+JZjAI2JbXmmVM= 10.0.0.0/24,192.168.1.1/24,0.0.0.0/0,::/0 10.0.0.15 51820 0 kitchen-cam +Rg1jvykOkrlVAntpjwyOHS4H86cGZK5/jz43hlGuFs= L8RO9fvOsNWr5Sk+HAO1v3Ekww3rF6D2OvsuOkFvMok= 0.0.0.0/0,::/0 10.0.0.30 51820 0 entrance-camera 0 aFlcQ76AD1ioKKdrW72vFLpQfcZVyADcCUQObC3CLRI= 4GEAVqthEzF97LpZxmsWl4M9DJhpr+JZjAI2JbXmmVM= 51820 0 77d56a59-51c9-4c2e-9519-8fcaa4a6ec69,2f8fb9b4-1af3-4dbf-b20d-b43238b1ce6d 192.168.1.1:51820 0 0 GOOGLE_HOME_NETWORK network 0 10.0.0.0/24 Google Home Wifi Network 1 test host 192.168.1.168 test from python 1 1 31 0 WAN_GW WAN Gateway wan inet 1 1 255 1 0 GOOGLE_HOME_GW Google Home Wifi lan inet 192.168.1.107 0 0 1 0 0 255 1 IDS 1 0 0 * * * root ids update ids rule updates 0 120 120 127.0.0.1 25 0 auto 1 0 root OcGut1BQhu5R73uEHM2 2812 5 1 0 root@localhost.local 0 1 $HOST system 300 30

f9e81280-2dd6-495a-b9ee-5b68db054dc8,b5a47d22-0b91-414c-a127-a13f133ba9b7,7f0100bb-5580-4858-acda-5140cce9cb9f,9f8709cd-33c9-42e4-ac1f-5ca53ee15241 1 RootFs filesystem / 300 30

455b8b34-a939-4425-b059-7b2f0036bb94 0 carp_status_change custom /usr/local/opnsense/scripts/OPNsense/Monit/carp_status 300 30

2810c9cb-1873-4bd4-944a-ee7aeab99ed6 0 gateway_alert custom /usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert 300 30

a3261e02-14b7-4336-aebb-2c028101adb7 Ping NetworkPing failed ping alert NetworkLink NetworkInterface failed link alert NetworkSaturation NetworkInterface saturation is greater than 75% alert MemoryUsage SystemResource memory usage is greater than 75% alert CPUUsage SystemResource cpu usage is greater than 75% alert LoadAvg1 SystemResource loadavg (1min) is greater than 8 alert LoadAvg5 SystemResource loadavg (5min) is greater than 6 alert LoadAvg15 SystemResource loadavg (15min) is greater than 4 alert SpaceUsage SpaceUsage space usage is greater than 75% alert ChangedStatus ProgramStatus changed status alert NonZeroStatus ProgramStatus status != 0 alert v9 0 1800 15 10.0.0.0/24 GOOGLE_HOME_GW Google Home Wifi Gateway 0 6751e71aed27c cert1 LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURYekNDQWtlZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFqTVFzd0NRWURWUVFHRXdKQlJERVUKTUJJR0ExVUVBd3dMYVc1MFpYSnVZV3d0WTJFd0hoY05NalF4TWpBMU1UYzBOekEzV2hjTk1qY3dNekV3TVRjMApOekEzV2pBak1Rc3dDUVlEVlFRR0V3SkJSREVVTUJJR0ExVUVBd3dMYVc1MFpYSnVZV3d0WTJFd2dnRWlNQTBHCkNTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDY0g1WGpJUm1uNnhNbnpzV1JzRU9DaHpYWmgwbkQKcTh5d3FEdWtIVE44RTFVTmJ1clVUZFF5czFOV1FTWEhHTm1Xc05BSTZuMzNtcmtvVk14QmtLQ01zbHhmMVR2Vwo4N1lkT3IwVVBhNWhUZ3dDYXUrQ2lCaWtFL1RLQ2dwdEdoTHNMUHZhckNaRzVCU3k4UFlEbGZ4VVlkNElrREg1CnVsZk1uVHV0OG1pRkh5RkJXYkZ6WkZ5eFIybjdpdEhhTStsMERSajZSRFJTdE8zMFphUnh2SmlpeXhHVVAyNjEKU3I1VXM1eHU4MFF2VHQ0WVREa0xlRTh4NmpKRERLaG1mUEZtMGZTaVl4NTFDR0M1TTk4UWRvdGdTWUt0d3VUbApGY2thVTZacmQ4NmVmQzYzUGdRQXpaYTllMUJlbFhGenlVTkRtUlJGUHFUVjIyUnRuMk5Ddi9raEFnTUJBQUdqCmdaMHdnWm93TndZSllJWklBWWI0UWdFTkJDb1dLRTlRVG5ObGJuTmxJRWRsYm1WeVlYUmxaQ0JEWlhKMGFXWnAKWTJGMFpTQkJkWFJvYjNKcGRIa3dIUVlEVlIwT0JCWUVGUERnWHdHMjZ3M2QwQ1d1Q2JQWlpxVDVRZlRDTUI4RwpBMVVkSXdRWU1CYUFGUERnWHdHMjZ3M2QwQ1d1Q2JQWlpxVDVRZlRDTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3CkRnWURWUjBQQVFIL0JBUURBZ0dHTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCOWhKWjJYSGx4R2tHV1BWZGMKSi9ROG1LZ1JZclNzWFZDVEdmNVZLbDFOWG8yVk9CTWtYODNCdlphR0dPa0NOcGQwdTdXWkx0Skkya1cxcmNYcApWVFlQdlZnTC9PdGw3NUIySFo3L282NzRzYzY5aGt1RDlYdUlYc2srMVVWV1pES3BNVFpROGg2T0hZbmF5eVpmClhpNDFCRisreVJLbWtFZzV6YjlRQXR4WGVLeGdORG9TMWovYXE2a3dHdjdJTksyWGFNam50QlJXNW4vU3QwT28KRmtqZzlQUFo3cDk0UjZEa2JxMGFScDl3ektVUUE2NTVDUzI0OUJnWWdBcWlSTFAwc09laDN4bnRjblNwMEN1RApDSm8vMHFSRlhETGg4bG9LQjBvWTI5YlRRWGFydWxObW5uRGlnTmRQbEFrVE1GWVVvT2ltMEszRmtVK2RTME9LCm1kRnoKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQ2NINVhqSVJtbjZ4TW4KenNXUnNFT0NoelhaaDBuRHE4eXdxRHVrSFROOEUxVU5idXJVVGRReXMxTldRU1hIR05tV3NOQUk2bjMzbXJrbwpWTXhCa0tDTXNseGYxVHZXODdZZE9yMFVQYTVoVGd3Q2F1K0NpQmlrRS9US0NncHRHaExzTFB2YXJDWkc1QlN5CjhQWURsZnhVWWQ0SWtESDV1bGZNblR1dDhtaUZIeUZCV2JGelpGeXhSMm43aXRIYU0rbDBEUmo2UkRSU3RPMzAKWmFSeHZKaWl5eEdVUDI2MVNyNVVzNXh1ODBRdlR0NFlURGtMZUU4eDZqSkRES2htZlBGbTBmU2lZeDUxQ0dDNQpNOThRZG90Z1NZS3R3dVRsRmNrYVU2WnJkODZlZkM2M1BnUUF6WmE5ZTFCZWxYRnp5VU5EbVJSRlBxVFYyMlJ0Cm4yTkN2L2toQWdNQkFBRUNnZ0VBTjhKbUo0a21YeDBycWIrRk80dlBDTHJleGpLMTZ5OGNPNG5TUjBKd3BXTkkKTUxTSkpVc291dlRtRWp2UlVNTDB6NGVWdldGMm5PekRMWDdmdHBqL1psQzdnalNubXhWTzJUQ2w0Q2xKY3hKTApZcityakJ5c1pFbUdWM1J2bGRqR29saE1tU1I3eFR6bmthTlMwaVFLeTE1cXpQY25DakI5OUNQQjhWWE84NkFFClJJOEROT3dBQUVndVg1OEFIdDJnL3NONkJid3VpckJRRDhKa3A1b05hcSt2czRXQXI2WCtIdXh0VThXcDlBTlYKZW15REM0T2tyV0p6MzJ1UzF6YzNucVZ3UkkxVEdKMzBNK01td20rc3VybS9kVUlTOWd0YUgxK05Zd3kyR05TUAo1VnJaN2xQTW91UEt3RWJlWDBwaGt3U0o1UG9qYUpsZlBBVUt6RmRTV3dLQmdRRE4zQXlwbStNRDYwdXNqcmpZCnFZMEpmVTlsZUU1UlhYS3pjaWJxWXdXWUI0RW9jUS9JNVYvMENMQU5OMXlFR2hUUllrUzlGK0h1QUJlM0NOT24KU0hCVE5TSnp6NmluNGYvMVF4emFQdHpLSkYzYXN1RjdDUXg1K3hQYVp0ZVczV3hzMjBEU3ZrOGtlZGIyV1JWQgoybldGNkE1SUVRZlVFcGgvYXh6L0hJSmp2d0tCZ1FEQ0psYVdOM2NrclQzWG55WVgvWS9Rd0Y5eWhGTitsQlY0Cmw3V3JScWZ4RlkzRmVCeFl5L1M1UWY2MktCaTFWZExrQmFnNlFlRDYwVGxaQmQ5bmpvOFd1OVR6OFNwWHpFTEoKcWgvNjdqMStLY2FzKzlJZGs4S25RdytaZ1BsNVlHR0s3RXNvL1VQTDNyNEZBYU43NE5OcWNGYUFzd1RWZ3lmYwpHN0JtZHI5Ykh3S0JnUUNSd3JHa2xxQlRjaE9QQnkrVEdkcW5VWGNhWGVqMmE3aC9udUEzTGc0VDY1eGtTa25tCjhhTFRaQ05qK0VNbHRtSHZNQ21EeXBsS3IvNGF0OEZGdldEclNjQXZTR1lmR1VMbklySVhSbE9IUGVER3JjcEMKRjlJaHZNbjk1cnZZTXNoRys2Z1drSEh4WGVQN1luQk94S1JhUUVsOGRiS1pVdUZ2dHlRODdxN1VlUUtCZ0ZwaAptSnR6bEs1cFM4bk9GK0RCTktzY2N4S1BrWUx5a3hCQnA5dmxGNWQrempIb1dXSHBDTE1aaXVibndhRGhKRHpzCmVVVXRsL3VMWE9RWmZNZnJzS2NIcC9vc0FlYy9lclFBMDhSd0ZnWmVrbFBESXl5THRlbEJxY2h2SnpRZTd5bksKR0s4clA5MXZnd3czbUJDNk9CRnIzSWtyVFl2TDg4bGV4bjdjdHZaSEFvR0FCbUhJVitadnUvZkk1VGc0WUJDdQpYQk5SeFU0ekdjNFZZTFVpUkdNMXhMQkw1Uyt1dEcxNHpnQ3YrbUZQdHF3ZXR6KzBOUzRtNW9Xakk3UEJlYVNrCnB4YVpJTGNNUFNJN1ZOWVZPdFl6UDNDRUJreGdwMGRxM0lBS014V2JaeTl3TFd2dUs5VHZnaXNQd29FeEhiUmEKK3hxbzFielBxUDljdGxQZlhyVXBhR1E9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K v3_ca 0 661bb4ae115fd Web GUI TLS certificate LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVU2s5MUNyaUlZUkw5a2QzWmV6aXdnYk9PaURNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5EQTBNVFF4TURRNU1UbGFGdzB5TlRBMU1UWXhNRFE1TVRsYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURSd3VjR24wWnM3a0xkWmNZY1J4aFhYSkV4UDh0RkdZZ0RNMExhVHVVTmZrUmVEakVGCmhGSjl3NkdJODFBQ1k5bHBKVkk4NTFqNzNUQ1h0UDVsM0w4WFEzaS8xMjUyOGV2ZldoenZKclhVejkyYlFXb2MKUEl0bHdPVW1rL0VubzZVN1cwVFBsRFNla3NQY3JHUUd5V1Vxd3E3UUg5OXE5SGMrT29BaUdQME82bXZNU0FMKwpEbVFMci9iNGhtek5mQVE2c1RsbkFVa3BBb3lla1ZYMlo1RDVmNWEwUHRvZmtLM3JPY3RJNXcxbldFeWFpSzVKCnBFOWFvbmJXbGUrdDFJNG5tTEx6Mnc1eUNBTHpORTNGejhiMTgvTGVaUHFNb043MXNQUEMrQ0tYTUw2U05YRUcKc0NES0toWExGSEVjVXhYVVVRU21LNlNuU3NMdlI2L285ZUZpVU15bXhwbWgrWW81b05DUWZZZnQ3TlJub2FHVAo2V0t6K1ZzbVhkV3pHTWVqazJxV0lYcnJjSmJvVWE2WFd0VzFKQXY1c3l0R0xFNHRVenkwWWtuKytvMDNJRTJGCjcrNWNnR2F4Skpad1VPdHkzZjhmZGY2QUllN0NKanBMS0NWMEZZVGpMRmgxd203L3REWEFKRDlqbjRMQjFDaEUKeTV3VW5NRVJwYmNQSWdjeFEzejMzU0UvQlhsb0RvTjZuckI0ME9UYWdFc3BZUmJ2ZDlRYnYvQ3Z5WGZRakMxUwowTmJJczg1T21iRFBSWFlGRmQ0NmY1ZmlhQTV1L3BWNTlBVFdrL2JFUU03a3lNTXhmR0UwNzZibVZaRGJIblNiCnlOMm51Q2VIc2x5eS9hc05oMjlFTkVhWDA1d1JVNTlIOE9QSXRIeVdFQVNqNUtzQnVwRGhkV2YxQndJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkhjd3RyaWxLM01MV3hkSTlsTkZyMmVLeUhOSk1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVVNrOTEKQ3JpSVlSTDlrZDNaZXppd2diT09pRE13SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVZQYUdsdElFWXNOU1diT2M5bzdid2tlUk85NWNLSUdnMFU5WEZRN2IKTGRsZ0YrWUwxRnJPZUQycnQ1QTh4bWVqR3dOMGttUDI2RHpOL2xyMHBOOE9Vc1RqSEFLbkhucmJPWWFIM0dKNgoxZUdDdkpaS0pzZjNoS0x2cGoreWxrT0kzMllTdnpiZXF2NVJqdXJtSStZcTlMVE9sMlBudGh4QjNSeVMraGsxClU3STdROER3NWNwdHYxK2tUSm1nWkFXSmptMWE2UDR0d3VKcXRCRHduSk9FZWtpRFB4RTN2SG00UkxaTXlYeHQKRnREYi9JWFh2QnA2RHBxVWNwaXZTZEtTanlhOEllaUFzZm9zdlVvams2VW8yZ3VSUUwvNlVNREtSVXhTMnZxTQpSdk16WEcyazhhcEN2VCtmbUNuZTFwWlZpYmZJd2V0QjhLNDRWb2RVWkltUDJPNGdGN244UlY0YUc4ZUFQS2JQCmlPWmhZcGJxeE1hdmVKM3oxV2VJWDQvSlVuU3dxVnJRTWhZZ1B3Z3NxeW1SaUdFbmVocVNKU3Q3czFUN2VZVHQKREVCQnBUUTRLd1VadUVlVnNldWlGTE03TDN6Tng3OHhhWEN5UHdvR0phSFF6dUlEc3pqU2J1bXJ4SFVsNmx2QQppcWRJWU5Mdnd1cy9leUtLYzBET3dIVHptMTBDUXZCeTZXVXZ2RTBtZDhPVCt3TzExRnl2TmZ0dzYyM3hDbG9iClVsS1cxekNueHpyc3dvQWhVbUFrbHlkNUYzWW8rMS9VdTZGODFoL0lsYmdCTjlHTTBNcCt2QnBBR0d2OVJJc2QKaDI2aStiU0EzUDQ0dk5tNXVWTnZHZ004RktNNkJxR0Mrcm0rdVhxdWF6NlFLdjduWFBnS2NBeXY4SUh0VkxybApwa0E9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRRFJ3dWNHbjBaczdrTGQKWmNZY1J4aFhYSkV4UDh0RkdZZ0RNMExhVHVVTmZrUmVEakVGaEZKOXc2R0k4MUFDWTlscEpWSTg1MWo3M1RDWAp0UDVsM0w4WFEzaS8xMjUyOGV2ZldoenZKclhVejkyYlFXb2NQSXRsd09VbWsvRW5vNlU3VzBUUGxEU2Vrc1BjCnJHUUd5V1Vxd3E3UUg5OXE5SGMrT29BaUdQME82bXZNU0FMK0RtUUxyL2I0aG16TmZBUTZzVGxuQVVrcEFveWUKa1ZYMlo1RDVmNWEwUHRvZmtLM3JPY3RJNXcxbldFeWFpSzVKcEU5YW9uYldsZSt0MUk0bm1MTHoydzV5Q0FMegpORTNGejhiMTgvTGVaUHFNb043MXNQUEMrQ0tYTUw2U05YRUdzQ0RLS2hYTEZIRWNVeFhVVVFTbUs2U25Tc0x2ClI2L285ZUZpVU15bXhwbWgrWW81b05DUWZZZnQ3TlJub2FHVDZXS3orVnNtWGRXekdNZWprMnFXSVhycmNKYm8KVWE2WFd0VzFKQXY1c3l0R0xFNHRVenkwWWtuKytvMDNJRTJGNys1Y2dHYXhKSlp3VU90eTNmOGZkZjZBSWU3QwpKanBMS0NWMEZZVGpMRmgxd203L3REWEFKRDlqbjRMQjFDaEV5NXdVbk1FUnBiY1BJZ2N4UTN6MzNTRS9CWGxvCkRvTjZuckI0ME9UYWdFc3BZUmJ2ZDlRYnYvQ3Z5WGZRakMxUzBOYklzODVPbWJEUFJYWUZGZDQ2ZjVmaWFBNXUKL3BWNTlBVFdrL2JFUU03a3lNTXhmR0UwNzZibVZaRGJIblNieU4ybnVDZUhzbHl5L2FzTmgyOUVORWFYMDV3UgpVNTlIOE9QSXRIeVdFQVNqNUtzQnVwRGhkV2YxQndJREFRQUJBb0lDQUFxeWRxZFM5N3VndWtrM0lrOXVpQkpyCklUNW40MGUwQWNpRC96ZEozd3JTbmMyY0gxVGUzQ1FYYTIvNVZJMjMrNE9PQ0lVY1ErQ2RvRUpFVTlXWEF5bSsKWWtuZm1kTU5ZRkF2ZE1WS0dKWWJQdnU4R01ZSzNRMnZOTXNaci8vV1ZuRlIrZzdmU2RXdEQyUlJhRTBqb25uMwo4VmxNeVhuWFcyaThMQUpSSlpWSCt0VUdvUnh3QXhzZUpLbFBsYWMwV1YrSU5UQ3pFMERqcFRuYTdlTFhMT3RaCnN6SksrRU1KZjZKbmUvTk0rOVVzTkJxTXVOMVVPS0J3ZU90VmtjMEZjaUJ1ZkVYTkF6aStmdGxaN3FqQUFWbisKcGF2cmJnN281S1hyN3hVZmVWMXplaGNwRERRTDhiTE5vRXlQSk5Eakl5Y0U0TE5SWU1xNm1IbFh2YmxTMGcrMwo3SUZ6Wko4dVMwZHhHcDAxaVF1anRCWW5aWEdsZnhiS2hleWVqSkIyb0I0VDhkbXN5dWprUzVOOXppdmpzUFBjCjI3Rm5VYSs2ejRZZ3ZVNWJveVZzVXRaUmw5QWg4dU5WZ1lMUlFWS3h6ZTd0N3hpUWs4eEZoLzN2NVVubXBxeVoKTWtKcVM2VW01dmRZRldJVnZHN2RlZU0xQjA4VG83M3ExcndncEZJTG95ditDa0d2VFNiUDlMU0N6blNjT2tMaAp0VUorMEpITGx4Q2FQUDlEUnVQWTJvSmFISnhvc3BRZlJ0RUMxbVZoYVBkcGlZazFuMnR2R0dLbUJyNUhFY0xkCmRmVXNobXgrNUV0VUlVa1g2dzdidEdRY0tIV1A0L0lZRzZjNEJzWncvUXA3eTNrWStpR3JNSThDYmNRcmI4dWIKWXpES1FzWloxdGM4d0N3RmRTTXBBb0lCQVFEODFxSkcwYUsyQzFRTEhCS0NhYnhmRmRjeFVEVmxVVVZOcnI0dgo3L3NVTHFLaW5rQTJnWjdjMXdHS3dId0VlYnpiMmdGMFdxbEd2QzRmQzBZSHVSSWpvYktzaVF3cDFSMHJWcFJkCnNrMjVqWUxITXJRREFvQmtGOTlnVVNuS25ocGI0ZkQ2NTlyNk0rY0lkQkZwUkdSSEZnTE9FRmVUWCs2Mm1GTlAKU0RKTFBmOWFCd215ckpseitQSlByT0h0NUZPZWpoZjJ3RGFyVmNvMmtkVkVacFJ2dGl2UUowdXJLbkFIVS8rUAovczgrYkxDbkRYcFdHUGphMTh4L0JUTFdUSlg5OXhicXYwdzNtb3NTTWxUQ0Faa0k0bTdSNUNtWGRLZzZ4TGxlClZFZE1PQVlCYlhST1l5aGlLc2d0M3JuK003VExxcDFSLzhhNEN6MEEySXZDV0g0cEFvSUJBUURVWWwrb1NHRisKTmRzenU3R2J6ODhFb1pWS2pFdG8xU1FsV0JhWHZZZXJzMXp0eW5ac0gyZWdMN0xLSHpkUmk3WVF6R3VaZkhFWQpwQjNtSzl1SXpndUJsVy9kb0pLY0NGTEZRRXJ1aURqNUx5N1lUbUVpTXFNU2YwbHI5S2syKzF6enZ3a3VTRERpCkZnZXpiS1dlZFo4YnM4bms3UHhuRC9rRkVURkg2TDFjWVVmN0w4TlV0aURrNDVyRU55UCthYThwdVVMSHo2ankKbFUzMHJnV084Zk03d1JEbjNZdDRiS3QxN3NDaDJZSHBuMFR5ZlZzYkQySDVSN1hCcGtuMjY1MllsQXhIalJLegp5L2FyTVVWNW13ZVFPSWRsM0lxR0tnWVBiTDBSUU9hU3FKKzR0N1oxZHZtOWIxUjhHMkRVWHU3Q045Ryt6amRZCmhtaXpMWTcxWk4rdkFvSUJBRitia2ZXUnBDT09tUk15WkZWb1FsRDZZMHRFZDB4K3RPUXhKYjNlMDJUSVZidUUKZCtla2tEd1dHWUVzVkRrbEI2TmpCcFhIQ3FleTFRWHNMMmtRTktuQXBWM1UzUUtja2RFbmhpY0FHNkFFd09VdQphUitTUEphYzZGejFsQVlJVHhOYmx0SnFCa1lDaG1TTjcxK00reFplWG1VcGpOUXZ2SWJUaHYwOTRiYk9GTmNvClBpU1FXOTZjenBRT1hjaWxSSEY2YmRsaXljbDBRV2p0TUdZVEhDSTZFc3M5Y01HaTVJWUEzMnpGLy93dEFZZkoKOHU3SHRxS2FZN3ZNYlhMWHR3ZzMvVFI3YmdqQXFjSVJ3amN5ZjNuNmxjbE1xK1dYdVYydnNpRFhZYmFTb01LOQpidk9OVDJIL3AzNmc4RmdObVZwQ2hBYlQzNE1Nek42YkJBNVRoREVDZ2dFQkFMaG1xWE50Vk9qR1RncCszdGpQCjk0aW4ydjJkRGlSNVd5YnBjc1JSRlNqcFZMaEozOFJGQ0M0Mis5OHVkMU5nSUxZNUp2dGU1cnRrVTJsemp1c2IKS3paWno0VDRWQk1SenZ2Z3RLNmlyQVQvQ0lkYWxrK2c4Nkd0enN2aTQ4RVBRa2VJQ0txY2w0VFZaOTVMYVFsSwpTdGs4b3dFWEdwZEpjUWNMUkdTUkdVaktWanNyMzBiLzAxT29vc25Xcm5QSXd3TlJEVUI3ZHM4WS8xU0FlK2IvCkFCZFRyQ0FGWllFcnFUdCtEdGI0Q1NvVTFVSk53UHFmd29zenpnWFRJY2s0RGQ5YU84Y3NINTdvYXNWOHhEdXYKZFVPdE1USXA2RVJRM0c0c0ZZU1RleDYvTmQ2bDg4L05lMDBWQ3ArdkRjV1duMnNXR0JDNDc2ajNHcFRuNjRYNQpEWlVDZ2dFQVRnYkRFUXl6V0NVRkJtSWFheUkrUFgydDNLNS91Tzl4blZxa1ZTUkdqT1NmckNaaHRLbkhNOHZqCm9TZy9MOWg5RFBXQnh4czI4TTkvUXdxb0RFQ2FnVDRMVEdOZEwrNm5oeHFIQzA4MVlNZk5sZjBaS3BtRDIwdW8KTDFzRnQxbll3RG9QVi9jZ2R0QkxGWkhGWFR5V0J0ZlZWbEh5UzBjbmp0a05hRmphZGVoN2JjeGRhM3d3Z2NDdAorL0dtMXU5OXRDbTA5aktMUmpVMmVDNmFBaGFrNjg0cjBsQWtDeGlHL3ljOVFGNGlYZzJXSmo2NUhYaC9OdGhSCk9vM2JhZ09jWExBSnFEd2J0eE02ZC95VllsaTc4a0NRL0xnOE5PTllkUjVleTU2eFdzWjZ5MVA0eCtUMmlzRk0KTVZUL0tHNERmYm13V2Vxb1NaNTh2eU51VXY0Vlp3PT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=