opnsensevfs.read_maxIncrease UFS read-ahead speeds to match the state of hard drives and NCQ.net.inet.ip.portrange.firstSet the ephemeral port range to be lower.net.inet.tcp.blackholeDrop packets to closed TCP ports without returning a RSTnet.inet.udp.blackholeDo not send ICMP port unreachable messages for closed UDP portsnet.inet.ip.random_idRandomize the ID field in IP packetsnet.inet.ip.sourcerouteSource routing is another way for an attacker to try to reach non-routable addresses behind your box.
It can also be used to probe for information about your internal networks. These functions come enabled
as part of the standard FreeBSD core system.net.inet.ip.accept_sourcerouteSource routing is another way for an attacker to try to reach non-routable addresses behind your box.
It can also be used to probe for information about your internal networks. These functions come enabled
as part of the standard FreeBSD core system.net.inet.icmp.log_redirectThis option turns off the logging of redirect packets because there is no limit and this could fill
up your logs consuming your whole hard drive.net.inet.tcp.drop_synfinDrop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)net.inet6.ip6.redirectEnable sending IPv6 redirectsnet.inet6.ip6.use_tempaddrEnable privacy settings for IPv6 (RFC 4941)net.inet6.ip6.prefer_tempaddrPrefer privacy addresses and use them over the normal addressesnet.inet.tcp.syncookiesGenerate SYN cookies for outbound SYN-ACK packetsnet.inet.tcp.recvspaceMaximum incoming/outgoing TCP datagram size (receive)net.inet.tcp.sendspaceMaximum incoming/outgoing TCP datagram size (send)net.inet.tcp.delayed_ackDo not delay ACK to try and piggyback it onto a data packetnet.inet.udp.maxdgramMaximum outgoing UDP datagram sizenet.link.bridge.pfil_onlyipHandling of non-IP packets which are not passed to pfil (see if_bridge(4))net.link.bridge.pfil_local_physSet to 1 to additionally filter on the physical interface for locally destined packetsnet.link.bridge.pfil_memberSet to 0 to disable filtering on the incoming and outgoing member interfaces.net.link.bridge.pfil_bridgeSet to 1 to enable filtering on the bridge interfacenet.link.tap.user_openAllow unprivileged access to tap(4) device nodeskern.randompidRandomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())hw.syscons.kbd_rebootDisable CTRL+ALT+Delete reboot from keyboard.net.inet.tcp.log_debugEnable TCP extended debuggingnet.inet.icmp.icmplimSet ICMP Limitsnet.inet.tcp.tsoTCP Offload Enginenet.inet.udp.checksumUDP Checksumskern.ipc.maxsockbufMaximum socket buffer sizevm.pmap.ptiPage Table Isolation (Meltdown mitigation, requires reboot.)hw.ibrs_disableDisable Indirect Branch Restricted Speculation (Spectre V2 mitigation)security.bsd.see_other_gidsHide processes running as other groupssecurity.bsd.see_other_uidsHide processes running as other usersnet.inet.ip.redirectEnable/disable sending of ICMP redirects in response to IP packets for which a better,
and for the sender directly reachable, route and next hop is known.net.local.dgram.maxdgramMaximum outgoing UDP datagram size115200videonormalfw0ncd0.harmony.mcd1999adminssystemSystem Administratorspage-all00root0system$2y$10$YRVoF4SgskIsrXOvOQjGieB9XqHPRra9R7d80B3BZdbY/j21TwBfSSystem Administrator20002000America/Toronto0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.orghttps6796970f3b58c80001yes111111hadphadphadpmonthly11admins1enabled11-1-1os-caddy,os-haproxy,os-tftpen_US1.1.1.18.8.8.8nonenonenonenonenonenonenonenone1igc31dhcpdhcp60WAN_GWWANigc01192.168.33.124LAN1lo0Loopback1127.0.0.1none18::11281WireGuard (Group)wireguard11groupwg0ncd0111192.168.33.11192.168.33.1ipxe.efiundionly.kpxehttp://192.168.33.1:8080/boot.ipxehmac-md5192.168.33.10192.168.33.245c4:62:37:02:60:fa192.168.33.20cp0c4:62:37:02:61:1a192.168.33.21cp1c4:62:37:01:bc:68192.168.33.22cp2c4:62:37:02:61:0f192.168.33.30wk0c4:62:37:02:61:70192.168.33.32wk2c4:62:37:02:61:26192.168.33.31wk1publicautomaticpasswaninetkeep stateAllow inbound traffic to wireguardinwireguard1udp1wanip51821root@192.168.33.5/firewall_rules_edit.php made changesroot@192.168.33.5/firewall_rules_edit.php made changespasslaninetDefault allow LAN to any rulelanpasslaninet6Default allow LAN IPv6 to any rulelanpassopt1inetkeep stateAllow wireguard clients to use this interface for NATin1opt11root@192.168.33.5/firewall_rules_edit.php made changesroot@192.168.33.5/firewall_rules_edit.php made changeswireguardanyany24any241380Wireguard MSS Clamping IPv4root@192.168.33.5/firewall_scrub_edit.php made changesroot@192.168.33.5/firewall_scrub_edit.php made changes0.opnsense.pool.ntp.orgsystem_information-container:00000000-col3:show,services_status-container:00000001-col4:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show2root@172.33.0.3/api/wireguard/general/set made changesv90180015wireguard1000wan192.168.0.0/16,10.0.0.0/8,172.16.0.0/12W0D234000000000016324100010010111111111111111111000ipsec010127.0.0.18000040001raw020120120127.0.0.1250auto10root2812510root@localhost.local01$HOSTsystem30030b9a4410c-bc95-4de6-ac83-567dd8cf60c0,c1ec5aac-2fda-45f5-a0d8-9bea7db470d6,f1a4fa3a-65a2-43da-b6e0-18b0361ac43b,76c03880-d148-413e-8097-3ee0aa33cb2c1RootFsfilesystem/30030f24e0d56-0445-4e5f-9b58-3af0f246b80d0carp_status_changecustom/usr/local/opnsense/scripts/OPNsense/Monit/carp_status30030f48cfab6-de1e-4006-bcd7-c8f8990d25d60gateway_alertcustom/usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert300305e0dc1c7-90ac-48cc-944e-e0b20c482656PingNetworkPingfailed pingalertNetworkLinkNetworkInterfacefailed linkalertNetworkSaturationNetworkInterfacesaturation is greater than 75%alertMemoryUsageSystemResourcememory usage is greater than 75%alertCPUUsageSystemResourcecpu usage is greater than 75%alertLoadAvg1SystemResourceloadavg (1min) is greater than 8alertLoadAvg5SystemResourceloadavg (5min) is greater than 6alertLoadAvg15SystemResourceloadavg (15min) is greater than 4alertSpaceUsageSpaceUsagespace usage is greater than 75%alertChangedStatusProgramStatuschanged statusalertNonZeroStatusProgramStatusstatus != 0alert113115311transparent0000010000000100.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10allow0001apincd0.harmony.mcdA192.168.33.11api-intncd0.harmony.mcdA192.168.33.11*apps.ncd0.harmony.mcdA192.168.33.1000101192.168.33.111ncd00PFmk/jbPetnRN1r+eyu4yg8UWnexz1UeYFUHIa6j4XA=aM7qq2KOKpqhrR/PM1SUob9O6c+YeOKhLk9SeLGrKFo=51821172.33.0.1/24028494fc4-f207-449e-9a52-9aa2084ac631,3ec7612c-20cf-446b-a9fe-c06478eec225,e97ec826-3256-4544-95a5-90bb6a36da03ncd0.nationtech.io:51821192.168.33.1,ncd0.harmony.mcd1jg-liliane2T+AMURuCUmkTnZln7bLzpJTBaUzbvBFIgyIKix1RByI=172.33.0.3/241ianletourneauOLH36I5q6uFWKiiKuV63QzKarsUuc+YKzSh25H3+cmY=172.33.0.2/321wrollemanqExmit/3m6QamjJ2azpYRvKVFtWsbjRpxlvrveLoYWQ=172.33.0.4/320WAN_GWWAN Gatewaywaninet1125511060s00101024102401ipv4ignore204816384200030036000prefer-client-ciphersTLSv1.2ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA25630s30s30s3x-1last,libc127.0.0.1local0info08822000*:8404/metrics0460010894e544289f1d829.3f0193d71frontend_192.168.33.1:80192.168.33.1:80tcpb58293a8-01a7-400b-b1a6-f6c598a198cf0000000000000000001fdcee9ce32000ee.6720f7461frontend_192.168.33.1:443192.168.33.1:443tcp2ce6372e-30d8-4808-8683-7ff059b346b3000000000000000000b2b0821e71423fd9.bb87bdb21frontend_192.168.33.1:22623192.168.33.1:22623tcp284a9201-f139-4622-809b-f876a5812d6100000000000000000098fdab464008b9d0.261520821frontend_192.168.33.1:6443192.168.33.1:6443tcp48380579-d54b-41fd-91b7-22f1a065be10000000000000000000e59d902d1ed09be4.d164b0e31backend_192.168.33.1_80tcproundrobin22dd9cace-32ab-4e19-a59c-26744ee9531d,79a8d772-3814-4ade-9c12-b6ad5e1ec9da,b13c0744-2ca3-440d-b572-ad3357bca2d2,a3be6e26-095e-4af3-ba59-54f3e5732b6c,a0c71f9b-51d0-46a1-8686-1a7a24f89ed0,432001e4-eddd-4cc7-97a8-8c8d68049b1f141663990-0ffc-46a0-8c56-1c194dde8dc400000sticktablepiggyback030m50k10s10s10s10s1m1m000b18b8d840ac79ebe.44a5f27f1backend_192.168.33.1_443tcproundrobin2621f9277-3351-462e-ac79-0a50d9297daa,613de55f-0f04-4b3b-9cfe-4bc720686c17,2778f5cc-f347-4506-bcb3-8b7beaee43b3,2c670f2a-576d-4d57-ac1c-402229ceaebe,dc3d126a-2368-4fd2-b5ba-e1ddf550cdc0,9d966027-c3e9-4253-b771-89ea9954f25d1943bb69a-c19e-461c-9755-c05b8e860eb100000sticktablepiggyback030m50k10s10s10s10s1m1m000d876f8143ec06bdd.d8c8f3901backend_192.168.33.1_22623tcproundrobin2d69299da-ae0a-406c-8658-319f01906c6c,cfffecc2-b3ee-45aa-be2d-c0d2bd224ff4,976922b3-bc0b-4745-b319-fbdd6132137914a6a2a77-b35e-4bf0-8639-31fadafa2d8100000sticktablepiggyback030m50k10s10s10s10s1m1m000dedd33d162fc85de.36a7389d1backend_192.168.33.1_6443tcproundrobin285c6a978-63f1-4af3-afac-9009ce5483b8,9415acdf-bb7e-4e97-b61e-b85bbabe397a,b0da12c3-5199-4c7e-b224-69836b1eebe91943bb69a-c19e-461c-9755-c05b8e860eb100000sticktablepiggyback030m50k10s10s10s10s1m1m00068c8ff6c38f62657.41d2104d1192.168.33.20_80
192.168.33.20
80activestatic009d3e1b4532081cde.9604f10f1192.168.33.21_80
192.168.33.21
80activestatic00fb02e85101a55583.442e22e21192.168.33.22_80
192.168.33.22
80activestatic00d7c1cfbc58cde8cf.a44d67201192.168.33.30_443
192.168.33.30
443activestatic001fdd6caa0d234653.f072d6a41192.168.33.21_443
192.168.33.21
443activestatic00c983cc4193bcfe6f.b365aa921192.168.33.22_443
192.168.33.22
443activestatic00807c6a5a6d827047.6a59b6321192.168.33.20_22623
192.168.33.20
22623activestatic001b58748e4092d03a.a6b8e9f71192.168.33.21_22623
192.168.33.21
22623activestatic00f1022774f9bb613f.5eaaf49f1192.168.33.22_22623
192.168.33.22
22623activestatic008651865f070701d8.7820f31b1192.168.33.20_6443
192.168.33.20
6443activestatic00b41297ac041c49f8.5898a56d1192.168.33.21_6443
192.168.33.21
6443activestatic003bdec82af2c6071d.a288e2541192.168.33.22_6443
192.168.33.22
6443activestatic0068818e55a5d8e8.276212901192.168.33.30_80
192.168.33.30
80activestatic0068818e64139dd6.411626121192.168.33.31_80
192.168.33.31
80activestatic0068818e6e488d45.840395491192.168.33.32_80
192.168.33.32
80activestatic0068818e90906b75.700679281192.168.33.20_443
192.168.33.20
443activestatic0068818e9c9fc677.251946251192.168.33.31_443
192.168.33.31
443activestatic0068818ea887e1b7.807482221192.168.33.32_443
192.168.33.32
443activestatic00TCP_serverporttcp2snopref00TCP_serverporttcp2snopref00TCP_serverporttcp2snopref00HTTP_GET_/readyzhttp2snopref0GET/readyz000006796970f3b58cWeb GUI TLS certificateLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVR3B1ZFZqRzR5a0JVYS9NUWxyU2ZBcWs5VCtRd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5UQXhNall5TURFeU1EWmFGdzB5TmpBeU1qY3lNREV5TURaYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUUM0alhjOXE4VENxMmZzc05zRU94dktuZm1FVjRNTzFRWDZNdmRReVN2QXIzNmRlNXVMCmZ3bkJSRnVkRC9zQ1B0ZzhXajVCaCtiNGF3WC9mOUdnQnNJbnhKNVB2SWFXMlBtWThpS0Q1Q01WQXhxUE1lMlQKT0VxaEYvWkJxZlNNUWk2RkVhTTRFS0J6bllMbzhnMlAyTW93VjBDbmI3aXVJVWlKRFF3a2JWOVZESG55VkhGaApkVVlONjlpTXRYMEZiSHVtY2tKWHJwQTVQcGFSdVdsaUNnNHl4dWxEOGRsL3dJOXAzZENQY2tNaXgvYjQ1aWdJCjZHbC9GUmhhZmx5VWJ2WWxSMEw5d1pVMmNpcHFQemJJR0tlZ2pkRVdIcGRzVW5sTnJiR1I0azZieWQ4ZGd1a0YKWlNVNUlUSkZRSFdNN3ZNNkZuMTloUE51NG94TEtVUTc1b1YwZDdHV2RaQ1RIYnU3R1hqekhhVHJKYnhTTjMyVApIcDFEMlhUQ1BPTEs1NjNMc2YrNm12Ty9BQSt5SWQyZ0tvWllsdG9GUDdGcHNwWmIwYnhqeWt1amxvOUg0TW1iCmpDeCtWTVkwWUozelVTU3NCOE5IdHpyS0hyVW9oMG9oNTZPNzBNQjZpUWt5dTNaZzNlL1lTUnJwOVJwMTFMMWwKU2F3NmIzMEtFOUh6VHkxWDVXczJlQmxYajFvS2FBVktlTEN4dzlnRDJuSFdqaHViTlFwSmhmdFY2S3F0TjFVeQp4NXBWUTRrL0l1VUNTRlRMK3JOTThWOEc1NCsxTlFTaWZlWVpLdzF4bGRIMlpDbjA1QURrWUhEaFI3VUtkSGhCCncycjkrTjNjdENSaVM1V1BlRTBhQzJ5bFU2czdtU0RwWGM1cy84SnA2QlN5c1ZYL3dpZGRFMWl4N1FJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkhIMGNpYU9qNXdrKzBLeFlYUFNtL1pveFpHT01JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVUdwdWQKVmpHNHlrQlVhL01RbHJTZkFxazlUK1F3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQUhwcjZXQ2RmMzFWblR2RlMwUjA4RTUySHJvZHc3TjVJMGpwNkYrdHMKR2xsdGxaMDdvOWxvN2E5VFNBK1FnSGFQK1VOMkZUZmlFeHZ0RG0vdDZEQjhSald4ZnV4eloyOTMxeE8wWEhUNwp1Vll3OGpaYnlhOVQyU1VjTGR2ZFpyUHZFajJscnExYXRnc2UwMmhUUTdOSGhpd0hrbEdWTHR5K0FpaVc1STBPCkpPNGFiUHdBU3Z0SEtTU2hYTEhJY1NqWTIwLzF0TjUvdFRMTTFKUUFHZFM1NWU4YVpkdWRHWkVJdHlTZk0ya3kKY21zVnNMS0ZsL1ZLRmUrQnQySmd0d0FPUk0xbzM5WTZLQ2RHTkJPYThGUS9GQWhqZ2JrM1IwYVk3MEFBRDlyNQpXT0dPeEFxS0g5YmdhUUhrY05zSnNWekJlTFZzd3NPYnI2dktqUkUzSm1jTC9COGsxNVJaeXdMV2YxV2N6QzhwCjd5VDNUcW5vRXhQUlZZa3AzSmFQRkNncDN1YzQ0S01UZ1laQW4xeHJLS3hQdUV3NE0rSisyNzBGRzhqckJPN1UKdENMajVPMVpVMXBoVDBEckswVGloOHJlbkgrWDZkVUY4UmY4WDA0QXd5a3MzbjYramNoT3E2azFaaWVYT0NVYwppclM5eTFnNnZCM25YdW1kU05JdEZvQVhTWXRtOE5KaVUxN3kyanlnOWRHK3B4K1FpZTV2YjBMNE5xdzVoMFZhCldiWVpsMjA2cVpFenpFVEJtTHNuaWYydHB0aUlkbWh0UEZPYXBvT3hTL1ByV0V3VXc4NXdNQ0ZLcW1tZ3QzeVYKRUVlRXVRVTJIMFE5NS8wWGJOZnhKcVJSUXltOTBHeTlmTTUzU2VGbnpwVlU2VzJ6WTQyd3AwQktBZGxDdW9CdAplTjg9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRd0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1Mwd2dna3BBZ0VBQW9JQ0FRQzRqWGM5cThUQ3EyZnMKc05zRU94dktuZm1FVjRNTzFRWDZNdmRReVN2QXIzNmRlNXVMZnduQlJGdWREL3NDUHRnOFdqNUJoK2I0YXdYLwpmOUdnQnNJbnhKNVB2SWFXMlBtWThpS0Q1Q01WQXhxUE1lMlRPRXFoRi9aQnFmU01RaTZGRWFNNEVLQnpuWUxvCjhnMlAyTW93VjBDbmI3aXVJVWlKRFF3a2JWOVZESG55VkhGaGRVWU42OWlNdFgwRmJIdW1ja0pYcnBBNVBwYVIKdVdsaUNnNHl4dWxEOGRsL3dJOXAzZENQY2tNaXgvYjQ1aWdJNkdsL0ZSaGFmbHlVYnZZbFIwTDl3WlUyY2lwcQpQemJJR0tlZ2pkRVdIcGRzVW5sTnJiR1I0azZieWQ4ZGd1a0ZaU1U1SVRKRlFIV003dk02Rm4xOWhQTnU0b3hMCktVUTc1b1YwZDdHV2RaQ1RIYnU3R1hqekhhVHJKYnhTTjMyVEhwMUQyWFRDUE9MSzU2M0xzZis2bXZPL0FBK3kKSWQyZ0tvWllsdG9GUDdGcHNwWmIwYnhqeWt1amxvOUg0TW1iakN4K1ZNWTBZSjN6VVNTc0I4Tkh0enJLSHJVbwpoMG9oNTZPNzBNQjZpUWt5dTNaZzNlL1lTUnJwOVJwMTFMMWxTYXc2YjMwS0U5SHpUeTFYNVdzMmVCbFhqMW9LCmFBVktlTEN4dzlnRDJuSFdqaHViTlFwSmhmdFY2S3F0TjFVeXg1cFZRNGsvSXVVQ1NGVEwrck5NOFY4RzU0KzEKTlFTaWZlWVpLdzF4bGRIMlpDbjA1QURrWUhEaFI3VUtkSGhCdzJyOStOM2N0Q1JpUzVXUGVFMGFDMnlsVTZzNwptU0RwWGM1cy84SnA2QlN5c1ZYL3dpZGRFMWl4N1FJREFRQUJBb0lDQUJ4UldLS1Y0TE1lS2V3Zmx2dW5OalI0CjJQaDlsUmFKaVVsQzJNQUVuam9LczVybWhJOTdCcndwQ1FXb2xoTmFJVVBoZFB3SkpsK256RnZQK1JKYzl4MnoKQmJlbWJlQm5tcVRsUW5hS1l2ZXVhanplcEYyYW5aanFYRmJuQlNjZ1lKTDZpZGpvZERaSlRQVUJieU5MV0hyaQphSUZJbTBYY3hZeUIvQUw2NVUzZmhEYXl6bEx0ODduZkhuTTR4ZDQzTHlIekZrcnQ5aU5TZnpnTkF5YVA5RzNHCko3VE5QMXBpNlo2TThwdVFKTTBKY2RQdlBPVmhCQThENWFDOUV1ZVR2eUVwTmhaSnhlTjgwUlZNYmROMk5RSmwKd0Zkc2lqK015Q0FyTHJ2N3hhUVI3YkpSaS8vUDdVNCswYi9lakNyNzMwWmlmUTd0ZjR6Y0pqckNNajRldVF0SwowSHdmYll0L2NLVWc0aTlTd0hCRlg4QUxva2M1WkNkOXkxVEQzSU1LVlpDS0pFY24rT2gvMGRTT0pDWlFoTDdKClN1czBtUU1BVDYwTGkwZXhyMC92NjZ2dWJqTWpNcHhQVjlIY2RDbTRSbVU3aFMvQlJpaGpBc0ZqelhOVlFXQzMKSUVWVTNNRC92Q1hQRzZKb284bi9UOGhQWHc0T3U0NkE5RXF5dnR4VzFlWDgrMERFVFBreCtkbzJ2R0ZWRGtRMQpoNmNLSGVmMFFGSUViaHV2V1FKRTRWNE9VdEYyRlp6VjliS3laWE5jQnNTNWdkTlFKRmt1ZkYvOFV2SlFLT0tHCi9VeVYvejZrY01xMHNUc2JSRjNVSzM2QnUxSENudldoVlVvV3NBb2JKV3pBemRpRkt0V1BpclBJNW9TUWFob24Kc2JqejAwdUJJQkFhdk5rUVhiY0JBb0lCQVFEemF5bHc1VEFWYnBza3A1WUpnaWppTzVhRUNPQlNka1FwZ1Jodwo1Y0VWenZhbUlZZ2NDMVBjSE1DeUUvMjFITFF3OUtpcVRqSGJrTWhOMEs0TW1HeWJwM1hKL2hHYkd6UzRVSGFKClQrdyt4NDRWTUxxN2l4Q2dmc3JXRHNOU2RhOUFGYnEzYWg4REpaVjNIcHplRVlOR3BIZ2hzM041STNNckR2Q2QKeXowWjhNOStWdUpIVDBjYXVqa0JlTWtZbEhYVEdabnFtYzBoaFlUdDlZVGxTTXNMV1JEdUpkdDNoQjkyTDZLOApOa082Z2lxeURteWswbHZWejhSdFZBdUQ2TWtJaDEwT3lCRksyaEpCaVhQa0R5dmM4b1JSa2xpSmxaR3UzN2VXCmVacENYSmJ4MU5meGhnckhBbnhtbU91N3dVUG5oUUNGRW1RMmZicnNZcVkxZGVrMUFvSUJBUURDRjJoV0YwQjgKc0dUMVBoek0zR3RiVkpyVFh3bXFxb3BVYjlTVi9IU1JGMkJiWUUxNWFFMy9vMmVQVmovNDVoaUlyYVhweklVeQpaWkV4Yml4WkhoZy9Qa2NqeG1oTllmTUJrdFdQZHBvMFh6ZVBWQ1hFV0J2VXNBclc4RDI1ZzlkbHEzTlEyd0hqCktDQUtoZGJudU9OeUllT25DZ0tTTEdNbjJMbGJ0dWFJcmcxUnFkOU5KOCszOVQrUXZmNHVvWmxTenpPRHgwaTEKRlFMUEgxcitRdVZYMUVqL08va3kvSzJxcWRZSXlyUHRGTXpjSVdTZ3EyTWErZ1c5T29CK3NhL2JwNWZOMEl4cAp4WjlKa2grNDRjaFgvVkE4dDJORk9HVW5TOXNXRTlsNE9wcEdxSDNtZmtLMk12SnRpS3FSTG43S0k3dnVhRnRtCnk1eFdXdXNURW5UWkFvSUJBQUYxcmd6d1F1YU9BRDRyQnhwTmZvTkV5alZHZkZuaVBheG1Dc2g2aURyaVA5WmwKTXhTLytLUEVSRitOQVNONTVaYTVrTjFjbEszMVkwNGNKejhLRnZTai8yL1RwelZmNTJRSGozNXBUVWhmRi9vRwpqY2djSUdCbUFqOWdYVWw4VFMyOE01OXY4bm1wV3drWTFPWDhBdWFFaS9mZnhKeUFXdXR5TG4wenY4ME5CYUdEClVkNE5tcWFOWVZRaDdrckljU0J2OGQxWFNNU2ZzVmxmOUlrUGM3QkF1M3BDSGR2TW5nZXVaM0pyZk9KOGIxY2MKQVFqSC9pYjlGUGQyM283TzhZMnNpaUZSajlEOEY4bnUwaFFYQnpOTy9QNGtPNFd2c096MGlIeE5oR0JMZjlnNQpaNFlhUUt4SzFvWWkrcDdvbk1paG9vd3B2UklhbE9sZitoRXVBTlVDZ2dFQkFMcWJpc01MQkFOZURSTUZMdWVBCkhPL29maHN2U3JuOTBaV3hGM0ZGRWtYVmRkMGswQmdrUXFuQVQzY3VjNzg0YXVvdUdsQ1pSSTdadkNrTVJqTkEKamd0d016R2dOdlAvY29aV3lHRndwSDRwOWQ4bUJsR3FiTWVtb2lWWlFkODFkVWpZK0x3S2ROd1QzZ3AvOThrKwpwOTg1MmdqbHhPY0pLaVJMYUp0WFZIcWc3VWxReTlNQXJlT3VOZmxSMGlxL1VBeWdEbVZxbXVzUFVtNFZOWVUwCmlCQlRtQU5kaEJDVGc5Mk1BSzdmUlBKeWh5dzJKdXViSEdQNWNyOG1taGcxZW1EejF5NFlqb2U3YTVSdW0zVkUKRHowWjNhVWlwSjBPeGFKc2VpM1YwOGFXZ1hIaDJYcGNkb042cEQ3UG9UNkl0M3BkdFBoWStWZng5MVBIZ2pBSwpGTEVDZ2dFQkFLeVVmRjBqK09TZWFSV3JtdnhCdSs2czF0Y3hFNG1IYzNtaTZuenp3WGxPRTFuSGR2b2lyNmtVCldscVRVcU5kbFF3NU9oUUlOeHMxWXpyNWdvVmlSZlhsSUd3VVFJOTRuY09XSWhNNXY5SXU4RUV4alY2TnNjUUoKRGIzNjdFamV2NWJnbFJ5ejExcmdQZTlBVzlWcXpzZHNMcjdJUVcybHlaRWR6VmEzRUVCbXpaTW00T1V6a1dkVQo5TVd4N2kyRFlWNVF2b1BSMzcwNzR2elNNeFYrZDhYZmp4MFcwbzl2WWU1UHNVMVRTaEp3SkVtWXc0bmNmL3h1CitBVzRNQWtISlRONm1FYXg4SUlpV2VIN3VZT3UveDZtazZBejVIK3UyK2ZRcHpyZEtVVm02SWFLT2I1THlLQzcKTnFrZnpXeXdTNXlUWmorN3FibVZ2b3ZLYjZubXczRT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=00014001080808443010h1,h210000000000000