From f845ab478894cc49b3718a66b362018198ad60fb Mon Sep 17 00:00:00 2001 From: Alex Walender Date: Tue, 28 Nov 2023 09:49:54 +0100 Subject: [PATCH 1/6] Started Tutorial --- config.yml | 1 + wiki/Tutorials/Sshuttle/index.md | 34 ++++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) create mode 100644 wiki/Tutorials/Sshuttle/index.md diff --git a/config.yml b/config.yml index 69baaf82..e3042f9d 100644 --- a/config.yml +++ b/config.yml @@ -78,6 +78,7 @@ nav: - 'Tutorials' : - 'Access de.NBI Virtual Machines from Windows 10' : Tutorials/Win10_SSH/index.md - 'Access a SimpleVM with Mosh' : Tutorials/Mosh/index.md + - 'Access project infrastructure with sshuttle' : Tutorials/Sshuttle/index.md - 'Ansible Automation' : Tutorials/Ansible/index.md - 'Bibigrid' : Tutorials/BiBiGrid/index.md - 'Blast on BiBiGrid' : Tutorials/BlastOnBiBiGrid/index.md diff --git a/wiki/Tutorials/Sshuttle/index.md b/wiki/Tutorials/Sshuttle/index.md new file mode 100644 index 00000000..66897c3f --- /dev/null +++ b/wiki/Tutorials/Sshuttle/index.md @@ -0,0 +1,34 @@ +# Sshuttle Tutorial + +### Quick Introduction + +[Sshuttle](https://github.com/sshuttle/sshuttle) is a small application, which sets up +a transparent proxy/VPN connection to a remote and private network. This can also +include a private network in an OpenStack-Project. +It enables a secure and direct way to access a private network from a local +client, like a laptop. + +### Requirements + +* Linux or Mac based System. Windows is currently not supported. +* An OpenStack-Project +* One running instance, which holds a FloatingIP-Address +* SSH-Access to that instance + +### Installing sshuttle + +There is support for various Linux distributions as well as Mac. +The [project](https://github.com/sshuttle/sshuttle) includes installation +guides for all kind of systems. + +For Debian based systems: + +`sudo apt-get install sshuttle` + +For Fedora: + +`sudo dnf install sshuttle` + +For Mac (via brew): + +`brew install sshuttle` From 68a74af155516b11e80c672db49c8079e6a60040 Mon Sep 17 00:00:00 2001 From: Alex Walender Date: Tue, 28 Nov 2023 10:02:25 +0100 Subject: [PATCH 2/6] include gfx --- .../Sshuttle/images/sshuttle.drawio.png | Bin 0 -> 37288 bytes wiki/Tutorials/Sshuttle/index.md | 5 +++++ 2 files changed, 5 insertions(+) create mode 100644 wiki/Tutorials/Sshuttle/images/sshuttle.drawio.png diff --git a/wiki/Tutorials/Sshuttle/images/sshuttle.drawio.png b/wiki/Tutorials/Sshuttle/images/sshuttle.drawio.png new file mode 100644 index 0000000000000000000000000000000000000000..273c91a0de79e8cad29850a39a27c6631191320a GIT binary patch literal 37288 zcmeEu2Ut{Dwl1k8Ns_3f0wg0@at;=V1j!0WP7(@=RAeYnR0IkXQIRB|U?54(QA$uj zML}{XBu7aS-!8>&d!}dZy!+mpH}}r{x?Ah)v*X%pul=uot<%>H^k5WZC&=*d@F=vk zGz{_Z@Dbp@d6FZbq)UrO4*Z4hV+d2jD|pK?gNMhh=BsJ$>w$D~b$7($mQerki(6dO z1@7a^Euq0JE^h1PCG6m8>x{7V@DcWO^aVxWy$9UE)ydV-;YS^DQE`b=Vq&MnC5^>I zxg}J^Wx*eklER{5G8cc;w{>>(JnT>x9^~roZp$rx=CrUV=!(x=OpIGX4g5Oi>gk6B ze`!?Fz%Vt64JsFQn)5MTE@EPxW(1MZ+BNWNAMTS(cTS? zYohLgfO~+FGh$-0!lJl;K%tSXlP$vamo9K?aP+lx{xN@;zBT+T+{xHoRNGk1UsW5S z?+$vv)$w;k__)G750@z}EG8`Rv&4+M;ES#(lgMs_d`gT+Qa=}`sa+Doek^_K^NlOzjpVtQx7BzVe93h z3wLmI2R%C=4`(JSE%~EUhrk~tVq&=YyL%@a8FN1`@_9F?9mp1fCv1sniJgpaCwJyynqV)p?6$?k-aUD^mozx zQq9cO!Pn(Ssf@VvkGbG#YdN|)yZjtkOiK308xPx`l@C|q<6`Ro5BSmkZwT_II1z9- z=VL{=W_-r>mcs0VP+y}=V*II z%-;oJ|5LyGZQcD2h0852RMyckqO>3AR37KUB@h6^XMoYQRpptHa&li0`{A;pF5bZf_6DeS8scH^*PzI7rz^ zot6S`e&`4|#=ee+XXQ_J;Cs>ESA(A#0}h}gurI!dK(LaZr%&o|3lGnp?BQd;FM51f z@!v&p4ll+3 zQJjC0;z<5?QJh26@{8iA+WP|Y{@o7!a#4Ug{X5?B^Kk!BK|&2@(_I06IA?3;=xzY_ zarONH)a>BCzHkq)5kD)ay1P2#5S%akFRmB3pRc>CC%86#A{qeO{wWuRg!CbHIlM4V zi~jYEA@L_S#?M{<*SRso0363%8NY0mqXWQohj;>x@O6PZ!#!=?HGeNvL%{t!9lrYx zID!9O=NufjL*H-y%Z|RjfrlW~*3TCX>ivQX9FeZR=Ab67Iqvrb+;8F2hff-~Yx(CZ z4V;L-KX`&W`?p58hhJLZ9)EB4{pn}BAM3*{3UmY>{uX=yGJyLbz5^Lh>rb!O(?9z1 zwM94sKk9pLe_HQ93r7%+?zX0uX=T)c@MB)WOzK#_3OC zsg%8pqn#7b(;u4f{}z`1CAtuo{A(-o6NCP1+OIoS0us#veTdPq-&IC4X=y4vTCLFAIC%o;dka4jui!waJHe_uq1pC4O$|fB8+8IXn}; zQxktU$%hW;zvU)N{@h0s_T;26}$o=zl#FDE8M>;;&~Mx3I%d1_J#0 zLoDMrFY=5#9QeVW&e{eb42d%m;QqW z=g`{ymx3LVI2-XDYT(cc(9oZce*<}ZuWI0ka0M|aoPYYA+xlU_|F3XVKMn1Fj7Pp7 z)c<~XMC`BqP;DF)VDISVivuCX2wNv7S9|cw*3$v}iEwmqMSv(J?j0^m;Ri1H#RUB& zKl*QkKTiJI`KlR)@SX!+0H zZV8YpbmniQdwhTQhs>H^&D!_3Ka+WWyf|!t%bNO;0m7Ps<-@~+;%RHB8Y3?)q>)zY ze%xsvq1JWcm!Ns|jL-hI>{p?C-1b^mPu@#b6K3$sIDcJeE6xMrjsea+hn^fsG!pZIq9yX>cb?O-F z(E4)9ZniJEIf}2{@?JpFHo8BHl=`KnsH8Wzvkz@+=my8spWv6{6;RO&j#dtJNmwq6 z)zBT<=pKThEGr%gd+2X!aAV%+67{z{2&;CRE00;+r@>a!`?&^J^9rbXdUAHNU1Pj< zO`V{jdcoGyzxBB;dd{>bcVQ+ykEp8Zx=Qff5BdQfxDJ(3me1*Ard|~eG&Yq#4u05A zijeUZ%}yh&hiE_Qp=)}GimP>lWjb$EFJuM#5>TJ@(d zUJr6Hp?zh2wdPuL8fE`Nla8Yc5o*0<&)F6^d)? z^QJn#P4g@|HI<|^Mt0A)_mck1YPjL4AhOfRcYH&~^Q}Ol8(BE3+?)CE+Qysg_K4%JByUkzMqBcHJm8-Hc0HK*{U@X6!$mfwLk|fLG!i+RHPr{ zp%|{-nXQX@$cJYbZ?~Mk1k_ljxw!dY7MzBks}nh^QeYvqR0h-qi2e)7!apuu$o;&r z0$&+s>|3g`nIkbT7RGk1PvBJ8?zdwTcf>1t2TksDqtBUYN*RlKr@wg`XmU+>#ZayH z*GG;1!XoeR;6@mXiRbQhm4mCb*Ng z^V8E4oyu$?`evt?A8)MBNn`5=lPBMcq)f)kCv{%Qc5{4-GI^gr#Vpoa4mUA-)NmTA zH>CZ6L8~I=%*);26v{Zq_tQ!oYofb4e)`6Oz%~%U;r(35=i@bon@cfO!?7;g&`TEnI z1x~kyt@}`__dKOAwAyv^B;)uEl3}*$LSG6@dpxUPm*VDwoOAcYFHt;Omf8O{W&LW+ z#^l>%uOI?`wG?#pF-g+Zohe{R;v!GIqW-$~XOy?$i;Gp}(3q6{&5;AlqmL3f?)eYJ z?5jd1pA4oxP1@aA3QywHL{#}NuxG*2mwl3A$Qx2=GUF{G=eEp)kK9!qt=?292DbMVk!cFaa9UdkPLB3&UUdAEC z9wh|V%L=u1o;C|#+77V~bnAJ(RStJ?RLSrccgNNw$(xzVuD(gSTm7bgBPEc$SF0jk z*I}DDgRd|Rsvol2&34_*fg9tRFgl;LBhZV)G9j-XJ&t{!t8Gm4aD~jf#PU z#!l?)D)v=w*xt5y(IiEu$|CvvP^yzoG3PhqfE%|xd3Gpwp@Cl=Qd(*l+t=Rpavj(% z@m_B7J*a>=U<6qwKh`feE^HU(o=p=*Yz_r<=(j7S+`iXIgXMUAw4ckn_!*JxLSm(& zueB`|27Y7k4pwUNe2n3P@kDl6|BGxw7xn#Ep-0d(jIa=vHoQ_Xsc>}H{R*|f#kN?5 zlQmMICx?O(Zfh?Ip^x~b-@fwV%-NDsZqik1o+F@Bb5oRpOYm;ERD{d!p4OmUmK7MI zxFg8I1sZVn<{-MF$H>EBAb!tqd2FyGd?4hwvSa+(ytL`wR^Prpw^{sae8ttLW(P@j zjv42b+fgnvXFWbfjbuG{}mr`>!!WtCo8x%&$!yZDHK88QInI>srm|JU6u)7~)9Qx$;vu*4tlZ33~ zZfD7bF`iD;*TKnGw?>4O z*)E)N{g88(4r}c(Bslq`{J?svZ3lJR2G+tk;APhVY$ZOF^szLq?aBF3t? z+IlptvCB1~aeR5RrM0y=@=4*Dv-`7O-<&?y)V~s?P`r7Rf^`)Ii#O=l3w+W6PYE}> zA++t1(^I(TU;u5`>`g{R_ZafKru55d{{Vz2K9E z>mc<7^WVMFAlCAg=FdEXiAEYm3r=F9KD_#B_5-)^tN+sNZ#UY11O$Iu=I^ip2ecwL zL?34?_J6QmRk+Q3+lPgfP-D|GG+3aZ#U--{=w|g5StS7#h(aNr>S7?RPXrhiX@%bv5%Ttd z?CS2&-cvEFd1b?OQdK9z5Q+`#2*kiQ&{m%smNbY-1#$nDW6?MtF|VW4#iuF*WUEf#ll# z?YZ|QjymgKA><60Ow}l&UWd**x{q{Id8m}OY#x*!>?|qIj5IXdWK+B-e5sc2xVVEs z?_h19(UGG}Q1+1J$ldi`>&x!&+Lf!@pX)<+a_rmVR~ITq&MppCIevM4&oIv*OU6Ta ze`}(|xr?nSrr`Yh9PMmhl?zpf+}h=4a>V{_Aiv3z+aYW3V2F{>P1n?=tbW4tt+wag z6I8ycq^PQu!AcLpgsiHKw>K7^hAERV3P0;x?pCLo5s%sMSHNE_wr}r9u@1}ESQ@Gc zIEqPNR~FX1L6_(^_bLCN96oX>GN|J=e~HUGPRQBaqtpdvh3U5i&Ge2?vM}jjN5T)R z@LKPmcI$A?2xTD07S?UtNAa^!ZY}wADe_uWcqUti@0pO%@j+|+7m|qCkSaWS5BOpk zMecw-X%({>s`krudG}D;M3xVOCyQ0lS3)mOZeAI+>y>|3GfH&k5H`WGz%~88Twz}FW(h2skrv(PfQdE0EEJ-CvDv1@%8JW5)6c^zcMG z0!Bi49XszNXN2!x@LwFvubl({?P*3Fv$UT7((tJlPH%2-uYG)KMsKr1?6DJs{rti? zrAzt1a`np_=BJcw0uj%=PwnsY80o*dLe4nOL=#Gkxy7vmq~p>@x{-stE3Ni^MAeQd`=-fSrh5oYHkx=seP=LXcPP=_FKcLhd4qj5cPb~!5$u_VSn2#-@2hbDZFb~(XhtULpF4~ zl+s5dheAJM(BP3_F0gczd@Xa5DwKs1uy__Sa}tTIJ3!Ab25K%pnGm!NT{jUzw>+&o z*xzx)ViH$BS-@YV1q|n_od##+Jo-(FNJh{@!uKRqEDA^ir>=C??rZx{cyB@4YApr2 zWiIA%jr(WuR~gC;qq)2Pf1pIF#a_=wI{`BlZb~95`#BS?#+9Y0mHgM>! ztozJfM?x=mXGWryveaX4 zKOWB2VWiK92>^=fM$ZfHFLgclRoZjVU^B)nGOTGQ?8`l8vT((~bhCgR;o@@3IPh_t980_=2Q@$|Kr zGhOM5^t;r;_?9bha0*k{!?sjUnGc6<4&lczWx&#z0 zb234Sr?_D8d8|S!$*l@v^Ou_lr+^k+H(~V-i`Lv&8e#9W2XDNjZa@;CE9oH zlkOFVWhXnKdb>m>I5~+dw|=_9U=`it^aj{sIR1inCtH2Zvty~mPB+zqce}FnrZ)*U z8Vl%U43RpUp~2GG;V0*UPGCtiZMivjt5xtwN1 z>TC#m4q%PyNV3EBbcV0^GFMc`%c zd~~fbm27-_pS;eAH(goAC1GnJa-BTeoD_&TEVwaWosYro%+*^?8vz{e*A?+sVQhgK z9u4Y)j9KKZxAAk&#GS|=;>$i0m(*~uZ_z|Y9ta-x5U|P&{p*|!KVptj%+L9t{ zl_YebByX-bWvEXK)lJN%&?kKT%Edw2;P)$DDypy9v*>p@?+9HmY-=A&&Tb6Gt6jk( z9JCIa;igA5MQgAZrLaM$r01Ju0~Q~kWEqS;Jk~FCtbfOr^_eRxFw-8cj5AGM43IgU zefVQ!aPPYO!%4U;-d!L7$%WAtdIop z7WY?PL??as(bdt47_Z_FlM?OgLsVe})nR!o5mVpG*Eum!y*JE`hUFohs2*#R9I;G-V+ z05#UI@a6A+IrruQ^F|)YYEiDe=J)AK&_OY2w!|AK+?G-UFc;YOzL=AKxq#qiPi1F0 zQB}=++pr<7({VlZz*dIKGpbxaki?0HSAGr;XCj z&C4L5Yg`9=TOiFr3`C_;DyV|CP$Znjvv@AEOqU9Dr4a$-+{ryf@qI6XfCScOUwz7psGuL6d&;$-gO-0UG*5@yNhlJCYP4)T z`TL4t0xE~Eyvhk~7Rhuf5mmjIZyNqC95vGjDAfgVQ(P+!$n>Avl#HbKK7uzGq4o4Q{f`mAQsny;78filyqO0F0%O*8pQqEa zyr=bVnE@--t3d1Q5ThHG&&j524DWmDKX{={g4kIYy~9S0^(?;Kxvh;(m0(i!)N62g zs*8rDww*drxT6v_a4^+Ws+FnXsg9O!q4b=As4g<-R6WaBB&>Qt#Dht5qY{0=%PHV^nNkvCzbs<4`1nXz>RL;1uH)Gi3cM~{0y|0ek^k+fdtDJZQnMKItGB#Z{@_inPK!OBVBcQ zQK>lroMlp7bn1t$nzD%idQ!yF#lcUBG}td#-aoA-(hnTicTV21FPUl3uy@zPP=gPz z&n6B~W7))VK3t`tLCbrfY38X^*;KuwT>Bks7)VxaZg#l+(25dsdfZY13;mn*8Bl}4 z3{*ZEK~~f#g>w?S;ith$!`_*uLKCE7EhI02r*5Ju*}aF)rBvBG7%E(9!BZAk`!73! zlLRgH%bJg!M_p5AAJ<7tnu|Bp+I6V3v&R2^ZwrJ~((&QPunfA!34>Rmo7Xtfq>k>W zEJ|`W&w&M{d%n9E3zZgPf5kn?_rMCwCL1?)YS$Qu0+$>@5vpGqYt=7xyG-y-UhJdLwS40|V=lcbbG?N+`KWu771ko! zH|PQ|p9rTMK95(eUK|k?>y`2x*1H-P$g4M$Fq|r+z8#S8ZPR(c_f91I+|4}CGZREr z+~UDsc!;W;&&@oGG{;A%u!zE3*Uni4hR&DDaJmoFs$P`J%h|6xllD@4KTTFV;EOz9 zy_M9@e6C%(2}tjgrh8JlPhNeA%b>-+y?=3DR{@-~2Mjdl8_Cc(C(W?hz_e<2KqN_c zua4}c_AQ>c)9JQ^K^-v?!-fYNZ=dBF7O#E)*jZ$+zpTM=@qOGX#@^9xc0X*gM8R}4 z?Ay{vICtPG-D;O|Z#1~bACWPC1UFTIs)iJe8NQ%Od<~}t0Tr|3M$)?B_zI#}&Zt;} zO*VMD^;CDb&&4DjoPSUm)?TjrzWhV%`=zo(F+XJsaqA#|ci}4b*CNUXzN(5s?hx4k zla*c}d|=r060Y&t&|?CY`UG^{hEM@>ltZ}(Xfd$~*~;+3p69!H+dD5jYA}ssv^@tq zS54(MLo^@V47MtndVMMbF3)1bNKO3OqI6DxT^C+P&bZcety^(sE*t+GG%u*=?Vy0dpFx%M0R z6ECu60g}RV8FlC6%AX0EOLAjarC#-=F+to31KV!UJGNYSiAl=Pk3Cbfab(TI~v!^e5&!rr=d(BvQ9sT}cXDne( zaE7XYaQv3c4SW}Mp>VW_m5fE;B7}_bmj0)C0}IOH^`gsfwpTyhgd{2Jkf8>PCE{3d zmh16UWT>EnDT;;1eb@K+=bAaUS33r(7wT;bLqt7LN7?&yE^NjwC~JM1uObM-hVQS$ z^yIHy+m>a}VD1%q%tn;W8_rk8te}n#-VSJGj^e`9*}~f6nlGcf_HCXVUF_AJDYBh9 zA6PZzQ{wl5(XiIR_1@-8O7YstCdLQb!KHsE#Nh1%Ibo4Cwv)6liX?}M5#a&K2Pww+ zAE>eMsaEso27+Ots?c~o=e`3$o6{I?#0%fCXP2{%$(x;_nk(E0qdG3DdB1!f&4+;< zojtWwr>M86eeZ0+ewb#5$urKSw^muRVx`Tl3%-zAQpDq@Y>>SdC$Q*JpSkVTZ%_2O zC-&}5jweiEH?Xf9JNI8C$@%qbsMgQTy?OuaEv;DZHzhn01pJ)2$W8!JmGqaqi8Hpu z7_;zl^Xf7;mTb+*6Ml}X!Q>MzwAL<@U*ebzA8ASXZ4txP8@9icI#g~d1%X9em^TQ) zokd1)7AetOx4}tds6u>`KK)30DNM*Dy?~JpK*1mc!Y-NzFpa7+$oFZWIL<>Ys?AI!n>VFV6fPIL`c{f}a zoNL>16@kUj99Ik~4FM4mar>7y(fuU8E5z&}(B~EvpWZVtzr(>xJ^kJ&g=V%qS-(0n zc_;?oqp_E7XJg^k?8m2_xA~27^wQ*11;@x&l@E4}_IEawwUgyc&h0Tvd$xXSH5H8; z0SuD3W5-EA4B3mO)NG%S-q)kXetGm@4rBvtJ!5@Hpc=)pptLjpViiz5uOjdXvA{)5 zp=6cgLk|OPM%;T`gWsyUw0e&jUdsUptz_Ss_u9bO!0v61BupeeKAU_ta1(fNw0{fUn{L4=K+syyyT7)u~Dz_;4*^6|1d%PdpcjC0J_knR>fe@mL3@0&o<| z4-~;ljWu~{YGR-P0+ja$gO}<$Xk!?|W_$Q2Nv*38+&n^t4>d^X35grWI9e>uT&N2w z0}|t=#7H<`pn#W20ra9m(}vyy84f^i#k*2Pyd?GyKiJ!3LLUHzFG<$NX`LrR8c*S* z`Me1ZyeJ80%vkljL+5BG@$^eR)M&<#n8xd zX)B3ar$@PEZt-0;u5}; zZ^&Kd#tn$K%PW4Hi$i36l}BnUsFmBxH3r$eLl}aABlKoQ4hGX~769v}JdcD8ff+hhISN+E^-U5;8KG=f%78#IwM0JsoWx=|_Gp%}m zdwuS*eCBy!tLmKclV_fYKKIDEO;KlsQt*8f;s)#m4&ITXSlWjZv%CN?W;=sYoFZow zHg5kGWmRo+aiA#2-;x_l1GpbJV7d?iZ69NPkk^{H)y@`tZn^k+g7UsOYk0dDGUtY7 zzj;m>h4HRxJZ(y0!+!OX48>so@lIMQ(Yom3SVzp)*{aX((|$S zaZW}#B~BW?P|v!cb-Ua$%^IN%;G3p?NC&%TUHVb4n=3||qNte*_OgXj^G4oDb4&ti zVhh;af{?xSUe(B5KwT%|$c*eA3~jtomX`I-#sFL=>Iem0X)mAw5qYCbO2;m7kTNt& zYEeXlLD_>c*QzkB)2SMQ{YPg?aj;fM?Z>_mQy^4!Zs{vse`SqQ7>y7<<_x(Jyc3LF zUXAOi1SZ3T{Q+P?_+=b~=6ee>-m}Bz6Om87#+qlBUbYLND+LXZHFZ-x%veaBBUG1DLjF6EW{-R=Zh;?tk6|yRdEu*ur4Dvzy-LaiffHUWJ~AQ-1QM%t)-mUn z=HLk^Osi$NWDh=1jzEsK#89Q^rb=nwmvqHuCny=pc2c0to|@{0t`kGpi~EXfqi(#* zhC0RT*WrJPd_T24#Y?40bm^%zeh~Hxz-`~XC|V-f`c(F`WB0kO*z?8bjTPAspWFWv1ld=xH8j!!4!!(C-Aj zY#wil5-!u`!ov!Ep+i1(hWJnv`S$>14U5Z{H2_>l?UM*%RlTLYr?-+P08ar8gD8+7 z?)Q_Dy}l;_oBW`9;>ZJ9QL?veqh5^V<)+Wf&!e^8Xsw9)P8-~l^Lt`h7d=RMz7Je$ds*;5m+#Dr!Cmpb<)bxz4$M&3aDS$?BOc}6XG++jyZxKg>rt;Y@S z!d2_pa$NH+ym%C{@!7dpWxwC8kpJ%ZSi}M6WXq@L79a5?9~>Jlb4!ui6a^sWLM^gb zPI2Dat32y4khESTrb1aX?yw4sA2;y(Rn>TTM`7UG48{e6g6 z``sG9xkrejV+Je?8!LFtgf_#qfwODkhA=K|RyL&qp%DJ^L3g66$)wy zv*f>rK_#ZTvswWD>?bSvwmNAvMy_&#gE3kb7wYk<{Wa9no=R+}2W6xlraKA(KOoL? zpyCK1tU&13SGRagt{tJGN3Nd1$E@Jp5ZTTCsOA2emQ02bn~s*QCLW_gsF06AqV>@a zE8!#cWYtyVA`|TiX5L|Rt-~w+D6hElAkO$$sb4KY;laHa zxp(WA&Y@%E_02`jL&gcK;M}cki6j)-9}I%lXLD&oUq-v_N zu*9M<9tk2Aw!CrYse_de*lXK8HX&{7*!^A`GjcYWt-&m~>H~J$#J!!(r_%T%s4yF8 z%G!0{Nwn^gkk=t4#2BoLwQg2Gq934BGp>-Ge1xZ(ephWbu#apjiY1Fg$TJKeCbDXC zqR{c{yvBSE6EEW~OA|B5#I>nRyj;#1^WduYxV@!9>C#fu{z(mwl}(JnxOk`#MA$E@ z(ho~A@Y8HGqGoW|*8eq>{4somSk_R^-VKXGo1QH5!jS>-&rw@ZL#HDon?;r}aa4CE z#v+Ny%8%LAa5K0hzWPuBt*87$Y{ixtMXxJ3>U#hXgNL2eXdxcrrTq@;cs+>~^wCj1 z+ZtB?Y?}i~Lps7o=A(p?7G;-n8Q4QPJl&7C`t{+X7Orm%+TemVOh*=4?Az3MY~qT@ z#y{YNzr1<;W9V#8es*-o*{rQCeQe^EFH|L=y!a_DXK%Kqgs-pDbDl}not=u! zowZf%)Z%sDw@8^x=$C|UGB#tajH3z6mt@K84oGOTtb|b8OKPg~tYb_HgLvNnoZ!D} zFGl}u{X(9KDA2#AyjC|ri)Rv0;<(WwZ}++TA4a%5Xs=2?B6tgk?SMyCeS$dBU8NhR ztvYSw-)ZeXf5r6#Z(@}uIVCRG0t5tFHrncEj&YxDJ+=Uq8#}4nvSc6!|)~NtK=n_B25}zHg7pv;v2^VWpbk25=Y6{moI@Z z((5YalO@f=aCcUXhaxPg?ZwEO3JWqDOAB&x9A3(d>LI zP809j=Y9l#-SthB@}j^H<1t)TvO(|>j5jp|PvR`_^GuXHSfRvpZXciILL*zGWK1df z#+a(_9b?DDdE+hiJ&n7Sq-7MF;KOU|MM4@A?sb$c#=qN{&OxpWq}>lg=Cu4y06 zGSsf*^FUH_*ym(RbG_$-FRcyV7+A>E(iyWyRq?F6ljt_v@;@qtZs#e^%WOrt?dd<~ z%xwgq>dD4KW{7r+R|#!QW~Sga9SOECm~C2azObFiJAyQLQ0&YgF;%Y3j`Pd-XUr%9 z9=2$rKoYr{1w%rtmfjUYvHdni?D9o#IT~VPuc9LjYcf*tEmC|kr%1b)8;|&ozViHB zq8a&?45{JZ8B1R`dxO6+biPLf3qfas&i~h1X5?;7Z!7JchO*4#GpZ!Qbh!3rOLU@BDe6%zh z(7p8hmuN0W5MTQcyKIinkn>n`*bA9<#uMI1**=u$b5bc`kP$1>L8VX2Ca&PfH6^>q znm5YDP!HX#quf)uOZu1}-0$szqchF1u%;IB##X>)>^=Eid|5Vs2d^1chj6=Gr?1{Len@V8v;K3utpNuX8iNfwxgs$%O~8pMsIr)rgKRM1_PVt2aen9Sm_M8f6ec#0z8S-}#X<`*!_y*JV$#wqvk zWotbZGBXu@n=g_k1&!g;>m3~Xa96nk28QdT`dWD&-{*qv6xUa6YZUE3f0X2&kJ4Nbcb+znq%CNqhuR z%EgngPSiU3j%qrgg7O6v#zaisf}D$}FJf17ymmnRp}}BnvJB_k4m=KJ3ZV43AWw&8 z7DM1M8#KSY3iu|oy=MESqa66HMIb91k8m1F7f~r!aze^;(A;W{ohzY>3wD(0k|M(h zb#r5HL{S78213iV$=J1Zf{Ha`Zt#NnzMMw=3QOl{_g}_xR zdAC{e!XuT+Xyn*PKGaC16`9TtwAvwBf@gjaDTA8_U47u>KfPOyw zYWsElRD3lp&DblN(Wjr7K7V2p^Bl44i7(eE!-Tevq#ZjVl)exAO|rWYtg8rn*jc;S zwEZZ3m)^4>S&Ybb65emZ0w+Ai$F77ycM0`btwjiy=({=+4hZILDfW&F?R}UssX{{&ZXK1e5CG zNjHrP)l=vg!4ooWdB}cJu3Z@>*9-ANFp%lSH5t?muI_V$Y4q?w&p`H4j`qu;VF`~|^1p(P z)0}BHw6ej<&WL@!Z4a^$Slv$epNjznl=PpkegFk&o*WxpIIZIUX8xHQY>KcLUCr@y zkX3=KF1}L(`WSK)*^trzsRY!JiOB*SD$M=dH)8|Z(w@Ij!xNQuHoiU{8c-V8C;I}l zccOO)l?KE^P1D(V`#w-$tJ8i%*bp>JEbjZ*O;19Fy(t}CAnDeZ4+#3l+qD6$xH6h0 z2Dl2O6r@48CEtpZ#bwU8GT4T5W`W!cQj^b4ppw)USo9!WZ6qO>6{`)AKL-MIf1-?H zVDyj~aVkze^BAdtCaj%{^WFLMmauRn4wo669TGAO3B1jGrzHWzAKsFVxq?3RQ&XaL z!od$ch(0)>!Tq%?EUIs1sVTtp-`P0EC$h;-MYPa$*I*d@puK__Enkk*&}!kbU|K$q zX|Q4zig?)B{PW(n=?$1T6AJ-7uQ+qLWbj1VOya;(i6zflV0OCAU(4?ZG($3!c+(2b?a%jn|BS(jyPM+Q*I>q<0wlH<;} zY?cqg^T{~ItuCnKbPP_Suc4lcdRVEnyQWv5(x*6>y-L7jZar_Qp8?v@n|pG=I|meS zy=m5S1qY;8C@a&0*TV{Ti0mec=dOd{cnfF>i_{`9)tW?A^io(wcbrgk zgNFOmz=-5+U!Fe$nc5YXe1_izfr7cyQ>>?e=2jTE4|hm`f`Oc=xaVLQ6>5&dEuIid zs#T0IN1sQ!&5}Mn0ly}iSUv`smP+rXh#3-6+F=U>qQJPlmhS_(Rh|tLeNiM}f$aFpuBs0}ybsx(|X~T}nId-5&Sqymq%% z5TlLwkqZR%fy1pX7xE%t;0U%5egotW7DQm)7g{%DI==)N!*-3weRGL~iS7dzJBN)g zi$MiG)_kSp^2aAKCQ&oafW*Uv#6glb$I9NpNZ5|#6DU9H%$;OI$zj$cFFN)~E&S&;A1E*ZWOrOM9dAym6FgM|Mi1xSi&8^amc^qvMzN={Qh~~`mBiw)#kZGPR(bF zmes!67t7uG0ppl9EB$i4nOsB*x&Wjj0K#q+xBy|DEiM=T2BU~@`2IIu#nmEy+To?M zeHHeadt{ZQ*lielg{C!n!mkc6hb1B35c#Ih?~_&GVezy;7A?2ir)M2pF|Y^9;bD+q z6=n`H%NNKMJ6Dh!jEi1?=q4BLBSivVkdF_!bP|t5bPOLqVjrlVfbmMFNCO7AhXOix zguq;HXaNr1xDF%~KXJp?RoTF~+o5=U2GWONNk~|7i3yUqBW!gaS~1SpO1>%M^;dT8Y0G zzB_e=WgKU`OUXc zEX$DTQTpsg!Yhx-8l_y{Yp8xEX~K3S>)_X$7u(HVMAlR?q)YT8=Zo8W8UQJ35jcJJC*%j>u_!Gt;5Fw{9y*X$>_5oY=Pjr$R72%m3DSBlXp%a z*#0q!mQF~S`v&VUx6k|wK)+K0yQ#)}e?DHu#F0ryVJwmVamfcgYvS=o0QO`ue} z2tFCn+nZjjSu$O~o34j+A1S)UU30pSI=o#SFI|2=bZNLQNy1rg{l)ie`$`gT;L-2n z9B(o#j^d?C05RLPss!&Y73fH{-_zBt^UFuX0c#1lh!@Z`T!+|eu%J9=$0pmD;LVwH z+u$?cz>l)X7(_CW7b4Ba7a$A7@9V+mE32<1x>|)+<4>GEOUbSTC`5&U>}LcDDjOpj>Mx9pMc-?~k4aOdt!$3(xwu1Xq##rU@NPXQl4PLyt|Er{m zVJ7fDOsH0gBzQs*O}k5;S?)O`M?b5g$}|Q(lT8A7;_U=g=cz_Dfpf1RBwv4w1bgk> z)T>)C+;0W7nEyuHX1sNzPXp_% z56bLGQjXivC(jo_+uanKiMY<(M1u%s-VpP(*p}3xV*8kjE)Qh99|HQ4{60yQO)6XM zJP=Yo)TMN!%60k&hk-Qvl=p=@V znYXreEvrN;A@N3axzI35R_gMm77Bafp5o_8P%76au#vVFGvCCEZF1er0f{qX$sz+1 zy4$^XSquxKAhOMj<`|9FEIaveR)P^?49vxRHx$1BJ#@YyN}dT0_hm?MG+B`w#FlAS zUL{^r-QByDl0k*GMj6jJf?QORLF_!^C5Z?MFZ;(NcJKPcqGBNarO||lo~HOTa5tT; z_MM??rBOmXj#J_}f|%!mg%=GRv2P(1thW+0dUWpm7}N#7kfp|aG?7a$o>g__O4+h# z6M+!hF^~^pM*fs!GV@aA!vhs`I@&|))-A?VBb({fsa)0TjIU2O_ummLa%tBHEc+sV zXT)ri0{;#8V8FD*;nl;MnLJm0WlZ)Nxuv7Gp#hIi)e#}=pJvFPvJEdJMeKOk1XBS} zpi6B^3=)kUzB+*T^DQR|4}(RbZyuODntl~U|1vX`MX?us;w-2^hR;v{x0~*Y;K0|E3>(Vq;c+8o$~+H*>^@Y z)wJz~61wzWLs6=9kw`>}6p`MgOA!^2qCltug7gris1MRR0wGA1P(+ZRD0Yen0Rl=7 zy~CM2=Y7{Y-#Y(3{*jgJ%%1E$bKh6nFUCB-@#J|9p|L@Wd(wkwrALTeorpW%OEP(3 zYoCwd@CO8qF|1c2!nUF;Enm}iwQZAGI^d!99DO%DEdFk5WU(YM7ST@pDDD3~tG^&+ z;nugGCSH@Yo9-u*^*$PdPtISL%ZU8&_`LF6{B3yHRvA%Y3!U~%RcHHSD_ATSyVVJ{ z%&9ARt=IEt{K_}4=a&bi8(FRm9(-NzM>Wo5aamRd3T>ZTUl{n{dC<2Ibg~>axUR*# zaI(R;2!H^kbU{@k)Nz1u(A?nJoaom;D+qT8a25RdrXYkU7aN)m_!2Ku)zyqHaayJp-5F#gaJl7lVqGV? zodvCRxD5o~3}}~web9NOv-Pz-O_134yWeOYcE@W?mY7~2JKnxm?eMb3y2?^pSk}>U z^}~b0yMmLJ)sf}p*82m{7$>Y}x!fW0xtv3*;mOe~3ztK?f|dTA$&(vn-4TVg$IJKm z_U5(je60!8LJ!+3>dxb?*i8!VRp9m(Q!VR4F5GAhavqxU`H7Jh`01NO5th4rqg=n5 zpVCYK9aTO6xt1qiH)OAP*#a#x@z9*#=AK-gMsx1tj{;RE72Ov*n-)ingcS~-9YxQD z-WjRtw8mJOEM9zxiRp?M5Z-?R4mMJyYl*ndLt18k#b>sv%k>#FKuzvSF`LV^!~=#S5Eh==Iftvd`6p6wm-b3 zUFM>fVlT+td(E6^3XeW&dr!$L^{P+-|H#iDl>7`WhOZMO?1BBxwi*)fnTGZOA(J)_ z{sr8L8%YNz!timm@&2QMU`*FRjjGR2GBifqVV)#N6uM{ali7$yT0is=bZVW6>?+B*AMTl%wZcdq%ng1B>a+E zwJgSr_nfy`VUEn%n)k0(@;-cc>%vU8!J@gZrB?r2D&O%zW}wQun$IbxQ&GCIS0Y2N zYDbMvgj#pce|(|v_TWsG0!yUy!q>|5%ughIUejH%mDepfJ`Y{9lKs2R`aH$ttgoS- zBKCu1(Ia=993Ptr)-P@^jhp43caqQR`dv0Y{wgX1;nb!z7a^A?;)xmf83k_Wcc0UOi4!+oa@@jGegnia<76CV!B%tM7}vU2-*<{k`lvwqvd5$C29nz7gsx zbVz~cl!0avs|SF3caIV9o$oW(W_A+~Wm-*cYLiko&B&^z`)GfIE=cxA$luPmv1ZD( zS$wF0=bPFL8$4t>OS{x1YuIjLBNuFV%lC2$>*f57`Q`tZ7Irj`j#a+gFrIeK#XDQ_ zxBALq(gmx|5Px-zpUW~ZvA{I9o^3a|=hR)Syma3Fl@H6$SFQex! z(+52c)XCF~)naaoQuS!bj%f59>OJTF1QLX0*Yi3!T2PwOznT^~cvLQPqMLov>@OHuzPx!p2SXM3z{AcsGW8X>D?(PAYJNE+L;{m&^{U2nC%t9$J1ZH}F28ST zbNLy3muzj%JD)9#ZnyqDAT@U1i>1o0dECY(jc1O~^=Mr61$=drS7{|!7d_#h>1#F zXHr_v5M8mCfJ_;k_*ltBh>l2C-b1B#XS}AGArEqk&S2~Blyl8UwS2Jb&#YT@c}C5b zeh~AVr|?V1i66d?SxGpeeCgwGF8$#$f)xJ9&Bq@XMa_!>D4w?ysi0T;DzJnkMZ6hL zbjtQ_zGLWqAO4kL^FYm1%C}G-$<$j4PZ<9wy#EfjlGtAvoQ;_X#eN&vSdTqg!gS@f zocT5QZM!h{b@~!M8*4T9xl6Y(a#I=lcQIoG9SPmIHlpe5wK!V6ar|b@>m%w%&8dRs z$n}QLjx~|e&y~Ydhzi-RVH>equQz^i@$Jp{D0?ou4L;YXghg&G^qS4Rq{@@E)q_t5cQq!j6Eqo$y3T?sGdWi9%IVgunb&yy!p3a7$XqO~2znCJDRI{5 zsku$7?}SWgVp=YTfvF*C0{-2h=WT+pt;_CKvWn-ML`LF>YqU*AG))FyS;#NyuZ#sV zNp=SKf4qE%i)#<*aG|$p{jZn@))=5p0HU$G_$#l{tk8CHF;$_fDkM}QdrUzTO?#I` z^a`@a@FnB#^`4%Q#0E#2NhJd6*=1oFuw8F;o}xu{ze}!=&^_LN(`J6j;~sj9FmPLE zo^Uf__VlZNB*0o70%<1|p7FL*bqH-c2eIQzCwbKvS)F0tB*f%`KKj>@Bk%kQ{f1(~ zrd#u0%68f_RUU?9$hXe_5g8P#oXmuU)_BP+^Jw2I9_9DfL;G-kn=@epQ3yq-RSx1M z>!z+VaTDPm^TQ3|CaQC>4X)Jf3GO~PF70{?<8LNo9S{R_o?6i_{v-`x=xQA!**^SD z8RW|%s2PbID(2JmBRY|7ngkVp`Y2IN(WSl09KE=DphT26Js5L4pT_yx&^1+amSrbR z@_MeZ%>Zq7;FhpRx;{Tdk}GcF+Ruh+h5vLYhF>LG&&j23a2_o z%8EU`q-lRxfj#35J6X6J$VwOHkd~EO+_JzDG!;F28Yt22IrwBTCNqnH%yW!>eVVs% zGH>zZyl(X1i+Kvi@SeQK^*!xVsKJFomTP&+t*8o(c522A*XVscFJtN#6z(r_uckO~ zdYbnQqyOO!3kKTYGSk3=%A5;`AiQ)0igN4;Ld~jp0SmUITqP6r>^j=_bW=;hM@@; zyB0{2mM3rcEfud1q8G;l13`B=X!hdM)yV))&iFs6iZrlP@l*9?P-|R&{vV7c!Tc!8 zgAYa2+1;0HQogt0d6+SmfH8cL?gYR!)XDXv7D$pLO%Q^KkUl%w{hvu0 zeR_fRO0GChcMk5kaOR<TQ<1k|)?h&Y;MB4zV^SsF$X&QjIt~kqvr0{KTQ5Ec? zI0T4Cb6J%C;v=;;J&p2pjfk}b2D1rs7TAEnS#(EVD=asiHJM_AQ`%BWL0}Syta2ka zKVFof{|QnWJOPLk_d=B}3#QF=l7}`xEhkr{#vSrL9H5#W#d;_)mOxYx$9r0<9iz!t z?bG=$SPH{?HB4pdY1^~f&JbbfFAnGGaI=FYsg@u8h)*F*JX?>cEywynRqH14~d612Ga#eIwnS`ltZH7 z(?3K7gxyQ!cBEM4@PMGKZR7%tzn)2?4PCXr%B>+OE?HY^$bhX@yc4Ne)YH=G)h!ca zhZ~XQ0~hs$@!|%?g3sBo=-2N34BIyuCK6$--qECbQ@fsbZ9KR@q|2TItIJp>N1jXj zWsY<9XsSv3Y}JrDLPR0ZJ6q=81AcDbiMD@*UocdHv6hH1F0-Dyh=qnoH|I9OFtdgi zx!2bP5bJ`!?vn?qptcrQEPa|xC5>S`+`kGzw)C})pAhgpN9P%-yK zp16sRKRu>qr6B%-v{xVjJp$cL_Hu7mX^)nHL@F)k{v^^A@HF?&rLR&<6X>}|0`9U% zQed+vDxs3b&x%4cn1n8=-l91FI%no@XBl7>&iVw&1#&8Cncf+a>Cuya#h~A)sV#gh zc&udwP&6%hF+vSm;DD5wVT@#YWaV2yXbbrpF4cue3V;{-ho8Xmh$(YTE}5oH|1nv^$n|nb{c-t`9!iztscdl2_*L;Qx>Rxr987 z-)?7jzSIH^)IHG5|(8kc;rkjP8}rrlYd9aNG_q z8(8Ffz@c|OGRIA5u7r8Z5TpSgb2xMjNE9xw8AB0d+fE@IfHF;g@~dMi$Qs?T@G$Xc@i?V|r~BG|Fkdp@Bo>D} z9s#a-z#h`g%Ed=KWJFR-v0NK<6z>(H$Smix&iJ0Kw|7;oe`}^2TPbI zAm>Bc1=sey&e865$O?aPN8=c9)qL>5bn1)xk~uQ%2b0Rm405hrPOn4Pn~jXKy00)`~8Bc+nrtB~bUQ6O_cgKQrC3J%|#|K=v(%A=v02YFy6Bayk!SxoS^P4SF(eWdGxtlFi(3uF>v?-JJ4H_Gk$JIBvh%0H2yKdtwJ;dIQ}J49Boi4$hLF8Ak8It6{99%M#3l6>Es=C&2-e^S zt#o*N%wQA?TxZw5l<3U?2M7IP_*5!bFC>A;I%j$8Rie{VuBwmm5uJL#a9K6~9kdU_f5pbV1@92L#Tp{13UzsS9K64T>GlN9hGHAeObRL*JV+do z29ZxjFJ23?R6nlel2s?mA;)%ZuCZIdEMb)->mCzu1N<8!VLgB72@vkD zVwwd@AUqmE?sOqZ&#jK6tV>g(g$yrS#+NWFM4QgI2nyk-}Q)3O`oMmbNI_>}Qv>l*NMd3}{z zGU?TDAYUz+pK!48|IpUh!1us@79h)gDa93#0R8ir2dE;q51YiF}y zNv)-nSa4*xXo+^L6m1x_aQYWTA176P$+$=$bYGn1kpk304jJ%1b?uJsMC=o@7EgDV z$4Z~XLS+CV+d^jI)cnRJK;Thure5vRB5-FFZLLhS-^X3d*Nl2?3&PU z*A^DF8LRc+3{WN~8dYds22nWb<#vUdQQuEbLBUf`y$^6@ve_DiJ-)8cDFH67Csee| zeG43#6i7hS4ZeWir~bn_;Q}gEM@5E%41aBAepUQN=1f869!>dl=B!2uNIU6>1O@wD zUl6I44Qh!h|8#!g{iZwLJoiY`8-U3fBvWgEVeCSH_?4NZOde^=t46tU)r(>S2m70U za#~UOmw<UatmQE-)MFhwrY|HG%c`+0Z{1u9JNe>=id_N3jo9#xIcRE;0vOW44E}2>1=$ zYQ-nvpg{>jJ%I)W`wKq<(-aELhqjwd@;#k)UipErTPuJQ>edR>Xh6%C@iT!4J6s>|RX zApGAhzC-jL2qt?y!8v{a82;SnVqKXs6(IDi2DXOx2S`A#jNBBnWus9r(?LPhM;u#3B zXN*#Syu*Zl-dY~BnvC2u*^aVHgNoLJlHU-78gYGIkBQ}OYyHNkz50L=`>=w1DNa*R z&XW$Nv6P08h*a+LocL)a;Mml&tT3*|`5}oAg(8m_900o;A1qjsS!!!wf;wgj&~uDo zBcz9D0tfAO5t*XQemYUCODpZ#g_{7uOMzR^Bg)?wHPNlWgcT*r1%*%Y$l1flG%7zw z4;?RM6GZG?>RLJA9jBh0GvN69+Zy3WDo@(aMRh>>e1e<`Fn zf#qEStqoZ7ZCs0ZR)HlNDvan_VQ_{--$vmj`Q;m-Ug6Kbao}T*(IgNp(h`oMVe|^wGKjm#`9pFkS4bfC!$gM%!0# z?zwk?1=b%qZ9jB@fm`Q`LOg=?>A)j;VYulOhm{nd12f~ zNrZIZGT?@WQY|A1H-|`g7GVT0I~mIOyWhuQR`r>YyEq>#OqGsF$13G9-?UxIjkua& z$#GCTXdwq;1Y`7hXCAR=nin(o@om;7PaFa3V;+ehX?O?f0In? z;wCuHy|8%RF-`UB4Ffu{rW@-6E#}f<#NOpZ#@atq0bP|OH z454&w)aFrZp+%{FwaEV2XBpd2#Jl2Bk0!JoC^v8zrEi(JDJyLn*qp|ZC3BjEHo3u>C1L<8 zG~5j{V+=yMEs36p4E(ZauwjiD#@Y!Oj0B4Kp1Jy_AXs9$SM!1It}cpK{4&P>P~8X! z2z-9fv~1n%5Meloe`_$RmV7+dc4Y_SaVXJZI%Cd(8ktp^;9&?JThw9y6(Jc730NaLt7-0Go5N`RENYT(wc@+e!oq%?_rK^W2Em$ zqtZh@6Agwi>+r#EPq-ht9q{qvFGTRYd4L`nEsHVmUEx9tyn<9a07vaN6rPsSO^lji zm=8A55sJA~>_GQypPq1Zyv&<`Mg+HVV*?b4qt~2fv~%Yr`#F5)IjVtK z8z_!BX!MMRCLuwbhS}|nie98Z3^n!ok0Ma{JN0*P$N;M#o+_B_l6KoW!<7^Xd!#+2 z_8l`@qz~uFezfuUuFE=r$PL`jH^tI2>BuH!mSRQ&A1R5_pkCvR{+<@!LC~=>4$xj; zomUc8#XBV>^0KG%iIi$ZiSKs!hdX12BH|`wbBXFRQZZ=C5IMJXmcoOe`)_#78{U=z zO^-}jY{K*X+CioOu7z9tGsPsOX@_HtMG7re3N^a}hj@18y)l)p`VClasT zpvAx<80a0TO)Ct?-R#Tz!tK5W#?7MFqoFS!jGW(l&ldfdSJi#o9tKqpWC50x0!7Qu zCH}X0Zi>jE#4af4NRIXcy6`7Qkar_G&s@5Dmf~M{umvcwiy=L)XbGqPa6dD-!t5#edl}_9Bx%-!wB(U;xF| z!%yhn)n+p=&_E*HEZ9>^NS~&U#eS~1HWVczHNUR8|6y$5a(`Ktd0&X-Owah}e3Ct! z`}}%C&#EB8zQGEr6oG)H=^0No;gF+lj$-3I%zRpiuFG5Z3V8IV=z|pOGd+?@A+W@_ ze$}bdN^9$$RM2y}G~Lb4pcj@t*$ba0eOmW3IJ#L(=>kxl-GB5-BN0idRO2yi{!WO` z-3IMWxh#d#Z}5hu|LV-|W>M0IO|FM6ss(4YmQy+aK&1Ko;JamO*fV>i;>akRW-^Z< zz7%M+QFm)+)uB4;Eqn^0FZM@8v%vSBgL(!Za?xEl5n9~d$v}gEMS39Nz5n>CX)Im6 z@4lK4Dp4qfRsx=g2RCy#FWzr51!olckKSlu5$ETHYfGf%M~kWoC6sIc z2gyJ;jQ`_BLZGrUll%ro&Xtd-rH+}$gVPb0Q_LHAsU^|ro$t~$Y4NHVFHJ}vxS%cE z&exlJL6&s^8B+FZM2|&gy)Oef0$1QxqcbOtdgg1+?+-##mIo5+BBiN@( zJc}t!fo>V3<&9pEVJ)Pb9QD=ybr+0#L_#9(->gUbikPWKFJP_4VgA39n2TGN7q-4U zd+vX0@scx7=|k#vN4fs!f3pw&|7^v@g=ke=JM7ui_9{|zd3=_K;F#S zm$Fy>AWd9e3CQqqRp4~=UWP{+t5*1bxYiwg%-;F4jQ}*tiaOhzQ|?JEZn4ab`9WK9H*IBzV!8m=kq+@H_;3L4gSKjST1j&$*DuY^(ziku2!?dIkHdXTyXYa%c?jz z0pOAm2mmez^QQ#!|5B0wu!*a0grLQIkZ7Rdj6N{axp79)=Iu;}KySWek-N02wbx0(I>ZvTN0c9M42W!^B!v2gSd%d3g?`BZa0)h&{OKa^effm$*l|wzGun7+hfh- zN3@W8^zq+u4QU#egIEOebs2#b1aZ51#>G&iKOR|Y1aM-qv%t@?QS@Io6o``-AU+6N zdCrBC1$SA!WzQHaG$(sm4*c__GDZdW@sz6a4=Vmc`Gh(I{9V&Cy;`s17WaPu2g_dT literal 0 HcmV?d00001 diff --git a/wiki/Tutorials/Sshuttle/index.md b/wiki/Tutorials/Sshuttle/index.md index 66897c3f..ca874cc8 100644 --- a/wiki/Tutorials/Sshuttle/index.md +++ b/wiki/Tutorials/Sshuttle/index.md @@ -32,3 +32,8 @@ For Fedora: For Mac (via brew): `brew install sshuttle` + +### Sshuttle overview + +![sshuttle_overview](images/sshuttle.drawio.png) + From cf7acce9f0a1f0dc40a3316d436097926e9aedc7 Mon Sep 17 00:00:00 2001 From: Alex Walender Date: Tue, 28 Nov 2023 10:29:16 +0100 Subject: [PATCH 3/6] sshuttle process explained --- wiki/Tutorials/Sshuttle/index.md | 40 ++++++++++++++++++++++++++++---- 1 file changed, 36 insertions(+), 4 deletions(-) diff --git a/wiki/Tutorials/Sshuttle/index.md b/wiki/Tutorials/Sshuttle/index.md index ca874cc8..c689c558 100644 --- a/wiki/Tutorials/Sshuttle/index.md +++ b/wiki/Tutorials/Sshuttle/index.md @@ -1,6 +1,6 @@ # Sshuttle Tutorial -### Quick Introduction +## Quick Introduction [Sshuttle](https://github.com/sshuttle/sshuttle) is a small application, which sets up a transparent proxy/VPN connection to a remote and private network. This can also @@ -8,14 +8,14 @@ include a private network in an OpenStack-Project. It enables a secure and direct way to access a private network from a local client, like a laptop. -### Requirements +## Requirements * Linux or Mac based System. Windows is currently not supported. * An OpenStack-Project * One running instance, which holds a FloatingIP-Address * SSH-Access to that instance -### Installing sshuttle +## Installing sshuttle There is support for various Linux distributions as well as Mac. The [project](https://github.com/sshuttle/sshuttle) includes installation @@ -33,7 +33,39 @@ For Mac (via brew): `brew install sshuttle` -### Sshuttle overview +## Sshuttle overview ![sshuttle_overview](images/sshuttle.drawio.png) +In this example, `sshuttle` is connected to a single instance in the project +which holds an externally reachable FloatingIP. This instance acts as a +forwarder. + +When the `sshuttle` tunnel is established, it intercepts all traffic designated +for the private network of an OpenStack-Project and sends it to the instance with a +FloatingIP. Afterwards, the request is finally forwarded to the target instance. + +In effect, it seems like the local client is part of the private network. +The process of intercepting and forwarding traffic is hidden in the background. +This enables a secure way of interacting with all instances via a secure SSH-Tunnel, +therefore there is no need to open additional ports in a Security Group and expose +possible unsecure services onto the internet. + +In this given example, the `sshuttle`-Tunnel is created on a local client (ex. Laptop): + +```bash +sshuttle -r ubuntu@129.70.51.160 192.168.199.0/24 +c : Connected to server. +``` + +Afterwards, you can open a new terminal on your local client and directly access all instances +in your private network. Don't close the session where the `sshuttle`-Process has been established. + +The components in the command explained: + +* `sshuttle -r` indicates to connect to a remote instance. +* `ubuntu@129.70.51.160` is the remote user followed by the FloatingIP address, similar to a regular SSH-Connection. +* `192.168.199.0/24` describes the private network in your OpenStack-Project on which `sshuttle` will react to and forward the traffic to the instance with the FloatingIP. + +If you a are struggling to find the definition of your private network, you can look it up +in the OpenStack Dashboard. \ No newline at end of file From 5ae48bd92b80392ab486db1ec92966a6f2ef9130 Mon Sep 17 00:00:00 2001 From: Alex Walender Date: Tue, 28 Nov 2023 10:36:44 +0100 Subject: [PATCH 4/6] more gfx --- wiki/Tutorials/Sshuttle/images/privsubnet.png | Bin 0 -> 58883 bytes wiki/Tutorials/Sshuttle/index.md | 13 ++++++++++++- 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 wiki/Tutorials/Sshuttle/images/privsubnet.png diff --git a/wiki/Tutorials/Sshuttle/images/privsubnet.png b/wiki/Tutorials/Sshuttle/images/privsubnet.png new file mode 100644 index 0000000000000000000000000000000000000000..db4a80fae3b03b5140d259bd230b1cc51a21eb84 GIT binary patch literal 58883 zcmbrlQ*@nCw?7;;R+Gj~gT}Vq*tTukNz>Ri8{1}MW5>4b{CE1k=i<9N-#8b0>@^8|zqy_;ITW&~Fi2a{G z&_pUk91svf5OHAvB{!YZHBYSsIYGOLCZ0RDD64WAh9pJi1HYsV>%?!fcQ9H@wEMSS`B zgt{Cm)ke-HCItZTzv;0B^S=aL-0c-)bd_3>?Y%0CIwR@Lr%a4gwxvy*?e+%46%-e* ztjt-kWMyUDuW)d1?C$Q`J>QyhIvw(dBI3!F&ELO=xHQi(HoG#Dpv`zFS(inghwSmP zV7cdCn`ZV+R!*&f;OcC|X}Jv|nKV>cIVLzXyifi|BG@Xx*_YYj5MAql%e+5Zfl?C` zNT$`!m_Wgd6#ZPbz&4Ntr^6}#%S*ex+(=Q^KE^t^SwbywEPCwtb4cn==nd8GQkfB* ze+2E>9@W7DD*FdGLzn){TL4#4q1jX$_{op5oiYEi&kmbupzb%JGOJt2|4-A<(P^=D^QbvcC`K3o#= zO@#0Kknf;=WUpB8{Ai@;lV(8hKeaI92F|t3+2|KV19A@VvuoSx9%MbK_WkhjY>_vt z6t^pA(^tRsswNS0jz<>Z@tv%$ zwgb|Ja_*r_zJ-G8pR~_yn(&aFNcX6pUcqppRk{{H{T7A-O$}aCS*o9H_$p@-6PS$q zQn6ilY7=M%oUM9F88UI0e*jexWGYt(N@VivWGWXNsGQ%>&{!<^f%c%0W~do$$EL%! zxvnmoV|Wl@UM|H%$z@Rpi#?z@I)qxPaL-J=^Jjicy**w^5%;EXg6v#IFpMFUdCm7N*-ppV^KKQsGgF$mcUD}P#1d3pKB4(n~6v9;r<4Id6%Y2!zRX0{B6 zrgu+G1v+rz0B( z--{fkf*`hvUEbzfL?^E*PS_W^`0USco@)lQ$KjdnmVjcmzbH}VpGr(v}RVC*i=_R-jDjHAH? zF)}sHpFNtgXh0NGGG)dtqK547I4HZhX|rr|-Faqtd7!?7Je{1Q~H#(nE<6C5ii)1TS}rsD2A< z18YF;q^$8=ANCJflZju^FloHs-m>tF_A&Cvf4$R9m>95)24Z!s{mnxoh;crH*ELMZD(d~0JdH>)l6kH2RMlLgeW__Wc- zh03jWQv9tK@-ym*T8j&kd2&RG61JeB7?Zt%ZveNS&<$3-;CTBu9jY|~YU)L#@nGS! zmCh8wU05N!Ck`2J)qa`v(6sh~;dQv-_Gxn112}!`+Yxb+j}vaDcx2;>B7Dcj`;4U# zV=6VM=&*Ef=|Yz;(2TT{tNi2?hbPPZ@k%pVnrMDh9zCWljl?Cm$b^?R9&*@dd<%Cy zP~v*eH+-U(;YI$Oef}C1MI|LA8b@){X7!;7 zA${2 zbz&R)V8$%=vPh(6*NBKl(xl8vLxWG@?C(=nNw!gg(Si!=seO6D=OnZQ1M#*MVmy}A z1fkUAM=gZ(rnL^!7PW1Y-;c)4nD+oy8GMlx?@E1}n-*=EEV z-eaj3Qt;-50liX;)7#0OAySIIdCEClnPFGCxx&rHwG(>}X2gzXxGGuUhC16g!e$YN zE_B9&y2*J@2ROG~1WG1&o-P>lwmQUgWzt4fnS=EYE|+GDR}iUDbDh21 z&K$w>H_3TTA{35i8_|uGUEns9{6kqCkn3)aJh>LAfDf)n^YDeQ&+kgaxX~<&@0~j@ zLA5r0pfg!;q=H}ccHJb%(sXWqsT=`rCKT>3zu8*ji^#cSpS*V_?1=udHE_qHbR?qC zO-p%<9v7}x2(+QP!8jGTdDSc@C>Qa5VlUH8pM3RwioG=my17`2#VM&Qtp0AvYD=B{ zD@3rdGp_qM8lTk11H!1%aJs7&=55pi#gOGtw!(0F12%V1cY{m;JzDSmJ9S zsm}1k%NVF>$D0oPKRJ9Gma#m$&Cj}kkx_mjGlF=(Q0b^_JZ`cqG*BI!O9>8&wGI;U zdb%cnQq{!88NKI9$_JSF98Kqob&Pud4iA5NzSL*NM(BE3yGU4@U+NW*)+{b6E_U4N z4Tfx~UjD(iv}=?;n_V||m{kmGe9KK!`ZAxQqbu`)eGOV7w~;+=VO&>MuTf9=J@`q~ z?j>W=`D=tP6E+{3AA!AL2+H#*BI2PagAUgHs$gnLGgf>kb^}fhEODnNG6DWrQH+^I zboHGnck=`aB8XIQL3>l&?z!#s2B0cqb)_b2J9?1o1CigIg4t=(V1`!FLb;~&HEQr6ZDchZ~LoqVjllmpo@HCnmAwWM@yK)i&EA^23(7eZG3IPBdk?%J2`fWoI>LuLAkz{l=6(n| z6i~Em=6-u+#%u%PBOLTpLn{=T1$`?PtyqHB-L5t&6=Xv!qt>yIqR44n)futT^ida@%=gUeoP?RreD#=cYT^`{c>SvoA0xLI?) zMRJ1o0+S2S!Ti9)*^c2n2S1|PL*ohwtASI7Rw(f*>aCf!IXkTgA87o z;{^kzGAGDNMn{ELKNwCrXN6v*6dddOrLOaJF6687r%K3g=mMAW53i}}z5OkiD{y5H znd{&grTwmI@$*9outR4sq;dG>7F@MIE{3pJd=>;aK(G<8*?59g`D0xyd^aA3uFM|h zsn=XH!q#>+`#~8s2N-yvf6OVGEg-M8I)GHbp8kwU-+{qJ@bO7x(Fjh4&2?U(tRuAG z=P3iYpWVd$#G` zerHgB>O~TSjL^U5cj@eMC-6Q7>TC8M9YF)B-$US^NZ@8>bjzjP=ua;9qUvi~>s zJ1~g!_Vr~VE;)1JS;ogTyPRR`>+6$9rGTjQ_C$v(g35uSGG{(!8_<<-5iDVly*xit zdXy@Z%{v{<1OqcnnQUHfG0+~B38wz*xU=(J%2AfEn~>P|5tYZ*xmsR#R=pLXG$eJjOu@^T$InToXGgL!IUm}?0kLK?MiMcmCsf7>0}0N zXK+Xm;04bhgI9`T^@jTpCg|?viFrrrv+tCH;WwwTI~Cu~MaDKD^L1s7+%XXJh~3ZW zU!=l0spE3chW@srk33y4JNak`#c)EeC7WXgPR9R1G%iVc?h<3;%hKx13TtG+h>~I{ zY}ZIZ)AjQ1Bv4K1F)H#1)5yHg6mj}sSMufQzOwup6Bnj?5eCsB|HiVIv+TIgKfjZs zGqliBO+YEs8}W2HN3_KcO@!?~3feQT4nkT{)KWW4p^dPTyYLOy;>P)YUc;2tYLTPl zPmrm#0!r{gT{yW+MvnW`2i6>#wm2~>R@8p6mDG7ou?u|)3kA$0lPHM1lqK)jyp%zvuQUSt zS$YzNd)Y2iPZh=NAH`S=lZ4bMC05R{S-a736jmGASpqqXmeUEvxl}=itP4V8qPHGs zX)5!h6cHSzQ|`h{>zsZN-vR2JQfiZoZGZeqxu}osJfuv>b+f3J;kP39uwBmi0tMDm z#h?b~)m*bP6A_SP_l9W~ax*B>Z#L2?O>s0tkOBKb3P^>yOreZ52qoOa)9)wn6dNXn z9%jq}Hni1Q9R)T9I8pld-4Wfai?Z_Qpt0#!R9m6tcOnR1q z9Y4IWn-)}0K{slb(PHF@37JU_$kVplDldU-voJj#>oFF=(}0ty7ZWmLGapj48w3!Z zzz+}H7^T~@2kItfFCg6?FKIZ_2$9w>&7(pX|tjzaSTc0dfQ^6$o}ps(+%#w{AR)XRSS}ljIEG zpe7*KfQSlkmz34r;O)qm;+fi_mCfs(-8E%=~--ZZ_npSy&llIoRx1)-jk5=?k)r5@;i}%cK4=K{Xo$D^t~V2Z-{tr-r6x*>{5yp+72n(*AY+)- zAMo@3d>;45Om_p=EgAn==)Dh5>W0Q5f|lgY&KrOwW3S;9R?$s7boy|2xLj$OJHh2VQ+{Yb5DkU0O2ma`Xhz4=5Qh~Pzh_+tA-kYT$%=J$o zElxpSyx*`G>-pc6A)@aWV(zCc;^mYD=t%Vu$h_Zdju##rx2`t6mnR#)6GvK%7i~6|WWE6r_Ixi@Q zA|#vZznZ+yp@OcgJ!O7~Sw<_EQcf?7|f)rvQC z$}29Y@J^PTeJz7MM)xOsaOCAx`Za8ocR9t$`!T`Db%G)d@kWXZO(dLe=ME`QX0CH) z)k)RxUg;sH_-1cqiFrH#l0RCXXmMu!JNzl_faIxkVT62ZM@&Jf%rVS zu<;cs;Z46EV-0j|!#1vkX*AiK)o1)+Z9E}crO^B%-yd6g){0~Icuy8`EWNUNEv9ba z)Er_hcR^_*aC=&0cogrgUV2&x#gMsdDrk_&UI#(d%*Tyc@nzg}FGAny?(%!yhH%luDLj)3qwnuD zHWc#fxq^3U4_oZ-E|!;Yzc&B)Uzx4fEYx#3z~z}{6W)6L6=g~xhWSDaa z>8N~oR1pg`RsMSQiqk$O!JEMvQMi|5gDUWveZWx4qvSgad(2KY;SnctF=pD&ikcSV zHpqu3yARtz3Q~If^u}ID)Y-%bwI6NlQ~6an-E43Y-xe!~tMtU1T!v&0q23#x)U1zl zu44xma?CtZpNE#K?Z(M29fq`mD z(J?@{E6@H_qH6J@#L8(9Fff{7%~x7LMd8{S#otwGo47JjnSl#L3b=|zl+D`|kB*Lj z(59+pM!W3>FA!>Ud%YS09pwxPc=a-9b!{RDocN2RhzJns?I|g{ecGN(e1mN~0EW{0 zp$eoG^m3Lp*Pj-5+P_tJcH8Hms5LVvN4+wD!89{=WIGvA%V8yOscXf6~&^o*tQ}g-g}+5s6&q|1eT2wFfl4+71)R%^%iNT zxW6=)p(Q5yCVGDGST0r?PiFBbBi1ES78V!JwmP3+Lp?fwrhK!riU6+_3rdz}4)ZeK zGr?ag`mFlx3BAXzaq@h;8eb733SO--znfT*+|pJL(O6yH2ts!(XZ|>4B0nb{GV`z=);49Q%N|lm!Ef7D;2BBC?>QZ-x zs4Y?NFII+{H$Jl9Fld)tsbP_js_cpCsg9S?8#+I^p=kCXVj+6BG^#MXrqZ0AuSXX_ z>*?>}E4Avd2H=n}S%>3WU;G*K)ZjQ)MP)O`Z$&Fh&8|l5P><9#<5tvdsC52>Fmao4 zku!opw8c4qkevQOc$W(&I6V+Qv;co!=0@GoJsbHO?y9>f5NS*kPmc?M%-a5C!P3%G1^xnMJp(`FC;E+I)Gz-)Si+qGDZmiEpRJ;0Qsut#V^O6 zZCU071+pik;?*|>iU$Pyfq2#d5GcT{+!`5WZ5+bFLe)benCyp8YGY(n!at!dXr^p5 zgnN+^2BPD@qyswJ=b7RYitdOQYD`%|BPAuRx0wI^3Da$EZS??C#fu-`mVodVU^L#U zioEb!(hnEymP|j8BoVQ>ws_x)+WRY||6;e~@f{ zrXvTTpRwQh>B!&4)S%~TZI&lC0h&_`mf2@F_Dqp#d0ty@VAo)Ti2)S2@zC(_1DkatH#MG+S$RPOQyueSCbpd?k4ACSPgX+S?ORQ&S5J247)8#a$GZdOE)c_h({S z;pp-MWZJQoRE0Hij44q^l%L$q9bEkb$NSIzsPb2j6T_=tNjKEJveabWxjNg~a*bYC zk!{H!s9!~P;FbabeK!w}xU4K2U3e>;4A-NXfx@0nm9o9UquIpqI}>JX3M#6)E_6-y z>W&biKMhD3wqnw%>MjF;u4+fdp66}WJ@x;P_!3io5XqlQPuo>bhiX2Nrq9+U2&diU z{{B|nX%`Nk_kNv~=ntRcIz8hcpntR4lS_)pX{00UwA%s$!i|2$J+)^C*#Xu9b&(GG zb#-UFmWtT|uE41(CB3uyVjDTQccAKwBt<@(6~Ee&Mi&L_1{)EMiVTxL^fUvJS89Sg zGKNfmt)R|DRf5AIm$|u?MnYgy<|Q$yYjNZ0&n*3G$A9k`wleP1PYOa$v!DMU z{Ok|_&E>tV*(;a%KjVI1J{V}=wa*(||I1NZ5eDs?PYu(5DbNj7`Mh3F znzc(eW2sZ{W#K@iv^v}(q)*m&#u;Vb8E7D72d*m3_A#WYYp+~Z|8CYr4hM<+P z2IiEg9}k#VY=*zYb$cFJC`A!lM@%&*zOs7b#S@RRH!+13&?&Sy-I0xJ)PJx2U`O%6 zh#*fw$zOEtQ-8DI&RQjT;71W(iMGG`SStX0)PHxFVn=~giwb6(c+*7@Z;Oi8gr!*) zVe;xVdT!ttoEfHKSAiVT!R=F(r8U{AX1!0Q>CbE%Zb7(Fe;Oc_+P!`@aI;QgBmvf; zCnpLmu;p%RsFMRQ!s{{)|2k1-!U!118Rj$a&E{|FUyT2d=wgqay6W^l@c!Uw4iH%x z#pJd`>*I1)aJffCr_t&6q*1wYu$qrm1Y8NPuWAimm{b_(=a3s8@ai7{Q=6yPK#Y7I z3a(fD@Wx~YuLVkU3nI%C;`LWgluldO?Y*Y~sci4x?^NhBlf@%_u+t!ETQ73Z6}(;j zh3RrGCh^21N(fLOop?fKJ5EVk2gZ!4^y%Zw{Cl~d8gVWk+4%FxM4vL9mrtnf5>qe@ zfZY*>g)D|cC!5xi=x{oPrL-o-*c?v^@8*I%hT0V}m!LGzyUQ4b$3EfRAly}UK(bKceYmEJ9NGJ_7@xvMlf}Bwb&?cw z3Dd%s5fr$D;chK~+i7#(wt;4|+S~)|Pmlm}-XP>II|SB1JnVNa@e%;*PoBh-2u3vP-Ona|@E zlyTjsbbS1=sR>KKLT{Gq-8?bn++Vh}D}n??>PDF5WGMrNUIT-LGRjYx4>aDXc5tqk z%Ft0@!_T~3ErH#ubmLO#&t;$^s2a?*f9dq;yyu(m^AAX;>-4dEnju}G{IW^*LGj~@ zu5M{R2%GNmV_)H_R;b~Yi8+O_iDg&Sc8$$`T&*`97NaMjk3mw5oVpE!t1CN5LHW;5 zx-LK+J04F@S&vPLvfZhxO9G3Sxs~?1j{JSN9*bx!29nkP>W&9X{6A*_Sh45XvM+ns z3RfXUoQBKYoH-?t62P*Y&Wzp5t&av064ByYIl>-zC%22pbHLCFUk?%h;j@0M60{{do!kfiM~g#bdfGxi5R&8my@ebrLoK zs_kd6>=1o`H_oQT4^!6~lNAbyV{SvA#EfvrWyl6)mpPfUV4oF6R&6<#IiV+tM)LFR zu`_bY#knV}xzmLK>T6916t}M0Vpe?SHm{gWu_{Wg;~xIO+_eIJeLlVlkpOPj)7JL642+@oL(gMr!iQAq8{*irW+IB0qcw}=j%PU9{Z#^ zZrqr3An-<3>Vvg3x(<~PUYtC=&E|EOCSIZXRaV9Q5Onabaa*<(2f=nL;VM5yi4Gh< zh|Z3mPNrRv4g0!`-uPIr{$9t{J1gSr>Hpm5ukAm>?T`~3@O}?^bHSY@e<-YQCvePG z>rNJ3VzWSg$vO=+KluV_tu;um+nv$VW~jRv4`ov0Jxn_hYM5%I)e4zB>s0xxqf_iaA>$*TI5K-foSn`bNX?31jA)U$V(*?}zLK zV^h-^S2^v6Aii`1&n0j>io~f}Kkj|mQ`-aUCnizk6`PxtrIru4p0-!G;n~u+rWs@K z!9%9F4$*Zh-l5v))&s(C+~1UNbCaXxr!VLte3~ij!po(7citR{BHl-#d(*&*n0dW! z;MxbrjefQ{IEA{@?wnBn9<`Ynn@x_{fH(e0M}x1mx5@RfX>}>LoUt|@287#Zcj*V< zm||)uVr45uFRgkF>;Jw5SbNIEDOzo+DAIv(-s^2vuS0lHo|6S3Km14q+8#5dE1Dgg zl;4PSFoib;R_6Y7Ph;?{G7fvI7rJdWf{DkB&;7+(e{Bz%Rd$!(nG6{od?-4TB~TZ1 zSNh*OUI4cmbg*$IHK#Fq32pixDEmG}Ig_vBryCuqEnDvGH^(cuXWW@AimiFa^ii&^ ziztYGni!5#PY@_(;<%MeWrxqFPOTV~2bpU!I^6s{wCH01#ArJGm-V+(U7pNMrqPtA zNq8xIZ}n;mu%6ONsg34v*X#>f)r}jYj2d(rG@}>+%~v`jJUs&B)5SN-{|2^HbJy#gm+K>cFU%ZHjoud$wY4WUGM&Sr z;R{c;Zxa3k8|m(mdpqm9d~1DRd-y^F1>bJ`P4@oddU7c3#*OH(`fA>w0U9UIjf40Ae$fbb zc`Lm`YWc;+Z~2~zg&rpI6Vy<=?kr#oG{+HiQd$Wj!Szz{& z**L}?G$$y+mJS7X9<7S$Wl0%%?C-(zb`_Y?`|aBs{qmmoa4wu5jvwg9`ggZoP`Y+p z%0|ivtaA4|ZCHHm?f~-gsxq<=Tn7m-=<hDb_hsa{^xT_!fp>9vi^cE8{3K0Iya5nZ$G?sz!b(4xu4y$!Qhw9z+e_jEH2(3A zP~>1nh$LTcwdu{*=H?09I&D%<)F&nU{g{L9R#Mv8RJLJdB2Zkr~Zvg&pC+^>bst<&;X zZN3!mz41Cd4h&Z6J&0%1u62E!z?W}HRSqn%25juhE?UZ8E>3?P9LjXiLoNQW7QX$$JqKZ1~(#6?zyFlwh<(3hoy zmlvVvjA=Tr8<|WpvW8W1iLFLF*1ea9D@FGm=UtFXn=CnYwcv7A&N7IaZcL{LhH6ic zE^3Q(Re_x?!y(_Xs5Y$w%aJM6!#GVtOY|*$`FJ zkcKZ4DjmAgN+Xk<+<}fZ-bWgp;VdhVHK#|*7$yhC2h;7^vLY}tZxFZG64ACF1C4?5 zQXc%%fPybP7Dv#lVg3Z`pF6jOqzd{gYfk?yr@=WRyMvr&ChgVlOKYd>mh`P<} z-qmR$pbkdfwoy1!%>%+~tPOnD1eZe}puVqfnL*&By1uWj?LS)#@N2dM4T2b8R?pwC)5QGO9)i!If4*Kmo0Em2T&vN%65i}F(9!JHck{jRy-Sib~e0)Eiw z-CcR2eYB$3qP7sO6U`HFJcYf0OWOm1NqcH=wQEnkqz&da{Z@mYg6Pu?MGi-g3CI5Y z&Y0xwff$cbqD0xO!Y>d88b51)N#n%vy>UP`XN1ulJgcCQvpJ_Qz)4gkLUh4vlu7a>jCFbbFLGj0?CIC+eyFZ)wjP z=L37gIJfv>RYH_IJ043)G(3Rj{CG z0`Z!dzr!i$n&9tNAR7iQ*W@SGVXH$xb(f!U*d2GNo0b8UhFcANl{OK#F@lhSQ~d?-530drT+ zNC*g`{>h&rixiS6>rc40d|WZSZ=#GRIT(f;DWinsWkDStlR&9Q8MQM-`FlUpTkX3@ zfn(5HR+CCS-lh(3o4#>8@2f!~;E!&{ze}k-g01m%QV3z{s6E6mVjynC#Ko=bqtG_T);o@{wLVm%AcZ6+DqvQZ*(wo=9?QjN827fM;O|E0m z)E**vaP(AC= zY%_fRCY8sOm+C>6ba$BH_8vS90{QEoz2jWrb&n6KYhS;jGq7nLs=-TsLhE!je4&*I z4DTBMM!bgmo-Wm0yR68?m8L&PX9K9i5~{{gmwk-MlDt8`Ua*GR1v1=J?f7#ikBKC9Qf z+`sSv$lI01l)OVvqd6*EnzhuxV)54?A*cYfy({JV#F)Gzhlj6j$eU;jzQE@zks=Zi zLCCK5VX^=401L)I!vBC^)$xA+x6!6**K=a6_~#^Da-XGPb4v?F`X})#I8q=#{t|_G z;;2u~|7Lld2Lj-a`L*)USEIngc|ZW?Z`Bvzo7>5fU;&Rut7C-b&nKre;adY}bf^b= zQ>v}Wi{#|7`YvXc`(ahA5s$^FnD|Es{8t|xBiSwu2Z_osLGx;8ii0&x#nrdJem|3PQ^V7L7mxtL*VPqbRm8q9SF=VKIp?&oRcsCd+N{)r5hFlLD}AB^9Yb zf0Bg{@2~AODO+cy_&WJBhNsdGq-3oThEOsLtlW^YdkmjNI&v=s4D>d+!iXxALJOS- z>-UcX$~r_c$D^99`acd4u)yZfI`2X{?|Ofk+W%(ETqzbGgH8gv;$+oP0v%q@B z5Cs$8#{CiqjF9-)#V{pT8dxj@+{eCQa_O_{>oh$4!wOcVjg<2q&A<7GIE1h$w@blF3xa{}eLp(Ee`qc@>9TiUVudPY^gUL8zB zr9*T+sI$J3(KEjMOsSjtsbT%v0>BLw-^G{OH+XT|Zt#7L*X6e-rDU8mz<0T6RMzlFsvu zDZTGZ$2t{n5g*%;Mczl)6i?qkEN+_Qh>K3{MKVrU^E1h!xpV?=Utw~)w@{IW&R4hg zzE}P1;{fdfh-pth+L*+69WwR^d2GY^0i{H&-sM79JQ(!VP?PYoPdN@FnrOhKi$E&n z+*0W&1>Kd1s9x zihXlGH|^!eJJP^nm4nT+SsYax=w*i%{CF$lYpUM57E^FoTfh-6zWCx&R{s}|#dY$3 zoF&Kl5n^ithK&>?q!O%CdQ+k)SEShppUfy2qBWpKq`AY=n`2^o7H*Emxy`qBj-J); zuaYXr zW)Xj<3BIfH?#=oNr_Np=UE%#tsa;WFpz~sZ5b4Gckq3%xbeV>Nqs^$+I@crGKr~|G z1a*m=dsENiDoSKPdcvj>apb zwI=VL^uSkE&^?2Cr6_$t0E6NaHhtZn6Bb= zO`6d+Vcxkr6AGN`FuMxi73o%pS}72iOPpHJXZ=js)&-(H+crbpRFa_pI~cADln-C(q7<_RfkMm;OqFP52P9i zJa#x#_E^C;oJo4#(EaqSd{m!BH#Qa`X{}Y40Km(Yl5;GCC5*%;Myj(GSO5kg(|(4k zk^!{)@}Il?&c-imLv~hhVHc#a_2=|0CdO5tylZ`i9Qn3a8fx`qk>J`lT1VEKbKgkd zo&FAfumI%VKbO2$_4V%=ZT1W}wPj8l#@E9m3G;}+2ZV)Ufb{J~cqsjcJKCw)C}#kd z_epI{jUOJIM;M8pG=iG(fFFJdLWBANLUU)y>kf8NWVE3AYJ`){B2C5lR@w!@DaMK2 z4-oIYGA971S`zSRN}Extqae$nL9=H~Lhhx$>@>;y&kj-GP&76_WP(YnIrL3L7HTw z-tE9)1V#ekckx$yqTWI|Qd36@x2Z5GyWe=}yug-c|435TfQQcT)smi%v@IuC>0ft~ zX3!hDOM4!mjH1bSRY&w^h7OOg$!)D?lR{yjTokoC;=z-v-M>m&{cUVFeVBqk*+`XY zX2Ai|V~ugPgW^KOC*xsCmLyfB*J^5qqRVEjM}j3PJ&+4oxa0u_q2?xFe@u{FSzbQ? zDto`sp3D8bqfSYW&|QQ$)R!q)ZK!9*x{T2E0cF3lA+T$=(DNf~nY7mYX%o}u1F6zB&Pe3+8en&>uZ zG^G?O_NxgaGT)RFH>I~!M*yQ~5fAQ^%@4_Sm7u_jhw9D5fz!VZ@A#CJ*?S`orX2Qm zP?n4Rj8BolO%MMTYWZ)W#*CVfkwiNt*K=71OLkv>Ecev12!*BL>)ZfrF!pS+h8=D3 z23b#?Yyn|Q8-pk)o55`WexC&xg-#jr4^Abo?6F$DeM2|$uwiY=Y`_5<%-CHg*v5rE zpcOS~sFf~*VK#JT-Ggk6ip0-GeXIF`N9s!q@E9pLC_7$nmN@y^eZVS+BQ3eYO)Bm& zx7==VX7xqN9AhaCQIzRL*GA9S0fyaDBXjR~_&vi_e@IhtA(T?We!MedYF}}coWPf- zP?XeHG1Rb+G^s~##Axu%^C(ZnZuk`Glv=iGuUWhh@XDCiLFObcYwx~_oz$0mEdy^{ zM1~B#;qa>39nTZ%ha{)pVWiyjAlWZ|u;5P|N4W2tnN(Qb*i*IDSe@l(V*gc5~p z>eyHuDoH0}e1Q_U7N6wItFQrEr*QKf`$LXe2qfqqb&_SU08P(U1T2a29lfvePosvKgfurFnXfE;)|8$^OJ8gO#fi%n{puuS@R zjF178ndQvi3W20^%>@DFEKI3wv#q7Tcu4nV2r5KS?lG6RW=Yj2z|Rf0q0avSl_@MV zbTMp~($5ll^r3Nz7y9$l=^?2XPzRO7t5yxS&kZ%|JyBbJbo#%pbS`uQ-5j7--BLMx z(blBaD~b_U?a9gTI^FTeR`cHO$}sMJbAxXcvttojF{Q7mxG4;O6X|%EWJQMR~A7wD;$Az|lN9i4A z&TRGYL?5VHXYmtEP#gF|gRpYKsEBDcFbDkQ8Sv@%;WTDG28NyLk~)NcD zf5!nF$21nU7qW`U5egS9zGb@&^4j36soFVQ=pVn0*$@f8EvGS#wG?E#TthF;a>SZr zAwmW5N;OU0CxN<3`xCzy?L7x>sM+&o2wQ}gPbrQgU z2sRkgd_Yf*bf$m6WmuY|`RUb)KaIVaY}4E%>cWUe(t7irva6Wn6ZlBT2&B;pz z+$Zq!m)Mvn=tOCYy`WJOsUG;SNe`vLOpv#z|o3j<7}d;w3e)R zB|XxdV@~lzteP9}Hb>A-FQzI;tuznN#+-Yh9H#JvekQMs8;Sc?fCG;no?|ec?MzOFyuK|bigXO ze@)T^SOni~-=zsDG8MQ@%X0btKngI(n15&a-* z#yLi&{NB-lA&73T;6U36lIg8yL^N}*r=@2f%LAFmAYooFDu1;BFyp?5BNAI_gJG&k zh5}jJ!7;VLsJXNQ9$?0}%4Gy8@C#CPu!ZjaI=kDaAIgK0>jO>=o!ZyO3N#c!&fWuD zvJr{!N?cXKyrdP)RF2!wV?k$MA@lcrQxk9UJ;NHbTD&ALno(gg1*uJ<7HpnVW zbZG|SY4-mD z<$8G)@2JlBeO)IFm<4aIe+LCFNqMk^CS0xl4%axV_(vvB`c}_JFcFd754y;Wo?)~j zCB4ml&(Wn>PnfqeuBW+vys8%^Jv@z8KFrBozWXXu{$}t@LzstkL7zXyG1353I{_MiWn}K>_&}~mnSj%Tf{K5oT@?&Is zx8@t7?;Wt!_EF7#!u9bmDWPw$bd*dR^dsM9-x6KUKI+Hc1)`Rbxw?ohJyc+CC4~pn zT2J~WU;I}kau=i(yhVJqeXjM-39@)r6c!BeicMqk7iG~d=p_6IbTvnWvWYq5+AXKf zcuu+7SB5@%slT%MWJf3V+AV1U3o#KhrMxzS8w``yvb&-hhN;Sb5OiZZh@#;c5~e-oZQOH|ls-C7KXC zUy?F*W&5}w>?XuBEQ3s?c_oN_d&7iFlGB5hwZcCuaxB*(CkN8as0S^TKy2lX~Mv~RUbqP84Fu(2A3O#x!qEvy21hL*RZ{>EjIuZasJ6nyOpm0?m zn3Q}>(Pe!a4mWiZKB&kyDj+OOYX%E_Fx_ptP-pTc*<1|xp{_VSh%isx!G_A&B!Aa` z4p)czek5@Ju`P&5kCBSWWZygjz^tBD*1a|@qFa!w@91a@ArPYTl@XBwOh5@)jiYI(=_*DwpBSPVI)mC_>bJS{*&!N^&1;F0Vl#fdd#u$BvnKvMt&Bb$b%j?Uj#@dwO zHfn?ik^2%aXRZiRQZ?P?U>BX`v&cvwM{!)NoaMH@v@GXVVvVp-_j#6i{nWh@UC5rY z6H1Sg*7~+Iw80@*%M7$UrVHW{l2vL=&%)?I+p?XzxLmObol z(9Tbl8F-tyxRR@7l8w?4Bd@BQB$1CXu0KEWphstab+VHXdOjaL3HxObJ$XgCqSF+| zHc_@U2de+v@Fd0Loe`zu+n*1C&fK*U;h`{6-GPg?dnnayR=QOH-y0eG z0=rGR591T(+`snPBfI}3$9uv*mXO?0iNZ26Px>QUeBBD7xE&3~Xt~j5sa*XK6aVkm z7i(;GD=+yT+Z8`DuQ=J^3yxc!u&}{oX~cD5@;eg*!isM1W)g8vcu9c)+U@mjyfA7? zyy6KZpa@hu0|vG099Rn#X&T5=SkCuy8KwQOk!HnL_SETVbw&b)>dWCV9v>4Lov)5BHyh z9I44_l2q&LkA@Zyn;XHjcBVO{H^>MtbY-PT2l|7neZ6nzgrofJhIE zkvB=RACfQ<&-KG9>kaRlfEzpYVNi4rRQh;N|mE z%2=No8%?_m@jOE^NKQJKFO%PkZijm7>nEP)Epw3$Y)$Gvc?C7}WY|a|??tOpOOHuR z00Ag~5n%l^v;Yf;=&ASHMDMV}Xs9~Yw~o1y;%nzXPDApETeAatGFM;<{SjVrtk0it zCR$oYaWyf1mG}zTkbK(}QQ6F+@(rdHg4TUoGWiehhcoMNcK-z3*OeC&T38a;odp5GfJ;Y`cs^~4@DekbMBb?Xn{Bt zj?JtIEX^}hz1mW6?AKyWGv4WRb+a#6Z%mG!m!Lzov}8=AC$}5wCfqEb^DaYU6^d{ zQ^>!7ItsqF!DRPYf_%J`W@(v2(-4$TRa5A(Ao*NO zfbsTefBe{v_6|PcHh9b(Bv-_*I_%GSm!5NZv%b{_hqyiT>ZdAppAC3ZYAJKA8Twli zNh6LA4=v!zNb`7 zZG;r|#(o`lykB(2#z{FX?XI%Jt7G|DwOf!7Z}KV$vyY6Ez92TsGXHn!PaBS7L)cI^ zA_5w#>E&$FVpRdkNEEhO6#ZDOK?~bs?`DyC!iV~gEMkfji^irh334@x-Z`2Qyo-Dv zTSZfe0VK=URlED!#JlDRSw_A1@^8?L37O~3jrBFVc6P6;jt@N>7b1=RBuTUSG*_e@ z%vCX&&>XjG!}*e=#-?eH1ol&kWBkyJu*r(kt47%ioG;C;j+{QlWjjviFwoMzMvtP& z;ON(tkAUQSKUDj2x9fO%oSG74fAmS{UjKo_C)`QPDm-+=dP`4B%1R9&fVUGbe9*Nx z`*SzVJ82wY+>&_~5xg)jJ)WnlNau6pcPV1T2BQCf*4W)!yUy!-52Q0G8sK)c0F6VC zjrl;EG|_KFuWq0N0|^gqyq~X6%m%=e>SJ;Y>+ZmNzKUIqes14tR+)TE^ED$}bW6O` zT-f?vnfY+oaX6`9b{N=~LYk)@b)E)M7bD*7;#PA3l+3)fIx$>d^?7f5gBTGtq^MA5 zIKcx2=T275I97g}A0Ee1;7{p@kHUg!H4Uo-ZE7VQT}tXA@z|!03`=36o14_eymtGR zu`c%U<42S=K(^o0?d}v{n|Au^K%OAea&uxvMZU1OGACTXhkmU@4O;&>lUjF5PTBJ58)rB0UV=K@(#9kL}p~D8Ed?;TBIyjzOCCWg#pwRhEMPhmZ7%h;Yvo zzI4M+d|Cd#d*CR23h;4@W1`AXlPuY>@oos(646QFojEQg=oQ$yE$Ac+%?6ogumhC5#oU=_;<&rO`Iwt|^>p^eoWZ4@N{yA1A*$ADgN$peo0pC> zjN!xMJN|PnD zA^OBKJ0Vz6p2aWB#@b{MGH`M^F?}}_+y-yjM|LK-{el>Mt{UT=^6U)1htob83-jxr z8mC<%avODlIQ{*Gzv`0wxk02^{KzeHMv1D-#3Psq_oGMvcV4VjRrmlPNDoX5P+;Z6 zj`Tj~lFW8hZTKD5T;+8(F0Ik2fWq zuu(Ba|H0v*4z4o>f581>1%u(5xMn-h_;ZTNej=ayW)Jy7l9ZzIll4P|`Edj#7Jl|f zzD{zyzF5wb5j!fGzsDO+@uc97h4Bz{InWsI}iW5 zzb9R#6`x=FZ19fjj+=hRsOHAw-p|$H?26 z!_wl(cwicjv2kTBT53z3vWmhpwu8pof0|PIuQ9_JcERWtkaJ-c-^%P@6C%FX3r+v( zve%t3Fu2Ti%C&~h=BR|fwi7*Duws-n30Ho9Q&QDQrEt6M_o4beyl?h4Bs~2)?T3cQ zLbq&pQ%AylpVmf&|1uYPkedhC1Skf~M7wLdHR(I|?9OOg(;e_)GQ9s|GTPrfs1b!_ zJ99VwM{o-NZ6@B!X}t{D{~y?k|A#Fb{qMigQV|Chz$n`nn-bSSkNHYJq#>)Y@pl+W zw5W7m+MO$FuDh|<>|6qL<{H50lPzuc`o;R(Ix^9CYZdkKTzsdyzt0DZcNe2CK4UT3 z`Z@P_6sZQm48pF;tTaEv2u~8wnhAs}O3jCU3NE4LEx!nw9bN>ipVX_nqy2aUX$MX) z3$8t7!SRyj6e&2A!v3whxy;60+Fxbaz5YRK$;anCJ6q8?;4gjG*d5!&5X`g>9Co-z0FL3xftvuj+#P3<i6KP(pP+`K8(wZg5y~Sh5;m&+!q-F? zz$>o$A=rJ;jk#GY!ScX34o)rOio)dtCBLuwSR2Oi!w64{Lktp^LnpqCU6lPqbM|ML z4{U)1mC7dnBvpOm#3#|ws=Jpr^&{)hd?6Pb@6GVDp0g|&9{PZUPW&@3&P-yJ>wlbp zP^9kUp_HEPdmj5|BSxEqm9YOkfbT`3H{*OhQ49e)P6I>^@QvSYHuJBDbhSJ_L4aGb ze{gh+IM6{TWE%z(1ZFEK;@%U0TAWdu=O^9xVg$ALp-khRi%{34`vK*>fs0J9!6w?Q zn@fLOn!tJ9W`@ylC@GKg;>2bVnym5DE#LKMYY$tCM zAFl{r#N&Lv{BY!4o6tmWE|I>QfEaS`T3ukV8+_br!fh`RF3(z$^yQ)Bz!ZTe>-sL$ z;hO+CwCw2S5kJLq-$jMa*pT~468WZBx9@8l-*bWzy%WlWY9|W5%6aYYsemcOjP&fn zLp1n;V}US&bh)1>&$W;WA@SeUNhU*qq8d zIvVdJ{YR0k)vp4qQv#C%)9vsHv$Fy`4(;|~h3le;VoMn)qiSQ64phCM870Uz`GQjC zo3)zofh;E6JfV{8t0`cDLVvNcYpYTIj;-1(uA?AhaIi}M$Othmd>(8W^-1^sx&0TcqbXFF05nT}PiP~FK#9j7GbByjq zF4sZsg#AB5L2}OjvMi3h^%iQ5Oj>n`zwpc)3reDs@A6+;{^B9P#@O7J&awZG=ZA+H zToLA>%zR5};MQvrywyiSYzLIg_pgX~1ZY&6S$S2`GvIEJZ5YP@pNkRRa&sFA z-25b(s3R}vL%@K4P@8m&^k6G|w;%6>EDg3*XU`SY8rj-o*FQu$VjNksQs$}$AioydlY&~GhTfMwF)UE@@ssKke zTWh1Qf}2XcITk<8dr*&cV@-#q(ue~VkWIx_T#r1U(|VT6%1u6PaScb zF2P6tcoJN~Tao0ptmgA0Y_+YeF(Nqs5+}H)Z*>J=>U^72ILA(Ps3W5V;po0)*z|>3 zvgy7?ZjY_-Q2JKzb&*uM<&z5!4qoA;YC|}w-9Usxp0tafG>XRbD;%SL^+7$zxqQLgy!* zky6+~?YwwjHxlNN$HM8~oGPpH4SGn6(ihP$Vp$&|N*7&s%4`cZnfzZ5NUCG>=v0l5_q10A_K#PordL_nS>(t;rpQE+Rm7jQNlNc zF=x;>1(+dCKSHA=co&Xx`y5$W8p4kC>c7s-a8bJCP1zm*mlf>}D6S~?3Y;KjN0Q6G zJ;$Z|iI3d0`R}w9dL2Y{pTSBS*GHP0v?|0hl!(pO^__X1lpM8{cA2Qxb4slnsAL7V zso&F>3v&DV0(O6{-%9I>(!4zvev{wk?1nDe;>kH{$zcGN{Kem$d6%HT;`AxgoTkKp zsC@oUWk1TEuPr$MtWs>0j5U9F|2rGmOI-uKqoT^nuL*f(+U97nA?6Rj>$iSeSN`k5$e7s&)*FiE~N(Q4l>q=+M%mCSklSotX?Qc{w2zh^PeD%Jgt=aSMyvAj=Y| zB0WEsJD&?N8xLDLJ`ydAE0((jX&}J!XHm?tVdv*hk$q$jUP~EBtdcg3o&ytzVv#>g zTeKIh=vd?U%(M&*0vmxEr*4zu)nuE>o%W4ic+>b6e*3O+7B8mtK>9WRZ9!jaG_CCq z9*8bKSQ_Om_XKk>XHht+8_B2Y=A^qe_SONqYfhtPK_fw@&xGMzGEi!22r==Rg%{nw z2+T@ImJImVgLPp^#FtU{4c@)A{nOG9ytB4j%+(p2l{iv|pRf9R3!uu5ij)pq_++Rd zXwc}lhVtaktRc1Ur~BnM$$(`+4ho!1+8_+Wc-@u#u5QwR!wjeJLU%^ zU8{hq-@rqc>F4EyhyXa$pnf)8r8xW@*q1~$wdGcQf_^`w*%8+?|Ir$hO2B7>{$TRp zgN89>qo0tg@$R8SIJsaLAOXDw#~O8Qyd+H4}@eI(b~>eud8{g`8ePR|&eo&!={ z$wm7dfZCJeblwCJZ|;f3%AOV}q?e3K&z8m@@|6G=b3s8T5S=kw!9gCPnCpHonxqe0 zMacNn`C+HmfE13I-ls1npB8N@y)K{6wD$ZRx8t`Y{fOjrF-}X1P~Ud+-?ad=h7{tB zdwm4YTEGdRrH%!vTT#XqeUZVc--K}$Y7*dg_124o4{G-aB~{R^#85rE#qK0@yJ%53 zEFIuR#lN&!xuc_^yL8cr2dNAw0N4=!`dZ~7!*&I#n_Ll{Be-6NN;?&h{W_ojqVWhP~`1-ej_Lhn-mcZ?|$54+}~~x9mA~pl-2B3 zZF%8J#jN?dVbTlnF)IQd^~=z`O7@=(Y>GTu9vUyl9_HT6PnVRoe=dsaZ#%wtb_iau z8>4}h|40PK$$M)cM`SxVTBH0SZ4218i-9wLGJw8iAo@RddXhemNervIO*ha+le27$(Gw3gKVt$kX>@ar^{AA1r};){cyPGT5w!<1y-3V2wfgM97}EWPWnCaMUGIz)mL?%h*?ssg9ZGNIox%i(px8G@@==2aMYXGC>VsoWB=GUL^O&4oG1={EF7K4 zu*U9FfwcE0w7%xt=xVCV+JzhpfJ`Y;-8kqk+sqxtf1B;^)qHVTUic)Gd^T`z0{X?0 zSx~k-h&&$x+3J3M=5S$urhHX7p`hZ$vs}-|!~Zu#sX=A{8OU~sxzOv#3;HapjdX*1 zxrR$`6wb814~B%X6jNHoLq5IiAH5}73os(Bb{`_PRFZ`Xv{S2ett%70 zt85{rOmd$K%ZoX+&pX|BCT!acg$Dd5g)Mfmja$ToDuUH;BbY}JtRR^eH64huRDW7@ zIif_^6^}B*Sv2(4jtv@eK1CIC~Ep*=NBF7qy_~Z&}sUB zBp_ao^ty;`BFJ3{K1(BAPbl2BoB`&b32Wibv*Vab(_~~B8|Izoh5nl8phyH=QuHVG zj4UnTyA@J-wsi%hPRPGOo(a6ThVTD+?d{P*aA&K0PZ0zZ>em*w4MyVA$=w}9aM(fk z3f7~Xj}>)9etv8^2Msla!oNgis5q{WZ}yj-h?j8-RkaU0tE{kMws4#bjH$|UW61Ys zPf@e<|5cT-WHo(Qb`ZX1YVvcB)4#+adJPEmsK-gz#R2aDL6FYn;|u-NpkpIUbg{Kn zPtq0B0pH}zK-BHo6ZnI#lf0BFO9D{eCW89|?VYMnQ`9a~WvsboPSC^qLcZwZgh8rX z=GN+F{KF%OcYfwY4?~WuQ&bD3gzrwm^P5IPF3Sm@{#hB{HXB*jeyXx3TFn*O*bzD| zpaS+AH7GfXnA85~mU&l+W0QaLTx+D?jJ|mtG4!+}Cm)YstVfcrp=r;TXgHBA^AC}( zPvxtcv&%&mWAzq9e7Ge&m9HW&sRyk(*{0}#mm?~|TCeAUhH26tw)aOL<R}_ciHLXI*07r z_Gg-t1#D}xv-d*#Dx>*#UOQ`<7rlx*khtLh{aOcmRkTzDI*hHAxCrJ0G?*+L**$2H z)zR&Fm<`wP_Jm__Pt*>6*RQS%LPgc?L{_{;e6ws0yX}-vX|B)!SL9tz13K1QZ-F^~ zM|vJuMEh@(vPaQ(<5OSZ$K0NtGF)%Fv_h{CZrwt`X#5G+cgLr~^xnmZ4^~D2CXPRk zYn$%K5E|bmucUHJ-FX6G<^@Q|wH>Q5mRHkIf*%oLS9EO7qJ(XiACpM#?W5XcM~g0) z(F@~*K87o>d_l|nE>j4Usw1v*>@lM&yTD%z?hzFxA1f@`-F6f zL-j}=SNek8BC1qj&1?_TocXaokAHlL`axU~1V?ps|5!3qDk^ZwOW6Fr7OnAf`ze;%o2%u}bh%SnQW@0M> zsd_~)vx0nX)OZHNegvq5to?*1@He9E9!TD9fT#=%N)zv@gTtzGVsl*&vKPbeL(rMp zT&m-X8Y&8l zFHJFtFYbz?Q&ou+BYFb`79U1gybtdS7mB1$?Tftmfg?S7bF$a#2$a_wD`3UbU+Rt%hVt+f-(a6C z+^)qg0Cv>wGC$1P*fCtoRH^2_aws5u4o(Xk5-KEW?&UJ$p5C;0XiLupQEv^_@s46> z#0l2@3IgK9t?>BY&P76Dexx4u!S)tmbiCjF4Q_fwALbM{Ad6!s?dcwCr84;ApPW&i z;@_G}gXUSZyCI8%&PN4hUT=ngb(?Z^aYRiAiQaG8KpaITyEHowA7Vf|@ ze82OMzz)bMKg2t3QhgEr>iCl+?gjN@!+e#T=+1qbts*T&7iDuD={9K$2ct2R8`25- zPXlAHak#7%X?)|ORhDo{u0=$rvXh&a$!|DQBhiE09uwf@0g^x% zlqp4W7wWgs1TAdK`yiLEj`DXLfi9Kc8q=T1e*swjNwpyfdIIkfq zzt>tmThv7>5q`%CS?`|y=pGR|GC%sh^HI9r$AYlMFz&WA5MGZf9J!l^5p+K1CNvL| z2;Zl#Er?sQo(&)hOZrMn)9}&}!3LDIJqcx%@LWyD=2Pu~7P%avL8F#kJn4>3sSXzi zE&48-=+dH==DQVlvV(P*JJD9GRlV_^egbX-lsSf8^IGgPX=2KHZ+q-I2A{Il;v`pF zJoYpBZO29^@x(>SS{HawB010Qe3zor8gGkCQXF||p4bDfee2T8^XWJb1|H9Cmmc^G zgmSm`olk!$hL}&ox{UPVP0YaX5TBw7~iBtiEc zOH>(@841#d+Z1-D>*@pg(|Ic|gr+iK2?~|)pR1%P_&9b7K@vv|=CNuIuL>J_k$q`! z6Fww2>Wg%30D)bgzTPqhg{EB!e@*UZsH*%^Syuno2r`OjhNm>eopR>Po6e?KwGNH5 z@Gd;}154eeun@b{MwfB#^ZV>VkqyeKeO|}Nvf6Ka5$V71Ua&o+%cu#^^8;)ziuQE} z;+4izSiMf*#P^$bk&(gDMhMcYM|xkSAXGY<08GQ1C3n|b+xYoN5taYs8@uxf>Ed7p zd;eTmJ>5mhLLVX{?;M`*6)5=ygGK>?>ju5M{Y@@>=wsKh75|0kasDC;&p?MudNVZp zeI;xl!crI)s!?FXqCYJ1Hm4N&<}#_-JJewh~6votGhbzhC`;n32W zZ&yYr{rY$0@l5>O07#IX>!$clU270&D|Fh*PZ}bqZdrJ=q^hi~_JW-vNs>okI%c&IdXj#!;j;j@jop7=d7o% zG%``60=^YEDrhcE>(3Bj?ci#LD$E`l%zz~hP8Gs!2?U;{SKpU26+ijN4v*$@g2Eef z^)kxX)3T1t><_5F!xHjh?(QP5Hk>`yBd)e(yeuvE14_`a2Yec}zulZ$Gd`bo&A;iB zcUaU~A?DYIL=8&G!%HU4QE$#DLu!|m32+gLbcU1xy@!vO5mDH3^yJ9S)^@!v)m>3j z;<`8_#1K;k7RHFyK*B%zdpOA-FXu>Nf0-5<*`X`NjM7bfXE<%gO!M@)5Y_K$T`tpv z?Wk5+J&;Ma@gF9sS~tZ1GVW{73GBb>s#0%C#Bp6az!8hjJP4t9m&9&Esa9LYz;3bh@Fa&F zbwMx=zx90)-t86=^c^Q^ea5WtM(JOcPf12==hLy5(nUtlW4!zuQMGG|>c_Fek$*LR z0)?c{)B#TmZ%e8UtK<2KgNKi)u%&f1avD;Xsy()}Y6jD6if^i<1*1bKRG7Fh*KFXF zRkv`&O-s{`Bj;hCw6*xo_SG6#L*drPL({2rizM+=(_f)H6H9!JZvvhNZ>dX*DB z?u_)w!y!v{Rni@{;ePwZR3#zLd;sFvNqLUZU!nqY|a2}1nhR$<}G63=WH^XemU9;UQSZ2u_ag6ovkQ; z<;uG?&HEv|pro@3_o{U=fN$1GakwJqYUo|kZnkOe@SbX#ANV6paoEOb5$8idf>O-C z87^$HjX=Hz^t8nbC%%2BpF`*<2N7c~_oZ&cS}*l{G29xO(!|u6Z|8?#`gan`u|BB>uQ8m%y|WUOvx5 z*tz}i#Rr5cT|<8IP0Y9>0eO|g#60@gsP{^iZQD|8NmXzpjm*0Pz_ECC=;M4t20Nt>B0R_+!XRO(cXfqt$ZBqZ+R zxJ{m)>Txbr?vim$R2n^b;ANJvqhVpnA(36KJu)FUFl(AEGG$m6*w_E+7ME?h!(M{e zbWfcGk@w9ClccG=9|`kPW?SWWKXn`XBT-+-9#?$$n&r0#C!jKp`%>S5`f^=l7{lom zk{Vm0s5+_{%M~DjrYT*df^TZ(UzDBdn>nKPbn!Gj{!SWZ;^!IeBR&KzM8T&vid|90 zAh#v^dRP3;u;X=#VOSLB!01|rV_J+%ThpMF*vq{7=0GYBte>fF{$T@hF}e>89}CAo z^lT9N4bhCU;}=_-=sND{AyUXywA}A%sgnz*M?9hD*`fERSCo@BNLe@RJnRP`L^phj zo9FgL>YP7)E0!jo#^JCNNO3jBUigB!mD@JA2->$#2Eb6!+5R@DK0of2ACwdrG>Oh~ z#iRx-TKoF~vjW1>no2A+%|f0;MSdibkx^2cxxe?{4O(l1W$o@5`q)0;8?7|9bPY3ft(wqTS+fQm~PI`*lO`$0MgYP9zL?};`cbUK+2pO8(0tZFU`3P%$ z&{z@~6CFR$i6IBLM=UbDwsvyLVPDfs47NU)DaDS9`HI$2j%VkQh(Qbew@t}_gAZ>A zS>T7B{5ET^g0!M1dh5S@s%Z(mYhcVIrO)yNdYANXXXSok{Bp}sjF0+x*;gR*@OsYR zefAw$lQVtFQ2UJHRc2RmP{r5J=dxH-LRXVM`h7RPahI^-KTwePmY^^J=&Nz&F4KMl zuNs$7^@!Cga4PWcL`JFX)}5PGGUMFwa9`LIW7cI zV2Bl~rfsc(92fp8u?(oH|dA`%SZq-}z{Up8J<-*JNZhr14TR~hvpmSz;pVrxORcLTnDZEY9WNd50e zX9hrjTimRTU^HwhNuSO?F(^Ie8h5u|T;L+fnLsQDxMw1vH&bU@+Zg@r=_$l!x;Fk( z;z$mbU8k@+dVXsE66r`d60V3YEpl-cBJCc1J?+DEZbJJS5AID4YHXICoMq~V97ZrV z@Tozo-CDg3zGKQk(9l{e!Bc^!6BTQFAB=iKi)&DK-6B+e>xh<>sPC+%2Eu;e9?aX) z+ItbUc>yd>K79Vt5c;!s4|(fzeEcsZ`EOX|^Y2pmo=HmQ84X`yPp_VIi(oQC>Wsq! z)&Z95R&!`%j)^934l z|1D8`*H37_v2e0sVTS5O@sm>-Cn~rp^S!M~!P%9ru*$Db%fG^GRGE2e0zkfN-Bbvh zbvtX`fv?*6wC!&@?RA*{sRZu;5F%aGgo=ZUz@*xuOohTjeMO-x4!%6;8|cRcDyS2O zA~&3|qBGd-Gqn(lJpSU;r7MvyqGkqqW|XV<^;06>JF9cZtSIewg-cuhI2>0LzRSfQ ziB0HlTg8T06drs};eQ_+Y}t$m1{T=Z5heL@jCrBUWnhAzl(mJkUg11O%HjF<{w$5cYkOOMNItPKN!_GvFbdx#5zo zl>~F~alIWbApYD^mo)8-B`29#dt_B~3u%EWO%&N%iY%*}8zV&Cj+CSszp-o#+R?A& zwD>j-+9nGS`#o!svW|dnT(oB>6fj?3Rn`{)^%VN5l4L9($2^5m&YtHAb3B?yv$rWL zx_aH_eR#EP?fEB+*#9G-@4C>qH_9p*IhijmkMTS6*gdJp#Qf)5O@{PqPp;QrDsSWV zb}6toyvL*vkkwmkjNHSjKBd@&sPc`^>B&~AU0ygIX?R(HHI=rB>i9hqDnYH`2lw&H z5M@j$l@Fgj3?OCVe)p@!(dd*|Kk($`!0fw8l=yz|j;U2tY+zhzwgJ~@Tz|aCT%IfY z%!j-Rq#Gc@7M@>WV>Z(+em*y+_JNUVGbf^dSLiJBY!yXzxWWu({KI6xdCk2!&E}M> zQdCpnSke-qU`0dfpATt#i0;uMIP$*Vao8y^Un*cdT!Y3j_deu!zu~3i?!2z~sDkOf zqrzD40a)U6G40Ko$M%Go<-rt=mxeoS-|c=)A5Wwe>z?tg<5|sl9DWAcZa4l2{-Y$9eZbc>tYP@;-MZe+I=Co0qa{D&A3 zAT*R*qh?qz3P5NSb`N{?d^<(pdzTh^74{GFr6PqL#c#bqbUSbduvYwyZZyrt==}Vc z%+Z>MS>XvXE707Sf8zEK6J#Iy*uisJ0m>h_6?F*}-SoTm6x1Z_ z*^{RhjoelkXLG^+Fn7)L`9=T;Wo}kOvmN`!o-_U01(G0bckDmXn>8<BCS03c{eDk-qmP8GNWiuSIPYzeErLNm{Lckt{(k`>`bX9ZU0v zdTy9l-ISzc3}K8vNthV2QQ(?3y%;;bCSmm=y^z=aV^!*y8Di7mSJ1?OF?EX&WO4Cm z=gMbd_db)^>McVtkf+@c+XjH3CQlm#_>+1u;0JY0CQ$SY0ej-8weazDT+j#whCkSw z;3>9Ht$_RhZcn#PV4f?3{UCTQ^LszlB*C}>M6HuIx?AiHdT%k(+L}E zIs(|1zb`rpBOroWME`7xH2l!H8<4get3qZwYS1P(LB>`OdFyq%mY{xQsUDA@R>6OF zuf3pZx0Pg7c6R$lZ*fk;r*)2B9nYICd3 z2F~a1f^VlgKOCKAR`2bZczxydU-ai2)$r%Sb+5Fq=FW$~U892v>p|1MsXaP-4&vYK zoW^M5WqhK6)m7(b%L$Tn=m~y`s6cKo3Z2B@Q!Mp3n%!* z?X#>LSM_#IXs*Ei3Uq(Bbr;j7@$ZA$Nkz4z)3fc$3S&UY^IU>gy+BHRiIl{DDBIat zUSxyV+S*W+L>11gIP{Z0*TqRF^g+7(V2XemZ!1p2h{+Auy^GE>f`i{p+3)B;?H;28||Wq^+&dOQeKY<7${;kh8|iXmp-06 zn|GRuZC*8N>xha}_z_e|Bbykk%IX^dtZi73kYn&;K2I zkfH&WeqJYE*(@<0-%&4ba-p$%*pdd{Ut2YC6vcTw&v)kTF=D z?(5+yq$)0tGL{z_NOaZx34bm9KpAZM&yB@b?^>6YdKO>rW*Xmb_&~%5s_QybG2m=w zCD|uV6ql4o%q0JS1^)oe4r+zYNvLKFn*r^V9WIAlK*}UxWLF?TTb@kuOzzBn9ypF) z=Y_2C;@}^P=dYKBF!8`&C#l#-!{4=HymZ~2vLzCKOdQx`qlt9AMio`MZ0 zS{Cv2`Hcy6Vf-JL#N3hIHvWbzB+xt1j3&CnnY|aYF_*d6C(^-=3(yvTb3$Q-wv;xY zV4HXnl5Hs&RTc{^2AG6QCb;{sN*gord#}F3ed#k?-sSk>fk*RH<~-=PpEMMj%0u2g z5+Dt_*iC%>yRn(Sknc_GMQo3dgW`gHMjyK=x6^+`+)ggL`<($JVJf)G;AU8Z;(xqV zLAU?FnH~JkXI%TLTGcPMN6_u!?QUjQMbA<>{yb@OT|LW!uxIHpCh6BVbH(_ZYGId$ z;roq1_zuRN>O*e$pgcmNL2toUbj=|;$=P8b3h@~cSGX3&bomXGEXX}ld=SXNN(6KnaC#Ra1-;Pmyv+Qt7=-6fxM#fC(DLe-)#0f^It@-bOQJqp&>rSyyx6}HsvUVArjqM!GsCF;CmDqbkBtL5i2Rzw7UDa!@#aj z19~ku5Dg4Af5<614gRZ~nf+HNNGL(#NN}f9WUW~0bTg%IV2X^yyfoQ3Y0|j3Pa$Y5 zbY_Qf(t)(l$z^tO{CVjL)=~f1`Sz}Ez{yI7!mY8KR%QNm1oK;Adbx_zI{{tG|CYLu zD3W&$<(i9YmG)_8iB$x6tF-SAW?Kf@=jeSoOWt_z6|tWqvJ>h&Z!gyK!9VkYg=#(9 zsK1rsGO*VwW4*#ZSdan72m@kCDf1-#m5Z_5p6G(aYX@!eBqce?usQHCF|}nU10^Il zWjQ(_JB$kyy^yt2Li*Nbgi9`)S)H#3Wz+{Y?><1Oao>7a^85(wUt9vrjDl0lk}5+{ zvcpx`+L-OXjj;v%t?bwA{`Z50i}i&==*5126rG|njH}Mu)sK z{`ULH`;>6-KqP%bI@g}izz6^vjaaH{l8qRPZ84Gi&!QN<_ zhMOsa72Bc~Q~aU~a>_`C9m0a;>&Jv`v20Q9WGD+^HMNIrr?=(^FYc$eS45+iY|HZHW(=EH>gz=So#1i|S|3 z9@+jM%B)vvt8e0aUzdVBDv$|1FI{D1ZGLJuEbcEJV1M3V=b%UW=#PLfsh%n^wls3c z!Z=ONeCRtgxcu$vT*MmFa%}$ASuM+;qq8w(9FYnl2a?j(-p9ea!WmXhY|)_2fFOu0 zVM2Cx>-{Y-U}6_56q$|b#yeNp&m?_fm+lRIPQ`L)$087XO&|&IB3$)O+v+#8GtORh z>W5KM;83eCT~|-HCuby`tUzY7TfWUtjv3LtEpj58-d5y0?`X(cY$1`*O#-Jo7+?IU zDf&Z&ECQ!c)aA5s*DA2y^>`%3-5)>EM$r&Z!WOhJS`#Olf1eWmRdF4+z5b(UbSsb? z6B|wPMz(%v)&;0NppS(SmrGNv=GQbW5j1x@pET&d2D?4Ge{^pHpOwuO*#Mg|T{}ef zwi8fZ3&nr)&e$;Xi)Xys?)c>mN3@;|Z zVg2`whtzFY)18tzCAOj{6@(wZhwo~Dv$FqV;6T_SpIleG8o^J>6>sP2}+czZ1El>E~tv4l)=YlP0ynfcqwV*DC zV!Tvn_1g!Yrgd%VGwdRr(q9V;3uo8Ij+mG)%JOB~K+?+h?pL`qg{#aMTS4(i4a30z zvXGMxJbO8*{Fx;qA2p8Kr!0C+4ynh9SSA2|?Wx>uE4sed z8C7X^_YARg)7T9B4{~K># z9TZpdMG3(rNC@u1-Q9u{+}+(hxVsbFA-D#2_krNq zy)ANK23el@H+byZE_!gArJ`He7IgeJTJ;k5go|@c*ZqGjNecGM?)%ZkzR9cjlnmIa zGCp9@5%+F>oCV%OkcgO=7!Q#aL(0u9oZaBo&=qkYrC0@{o>(GIF!#@&=#FDl-Q%v< zu_Ku&IVgSL8v(EPgIIigd@r$JhPhA8hlBk%!x*;63Ihmn=f$c9ch%g?mA-L!t>MfB`33aVrZEK{khtgKkr*%cQS2H)MeXliM>kF=&d z2Hxjp7o;xxEb!z(@VJNq9DMbB=9SDqhZKyJQVGsf~?19k{}M zf%RKLYi+K`aw5@@kqF2X%veHd%outypxBA`b$NN&zHJR;l{IU6BNNcxK`iqtCZ68% zfK}utC#_Mo#j`v5zG!;r@Dic08(|fP7HtX*Wl|q)XkLKZaj@Kju#R&e$~S9ICa9K{ z-Pek*YR)TEqx0`OLH7D8x4dsIuG3k$EQkaB{V0Tla+;brd>+7V+a{x?l^+rk-Ifiy zwc#b-;uGRQf)tPEX+8%NF|x&d=B$PdnxOAt-w_e(w8s!~ywS>=POu|iT8XOes#v zb0*O1VFuJBhE%Qt#%aUvtB7!Dv%i&=@9>%E0WFK(^uCnJWEGP)teh1T6-{?|x`GB& z0x|gp=-M@M8m-6sIJ-w_avtcuE2|#Wx6vT8rX_h5OYtiwMN0RrnPygHt& zNyn}cR4+c}&o6K+>ecke=HcZ55fd!K*oF|=oa>n*i8YVAYw=QV_vFma4GHhaN==wf z7j!LOJ0C@>HhvV(7%-=`LI&e*GgDS}Qh6v*D`_oRa0>|wL&(U;Y$=uNB7WGFUV!9d z&b~a8J$oT8d-ay`$X`Hp7hg)D%GAVr>rHLxHcCc}_GVl*=7C=V%7L0U*IvwFQcB9e z-@8KE|DH5rohg;7%jXEmK%P#cdwv)q(LY`>b?SCf31p)fVCux z%x2g*+5?xmI@Ty>O_349_^x=#4 zEPe=hpJTNshp6N@8O6*G@7LjXl}tTqGT+kOVdU7F+S#5&wX)`mq>hRT5GX11`QhkV zuGwyig7?t?fv#TZIz^JaV`JI`nNG#CqvsfhMD==rTVqqwmV zWj((u>-OTpdyv+BZiXkij>o4Dr`(aOB4 z!$IEhcvauZP+cVd7BU-{kBge}%_5D;>WvWDeaH4D2m10!$ofJ8A;BIpO?mS{bRXXF zqNutSi?6!wK;rFKmR|XTqqfQD&?>ZbLW492jSU3>{5c!nv+kU>TovB{ zA9IADr3p00T;QEHoSj`pUu4-w8FoSQ?E3n`WRP%#%9}iAb@kJ}?aAVxM$fbcny`52 z&2<{1H#n{(_wx9Ww|{wAP>Voo(+%vs6RLQ#+uiJz@D*Ji@{ej=tKG3p-tO%5)jSK^K`1 z?mW89DXXizrj?b(XIE(DxJ_rZC_s)n-;ots-z)cQ$|o*?*F8g39%WEC;PJh;+ZCw8 zMo;=&=Q!+LL3-REtT~ixe)Wx9&o0(BpzO1?d8_|bEatB?OTaoqY_CQB=GqtbCh&1? zUbWal`$4ym+d89*guZ?U_r*W>6={dO7lGxQFDoSt{HMXA5uNuHfqGT_c zn81}|^%X=E<9mU-tI!bjx1Bf8BN=m|uJHgiJ3@V%y6^xdZ^|$wthYb3>&+C=xJo}y zEA0@@I5tfW4EWRr8f$JO09JENpo+eu5jEcPE|}cw4B&DKLjCoVLz&nXeO$z>?Cdhd!oYF$%-A#mp>z1gMfNHb!=2+PUr53R&S{HtaLY) zM&EDg#~!Ye#)HqHx#=1%3zcTA{}VqN<&!&c-)K@Izd(X0k8oRw7GK5^$el%wf%cdg z9o;N_!?1(rTPT2eK}vqJ=8oL3Bffb{8})gywQf^mt}DqW@ut5h?+i+tiKO~7p?~T- zZt&EBtz4BRwRN+XYk*VisRsd2baRCUYdirc0e97z<({9_0e{U*>*}@14&J^+m`W3K zG{(p4jp! z!)L?lWJ)HK%NXKFf=_-~U~umclN&q~8bpTUV{np2t-BC-1Wz7q8;o~~w+8crnap4m zN78C4Hn>&ZDS?i^q4a9~rGT1crxu8&CPZyP;mO22)W#57uY?EZs-mK>MuE06Xb4ZS zKGLy~GZgh`vej*d>xj!yvX@wi5X>~EA-FW?!Q7c9teL`R(fM$z>pOjen&CZ6o z*119r_+E_fTI3(Dx7=l#-zeL%-o@DFO?_!a(Xz6l85y}mY=LZbjjcwhaw`t(bJ$q?jQs6YGfcOVdB4TY z@oE}Ul6)RGS0NuVsD3_R`v_AD({g{8yXc|X1vJ#U*g3O_0=m~7NL85NAD?>WiV2x{L>lu)(W~ZjHU5t)EBdG*A!Yx|_?T)uU03G9jo} z=GE$`Cj&L|6C~o^KOMx*`>UKqJz1clQOKBWGoo$wv)MDVP=I8yXB8H~i~D*MzBd@N zTn&FS72wMX&lhKM&?a!{u3_DJpE>?2ZBj4=J#UC5R8v*7_n2skTP+{?9 zhi{BS`r@mo{Pat>{)t|)IP~o6MA`1k8!RVBtakEv=$}=Xc&f^@24tK8fWphcSAsSg zh`VIP+72UJ&hmSeS6M1_`XRgp|J8PDLjyHqu#a7L#2? z#wTU`G1xbcV@qYm;y6Cu*Z|K#C019|NZo8eP#s^d)!)L)C85C$y`juf_f+{(uP!`_ zAfD*sZa6F;#oH&UH({^q(#YRrkxa<3`!R7Fg_lzb&URIK^`riLR$n;^(!tRz7BCqt z)d$0c!(=IFLh<@cC6m>*uOTWe|LW2dE?@Mz*T(C6V>{_RCgPGuQykO_o`{TxoQNT?S@Ap16pRbM=MN2LQWdRn zv^y=@#kqv_o2BYFO%HHVj*8Pkd6H}DtwXn6m%+9PHx>}MuyPwEjw!T2 zH6x_`<8P$<<|CcXJJz90|Lu_eVM(al?z!~#x0UfUT!5#R{(}Uw@T-)=l9EJy5cfD3 zc_7lLM|{0ct!|G93L99z%g$XCw@*`Xc(PA;^#x~}&6?XoQ0;vwC8-8aO!X&9Zuw6o zJw(mRT)Ve*Z9t>EiC@{%UfW$vRtz*98+Q8%>=G3gTlTS}*E8+yEycmfc(^&UrN9%b z0h~+wW^9kU@bE+RLy05PpbqM2FiO$^aW5S(NY3i~^xNm#sFp5@*YVtZqH#a6K=2MQ z>%{~czl5lAkY?Yo%c+Nb8G$m0^k+b&CNYWOD@!pt$Pr8g$5#5TJekBVfy9+4TmeB4 za$4q*=WD#2Z|(5|HwT;7B_;TCjIm__8$Wa)e#?>F9LFFjT9a$230nY~G0cAcG!K({ z)P}#_4^ed~DR=3;#YY~0@Ge!p_ygU2H4S;Kd+f&V*O`7iDdt8%A^I$3m17aXG6J+tcPAQ}`mr^op6oeA6Oytp|}n7T6wo-7Khw zQwA?;f2KP;Q>VJwVus{&&Sf*oO*NMvK$Q{>N<(ZuJw=&3A=6O0btaC@I1ZKT{vG8) zM|^mM$5>7FU()D_&>J%yY-dd##dDd4AI2Q^a$^r>t4m|ykLB_}TMLcaJ4eMT-Z@MVRuEDS?27q3F;U=l02bk+Bq3{U{&VfvP?gai>b^iw{PVU~33DbV5lxK> zVW*^%r>EybD?DcUM#vjwmi3Ei~Cf_Td<(Tj?Sz;lyuQ#{xcpH)#%x+Rcr+Z#biiiX?3=W>1~mCj82y zK-9Rv#nFOWXqQletZVNqG&HW6|=3OvdB4 zBN1;O(~fYvveMJYGaM9l#Aq@;EK>bf=-9UdZ|#&>I7- ze=oL*Eod^5^E)QToP6ABj%n*&$1f+KZc;NOWUjGFDjVzht1+Xog*%cdAWf>Z;vh`b zrBlS5>&A<%_hi;so{|`GsA5dOjCKl}_EB_r7vdp&{}kLDBuxsGAnIAKDFB)rW(gRs z%4{yS;=2M=Wq4E-Uh1f%Ti?M6+;*8v=`;bIcQJ$4hM-SmE+Q}a_OzZ+F#DB#Yn>qL zLa!Ux+uXB2W<2?$3AXAfnWo1Y`~x}o?tV0fU2#R>%ITjUC)J+c$KG@cJ1rfC6ve7B zxek6Mz9CW}Q$MUSpjMQR)CROd6nG*1|@b!Ro9^d%~icwlo!Pn=|= zM=*xXQ%(^YCTwqz6~E0Yrsk|V8^pUDR>L^7`d3z*rEN^LQVQ}b3*XL`z0o11v&1im zXx%W5sXC`noujDT*wc{;9;HLql9-LtSs%FmLIprE5`{j68IZE}*+k#!rwbw-_oLhp zoOaGOCv0jh_D?yaH1AWlOw=o(95GGi%__jw;Y0q+{_o?PahcN&mTHJ&2js>I>)N{7 z;jqst-=veBj>gl64pYFtOJyXTetZF~e_#H)$&h>m})B>skz2FBX_5J|}mhgZKXLapa;|M8$mWAmj$5=`+zbll7Yug|1st1U;?s>kVF^jS1acH+S@6 z`~ggsfFrqBlC{)flADy9)2>3{KFx@CPrB8|uaPNqW{-A7)2c zn_^lJ4*dDEU!)=0-Zdtk28mF1f9(*7R(Z>YqkZowK(;R_O~Q~n1U<|zH?&xCO|;=h z2>b#*(A!Pm!+vHhC{yF2%pQeEXe_$s85EDhfU>*z=Ao)egGe}gM*2=fLiydx)rXlk zCNRT_yA#R5V)2I*JGks$wG{cg{ZFRvV?XZI^?jjCR*q!}(P%9e(ZCww*{YHho&d!f zFKM4~<@FQ>LpsPq){+C^FmZKLe_YiT(xx`}eU9THQ2Z`f1cyhH#$!iTXh*BRF9%OW zt0}2s)$d|Pyt4we+b^`1-ZHAIDmhGO#(Y*I1h03PTHpmeTC*&&pG2$M04@%Ac~x>u zs=K66O1(}dT{` zCTNR{=RTRfIj~T(+hV18_D&t)23R24xp?7}{s#-d=YZnzn0aDxp);X}L0f2iOTGV6 z@vE0mK<0-yBg>MspX9(XRE1aZbpi3fp7XY~{kFA2&jI|JoqfnY-e$pzTwNMh7h>p) z=vrgpsE(@4U2~1`3HSnZL=H`#&%5(rQQ6jk3x8L7EoOv9OUF*zmYM?_rvv-!mLhm; zWGghqct{M>tAG+J?fRPYGa9rKb{4< zdgaY#2I#?B9jgz2_@kO2B=P!KjJUL~xDwtD7(F5MCF`aq3LPtoll&#k2_a@i@woSm zHdW^B4+M^u%iZ>&Au|5n*-!LR7ggBprK5U33}egEO5n^!z7NT3sJeu899()5jl-=HP{Q4ogVzku+g}7_(j!9`XYLDt9A@x$Hx_ zJkqE!DG-P>CwgUId% zTZ-(>&sTvO6AErdha8;Gm2kU7>7XW>479~eT8Uq)RX@aig6~x8?oXjsu#!yWZ}bbe zkTJfJ{hl-2zZ7hIrq{iDvB$EdhFiTM5X*J{)2mfwFOj3UBvl|T;3D`AO_RK~8UAuX z>FQpQ-HJl0L|1TY5%hEby6%dEsN4*YEOx3}1t%>gpW(;@|Sv64(Xsp%b5;F27$CH&s|X6JK=rJIioAK>a@fHWCikZ zbMd!qea5h1V|YF7F=J)}R^5m7KzcW(;PfUtNOHD=*_q~MO>`LjR)szMlc4dzI{qqxFyhzqqa){_Ycj;^N2=5l`>Yfmv{V%GE zCwE{jVu;>DSBH=`Z&_sPlZUbuIktgQAl*A6v;Go=*5;8>NRgcPaPVxg4LZs=37#p!#9x8+@(tYJ_qwKpn~pY|H3HO zv^y;@nE30uXm=tVr@ITi6Oc&)tY0ZNmNSO_w9!6X&VV@n6J+JeY^^@n2uW35}m8boUCI>fDaU{ z$k&7@Ng=AOf}@Z^^jp~@A5R{iT$#c4@C1MK z%@~kd@a^tw8w~Cucd$66bG@92Z3mv`jH7Xgj%Fj`9k@y%Rlg~}qB^g-0rX8xbRX(| zz+RawUQp#ds52qVC)PRZVyjPMU7iV%%i+q20S8n5uwIj+$76!noM%8!Fr>+?RdMAw zR--nW(weFwnlqh4Yi-$H`c!*;Sxs2RywQFzu}6uKM0_LZ=#tgEV%FyLrT(wKBx9Yc|@mfO$hz#!Betluz-(?_|s#?NNDA-Y!mZB2G(-u5M!H#7%on`})7yG-IIkADO2oivOx{@VF^IrU@C$zk zP8vs@eda`B6?9|{$9!|u&J^p~f>7t<^`QIhyh9Ode3Ni^E2Qmkx+|UDH~nMkWZ)50 zO~3T$SZpJ^9*xU5JX-F_fmuK;IDtKP8JMt3;5RJwMUHKSW)bbkHg@8O65A2wvMFqK zPB%A;^WnL<)#Ca)Z1#3C>F_Sj*KAY_)y2T7yI{;ul(_Ph1gwJ6u zSHwkY0*R1(lYbca=3*Z=OsZ-Y7VEO--j)7hOt3|b zkL`uLfxGDna z)WuOBE8hfq5HOo=;>n;6TgDW*!bx`eDOITaOL##qRJVauVD>PPYBi@j*7f`<>L4vBUD`!P5E!f2~KkAy2nx63t#=6B~at!1rjUQWY=zR6Wree2%T2{%Cdu=!LDqJm>s!ePE;%M&_N(PwtSFR8^I_{K5G?rlXVoVo57yd z-&%=*tQFu0-~gc>0s4&ktT^Ey#0=;S2ulGnGt)YQ2F*T9p*D52csa5EV4AeS{J)#S z{xD|yfVJ!ZVrQnO1Io%y>*_CUyTlsrYzEMsTvUQ3Iv}pJ59CZ?sStB1geA7h^m)1I z-=+>|e*7YWaUS!k;2He@!p`HHww9(gp*!8X2W{GRB>3}4P+&oW&4d%3 zDqVE>XU_7o-1kP!KU-xWKxlKx&1c#Fc|YHMx&(MRdd^&CmX{^9v~cNDB0&bCtWr33 zVvy1ij9lfY5H}?$H5y(l!KZa4$P)OvhAo23Tr-nHS_wx!#gXb4UbPVHru=d`!*<26 z#`IQbwac=`ga-{=V2>Zjm4niu z8ujWW>;6FytV+GNXVXvz@=W@_kRAkDEX3{m=e}a$xe$WVGD*dp1j!^*Wi%koSA1>^rX-4BC+lZ$}sfpE<%t5sVEfiqn8HVF08>UY2H7 zB-OPPCaPCMmBSYl%WmNNwjgQH~Y{Z>H)nHWYSRQViE zB>^Y{xjd4(^>`&qv$CiDF9_({R6u~Lg1MCy0>g496zIA9#DTDi3g{`lY~5e+VfwP^ z75joxR;^Ai5Rcv{mIVBuKJwr+zLZ-HjL{F$wf^^z(IJd3Y`@qcJ}1vW==yx!w<;Wn0%fRNasB0195?p z^2;TTO+}?oB?yGIQdT*ut#4}DxqrTTe%+cxfrYfsSH#~K>>*`fb75$3A!PfZ%PV%Y zofVFi)2kw5>Osgdb&?vVD+^I7{x!<7WIKQ6sMr5{)q*P=^zzOS`4gu^{siaI^RrTxt^OzwZ?ODp+@gl?zf87}dP{#*oyl>x0w~Bc)-p|dc@;K1#`@nN z@F*;#(80$2^D787y;_17e!mli5FAWy5S~7{+gv zF;|dqKKbEHwV2_IMe;T$3Jsnm8>(9+V4(1oY_(@$A3?%!Q=3706^LUp!=kx ztbe&Eq0C|R&(zf8eku_Yiv64m2LKO7v*Qt4IE45O3EGR0i+tRBp9Gfb4R2b7R3|4M zB}Y71tgk41Vx)}U=mKR0Fti|ZUMUj3ILd7P1KKj6{wt4iE4*8?Sm3&IK8^!RXn}wc zOXvm;gbPlBv^o66o=92i@w;PCE%-m7v$@wi%bgCCWU}w$NbR(HQ2HdEEI&z z)V!6!_hN+4pFg!K!_~XcL5i${%tVzcEHmgu1p#u3evK_N7$qe-Jw5$UzV;uh7 z(D=_?l>EbEL1Wm-<$6F|6V9JN!lkL$Q_37mK4;knzO+N4-{D>i6k3G%ob^>49$Fo` zv7l*nA&$VN+3Y9Z9d`O)l_ST91+T70p(ywdHvA!Cn!6v|H>D zksxj^Uv4$v4~tLjc;|eP%BOD&;;Qg@gyO2u^|x`t!N8}<7yluE zUdrF@wD^yiCIoxM_I2s%qd}r!c-dcDbP=GI<8Fs0QCj2|K{$N-@E0GOItuD#y@8Vjhh+g6@ZTVWc5m`8#JM%T zb1oUtVTrh0H~jt$6)nv8$z(CZu>Y_y6jh1KixT=@bO-m8uO0 z82K-py)!5ZV|6Hci8d_MUR8}yzD^4MnTamzk4s%n$vF4=<=_e=qxX157?+w^_huyr z7FMmnu6tW+UyxfVW57*iWTSG#)T$&_Z20edhdB2O=k(;(;Mij^J(YOUec_<|Xp6%@ zoZn@`mI)v-R-xUK5m^>{WDFY)t3&2=r8y!+m3zqRv`HG*CERneO?SVB%t6}M7SH>3 zD!O>4KRLKgT^}{>^LDNXkn?#@7)}% z**DRBdse+;6Eqx@iE;;u@7}X0-WF56EI$%SWn&4J5bBO(h{{!)EZVuBw+(Y9^9{0m zetem1j!~nIPkY)HX61c`)Ux%6IbfDdW46PO)_oW#i1vE!q-F1#>PFrd7?Ajrx#@a& zyfblmRI+h>y0*oD1!gzEth)r+G~tmf4((dx2P}VLcGlO^^=?CTWzmPB-e) zrMF_NSVug(IjFDPt?ycTy9>S+yZZplTCXKX4B58qqArY^YgN}0?-{94@A7ceSccsO zG6X6-?UC{uT~l$-etNl{5-bJ$lagbO=wOC%eG%gx!$ak4Pfi4-CoG>9V`5}qGg6KL z9(A?#$(FHoI%|u+yU7MRec*1T)Ek0EU0(3tdIi=0!V+XEe^2h%sWJR?k2F8GE;NOJ z;J%AHS?|N|v|+iq55TB>Y1pInI`zPj+`pbKntbNR&qtk&U8vfYN|DGUkT{eQoce~rpFXD${jX{5HH4C1l@OF0MWZ>i zSmf>1IwClCPTko4hFJB+73lD;(VzPEd3L^h_S`Mt;+^ie9@ z0nR&v;qWYE$5U~o?XqO*P2SIIN$A~xpCCmUXg~3@+x|?r4a|_^OXH?4ICXP?cUo}u zQ5kj>80igV7DfiK+%`0A+5O&v1!65vwZL>sI68iMsq-(oY-KP#p1SQITSnWgBTtWN zVl?$4?|Pdtl793g5A0$}JPFb^Ni&=Bi7i2Y@$6r zye;_Yh{~b){yaZ9H)tE)INCSj;Np|~Qs*gVMYJ1qDx>aU-#vIkzL;6TMV2Tnj>1Tc zuWj*hesufOY)1P{pqcw!+p-$XKMu|P7qOTgW+*!dys2j*1>CatW`=ko_gjh1FrHS* zb=l~oH`?itk!gO-wV6rSlCZHcYjY*U-O!XuLX-9&`kiNK^CpIquXj;F%D6q>!)miO z)GD)LG1d}%VwBeehs}6O9*Zuxr8(kxP9BIzLeSF85HlsgVW13%#m`{yPvliGpp1;{rL^l zpFiV%fq5=mPq(LN+&j>Hma$FGY*7B=n}oSQkSjhu2Al&pIIYX1Qm-3ph@$Csd+X!h znDNP8dCGjpTiD?K`qK)IjF4l~g`;|hf#GI)C1*Q2a5vF;QB5=np7KS(pM`d)XKbko!C>eoYQj|Otw`laY%z{C<+yM?a zX^)^@Fi;KIibAu?x=l8XmJiABjV?S?f{Z?T9p@rlIUJMX;THi85_d8Z3|2InuvqUr zY=Bqico{Kxx7iFfy3@Hjrcu`QlDv3JRYA)lv zB4+-45bTYk%P<`?#4}TQ>7$NEv&~lO_A2FOV-~vG>4@~u*@B%eOc*GbL7|`Qv+PX4 zF6y}1(HpLh)jVFugx6`{mHjrn?U)TRT*+MT{EcGwg|XCcrRh(R*E%h=lGx@O2v?kK zij!a5s21yOjkK^dLY32%<$93Fbm2j>2#CAU!Ij~u9crPzidqNJO=8roDhZF3&sBKw zzvb1V((@YCroP$}XjJYDAlOT%j%~-lQ@?p*us!#rXUfjcihdm|X62IIGOKfU9I~u3 z-qPV0LghI^Gh?|Rhfy!8))xzl_=%8qRV}!f9%VI3dQLU^7{L&P2BLuE@&x9w9_<9o z@-_c@su`$gZnzj?>5&ah(A(#wPd}ldL&_%GL1-$~cL59Owz z0THFB0=r{N<2{{1R^$=VceP;Sqv*a53d4h-qJL2shW$|b7lmPe0Z7*1<3;{&u{@@K z(+P(C__x-RG>Dey<7Eiq-~-(qDr&;Ni3d~vtrhtH_b*yWYXn7}a(rKQ2*YJSw>2&I z`SASwT-N$)+#4Al5(PVmB~e14km_FwhySOW-d#1PHyZ>dv5KN0n8kEi(kn%tFnvMz zXrtrb`bY(Vxmp(tWTddL`3`-4wl+^TvL%NilX#ZGUtSlF?;#(*e+~W= z07PZiPKZ>0G2&n+T5U<$KNu<1ZomQTL=I!8FY5hc#n4cYT#fT$)C(XO=t78p7HYON zys0b+4Vx;vSA%jzRsIrTe>Le24oi5i29)t2;T`Tu8I_I};0}dzx^^fBWpLi<)~Jrh zzNnw!*EZ4pJl=7WE%_o6B2=DWdUoaSRtFw`+3Mng1U3_--~?@TPrcBD``ZtLndgm| z)?BQglhg7H>M^>}VC29|LGSLqH-tiGuo)l>*ae;p<#2_rMlDicU(6|90Wd9)utX}5 zco#6`A8xF*RWJYKjMVDWcU8~d%<{;ZR_RLbk6Wr%+39=!4yV7VDqz66;? z9KV3rA^##{?B+zLrd?7;*wnkeD;8Y8AaVw67R(`CD~dbS$PrpBY1K zZCM)ZcQqDt6NWFXm0@fr^EH;)n0kGx+?}IOff8Z+U970>UU)m&HARzFd%SntFZRPY z?6&HF2%fC^3c9_d?zrM?MZL(R%SJVG$t7C%T0Q#h8nVMq#I*-0 zSHM>0b8NKV*KzRaZGQUrH1DqX(z<^WPRdI>+}O{v_7asJ!@%bKReL)rH7zI#A6lywZ9#A@=e3ZBW%7Lj)IjMN@Jp4D@GD2 zo~|S2&-brk&~T6j{jS?v;6%g0u7e~P`2Is&fC0RHYc3d z7nhfl%PpfG!+ohWx`Q&!{-=m^ofsf%>=XwVj5(7x6lQ3%($JU>yE%w-1Cn#NAVBJ= z_jcHky1Y16^x-utB5x$}I22AmyzB7ZDWW|Z)tPH(^|BD|$pbeH+hu7)GN`(&_Lv&k z*vz?;Iw>;rT?4uxGF;iMFb?$PXu*8^{5#aN)g9z?N7GNi#_YPJM)Yt?wKe-_nlP1K zc7k$|KW4_wsd1CUH1ZOI>o)9#iJfQFpuQgwi9J`(;v>I5DFfG)Js7l)FA;k@*kUM8 zjSCc<&-^nGY_KL9m=j?hB*E%8K}hUvXnPt$_eZ zL-O_H;%ZywTH#$AAr}^_?YPv3#O+!qDhj3N4kZ_Ks0z?kRTgfQ`&S2nVCdh%f$a1wtD&HV-4=Op*}&HTm$pB}s-OpWoK{-Pc!sWXy@473K1x-Ak} zN82EH${ENKy8X!d2<&mt&aSSm6zmZa?_ZDzvx&$*B2dUT0!&F=l0D0UprU zH{z!5f7TqObuqbGsTmSiMt;VXRR$>(wp?0dD4}xk_0aL&bzdyj=d;vI_g(+&+GBa9S%2Gz?V;3`wS3&}NC+5_bXV?zZTI(uN@m*gBK53pX>MU8xS= z+XKgYPnSG%Q;>l6GvR7NntJ;$MEwU7VUON!@n`jS4g{%AzNjsnSaj65$RJQokr^V( z4`RW69f9iw_q%zHx=*}JiS7O6KJ99m(>Zi7+d=T#qge0+6JvV1b9_xeVlQ3F-yHLE zGI$Gf21Ub0?KU)ph33Im((a4=mx&k(tm?m_;m(r=h4)Tp!!?WcZmxGw-zm`@O2aAQq~^1FP|V|_TN zYQS=1(X>9=U7+;HkPVWiF*5&Bn&Q=S?md;=7=y&#u_jo~r~3R%5tog#cDh1%bXyrB zeEM9!(1wc?{P+N-%?>1;P=Y3R7+BDkd+s4we@5X)+3zL>^`-|%E?#7u2h^Wj93E?! zIV#D-(toQj^)7sdGVm3UP6fJ)79f;i@)l|PhHkZcW10l=a`SNyi{_d_2jt!ZWzP6g zU@u;SjyvMiUpv@wxNWpg_&t=nO|ijpLYH1O676SugQkRQUh|V0-qgD}C-2~p?SKmH zd|ulZNp1!o5#f+DwqHa<)|m2W1FOGiq3LpqZQ&+*ad|aANZ<+KeIZ5Y3FzcNW4*QP z>*92O;;F8+CUla!=#nR8`^4SnzlFB;@)Qkrl4G-V57V=cC4G)uxf_$XxU?kV%6Te90`1DDcAysbdyx*mJJ5PUr`WkITF4F&^fjsqBAO+l|w852Kx562k5Jwz2QE1N1$TT{l=e05q{PJ& zelmN~i@Q~`d>mMdmL7d9g3wmE(somcv4<)z)9v|84>HW z|7Kz))!PhXT!Mt=AaUCG`%HVO_1h7A#0)#r&W6EVtGlr%4i(jE|4`cv7O$nN~7`{1NCnC-Sa=_bU_iI;@}~yC^coW~~P$?Vr4d`F>OcKX#mVJW{hB zc-17n;b}PhS(T12Z7%;>6I^2`H2UDvoJ*VDutW!eomjke^|7ObeVW238#xYJZ4P5o z!Cg{s4Lhym{+nY#9PbwY5hmST(wn}2Gwb%uus|$I@DyhsCnXyG$jF=dE%Pieef&(sb-k)JN3^ImgP{NkrVj>Yee@EoN)?E&i%?v5c(|BT$yWV&7Lx0WE+ zbBojqci>B<0P$X)VQx+6zi<*D3@wJKem1;F=hr8*zRi|6HoBV#P5Dpv5Q7%yb)?dp zOTnvm) z<9tIyL+8g$=A{S*qi&gPdp{eSnSD%uMM4BbAW{Vagyimc&bjM+ICtG|_wJ8b*;zBso|)%2|9P_ik)>;hohNnV6Fq-p zM^wIVU8ytc7UZKRQB=g%l}S!aG+b^6`$zN{8Ojxi)Wv2+2-uQ-IhwhY=oF8!kVv7; ztji&~J%4x_PVYwNfDyBz;pyJDVmLpZgI*9Mmc-j^K94=Wn)CPL_w|s6dHn-rgA4Pi zkPO7mj^tvci;=`cUMptL)FvK(;T!^?-b`WM(?aI<62OnljAk0|6FF>^O z$@r2FBV!(Y3!FvDgHDJ1DCpXX#qIv4lH4|^i?NB&X>nA_+u zk+ZLKqf|~ORFb$s6K}=a@A1z?`}P1`I?em1a#&eJWM#4)TZ!mjBK&Qc%1FEuwW3Y? zRPFBobFP~MMek#Gi%G*Zs`?6x@;h9)lrqf!n3T^@dtcYMP#Lx{{Lsy`*e!z1TR-eD z10Nqm)8j|?1=GL8BJZbJK;KhR{?E0b;6w8Gp@2A?jlmf|BV8OP&9y>)e|mUtfL-cxh1L-?;riH7*AsVFxS6 z_TY&(dnf|RWT_k?szvV`JE{H{O63~q0?eb^Y88M|21RlQG}^(I5%w?<+}6@M0uv9J zK3e=(JAOewfDLy!6h*g}&g7pR1p6{9e|~S&9|x!1jKzX7dslUj`$>?7^^mYl5|3}F zq3G=`* z0H2t@(_vpsMRR{Fp0r8=EjtNjn*IoG8)jlpN$`LEh==gnB~6_Crjl~(@j`Q9EdCiw z{Gm;D@VII{1=rH`$eLj$@5jay5sJB*fSFabGUo2Nysze}~|sd8nk_ zw5>(hwbN6Ho~{2P+Ii|rv5$HgvyLb@oA>N90fy=Jz@PTGaE%1=qIQ*ge}aCZOENzV zYq3jK1a3REN)Nn8m8T(Fc8L!)43)Tk{|#snRReejkY^uXzH*BtEGklSx!ig}!ghIX zISXY6Ljouzo4%_|MsTL3|COxfc`0PhES7i%S(KeaVSiR^dKWujA!Nu)g?|0U(A7jTH+|0wZ5-e!NyTCf=>VWUh@5sg8-U`wsB~n~5Dlq?a6_N4x;Uyh@x$L!6r%_y|h-sQ{QQ*rjp@?=d2R^Pc zoz3o*`QTNx0qeTcn{S&Uvtt)t(GB6Jh+#9lW#?cV6+|kh%GUz8TBY1Bf2}hK<)-s; znQeP3>yOZJ@MO*|=^S;-iuT3Us_~ex>LIWAT3!n=_9v>-hc(;}9#f(h2_nMU)YZm> ziC{DTmZVy2hISsrNMvqzc&@jOUZC&!CXy;fX46gQH;J-VZT`B;40@colTByaTM#oX zj8y{0DXrqPY+@iCt)m>ZcvRXb%zR_YZt|&~bxTa#HM_isD4%W3Nrd7Dp%F&n#yS=7 z^x#yalOd&C05N^B@vFxcc~<9vS2Za&Gn-t$<+zKMmg#JyTNu2tPXUF#HM`_GL7N`# zeiUx)oWL2=c6q;p2PyM=@#Aq)oWVXRkoOBn?irIs@e#ST=qKd()(O#69g{_?SWb1F zM-GdB)kdRFc6^y$=c~sJJrwn|uH(gunHZ^4I74NRPvAF4UF27Fesx!?8^x@#?K<^v zOPPsM``cJsJ=D?NYdg5kq9WXij-=n%=2Uf{wdyI;RtS##+7P^%vOgobtVGXx2qrb< zE@SJ>(0bole*WICS7)qI3xPRuqo(I27DW_;KEubefC0=7?;OPV!($?Q0-`K_;_Zb^ zOY|}OivFNd^(R~3$~8TXx%Qpq!4Ux@E1wuu}mn138X|HDt`|}iGQJyO$ zdbRdvx7wPh%q*?-4Xe(gK(sMd0(VeHW}N_|ow$omJ?gfqp6eLf5sMc^)~Zw%^to`D zs@)r*)D;sc_u@a#uv!TzP2XT+GPeo}1%m>sd)E4F;O$}zY+@-PkWyn%>8eCMy2| zCwqXcNic%mtQ*$C)<-dzgbF}@!b@_tf~K{-Y=f9&_KK!k^(JfMx=0;=)>OHW`PF*b zO!AWfbEFIljTA0G@w8WGZ zrhQ+92nKo(Os!aZ=sK(yHes-1pZQY&zY;*bvW|pP*gXTzDi?#QN1-Iws=)e!+RYq4 zV*?N^`G8{z+F-A$-$o{(O^k#?Bhgu@vZPOtr24^xYD{I6G^3E6%+rZ(zLfZAaxqmd zu>j={&#X+PJa#M?jeuA7o{(_ESrg{~pp@fvHVt#$C!;~7DNuy2DJ#FAqohOMGI|-s z)6o}*PU}pg`g@JJQvAx)OHW4Zm&({Fg+$qlGFKqvS^c`#klGe{-<8`raC;#ruc8y)jACahhiia8o*)1RT)SJp$ud-ych9ueDhzAAd1 zs^cbfdIS6dPUDF+lCRgp$iWYcVqbjc5+P$Z^fFX5oZKNDePW4ng|>uhaPGNcEdL1U zBC;QTYD4VYs@Y`w%uEkz%&#Z?VA?%|LdGb6824*5zg=KI&fw+%2MVf6nQ*4c2q(vz z?w|jp)%>OF=VQ`J4;33(Rd0ImGIfcm2#j6T2{Km;^EIelECWxBJrx;FS6O=aCD)9g zq}GIF&pn{2eAbK730~Ssbk<%dY68jE8r)ZN`P-bIVF8$&m1y)%}O!#&nfIGR}3UEtp&Bg$yPD3T-RY3@nFrdHW;SL)k?#I@Y|YG=~@M*zofEBf;=6?ZLgF z=wn&3_#*u#eVZ%8IlT`}d1g#pJLX_K43no540X)_)>n&io%<55OJ7rUx(c)btUu~8 zz}$aC_-C;JW@i^ox)b{9ddqjk`Ixw_8e5qo+lxy!Ng}0Yu8;?L_#}&{mLu6xck>l) zGhlT>QFkHd?zwX_b-((9%E8Vv41Bdq74}9-J z_!pqDB@ZJ<1cBSPp|T%t|1b9g;Do>aZ%I=KR5>a4dZtr zzM3Y;2s96tZb-+by%EZSzSrOypewG(ays(;gHY$AF-|l`ad@bp^#j{}SOipckWi+7 z>hp-bTI)_hIoYk8Fe( zbzpLYh*3I&vJ+=GLZCfT>b&fkB7gE?>uE%<%tgmsBWFCO7`NtltI%PHtMQ6@Z^B6Q zR4jUx+9G!CsELt=>Q#^(kZRUSvl3`xf=JK$H$2Skcnb4Ib_$t%8Y=|^@=>zf-t3Rg zGDnIyC5Vb@e8X~-Ru^|EvO@U(9f>+?v^0gd;wUPyo7a(`!SmSBXan>|J?HUu0qg1B z|Ex{FYRK)H4nJt30C7(`H1$spU+Oilv0b9S_1sN9Jf@GAKD**gCoNgC4+V63 z>d4*6kNU?Q77BsaeUBQH58c?j6{-VYR+n;I@}c-rSM+V9XZ>%isqc;{14bJGv2@5m zb#iaM0oXT%>fot0zBn>qHXMH^h?&1xv0ZIYbgJ$0;8PQ&1fRXT0r?kj z9Tu-e-mW=h(L2p)t10FPKu7UL3P&IcCyqmOkIe*o(MR`pP6_$MUHca_hj+PJWXO1#z<^t^NB*)id?Sj=z4Kv8c8i`$_s9;b4>n5O&pQ9hNC$58t^zz{Au^ly50C|_vFQKQs<^B@(J2f({x`iHyMU-&W)WQQ z`LoW6ELffjvKNZ zEhM#vYdv-+k=g&mACvlshjGn9DQ6|ACJq;(`okAOJ5U8^Tj#-y1ez%qPlH(}JkN8Y zI>oN-EW9v_ASnR>RGj%@=7m)8rl|*#|Mu(>9jAl4r(2M!IB3ZW6Y{*`hDd>b<{Bc9 z>&&K4^E85N{BCPXUkDekY#4_QeZA9MaXG5r_2yZ-$!6{QXSOmTIiKr37F`$TNl&^vg;HA6J zAB37VJHT+`A ze(Oh#>{Zrxj-?G@T@u!K0^?Kl%`AAzip5-Qx!-wru!vIFy2&WK_eRFYv?55zdmK zx8HLTiDFV6jr_SRF}PR*pVQp>^LM2@gs)CGxY||?QMW7}gIz$N8_xRL8h3zVlDLxd zgwLG($)#DseVku11HY%?&SYk~^UZ8zs%7q1wnK@X#=cOskoJaWbM%$9+SjWW+HMyy1P19nTB`@`W+%m zBstDnRBbjW$o+)@1xw{US}pDp?k#%vxn2xkF?I{mhyEy?2ALKRjlJY!h1f_6v)IQ* zN3Ok{?mB#DzLG_^*)Vl&)gY+#hmX>*r9>sN5acU^!dy%~go{5UyriCaAUPShJJFbn zMhYporR4Gut9j~4PQHa{p)kvObH6&&7noYI(njz)6s$$!SQ$G9E&)sa^xD5kO3<>c z0h*u70uNooG^n^&5WQNxn&#duU>oP$aSd@*DUKCy6&kTtOerxQqa+?H+=)Z78eAw4 z9d-ccFU|$FB;e8VgVlk9_*mhpOw3=?D+Be{ATnR3nwrv@v5Smx7V|?Y4t$WyB#|z@ z8&nw61R;$4Yuxby3)LF)dx<_qR#w%G0V*n|_A!l}F)rykA0|p-lbD7kezDx10l9>3 zW89SKUsxD!5hu3?<9L5vbrb1HfJ(tN0y>4FBMd{5sFD*@$#-V}@+=^fbFZe{=APHn zU*y!!vy3z9GP>XV-5U}Tw5-{#d`u$J(QVh;`n>GwamLu=DT4Qzr!LHV`j9>EHhZZh zg6rw#{6cmu_R1SZp{;?#GPWwS1(geY<974$z|m^@VH;z}@e!TJ%5R?1F&2Sl#hG*L zZ$$9e&yh(x7k!tRDhfek1JS|fBD1y%yW{Uf8jlY!VTXigH|q;$FBP$eO*iCUV^GUR z+uz(cV6Bc+``-xon%1@*IaQmbc*cg4OIA6Y^pOiwxGSh)9~rO<+JYBSlYqxd71`qL z1b{rA>L2pJlXLZ#T#MXwMul_oXCzH`r?o=aLN6{y1JQz=%tD@wS#apt`R>_T`7M*OBYOu%l`EQ#1FZ^pUV`?34KQ*cF@$ ziA^}q@qH`s^AN9^^_mkYpx3-iiO-?|Bs59Y#bet>v&;a1fA|a1{Qm-S|16#Bi#`+l zN0pr1OF-9BYQd{c0F4S6OW}89|KA0E{|Pto?fY-&eU0Oa=84eO_BuZSDz8BLIwsnU Inof!T1;HlwP5=M^ literal 0 HcmV?d00001 diff --git a/wiki/Tutorials/Sshuttle/index.md b/wiki/Tutorials/Sshuttle/index.md index c689c558..2471b546 100644 --- a/wiki/Tutorials/Sshuttle/index.md +++ b/wiki/Tutorials/Sshuttle/index.md @@ -58,6 +58,13 @@ sshuttle -r ubuntu@129.70.51.160 192.168.199.0/24 c : Connected to server. ``` +In some scenarios you may have to extend the command to explicitly define the private ssh-keypair: + +```bash +sshuttle -e "ssh -i ~/.ssh/os-bibi.key" -r ubuntu@129.70.51.160 192.168.199.0/24 +c : Connected to server. +``` + Afterwards, you can open a new terminal on your local client and directly access all instances in your private network. Don't close the session where the `sshuttle`-Process has been established. @@ -68,4 +75,8 @@ The components in the command explained: * `192.168.199.0/24` describes the private network in your OpenStack-Project on which `sshuttle` will react to and forward the traffic to the instance with the FloatingIP. If you a are struggling to find the definition of your private network, you can look it up -in the OpenStack Dashboard. \ No newline at end of file +in the OpenStack Dashboard: + +![privsubnet](images/privsubnet.png) + +In order to shut down the `sshuttle`-Process, switch back to the terminal where the session is running and press `Ctrl+c`. \ No newline at end of file From d439d1e13584f001a9f1e567492289913058931c Mon Sep 17 00:00:00 2001 From: Alex Walender Date: Tue, 28 Nov 2023 10:47:43 +0100 Subject: [PATCH 5/6] add ping example --- wiki/Tutorials/Sshuttle/index.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/wiki/Tutorials/Sshuttle/index.md b/wiki/Tutorials/Sshuttle/index.md index 2471b546..0121b98a 100644 --- a/wiki/Tutorials/Sshuttle/index.md +++ b/wiki/Tutorials/Sshuttle/index.md @@ -68,6 +68,14 @@ c : Connected to server. Afterwards, you can open a new terminal on your local client and directly access all instances in your private network. Don't close the session where the `sshuttle`-Process has been established. +```bash +[awalende@myLaptop ~]$ ping 192.169.199.52 +PING 192.169.199.52 (192.169.199.52) 56(84) Bytes of data. +64 Bytes from 192.169.199.52: icmp_seq=1 ttl=50 time=176 ms +64 Bytes from 192.169.199.52: icmp_seq=2 ttl=50 time=174 ms +64 Bytes from 192.169.199.52: icmp_seq=3 ttl=50 time=174 ms +``` + The components in the command explained: * `sshuttle -r` indicates to connect to a remote instance. From 809473b106891ebeb81ed5d544891f4bed7c4077 Mon Sep 17 00:00:00 2001 From: Christian Henke Date: Tue, 28 Nov 2023 11:24:08 +0100 Subject: [PATCH 6/6] proofreading --- wiki/Tutorials/Sshuttle/index.md | 45 ++++++++++++++++---------------- 1 file changed, 23 insertions(+), 22 deletions(-) diff --git a/wiki/Tutorials/Sshuttle/index.md b/wiki/Tutorials/Sshuttle/index.md index 0121b98a..153a01de 100644 --- a/wiki/Tutorials/Sshuttle/index.md +++ b/wiki/Tutorials/Sshuttle/index.md @@ -4,22 +4,22 @@ [Sshuttle](https://github.com/sshuttle/sshuttle) is a small application, which sets up a transparent proxy/VPN connection to a remote and private network. This can also -include a private network in an OpenStack-Project. -It enables a secure and direct way to access a private network from a local -client, like a laptop. +be a private network inside an OpenStack-Project. +It provides a secure and direct way to access a private network from a local +client, like e.g. a laptop. ## Requirements * Linux or Mac based System. Windows is currently not supported. * An OpenStack-Project -* One running instance, which holds a FloatingIP-Address -* SSH-Access to that instance +* One running instance, which has a Floating IP address associated to it +* SSH access to that instance ## Installing sshuttle There is support for various Linux distributions as well as Mac. The [project](https://github.com/sshuttle/sshuttle) includes installation -guides for all kind of systems. +guides for all kinds of systems. For Debian based systems: @@ -37,28 +37,29 @@ For Mac (via brew): ![sshuttle_overview](images/sshuttle.drawio.png) -In this example, `sshuttle` is connected to a single instance in the project -which holds an externally reachable FloatingIP. This instance acts as a +In this example, `sshuttle` is connected to a single instance of an OpenStack project +which holds a publicly reachable Floating IP. This instance acts as a forwarder. When the `sshuttle` tunnel is established, it intercepts all traffic designated -for the private network of an OpenStack-Project and sends it to the instance with a -FloatingIP. Afterwards, the request is finally forwarded to the target instance. +for the private network of the OpenStack project and sends it to the instance with a +Floating IP. Afterwards, the request is forwarded to the target instance within +the private network. -In effect, it seems like the local client is part of the private network. +The effect is, that the local client becomes part of the private network. The process of intercepting and forwarding traffic is hidden in the background. -This enables a secure way of interacting with all instances via a secure SSH-Tunnel, -therefore there is no need to open additional ports in a Security Group and expose -possible unsecure services onto the internet. +This enables a secure way of interacting with all instances via a secure SSH tunnel. +Therefore, there is no need to open additional ports in a Security Group and expose +possibly insecure services to the internet. -In this given example, the `sshuttle`-Tunnel is created on a local client (ex. Laptop): +In this example, the `sshuttle`-Tunnel is created on a local client (ex. Laptop): ```bash sshuttle -r ubuntu@129.70.51.160 192.168.199.0/24 c : Connected to server. ``` -In some scenarios you may have to extend the command to explicitly define the private ssh-keypair: +In some scenarios you may have to extend the command to select a specific private SSH key: ```bash sshuttle -e "ssh -i ~/.ssh/os-bibi.key" -r ubuntu@129.70.51.160 192.168.199.0/24 @@ -66,10 +67,10 @@ c : Connected to server. ``` Afterwards, you can open a new terminal on your local client and directly access all instances -in your private network. Don't close the session where the `sshuttle`-Process has been established. +in your private network. Don't close the session where the `sshuttle` process has been established. ```bash -[awalende@myLaptop ~]$ ping 192.169.199.52 +[johndoe@myLaptop ~]$ ping 192.169.199.52 PING 192.169.199.52 (192.169.199.52) 56(84) Bytes of data. 64 Bytes from 192.169.199.52: icmp_seq=1 ttl=50 time=176 ms 64 Bytes from 192.169.199.52: icmp_seq=2 ttl=50 time=174 ms @@ -80,11 +81,11 @@ The components in the command explained: * `sshuttle -r` indicates to connect to a remote instance. * `ubuntu@129.70.51.160` is the remote user followed by the FloatingIP address, similar to a regular SSH-Connection. -* `192.168.199.0/24` describes the private network in your OpenStack-Project on which `sshuttle` will react to and forward the traffic to the instance with the FloatingIP. +* `192.168.199.0/24` defines the private network in your OpenStack project for which `sshuttle` will forward traffic to the instance with the Floating IP. -If you a are struggling to find the definition of your private network, you can look it up -in the OpenStack Dashboard: +If you are struggling to find the definition of your private network, you can look it up +on the OpenStack Dashboard: ![privsubnet](images/privsubnet.png) -In order to shut down the `sshuttle`-Process, switch back to the terminal where the session is running and press `Ctrl+c`. \ No newline at end of file +In order to shut down the `sshuttle` process, switch back to the terminal where the session is running and press `Ctrl+c`.