From 7fd46d769340e8078fcb00266c01df7287d8865c Mon Sep 17 00:00:00 2001 From: SukkaW Date: Fri, 10 May 2019 18:42:06 +0800 Subject: [PATCH 1/6] refactor: remove chromecast --- docs/ui.md | 1 - docs/usage.md | 4 +++- koolclash/scripts/koolclash_control.sh | 27 ------------------------- koolclash/scripts/koolclash_firewall.sh | 3 +-- koolclash/webs/Module_koolclash.asp | 13 +----------- 5 files changed, 5 insertions(+), 43 deletions(-) diff --git a/docs/ui.md b/docs/ui.md index 86faf45..3492a0f 100755 --- a/docs/ui.md +++ b/docs/ui.md @@ -23,7 +23,6 @@ ![](/img/ui-3.png) - IP/CIDR 白名单:不通过 Clash 的 IP/CIDR 外网地址,一行一个 -- Chromecast 开关:是否劫持局域网内的 DNS 请求到 Clash - 默认主机设置:Clash 全局代理控制 diff --git a/docs/usage.md b/docs/usage.md index b86436b..c03d4a4 100755 --- a/docs/usage.md +++ b/docs/usage.md @@ -94,7 +94,9 @@ KoolClash 启动以后,你可以通过检查「Clash 运行状态」和「IP ?> KoolClash 的 IP/CIDR 白名单已经包含所有局域网 IP 段和保留 IP 段,无需在这里重复提交。 -### Chromecast +### ~~Chromecast~~ + +?> 从 KoolClash `0.17.0-beta` 版本开始,KoolClash 使用 Clash 的 Fake-IP,不再提供 Chromecast 功能。 启用 Chromecast 功能后,将会劫持使用 UDP 协议发往不位于当前 LAN 网段的 53 端口的所有请求、并转发给 Clash,最终返回 Clash 给出的解析结果(即劫持常规 DNS 解析)。 diff --git a/koolclash/scripts/koolclash_control.sh b/koolclash/scripts/koolclash_control.sh index 2da4bfb..3d0b316 100755 --- a/koolclash/scripts/koolclash_control.sh +++ b/koolclash/scripts/koolclash_control.sh @@ -139,11 +139,6 @@ flush_nat() { iptables -t nat -F koolclash >/dev/null 2>&1 && iptables -t nat -X koolclash >/dev/null 2>&1 iptables -t mangle -F koolclash >/dev/null 2>&1 && iptables -t mangle -X koolclash >/dev/null 2>&1 - echo_date "停用 Chromecast(劫持 DNS)功能" - # flush chromecast - chromecast_nu=$(iptables -t nat -L PREROUTING -v -n --line-numbers | grep "dpt:53" | awk '{print $1}') - iptables -t nat -D PREROUTING $chromecast_nu >/dev/null 2>&1 - #flush_ipset echo_date "删除 KoolClash 添加的 ipsets 名单" ipset -F koolclash_white >/dev/null 2>&1 && ipset -X koolclash_white >/dev/null 2>&1 @@ -182,27 +177,6 @@ add_white_black_ip() { } #-------------------------------------------------------------------------- -chromecast() { - chromecast_nu=$(iptables -t nat -L PREROUTING -v -n --line-numbers | grep "dpt:53" | awk '{print $1}') - is_right_lanip=$(iptables -t nat -L PREROUTING -v -n --line-numbers | grep "dpt:53" | grep "$lan_ip") - if [ $koolclash_firewall_chromecast == "true" ]; then - if [ -z "$chromecast_nu" ]; then - iptables -t nat -A PREROUTING -p udp -s $(get_lan_cidr) --dport 53 -j DNAT --to $lan_ip >/dev/null 2>&1 - echo_date '启用 Chromecast(劫持 DNS)' - else - if [ -z "$is_right_lanip" ]; then - echo_date '启用 Chromecast(劫持 DNS)' - iptables -t nat -D PREROUTING $chromecast_nu >/dev/null 2>&1 - iptables -t nat -A PREROUTING -p udp -s $(get_lan_cidr) --dport 53 -j DNAT --to $lan_ip >/dev/null 2>&1 - else - echo_date '检测到 DNS 劫持功能已经启用' - fi - fi - else - echo_date '不启用 Chromecast(劫持 DNS)功能' - fi -} - get_mode_name() { case "$1" in 0) @@ -334,7 +308,6 @@ load_nat() { creat_ipset add_white_black_ip apply_nat_rules - chromecast } start_koolclash() { diff --git a/koolclash/scripts/koolclash_firewall.sh b/koolclash/scripts/koolclash_firewall.sh index 8e8b0b6..93eb19d 100755 --- a/koolclash/scripts/koolclash_firewall.sh +++ b/koolclash/scripts/koolclash_firewall.sh @@ -10,8 +10,7 @@ wan_ip=$(ubus call network.interface.wan status | grep \"address\" | grep -oE '[ case $2 in white) - dbus set koolclash_firewall_chromecast=$3 - dbus set koolclash_firewall_whiteip_base64=$4 + dbus set koolclash_firewall_whiteip_base64=$3 http_response 'ok' ;; default) diff --git a/koolclash/webs/Module_koolclash.asp b/koolclash/webs/Module_koolclash.asp index 7613929..c809e5c 100755 --- a/koolclash/webs/Module_koolclash.asp +++ b/koolclash/webs/Module_koolclash.asp @@ -575,13 +575,6 @@ value: Base64.decode(window.dbus.koolclash_firewall_whiteip_base64 || '') || '', style: 'width: 80%; height: 150px;' }, - { - title: 'Chromecast 开关

强烈建议暂时不要使用!

', - name: 'koolclash-chromecast-switch', - prefix: '
', - type: 'checkbox', - style: `margin-top:16px;` - }, ]); $('#koolclash-acl-default-panel').forms([ @@ -644,8 +637,6 @@ $('#_koolclash-acl-default-port-user').hide(); } - document.getElementById('_koolclash-chromecast-switch').checked = (window.dbus.koolclash_firewall_chromecast === 'true') ? true : false; - $('.koolclash-nav-log').on('click', KoolClash.getLog); }, // 选择 Tab @@ -1327,7 +1318,6 @@ KoolClash 版本:${window.dbus.koolclash_version} Clash 核心版本:${data.clash_version} KoolClash 当前状态:${(window.dbus.koolclash_enable === '1') ? `Clash 进程正在运行` : `Clash 进程未在运行`} 用户指定 Clash 外部控制 Host:${(window.dbus.koolclash_api_host) ? koolclash_api_host : `未改动`} -Chromecast(劫持 DNS)是否启用:${window.dbus.koolclash_firewall_chromecast} IP 数据库是否存在:${data.ipdb_exists} -------------------------- Clash 进程信息 -------------------------- ${Base64.decode(data.clash_process)} @@ -1371,14 +1361,13 @@ ${Base64.decode(data.firewall_white_ip)} submitWhiteIP: () => { KoolClash.disableAllButton(); let data = Base64.encode(document.getElementById('_koolclash_firewall_white_ipset').value); - let chromecast = document.getElementById('_koolclash-chromecast-switch').checked; document.getElementById('koolclash-btn-submit-white-ip').innerHTML = `正在提交`; let id = parseInt(Math.random() * 100000000), postData = JSON.stringify({ id, "method": "koolclash_firewall.sh", - "params": ['white', `${chromecast}`, `${data}`], + "params": ['white', `${data}`], "fields": "" }); From 0e90030a2938472457b6c84b0893d4bd19fd6dd0 Mon Sep 17 00:00:00 2001 From: SukkaW Date: Sat, 11 May 2019 02:18:15 +0800 Subject: [PATCH 2/6] feat(fake-dns): add 198.19.0.0/24 as fake-dns --- koolclash/scripts/koolclash_control.sh | 12 ++++++++++++ koolclash/scripts/koolclash_debug.sh | 4 +++- koolclash/webs/Module_koolclash.asp | 6 ++++++ 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/koolclash/scripts/koolclash_control.sh b/koolclash/scripts/koolclash_control.sh index 3d0b316..b84dbd8 100755 --- a/koolclash/scripts/koolclash_control.sh +++ b/koolclash/scripts/koolclash_control.sh @@ -124,6 +124,8 @@ flush_nat() { iptables -t nat -D PREROUTING -p tcp -j koolclash >/dev/null 2>&1 iptables -t mangle -D PREROUTING -p tcp -j koolclash >/dev/null 2>&1 + iptables -t nat -D PREROUTING -p tcp -j koolclash_dns >/dev/null 2>&1 + iptables -t mangle -D PREROUTING -p tcp -j koolclash_dns >/dev/null 2>&1 nat_indexs=$(iptables -nvL PREROUTING -t nat | sed 1,2d | sed -n '/clash/=' | sort -r) for nat_index in $nat_indexs; do @@ -138,6 +140,8 @@ flush_nat() { # flush iptables rules iptables -t nat -F koolclash >/dev/null 2>&1 && iptables -t nat -X koolclash >/dev/null 2>&1 iptables -t mangle -F koolclash >/dev/null 2>&1 && iptables -t mangle -X koolclash >/dev/null 2>&1 + iptables -t nat -F koolclash_dns >/dev/null 2>&1 && iptables -t nat -X koolclash_dns >/dev/null 2>&1 + iptables -t mangle -F koolclash_dns >/dev/null 2>&1 && iptables -t mangle -X koolclash_dns >/dev/null 2>&1 #flush_ipset echo_date "删除 KoolClash 添加的 ipsets 名单" @@ -289,7 +293,11 @@ apply_nat_rules() { # iptables -t nat -A koolclash -j $(get_action_chain $ss_acl_default_mode) iptables -t nat -N koolclash + iptables -t nat -N koolclash_dns iptables -t nat -A PREROUTING -p tcp -j koolclash + iptables -t nat -A PREROUTING -p tcp -j koolclash_dns + iptables -t nat -A PREROUTING -p udp -j koolclash_dns + # IP Whitelist # 包括路由器本机 IP @@ -297,6 +305,10 @@ apply_nat_rules() { # Free 22 SSH iptables -t nat -A koolclash -p tcp --dport 22 -j ACCEPT #iptables -t nat -A koolclash -p tcp -m set --match-set koolclash_black dst -j REDIRECT --to-ports 23456 + + iptables -t nat -A koolclash_dns -p udp --dport 53 -d 198.19.0.0/24 -j DNAT --to-destination $lan_ip:23453 + iptables -t nat -A koolclash_dns -p tcp --dport 53 -d 198.19.0.0/24 -j DNAT --to-destination $lan_ip:23453 + # Redirect all tcp traffic to 23456 lan_access_control } diff --git a/koolclash/scripts/koolclash_debug.sh b/koolclash/scripts/koolclash_debug.sh index 6994581..ac79c0e 100755 --- a/koolclash/scripts/koolclash_debug.sh +++ b/koolclash/scripts/koolclash_debug.sh @@ -50,6 +50,8 @@ iptables_mangle=$(iptables -nvL PREROUTING -t mangle | sed 1,2d | grep 'clash' | iptables_nat=$(iptables -nvL PREROUTING -t nat | sed 1,2d | grep 'clash' | base64 | base64 | xargs) iptables_mangle_clash=$(iptables -nvL koolclash -t mangle | sed 1,2d | base64 | base64 | xargs) iptables_nat_clash=$(iptables -nvL koolclash -t nat | sed 1,2d | base64 | base64 | xargs) +iptables_mangle_clash_dns=$(iptables -nvL koolclash_dns -t mangle | sed 1,2d | base64 | base64 | xargs) +iptables_nat_clash_dns=$(iptables -nvL koolclash_dns -t nat | sed 1,2d | base64 | base64 | xargs) white_ip=$(ipset list koolclash_white | base64 | xargs) @@ -57,4 +59,4 @@ chromecast_nu=$(iptables -t nat -L PREROUTING -v -n --line-numbers | grep "dpt:5 clash_process=$(ps | grep clash | grep -v grep | base64 | xargs) -http_response "{ \\\"lan_ip\\\": \\\"${lan_ip}\\\", \\\"koolshare_version\\\": \\\"$koolshare_version\\\", \\\"origin_exists\\\": \\\"$origin_exists\\\", \\\"config_exists\\\": \\\"$config_exists\\\", \\\"clash_allow_lan\\\": \\\"$clash_allow_lan\\\", \\\"clash_ext_controller\\\": \\\"$clash_ext_controller\\\", \\\"clash_dns_enable\\\": \\\"$clash_dns_enable\\\", \\\"clash_dns_ipv6\\\": \\\"$clash_dns_ipv6\\\", \\\"clash_dns_mode\\\": \\\"$clash_dns_mode\\\", \\\"clash_dns_listen\\\": \\\"$clash_dns_listen\\\", \\\"fallbackdns\\\": \\\"$fallbackdns\\\", \\\"iptables_mangle\\\": \\\"$iptables_mangle\\\", \\\"iptables_nat\\\": \\\"$iptables_nat\\\", \\\"iptables_mangle_clash\\\": \\\"$iptables_mangle_clash\\\", \\\"iptables_nat_clash\\\": \\\"$iptables_nat_clash\\\", \\\"clash_redir\\\": \\\"$clash_redir\\\", \\\"firewall_white_ip\\\": \\\"$white_ip\\\", \\\"chromecast_nu\\\": \\\"$chromecast_nu\\\", \\\"clash_process\\\": \\\"$clash_process\\\", \\\"clash_version\\\": \\\"$clash_version\\\", \\\"ipdb_exists\\\": \\\"$ipdb_exists\\\"}" +http_response "{ \\\"lan_ip\\\": \\\"${lan_ip}\\\", \\\"koolshare_version\\\": \\\"$koolshare_version\\\", \\\"origin_exists\\\": \\\"$origin_exists\\\", \\\"config_exists\\\": \\\"$config_exists\\\", \\\"clash_allow_lan\\\": \\\"$clash_allow_lan\\\", \\\"clash_ext_controller\\\": \\\"$clash_ext_controller\\\", \\\"clash_dns_enable\\\": \\\"$clash_dns_enable\\\", \\\"clash_dns_ipv6\\\": \\\"$clash_dns_ipv6\\\", \\\"clash_dns_mode\\\": \\\"$clash_dns_mode\\\", \\\"clash_dns_listen\\\": \\\"$clash_dns_listen\\\", \\\"fallbackdns\\\": \\\"$fallbackdns\\\", \\\"iptables_mangle\\\": \\\"$iptables_mangle\\\", \\\"iptables_nat\\\": \\\"$iptables_nat\\\", \\\"iptables_mangle_clash\\\": \\\"$iptables_mangle_clash\\\", \\\"iptables_nat_clash\\\": \\\"$iptables_nat_clash\\\", \\\"iptables_mangle_clash_dns\\\": \\\"$iptables_mangle_clash_dns\\\", \\\"iptables_nat_clash_dns\\\": \\\"$iptables_nat_clash_dns\\\", \\\"clash_redir\\\": \\\"$clash_redir\\\", \\\"firewall_white_ip\\\": \\\"$white_ip\\\", \\\"chromecast_nu\\\": \\\"$chromecast_nu\\\", \\\"clash_process\\\": \\\"$clash_process\\\", \\\"clash_version\\\": \\\"$clash_version\\\", \\\"ipdb_exists\\\": \\\"$ipdb_exists\\\"}" diff --git a/koolclash/webs/Module_koolclash.asp b/koolclash/webs/Module_koolclash.asp index c809e5c..6ab63c1 100755 --- a/koolclash/webs/Module_koolclash.asp +++ b/koolclash/webs/Module_koolclash.asp @@ -1348,6 +1348,12 @@ ${Base64.decode(Base64.decode(data.iptables_mangle_clash))} * iptables nat 中 koolclash 链 ${Base64.decode(Base64.decode(data.iptables_nat_clash))} +* iptables mangle 中 koolclash_dns 链 +${Base64.decode(Base64.decode(data.iptables_mangle_clash_dns))} + + * iptables nat 中 koolclash_dns 链 +${Base64.decode(Base64.decode(data.iptables_nat_clash_dns))} + * iptables nat 中 Chromecast 相关条目 ${Base64.decode(data.chromecast_nu)} ---------------------- ipset 白名单 IP 列表 ------------------------ From aaee74c32a2b32299739efec37ce3f4297af1c07 Mon Sep 17 00:00:00 2001 From: SukkaW Date: Sat, 11 May 2019 13:31:19 +0800 Subject: [PATCH 3/6] feat(fake-ip): replace redir-host --- docs/usage.md | 5 +++-- koolclash/scripts/koolclash_control.sh | 8 +++---- koolclash/scripts/koolclash_save_config.sh | 25 +++++++++++++++++----- koolclash/scripts/koolclash_status.sh | 2 +- koolclash/scripts/koolclash_sub.sh | 24 +++++++++++++++++---- koolclash/webs/Module_koolclash.asp | 2 +- 6 files changed, 49 insertions(+), 17 deletions(-) diff --git a/docs/usage.md b/docs/usage.md index c03d4a4..134f459 100755 --- a/docs/usage.md +++ b/docs/usage.md @@ -24,7 +24,8 @@ KoolClash 也已经支持自动从托管配置自动下载更新 Clash 配置文 > 「合法的 DNS 配置」包括 > - `dns.enable = true` -> - `dns.enhanced-mode = redir-host` +> - `dns.enhanced-mode = redir-host`(KoolClash 0.16.2 及其之前的版本) +> - `dns.enhanced-mode = fake-ip`(KoolClash 0.16.2 之后的版本) 以下是一个推荐的 自定义 DNS 配置 的示范: @@ -32,7 +33,7 @@ KoolClash 也已经支持自动从托管配置自动下载更新 Clash 配置文 dns: enable: true listen: 0.0.0.0:53 - enhanced-mode: redir-host + enhanced-mode: fake-ip nameserver: - 119.29.29.29 - 119.28.28.28 diff --git a/koolclash/scripts/koolclash_control.sh b/koolclash/scripts/koolclash_control.sh index b84dbd8..8e5c085 100755 --- a/koolclash/scripts/koolclash_control.sh +++ b/koolclash/scripts/koolclash_control.sh @@ -383,7 +383,7 @@ start) stop_koolclash echo "XU6J03M6" else - if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [ $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'redir-host' ]; then + if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [ $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'fake-ip' ]; then echo_date "KoolClash 执行开机自动启动" start_koolclash echo "XU6J03M6" @@ -409,7 +409,7 @@ start_after_install) echo_date "没有找到 Clash 的配置文件,中断启动并回滚操作!" stop_koolclash else - if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [ $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'redir-host' ]; then + if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [ $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'fake-ip' ]; then start_koolclash else echo_date "没有找到 DNS 配置或 DNS 配置不合法,中断启动并回滚操作!" @@ -425,7 +425,7 @@ start_after_install) stop_koolclash echo "XU6J03M6" else - if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [ $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'redir-host' ]; then + if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [ $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'fake-ip' ]; then echo_date "KoolClash 执行开机自动启动" start_koolclash echo "XU6J03M6" @@ -455,7 +455,7 @@ start) echo_date ------------------ 请不要关闭或者刷新页面!倒计时结束时会自动刷新! ------------------ >>/tmp/upload/koolclash_log.txt echo "XU6J03M6" >>/tmp/upload/koolclash_log.txt else - if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [ $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'redir-host' ]; then + if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [ $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'fake-ip' ]; then http_response 'success' start_koolclash >/tmp/upload/koolclash_log.txt echo_date ------------------ 请不要关闭或者刷新页面!倒计时结束时会自动刷新! ------------------ >>/tmp/upload/koolclash_log.txt diff --git a/koolclash/scripts/koolclash_save_config.sh b/koolclash/scripts/koolclash_save_config.sh index 7d86d51..5e6e315 100755 --- a/koolclash/scripts/koolclash_save_config.sh +++ b/koolclash/scripts/koolclash_save_config.sh @@ -45,8 +45,23 @@ yq w -i $KSROOT/koolclash/config/origin.yml external-controller "$ext_control_ip cp $KSROOT/koolclash/config/origin.yml $KSROOT/koolclash/config/config.yml -# 判断是否存在 DNS 字段、DNS 是否启用、DNS 是否使用 redir-host 模式 -if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [ $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'redir-host' ]; then +#--------------------------------------------------------------------- +# 强制覆盖 DNS、Fake-IP 的设置 + +overwrite_dns_config() { + # 确保启用 DNS + yq w -i $KSROOT/koolclash/config/config.yml dns.enable "true" + # 修改端口 + yq w -i $KSROOT/koolclash/config/config.yml dns.listen "0.0.0.0:23453" + # 修改模式 + yq w -i $KSROOT/koolclash/config/config.yml dns.enhanced-mode "fake-ip" + # Fake IP Range + yq w -i $KSROOT/koolclash/config/config.yml dns.fake-ip-range "198.18.0.1/16" +} +#--------------------------------------------------------------------- + +# 判断是否存在 DNS 字段、DNS 是否启用、DNS 是否使用 redir-host / fake-ip 模式 +if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [[ $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'fake-ip' || $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'redir-host' ]]; then if [ "$koolclash_dnsmode" == "2" ] && [ -n "$fallbackdns" ]; then # dnsmode 是 2 应该用自定义 DNS 配置进行覆盖 echo_date "删除 Clash 配置文件中原有的 DNS 配置" @@ -55,6 +70,7 @@ if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [ $(y echo_date "将提交的自定义 DNS 设置覆盖 Clash 配置文件..." # 将后备 DNS 配置以覆盖的方式与 config.yml 合并 yq m -x -i $KSROOT/koolclash/config/config.yml $KSROOT/koolclash/config/dns.yml + dbus set koolclash_dnsmode=2 else # 可能 dnsmode 是 2 但是没有自定义 DNS 配置;或者本来之前就是 1 @@ -62,7 +78,7 @@ if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [ $(y fi # 先将 Clash DNS 设置监听 53,以后作为 dnsmasq 的上游以后需要改变端口 - yq w -i $KSROOT/koolclash/config/config.yml dns.listen "0.0.0.0:23453" + overwrite_dns_config echo_date "Clash 配置文件上传成功!" http_response 'success' else @@ -81,8 +97,7 @@ else yq d -i $KSROOT/koolclash/config/config.yml dns yq m -x -i $KSROOT/koolclash/config/config.yml $KSROOT/koolclash/config/dns.yml - # 先将 Clash DNS 设置监听 53,以后作为 dnsmasq 的上游以后需要改变端口 - yq w -i $KSROOT/koolclash/config/config.yml dns.listen "0.0.0.0:23453" + overwrite_dns_config echo_date "Clash 配置文件上传成功!" http_response 'success' diff --git a/koolclash/scripts/koolclash_status.sh b/koolclash/scripts/koolclash_status.sh index bad7a94..a90c4b7 100755 --- a/koolclash/scripts/koolclash_status.sh +++ b/koolclash/scripts/koolclash_status.sh @@ -28,7 +28,7 @@ if [ ! -f $KSROOT/koolclash/config/config.yml ]; then elif [ $koolclash_dnsmode = 2 ]; then # Clash 配置文件存在且 DNS 配置合法,但是用户选择了自定义 DNS 配置,显示 DNS 配置输入,dnsmode 为 2 dnsmode=2 -elif [ $(yq r $KSROOT/koolclash/config/origin.yml dns.enable) == 'true' ] && [ $(yq r $KSROOT/koolclash/config/origin.yml dns.enhanced-mode) == 'redir-host' ]; then +elif [ $(yq r $KSROOT/koolclash/config/origin.yml dns.enable) == 'true' ] && [ $(yq r $KSROOT/koolclash/config/origin.yml dns.enhanced-mode) == 'fake-ip' ]; then # Clash 配置文件存在且 DNS 配置合法,不显示 DNS 配置输入,dnsmode 为 1 dbus set koolclash_dnsmode=1 dnsmode=1 diff --git a/koolclash/scripts/koolclash_sub.sh b/koolclash/scripts/koolclash_sub.sh index f175119..626f6bd 100755 --- a/koolclash/scripts/koolclash_sub.sh +++ b/koolclash/scripts/koolclash_sub.sh @@ -18,6 +18,22 @@ else ext_control_ip=$koolclash_api_host fi +#--------------------------------------------------------------------- +# 强制覆盖 DNS、Fake-IP 的设置 + +overwrite_dns_config() { + # 确保启用 DNS + yq w -i $KSROOT/koolclash/config/config.yml dns.enable "true" + # 修改端口 + yq w -i $KSROOT/koolclash/config/config.yml dns.listen "0.0.0.0:23453" + # 修改模式 + yq w -i $KSROOT/koolclash/config/config.yml dns.enhanced-mode "fake-ip" + # Fake IP Range + yq w -i $KSROOT/koolclash/config/config.yml dns.fake-ip-range "198.18.0.1/16" +} +#--------------------------------------------------------------------- + + case $2 in del) dbus remove koolclash_suburl @@ -60,8 +76,8 @@ update) cp $KSROOT/koolclash/config/origin.yml $KSROOT/koolclash/config/config.yml - # 判断是否存在 DNS 字段、DNS 是否启用、DNS 是否使用 redir-host 模式 - if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [ $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'redir-host' ]; then + # 判断是否存在 DNS 字段、DNS 是否启用、DNS 是否使用 redir-host / fake-ip 模式 + if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [[ $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'fake-ip' || $(yq r $KSROOT/koolclash/config/config.yml dns.enhanced-mode) == 'redir-host' ]]; then if [ "$koolclash_dnsmode" == "2" ] && [ -n "$fallbackdns" ]; then # dnsmode 是 2 应该用自定义 DNS 配置进行覆盖 echo_date "删除 Clash 配置文件中原有的 DNS 配置" @@ -77,7 +93,7 @@ update) fi # 先将 Clash DNS 设置监听 53,以后作为 dnsmasq 的上游以后需要改变端口 - yq w -i $KSROOT/koolclash/config/config.yml dns.listen "0.0.0.0:23453" + overwrite_dns_config echo_date "Clash 配置文件上传成功!" http_response 'success' else @@ -97,7 +113,7 @@ update) yq m -x -i $KSROOT/koolclash/config/config.yml $KSROOT/koolclash/config/dns.yml # 先将 Clash DNS 设置监听 53,以后作为 dnsmasq 的上游以后需要改变端口 - yq w -i $KSROOT/koolclash/config/config.yml dns.listen "0.0.0.0:23453" + overwrite_dns_config echo_date "Clash 配置文件上传成功!" http_response 'success' diff --git a/koolclash/webs/Module_koolclash.asp b/koolclash/webs/Module_koolclash.asp index 6ab63c1..863b8b2 100755 --- a/koolclash/webs/Module_koolclash.asp +++ b/koolclash/webs/Module_koolclash.asp @@ -686,7 +686,7 @@ dns: enable: true ipv6: false listen: 0.0.0.0:53 - enhanced-mode: redir-host + enhanced-mode: fake-ip nameserver: - 119.28.28.28 - 119.29.29.29 From dce7e414841424ca98610100af46dccde09a990e Mon Sep 17 00:00:00 2001 From: SukkaW Date: Sat, 11 May 2019 13:38:01 +0800 Subject: [PATCH 4/6] refactor(dnsmasq): remove dnsmasq forward --- koolclash/scripts/koolclash_control.sh | 60 +++++++++---------- koolclash/scripts/koolclash_save_config.sh | 1 - .../scripts/koolclash_save_dns_config.sh | 34 +++++++---- koolclash/scripts/koolclash_sub.sh | 4 +- 4 files changed, 56 insertions(+), 43 deletions(-) diff --git a/koolclash/scripts/koolclash_control.sh b/koolclash/scripts/koolclash_control.sh index 8e5c085..8933336 100755 --- a/koolclash/scripts/koolclash_control.sh +++ b/koolclash/scripts/koolclash_control.sh @@ -20,15 +20,15 @@ get_lan_cidr() { } #-------------------------------------------------------------------------- -restore_dnsmasq_conf() { - echo_date "删除 KoolClash 的 dnsmasq 配置..." - rm -rf /tmp/dnsmasq.d/koolclash.conf - - echo_date "还原 DHCP/DNS 中 resolvfile 配置..." - uci set dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.auto - uci set dhcp.@dnsmasq[0].noresolv=0 - uci commit dhcp -} +#restore_dnsmasq_conf() { +# echo_date "删除 KoolClash 的 dnsmasq 配置..." +# rm -rf /tmp/dnsmasq.d/koolclash.conf +# +# echo_date "还原 DHCP/DNS 中 resolvfile 配置..." +# uci set dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.auto +# uci set dhcp.@dnsmasq[0].noresolv=0 +# uci commit dhcp +#} restore_start_file() { echo_date "删除 KoolClash 的防火墙配置" @@ -54,23 +54,23 @@ kill_process() { #fi } -create_dnsmasq_conf() { - echo_date "删除 DHCP/DNS 中 resolvfile 和 cachesize 配置" - dhcp_server=$(uci get dhcp.@dnsmasq[0].server 2>/dev/null) - if [ $dhcp_server ]; then - uci delete dhcp.@dnsmasq[0].server >/dev/null 2>&1 - fi - uci delete dhcp.@dnsmasq[0].resolvfile - uci delete dhcp.@dnsmasq[0].cachesize - uci set dhcp.@dnsmasq[0].noresolv=1 - uci commit dhcp - - touch /tmp/dnsmasq.d/koolclash.conf - echo_date "修改 dnsmasq 配置使 dnsmasq 将所有的 DNS 请求转发给 Clash" - echo "no-resolv" >>/tmp/dnsmasq.d/koolclash.conf - echo "server=127.0.0.1#23453" >>/tmp/dnsmasq.d/koolclash.conf - echo "cache-size=0" >>/tmp/dnsmasq.d/koolclash.conf -} +#create_dnsmasq_conf() { +# echo_date "删除 DHCP/DNS 中 resolvfile 和 cachesize 配置" +# dhcp_server=$(uci get dhcp.@dnsmasq[0].server 2>/dev/null) +# if [ $dhcp_server ]; then +# uci delete dhcp.@dnsmasq[0].server >/dev/null 2>&1 +# fi +# uci delete dhcp.@dnsmasq[0].resolvfile +# uci delete dhcp.@dnsmasq[0].cachesize +# uci set dhcp.@dnsmasq[0].noresolv=1 +# uci commit dhcp +# +# touch /tmp/dnsmasq.d/koolclash.conf +# echo_date "修改 dnsmasq 配置使 dnsmasq 将所有的 DNS 请求转发给 Clash" +# echo "no-resolv" >>/tmp/dnsmasq.d/koolclash.conf +# echo "server=127.0.0.1#23453" >>/tmp/dnsmasq.d/koolclash.conf +# echo "cache-size=0" >>/tmp/dnsmasq.d/koolclash.conf +#} restart_dnsmasq() { # Restart dnsmasq @@ -329,12 +329,12 @@ start_koolclash() { [ -n "$ONSTART" ] && echo_date 路由器开机触发 KoolClash 启动! || echo_date web 提交操作触发 KoolClash 启动! echo_date --------------------------------------------------------------------------------- # stop first - restore_dnsmasq_conf + # restore_dnsmasq_conf flush_nat restore_start_file kill_process echo_date --------------------------------------------------------------------------------- - create_dnsmasq_conf + # create_dnsmasq_conf auto_start start_clash_process @@ -345,7 +345,7 @@ start_koolclash() { echo_date '【即将关闭 KoolClash 并还原所有操作】' echo_date ------------------------------- KoolClash 启动中断 ------------------------------- sleep 2 - restore_dnsmasq_conf + # restore_dnsmasq_conf restart_dnsmasq flush_nat restore_start_file @@ -365,7 +365,7 @@ start_koolclash() { stop_koolclash() { echo_date --------------------- KoolClash: Clash on Koolshare OpenWrt --------------------- - restore_dnsmasq_conf + # restore_dnsmasq_conf restart_dnsmasq flush_nat restore_start_file diff --git a/koolclash/scripts/koolclash_save_config.sh b/koolclash/scripts/koolclash_save_config.sh index 5e6e315..c5eb0d6 100755 --- a/koolclash/scripts/koolclash_save_config.sh +++ b/koolclash/scripts/koolclash_save_config.sh @@ -77,7 +77,6 @@ if [ $(yq r $KSROOT/koolclash/config/config.yml dns.enable) == 'true' ] && [[ $( dbus set koolclash_dnsmode=1 fi - # 先将 Clash DNS 设置监听 53,以后作为 dnsmasq 的上游以后需要改变端口 overwrite_dns_config echo_date "Clash 配置文件上传成功!" http_response 'success' diff --git a/koolclash/scripts/koolclash_save_dns_config.sh b/koolclash/scripts/koolclash_save_dns_config.sh index 3aa420f..68d241b 100755 --- a/koolclash/scripts/koolclash_save_dns_config.sh +++ b/koolclash/scripts/koolclash_save_dns_config.sh @@ -5,6 +5,21 @@ source $KSROOT/scripts/base.sh alias echo_date='echo 【$(date +%Y年%m月%d日\ %X)】:' eval $(dbus export koolclash_) +#--------------------------------------------------------------------- +# 强制覆盖 DNS、Fake-IP 的设置 + +overwrite_dns_config() { + # 确保启用 DNS + yq w -i $KSROOT/koolclash/config/config.yml dns.enable "true" + # 修改端口 + yq w -i $KSROOT/koolclash/config/config.yml dns.listen "0.0.0.0:23453" + # 修改模式 + yq w -i $KSROOT/koolclash/config/config.yml dns.enhanced-mode "fake-ip" + # Fake IP Range + yq w -i $KSROOT/koolclash/config/config.yml dns.fake-ip-range "198.18.0.1/16" +} +#--------------------------------------------------------------------- + touch $KSROOT/koolclash/config/dns.yml echo $2 | base64 -d | tee $KSROOT/koolclash/config/dns.yml @@ -29,8 +44,7 @@ if [ "$koolclash_dnsmode" == "1" ] && [ "$3" == "1" ]; then # 将后备 DNS 配置以覆盖的方式与 config.yml 合并 yq m -x -i $KSROOT/koolclash/config/config.yml $KSROOT/koolclash/config/dns.yml - # 先将 Clash DNS 设置监听 23453,以后作为 dnsmasq 的上游以后需要改变端口 - yq w -i $KSROOT/koolclash/config/config.yml dns.listen 0.0.0.0:23453 + overwrite_dns_config # 强制生效 DNS 配置,修改 dnsmode 为 2 dbus set koolclash_dnsmode=2 echo_date "后备 DNS 设置提交成功!" @@ -41,7 +55,7 @@ elif [ "$koolclash_dnsmode" == "2" ] && [ "$3" == "0" ]; then # 但是取消勾选了 DNS 配置文件的勾,是想要还原原始 Clash 配置文件 rm -rf $KSROOT/koolclash/config/config.yml cp $KSROOT/koolclash/config/origin.yml $KSROOT/koolclash/config/config.yml - yq w -i $KSROOT/koolclash/config/config.yml dns.listen 0.0.0.0:23453 + overwrite_dns_config dbus set koolclash_dnsmode=1 echo_date "自定义 DNS 设置提交成功!" http_response 'success' @@ -51,7 +65,7 @@ elif [ "$koolclash_dnsmode" == "2" ] && [ "$3" == "1" ]; then # 看来你是想还原原始 Clash 配置文件同时还删除自定义 DNS 配置 rm -rf $KSROOT/koolclash/config/config.yml cp $KSROOT/koolclash/config/origin.yml $KSROOT/koolclash/config/config.yml - yq w -i $KSROOT/koolclash/config/config.yml dns.listen 0.0.0.0:23453 + overwrite_dns_config dbus set koolclash_dnsmode=1 echo_date "自定义 DNS 设置提交成功!" http_response 'success' @@ -64,8 +78,8 @@ elif [ "$koolclash_dnsmode" == "2" ] && [ "$3" == "1" ]; then # 将后备 DNS 配置以覆盖的方式与 config.yml 合并 yq m -x -i $KSROOT/koolclash/config/config.yml $KSROOT/koolclash/config/dns.yml - # 先将 Clash DNS 设置监听 23453,以后作为 dnsmasq 的上游以后需要改变端口 - yq w -i $KSROOT/koolclash/config/config.yml dns.listen 0.0.0.0:23453 + + overwrite_dns_config # 强制生效 DNS 配置,修改 dnsmode 为 2 dbus set koolclash_dnsmode=2 echo_date "后备 DNS 设置提交成功!" @@ -85,8 +99,8 @@ elif [ "$koolclash_dnsmode" == "3" ]; then # 将后备 DNS 配置以覆盖的方式与 config.yml 合并 yq m -x -i $KSROOT/koolclash/config/config.yml $KSROOT/koolclash/config/dns.yml - # 先将 Clash DNS 设置监听 53,以后作为 dnsmasq 的上游以后需要改变端口 - yq w -i $KSROOT/koolclash/config/config.yml dns.listen 0.0.0.0:23453 + + overwrite_dns_config echo_date "后备 DNS 设置提交成功!" http_response 'success' @@ -105,8 +119,8 @@ elif [ "$koolclash_dnsmode" == "4" ]; then # 将后备 DNS 配置以覆盖的方式与 config.yml 合并 yq m -x -i $KSROOT/koolclash/config/config.yml $KSROOT/koolclash/config/dns.yml - # 先将 Clash DNS 设置监听 53,以后作为 dnsmasq 的上游以后需要改变端口 - yq w -i $KSROOT/koolclash/config/config.yml dns.listen 0.0.0.0:23453 + + overwrite_dns_config echo_date "后备 DNS 设置提交成功!" http_response 'success' diff --git a/koolclash/scripts/koolclash_sub.sh b/koolclash/scripts/koolclash_sub.sh index 626f6bd..87340fd 100755 --- a/koolclash/scripts/koolclash_sub.sh +++ b/koolclash/scripts/koolclash_sub.sh @@ -92,7 +92,7 @@ update) dbus set koolclash_dnsmode=1 fi - # 先将 Clash DNS 设置监听 53,以后作为 dnsmasq 的上游以后需要改变端口 + overwrite_dns_config echo_date "Clash 配置文件上传成功!" http_response 'success' @@ -112,7 +112,7 @@ update) yq d -i $KSROOT/koolclash/config/config.yml dns yq m -x -i $KSROOT/koolclash/config/config.yml $KSROOT/koolclash/config/dns.yml - # 先将 Clash DNS 设置监听 53,以后作为 dnsmasq 的上游以后需要改变端口 + overwrite_dns_config echo_date "Clash 配置文件上传成功!" From b042777acfd3d84915f03eb245855a243284f417 Mon Sep 17 00:00:00 2001 From: SukkaW Date: Sat, 11 May 2019 15:21:24 +0800 Subject: [PATCH 5/6] docs(fake-ip): update --- README.md | 3 ++- docs/README.md | 7 ++++--- docs/img/ui-3.png | Bin 49454 -> 41475 bytes docs/update-uninstall.md | 15 +++++++++------ docs/usage.md | 26 ++++++++++++++++++++++---- 5 files changed, 37 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index e46dcad..58729df 100644 --- a/README.md +++ b/README.md @@ -47,7 +47,8 @@ A rule based custom proxy for Koolshare OpenWrt/LEDE based on - + @@ -31,6 +31,7 @@

+> KoolClash 尽可以在 Koolshare OpenWrt/LEDE x86_64 上使用。如果你使用的是原版 OpenWrt,请使用 [Clash for OpenWrt](https://github.com/frainzy1477/clash/)。 ## 名词解释 @@ -47,8 +48,8 @@ 除了 Clash 的这些特性,KoolClash 有以下特性: -- 在 [Koolshare OpenWrt/LEDE X86](https://firmware.koolshare.cn/LEDE_X64_fw867/) 上安装、加载配置并运行 Clash -- 实现透明代理 +- 在 [Koolshare OpenWrt/LEDE X86](https://firmware.koolshare.cn/LEDE_X64_fw867/) 上安装、上传配置并运行 Clash +- 和 Surge 增强模式类似的代理网关 ## 安装 diff --git a/docs/img/ui-3.png b/docs/img/ui-3.png index b0828b87be4f86c2456d218f58efa104dfd761be..5544216965b6b594eb88d14662acf114b169ff00 100755 GIT binary patch literal 41475 zcmce;1yogS+b+5QMJ1#`X+c3mx;q6$1*D}*KpN@p5&@Nv4iQkgyCp12x=ZPlW)bIJ z_$j_bbe>sg_S^0K&C#V-e>DgpU==9TKx-EKO5Q-GR|j z`TEWzdG{_?`7r^mg&)UVbt!$KT&AP(Q%OtDG;_Ng>MD%bB3`nvxG>3RU9`lG9+bns z9dbFq_ABn&g~+1HD-Wt%4Kh;qX&QcX>ADxL1{iw}9Tk)tuO;iq;}e`8Z$4aj<#aLR z@9~8K!-?+iamBDnUi$pFDSEpRaFPDd?l`6&;Uq7)35%bt7f*DESxoP-j&EY1X@ zA;v1LrJg?z?e=sOq)IthQbrQzfco=&i>Z z94VCglsLq0T}1R)a~qBg<_{OyWpsF*mQjSem`(|4AU8E5Ywm~lElI1JGP=3D6I{C% z(o@9##kd6R`$6sLofxbwL8?2#wVLaQ>_`Y6G@Shq>h+yU^RbG_W#%+UR)3IEuArK73ci&DCdfxYB9J``Ntw>T|t7$(e1gU#9|O zqGy=?X!imGXBUnvpI(=HC|B$?hZ$*aGu1#sw?=SulrBZJf-?zL5S`Ansmuh}W&nXA0vRDE_U#bcRi z>qHRosuZ)hWl6w|v}!?rjV?~o8P%Qq@bUaP|#4h|0D3{lNy+*hv^b+on3 zpxB@A_$RdA0TI*t1W|!65q@Dp@x-vR(Rk%OOv}-_>rC6quT#A*BVI>Eg_V>( zyUoPZ+>T3O@R5V|tmj7K!k`)VaMg2qr}bgqg9DdFzOFSH`d96|iw=U36i!tG3UY!% zf}4YrB8$t*E%p18VNXj<=MoDW+j}!)x8Sr!qk;d_{*^?x`x_np zx$5r1rsW!&dt)~A%*@|&^N{wOg&C6?$y8Jajot?sHMO;ua7EqR-PoW1ym{P5q(G~Y zzUfi2VPDW|_S$<9pBU?w+{1@&JohIQKdE?n({rZMw9eFd>G@{&4D$@zO}Z{ncc?6%g86(9WFQ7n=3( zvCBsNK0YC#ACq$S5zEHmV^%41O>$oAsy`HT9+!62pFRz}7e*?Psg$0RgB2PY+GECz zp+``;A)x29Hp!#-yzoeF!g+TpeRD3dcyFfs^`%RAHQsV^cZ@l&>w5ks`SojFGP}>< zBnVfLNra+td@3qBS|vKxx@|9i%!7~itItwjHa!aqZmsiL%bX`}iGV=0ZsVa=rPV!6 z&4eN3Tx*QbrR$hpc!5)Fbad}69xI_Ct+1`7!qYLY*b}n5JGJ;A1<~$y{%Fywu=yOA zK>jE!jN&KDFSt75dXd5B_6C|+UmFp&{(k+12r8F9pR$kFGy0Y`OTEvo>mK!`woZQX z)tpOpJ$fG5A+@AaJxN(#fAH&oF(fox!rq>1bW|G`+sex7;CQ>6fP^HlJxJ#6R}DX( zCh@{Qy5SUvB>AQryzjI}2B#>rDqMs`7o8?j7Hb9imK+e68@~^_&kpb+JJyE=_1VRV z2z6b!`e7&+m+3>q}V%a<=Vr~Px^#Km1` zVruYSPimNK6{TVzs;FzYxV9z}x%OMn>k8t&d`j4*p}h9r-`_n^*9sfbbMKsU%~T2< zuo%40z`wNSNJ~qL5IfBFmh{lBtD2ax1?P9&na09>cs2O*esfZRKAWg0wW_LKGYlwG z#ntmPu)V;yjE=z(U_&zR4_IVk0GA*y?Ymxl>1)C#s>X-OSpxU zd7ThDzcp;gn^9a$5Jt-4H)1LC#Nb9wZmvi}X=}-e`@%#6-lbVxF})=PW zi#-z2-iNnLIuing$TIOX+pjRrcPlg>A2NOX#8Fitpfe>#{q%`^Hz%IhF}u^+XrNO@ zud`Hs-$2z_t3v99ajz}U25c!8@1wK)y-LHjmuRVg49KrMxVZY@>x27p^6T#02Uh8F znXN=(o`i>o!J91`UVPIH)t+J>ii*N?z%N1`ICKQh$8e( zm(N0W*QZ|ERKyi~j`7}(mNParbss;*z!;Yvr=9Xbvg~bm)9@yC8r621d`_9DMME?< zH-kks=Z%!sf2-YJjoF*nIbHBRHf&OH@^vo^?7?8$>B87tG$1R;Ej+mpM2@lJCPJ;d zvV6m#g=tcok%6J*iu$z5lPA8WDW`nJNjSr;#E%z zw)w8)un*Gea&;rJSPjHgQ$L2h)$!u*BBIKpg0&|t?Jl}QQXMY0XGG9C-(#g-U-|0P zeaEh4z=-j}ZxT-_xq#^(^_2<-)@XH&vH?CFB2;4{)8BQ9(IH0NzH@g63m=fpiz80O zfaxX8tVKPRa!uSAxxgQJcVF2f^Bf)GiYki<%*#hjt6}`Y`^VeE4OSE{Uf2^1?du#b z=X&prR(eNSD=QP_kz)J#lYGoM!b%9aeC*wL7~Z|{zB$p~Gb}9Z^M?1?rNXuKaQ4aF zXgMw{MOD?n!aK|}4uV@-9W*zX1gw3M3#I`YU?Cf{Admx04PC7*75R22 zM$U4$sCUk$P3Myq#*gy*>ZW)AM#C||&XSXp`JLA(%SM^v@Ohdyyhuy07dHIC0<(XU zkPw7R!S}Lx3$i2u1<{{myGJEF*|}kTY&Gu{2ZI zxKxy!f!#r`n}6= zp^Iv^f#A)X*)zVK%(RyxTb^W{_0E%}!L5!)4Z1iL zL&7`wgi&v`3o|z^;%2_XLuAP(zr3Vg7^IXQ&}QB|W>f#WT*1VIw1l&?HBG3PZLvb* zuFJNK4IMKx_S)Lo?Xwcf+@ZW6uyoR}>q|>vX#?hk{cRb}53$rIE4w1D5)%_o111QP z%WQcS&-ErgKJ;~uVnAS^!QkqMt~Z5Wdl2SFl{?X~v67ie5)k2+m(9V`^Yj`gS5Cfu z{d!MLE%us*d;<5CTBkKX8KRld;*A8{=q-fHRdqWB(Eg_vq;9i_LlsS4YdSBSnvHtK7K3?(A$dRG{-kn|9|b>Cr=F@C6^Wl|Ce68VI6Keze-7^L z>%(XoXxjS9m`cmYH?-k_&cyWT;DqMXN2k`QS!7F$k&z5f`1Qh8H48H{hV8S-w-ps? zmg8m5?>}Fsw-UGOpoW@?9QWK&34ulc9_JG&pSng<{y zYp{?)g7!;qpSGtfcFG_Sa$aqsUm3i?%1XWD?3T4sef9-gY!kxI!SBLTyoy~B##i>- z6%=jUF6kZPo^^FSMLj0mbV5QD$i21CT;0N9*{QCiV-;3y1<69U-h8`8d@Y1VWRHIJ zGLH1uc&<1u)2nKEb$GtMXd1VpYX z0MDO42avm6bx7hyAe-1`*}gT`v9(rhzqr2Kk}h?LV3o9NY?ar+*)je7dvvu#-0Rn` zQ>WVHtA**E{!!HNcYo3q$#hTD;R83hGh%=h%}hhFlDFEx3T|SrlXZVrGX9C02m2MntlZ^KA1an$|I! z#_-iu%O6Ps_B}`OohEggwNp2ESa6xu^2Fuk3;1KT7X@rAEQm^TS^N8^A@{eowz_x( zUkhI|<06NI?UDIu-)7M+ z+EP9IHau-a%arRFt1r}vE%>a|yKc3S^$ZVRo|aRn?zx@UYqkmCj9%;v-}v>RrG9vL z==DGB0qKV4VKnFo-f*Lcv;1m3saKh*|BwDPn@3rv0n`H3)ry~@VHN$AK1r*p#tcWX zj9<_Z=;~=N5kRBt5(@y_@gXxSv|CkO9R)gKVq&QIOeE7LhlfKLQ{Aw(?6z#tLm~m& z=?HBd9PJJl8PMM)<pbat2{PSfJUp^}h#wkdE*y6~`5M8A#a|LjUY&x1*>-;CIS18* zXOO2e8JliEubH%x(%X*K7pHD-S#``Mot!FU<&GyS_jF62PwcIZgfA|dAz%fs5)wtx zz9QF2h!0#0C9*r%G|1Df$Lto_ual)3SDroDoqy;{RIutxbGjK^q;a=MGarK2!D2=v zJ|*R=rY7;Y+FB0R64Dv+?jLwDO1BCgaoD}Lc*~us6bNOQ3dDO}hP|4BF;sP3EKW2d zRJ0ZNZhrJpVjs zjOyAwi&zmGc`uhq=HP0=$P26E5j|)jwg(?cUV~NIqgk+FijgE5d(?s&41)M$t#)Ojlw^Nci_V z`4B!CvXNj~L8@ZM>D`V^%6&hNl*W?{F{RH&CXkOME@k&E+1al?gin|Av1Z+5y1G$jpxBrAGK zyG2)eX?aJxQbfX%le!Ch!j_;fZ z>5-=8;24OW_NS9IEsz<{_UIOlP3g&g;PE|_ri)ShFCc=zIZZ~_3B3a zTymJ5ixic#nEDe{US3XZukYctcQ?nnal$HsdQi{MQRCMil~ zVJ0$-nX0hLt*W0e3n^1oy z9=!}DpmBC|oGBM`S7^F`h%z+9zlJ}(T~S*0q1EUu4T4%^)$erWG4@h6#%>XEHeh8Q z`NnZ&bKLuk&(P3tvyU-#r{Rqgl58^tzi0oN)6!lO-cT>SEPlaNSsfiJ&eDRN0xcHO zxX}{@ZFMaz=B}G~RenpSu;SQETMxNPTXm05>la!aVk=!b}rNdtN(N*mx8O`8V@KXr?PR znU}W=^X@#mfk!PI;(rN`j)w=AqnM*dT3S3~i^dGOY;Z|CUb_2a|7<0eyXTQZYNMlCE-qwz_%|{#^0ASuK!npb)jrdsaBD_87WA7lj-uY`w(-+%O|wTnuq$ZX57?&uqH#^}S@ zRrh2)k5hs6PXp}bm8f}yiQ|mNdGMg%sh7~BtOko2tux10C;6$9-t|lAJ4Hw%Zt`Ns z6*b7#X`N=R%xsOqi{(3Hw)damAj^L`ED>U1W4{r0W@V632xv2G4!H6}igiPDDXHm7 zcE^t`(RbS`jaEJ>_x2ww1klQTQZby!h(xn}UsC_mw3_0Uuy#0OiVHgU*=)u4&d!6) z&v*ooEr5rhf8o=eEo6YRoz$1yNPi+)W08^h2iG9)r*fG2;@kn>`nj z#Y&KTm6zfwHUBinWJ7s53FEHY@S2ldVzYkJC*^DuNxX7R#)!hu$gs%kGbRA_hpP_? z3kur%&gM10W_SlBrhO>8&|bk?Xp!G5-DHU(lO-^(8yXpT#L~R#aTlZHQ}$x2gL1^Cy(>7sEz` zm+Nodi6Im_WE^^R$e=8w>oRi@a3d`pCn28LpUeH`2EqkrD~lFXMtUNv;o-OiSA36N zeF)ak#=6Z}!gfy`;G>9tx9~~XF9xHU-hj#N;K72nXeQ;&qm@E>M#f8WnUWr7mb^lD zNyEn6-2;L4_Mbm(uIMzODKhoC*>Lxa(0y-Jrb-5*Tu}QsTBqih$n~-CUl-WzW~J@a zcD}#Uk$C@k#%IF1<8XU{!)lb9n~%?^J4NI&&gFoS@o)iq!up6?JNnp6gZ@BmWBNDy z08Zkc!7^95Lqd#o5z+nNM}Vu?xIbhm_Wo<*3?p@%+V>y5aYhzw4}HFx#^&Cn+Vuig zX{Ru7eVuhka22XrKnzy-`3HN)m0!BLf*vtQIXjd2G*f&`vVEVof&2wgRo~J=3OXY$ zGl68UQ&L1fY&@GX8Ww3}2^L&RdRLejw>yCkYQ(kX*a*{X~u>$H?s@?3xhn! zd^(5~f2-wfpxeonFVhM7b~ncp%>!-`2F75FtLIe@c-x1BEFQg)Zqn7$i-dX|(S+Qn z4+cU487E*LJ9WZhGUV1SndZcQ*5mWN6b+-Wd0AA;RoeJh)12_sFkQp|saJclZMgph zTFf;`{q+DMsB3iV)g==$iRABYJnW|KBz4`_ZRqJy9FKY9yFpIQF2GBgo}Mn1lh{bT z2Uw0$(BZep%aB*C$_gTZVs!`a<6e%6#WXYmb_SCDN1OoBMH;V={xa^!Ch4kAgzXvR zW8tU?geZB7gXkgvgr7>tx~&vssVU9Y9*KOQ`4%`H5= zKH({q1<)wPyNd_=FiJs~zFz-oALq+NRilwkI0#(pM8wEZ@Okp(6#T_t}bU9pxa2pGsptnrU(AzCe|YpEY5`2|o?H^!u+PCeL?xWn)=yt!FsOpmyP8X3t^~Hv4Wcj-H#UyGZPI#ZyS+mmBXD7?Q z0yYHq3bTnP@xn&@6e4J3WlcNMkP+Av!MCnoSInvFc!xc%SNX#zY{8LoRq%^P^!E6? zSIo)w?!H}S-I@IZ-~B1f>BFyeC01!ei(dJj^)x5lb1OBUE%c_Qgw#dPQZ^zM+`WI} zs7I_F4y#x9-t^DSKHQx7d{C2v1q2%~o}X6(F5J~?pyc4-kUFBQ_0C2jt*#&Je|AqS zv^Vq-G4}elf96hdfbG#Ccs68^*7)YsTWWG6d_hQ1Sn6bg;IzSda6c#{q#&iuoZ^YV zgA1$ceD{viGqjR7(rjsu6VtV#3VmW5>7kc;^Bz6!@U1t5Yy&AK?|W$jxz*nn`!owc zJ9uKXj;xR2Z|C{_laBx2y2bz2f+ptv>BsVpP4BxK{)9@qNUG?lDlH$?*(aK{JE*34 zFUwtrB)9*my7960Ld$>;?-(2?EhOm z=CQ)xR=-1EZNji?E1J7LVj&kgqNs!X%Rp-vy?iL1{=X)LJI%+(ha#2mpASh7;r*XT z0seoSxqp{Ep!5Y37(j0fa=uy(r{_w0h$+2QN&*Kjb8mlV9A(Ft)kdZ>#X^s1O>c^aWz) z)<&SCb?#)g*aDPS&DsNXB9CyErrNzY&Fq}4VUU-a4 zc+{<8r(1YiE|9`Cs%&qlLlpOS;nF4d`q-a8mFo6JE&Lni zq28NIJv&T=LJCpkw<~tCq`>ceS~tb{2Dp8mKdOA*UVoxeajMaL%-E9^mhktKcFolN z!Q-rN)Sb~XaXLBB(dr+Z{FWF>XXVq@)}|aR)WZYV4o|1Qzdiw-^|O~y7)atoYiVjK zDl7Y|=BhO>IT)h;2CQDO+paluCeonmAmp^_^LeIewk^yvMK+^%I$P|7sU7;F-C}2y z8;xh835kituG=PC!jd|E{{D7HJI`0A8fgp+3^Xb%e*sX`L z2*i5rhA5DO86_n@ZJMa@@qM5j3=3>*Vj{`<&ImQ)`9z!7NlB}!?_Ryafu6$qtgQKj zI{A#=kRd&9s{L_$ypqz=t#%3<{omhWfPB0(jn$&(zQ%L>i&2cAvU+>44;ytP z*4@d!t5-?gBdmBSP~1v9m#JjF+T8KsHt@%ByjBSsGN39U zYdp9}dG%6KS9&-hfJg=)m7gdp(_^l#3knGtaK^I(aJTqV1F*#lIX3k&lE!oA$?;xg zBlPOYb8>Z_i#49^7Pbvd(76Ajt!j@*q|&MQ!`aD(6hjo6ZMfq;Pk{&j92Nk1bPNoU3Y{ujw6k5kvx^YCqrL_J_l%O-ctzUH z|A?39h*d}xomg-Rm%&Ju51yShw97jY|Cc_C+i9E_t+w_G5yN!6X^MolcG9(^R8dcI zxNi?oKVE;^Sn7_fxdSf&Jx5w;=BrUE=qV}rIZt_#K{oe7hE*LM8=JA^Z+$vz3N7)cr6#xOsOdKWl+Fql^ z;gh;zK2#A9CZO0KH67{iSFx+BEZjc&*~kiHMsCgn8da>9S3Za51> z-GcOdgZXxlIB>D9y7dQ#SkwKl1K3rIdz{UisE#e_=ym*W0cZbJBt4&NjV|%vHIQr&*505Ow9&ty@)K3&7hHd!KoMHKjf)(`12m zmLgQBg$+ko5W^y;=2mvyq-A92Zrm`CE;KFc9~#Q2s=6j1AfT8#FuQkr?6K%j!?EvH z5c}0wQbGbPmPLy}7Z02iPxJr*C2Eg(IW-b40X#U~(lGSaW_Ne?<2mCWLDH0Qa^fY% zYU6Q%G6xO^u4~F@wQ9L-N4qQa73!+0GdoLt8s+9OvWPoyvyb`t_Y4ef!1EPZPY9~0 zs-htX2?_PfHSMOG&=BI#A8{!d9o2-!=7;QTy>~-Kobg34u5qU^D|M2aczZ|4-2D8u z{!hvxd-;Wh!4uZ99v;UbD;#P(+}yOhyiWIrfiXBL(wnqI7o_+ zhUJ=1baX__iV{HOf*RWH?k)@sf^<8of;&F2yKwQM!AQw7U6D^P>f3kkwnAJAe*d1X zvHnj-B+WiWlOqJvCOK%n?<*+C>g%Uf)mK)M(Rdx)F!>SZ3sIsO z&;<+;B}8y@b4ydX^XBbaziRsh^iAuKFWud;o}TqC!jRDg?B{8DcvOWI&O9M-6M*Wa zEsPAgT3?}=f18a>7J}!n1@-mo0%o+HGc6Yp;%;t&(DGN*)s2W@R+mgy3~6?8ap8xq z_a)(oCb%ak^8CLV6HZ0VaMPaqUT>%Ak4vjlp8He~$RHPC;@CoxK%p404Nv4=s01@& zXJ?02OpL~dS%V0jEl~0XX5PwR{Qw#t^8yqOl%TB1 zAbkDx_lsY@eu?J}w3wHpn!iBBp(ZGS$D&mb*c%`Q+`e=;Dx5SxDib|DFp7?eF#u)Y ztY~Lv=i>Uh%%ev*2z4o0EiDQZO$}Kc+L+VB#YUGeUlxa^TlaPqA00P0_w-_K#^U0l zILHFJJyF6`&>rFId2C&@u3h6Toa5o+lVW{0SKLAEFPSdx=_w*7Cx_`--}EZXe_HZfC+>n!#7a4yggo#9m18Rhaum!7WgnT|ctTFDokc@J6cprm&(qegcz!f5V zFu3`7lhh6r)q-UpZS|g7qCe7Z*`mTbrR& zF!16S4uO)sz#`h=AgP?keNT}47>L2Vrx=LYYffNYuV3RwJUiEgzb_VgSO+aGJ39^~ zC6LbZCgQ@h6Ln-^2k0}=(@TvrTrkwCu#|9h6#&mGe)gU8*TMn-bPS(^;|5P8#FjVU z?w}Hhdz57`@FY{|#@)M*#z{da4dR(@(<6^(&u%3oBoskH6FxndvlUD}SS{^FRJA9o ztEtTbf^46Q6pIK6xlBw(7PebHVj1%4RVzd{lrqJp@q`pw0a7^&CC|S1jE)LU$F0mP zgK^s079BvFD&y0q2b5U)r6c&n#J^%V!IYI!pC6pQq7kD;^b8KpZyy2-Dl03a6%-s@ zsfHE@fVIyirJ;rO<>jh*8QQEJ6V6lN;5J+K)AG3kbT@BafawK>D~yb-9SVisi3yQu zZ3LXiRm=C2%OwA^auZelzSruGTQgw0dpAHndwY>Y7iy0PN`YC9l;L;KcEILp!;U1u zy67O7%wKz?SXNnyx5CqzETm4^h+E|r94?d5AqrKMuP=yRzW8*S_-nJ0t?&UWj1X5* zAqJ5tAk+G;8{BG_1JXD|L{JM2VTneq>8_cjrL>I=8-&K?4`|B2xF|rVA#`A) z63)(i=;-J@eSQ89q8QN5^-WMsOhY0=6^Q^QK_x_Im$ajJNdB4i%h#_GUS17xnY15r z@MNL2QpyxQ=#~3^An4%x?Sn6?Av7F)*|n;kZMJZ8%zHj%>$AP=C+O z*RCeKbd^&4{(a~Jl&jm+6ut_1`<5^uAOJENDK0K9z&0}*n-1vQa5yga8w`wi{;Y=J zkkxv=tD$!odpJxiw2dN`ElIO38_6cC3g1qAeGL6 z3$%j}nor*|_+eGSNiZo60}N&3;B;_M?OHhWaWX^4paukmlRun^yc-HF^7pm1?qBMU zSy-TE2KPzrR)}LqgQguUwJut%&<%0DI+v~2U1I|Sfw8fqcXjKofgQvA`$8K6YU7@f zkx;gVgBBZqS(sn-mkr+dn(SQnsRd#c>%l%BSQ-PoID&P^& z-M?H~IT1*fhu=ZS@361Xtp&pBs{zg zYKc}ERGFRD(BSpOqL~kp&#$jh@TXmYnIu|T{prYRh+`5G%|#58T-R^_4gvar|HBia zXa>M-uus9Da!iDwrc^VZ-*K53MEt;OfS&gE{_r}{)cKHm^DQ3j7BSwuiDMD#<95J^SzKC@(9pORd-o~l zYP5^D(J+#WJe*!GblFgZ=<5x?5i60K`@#@ zkW*80l%Va73T|}dW2k*cT{EOF_$hl{VN-Z?Q2fe>6m5Z`l z3S+`*7I_@L_}clBmHV6VvuCcJPDgso&g-9Vdr+08r6Hh}y^Mv`0&)Mi%Xxak-Z8(R zp4dS&Q)>9(fd9sQ6ci5MJoW$ZWw=+sY`&0V}P{Ttl8DylkIK1J<3`8%(!rmk&i;SwGO)ozc^E~1PIO+J=?J!@B`6?y959ED7 zh2TNd_wL<;PC>1S$QU>pWIb%syG?!jOH#WiH=&5_M*f`43YXJnVI)+@aaKg`r`LDiow480rR%v zF{t0-MBI5%^jPGiv9tPEY2MJv6J6bP`@41Exp-ci{uZ2B^)MgctthXAErhtZW>!{h zfH(<=i35Oua9yPVM!<1p(6vs%t=>yxf%*1r0Q*Ngk5~R07x}|>l_pVQSZtcz2MZu7 zfPEFWc-gC9dO!fYtEzzYE;SVoF^*C0E{5eqeK40SfCPedR1jN4YFl? zf5+T`JG_Lg?d|Wu2T*C|8F&-$4lo;N2$>85!DQ>3Y%%96uo&ymcX4&dkDZ~eyxj52 zGnBm6a)c9A#6oMIJly2|Z;$XL>Q{{qCXXK|D9~*6paJlMW;}>}0sWK1vV)TWp;N~% zBf`%=oU09#A8qNLmBe(zN|x>;Q@0VR^7VWS#8*3j~M#Gy{?=u zrL>V!lbO2y2TNWG$REKr4TmOWxpZ>(?^m&|q&^IUq?DtYTLi%qnwemZVN4q*S8xen zCfw>LEt38z>~SrB>=vOs6MPX-1e5S_z+Ah=;rab%yKW+{Wab`Iso>o^D_*C6qOJW3 z;5Pgj{@Im?I726YVqyXnc_9h%uTOXyiZ}5brU=Ok{3{!^BorJ*$1E9Xr=Wm`prxmu3mR(Hv9MqUVTCMr zR6~()qI;|#a)qcpmxkXK0hPuqGIPLu3-pO@ET0#!8I%9s0R7*?_O|Y~u#hi03(A54 z_1v}?xG18hycLP}md;3)5gk29EO0z7*#U4j>R2>s|1b9E!oT{!-WrrL0C1&fDj*y{ zRlvjYRhj%kyMq((_oQ^x-w z4g^yjt*x!w-_XkfTCVT1fY_?7jpN^pK%kVaz`VB&In*!z^MpTn=h627?lh|UeU`&=>Pfk6;QYo(8drv zI1E}Y{D|YgNcB2m($vx_c3RU!G|hYtM%nJ_>gtNxKN;<914lfe7$M9zOf|5h0pKf8 zHnOASCEVO;m6byl-jFo{0xm#-jEeA4j0!Sx|+en4i*N1fGIS*4)2J6G;jaN6A~*Y z7gt*cY)OMX7;(a`B~_gwCnD_Zih0W3LplH2ne18l2(K2N5~j}F!UC;I>DSoUSg=Y3 zsKB5DEF&j}g;2-0E*TVPIo{#RxeE&3tA5 zy7XhzrD5`ZWyPTYy_}8yrL4-s^$NAXPv?v8qb>v!Q*ccg$W&q6dEYy{#*ah&{TH{|W<{IlyA@b0nKu(=C z92}r{lcl9CieX;Bv0yJyr-^1gil5y=^^|63XAuYpO#HUf2DoDkQcVas1)pAvn^w(i#P>dI_ zBS6j+So~{1qt>6O_kf5?;QLV2{{*BI~asW4E-%2O#py@gd`{{dr3Y;I20xZ z9qhvo6`>);&Hjkz0s&&s=NWO}$)FL`w&P&%wHnAXpsZ%0FA@mE4+=`xn3ZdyPz$8B zz`#HhIRzmXrKJXL2feDK;Ml5iA_(fa+??}@4FqT?Hk@_g-+GYvy^lX^Gf}nZ=1{Mh zLowUS60lEm^Im&|{DliRV$CP9a-sjY6*=?&*LL>WnNyE{X#xI*jQ@1U{l6hi2W8Av z$Tq+!JJovr?LWgsxalM^bbMz@fKp^-4T5dNFd6@lP>`YiL6JZfAYQ+D;|s2w`V5U0 zTAwKRAep`?r~qt$e5z(}d}7jON|^AE`FMOIPa2Y?4OXTxM^Jc*&GJ?Cvu zWC+wSpMghAQ~HE?7j^+@LWSyaw3IE{tqePBfe9K1S{D^0QTPpP!>~yg2@gCA9NX)! z#$NkN-r9c|zYK^`Mvc&2CWrnD@R(8s4<9_ZV#%90W&d{}dxtr)z_KQ;!uz2jhb2Ze zTYysonTvl`qqDO!YA3^$E9X%PA_Krd*mw>Kfy-+$1)L;h$oDZK&F3q^rl4r@bC?3^bt z&d$nm6E4Wj{R~?SNuuC+l3ztgZJ(5TJxY9Y){dmJK#Gz>9!XyDukKQ?T&q<406z210vw+ZDR3 z0LP#VyTQ+Ykkj=HmFOqO?6UHC_&vvjQ#%^kL>Ld-x#mejd{ z!WdvzlSJG}Vf9Ge>yXT_9UUSSYJ(-zBK(vQ1gV9YnHLc-`sf=2zagDg+0LLadC$N= zTm07FKASb6(Vbhmo4Z4LsBI6<6OQkuXlokN(r8hQ`A6%6V`Ip(Qs;$U)q(xfGrf4z zw^A*_4C2Oj{cqgySGw5Gsq#Vp_sfd%dyV@Q^?PGe>TCOxr`9@a`&!F3)yw6TI&$9~ z(=ti=&8|gDNE2a78RO&QyvFy%zhO(rne@x}=!9V3Bvk<84X!Yag(HiA05Se>1)n)EdZLw%VId(suWv{>z)qG4hrY*h^74a#5C$@2@u1-O zl$9j|yQTWdp7)JT#KL2{;9#weS1W_bjSu3Yo~FQVNLydbWit&@Y5DU$hVA02swyYd zD4Y6SwciU17Q4#>Z%5ZZdwplAy#E&BOTN`u#Zs5hMn4D$9N{rx3y}rv+k;-|yAKsu zhp;URb?f@=E};a--yNQlCmidzHp0$O(!HqG{?^&KTZQKid!@g9`$kMbv10GNt8caC zTV>}41*h{9mLdO*7xA$e zg+{Yec_P9A`~1;-EC%63);nFdC38NEMbf_yF?6#&nSE9=+RlWGbXby=*4W9>I>JP|C_3WphsEnt?`q3c3(ii-%42C7M>}EWhl=4|Bs{-s101#0 zKmMKIo^U}eg9Y;c3zPicw%m%p2CT(p%X9?`gDT(U9-5_S<}$;a)I8QuN}!XGSO4Lu zz?>&rm^(pfe%eLlrttGUw&34~KS zBf;vmSM+izth~=H_nnTiug>m(dhJEM!hfC1vS9u@mA3x0{{^E(jiPA)Uu41b<+r1X z<+D@l2TH3y7l>nj4lTHLrf$4mX^h462uH1}JM#Mrn*-0v3NqAyZ0FKjSRXvLuAV~r zn|r-AI4!grT9M$hvpJ|wc!+oVMT>}@GX43}^Sv#~Nf;fBuo{Uj$fx7tko-B{v5@GNU1 z>g$~l)61Xo3ZA&Qbgca58;?GyIkT_ah(5UF&AjjKy%{%3UHYpMYePU$NsDLVKo5E8^-Cwj@puUMAT_w*17*h0&X9oP_OJ zZL4b7Fd?gF<*)e{7o6E_+zsm}IE?c~VogU{p_@<7|E7$U$nZ zB4*yZmap+++~L{7&M30mhSC)`KYd~!^6)(WaLsZM*6OLW@nlxqy~elh+hK1%6b(za zi5@5IY}&v54}-2Wj}`7de6_=AsGNgUc^-Cz7m*VxzM{-t>{!PxYzSGNC^1lY8_36{}I_ zn;bJsYGh_+s8XlB9zPB}Pi@mO691QT+{ZrO`pnGVauw&R=CdNNUSgk(;cld?oIM3Q z)Zy_dBv7Z&-C-xgvi5GWmon-s!uo<^fg2zsNAs~Rg-{zS)yGykrhI<~QKP1#l^Z)a zC~reEvV==d|J&T`b#8<1l`XrM5fN&}($d)!=%{Nnl^1-ferjE*Rqn{jboUYPFUel{ zsGuX?b~0Efa|KkD1O5FUV&_fDbGGTvuZ_@NX(7(q47q$yM&{0J?t3TG>{jQR7VA0# zz$^gze<1#%i0~g@z9-`@2gzUBW1hfA-3(#-G@C5>e3XcZ;QvN=0GW$;Bqm%-ON-<> zLHclgNg$9uk%RepM z&i_{6uJg4k`RXdcOrHAr#EG+`PC(3*|7&2hA2&BQ3%%up&)>c%`hNpB{d-O?_}Zka zr1W0zWLZ5YFK-7~Nv7)pr1AHSij|?lp_e4g1;a?4(1r8$nr8W9&exPvQlbRx$q*=e zJWmHpO%+5=cKYNVJm8=~{)$p?fX*$8R>cpGJorL1K(d-3wCb4Cd6SY-aC(BY=uF^A zc6JAozd0Va#pJ!g*6xsg4MQtF;%d6IS z(8l&-pBEGD_&Tp;oELme)E!nhhh)LDs2M>DTL^(8lCme@#Ofm(d^h!P_K5U)(3k9F(45?7tK0PZv%SsZysj;f+~uQud?H{s8*mDm*nv5Y z4R6>}o^U4OeR}NF$cvgCc%1J|*7-Tm8tP2ovq_o4s_p01IZUSc_Q5zRK6BKudd~+DkN}! zwHfeedr7i9)hMPsg&O-bIShT>L2wsVKjF*^X7^UPYVi0wOJx z(2_txlHZPV?|t|F?ptr&d*52`t+&?mKgqY8?>YPI{n_nvYChN3yTTi%=v0V^feW-N zh*ROe{hsJRAzu*hRSzl_?5KQ<0r%bp%0Hn%Y7J(X`s8@>l2t+5Pcs!Bu`Ne4dt@_v zvK~Kv?6q?q{5V*=eh^vyD5-qudVeEzxMTs6rNt0hE8+k(1`8_xJMML;%dsr(Gm>_F zcXsS-JwyjhO-x#|#`BjO<& zbo99!Y@GNO)6>uv<8@68^}h%w#k9rUZi(Ek81SjyC@)enNQHHIUJ(|a1PWox8Lb4*NQF2c>q`Hol*gvCrpMf$kL@6a0tvRD_;TTOH+7}N z#4=%%B;Le8Ur8u(3jv~9)k~j*_)`?5RdStqUBs+}K^P8(r3gwYXQH(Z?tyH4qNuO) zPoJF3ItTEM$eR4+IFKwMrK-13+z~Ih7v?J%8a`Xuojcrf2$0VR*aksifE@$J{{tXf zeyVstcl5rh>6W^SC#sX_rKzpI) zNy!T1k_8R@WfDnt-WIdQ_^SMb;fjFj@Z|&me0f&%#~D|Xooe(Krxu296i_BM;>9nl z&0x1p5iRrEZ`|;4{lc6b(7M+0I#hqzr_hCsS{$M+TP5W<;H#2z;t7;@tPQ}6Ri9(O(PgLWhuIuG_8Gl4+1#gbK;7-HA+h_z^TxF`7c>LE z#p&ybE1t<&V^osX#vY(KHJ4x@nvUaZm3hon8CUMS_*9`5I{(vVB`OSc5q_hR?0SE#LBjbM)&L^*2K-B4{!0VeJ756?|C8!=Tf* zZIXJM_CBm>+#FJgt_-TAaCRTl)U=6Gw0;W$5Xxq|fr!aF&z!~i_BCr+-E!I8MdNaw z?5Xb9hKS)$c>OBPg4@V8Gqa;I?N(mLEB_(1SZ#_Y7RipCJ^NcjIdZF<{M_4zGCJ(W zSXEW@1DRP9|2*u8bDopbgT(2G+WiNAms6w%UYnav~jh3R-!3e zL}}-CWMLlu2D)Ql7in97fu?Dw5%zR}qx5Ryw{_+C1U>X)i~RQ4>t!nE|3anPxd|;8 zpFn@vWNz%rY=}7U^NK2Eq@eG}A65?sOo>4bCbspKE1Sw5e~F|X2!S;e6^%_GT~5CL zt#%ueO4FcGt(wGGjU?K}W?2b$440sD?nroMV&7o9Mbr;%Rwsw=tU1GetUqpyHrpLB zz5h^KB6IgHWPj-C^XG4yml!*C#A{TWvVVPw`n$9SPb@WROLp3xeO5&~x6z_vBy1JY zaWbmtMi=4K_Inu=%_iEM1Lz5*97^{CG|ddeM|g&0n*+*)`fgv;(_3$w^J@>Zr?pJK zq@U5DCr%4WndZztan|{?*?n={!nN!7vYO({?>_ciUIjB=Cm-6mPjfQ zNO@-Zh99SQBr1I4BsquZnn=nfaYL2&KTNKbo4@}e-&uJl=w2WQ6pFAe*i%UG%v3-B%O(T+&pR18qQQ5Oo<_43c*0@t)qj zEmA95_JfY1@+!`M8`o3bGbpe#w`6{CF+MowBYqZ^GdwbRi9M2k^1PpZ#%D)wi*55t zVWb0xnkgS2{ru&ZyY&%!RU#+;A->X-G^J`RnD^>z%s_Y=x zaxs`72i^*YwtW;IX_O)&gIWy$#pX8uWgIJGiFugqKBs+t74&6-2B$xOI7Om)nVS50 z{)_KttJBa$CJrL2n9QlA_a|Yp(sV7()jR_*}&TI(s+-+jDL(u4rb~+am9Pe4M=TiBo z7l`kKuTIU+e~Y!pXRWM?PWg{oOk9dM*`YFl&emazgXI7a@TY;N;3e{T43V##dE8l% zl0W+-n)hpV9!xthNF;P<^pIyK?&~I!i!As&swQG<2G|8w7;oBHw_~+N zS9kEir3R53^3Ki01dulj?fwSeyuf5LTvNMr-7k`ygvI+gRoMFtaS3SVb6J-cvU-jw zj=a!E+zqtIWh^;}_V8ZM)ZV>c6C^!F|Fsq%MmO+Yu*^}rmyCm&!FGra^O^bbT}gOv zDyUAmW14a^YhUws?Gt#u3#}ihv>PGpM;_QlEWeopxM-H}$*c8LL2}OhU#FW#tL)`1 zr~Oz}U}VgjvQ*qWJWe5spguTp&MRfTQ9S+&(2q6%7cmI6?;dPPGUSlb)WAlRDS!*ow3iF z_nb$W4C*}dnM@MkBe^#*ZrQvPkG`pyi< z8fA;D!4#b<_9g~9Ttmry_VeQeNr=07>lEI0lGgQmq07m=EKwSo_DK*IwApsxIsTUU z(LpM$f!&JJxuB9sIp8<;5$!Y%hOMu}Uur=uJ3>UU%u?Q>`scfSK6Tp=>7ZDp1jXFT8>AoJjPp;cybO)I)lxJ?3+9DXnCjsd`eG+K` z*0bI6Odr8Afl|ABLc0=+`WsAsfrRb$fVy>Mb=R({A*`n5O&YY@RQJ$IW;AGCtJZI` zD>C|#7e`;j{X|j+Pa{0Ca0L$b3}5aCvx`cqft$EtyY?CkmX>+^=|pLn~X}L zX!*l!$gt_uLJ@L|ooryt3al$&0Qa?Pb$-;V<>g-Yh*#utpV#iE&5m;|mZSlA?~&4Q z*<-YJ+3@(@!r+mn^Nj*jSwSrWLz-?@t_Udz)#N#5S$vVzY zDd+N5Mcem`mbT&|Ly7wvQD=!{>dR;+;Gi(SDRK-DESN*zUmx@V>Wq0k%#e(EP3?SY zjttyAw%!98vAgFs$hRC^H#sfe+9LFvbMn{Q#XXXTVKVbileRHFD0R%nPdk|LWquGJ zWnCWRU0aP!dlpkG<}kP0d3YnbX>aSU&eT6whO3cf$;y4*F_^ zVOhTn(y3%(zUGMr)WLTcVjB-XC8rb>^;y!ak2GX&>OVCs9s0V;QLc5bqx@(|J!^}lAu%yH5mqpO`S{qwe$(knF#Q3D%8y?5zvsO# zGkdf{w}&YehvZfx3_k!$O__EG$+MUD4L32fb5s0L6pTppHyI8^jC(p zc&QSI_mldY=-QvzT+{oO>v=A%-CPO$sMvOO8fp810eYl_>iO!PU@G`W@y`;)$44rM z?ZCmjtB&MRUpq8Oaoo4ohVe$jO4v0+-2Kmv*$fyD79t#hiL06^Z}kWR?jRp5ymMm*x@2C(B&Wd{)7c78_Vr($b*pNo#gW7^4j%rH#_46W3)w?qF&g>Yh=G`GykJt z){F1@M^dDlCG!e)R5bLWE2#-KIEMJZT|D5~)A~<4qNdI=BMJFtv^GditUB16+nc(R zGlw)EF&+$jvasie4R#@Je$5pf35w54eLJ}KOc&BiJ9WXyG=5Ye z5AMC+H!FjWwTEf-Gn?k+!epGp#6h}L+(`>c>@aK5q-1)-ZRD{sW=X(zDZe^*+|P}% zl{mLEuzjYi>c`aH0208M+V>7w(YF5^(<5chny!K$}hQ5I(G-ui$tf_uaXIZAo?P~=;8N8u%K7cte;)RpLDqmx@3ERf# z_~aTT$*N~w-H}ru5r(w&a1Z$CezlqwJ_1i@T*%J_FM{ysg99o#?k7q7_s0WCNNJIV|-h|P&2yZ`hTRXU9DvjqH-%!;L5sW>>6OJMOGcv_&yhOp({6uMG$QIM zhz*nSj~RA#WT}4tU%*FcyB{aiF2{#N9ta4=gcARZ+0a<2*+V*mSPh`@ah4R}_-QNT z_??9v&cQV$#t@~;2S_;gy)ErY%^k8w(I~c+Ax^M*=`EeW z!ob9gg5Sh<2G?yHKdmp?1}QeC@}54u^3Y;LdYv)KU()(N^usqDR%-tGOu>AOi2t$S zT{yYuIDiXf5R;T&kCe3cE4ysZg&p(xufS`ZWLh>G6r-i76=Xo&_0`>6U2hng{D~_5 zo^`u7XZSr$U8hxL-$;P#;NNKEe?9s5LV;FS1DiHDU89wqhPSCSx+2!5LMwl>x~Rqh z{WOJnna6bBQy&~fhD~+atM^A7nsI=6s+4?W(5V{XgQhfA*n;AJpe-(_rw` zaSRTd#=RnE=#l#BMt=VkudL9~6yV!o6~l4F~=-&LOtslN#MXKH^gawb{aR8(AieAQ-0 z)WM#|c|qB^72j6vXw1UW0n$Z84B3i!@n~jq2%{|!N4M2AnM`*}U%T8rVoh)#dH=IL zxxX^Z7lu-Y!(I3FEixu=MK|jCkWN{S-+7B+;9F!tEV+@M*}+PBAvMi&lDeI;+I^s4IB(e7qp5sCFq23ocGi>E;i8{pH%F)%%?o zR&TeE7B!hNv#WcL#}xS_%H=4^9zJ}Y8RDDGS4f%C=jmDFo7*zED+EHXR$iu*{fCd! z{{2YK)<1srgEu4Uv8%;$U(VQbG0fBFOPl9PeQayosCKM+W2qP!&TYEwR85kOWy;7kl7D0LiEB*<@JWw$ zL|3|2cAH322ek68kZdN!=1uvCNw0=^FE~A829NYQ$*wndl=gFc=s7oc+#%Z{qzZX?v3dDSSZx-6co!sc=>ZvU49<$cpz!a2f z!OxA5N>ksCPCK9^nH8F`e1SWnpBBF9CFGxMqbH4BqwoR&5_a@_(omt-&lUyi(VRy$ zRBd4s+|jQMt;R76%NLZwN?Rw^b19oCiWU~K&PyNh3nN-V*;gSlY=AOq>F=F?lAV`l zY86KuuN$L0YbbP&DV|In%|_l?Vjnne95dTfcX5{pv8pw)XvL&53bgdVUI@uH5xN&W z;q!2fnwm$+WuZFYec0-;tgvRm6(`2frKsO(Z6V4gL72)aZJ$*6(n)sj5VTL_^&*o+ z25YvXQs1Sfo>oA=v)*=4y8vHv#y)>L$~ioPSUDQOPp$~E7_Vg_E=%V!SM^>)DGZ%1 z%=cWp;?Gz>XUc(20wGxDSfJS!;XYM=H&55TIB*oSwe4mf?)dU@bg`|x8oZ(?DuWvts(RBnik#kJd-cp#QtlEYC z=-lO9A|eCtTX)lGJy&qJGqdUiJE%Oy+AM^n!61DzE|~Dr2|J(UZm%H)6+H0f+?~!| zCcva(E3pzV_vh^xV<(Y*a?fqY?F&6ljdj-6nWncV6SP(XiXwDOH^W>i?`i|Ku>|ou z_Pn|&6=!IS>+3wn@vj|X#2fmjtz(c#^FCFU_rUSy1A3RjpBb%hVwlHqa@r@ZKHOoq zs86W8p@aP;8iJFJg(qZnQdy6;*Ef8&dx;VDU%dEN_+0+%kW}N{mheh5Tg%M2I~_H& z{0TCMW+2O{Ee<*=MCU3L8D+9=oKhPg!f7fu+t z5)AU7Zm`|7oT6Lr-@Cu7Mx>it|I~t(s>?TTNganjb;&O$_@S}S7WZ|~U#)H%AIt&k zcN&rzl=`9PzmemYJo>;Lh5((Rfssj6+SVxQ4NG~FMR=r?WkctEL&K{}R%7i}SMfT} z-2(N8#r8_32Nf-zoPNO{x8jxv6i_c9HqxFwG#Zuxac{b_xl- zsw}+GF4yrn^+r!%tqIQW4O?0Xa*4)S%oIpO3bteLreo;RLq9B38S?&ufbYKwf; z5YhcOPkQ$1h6df>N*`a62RqO4%kYWs-``^&a3g72RwpFdwo*+7Eipc|9lu?skX^U1 z^~`XZCc*Cuvkdg3V%~f65ZJVN1Lro`jM~Ub^Y^}a@{P{xo#zffFsppD$@KQqr_Xyk z?{hG$!&c~LM$zBJZendnX)-{a`k=^!7s%Ermyl5PnZFz%srm_F6KWY5-W%YhZ{_mp zukc4%*%dY>wkJLBc+Yi&p-s(W-Fmh9z!)Vipb`Re(iXIY`sDjk09NSUuimtKq^q$M zzlc*YrA=czbiH(5=V99|?aT~j#f7g(fBU(=vH~xu!OT|dn^~GZe)`T?NBU*MwV{DU z%|(b7*_@eHH1IsM64)e`?b|n(akHjK;z3g8V#BdM^)j7EcPM6ao3n#(^zY6~0&rvR zOXqsO)z!PV`KcMiDz_&j@r#o6>0(fRxnOD^^=b@zq!Wu!J}je zs{Ck|lh#H;WtFF!gPuZBRd-kJ5_zAyStS+ZRAX$Fm6g|{m00RNf2~gS)(hm@r_Y~v zuGt=&&5NMTO@>vaf-Oxr?G+uIscA+Tv%R*1>;>1&g@ANd z_45uB7VmX*_f?nIRkXO)rodOUHxDsDgC$Ll@)RvGozoI}UsY5d-(lsc=aj8Qt9i7U z63NwmtLm46wABZF2-Mc{e)7bPQ0{}$&|=#jWRi@&Vbojv5Sek{ykrzKHbCj#+`K(~rrD98}TEW^ZhS4j4u$dj9Ss)S>X7&?5yMWes`uy+CcjZOVFMh() z6ZLu_(E%V!2$HJ{%QnXiYdW92$}C>f@@+foatBoU>!<*E-}URl^i_?R;ZNf&cw%by zmA<<&%+9=5H9r?GjQTA0sh^%HDVa032sPqoBJYgb;jTDW+0RZW8nE|B_Eoe=H!pbg ze)c({>eqSiEq)f04EeZin9%d*tGrqc;6(!V&8$uwH}}u7L0yf{-HN}?U9Nd(_;*y# zWxTZ-*KXF=*iDOf?74W>EPm>+ z15+?1kZ9N1H=%m=7I?Y*BpCv#zRZS?ZjAJ|;ULtMu4%Hi+9<6Sru|pKFF5R*G%%2c z#jTAuYbZ`s|XJ5WY)80%m8&^Ob*i?o- z7fchYvofY!uC*l3AcT0}X7kfnmk=&9iKfS|V08xz_4!2#(p=M}crp8- z{%rGZz*Tam4xi^$%pZDWz*;LhoEPj|Ers#EpPlXg!{S`7mX}b4C!#o$R~>|(?Cg1& zD;WL^f)|DQP9gy#)&6UCLjKy%f3pFnWPmc1))g;aq44?aS^Z)8N4l>~Y%dlY)65w}czH`iXGS`UySh5x2;^eeq zpq*4Fn6eiA%C;6|H@CUo;bAu}2eR;*jy^X~BLPJaM(G{&+t8{XyF8o1+ZgOFt+6It zbRY2S7m>0XLj@S2lF)_9$~KJ7^9J4FmAmLHE!u2hxR~saag2S%O5^DMeF~8Iu@Ztqx3kZ{>>^P07BZ>UQVO+F-zH zcx5lqSSekGdHr_Z(UQ{QW?TJ8K0XtKkndTh1~VTlZLgHU&MlUPjN^ST4@06?1<~Q! ze2elFgZi=f7xX__ZTD{VOHj9x+to@!cJblj8t|M3O@o8`ORPfQmXwytY04Q!-s*63yOwt)*3C^jqv<&FvKf3pUvEY9o9MLH79G;T z0FkMEJzeRZd3O21N%*q&PbMzK>-~+EIhvhPo3|>K1Yy5DW%!iRh^S}gfBaEqV>A4# zpgSj9soR9(NRxQaNAuS_lhne>u7FPEyLG-51?GV46*|lNVbi$JHLH$?_lNJ2pWL=QRZb6h@xZD zLNUQvg@p!UN#>z~Xw*UGc7m;zkjNc|Bmsg+4owD6U=OGDAc$)VezIdh2P8$a2IFS% z`Qu(aBO|#m`w)JgF|#iJ3ve?3@BINY(P=?Hzi-Ri9}KF%OgK^kVZ+luQHqYi5f2{J)4(5|9n98u)P-Z zVCT1;&in)wOd&Xc^C}z-ymrmGqkngL#9%*c@&5a2fr{G+TpIOBIsIk~Z# z$HQvi!z*`n4O<7EU3D4FPi-{Lo^M%Apdx-fU%(aV%k)B})||mu02d02F{s`7*w(&91YL2^~txZA+nwDAN8dw2N@tqEC9rb10 z%-*l3R36XpD?2t(5JCKx$}L9-$m7n{!J_m6p57=zyoa`fNkont7DSp zkhSM%5T-EzkW^5X4O=8EzgCcy4cU!7(mMID2;E$S{p?n+Wt&LZmb)=>=wTS!Tm zZEWls4V`P#_53j)8Mwgi%)H&g3Zxu@O;#o|I{}FPmXlt6W4+s1itaFb_Gf-_=h*Xd z1HRV)wleDeEkxf@fTe=@t>nImL)-M2V3O|eQd0SASh0{}zI5c%kzTEmOnr&-^jU}# zYr9m7qx6-xQ}WzP_%(X}uJ#6E30;fdoeF->Nk6LH`bQugGu(Mnp)jW^^MkD*8)9Uw z)XJZ!b9VG#NHVrnaej@;3c8>1*;XvHh)mOlK)Gs2$#4NtcDZ40N5Yn|w#tM>4w=iZ zPDnyC5}D?uii*>;1LzBHp_X^cmWRydwT3lzCF1JNLA5Zphur{K{ZjW#E|vv zBVu^1c8`5_mN~dm$08-t%ZoDPk7-t1VBS>HvrJJ}ufm%m+6}SWg=aD!`7WAJ@D_JP z0*uG=J>2=JO$}NNo-bw)rgP2OGm7d^SJlRNf58Zs=Jj&fki~d-uM0wBrw1_+4<%7F z`abYRlXRr+x1+j@bMbOai1UmC~q7x3XIB?=qSMmIl3SXPjaw`WAN$xTO z&054Tx7xL&X?5sic|LArDM)A6)SQ!T(pgIiD$@RSSmiIODa{!nJWpmj3(rexKo#}i z4TvK*DqJD81l%9BeeXUfm>1`@mGQE!r%l@A(!IZ*MJPY4Sgtd|cFbAPZg_2tf;u%o zMmC*e3p9<|9|*N~T0VwiARex_{=>p_j9u6F%53jRd%{00wD;Vt5rXLdNr?LYogUnO z-%9eIx`Cfo4GRl+V|~q)Y=t7!{Ii(NG2#hVgv}c@c9+b`U$NAv4H#K^_V%nupkVpwy&c zI5Svxxq?bNMSg*`CUkQ&PSiaX?lBHynHqHCc$*0N+<>uBrYTfns}R_$I9@I=;>hag zj5?Fxmn&E(JD*z(h0ccH+4R`8LFXvhqetsQLU~+{s%v-JTT(Eo5`~A}34R@aHH(@P z{PoH4kl`Ob_F$OgEMjix71<^Oe#N7U5z(Aqexjj*w1j{zl+bl2N|d@m39rjpBD3Aq zrX(QAL@XW5+K9q}9MsvgL(Om9Q6`G2!%tE`5DLP^ZzXJCY3|L{t3sh{)42Bxu%ehl zwL6PR!vjGPl(08UXh1K=@Q2&afV2${+`&-eZUoG?1$=&Ros};~l6EyibB!g`=2M81 zQ&Z5T&~os%A6>fB41iS6hTxSH3Y{>rii-Jlo?E>3fhocGHs6ADt^4*BaBGr-7B3o@ zz+`h4DY&H}m*#IfhoK}wW?OEv-s;FR!>fM}=!Mbl-%BA?X6r#{2MR~K`bIybi#gin zV3pbfwO>O?l2lk=m$}=|d;u!|sAzz%W+bGQHuIZu{&dDhf*yv2>`#I(#5*JAdeTduviK=eC`p0J(H$70h|E%-yI0qD(&Nk7 zbP*{hi=mz!BAo??1o1X#_y}*|?ag1J_;PpN? z*9oe)JgI*QgpPfW4?)REPP;j6?`Md%#EH_uEb-%rVE-&t3na_~CWw&W z^Y-WW(O&;e&Eg44GwEqWL`=`D$G{xWm0yN#7oZ3Y+&T;7IIDD+etuh(9CS1Bk4^o! zt5W&QZyWi#j@H&$@I^T0md;QZEB7;Cs;LFSdnZatz>Wa$2Ai{~0fZJdD|iCKmw&)z zI< z?vRuE)gS-5y1V?Ur*TD!--m@`uL1&8M)w$@;wn0Cd7$oiS6y(s9Nr&iQ0wt}`*GL5 z#VYn%ne4WhRVzJy=<)|e{ee_YU03Z7B&!dP91L(B&k0K)MG+P`c;mo9Lu44wN1E4;VtzYrOuN$ZZYt#41)A1)xkJqc z>B;M4B0GupWq>yPQj1oDG;yM!d5cxZzWP_m=ovAkw36F5CPVZaSzVD1QqUND+}UUw zT3=tE3y1B5bXy@1h*D3|Yd8%wqp(mJSl7#`**SNi-Dx@xiJ42wnFl>~3z)cHL7S4M zEy1e|y7uG>tNyHiI^x@*6LW1gzwGN%Ka}*)&fu@QjOk>wSGT(!YbG@YXFP=-w9K`7 z31lp{`?AerR!a#4~Z~rP8 zwf2GSydb5Q$b2s-aFSp~U!zAE)8F1Le^c83IzFx=XSfD~J|H0>-!h1=pk@QnH3CR# zhYD_9IQsGUgOESt*;_`-6Z}U}mXQO|LW>aLaU~@{PB0KDz^JtQ?%h5r29|9FnC=)K);vDS3_=(G?7W|SBxf+LIMSy zeoRI>kl!~qwq-emL2q9Xnz;x^ZD@k|_6}te!n9ztLnZE(7WsA?PbDXSm^(VrtHQM# zyZXfUpnSBW)WY7{Q0R9Bv!lR2xLaOgL=_|u+AuqSTJ6=roh!g#W)X@j!}9L##V^CE z-UcXyw<;A`eeyn$xaqk?z=-_d#{eg`$vX zbfMB~@51Wkjj@{DI^MQaMb5g1@iqY`a!%61PJvZR&LpmVX+6*|jIJfFw>Ix#9NzQR zZ8j*Ya&00jjD~PQ%LxdqI+zz}jMA4Z{1aQe2e7Mu~4o=|^3-xev`VDxr46svEQ^1PYI#+0t6%9mnG6trm zrXadPdTO9vOtSo%oq=fH)y*y8l`~u~zJLE^EL@*fULNESB`hM6NhInSm^eD(E^O5&I{d(iEAbXs(0dOqlAtw^Pi_E14`d+6ogm zmAXi-F|#zr+^;+e(Q%m22mI#D|MDtie_wyn(hn5|9p)RGFf&v9& z*1w3f#=WG4$qQTZju-0co8f#z59D*tUkY6sDAIuf`NMkTM0gAc1I z`YW79Zq~}1*B9Gj8fjJRn$1c=GVU2=xzu2K8nt^B8;qZJ-4!Xb@d!p~ZsVl9`vcP&R#L z;s=Igag-rQ)f{3~9Za6@l_!=nEa3#{VIsG=UcA3Gm1^Ky+r zM~n`;zml;9jS9N@Tble=M5$8Kw5~tqXlaLsBNmL788~=RxXX9H8FK0<>>K%;ZSb8Q z!z{hKOVdg+2HdIp;lA~^i7(0A`-bz!n=HLZZ@yh#?@&!71|cQ8ZY;hR>`Kqr@LBS%7)waAR8leD&L5#_f>kNfg%brjFTU6+|Pw>m=HByP3| zidZJA_&nM)CNd(5Pq-O1N;u-`^Pa7|%4DV!@OpyjwWrlpEfyV-w%rNgL}sc?(<(1u ztZX&GotcJXXQ-!5MBwpuw`qYBb720-CtHes5E$!gZF0i3W7jj2gXQ3SgfB2>zJ2DF zw}ED~QHKX@)pB}#%L~3s6F`&|U>lZV#sNf8R|g`7edKN4hxaBnaHc91n|UE?`mfZU zY1!D@dxoysi%q&y*5^Vtk4U##@|IptB>MvRlQGa`KXL!QH~He;5&AWuYB85_kX0|_ z3ZsUvIX3!A*GGi)WYH8S6j{@}NYxbhICAp%LrnIu*F`uu#x90({9TQiocZE4J(l3T zM(MDs58uEf=nOcZJtu3{78e)!2+F!Lz!ReK4ihLrp}KlnpzS1gEj2b%8mZ3AQoKoA z`GA_tm(*H?ZC|wJkC+7f*U~+Z6qAxN?!3t5;&`MC8GYT~K%{cyTV|)9KFOKit0yRM zJ;e9aVCDxIU4uQ6nh>0YP2I9MT4@T8g>la{XK*LYV zJ8l?GI;_jQTJ#Cq$Y1+7A2|Qy_;H12#tu*CQ&rVfU3}(VN=}nr7rWdEl!3ft8Iyi~erX^r4O*I-{Qm+SzaH?k+=P!W zLea=@zL%R?#-6J^Dr_8n#5eh%^)Gtk!Y%FXprA(6rqy9T)f`)FucWm!hw)NihJC8VzsFudLMKZ)Z4Nr>DRFb$ffe$8d4h2lQr}Iz`)cZ$+Lh!9p#D z1o-{6k|XzN()g8h6E7l%aqx`yZ-kM%SHM7Y|D)#379;dtzY5yZx&woAOn$A!=wO_V zI~=AiaIYt)lAzSr*JrBhWwc%Er23D<@+OL~z}Q;C{{Z9e1JrQ^Ag>GhfPlas1%fK? z7f01^-5KzFhl%`MdL%Ywhu4+SbZHzPxx7f@LxfgGdTf|x-Nb|}r;m1Pv$Lp3N7CUU zA2p+98%=rSj#h@5fWT#wzMcU+-M)v-lXr)0Y+e4;1t@hA|J^ePrV5QH@QJhj4Y~do zf!6hfS>2nU3MQxFDAORl{?XASKzK3+z}W-{Z;EaO2O`4zu(z79N3-(t6*mWguS7*n z?X`?`RiF>BuEHfqB=VBJ{wtZhyu7TuJcUgwM@Pp?mo8ytAmNgglan~$%;9jvrKF6o zCv1v;hx64QNlWbC{{;>-#{yKtB)VD#ne*5=#|=#E?UMk-?+f(+=4~LcHo(I7 zgB5I>D@?QEpguTfUil9WhDP3AaC7c$y#FparjBD?27Cf3zQgn1UxokwrvJlT{Qu7E zl@#gR&)ToI`D{05q2W1at?N0n<|L^nUfDbkkv^pmn?8QT@oL}Kfi{L8NJiW?U%A0> z?o^ZtYdwD`x#7744Ra_}uSQ8+!eAm3iCdWEZ)c&YUhH}ok1bN9^Jt*=Jeml9thxoU zn(b%=dOJSv5hE1D?tPr?cV8P$JNs`*n;QcCLs1I1ju=}JLyW0KVq^`v%NV6*B?_4O z)dubcTb5HlJdvErT`@+izeL_zzpt0rwE^8#1xsb0l4Vls#JOy(Zsx{hOxO{<5uZ;N z9!swmJ=fudnXnlmHJ4t2&*yX~iwgDuM?E)rSHm+;K}8w2m&)E;G1b*yjg`Ji?_QNB z#xi*{v!rDfMCxRU$4WiKoM# zUxV&7X~OX)pV$s?{Xd#1%p6^gP#;OCxT2Tb+n>pOh%;`HWXtoYisf9<4m@UB)wOC- zUL3=cmMcs?xRaiJ6k+*^@3k8BJ*b39C_(a^vfG25FNKyJxqu3r{T8`lo*OH&>Fd@( zlt~q{GqGMFFFmm}?Hf$U9)5f}Y@>GfX44LryDWIb2>~IwL3hP6nFx1e%lb3DmUSUs zLLnyVc9%47ERKmc-cQqw9_RTZs1)|lbM57`j~BTn3B*k&H_QB{K^48LZQEkg7xt+UYY4lC>N(S@j;T&NzL60htt`453U{9|hml34Pd&KOy;R6c7!Owi7yp25ci@C) zQv~5?lX7fZ6nDL*_f6RH%jt+ci1l%W%-i~baA(|agB@X(*`#&@`Vi7+W15FuuC3WU zy6WiQ^9a+eOtjg~=OI+NUAqIlK+=mV#ON7<-)^)a#=HA7Inco^J3LD)$jHC1Kw=mz% zpA;3A=A@=&C_3w5PES-TwKDu%uA0wTX9cy~c3uA>hTzAs1X{7#$u->NEGaX^*q;93 zQ+rqWb|xtOU+s);=IhUVK|X)ze~YvIr-A*KV_i2I{UEQh#m?Z5b7udn z6l0C2`G(DjtPvBC98eJTJkp4L5r*V+=nVY9q5zI_1$cXAL2Mfg;E@v`T`-)kl3JXj z%M%lz3E~#V;r5ewI)j<1t*g5*;hu?c^7J&ka6wjhkIM~TQ#eo4)YepG;R#&!(N0}c zjgQUOM54g}gJm~n+wnnSPcvuP5o34~kOxGqq8l4dCC`T4g*ya%?ai}I>`h;RiSON{ zzGL{sel}+BVt*Fu2g1yZjErBF;G%*T*Vb12E?_6Qvd(} literal 49454 zcmeFZ2UL{V_brHGR-hFnhgLyEvgF)~fPe&vl2s%}$*I5uC?IGNB@_aZBuUN`ih|^v zLxJR2koT52JL_|a) zcl(wq5z#RcA|m2LCyv1@gN|!`@Sl@*x3wLJh)BO8e-DMRk7w$MaKOMKa{^*R_2x54}f%{wvAk z(4AXfnGWAL5^=;=+E+Rf$5@RLt#158McygKSiw2hI7kpDAb%qXb9wiobd*bvz$kzI zsoZ$x>v8qMqS(*OCEn?c?UmNVj34VWYbe2x%o7~=;2|`oro!nTKDc&RLqp#!p+CamuCj8lj;_wQeaU$mnrphZ zZebe;F1sOUbZ76hijmRttwD5>f)h$9s6SR|Z<)+n#n^b_$xi6ox715Qcn*%PNyX^( zu^lff46Qd@A->+Jrjz^V)fE;d*G$RK)lH3=nZ@qrSkZOo2l0BG5lnRtbEa2(P8YZ? zKRkN$_;Edgt@mE~^{K|T7n`oxQ^B3xvtbd2-9^|{dg&mViFF-Wk1~wgwz+XrTz2R? z-u3p=Tpu&6;&2OG&CT6m0Tgm*ov7&bAE&vdCv|O>`zIB+%2RoaY9kxAI@*S_A`IN+ z0w}pQ`n2TS^WOhsR1zQ?ho9qdGp zrVWzRe{U3;@|I*uD=X7QpC4=yukV<1bDMN|U~8Uc-;+&Nobgym?0}>-;;~n4Fe6t= z-jGvP+veG9T;f05`?Mo)7q5fNku*G(|7S=E;Yd8pTKn4Ki%y^J>g!AE?$#_Q zEZm@_Vb?BIFPZDH?3(S8zkRzkF?e5KB$rc;GnR8({9t#rJ|={nVC>W0O{WH`AD zFkAHf z=Jkk-j*gbD4&b^wXa(ibHkA_;LkYT`g%wy&Y!IX9Y1MG9>nK0f`51+%2PCiu+P zdwa@zLwF5y@r85+F7JWrX1DJ4KzjDIhhJYFim(=SQ^jpb9?0f#mVBM!9}{sAqMIzx z)7MCfVOD4~-bK~N8$|D)idG2c>`IUh*dDqAp#pQ_R9heR@#9BT6sjVtrS7dXMOf(h z^zp@q%*@O)l8mnZjE)Lqi;mg#tzo0j3tm(@*vB8lzxj)xe9u%XWq&!?dm8pfTV@fi zyQP1)CqufuJxL)f#9`ZWtwKv~aZKINF#7_V=4~`-D5J`TMj!E_B}`IfnMIh@XeE|R zqf6u3wQDqXw2KO(bme!qmSI;itSU%q?^#k`GAPBuY}(XO7S?D2jqe(jokpO(Hch5vE2uh(^UlRtbg+n8S) zcG@=VFgxUCWc&7eTucnJe?UM7+b29t9nW-;xrptT2|&XV;r%SG3Rl9$Q#eo!1+`d64Y+1)Z`diVzerJ zxEo9T?%ng*cdag{mhOa!i3#~TcS4&evi$vtb7f^4hLu}hjE-Abs+r5Zs(DSD5^Ynd zeYT=P+@^HPWUnReAfp|9PT#(c`H;ucueG&oJ0H^<53e`xdd3;oZm6CBxuzL#BaTJ+T`ao@(0U7)07)E(0AyYEVJhDvJ z<0NdI{F=wS!?nLYrIYKJ#%_0mT_(~&^K}^~+(%13N3U0Pz+WdZA-&!Ig zjwPVh;i*nyP;h|S_Pk?W>x`X{y1M#@3xZj16jbHpUdj6hRQTJ~;C4tAc<7X3XEmcc z(mLOz`M-S0ogMV@G zm1s+sxy-Rh?xo$7l3H&M;Ie4@@hyr<@-Diwb5JZ)YCUX;{mO=;OL}qfJqOMTb&7_O z=OnU;QfNM#K_Tn@e7QE~vL2_!zOv-D(WTOC>K+prnPeNioSU!YUX>nf>=>Uea$EoU zxNc&d-o}y7{pcCYA)h9b4spV8dQFYY!f-`H%I1QVOO&+A*y;{#vUTy-AcoAhZ{J2q zdOvkz0PNt5A5Q8H4}UV3lwvx4u(#b)ua7lI@5#8U9=hY;x^bO*twJy&B7&{oCPHD+ zZYn5@jkykAF?|O=H#0-MJ;r!2Fy+>QxmUR(Jc#|>+JUS0)e25bNLCT_OoSO_`f8=d(Y*E-9$&8Q zeQ`o+Lc+~pv6ZDylu6={82St5tn+%!^7``Uqj8=2<{kM)wWJk<#WMR6Jqrtq_A>l@ zTkb>ys_+3^@PBf!+I1aJM&HDicpGFQ*iZw!haAZMZb#K45K9^$CjZ#=>+&**oF!;3ZhtH8 z0yTBo#)h+l$MgQ|2ZcrX>abQHv$DFMt`L`6EgH*XcpxsV`}w46Zynbw%3XQ$qb9hg zJ5x6djlPu9k=Bk@4U35ISm&F4tKjSr%HTS3DBCg*_Bp`6#)(G!ZArf-s-SOed&XO=pnHrk| z;G=u}I!Z!Z`#9S*rr3(PA{^2EPdMBIRSoU5A3q39wcozs=Wrj*H7qY6xeAqFmzTajtmH+^L|@rZ2(6dx=_zch zHtzLfMh|}5!Q&i)_c#3{Q%g&Aw6#~AzFp9gx1Z6)ZHLbW(cQJS&de%X6yeY=Wgl^- zp`|%b!N3{KF=)CYb6T;5CrxmTH)lN9d+l=Elvs8^YU))vRcUFT9^tHMjuB~T>32sH zfF5b6&NGDQ+ZRy?WRbTd%$2AH?rbIo4?g`~7t)XQ#!4IvmQgmfC9YclY||~WxocvQ zoUHGe(=*3wnmj9cuzF~3y$ic-wZrA@HawSO`e~#(@1L2e*2qzR*+bpT5%o~9=d!U` zPIKL?Vq$s+Yb^&KQUq<(`zo(PZf&~8#BK)4rfkH-X7yM5X{hRD z00&_c7S?9b)pc4LxzT4OKriX6clPXMJ`v~qmQp#jwoY8gMNgRO%-L)awdP5lM(N=n@hEhXM+ff%|A7cQ8n zj8Tg*T$OxJtChixcS3n^tS@A$YirLCFecx>uWIi{1qTUa z6Y`#75NU(xNp|9c(-YZ1B!xjbp!!q;z%V_F0((tj(wA zh7~!bqeDWPp85BQ@LZ{3w{tJ}v5~6hN8(_$^D{|BobPC4IQ0?wKYfa?P*($(js-jAd2vb(o4_2g_S44CAX(lCEe{2 zJ4JwSotfjEz-Q0cy%e~WQq;D#wsi8GGsn^0*)Ab#`!ZwPIG*h=o3992{0g^u}Hh-MHhQk^LP;hkr7&bUwBjHM_+&MVlFsj$t z(UCbFNwv4+C)xhC^fLNeLa^liJzGkOYa&-TJy^l!wN}k2Z%+t> zICp$suD43b{)TDDd1qmz{P|jJagnWUQoPcO!6Jg}`_bO!B!jyi3Iul_Z(l&hx8cXx z_L9og(IXFogSvygJ>yzdWu^yRsIn@_p9C{X8bC!Ol}${Tzbmyxb*Qc5CpcVk;+4wGTaDC2czL)2;EGJK%1QMVQLI9AnyFf3z&tE{c zOuhHm>l?OZb)&79gT)f&=dH3eF~GwiV*`U%cLR28cK^Jm-U=zB=DTWK@qwU+bE#}9 zx2I2Ba}cTZU~wBAemB+y*To#ssHwMmq=GQ)@i8+qjA;+Az?HV6UPNKw=F=h&s2O>( zLK=d08M{|lzP1}Gb6TzCaIB=9oSc1$r@|k^*kem}d~6rc*_dRqLK1ZgN+O+gb#C47^EgG0n?x0s35>&ubXH2fB~2U1g0m#7)O{6$Zm zn32KWx8MxK)T6U=d@0YTO2BqF1IYJP9-cPK9Ssc)Ad!}JXl4YaYHMpxetpkbqOPx> z2|L$f`Ny~Z5{H!Q?Y!#h`2*=bHU`6*uNfu1s_G)KR`K!i{`B;g5;mK=4&s|5*{JZ- zr%tsOFOTioTvlPb(}FpM79DY$O-sptRCg}#YFuPw>JA=@#bJ)^7msspR$z)WB=_5b z^MQ~Bmyn4?ta_D$3YghFLs7P`vy5RQ55SOk@5~wUJN5JN3-X))`0#3SH8xh?Vlnnp zXI!NeHP8b$@kP;;rwvY}T2G}@JkAW-&t=kdiS|5wtjA$bIKL&M8Q$0N_qA)YF>??8 zI!~98i`sEK!0vw`NC)t-aVU1Auqb48T)gK!J2&Tv;hmg!9Wt8ctlQIP<>JzE-q1MI zL-KWX$F-K8O+!6j7s%L!rKm;Szt-twGCmaFgQ+XUvk=ymXgqB^1!JtO-M42_3YJ!U zqQu;CnasVqJ;nFdI!afYMTw6c$4u3Ynsr_#le8jzZnW7GcQCkH#$&UeApJ^WYPvyH zRW+ee_}%qNcFq#ViG*+4t7^0ewgG+eDj*dBtM6UI?d=Z^Nct)~ih}4xO(ZaqIQk#u z%Qd8O?I1hldk}1Rm!=!wBLFxH)6j-RMlwZn=uv1lGSIp0(GfPBQ%;?d=d&FaTNRGb z^Di7|`sV;q&-Tk+%2!NY}PTL zWp~%J35Y8sJBkwBvfyCaY*|LPTZBQ6YysQ;jA^s7zJB+60TL9jhaHnXe!Ld;=1r=y z#MV82etyW#r%s-{>n`I9D#?YjXXAmWYz@7@YDPZQG1#!?5Q)Sbdm0)ZZU!V45?p6E zhpzkcBL_aL&z1kS3u-dA6L8Egn%m4Va{r<1t?KMts6;23b@%Sw$u~Eij|zvr9TyEp z;e<)bF(IBcZG>8fmuJVa6J?|!lR8ay`*wgHc0ux@fpxRMYDv+sry4A{ys~mni~^U2 zf$c~zs2G+hGs+lDv4XLTA<=?$a(6=oMC_ze8cSz>s zt^je)K;n88G1+bV7W36XhnBRDxvH<^fi|^qJx$YFzxza(mg7uPg!#?gBiII7sbk+> zGiI-Y$lDafe@J&-U-HHBoT!M%grkUYQ5+}dntscunYsqhOqL-hOGX1@9GfNT4=VEB2K(?}d92nG zvy*Vjd9hQL5d{*<6;?jJ&hq*oddVyvqZ-UQfi?pGoJn$X=vk)=6qQNIlO}SDpH{!W zy-agKSl+f$`#qV&=0CCevGRA;I95D-Ef#-xj4&{u%k0YCI<6R-m_!lY0U>s1T!USb z{mSX}E63Lcd@`;_>1u1snw~ZTVlyKvS*cvzwUfBh$-2;+qtC%H{P`Wv zhuDd>22Q{(#}F8Tx# zc~7{iKlvR)JI;2piWBDZbe1!1&A+^;TBT9f&@lJX49{xOPDsAu$KbX3fM0;`h@RJb z%{WZR)ho=*M`PIY+eTZf$;3bKTlTn1>}*N{nW{l31wQ)FbT!eyuy!rOiw>)p76yB;28AW*C?;5}v0 zYrk7hR}`Z@1O+*ZZ!M8aNId~Ld1i|Qc`eLkIF0S~t2YBfnM0Hu1{tFG-NG`Vo<;S= z5ao{`?1C5qO4fd#D7RE+k)aQhVyuWplt`DSnDB$#n&4nH57{y+foNQ7Rjc5Ondxc1 z({C{qe}P!fB&WSPHPW>MNc}g2PpDs| zGLc4iXXwxI);{G4Dxa#PyUNug?t-)C%yXP+f8uc2GwkLwsr(Y<_xC`X1wzB2H!X_y z|4e0bg_TtfdOPd$c`ar$?Md!yZMgb2kA*8&uFST{dZ!PPlpvYvIRD@sZ}BkS>u2pD zKWy#11+uCbE$Bw?UAMRM*nKg4RFwSU#f#gEE?VYYF2^Zbk40f?yJ&qwLqpe^6&*!x zn>iG|!=0URB%|_6y!&{p*7BSG1^2bLej3`^=Dy!+1gr(3_ve;t`Mq{sOY}JR3JGQ7 z!B`bjXs5}`$+dZl?-w)8U_9^(B>RH{MFR^a%3&X8ukEeu@9-PR)c1&d`bjSJ?y)Oo zviPaHogiDaj`d6~v>iyc9w;=2t|?TqQX6?JN*;F@-mZMxU|gP(rE3rb$ihodJ7f)XZ*i3f?%%ma$&k<0XCk8qc~| zGjVK3C64O=C)-jXT;#jGbg-p_(+;d1#u1MxAH)sdOxG(fyJ0zlosK)`r?-@>3|itH z@COy!UXuQO4r&O9+4Dm>$mJgtuN+ylK=4n zRK~4|Yo$bxcxD_g^*&N6xq(7)<3y`V>`9xGtFV_BCB?C4Q7vIp7X}H0o=X9;#nTyi(4KO)3f?79ET5Kz^3o^Md}*Ol<^W|9{_mkfE~pL6lQ zyW&Jd)6!=DxrXU1&7Ys282m3@eo;z)bhSld=lTY5@!z*3-tZ5W5s`6VuhJ~)|GuYh z)64I7r40Oj=@Q6`|DYe4TZqrlEXMx%Sfc9S|L%YPZy4tP;#2(>mtU~I!Uns>=g4t3 zF?RJE6anlM4SmC0f1ZN-Hi+KhoDuz^B2FL6b^_-%q)16XSpQOe^MXkMrj7RS?<=3= zH9X9@+WWBWgl@4&X=&$ho14t%&u@HLuDetHMfK-)b~dN-bS|8uV~=RyA9wN-OSzG{ z9w@{2=O#pkZ+SB($b|V$kUm^|^yf{@#-=(Aj4MmGZv6WUF&)pIJ*$iwef8&}Dxd$( zpYeaiBl55N|Iq9+U*F|iK zU5-`>`+~`2DQs>#Ln$ky>6G&AaAx+0#V$XcFqO`F^wzT(2kM*=k6tqi5!umHlOH0g zv`>+c{P-p(t#EAfjckDLNpbsYDS$I*I#+ZHt=b^T?n)ethbWV7 zqyFq@N&!d;8~b2%nN80QZ!)3nTp{(7QWjf&!HM0qXTEZU)FKvil?5CY$0pR9YaB2; zJDcyk(9hd%`#UVEd}`Y}-P`$leLURV9|hBG87~GKf=U-Gz7d&_m{{PvpaVo=#s#|* zt2O5dRt8#|;u{WA&0*gj^28l%js>r$NbbqG3^_%B%6i4GI({n7+rZe^cy@8IyEn(k zX|+j^jhR`RB0w5>hAjQEwY<2!JLt8M=VTw_<8PoJ<=o?QTX{6(ItDU5s+7s)EEaz~ zCnrY-H~>(NbJ?inU3NcGdYUB%oKuf}{rB(Oj06;yck-Qg35>hY@#(XAu490H`0(M+ z8#|Yws!)fY6zVHCHu1b8Unb4WHB?$#w@F`k%I&O#-7B$AYHx4v z?CMG?FBcPEZRACOC%n>Vyss2AKGtZ02gWz{*OV6(S$bxab z>4HNQfrh$Q*}~tWmzbVaDzB)h=)N@(u?`b62lBhBg~i8~>oA?!^lMVUQgaLK*r6ym^Z7VqCrg~?Ic~laWMmOTHtQjA%R9^L3Qf?oMIQfnfor{=3Ne}gcuZyp)@N3;0`e5Bqt|N^kZgB!n{_*uB>`}vp2rex%v(yqj7ndRt5s}JP4>zSMtK!|22B$6! zEo8o;1#P=QspNnB<7=Kk%2OsR`9B1bBVsH!!>7%E?`R^ba)^g}<*qr`uV3G-+^A!T zyN%YeJlNcHjTLiKl?`U#_h97Xz|goTMj;lRT7jIwt>zVLY7&+G}q7?~R_ zCnY&Nv$&`U&G%%b*pI!v_g1$8xGL`fXL8@)nnFBOFrbR<*>r?Ftj%-~+hhZCh3xfv z3u$O+rQlI`k5eQhBtqFwa~MsfWMq6Xo-1`1*H10=uze1hTDs*6^UQYt#2;T{@sj?V z_#68Av0#%Zu%D3EW~W%)g7$uuJ-Mt@q-PoTAR~JHp@?-fE z&sFz-LYw(7;^N}DvO&Ao2~!!pm8devv`IUQWy+u_R9A=^#3-e7XB%c4H-wW2rQCqP z&}#5bO!-{uG`CHUF#~bIi^Wo)kPUztm4P+mqUP6(t?G)OC~>Kv);sPHrGTtLI#hMv z{N|(7P_&w@cN5PetKLkqOQ5!UAR5wo-%R1pWIQ=d@h|dwbL(H^=l(D9Ba-{K2EC{J z|IX!F-|g^K_s>J$JtM=awV@WAMl39{Zfo-O6NG&ffOYO5)r-5$(ik%LmU2tPD$2fC~w zWwF_mVGvNJXc~b<8A0M!}Z5e&CSN}AV~E{y_;B>+oE>& zZoI$$DSgK_X&6R}HW?Egsb5VXb)qT8t%mLIS*~3>Av(BR#B%3%nmd!SdWml-rLa&_ zGhIW=5am>5Ec2QM{70s9;H={d_yKLW{^G}pOfJDMU>3JCO!H$%Nl3b)Z7V^SRoY?) zgvBhUQ*0NHvl|7C$sJ!o=V_#P&6+|trgHT=|sh~m_m8h za(6EUaB`R-M9Pm80{0Fye9(hE)v%C<8EWB~-c|esQMlG`nav8LOaHc27s5iEg>QL9 z&a&32raaS`re;D$?R|J%lZq76^F^yf5`qQ-=DG*f_{0ROq~t-yQ3_aKq^{}cAU!?a zRHNaxw)m_p&ewFp?Q>fIlj1OxPZuxzT7;^S@p2LpQhJdOAXhp$I53A#x)0e7M^Yi??4YU|CSc(cX966pQ6g4%h3mNp&Q3TA*iCY`sBvBB_5H-7}6 zZbtc>ri5PW5uQ^kP@>QuUegL*laMfQE~~(ycCJlKO+`Pb)8bc0V=ul6y!ajZe9iK9 zDzGnLGUXPzN4~xykK!{&GvObkpTT^7(l%FnVk|>59gObnfmpPvHSq&X&ScGjY+ zv-6B=%=72Z!`{A)2U!)co%zamomWIOtR95hxSf#a&F4Wur1WC0DloE12be#T2g5Ut z79GioUbT(E0Rd{D%ONQaHkM)(pWL@^-zK+8rxOAiTmObRMsRTx#T;54wxxj|U=^8E z529TEQam5@!F-FKC4ndZ>X#; z7&z>JnY0wl_Du&mDsg21J$kg65fT!T2zi!X$nGCVG6ll2HTS{O znwFWlkU^I7`!t5<*(rT9703)=H?@SwLAskkbixTh5441Zg$<0FSXfxtczEs(6k4z9 z^yC$9eL2k)>8&g;zhW_AecpMhIW}Ft%$Zd{z*)toVsX*N$;oN!{73S0=gNIMc!Xk= z7WxYmcug8rAORqoEg|93YieE@quQV@4}1kky=h@=TJewKL4rOh-&X5S-}+1?w5-W6MB@=C<%*59wFZDw9K|-=6G8y2ems&pkZ1UfYR;LLi+sZ@( z^!FcCQqa?9wk66cpb;-KEdLIDZrzNdyAP900|AIP?^SAxoURG`G|;L6*CGyTSU@H@ zkX?BqgdL~fBqSsN3SpK5S0PQi$C+;!agVjdGQ7OKpI{B$DGZPRWFksVBR~Q6GNeKU zAjh-Q({IKrvoy2x(jX&42qXD^P{z_Sy?kzs;UPW_A&xy|2lp9Ib!yb5mQ(w*y!!J!e z*yY!@srmWppc>qTfCDRab1HKIR+xmzMJ3m&?>Z>YO>}WXC(ip`f~MW-RErj*^ethi z2#8xBP(XA8bbHdWvTVK&Fb2ALL03`wV}a1xkGg-k@7Q8Ck;(a zfmEkJ?nONT(`LHWZ5(VqXpXC^sJwsk<}djCEfSKz`!=vGOMm#YL3N+H!1)`KO(g<+ z;jZDwuC*%=le+xqQ@9V8AwaU_y6N?lr#aS%u7gl|3kwUMG#opAyuqSi7A#E$NBbbd z!it+iJHenq3#6IEUAs38NZ;Q$AYq{X-a!Xhf|+%L|RgkG~}F)#i24d8}!4A z;C2-N0)ofn7DqLYfgWiFXQvLe$icY@rC5<9U}@O|h;R#QYyN;N;N1PCPU#?ni%&*AvggrUa*z!LWlMFhH;Te0*17jnRm++YAP9 zi1;lWm;pO;9bH2GU$nHA3_Fm+pia2bKYxClY!)72MZ~wdu2>T`>v4LT7+WMu0lZ=5 z;7~*!0Albkr)8t!ay?u2RepY_DwVUpVo#_imNNb`$Vy1Rmh_`WzUkb|fSp*8zC_v z_&GN(?*a{th0;B-$S){}TZzpPVu+F`@|!!NwIG5~1SH|Csl_=d*za+tKAw(MN`WVC zVmOqRmSzxgK{-xBA8v%$(tDu9XaHIUND$6tm<2EeCVLRSK~L(}H)hYD(;30VL<3Iz9Ii0&xMthNDLY^G@(O7k}`hFN-llKje%K?BHJ)cw5+ z&Kx@V-&49O5srdbK1H1y@ov1$tH9KFr|aCs{am2}yqzj|2PdZh%^>6pEy~?nU>Sk* z=Cj87$Ui$^VaB@#2N6vNG1xzT{MgiSNJ~?b)Z)@SR|pSTm0e*eetLTIX7y1B638IU zw!zF$0F(mt;79?WpP6u7o4fb!MH+Z4@WT~#76sQ>SZd1)kIgpy1_Uu|%>k_=cR*M~ zkP@s7;;q&CJje(&1q`nSfQU@q3UYDTR=s*itXL_A+IB>GvUm}ol?LSHknFn-6-h!_ z!ulxG3Er9E>OH}i0zzbFp)D>8fWDl)-$_7d5_1Ilh)TTabUHYIA&tSwA&G41Teqem z=aLj>O)Z}}eVW$pnXY%ph_A2jYz?jLTA3$|1Tw97_QQQjaBG`xoOubg8J-4Cb~!b0 z6uELlfb%Ig_j+~-{}~t#828ph_92xSR1;D67{M5}T#R}-67NZxw|~f6dFKn=(XU^> zp7F4|I1_j!MZ$IIJv9|o+~*S)A+`ZdO*Y3`Zai8l-w4Ei2P@DqPsS@ZfAyxSO1}S( z$}<@ldEWom%B@Q4n{Mj<_TSZ=Xyn=dP3^2H4YO9zfT3*-9A*=>2iXnS37p|<(JD9n z^Jy^$NR#4NBEX~Uij6258X6`!*tM{@*A25%Q&k{Bnd(gP%(qr15PHAm4hVK*zAq6H zA8;qt)yXC`I5dVMAR;OhN+|2+&z(yM4Lz^#K9dBwMH31rf_Ncg$*F>piNrpHD0X1Q z6W7|R0)`6UEsE$)h+Je}t*@_3;K%T*wD^IJjzn;C%=xoraZ8R>qIT4w%r!SF0i=Q5 zavR_RoW=S56i>2CM&b_Uxb{(>PM1MX%g@K_RoPhFU3Fze#V(*#$O!;I`BB-B^K}54 zBRVXw!O)l(D~c6b8k&5EDJ3x2&Xmq&g?xM1R)()khk|MW%*+5k<|wjGz#iz6U%Ar? zm6hLl{$9nw{tgrk^*eV00n)8OS9J!0P#pjUOq=8G=40%k7t57-CQa=iC8sPc*@cCM znhh2|22sDhrA5om?vqXVvJB#b*(2bzAddl}@hk*!;)Ad6u_3!^k|=SHLW%uNqgbKG zH$meCG};CT$`PFKW^D=5NGdWnPXp|5*q54!d$2T!KHO>k!|3o&L*i!t7`ElfXx0)IY5G4@y1hp8kcqJ!a zftZ=zTpmM6A@T}xnuvvE4v-VV^jiu6k?}wHa%2_7awqcdfNu$aF%TIR$$WBhZ{efh zPW;dT>FVl&^Qr@uqCn`N+CV2kN zi-?Lkfej_j8bH0s^ffx?w;8>Z)*G7x(u}>C?`CUbbUyWep1Bu1i zS;Wo9_xQ)HUnG*MM&!ng8?!Sr;PKcQA^Ypk*4d_6<9qq))m;E4px9rm6W3n3e`*%Q za!4zXUpm39dLFnN3=l-$=!!$f2BNSaxWQoL6%^Fqj2z^VOP4NzsB~El`bwH=Y8~$j z*P-hL$1Ti3r9gjpJXZ75Qe}4=4Z0D4z+(j*e?DDIe@UDKk&?h#S^;V-QlwTf1=hV?Ee=SBeX}n+uf}K<{x+Z{SygI8QaGcqZ{UC{%z! zI>Aj$rkkJm`i~c24}Y+q4U4s>^klGSe{V+vEU8G>1bl>OuxT(M_ZW7S0tCRr!*l9X z=}6w+zsFY4`Yn;2hchk%Tny63%z-I>_<0#SzI+)=et4Aj z?-%z@U1E4PaO&s~Mb5Qv4msiOsi=*dRR^sh2F?Dx1sze3_CB}dj;*F3M@*kvYMF9v zZkaWQzGa$zk-YY44c!2BYcb2D!eap!pJ|>ueDS34-u~ZPHaEXqJYnx%VIopZ0D0WW zkPutdIfpXrNl8j#X55>WJ$`2r^usA2uk2o48-1p$JGcX{qKmh1kM^@hrO<#jCNDE? z-CkZ*_TKIQE81dVw&B5cj~f_G9X=nW{7_ozUgg4T+RT3JoNdLrrhrxN8{kf4d)z;# z;=W+eE3NkE=;)5FuCT1EEHSX7n%mm8K(k9|JO_H3w`gc-9RSr{z)j*ihKCK<-FG3I zjQda;d|$3*jDrkwV{a`}lSsGy=E`oBoH7SVIo(H$L_B&A* z8|WIuflH4M%}y1l(Ew$>_D0*Qwgwyzi*H#avouY>pc`vr9 z$1KN7i9N;(4NON4Ir#)>Dr=R?5E+&V20euX^~8kHG!pFPHa!ECKH${_9I* zwar@F+tJWYO)e|jQ6W3}GXR2wjQ!k+c4k4bYXk{5239K+L~G~)88(Z|Wdu_3TmmlE z1ZM@%OswZml|cJURa;wlyd+WPbv;nbcOA--sNSBwSR{Cm=>}~7-jaaC5FB*Pvl%L7 zk^>SBYHI|jaffP=^Z9+nkBuf<;v`36VEyU5cb7{>o}E6nj(t$=o1s^7Jtfvz2M|n| zE!odL3z75VTN!+2u)fIn$d!aH#_i3UuD%WSWP*%g|M;*MsDvfUHM9=U;=->F25^>M zRhHayg!Pl0pPN^L)DE}-7-H^#5d(Y}A3y&DV6~=#9)oCjTCx4jG2$T5l)tlOm!m_J zCEQwt;iNqZf^Ow2x$+s2DNw2aFSjt%{&Wx$c{qH1aSX)CM(CR&imgkUXdT zY`8B%L%zMO?d>}_jFq3y2dcGwkmzD@IV6|k<04?fcUvr(vhO!fNy@OA_Mrvgx&^Q) z24wpbAZGwwB&k_t+Pe7wqc zkTf0OX(sbKloWCuq(8%>UxzJ$j8qQUedW+Xg?VUxvh$MxJ=uHwwTZ8&un;6FegJWG zfcVH}oREYBKsm;3@}2FDJ1C+}a6bPnU;vUW6nv<=yZd#A$wns8xvS79n1mG(OKthN zm7W;Yp1nZh=;So&M@qsIpw@dvdJptF z-U84f-Cl$adn5P>qE2&_bHk>sYt}dknnxYPZu{V1421GtrNGZ=WU6b8USjk`f&nZP z?681a)3TBx_tWFVsm0wLp;SUS)3<_ixpEpBT?3`fFbOM=p(TKVHNw`=x57g8Ln6}@ zqV!u~Zf4cf{pP}C;YI+VS2d)|pSSxD^7C{s%I^z@jn&vt2lx_<-d5z*A`&CoG zjXwaChK~Nw9Ph71ibulG!NI|6X8;FF!H?T&cJW_;98J&XR+$c_=kbI9&U$2Ld++sl zH$h{{e)65^a21XQK86l=ltZ&HOS)Ee zv%bqv7!wjxfOcboJR72b@01C|jB74Bc@*jB49 z+?r#j{H!;euK8H=T0C-0coKO??EW0~x@mLF!#9WQ@(1<@6Vrsor2O0w%UG@00qU4+ zQF7*hs*Xr`dyVW@`R9q+upw9^mS6qM;Be9RrAxmU*GMY!?=SH||2AbkG5G!UJ^%Uc zp6UPp5}308^LZJG%(EN)A|-xgg!|WwJu&(Yis0&cw)dV28L`lvU-fW=>LNGMhRm<# zdo9t^L!Y>Qb=>Vj2l%;FI*5Ade|6pIzWJUylOaUpEc@$PS=OhAxb zOLkVnz=S?7aBxrC3}DbJU*f4~?5NoKax;@m4auN?QH|;NS5`lFp{g70`A)j>3Vub-@8|!1eU!-Aa=a{= zNnCCR-<_ONv93Y}eW;O0HC2P#+Ut*CKrdT~o=81}H}AI~grn+#jN&gz>HoR-kyCYk zFJfV3#lG+M<;BT<=Z@}?5NA?_lr@x-zFcDk^arSW@QqA80$!ewHj#YF zM9uT?7G#$KxC&raU#XKN`U4OHz(*YdHhNIQazR;Us)K^U3-retuQC9t1$14}ObGHq zXoPiRBmhNIP;2GTfFt00Cd@qiApQJ;nn)@><@2mizyFlaO~|UKssS+9bUqJf!GTX|EJ=|SaK|ulRL2sF;c}?yh>Zx^Ss?|Ut2OvE;G>|J3pw|7v@r4Lf z%FE-GyKXaB44}vyI`)vs;Gxh=ASS^>y(n}^wT6R5;JHyk2Qo@Z08Q_gSLo>MgeEkG z2}*(nw9k>r@oUhV&*^pkJJhPLyFD-aIAog?i@{!E=f|+3u-qeN{iPg9N!0^(-#2dk zeCa>l$5w^kE|UM4hbw;jNB&=R3Hrml3fU84TaaQ(;H1gMOfP5{gZ2#^fGDnEqM0HL zy|$i=!LlIseLe7Fd^7r)f`v-|hdFsJjM*!EREOph5SWB!5Fibq&T3&RcI{jy00MRM zeR+i5?i45`a0bZ(x}U;-3*D>qbOVfMKlWO%^77cvygRaB{%1y~Uuv7Tc6Wy(&c&^7 zTwZTM!9>awQV^hkOr6Kw)@ohs&kJzq)in zP_ID!HHAj}ady6G-3Lp+YR?bYlr0n~m-l zj|fK18wumfSJ6yb25!bMwJYg{dmpK2@(T(kL~&b6K&@c!^y+~r)D7%-aWK{ixWWP) zSA+?Kt%2ARLFPF^3}2|@v5H_Bh<0K4jWfu!VQ# z^H%o>SV`!rx)fUVp~+CwQY8Rp)ieuN&q@GZM4l00a>%^##%k$``u8Su&q z5Z+1fGBi?~#=J#79qF2{f=+?o`ay|}B%u`;hb~Kf$rL8K#9?X@@%61_+M?JH@DmFS z>@$kLM&c-J?Tcx7wrh4-fYSZmlS7QZ|sc8^{hlT+2y42RwWi3Q%U z;93UMT3aJVTok(32r+_=4+h%!{6Jsokq3eIHbx6_L5*nflUR#~!;0d- z8r3ks00J4rMHsif%c_Et0`R#Aj6(^WK%8asx$w=(?5<-@Yf2cqz*U~fn;mm?-YGj z`AYpEAM~$8v_j7lf5X&t>Iu=vf*J5vAawSiqNKnV5y~M00z1fuq$K0-c9-Oqw*i17 zRV@bvT^d9HfKyoh7iA#f%LG!rt*NP@a~XX6ZQ(hx9b)Y3S>@314SuY!Ikj|jbdZ^c zf_Fhn4fZ4BZ4VC*uchaV0#qgwDulDw;dYyF^Q*-$(Dv5WPs-3S z1RHb&)a*ge)h6viD{Z7*mGyJ(tL|nw;{E8{Sz_#NHVcgf{@kkwDNu|Sn5f)YY}j6( z;{{>n0imY|)%M@0d+)F&x3*spHwqRIy8;3#s7O_+bQJ{=0TmUI<`$%i^cq4?6jYi9 zkzQ1afPnO#pl(1E3_bLqNH3u#kdWlu54gXX^PTI=oO7L-bIt63Uf!6pp0)0Em*4L$ zaIaz@t8~=3^nn@hbV(p!>W~@!>mxlLWEipRh^qI2aA^T*z(#<1(X+9!8DKG~84&gY ziWso~0KhO%{y#t(knMl~`+k3gJYY)3#r8LlE!<20ke&UVh@%v%(#GETfU4kV7ZsJ3 zCOqDzS&fh=(gOg(G0?_NIC?)h9X3$0&sp;aq`WgG7FuY+S!udxE#?JR*3|pw6FYl*v2Z8gr;%rPF3$x(ZzQC< zC?fj*0d8gF7eyP5YE(a@A*^uf4jH!kl9?v{RvO0XB7xt7GyRJfG4&UV;dv?B z;PgobB5ntd!UqmgN?4>xSz4Bfp=Vt%&qYikfgzH^q6USoSZF96T7RP?U~e@)$zdLx z5+^TW3uM*(25+um+y^iG`6G zeLX{o0qeJy;om zjeLGS+0SuM5l|*IN}B~5jYd+_O+CBsK{p1W0=yc6YkE>A-ECN98j9@Pf zK{24!*jMvBL(x61kk+48P~e(ew+4aM;8fn;}6X0YV*devZa$_~Dg6qYtq+<@x z2Vj#m+$GJR1C<PZK~0rP z-|t$oX=mB=Q$qonFLWLLhU{x?b4q!+60%uUJ`2z5*Yu|It6VwnO5oPP6C+p+RQaIP zN+3B2v#5=E^&77l02{pjIGN7L23CX5c?NknPC@TOz+)m_IR_7%8{+-Q-uw0n34p*2 zybM{#=?2N>s_6)E@OTAIY94$euFZRC10M~r#)a1RAla_g`3?rwZv%l+ER+I2h~Tw< z@)nH2I--Pcxt-y;?oH~<8W{BXNi3`|_tkjWyC>TJymr$rJtFqQqCV^K!t z4UlsMtOl;WV>5&O`J0=3i)MH{_%k*DpCMvfaPK>Zqf0xru+JmvJQ~dixN@W+Alalq zR(0*61_w_cITt9R1ei9&2ZjkL18oWlXykw)=o|$VeGztZt_#q;6Od5DKd%fM4_=N< z!JSW!5Nivr9e=Y0D~baa_!V+f!4sld!I{)G-PoEBd+MEIe)A2<2YjciFAT|7k_(=z@*xY#^wGj!0Aj(>RZW6x>zDs?Fj=(X9 zBu}(w8bfu(3nElzp+V-{pt}u^aa)ShnnAN}jJev^`rhf6MmO(fqz@$I1Rvmok{8IF ze7o%9Wx`r?Tq?{cWm$lk+2Azk1e^hS&sejhG*q9R{x{5#P_B;Kc@JnCDIqlOxf=eB*545*K0z9kH-*j-| zIm~Q`vnhpzZfDq9_voF%{&DxjhOp0m(mI+_*7QK?@*MYN$Rwa=~g zTrKbimE8QE0w$QseWnA6%qKCyNL&>xMe-cqaqAIZ5a(cba7Dz&NOQ0IjBNX*z&DH1|5Q0RH&Z1LQmTL7 z^%;CqD=02ENII}u(?|E<*0ax4;&AFbYKvD8DpGBqojEv&@Oq@KbhR8344rER+$M0V z9GTF0fw65JMVqA@yt;-^gX`-0dCT!VrCbv%El4D}humZ2>cVHrAq%>|cWL66$uxR5 z6R`mxE=W3A%4Qd6D%!rrhk}plHdnjf29g9}{gUBtSeF8ErIYkyO_P(83jn_FJx&(# zoBf11-VHydpLv#w{aq%`?U`fuQ4w(>jcpQ(4SL0beyf0bRxG zOh!#Ofsbcg?s^Z7GNf02i3q0)zLqT9<5u(f(rmcM2!n-Z*VK3mXC^H41{xbg(OJ83qId(uZ%joTw}hx)urD;LI1AHF<_XJj5QL z3p1iPfKfuSv-TR9zC?Z)=APIE4cNlgDYHVfXP9<>n*GmfO@q(yBPJ0;8q{g0of=c4XrVrgVX;l(5g9MA+ZcS zNkIwrv*|_tM_+&dNpBkY38|FKKqBvqBwsNw$rqu+dy3k;5ga6-4I3iKP`_|Be|hf8 zh3CNq4rYPCSL`w3pHhw;zf8r&+TvUnP2YXjv=_TP=2- zt@l{{g|fp>b{?jSuGY4`(pQ#u)Mbg8Nwa?4;o)6dz`&{c#Y=%nC60D7kEk>F-p^pi5kDEN39np1P0WA(ib?-8=Dk6;p1 zyw=)#u{pmu2m>83NAC^uE~F)=FDT+KHjL%-q8S>;h^(Oi%L>d~^@il{dDW7_8ngLD zlJsl&Ig`T{spwiGL*_HQ!LCp1o}YG=jZlBHlY6s^<()%*D|kw0t%FLsYFgotx}%Ug{{-mQ%BaneFhg`D6;nf9=Tgs#zM z3}svggfb>S9Orn9j4A<&Mnvh@*2C29VyUyqSB2lYQ8=rzyIj!bxm%|9ptq#Rw>)Bh>WQnO@bN?Ec9J)yL& z{hWzyrHp1c9^Hm9m+t&|2l80Vy6bpH`B=$uzHd*dekapz)Mr?&{svsKt*$y(?!Z#M zbo!#%alE1Cni>r7YCpxx7wSzeKY=2YkJFllc+u02ea z>1Tf~kS-HSn(RzyMkubeI##y9i_VwZ*G@o|R)M*!)A8F~-3OzU;CoZqf@a)9uJEYw zVt6oUEs3K^lsE29t4%4&o6*R|@h<&*qSO7}9sZ5|+R&LlywgA~Bh$|L@?#EdzCR(M zQ}ns7Yr9$Fzxz*zlYfg`&q)7y&wo_IF7EozZ^;uDmOG#}b0uOh(M_UXeC?ZpqX1bK zMUgiBr~ChEP2wo4gzc+8=PJ+nMZ&=(y$H8Ip1xeDlz^Zgq3g|beSJ1daRM}C#rj%=bB8=Z5 z9R$<`oS8?d+aDTv{-NwdOC$lS2G#~>Kc9R^`L{y=UqBAkQyA0W`)l3IxgEtR5?hw5kbMmkS zb3QtR_y89Ft2QLKsxv{!?fDx`QdS5vIRipW5SJD! z-;CChni}w{-|Mq>-U#-j$Si)|{sG&?fPG ze=}EC=zWUo;)VZmOimPNGw60w0NK0}CM6OGdjz{5WNP<91UM~0nFC$Pj*k&qq9f1W z<15({ZHWEJ;Fu(1;6}-PaCKY1o5>R^}GO)xHiJ9pl|c5{xD`@ z?<5CTu>l5{2uNV#8JPtpO8Iw*Cf#)aL7jmNJ=*YN?s$WMSKq1M)o_3SWt}LWF6mt- zO0iSOTidVjbsZxwC0W`hb7%5xefGRAV@V21o%qLsaLq$>sF8e?Z*-3T`dJHbOvaTA}U522&cbBv=N5f zlIeYdM#i`7)}*567 zO@Wvj#Ejkk&|>vfOvBOWJ$W5Q;)77JuloK;Ks0PV6n@Z!w=^}I?z(-mft?~=+p_hkLz_o0SrV4;kaUD?p=b+-ej-``?qZ+L9vJq z7O@Ro*bES`(L^tE9JJ~|m?I=N29iM#AcxroG z45`hF;jn4y!M3-!Ez7X;0_}S_zZ3&LEn!}D`pLOB2c80cHedm3KCHQI?U2?Jd(yrr zkG=^06Qe#X1^Q|>eEt80-~Qk3bpG3t?tdih@CF3LFGLJf8Rz_G-zAIaXoX9BUt%ph zukz|?(81DgGUYt-I!Eg!nWB52v}h(3Dq7ZG|4m>mMk+n{ysSF6xXpOsyUlY(bw}Az z3wkHDAm<)xZrQBg3fQ|BM{>LR`A~V;9A> zpFAI_El5cA2cDk#N`$oXDFV`b8^z2kSxQtUQFCRgIQgr~?mC`|8AzgtQ^b&B2&Skd z!Q`envOh5ZWkF-m-TGNoch4kihWQxvn)J@+ko%)~k};H&d`g(j{6Aj9fkH9zzgOsP zVbPQRph;Lv=rp@8Vx^grgs)c*vh*UTcheanDwyNRm~lmRe{g%&a-3 zlZfy4aN<*_HeRhBAUZ5D!l$OoM9Sw|w*{~ElUXW7l?y=?c&kBDEsjjrAoer#XMPO$ z^8{Cv;wGoRm$N*H)k^3(6vt{GbrCXLnCR{flQ5I{JTHcJE_19FRh{vZNtbC?t2U)p zBKx@#$(qZrPU^KF`3SAneDI^wsiWU?r4P=N>yd?+=hFLAF#KM`(V1L)B|cD7ZRpL^ z3>9(P10I6TKGdz$4FtG(LK+FLQLp#@Qi0oF<7uQ1y5Q@sG!TUNPoAQ{2KNkYd@xVi z{o3%Do`n7xN@AhaxLWyKg~lap=%nJyZpD{n*$ChZXO>9SSMjMyHDNt##XTEPcane5 z(CH|-vaBsF*i0k{p~T#nvuI6ybM!2GVGtMRfXejmMsEW><^o=j&-K?dEWHsqIZWl` zfZs?@cCeoU@)a03Ta=%*&OEZzJoF^0GBL#j&T>K9s8OhZh1)`^UTG{g8YRtCl%5_h z%S*pZV|7<9jAeaOC9#qp{}wsEaF|_$>+puRn?(<4-MezVrr^M(ttZ;|>3+{0E3S~7 zpqS-Qb7w5Pa&kR-XNpZPbeG!OW!XCB=f|9nJoN3lXyAb(8@K}>ikv^W5$i0IoDlh9 zm3fguY2-b`Me}FurF7G$Y{;WZ@x?e2!!LP{Y>I6keX=$+zTS@Y>C4%?hRrE_*473s zc*d7+{)zQvGn}K1n@Yti)x^;LGqZss%WE=Oyb ze@=Ju@&2T$&U_*P63#zD8F(}mnAXv9EF;@&%UnKM-8zM^-|Jb4x88x|H$0wGEnoM3 z`HQ2RbKcKoH1RQNPBFWY;LrHxpuQ#POo2?>Qg*`L+l7ZMEbBwBy_FmgHhvWq`yku} zvqg`}Z2ETD2(20E!}6R`I;5jM)S)u>QbEEvLefWcta{>m;d-phM!ed32K!Av`Re`4 zMY|m5tj{>itt!R2FPt9E?e5BBE8Ll2R&ghnaB5~taN+0=C~)7%WyJ^GIB(|l-)B}9 zRkaE)4+|cOR1LJ$Vsp2q>}jg9%*y&f^gc)ykgIg66X@~!*foUe=l!H6{NBiub{S7{ zrjAI*l-hmY?iTMN^j$x>rF>g4Euw>b5$j`c_wBpIu`e293ts$HH_kl4^YqGP_6aJdM2K>FM49^3xUC+$7Usz})S>q57bD@TS>aXTYlhd|f5&L^hoX-e91tq{)BW{8%%qszmD}c- z-ClaKf!Z@0SP6S0M7^5o%matCK3>PJc)B0T30FXWw2Y9c51m@dF{PH~ge`bSx6E#T zQO+r~EkyUanPE1XGsL6!9|`9@#$&!* zzO`Igs&%sL$3O~$lV_5QnJfD6a;JKl*~ApLfA6T%&8KrCPAR2<$v%G13}W|D6&LeF zhT`akN$)?Fr5X(1Om$-KVbbc*RjKJBcIWM%A2}j%7GKXucxcUYV8h>Du+-{8pKL+@ zF=l{MgpEPs@2m6a9WCkD-S?`^-+8G-M&1{cb-DCieAvC%p|xpf&%Lnr=l4PuGm6P# z3d*a9)5_@dOPuPgbK}Boegj?M&%$Ah zLzBd(p{C8P7j8-Tf44tyR#teqbhPGhZQXg)###_JzS!4qLC{cDZ|JLr8skfRzT&a& zB@>TCHu(*8SEAXuA60Pf4#S?E2`&A?=!o#**@%Ok0$FexNQV12`SQX-ql|c9&JT0x zj5hhPQD|l(m8{s=&nwH7>O}9^+{qzM9a6v9&psZeCt0!dT4I{N`5$l zSg*@BX5zy9_xs8}dc^$8b70G>PwyAZZ<)T0@FWu#3?z+S$zKCq`PI_1{*815{gs#t zPl3g_>tWRPgV%JkHM5BiI$JlnMePvEF6$aQYw}g@$md$-ndGw!pT2W5ZcsuAKkC}5h+6 z{fYxiKPIQRT`PK`;$U2-*X0&wV6d9~AWsmpQEu};)f}shQzrzEJ_=>4^!n>_^vlnY526&QX{vLn#V+WXZZ8E;m4mF{j{UvbjjP$=r3FE2#@HFaG7hA1d6 z`C>{^NxS%w&%fq+g%qt{`7it;*)H`oG0crVd*e1%qz_zTy-HMhgt8f(7A8#k>hcqJB+j9(;JEht%Z ztnlGww{c~jND3j+vXvg(SN!Y!cg*6QX2o)L-mj-PsE3>`yT2;eItw>PeZ##>`t(S! zP=y7S{5A(|yt!L#)^;q%f+`?!)AjBn`-utUazrT^fK9Nv@_jG2d-^Bb=P!cK9-VRe zR!NYH@$Z$izi)rl>hXo0ubm4`!><0Q-y!kyZbEOOSHX8PCkMV)uZ^mT}d z@wEW$mv@bW;$K5M_k}Q-pq5CJ(kpj2ek3HRAm=gNWAZ+IOFS5HVtwK$eqWv1tv4`&eK8WIO^d9-smrcy>;EANs>sV=NA zhl5E8?UQeZ*QFoq^|3X3jjRLwv?$vU#lRw2a*UXcvIi{`clxINvE5Qe@oj0`E4}Wl z4=Tmhnz*eYx{Z7!>?&?=yn;kIF_r^;PeS$JeaC=OMaQdfP;qf4a-NN%Zk6wvGSf$1 z2h{uEA0FH-Fg#aIjpLZ<4RzSE?^PmPAvYV+y&rNHi;gZQ{_U)k@WZoTjiE4%Ud%7g zsYvg1%3*xpas(A!H7>cM9GtLZ#e}f#oy;=AS7+(r$Wq5rF~Uu|e!7rPU{K{+6f^{)VnIj${U6b)LRi>EbeAbE%GAfaIx5H5Ov7uO(ivIF2T;hZGu2X zzfXOmpa&jYGCmtmh(`R)aeHbR;jCuet$+Ih+!&Q!7CAvLxKr?(wbDA`Za1UmWlwmh zIif%{W`|b77iDz6@jA-Xo%hhoNzjjm&F|=He><$ZYk#e*C4xO6?`IfTk!+6u$Y;Y~0ahnvwIlm3Nj^h;_TM%Urr>Hx-ylr#kB>8e6 zZdRYINV(^_i4Ae0I9^^B^*qbL9{pEp^%i&TKr=eZ_FNT7MwUJQev4{EfK6ic*?NPU zwmO7RPOpK7)68}XRf?x=!Zz|KgXKkYeW9S%rC-N1LC$04DZEzbFXEmt~q)&I<@U;u0a92eJ&yChq zcVT8f-nD$IRzj7Jk!ncj9&}0%r*b9bTWXyU5&4I#w%O_sAsT)z6B;JE?F$k~aJ zr(5JMw;FPMKUlmtU*jw7EuGbyGp=5$eIF~ZTi_l}o?rA-3n`X^X&+7(G?KPKRcg}{ zrl+lUOoF718B&gS^^#_s3h8Rm+5Kc2_F_=x*L_MZWuDLxoX*TF=9Ik9YC+$=PrTvv zj+0vkac5k+$7P>y<{`KF?gUNv7Ih-QFoQ5wom1J~Ix*Wd^W!~=9N}e=V_s=|W7J`B z)$n_<2hlu?H!9t@yFUaR5VV1QLF{y#OZ}?=hP{aTUmcx7@4@rz=$UM4y*|*#KBdm(8PUPU$~ljk|InR~dSZ2w=HK>O;C2+f#K2Yb z#lWr#EfhDn713!Kshubjugo6gAA(rZWRPGx2rd_H=D@-&lPT&eQm)7 zL3+Qcl%|v8S0ZAZLS}9f+r``(zxwwl-$qrFHkCLfo*eMggh2Nii`txzQ>|lNN2`y|x^&ynmp+oG@^b)^uw}Un1&|dh?O5Sn|2ASXTE5 z@Eu#xvNN-r)59+d9D`A!2nJw%BLAkgNpma*V;DyXq&wl^r);vNVm5dUdD+kAeizy; zkQO|XoJLjeO9K~f^_ZAedYX4p$Fd|}8aC8ewC=-kDk()}h`B^vnQvwkE=Dsrn-pnI z_@#XjZr&{QK05jkU9;#rk_ku z#r>7uA}3eszT`0q-ENNlQ^#eET7Ml zwSQ=CZuS>w!&k2pobamGKAkl>5qaC8XQ}_b&Ng=TKYC8FT|BZ5cq8xeeeoy32mZ#U zest(()69OSSMH!-4}tkB2qHj*Aomo}0M84wvObobr}GHj{PA2HLc~`hd-p}#g1A=u zdx4vhgt0G&2u7VWDdp7rfZIU-8l_!Fos{o8Z5{R6h(pc5+dC%7wB#ZQViO=}%SFb|D2B`ty}|x;&vV=`Co*#c`E?mp;}6w&H1lmY7YgFrtmIuXYGI_`e3b ziTHm=B;;lax-|&`V-eN{8u*2s_rFrR@E~yT7|5r3@<#(iRyL9lP@`dYUHq2EPdA6a z`*oUYSiSKj%lE~VTrPP~e2@0*qPg;`LJYeYtVl#|(>n%>!Xr*+n9Wp($SWvh7Zw`M zxt!X{eed&nz9y8KD(mq5cI?eTKM8KaR1yT2m&Eg8F?r^d-Q?a?^st)jVXr2wu#0+E zTV7iF6Eu82FZ(BdF@r5ecF|2Yo5`R$ZR~RbvHq5%-0%)e%DcH* z$PdfHbt^Lm`)M~gUnL-&&QjjklD=t-dPq|yYf(FGgB9U}w zC_}??`Vu9Wy2S0C;7e*7puGd16M07CVPkj(`_(RYwetHfKYvjbN{nt3nwgGH)lrOS zi@+=g049P>jnH723QhG5xu_4t?!2g%XojJYy`r#k?U%DE#JlF6ZRJ5{9v3vWRoA7r zkw5v7=H_)sh;fPucev+)%!-bEuBd`WhR?WO8@*tyO=R#ATQ=v)~cQE z>qi*)eD{VQBaB&Z_&q8iCIy__7P=7gf(GVpCL|@R^`L&W+c`>f<(@ZrbS#uGyPO1~ zvv+Fwykf-n<_N)rcSFa;i`2=&3q9(L)u%XB&ugrq%w$nJ+ee)b2C@Jf92>7kWO_0n zf}8&r?;`CE(OkY%c@fW|@anWCcj6odqVvEH`Jt9P&W!Dj1IL-ZmB(Q;iO@*jHFb-O zs=$vuomcP4Nj)Eb%@C{FGuS^6wn>HNXJ9rhFflbTui}Q^(= zPEX>P|8I!rVwtd1s=+A4*n+J^wd zIwt~e@M(NMp%SM{oYn&a(sE! z!c~dk^2_Rp=gi9G@B5mF-~oIiF`sqf=nq|!Zi$(kOV}Qr(9EeqweNnrQgKw=5KyG8 zJX8TzwOV{&m>QKyReV5i6GC(~+u*md2Urd)Ih5UL+sF?}cPBt@Gn2ekfLHyx`_AL{ zEjUM&)g-d3wLB8Zfv%pO77#2vTGe|n6i=TUo{K!&OYCdSdYSpfeY9N%8s&C8{dwYf z$TNy}c9k?BY{n8lGG!KP*SFhbOmzPV3k9JvyzwtSBHSc2g{{V2b<`&Y zMCj=k#X8!O$F5i!hSc2)l_7sG3%v?Bfi9N!IxcNgwX{#}CS610NXGY$$^5i?Q3bb! zoDN@^=`^Bh?~|89TYAc=vPwNY00;Utqi)-f1-CITSufeF zZtSJH(%zL$y7BCxDCh_Fx23+>a+W@Hzr#mfL2~<2&*qtHPH}g(+NJh)yN9ed9+W3aqP^8>uO0Q7dj*R(lg@OzhI4#=Zf^<8C zFYSqPvx=y?VS6Lf`$g#_&k${ko7er{DP$OerW(P4I0iiqnt0gVEr>3M>)+AZleJm5 z${?PTrou%reT5Sk5{Q;Ugx9|P>CXxj%~72??MfT6x{wxh^!P-&i{&0ZzAWB0r?!?n z{qgvTZT&id?=0*-FJJD*Mu7tN^4fAWNDx@0%$A&o3(S>uEmGRM^Y0eN-A?l{_neiSmQmtxCIHD7u?GLnxmEI& zOJU!>Xzz{8Kx1%~>U+!3cBI)?A`!(xQtjrizKplSc`@uUkB^#$jPyG&d&gbJCksbk z$$N$(;2YpNbz!{s{QYT{qdtH6EN5*MNAS{%S3PUu>G#$tOWO9V)7vm`%74@)bz3ChOJ@zvX?9{Zu+oKc8g!Hmzz%8JGhC-E%v_E zg66QU#iic|n%_6JKwrHNsMbTO5|<5+^`{ad4jO`Fp3~HHr%j6KCCh-LqU8Jd*Ii5Z zRjYC!uR7);ho3(Wz25Wjw|Ru4t^GCIr#4s9n_ukcFfF3@g>YJv?3n#W$FmFC_|%Tv zm~+V&lg#GwH82C*J5h=;hgZyelW%}?%`J7|n@XZ| z3VBdCic7u57GuSx`%FZ2;?Sel)9AcIU_`Nvt!h{~tFJqXmCRh1M2cY4n>%Qw=i9xa z7aNikPTc8E8F_sZfpk!0oS98l78=XJxgGsRH!-ndsKi9|uhK7u*dq5&?AVIH$_z2w zP1r%juqAZoM*4JRk4ihh0#AFV5)Nwyy-({ntQ~LodiEr67wyM6)rp9a*|~FHzlOMp zY+;7);=Sn9xSo)#_p4f#vRXbOT%i>6uzX^3*N1l&QFb7d&qKoI%J)Zu?M@1r!KwOR z^VmPR^iHU6wA8A1crm!0aaq>d5bpIvYnpzsat~YzLru-dw>d9+Djf1aSl}y8#G#3D zvd^qHgRE}kLtUG7=}l&?=}NT%JBa8@7hgQ9z zSL)vsn_*@(wq%-lJzBX^?h7G4w*!W0&oyjl!a2m<-{PX49KoBIzIfHH=S8XB)y|6^ zrW4n}N%m*I^Xc&u?v^Q)4CH1`glXXO!1yBa3nvao7U=n*wD&419FpIyQAC+~ykJ_FqF$;&s2>uuycC`nc$)z4?Qe&&C!t1pV_t#>W& zk@uKy;*+&M-%LTVC;%;=rFs>6eI0kV1G*E?s;cd1A5#^oUpg2vxpbS*?n(Zox(aGX zbC(F%l9@P9hi3A@(0t;E`$P`+rmQSn%Ixe(c!W0wu`*5!h5%)_e9XPPh+248uX1T$ zE%orl0TT0oto`F~^o`tY#rwgRye{vtf7sneohSbGZAA7m4!_YXQpd!1R;?c?@$5~jel#&WS)Q38DT@i_7)c%%qm%LqRd^Vupnc5 zPyS4TRP=ypbcRWRj0dSvMMMYF?R5q5Xe?MAyO5upVQ?-j;BRLwmmL6kn>27B-LSQN z`k>((m+#aWKM$DCM^<^Cwr#}T+x2d8_*`zZIz88}CkAiUv45hm^%{d$gPqsm6U~xY z?Zq=jdlY7f@txGwdH(U1TvdkLb!*ziqddjqT@CXAI)M)t>k;5;6=bzTBj?6rqg|)I z@nr(Y9m5i|4q7xTOr1zmX8;_V2m$(n=U;!xZWHwS@6sA&%f}22Nc-VzJ1* z7V$dl;H5D~3&ksv1y*{C4`br}DP6muu$9wc>VnpJ(a~pVNKhi#T0zxlFEo(acA$*x zgr`zW<*<41!0kPq=^q*gY@TzcY5=X6ha41mmnTHdLqMedY5Dj0_}I%;jLt1RKzj4> z#j9QN*i@OZFjK8E*0oLH0XJj%kB#-ojZb~(<=i(|Ef_%kEAC5VWV;Y}7l~P?g+pq8 zUEO8%@gFViaR8<0IZym4eLjFNy@x0mb+nOIgZ4Ds;)k{?Uw5lql zpaq1m{QhYWYx}P+u6THQUYgjR4hd@~8VLNO`|YL0WtG>yk-gFJJiI_m zxkpUrd1%qsU4psr3fM*YvHUrh9Wgb}_1n|aI_oQ(is}QmFk$k!rJb@&BcXAgtWXk{Kj>u$_G8(dep0JV!Ljc@9()b)Q4-kSXbyBjVITNVnD>;}+R_Y7iF85gwWSOb-N0a#k@I)GsG zQ{@Z(guP>>KoA>RJxi-yw+sv_UQ~MlVN1EK2zOSNw5X~? zV}=AVY9eBXM;`S~W22H6P7AT%K)2p>NQL~5_D;%lBUJxxhl7kGT7k{P**a}jrig4h zSW3_+HVxL*U(80j7XZFAT!};=s-3d4ifxAg<#8i{P5E)tths4OW)*$o3?>fm99heTjOAdS z<&BPEihjaJBzzZt3T@<)Fv)p&>0n%nrp3WF2%Vlsgdj-DR)Jkv;F9ynSUo)=v2R*h z`R#>;nU-gU88?{zsA z$d4^O7VhVP0`1=Q3qa)qv-vZ3-{w4j_Pq5W0e_`#Y^GH*7OoLCu< zNm(a$JGHjteYs5Tg2KR8O~$4&q<~+L?k8|mLJzxO zkcz7>U(%eZ{%W}2hochJvlrw&D%^U0i}wft77ypXXFq>V9zL@Z_xWzW+=Eac5@3{j z8_|XUvVwQsLo5JjfJa(CE5xkc2wyPz=e$)O+ z1b8$DidoxVuaC?81&J!>$`+(}f0O$j=Bg<*Saaz2?N{CIK5%CESykjN4)W4YAm$cZ zW*8f6&Tgz2iAjpx4KQPM@nH)jE>A`gHok;s+2=S=VR&3W@urbY2BfU{E^|_2kDC9u zo=5~l=(-^aPJU+`ieLtSNr%nIxo9NRXw$}YXVi`CgYNfs6Ti3IKJ8Qj7s12bv^BVr zI)0{QKaAJ8qD8wXX>!^?({V1^<3lMpAK*Y_{P2UO&2skVvtCPip8=m9Mki$=3Lj!t zkR-s@5C8zq{3guEX|_z8nK#_jt8o=h2Rx5r=K(c;;{3@=#^r88yFbljQj3or=k74r zr}6%(-4~jwf9gPe&w5BA)pc60sFt%Dq*ogdIwvQI=9M^QXylIMMvU~MN(o(62~1J4 zvG|(?0{Vq2MhJ#KR5;LbHtat~c@T-3?WiPIv6q6L>O?{KQ0zfT89gDH$3^S)DpFdS z;Z(Wd`s`7z~6=E){j&-&loNE6sT(&biRD%OS5uC)-PuArAI>)F@D zsE!()tPUA`5gRXyS?FU<_axBrmVA^MONv;(dJJGeLYOQAb%rVQV&Y4}rs8i`)EvJ< z>Q!5sQ6cA#q7C}%9Wm=Qlx)jcPWH$i;ls;8BM$hQtf@nA;^yBs%_Pa4cFFq8HFDsg zh_LY>u1W0-nb{9u7iwb-V|rAw%WG34WJnvMB2r&Y*=!#v<$ekKpeB5$u1wp2GRR0RCV6Q$`41Dfs`7uYYVd36G9T zHmxLGq2s*TZ=fe`D{eA6^L5r`Yw}8rgj*7>Q*WI{h<*rE$Y7S+w7+JwzTk@`8@!S2 z#Ii&GLDLP1qx#>BXP=vbSJFoM>0pxcbj$)`ic5Dk5?oRY&$Q z6MLwv75JUCx0!Ol?gwP&X4Cd;2_&a9x6i$bUoRx#(EcAFT>cmKe5Yp)q{p4XAQ^X% z%5YP{LgnlR1CmBWhkSn^3rQIP8;7UAUPlEDB+O3QI{tyL2l{vD z1j5|PoZH2hwg-Q)q(cE#vGdP!Frs2@0Fs=#g|F+sxd0BG63}%*59>bGd>GneoPeP* zLuE9YZ#9!P=?m@jqh7oir24^FOxg+oBbD7DrgOW{It-bj78=SmJTiieJ|6LTbSk_T zhpwFRtTgxjxoH8Y9!50K>tIN2n}Ym?KX{)PcT2hgK{&vOt*a>VYmq-3Z_(ZEBNvQ? zkLnbXcf;_QY-na@nG6Ff$Cro}(M{HdFrXKjP9y!pV7WAr?KCk(MI&ev zj!jiVQDS<-9JPMERfLInVxpqWFeHv%q``LRBOv^XfUb%GkJN2=`~(Cjzp%S|%132& zS|N)8{TCG|FJ+gkb4QQskAELJe&e?JIJMGZwMon^=v>P0&wwPTgXr1gH9Z>c%)+*{1N%(=WMLqorKZhXp8O3iI5w*k!>vTrHHdd zUX6Df9^h>xLW4uUn~NSKoFPhkJ55UUE1dfN&hH91w}7_u^xV`DEZiUZTN5G~7;Ulm zyWqmNZNx6k~kH8wev2oi(cH^RHcN=3q1C*Yzjh zJkU&UzK4`xAjYjp9i<}9;HA0bpQ4pwZe_ymBey+VjZ@BxVus|TL!RePYM*v^RGgzJ z0I-yUr``1;Ik2Pm*{#>RDa`hJYKm~fNbR-R=y2Ih+iK7oEGzqSLEM!R^<_We;o_^! z*05Xa2z%8rp~6aCmJOzngbS)=LF>H{wE0I|PX|0M{e{mS7_&yAYoFCv#rr`~Ib4M^sIpl{_Bsx=wx6 z1V? zi+tXk!`1r_!vkQOtRwp$P%j?ac8##rv)?E*5r+t>~qtZtHIe}4@qXk1=b1<2R(8r zDb4<2P8t=_gpz|EBk!(NDx@`HQ;}5CK6(D7Ursl{<$V<}YVb57s`l=9TR8{6?0RAH zvVYlOEXT}QA95@QOb3T;MaDjYkg!X6n!;pM=%b7bWQNzF`N?Z!Ko$%U>lbeM2!mnu z5>8)*;hM-;`B$;AnNW+jDba36C}=9UP_a+h*i3yGW^FZt=7LD9ub&}4hyzuBw0oEP zuj?0*zik=@ayssIW%(UfSoVkwV2(MBKA$B_+LL8;h+F@w1=i6vatt*wkZDLTc?g>d z-O0wG2T?2ZaPqU}2YPKB=JXJu3NSTM#Y;>^<{C0m?Z%BLgu6V-VJ{;?cm!6l?_dX35z1SSAKDb2=4Ly|$HqFHSCwvGou@g*I#={8eF|6OE5929k6a)aJE-%swNEx!d5+;2A~gHXa^B$Q+I+Iq>W`Bx9*ZYp=NxYzOWi=5CTS zL-&_M?!lJ)Q-R%rcvxYvKf~88@gX#)%P}p#hN8}N{82ey?TfQ;ICCh%{V(lZdpOkF zyPwMLN=j5{n=Ye7S40<=LNX{tD7PfHT+6lGMs$zpD@k^wsF0B+ggq|1P2`%~8M;Wu zT@Ax9=J&4o>hwF$^E=Pk=Q+P;|8vef{xP#=&6+juTI=(^>wQ0;I#94Nva_{)3jbyl zPUpo3jva@Qe^+4dza|U{tia3G2c^yO4l?6$Le~AtAb|vObcNSuUwNGf{IbSC+0>m4 z+e(UjnW237vVr72qh!)FjY|1~(^@-jzbP z6w9irkbdXH5OC}51u|6NN28;`M|fz#`m6(vxhky?mg_bORGdmJn8QBRzHFX$o%LXQ zt{-re!g;6&T6AB!x^%v6ig|f%#0CZp;sVXxHTQ3OR>&<(80pD!!?{&n37%}qn*}2#R{Zwl zOK&gsS)Gzd?KNu3+x2R;#^ng3@vsASxkC<3c^mN!QvTw9mpwEsw(6k@UPcaYiPZXu zSy^aAGY`_OpT3CdPs~an|MU~~3jcIN_KN&;Lu%Lc>jvIpxGD3pTU=ZgJx@{@YJDy@BAS3ht-iTghKvF{pqJL{6P*nbWlxcU22$Aq zjnC|o(o{O#5*VVeBoJK#kzmx7XRZaP-rXXBpSl0Q0orC%xncyo0ay}9ngNK*gf>w6 z4!|Ok1WWj>Q`Ucr%?iRGE{lYW0|P;`n3R&fd6tViK)|A)3fjnR#G8f1Q7u7x%B-Ec$$LwL>2jh*5Uc?|&Ga zbtEzr3vVjJy{E2x&Wq`O_QHd|Qqto>t-Rv*Yy`{p@b)hE=&Yf7d-4Zdv>I98hg9cI z_DyiDwu;PEz6w6n^<(3{PMy53&J0n0vu$PQYf?4su)%WPk?set$N6-ElSB-4w=0-)%4G;uR zygUgcX=a%=NOtv&11R5tepcV;Zs3gHl`!-RLC^v)WM2nQhu!X-4>xW--DkxC60@7% z=*Ygz@x9xI3h6N0L1%$ss9{514Z6GnkA_%%KV3aN(3HX*k1+OulzOf3zs-fAG zEJT>Ud)EmH*IO0H@uen#>JoXK>b!}XsxcPi0gJ381j{{wQZ<-PR7zJ>$aX{FzAAHH zW(JX$`KB@$)rLU67{b%&o&z8bq#HWD*^t1@lon>fxh(CyVf7eM<(XK;@(Gf}^lHMI&wEA|Kv zDf4mw1pv*TEC|(q*bZoS0?>0lCOKn;znIw1cFk4u;_7J||Ve1LbL5 z5j!{-%Qe}3Z1<_-s7f_Ld>(j)sZb}kCoZQKfIt(ZhgS-OoP_LfyPM)ETIRn)LM19@ z{Os8=!R}D)Y4XXc%xAknsb~)kj{yZx7>CKB03o^GVhRPvCu$Qls|r^D7dSvNb2QRFp)T^ejL?=reB1NrZT=Qu}Z^4p(*TlI-nT2#oJ z79umGuR}tXZRRn!=1-ks9fu&OUT?g&^)rX(L)MuRab{@BAjU7$OqFyE56NV%i{9>c zaaY^wQ>^*n2Z`sy&GB=dnk*@My0-J17MuXGTeq5mV+GCy*k{#ofsU}zC7>~u0X{{A zJ#8bBUOsAQDDwOuP$`-oI#g|EAx3zh4mGfw$ZuEf_+zRq0Yzg=w4IFy+h7&y)c%4Y z{84swKHysoD3LG$Ty}5IIR**U<2s9z@E?4JUqUIGa%C2R@1|Z}JfEGMj_(NK}K_-CR>Hcg#mpKFr%Z?jM z^x|o=+neN9UPS>HXQi%+vsa9u(gyCdQXo3Wk-x^4E7 zD=GY(-Qb}dG(V8kg?aTiZ&w&k0KgAFY{I4Mixw_KWGw52LB<6}gG6D#a{;{S*pO=M zv2#`Tb|6lD@& z48J)hkV~h(K9!$oa-rBi{6cJtQKkI;(tZJVR9kS*oaDXXmoZ}hAw?)vq;^SLnBG0f z-&qKP%17%SsDs&{pb}_a-)r+3Y)>gG(*dYk=9Z&}#mY42`(^;^g-l$PJ(aQz2r8T# z0tkDTz)C|a>D2V3?(Gd6sGX$MBWD9@Oib_7t+F8hw?)J@JnYrlACa;6K!>QgIqe=d zNU`Kl2y#KdiwV^4DK!N^Dr^Mb3`VhbZC`bT@(A3Ib4@DQwc^D>CXF>Lf!h)q`@bQ!H{O~Qa*cZ)p{^JYzfXtmCPA1hSyz;wST>#508-W-BseEejYlt&}2QrvB|Ap^qk~=K_c~iK9`oV0$X-79^Z(lVC3h7=A z7q1)>KpOODBqi6y_BAP<;|KSKT^Y=fklAF0vxE*hbAUjfV(v1NmA|(0%|`n{eq4W7LjF7*}(gZqqNBIxvytHkWfPh`#_n zlp6lXY4?P~5CYx53M9Dev+z1#*eyAIr+gNz2VW zj)_W1Q9=F|b+si%Z}aBO7zw0;dwLwR_aCTWdZlJ%8DmhSmI#;{wSfnZ;?EYbVH+2n zo$@7uDzki)pqaD9)mH4K?3UZ5BF-s`h&T4S%F1Y)_2^#mS$e&8iSE*kOG%>Xq81D0 z%58QOOK*N?y>X4B@t+||3+g{<=$b1= z+rWAoGxLs_vuH|K*?Tf{Yek^RfDxBmRWwL;O^W z)S7YJ7S6QPSvzyfb7`g}X(^5(f;DDZVps94fA5-^mgJevA1s+^Nt)^W@Q;=v|33@@ z;s3;JkVdPliab~~^!SN{AO%KDJj9s7tE{RoKh?L0Y7Nh^XWg7<*fMgn$_lqxO-DVg z&H8l>WOl$kc7OvdhHtk;OIk$`IWec*e(Oo=%gp0^<9(Iq za?LSvjAfr;eda%&OLYmKFDlXeBQ zcz-oeyEXAfxRB`(#_(5Z@U==98<~8s8tCyT20t$6DAc=4u-ejJQqEA!*p@l04FBFg z#lCJ*nLLIi1-%~#J%&dm1@-Mxcf3C_SVFhj8nrBjXE&|w%uwtB*ZWRAm7+gr zCec?g9#`+v8Bn4uR63{{-zt=|X;O`0v_YQD$ZvevND`;8zU-jji}LkAzn5G?@7s=F zS6&~umiNTKzPmWWGF$b?D1%rz6(yVubF0^Mli?r0{JLmP(Iw9)k+lWq6uZpLaXxQ3e()-n-BP3g13*PpePV z)*WNB$}4%_+QjMKb+GyPwV}&-&1FJP{$t70(`|<06!YalTsry)o=X3?#*N|!Y>u3G z?nL#C4qe9pjvSLWnQ%JbQ~XgMtNdp*IM_{VfI)CN=Ad3V8C+HFn3rD$9UF1yemPj9 zaID^cRDU;R+PIgRc=NM(AR}{aA@c?Zb^l;9) z7aD2mGit5_HsAsc;9E(PWux-teL95|rh6*HDP76%nRzbNpT;ylM-=>~>$!GOjha&J z4%~XRCE&N{(064YFuEULD!a#5n#^%H!7X%`KqDQ!#};(D#{Z;khc(6db5`JgBF`Zx zrn~qNll!?u&Pv^H*im~daLwtQx}d4yy4bm=PH=-b>6GNascE@V{5NY}c=?llXls1n z=??Er(dCxRsgbWKmW9gq3sqylSWmF>7kL}pA0KL$bR!QnD8$?kef~6)cUU4}%EQn- z3G6fPx3eGg@pGclX@`S^;C{tsr!zm65Zwk3V08#&V~^iW6rQcXl$L^=jjDX#H#~e@bkBsBSXWk~@~_hO1tEd{Qd!nN0p znzz%d^3k!ZSgB+R3JVukg(rw~DsKUr(vQT*M1FK)o5<}Kc^XV%7G(N^^F 如果你正在运行早于 `0.10.0-beta` 版本的 KoolClash,你需要卸载当前的版本之后重新安装 `0.10.0-beta` 及其之后的版本; -如果你正在使用 `Pre-release` 版本的 KoolClash,你可能需要卸载当前的版本之后重新安装 `Release` 版本。 +?> 如果你正在使用 `Pre-release` 版本的 KoolClash,你可能需要卸载当前的版本之后重新安装 `Release` 版本。 -KoolClash 在每次用户访问插件界面时都会检查 KoolClash 的版本。如果检测到当前安装的 KoolClash 和最新发布的 KoolClash 版本号不符,则会提示用户前往 GitHub Release 页面检查是否有更新。 +?> 如果你正在运行早于 `0.10.0-beta` 版本的 KoolClash,你需要卸载当前的版本之后重新安装 `0.10.0-beta` 及其之后的版本。 + +?> 如果你正在运行早于 `0.16.2` 及其以前版本的 KoolClash,你需要卸载当前的版本之后重新安装 `0.17.0-beta` 及其之后的版本;你还需要修改你的 Clash 配置文件为 `fake-ip`。 + +KoolClash 在每次用户访问插件界面时都会检查 KoolClash 的版本信息。如果检测到当前安装的 KoolClash 和最新发布的 KoolClash 版本号不符(不论当前用户安装了旧版本、或者是未发布的内测版本的 KoolClash),则会提示用户可以前往 GitHub Release 页面检查是否有新版本发布。 ![](/img/update.png) 在 GitHub Release 下载了新版本 KoolClash 的安装包 `koolclash.tar.gz`,前往「koolshare Openwrt 软件中心」使用「离线安装」执行安装即可更新。 -!> 如果 KoolClash 更新时 Clash 进程仍在运行,KoolClash 会先停止 Clash 之后再继续安装。这会导致软件中心出现「软件中心异常」的红字提示,这是正常现象、KoolClash 安装进程仍在继续,请不要刷新或关闭页面,务必等待安装完成! +!> 如果 KoolClash 更新时 Clash 进程仍在运行,KoolClash 会先停止 Clash 之后再继续安装。在更新 KoolClash 时,软件中心可能会出现「软件中心异常」的红字提示,这是正常现象、KoolClash 安装进程仍在继续,请不要刷新或关闭页面、务必等待安装完成! ## 卸载 -!> 卸载 KoolClash 之前,必须先停止 Clash! +!> 卸载 KoolClash 之前,必须先停止 Clash 进程! -在「koolshare Openwrt 软件中心」找到 KoolClash,直接点击「卸载」即可,KoolClash 卸载后软件中心页面会自动刷新。 +在「koolshare Openwrt 软件中心」找到 KoolClash,直接点击「卸载」即可。KoolClash 卸载后软件中心页面会自动刷新。 diff --git a/docs/usage.md b/docs/usage.md index 134f459..f774fdf 100755 --- a/docs/usage.md +++ b/docs/usage.md @@ -53,7 +53,7 @@ dns: 此时你可以勾选「DNS 配置开关」并提交 自定义 DNS 配置,KoolClash 会用你提交的 自定义 DNS 配置 来覆盖 Clash 配置文件中已有的 DNS 配置。 -?> 在 `0.14.1-beta` 版本之前,无论你是否提交过 自定义 DNS 配置,当你通过上传或者更新托管配置的方式提交一个 包含合法 DNS 配置的 Clash 配置文件时,KoolClash 都不会用自定义 DNS 配置文件进行覆盖。你需要勾选「DNS 配置开关」并重新提交 自定义 DNS 配置。 +?> 在 `0.14.1-beta` 版本之前,无论你是否提交过 自定义 DNS 配置,当你通过上传或者更新托管配置的方式提交一个 包含合法 DNS 配置的 Clash 配置文件时,KoolClash 都不会用自定义 DNS 配置文件进行覆盖,需要你勾选「DNS 配置开关」并重新提交 自定义 DNS 配置。 ?> 从 `0.14.1-beta` 开始,如果你曾经使用 自定义 DNS 配置覆盖过 Clash 配置文件中的 DNS 配置文件,那么在你下次提交一个 包含合法 DNS 配置的 Clash 配置文件时,KoolClash 将自动用 自定义 DNS 配置 进行覆盖。 @@ -61,7 +61,9 @@ dns: ?> 从 KoolClash `0.10.0-beta` 版本开始,KoolClash 会自动修改 Clash 将 DNS Server 运行在 23453 端口上,并将 LEDE/OpenWrt 中内置的 dnsmasq 设置转发 DNS 查询请求到 Clash 上。因此用户不再需要修改 dnsmasq 监听的端口就可以直接使用 KoolClash。 -!> 这一部分内容是关于 KoolClash 旧版本的。如果你在使用更新版本的 KoolClash,将不需要执行下述操作! +?> 从 KoolClash `0.17.0-beta` 版本开始,KoolClash 会自动修改 Clash 将 DNS Server 运行在 23453 端口上,同时不再令 dnsmasq 转发 DNS 查询请求转发给 Clash DNS。 + +!> 这一部分内容是关于 KoolClash 旧版本的。如果你在使用 `0.10.0-beta` 及更新版本的 KoolClash,将不需要执行下述操作! Clash 的规则依赖 Clash 接管 DNS 解析。在 `0.10.0-beta` 版本以前,KoolClash 选择由 Clash 直接接管 DNS,所以在使用 KoolClash 之前需要修改 LEDE/OpenWrt 中 dnsmasq 监听的端口:在「网络 - DHCP/DNS - 服务器设置 - 高级设置」中,找到「DNS 服务器端口」,修改为除了 53 以外任何不冲突的端口,「保存并应用」。 @@ -81,12 +83,28 @@ Clash 的规则依赖 Clash 接管 DNS 解析。在 `0.10.0-beta` 版本以前 ?> 如果 KoolClash 没有检测到 Clash 配置文件、或者 Clash 配置文件语法不规范、或者 Clash 配置文件中没有合法的 DNS 配置,都会导致无法启动;如果 Clash 进程无法运行,可能是由于提交的 Clash 配置文件存在问题,此时 KoolClash 会自动中断启动流程并回滚一切操作,而你应该去检查 Clash 配置文件。 -!> 无论是启动、重启、停止 Clash,或 KoolClash 中断或阻止了 Clash 的启动,你都应该等待插件页面提示信息的倒计时结束、页面自动刷新以后再执行操作。 +!> 无论是启动、重启、停止 Clash,或因为某些原因 KoolClash 中断、阻止了 Clash 的启动,你都应该等待插件页面提示信息的倒计时结束、页面自动刷新以后再执行操作。 KoolClash 启动以后,你可以通过检查「Clash 运行状态」和「IP 地址检查 & 网站访问检查」来判断代理运行状态。你可以通过「Clash 外部控制」中「访问 Clash 面板」或在浏览器中访问 `http://[LAN IP]/koolclash/index.html` 来访问 Clash 面板,在面板中可以切换节点、测试节点延时和查看 Clash 日志。 !> 首次访问 Clash 面板时会要求你提交外部控制设置。请严格按照 KoolClash 在插件页面中给出的外部控制设置参数进行填写! +## 修改设备的网络设置 + +?> 从 KoolClash `0.17.0-beta` 版本开始,KoolClash 将以 Fake-IP 模式运行,与 Surge 的增强模式类似。 + +!> 这一部分内容是关于 KoolClash 新版本的。如果你在使用早于 `0.17.0-beta` 版本的 KoolClash,将不需要执行下述操作! + +启动 KoolClash 后,修改你的设备的网络设置,将网关设置为你安装 KoolClash 的设备的 LAN IP,将 DNS 修改为 `198.19.0.0/24` 中的任何一个 IP。 + +> 说人话就是直接把主 DNS 改成 `198.19.0.1` 备 DNS 改成 `198.19.0.2` 就行。 + +除了手动为需要的设备修改 DNS 和网关,你也可以直接修改当前局域网内 DHCP Server 的配置、为所有设备统一下发网关和 DNS。 + +修改完毕以后,你的设备就可以正常上网了。 + +!> 当你停止 Clash 进程以后,应当立刻将设备的 DNS 修改回之前的 DNS,同时还要刷新设备的 DNS 缓存避免 Fake-IP 的解析结果被继续使用。 + ## Clash 访问控制 ### IP/CIDR 白名单 @@ -97,7 +115,7 @@ KoolClash 启动以后,你可以通过检查「Clash 运行状态」和「IP ### ~~Chromecast~~ -?> 从 KoolClash `0.17.0-beta` 版本开始,KoolClash 使用 Clash 的 Fake-IP,不再提供 Chromecast 功能。 +?> 从 KoolClash `0.17.0-beta` 版本开始,KoolClash 使用 Clash 的 Fake-IP 和 KoolClash 自己实现的 Fake-DNS,不再提供 Chromecast 功能。 启用 Chromecast 功能后,将会劫持使用 UDP 协议发往不位于当前 LAN 网段的 53 端口的所有请求、并转发给 Clash,最终返回 Clash 给出的解析结果(即劫持常规 DNS 解析)。 From ae8a0482d3bcb86d054a88a707ac493b1ab53a8a Mon Sep 17 00:00:00 2001 From: SukkaW Date: Sat, 11 May 2019 15:22:16 +0800 Subject: [PATCH 6/6] version 0.17.0-beta --- docs/koolclash_version | 2 +- koolclash/webs/res/koolclash_.version | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/koolclash_version b/docs/koolclash_version index 3b7660a..267d9bd 100755 --- a/docs/koolclash_version +++ b/docs/koolclash_version @@ -1 +1 @@ -0.16.2 \ No newline at end of file +0.17.0-beta \ No newline at end of file diff --git a/koolclash/webs/res/koolclash_.version b/koolclash/webs/res/koolclash_.version index 3b7660a..267d9bd 100755 --- a/koolclash/webs/res/koolclash_.version +++ b/koolclash/webs/res/koolclash_.version @@ -1 +1 @@ -0.16.2 \ No newline at end of file +0.17.0-beta \ No newline at end of file