From 1ee373e3e5b1721063907b0d634c166d203a69e0 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 23 Sep 2015 22:40:16 +0200
Subject: [PATCH 001/169] use-cases: fixed CSV header for logreplay example
 file

---
 use-cases/logger-repeater.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/use-cases/logger-repeater.sh b/use-cases/logger-repeater.sh
index 2f0cba2..b4135ff 100755
--- a/use-cases/logger-repeater.sh
+++ b/use-cases/logger-repeater.sh
@@ -50,7 +50,7 @@ fi
 if [ "$1" = "generate" ]; then
   file=`mktemp`
   cat > $file <<KONEC
-SRC_IP,DST_IP,SRC_PORT,DST_PORT
+ipaddr DST_IP,ipaddr SRC_IP,uint16 SRC_PORT,uint16 DST_PORT
 192.168.0.1,192.168.0.2,1234,80
 192.168.0.2,192.168.0.1,80,1234
 1.2.3.4,8.8.8.8,6853,53

From b1d05bd5c1ba4913bd7a786856a3bb14d86de802 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 23 Sep 2015 22:47:39 +0200
Subject: [PATCH 002/169] Updating submodules revisions

---
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/detectors b/detectors
index fb487a7..a380d4f 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit fb487a74e6d21168684d1987b20ad57ec4a1b8c9
+Subproject commit a380d4fa9fdc3034cdb00d621d2df5a43f602be3
diff --git a/modules b/modules
index 99dc4c9..5f9dd57 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 99dc4c9890a69742bb742adc2265cd351bad2497
+Subproject commit 5f9dd573a87d50ffb70498c321c659c3ae0ddb1d
diff --git a/nemea-framework b/nemea-framework
index a5f2134..e73fe76 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit a5f21343d764a1aafd25cafd344f1bf0d9f6a643
+Subproject commit e73fe76c5f821fc13382c5c406d309da3d55e5c7
diff --git a/nemea-supervisor b/nemea-supervisor
index 0fb16cb..b3dfc25 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 0fb16cbe490c736e81b4380d7e1ccecc19548b26
+Subproject commit b3dfc2587bf4315c7e457579da2cb33cf3f475f2

From 18de1bce4862ef773837cfc012aea1ffb794c058 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 23 Sep 2015 23:21:53 +0200
Subject: [PATCH 003/169] doc: quick start

---
 README.md | 135 +++++++++++++++---------------------------------------
 1 file changed, 38 insertions(+), 97 deletions(-)

diff --git a/README.md b/README.md
index 0e7557b..fb2b0cc 100644
--- a/README.md
+++ b/README.md
@@ -71,117 +71,58 @@ Congratulations, the whole Nemea system should be installed right now... :-)
 Quick Start Guide
 =================
 
-TODO: add logreplay and logger, since nfreader requires additional
-dependency.
-
-This section shows how to manually start Nemea modules. Module description and
-specific parameters could be shown by running module with parameter "-h":
-```
-nfdump_reader -h
-```
-
-There are two possible data inputs for Nemea modules:
-  a) from nfdump file (static data)
-  b) from [IPFIXcol](https://github.com/CESNET/ipfixcol/) with UniRec plugin
-     (real-time data).
-
-a) Data from nfdump files could be read and sent to Nemea by "nfdump_reader"
-module. Following command will send records from file "nfcapd.201406001" to TCP
-interface on port 9988 in UniRec format:
-```
-nfdump_reader -i t:9988 /data/nfcapd.201406001
+The heart of the Nemea system is a Nemea module. Nemea modules are building blocks - independent system processes
+that can be connected with each other. Information about every module can be found in its help:
+````
+./module -h
 ```
 
-Another module then could capture and process this data, e.g. DNS amplification
-detector:
-```
-dns_amplification -i t:localhost:9988,u:DNS_amp
-```
-  
-After executing both commands, DNS amplification detection on data from given
-file will be done. Possible attacks will be reported on Unix socket "DNS_amp".
+Every Nemea module can have one or more communication interfaces (IFC) implemented in
+[libtrap](./nemea-framework/libtrap). There are two types of IFCs: **input** and **output**. Numbers of module's IFCs
+can be found in its help.
 
-b) Real-time data from IPFIXcol could be provided to Nemea also. First run
-IPFIXcol, e.g.:
+At the beginning, let's try the `logreplay` module ([./modules/logreplay](./modules/logreplay)).
+The help output shows that `logreplay` has one output IFC:
 ```
-ipfixcol -d -c /data/configs/startup.xml
+Name: LogReplay
+Inputs: 0
+Outputs: 1
+Description:
+  This module converts CSV from logger and sends it in UniRec. The first row
+  of CSV file has to be data format of fields.
 ```
 
-File `startup.xml` should contains configuration for IPFIXcol plugin, among
-others there will be settings for output UniRec format and output interface.
-Example of such configuration file for UniRec plugin is at the end of this
-section. Command for running Nemea module with input from IPFIXcol (e.g. on TCP
-port 9966) remains same as with input from `nfdump_reader`:
+The complement module is `logger` ([./modules/logger](./modules/logger)), help output:
 ```
-dns_amplification -i t:localhost:9966,u:RT_DNS_amp
+Name: Logger
+Inputs: variable
+Outputs: 0
+Description:
+  This module logs all incoming UniRec records to standard output or into a
+  specified file. Each record is written as one line containing values of its
+  fields in human-readable format separated by chosen delimiters (CSV format).
+  If you use more than one input interface you have to specify output format
+  by parameter "-o".
 ```
-  
-Another examples of starting Nemea modules follows:
-ex1) This example starts two `nfdump_readers` on two different files. Records
-from both files are then merged into one stream and sent on TCP interface,
-port 9920:
 
-```
-nfdump_reader -i "t:9911" /data/link1/nfcapd.201406001
-nfdump_reader -i "t:9912" /data/link2/nfcapd.201406001
-merger -i t:localhost:9911,t:localhost:9912,t:9920 -n 2
-```
+Two modules can be interconnected using one input IFC and one output IFC.
 
-ex2) This more complex example start one "nfdump_reader" on multiple files. All
-files are read sequentially and sent on output interface. Data from
-"nfdump_reader" are then anonymized and sent to "hoststatsnemea" detector and
-to "flowcounter". Reports from detector are then stored to CSV file via
-"logger":
+The [./use-cases](./use-cases) directory contains example scripts that demonstrate usage and functionality of
+Nemea modules. `logreplay` and `logger` can be found in [logger-repeater.sh](./use-cases/logger-repeater.sh).
+Start the script to see how flow records are replayed from CSV file by `logreplay` and received by `logger`:
 ```
-nfdump_reader -i "u:HS_src" /data/0601/nfcapd.0000 /data/0601/nfcapd.0005
-    /data/0601/nfcapd.0010 /data/0601/nfcapd.0015
-  anonymizer -i u:localhost:HS_src,u:HS_an -k 0AnonymizationKeyWithLengthof32B
-  flowcounter -i u:localhost:HS_an -p 100000
-  hoststatsnemea -i u:HS_an,u:HS_report -F
-  logger -i "u:HS_report"
-```
-
-note: In hoststatsnemea configuration file should be "port-flowdir = 1".
-
-Example of configuration file for UniRec plugin for IPFIXcol:
-
-TODO: update if needed
-
+cd use-cases
+./logger-repeater.sh generate
 ```
-<?xml version="1.0" encoding="UTF-8"?>
-<ipfix xmlns="urn:ietf:params:xml:ns:yang:ietf-ipfix-psamp">
 
-  <collectingProcess>
-    <name>UDP collector</name>
-    <udpCollector>
-      <name>Listening port 4740</name>
-      <localPort>4740</localPort>
-      <localIPAddress></localIPAddress>
-    </udpCollector>
-    <exportingProcess>UniRec output</exportingProcess>
-  </collectingProcess>
+To get usage of scripts from `use-cases`, execute a script without parameter. The `generate` parameter of
+`logger-repeater.sh` can be used to generate CSV file automatically. For more information, see source codes of
+scripts.
 
-  <exportingProcess>
-    <name>UniRec output</name>
-    <destination>
-      <name>Make unirec from the flow data</name>
-      <fileWriter>
-        <fileFormat>unirec</fileFormat>
-        <!-- Default interface -->
-        <interface>
-          <type>t</type>
-          <params>9966,16</params>
-          <ifcTimeout>0</ifcTimeout>
-          <flushTimeout>10000000</flushTimeout>
-          <bufferSwitch>1</bufferSwitch>
-          <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,
-		    PACKETS,?DST_PORT,?SRC_PORT,DIR_BIT_FIELD,PROTOCOL,?TCP_FLAGS</format>
-        </interface>
-      </fileWriter>
-    </destination>
-  </exportingProcess>
-</ipfix>
-```
+`logreplay` is one of possible ways of getting data into the Nemea system.
+There is a [nfreader](./modules/nfreader) module that is able to read and replay `nfdump` files.
+Last but not least, there is an [ipfixcol(]https://github.com/CESNET/ipfixcol/) with [ipfixcol2unirec](https://github.com/CESNET/ipfixcol/tree/master/plugins/storage/unirec)
+that is capable of exporting flow data in UniRec format and send it via libtrap IFC.
 
 Manage Nemea modules efficiently
 ================================

From d5a630fbd1d88d48ddb164e15619e2e3d777f1a0 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 24 Sep 2015 08:28:03 +0200
Subject: [PATCH 004/169] Updating Nemea-Modules submodule revision

---
 modules | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules b/modules
index 5f9dd57..a00788e 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 5f9dd573a87d50ffb70498c321c659c3ae0ddb1d
+Subproject commit a00788e61ced83aedc0d69317b697d81f790b563

From a673054ca830850a49cff3c63d79378d97c62507 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 24 Sep 2015 10:28:23 +0200
Subject: [PATCH 005/169] readme revision: add configure params example

---
 README.md | 25 +++++++++++++++++--------
 1 file changed, 17 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index fb2b0cc..64ccfd6 100644
--- a/README.md
+++ b/README.md
@@ -3,12 +3,16 @@ NEMEA System
 
 Travis CI build: [![Build Status](https://travis-ci.org/CESNET/Nemea.svg?branch=master)](https://travis-ci.org/CESNET/Nemea)
 
-This file describes the Nemea system in detail. To see more general information,
-please have a look at https://www.liberouter.org/nemea.
+This file describes the installation and basic usage of the Nemea system.
+To see more general information, please have a look at
+https://www.liberouter.org/nemea.
 
 Installation
 ============
 
+There are three different ways of installation of the Nemea system covered
+in this document: vagrant, binary packages and spurce codes.
+
 Vagrant
 -------
 
@@ -18,7 +22,7 @@ For more information see [./vagrant/](./vagrant/).
 Binary packages
 ---------------
 
-The Nemea system can be also installed using binary packages. Information will
+The Nemea system can be installed from binary packages. Information will
 be supplied soon.
 
 Source Codes installation
@@ -41,13 +45,18 @@ After successful clone, use:
 that will create `configure` scripts and other needed files.
 
 The `configure` script supplies various possibilities of
-configuration and uses some environmental variables that influence the build
+configuration and it uses some environmental variables that influence the build
 and compilation process. For more information see:
 ```
 ./configure --help
 ```
 
-Build process can be started by:
+We recommend to set paths according to the used operating system e.g.:
+```
+./configure --prefix=/usr --bindir=/usr/bin/nemea --sysconfdir=/etc/nemea --libdir=/usr/lib64
+```
+
+After finishing `./configure`, build process can be started by:
 
 ```
 make
@@ -59,7 +68,7 @@ that should be run in parallel.
 
 When the compilation process ends without any error, the package can be installed
 into paths that were set by `configure`. It is recommended NOT to change
-target paths by passing variables to make(1).
+target paths by passing variables directly to make(1).
 The installation can be done by (usually it requires root / sudo):
 
 ```
@@ -121,8 +130,8 @@ scripts.
 
 `logreplay` is one of possible ways of getting data into the Nemea system.
 There is a [nfreader](./modules/nfreader) module that is able to read and replay `nfdump` files.
-Last but not least, there is an [ipfixcol(]https://github.com/CESNET/ipfixcol/) with [ipfixcol2unirec](https://github.com/CESNET/ipfixcol/tree/master/plugins/storage/unirec)
-that is capable of exporting flow data in UniRec format and send it via libtrap IFC.
+Last but not least, there is an [ipfixcol](https://github.com/CESNET/ipfixcol/) with [ipfixcol2unirec](https://github.com/CESNET/ipfixcol/tree/master/plugins/storage/unirec)
+that is capable of exporting flow data in UniRec format and sending it via libtrap IFC.
 
 Manage Nemea modules efficiently
 ================================

From 9454da5e6d9632496b792e32d666545e5d420902 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 25 Sep 2015 19:09:28 +0200
Subject: [PATCH 006/169] distcheck: disable systemd because of supervisor

---
 Makefile.am | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Makefile.am b/Makefile.am
index 4181bc8..5380cb4 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1 +1,6 @@
 SUBDIRS=nemea-framework nemea-supervisor modules detectors
+
+# because of supervisor, disable systemd checking and installation during
+# distcheck
+DISTCHECK_CONFIGURE_FLAGS="--without-systemd"
+

From bdd0599ec71bbde2ca47c674ca05d9019a258380 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 25 Sep 2015 19:10:34 +0200
Subject: [PATCH 007/169] Updating revision of all submodules

---
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/detectors b/detectors
index a380d4f..3dd5b6e 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit a380d4fa9fdc3034cdb00d621d2df5a43f602be3
+Subproject commit 3dd5b6ed902dfe96ffe39c4eb185ebaff9c06703
diff --git a/modules b/modules
index a00788e..0b96b57 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit a00788e61ced83aedc0d69317b697d81f790b563
+Subproject commit 0b96b57c3132ffa6b7db9ca57d816f06ae6d0641
diff --git a/nemea-framework b/nemea-framework
index e73fe76..56492b0 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit e73fe76c5f821fc13382c5c406d309da3d55e5c7
+Subproject commit 56492b0ccad2d8a0db226b1268e6a17b0581db11
diff --git a/nemea-supervisor b/nemea-supervisor
index b3dfc25..19b893c 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit b3dfc2587bf4315c7e457579da2cb33cf3f475f2
+Subproject commit 19b893c86171195dccbdc80c061e7381ec67bf97

From 74f98edc48ce91dd665e3a04649ac809c89c0d75 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sun, 2 Aug 2015 04:04:13 +0200
Subject: [PATCH 008/169] use-cases: unirecfilter to split traffic for multiple
 flowcounters

The script starts nfreader to replay flow records that are sent into
unirecfilter and then via multiple output interfaces (with different
conditions) to flowcounters.
---
 use-cases/traffic-filtering-stats.sh | 93 ++++++++++++++++++++++++++++
 1 file changed, 93 insertions(+)
 create mode 100755 use-cases/traffic-filtering-stats.sh

diff --git a/use-cases/traffic-filtering-stats.sh b/use-cases/traffic-filtering-stats.sh
new file mode 100755
index 0000000..01c37e9
--- /dev/null
+++ b/use-cases/traffic-filtering-stats.sh
@@ -0,0 +1,93 @@
+#!/bin/bash
+# Author: Tomas Cejka <cejkat@cesnet.cz>
+# Copyright (C) 2015 CESNET
+#
+# LICENSE TERMS
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+# 3. Neither the name of the Company nor the names of its contributors
+#    may be used to endorse or promote products derived from this
+#    software without specific prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL) version 2 or later, in which case the provisions
+# of the GPL apply INSTEAD OF those given above.
+#
+# This software is provided ``as is'', and any express or implied
+# warranties, including, but not limited to, the implied warranties of
+# merchantability and fitness for a particular purpose are disclaimed.
+# In no event shall the company or contributors be liable for any
+# direct, indirect, incidental, special, exemplary, or consequential
+# damages (including, but not limited to, procurement of substitute
+# goods or services; loss of use, data, or profits; or business
+# interruption) however caused and on any theory of liability, whether
+# in contract, strict liability, or tort (including negligence or
+# otherwise) arising in any way out of the use of this software, even
+# if advised of the possibility of such damage.
+#
+
+if [ $# -eq 0 ]; then
+  echo "$0 nfdump_file...
+
+This script expects one or more NFDUMP files.  It replays the flows
+and sends them into unirecfilter.  Unirecfilter has 4 output IFCs
+that are connected with 4 flowcounters.
+
+As a result, 4 statistics are computed:
+  # of flows with src or dst port 25
+  # of flows with src or dst port 80
+  # of flows with src or dst port 22
+  # of flows that don'ŧ have ports 22, 25, or 80
+These numbers are summed.
+"
+  exit 0
+fi
+
+# Prepare files and filenames
+services="ssh web smtp other"
+conffile=`mktemp`
+
+nfifc="u:cejkat2"
+urifc=$nfifc
+for i in $services; do
+  urifc="$urifc,u:$i"
+  flcnt="$flcnt $i"
+done
+
+cat > $conffile <<KONEC
+:SRC_PORT == 25 OR DST_PORT == 25;
+:SRC_PORT == 80 OR DST_PORT == 80;
+:SRC_PORT == 22 OR DST_PORT == 22;
+:SRC_PORT != 22 AND SRC_PORT != 80 AND SRC_PORT != 25 AND DST_PORT != 22 AND DST_PORT != 80 AND DST_PORT != 25;
+KONEC
+
+# Start modules to replay given files (arguments) and compute statistics
+../modules/nfreader/nfdump_reader -i $nfifc $@ > /dev/null&
+../modules/unirecfilter/unirecfilter -i $urifc -f $conffile > /dev/null&
+for i in $services; do
+  ( ../modules/flowcounter/flowcounter -i "u:$i" | sed -n 's/Flows:\s*\([0-1]*\)/\1/p' > ${i}; )&
+  pids="$pids $!"
+done
+
+echo "Running, wait a moment please..."
+
+# Wait until children die
+for i in $pids; do
+  wait $i
+done
+
+# Statistics:
+awk '{s+=$1; sub(".cnt", "", FILENAME); print FILENAME":", $1;} END{print "Total:", s;}' $flcnt
+
+# Cleanup
+rm $flcnt $conffile
+

From 4baea479705e8477cec843d175ea9cab8e7229d7 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 9 Oct 2015 10:31:34 +0200
Subject: [PATCH 009/169] use-cases: updated logger-repeater example

Input UniRec specifier is no more needed by logger - it is currently handled by negotiation.
---
 use-cases/logger-repeater.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/use-cases/logger-repeater.sh b/use-cases/logger-repeater.sh
index b4135ff..d49e956 100755
--- a/use-cases/logger-repeater.sh
+++ b/use-cases/logger-repeater.sh
@@ -67,7 +67,7 @@ fi
 # Start replaying
 ../modules/logreplay/logreplay -i "u:my_socket" -f "$file"&
 
-../modules/logger/logger -i "u:my_socket" -t `head -1 "$file"`
+../modules/logger/logger -i "u:my_socket" -t
 
 # Cleanup
 if [ "$1" = "generate" ]; then

From 1dfdbd9c1723dfe14598e706829d870a32a05614 Mon Sep 17 00:00:00 2001
From: Marek Svepes <svepemar@fit.cvut.cz>
Date: Fri, 9 Oct 2015 10:44:04 +0200
Subject: [PATCH 010/169] use-cases: added new use-case (test of basic modules)

- testing connection of all basic modules (nfreader, merger, logger, logreplay and flowcounter)
- added netflow data file - random generated 6000 flows
---
 use-cases/basic_modules.sh           |  81 +++++++++++++++++++++++++++
 use-cases/nfcap_6000_gener_flows.dat | Bin 0 -> 92139 bytes
 2 files changed, 81 insertions(+)
 create mode 100755 use-cases/basic_modules.sh
 create mode 100644 use-cases/nfcap_6000_gener_flows.dat

diff --git a/use-cases/basic_modules.sh b/use-cases/basic_modules.sh
new file mode 100755
index 0000000..cc42186
--- /dev/null
+++ b/use-cases/basic_modules.sh
@@ -0,0 +1,81 @@
+#!/bin/bash
+# Author: Marek Svepes <svepemar@fit.cvut.cz>
+# Copyright (C) 2015 CESNET
+#
+# LICENSE TERMS
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+# 3. Neither the name of the Company nor the names of its contributors
+#    may be used to endorse or promote products derived from this
+#    software without specific prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL) version 2 or later, in which case the provisions
+# of the GPL apply INSTEAD OF those given above.
+#
+# This software is provided ``as is'', and any express or implied
+# warranties, including, but not limited to, the implied warranties of
+# merchantability and fitness for a particular purpose are disclaimed.
+# In no event shall the company or contributors be liable for any
+# direct, indirect, incidental, special, exemplary, or consequential
+# damages (including, but not limited to, procurement of substitute
+# goods or services; loss of use, data, or profits; or business
+# interruption) however caused and on any theory of liability, whether
+# in contract, strict liability, or tort (including negligence or
+# otherwise) arising in any way out of the use of this software, even
+# if advised of the possibility of such damage.
+#
+
+
+# This script shows connection of the basic Nemea modules
+# (nfreader, merger, logger, logreplay and flowcounter). Three nfreader
+# modules read netflow data from input file and send them in unirec format
+# to merger module which sends incoming data from all input interfaces
+# to one output interface. The data are stored into csv file by logger module.
+# The csv file can be read by logreplay module which sends them again
+# in unirec format to flowcounter module. Result of this module is number
+# of received flows (it should be number of flows from nfreader input file x 3).
+
+#                     ----------
+#  netflow.data ---> | nfreader | ----------
+#                     ----------           |
+#                                          v
+#                     ----------        --------        --------
+#  netflow.data ---> | nfreader | ---> | merger | ---> | logger | ---> file.csv
+#                     ----------        --------        --------
+#                                          ^
+#                     ----------           |
+#  netflow.data ---> | nfreader | ----------
+#                     ----------
+
+#                 -----------        -------------
+#  file.csv ---> | logreplay | ---> | flowcounter | ---> Result (number of flows)
+#                 -----------        -------------
+
+# Input file for nfreader modules (netflow data)
+INPUT_FILE="./nfcap_6000_gener_flows.dat"
+# Logger output file (csv format)
+LOGGER_OUTPUT_FILE="./logger_test_out"
+
+printf ">>> Starting 3 nfreaders, merger and logger...\n>Nfreaders sent:\n"
+../modules/nfreader/nfdump_reader -i u:nfr1_test_out $INPUT_FILE &
+../modules/nfreader/nfdump_reader -i u:nfr2_test_out $INPUT_FILE &
+../modules/nfreader/nfdump_reader -i u:nfr3_test_out $INPUT_FILE &
+../modules/merger/merger -n 3 -i u:nfr1_test_out,u:nfr2_test_out,u:nfr3_test_out,u:merger_test_out &
+../modules/logger/logger -i u:merger_test_out -w $LOGGER_OUTPUT_FILE -t
+
+printf ">>> Starting logreplay and flowcounter...\n>Flowcounter received:\n"
+../modules/logreplay/logreplay -i u:logrep_test_out -f $LOGGER_OUTPUT_FILE &
+../modules/flowcounter/flowcounter -i u:logrep_test_out
+
+# Cleanup
+rm -f ./logger_test_out
diff --git a/use-cases/nfcap_6000_gener_flows.dat b/use-cases/nfcap_6000_gener_flows.dat
new file mode 100644
index 0000000000000000000000000000000000000000..96490f28ef7da7a4b50fa1da3847af34934e0de3
GIT binary patch
literal 92139
zcmc$H_kR>s_y4^!lWYhJyUBzsgblmwgzUlw5=sa?^xj+Oy|V#CI$3&=B3<c4iXdG;
zL|{S{5GkTGm7<6um`D*taA)#)pSwK2eE)&(^LqK1)6YHk+<s=YZsUwICjQBuIA~~K
zAb|f*{~P598!qS6Bk8ZZ=g2e09$Lk}*qw;*zxONQfB*0QYe?G#|AZ3p0yW`(gtz~G
zbTX{x#asFRN1WZSnceB9dfA=+C-x5f_<9g$5)g$XX2-wmEP|=550j!<Lnig1n6>33
zx49O{MKTBb@bCo5!k<izE*)Pux_ZH8_OiklX%FK^z#Gl#p5@A6{u3mwc#HDdFZ;-O
zQNf6~KGG$Y!-sHRh$&5^pF#f7YqB|4b7XfRpuU$L0A&H{=}C7HAlk^k0MP`979|N0
z(MNs=gjD-apDQRho=Lv~alvcwpu1>DQTDUn0Jnxj-Q8f|$`1Ajh$tXt``twfSYPRP
zziGKRO-OHMk3sy-Yx2%{0#TSf0ipohIfDh_UHK0n6d(d#f#@dZ0r3S8QLO}Gf|L)$
z_ds;oFAyKde*)1Ch^rd~B9lJ_q9YK+whM&8o&m8Eh`GxJqOJTKh`vCyZ%$5LWiNu6
zHO-MvZVGaD=`WDi!OadS0?|Tx34{;)lamD^$o>Z6IuQ342}C6O2Z$ITo@SE9{?aSI
z$-ciQh^M4~K`iYx)iYlT#8=X5AROTSVXZ*yXK#RL>NVy4@d8m!{tt-T;AqxfAezb{
zAQHT$bhDU1bm0aNFVGVw&=ZA}dy)zG5+te*f(JZSE(i<;`{dVx{V8L}rAKJf_%Z^a
zaSp^;ufaBGOFYO2m$E>TfVv13-;DqdS57h+h_>MQ)?L($Tq|dvFXuIsaxiF9wn`Bo
zzJkWl<-si}i98aB-VhHaxr?A}%#)uq9>O&toOoaI<hvV#_{%z>JCPLvx65lPP0tI5
z{^HR<OhkhQK!1c{<%I!PfyALZLZYW+1)>z%wDM<)u_PDCLGtn;<Ai)CsVK;V*tc0A
zeB1^^Q7BmD6o^gC4n!R&C^3;7%$2im#S(unL0-#ZL9P$PQ<p$omsB7sL&4_y0<nn2
z0dX9NZU+UT87~Gz1@zmxcLbskiwEL!=(tc%Abyn`K$HX`vxh*GmWu;13y4m;1mZin
z1P~R0_&7@-8cGR3Yz4wyTp+6Rl0Y1Q*~!ZU;xKapVIZ_O5Gt;;mJ<O#1w)(XVBkt$
zsT2@<fk>@G65PXGwaS^bzfBbK%efom&tRd^ZGk9YrGZHGnwE6~1fm)90Fefci<<<Z
zm!tuq0+CfhAktY95X;eB$KXS8<x9B?;2tn}=0`AaWj#v<;wTWyR*?js&b;uU>W8N(
z_Ac3zSJ`LQdEpk?8cAirJjZKDL!d29`B*9kxEWel0NAHIWq!bZIQZfc1SBPervT9$
z=F`AXTB**<15Ss3(`S%*K1Z$qYYm@I7Wz*~sUUv@{dOdyXD<tk^qHk=KOk16zFZN+
z2(KZJaThIUG*GJKH$5E=z)c<_2MT;f%M}nRR|)y-!_*`-ZY#tpv2=*hn13^x@^L1s
z>Niu)j1>kS@eB~1@W=N;AWqBGfT)fZRfUl%x8&+MNE5bXs?ZgbYJj@IYewI>F4*_7
znn274`)IT;OBpBC0^A+e%YP#zhRC&ncozY<4(F<F;GVqlKGS9YQ&2auOi)+Aygrb8
z`;OK18^u>am8xuD^+5a67vd013ZPY~y}U-mEV$KpD{J64%bamQiOfgxh6rI+>|eqo
zFKYy`50UGI+fffTf?(|?01wY5@K22I{)=Gn#aRN2z@Jt=Bhn8W1H19;S0g~0KaXNM
zPRf2d15F>%nLLY-TKLV1Ih}-!=Da0rtO9HCy8<zqwF2S<xJy?fwWWFXtq%aLYece(
zr8a)keXkEuTETwHQ;@v<1A&iZPkz72h-b6=LQ!kh9*Qm_T%FL)z&mmWzu9#02jou=
zxH`aRIx031oYA}!IFpbKTfyn%a%aC;JN+r_aaqpt8zpN2-EIf(;y0_!cu44I-qml!
zy+iRkA$Rke(f-ne4ocnqhT|^;AfYw9sha0C3Pqv^vX!$^Pnf9YH7r#Cw^VxYUVwMQ
zx$e}LRpC$<pV2H6!~x0+-Ur0dNZn!}*7^YL961+x@Om-ajZ_lkejv|<Y!9$kP>x9b
z0T)4xY8(XvS7PJ=K-_@Df@`9IPuM^pMk2ND35kW$Aix?J?u`@@%jCg8yayHY(uIUm
z9s<NnNHl{)QRN&T3ivnl{gIC0mJaiT`ojebu256u8)-Pme*wOam^9zU0)C^07k@UJ
zEoG+|?e`$+^0yqTLvKX+eYC3WT^?xTGqPNeZ=~#$M?wA_EDiP!V3lsMY>SNcj{`MH
znJ<k7bs3zA()uiO7cxhE$vk=KKBH!T&|4~+GzRo6Sbqh0oRY!E0;a|L_)4@!QAV<H
zK%DfN5ofS+n5;8JbPx2c_ghzaj(=Dy^r6y*O#sg~5Q_Sia-==H9q|zw+;k2a%)aH5
z{H8plCH?(?P4*iRRaYgt3l&6dVmUc&(5Nji9idc~gV3@L@MOSTS;3|Neu5;uR|>Ak
zN+CWKhy}2XqzYA3R`6+n&jU_CxXLeN)BQ%>vj|X`dT3*Y&uDxRd@Yr&Y$o`2V$|k>
z*sTYK;_xky`UX-%e&w@0p)r6qf>v)lJnvBz&|E;JVvvYsW&nx;XOoNkJ-<=58&uX&
zTFLXEvM|E74~$K+<Upp+C^-#(&l@3U_nr=?kIjYCRvyI{)+%Q#hg+dSaxMNo#C&G4
z#6uLPGnm#J`^<{fYEo#b$cz1E;nx>L65W@Ufb*c&u)Pc0b58K3o)D5Q;*Jkwu3VCr
zfxHi9T8<IDf(DQ98KnoqgR1YKfgL*|1rR2);$AeO@nAHfIH1kn!em>YF(yC}8zQar
zn=!{WK!dUe8d~^F%k4je{T6&R44g(EK5rlpo#iz^j6omY9zxz;k=9b*MQwxD#t&g}
z$A7TV9L;Q~Tw?3NTN7hsdnM?WcEW}Jn-Hv-u$uNe+vo{RgzL3>QV^C)*|sAPJqJYx
zRzT4^69BCRRJ1nt7^k}dLP8V_iDg?nq0)d>f>vcZIOoyi_U$CNqda5V{6@`(Fh5!;
z#6E`kC9szPI9};1ZwEXIl2+*PO_O$D*7^1bnk6e^<xfES+G|A9%Gf};CG7<KD|l%o
zsiwI2F2IM8l+@8JPa=GnsIv<IoWIVq3l6}_b^zsbS-|Eq*7e5URj10?kI;4eC#di$
zRoQ;1Xb6=90Z&s-^G^X=0aMBi?}7pKVOc<r0Ii?Q0=Im|w+xPM9K;U!jp$ZDk2jH*
zD{i1mp+9s&Nt6yl#dZiS1hxAG#COwUuVGyWvDu}hBYtzn(j5q{Ef>l!&4%1H@NFs#
zzU99IiUyyiNyjkbmIYzd8U%AYZS^wCim05Fb?B$<amNYN*~u)|6WR{Y`2<?o7V4#o
z*xP;$;i$XFoMt}r+u~EGJ27VRM)`~h7<vVXFQwC-5cVbVP`G_Y{+XSDTAxwa4Y_*l
z;M?h92$KWE*-9DyC5QnS*|GvoC`vna4v39tWCyTI_b88#fn0VL*(nC_0d2OiC=|@B
zCViEI4H;{jK(zimJ8J--hyBUh8}O*K&nz*r89@W#`(-b(FLob+`{Dc~pV+0FspDDp
zt$A>$4;(5bmy@oNx8|DS<-jS8fxB6W5PYw%7!VERYalOz2h`2elp4~vfXe}ngS$ED
zk|%Gc&q#~`u;3=vsCzzR$L|1AFNY(fB8>~mCdfBEA*^NcaVU|L_VO(#83ZMi4Ni>K
z{5v79SzN0H7cA9rr1%H4e;_$IOa8$V!bBrgPX&!{L%UvQpwY{)gDPN+*&V;}$x<*r
zk>$Id5HgrQfC)uW*gcr|7iuQCZK0MjyASX+1g~|WzK{4({s{=FPO_Qbu&HS20qJL8
zu0cZ&Xy~p?We)(4he*O3*y0QMFMi{*JkYwxaq>gZd`6e~@c-d$w7Z7S>=|*6BDe?<
z%qfCtcqeEBo1ksKtwj=T0MrFLvi$NdpmO(CVs!&7GZtX24*{|-01kiVHSB$1<ZES?
z{0EG5L|?2PPi-HIw)d=p7Ge7k>aC3D`5+Gm{0CH@&g9wWzk;f}Kau8LP<4&Q_ifP9
z=1755pRtfOna2{O=UAp5v>>i7;ChJ@rWCz}>~}^x=3;_B3jKchn*36<vBnXAPI)%}
zTY%;2L*qN;F!uYPKgR&DG)Ie{w}Y{2Fu;4u|N4zycOcYHNtIti=n7&w0&qJ;Vs8L@
zyoQQ7%G~l8_IvdNbrpH}CDdqG)A<5G#g`*+KVh=vIL;J!$1~Ft>IV}z3YfK*O0m!5
zq5!pr);-Ez&T40O>H?UyBAu0<G6$?7=vnq;DLP4xeV(`rVI0;Et+X|QnUN-#+dx$X
zKZ05XCofk0T@d+Hc=X+7fPZ!uNwI@PLRD=bzCT7GS`7NlM-WCV&5@B(po!0Tcm`JQ
zU_LGc)^r?4x@SXHQhG|!K%{^<&K+4WttpG_UxcM$vVU#6<KpQo;}=}tJTLrrbk5`*
zCvTc@u_?!YKaMljiaeI1*ty4FQ}Q_9cv5!7RxY2;W@*m%LQ#Q8PoKp(ERUs_>@N;-
zps#Lmty_XE535G7C*@eK<-bpI3KM3H<Vk!}$(yJ=Sl5T(RZMWS%(Vq?xQiHkqL%oE
z&U2DMZOaPF-_vdRnsW{KC7k$Rp_y)}s5wniFo6(0!!lWO?jU$w7>+opIor|ok^G)S
zr%+GI6Wx)cIja#*$*|h2Tub@YFcUFY7EXMoTdHf$1>oR|NK3LSFP*Jl_mfbwn9*U>
zlQK!SVX`-(+H2IZp1S2*%{jzf2zz39UKh(*Rn0k=jO-38U8dXM>NCRhl+pGY$e+cU
z^Fu;phNHPB*H-@o{ICoP`_)0WU~w>%(l8OPMWr+N-5DmN?LZ_uzeGnh&j-KcA}>8D
zH*+21s!+HvcoN@q!e%8<k*1<@vcIhJA-K0UCaRYOrg~Dg<vJGPL}N11=)mh-%j0JR
zRt)=cJlAsIH-h(v-S4eiuBmPnA+X3r<unn3OS(nToHeKgv%?;*%C+3A4k@Vwd4M#x
z7@D&ZMdfo5rlefkjUPehoCofEQhd5)hUQFz0$wL<ro3*EG^Y;|tQz82ALICp>Ml(t
z?h}X4i1({*(Rnk;(PY;r>1>7SZb}@Z$qAn!*VLRVNJE^k`Kj*B)SL^60rMZl>4a`+
zi@36mf_?y53Mfv4Jq-WI*P62`n57%xpgzmBmGvMaqp1ZrcFp}B0P8J8|H!r78b(1X
zMT+CKO6lwy%{dg(^4l)mtJ^MV&hcctblBhD)7e)Tpk>O3)i=>?Nt!bR1};$plU)td
z8BPW!UlMMw>wxC`oyaT<$Mw{lS)^|m3$*d149#_|{0c5uZin@4%(d*@NghrU9=@wv
zW@^sKlr$8LWY>mthP{Vbsxd<cb?_QRH)+lXr2cCxms+xGQaY=pIrox*^svU~x+_C<
z7a`0MIWXRn(nYuQR^9ywu{6xGFV`~fZ#WToJ`B&xwKV^j;__iQ;Ae6zwf`k}I9A>|
zKCulnGQSWWZq2ndsZAsP7vbOJboMFcEVul<)LA6i^<3M)e;~^nV@C6&tjM)&uS}}W
zhgG-IEjG>B70yIq>q;%$lFoia3q4}az>XYCCVHNN=Sdlx>*!e((sGAzsw91?x@$vL
z4yTT3U$m4=wSk-EeMYIXnzI9_{1yePnb(Z%l}qFW;Z`ol_0Bp&u4tI38?P$kd<R3U
z@JEFCIXoQx)oo>9z4T!)G;D>f{DQBkr6WYcb=~$<b3TRsh{Iv;hU=CqV6Q)(z+_iW
zIy<O2yO0AnI7F~+e*toa$YSi_Dr?S7G_+!by6w5H#P6UzA|OC?!AHZ%l}_X=PGTK2
z=Lo2hum#Pl?K9FaPtKu1vKj2j&X;g~%YWdP^1^9)C7pc;W5xE+T$P7`{I}|kB>B<d
zxPPjrs-Tx07H;XMx}_loQ6i=|gn8<5OOnVcsc$&WJ*;mh!$TBFJN6N@I;UI<>zbuI
z{F-wRHFSeW>dm?ZE4x|tE*Wo$?J^cqL&j7A-8XV=b#=5e`XNA{!D-EpF9<7|pxeM{
z*4;s%&n&n8Q)*E+>>bMZj1C($=M=O!vJD1$Jp?me3=HHsEk#4H7VcEtN_dW!=$z|G
zIi-7#XwF|LOk(sKRj-Ff3%i0XK*z4|tf%U(1IO8z@aUAPyq(hDU^q36*W%L|T`BcH
zf~Ys~CBC~Gz>s8WRxM0zw>9Tjis?fVj@M?P4>ac@QrC%EknH*}oqZ08qCbYg57L<g
za5#ope)=5bQ~5S%V3CI5AgfuLa|VRvZ(w_{C*=pd_aB<`5UE=bPOzVJ%e#Vy+LQPu
z2p5)X&J)D(F=SfAYf?IG=gkSYK%ii+&>aoJV;>jv!lU0XK2>)nE)Uq}d}&!%D4k)H
zi234FxD_?i*=W@**0tAA+BeyCE1fpXrhiD-&z!vgB9Bp%;x%_VgOhjRf>h>hrqbD@
zRT)y|GkVe*YpVihaWfmO^hR@wij*9N{;I1vFH?IjlVH47GM$CMJ^dOIBVMbT&S<oZ
z^@?0Ds&)i0U_QDb$!9e9TXWt+ugW6%U9ZyFM-WVngPC(kjMu8$3%z_KIyobo3_&($
zJ@!|%Rst#j<i91t;e3K|Qw%9+6cTMSyVUp$xyi8Lz<CY3MWYJR41dSwKx$b(7P#t3
zIjet;v#z<oMTxf>25}HE%dDoM@g4Lx2Q;*7*zGz0s_vffrBD_4(&>Hd8Onh=c?nxs
z0M1<1-IyHB4oA+1%Lk)ntZ4q;bT&eD)8>nRMXq{M&ghv3F|!Vr_ws$n?s%<#I-3E3
z3N6s=o7j=QFOtQO0)TNWU^cS!V_5jtT-W_86#VO9zlL2_-IS<O2WrC)*r(r|PE*_W
zFz!jYt2?GZIALnI6PsYcGujOjaVW7B1nXW(V7!vahn_>JydNX9X|fA*4i@`uP#d9w
zp(!q!_+icY6%g38h(_GjQ*n`FIzK~4wvX59r?Z{_?N6X!piqzxuzEf0qu1?2c4M>{
z)4HNPCD5LL>aKuJS2~d+rq=Z`Oj|q@^&eqqHCRVh11Z_{PdZD1npS!^U;EL5sUE~R
zwXM(eIcku{Dm6P97Le-Ski&f_F3GNw=?r(KMn<BD!y~;n<_8UQzD#tHIV0gDiJu8;
zUbY#Ui%dgX*Wjs18Tth_=Ug5leU1L{8T&ee`femm7JtFPzN$L~n(%Vr$)B?j?a2hW
zd{1O$gA;&C!feNnh1tJzGrM1e8RZ_C@ua-eEsIrm8A|xthy`YIDGss=ma@Pj5yLYY
zt`*><n8cD@=h9g+=neYG+1@E&-Vb0RCKbwKhXz1;!s*nO6%U)ow?O4}a8<`)C~_OW
zUDowOI^EZqb??BpGRxumF!lCd&>wl41y=fu>O)nx6Cmq|=>azt=j*EOc!CR|+tN2c
zRRDT@51{u`H0%SYioyjJ4QkAXf2r<lFiY1dE)Su6fad&-q-!FKvn&vx`x<#Z_3Ji3
zbUoJUAL_0YKn&0)7sJEF_Cj?hLsA|^aI*6S#`2{#h+A9)va71kD8C5Y=f0(_Y;kmT
zFV$@!%NXj3Z|D}l33A_mN%do#!iGPho`oe5rh1z56)~?RKX50(i>mGja`SJvId(Cm
zktgO1JOkwA;O@Mv>YfcMzX$51Z@@kr)YQl1SiGlAI&<ERLih2)h{?~Ol5A3|a1!m<
zAI@tYO?hqDXx3x-<VL(!BAwj_n2}6gsAXKgq%)uDc93KB&^eXcBkSgA7`TO>Kr_~5
z{>txs=(+Tumia&@83somscsk-t5n_rpLx(R69Q5t2*e>Or&RY9a&0KA$7`wSY?112
zKn*P_2ESSNqiV$7P>>s^vjeJoG4azGCSGfiPM3*>ZJ_Y|+tzS)_s7((cx_2K!`p{h
z6SHvQo6oQ@ucEpeL9vY87&Uar5Y_!J8A96Rm5J9nrL$7t?|71D+a@82a8qHfcu9SQ
z`!CiVR(OiA;=(PUS@SnUdiR%T@f%RaG$4xUDc_o6@vi^^k)NYOSp~%DhaJ#&t)x2^
z<}AgKr8ka4C5@2<J25Rh^O;STYy-0tjl|jSGo!Y3r6aoBnptto_L*w0g`}zzi;Z#Q
zAZ8e=X5vL28}qs~^w98fZ^o#ePq+HC`W@d78*6dXT7t57OEn&AzZtKsPG=VY7B9nM
z?Y-i)Qt9k{)$M{yg&In+F%h`lmAisIACD8b3!g+YaLQdd`+h$hqb-l&P?R#5$HSp-
zVdgTZ)t(`8L*uoM>8u~X^cnEJqR%M06F|gPw7V;=Wu@-{t+@thc>~Ci2gN49+1d0K
zPm9seC^);9o}GWB!4sJcZ*lc7s$O`YMk_oa#(EclHo>emf}*>1aPF|G?)}(oaULnV
zYZvDl249rwrn3`!B_-H3pP|M=AO>SG|6w#1nBKHCk3i?=Rq`2MQqZ!$$F!f~GfMo1
zb*-#2mX$%{oNyT@2=m9WAohvZDuyTX<~tC4dM4wOK%5o?wC6XxaLItw4-ki1J~L4L
zJ!(LCgdx*swy#lwI_*3hzJZ%B3GWW(;8yUa*?P1bw~C>A{Cl~4Z98}Oh4Y1Ofm>P(
z_lEk60hD6LZ%eWE<v#P9lIua@HYi&AIXbBwXoV_?+v*ZuhsVAB17zc%WN#=s&fSYb
z5XG}UpAVz7Z<3y)C75ojuK|!)NREA0%x9#W2C%md9N!+V)e<YYIrJ)0s&iQ^<z#+Q
z8v5l}Mfmy((6O^}to^@uZD~5At@TK}BIaMgHCf~^)!l;9dK;Ww<ufz(4TZCXqd`85
z{jD6Yy3e?Ih?lC=#m7CN*Rg4RP%#w4j`6>=P%ysq@%3>bKQDNAk(YedC4qJIv}_uP
zv-6k~rdi*3oXz({wX<8(ss$_omS(a7?jh_e-LeJPm2a`Q_OiZ-t$RwhY}Bmp<Q30}
z@K{?AEr+L=63%hfH%Zo%Y&V0<j<+&BrGO*JdNgSHRI}oO!Q``Lq55y#F#v3r12z~e
z;BMADAuVNL+o0{DX03-^E9b05Y+6UndNXKoXjUA*4EB|9by=?CT}O_eqF;u4io8MV
zc~#9yJ3%&I4tPDz-MZ})&ANjSQn(>$x+PMzV=<$$6!LOa&^r_6zYb);yb-xdO?&Ba
zp3!X+fgJYMbv$7ZYo(x#c9MnuBUN!}^@5f>%}Oi0Je0+f*fQO*9%6k14vL+$SBkCp
z63^1nH&3C5q8Ni1&OdJ!UVw~rg+PyUvhG-|Syz#ZCm0&hf(Ec=#rfD^>B5=Wx^1pz
zeU~`;O5hlXX136*;yC|axK&BIttJc~5{)n;&xBRK)-Cax^#cg<vOHk%ICFGMjAlJS
zns}IHp>CO2+?u8cj}2*%Fo@m9RLzPt0&nfq(H`eT-Lh7*{z!t@%n+unZo!$|C{a;J
zG{l)6_ICta)Nr|1I00@3r=r_DXo-}9SjVNE30h8QR;=I#j!l$6M|DSA%{rG5zX(OY
z=@z<_E&ecU_n>aM4802jUdj!{#)ml4t_NMMReKz1{ZT9OX1~`c*-Eq0J1z5syJ3*-
z=%HCFl2)roln1yldYd^9gqh37E%qX5<Ahp6SqLVdA)y=2LWU<0XnOZIM5h(UJ+k#p
zfa#7*)$Swe0HJXL;)dN*iJj6rj<hH1nrPPE6s|EWmNjvvDM8C)(S<1NA$gyXunyyd
zT$~dQO{*Y|NY>8@lSw_1Wc?>-DW}@IlhgHtiQRf?Z4n!kJB53>Q?8{+8m$U^ggl{E
zd|DvrID}xi5~M(u&n&s{S1g76eKat(uC6;~Yu1U-FMksj9;I8JfSDFU>c6GBr2#sA
zeqbu~m~Brua;<YMWnZD$vL~GJje@C)X1xQa<bA@a^}204I>daN;Ui__eO%h8ppA5=
zMo@Z=^BT$7svWP@ru1Fd*zdZ7W`gl=v#hgF^_Onhs@gHa4L(71%30mgQ?-l9v`RQ?
z6|0M=8SDudlC1rMspVlN?kq(N*S%VihVRoR;YT4pQ+EYL)*4a>2IA881s&bOoyJZG
zj?TIbd5Dv%!78d1UpB{L(iSl&7HEPP7*X9J<ul6BLC+m8i2=PucYF;C)+FIEZkd~*
z8Na=4Ja%m4#=Q-hC7vQ?F;O(>Cs`K<Ge$y1)l=cPKh_;r#ppF6iwG^}bjz!^U5}Fj
z^+iy(1O&!l7<cd?@)H<M`d9p23}*@>Qbz;g(*6miF4C+6DY7@hS#vySajSN^Eo5Qs
z&vowr)n1$sv5@f@>0>qPMgp@$43_FPAG}LAz++j0$2lxK-df{4n%}AiZh5wA*5joA
zC^at0nj1|08|;-?I374A76I4>d*;0A9_JL@vQV|#i67U=<aw&0S<!<AI}GQOtcQax
zoLdaXW(?HJI5t-W5H}B`IJ-M&qeZ{gP#J4flJ#}a^1fyr4^^_kMeJ|ssk*=z408m+
zG*7p5Q0-vB(~JmBQ`+tKFv6B&O9QAhlYlsTe9*gJvwjIyX|!neXx&v2U3WHcpVGbL
z3n_3v$@)joR!FmM0~a3!2PYyQaNaii)ejGbsk$RgwU;FFJ)z{7ZW*iE>2S|lhQt3=
z(1r1VJ3W(~Mo1dRrF|E)OofgTgR!l^fh6?`fL;}8V#mvW1eRFzl_}vt2GI&hadzC#
zn+(@M`Ge`m@l>-uqx&r0l6_XIRNDTaH%7JN^~GQ{L<lD7nJ1wzY8S)Gg8CJyFD|nU
z?->z}!i80P6Ke8J;q7MKu?)OTbvTypabhZ6is%pe4ZKO#ox#+c;?~MLP$R5aC!`tn
z0wME(Zj&$~HdZqkZh|Q2lSOV`g_lZ6%2wP<UV~QlA0<Sby>rk-o1^aakWTA;M)&8M
z^&@g2MW{QVyNZ&#vq2r6WW6xOvE7T25<MiWJ72f`4wniY6Yk6T=%D|q8J5q5>_XkP
zNwt@SGNq(I?9?qB%6d8w*>N5x7O8(!yA6)<=Ggvu;?j-=Qzxr-O#3FDa^Y%h-IKb=
zv9i9fJuCyb-!Vrtq0Pd5yc>R@+VM1HNGpW{Y6Cd%3=ZT1jI$Td@fI(V=C6j`80^Q{
z(}I=_kgh&Sj^&Y!u+gFodFMrPU~rQ4SkU$>ARdW^`h13^IhqxVF^zDQq)VC3t<l2`
zFF<G~AUBTDMc(YiK5servTljyZPBx6_w1^U=1obm{yHV~-~z--#a`W5o{3FCG<fAb
zLTA}ms=Y28w_;U6XRZo5wt(2~CLoXViSBKuS$9%kMnG3zpHXZA6wmty(^KU*dy^@S
z#~~<=h?Z35)U0cR7UbAL3d1Pj$a>usjU1R+&9qOaxW%RY9kkJXTAM@Rkrp#UvwjTq
z(l6mf;(pL3zn##$a`p+l#78H=o!K8@Onrhz(gad!2dua88Lr-%^(EQrfeH92GM*N&
ze$~R66)_e-&#E+7@<GBRXm-Gvlw5cd%y^*MQB`ip<wXdJV~ZSW!-~BlKf%>YOr30$
zvC|%Re{m{<|6d(D70$=uAL$ZyrlM{hrR=D$mx0s7i}*)4fP^K}?)3>*t*_;IP#J~e
zQOVnMC{(;MJ&yMQqS<MIsLB2Wf~qU$t`vwn>?shaI$(Et3PcI^42WkyOl~C*L-}(c
zP(;DxG6K<GegVWwAYOJCi1N~3K%fGZ^)4+CojARjqa=t8#*04uaLM#)z62q~tb*#V
zzU&{s3=C_i4uLDbNw0ti0`Vydlprxf`WFbQ>+s{r35YThy`e7v!ck8krc3mQj<QOY
z`K~}TlKun20Ad}EZxHFjLqNEJc-BH7X2=E*D6(h2hl?FHG82f-K-|J57OMJxWd%Uk
z>zEs#^gyaH3(IbE0cYCX4x!+nL{I8CA@Xk51Y!Y`fIz7>Z;d?+Y&Ml;AW*Hqj^mI9
zL=IDcKn*kd`+Y*lU&#?bU}JXmKg6P_a)pQA)^V)?*rG(r7SQn?&EA~{7o?Uv`+j#o
ziI^~<uL7s{^$`eV2G|`+FHX<vwZKpVH7*Ec4_+9EBp_T=@XD0-65R}-;D>prK9=!=
zyh!bGW=u4SFF;OaMM1WCO>6oVfjA@EfcOV<^q~m?QG(lnsD#AE>=24oUa%Ozs3PIJ
zE`Wh6KeJdM*1*D&JRxzPsX$PH%Ha|8Dtu6i^P3S}*9zj_tQd&hAfA&f5I-}zDHsXv
zbEx)#OWR}z5D7q>z#|wCF|0Tc>wtKWDG*m!2_Pa-lC~XVE%6JU?HCS)l~L~sf4r<D
zs6IHn7Y^H%AGs57CKxhusD`D2oai@;9bO_-m6uC_h*}@1SORtVW0w7>I^GTE6M$1h
zzSb9)#}A4N=7+pAn9D&^pH2cXO7;MO0(8Fkh(OGjG$2~zwA6?c++*42QOd{C+6n3s
zPWJ{>7_Ckfh<ug|1ii0R`I-24z+gJnaMVM+jzwlZP;uqWD&fWtE!!uT1)>2EYf!p?
z$c$#?fXD&D(U;_Z$C{bpGi!P9&I$4imI88nL;}fGP^FMu-V?%dZSf#3naVP$0;tX5
z{H}FimvCp33dGmY)|l#Nm=9MFzQF+d3?PsyEmM4E(IL}>@?ml%aCe1x8I%&h+IG1z
z5Qo5@iI>j;mdLB%3l}T)<skmR(n0(g+y{3FL}y+Vh*N0mBJ`np8Vil~0#Gh|b1B1E
zHBfOE$MDz}%1~NM)d9bO?)P^?TvjTw8bAyLqR@SE?jhtG(`O;EB?-jkO@75)5Pu5g
zE*-?Gm<MfL{{xX9K)Wi^P5ccID`kM_p?q9|TC@UwQLgJZE9|`~oE*#Q!Adm{7p4<}
z8&Z7?o~FJ{WMr_EeRTrvHJ9M|6HTnm8iKhCQfUtA8G!hQH39;4HT*7$B??$o*4S^l
zGO>>h;aJ}UG@mKo!QBsd*Yc)-S3|f*c;d}q&48!?^*aWWv4wKrzRxW6Q*XgugSP;c
zc2adm3dCgA5{QFnaTe6qS2jqk02f7OeRm8DTpla82Eu2=)C0X6f5F?JA#J}(A)?}9
zZ9%*U?z82Dx^cW65aXeab{=J@Ag>IbrImTh1^*|k1IT`i6WSNi<9vQwnqtn+rgj#R
zJ9$D>3bhcjL-CxKpS1$A!;6Jwr7Xzig8SfH62_HSej2Vl8Lmgo_ARmACi_hOK}XPd
z7V^2F&+He>AWj<+u)WVHg#AWn2+B8mK+mV}`Q~3j@wdDu5ZK{ZDBH_+;=TNac;YXr
zEM~nynu(rB+YU_<u5j{4U%|HK8EjVj12*gW40=358R%!MA9yk9rOXb{D=9;z{y^Z}
zN_r0N?5FT|cp0ejR3sPif}daR5|ZgAq*0|J4+8UikoP<!@@h)GwrK2eOoiy@7Sa&V
z6*RXcoXnQl&>U<h*b@ksRL)7mKs<|BEow<_HbL|85|kK;2c!ZviKAS+D^0>S<%X0E
zPF%prw0~>e237_PgPy{Ix>i(nPh97fBUxK^yVg_}Dy+27tf)iSOY}L70uRO(vb4}F
zWr9p4-w!=SCb21&yKBl}g|cDu@vz%&OCTzZAbC6(JVmnEdP@^6)F)(<?_v}3^{yHq
zdN>t>d#s)C+PiLW$TFhnR~&ehEKdafFhV%$LAj7LrPx5ZCfKD(z;4E+;Q}p`8nSWv
zdeBohBgc;Ww?a9EeW7`Bf;?Gh?5aB&X`u!o3vTE_^WWakVbmOwa%yFl3H1r44%0%_
z#S{8mMz!RDA-Zk&y6uEf)^n;Rrw=j)zskWu1*V&Y-`TBwa&5PhL`PU;swhY45^pt0
zAbydi1A*#6OD10Zp=KJJ0mK9J-5)_h@NeXqwUR^cOvzZ%pZeohX_hCn7zzqE7yOmw
z+2G%X-W!}K_^Y!y;9n7R)Lgd`URW?g&IQNE5cv`JzZjGyr1yaESS#vHR-@+>xiq6<
zbC31CT+6`G#G<T|<^yvJC02cZ7g}rc1<=|p=pCYkaA+t{im`>>(6XRqoffJh+FzSd
z>G=l;{|?mX7fAK_BEK1R|0p@#SX!Kug&{J`A9CcZuN6||v!eXmV_l|a;GBTZU=H%7
z5I=+5s;!0aq=-V&tD*+|3k-o(T4<^;(wHp=7p4rpq#FEE_%*fye$5PKR@Xu}{@|-E
zybfsA)f=9cDKA>GoPP)joL{7>TBswGaCxY-5-5*#zMgRkwz+&#S_MQ>sOA*cH%}lX
zDO(s-r{mEwauJH7&@HPNRj2E4ubLLB2{kgxuGa#!489C7&`91(TIV;NFM3gfx5(@L
zMyX6Kgi9r;JH$7DbroXsav^yoAD1=);jvE8GY3u#GT~N;ZxXmcy5+bQLU|rCr~>~;
z;9BdJSz2f_;gmu0X5g^QSZ;?~#N@)#7QwbixAj2+3(+0&R)JfNVS-kc;%lXC2-U(V
zgIhI*i;>slkNsxk(-1X}zh>J(n-#SE1lD+b@wx+G=P8!;-wSt(Gb&>DSQqQwE?_9H
zR25b1N4;iYQCZ06$=OZ5$Id8L3*mf^q`Sj*Ljo@ls2B_N7Jf&{dw}`|s4iM)i$IO%
zdx64xjXXdL)e)#kj9%~0gUh9baC<;2`hIWd(<zzfE5nxv<x`2O+b1FHcUB4C$Fl<>
z1#Bm@P$%e+loaV8SgvAvEKbdlf8vJ#d#vMfv;0^S!Es6Y3>aL#ahwIsQnfLi)|vsE
zcRd&CxT8_hA7Gz@;WjQg>S>|wl<>!-Bc4!sNZ=6)MY%iJ7eZ%?T<?*+(5Wc->?kmM
z;F$gq<-kaW^7lfx0SY<fCem@ieLmMQyA;jP2WkD^h^)lLXsD{<VY#4h!l<8rhjM8v
zJAtnaVlY{|Qu#@5=y-7C7A=HJ>`;`vf}Ik&Cgys(;%&1)N@AyTP%It&q8T*Pr+oPp
zA7H*i5*-rZ=qjCsz!)g6`v*Mb%3O&m;r9WtaSVCtk<a;!M$NSl?$HsPTy`F0Y*my3
zEwrAxV3~ZuZ#sS+N6W(zc-{mjRhjNfYGJdQSJh+vKDWsqe+%84WqRGegK6-uWu*Hm
zzvK;FpVB*f2FOevCS3;EW4)Z~ICYRP%1d?ym>5{gMsvM?@T)n4(Gv%tJwd0t3T$iV
zg3>mLU-KLFYHA@AOyE<OSVraW9_tUe-e2kbrpTYO?*!&luBA8aEtyh+Uk3({naT--
zS(UF#Hw4Et-L_K;?S&p$R`^YU+kpGxvedx-SZZ6|Lf0II3+39Qf$pTxh+yxF044g6
ztvn8ZJaq~zNOCd$gOHx6yY_3LF_?jrAv~}VJD&H!-gbx-nCr3T=Gy+nqjE^%snT8K
z>g*}rDXqytxxJ{B_gGPB`MXNJ*ABalraq&`J@{K&4)C9Z_Pe?b-A~hbgmOj{%SULT
zK+qMVg?@%fwt!_jObkD~{S_4bTK>fw%9~<~UkruH0&Fv~eMZyUP#7<N%6=6JgSvN@
z7SbUrZ$XT!C&4GjcVCMpz2c7q&&6EZ{`%ylvYGu33~FW~z9j=^*<()#Plky{wa{)6
z!{-v+EBK5e!?n=gxOQNjw9sphRnK)r#ls1?3td}!tlM<UdfauWa|QKt-IAt-#QiD0
z>A<yS=)jcBQhTTi79!|)1uc3UF-*nrgov}I*p@B;k#~|&$Nh)bj5^pJ*LiF$l=;jQ
z%P*j@rC~*(paUBnb1?3@jMtc#q!)nV=aM3y*?CZP$Vp!bC-&qvnf?JuUM5Mrie5ZR
z5bEFZ2IG^|0-V8dO+hb%9_wn|fo?Gyr->tpQL{3D%9F4QeTU;I`vU}cl9I{7=YM*R
z8d&&wna~_JHv$8NkB;COXj8D+Bum|DT_W8Zg;R!_2xV$HTwlFLO@fTT{7#+onrhZj
zhQR1bsXBO#*Vs=M>GuYrGCuksx321KN`cx7CC2#+sbXXgV(dMs8L#7^X$D9Y_KL<C
z(fvuwB?Nb5Qs}~zjZa>XKX}wPUT+6$4Yc50rH(l4OMqX3JH7>pdaPgPX573&Vf%oZ
zVtj!7y9EcM;}EE7D7VD^-;8a=py@KUBIi#*u_XM%ogUq9wM>RwQfSkZ%(9P>Q(WmF
z(E)!0mc+Y1P#o~qonN;E7PSuG9$r~kS(*#2?|(_nObVS2x^Q`67NYM2hOLBqXmqHH
z@`pItKSGEk2qwo1!4j45cNDpr6e^hF+U<sg$VxPH=@Ta^RSO=1<EuT^&vVCTVxMdB
z-@+mKXc>t0CsRo7fc2c`$R>BRIUp5AH~j}AsUR0_BxO6!VfNhm1tjIU)JKOws}7^i
z35ffL0KNfZalFwRufGDcQAIgLAv10xtWHk~-3YeP!Mv<Hn6aJaROHnk^)AM1ocdxa
zjzyp&#=?7#^-*rthIc4FFBoNwQFs8g@-*ZYBLtWi&35mTvmd|+EoF-?WA^fmhI1u8
zC+B+d0KQY)Mb_l}a8RiUOYm6|sT<S-K+I^;a2Hedgch(Y-vM77lY_l~&_dVYwY3T&
zS1u2eUR8R!;oHNZszYx-gEqll{VzdF-$t}ql+Kvm^}%bxV_U}COJ4OjRzB#(-L6p+
zt2)thZDYrSUmAdbEKdrBg0?{_j&-;vb&xaI2P$)*z7Z;_jo0{mHn#mg#GWsq!pbb#
z<uCx&6sBk9BZICFBJd_uRlp;{6v#DML4M%EE8`=Txu7;;H;o<KP$~0Wq^Nb+&kMP>
z1_2UA&9m_u`x#}$0RsOdZhY`VAGsRcL{gbW4}T02$J01PPECLr<vZBy=rfytJQ;!G
zbwt~4<)+T6K}zm$`eM(U3C7h=sdIZ_2JHofV-JW3Ck5x$^@pywx!H6E#^i3F**3lc
zbwDDzcfZ#xG;1KKLG>&dtP&4B>ru#Uync?9`5aIpCU@iY0PNBmtp}$RO<pG;6L6?C
z2BblY3V<FJ)GLV9uEKzZYN3A+k664|kk&CrL5+EZNo?Y1Xk7)!jqm1+*JH8wy)_hC
zBk<u@-UXjAk&3d`ZV!vKI0K*omJZ|f6GRDDUgj}$2jxxc;P^@^Yl>AMvOhe)`+G!n
z6(#>zrYzy4v;7J7jh1k;uC4=+hzBw9W<72xj8ED?3>9|~v;Coam_5}(h!zUJLSVdf
z90PG$Ll7}!jKOX}NuitYGG&EwGwIb|aN1fADVu_u1gRBhGcdS~*VxUoz#;0VMlkR`
zYD21mRt{e~QAWPdU*UPhjQR-%22hdBG(cOkDZm*B8%?9V<HKI|&x7qMXQ5;+()27S
z=lT&}Hd68De_<dJn-oN1bZ})85eYK}<qP?Hr(%?p{E{5_3bOs6^&Vtbeg;}yTtX=a
z0VP}vhb4JFY&8D`e6P?gg#c8f8GR%MeIKx`qXi1JOutV6px0xu&)Ubam|*5FDoezQ
zY>^YCQJ7wRW}CrS!cB_=4wuiUVF!DAETH){X2W1v%%Ew?O8zcbt0Fq|QxW*w52@1h
z9e776X72{?lF|UZQdw!S0f~{vf!_-hU30bQ$VI`<jA#Jg{~*OaE9Wym{Ep^yWuDl3
zn57=40%8Utd%=nZ;DRR9PtM?z$wQ-u1A_4tS?u!`KjCX+nvinFV>o>1Guq=hG!!e(
z<5L9ZSSvukvYt%^SRP|FuQQgC2wX=`0|HBexX_5=#rX8v<%|b2RhEOSEBp*zeC;!W
zub_F>5@?<l$FhPOmjGlFLF?x;8m2>YhWw#4TNtXi4<D~7HRXUKjy0d+__Gq+kHjVb
zUwIm%{{gF&_mkhN9nVtnCJJzX;*jS-@^^e8`zhc$%6xe~;H4PDCC@`xE{FIp@EP{M
zuzy-pLSC3-Lxx4cgWLEvB0psapwCoB#qxy@!b8-z^*N`qQ8Z|d!tM~CQE?x*TeQOG
zcPow{h7mB+TUjYDg_)t4x&52T#~bLnJ&O>CpFu96RF{{7yc5bPwX}zF_UFi0PCYfD
z1<YVym@WfYy%j@z9132MK7C=+(whgS;?q(Z<O#i?v)*2qkmityTj=5Dn1Y||2gEV}
zP4}5Ml?enLhN}nS*v{Ze1Cog$5QA~7RnXGXp3D;D0rGmd<1?qe=LEMzrG@V!Cy%N4
z6az+gA=7^T2*a`*qVMUAY}wWvO{wgTG}<>*+wR8=5vsLmtUmP=WI7mj6f^mGF71wu
z-ES$_#N?M17*p78Mm1VVsL}HNEuQ#J?TM<aS<B}|;Z~<@eR`~=mpPAfux>$l3JPva
z+#LdwY-{Pjw|>?P+Q6cg0*GD?)>WlfXM+_3A}39E;1O{ViC~f>B|A_VqFEmh2VTd4
zSea}2X-H0GLY%~tUi{Vl4i-Q(B1M@|vhB8m9oMY0K<B2gvD(2<yYLC=yeH*kd7NEz
zR}~0IOUTVQdqAQeoZ6~c=|eOgLvOVn=cHWQT@<&N5u(5-*%ojxyyntJO#H(zN2+e?
z2rbblv?qZ-P(QNp2+>7pSFF3PZn>{n+mhM!;dtEBEqLz6n>e=7VGK&5j;MAEVH(R+
z67>!~1DyB)t}DbRi=-EyJZ|>E5eq5@$=eyhHow3ueuP7qEk~b!S<65`niO`VK0f->
ztT-s)hltRApBcBbE97N#IXwVJpspba?D%RQaI!UrJ6P?SVBm3KjU#kdbIm%BSc->R
zif`(!Y1W72)YCAgk8VLd&j`ZYVfduWSzWhyG;1m$I*^~p?J<~AW3ok;eWKgeXjYml
zctfIkoD+3RifTtEne_cOWx~4-CaHESVeq70<jqMGQrR@?bZW<LYKP%Kb1o5Gl(L{D
zZB;uC&n9aSZum6aiyFNkVKC#9m7BU{hi1(p6<(1F2Vg|AenBk5!p+}@=KtOXOGZ%z
z$+QK7V^O$-gjWoET3dIW)~riNWOG<6-tGHn)_lS|WP$t1wpI>tC0?X(*pExP?FY?D
zQw_(7f!cP|fp1i-^GV`udL2G)OQP~FlkQ4U8{i&;FP_3Vx+<*YAKh|SvwlV__{4zP
zFE1Cx7vg&(>zlG6)MwGgi<J)tJpL!uF5H|X2V5TK^IX^2SLjyjS7Ci4b;}&hiknni
zmQ#G?GPW8HhF%l_`xO&QHIH+wZX2oEPmorP#IPyA^o!E;u#=zZwjVWXN77N6bnNyT
zF+Yoj8LYPGqm+)Sy)}t<B|2`WI934^fr1!k|G{IFtp>2xV}Ks#F5P=VwUb9uQA)j7
zHx8@~RC_h*uTg?!k#3<oi<FhpA9hI{;b4j3q~Rl3;DpDCFW``MJIG!XO5F;1oPQm+
z#MuXsf)YZ(Bc1Aa=+*!a@34_<o9bZ2RQpWAj3cY@Y8MB~SMALSQ!U)+;`y3&DZvjA
zmU_vy!48HZ3=}#U><g&%8NLgMifgYF$Vj%0!}J2E`h3!+B|c?SMrw-?`1nRrEbH!Z
zKGZW&5JM#^@};l~ogHkOYNuLoHku5^+3yA&PgJ{?FbFIxn3d;tqd|L)lqOr3BTJJv
zB1_q5(X1TZo21%rfM3GCmzs6K!9GD~n@te(?z#;{B)H8&4M@2A=j-&_JEn#YNAlVw
zTaQEGH`k$1!5oFYn5^4Yi`pYodd%q?ix{_N#WohdgeK@)DPO6|f>jIqms)BnE}!II
zxZ<#X9qfGxwrg|+D}IRKChSl>GR3yNgQ5Pb9TdqvP?K#RIM^i3ibIdV{!{HQlWh|n
z>}!#P2J0bAjnXrUK%0a~9NN?(n)MKNMO<zx(-XMQEWf!eB4d%o-aonxSbJ0Md7LwJ
z*BG&un9{lM*hTNRhBFnqq7J5TvULv{Z9PX}eOv5$P`3>Yk4p)wO<q5b^K`Byl5QmU
zVN^S#gm$cMsRa!+mW87@Mz?I!tR}@hl1#+ej|8V)0mDF?;K<!3s9(aAW%4BG8<cFj
z=U}}-?ph4#S<Yu9KL+3|P6a;}uaWVKYNr)LIsj(;q)S#AP#fbjE{a@V2cw}=wh*F(
zdhih-m7pVaxj6gtVCGjKMRC#WLwcKws@*_Dm3iQeSEC)`?bS0KMg1=ydyQ&?AnPwm
zYB4}`$8dnXqQ#dqHE9Q09nr|E<8gkf+bEIQD9Wff`@vww1l3N1J>m^2^2rIhBPmv&
zLXm7ehhX;gBUI`bcvTA%em78S&Sim&IQ!n9t1=*`hgzD9P3I0k_7<>HE6)BfXv0;G
zQL+r&k99xSGn)V^aR5-9{Y22_2J7g%;k@4jBdtC|nntb%8P$-BRXcrXROr6QLZkP5
z&ANedDOHf|HC4M<J9CJfY+LDILsfezVz7e2<J_cYd<kQ1u_}Q4$iWV)_H>Z(*_ri?
z)2;+FpWzP}V1J=Y2FI%<9ITXTKj|(U3Tr&&U<G0uV6cZGeX*j*Dt^=gBAD#+TF0wJ
zg~&xRnykjW?26X6*R0rp;S(#-mlJSeGURZPm)nKbMr4Is(>GSNKLQ^LiK(%pa6mGK
zpT)A&6Gw@*00vXYJkH<r!3EfU4wd`KnKUGf3N#&+-WYcAn1eOatefGH(wM@JVl5fB
zb4JOYLU^Z6U1RXA@Wtc2tXsOP_DN*)tZ*)(mS(*`z9tACDiUwhO!0U7mzwo4)bc1A
z8_BkF4t7YjuO{Y$LfN%kZ#K3nM#+8fxg~Cz(6MF(8NEI&UajC@bQ;`*3q)#Maz6lb
zUxpJap}%TRgC6A)1W|D=V*?{r`eT#^KBGBhaH01xbuI8XPv{xAd@_6NlhHU-t))HE
zFsLz#dQf6&&PSTj-R4Kd88>$*^t*RPsc+DTvLB-n@hUbK*8vSH4Udzp-y*+KXq#6U
zpLFF-K*b>KTGEkKuv#5&SLQr7%RbQ&uM}5QJ1qc_QJ{I8U+PUNf;#kp9C#XMf95gD
zXaL_$<*~dw9$*UH3O7h{iohJx9gm=Q;Q=)7Db_@$+8a_J?NoSo0$Xqe)TL#SEjT?y
z4udB5TJZy6YbI*e^ROymiiGpA4n|jfQ5A%L#lO?6v;?5GL1g<s4u-xIJBId1#YV}t
zD-Py^vRW>dz490|J2dNGB+w6TCN=@W4(dF7Vx2#$G`uJe-4P!_x6@uZIC3N)e|YDW
zMAv7N7eVQWWZSn6_EfcF1~-+TfSHdEqbX4j93`jB{<mHuobeGjYBV2)TZGn{6|V`V
zG#}p_y^OcdM!;LYqzU$W46u<NXTHAj2S}H`jnKGoj(P`{Ha=za0n*ST_<MCPoRpmQ
z$Y7fU)lM69Wgw-w$N5xubpqW#E}T!}5kj*)K4+nxYta-y!>eIR;XMFSa0(<!<?aAh
z<Ci+~{PAiv2cx@@sll+uyLxIoTv=^LLy~RR9rX2>Q6HNo$d&p^vtnqPQIecJxRuu^
zOm|??lyG`7gv#tah6l3ZW9vIuTzFx&hAnoZTa`(_A$KRns}2;N1N^8A4a_AN)meaA
zV`rW}a3VT@^7Q;5Vg64Cqjj|6h49qS93d8OBjn6n9D$9fctq@7j1{`GZIM8kgyIJF
zX%>Q8{0V|P*=J;21}*#TuH$zHTObNd&1h5uQxku4uyd+?Dh*(ojp9|s!Qxdr_UZU`
zS2Vl-jkkMBe8g0QzJH9sYnqvGAL^@koWJL8&%lF$5g8sY#b_>5Hc_+V)#46D7rkjY
zNUnOL;O39vT3DqpVqY=dULT1te>!}X^I7)&c^DK}Cyi+jgdblxs1D9-bvE3cV^DcZ
zm9=sY8F#H_uUR`u?pQd!b!ajukE^k~S?Jyws(lWnTRHN#GW=aDK4LH#ezhRKLq!B=
zavc(W!m<nK68UfJF0-1+YZL5L=dzKm68OL9s}0Gve;o{Kg_(k@J8IAg2bFdh_h^IV
zv{&~SDRh0hUY4^LA3*cYsCJw)%*bzG=dU)<jCH#-5Udh9_Y<5e@LNqq&3$X71n!vt
z=#(g#HTh%=l#_UBuJaRS^zq6FwiPq_X)xr0Jq=$><&R9ouqX+r>SC1oHrodpC7)H3
z0*jsY;FKm?`{R<Pu=1Skfaq96lJ-0?`PhA8AJ?7M;RiinW#U<oZk43nv1xgPNBnrT
zt%H7dkG6cC{PTEyqTe$t*z*bB<FYTElKO=1aU&j~zj~s~dQbRVAlotKr^c&C9IOvS
zmG{xSad@>a+#gW6UMzt%!!k{wDPLEL<r8qh5b+XFB<lNFcd;S-Gu)fXa5;gGy^q*c
zR_%i*R4rI6-$9r8UI+y7qh$FbP}C~hp23eOJk8{H&IOVBJJ*ICod?^k4gmTM0O=zX
zCh;ghmvPIVchqOh*a#pNXX5<M*FZ{D?boP(@HuTBN}`*;0F^(NvIidp5t~T!RXvG*
z`m{?b{<c~XkiL&_o0$6**`^KBOnj2l9<;IeLLh$yE}}T4`|bi3cp9&EbTC!5cOnBz
zz}v`Y1TaUoqDGC96Br5yOHiL(eu`~i&3M%p-W8UWk+s-4m2VDO@>7<;V^<+u?Nxg+
z-h}1y{6d0#4qDt>wQHp6HobeA*Hat9r$VdI51$EDzd^d!3|#LO!3%>F-w#y&2thdR
zv>yn*LSC6A<{`32@%F>-1N!_Cg0eXP#diVq#Mk}#hZX>$TdN`6;r`foduI&K=2S_c
zD6gbz$SXYS@H$|aUJbuMfOp6Z?nv`uQ<gBTJ#LM}wXMfG*Hh3aj^WvJmWA^jCpp`3
z@)rH{lk4$u7AVQ-_rg6rW@PhdSEajK>HFf?x`T3~9-PdPL%2H9`o9B)Dkudck|$+f
zu4TkTw1w>n|AGMS9PVgN+$I&ECgrXx?H;ae;#dte4L9Eg!_QLS>-l<d_>#+svzEb<
z)U=m@>Ga)^Q=E$NHc49ZbxT(G2cuTfSHPYWFMev~I3_V{eDHfv_=K>L<{SkD{17R?
zcS#=AZKvpW54(XI8XR^^K9@cViLHz4sh4V69vJwpu!ZxwrHh&-j+1S%=*gaxM!Mxc
z%}LiExET{tKj;?RY8y&5*bqLgp`W?JA!j+KcV16Qk6g=AOhzb1Xv^rA(!|G&*xZaH
z&#shA`_pF@dig2!^eG+~>`6hH6dFpA;2(hMNx}D3txBeqC7ZbDqu6{F$0lk{Boe+H
zM^im1gLPX|&3TFt_o=O4>6U&a)5N58FWftKbc?Auaa~7GEwT1eo)laK*)=E1HSmjS
z;`3~ySTQst;)F2zShwLfQs@}VSKvbgPYSL|@GDk=J&wM@E-2%w702FH)94F))->D$
z_))H<niE%8xI}=OcukALRiE=EA$}DBs;t}Yt8Ve(34UV&X){f?yjIiJx#bZ3n7sJk
z5Q*M}6GY`bCC0}2gbwH7Nc<JoM?$8uh#cuE7e63x8O*70{CgyKuI0Prx7GH4N>n_)
z2aCb;*@!<=#>iAWegcSYxdJgxre9>EN|Fhp9!%N6I1s4GWQ+e49FIBGkB<Uk$1Z^w
zFY3oXM_uJr0oRkMd>l2V%!;v$3iV5j%EwFAF*BEs79433)sNGQU^Co}!;O4S1>{s>
zvUQ(8Y-CYD-~yc0LWv1DW{clwqcYz?SmJ<~CyL0I08u<75X(dnc^e>J;eHq#$HnL6
zsEuQdux$Y16pF~{SC<V|1UX)`1U5Tapx)~UDt=j)Qw=$O6PtZMPOy)b>52JIAQs?J
z5AxX(6_KX{kzQLM{*|bRyfYA^Xq(M&W#aOg_AWs|-6q9>S_Q3qpK4o}@(!mea@xlv
z;~)XVB~e9A<^M<11!9`0B1fHOOhRvgc=Nw1a{N}OKr|Os<P{(?3Gcel@vf8rrC1ml
z&LgNix*}5{c_}ay$MYN7l`2ssd40Th^v6>rBzEycAg;nM`cA=Qtx^4v0_Y{4NI^a&
zxj?3RKZeaN5NY@VJ-bs~XuL5@AQnrdfuQ=I1iXENV?Cpaavu=RQUY;?QAK$ZAj;kl
zh_X@=5DK0e2Ne^DClXba?}C-4e+a}vPF3Y7I_1;X2*fe&1>ztO_qURpGo|cQyfX3T
zDDi;J{t}gy6XG-;FM(JmQCWEqfmnt>l*G*L2mAwkm@@<nT-ha2VR;<Z+#yGWL@%j4
z5YM1uLld%ajb(2?5B^daRC)A1Pt7U7=A@wr>q$8cyxYNByOz+lR;~y{2<&x>3vFLZ
zR9YT`MXI_X5V4#}%V%L}xrlVD6oE}yJpi=VEz%t;nC3I3-(SJ7^gS|B0|_e@mZZ@<
z19FYv=hvSJQ@3QQD<1(<@8O-KfYp+!<JYREzo5ULvl@Q0@>OhR5Q2GfO)xe@SC8*N
z#HMmBs-4HRTYCbB^4cin4&j0cC0VSF-z=VpN;Al%Fgj_Y)?8XcyAd`Eu1-NsX=D<y
z&XDW*P21#0g7p<@$+J7P0PFB2MEs27C&qm{P(1@Zl0?PipTP5JJ4nxaEPJF4tR2e;
z@^rZ|$hFZ!ClP}x`0O=bTM6>s(jar?Bi0mTRDiNLoS~quf<)Ei7I1vsR3MzJIS^~m
z2^*^rBBGzDD9^2(Y&M#Sa<BqcmbdhTJm@u82-TCHGAbzd8P>r7%i^OtDkpCac`v;Q
zNIzi{)_|VFHfnv^V})v`tdrY<V=;W#GDSGmhqVI&F_dmLA_GID_I|Ux?=JnlnRoDn
zP`b@IHkK8pN*(=XgK-x@;YX;L9Pj^}ZqKTA#;&6Qes8PxmoUn)2gz@W-sO*Gibf^L
zU0?wRBugBeETuH!T>;Mk!}?|9f_#v70|GzE(*v*jCL534TdR@K{UfY)x+L{L@t(nU
zKsFvf&q~$gLy!Rda7l|=ygRHH5aXb1*LT9&C{a|7N(Fvyq(BUk`+x(#bi!vHC-r#$
z$!{?e8nJ|j`lBF;3d<2udcrQKu~Y8vH@oW((Mah7HbDHcC;e_~fn}*Y&~HSogisZw
zE~k3(%P0XD^@VUFSsn}om2;xV#jMp7zki#Eu&)BQUy0{KL9`?08&{IvS!@`7_ZJ7I
zf|zJ&xZl8+)kV=Yt)&3iPT^RY1UOy!L{yX0L-Qu+%)$>`=BIZ+%NwtNNkxg{Bf&lo
z?J84(+O-AS!XEhORt(14rSOX2Gdg0!7#hkqNTc!KI|e6Ggnu-n=j_SI;oUbOhkdFi
zKQIGU7Q;$UJox5!!wR4<lqePOGtxM}S*z@75y>rlJS0(|FZ}`5-Z?P%?q?7j4@g3N
zQl1+YOQBh#OR!0v5b7?J03FHX<`OOh%<<b%1X930m2&W(62OTPQf>c$j`rK3@jRd!
z*tg`T(P8TbJdIYq=k$<0959X`1u=K|G{4aiFQ)~*bQ!-i?x)j3$!0uz<W?xai8It%
zar2oFxrMutjv$Vmf*m?;W~=W4v6s9-4nJRONZNvlyVxARQ3)qV{48r#HWy+Xp*I1?
zDkJ!NfP2ES6>6Gz@JR{H^}D*G0YzHM^F5(q083sIVQIz}fcZA^8@C??MRxLq_-_)>
z-D&~1v-k0f|I<Q(FH&9vJ`|$L`ID%_UZO+m6oQ`G>j-QQaP}F*Y~(5ezd<bCbD(#V
zdkN{S(lSV&1mfTQ6voTaa!&|LJ$)_{dPn(HUIDTUZQ&Xu`pxB*K6B9h--L7q{}ALC
zu$|-}?KoiL14^@I!RLZJR$c}2MJVsvTp;H1)j<4+0MLz2!a^x~Ul*Kh2BLwMPvo_J
zv-O<>=#fkWc&5)RGNTpwR8d;*3E}5Yq%C2sYy*_w7o(Ncc|;z~Hu}x?PUBpH51i53
zjVL^o*24W(_`2*Pu$}|_Ip7M)$80lTs`9_M9HP=2zQu1$-T+#E<$_Fy>~3gFmRR@X
z2(}FfpJ`j(g;e8%{`@&lkzw>apXoqC<EI%6={kfnl?-_Ycn3o9w#U=}yqx6^z(8iv
zzY3p+@SUI+L&Iq}tp9~N1^0)n2Bdr7`=;HX4h8$pJ0#r+VchF8TH#%wpmGtu7e9}V
zYFw-pCf|?#dw(`K52-@&KxscjcSF^GP}NphEPV=?4sP`zY&#$y@S8<l+es@v{m)<E
zMrV|7DMah@Ltv#(H_uTO13uXZpF6*RqFvHd`Ec#*vc}<~@Yfp)hic-ukDD;F6Mf?|
zq#fc^W0u=y$X|Fui=gAXGo%AQn2-9+DI>li;2?f7xiaiEXiVMISw8MJvchxqJg&oZ
zZ=@M!OEYFOJR2PapXnf4Q~`7%8!C%v&?4ixIlnyB`C+t~b#Z@&$}i(6ElkUlKc&;q
z(+@WO$p<g}TuFYVmtF(E)mt>wN6C@Sf{fEMKMt5HQT$85PXO<Qu0y%tPQqO=&jQr2
z79v}kKIz4QwjjGON9lFXR-Zs?L?Rk|JO@kJnZDGlRall#1Jr`9Gb;2%WKQAY8t*{`
zDQBcho={UH#Tt;RY7iSl<uP=ry^KDa>iilIYD7%SeYEk@JV2A-SU>!CT)u&0coJd1
zYDd1qiaHJ7ie3YX?w?M)LHI1ArEfhU9US){QBQHo-+@fq)jkc-n_Q{Ot^?5w47dsj
z&6mI9Hvs$01``hndUfe0;9v0*Nj2fX;Q4T_!vnZVH`HzMcAnqzHk4JQdje@9GT}#j
zf3_=!+AD!|W&&dT+4uiP)OmnMRW%R)mQ8LFHf+c)S;}IT-6aVLu)qR|BtWD{5dlF&
zkg5U-2~9!3ETFz3Dt561uwX#}#R>>)P_QF{ir5f4Scsrv0r%c~zd0NKAJ3DAJ#*&F
z%$ZZ}DKm2<$x&7PIo~j+jibu#Z`Ti(I1gWdMNk8#0$-Nc9qxktPS+>;5!gM&aPi{Z
z*o<i8BtJvCLbAVdeP(`5TB;+u&pxRFzrDjG>|DbkMSY(uXa^axlU!lrJ1{u`SFyJD
zKW2O%N`8T)2k%1|>pHFa8ae*?oRU{9q%D?UzWf0NA9kHGj!|$BayN8D1BR<Y`w;+=
z%QmJVaNPJQWWUm<z**b&TS)1hq&GBy@|jQ7@c7vL1@yHv`{MJY-g)#qF6)}f8tj4|
z2-%LMy?*p2DNESK`Y&Bnwk?@$cB8&QMb4sC=SUt#KJ~ltp!JP^UD36*-=JH__*rn9
z(0!WxOQxkXkt}y*8-I|ERk`7UR!k1zIyYsGyn;$iFjwn;l1pT_zEnY*ss9y9?tpC?
znI6-v{VkbJx%mW~(p<;1e@K6YlrKFjoGMlD?po=p;ScmPp``TvE0wZJw0}YUklJ5b
z4Jrroq2uos+0#pqVVR7Rqj}&mPdk0CW)ZRu#0hyyt4X7QlDWvw*<|v0SDLA@+wKR#
zsn$|`T<7Y~W5`Lsz2x_<<GMliQnDAvB)f{6L86Muz}Lk>nu`M#*G-)TnPM5*^{`*B
zHTw6g@q6UOHwhcw`c_>V{@TB$uH`N!T2YNwW9H~aCU?7HqEs{8Rcm0LH~?Rm5!pDt
zJ(RaLJw3;5WO3$)WolW%x@gTVGGA+<X>VQC;%q!pF&YfHu_>6nW`EKOb$#uroSk{y
z<nqrxjX|P`wf)khwWQ6pMo+bf6zl>b%!HG#6|)I;^^{0Y$<qxF*BX7Ijy7AI;>`DS
z+2MxVU)Fi<TTv4$cJyqM;>%J}{>cqAVXlg8?NGU+UnmxoA@@~WDu<J+08RvmO}79E
zUg8QT_W<lvk>nR3jAV9(lhXkW1P_Y}0lt(FhrLa>^o1%1)>L-0Gp<s|+v}_|w|27A
z4wO6WR?sN>^vt0@ce1rL<phkQilsD7`I`O3Hm|WcI!D4nt{~xm6PE&byjbpNv6R&J
z)mig*bfRCDbDk*L6jwG2J+!BKSEu!~vu;*A&q-LF*ECSJPr0p6Q=oGb*4>y$0_$7u
zcyOwe!r0-o$NfmjTv29c7z&jms(3hg0Mwf({tvJ`(_d@6Dz&q<Hsy|anOK!_JdpA4
zxK4KZQwVr%ir_g3KQtaIw)J)84O$1YT_`!E9bv?3jZ0tcM5u<tZ+3ICm!@#HBs}+o
zlgq&ESngygv*nO`SDp3KQZQ+NG$u&;%RdPV|D2ye`xicZibU{-64pcEWJknVSz$L3
z<5V<34Emc<&gB$MPoYH<*1B-AnzC~Mu1qPhSdPk)YgMJ+DRY`Ikx23DB;tIs2$HX(
z-K{AZhu2w~$~s{uQ*OJ&bUEb4Tqix8ycd%2$yk{xOOW`QaI%iFgUaoe0fjhJqG~03
z0!u^g!W8d;b=GB3=(R6*(jzGlwl(;UwTEC&`ojszVnMYxYG=Mv?lk!=RgY5%&$Ut8
zx{Ky`iw-lq(9ZQNdPbwiJWa2{3|=HFO?dW)lPh89AngxI2(FQnDLpMOx3hLCSZ$q^
zpP<=p1Z%Qlm-o8rX?hZ3uWMD&f`+}dgrZLlhSs8T$BkRCFj$%J&r8+Pi#F$qXe`a5
zPj*V0q008e0pTJtdAgwCXsrRk{?zC>`pOTf!pjo=T~S+)p<4`cgxrq_>zt^aPIt7z
zDae-z>o~4hREu%Ni9DUGJ&tzm@9Jc`Zh#bF&7>f~pxfc=2mMb_(E;YkaLAof_gAV_
z=ak9Smq-_#c{x4e9GD(VX>xeN^P*QPqihSRZ-G?Ma9ypjCY;<sWuJv!gUCWO`nlm`
zJ)pZ7l6(IX*w0`%2JrfFzVS+#jG#XjCQ58?Z~8ES>_t9KXU_^JuY*Sedg7E^fUD}P
z;mgqaW@Py{RgYKdtkJ`m2TG~zH6mU?!-87ln{aY@N&^NPI4Qbbtn`vq@LfU!eVVGs
zZ3*kys9kYexot2Kz*>{A7@^k|C-qR}v@*xN#jLuc$Z<D6(kbbxaI%9UMv-0d7rt6Z
z_6n5Pj@uHavRMnS=7suas5oClBeK+SuNDUMVY!oilMMDpxX%xVlOuuMibgn67qrsH
zqIS>M%AGcM@@3{`*ccGCz1L8~_QEaC>{x3&@72!1C%MAu*D_TmZ&}nnYj(Mlm(;56
z2)U0YhG&J76A@_u%I}m?)}M9Oh~b^=%&U=-J5jl}Y0V(n4Axk<KWkQ7Ec`RIsNL#U
zl=qJ4sUZ0e(~Pl-_MXbfoSUNbR3iUR?EX>c+;ZD}5rZefa^j`sOffG&JeTiX&yag=
z!gHTj>jwGD5FVEo`!u_A{o~NK^LVYUHL#ykO))v)>EzYAfH=S0$vjBu4tZvJtuZB>
ztU)zY!N4)XK7D6l(ugE+#^z&CSmyX{P1U_sNjP~2cu$qv8HZG>{h7!=DHEn3-dg5h
z!CiGixr<eMH6NJQl{-1h(Lg`d!0SWX`j^=0MX(v2>IQiH{rNeXYRf3PO+ZEVu-#Fi
z_F|c1-pK2vm;qcJwR?@GaR<^$gx?(bQ#2W^aQe12sva(I=yE>oiefwMXQrQ2r#@I$
zc<pbDxqr&-v}#nw(l3h<@*LG3gu3x*6ORsFW&02{jzW#R3L;(bbi&^dwFj<abl~Vp
zcivoU%m^ocLi=AM@?P<-n8LE^Sk!Jo&(ao9vA!Yqri9=2Y8{|nT<-X;NL6etfdiw-
zNukOPWlk1xu!R2839D~7ITyqeFy(0`;qgSR(LHK+`Lo>4l&>?cB;mqNwlx4Du2w=&
z!KXsoN=xjVF$~9}DJ50Z6N2njYAhejg5+a#owI+W>oh~GEz<sU_zb=W3sKA;<xY!o
zX~2Sp`)iFmqPFWQI^irD|FV$#gG3*Tc}+-j*Dq4u!>}IA9KVAvV3v7(`-UU6#skr0
zlM1KnuoUxaa0OyP;ku>V7DqtZtjACpy0*3gGRw5;G2FYSkB-{o8K&AEQTOev5zda<
zBOasTPm4D2=DYYRmK8H-_`g%VtKHWNS^c{gQu8)S6V3W|p@G`aiYrLxnSE=GPXvWC
zL|gxzhMmq1{=H|xc^5u|M4v@Y)+=K>N&mU7%=Y<|aQXqS#sJOej=FBA)EzY8_fdPs
zUfPt+uzmVLgnKfYEDKeZl{rR0)W>%CY<y^C;O%0h>|$TgyP)BrT7r&gH__WGFvFC3
zjfU1%uhxUQ4}?5!ooMjA#2wFiwOfHv-R$k6w1S2QYK=Ri_EqChJ=<ja^h!#u#nG4E
zu)Ewj>stDDyMl%dwFYjHZ&OqzZmx@E<a}P2|IxNicGmsWa*?W~eZ>QOdeC;(YMOD9
zbY0Kyp>5qt?51Uudw~h&VfI&i?j9(%&7qW=#NKo{hBI1q)HYem86U{!iKAvMvj;<E
zapQ<CXt=M|Xy(;QsrcIzi;1Wu%q72ulN+h`<l-{B>0qVSmIDdOklWwDE`K|lm%$H#
z)jMj>dY|=KTy(>>Li;9a8_dgM6<t4a1%O!8Zh0X9EMo1`ZvnVEn(S3!-;hu=n;21h
zqRrx>f2zN}Q)|2zwXfY+ZhJPRn68f6cQQlk!PGE&Gco&$XtHN+|Dk1$#g;=l<G}o=
zJ+mj8KMB*Kw%mN&u)34&_A!I75j|e5zVJJvb~lEB^(v5?^UNkN3MXGJw%sG?e)3)A
z#PBpuy0pZji2H1cwDmOgL7nECsj>2DqVz(qmZm;hx0E^QquA$6IG4TF-BG*4=jgOl
zQOePy_65usMsv9FAX>qRnVphWg)_Ips2;w7j&O*f5v5i=Q)E9*6f#WbWx%L~8XHd8
z6Vo~+jZo$EGAGTF4*CkEPSc-uP^yQ*v2SY@wVUoMw_C{vmD~S~_@U74e?t77QiL-(
zV`J0~b*F)F=@AP7U-M|Pd#LiUGRJj+QDqg`qpi@}8%ylqgOI&6MK;EydXQf93v?K|
z@^P@ui$dG(U?47MY&4+ds;zXSJ$*VQGeVWYGJLb=n04%4_z+*~)gI^jncF{?2y@RU
z!7k@}-H*PM+uzUTNqR~PBs&sL+9;dvlJ^(1*zr61#-ecYH(-0<OxzTi0@~FYB~g3K
zARt*O@j~;Wb~)?OCejJdpQk=tAJco~8#PMti??Cz`39AyQ`x7n8PYF}+WAr1xg)bd
zK79UE3kc&VErd<Hn5A5d-{%vs{+-EZ6j+BTbrkjf3Cb`b^903OEgW5v%%&Pl@hhZ*
z<ndf<t?}EzPImS-+HR{1v9XlQh$f3dmA%Vs{YGfX-D>-9nYEbvGV$4xDdTYBliH{~
znKiS4UA;hlN>~fM+N5GTeO|epJ5Xxkv_JL-b3C85nLVMii*`5^O?J-hpHBNdnd+fi
z#d(VA-wW*-)TN-H;mcZMp)3Yv)_Q!IUbVT%&S0T)OCIA4t8n}DwGbK~O+FPOB)Vf_
zA}gBC;oBEwH(MEEfRAF9*~UTnkU^c2=@riWzVu_BtGH{iSDV3ypthH7epX^%M3|Ph
zLY0e|L}#kTaXQakguwLCtXZ^a>|RDjk7)9;$@5Uf<*IQeJQLbhQDQecRBmUF1rl=q
znV7vZntZy#S)mq{7-pY0ozKxa6p90O{e2wWnEyP)x|8`^n`&0y^af2)8rpVSiEXY1
zR4vVu4y>5I{yTu}Mpa=!!?(4@JE3ih=(L}f+bw>BRi5UewQ@tO|0|q@PcR}r3c0^Z
zlrCR5AFO@lPP0N_FJM3YVbop#C1Vo`T~uV>R_oOU7Tei3q2np3`S=D_h1Y)rv(<X_
zu3El+>!ZoFp~?qY$lf76d^v4?a5vw(WqbhDy12+m8~g~hc&*%SR!M6n=_doDc7)}r
zcC}W0VhuHTo4NW2T1jo6^R%ZBx3mU@u0a<Z`q-yGqR`(_yU#};9imN^<(X&I8ucZ~
zuj4(g;d|5@!g{-gKWmM$aPsfsWM+jksJ&VBR-Softx*?F{y`UKrqn0UzR$2}VBdCV
zKN5y%t+z86l`OU9RX8_cTxXxYh1PpFwC(Z|+w(Uc;5=wIP_6lKmMa?=wnBsxpRo)0
zH049&r&J#ZJUM~B&Ui4e&9P7a3Ds_)ZBNo#=&#8Zp?rqAmPPHaFM#Ya)h+rB@M^3o
zGbU%%T-*)Qq?DG={Wfa*J;>XZj<6q39^?0D@}3Ip!jOdsA6gHuc9_o3hcbOORp`gW
zlC{gL9if^dSXA?h<N9r=?1QNN(8Z7uo2uV2!konf!75p+P;8ug_7!(RRW?TaGLc^P
zCo7qqv~{&Q{hIVzG<jo%bJR!;xQj=Iwhbw<n_OR>Y;LaA(m0#SGYe~tKr}f#RQU%}
zgT<CK&zxLq42{~wr)aw4*i>zOjcb_;qxOJl@Qt9kd-BXkt&xb@=Y0vQAMwDuD$nd$
zYs`(>_g9w_4EZ@Nt9OoWwyib3jM}%qP@YUPuhW~rj#)d6@9vUvLfe$<ZXo_bJ3Agt
zuC7SFgDq_~kXf|drP1X0isYT<ETgF^HF&aD>soAkj?q?k@!sE_?@>+P(6-(@Ejpd{
z97~5fn8S-`w|ljgeBvsS?OZSD5`*$f5dV!PcUL&?+)C7Ucb>Vr)^JDd4O{u59+i!o
zoii+&T$0=W`Z6c`O6u}Wp4qC_=oL+-hbqHNDECtAay}2t#Ji`kMK^J?%q_C7`a863
zIy(f~IEz<z>aXlY1J*~AcUCw#Hz3ZKJo7TvVAOVLIgv#0m6w`0o|Er&O8P6DQ{DL%
ztzhh9uwak48C4Ia&_C26>-VVr=som7O{<zzWCvakZL8$9Vb*rqKe)kiRpJ@W-ftD@
zH8jQ}#ND7NHe5owAjS9ITH~T<^2ZA2<{^6SZ_}1>3?7Wy@3V19yOI*^^USd_W7-G!
zHZ@rT$}0uj;~#jNZ(@bhAp&4GCWyvg(d7LV&M%#rS$5}{J!*~NUTslv(i^J$wu~>7
z7Cz3G#TXFUHm*bpp3|3x8NM43b5Q$pVD=uGiWb@ThS-E$O_(g#NuvlQV3(rr+|ntT
z7OL#WBrfK5NAt{=+1h!v2a9D3{r00M=NF8FbbV?kTGP1$W7S<}(=ob)wpF8yuC&7;
zt<_1E0gF*alU6iBTRy7M^Jwm=p>30y6&bSQ-$A=~^T|NR6Ze;6@6p|iB0(Rp*gpAg
z5uyBAXFvu+awQA4UeYzAS{FcaWyO-tWX5WXv!Yy5^`9TLr+&b2G>ocUc|-xPHT1JP
z*%|ap{drLM@MY$n&!RrJ|8Jak$)KIWTk_Af);bm2O;}cC@6uZRW<AY-T3?dvnnoLI
zSuf2qI%DCYh5A%z+V$$g@{W2Rz=xZbHYB4-ldLRxNAeS=;d*W5@dverc&2suf_NY+
zzis!u%8u>xL`I=Es9{6s2~F-xr=6Ix)Ekkocr^^0aT|wFF?d^<ux{a{NijXUK4p5=
zJz>ple1MRH3oOezk4q3MJ#dZ`YDytruv@(If^gssDKsYa8qOyP&qwMtGBl)6?uvW5
zhXZ>AWors$MxEzi-<p0xC7@W>C9HeH0p%-UdxNK{eiH+>Al7_@zY|+KU$8Wue_1#{
zh$e1{_1qw4fo&6>pB6dFpG8ZF`$xh$s2(r0wHu)l>hOHRa=bw?`@<Jjs(7Z(y66i|
z+tb?!)kxq}yl_)Epp5=87!{0B2~Xe9r$J(FxCqe~IJ5I)+|w)d){NfSP>cs9JXplq
zX`d*PZzSYpO2Q3b^C$&yM4Y$gq{ykKr0R<o-WugIB2TzP0(;|yya|X)1}aR|)$^V=
z$Qui`Hd|4AuFh&JZdjQGDFT-zh#DTm%Zm%d6a@Rocf$cZ6S+QC6`hi>eh7V9fYezJ
z=|zDv@hI;kisz5cn;*C)`OkQR5kYT3GPm<^ju5$8@TF^24WSO4Vf_{k%oX}vic1aJ
zVC1Q+bH}9k5gq8jXe7$uu+-fU3A`DP(q*n!CYjF}V&CBlmc^~z;Xs2_e7{f$b$Bk}
z-y9AM70BEaU9TPb^e94RVrDEDPb56NThl=}4@^Nu)mg`PiMi=41dRl$<AprBCZg#7
zYPoGs@giA=xFvSR?M_R9NMKo<Q}Vz8!PuN)Tbjr(QfzrSS?QB|f*WYBRwoq6N8<j&
zlrP#W?JYgP>f#NG>xwZ)HP67fmFo=-7G=Fofl!BmiTukc-hKwzzF^0=2U}WN&(Ysb
zb%(JD4;MammnRhVfdtQ91TZ3JWuf@}yTpG3rXG&_8{8p79XM_u<qi6zJgz>Xgm}U_
zHwDqSOBeM=?}eV{q!NAvC#B)Q4xvXIB2GoZDroG}XDf+%Er~9_00wDaV1qg>5_lnw
z8+BlkYMh}e#zCk<O~U^fmF~$wxv=Csefqx?F`8(qM}I?*dsudy3Wp-QJtG|JQpdbc
z1mqZ;dw#pu^Gclc3IF%r;7&#SW9>RxJ`z|TFU9m$?B=z6X_VZ~gbIHFb|Fq;kC*3m
z{vMq`BKj317#@r`CIj2R=oeXLBs@dGwdRUwxt;G%SeJ$a*uUC56d=<0usFwoP5oA$
zq?s#la|i^rcpov_v1CnO=?miIf0H*@K{*qvUD&v=cDGyeOcXrEB%(A?L+jzjZMkjl
z>y;ZM1~+5vN<=nln1{<EfeYgnuXL@IO5pG#g%0u5N9fZB=&r?_hYDmdFA6}^;B`BC
z&Vjgp0|IDY2zn$iJ1%cbI7LAma&kMro$&JtS25&VjiX^6H$)WX8B`&~&B=Z>*V_7I
zRkdg@Z*V4R)y$>l{YtGL#tX&dpf@pIsgE=G@HOH)CcN3#@wy~lX^t^9CF_nvA@<p7
zise{eFbZE$?_t>*+JxWkguMA+hwoRSe;$u=gK77D3f7Up)FsySU&%eGk)}P|tGZ3_
zvbZ&#?3ODO^4z#}CiLl4^pGQ_U4zSTnfx{Ns$tqWDfT-P(GiH+LiK2zQrA(s2i+FN
zoSLsv53~}iEMkfsNhDAoFDwFGo|HM>o!0{I2R+tYsX_OI1Gu)aww5GDBp9<0=U>S=
zKc3H(zmtgpfz+_e$Kk+NqJx{|4XTehh!#^C?MFsIUL^2&+<(j)TuQ#~h0S1jYjNPm
z-e4ObT8UP*p4dE=82FEPO)RhRSu&HMZF8t)(|x8I6ekiMx#8~50$JFd;|&KEN%xwL
zFrg0DB|KSby5oq8ieeH%KXpcQ5#&&Z7ZM)vGV!($+E21J`K)#DY>^d@X+getUF+Zi
zk>qZiP+NV#V&*k*+G)yn_jo^Fu*H%|wVSB8c3P31g(ZRAZ#2IHK_Y%k3I}cwK?W<W
zJQBBP)aw9f4=Kr>Nc8!pbx_5Ks7y(7D`6Dq{@KTjy8PhNaerFsxn7+q@Ho+IJD%kY
zJ|I!{_7dqY@XZp>6;HxjKBWx5g?2cw5#nk#19vl`jNj~Sd+H!gEsImnJn9gnQY{!`
zPFs$p>pR}VBI-Q#)S#{R5jsv2*DRT%ew11KQF5^@am;n838w9Q_4Jo*q@Hq2UqD`T
zS1PZa7-?jm%OJ0c1b&E*k(vC0qr8pwE(e3(c$HSo9HVM>sKeWdr6$N3-=#_#ElHfs
zmQQ4}uugLNf5#h4fk1Fcys#ByF4+s2e;{*7=+gr<d|PfD+MKzFm0dcyu9v8kFZgEM
z&)j3sR_SX{S7{`WjH{;^42#l#v7#LW<xZIh$bx+0iPU3x#$VFTz94bnR(pdjrKP!h
zke;zUF=iJ9Dmt(t>>UVNanGZ<hZn-#`b*w}+mATQTdNnNj4sl779q|NZ}0~pF$w`5
z3<M)_KOZ<o3HQCJj$DZ1Sj4bORWcuody3&Pa(_w@8IoAV0`7RPP=_}Y{;+y!7B^be
zFijU=<mI#~Om&qn5}wOaFJkIAFdQGlF=RhVcfL<v;lmaqLk8{$^*N6Ob}lKsU_4#L
zTn{B*@T<7RwDc`<ncYN_Rygq76084Zkk^l;768#{-r!Rp=oTIQ=}?CwiPAN>hdTwc
zY|rELspl9eENCtkjN^=BPOt`#mr*YM#mAS0I{cdOW4r0x%W<N5w9)9-I=D%&d9XnA
z9gLSoLZAKuJy&0)3RhfwOOk@(mSrQKpYg4OxP{u9uKIWS*_dwO{U)yjHd_kq`<^H9
zKyK&X6Qzf}!Gn}ESXi_XU&3^mV6qC#DvvLi5sx0rJ)BO%r8h^mbwzgB_4Jy}A1SJ>
zc%<(Mikd5NBnt$~<Nk%-U@HLPXm>pB3$BV=y~BY+0>Rj$e)ei=?rwaF^GvGC_P_|#
z&iz2qo7lZ|upDI0+@%su=-Ah2wfTF}z@ZKY5@XW5!J#rry$XF<CPi;zwqtfb5iga=
zyt_OPDo<7ViSsxPQpPlT;CYb%&#Dx)4)zy~?4Uq^3Btm_%(i6pL)5Qv-r#VdyhZ7=
zd)!lx652n*$;Fe$xD{@PK{)~G84GO-?fj0ooLs6EYIu;ady#)nm>F!BWNRnyHu$vc
zUj_Q#wngW+dhvn(E&gisrKWoGK@xk6Op29oHglr9(fuS~WC8jN(5!rAL)6@mql1G0
zUi?h~OjAw{b_1AOp#Tr)a&YiCfY(!2^#|0s!C(O2{i!gz>K-r-0O*62JG;K^dJcfm
z02Y0u02@s?F1QRpf3YFcTn`$#04e}nc)0>xVR`{@k)y5at^i{-9{>sY^|P{1Ov^Nz
z1IX;-O#fr2!Z6G{0GL(j^TaGmi24EK185#lfF4E*051bLg+VJAHM$%W+ze3ylndZ;
zT|9bP12|XKbJ{#^OnxENQ4GH|*JEaY><5`bUR=1Au(Dp)Yg!v1rJ&qb0E+H<TRRIt
z11MsTX1UfG`J{(|@bLQzVS*k65Wvc08dh8oJ*c+@a1L|$)5}<K@EpS%MhFNNdV0@?
zRGBx8Fo3%Oe88fGGVdD^06hWpP1(O5G1~zU-;4^3tHGG56#%G(?@)})0DP_$0vHHj
zwX!;`GpZXf*EQSp5*x}l^!6oon=C|b;`&A}29p;nj4kbCuHovvzO8J~`Bos^OJ)bM
zF_zYT`&&u(t<e!c6hLOmB__-01OUr4?c!R|;sIW`TtlkuFG`Z}x*P(?ardaU3b0=t
z0bC8>YYaM(b(GN+jBfxenXUl2MhpNxF<Grj6<~zc4S<|le7Q~JKdg7>l1tn*I$(3(
zgFL=F`hJEM9^2LX)2Qf&cTke&35+sw&rq@k*9w?DVV(_OJIuC@Q-BG2PXH6B|KT=5
z+i#SYI9X{}rAbvn_3b|)EAhO-Z7_O)i!G}0?9YOGrQW;dZ%7@fQ`ugl57{`180Gbn
zozN=98-lYIu`}0R(eVLw(hH_4<RN-rkmdNYJN3wRxy*i~pM%;{Vs@vy)@%I%d<S6S
z8dbuh4*<}D>(0k}3O!Do>bt;RpZcgIYs~6~`@z2Mh{BGUgTUSfAkbN|S%}s5#Bs!o
zW0{8{Hkm`n$BtJ!EWQew%WIwoK<-6vN1z_A<=RlvayfW$%9E*5J0HL(5X64BR|!j%
zPH)2gqZ=r%yPnmClf4oA{reQbs6GO~djJlWDZota0suP!?Ch-ox0@pYV1wm)NW2C#
zEZau`xD%rPD-@x3(*Q-BvS}B<(RhS8m&pDd?tXzhUY)OQz!ku>epf~JnPVu*Le|g_
zKkRx-znHWbb-qM8=(=7TOPb41<9pH}*Z2B3(qGVT#0I#PYms&d=}8E8R|JAC*In9p
z0Ig`vLwgm6QQ8Cmg<wqRuK?4ui2%+5F!@@M_F=O+ALl;vhe^`<VPkSADgBZKL_^mZ
z`jir<^^-Hm;UVKoOPtbboNAOELj47N3e1(OB)NhLm(qjG9j^$Dq1x0?vJ?himMD%l
znbY7{Nu_F0NWV|P9`z^K!|oBf-<wxpY`o{aU>Z{`anvUB9T;MYAI7#`k%m!z?bw>l
zmTu&4634~!iMeL^mbfIYKLL)qx~I4v*XMwHe_>O7<e{pZ;~Am%ri4ZeE2CW=)aR0O
z!+SwIcYmCxM7i6X2MG5nZB*FJhM%`mbIq%I6?sB_t-r)7qu5F9YH;v(Fn<WU*<G?f
zdsCYaC={3&lE6oO!)~0j0ngPWDq+pSI&0z-$h%xFO}sgn;*7J3g&%%93wss0Cn3P0
z{Q@vonTw>zwmN^aR!X8L%*6mUP{cJ_0Ro1^C}e*?h&EMZv{?h7N+WtTX1~zbV8j80
z0<$?dnXJl;RM85VAB<sh6v`Rp<`D{<oA3+{yL%vQrmLU1jAC*CZiL-!RRz|YvYihF
z&QEx@hTY=Lgj=O?J+RrtX!$1W4k}Ql@&LIWk^bxod6#RE{y%VT1<-|~H45FO+(5XX
z)OOG>4f6|axgs2`D;&NR4Bd517k7~RaPRr{A0^_KL^BlLJXFy7VFhWc0vd(_v4mBb
zk}%yoqe)Oh>YA|L47>ZumgQ#SR&HPjPt!*U_m;L2j6WET<3o@!%?j-{RpiP9Mq~1p
zCEQ=s#7|^BU$h%{DRJI0?*Q;C1B)m-VTH3=yA#k_>hO8k-C5CoS-%UA9BcOvyU!Ko
zCHmbsBvA2vj|nr^WEJj^a0lAYVRxB$Vjt7*Eg_c2Bf>`Ct*xT{XVLzDEt8QlPp`fP
zmyon$XG`iOb`S+bxT_of^5dXuxF3qo$ir+1?g_h>L(TQC_F#$K`evShQv$8gYC*V#
zsb<w#lrZq~S`8o+xFnH3DC}mBi0@aiu|~lv>a07G@X;sYDmatQVLm8a%&!dbA(5be
z9-J(a>E-}A0{}24VX>P^wlyErA5nn2>a3e~3m?}4O`J*I<4)tI5*~-uiQ(xr)&b%&
z$n|5`-3`v^u06(Mfaal|?HiPMBUSK*P+)i>pM^H}9w!Ys4+sUuCoJATql(mFh54j{
z^-EYML27~D?s@=+&{OAcAY;02RURhqK=(4t)f=?$%%@9i*Y{z!oWYuG8;?ij^}&3i
z^59vGBEL5_LV-(L>vt79u|d1o*i>R0ABWvl3gJQX84zAZ_}d$GtIyP)rLES`R#&Zs
zYnmA`HY>UQmni(1*|7UY?YR=CS>;ADb#u4&yvm%G@N6No$zGgI?8r<exB^bx>dTkI
zn?p-f7uUqq<VW@rH<O$Dl2+a4Gy2Oy(X@Uyo+d@^M`4=VK{54cTft_uN7I^1AGsR4
zg+bg#xZVN3x!K8hMX_C4=Q(sx+V(2GkmW3fT@MeWyrw^??O-~4hBzi+H-}vf*+(>7
zPkIs&h<Hm4ki%rM@DgYRTzBeX>97(tpFfSVrnz3*rHHRfL??jZF*_QsDgdF<`iQvZ
zg~n?N@Ial_W;kUG^J#Opf-I@ChH`L2_gZ1@QIH$!tnn`k#MQ}6xuQ5}*Zw8Vca8Q&
zi9Ph<u=@_$B17MAyonB`qJ!^W1z*>vn{QEvTE8{}riLqKz74@E`C>%Bk}C7LIUWoJ
zme)n6+$JjG0H!{+i81kEm14Ko+zb9mble1mcdev3ifc%zwIOkS_Q6e}y<IyBbVL7H
zdmnDk`n9WR$G|jWf7N;hd^=cYV^JW!DFjlhEA>4KFXMWaFQboF<(TYj&@o7TTt8?Z
zg7hc@tkp!3-*vwx{wd;6@X(7Q;KfGO{sIp{IVXW%=$fdBcS?eZ_!i{L{DfJcQ-S9t
zzjj!4MJMM=BYgbQcJ7(TIJOHEP1gYJQ;N)h#Y209VlDg6Fs~=q4eWb~s<Wki4#MXs
zVF+LK2KHiK&>cBMVv(>#KTO^___c<g@ge-ihXQ-+^51+{6yTbs9U&h(H;LljP~bJc
z;vJDq6dmWPFvL|Qoq6;AxWX;hzX7lm1<{##{k&NJmh^3C7yp%p@$0qkLdof*Hisp?
zUxRzK{(XrZI;tM-r6<&wKY)H6tTHLy+LhFflID<saI8%mW=+$Ni5nod;RqTWLM3BG
zPV*c4!rC&=7(am<3aqG`MC48CxXb*x#2MIep(sEfsr^DLe(aZn9OufTdetWdp3fLn
zDqv)Tb+cYy;!LhwDsA{a9b)1tzC_Em3z?tv6ICa;6a5j1(#+QSNyX)GUFlmr$krdy
zehVc>px7>-2_y3b^LK^t3=vm;5QyuHE?z5`#k!cMpQqO8F8x#qk2AhWw(i=XiQCE%
z>YNLQx#l?iFVfuP$`~s%*C@x80?#30hlx(iy@q(MaJg8dg1qwJOsRRAF8dMPq16gV
zy3BR@8Bhv5x23w^&8}kQ!txX+3RFMYMCa}gZTv)FN0L)rQPT#$8W9>&?c%!5a7yg#
z)#@2aD)pWwjx3?T;kxO~WmBD|6Z*Dyv17e<r&Q5=Nz+-vg#u64d2YX6I$)L@3v=Y>
zl4W<4$DhpJ#db%j;286M-KCIuy8!h+i$c<_)Y7<uy@NJx*VIgJ@BW9nZ~`c6iIcho
zcIQH;`S#a^GRJ7*2y<g~*!`W%?%386i`Z$pLwpN$uF|v5{J`9rpqZxyBqg7Pt8bD_
zVo23@x{>ZPhr^8iZx9XY6%zZy?me7lxQ3BF4(^_3z%{VmAmEexQv~_=w4A$+CW=vk
z=krvMrgHjT{pxENZ_h45O5MClm)(CTaJp{xck>1PIjDI#55*nXx$ruPdKC(MTjv>u
z(_DkTPix-Z<M_3GWX@<QftT>qH$FnDti_ZQm(rWhhl;V46f3gy*Hdv#vs#N(xE>t_
zwM#29zoyM*L8ant)G#L$I9OM@;{oJ1s{~U$8e2kkxRR)A60gwuja2W24DmZd0j&Bz
zAsH!=$fL#F>3{w|DH?;+3PKY7PTmGCFyZLr|9(s~h#%nb2aBAt7sis(X7FL1lIOMj
z8o`X^#xx6ySi!bhUL@FJTRJ}!cr8K9tESEiCxldiJBdn9-Xi&ROqQLS(^$AaIsO+#
zifap<?A@<Xb$y1?_n&@kEt#3$s){?$wSQX*zLlc%EtLF4B1tQwde?kD0Oz%k)a5C4
zf05|3k+L_=VNbW|V#f2B52Y|)L}|&7{MtQeaosVr$U&ZY4XA@3lb~Q@Y1ZX8f@%a(
z>MoGH+g_yZFA_)muAxF@3w2*y;Q8LK?IF{`(?cp=bkr}ITqR4Y>cL^s6}nTCB0Jm}
zZaeOW8~$MFFO!(S7Y;#^e(|-ocRxW^7R||svAtncCVw@w`&}T4=}L~IGG14&CoE<m
z=IorKEF1mowe1x>D2|7t@feA{E-CKJfBXQ_WS);bgKXJ)QDpQSI_^4gARYRnNII4#
z;@RK)gDU!-lmETcgK?hN%HqUXe-YRvHx=4GR<FO%!1_*+<#|TUM6%lqQ1!G+na#hE
zTpJZ#Q{Xx5*W~VJKU-Ug14cy1u?RJufkt(I@oNjbIZ@D!gOXolzm*U2g#n}L?;?Bm
z<NUq^Rf`nACI(iK+-aoLd0ypu)Y;@ODtb9l&E?S1*NxpNtMp8{Uh4BTITNYq+bSNh
zoxX*1Q)HbC<{*q;L?_`lwoq^O!K4b@ztDs7KL;RgKq5;oIp-fV0!j0{hF|MS$ut~P
zBuj<*eCi%iz-IdFYh;Z!^r}gD-aNl{1;y^kR28)S+OysqxgN;4ke*leGmY{B$Qdj&
z#5eY)4@j6e)*Ro0p9X!<Iq!2F3suK^UyU@^I_ZOp=*$!QiD1~%2=^OuK`fLr@1KjD
z6Ss5RV(ZPR-&`JZEbb<VO;CRCJa3v`q7piNevr8@oA1)hPsr6V_^Y4%6>GUpvjw?`
zh8?sI-8>I&*`F!hWZd+mpyITVeP$3t;%oAJpHhcM_EHBgDbK@@xobI89~wZ7Iet05
zugK{+_^{BtPY)koi2Bb1u}uxdX0L()pG|C$32fH>D4&BjNOgV(=F?bw>l}|eb8aQ|
za|W0P`8u4V4>smv4CW2^HBs7?uTZP^^Snd++Iu9&w3M(0w&yv1pLN=(I#y)A-IL$H
zOhlcym1b3pXFATrPGbSnG0Tv&YR>ZKL1QZK4!pHos<)FsXuY}8UhK`0L+>^Qkp_0L
zap@2Hxa(nUF(o;B*DUDXaWBJsWRVj&(Vn6vkCGh6#`Jtzuwj8_#)+_8?AIzl9KvG(
zdWXyC7X_q7Vyz{^N;?G2b>`2;GHB*`+xa#596XzcZdP*zn7*6TZQoP>9!*fU+!o%0
zN0Wr~Kj9)#{Vldt&8DO6S60J5V=n3*&gHv&+j6kgt-tLs3;U|Oq*n6q$T=@Ca~&Qb
zi<X~_6`>>pSHcyxrj{O};_EYR1;D`&A!2C86OS<qG~YpCqa`+L>4Z;Rk&3`3!GP=c
zVLPj{>T=$DnAC=4ApbB%koO_)=B?CpqgO@7GpY%)*ZUhtOMfY@U<F<J5`t`eP_X4H
zV_6R}bI8nmh!A^M=6SF4^9%xkaSv!!pA^}-n<Th?6XL@#u8f`DoGTDGP3-EQOwwWB
zIHlGBrg<Mqd=#O0HGBXVdJh_M2o`XeGCjXJh$?-wfNX+%E5ns3$hrG<#?i>j5X9UB
z>sf?hTN6xAF3Zd9utba;cjg-s$^Q18v(tXQHcQ-S&-S@HSPiML{hF4U<Ie4HSf&PF
zaC&vdHgDU3`g<7#?tihF!YZ3d>a0GR#&zqae}Wktp{3?6wnK>syI>$=6jA^e)ODLi
z2w;UwCN-}ntQ$AYku;;0G=^7$BkuMBz;H?CzIS(8&2#dC8MY>&Z9{=0?7btzrv`&A
zB9QiV)_qs3yjUQ^Q(XQ|SS1nn0x2{`6~b-y%LoS(0Nzo6<q2z4#N9>8^wg{UheLr^
z){aS{K0|%LYCcVP=K69%<kO0ZOEFKbN8Im9i6>HAMkTDbBJS-1!N)`-xhr9f^afW*
zH+wBr3j3jc5%&NX>r0uW9$EQR{HDx^dy*8oPUg1_^oRjIsi2A(ATyjkbJMGm>?_8#
zH77CIi4Zs)0GDaP<?A|&=f<*~?1aoudl)dya`*KWW3Tk(DLFW>I38gio8cHNRHV!^
zbymig(hcz(5*|%niMU@AsWMQ9SeAIEMBI-F6JC_bKC_V->ZJ&W6#%Z2+D6=C<72M$
z@!SF`%%vuH1nb_2yHGIvQsf~j@^i#pDF7}7h3RF9!uulbQBs7XKmfal!>9OiK9Q=+
zwFzr+#NAN}-Jw@~6$)I4xlP2~P5>AmNTE9tRtsN_YN|t`F*z2R&!LjtWC}#-Eb)Oa
z(r|jSl$@jE7V*ZHLckyfg#?CfAD5P^7LvnLTn{G-KZp?d7YLyug~?DPV;=VwD>+Bj
zS$jT4TWRN}MA)6Mnnv9B3QhdT1piT1j1jjjRl7tLxxLPMeK0~99aM5vDtvhU8g{gD
zY-nwXa285=TpFbOxdaD{xQ9yl*6r!{!`rz(5plLiHl_q|glW}F)o;KO&!cli7_3yK
z=mbu%BJP!n7;|LQ7pz|5`SvL=^x3J>flDI1IzZR;q=a2s=l}Fm$-hYScc_r}ks|IH
zg0P?Ixg)_4-uCg51hN#-vhUNfn|wI|5r=h*sQAZtl+iF!FqW$7J)S7c_vQEn1<zZN
zxVbD)qTNy&*W><+NyaWuN&LW0e>?YAARF9<39`05!b=KJYpZH_S=_%S!l^3M1_}bJ
z_k>uetl`w7#Pz!_TVI>|^}8ePM<}JAOQ|Bea%{x?gp}zd!+>KW{Ukj5-$GQ)P~a+F
zqKLR(AX_JrwUDIm{S<KzlLFsS>jA#t?eS9VwHU3~#VR=t#;pyIXtq|wE^-EKW^v)<
z=A?SaFNypwd^vP)+dQpwFg9VmLMt^XA?3>{j_0%BbeeV)74JY;I@oTQ87~XK$I}OK
z&pi?MQQ?nyo)noLw^%&d5n26)0=)W1eD<*-v6a&L>bU2WM9!xKKCjXar@0x2Nh_kj
zOOb_GVfpx~QDnZ5%<a6V&YH0fp|hA8ghjWwf1)p^T$IL{2>@T*dM-i?eRTi0VmmqE
z@8}I4ktyq}RBQcFXZ4&34Rf=4p5s?#3S`TvDLN_gejp33E9fUKUWkAFDiF2xsa6d$
z?mj}8G+tH{X%ELsnN(gEUS}vAaeooFRzx^gq(T7|>%Dp08W-WA3ILfYo%?R**v59v
zQnJmg>+?xe7+~6YyfhT}m^cR!_dTE+ucjIW$fYP`;PrgshCWtk=j|kw)``VvDDYLn
zb4$d1M6lH&mp3xvrCAa8iz3jQa)FQW+Gfa$!=;F~EbdtyaqkjkJ*W6TmdJ1G%V{Oz
zUBiM0lk7Cg-yr3EDBvR&F0#V(XQT`dntb~l)LfUR+NvgAc%zzwZ5)inTA(*;Am;+?
zR*x5;r?}^TlEmJ)zMv2LiXIX7HW9UBsu9*E`p63DqQ)h6x9;8`dvm9i*Q`E~$Kqga
zgjn;SzoG200xJ^!-4XYfBAM9DVv#kC(w%1^H78gb5*}=NoM{sJgcE{355&-M)(%z2
zn-ZQYco~M0=AT%Z6fwE3yi}T)BM)@)QhW>>0jKS55z80+HE#Xs<E51hT;$;6%Q2Q%
z#QA61TL^lQJ$Jh|_#AR(;lr4HCd5~S-GN<EjJ7^y+IcbJ{t&6ndcFFSa#nNZ)hNuA
z#dA+z@S`P#mvoZWW=AQsMn6l@+z*u)U&cLmk@BZL-mfGk9U#?xysE+4I_r%;5Wy@&
zeoU6qIUQopK-DA6+3|elwq6KqjS+!^-^VQu*qt`BQ~k~Q`+X6Cur5;D=i{CQ5DxHw
z1p?$A@)6J)amOJbi|y?9Q%dJ@B6NI)FGq{}KlbHZBudXxlB`Y)ET#DTovQfg5%9Sa
zSF7wZ*sW)llhgGo$#FuTvv5sX$P;lp@xrgbb2Wp<f{6RMxD_Hf=|MABn;i)H<5r0;
zXErR-bw#u(&CIl7YimgQa@NE>n<DP52&v6y5$KP&|5{@4-~*j{tzNx3ztHv%gk1YM
zT9Nxq+|$w<lt%(uKZ>T<$z(o9o>9cAb>L|F6q9~iD7n64$+PAy=F?+jkHAk}y*QyO
z%`8*BYvEifGqjHqAu}G8HeS1c6zo%$o+B<xO$kdKNIa00(sgLg8wi$lqs$J0V3)YR
zGjCwP(5gsHR(jl;4f@qA=w){MGqLqMl1)Dl+a%eETR*^OVQ>1<2xQ;v%UOsbOnMys
zy=Rs$=Uh<()>WdICzceB{2FfQr|~aWV#(h6)@Ic8i8d^SADtk5T)Go+uGyK{T{u~y
zgZ~rv-|izEH)_BUQZ^ZPo=dLPQennKzGaw$Nd;*BQ6$TrVST>%5_VXXr1Z<gYM7YK
ze^F}EE~S&>OZ;z@A&b?4@6MBWPwn;P%#tRZM>7m%`Sue9BYWAGwB65JrDJ_OD8n2y
zRk1vq#UaZuTf=5G)m^yXaB{sV9i2+tFWaog-l4Z|_vPFW_lUxq|CCZf>$t^d*j_S7
zsi^CdWc8SqYM8c9dxO8z6~c15#By*gc}3ruRm^eMT+Q!@_>Nx`2<F8LIbN_YS*6f6
z2lzeYd|KcoPV{ag(P^)uo%?*meFCL5*=batn9Uh62U&K@10ZTF3+XM+>Zc$$yeRt}
zIlCDo#?S5WQEbgPNOR%6$Bw3qF1UqatKX;Cl|@O7-*;;K9s`M}Qkj#E6}WV>58`7?
zU(Tb_;60c@mlx1m$3s}(NTU%6u&9_s-#H}4N8F#q{T)bpAD5ndGh9Zt4puTrHIo(|
z7jZYlJ=@{sx*lHdAp6wRXE;q0UPX3SGI@Gd#_=Dp;XK}HHD0;^4n(p57`{cd@{xGq
zw21o$L^8)wRb1^Z<Kuj(h<G-94)}7eh<mQ{<*@GIDJN+KU(QB8h>$zTPC$~OxHXgH
z3iU1Y<ur?1&ybAFWNO${WdH9^5?MEscv9B1o*PKEW^<T*rk>$2v$Ys_JK5I=U>vpJ
zUIt33*6z`ji3Yw_7s(X^jC(l&usi&uTGiyZ*_j}h2q^3CCDFVyw2F>0us1QL%dSD=
z0JHuPop!i3H5<96kv)?1d98yN(2XqV=|%S5Exw#m_~<-5Diu0EUPxb8Yo3#$F<;KD
zaZ478=@%;9I<ARJAfLvfslF>aAs6+vn{QOK^5m#=WCkDhr37Jb`g!YMJL;GI4Ps7Y
zf&4VNH)f~46x{=<ty(%aHuYaDfevHVd3z42+aE7V(o<x|sbgQvnXSEVx?0@gdPyCI
z(H#zfe5E+&a~N{ZO-NvkCg)+=+7(b69%CgE`Ep*3Pu~aXsTrxpzcquzi7iaKt$jI7
z<DSVRKgN=@ULHs_`4Bi+&oZVjyaqKf8#wp<kG%6PAhn3pvXAK`m$UJU=l3GH{U3z;
z$(PeHZpq=n#3Nc2bI-loeK~I<dWM7m_?Dy7_N{|*CeZ96+!TE|*>Qh!Urwgf4g94H
z<37HeJ|r~{0oa;i+m=2)kkd>6hu}SH61-)r^bDcf>MN#^+V9KBQpJtxum0r&&7%HF
zK^LE_tBdRxKLb1WR#ekJ5F8gTUF*yFSI`O9C8O*zlk9@`_*6|}$W0F9G?7eMT_0pt
zUFPHXA)`UNQ+qZy=RRcl9_&^Hg!{W2&P))F{tc+aVjJe>+(TahovB6kd+o{jw@9zP
zpCdG58;R-<K$}!#Keo=7GY<|jFze4BPWyy>yaR{0OZ8UG?ka(5bIzlhPcyc(3UaEZ
z4WV#XFKrN>Pl~f;=NVi^kB{)>bc)X&MDnEuD$)zt{~^)Gfy(@|VLIEFBcIeXabA1J
zm$NADXBl`v7zI#V@isWKaCZ)KDqcVFWk~0cy5CPv7{Dn^8tW-0aL2fvgO*C3KJt+3
zeg)i1JP@BiYS|>jxT?rrI?u-=IG`ReS~c5n1$3n^99m~o7rqJE`6Rl#sr<jboSWhU
zuVq-CauphHFj*c3SLW<p7}2ihiRb(HUHu4Dmve?KeXrRE)O!(MaTVS4&<NUa6q8T9
zP^LoSk5%Wlg~T7e99fWMgekewms1w^RFnNkrPiw1oKMIf!)Pe25Jzg$yF>rCBpC^H
zdHH_tp#0E<l`Wd&Ui>PC$fpV#2JO(tGie^q$4f%f-k77kVrjXR9j?&XsBB*)9=8Pz
zPwvpuOOmf&X|-;3YU~_|w$`b)ln%MOhZ^SX&{6uJ!=89{%T}&&rH-~noQ6-eYbe^G
z-^0{-*lP9s_#<;Pa#SdhhWmHunNfTB`?;s0z*s?uUpX&SRq?rOPtahzI{Dn%r_;Xb
zvqO&ta(suan*4C(|4JQwvIvwLd@A92H)=2K{GPQ?tI4d<iZJlF+LRk$JoD?UHAidA
z;$+Nw;jB4E%t^mU9-%2{*s(*OA5ETE_HL=IeTQBO8Xn)FfBZl;zO(KB$?D={YN<MH
zPx#lylH))1baAvD;@sr!l(1ICl3fXrz)NG)dS$|D9ZSARy1Q~+oSU#dizVBV?xpAs
z-=S|M^gvCoaOJXBGivlJ^djzdZ`Zy@Kpg&e=<9RbTJx&(Dy_3TfGO2K2GiETRmJ%4
z6ZA%brg5$jONOgFpvgUxs>J9W`b`vWS!JohKZBVY!~!ZUmV92p)Sg->PGEl(OP*>3
zrprlT$c=|x_gHdXW9dh7jGR*(9`4Xj&~>sn*p&Ca@@B`96B@Y^z3--w`@DqzeVBG`
zq(z_xq17>AZA4Fv!0XlPPz@({=%ZrE7aJLDQ0kx`oEuBt-3WUbXYk)yE6qY<jb-0W
z3HNeB7W|jB7hhpF$2a2L-DG|&*-i<=)v{8{#Dr%?EO}dF(dSaV=k<iOBbI!i5x7l&
z1q}ms=&@LGUnAcil`L29&__^}@<z-FX4U-#4Ik{#?O1YPBjQK2aY4h79eQOfc}XMQ
zEUBF@XZ)ILV#)am)}ZOezxnc^|CoW+v^UhTv~LkhKB=VTI(3OI7t*=G<B2{a9*{>u
z{Jhq2vRi@Zh<WA{25*yjqVkaYm4s(c=<Sl646U-tFAZx*T?4@_@j~e;fkw$B&Q8dU
zE9cf&vQMLA+ftpD!?-Cv9>HM=<4QHp);jB*C)db+Pg_Ne2v2d(30V(xHLLqz0Ol1n
zw6Dq%Zszlf@ScSKz5l8#9<0)}Rwu0QN|Ldfv}GgbSTU!VyEUn(Cd+5<VoBtg7wy2a
zIN7Pf(XZ62X6FXE6K@ks_Wso0#V-C=QGSqUbv$5)EIdyU{59krsjRT<;+M%TX!v7?
zj$W(FY=if7P{-7S=h;~DLdMf%g^lrHzniPlSgbU=Q_-tQScM2sz_$)*9R2jIvL)y!
z)wFvxk0pmmy=ulXF*u!A|A@q`y2g^X%8={I{gbHip+x>LTFx(FokH$mb=KiNqAe$r
zRjELD#G)lUvRVB|@<hU#j>cwI<)Sg-xC@l~<$bZ_6OFCY1VXt%JknP7Otx%-n{4Wz
z@)=mBdA>Kqru{1ZG);!w<cAj;S$gA%y>b|sY`ll3z)X3kVxe*y*kHB>{Q+(*HcW5y
z6j-l|={uHy+B=iEQqWwV8Dja)rHS_IuL{sX7t43CPusXx0Wvi)eg7K3E!=1m9DboD
zrtj`PPV_e}o}qDtCZ_LPo@@7wQULBQ0dSyTEN!U(rKVWEi>H7O0|tuBP?qmM0od@Y
z0<1B_@}0X5&2xtWv{shyD*&Y5rvN|bV)^dll)@;Gj<`^-j@GcAeH#NODDKeOll?6C
zSwASiUQO)ZF^o3eXs!VL%n|_8C{lV_0iMvs1U>^m#W)4nr-=#tH~^y$D!?*j0{<&S
zBdk{8@~|$>@MQo7U`~Nix!#%h$=`8XPv#e<_`qMpeN^O41<29G0G>N0WBoJ*=%9%K
zyjWul=&t}-h8Vz~1W;}Zy=O6icl;OEt4yD=fEPEoO~)1B3$qk#F*1Gm0#QLPy?S6L
zF7;2mt+MAU6L=f^ZtWDHqcVY?2w+&g0_@YvAs|No%Q`7QiBSO{2f#KlHNh&-6ifI4
zEMw1N&7l#{uQzG2HgCbrGp0H>nqmuoDF9zvRbrM=2>`PyEjmd7iuH2<_*sjOghZC>
zb5jiBZ$^r3SBd4v<9fd;i_{`9t<s42D(3J9t1`k)`<KM{i1$;g`|!MhzU(W7aFKp4
z2-r?*S74SxiMPyw0LGx!gjbX{+!$2D4WYKDqsqS27)<sBWZ!`;2l#24Sj6{cS@j!>
z#AaO$;^wuIB~_N|NmFd$zvWn9d<0y>wMQ3Q_*3Ar{!BJ?1<hfkF^4eqJP>r(eY#k~
z6Zv0jc8Q|?y&=}{ud>`?^VHDhIqiZHr(5%&Lf)#09sDEIrP;R%`Fu_6;QxaBe#nPh
zW3>xO_oU1Gb+#%o#25`=86~FQEp?k|UR2^3%al!rWmYfUOHM8qmQ<^`GK3$7XnAtu
ztGPZ@mhj^CvPDcVv<eoU9VVlPJwsIf3_~p8x01j81qJA-EaBGx_>8k%D2!H?@c7!8
zw{8&bcbOAQ?1D5zjkq$kNtEVNUT?2#NQxPMpR&awv(ojmK84H#lsd>gxL(83HB{sj
z4th@nxtrBAk@$_bFf)M5wff~CvuIbAQQcha&8eh6gX@r1OsP66?Vh7pg1!prT-U4m
zbaKCdFUO?P0u%Hr0I){Yeg&b(Y@%IB8uDjzH`|~e<e39!*bSG9{IkrNp=3uGu}E%+
z{$Nz`PR9jdMdcH-no=*L`3Zk2sW$4f0C0k#$<}+o>-Y?PPkp|BK!|>&&yhasdXE!N
zYVfr=7u;I<tli-kuv?$SzGM_T9jz%MwQ}_`WTIx7q75b;b|v(yNsG1Pf-{gaUp424
zlC+%bgJMN*g(i3PZ&Sy`93;bFfp!f5E)%rQ5b*ML$wJb6cU73=^Ib>uMWkDyvWcfC
zV3=)mxwEg*BF?1RzoqIW`n5I3AoxO^w7_F@g;81XKek#jf7atAPLCsxDqbh_B^14h
ziM2kU0JDsx05a(~!!hLLDJ?2jyq>}<zmdX!Y1f64qeyO8F1g%1)epHI$vD++@Mq~a
zlsM<8=ZAFHJ?8%)gz;9I^pe)D7TS%ZIkOPk7zS5cb2;gAsl@|TkTSX%)dO!MSGGcB
zxTw}onL+A)QWw1qmvb@Y(Dptq^>y8(-9pi`0UYk3gnmH36+j{Qmq5Fn>p6WTX>KaC
z0aqfmzFH@QRQ46*wQ}_~Zzqo$Wt<p9Vco@40iX#r=0;ldf1P<J04_Fl&McBc@PWCD
zv>1I<CWYEs0~_}U#9w_&;Rnon$nOE*)LI4jUAq^+b^u>3R)Cw$RRB1E(H5={wJk=e
z;r*!Q3m6o-J~Hno`yLpaUqiP32}1_o%kgc<9p|dkA0+n)=9tS-#%wO$>Wd_-5*y}Z
zKa6WvliQ3rd#9*sJCysp38R08LdnIkNqyu9MPp>P>26fd?gE$evye)6y<|L0Q4HU;
z_;(`J4NyKGQ!tGqH7q?ZHXbD#ALcko!}YqpjwELZ`W9&2a0N2X;l<4-$gFYYn2(c*
zHDS7(z_lN(S5JBoLL5dhc|4#$NhXKkCg*03?>4>qEe>ns3Cv{7)n0pw%<%}3`!iBy
zxW<`J1HkRo#5yMVKiBR02GTej>G@xX_U|+|mN@5q@hO?OKW!qf$f<aKg3@zO{Tb5C
zX~rZjW!cWKzx`j4GwjQ9>AQpV%_UCv(b!Pq8mU#6hS7@%ah?8_`8>v)Lnr=DmOhv>
zlY8IbDo+OYWF9S;U1VQ+Fa7(j9_C9W_D!^kV{#r>KkxvIvZg}X9Hwt6ac(WVMM$%-
ztiOcX^X}_5t}>m~6Om$3k$v+53jS{jfvPN&xDv*G*ED@Q0)LD)_#`+(dZ5&PMb4dl
zUWBMi)3HpS*Po2eJ0WpNk<;qD>!juMNAx<(Nguoj8UyG(yP(mO3FX@JB-hL^UKOp_
zEijpCxVWGB8omJI_&Mi0eK%3B5&DInpl{R}dqPPug8A`~(q1e5b;{j>FfMrJ^19*u
zMb4ZDpHf68YHtcrr{d9S(Pba)ErL1S0^UfBFX}Hi$~fM5ji_%DM-HosoW*~<tcX5h
zyi2*EG~cfSMLWclslRF<O#kg5bf%i`l{k0gs&Bj5Qs1X|T)AL|DqCv2PdZLB?S;`<
zJyC2~DMeR>gwb^-#xqVPfp#D(4+GRPDs&6XG9Rrofpv^}7U0PW<D(L1V_7fojMcEe
z1N%MwBXrl<bwK+V4!1&cH5ZVKiG{`?0OwQm8wlOL0rXkK^VANLS~HR8_EShmlVpvc
zt*$C^wq3Ibx+W2|>K}|j*F#=5hJSL-6YK|*t6htY!_egYBb_Jvkb#55`ipnLGrymR
zeuiOJ$p=syzfd%?%lt|`fTT5p(v+UyzPgXhF4vQZztlG+c3ajO&V)A9c-3nV{U@O$
zpJILo7x5xv<<;O@gkibUZO-kI$GPke^zYc>-b$@6nn%H0M?WaSz<>$we&ZN`?r^DK
zo7bSt)qV^mQM<;-cOL462(O<YwFA0$EH!>6ru0UBTC22QO6;XTla=O|=5a`{RT@i?
z05JmVr*~rrixO{n6K!;7gL^TU%glSt6JYYOvaeoC?)BIV9p535CpcGaIPWauH-^~F
zWcUX|WC<sDuA!vL)+5CsIYE?ztRbtY{F8WfXgxndVE1(M&k}okFLEyDN$dJ`rwi>$
zSwK{$y<_|hx2(zn`%rHHov^6?2S7T6<Rq}o^G3BF8)DaEB)Z~=UO%Y`jo48n<xRJL
zL1mEZljhM-=^TjGAClAX0LbV5h6rOFhIt=S6&v(ws~uzD+<k<^)D5<8;mXQ6hV0Gs
z!y4PN{#q4}#%SGD7`dvqUE=z^Lywd=hu1bdrhWgezS64UTxMZLk^2X1y3^qt3S9I|
zMl9wI)ubQSI$&i!$FvlfGo(n&U3%QA5wPoKEd#K3W#?Hf_KmJFJGsx30ySn4OM{7K
zrYb@Ns;^dvub1Y!-OK{ij%wD$+_B>xh&1TuYE25=GvfYDG56#Dv1@0zRoP;WaANMJ
zid}<NXJ*$Ft{kz%bNJR86N08WQg5p8Y7-uJ%ze0~Da@M`HKcv3dqQqL;(9pdzO_+U
zv&zT;nG4~#|CN}#pW@Y^jnkWj+*gBIR^oP7rH4jbSff$r2JLG-x6r*b?s+%nu4)uu
zvgR#xPg!D3`B(8z)6dd<y$jrrF0p2wl<sVn8RAwh=H{h~3l-!}BTqp()>-S1sxE&*
z_X8=%j24mG)D$R@c{?*(YoRc=)_L~*sOY=Q^Np4Y_F|pY@>&iHw0!Of`Z6m`j=BBE
z{WVfs+jxr0f|>&fk9<*bSWL@aJC_=r9dq9)D(S$*Dk!+3)p<7DETkQmGNK6uK22Cn
zV(wd{DIn#TM^g72>4#$OUP?h&!O9Je$%wjm(R?xaGTd?-5eif#{JmoC1*#Q!9b5{A
z0#g&#pLEKW+>1!E`%bGHeL`e#^g!w+ZPJpZFN{?}m>W}+E~xWNlY4n>tz3B#FwnOx
z=6<fRdXBX#MeEl(PmjK;oPlMkP$!bnn=yB{##XoW7OIlfb=If9DLnmylu%fB#bfSg
z{;Q<U6^|4rO!&^vQi#tpbVCLK6t)i&ISS3HU1GrRxh&>>yCzSykYkjH{Gq@TJRd+6
zy$_{?xVO&w{h=D3`*h6qa@~g`Uh0;+Pb&Xt!qYqEe*btr8uk+K;sYfl!Hc@b+?9<g
zzCf9eTwZ5YcS|V-lfdjVxUHCX!6}btAhORiF#4a0x#uah2qB#G2=r7R&hGMT%ssu4
z(!f;Ju1m;~yxn{VIDEVBJ68m>T^$wgyAvKW<{tlF_c0d>lHFdet6SmsD0SqO(=IW0
zePhG@Ekq;k-{QOOh`C=-W5JP!Zw2$agvW}xZ*F8i)2Q04Izf*dcTS5&%n>P>suI?q
z|6gTnMvu3Rxa0BsJK>uiP2ucJc>X}{qFN>BhB|BNvKlX{B_gUk;FRgRL7JyD#d>?f
zvj*fIhZXYag!MF(%0ASptWaPPhC5QnQncQh2Ln?$V>p0|xsNsq+e>;IcM`4nIyhZ7
zq$C)e@Z`nZTN-;c(MP0`?_s-1h4NKFTdRN}#-8yp+hgvB8Y{U`Wb);-i(B%EPUp)d
z1&7!9KOUhvM^<BZz%G<IsqVi{Wi{G=w|{4qv^-0wYc$!{hXN0&Dee8nPK)WIs^z4F
z^-awEM`I1ROp^93xN(Z=HpU*|ih*dn^gzr#?!W$Sd|^~=6&F%J+gvB~l-N$<?BPE6
zhmy=_Bcey#3*-LXRMPXGXvP{%%p)I5_}il80%ecjw7<O~RcK~vqG%xtg0nDv$v(qE
zI&!op?W1FFal9Nm+C+W{xv?EawWkALt0N?ODWh94B=fLkby{Yo#?&hbYkAE5!SOyc
zSGdTrPNgc=Ay6w7v(x3p_fUWaXXM#U<#Lour>dCyXC*A7!8oKa?ymD(vL>aAhf}pW
z6rauncg=sgz{XtyiRx#?+*dU!k*O;C3>Hoq$(Z|k)ta{UFw^XHeB=8aQ2b4tY~VQL
zQZO248^`pddf}CI(VbT)mb#KU6!?sL7V38Poq|y0bXoMhC}m1Yo-g8kx})VzYCez|
zH=Fe}mS$Ji`8Ss-GA3>Z*=L%gFxC-H=2xsmCY{6JzkyT%_o$+Y-3fnZsli!HO|2nv
zG}TX;5c@(r*w`m2nti4-i>)i~QPpr2QjLgvXT0<rXtibGs7xL7Yh&&sjf!+kR>{ZD
z<!OnX5HcGH4Q9bny_7G?K-7O3uDmGY5^0JO{IU7n>}-&m3yBVnF$@A7LxH1-KJUY&
zdE=J=V;V8JFCfU2eHz0HmqBWdPpX5BZ+xIEp5+NQ5%BrA^;pdP`SHRU=(&O^#r?Cy
z8gZ$rMw6bjPFGeu*;{2cxInKyF%tbWMTVjOb>1dF$xz^Fj~k&okR4<8nT4#TMnA23
zuX!fbzq(x5MJO;nt_cP1tQ&q?8%ZvpMfybCd*Y>=DV(d!Df=-OFN8ttcvQ{fPTEz(
zybcBSC;V(fopY2yUy*&0>=uUeZOuNjn6Gp-C9)gULL@l%83`2-nXPJJ*-CX+)Kj7o
z*OvO|v$WJLBjrlqB`R1%l`bJ~z|X0gw9YSa-&|D?s;rjviF`_|rBDz<>%!gZRL^m>
zO`*07#@rwMUytvT8e%8wJlXFnH2tHLn)k-1bKh&1_E%(fBs}Mn8ubvVh&vhgd=B&M
z35udK<Dq-ejM<caFm*FSg_VYL7A`iT;-M^K4%YNgGCAp&^HxX1{YyOm)tGx-WA{l<
zA!bHnZl`h3-I40Yztxq#5K}^BOw_A}hXS8q<&4sL{3pG<lq2%I5YLyre>>LV*=IPA
z;2eR;WSsQij*L@tm-<YYQxzx2zqeEtO9WFuKQAQ;Pg1eiBvrBB<AoZj{`gHHd;X&^
zyI2X&FiM|gRu8;{zIg!ROAiPu%zU)DG52<nhb0VGeqs)8YoEx%K-R{NRxK(LJ69FP
zthZQW7ugqF58?dAQWcB{hWP7seSY{$RW@@`N+TnW#@r|Wn^4l9l7{l-^o-}1#@u$J
z?j|w(AKSwrS@{B0)Yy?4GR@*1_B*yEcB_~Z{2X(C*f@l3vq8bQNBzH#wF?O@DzeLe
zM5^3IxreZ)h&;*O{m%y#W!G!;`-QS39LQ3@{@)@+WsDPZ|J1nVa9rXBGqT8DaxDtV
z!@mUHPR5%@WKeNvLIG*Pe2%c4JhhT2vO@_H)*J9|i`BQxVa21U(!JGqv50-d;wMrK
zyfr?39mzqOXeJc+g2xJwwM9*D`c;g+eug2jtI(cQ2~ztn6=(b22IPDxWerb!$Y*4k
z#hREoNDc=>7+$5Z;`l+;S1ip%+Agh!OKt5eaSaqB>e3(JQ}theOH+%2rx?4eZ4WeR
zN{v8Y&e?I#-Ee;%)8Fhf1k}(kX&h#Bi~#~$M#uONYDQzZDbh0{?vru<qm=8pT&m{F
zDU4gqNtP<R!6Ij2ZB+GLYdE{nWkvQHSwC;tCG<AY6(^9&7-3Xzt)-ja@DHQV;4_0y
zmEHDZvT`nzsZC>Q>+%SB`X5Xr{a;58*}3+>%B%jiRiu`ZdhHHI?~?yV)OmnMSv(E=
zEtg6l;qDS3xg>Aiw1Wf)y@e121f`=CkrFA=E`W+4n1l|3pkPBHO;J&LQ7n)Hu`3{A
z1EnbnmPA1j6?2#GH+%8_<$3bl?(FRB?Ck8mTV`kTiKW7$qjG3yYE*BO62#on{?W36
z3hDH3y051<Fnc%ho$`fB?_C;OLbjM%mBx6eDy@V;QTQ7mles6{aV<+@ZwBYT`MxrP
zcgGE0A2CcRSlzGDxFy&K8M1j3#qPYQ?($|7lD9(|CtxsI2kwz>i{W!ItC<M%9rHBP
zA<WoIvt=$k`IS&_Yf~EWN2{3AYJSH>^g7(+t-L8C=HJo?7SMshevrtBxm*_U{2n#n
zM<l~<7G{_c^<I>b;cc`@>~&^CGNy#Q^D%XLh{(|tT7l<)y36>|?oY*H&=vTQOs0&C
z-oTUWIt2T7BhOK~`FBJTho~2Y+Ovxgh<qK&PcuHT0UvDgDaWlBaDI9_DXu@r?vCqI
zHned|S}Lpx3h#(=M4SgT3{$PTH~f6md@slsKuo3Gap9%0Kaf~xhBPO#EaG%uY2~fd
zru+b(iyf<pYH!fHF#GBCD#bLJrmFsHS%XPAf*Pe2ulX5~%l>Cw^+-`fdQ4?$EOX_+
z$6`T?<@RLK-kS<Pi!o~*6BkqeAw9FYDl`>quszh*jvoVQ!OOxW#&Hg&guyYq8B$l=
z5NeUM`scOZIi--DQPzG_RjW5jh1mfPM6!`QYu6KN!PdM!n3zRtR;_9T1uwByoZnWC
z^#*%!Q-h7o-rB!Z3yI{u0<X2EkrM}kSh7yoV4Z08qTnNH*688}A~r>JZ(N1i62Qr|
zs@xT#m{j#IoplS)leNPt-}tK5kHdz{v68;WlSh!FG>th;aA7yp^a}%qKOmNfU2)ZS
zkAnFp+3U!RD>rCPz;f(fZ{R~If081}?#2}@tV{7=wr_FIh3^(edn259f5`p?A?rBC
zS-rTnvVuI#YK64~!{;yAyVg&GF|`I(A9lyJD((Lp(WEvM@(@OuWf950s3F2N3C`p(
zZv$hdxKIC^Le@>g@Tw`hDpBJA53j9vYp&-`gR=CR0d3T6zwp;d?^)Y}6H%Iz?zlar
z+0vFz%!0e)?zoX<5wG=7T_#K>eVs8SG~XuuAA_Q|vLe-XLE{cJ@kHd|Eez+?=+6M(
z1JcZ&sm^5#TGj4d4in_6E%Ns8^)-rpd@$LS8?eH-8(hyMjMq*ub!5X0hbJfXhRCWH
zRog&fvt+ZlhJARAt?J-lj5n%o`i9uQpf=<ilmsffjrACfaX6P?dWhF0T^jgCWq%a6
z6KlnTC^R<obN2v!L<xm93e!?RW;a8BA8<;oHtaTB+Cd1=n{gU)NVCBCfUieGiXRX~
z@u&KbV?3$jO)l`0ijm!72;|i2Lp)_+y_k~?N-{njGC*04=)QyietMl(6PeGOn}~UO
zqj?Ktmse)I5e;Z^Ht6r_M&zrtM0ij7rD&)mI{wldLj{{j#|M;@FGF2!Fr3e2RZkhj
zKLYr2ZClr+@!oRB4KMxb7<P@Z6XEz1+5Nf<)nN_w;<;nVP)dg7wckf>(^fTZ&L=oA
zE=!9y4{FU-o$@$q2o^j}5ziqGqp1~MGq9HyKDLp(uFJENd2#wfxl!yZ*82SVGU#^Z
z9{KU0=Dd)LeMySrgz3z~9j~vYM=uFut3+%}O7sU}y{QSi^bXFvrFL$6*XvDZm|l-j
z5|&@16`LKMd4sHmoLz{YO=scjR(!yif_KXd&&nC`+#ohiDOZ`hta#aX$Mxrgb%mBI
zs4M67&cge_*ZaDp)V`o-?}%$tw`E(dfH49;n72dQ{8xY(crJC(;lXtl9s$>U77M$2
zzCBRTHdBc2st}0Qs6vM4Udk{rZxlD3KU(oMdQan)1{ge3@;LEsYUg$kj<~+t;@U9E
zh`geFp5{#k!(f9#Fxpu0)kcPd@`ds@Le2N76juln?mSh-B3+4Wsnlbys>gCc-XzXM
ztwzCUcAbR6CsNwzQ23&d7^-l;6I^!)e5ZiVDrpT9Fn1TF)~n$taw!&p&cXvQq`O5{
zlLa^QBEf@#duPaZX`zI_4%K>zpeztZt#C+$y@ZzlJGT`WdSe5gVNN?AYVRTeW`#&>
zLReavIj%w82jpTW8z$U&iwJ9PX$Y$e!b%(}LUvoJK=ofk#UY}AV-Lk;cpj8?ics}i
zEtI)oE+XhD46Oo8$>H3871$O@Kf-pM)hN*Nd?-zSEL8E^Arsy%1Z!AfQ1)W0VW8dk
z5G09tyNG8bJecJnYTKa}v6;Ty!p>E#aM|?rv~#aZ!Lt#pQqQ2qYm@(#tu2+D6y7e=
z)#BP1>gLABprqabEdw9Hsuf$#4r$du3X9^o*2*S!?#oa$Ho#1VXN^?&Zi3E2^nl~W
zkSJ*`UQ`IN`4lKde-wHnb%?A|*$zmya8;c^<5yL~PY@|y04+iEUM+%=mY$5cT@r5#
zNRg2sx-AV(!V0httOxTg?pK+8!tw*6kIq7xQS3ye&R+@}Yowm;ybToTxJZ$nytYu#
zj!0cHc-Ne8Qw}x<Q*1OgxJo9iE65M|gj-aRaUhvoWfAH82Kk6PR4tAG*4Y+Ng6c9`
z(#dn{ZYohkT_aAZ3I-c+Ia%84bK#&En4S9!jD^cphdZfb-C}xkM*?v#=)R#LwKwNz
zKAv``u5uwz%AHRZ$CeO(!694|O1^OfmZL6;B9qyAUi>~!1jNaGh?5DKD(7)H4#O!u
z%mur!@us-E#Rr%7S`BL)ZL}S!c}@z7ZW7|R$sXa?lV?ixilv}iq)EQjo%QQ}O-Q>_
z((T;u;V6=iLWuBq<k>01vr8&DE>u{fd4lLHd>aPLzkp?Uo+a6MD^!ll5MDAoOMvNP
zRhGcLydVMSCn@?B#L~xY!3Kw`aJvJU*7=RVH^Kx4=P@;iJ5&6byDc3ov#BByZ2uB7
zglYJd7AhG?xv!mD4zn@4fZvN0;wRO%RXZs*!*dBl@ii^sZ=^UW<ta*unp0c7tmxVt
zdI?ECl4LNLRt|#LO~WL~ofm*eScGUphUa<08j~B*w$2h}E2eTlhUb(Jp9_VDs7shd
z$Ga$XDdW54{aivdLd(wGip1jN9SJ-4BZ69^P{r!d264%rJSrOuuPa;q3e$)u*^>vo
zfW9__nbrdCZcoqMZ@H_VH5ch}n3|D%LC?6d(LQ=H)APbOBft7NeXDV{Aj|XVjIfs?
zvpg>X<ERh<Zfn4dFuq{go2sP(s~!&hF8GjN{O(h{JQZ1a8}c9bIn@~n@3BQ8wSeJZ
zohha(jz>23NUNL#;V0^AoC)z(caHeM{tJjcIiv~g>eAHf-Byw1s&RZ|{^GPm&%*Gw
zkbGk^A(N4|vb&voNi^<5rXjxHfyy&o!s{T|ao}J=>0ursYH`gY#chJP+Zrm&GQz8Y
zB@iLL+Sf~Jm13rPj^hL4I>LEh*um?%^x)JUs+vEOGYl6mitgTiOe!C`4wkt-gq8Ft
zq#luMc>wI(KWL~}8Pj-_Lvn_TKH0gS!?V6Lq!yQ@g>EI=FR+h`R}j>&fWu=!uya2H
z*{sA_4|??sFL+ip&jqu-`u^Ivmq|64A_=DY7@MkK^(D;>Db81*Xe_csF5TcF;*_XX
z4Md{q>At0qtvj|>QvFzCOZnBHnKy;9$ozy?P7&5l;qVP{zy2K|?Gw~VnCg@+#k;LG
z(y(FFq>5DITgff7dCINwc2C|2$QZ+Ev$g;~Hl#pLUVDK0S>3k=*k`NJp1y8tt-!da
zRy8;uI`QlyRW-SlP(&;}brVftbf%0UK=dR?ck|?ZM8S>$ss)05QF7H_-#rrowA(?M
zqoF^Mz1yn(9mp5?4JBo|t*$Mr!+5^_KPTaG*sNpZh3W4m4w`S(vzSKq<6qORnK+C6
zZ=N{L;5l7QQ-;Dt5nQx$7<x8ny{v|W6Lc?ObQ>ezeQMHsd!f|;yPpY06B6DaL3cDV
zatO~;88+&<gjcC>9kVH6dJcptjb?-kWH>G}nwRucz+x>AU^f+RrnMm4m$2!WskbEj
zfr2M#tqA`?M(tg#bxF1YCYo&k4i_L^?@F30V1m&O;Nt?Eiiw8@Th5hQ2S6P~x)V5x
zj|DFZ$9|mvhO0c!8u^45kjLn3bS6)jW4KWOhz|m_e8%iTc(NoHn1v;DA*$QN><aLT
z3Ky9-5$>VF(~NF}Q6_MnG`kZXtHR-W55hqeepI`e@HWC4rf)q7zYTM^i?*vQCs5O|
z!ng(K1%(}E+)8++!k%aLCj5X3e`)q1{FUT<!7M(%Mgk1hRoVBe<jF>VlJ6iK?)Xz5
zKzIUSJeV5;3C~bCy^TSHPl&L_X}3{vuOr&L9niOc@Gd+Ukcq?aA%N;AN(0TIgz2rY
zey2H%@P~w9SightYz42Q4<|g7u;I9>-AVXe!n)&CeFWj9!Y5aGs+ylv*kkljK-*HF
zxzZSIS7$0{j8O#iS4AVmxQlS5f`4U<A>7!Ct1(#j*j9eH_M0wdo{tr@uIcclJnMDj
z$EP);Mw}e8;_-B*`6iRTtW9XeQ}DkPkEg(VN}EEGuR}*q=-LC7>Z>lEo})0`aaI>o
zP_z!ifk!p50=08H%96qHk}-|gCc)x$+37-LtxVk=>3C>j`P$hN?Q2f)Xwn+}UdgDq
zKW2*gCl8iT&@+aZey&vE&BpzN`QC${t4ux*EBGE=tUVVIHXKbgvGjae!FL*B<+(wH
zCo2Qb7YUn=uEvAF`IJC^y;(w-4=~IhF-i&ZkP$q_nCnfk>$G!iVw&S6O^iBe6)ZwN
zH^mu~o!eH`B~PDE>^v#Dqo=lja0KB<$35mk!X-l4@vJVEoKJ}cE!P&8fKbD@vZSOP
zt*qymzAlPbFnpI*JUUun=gs23R;#S5jOAo~m9WFytcj7PoqIb4n~uiHL~|`Ey7{rW
zQl;D?ESWbMVxVc~_ExO_ripdte(=H^)0JVSj8UeejxI)-pNOI*uo2bxkgzvJe;jRg
zIFghBCX=ih#}NHVK#d*07*Bz}PV(yQwKWBn?wP`9D(#o)IBGsk;y8$z^*H0U8db+T
zY`q-V>%yS!GM<qPxB61S51J40)bdf`$Xuwc2g%Nz$a<^ZGi;l9Fy|bk>?-ern&TG+
z@jN@11p%$w+7yGzm*7hO+<dMiRd`>{hcR0^XZQsDd2%N>rsyw#C5gsojQ2SOp5eZs
z!e+E%w7!L;QenyQt1fnvGV9eYnJ?Sb9e`@)DrGEb=Z=A&sAk$WHT*_6ju>JmSs!F$
zy}5&88k*;{oq+7zV$~YA8M}zZK*MkxGIkS|uIO-NVi+m+kfg-=`d-2xN!Tpb_Yt;p
z?<Tjy@tpYzv3kPtyL_ygoRNasnfocIo1=mD8i~vjAYmG>6Ml!VW^U2nP$XF4(zM@c
zVhDLqVU=nJ2+xOHcvsyQYv<mh#P_*b0XR&dl$d_P@?qEb+*jrnc&7Q@m$qq$k)XV6
zG*zmlzhS;5?RJm4R#l@vs~v%*Xh(|iHo4y;x8tON&yZa9FHouH^mhS&NdeK0*@l=q
zP9tnMUf13ye2<8Fx%Pq0J7R>sH9oXF!5$NMXmOUXq)#?Jma^vh`U@XXy%9w7x{_kf
zH^i(_Eqmx$1I^>au2Z;PN&9wIyasjIl4WL(ZuHVVwLCRpL-mvRRTaQ(`e$}ELv4+A
zK>M5u^m06JirJz}EcHn|lgoOK$+rF#X=CwEeu}iYlJO1WG$1Ed@m~vTvwgFKwR*S%
zsv3WZ%tl{ASuew+=6KyaOSXwXHJN$bW9P18{#8%xB}axv%Fm4pU>p!^^Ct6K!aVAv
zTIPB4J7QI;vRTRu(atR+MRzPRzb9p{q&UL$9|(V;N{chZ1hJ6{f2@o3;dT{XV*W^Y
ziEuFvE{0i+YQmGupOJKD5ooL9!u1Mx>QqeyvsP(Uh^kc!<5zxC2XhtCQ|&P?7*`-d
z)(M*peA9O6>{;e}O?ps*qd@<iq=rKOI09e1i&7&TW#%=Y@ghZ+_9rw<$9_|0(i8&Y
z4K%SKWKC0pgR{Tw>W3vX&-e$#298zQ4H8{~Xnv#&2Gu%;dpz0-8i84e*9?G>D4B-p
zLA&}v2^o4#$pn%ej-`gi*X|j@n&W0oCoDsY#_bS;a3rjnpCO9X1)d$gN2M0^c_Yd}
z5)T*ALXoGDOV4IxF&r<dy>7ZWI|bBk5jBF)yILgJ)VVrbzgv&$VkHF|Hr4S@mCI_n
zChV9|$1*%yd|gC0B7Q(6N7%Wt2cu7>D-|*WeS9Q=I}|#4ep!$0f->z>V<FamQ_MKX
z7kCcVUMehwpK<TQL*zPmD0)?K!^6aO?jeXe@~F!u-uxphF2*V?2HOI<VFE;?>zR5V
zy@Bw!;6YxEqx3G9nMbq~0oOP8Yl)zdqm#p{HlX(bc9>6SviYot)<kSIlBv&6z6m0$
z7=4(Y0=4S<^%Huk1k&jhmITI`|LSRqS}+!eS(UpAJXd|$lF6Z$YUzS9i5{9Efo<k=
zJrmpl&q;O1GH9?6NWOvo24W^KtJkHHUEy<U8X#81Y6)R}AxO-1f_h(S+PuK?i<&S5
z!mg2ruXZ3#mIS*cvy04!&<u_jk=p8;Np$oek)f3HL_jZeMs4)(%$8K{vag*qR`^UB
z>oG*spsOq%3OvVaZ{8-zYN)_-s`hfBJH*bwM9nhU`-~-TK;HoI^OO?7lT@sCswX?v
zX&tE|%FP`)8fgVfmizo*wFeR{R}ywo)XbwK?I!TyU$XLjjWoxtQq6Tz@hzc}N<pex
zGm5mZMYSum&Q;`lyTDVU+9eo+(P7m?$zT|=3;sYq$?Xi~j!}C|lz!_uO8*U<$Pc81
zVnQZHB$aRDfy_}Wf`e$=!<U85K&dpjqJ1GUbus5iz7a(d!=*|JdR`T7d>XpfTCEbL
z$wQ*VnmhT%R*=IV3DF7GT>-~ksA>B1i219~Zkc0YNLo>je{`7`^EC=aJ{1!8Uy4*9
z{4Kcl3#Dgi^oJpEAWlS8L>0}3q<Kiw-hue<qz%8Dwtes}KsxAE-FiskHnVu>9MHpK
zRcSRJEY`*{1omO8r|RRysJvl%web{>AozZX&eqW<X?LTl!HMI!7nmZ&4@ES~nbR;_
zml>15rnpqh1*$SjM3r9Brr_f$?!PH)HI7AbaxN)3W-%#A|J_B-)~1FscV-8_vIXO+
zGgX_;Eg%XpOJTart-|yQD1X>fLIs-a1PAXpZaV8H_X45^sN}e(CCx`@{{s@Liv+fV
zc9|z+>t~M_w0>;MB{r4BQnUDdnO^eJ2_C-QB$QBJ^L;{nJJx>0#FzCK%c-62Sgn=8
zU;;?yn=o<rM#;DbMHvbC!VU=S-6sI)JMeP@_xZUd&SVu|7VlTb#I-PDIz!F+45WxJ
zVQW44+Onxy)%2?5!&0^KPKxeOD{9B*#xe@LA!&E%GF=Sr{0Z!CJ7Fh6zpky2hIpA>
z#HxM=0h#79^ARP&n)Y+dN1YZ6<)HZ?*SANJwa-s55dmNAe=r`SmFr#8ob`uHp&`u1
z#uMy$WhO976SoMiHq{aM>&w+K9+!1ba$U7GJYZ5sPhsugi@R3O4Olg6<BeosuygNY
zKSwV@nRpRU23|b1NqB_p$7z6lT?P8P=rIq_N%&l7L|LxX0~f#{74Ke4c1LLAhRx8R
zai4?>7?WgN3F<?o*KKO!i75$lTI~eCM2`!z+vy?V3nk0CP<W3N#J5cfZ7$(wLhxC_
z*7J&6f<X-fa?g#<o&&XmXQ4_dAVtUT;Qu(rDkd}rHV{6ryjMvlq~`0$QQ-NicI1;s
z4DH;Fl3#7}6?lqjc|RQz%XvxSGbU(CT(?U&J@?f(XW`=7@&8(gyc`bbS3}{`gjs<o
zE?U=K#cxbmv~hS-VU$4q0!fc+P<TfzouT6WQjP?Ij<X>_o~~t6p3r1COZ!2wJBWH1
zt1Jg?CH2D-oB}tN@)t|_5Kn0%d=_{%)Y9$~s?JexjJ>iE#+*Kw%Ih0aF_wt|{RqPm
zOR%8M!Lk5l`%RyX#VIPJ*EW6agL<7L>7h_f7fS;zRt&IH7}P34Bw04gVyyV9Cm|Wm
zs!UFBWE)U_Pn3e?uIfut&}^9<szW(80y%|+k1~=CI;$jqEtzV0QYA145cs1~!UIy3
z*<hP#^mgleLYjl#-dHUegNDgwa)GCZZ)q{+3V*bwuf*xLPd%?(;JIF_!M)AmcGrYP
z;}GxPz=nBDRf%J}&_R=(D^RTi%pI4(`)L9%%7;p}u<hI-%$|(n+7FDC5w)|YJ40+9
z6!uS=#cMv15?+M27V<R?Ddwe+s9ACZ4dfyX7FwSK_4kFB0?$;%V?aAWF$JC{YB_$V
zR)w^gwSm5D&?n!B>+Bg)OF2QPp$Bztk%T`fI||dz%3d^PZ$W7hFyuq@JPG<j#<Zs3
zwizVUoC98hojN-WUk$KMV;FP`-V)yHgO(NAtTt8(cc|{x+V9**B?Zwg9TPyMtj(4K
zgF^J@AwlerO8%*iEag~BV^3A3cRp^)G3IqP80EWr8lgsgr^vBx3+fn#ihy5}ENO->
zl?S0ExL8Voflt*q9IT_7l+s4=DM`Mu5PrjkhkC#lwGzPqTnLF;J8lhi=oLZ<Cm#a;
zO~RY>;*Gt@>j)R}1)g(i5*T#6h5in=bN7K`+$VXR14Ng_7m%uJi$JKZ>E}X(KS5WF
z<PhxE{X)ym{hbUtE`TKbgJgD@zM;IqF2UDAG7EP9Z*~&@x3o@2J{XN10X5NW0b5#(
zl38LPQ<IIBYh(?3LF#)1p~bzXgvP#nKwqYUu#2-N6!jI7jm;r;#!l4a%NM+*M5O%#
zRE<g+wllK)L9L7e3EzT=o;Yh&ZwM4Rfmi1O3bb4%uA$LANVKV)`y^aMo`ghiMyRne
zZ?khh2By~m*4EBFDO~&<Dty{9@+_%Mx9JND;G{?<^$UhjLL@fqRo1_78?%=})wjDM
zq{x9J(^Ys)Ru(eF3DjvrjPhDLTwSlR4G}PTa#^&kXQAkO2Z%-7%%M^<J6DblqKE5F
zh2P^B@=>?>N^kM@Gu)JIVKNT<gtHnCfi4&qRyGmZ7gSx|7b&k5Dc2LKI8WxKS3=R8
z)KzAZVe@B3@y0w6@u?8;W4@m9*@<jLWiwTW353bXTPt!ITN$TrnoNl6Ofp>vG<Zc-
zY;UcqB_fQ{e8I#TysFP4LQy{gE4Yb}{;ZV#jf7^@s!VH6iz>H5#}0i9#ats=-j*)#
zT&x|5hKtc0?Hd~J0vx`IEP`&`^ktKA%)AiW{c1akcu&8167`AtT?s&xl~-DP8<AUl
zEzTF3>L@tp3ejrUhxuKv`NG(TOrPukp?bMgpxJN;=^>3O{Hyje!bDy8`>b{}<4aPN
zJC7X3j!<6|bBZY83N9z(GDkJp-L)HTf7JH5#=LwhYU-~2MkW$%*q|`1mgr2_xS4fT
zFg!e@LBZ5A5g9pVt4ain`$9Qd*XC#hy9YwkF|&9J8#w{(mrxP0wY6qOnS5iFRFZ?Y
z%9e1qS{IrHo<D0bIPp|mG_LJCQUoQcxldkDtCHqh3IPWrc;#qPl54q_i3s$fuF{&l
z2sqf7QA5j;%b}FH@^VM9s6&_+oQ>dQM1{n~kQQk4CJHu{iK4MYFX1b6r_#YdBv0K7
z-SiJo)|Ut*Os?%uJnENx!xUB+bE-<7mFmhHwgsMGZ7Urh%Y(4kqE<ebUsrWVCx?+D
zyphtNb|hf!scPM@7SmUoZr8>!hpcKnft++VRjc5%SUTBGNJQ5PPN%sZeO!p|rP!5l
zItLfbmE#E9&x*FHaG9iGM^Y)vi5^2mkkbL_TOiaG(1lH`G-&@WwMu^%WnSGUndXCW
z0t^j<psIILCDRZy5f8SFf|0wyS{5y!F|0i5%^{?rot2+J>CW2a;4P%Q!|ok85J-De
zaQM7dU0}1UMtjLzkGQjIm6Hb|Dj$IGO+BeaF@bRGcq-RYQKzaX8#7t@vy3==q1f-)
zrawoR1tMEB?-`p3uNLZ8pkDZrf|eOC0R0%~EsN=wM@|XUEHt(Ng?!B00AKx4n9DKL
zN-HV{b_f0~kkc5G$TvLmOI8tw?gJF@2eOy~H_dC8-Zz8tGx7gCXbqqn?|%wRL$)49
zvZSxkva~%76AMdf8|nlSTRvCF%h`Vy$Tt>SyT=K9NP+d&?<Xy~509|`8TK*d4Mvs|
zYISO(mKfKN1Z}06n75F?r$ZQ}I}n)t9)kLpKn^yGagA96wfNGgNGz10GWu>DUNvH4
zBH3}kI7H3wl=3fAeq(rFRXg0?gD7qpBPpWn&qL}NOhqg6$k)U1g7FUdHj!$)3|{-z
zgtU1K`E#xMHBsHUnb7oS9^V!pTHMT)cMzUE{(uqwpI@a8p44GHgfK%c@rG&MC;EEp
z{n9;TmosW-<o8!*gjGiR3Y>9iKBIL&n<Tcvc@IpDJC&}yO=;Z#I14ZOW7VrB+81J`
z``3!yJSC6EfS@)cWMY4>KQ^<m#G8cTc;RmTn8eGZq>@5^#CuOlG#o=s-5nQJmioib
zVmrN$!};y6mqo1O_Dw*$i<s>h=Wo!G+pPhujG}GNP5ubOD|t)BT00}=>#_!0@dr}N
zYFutv#J+}-Tu+j1PuoKczU`-#`hLa>h8~C+g$ecVJl6a4Xu-kA7$fCicwBplnG!46
z?Qd`$7a;*HMV0<77df-7*lJ}|7N?apKZ4I3Oz{;jK7VZCV9BZ*z6rLchd<($UnIIm
zS!Bg*DQocb@9L&*tR@@Awr9ORwsN?F+{E2=u|5B?G`2T}kx^Yjg4*Ygov?ud^j|35
zGhk&|?E84{z^%S2ueCom3a2~FvV>LJ^P)fEOu58U#gN+e^!7)@arr)=-3NL`OuMqw
z*?2e#YELLTK+gz&Y+`?jM@x2R;XHrDBd-hk^Ps!)?kH^_cQ5LyX9Y51x|T(R;ZTA1
zyI{o|jA^GXFm()xb+|t@<XOesqRHMfmbV@(sbj^ak8#l-I~3nPL48Ds&jNqMl)X~$
z=Mv9|8B*H(Z?GL5RIRvJw-g5u0bP90bG6SOvH6T}bwfpe_eVU<&CG!I8MZjsmp4<l
zbpnm$&Y-+p7W+b$<P}A=Jv_MaX8J2lxz(BT7^=lhtI@c-v~V1-K@TM6;bp;Uk8hQr
zu`5)K+5QH@X9;5$Lzd{_+#Cxu3emdTAN#ZN$goM$xLp;|ftx>=rHRpyH<)*}i^LX$
z+HHeBc2*<d@(uX#2Ah}Ty#PxcB@J#z*(nlTs-m;}5o;b+s6;bj)|CxSnkbagMK)Y&
zsS67cVua=m)-A-fO;G2vChb#Q+F&B>)3AGO6I5h#jVj<Ap=w^~kJvgBs)pEZdIqd7
zYw+t4rD)5IdJGrN!ZY~DBX@QZzF0G2E|kTNlB)u8>nP?%V$rky*j`<Qi{C_by@9rI
z;O4X2BvSp+AG>NJ#B^NpxFDup9OH&apiQU&&sQkd|806IPLBB_UcE~=xtC~0%yQl(
zfL3~Li0hgD*rsWus$1jUpd%_tO3jfPaz}%@2kU)^ZxVOj<<itVVxH}i<Sg9mPaV4q
zR3k&^c!O=mq>2nT)1T9`gQ-1>gv@R+#O%&p(XG;O+6)M(7Z1~W2yPqrap!F-YyRR}
z5<Nv$2lpK2ZWY{{rIF?SVysQY>?7cM0|P#Ug9dTB@6inLr|%-xuL<_hqj?;~-~8O4
zkTJ(64fxeF;8I!aes#^94H{hQ2kQ@dS<1MDL~gVD8*IY8NI>hT6o78Gc7;Ui!NHwe
zmfhJzVq4K~Jd8z2DfuJJ!~wtJkbYfrVtt;$Fvy*^u`J@TV<Lk0MI^i$QyMWbC+04O
zwLvG8x)dC^k7S+04oRL>8asf@oo-ilw4Pu5U3ToJ9DTatX{SHpulJ-_k&5kk$saNN
zkVJo1EME6VjQl~V&;6QMs@R^#>B8cBM~kKYTs3G}2QiKR6>KeLIT)cYO{ZP#OKAUn
zYLp8<ZIh<+9b&(1R>+N?dc--XwI|cv|I4^&UXiIwJ}Zm~#2H=8UM^$a|NS80!VzW4
zCO+PcwDt`I5O#;MfvH;<Y_RQ3g>gs|Lzus~tn{XMQ_>tG%+3JrBFpRCy9aQ;E_N|I
zC#MZZSpfKSF^)M0VC@GA(90+U;Nsd^0ylZU_}l0TU@RDmPAPz8h`G!p02y-?;BixI
zX7IPC&A+GsOLQ@u=>;H_uM{-$4Y8iVYf@N%VGKY=Q%q?3!fAaz763*oJDME;Hgr~i
zzIrb(_CjMuYXz98i%rc%0L>X0$<kUE!y3G8Y2Wef1Ms3Q)-{U(m;)3bS((^;0$?sz
zgu&>o_XQ&eAbXv(V<Jv-@8;4HF4q+k%H~G=5&hy(fR{}%yty5~R8$!PmAY8pjKuW+
z?Wd1%oxGvrx-K?22eAL={v`4K=555qnLr6~&2gV5201u>)BgSn5+=U*2Ls@$lp~vK
zIAC}UvCk2AFO5D?fY%H$(y1a#_%#JMr4A&L=%;&7KeDVh#9U`Ig>dnWQ_g9cnCx%?
zS9?HQ@8~V{JMks+G-*!98-|$eaFxs<*KIs4u;ds6Vh6??rmqp2nC~>=7SLsGnll$Q
zMiXBIGxyI|MZKvkd3KSbn$I|A0Zb&*#nWN`$0Yg#j*W4JVRA{A>0FI5mfXDkrt`sO
z`+lH4jyN|xwC$wlIKI;5Xan~&TC9v?`d<)hdY0%5s-roIv<alI1n?&Fml~~^F)=3)
zcN=-b96NP6=-}#?ewDbqYdx9xFj{ZYP;iZOV@eL}#Vf8~Q%4>@AhEdP3Q*rD2K!qm
z|MR&5G}Ptj<3|94nkm4C<}?7}Meh|p3J5txn+|}hAYoG}&~^+q?;*}b6>Spn1jmEM
zy~O1vR=a7!z<%>SUcYX{XN}CZF@wZPq)sa^S78az_D@jvBue`{V$RG7M!qmaq28&_
z0@X$#{^c7;-l_Tn06yk|2!lU6Mjz|5i9bS{R560q=m)epJV(D_l0q)h9whN^YWkR5
zUDNJ2ifhCV)QhuKvZ<GnEKZr~G1Ae#iwrqY@dg{*RiF@B8gq%u#kk#%Nd7uBNzQu8
z=GtI&M_!wsPx8y;@6Ft{hEwJRIl)dHnFhh=JK91LuaI}InqsjPUX`%{+-n~SsToYy
zJ9vW)XPsBrpPNg-UQ0FpdQ<^)V<~`bj0$%$BZJ;n{UHF)fRR0i!nCinWjVpZ9~tjS
z4AW$Y#gUA`2dO&O(ZYO~xHxS5<^l-1!_-#*cph%*F$)Q5velXS9qD;hLhN4Sk&<>a
zo}1h;_zHRyWV}O}kxV9Q^cS>MIl&HNs#Q^6>Z?h7RkUZ5WL+mOpX2AsumTdjTYKCW
z3*E1lN-R!$A}7%PSEv>^V)ZA<c-|M69vqRdL+B=HPvr!ijqg`<%Z)W8*Qd}gb_s`K
zKH7|DkK}^b;0#TCawV2Nttw*}<)E&j%uS;N^(W=A>#hYKDMHoSI#R#n3f)#KHrPgA
zZ&!0)%jgLmdy-!K$pX0h_ixHKMr#{$0`W|lYP5akCYmmKn4&*JEnD$wW!y!kR?L8^
z^2J@;<`;zPht17)bt|G<zEynk1nE^e+HVi3(i7Dp_9c?fPZbHI=r863!o;25@RP{g
z$HhtW#9lJ$Yjj@&Z_so4E<t-m<K^;}Q(&c4s<AaEIH2xwDeE46n>aKyuU=Nfhnw4}
z+FXe94iFVzgc5NXx7S&jz<TwaIf1Tnc`vLR9QWg<WYqgezMJDdV>j83kS+U5=$Pg@
za}NM+oyrxrSdOTxCgI3TpOmJmf6~}T>Q|`4J7iCD^wnP>{xx;{n<*6+p;%O=FDJP@
zx!udjJxIomLw`sj#uLgxoEE2?5;@xFuami&zRq3jnx-qYH*$ib=6oZl@yKIF9Ibfb
z6{*aJL?>oI=;yCRB2A2gb~X3mHRcg$_(81#I@cHoZjwnhx}zR2=rI$j88yZsyZR0&
zjX0ocP;MLs`52kYVX^rJSe(oqIOS}vabL6e(G5h>p&QHT)7zkmU#vyM6C7JKSv)@l
z8yhmA<#6yQIRLpy*s3i6F+O|`0Qc}Cx$Rp$(A=TDPuv@DkD{z8!+Gl`8&0yW!==I2
zcGZM&<n?Du6@TZGDmQ-_@Pl<GX~h$AiL@coPHx|oFdUp>URq-m8ple`(;$g6REd$s
zaY_)+X+ND1GV7tbfOL%q3y{=!{X|Z%*?Ws5Nsg-1yuqpcpHVr>^poT~gKwd-jS6tc
z_zb{gRBFW($=gBu+^*(}ru|c@(%YL~kUj*!cbkQt=xm2Sh)!N9(K(#Z-w)4RU9KrS
zZJx>rB+W+%H{qJ{H2FI40g}#cJ4WeW6aSTrksTpy;@<EZ0FMIbQzn##neyU8=4L9t
zAcgknc7(h`iM4qL4chP=g@`YkmVKzuEer#vC^6}(ejz8|{1bTkPT==((el7sPz%G}
zy($mS4CYwUv|mYE%j-;QVWoqkO8cIY(-7yhC%`o-p+EW~7<o8d7`d($|MfAkMK?=~
z%X3w|pC)>8vP8#%JNw`4K>RpJH8QibpCIK8OzbF>!zLO(6OHeh71-GqKm(rJ{sq83
z_+TIn?jBF>S$uu8SKC0$f%loJ+Y``@7g~wvM{B=gq(!aIkvH0rssBb^H*p_%_bfvu
zK4xcn%y9A=T$ruu(;K1e0@*=9zk?jc2sMlNLp<K|2k}9mx3&ab_IKM>Q!*Q&RAVch
zh4(UAbKSM3QL%A7C-`dROcL}#u=FOLc@0L8pz#l}5*Od}4DMb!u|Y115995G8ZqNq
z7n?QXt?2)^s;@OiUaQrNbCiUaXb(hqQ;#f?)8_})t-8h)OMRSC^hb%-njXVz7jW04
z4c9KiJM+?|fz_Hmm3!r$H`wAc%uj0Vy7qaWc+aYXvb<%6k-^K3oVnEuw>`On=IEkF
z0A(kXFZFaojJs^M(&KB)Ax2cTXXlL0GkRNfY8(gj=xom@%LUf=dL4zeUYYAPF=B|d
zCBMUr(Cey{o5-*4)$3(@xRt=j_`VUV;By7OREsO&^tL8?pIJX!?#aRH3#L;cv{EE*
zQ_J0k;DjHh&BeMt)`$lo8<2jhnUL-2D;Hu`>J73zi{)m<RIcmWxlfZj%-m=+QnWZi
zgV`o}BC+(``PomLp&oIM=t<e0{p2<`nVxLVe5nzpu*o2?vCC)reKUn{7m)|{>Zyct
z2uGQVG4vAIU~^CtzTZr<J?s>+HgBoh3Xb^#v1hUM5-c%T)Etp|1~K-?Yr+m`nY54V
z4l^s;(+`%Tu4}$W?OZ>2rn%hos$9FFjWJJS+tZ6Y5jk3uY|l}U%@Vwcu?rc4v0kpi
zJS+Jek(%6;kVC#m#|*6*;RfWxh_$)xxnD{hspr`q4n`2fRK11D$#uCJM{lDg+|<9_
zXoXiQk`1$w(OM;6hp=Hb)Z3`oYEEvnJJ<|utSmWdv`noXRwYJIoui7Khn)S&f!$2O
zd{V-pOS!S{a}=O%m(}R4jeIgCt81?r9=SbagoSe5OfF+aD7;-LtdZ?~WeLiVCR_Ak
zx8v*`I;N<Q^4NS8jHQB|Ne|?z;(D&Wgv*6QJ9i)_8F~{H{9BrU%WFNUNrq>-l)6Xr
z#b$Ws64dfF-(_WS95CV(IxT_oYWnKUVj333;d1hgX0pfIGsMyyC>z~DWm~w(R|0ce
zTr3NQW4b0K%cVbV7?2BdyC63?e3)Wj(ScGl(q(~W=W?>fxpSy44@o#WRP)Cr%wEiY
zWV9n8oaq#)?N&twVoNz~=?~?I@8x{5P&nfalH?m<66zu4a!^Kv6ZDZ329xQ1LsaCP
zIUHZG|D%2*RO&9F{!gev&W|KL!?TnMIpx@<lbw5*e8zDp0t>G|M94&BgUHvfGF8Vb
zlMAtS)*ZR}L`v-nFQy@qV}D(Cj-^bgwGs2b8U?jKcvS8#Fxeajv$0^x@t&Q#Ofdfv
z?lL@Y!AT6~0#y^SmI&sb2|-^3iUBg)^m5GMXdDtf7b${{2Eyq&p!y{fH%{tGoL(r|
z=r|p5DIiOp2PrK4&;Qtx+qY8IR;Whs0js<#!}Bk?q^(jIuL?WuLoMA3upT<i6nW~X
zhj9ENVQm6A^AUJBW{5(Ld%Z!^BM1O9Fr%rOT?AismEjMdQVysj^A}_eLok(D0K1|K
zRh>B53z%XM0>rG#T)n5;>M7hE<McGtEm;2Bm2)_CZMY4MXf9&ltDSs<(;1wqhO%m$
z{7MPJs-uCV4g}BOl5_G6Ip5HR$UKj)DYc610~xWg(K&6cd?3TKPGnqbav*INwhcH3
zWC7<3N-V;*{ul&i3X`0YN}aEe$$|M^@(no)3$L{*3ACvfV(2Ek?x{+3x(8w%?A%Qd
z3BR8zPvpoh;8+V<h78MraJf8)RU(d|Ls<tSw&WWtg~4so+!X3&^iV>(rL&Z{hBTu@
zWFL}gB(;<9o1)+vRNUC-abcdrS6*}UR1(&fK;eOq?Szr370)V#MwrZgyM`2B$LLgO
z$dDu5G-P>e9G2R;t+9{@Q$rPEaoikY)b(+wSusWqIKHJ8??cnkQaJ1`Z6l}6pzjms
z2UH^GKB3CVUC=l$!pTr0edNovf?6qB)e-!-X^{F50%m&x9MA@}KS>%LYTanAG$-Hq
z0I1$ZN_tn)WoF*}9tm+Lvhq$h&wWvS^yYs$@pz~nqk-$nW{1<V7hg8twX0RXav=z8
z_8CEg<_IDCsTANbe6cVd$>CD%ed^Itg(xWq+qbF=jwFLjz?6ulifXkARoOfP=h&eK
z4K7*N+Baimqr_lfMO)Q#vov_8kYF~$zPbe))K|lP5k)Ri9i2cJm8|TV;rSEBqb7-B
z9E7YHU#l2CF$8(f0;H?qpq?-^UeLaf(A3ay@hc4!-z`*F8)t3SESj@w`g=mHq!!ew
zl;LODTA>zE%WcYj5gd&4ItY4J4QX<w5i*d``a#oeWx-o)G28ui?o|XBU1}DOwgs^z
z`j_RlqDeOflRf`2srB^`BQHNk>LMslVTUUDMtHjCH}K51Kwrx6Tt}MPi%4-RgdA14
za&jww7)oZLoB!I=pzd>9Ub1PIXb#>LL}{KQ(@kX3rt8I*BP1{v?dgVMt?Wk<=d)}*
zN{Ji+*Jx+Vf9z_kLu%?gY}{~K!z8sYC%koG%z2hW;DQtqjiXusqiG6?77PEw(lBc%
zvGY*AKn}+hLo38zK6%ZjkzmfxKy^o7%>a5sI6#_}=iHWyxmTEZ$#4L7TMLBmy-;~M
z85~DF2v2rf1wi#aOqD2O)D&9xVP<LSY`L-kP$Y%|mDAl84hOLHzi!kiOt8>Ard~_U
z7|31$IjT7o7Re5L6rs1uf}1dQKx0W(*1>gvHa-lZ*^1NL8Ey+748bs*-&TI)wz7q*
zL=MD{G14;Q@@a1Jy(!pYklatGX^z*l1fZG1*^4mLoi9$R{;J*(ZiE1i1w%J}cln@{
zB&9meQkQ;AahWx**FEHh!8t#H_Z^vAna#|U5NvikL^%9k$+8*JH@mIVP>f)>t87h{
zdZVC|^)__45vHe;XCtUu8_a>nlAJ_`tD5;0ApH@ec<Dt+n*^xsJP8#-a1&UMeg)`&
zSlsCB8df5LQl`pLMOuVwXWCX%y*lJmhuUs!`kn`jFyHBekDu8#De!%C_*d_*pYm@%
zSHQYY?oTEx$SwHAy)c(s#OtDJ!lJcd@g1EELM1os6>Tf(>~U@CTu`EyL^?0zv>%~6
zhU%^OD7RUcRhH1<_K7YlZIu4EW_SL#ZT2YrvoEa7(QI3`i8BuG(%ssDN-J}uJ~zGk
zUvIMGbC=c5N=xDW4|_zlZ%Rd5k89q~R@z8ib6vP@AMH{Ry~%aq525!W<7t42O<C8P
zU#-ltu%Ka=1Tsp_l}49XS;-C~{Y-!wS6JI!TxW%1v2N!F?LI9kqI<ZCZWWS4T!;U*
zw+Abt8@djk6~J#U>mT2Ris;*1e48oaP17Dx<6QMwMRdMv-g?0Zx-R@<AHA(2x~c2J
zbOEe(S(=?Yr6PLm?2Ve_X>B^^Y4(atfArT)saH%<oJ0GUT3#D0wY<Ys^sn9L@rwAL
z9y%^e;gjX?zxMX8{n6i5SeX@u*QFc0KXsyX;j1odpOxk}8ko)^15Z>1N%KshKhba=
z#u9vIh4s1X!pFkGW3Ix0otx*6UUpLC&`Wb}3b^M*mFDbqZ8~kGRT#@%-(t?SK6R2y
zgXdA~1vv{H8Tnt8#=qezdQ3?4cWrXm+gDfQoN*mqBq(2NPOHWnj89l$Wu6P?@!+B`
z+c(c2|L!a+bCe#ZIS+?<*QYMBvNl8wG@MpArsoy$TU~`@E)BcIH9ve<c4^!lu1!aU
z*!P<A+wf7@f#~~P+6gOdw7$%|J<b^WjhkbRtg^7ahI3Pdz5Q>0PWI1MW<g{m2hEXg
zt$t~--(^w5WJjf|DAKv=_lo$&u6YxL-|eo$k=}}iF-aHPQoxUN@4^hv*fOj4y;f#v
z*rg;q@~l|rw+4(9c2}6r3sKl7Rz#<`w538Y-&GjxE(|NR*1L*k3xz6ph|XB|era?U
z*Wqd@;!;vtSdZ-F*axkw^{KZc%?nGIw~%J^-(h8*4gbb<xQ_G6j}>imk}jl3J6<;u
z3lTzpfAo6=(vEFh^J453)fLgxU7KiVztP@sUWjqV9jS<Z#HIZs1x#~wt-B(-bL78P
z)~Id^O*^->z5TpD{>C<G#F3`+N?o_+EE}`XCsm*UcR8o){`h@kMU9G*E<|P=e7H2e
zGcAxhU2~?zw$45qzTZ{2!%8cNtY;=}it_rKy_sNTCOe*WU5K?S|Eb6+O42ar@f&Ff
zr;Xj`pNi;quA<#ieUItf6qm8?Qfb?hR@S-BZ<~o$os8<g%cAStD%=b+oJI9*-`5pZ
zqojF|NOjz6PR}XL8e?S@3~o*PJ2N~bWtQDYigUW=J4a@Zidk49oSt%BaN3n)C|u+?
zE~%)lx1#QGSJ5FW?QD3Rq{DUX?H4QJH@Xg^?4z(7a%yfnW_<<kb7dXuZw}UEZtv~v
zy2Z+>XsEjmyS<$ozmasIhseB{nOGQW=Z=RfE6Z;@XgcS|&qm8S!Idl5aGq%7Jv;t!
z1k{@@QJ7%&xmaP%v$9e~G}Y{*+4lCi716n_!%tdi=fc}-ypHY6d%hz2P!eA+S|=%K
ze*J~n=fayTwldGvf00htz<oHq?D=1>O0Ck93Y~ZmyECbf!7AC&)HSc6dtPj5{P?6z
z-6eM$*M)}oDfGAfJJHHaadgE_v60>9kUu&lLt2w(**7(^x9|5ySEdNL8kd%6#~iGP
z-s`gdveL@JuIq{O+}@Ghes#^G!;I9|x(+9L3sTnIBh)7IsC$yP^Q|vY>ki`?Zj$U3
zXZ<-puD3G%#$L`L6JDV6?WLxPlc=~SBmeob;txkiY7^bLYO=lkY=t$#br>z|9BCz4
z4cuB;S$yBdg7AXwyes+H?6R=>Il?IGxXM1>QFh1sBqlvQ1xHY&mOH7?mY%-TH9w^y
zJK3>{=IMXf^=-;S*(3FiR#vdjTC8eQ-GvX9T1S(L>Pd5*(4Cu7>9nV<taFo=8}{~Q
zDOLeJ>YY2K)8EE0XQeFc>DC6(ALd{lblCECPHAUl&CM#;*ETe|HFI-7nYH1r&eS-~
zJF0!~tf=OE-Ff2Xj5C)?`&=QPeu-l3grZ-ed&4Ci@!6!q9_Q}xie0ZK9gaf9VtV7K
zFWs#*FSX#aVDLtc{zurpS1aOwPMX(IddIg$;)Udti*4Q71}gH%-&$f}3bx@D@g+%x
zqXa?Mobxg=O8zd(`D}>=>j?QmhWo;urP0qPX{`k#oA%E1rX=3{sjyI)bT}0QkR?fn
z<770xk(6dF%T7+*krevKjAn4nvVFh$yMA^^ns<p|A06d95mh0Ie0FY*%gXjvEGbrn
zCp$JKZAweobSw4CD;4ZBhV$F(cj)^Qkxdls+tph}8#t}3QP1!S*d}krx=+fAzkXbL
zX4@o-ns+FT=7sCg7HZ!S!-ktPMjS7VW?*I18^w#P&clt}hn=O-jBE^*qx43MY#Da$
z*Zwg}o|Lh5glm422@G5BBE2rfdZM1Wgl~HIZqc6os9R3T*i5$;>ni$F6nTs3T-DiI
zmQ?zqm3h!Gw;B8C&u(p8Y1d*at2FHEq<LB1itf=?R#_4+(!P~@hMF|x^SxniQen1t
zWWSe_m}$Z3Lc=+)slDPt#hCo0O<jbq3!3xOL8r1)99LFJBYcig#*-QOf0uSGPbyj^
zjqnt;Z)R`5Qel}0qgy}Py?I9U$<p}iNftEy#uJ9^8|f`g>TYFqo;kyHxVg9VFgme5
zbzo9q6X46Jp$oTj^YgZ3ua6o5zZ)}M7xKKpw)gI|GK0}9F!~%!DSC>wSoEhw|9G30
zgXso&R#sr>L6_cgel{ONYBS<g(!5;TciCV3*2mIl7-;7X_HNib`)=v|CtOymlx|R2
zmsH5-EG4#{;hf*<7V=)Ct7N~XJ1?~ICg1E!l6j2Z;KIR*Aq?*Re9`|ebvw6+j`AtY
z?sybi$j7{$BONf%rzmM&bH>^Nx@KKQ&Ne9*?x&2NT_o2^-I><*GPQaU?k0TXn%6dE
zb8EMDC~4C+D{Xz$tF8-e-4{BPUYcb&&YZLKQD?a|d2IhVdirz(^!1da!!6vK8kWUZ
z@3WX5U~PHq=(X$$gLVw=Dn_5%yNgDb#SeQx)c?BcaC`URp{3D}!s5&lCKesMXYq=a
zm6F%quvhGK&oj#6e;g=sVTicU0Raw6(k3(P#eCx`?C2cO)PL!ROQK$_bm!{hIdFZ%
z%JOgF63zAp-P*>|oGplHhL>r5ALsOJzqKk)l)Ying*M)^Pv#|EKpW0+$<k@%v*TQ9
z-Js-qJE2ec&Q;C)*8T}natkJLUA*gk<w+cYF<4=umOI~F_(iF8flfFnCh2fH=kDkV
zwi~kitM}qZv)g^yBV!JTPQ<v13cMrde3>-wThaJs^r=ku;T~l<BNkXF=2N=w5occ8
zikwV@6FrM7Mp^E8`K9qyurcBo8uO&{imM`iP?A<5BkK92qK@vuZ_489b(7xqXwu=1
z-m~EuG-8LlU0T<~yp9!C8Ew#efa|WVbNI~0{44xlFpJlYpdSv}FB)~gm3EWUWi>2o
z8-7j{lS8&K$Fu#$`FADOLi2s&ywcR)_UU#i(MT-noHDitqNH*kT;s!Ox;Ncgn!^~9
z{EO42b@#6C{W4u>RTs@UV7a?!Xjy#S_eG1IXY$(JJ7SJj_x;l>5w!mn4`QYyfB#!S
zOxN*4g!7^QcSaO(MxSD`h*)82tSFkB|1d0k${I(kp4{5r7fa0lEk#NqN_49}Yl^3g
z8(^8#vO(XHNGna28QQ;q76Dqt1MmPYY1II}05Jb21^Cto0GJM-+wTfc-v|P@A3%#?
z3b0<U0Wb?d0&_cPwAE#mn-8GkD+Rc2=m6dTaP6uBG}C0o`wxJOQ6j>T$afmCw->79
zL%J+{-viL5g#twCVE`@zSi*#KgdUb@gadGO4Lrgy>WP)38sZIUqTY|lK*=d;B!FS$
zX!^AxF;$BKa2`N3Js2*}n9%@c1DO1w0t{x2Ea!Hk^iP?2fpNDX3*}<~X8IN2Tca)j
z=4SeBv>zDX81(=&0Pt~|0u0h+@q7n>$C-+Q@s<_`U=skWQw4CJULU{*09K4p0A?cq
z_5&zkYy;yn%?03R0G$I0@T6K<x5+MWtsJTV#d<s#cTwBF_=b_CM3Yr^JplghBF{gO
zX9cmB8cM8EFMjiNzG?J5&izK{jlk_hoVfv_`%X_JZZl<>(Z|a4I2<$dBmmEneS9xP
zeYhd3@P}dOhl2{x(ntm{1HcW&70TbD*5nD$SjIpO;B_MvjOEaHcD(|0(JcTyq?T$b
zwAU!Ux|rCNK`MEghO7U<KLNP3Q2~0GvSR-nz#it{P;9AX0Ju53AadArS^hp?WZGw1
zlKu!YMABE8S)?!Fd$w<Y0xZ_E0knXHNoy70Io%6jEP%L71vsuX25<lxU$BB6&2`@<
zIcLL9SXpN}qfj}dtpxeYu1cYzwOjz}K>jyX<qp@I0(c3)@!J$&lGY4B+w2Wd?;cWs
zN~1Y|zDW9QD{Eb$;|DX3cwKTh_E?#RjO}KNoU*Xz7)0Q|p4O7Y6bkHBr~rG7Rsh^!
zk53ow!nD?QwG7^jW$T)lEsQoKGc!nGqKU%K*V+>Qm5<2P^bc;g(n<#D3ypS#O_CGK
zY4*0fEZUy*LT2Q@HB-&3n;igLL129u!Qr6F=m?+}1v*&=kJ9mcxT9GU($796Q7(cP
z4_XC(Bi1PNZ;Z~MHwN&=vkGuYF8~lnbr)D!(7U2{A^s->KJKqryrLBXNGHddNh(K_
z-W9+a0H-D@z;D`30Pcf@<t!VZalz~cz~Z}knOdjnubJHon-mlc8z-N$i@JTZC2Q<o
znOA|kSGyV9YLxKW=L+zu*%QF?P`h`$)S$6my!H`dMahzE#u&GdEU$SM*ZD<dSfJes
z<Oclo?xX-+&E5d|W1io0wF10p^Z_srDYNRV8PnhFo3o)!-fz;HQ}up1WpO{;qwt34
z{lRO+6l98(l^^MNPai=18F)MSu#&}oZ6JVBxOs;aBHZ^i1_4+P;1=d%037;l0Co!Z
zr=|TL({Im7xtE8rBypEHn8b<nhJB3{;IK9Xz!8K!@KwRSQyZG&Z*~U@O105bRXiFQ
z_GOAYguT`s<Hv*e@KWJKzh(?CY%*%`E4>w+XSF+_)1Blk*A!rmF#^D70AFVbAnaLX
zR(QQj#>QFY#uMoW`-i`pRki5a)J_3&dQA4Y<%0tDy5$p%utj{AuJ_Y%F%a46%yQg3
ziS^;cGx2)4;m9ZnFQ66;_@M1-sC6LdH^mt71q6F?-CEMjT+*62I+FCcE>^iepjS2N
zBW%*_;L3qvlCs#GK#DZ!<mQ&?ag;?rp#wL!n{wo4uPC!e+vUcr^bxBp^Po`_*Zxd6
zUSh;@aRL3{k!*pM++@#dB|C1LbTMIk7%>f>9fk)FztLLjm`dqW8XsC+ZUn8!v*Gcb
zKrG>csI;Zu@LrZuOWNiGou-LR<9l!!T=%?XCOZ;4A>8+jsa?D!anyNozDV0NG%;+%
zI-;V_?DYI8!ht>Fnf9niiYXS3OA++WnO4L>Lx{esi<RSxRItNt)f!E8F?0M5!2O>p
zfXBQKz<d$G>k80Q**ZR+of5l+Nj5YJ&HKT43dt@?&u80?qK0cT0r>#!PhWSJOa%0D
z4gtLzSC$)N(n|&j#O$aHAMM-?6=PDZ$b46Rb+p;g5aUOC`vQOTw{xvb#F=l-0dk5}
zN6++w&8#%OA1jm*<VQ&2qUFd>DS190;5%jsc+wXapI5`r2%{9hQLykpP^vP%r2I=9
z2jo*<s;Qb-LtY?{r(ESZt<3}QGJy9|M6vg2zO`BTYmn~mpQyUtp)CMmb#__YHRf?t
zzKt@9l&?a)4Fb^n>x;U0yUZ*%q7=L9qHv0~m^`*`m49I+TSW{`MzOUXHMk=^f3U0<
zR+`1tTVbjPOj(Y;=0l)QVF7pAK9xxY8|R;?Z_Y56DI(qcImfSBnRCN_G?v?*JalB<
zEy5{RsQWg36~-Uxq4+vutN?!;fa`ezFc0f10c4fDN@YgAB3V*Gn@l?@+MZ88!@9X9
zdb|E;&bjb=rpjpZu(qo4+{5KY4ou~kxrW$C+P;H+tNaB?o`R9&!DcYII(@_(D{XGr
zYV&c7_3p4D&$P_<#F{6xCnQ7eM-|rUbatN74jEf`?z5x?l4^U3S$UXg_i37y`f|BJ
zEH!quzQ(r;eR;)ll=alLj1ec>SGU!#Xis<Xj-FO-+-7B!Wbq*LT8O^xOK>m=EjOaK
zTbU(cSh<%2-3{TZ&q%$>*xW7jp6j*nE+vVlO|hQbgS@Y#S1+{Eg3-5YzG}PAj*2li
zrLS9{RI!h?LAX6S-5*`*RhqEK+z4bKy}0MiN`7aIO@gvwnLpn9kPLv&YR~2*-@Jq`
zQG3T<np_2}L>#xK=f7^Hoe$49H|JC|{MmA>8)E5Yaf{jRZ)^KbR^+r$vi2JfaCk8E
zE4W&1WtHXQ5dK)NF?@SZryu;xO5<}oMcV?&ziHrs4_KM&qIlE&B>-p86D%Pf620Nn
zsc-u-NaV9DXxN-vB6z5KsG_Txp3f#DV?lRgoA4ZSz#lznj>wA9VLK4-diNoF;uwqO
zU|O&P$N?(ao4N5J<5O*C&e>jVWml)2wkv0S>K*Cp-mucngzK^9ZhA0d@`vdo&RQ(+
zZ!?N7ZRgXq^0+AEQf;rVE!@3g_nKtc`H^OhzE4W8{H|hXV*0w3mUP`{WqJ7+wR-ZX
z$XU0|SG#yc&n8=08{LoT`%9vIx#{P!cNMFz*mv4%(D)XzkEXBNEUUNMb$dk<nxUfY
z$aId&*sIRb-musG3(13TtEO|9Z<6OrRR6^Dq7S1D-&%Y7X212)XlY3tNgeFsJycO{
zxYG|V5!D@HR@k0<SuH{l1sS0m<1~Ml;_Qw8mK%RqSzTKHpdHHDkh;H2shdw1Q_P--
zoo$eko{lrxTg0nryCzm-$$k0xUHEJq0n`C?eh~GD!6mDhWENA4_UR+`SZQ4%GmUrb
zgVO={)AQMV9*yzXyE*>xQPr{_J;k=goUDy+lpC+5SHG)Ta=r0B6l~ug6${U~tQf`Q
zVEqG_^jxPyuf0>%e2MlUSX*dI{Y$Ai);%kHS?9kiH*R8bGYjWjACt}$uI}FS{I^A#
zy)}EKuY|7i&|WJumA$HCIi06mbX{m9`UM|V#XAt}>-Vb0*rR_!_InU)aZlB?wwosa
z90pMTdj(jheG1?=>b1(s!X<P)<7AgOJsl2PrstnlT4ZCd>Giw<sQq6`1L~WfgEQ7$
zZm>>gcLm+=uWUA}n9Pi{Wx&LGiKn_^4pcmUjg5r*uQ6}zUJhRwMUwg(I|K8*ooBLM
zKXaS;sD2t2oF{TBEGEUH=d9Ad&KYIb>nzoC>)+&*CZXHG2aapDuV>b}ci`i%H>Gy^
zG3{&@Z_SBvqf2_pR+=PcxOpyTy_*v0;7QtfsGdaGePb<F^O-c!VrQJIqECBv2_DCq
zVn>IWaP-9&!V$Z6m22&z=lt=}k14ry&@Pf4i)5?l4*{6FbTQ#{?#}kdKhjp3>J{oV
zzJ}@C{p?iBAm!v6#im7TDmBTxUAqiA(Q;I5Ykq!feZ2l7Qk&Nd{(pU1^ito3DQBGC
zEw0>{OII3lLjO5u{g6k}tFMaK9fx!=<XpxG74EW{O7F#G;P&y(>4g<T!_(J&B05;6
zRpp#(8Mnw{$EdZ8Ce9P_{&?*h;aI;5Yff*?)pCOk`kLY`+LfGwE(te8a%RxD3T@jL
z^jkr`O{19y|DIE^Ww)vcvw=C<AEf`n#(zgwA;)&q|Cn)2vTXmif+JtPu#U0jp8)nD
z!bW3c=K@C^bw5hWJb$#@V1P`0xtH-*&e`Rs(ntIuYWt&Z_nDTksU@{9dQaK|x7AfS
zn-Sj=428xMn)9up2T{va*QGhGF=VXFD)|!Z<`+fSv)NJ}=q()-w6aF^JE9f8`6Ipg
z6Sm~mPI4U{YWseyC>{-+>35s<$~P9$jblJ;`Wc%kL%pSCJBaN0f$i_191B)h`|Q7u
zTlNMYwy}Ml;UI+7)5vE|2%YUeRK&B`8#Qg3<V+~+2?Lk5vi%eDKFQv*+x+O3t<TrO
z3!C^qFqg<)++o*SL%rD}8_Z`W?ZYnp*o++Nv3<VO<0AX7LmLqddqZl0Nm1Rrqa1*h
zT3P3M%~xfN9a3(v(O8!C4NI4=IEvZF7SThg6qjJ$T5hBfyZ4&J-YzaT>PsE#aBwm-
zVd404;|15IURGMbN+8{NrDMe-HC9%^nvbQT&OF;6om*hBry4}nyYmEmbR9VC{g*DO
zC!#CjC#&3LVT0IR`@%WB4M%xoFG>-f8!}&dn2pFXhFZJt`!S3UOJOqZKH=G!*R8_h
zNTDF*m=wjfZnpjUO-MAAOQ6S|Y{I~r4RYCA!YEs(ZIEdDQ$n@}lfvC>{$-0e6W(6P
zi~vcD!sEd9bqSlZ%Z(GRO*5=Cf8Eo%?_KAWjEX+@OV|HLc=n#n9!B+>?G&ocEA=Yk
zh3+)2F+(bST)Dv}WLeK1s>zcxS!0b_%wZq-0y*zf@g@Ux7-+yZ<2*%HeQg$B+Q5+x
z)09zjj%mK<6*q>(2I8;~#imM+OOxi%z84v9Q--qzns^s6nQJd<B@Ozz>3h=~9JA&v
ziOdllZqHi(<ukHj*g_g*Rfmd&G-$<7mn0UKQW4!DuE5s!C^1eSQW1UJRrrLJHmboI
zy*T<F`g$y^7IM`c>;d@|@ma1->U`uQkzP3IXc^kcG~$jq^nh)y!Yn!e$c3wJ^u*EI
zq`|kDAp7YAJ(1V=U;Zbc;Z%Imr@GzrxJi8mEVJl_c<ZRLo`%#h1f9c{^vX6@sotm)
z7V7&0(alb9C;loG?8A$X&bYx9#SGKy-zkzNELuPhNjWFTLyhA2Q+xo%4pHM}nl5_*
z-hkDGQb+L=Qr%a^)A|}LbuU(m5sc6L36VPff{-`4(_m^oYb4*lPxvx`c5d6fy6<X2
zdN<WSMm@7gmiEpQZT(}GzAK73*6@AftuXF!Sua{?{)W#;rCBJ%{6rhxe1`G-l6PeL
zFuL~Qd!&F-{q|0_*!}$uQKj-dWe@t?ZSQH$Jwqc=?t5LbOMfn$#}=s7#gcO4D;RBv
zv!bd#-yrtw5G{R9H0W-y8F&uXHB*hgQp1W4524Xjh7?kI-_0OSz$~rLG^##}#`@z;
zVQeaDQ927D#&ElQ`!#B4BJVy7Py^l1LI0?gRnQn40-7DI*mc8I$Op||cZ2DR_O73G
z23~vJtuf&&@tz5%gxF5HZ%jh^oN@zwNO_!Xne83C73&(r6+DN%u~gyhN6L-HRAKn1
zqH1xv(fF4wQhXb!Ll+u?#B;soa2CmtVB|KaB%Z~WbLl8V^97E1`f)-L{M{(d>40vm
zfzay5OkaG0xuV?2qoEe0b5wMvfsXyn$KY0dno-2Q(xH=7V{kvrb{afH(n3_-KA=1A
zF}6{~k<vXG=TE$pP`C`O`TT;F>95O^I9I)L&XE^aU__oXiobc3Z^F2^f(89C<lmm2
z(Cy=LgHCbYv&)>|ocAC~{*B9``FHEi>Eq+{XTvwg6<FOI4{DQWj5-jy=9;&~O3P1i
zJZDS>^d#*?^~&-wV$5BUpuO!VH^zO$PJ(5p+`Eyx*n_q*G~NS7C61YP{1k<{U+k#9
zlC#aJ(!iz5_(T=V{DH5<K|Vors+5oNbmymkeh;UHYtwQoZ9^1hEjzlepe!_H-P2|t
z{a(o$7`ig9;HI7yMq$r*&rW(0Iz@LI#bfF-M7BUVUYx?2NSB0*`^t?>r26zYPSKBY
z4DABZ#mUqE)pR9bQCvy5j~N)+QHD7Ja`w(3434;{5l4GKP@_ihKF}<KXf(>o7>yUf
z=>fre#dt=IfJ9@=Vbqv49+@6-C2=<zO}q~-Bjzw_JT@^0;{MgHexIM;{MLJ~URAw%
z_3Bl3f86>K#D9|VN^AHc?-n$B0KIkpk~faH7kfPTEv~;wq{v?1if_Kys}3JPfa~T>
z%tDNAVA&x>7)1X7WlHz$?&KaAVjR9sn>`HI&sR2xo!TsAeBpgqFqp=XaS~fXOvi-Y
zG^Bs~3f@hUvd!Kw_$Nd9j=U^>k+BqNY99?j87!P}M47!|bU&Kh30(Odc<%U?w>VsG
zRA<z2kzwZ5;QDPCxCPI3@7rsy{_}JVMibt|jIM1#()#D_6m&%J%M9G{YlwAK6&~f6
zWB9M3!WR(^WrXo7jLa2SD%^Z*?(3}ae(+kzw-f9n{|aX0u~*&u!X$3RI*Irg?xoW~
zw8Wt4rpYjkMtfCfY^!<UU!dyapc*-7qL&++*I6^N4Po0ypQU9{_!rb^g)!mG<1+8$
z=wqEmg=bVAWy>GqZRa{zNC%{=S~hDKnGG@M%PK2qdD7uXxP+{UUxy5l@zQ~$g-mZZ
zdlsu7IS@ryS6Pm9)J*aF-hGgNQT=$z4~o!+V4BiY`*Ua8@E<E_^!WNTpX1?Y)9oUk
z$2KhhT&yznjba&AnF(s+x{WtR_nFA{=eLG8caSY{Ch;M4k~d7`K%GUsTlM`EOC8b@
z_zz!Jg&z29>cyHpL=kFj-fe_iQd!_|M8Hqk0>WLV$kzvX1#5F(?{m+)^=DBvmg95$
zy-o~9O_`=ofO|-Nn`<qyump8Kl)D-u#o`HfpvHUW1LEP8Vz9!o5>-l}Q^a2aLuXjZ
zsa<#av?c1yXY~vSga0JTp%PBTco`t>EFIfS`I9J@){p6fvpNyR*C)!t30v+IlEkN4
z@VbVam{mVh5nZO{^CItNJ7WAyLd{~hZ0Sq~4<53p>Edh%T0}gY8m?IG7HMNLGM)Yi
z*|QrXu6W8toFe=>{g|k6vwNk+pu+@OPpu6IZz^JNRmiKr{;GOj11jO(wfPr{ysUjk
zYP0NBnOHSS5z=jb8!_>3bc$O~wBKE)2s>=8IfQaRrxC4PHk`Cob|$P!Qn+kl3&}D|
zJ#EtfYo&DERkhPoPZXiRhNnp|;nRGd*w9OAueXmW!f;#e2_k-33Pixo9LqUs^LCSq
z!s(<7xK+x-`;^ovOjRsxHt%#oKLJV=WQZD2jQ7w~>mYQ6<TLbA1>9OLiyxSnO@xL?
z)gd*iEf)?8SRTA92Fr$ZXrHf6A*Pc>)cHB%lzvWZ(CR?QgIQV*k{U-zKJ8c3p}BUl
z?C4?2k0V)`r9Ax%Y8>xB=M#SFOqBDa*wA%qYyEgd{KbR~g;%&2pu~<ih*{(7NBb<U
zABb`fh91ix+#4}Su@u<qM-$-)41}sbh!pGJ)a+Gtogq4_L%f6{HVRl8`-{Obnvc*W
zD(h(DM0v;gA{P=kan_7?oB<B+m?9YJ*W%8-yVY&oCHbPRs`@93ePCjABJb5kE=~qD
z-Wfr9oumjOY?TX0P=!)sShuIv@?S)1qOK}rIhgIP65bxH2w#f2G~M@L^(cjYR}$r@
zC#Kr_lmIp^9_f^|mS=Xk)aJcTJ?@eM?fVh4W^saCZlk;^(4R2{?DXZ<-G>#+hoVl2
z*es>T-lk#9HG^dfj*yQnEf^WE)dP!#Qxr?FsV0$Dr3o5FZ6BeSklyB+PaXaQlU||<
zAIT+QfT$yhWJ7pOs-X4-1%ylQ!}iTP!OvQikldO})VbLo&=x8xOt8Cj=H}U?-zKRc
z=mks#Rn&6!m8j-+G=>dK55(EP`3O<;Rh1n#n*b(1WD%D=b}XSx9q1xp2+L?HcAuf3
zLJUsRnWXw4egSuZj+6QaN@l9f|Acg2B*kgwF&D#`<G$2sJIFMSV~n-La(v}xStwR#
zr*OeQvDv6rpooKPx&CL?5gQt(;y4PS><blb7(W}-qS}Y+kSvBp<p&YkfUG^=nW5)F
zt%VJW<&3R$3*nzgX*xBMdz`r)Qg`fxG!Rf7%lQqbwhK|E7Gm_Olo#G#l_VCM__Otg
zTv3yjG)J1q&f}ZH#jU<n?+h{6t$!YkS5WkK#vZMKTDwNWR2HfYQ<4LseHG2I7M*P+
z%$j{#5sWahj5T06MKyDr^-+1Ndz?dpovKpNCeu~a$=Y@3EL`mjNe!U^cM*v%OI0D2
zP!ug1jQ7$JFkmN%#QT@}atg+f^kd+xj#B5?=h3JtWIwF@rfLJHb}5btrqcb;xj{nH
zJjR;swCdjq2$y@(Qd<Nj2BErQu60$dB6Lt!zrqE9(g&Se3r{G*Ox1Z|>xy6I^hKc<
zo?Jz?oH^9i`W?x41w3FsuJAi^X?s~ngrgbmYABdVwpCjs3&Uvkm%t#Z`fp=bSSbs7
z%qtCA2pd9z{21r#1-8nYWR<@_Rdi@aj%Ass@h`Nx`|DuN6+BA4>}iYc*!-A?!Yu&P
zB~0NFqd}+SEH^ceAU4_oj3>dE^EdlauYHTzg<gg{;csD9YX&HmB2m}sG1i@M2HMBc
z$n}U|Gk}RMcX0}h`q=Zt)cgy%4_CVBG!A6L&Lt{bWmGfniQMc`$*nH|nN|ONz+oRP
z2G<9<0$ug0F1)pJ=1N*>9Whh9Tnr=bORKl2yFrZRAJ|hrLCg5ut+M5MQIx2u>fBjM
zH<j>_rF-c-X}KWkVwU%kl=f4iO843uQ1~?7BWe`x0L;dP6p_u^<!Hc?evY)g5xqG<
zW}KC!2r|T5Sca*0Aic!<_sglHko^y`W=wYa49#5RqP<!hh7~@tUY;guWNiYpm4XWu
zV@k3jegsW~J&>x*V{wAofJN^UHLY8`UmFKpcH+$<B$Mg|WwA8s1xZdQ1yu(G$fBtx
z8lEb2JjNYLlZ~!@Q%;=<&pEcIBx`RHbA}`(b+C1OIhK*`CWL~oZ%?*YkNfQ&wkGXp
zxVU`U2j74SemCX!B;}t06>_DwCr75BYP(L|UvpVkb=FF@P@pWIkZ!68BTXbhP%bcM
zX7c6CBz0m9K{7;D!xVmPcTedCPLlS)hC|@=M%jIXE{>%sOpqQ6e^N7X7_LH+#bCr5
z&8r}$V$vZ+fvInxrKu5fNW)Z*;}Fq=HMjIT3FjqDD!OL2Pu#Sg)=e0e<z`Z;_aenp
zwQr03W1#{8LJKL-J>f4l?<3WPmD-(+LBHeJGr*oUV;{Ng{BF)Xb|;cw>&?s%pSZF&
zNo1x}9T!WYwC5!ceFdI|)niNFL5x9a9p59wfEmqKY0~<B4r6m>gJeC~kXd}y=V<*m
z`JQ6%FpGFlBDA!}?7;6Om`pqh+dqJnNn=TAjAwER0`G64n)^YZ`qx}(*l~{KL;}mk
zjN8wE2-;CEG0R7o^0U+!aJmx*WH(C{9OjG-a^|?GTI16xj&ULa0kyfbw=A4Pa&)?}
zWe%_ujN1dtdqq_3JX*JYs6ADkfU@*;@bVgiJ#hyOJQ8-WPhER{E^_f%7~f2^Wx>t@
z@{0pt8rNu|cDMe16tjXln+?Y>90#8hb~k$vc0Bk2CiWKfZq67aXK%p57}p8Lj;H^2
zcQuYkh<97f>Pn8*L^i(+rKHm0=!3(^XgXbDX1mBGA#qk6U0W)P22+N*lb^zJn@?6#
zQy>c)N$hu^hm*A2aQwR*mC=>Bxh%B_2m_Dh495Bh!Pw>i1mC0@1B-lSCW+A4a^0D(
zTaK5TU5L*ARCau6ji?kg-fo?9o$aXVi~gY43l(7bOz2#m3PVog@6+?lwzYG)|37Rp
z3NKzIdi7jW&lU!=?eOf0m&J$C=^wRX>=dd8xaZM&3sOH76TQ4&=b{}Rx201UswwdT
zzq5%>2Qt$K>Hh01RhCQwnz)S6Gj#W^P2hV0l``8L$4`(AencI-$5W9>SCEc<gTQzR
zmr5>{3Qca~sJ$kiKs`bNO&L$cCQh92$D66sI<61y3h%HI&>cVrB3viWiuT=D7r;<}
zlWq{HPD5OMtEQZipyPA`H`2vFzNSSbD5EgcoHA;EoQ4|CQyt3rL^t~$IpQ7EXAn!J
zC~tyMJj#c~F^jlwQOi*jfDZ;x>%9_Ky2VjR%Ig5H-y+A5uXR?MHH~Ur%5I?T)HQjD
zI(?BH0Ma1<eIm7wl8{|L!@mG<C&0`C0^=l?Ni$q6RrxEb5Am5dfa6gsplM*JT%`b%
zyC%~}E^m}(J*t5`V@Cj6_IDyYg|MlZf6>uqIao-)Tj1NWI8Wv`xKwIG)b3`z627U`
zMXg)8hh`F@FgLqLI@-QJpY4bZO&LtT=Sk|d7p1g3kn0zd2wX`rVEJJH$D(D?%LINS
zMMrAp@Knw691;=&)>BYl3HP11)ryuGXx*cPBshm!f2mfrTtVyZ*k;}AIc&4%c+a(J
zAPs&($|RJa{jQd_EKPK?!B`M+?MQfK%ovPu6NEn|P=5!ovd^%d?0nR?99T_Ff1?o^
zd8%`ni(zji5|~CBUclr4d<AV$mIKgDihIJ02lz6;lgkOLleU=?nF)?G(=_X5d#BbO
zu7>VO)MYdC5(vj&z2AlFNx4hh+)&G4rlE1%A@b@srTQ?<0VWrOtC05m+(tbfCjCxk
z-2k_Oa#+kWtpzc8z^GjDwd+JUo`fiH69JaN3sk}V3a?52_L}u<KCt7M%?F=R&4<;H
z?o3Zg!_9#d18`m@wN8M}&$E*qRXsV97Hwx9uCU1Na}9Nqq{2xZ9&QSHDum@vji5$W
z38j5I*{J~a;A3`o0tZ1I>lx2GX+ZvYn2-&U*Pyw{P6L^o=w?Sk0G-xJCE9EJbVnY0
zzLEMbB;#yiDdn~SDc2+9>552jm(-kFd}53S1tPN61UHMEmcElc(0gNllG*^G`jII_
z%S+(wS8TReu5izArnepTK*Xw6LjE9|aB-A>ON4N@;649twvk3H=3fO!m500c5SUCI
zu3=^Y91d^}&NXiK3W1H>Y=HGx2L3bxkCSfB@syZ*3zUo35crkU6f~Ec<A@nqFY0oW
zU4a33NmiF6d%AAoe`%&}T03`{d1!PC{N5P#RG|h<9Wx(T7now#ZPZaLS>5;i0)Tnw
z-H4qZiAU(E2UFyT9a%S>ewV}Z;{m^ltXfQJyF`!{BpujdN1k)mdHQ{nCb^lX1Rm}u
zw3i^-31v_cUg}&iX){>x=BTAWuIDxVc^OpOVHGz<Qqxb!Ot-N<fb$dGtO@Z+z6qz2
zEUv_X#B&kN=Lvo{@um2v8Jf-UQM0pTEOE>tG<yVLY2yeSLlT_Nl>ww0(oP=|xS9s2
zV9NngvhAYPIT(Rw@1>-y&zZ%5Cjv&8?6&4f{s_%?{1RYP%=dm@F*sUdWnOYNc2CFa
zcn6vQ=8UIK+hAM$xn+*V=$S|8w@hlf%26(mt~4G_BXFS9ls1-IfdY*@3RLb&N4w5s
zRyrE<J}stM^{3T+g!u>Be2eJd5EezxX$W}UK!})Wuj;uQjWSCx_5Uyxj=Wcw|3RjB
zm!=rXu12GGAlC)qG|<lw2EUql1E4)H{KsBT2M6IJW(_dBoK-k@o4^8E{wMgg0I8la
z$3<X<bQE9tTW75=0p|-B5|l~8>C3GLofUR5%R=BGmx8ZYwU_z=F;x?Cl~x_YYy?>x
zz_<nihr!|DH3`Y{w<O~EH2B$)M+iH9U_75|K$CZjrrrl@XEkT_Bpd^@1SbtQ+ZR@b
z7ma+ik}6RLUL)ujEC?6qcT!O}roS<lpe~?FLg(<D3WwuqLw6S3cjPLqxye8fe!BI0
zNEb)gDsa^fGfL@3a%+!8{Wsk2Pshy!R=%9@h16G9#BQ_ZQYmP`W#VcF$+n!YLBkf9
zI$!zB54Lb`1N$6|C45X=1d-;F+3f)R5My6EfkvnfuRgf5dRZbOE$B{6$C!(G&wVPA
zF1|=3Y=<N&Fr)G#=sy$XakRkm!pCu*@&Je)_94VY25V$?q4&Y?NeX;f=s;R<+<T6g
z$anEm!_vODkbNH{e}d#JMYIA0@dxt(m6*h6u3#B$KR~NHgZ~gz4>8G~n#JITpc_yR
zK3_I;jSo=WA{y{(DK6B*f8_AF?ro&st>orQxIJjs9YoWACGZ+?^)<T}APZLWyApVl
z__)FD14xB1yM8CINqQnQFdsXrvQ~hvwKJ$;7PB8TpJL}72yALE@)t|kPk{X=(ammx
z>1S*r>?HqBV4EQwJbsE(10!t<Y2yw!8Vde|vPX}=o>9wt9EZV{?{6g0UoaiKquDd4
z7UREin#K=7M|>D}2p!@1lAVxObtv^+z#InjJDgv^eQNp=)PonIe`gQu|D%N(zEAqU
z!G8uSH@uh=oGuN6iSuu=e(Ee%wm(M=&mwhLjq1}`wnS7OA|J5Onji0M%f{QH?ub-5
z6^SvYouqjqghk6{U^-}Iem|)(x-V*BCS?FQBx-Vtt*(DDoaq+NfRv%=_F0%5#xVZ_
D=%5oh

literal 0
HcmV?d00001


From 994e506b650017fda3f18774f1558baae167e36e Mon Sep 17 00:00:00 2001
From: Marek Svepes <svepemar@fit.cvut.cz>
Date: Fri, 9 Oct 2015 12:07:07 +0200
Subject: [PATCH 011/169] use-cases: basic_modules.sh: input file can be
 specified by program argument

- note: in case of zero program arguments, script description is printed out
---
 use-cases/basic_modules.sh | 71 ++++++++++++++++++++++++--------------
 1 file changed, 46 insertions(+), 25 deletions(-)

diff --git a/use-cases/basic_modules.sh b/use-cases/basic_modules.sh
index cc42186..cb20580 100755
--- a/use-cases/basic_modules.sh
+++ b/use-cases/basic_modules.sh
@@ -35,34 +35,55 @@
 # if advised of the possibility of such damage.
 #
 
+if [ $# -eq 0 ] || [ $# -gt 1 ]; then
+  printf " Usage:
+  \t\"$0 netflow_input_file\"
+  \tor
+  \t\"$0 default\" default input file with 6000 flows is used
 
-# This script shows connection of the basic Nemea modules
-# (nfreader, merger, logger, logreplay and flowcounter). Three nfreader
-# modules read netflow data from input file and send them in unirec format
-# to merger module which sends incoming data from all input interfaces
-# to one output interface. The data are stored into csv file by logger module.
-# The csv file can be read by logreplay module which sends them again
-# in unirec format to flowcounter module. Result of this module is number
-# of received flows (it should be number of flows from nfreader input file x 3).
+ This script shows connection of the basic Nemea modules
+ (nfreader, merger, logger, logreplay and flowcounter). Three nfreader
+ modules read netflow data from input file (specified by program argument)
+ and send them in unirec format to merger module which sends incoming
+ data from all input interfaces to one output interface. The data from merger
+ are stored into csv file by logger module. The csv file can be read by logreplay
+ module which sends them again in unirec format to flowcounter module.
+ Result of this module is number of received flows (it should be
+ number of flows from nfreader input file x 3).
 
-#                     ----------
-#  netflow.data ---> | nfreader | ----------
-#                     ----------           |
-#                                          v
-#                     ----------        --------        --------
-#  netflow.data ---> | nfreader | ---> | merger | ---> | logger | ---> file.csv
-#                     ----------        --------        --------
-#                                          ^
-#                     ----------           |
-#  netflow.data ---> | nfreader | ----------
-#                     ----------
+ Step 1:
+                     ----------
+  netflow_file ---> | nfreader | ----------
+                     ----------           |
+                                          v
+                     ----------        --------        --------
+  netflow_file ---> | nfreader | ---> | merger | ---> | logger | ---> file.csv
+                     ----------        --------        --------
+                                          ^
+                     ----------           |
+  netflow_file ---> | nfreader | ----------
+                     ----------
 
-#                 -----------        -------------
-#  file.csv ---> | logreplay | ---> | flowcounter | ---> Result (number of flows)
-#                 -----------        -------------
+ Step 2:
+                 -----------        -------------
+  file.csv ---> | logreplay | ---> | flowcounter | ---> Result (number of flows)
+                 -----------        -------------\n"
+
+  exit 0
+fi
+
+# INPUT_FILE - Input file for nfreader modules (netflow data)
+if [ "$1" = "default" ]; then
+  INPUT_FILE="./nfcap_6000_gener_flows.dat"
+else
+  INPUT_FILE="$1"
+fi
+
+if [ ! -r "$INPUT_FILE" ]; then
+  echo "Input file \"$INPUT_FILE\" cannot be opened. Exiting..."
+  exit 1
+fi
 
-# Input file for nfreader modules (netflow data)
-INPUT_FILE="./nfcap_6000_gener_flows.dat"
 # Logger output file (csv format)
 LOGGER_OUTPUT_FILE="./logger_test_out"
 
@@ -78,4 +99,4 @@ printf ">>> Starting logreplay and flowcounter...\n>Flowcounter received:\n"
 ../modules/flowcounter/flowcounter -i u:logrep_test_out
 
 # Cleanup
-rm -f ./logger_test_out
+rm -f $LOGGER_OUTPUT_FILE

From 0a19109d73a36c7b120b0c2ed6df95f5a7262dc8 Mon Sep 17 00:00:00 2001
From: Marek Svepes <svepemar@fit.cvut.cz>
Date: Fri, 9 Oct 2015 14:55:14 +0200
Subject: [PATCH 012/169] use-cases: basic_modules.sh: added note with library
 dependencies

---
 use-cases/basic_modules.sh | 31 +++++++++++++++++--------------
 1 file changed, 17 insertions(+), 14 deletions(-)

diff --git a/use-cases/basic_modules.sh b/use-cases/basic_modules.sh
index cb20580..ab763b9 100755
--- a/use-cases/basic_modules.sh
+++ b/use-cases/basic_modules.sh
@@ -37,13 +37,13 @@
 
 if [ $# -eq 0 ] || [ $# -gt 1 ]; then
   printf " Usage:
-  \t\"$0 netflow_input_file\"
+  \t\"$0 nfdump_file\"
   \tor
   \t\"$0 default\" default input file with 6000 flows is used
 
  This script shows connection of the basic Nemea modules
  (nfreader, merger, logger, logreplay and flowcounter). Three nfreader
- modules read netflow data from input file (specified by program argument)
+ modules read netflow data from nfdump file (specified by program argument)
  and send them in unirec format to merger module which sends incoming
  data from all input interfaces to one output interface. The data from merger
  are stored into csv file by logger module. The csv file can be read by logreplay
@@ -52,22 +52,25 @@ if [ $# -eq 0 ] || [ $# -gt 1 ]; then
  number of flows from nfreader input file x 3).
 
  Step 1:
-                     ----------
-  netflow_file ---> | nfreader | ----------
-                     ----------           |
+                    +----------+
+   nfdump_file ---> | nfreader |-----------
+                    +----------+          |
                                           v
-                     ----------        --------        --------
-  netflow_file ---> | nfreader | ---> | merger | ---> | logger | ---> file.csv
-                     ----------        --------        --------
+                    +----------+      +--------+      +--------+
+   nfdump_file ---> | nfreader |----> | merger |----> | logger |---> file.csv
+                    +----------+      +--------+      +--------+
                                           ^
-                     ----------           |
-  netflow_file ---> | nfreader | ----------
-                     ----------
+                    +----------+          |
+   nfdump_file ---> | nfreader |-----------
+                    +----------+
 
  Step 2:
-                 -----------        -------------
-  file.csv ---> | logreplay | ---> | flowcounter | ---> Result (number of flows)
-                 -----------        -------------\n"
+                +-----------+     +-------------+
+  file.csv ---> | logreplay |---> | flowcounter |---> Result (number of flows)
+                +-----------+     +-------------+
+
+ Note: To run this script, ../modules/ repository has to be compiled.
+       \"libnf\" or \"libnfdump\" library is need for nfreader compilation.\n"
 
   exit 0
 fi

From 311f05813ef76e9a5ff6a5a2d82ef644026e8e39 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 9 Oct 2015 22:52:39 +0200
Subject: [PATCH 013/169] use-cases: add example script for flow_meter

Flow_meter is a simple flow exporting module.  It can read PCAP file or
it can capture live traffic from NIC.  Output of this module is UniRec.
---
 use-cases/Makefile.am   |  2 +-
 use-cases/flow_meter.sh | 78 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 79 insertions(+), 1 deletion(-)
 create mode 100755 use-cases/flow_meter.sh

diff --git a/use-cases/Makefile.am b/use-cases/Makefile.am
index 629ef8f..7402818 100644
--- a/use-cases/Makefile.am
+++ b/use-cases/Makefile.am
@@ -1 +1 @@
-EXTRA_DIST=traffic-filtering-stats.sh logger-repeater.sh
+EXTRA_DIST=traffic-filtering-stats.sh logger-repeater.sh flow_meter.sh
diff --git a/use-cases/flow_meter.sh b/use-cases/flow_meter.sh
new file mode 100755
index 0000000..dbc7ac8
--- /dev/null
+++ b/use-cases/flow_meter.sh
@@ -0,0 +1,78 @@
+#!/bin/bash
+
+# Author: Jiri Havranek <havraji6@fit.cvut.cz>
+# Copyright (C) 2015 CESNET
+#
+# LICENSE TERMS
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+# 3. Neither the name of the Company nor the names of its contributors
+#    may be used to endorse or promote products derived from this
+#    software without specific prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL) version 2 or later, in which case the provisions
+# of the GPL apply INSTEAD OF those given above.
+#
+# This software is provided ``as is'', and any express or implied
+# warranties, including, but not limited to, the implied warranties of
+# merchantability and fitness for a particular purpose are disclaimed.
+# In no event shall the company or contributors be liable for any
+# direct, indirect, incidental, special, exemplary, or consequential
+# damages (including, but not limited to, procurement of substitute
+# goods or services; loss of use, data, or profits; or business
+# interruption) however caused and on any theory of liability, whether
+# in contract, strict liability, or tort (including negligence or
+# otherwise) arising in any way out of the use of this software, even
+# if advised of the possibility of such damage.
+
+
+# The purpose of this script is to show how to execute nemea module
+# flow_meter and send it's output to another module (logger in this
+# case). flow_meter is able to capture from interface (-I option) or
+# file (-r option). In case of capture from interface it needs to be
+# executed with root permission otherwise it will not be able to run.
+# If you want to capture specific number of packets you can use -c
+# option.
+
+# Check if interface is specified.
+if [ "$1" = "" ]; then
+   echo "Specify the network interface."
+   echo "Usage: ./flow_meter.sh interface-name"
+   exit 2
+fi
+
+if [ "$EUID" != 0 ]; then
+   echo "You should run this script as root."
+   exit 1
+fi
+
+flow_meter="../modules/flow_meter/flow_meter"
+logger="../modules/logger/logger"
+
+# Check if modules are compiled.
+if [ ! -e "$flow_meter" ]; then
+   echo "$flow_meter does not exist. Compile flow_meter first."
+   exit 3
+fi
+
+if [ ! -e "$logger" ]; then
+   echo "$logger does not exist. Compile logger first."
+   exit 3
+fi
+
+# Start capture from given interface. Quit after 10 packets are captured.
+./"$flow_meter" -i u:my_socket -I "$1" -c 10 >/dev/null &
+
+# Start logger and quit when flow_meter exits.
+./"$logger" -i u:my_socket -t
+

From 9c9a05cc8b205a1ab467c53cd69fdc97349327da Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 9 Oct 2015 23:01:46 +0200
Subject: [PATCH 014/169] add basic_modules.sh into EXTRA_DIST

---
 use-cases/Makefile.am | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/use-cases/Makefile.am b/use-cases/Makefile.am
index 7402818..2fcba95 100644
--- a/use-cases/Makefile.am
+++ b/use-cases/Makefile.am
@@ -1 +1 @@
-EXTRA_DIST=traffic-filtering-stats.sh logger-repeater.sh flow_meter.sh
+EXTRA_DIST=traffic-filtering-stats.sh logger-repeater.sh flow_meter.sh basic_modules.sh

From 6d5544fce1ab344b99f3a45192f200f397e41374 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 9 Oct 2015 23:08:42 +0200
Subject: [PATCH 015/169] Revision update of submodules

---
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/detectors b/detectors
index 3dd5b6e..96fdc05 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 3dd5b6ed902dfe96ffe39c4eb185ebaff9c06703
+Subproject commit 96fdc0570fdf907c03f1806cbfe97b72e5d442e1
diff --git a/modules b/modules
index 0b96b57..5e4e901 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 0b96b57c3132ffa6b7db9ca57d816f06ae6d0641
+Subproject commit 5e4e901a87105833b8e52b30b23898867a34eef4
diff --git a/nemea-framework b/nemea-framework
index 56492b0..24449d1 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 56492b0ccad2d8a0db226b1268e6a17b0581db11
+Subproject commit 24449d1cbf7678990590a49dc78160ca30b5db38
diff --git a/nemea-supervisor b/nemea-supervisor
index 19b893c..d023697 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 19b893c86171195dccbdc80c061e7381ec67bf97
+Subproject commit d023697443522613249980031891a02ad165eb86

From c44273d3356bba1d87a02ea9c24bef8a559a01ff Mon Sep 17 00:00:00 2001
From: Marek Svepes <svepemar@fit.cvut.cz>
Date: Sat, 10 Oct 2015 13:35:34 +0200
Subject: [PATCH 016/169] vagrant: README: fixed name of vagrant box for
 fedora22-cloud

---
 vagrant/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vagrant/README.md b/vagrant/README.md
index dd08a81..46a0927 100644
--- a/vagrant/README.md
+++ b/vagrant/README.md
@@ -26,7 +26,7 @@ For installation of Fedora 22 Cloud, rename `Vagrantfile.Fedora22` to `Vagrantfi
 and use the following command to get Vagrant box:
 
 ```
-vagrant box add fedora22 https://download.fedoraproject.org/pub/fedora/linux/releases/22/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-22-20150521.x86_64.vagrant-virtualbox.box
+vagrant box add fedora22-cloud https://download.fedoraproject.org/pub/fedora/linux/releases/22/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-22-20150521.x86_64.vagrant-virtualbox.box
 ```
 
 Scientific Linux

From 6823557697bab8afa54e8922b933fed4e960f141 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 19 Nov 2015 19:53:30 +0100
Subject: [PATCH 017/169] config-examples: add to build process, updated

prepare_default_config.sh without argument prints out help,
it expects one argument 'configonly' to generate XML from
*.sup files or 'install' to prepare XML and create directories
from *.mkdir.

Changes reflected in vagrant, where it is used.
---
 Makefile.am                               |  2 +-
 config-examples/Makefile.am               |  8 +++++
 config-examples/prepare_default_config.sh | 44 ++++++++++++++---------
 configure.ac                              |  2 +-
 vagrant/Vagrantfile.Fedora22              |  2 +-
 vagrant/Vagrantfile.SL6                   |  2 +-
 6 files changed, 40 insertions(+), 20 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index 5380cb4..b37d89d 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS=nemea-framework nemea-supervisor modules detectors
+SUBDIRS=nemea-framework nemea-supervisor modules detectors config-examples
 
 # because of supervisor, disable systemd checking and installation during
 # distcheck
diff --git a/config-examples/Makefile.am b/config-examples/Makefile.am
index 9c9c282..05c1f4d 100644
--- a/config-examples/Makefile.am
+++ b/config-examples/Makefile.am
@@ -10,3 +10,11 @@ EXTRA_DIST=amplification_detection.mkdir \
 	   supervisor.mkdir \
 	   traffic_repeater.sup
 
+BUILT_SOURCES=supervisor_config.xml
+
+supervisor_config.xml:
+	./prepare_default_config.sh configonly
+
+clean-local:
+	@rm ${BUILT_SOURCES}
+
diff --git a/config-examples/prepare_default_config.sh b/config-examples/prepare_default_config.sh
index 022fa21..39df6dd 100755
--- a/config-examples/prepare_default_config.sh
+++ b/config-examples/prepare_default_config.sh
@@ -3,14 +3,22 @@
 # name of the output file:
 conffile=supervisor_config.xml
 
-cat > "$conffile" <<END
+echo "This script expects one argument: 'configonly' or 'install'.
+
+'configonly': creates a config file for Nemea-Supervisor using *.sup files.
+'install':    runs 'configonly' and also creates directories from *.mkdir files.
+
+Note: root permissions are probably needed for 'install'"
+
+if [ "$1" == "configonly" -o "$1" == "install" ]; then
+	cat > "$conffile" <<END
 <?xml version="1.0"?>
 <nemea-supervisor>
-        <supervisor>
-                <verbose>false</verbose>
-                <module-restarts>4</module-restarts>
-                <logs-directory>/var/log/nemea-supervisor/</logs-directory>
-        </supervisor>
+	<supervisor>
+		<verbose>false</verbose>
+		<module-restarts>4</module-restarts>
+		<logs-directory>/var/log/nemea-supervisor/</logs-directory>
+	</supervisor>
 
 	<modules>
 		<name>detection modules</name>
@@ -18,21 +26,25 @@ cat > "$conffile" <<END
 
 END
 
-cat *.sup >> "$conffile"
+	cat *.sup >> "$conffile"
 
-cat >> "$conffile" <<END
+	cat >> "$conffile" <<END
 	</modules>
 </nemea-supervisor>
 END
 
-xmllint -format "$conffile" > "$conffile.tmp" && mv "$conffile.tmp" "$conffile"
+	xmllint -format "$conffile" > "$conffile.tmp" && mv "$conffile.tmp" "$conffile"
+
+fi
 
 # creation of needed directories and permissions setup
-for f in *.mkdir; do
-        for d in `cat "$f"`; do
-                mkdir -p "$d"
-                # This is not secure enough! It grants full access to the directory:
-                chmod 777 "$d"
-        done
-done
+if [ "$1" == "install" ]; then
+	for f in *.mkdir; do
+		for d in `cat "$f"`; do
+			mkdir -p "$d"
+			# This is not secure enough! It grants full access to the directory:
+			chmod 777 "$d"
+		done
+	done
+fi
 
diff --git a/configure.ac b/configure.ac
index 8511469..5bef412 100644
--- a/configure.ac
+++ b/configure.ac
@@ -15,6 +15,6 @@ AM_INIT_AUTOMAKE([foreign subdir-objects])
 
 # Checks for library functions.
 
-AC_CONFIG_FILES([Makefile])
+AC_CONFIG_FILES([Makefile config-examples/Makefile])
 AC_CONFIG_SUBDIRS([nemea-framework nemea-supervisor modules detectors])
 AC_OUTPUT
diff --git a/vagrant/Vagrantfile.Fedora22 b/vagrant/Vagrantfile.Fedora22
index 0b9da54..3f1884f 100644
--- a/vagrant/Vagrantfile.Fedora22
+++ b/vagrant/Vagrantfile.Fedora22
@@ -31,7 +31,7 @@ SCRIPT
 
 $run_supervisor = <<SCRIPT
 cd /root/nemea/config-examples
-./prepare_default_config.sh
+./prepare_default_config.sh install
 cp supervisor_config.xml /etc/nemea/
 systemctl enable nemea-supervisor
 service nemea-supervisor start
diff --git a/vagrant/Vagrantfile.SL6 b/vagrant/Vagrantfile.SL6
index b056aa0..147d80d 100644
--- a/vagrant/Vagrantfile.SL6
+++ b/vagrant/Vagrantfile.SL6
@@ -35,7 +35,7 @@ SCRIPT
 
 $run_supervisor = <<SCRIPT
 cd /root/nemea/config-examples
-./prepare_default_config.sh
+./prepare_default_config.sh install
 cp supervisor_config.xml /etc/nemea/
 service nemea-supervisor restart
 chkconfig nemea-supervisor on

From e0ae1b9bc54648b6a013fe8f8e56250dc98a63ac Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 19 Nov 2015 20:00:48 +0100
Subject: [PATCH 018/169] use-cases: fixed travis build

skip error on non-existing supervisor_config.xml delete
---
 config-examples/Makefile.am | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config-examples/Makefile.am b/config-examples/Makefile.am
index 05c1f4d..018f77c 100644
--- a/config-examples/Makefile.am
+++ b/config-examples/Makefile.am
@@ -16,5 +16,5 @@ supervisor_config.xml:
 	./prepare_default_config.sh configonly
 
 clean-local:
-	@rm ${BUILT_SOURCES}
+	@rm -f ${BUILT_SOURCES}
 

From a23247271136f25308ff47127450a1ddbe3cae3e Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 19 Nov 2015 20:05:49 +0100
Subject: [PATCH 019/169] Revision update of submodules

---
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/detectors b/detectors
index 96fdc05..79d7b7a 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 96fdc0570fdf907c03f1806cbfe97b72e5d442e1
+Subproject commit 79d7b7ab45c17610c0ef752e69be739132e466e7
diff --git a/modules b/modules
index 5e4e901..85aaeda 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 5e4e901a87105833b8e52b30b23898867a34eef4
+Subproject commit 85aaeda5bb2c0fc7f25994e5d4c88b23f941de54
diff --git a/nemea-framework b/nemea-framework
index 24449d1..b7ea8bd 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 24449d1cbf7678990590a49dc78160ca30b5db38
+Subproject commit b7ea8bd4240fb61bacce994ca1d471a7103dd04c
diff --git a/nemea-supervisor b/nemea-supervisor
index d023697..b8462cd 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit d023697443522613249980031891a02ad165eb86
+Subproject commit b8462cdb005da2c9ebed64de89b31d7d3c580a4e

From 64393961aa38abafa2ac98775575e32c67f95241 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 25 Nov 2015 12:25:19 +0100
Subject: [PATCH 020/169] config-examples: add flow_meter (disabled by default)

flow_meter is disabled due to 2 reasons:
* instances of Nemea may use other data source e.g. ipfixcol
* it is not clear in this global configure whether flow_meter will be
  compiled (installed dependencies)
---
 config-examples/flow_meter.mkdir  |  2 ++
 config-examples/flow_meter.sup.in | 41 +++++++++++++++++++++++++++++++
 configure.ac                      | 13 +++++++++-
 3 files changed, 55 insertions(+), 1 deletion(-)
 create mode 100644 config-examples/flow_meter.mkdir
 create mode 100644 config-examples/flow_meter.sup.in

diff --git a/config-examples/flow_meter.mkdir b/config-examples/flow_meter.mkdir
new file mode 100644
index 0000000..69c11cd
--- /dev/null
+++ b/config-examples/flow_meter.mkdir
@@ -0,0 +1,2 @@
+/data/flow_meter
+
diff --git a/config-examples/flow_meter.sup.in b/config-examples/flow_meter.sup.in
new file mode 100644
index 0000000..a9da9dd
--- /dev/null
+++ b/config-examples/flow_meter.sup.in
@@ -0,0 +1,41 @@
+<module>
+<name>hoststatsnemea</name>
+<enabled>false</enabled>
+<path>/usr/bin/nemea/flow_meter</path>
+<params>-I @NIC_NAME@</params>
+<trapinterfaces>
+<interface>
+  <note/>
+  <type>UNIXSOCKET</type>
+  <direction>OUT</direction>
+  <params>flow_meter</params>
+</interface>
+<interface>
+  <note/>
+  <type>SERVICE</type>
+  <direction>SERVICE</direction>
+  <params>service_flow_meter</params>
+</interface>
+</trapinterfaces>
+</module>
+
+<module>
+<name>flow_meter_logger</name>
+<enabled>false</enabled>
+<path>/usr/bin/nemea/logger</path>
+<params>-t -T -a /data/flow_meter/flows.log</params>
+<trapinterfaces>
+<interface>
+  <note/>
+  <type>UNIXSOCKET</type>
+  <direction>IN</direction>
+  <params>flow_meter</params>
+</interface>
+<interface>
+  <note/>
+  <type>SERVICE</type>
+  <direction>SERVICE</direction>
+  <params>service_flow_meter_logger</params>
+</interface>
+</trapinterfaces>
+</module>
diff --git a/configure.ac b/configure.ac
index 5bef412..dd0288f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -5,6 +5,17 @@ AC_PREREQ([2.63])
 AC_INIT([nemea], [2.1.0], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 
+AC_MSG_CHECKING([network interface name])
+ifcs="`netstat -i`";
+NIC_NAME=`grep -q eth0 <<<"$ifcs" && echo "eth0" ||
+          grep -q enp0s25 <<<"$ifcs" && echo "enp0s25"`
+if [[ -n "$NIC_NAME" ]]; then
+    AC_MSG_RESULT([$NIC_NAME])
+    AC_SUBST([NIC_NAME])
+else
+    AC_MSG_RESULT([not found])
+fi
+
 # Checks for programs.
 
 # Checks for libraries.
@@ -15,6 +26,6 @@ AM_INIT_AUTOMAKE([foreign subdir-objects])
 
 # Checks for library functions.
 
-AC_CONFIG_FILES([Makefile config-examples/Makefile])
+AC_CONFIG_FILES([Makefile config-examples/Makefile config-examples/flow_meter.sup])
 AC_CONFIG_SUBDIRS([nemea-framework nemea-supervisor modules detectors])
 AC_OUTPUT

From 2c68615181a032319cc1ea9a5a5461004eda0376 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 25 Nov 2015 12:27:37 +0100
Subject: [PATCH 021/169] config-examples: updated hoststats sup file

Input template as well as "localhost" are not needed any more.
---
 config-examples/hoststats.sup | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config-examples/hoststats.sup b/config-examples/hoststats.sup
index 9e717fb..9fcdc5c 100644
--- a/config-examples/hoststats.sup
+++ b/config-examples/hoststats.sup
@@ -29,13 +29,13 @@
 <name>hs_nemea_logger</name>
 <enabled>true</enabled>
 <path>/usr/bin/nemea/logger</path>
-<params>-t -T -a /data/hoststatsnemea/detected.log EVENT_TYPE,TIME_FIRST,TIME_LAST,SRC_IP,DST_IP,SRC_PORT,DST_PORT,PROTOCOL,EVENT_SCALE,NOTE</params>
+<params>-t -T -a /data/hoststatsnemea/detected.log</params>
 <trapinterfaces>
 <interface>
   <note/>
   <type>UNIXSOCKET</type>
   <direction>IN</direction>
-  <params>localhost,hs_nemea_reports</params>
+  <params>hs_nemea_reports</params>
 </interface>
 <interface>
   <note/>

From 6573c384bbb9d360e5d01cbc21382ac8203a52dc Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 25 Nov 2015 12:39:11 +0100
Subject: [PATCH 022/169] Revision update of submodules

---
 detectors | 2 +-
 modules   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/detectors b/detectors
index 79d7b7a..2e1e0c3 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 79d7b7ab45c17610c0ef752e69be739132e466e7
+Subproject commit 2e1e0c3da9b380a48a63363144a6e6f67e550076
diff --git a/modules b/modules
index 85aaeda..035bf7b 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 85aaeda5bb2c0fc7f25994e5d4c88b23f941de54
+Subproject commit 035bf7b47efc0d0b42dfd0163c27d8b95b160dbb

From a593ef64ecbdb5d25c744a17230c1c044ff1ceb6 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 27 Nov 2015 13:44:32 +0100
Subject: [PATCH 023/169] dist: remove missing files from Makefile list

---
 config-examples/Makefile.am | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/config-examples/Makefile.am b/config-examples/Makefile.am
index 018f77c..0d83113 100644
--- a/config-examples/Makefile.am
+++ b/config-examples/Makefile.am
@@ -1,10 +1,7 @@
 EXTRA_DIST=amplification_detection.mkdir \
 	   amplification_detection.sup \
-	   bruteforce-detector.mkdir \
-	   bruteforce-detector.sup \
 	   hoststats.mkdir \
 	   hoststats.sup \
-	   ntp-amplification_detection.sup \
 	   prepare_default_config.sh \
 	   README.md \
 	   supervisor.mkdir \

From 3462b02b4195b9b7965ed527f3ad707504a44995 Mon Sep 17 00:00:00 2001
From: Miroslav Kalina <kalinmi2@fit.cvut.cz>
Date: Tue, 1 Dec 2015 23:22:12 +0100
Subject: [PATCH 024/169] Bugfix of bourne shell script - bad operator in test

---
 config-examples/prepare_default_config.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config-examples/prepare_default_config.sh b/config-examples/prepare_default_config.sh
index 39df6dd..cbb71c2 100755
--- a/config-examples/prepare_default_config.sh
+++ b/config-examples/prepare_default_config.sh
@@ -10,7 +10,7 @@ echo "This script expects one argument: 'configonly' or 'install'.
 
 Note: root permissions are probably needed for 'install'"
 
-if [ "$1" == "configonly" -o "$1" == "install" ]; then
+if [ "$1" = "configonly" -o "$1" = "install" ]; then
 	cat > "$conffile" <<END
 <?xml version="1.0"?>
 <nemea-supervisor>
@@ -38,7 +38,7 @@ END
 fi
 
 # creation of needed directories and permissions setup
-if [ "$1" == "install" ]; then
+if [ "$1" = "install" ]; then
 	for f in *.mkdir; do
 		for d in `cat "$f"`; do
 			mkdir -p "$d"

From 00335281e6b4614276fbf4e85b14510d6e960856 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 2 Dec 2015 00:02:38 +0100
Subject: [PATCH 025/169] scripts for creation of RPM packages

rpm.sh goes through all packages and makes them (by executing generate-rpm.sh)
---
 generate-rpm.sh |  39 +++++++++++++++++
 rpms.sh         | 109 ++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 148 insertions(+)
 create mode 100755 generate-rpm.sh
 create mode 100755 rpms.sh

diff --git a/generate-rpm.sh b/generate-rpm.sh
new file mode 100755
index 0000000..7ea9b83
--- /dev/null
+++ b/generate-rpm.sh
@@ -0,0 +1,39 @@
+#!/bin/sh
+#
+# Copyright (C) 2015 CESNET
+#
+# LICENSE TERMS
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+# 3. Neither the name of the Company nor the names of its contributors
+#    may be used to endorse or promote products derived from this
+#    software without specific prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL) version 2 or later, in which case the provisions
+# of the GPL apply INSTEAD OF those given above.
+#
+# This software is provided ``as is'', and any express or implied
+# warranties, including, but not limited to, the implied warranties of
+# merchantability and fitness for a particular purpose are disclaimed.
+# In no event shall the company or contributors be liable for any
+# direct, indirect, incidental, special, exemplary, or consequential
+# damages (including, but not limited to, procurement of substitute
+# goods or services; loss of use, data, or profits; or business
+# interruption) however caused and on any theory of liability, whether
+# in contract, strict liability, or tort (including negligence or
+# otherwise) arising in any way out of the use of this software, even
+# if advised of the possibility of such damage.
+
+pwd
+./bootstrap.sh >/dev/null 2>/dev/null&& ./configure -q && make -j4 && make rpm
+
diff --git a/rpms.sh b/rpms.sh
new file mode 100755
index 0000000..d64353e
--- /dev/null
+++ b/rpms.sh
@@ -0,0 +1,109 @@
+#!/bin/bash
+#
+# Copyright (C) 2015 CESNET
+#
+# LICENSE TERMS
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+# 3. Neither the name of the Company nor the names of its contributors
+#    may be used to endorse or promote products derived from this
+#    software without specific prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL) version 2 or later, in which case the provisions
+# of the GPL apply INSTEAD OF those given above.
+#
+# This software is provided ``as is'', and any express or implied
+# warranties, including, but not limited to, the implied warranties of
+# merchantability and fitness for a particular purpose are disclaimed.
+# In no event shall the company or contributors be liable for any
+# direct, indirect, incidental, special, exemplary, or consequential
+# damages (including, but not limited to, procurement of substitute
+# goods or services; loss of use, data, or profits; or business
+# interruption) however caused and on any theory of liability, whether
+# in contract, strict liability, or tort (including negligence or
+# otherwise) arising in any way out of the use of this software, even
+# if advised of the possibility of such damage.
+
+#set -x
+
+if [ -x "`which dnf`" ]; then
+   export pkginst=dnf
+elif [ -x "`which yum`" ]; then
+   export pkginst=yum
+else
+   echo "Unsupported package manager (dnf/yum)" >&2
+   exit 1
+fi
+
+echo "Warning: You must have 'rpmbuild' in order to generate RPM package."
+echo "If you want to abort this script, press CTRL+C (i.e. send SIGINT signal)"
+sleep 5
+
+if [ "x`whoami`" != xroot ]; then
+   echo "Run this script as root, since it must install RPM packages continuously"
+   exit 1
+fi
+
+read -p "Enter the name of user who will compile packages: " chuser
+
+read -p "Are You sure You want to continue? [yn]" -n1 ans
+
+if [ "x$ans" != xy ]; then
+   exit 0
+fi
+
+echo "Remove previously installed packages"
+$pkginst remove -q -y libtrap\* unirec\* nemea\*
+
+export topdir=$PWD
+export chuser
+
+(
+   cd nemea-framework
+   (
+      cd libtrap
+      su $chuser -p -c "$topdir/generate-rpm.sh"
+      $pkginst install -y -q RPM*/RPMS/*/*
+   )
+   (
+      cd common
+      su $chuser -p -c "$topdir/generate-rpm.sh"
+      $pkginst install -y -q RPM*/RPMS/*/*
+   )
+   (
+      cd unirec
+      su $chuser -p -c "$topdir/generate-rpm.sh"
+      $pkginst install -y -q RPM*/RPMS/*/*
+   )
+   (
+      cd python
+      su $chuser -p -c "$topdir/generate-rpm.sh"
+      $pkginst install -y -q RPM*/RPMS/*/*
+   )
+)
+(
+   cd modules
+   su $chuser -p -c "$topdir/generate-rpm.sh"
+   $pkginst install -y -q RPM*/RPMS/*/*
+)
+(
+   cd detectors
+   su $chuser -p -c "$topdir/generate-rpm.sh"
+   $pkginst install -y -q RPM*/RPMS/*/*
+)
+(
+   cd nemea-supervisor
+   su $chuser -p -c "$topdir/generate-rpm.sh"
+   $pkginst install -y -q RPM*/RPMS/*/*
+)
+

From e65b954b9a83b0ff6c2b37a0fb20867a84ae25f7 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sat, 5 Dec 2015 13:26:07 +0100
Subject: [PATCH 026/169] config: detect ifc of default gateway

---
 configure.ac | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index dd0288f..bcd3c66 100644
--- a/configure.ac
+++ b/configure.ac
@@ -6,9 +6,10 @@ AC_INIT([nemea], [2.1.0], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 
 AC_MSG_CHECKING([network interface name])
-ifcs="`netstat -i`";
-NIC_NAME=`grep -q eth0 <<<"$ifcs" && echo "eth0" ||
-          grep -q enp0s25 <<<"$ifcs" && echo "enp0s25"`
+
+# get IFC of default gateway
+NIC_NAME=`route -n | sed -n '/^0\.0\.0\.0/ s/.*\s\([a-zA-Z0-9]\)/\1/p'`
+
 if [[ -n "$NIC_NAME" ]]; then
     AC_MSG_RESULT([$NIC_NAME])
     AC_SUBST([NIC_NAME])

From 0f29bc337b5eca51309beaaa19fa5319cd0ec4cd Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 7 Dec 2015 14:53:18 +0100
Subject: [PATCH 027/169] add config-examples into README

---
 README.md | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 64ccfd6..c968c40 100644
--- a/README.md
+++ b/README.md
@@ -138,7 +138,23 @@ Manage Nemea modules efficiently
 
 The Nemea system can be managed and monitored by a special module called
 [Supervisor](https://github.com/CESNET/Nemea-Supervisor).
-For examples and more information see its README.
+
+Some modules that are contained in Nemea-Modules and Nemea-Detectors provide their default configuration in [config-examples/](./config-examples).
+To use prepared configuration, run `make` in `config-examples` and start:
+```
+nemea-supervisor/supervisor -f config-examples/supervisor_config.xml
+```
+To start `supervisor` in an interactive mode, use `-d`
+
+Some modules need a created directory for data or logs. As it is described in [config-examples/README.md](./config-examples/README.md), the directories might be created by `prepare-default-config.sh`:
+```
+cd config-examples
+./prepare-default-config.sh install
+```
+
+Note: It is totally up to user whether to use `config-examples` or not. It is just an example of working configuration.
+
+For more information about Supervisor see its README.
 
 Nemea Related Publications
 ==========================

From 381c7e7a61f51e7379d676c6c39e8d1d394f4e05 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 7 Dec 2015 19:02:28 +0100
Subject: [PATCH 028/169] Updating revision of all submodules

---
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules b/modules
index 035bf7b..660865b 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 035bf7b47efc0d0b42dfd0163c27d8b95b160dbb
+Subproject commit 660865bdae584fa6a4eb292fbee4270a228c6b68
diff --git a/nemea-framework b/nemea-framework
index b7ea8bd..c80d139 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit b7ea8bd4240fb61bacce994ca1d471a7103dd04c
+Subproject commit c80d139dc0649ef6fffe216f9202ef766da3d955
diff --git a/nemea-supervisor b/nemea-supervisor
index b8462cd..7783a63 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit b8462cdb005da2c9ebed64de89b31d7d3c580a4e
+Subproject commit 7783a63e34438612f9a6681afef2b6c7ff8ae314

From 3b07e60608ddab0958eca26118b91c6840029cda Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 7 Dec 2015 21:46:34 +0100
Subject: [PATCH 029/169] config-examples: clean files

---
 config-examples/amplification_detection.sup | 16 ++--------------
 config-examples/flow_meter.sup.in           | 14 +-------------
 config-examples/hoststats.sup               | 14 +-------------
 config-examples/ipblacklistfilter.sup       | 16 ++--------------
 config-examples/traffic_repeater.sup        |  8 +-------
 5 files changed, 7 insertions(+), 61 deletions(-)

diff --git a/config-examples/amplification_detection.sup b/config-examples/amplification_detection.sup
index 86ae652..5f9324b 100644
--- a/config-examples/amplification_detection.sup
+++ b/config-examples/amplification_detection.sup
@@ -16,12 +16,6 @@
   <direction>OUT</direction>
   <params>dns_amp_reports</params>
 </interface>
-<interface>
-  <note/>
-  <type>SERVICE</type>
-  <direction>SERVICE</direction>
-  <params>service_dns_amp</params>
-</interface>
 </trapinterfaces>
 </module>
 
@@ -29,19 +23,13 @@
 <name>dns_amplification_logger</name>
 <enabled>true</enabled>
 <path>/usr/bin/nemea/logger</path>
-<params>-t -T -a /data/dns_amplification_detection/detected.log &lt;AMPLIFICATION_ALERT&gt;</params>
+<params>-t -T -a /data/dns_amplification_detection/detected.log</params>
 <trapinterfaces>
 <interface>
   <note/>
   <type>UNIXSOCKET</type>
   <direction>IN</direction>
-  <params>localhost,dns_amp_reports</params>
-</interface>
-<interface>
-  <note/>
-  <type>SERVICE</type>
-  <direction>SERVICE</direction>
-  <params>service_dns_amp_logger</params>
+  <params>dns_amp_reports</params>
 </interface>
 </trapinterfaces>
 </module>
diff --git a/config-examples/flow_meter.sup.in b/config-examples/flow_meter.sup.in
index a9da9dd..2236d93 100644
--- a/config-examples/flow_meter.sup.in
+++ b/config-examples/flow_meter.sup.in
@@ -8,13 +8,7 @@
   <note/>
   <type>UNIXSOCKET</type>
   <direction>OUT</direction>
-  <params>flow_meter</params>
-</interface>
-<interface>
-  <note/>
-  <type>SERVICE</type>
-  <direction>SERVICE</direction>
-  <params>service_flow_meter</params>
+  <params>flow_data_source</params>
 </interface>
 </trapinterfaces>
 </module>
@@ -31,11 +25,5 @@
   <direction>IN</direction>
   <params>flow_meter</params>
 </interface>
-<interface>
-  <note/>
-  <type>SERVICE</type>
-  <direction>SERVICE</direction>
-  <params>service_flow_meter_logger</params>
-</interface>
 </trapinterfaces>
 </module>
diff --git a/config-examples/hoststats.sup b/config-examples/hoststats.sup
index 9fcdc5c..e8ff198 100644
--- a/config-examples/hoststats.sup
+++ b/config-examples/hoststats.sup
@@ -16,17 +16,11 @@
   <direction>OUT</direction>
   <params>hs_nemea_reports</params>
 </interface>
-<interface>
-  <note/>
-  <type>SERVICE</type>
-  <direction>SERVICE</direction>
-  <params>service_hs_nemea</params>
-</interface>
 </trapinterfaces>
 </module>
 
 <module>
-<name>hs_nemea_logger</name>
+<name>hoststatsnemea_logger</name>
 <enabled>true</enabled>
 <path>/usr/bin/nemea/logger</path>
 <params>-t -T -a /data/hoststatsnemea/detected.log</params>
@@ -37,11 +31,5 @@
   <direction>IN</direction>
   <params>hs_nemea_reports</params>
 </interface>
-<interface>
-  <note/>
-  <type>SERVICE</type>
-  <direction>SERVICE</direction>
-  <params>service_hs_nemea_logger</params>
-</interface>
 </trapinterfaces>
 </module>
diff --git a/config-examples/ipblacklistfilter.sup b/config-examples/ipblacklistfilter.sup
index a0d1b5d..68956d4 100644
--- a/config-examples/ipblacklistfilter.sup
+++ b/config-examples/ipblacklistfilter.sup
@@ -16,20 +16,14 @@
   <direction>OUT</direction>
   <params>ipblacklistfilter_reports</params>
 </interface>
-<interface>
-  <note/>
-  <type>SERVICE</type>
-  <direction>SERVICE</direction>
-  <params>service_ipblacklistfilter_detector</params>
-</interface>
 </trapinterfaces>
 </module>
 
 <module>
-<name>ipblf_logger</name>
+<name>ipblacklistfilter_logger</name>
 <enabled>true</enabled>
 <path>/usr/bin/nemea/logger</path>
-<params>-t -T -a /data/ipblacklistfilter/detected.log &lt;COLLECTOR_FLOW&gt;,SRC_BLACKLIST,DST_BLACKLIST,EVENT_SCALE</params>
+<params>-t -T -a /data/ipblacklistfilter/detected.log</params>
 <trapinterfaces>
 <interface>
   <note/>
@@ -37,12 +31,6 @@
   <direction>IN</direction>
   <params>localhost,ipblacklistfilter_reports</params>
 </interface>
-<interface>
-  <note/>
-  <type>SERVICE</type>
-  <direction>SERVICE</direction>
-  <params>service_ipblacklistfilter_logger</params>
-</interface>
 </trapinterfaces>
 </module>
 
diff --git a/config-examples/traffic_repeater.sup b/config-examples/traffic_repeater.sup
index a5c88bf..c733138 100644
--- a/config-examples/traffic_repeater.sup
+++ b/config-examples/traffic_repeater.sup
@@ -8,7 +8,7 @@
   <note/>
   <type>TCP</type>
   <direction>IN</direction>
-  <params>localhost,7600</params>
+  <params>7600</params>
 </interface>
 <interface>
   <note/>
@@ -16,12 +16,6 @@
   <direction>OUT</direction>
   <params>flow_data_source</params>
 </interface>
-<interface>
-  <note/>
-  <type>SERVICE</type>
-  <direction>SERVICE</direction>
-  <params>service_traffic_repeater</params>
-</interface>
 </trapinterfaces>
 </module>
 

From 33b9562cf9db1605e8f3d79c6d7c75ee01dbbb67 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 7 Dec 2015 21:46:57 +0100
Subject: [PATCH 030/169] config: fixed NIC detection

replaced sed with awk
---
 configure.ac | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index bcd3c66..0c755a0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -8,7 +8,7 @@ AM_INIT_AUTOMAKE([foreign subdir-objects])
 AC_MSG_CHECKING([network interface name])
 
 # get IFC of default gateway
-NIC_NAME=`route -n | sed -n '/^0\.0\.0\.0/ s/.*\s\([a-zA-Z0-9]\)/\1/p'`
+NIC_NAME=$(route -n | awk '/^0\.0\.0\.0/ {print $NF}')
 
 if [[ -n "$NIC_NAME" ]]; then
     AC_MSG_RESULT([$NIC_NAME])

From 38a5a0614544f9020ea70d3af1fefff3bc735d0d Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 7 Dec 2015 23:56:18 +0100
Subject: [PATCH 031/169] config-examples: fixed name of flow_meter

---
 config-examples/flow_meter.sup.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config-examples/flow_meter.sup.in b/config-examples/flow_meter.sup.in
index 2236d93..68e5f86 100644
--- a/config-examples/flow_meter.sup.in
+++ b/config-examples/flow_meter.sup.in
@@ -1,5 +1,5 @@
 <module>
-<name>hoststatsnemea</name>
+<name>flow_meter</name>
 <enabled>false</enabled>
 <path>/usr/bin/nemea/flow_meter</path>
 <params>-I @NIC_NAME@</params>

From c4135389e0739fbfdc8bd59888c9e95a815ed50b Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Tue, 8 Dec 2015 16:44:44 +0100
Subject: [PATCH 032/169] config-examples: move into nemea-supervisor

The main reason is RPM creation.  It is needed to pack configuration
file and nemea-supervisor is the easiest way since it already creates
RPM package.  In addition, config-examples/ directory contains files for
supervisor so it is logical to put it in the same repository.
---
 Makefile.am                                   |  2 +-
 README.md                                     | 17 +++----
 config-examples/Makefile.am                   | 17 -------
 config-examples/README.md                     | 31 ------------
 config-examples/amplification_detection.mkdir |  1 -
 config-examples/amplification_detection.sup   | 36 -------------
 config-examples/flow_meter.mkdir              |  2 -
 config-examples/flow_meter.sup.in             | 29 -----------
 config-examples/hoststats.mkdir               |  1 -
 config-examples/hoststats.sup                 | 35 -------------
 config-examples/ipblacklistfilter.mkdir       |  1 -
 config-examples/ipblacklistfilter.sup         | 36 -------------
 config-examples/prepare_default_config.sh     | 50 -------------------
 config-examples/supervisor.mkdir              |  1 -
 config-examples/traffic_repeater.sup          | 21 --------
 configure.ac                                  | 14 +-----
 16 files changed, 9 insertions(+), 285 deletions(-)
 delete mode 100644 config-examples/Makefile.am
 delete mode 100644 config-examples/README.md
 delete mode 100644 config-examples/amplification_detection.mkdir
 delete mode 100644 config-examples/amplification_detection.sup
 delete mode 100644 config-examples/flow_meter.mkdir
 delete mode 100644 config-examples/flow_meter.sup.in
 delete mode 100644 config-examples/hoststats.mkdir
 delete mode 100644 config-examples/hoststats.sup
 delete mode 100644 config-examples/ipblacklistfilter.mkdir
 delete mode 100644 config-examples/ipblacklistfilter.sup
 delete mode 100755 config-examples/prepare_default_config.sh
 delete mode 100644 config-examples/supervisor.mkdir
 delete mode 100644 config-examples/traffic_repeater.sup

diff --git a/Makefile.am b/Makefile.am
index b37d89d..5380cb4 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS=nemea-framework nemea-supervisor modules detectors config-examples
+SUBDIRS=nemea-framework nemea-supervisor modules detectors
 
 # because of supervisor, disable systemd checking and installation during
 # distcheck
diff --git a/README.md b/README.md
index c968c40..afdc591 100644
--- a/README.md
+++ b/README.md
@@ -139,22 +139,19 @@ Manage Nemea modules efficiently
 The Nemea system can be managed and monitored by a special module called
 [Supervisor](https://github.com/CESNET/Nemea-Supervisor).
 
-Some modules that are contained in Nemea-Modules and Nemea-Detectors provide their default configuration in [config-examples/](./config-examples).
-To use prepared configuration, run `make` in `config-examples` and start:
+Some modules that are contained in Nemea-Modules and Nemea-Detectors provide their default
+configuration in [https://github.com/CESNET/Nemea-Supervisor/tree/master/configs/](nemea-supervisor/configs/).
+To use prepared configuration, run `make` in `nemea-supervisor/configs` and start:
 ```
-nemea-supervisor/supervisor -f config-examples/supervisor_config.xml
+nemea-supervisor/supervisor -f nemea-supervisor/configs/supervisor_config.xml
 ```
 To start `supervisor` in an interactive mode, use `-d`
 
-Some modules need a created directory for data or logs. As it is described in [config-examples/README.md](./config-examples/README.md), the directories might be created by `prepare-default-config.sh`:
-```
-cd config-examples
-./prepare-default-config.sh install
-```
+For more information about Supervisor see its README.
 
-Note: It is totally up to user whether to use `config-examples` or not. It is just an example of working configuration.
+Note: It is totally up to user whether to use `nemea-supervisor/configs` or not.  It is just
+an example of working configuration.
 
-For more information about Supervisor see its README.
 
 Nemea Related Publications
 ==========================
diff --git a/config-examples/Makefile.am b/config-examples/Makefile.am
deleted file mode 100644
index 0d83113..0000000
--- a/config-examples/Makefile.am
+++ /dev/null
@@ -1,17 +0,0 @@
-EXTRA_DIST=amplification_detection.mkdir \
-	   amplification_detection.sup \
-	   hoststats.mkdir \
-	   hoststats.sup \
-	   prepare_default_config.sh \
-	   README.md \
-	   supervisor.mkdir \
-	   traffic_repeater.sup
-
-BUILT_SOURCES=supervisor_config.xml
-
-supervisor_config.xml:
-	./prepare_default_config.sh configonly
-
-clean-local:
-	@rm -f ${BUILT_SOURCES}
-
diff --git a/config-examples/README.md b/config-examples/README.md
deleted file mode 100644
index 5edeb15..0000000
--- a/config-examples/README.md
+++ /dev/null
@@ -1,31 +0,0 @@
-How to use this directory?
-==========================
-
-This directory can be used for automatic generation of default
-configuration for deployment of the Nemea system with supervisor.
-
-To add new module, do the following steps.
-
-Create a file with the _.sup_ extension that will contain module's
-configuration for supervisor.  The supervisor configuration file is
-described in supervisor's README.  However, the format is in XML-style,
-users can inspire themselves by reading existing _.sup_ files.
-
-Note: the content of the _.sup_ file is placed into template of new
-supervisor's configuration file.  Therefore, it need not to have only one
-root element as normal XML must have.
-
-If the added module need to use existing one or more directories e.g. for
-logs or outputs, create a second file with _.mkdir_ extension instead of _.sup_
-for the module.  The content of _.mkdir_ is simply read and passed to mkdir(1)
-and chmod(1).  This script does NOT support white spaces in the paths that
-are listed in _.mkdir_ files.
-
-To generate new supervisor config files and to create needed directories,
-run the *prepare_default_config.sh* script.  The output configuration file
-can be found as *supervisor_config.xml*.  It must be moved into default path
-e.g. /etc/nemea/.
-
-Note: if there is a special need of permissions and owners setting,
-it should be tuned manually.  Patches are welcome...
-
diff --git a/config-examples/amplification_detection.mkdir b/config-examples/amplification_detection.mkdir
deleted file mode 100644
index f2b7ffa..0000000
--- a/config-examples/amplification_detection.mkdir
+++ /dev/null
@@ -1 +0,0 @@
-/data/dns_amplification_detection/
diff --git a/config-examples/amplification_detection.sup b/config-examples/amplification_detection.sup
deleted file mode 100644
index 5f9324b..0000000
--- a/config-examples/amplification_detection.sup
+++ /dev/null
@@ -1,36 +0,0 @@
-<module>
-<name>dns_amplification</name>
-<enabled>true</enabled>
-<path>/usr/bin/nemea/amplification_detection</path>
-<params>-d /data/dns_amplification_detection/</params>
-<trapinterfaces>
-<interface>
-  <note/>
-  <type>UNIXSOCKET</type>
-  <direction>IN</direction>
-  <params>flow_data_source</params>
-</interface>
-<interface>
-  <note/>
-  <type>UNIXSOCKET</type>
-  <direction>OUT</direction>
-  <params>dns_amp_reports</params>
-</interface>
-</trapinterfaces>
-</module>
-
-<module>
-<name>dns_amplification_logger</name>
-<enabled>true</enabled>
-<path>/usr/bin/nemea/logger</path>
-<params>-t -T -a /data/dns_amplification_detection/detected.log</params>
-<trapinterfaces>
-<interface>
-  <note/>
-  <type>UNIXSOCKET</type>
-  <direction>IN</direction>
-  <params>dns_amp_reports</params>
-</interface>
-</trapinterfaces>
-</module>
-
diff --git a/config-examples/flow_meter.mkdir b/config-examples/flow_meter.mkdir
deleted file mode 100644
index 69c11cd..0000000
--- a/config-examples/flow_meter.mkdir
+++ /dev/null
@@ -1,2 +0,0 @@
-/data/flow_meter
-
diff --git a/config-examples/flow_meter.sup.in b/config-examples/flow_meter.sup.in
deleted file mode 100644
index 68e5f86..0000000
--- a/config-examples/flow_meter.sup.in
+++ /dev/null
@@ -1,29 +0,0 @@
-<module>
-<name>flow_meter</name>
-<enabled>false</enabled>
-<path>/usr/bin/nemea/flow_meter</path>
-<params>-I @NIC_NAME@</params>
-<trapinterfaces>
-<interface>
-  <note/>
-  <type>UNIXSOCKET</type>
-  <direction>OUT</direction>
-  <params>flow_data_source</params>
-</interface>
-</trapinterfaces>
-</module>
-
-<module>
-<name>flow_meter_logger</name>
-<enabled>false</enabled>
-<path>/usr/bin/nemea/logger</path>
-<params>-t -T -a /data/flow_meter/flows.log</params>
-<trapinterfaces>
-<interface>
-  <note/>
-  <type>UNIXSOCKET</type>
-  <direction>IN</direction>
-  <params>flow_meter</params>
-</interface>
-</trapinterfaces>
-</module>
diff --git a/config-examples/hoststats.mkdir b/config-examples/hoststats.mkdir
deleted file mode 100644
index 7c144ae..0000000
--- a/config-examples/hoststats.mkdir
+++ /dev/null
@@ -1 +0,0 @@
-/data/hoststatsnemea/
diff --git a/config-examples/hoststats.sup b/config-examples/hoststats.sup
deleted file mode 100644
index e8ff198..0000000
--- a/config-examples/hoststats.sup
+++ /dev/null
@@ -1,35 +0,0 @@
-<module>
-<name>hoststatsnemea</name>
-<enabled>true</enabled>
-<path>/usr/bin/nemea/hoststatsnemea</path>
-<params>-c /etc/nemea/hoststats.conf</params>
-<trapinterfaces>
-<interface>
-  <note/>
-  <type>UNIXSOCKET</type>
-  <direction>IN</direction>
-  <params>flow_data_source</params>
-</interface>
-<interface>
-  <note/>
-  <type>UNIXSOCKET</type>
-  <direction>OUT</direction>
-  <params>hs_nemea_reports</params>
-</interface>
-</trapinterfaces>
-</module>
-
-<module>
-<name>hoststatsnemea_logger</name>
-<enabled>true</enabled>
-<path>/usr/bin/nemea/logger</path>
-<params>-t -T -a /data/hoststatsnemea/detected.log</params>
-<trapinterfaces>
-<interface>
-  <note/>
-  <type>UNIXSOCKET</type>
-  <direction>IN</direction>
-  <params>hs_nemea_reports</params>
-</interface>
-</trapinterfaces>
-</module>
diff --git a/config-examples/ipblacklistfilter.mkdir b/config-examples/ipblacklistfilter.mkdir
deleted file mode 100644
index fde12bb..0000000
--- a/config-examples/ipblacklistfilter.mkdir
+++ /dev/null
@@ -1 +0,0 @@
-/data/ipblacklistfilter
diff --git a/config-examples/ipblacklistfilter.sup b/config-examples/ipblacklistfilter.sup
deleted file mode 100644
index 68956d4..0000000
--- a/config-examples/ipblacklistfilter.sup
+++ /dev/null
@@ -1,36 +0,0 @@
-<module>
-<name>ipblacklistfilter</name>
-<enabled>true</enabled>
-<path>/usr/bin/nemea/ipblacklistfilter</path>
-<params>-D</params>
-<trapinterfaces>
-<interface>
-  <note/>
-  <type>UNIXSOCKET</type>
-  <direction>IN</direction>
-  <params>flow_data_source</params>
-</interface>
-<interface>
-  <note/>
-  <type>UNIXSOCKET</type>
-  <direction>OUT</direction>
-  <params>ipblacklistfilter_reports</params>
-</interface>
-</trapinterfaces>
-</module>
-
-<module>
-<name>ipblacklistfilter_logger</name>
-<enabled>true</enabled>
-<path>/usr/bin/nemea/logger</path>
-<params>-t -T -a /data/ipblacklistfilter/detected.log</params>
-<trapinterfaces>
-<interface>
-  <note/>
-  <type>UNIXSOCKET</type>
-  <direction>IN</direction>
-  <params>localhost,ipblacklistfilter_reports</params>
-</interface>
-</trapinterfaces>
-</module>
-
diff --git a/config-examples/prepare_default_config.sh b/config-examples/prepare_default_config.sh
deleted file mode 100755
index cbb71c2..0000000
--- a/config-examples/prepare_default_config.sh
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh
-
-# name of the output file:
-conffile=supervisor_config.xml
-
-echo "This script expects one argument: 'configonly' or 'install'.
-
-'configonly': creates a config file for Nemea-Supervisor using *.sup files.
-'install':    runs 'configonly' and also creates directories from *.mkdir files.
-
-Note: root permissions are probably needed for 'install'"
-
-if [ "$1" = "configonly" -o "$1" = "install" ]; then
-	cat > "$conffile" <<END
-<?xml version="1.0"?>
-<nemea-supervisor>
-	<supervisor>
-		<verbose>false</verbose>
-		<module-restarts>4</module-restarts>
-		<logs-directory>/var/log/nemea-supervisor/</logs-directory>
-	</supervisor>
-
-	<modules>
-		<name>detection modules</name>
-		<enabled>true</enabled>
-
-END
-
-	cat *.sup >> "$conffile"
-
-	cat >> "$conffile" <<END
-	</modules>
-</nemea-supervisor>
-END
-
-	xmllint -format "$conffile" > "$conffile.tmp" && mv "$conffile.tmp" "$conffile"
-
-fi
-
-# creation of needed directories and permissions setup
-if [ "$1" = "install" ]; then
-	for f in *.mkdir; do
-		for d in `cat "$f"`; do
-			mkdir -p "$d"
-			# This is not secure enough! It grants full access to the directory:
-			chmod 777 "$d"
-		done
-	done
-fi
-
diff --git a/config-examples/supervisor.mkdir b/config-examples/supervisor.mkdir
deleted file mode 100644
index 557bee9..0000000
--- a/config-examples/supervisor.mkdir
+++ /dev/null
@@ -1 +0,0 @@
-/var/log/nemea-supervisor/
diff --git a/config-examples/traffic_repeater.sup b/config-examples/traffic_repeater.sup
deleted file mode 100644
index c733138..0000000
--- a/config-examples/traffic_repeater.sup
+++ /dev/null
@@ -1,21 +0,0 @@
-<module>
-<name>traffic_repeater</name>
-<enabled>true</enabled>
-<path>/usr/bin/nemea/traffic_repeater</path>
-<params></params>
-<trapinterfaces>
-<interface>
-  <note/>
-  <type>TCP</type>
-  <direction>IN</direction>
-  <params>7600</params>
-</interface>
-<interface>
-  <note/>
-  <type>UNIXSOCKET</type>
-  <direction>OUT</direction>
-  <params>flow_data_source</params>
-</interface>
-</trapinterfaces>
-</module>
-
diff --git a/configure.ac b/configure.ac
index 0c755a0..8511469 100644
--- a/configure.ac
+++ b/configure.ac
@@ -5,18 +5,6 @@ AC_PREREQ([2.63])
 AC_INIT([nemea], [2.1.0], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 
-AC_MSG_CHECKING([network interface name])
-
-# get IFC of default gateway
-NIC_NAME=$(route -n | awk '/^0\.0\.0\.0/ {print $NF}')
-
-if [[ -n "$NIC_NAME" ]]; then
-    AC_MSG_RESULT([$NIC_NAME])
-    AC_SUBST([NIC_NAME])
-else
-    AC_MSG_RESULT([not found])
-fi
-
 # Checks for programs.
 
 # Checks for libraries.
@@ -27,6 +15,6 @@ fi
 
 # Checks for library functions.
 
-AC_CONFIG_FILES([Makefile config-examples/Makefile config-examples/flow_meter.sup])
+AC_CONFIG_FILES([Makefile])
 AC_CONFIG_SUBDIRS([nemea-framework nemea-supervisor modules detectors])
 AC_OUTPUT

From b950ac1771506cb61aa73bb8f551cdb22740d0af Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Tue, 8 Dec 2015 17:23:53 +0100
Subject: [PATCH 033/169] Updating revision of nemea-supervisor

---
 nemea-supervisor | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nemea-supervisor b/nemea-supervisor
index 7783a63..6aa621d 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 7783a63e34438612f9a6681afef2b6c7ff8ae314
+Subproject commit 6aa621d5cc93165c1e93f77006dd00abc98d82c7

From 83bc725b55114e211d31b20561a26c1bbcc1cd44 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 9 Dec 2015 14:55:11 +0100
Subject: [PATCH 034/169] list of dependences

---
 dependencies.md | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 dependencies.md

diff --git a/dependencies.md b/dependencies.md
new file mode 100644
index 0000000..c341557
--- /dev/null
+++ b/dependencies.md
@@ -0,0 +1,23 @@
+# Building environment
+
+autoconf
+automake
+gcc
+gcc-c++
+libtool
+libxml2-devel
+libxml2-utils (contains xmllint on Debian)
+make
+pkg-config
+
+## Optional dependencies of modules and detectors
+
+rpm-build (build of RPM packages)
+
+libpcap (flow_meter)
+libnfdump [http://sourceforge.net/projects/libnfdump/] or libnf [https://github.com/VUTBR/nf-tools/tree/master/libnf/c] (nfreader)
+
+libidn (blacklistfilter)
+
+bison and flex (unirecfilter)
+

From dc82fd39db0eba4d5a53d48670370ab109150a3d Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 9 Dec 2015 15:00:41 +0100
Subject: [PATCH 035/169] Update dependencies.md

reformatting
---
 dependencies.md | 39 +++++++++++++++++++++++++--------------
 1 file changed, 25 insertions(+), 14 deletions(-)

diff --git a/dependencies.md b/dependencies.md
index c341557..87b4dd9 100644
--- a/dependencies.md
+++ b/dependencies.md
@@ -1,23 +1,34 @@
 # Building environment
 
-autoconf
-automake
-gcc
-gcc-c++
-libtool
-libxml2-devel
-libxml2-utils (contains xmllint on Debian)
-make
-pkg-config
+* autoconf
+* automake
+* gcc
+* gcc-c++
+* libtool
+* libxml2-devel
+* libxml2-utils (contains xmllint on Debian)
+* make
+* pkg-config
 
 ## Optional dependencies of modules and detectors
 
-rpm-build (build of RPM packages)
+* rpm-build (build of RPM packages)
+* libpcap (flow_meter)
+* libnfdump (http://sourceforge.net/projects/libnfdump/) or libnf (https://github.com/VUTBR/nf-tools/tree/master/libnf/c) (nfreader)
+* libidn (blacklistfilter)
+* bison and flex (unirecfilter)
 
-libpcap (flow_meter)
-libnfdump [http://sourceforge.net/projects/libnfdump/] or libnf [https://github.com/VUTBR/nf-tools/tree/master/libnf/c] (nfreader)
+## How to install everything:
 
-libidn (blacklistfilter)
+```
+dnf install -y autoconf automake gcc gcc-c++ libtool libxml2-devel make pkg-config libpcap libidn bison flex
+```
 
-bison and flex (unirecfilter)
+On older systems use `yum` instead of `dnf`.
 
+On Debian-based systems:
+
+```
+apt-get update;
+apt-get install TODO
+```

From e3bd714419479e1b997ab4301488b5ebb075efa7 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 9 Dec 2015 15:43:16 +0100
Subject: [PATCH 036/169] README.md: link to dependencies

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index afdc591..5545781 100644
--- a/README.md
+++ b/README.md
@@ -10,6 +10,8 @@ https://www.liberouter.org/nemea.
 Installation
 ============
 
+For the list of dependencies, please have a look into [dependencies.md](./dependencies.md).
+
 There are three different ways of installation of the Nemea system covered
 in this document: vagrant, binary packages and spurce codes.
 

From 5bfcfd1f190f25bd711ee1d3f3a57ce1ac9d79ed Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 6 Jan 2016 15:31:14 +0100
Subject: [PATCH 037/169] rpms: improved path, it caused issues during
 installation

---
 rpms.sh | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/rpms.sh b/rpms.sh
index d64353e..8ceee5e 100755
--- a/rpms.sh
+++ b/rpms.sh
@@ -73,37 +73,37 @@ export chuser
    (
       cd libtrap
       su $chuser -p -c "$topdir/generate-rpm.sh"
-      $pkginst install -y -q RPM*/RPMS/*/*
+      $pkginst install -y -q ./RPM*/RPMS/*/*
    )
    (
       cd common
       su $chuser -p -c "$topdir/generate-rpm.sh"
-      $pkginst install -y -q RPM*/RPMS/*/*
+      $pkginst install -y -q ./RPM*/RPMS/*/*
    )
    (
       cd unirec
       su $chuser -p -c "$topdir/generate-rpm.sh"
-      $pkginst install -y -q RPM*/RPMS/*/*
+      $pkginst install -y -q ./RPM*/RPMS/*/*
    )
    (
       cd python
       su $chuser -p -c "$topdir/generate-rpm.sh"
-      $pkginst install -y -q RPM*/RPMS/*/*
+      $pkginst install -y -q ./RPM*/RPMS/*/*
    )
 )
 (
    cd modules
    su $chuser -p -c "$topdir/generate-rpm.sh"
-   $pkginst install -y -q RPM*/RPMS/*/*
+   $pkginst install -y -q ./RPM*/RPMS/*/*
 )
 (
    cd detectors
    su $chuser -p -c "$topdir/generate-rpm.sh"
-   $pkginst install -y -q RPM*/RPMS/*/*
+   $pkginst install -y -q ./RPM*/RPMS/*/*
 )
 (
    cd nemea-supervisor
    su $chuser -p -c "$topdir/generate-rpm.sh"
-   $pkginst install -y -q RPM*/RPMS/*/*
+   $pkginst install -y -q ./RPM*/RPMS/*/*
 )
 

From 4db6e90be788aeff9282c600f3401a7fc1d6f36a Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sat, 23 Jan 2016 18:20:36 +0100
Subject: [PATCH 038/169] Update revision of modules

using ur_processor.sh
---
 detectors       | 2 +-
 modules         | 2 +-
 nemea-framework | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/detectors b/detectors
index 2e1e0c3..ee2981c 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 2e1e0c3da9b380a48a63363144a6e6f67e550076
+Subproject commit ee2981c520cf02bfb4c155f2e5af91d3290ca9af
diff --git a/modules b/modules
index 660865b..491e0bc 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 660865bdae584fa6a4eb292fbee4270a228c6b68
+Subproject commit 491e0bc30b2046b769347b954bfa34e8f2c15278
diff --git a/nemea-framework b/nemea-framework
index c80d139..6c8fdd6 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit c80d139dc0649ef6fffe216f9202ef766da3d955
+Subproject commit 6c8fdd646907ebe26cad714e5234fa01ccec51ff

From 1ce7cdb3a9b2b143a7786f0a77afdebecb070a8b Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sat, 23 Jan 2016 18:21:31 +0100
Subject: [PATCH 039/169] update revision of supervisor

fixes, configs update
---
 nemea-supervisor | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nemea-supervisor b/nemea-supervisor
index 6aa621d..1cbb791 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 6aa621d5cc93165c1e93f77006dd00abc98d82c7
+Subproject commit 1cbb791559ac43008c2c4b541e29bd1c1598d67c

From bc71f415d7bc6a67565119b8b4effa6e64dad2d5 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Sat, 23 Jan 2016 20:48:14 +0100
Subject: [PATCH 040/169] updated revision of Nemea

---
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/detectors b/detectors
index 2e1e0c3..d114aa3 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 2e1e0c3da9b380a48a63363144a6e6f67e550076
+Subproject commit d114aa39656cbd827840816a610b1942651efefe
diff --git a/modules b/modules
index 660865b..491e0bc 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 660865bdae584fa6a4eb292fbee4270a228c6b68
+Subproject commit 491e0bc30b2046b769347b954bfa34e8f2c15278
diff --git a/nemea-framework b/nemea-framework
index c80d139..735c41a 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit c80d139dc0649ef6fffe216f9202ef766da3d955
+Subproject commit 735c41ad7db5300c1f00dd6df8b4519b48691b6d
diff --git a/nemea-supervisor b/nemea-supervisor
index 6aa621d..1cbb791 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 6aa621d5cc93165c1e93f77006dd00abc98d82c7
+Subproject commit 1cbb791559ac43008c2c4b541e29bd1c1598d67c

From 0b5d9f619dce798d085529240f1a36454a02ca59 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Mon, 25 Jan 2016 15:12:58 +0100
Subject: [PATCH 041/169] updated revision

---
 nemea-framework | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nemea-framework b/nemea-framework
index 735c41a..1635417 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 735c41ad7db5300c1f00dd6df8b4519b48691b6d
+Subproject commit 163541716ad25a5ab0bd8f93c90e471f9e35d26e

From 2baa50fb162c29fd0a6be5152a9e46642f45cd49 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Tue, 2 Feb 2016 15:03:19 +0100
Subject: [PATCH 042/169] vagrant: sl6: cleanup, libnf, base install with pcap

---
 vagrant/Vagrantfile.SL6 | 39 ++++++++-------------------------------
 1 file changed, 8 insertions(+), 31 deletions(-)

diff --git a/vagrant/Vagrantfile.SL6 b/vagrant/Vagrantfile.SL6
index 147d80d..7f725a5 100644
--- a/vagrant/Vagrantfile.SL6
+++ b/vagrant/Vagrantfile.SL6
@@ -12,13 +12,13 @@ yum install -y autoconf automake gcc gcc-g++ libtool libxml2-devel m4 make \
 openssl libssl-devel pkg-config libxslt-devel \
 libcurl4-openssl-dev xsltproc git curl-devel \
 libxml2-python libxslt-python doxygen munin munin-node \
-httpd bison flex
+libpcap-devel httpd bison flex
+
+wget -q https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/libnf-1.17-1.x86_64.rpm
+wget -q https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/libnf-devel-1.17-1.x86_64.rpm
+wget -q https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/libnf-debuginfo-1.17-1.x86_64.rpm
+yum install -y ./libnf*
 
-wget -q http://downloads.sourceforge.net/project/libnfdump/libnfdump-0.1.1.tar.gz && tar -xf libnfdump-0.1.1.tar.gz
-cd libnfdump-0.1.1
-./configure  --prefix=/usr --libdir=/usr/lib64 -q && make V=0 install
-cd ..
-rm -rf libnfdump-0.1.1*
 yum clean all
 
 SCRIPT
@@ -34,9 +34,7 @@ echo "export PATH=\$PATH:/usr/bin/nemea/" > /etc/profile.d/nemea.sh
 SCRIPT
 
 $run_supervisor = <<SCRIPT
-cd /root/nemea/config-examples
-./prepare_default_config.sh install
-cp supervisor_config.xml /etc/nemea/
+/usr/bin/nemea/set_default_nic.sh /etc/nemea/supervisor_config.xml
 service nemea-supervisor restart
 chkconfig nemea-supervisor on
 SCRIPT
@@ -55,27 +53,6 @@ chkconfig munin-node on
 chkconfig httpd on
 SCRIPT
 
-$run_netopeer = <<SCRIPT
-cat > /var/lib/libnetconf/datastore-acm.xml <<SCRIPT2
-<?xml version="1.0" encoding="UTF-8"?>
-<datastores xmlns="urn:cesnet:tmc:datastores:file">
-<running lock="">
-<nacm xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-acm">
-<enable-nacm>false</enable-nacm>
-</nacm>
-</running>
-<startup lock="">
-<nacm xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-acm">
-<enable-nacm>false</enable-nacm>
-</nacm>
-</startup>
-<candidate modified="false" lock=""/>
-</datastores>
-SCRIPT2
-
-service netopeer.rc start
-chkconfig netopeer.rc on
-SCRIPT
 
 $run_iptables = <<SCRIPT
 iptables -I INPUT 2 -p TCP --dport 830 -j ACCEPT
@@ -89,7 +66,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
      # If private network is needed due to communication with other VMs:
      #nemeademo.vm.network "private_network", :type => 'dhcp'
 
-     # Already installed in the nemea-2-1-0 box -> skip:
+     nemeademo.vm.provision :shell, inline: $bootstrap_linux
      nemeademo.vm.provision :shell, inline: $install_nemea
      nemeademo.vm.provision :shell, inline: $run_supervisor
      nemeademo.vm.provision :shell, inline: $run_munin

From 8046e69cc48cfe287d1fa006398b8ecad6cb63ec Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 8 Feb 2016 11:37:15 +0100
Subject: [PATCH 043/169] updated revision of Nemea-Framework (Python3)

Merged python3 branch, support added by Martin Juren from Flowmon
Networks, a.s.
---
 nemea-framework | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nemea-framework b/nemea-framework
index 1635417..d1e14e6 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 163541716ad25a5ab0bd8f93c90e471f9e35d26e
+Subproject commit d1e14e61b8132a65026805a26077e117df256842

From ae0598fdf86e265ffcd9909f3da79807f77ebbbc Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 8 Feb 2016 13:04:26 +0100
Subject: [PATCH 044/169] README.md: fixed links

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 5545781..01d6aec 100644
--- a/README.md
+++ b/README.md
@@ -30,7 +30,7 @@ be supplied soon.
 Source Codes installation
 -------------------------
 
-The Nemea system consists of the [Nemea framework](cejkato2/Nemea-Framework), Nemea modules (basic and detection) and Nemea Supervisor. The whole system
+The Nemea system consists of the [Nemea framework](CESNET/Nemea-Framework), [Nemea modules](CESNET/Nemea-Modules), [Nemea detectors](CESNET/Nemea-Detectors) and [Nemea Supervisor](CESNET/Nemea-Supervisor). The whole system
 is based on GNU/Autotools build system that makes dependency checking and
 building process much more easier.
 

From c38ef0eb19359c1b8b333280f3bc5637f47b259f Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 8 Feb 2016 13:22:14 +0100
Subject: [PATCH 045/169] README: fixed links (replaced with correct format)

Link to external repositories is not handled automatically by github.
---
 README.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 01d6aec..d9ebcd1 100644
--- a/README.md
+++ b/README.md
@@ -30,7 +30,7 @@ be supplied soon.
 Source Codes installation
 -------------------------
 
-The Nemea system consists of the [Nemea framework](CESNET/Nemea-Framework), [Nemea modules](CESNET/Nemea-Modules), [Nemea detectors](CESNET/Nemea-Detectors) and [Nemea Supervisor](CESNET/Nemea-Supervisor). The whole system
+The Nemea system consists of the [Nemea framework](https://github.com/CESNET/Nemea-Framework), [Nemea modules](https://github.com/CESNET/Nemea-Modules), [Nemea detectors](https://github.com/CESNET/Nemea-Detectors) and [Nemea Supervisor](https://github.com/CESNET/Nemea-Supervisor). The whole system
 is based on GNU/Autotools build system that makes dependency checking and
 building process much more easier.
 
@@ -89,10 +89,10 @@ that can be connected with each other. Information about every module can be fou
 ```
 
 Every Nemea module can have one or more communication interfaces (IFC) implemented in
-[libtrap](./nemea-framework/libtrap). There are two types of IFCs: **input** and **output**. Numbers of module's IFCs
+[libtrap](https://github.com/CESNET/Nemea-Framework/tree/master/libtrap). There are two types of IFCs: **input** and **output**. Numbers of module's IFCs
 can be found in its help.
 
-At the beginning, let's try the `logreplay` module ([./modules/logreplay](./modules/logreplay)).
+At the beginning, let's try the `logreplay` module ([modules/logreplay](https://github.com/CESNET/Nemea-Modules/tree/master/logreplay)).
 The help output shows that `logreplay` has one output IFC:
 ```
 Name: LogReplay
@@ -103,7 +103,7 @@ Description:
   of CSV file has to be data format of fields.
 ```
 
-The complement module is `logger` ([./modules/logger](./modules/logger)), help output:
+The complement module is `logger` ([modules/logger](https://github.com/CESNET/Nemea-Modules/tree/master/logger)), help output:
 ```
 Name: Logger
 Inputs: variable
@@ -119,7 +119,7 @@ Description:
 Two modules can be interconnected using one input IFC and one output IFC.
 
 The [./use-cases](./use-cases) directory contains example scripts that demonstrate usage and functionality of
-Nemea modules. `logreplay` and `logger` can be found in [logger-repeater.sh](./use-cases/logger-repeater.sh).
+Nemea modules. `logreplay` and `logger` can be found in [./use-cases/logger-repeater.sh](./use-cases/logger-repeater.sh).
 Start the script to see how flow records are replayed from CSV file by `logreplay` and received by `logger`:
 ```
 cd use-cases
@@ -131,7 +131,7 @@ To get usage of scripts from `use-cases`, execute a script without parameter. Th
 scripts.
 
 `logreplay` is one of possible ways of getting data into the Nemea system.
-There is a [nfreader](./modules/nfreader) module that is able to read and replay `nfdump` files.
+There is a [nfreader](https://github.com/CESNET/Nemea-modules/tree/master/nfreader) module that is able to read and replay `nfdump` files.
 Last but not least, there is an [ipfixcol](https://github.com/CESNET/ipfixcol/) with [ipfixcol2unirec](https://github.com/CESNET/ipfixcol/tree/master/plugins/storage/unirec)
 that is capable of exporting flow data in UniRec format and sending it via libtrap IFC.
 
@@ -142,7 +142,7 @@ The Nemea system can be managed and monitored by a special module called
 [Supervisor](https://github.com/CESNET/Nemea-Supervisor).
 
 Some modules that are contained in Nemea-Modules and Nemea-Detectors provide their default
-configuration in [https://github.com/CESNET/Nemea-Supervisor/tree/master/configs/](nemea-supervisor/configs/).
+configuration in [nemea-supervisor/configs/](https://github.com/CESNET/Nemea-Supervisor/tree/master/configs/).
 To use prepared configuration, run `make` in `nemea-supervisor/configs` and start:
 ```
 nemea-supervisor/supervisor -f nemea-supervisor/configs/supervisor_config.xml

From 78b31ba9603c082de5051ee7d4d8dc8ccbf4cc8e Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Tue, 9 Feb 2016 09:50:04 +0100
Subject: [PATCH 046/169] updated revision of Nemea-Framework

---
 nemea-framework | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nemea-framework b/nemea-framework
index d1e14e6..82f4b59 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit d1e14e61b8132a65026805a26077e117df256842
+Subproject commit 82f4b59bb2f89edde900b71f14f262d18b30c081

From 2a7ec4d04ba057591d551a27f7f510af8c7e1612 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Tue, 9 Feb 2016 16:51:32 +0100
Subject: [PATCH 047/169] doc: move links to other repos to the top

---
 README.md | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index d9ebcd1..5c72386 100644
--- a/README.md
+++ b/README.md
@@ -3,6 +3,12 @@ NEMEA System
 
 Travis CI build: [![Build Status](https://travis-ci.org/CESNET/Nemea.svg?branch=master)](https://travis-ci.org/CESNET/Nemea)
 
+The Nemea system consists of:
+* [Nemea framework](https://github.com/CESNET/Nemea-Framework): The heart of the system that provides interconnection of modules, data format (and its handling) and common functions, algorithms and data structures.
+* [Nemea modules](https://github.com/CESNET/Nemea-Modules): Base modules of the system for export&storage of flow data, replay of stored flow data, filtering, merging, and others. It also contains a basic flow exporter capable of L7 information. 
+* [Nemea detectors](https://github.com/CESNET/Nemea-Detectors): Detection modules that can detect and report various types of malicious traffic such as DoS, DDoS, scanning, bruteforce attacks.
+* [Nemea Supervisor](https://github.com/CESNET/Nemea-Supervisor): Central management and monitoring module of the Nemea system. It takes care of running modules according to configuration.
+
 This file describes the installation and basic usage of the Nemea system.
 To see more general information, please have a look at
 https://www.liberouter.org/nemea.
@@ -30,8 +36,7 @@ be supplied soon.
 Source Codes installation
 -------------------------
 
-The Nemea system consists of the [Nemea framework](https://github.com/CESNET/Nemea-Framework), [Nemea modules](https://github.com/CESNET/Nemea-Modules), [Nemea detectors](https://github.com/CESNET/Nemea-Detectors) and [Nemea Supervisor](https://github.com/CESNET/Nemea-Supervisor). The whole system
-is based on GNU/Autotools build system that makes dependency checking and
+The whole system is based on GNU/Autotools build system that makes dependency checking and
 building process much more easier.
 
 To clone the read-only repositories, use:

From 6c17327e2ea7b9b01725ec07d189168a92afa4f1 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 11 Feb 2016 18:01:57 +0100
Subject: [PATCH 048/169] updated revision of Nemea-Framework&Modules:
 report2idea

Support of IDEA reports that can be stored into MongoDB or sent into
Warden - system for incident sharing (https://wardenw.cesnet.cz/).
---
 modules         | 2 +-
 nemea-framework | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules b/modules
index 491e0bc..addca4c 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 491e0bc30b2046b769347b954bfa34e8f2c15278
+Subproject commit addca4cded8f612c0b276e828bf98ce351c9fa7f
diff --git a/nemea-framework b/nemea-framework
index 82f4b59..aa010bb 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 82f4b59bb2f89edde900b71f14f262d18b30c081
+Subproject commit aa010bb07fba3fa907417c4fcd1385beee8f202f

From 71cd1555b359ab52d5d1b7bdc59af494a3942658 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Tue, 16 Feb 2016 11:40:41 +0100
Subject: [PATCH 049/169] nemea: now possible to create all RPM packages and
 nemea meta package

---
 configure.ac  | 26 +++++++++++++++++---------
 nemea.spec.in | 19 +++++++++++++++++++
 rpms.sh       | 29 +++++++++++++++++++++--------
 3 files changed, 57 insertions(+), 17 deletions(-)
 create mode 100644 nemea.spec.in

diff --git a/configure.ac b/configure.ac
index 8511469..148b961 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,17 +4,25 @@
 AC_PREREQ([2.63])
 AC_INIT([nemea], [2.1.0], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
+RELEASE=1
+AC_SUBST(RELEASE)
+USERNAME=`git config --get user.name`
+USERMAIL=`git config --get user.email`
+AC_SUBST(USERNAME)
+AC_SUBST(USERMAIL)
+# Check for rpmbuild
+AC_CHECK_PROG(RPMBUILD, rpmbuild, rpmbuild, [""])
 
-# Checks for programs.
+AC_SUBST(RPMBUILD)
+if test -z "$RPMBUILD"; then
+	AC_MSG_WARN([Due to missing rpmbuild you will not able to generate RPM package.])
+fi
 
-# Checks for libraries.
+RPM_RELEASE=1
+AC_SUBST(RPM_RELEASE)
+AM_CONDITIONAL(MAKE_RPMS, test x$RPMBUILD != x)
 
-# Checks for header files.
-
-# Checks for typedefs, structures, and compiler characteristics.
-
-# Checks for library functions.
-
-AC_CONFIG_FILES([Makefile])
+AC_CONFIG_FILES([Makefile
+                  nemea.spec])
 AC_CONFIG_SUBDIRS([nemea-framework nemea-supervisor modules detectors])
 AC_OUTPUT
diff --git a/nemea.spec.in b/nemea.spec.in
new file mode 100644
index 0000000..2a9a8eb
--- /dev/null
+++ b/nemea.spec.in
@@ -0,0 +1,19 @@
+Summary: Nemea system
+Name: nemea
+Version: @PACKAGE_VERSION@
+Release: @RELEASE@
+URL: http://www.liberouter.org/
+#Source: https://www.liberouter.org/
+Group: Liberouter
+License: BSD
+Vendor: CESNET, z.s.p.o.
+Packager: @USERNAME@ <@USERMAIL@>
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}
+BuildArch: noarch
+Requires: libtrap nemea-common nemea-modules nemea-detectors nemea-python nemea-pycommon nemea-supervisor
+
+%description
+Meta-package of the Nemea system, the distributed modular system for network traffic analysis and anomaly detection.
+
+%files
+
diff --git a/rpms.sh b/rpms.sh
index 8ceee5e..eb27941 100755
--- a/rpms.sh
+++ b/rpms.sh
@@ -73,37 +73,50 @@ export chuser
    (
       cd libtrap
       su $chuser -p -c "$topdir/generate-rpm.sh"
-      $pkginst install -y -q ./RPM*/RPMS/*/*
+      $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
    )
    (
       cd common
       su $chuser -p -c "$topdir/generate-rpm.sh"
-      $pkginst install -y -q ./RPM*/RPMS/*/*
+      $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
    )
    (
       cd unirec
       su $chuser -p -c "$topdir/generate-rpm.sh"
-      $pkginst install -y -q ./RPM*/RPMS/*/*
+      $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
    )
+   su $chuser -p -c "./bootstrap.sh >/dev/null 2>/dev/null&& ./configure -q"
+   
    (
       cd python
-      su $chuser -p -c "$topdir/generate-rpm.sh"
-      $pkginst install -y -q ./RPM*/RPMS/*/*
+      su $chuser -p -c "make -j4 && make rpm"
+      $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
+   )
+   (
+      cd pycommon
+      su $chuser -p -c "make -j4 && make rpm"
+      $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
    )
 )
 (
    cd modules
    su $chuser -p -c "$topdir/generate-rpm.sh"
-   $pkginst install -y -q ./RPM*/RPMS/*/*
+   $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
 )
 (
    cd detectors
    su $chuser -p -c "$topdir/generate-rpm.sh"
-   $pkginst install -y -q ./RPM*/RPMS/*/*
+   $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
 )
 (
    cd nemea-supervisor
    su $chuser -p -c "$topdir/generate-rpm.sh"
-   $pkginst install -y -q ./RPM*/RPMS/*/*
+   $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
 )
 
+su $chuser -p -c "$topdir/bootstrap.sh >/dev/null 2>/dev/null&& $topdir/configure -q"
+mkdir -p "`pwd`/RPMBUILD"
+rpmbuild  -ba nemea.spec --define "_topdir `pwd`/RPMBUILD"
+mkdir -p "`pwd`/rpms"
+find -name *.rpm -not -path "./rpms/*" -exec mv {} rpms/ \;
+

From 329f2be2d62b72bdfe3dfafac07b367f2ff581a6 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Tue, 16 Feb 2016 15:22:35 +0100
Subject: [PATCH 050/169] rpms.sh: updated releasing nemea-python and
 nemea-pycommon packages

---
 rpms.sh | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/rpms.sh b/rpms.sh
index eb27941..24870b2 100755
--- a/rpms.sh
+++ b/rpms.sh
@@ -85,16 +85,14 @@ export chuser
       su $chuser -p -c "$topdir/generate-rpm.sh"
       $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
    )
-   su $chuser -p -c "./bootstrap.sh >/dev/null 2>/dev/null&& ./configure -q"
-   
    (
       cd python
-      su $chuser -p -c "make -j4 && make rpm"
+      su $chuser -p -c "python setup.py bdist_rpm"
       $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
    )
    (
       cd pycommon
-      su $chuser -p -c "make -j4 && make rpm"
+      su $chuser -p -c "python setup.py bdist_rpm"
       $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
    )
 )

From cb1b125f97bcb1ec9eb736a268e55b9bf77819c1 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Tue, 16 Feb 2016 15:55:52 +0100
Subject: [PATCH 051/169] increased version of nemea

---
 configure.ac | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index 148b961..a20dc73 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([nemea], [2.1.0], [traffic-analysis@cesnet.cz])
+AC_INIT([nemea], [2.2.0], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 RELEASE=1
 AC_SUBST(RELEASE)

From dce4aaf13849d56f667920915d575ffc244bf7b3 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Tue, 16 Feb 2016 15:56:37 +0100
Subject: [PATCH 052/169] updated revision of nemea, released RPM package

---
 configure.ac     | 2 +-
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/configure.ac b/configure.ac
index a20dc73..ec56cc3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([nemea], [2.2.0], [traffic-analysis@cesnet.cz])
+AC_INIT([nemea], [2.2.1], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 RELEASE=1
 AC_SUBST(RELEASE)
diff --git a/detectors b/detectors
index d114aa3..744d59a 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit d114aa39656cbd827840816a610b1942651efefe
+Subproject commit 744d59a578725837813198e496a69c81bb43c700
diff --git a/modules b/modules
index addca4c..0ffaadf 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit addca4cded8f612c0b276e828bf98ce351c9fa7f
+Subproject commit 0ffaadf9e2fd6bd137b494b4a97644998de0b91a
diff --git a/nemea-framework b/nemea-framework
index aa010bb..fa04c56 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit aa010bb07fba3fa907417c4fcd1385beee8f202f
+Subproject commit fa04c569456584faa972d4a2c8f6342b47c339ae
diff --git a/nemea-supervisor b/nemea-supervisor
index 1cbb791..b5d717e 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 1cbb791559ac43008c2c4b541e29bd1c1598d67c
+Subproject commit b5d717ec385743e7e728db653a257cf4428e9fde

From a96f67ea78c50c8d52ff65ecc85ca51852706475 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Tue, 16 Feb 2016 16:08:53 +0100
Subject: [PATCH 053/169] vagrant: add CentOS, moved previous Vagrantfiles into
 separated folders

---
 vagrant/CentOS7/README.md                     | 29 ++++++++++++
 vagrant/CentOS7/Vagrantfile                   | 16 +++++++
 vagrant/Fedora22/README.md                    | 28 +++++++++++
 vagrant/{ => Fedora22}/Vagrantfile.Fedora22   |  0
 vagrant/README.md                             | 46 ++++---------------
 vagrant/ScientificLinux6/README.md            | 28 +++++++++++
 .../{ => ScientificLinux6}/Vagrantfile.SL6    |  0
 vagrant/common/Makefile.am                    |  2 +
 vagrant/common/nemea-dashboard.rb             | 34 ++++++++++++++
 9 files changed, 146 insertions(+), 37 deletions(-)
 create mode 100644 vagrant/CentOS7/README.md
 create mode 100644 vagrant/CentOS7/Vagrantfile
 create mode 100644 vagrant/Fedora22/README.md
 rename vagrant/{ => Fedora22}/Vagrantfile.Fedora22 (100%)
 create mode 100644 vagrant/ScientificLinux6/README.md
 rename vagrant/{ => ScientificLinux6}/Vagrantfile.SL6 (100%)
 create mode 100644 vagrant/common/Makefile.am
 create mode 100644 vagrant/common/nemea-dashboard.rb

diff --git a/vagrant/CentOS7/README.md b/vagrant/CentOS7/README.md
new file mode 100644
index 0000000..88f2534
--- /dev/null
+++ b/vagrant/CentOS7/README.md
@@ -0,0 +1,29 @@
+Installation of NEMEA using Vagrant on CentOS7
+==============================================
+
+If you do not have a vagrant box for CentOS7 box yet, use:
+
+```
+vagrant box add centos/7 --provider=virtualbox
+```
+
+Installation - Final Step
+=========================
+
+Start the VM Installation using (this will take few minutes):
+```
+vagrant up
+```
+
+Once the installation is complete, SSH into the VM:
+```
+vagrant ssh
+```
+
+Content of VM
+=============
+
+* all NEMEA packages installed from RPM from homeproj.cesnet.cz
+* NEMEA-Dashboard
+* ipfixcol with ipfixcol-unirec-output
+
diff --git a/vagrant/CentOS7/Vagrantfile b/vagrant/CentOS7/Vagrantfile
new file mode 100644
index 0000000..ce960aa
--- /dev/null
+++ b/vagrant/CentOS7/Vagrantfile
@@ -0,0 +1,16 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+load '../common/nemea-dashboard.rb'
+
+Vagrant.configure(2) do |config|
+  config.vm.box = "centos/7"
+
+  config.vm.network "forwarded_port", guest: 80, host: 2280
+
+  config.vm.provision "shell", inline: <<-SHELL
+     sudo rpm -ivh https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/liberouter-devel-1.0.0-1.noarch.rpm
+     sudo yum install -y nemea nemea-cesnet-modules ipfixcol ipfixcol-unirec-output
+SHELL
+   config.vm.provision "shell", inline: $nemeadashboard
+end
diff --git a/vagrant/Fedora22/README.md b/vagrant/Fedora22/README.md
new file mode 100644
index 0000000..b59e9d1
--- /dev/null
+++ b/vagrant/Fedora22/README.md
@@ -0,0 +1,28 @@
+Installation of NEMEA using Vagrant on Fedora22 Cloud
+=====================================================
+
+If you do not have a vagrant box for Fedora22 Cloud box yet, use:
+
+```
+vagrant box add fedora22-cloud https://download.fedoraproject.org/pub/fedora/linux/releases/22/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-22-20150521.x86_64.vagrant-virtualbox.box
+```
+
+Installation - Final Step
+=========================
+
+Start the VM Installation using (this will take few minutes):
+```
+vagrant up
+```
+
+Once the installation is complete, SSH into the VM:
+```
+vagrant ssh
+```
+
+Content of VM
+=============
+
+* NEMEA installed from source codes
+* munin
+
diff --git a/vagrant/Vagrantfile.Fedora22 b/vagrant/Fedora22/Vagrantfile.Fedora22
similarity index 100%
rename from vagrant/Vagrantfile.Fedora22
rename to vagrant/Fedora22/Vagrantfile.Fedora22
diff --git a/vagrant/README.md b/vagrant/README.md
index 46a0927..374255d 100644
--- a/vagrant/README.md
+++ b/vagrant/README.md
@@ -7,51 +7,23 @@ The goal is to simplify the installation setup and get started with using the Ne
 Requirements
 ------------
 
-The guide assumes that Virtualbox and Vagrant are installed in your machine.
+The guide assumes that Virtualbox and Vagrant are properly installed in your machine.
 You can download these software here:
 
 - Virtualbox: https://www.virtualbox.org/wiki/Downloads
 - Vagrant: http://www.vagrantup.com/downloads
 
-Vagrant preparation
-====================
+NEMEA Installation Steps
+========================
 
-This directory contains Vagrantfile configuration files that can be used.
-Choose what system you want to use:
+This directory contains prepared configuration (Vagrantfile) for the following systems:
 
-Fedora 22 Cloud
----------------
+* [CentOS 7](./CentOS7/)
+* [Fedora 22 Cloud](./Fedora22/)
+* [Scientific Linux](./ScientificLinux6/)
 
-For installation of Fedora 22 Cloud, rename `Vagrantfile.Fedora22` to `Vagrantfile`
-and use the following command to get Vagrant box:
-
-```
-vagrant box add fedora22-cloud https://download.fedoraproject.org/pub/fedora/linux/releases/22/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-22-20150521.x86_64.vagrant-virtualbox.box
-```
-
-Scientific Linux
-----------------
-
-
-For installation of Scientific Linux, rename `Vagrantfile.SL6` to `Vagrantfile`
-and use the following command to get Vagrant box:
-
-```
-vagrant box add --insecure cesnet/nemea-2-1-0 https://sauvignon.liberouter.org/nemea-2-1-0.box
-```
-
-Installation - Final Step
-=========================
-
-Start the VM Installation using (this will take few minutes):
-```
-vagrant up
-```
-
-Once the installation is complete, SSH into the VM:
-```
-vagrant ssh
-```
+After choosing the system change working directory into the chosen one and follow the
+system dependent instructions in the README.md file.
 
 Troubleshooting
 ===============
diff --git a/vagrant/ScientificLinux6/README.md b/vagrant/ScientificLinux6/README.md
new file mode 100644
index 0000000..f959adb
--- /dev/null
+++ b/vagrant/ScientificLinux6/README.md
@@ -0,0 +1,28 @@
+Installation of NEMEA using Vagrant on Scientific Linux 6
+=========================================================
+
+If you do not have a vagrant box for Scientific Linux 6 box yet, use:
+
+```
+vagrant box add --insecure cesnet/nemea-2-1-0 https://sauvignon.liberouter.org/nemea-2-1-0.box
+```
+
+Installation - Final Step
+=========================
+
+Start the VM Installation using (this will take few minutes):
+```
+vagrant up
+```
+
+Once the installation is complete, SSH into the VM:
+```
+vagrant ssh
+```
+
+Content of VM
+=============
+
+* NEMEA installed from source codes
+* munin
+
diff --git a/vagrant/Vagrantfile.SL6 b/vagrant/ScientificLinux6/Vagrantfile.SL6
similarity index 100%
rename from vagrant/Vagrantfile.SL6
rename to vagrant/ScientificLinux6/Vagrantfile.SL6
diff --git a/vagrant/common/Makefile.am b/vagrant/common/Makefile.am
new file mode 100644
index 0000000..24c02c1
--- /dev/null
+++ b/vagrant/common/Makefile.am
@@ -0,0 +1,2 @@
+EXTRA_DIST=nemea-dashboard.rb
+
diff --git a/vagrant/common/nemea-dashboard.rb b/vagrant/common/nemea-dashboard.rb
new file mode 100644
index 0000000..801f619
--- /dev/null
+++ b/vagrant/common/nemea-dashboard.rb
@@ -0,0 +1,34 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+$nemeadashboard = <<-SCRIPT
+echo '[mongodb-org-3.2]
+name=MongoDB Repository
+baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.2/x86_64/
+gpgcheck=0
+enabled=1
+' > /etc/yum.repos.d/mongodb-org-3.2.repo
+
+# install dependencies
+yum install -y https://centos7.iuscommunity.org/ius-release.rpm
+yum -y install mongodb-org git wget python34 python34-devel httpd
+yum groupinstall -y "Development Tools"
+wget -q https://bootstrap.pypa.io/get-pip.py
+python3.4 get-pip.py
+
+# start services
+systemctl start httpd
+systemctl start mongod
+
+# clone Nemea-Dashboard
+mkdir -p /var/www/html
+cd /var/www/html
+git clone https://github.com/CESNET/Nemea-Dashboard
+cd Nemea-Dashboard
+git checkout -b dev origin/dev
+
+# install dashboard dependencies
+pip install -r requirements.txt
+
+SCRIPT
+

From d0f765b86fa2ffe3f2c54c12dd392211fcef5996 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Tue, 16 Feb 2016 18:03:20 +0100
Subject: [PATCH 054/169] rpms.sh: now creates packages without dependency for
 python version

---
 rpms.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rpms.sh b/rpms.sh
index 24870b2..7d0cf28 100755
--- a/rpms.sh
+++ b/rpms.sh
@@ -87,12 +87,12 @@ export chuser
    )
    (
       cd python
-      su $chuser -p -c "python setup.py bdist_rpm"
+      su $chuser -p -c "python setup.py bdist_rpm --no-autoreq"
       $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
    )
    (
       cd pycommon
-      su $chuser -p -c "python setup.py bdist_rpm"
+      su $chuser -p -c "python setup.py bdist_rpm --no-autoreq"
       $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
    )
 )

From 0fbdbf898d24146c2272656eb6abcc94502b4b55 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Tue, 16 Feb 2016 18:15:33 +0100
Subject: [PATCH 055/169] rpms.sh: install dependency packages

---
 rpms.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/rpms.sh b/rpms.sh
index 7d0cf28..35abcd2 100755
--- a/rpms.sh
+++ b/rpms.sh
@@ -64,6 +64,7 @@ fi
 
 echo "Remove previously installed packages"
 $pkginst remove -q -y libtrap\* unirec\* nemea\*
+$pkginst install -q -y libnf-devel libpcap-devel libidn-devel bison flex
 
 export topdir=$PWD
 export chuser

From 949e164137947627bc940c2e89547e6bd1e8ed3e Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 17 Feb 2016 11:49:15 +0100
Subject: [PATCH 056/169] vagrant: renamed Vagrantfiles

---
 vagrant/Fedora22/{Vagrantfile.Fedora22 => Vagrantfile}    | 0
 vagrant/ScientificLinux6/{Vagrantfile.SL6 => Vagrantfile} | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 rename vagrant/Fedora22/{Vagrantfile.Fedora22 => Vagrantfile} (100%)
 rename vagrant/ScientificLinux6/{Vagrantfile.SL6 => Vagrantfile} (100%)

diff --git a/vagrant/Fedora22/Vagrantfile.Fedora22 b/vagrant/Fedora22/Vagrantfile
similarity index 100%
rename from vagrant/Fedora22/Vagrantfile.Fedora22
rename to vagrant/Fedora22/Vagrantfile
diff --git a/vagrant/ScientificLinux6/Vagrantfile.SL6 b/vagrant/ScientificLinux6/Vagrantfile
similarity index 100%
rename from vagrant/ScientificLinux6/Vagrantfile.SL6
rename to vagrant/ScientificLinux6/Vagrantfile

From dbea62fcbcb0fcc556e5d03900bbfde0441a1718 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 18 Feb 2016 12:59:11 +0100
Subject: [PATCH 057/169] nemea-dashboard: use master branch in Vagrant VM

---
 vagrant/common/nemea-dashboard.rb | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/vagrant/common/nemea-dashboard.rb b/vagrant/common/nemea-dashboard.rb
index 801f619..9977f47 100644
--- a/vagrant/common/nemea-dashboard.rb
+++ b/vagrant/common/nemea-dashboard.rb
@@ -23,9 +23,8 @@
 # clone Nemea-Dashboard
 mkdir -p /var/www/html
 cd /var/www/html
-git clone https://github.com/CESNET/Nemea-Dashboard
+git clone --depth 1 https://github.com/CESNET/Nemea-Dashboard
 cd Nemea-Dashboard
-git checkout -b dev origin/dev
 
 # install dashboard dependencies
 pip install -r requirements.txt

From eaae9ffee33da6e0c7b6aedfa0bc7af659463487 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 19 Feb 2016 13:40:55 +0100
Subject: [PATCH 058/169] vagrant: dashboard: forward 5555, start backend on
 boot

---
 vagrant/CentOS7/Vagrantfile       |  1 +
 vagrant/common/nemea-dashboard.rb | 10 ++++++++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/vagrant/CentOS7/Vagrantfile b/vagrant/CentOS7/Vagrantfile
index ce960aa..958e593 100644
--- a/vagrant/CentOS7/Vagrantfile
+++ b/vagrant/CentOS7/Vagrantfile
@@ -7,6 +7,7 @@ Vagrant.configure(2) do |config|
   config.vm.box = "centos/7"
 
   config.vm.network "forwarded_port", guest: 80, host: 2280
+  config.vm.network "forwarded_port", guest: 5555, host: 5555
 
   config.vm.provision "shell", inline: <<-SHELL
      sudo rpm -ivh https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/liberouter-devel-1.0.0-1.noarch.rpm
diff --git a/vagrant/common/nemea-dashboard.rb b/vagrant/common/nemea-dashboard.rb
index 9977f47..0b371ea 100644
--- a/vagrant/common/nemea-dashboard.rb
+++ b/vagrant/common/nemea-dashboard.rb
@@ -17,8 +17,10 @@
 python3.4 get-pip.py
 
 # start services
-systemctl start httpd
-systemctl start mongod
+systemctl enable httpd
+systemctl enable mongod
+service httpd start
+service mongod start
 
 # clone Nemea-Dashboard
 mkdir -p /var/www/html
@@ -29,5 +31,9 @@
 # install dashboard dependencies
 pip install -r requirements.txt
 
+# start backend on background
+cd /var/log;
+nohup python3.4 /var/www/html/Nemea-Dashboard/apiv2.py > nemea-dashboard.out 2> nemea-dashboard.err < /dev/null &
+
 SCRIPT
 

From c577cd8f33a437da6243fbaab9b482a29ce160a4 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 19 Feb 2016 14:12:21 +0100
Subject: [PATCH 059/169] vagrant: dashboard: store initial data (user)

---
 vagrant/common/nemea-dashboard.rb | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/vagrant/common/nemea-dashboard.rb b/vagrant/common/nemea-dashboard.rb
index 0b371ea..b287988 100644
--- a/vagrant/common/nemea-dashboard.rb
+++ b/vagrant/common/nemea-dashboard.rb
@@ -31,6 +31,32 @@
 # install dashboard dependencies
 pip install -r requirements.txt
 
+mongo 127.0.0.1/nemeadb --eval '
+db.users.drop();
+var d = { "_id" : ObjectId("56b33e737194ed8d440db2b7"),
+"username" : "default",
+"password" : "$2a$12$Md5LyzT0ejjCIeQeUR3U5eLHrP602Vz7lDD6HiV5UWRITZythu6Tq",
+"settings" : [ { "row" : 0, "content" : "", "sizeX" : 3, "col" : 0,
+"title" : "Events ratios in 12 hours", "loading" : false, "type" : "piechart", "sizeY" : 3,
+"config" : { "begintime" : "2016-02-18T21:37:22.284Z", "metric" : "category", "period" : "12", "type" : "piechart" } },
+{ "row" : 2, "selector" : false, "timestamp" : "", "type" : "barchart", "sizeY" : 3,
+"config" : { "begintime" : "2016-02-18T21:37:22.305Z", "period" : "12", "metric" : "category", "type" : "barchart",
+"window" : "60" }, "sizeX" : 4, "col" : 3, "title" : "Last 24 hours in 1h window",
+"loading" : false, "minSizeX" : 2, "minSizeY" : 2 },
+{ "row" : 0, "sizeX" : 3, "sizeY" : 2, "title" : "Top events in 1 hour",
+"loading" : false, "type" : "top", "col" : 3, "config" : { "begintime" : "2016-02-19T08:37:22.312Z", "period" : 1 } },
+{ "row" : 1, "sizeX" : 1, "sizeY" : 1, "title" : "12h", "loading" : false, "type" : "sum", "col" : 6,
+"config" : { "begintime" : "2016-02-18T21:37:22.318Z", "period" : "12", "type" : "sum", "category" : "Attempt.Login" } },
+{ "row" : 0, "sizeX" : 1, "sizeY" : 1, "title" : "12h", "loading" : false, "type" : "sum", "col" : 6,
+"config" : { "begintime" : "2016-02-19T08:37:22.324Z", "period" : "1", "type" : "sum", "category" : "any" } },
+{ "row" : 0, "sizeX" : 1, "sizeY" : 1, "title" : "12h", "loading" : false, "type" : "sum", "col" : 7,
+"config" : { "begintime" : "2016-02-19T03:37:22.329Z", "period" : "6", "type" : "sum", "category" : "any" } },
+{ "row" : 1, "sizeX" : 1, "sizeY" : 1, "title" : "12h", "loading" : false, "type" : "sum", "col" : 7,
+"config" : { "begintime" : "2016-02-18T21:37:22.334Z", "period" : "12", "type" : "sum", "category" : "Availability.DoS" } } ]
+ };
+db.users.insert(d);
+'
+
 # start backend on background
 cd /var/log;
 nohup python3.4 /var/www/html/Nemea-Dashboard/apiv2.py > nemea-dashboard.out 2> nemea-dashboard.err < /dev/null &

From 0117c045bf707bef6b0847e090719a4f90b2809a Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sat, 20 Feb 2016 03:48:05 +0100
Subject: [PATCH 060/169] updated revision of submodules

nemea-python: important BUGFIXes - fields ordering
nemea-supervisor: run service as separate uid
---
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/detectors b/detectors
index 744d59a..c2cbc06 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 744d59a578725837813198e496a69c81bb43c700
+Subproject commit c2cbc06b681deaa532e6d735b07894b5a886c858
diff --git a/modules b/modules
index 0ffaadf..81dc4de 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 0ffaadf9e2fd6bd137b494b4a97644998de0b91a
+Subproject commit 81dc4dedbfe7bd600a55fff7a5ed99942a0a2f30
diff --git a/nemea-framework b/nemea-framework
index fa04c56..d096887 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit fa04c569456584faa972d4a2c8f6342b47c339ae
+Subproject commit d096887c7f5a716894bc02bee6edce8f299dcfe9
diff --git a/nemea-supervisor b/nemea-supervisor
index b5d717e..a2d06c6 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit b5d717ec385743e7e728db653a257cf4428e9fde
+Subproject commit a2d06c6c206adeea46deab49b5367a598707f10f

From cce0b630efc8ae957d0692aba72b0cdbb7ddb137 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 24 Feb 2016 13:59:27 +0100
Subject: [PATCH 061/169] vagrant: dashboard: new username

---
 vagrant/common/nemea-dashboard.rb | 25 +++++--------------------
 1 file changed, 5 insertions(+), 20 deletions(-)

diff --git a/vagrant/common/nemea-dashboard.rb b/vagrant/common/nemea-dashboard.rb
index b287988..6443ae8 100644
--- a/vagrant/common/nemea-dashboard.rb
+++ b/vagrant/common/nemea-dashboard.rb
@@ -33,26 +33,11 @@
 
 mongo 127.0.0.1/nemeadb --eval '
 db.users.drop();
-var d = { "_id" : ObjectId("56b33e737194ed8d440db2b7"),
-"username" : "default",
-"password" : "$2a$12$Md5LyzT0ejjCIeQeUR3U5eLHrP602Vz7lDD6HiV5UWRITZythu6Tq",
-"settings" : [ { "row" : 0, "content" : "", "sizeX" : 3, "col" : 0,
-"title" : "Events ratios in 12 hours", "loading" : false, "type" : "piechart", "sizeY" : 3,
-"config" : { "begintime" : "2016-02-18T21:37:22.284Z", "metric" : "category", "period" : "12", "type" : "piechart" } },
-{ "row" : 2, "selector" : false, "timestamp" : "", "type" : "barchart", "sizeY" : 3,
-"config" : { "begintime" : "2016-02-18T21:37:22.305Z", "period" : "12", "metric" : "category", "type" : "barchart",
-"window" : "60" }, "sizeX" : 4, "col" : 3, "title" : "Last 24 hours in 1h window",
-"loading" : false, "minSizeX" : 2, "minSizeY" : 2 },
-{ "row" : 0, "sizeX" : 3, "sizeY" : 2, "title" : "Top events in 1 hour",
-"loading" : false, "type" : "top", "col" : 3, "config" : { "begintime" : "2016-02-19T08:37:22.312Z", "period" : 1 } },
-{ "row" : 1, "sizeX" : 1, "sizeY" : 1, "title" : "12h", "loading" : false, "type" : "sum", "col" : 6,
-"config" : { "begintime" : "2016-02-18T21:37:22.318Z", "period" : "12", "type" : "sum", "category" : "Attempt.Login" } },
-{ "row" : 0, "sizeX" : 1, "sizeY" : 1, "title" : "12h", "loading" : false, "type" : "sum", "col" : 6,
-"config" : { "begintime" : "2016-02-19T08:37:22.324Z", "period" : "1", "type" : "sum", "category" : "any" } },
-{ "row" : 0, "sizeX" : 1, "sizeY" : 1, "title" : "12h", "loading" : false, "type" : "sum", "col" : 7,
-"config" : { "begintime" : "2016-02-19T03:37:22.329Z", "period" : "6", "type" : "sum", "category" : "any" } },
-{ "row" : 1, "sizeX" : 1, "sizeY" : 1, "title" : "12h", "loading" : false, "type" : "sum", "col" : 7,
-"config" : { "begintime" : "2016-02-18T21:37:22.334Z", "period" : "12", "type" : "sum", "category" : "Availability.DoS" } } ]
+var d = { "name" : "Nemea",
+"surname" : "Test User",
+"username" : "nemea",
+"password" : "$2a$12$Z9PaH.uCgAEOY7JDVEo78efEcoL0oiTWY88gbJTJhIIKFMOQGkOei",
+"settings" : []
  };
 db.users.insert(d);
 '

From 3fa7e66b46cdded3784087824e64e3ca35ab4e05 Mon Sep 17 00:00:00 2001
From: Jiri Havranek <havraji6@fit.cvut.cz>
Date: Wed, 24 Feb 2016 15:21:36 +0100
Subject: [PATCH 062/169] use-case: flow_meter.sh minor improvement

---
 use-cases/flow_meter.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/use-cases/flow_meter.sh b/use-cases/flow_meter.sh
index dbc7ac8..bc43619 100755
--- a/use-cases/flow_meter.sh
+++ b/use-cases/flow_meter.sh
@@ -47,7 +47,7 @@
 # Check if interface is specified.
 if [ "$1" = "" ]; then
    echo "Specify the network interface."
-   echo "Usage: ./flow_meter.sh interface-name"
+   echo "Usage: $0 interface-name"
    exit 2
 fi
 

From a26d49c29c279fd4367d28a45dac18d648bb7d22 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Thu, 25 Feb 2016 15:09:03 +0100
Subject: [PATCH 063/169] Vagrant: CentOS/7: created and applied patch for
 ipfixcol default configuration

---
 vagrant/CentOS7/Vagrantfile        |   2 +
 vagrant/common/Makefile.am         |   2 +-
 vagrant/common/ipfixcol_startup.rb | 232 +++++++++++++++++++++++++++++
 3 files changed, 235 insertions(+), 1 deletion(-)
 create mode 100644 vagrant/common/ipfixcol_startup.rb

diff --git a/vagrant/CentOS7/Vagrantfile b/vagrant/CentOS7/Vagrantfile
index 958e593..d495acf 100644
--- a/vagrant/CentOS7/Vagrantfile
+++ b/vagrant/CentOS7/Vagrantfile
@@ -2,6 +2,7 @@
 # vi: set ft=ruby :
 
 load '../common/nemea-dashboard.rb'
+load '../common/ipfixcol_startup.rb'
 
 Vagrant.configure(2) do |config|
   config.vm.box = "centos/7"
@@ -14,4 +15,5 @@ Vagrant.configure(2) do |config|
      sudo yum install -y nemea nemea-cesnet-modules ipfixcol ipfixcol-unirec-output
 SHELL
    config.vm.provision "shell", inline: $nemeadashboard
+   config.vm.provision "shell", inline: $ipfixcolpatch
 end
diff --git a/vagrant/common/Makefile.am b/vagrant/common/Makefile.am
index 24c02c1..03ed820 100644
--- a/vagrant/common/Makefile.am
+++ b/vagrant/common/Makefile.am
@@ -1,2 +1,2 @@
-EXTRA_DIST=nemea-dashboard.rb
+EXTRA_DIST=nemea-dashboard.rb ipfixcol_startup.rb
 
diff --git a/vagrant/common/ipfixcol_startup.rb b/vagrant/common/ipfixcol_startup.rb
new file mode 100644
index 0000000..453de0b
--- /dev/null
+++ b/vagrant/common/ipfixcol_startup.rb
@@ -0,0 +1,232 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+$ipfixcolpatch = <<-SCRIPT
+echo '--- startup.xml	2016-02-25 14:30:15.595229902 +0100
++++ startup_new.xml	2016-02-25 14:26:54.543236208 +0100
+@@ -1,148 +1,79 @@
+ <?xml version="1.0" encoding="UTF-8"?>
+ <ipfix xmlns="urn:ietf:params:xml:ns:yang:ietf-ipfix-psamp">
+ 
+-	<!--## Every collecting process will be started as new process -->
+-	<collectingProcess>
+-		<!--## Arbitrary collecting process name  -->
+-		<name>UDP collector</name>
+-		<!--## Type of the collector. Supported types are defined in internalcfg.xml -->
+-		<udpCollector>
+-			<!--## Arbitrary udp collector name -->
+-			<name>Listening port 4739</name>
+-			<!--## Local listening port -->
+-			<localPort>4739</localPort>
+-			<!--## Template lifetime in seconds -->
+-			<templateLifeTime>1800</templateLifeTime>
+-			<!--## Options template lifetime in seconds -->
+-			<optionsTemplateLifeTime>1800</optionsTemplateLifeTime>
+-			<!--## Template lifetime in packets (for how many packets is template valid) -->
+-			<!-- <templateLifePacket>5</templateLifePacket>  -->
+-			<!--## Options template lifetime in packets -->
+-			<!-- <optionsTemplateLifePacket>100</optionsTemplateLifePacket>  -->
+-			<!--## Local address to listen on. If empty, bind to all interfaces -->
+-			<localIPAddress>127.0.0.1</localIPAddress>
+-		</udpCollector>
+-		<!--## Name of the exporting process. Must match exporting process name -->
+-		<exportingProcess>File writer UDP</exportingProcess>
+-		<!--## File for exporting status information to (combined with -S) -->
+-		<statisticsFile>/tmp/ipfixcol_stat.log</statisticsFile>
+-	</collectingProcess>
++        <collectingProcess>
++                <name>UDP collector</name>
++                <udpCollector>
++                        <name>Listening port 4739</name>
++                        <localPort>4739</localPort>
++                        <localIPAddress></localIPAddress>
++                </udpCollector>
++                <exportingProcess>UniRec output</exportingProcess>
++        </collectingProcess>
++
++        <exportingProcess>
++                <name>UniRec output</name>
++                <destination>
++                        <name>Make unirec from the flow data</name>
++                        <fileWriter>
++                                <fileFormat>unirec</fileFormat>
++                                <!-- Default interface -->
++                                <interface>
++                                        <type>t</type>
++                                        <params>7500</params>
++                                        <ifcTimeout>10000</ifcTimeout>
++                                        <flushTimeout>1000000</flushTimeout>
++                                        <bufferSwitch>1</bufferSwitch>
++                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,PACKETS,?DST_PORT,?SRC_PORT,DIR_BIT_FIELD,PROTOCOL,?TCP_FLAGS,?TOS,?TTL</format>
++                                </interface>
++                               <!-- VOIP interface -->
++                                <interface>
++                                        <type>t</type>
++                                        <params>7501</params>
++                                        <ifcTimeout>1000</ifcTimeout>
++                                        <flushTimeout>1000000</flushTimeout>
++                                        <bufferSwitch>1</bufferSwitch>
++                                        <format>DST_IP,?INVEA_SIP_RTP_IP4,?INVEA_SIP_RTP_IP6,SRC_IP,BYTES,?INVEA_RTCP_OCTETS,?INVEA_RTCP_PACKETS,?INVEA_SIP_BYE_TIME,?INVEA_SIP_INVITE_RINGING_TIME,?INVEA_SIP_OK_TIME,?INVEA_SIP_STATS,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,?INVEA_RTCP_LOST,?INVEA_RTP_JITTER,PACKETS,?DST_PORT,?INVEA_SIP_RTP_AUDIO,?INVEA_SIP_RTP_VIDEO,?SRC_PORT,DIR_BIT_FIELD,?INVEA_RTCP_SOURCE_COUNT,?INVEA_RTP_CODEC,?INVEA_VOIP_PACKET_TYPE,PROTOCOL,?TCP_FLAGS,?TOS,?TTL,?INVEA_SIP_CALLED_PARTY,?INVEA_SIP_CALLING_PARTY,?INVEA_SIP_CALL_ID,INVEA_SIP_REQUEST_URI,?INVEA_SIP_USER_AGENT,?INVEA_SIP_VIA</format>
++                                </interface>
++                                <!-- SMTP interface -->
++                                <interface>
++                                        <type>t</type>
++                                        <params>7502</params>
++                                        <ifcTimeout>1000</ifcTimeout>
++                                        <flushTimeout>1000000</flushTimeout>
++                                        <bufferSwitch>1</bufferSwitch>
++                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,PACKETS,?SMTP_2XX_STAT_CODE_COUNT,?SMTP_3XX_STAT_CODE_COUNT,?SMTP_4XX_STAT_CODE_COUNT,?SMTP_5XX_STAT_CODE_COUNT,?SMTP_COMMAND_FLAGS,?SMTP_MAIL_CMD_COUNT,?SMTP_RCPT_CMD_COUNT,?SMTP_STAT_CODE_FLAGS,DST_PORT,SRC_PORT,DIR_BIT_FIELD,PROTOCOL,TCP_FLAGS,?TOS,?TTL,?SMTP_DOMAIN,?SMTP_FIRST_RECIPIENT,?SMTP_FIRST_SENDER</format>
++                                </interface>
++                                <!-- HTTP interface -->
++                                <interface>
++                                        <type>t</type>
++                                        <params>7503</params>
++                                        <ifcTimeout>1000</ifcTimeout>
++                                        <flushTimeout>1000000</flushTimeout>
++                                        <bufferSwitch>1</bufferSwitch>
++                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,?HTTP_REQUEST_AGENT_ID,?HTTP_REQUEST_METHOD_ID,?HTTP_RESPONSE_STATUS_CODE,PACKETS,DST_PORT,SRC_PORT,DIR_BIT_FIELD,PROTOCOL,TCP_FLAGS,?TOS,?TTL,?HTTP_REQUEST_AGENT,?HTTP_REQUEST_HOST,?HTTP_REQUEST_REFERER,?HTTP_REQUEST_URL,?HTTP_RESPONSE_CONTENT_TYPE</format>
++                                </interface>
++                                <!-- IPv6 Tunnel interface -->
++                                <interface>
++                                        <type>t</type>
++                                        <params>7504</params>
++                                        <ifcTimeout>1000</ifcTimeout>
++                                        <flushTimeout>1000000</flushTimeout>
++                                        <bufferSwitch>1</bufferSwitch>
++                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,PACKETS,?DST_PORT,?SRC_PORT,DIR_BIT_FIELD,?IPV6_TUN_TYPE,PROTOCOL,?TCP_FLAGS,?TOS,?TTL</format>
++                                </interface>
++                                <!-- DNS interface -->
++                                <interface>
++                                        <type>t</type>
++                                        <params>7505</params>
++                                        <ifcTimeout>1000</ifcTimeout>
++                                        <flushTimeout>1000000</flushTimeout>
++                                        <bufferSwitch>1</bufferSwitch>
++                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,DNS_RR_TTL,PACKETS,DNS_ANSWERS,DNS_CLASS,DNS_ID,?DNS_PSIZE,DNS_QTYPE,DNS_RLENGTH,?DST_PORT,?SRC_PORT,DIR_BIT_FIELD,?DNS_DO,DNS_RCODE,PROTOCOL,?TCP_FLAGS,?TOS,?TTL,?DNS_NAME,?DNS_RDATA</format>
++                                </interface>
++                        </fileWriter>
++                </destination>
++                <singleManager>yes</singleManager>
++        </exportingProcess>
+ 
+-	<collectingProcess>
+-		<name>TCP collector</name>
+-		<tcpCollector>
+-			<name>Listening port 4739</name>
+-			<localPort>4739</localPort>
+-			<localIPAddress>127.0.0.1</localIPAddress>
+-		</tcpCollector>
+-		<exportingProcess>File writer TCP</exportingProcess>
+-	</collectingProcess>
+-
+-	<collectingProcess>
+-		<name>SCTP collector</name>
+-		<sctpCollector>
+-			<name>Listening port 4739</name>
+-			<localPort>4739</localPort>
+-			<!--## Collector will listen on all addresses specified below -->
+-			<localIPAddress>127.0.0.1</localIPAddress>
+-			<localIPAddress>::1</localIPAddress>
+-		</sctpCollector>
+-		<exportingProcess>File writer SCTP</exportingProcess>
+-	</collectingProcess>
+-
+-	<!--## Exporting process configuration -->
+-	<exportingProcess>
+-		<!--## Name of the exporting process, must match <exportingProcess> element
+-			   in <collectingProcess> -->
+-		<name>File writer UDP</name>
+-		<!--## Specification of storage plugin -->
+-		<destination>
+-			<!--## Arbitrary name -->
+-			<name>Write to /tmp folder</name>
+-			<!--## Observation domain ID valid for this storage plugin 
+-				   Only packets with this ODID will be passed to the plugin
+-				   If unspecified, plugin is used for unknown ODIDs 
+-					 (and not for any of specified)
+-			-->
+-			<observationDomainId>1</observationDomainId>
+-			<!--## This element is passed to storage plugin -->
+-			<fileWriter>
+-				<!--## fileFormat must be configured in internalcfg.xml -->
+-				<fileFormat>ipfix</fileFormat>
+-				<!--## Storage plugin specific element -->
+-				<file>file://tmp/collected-records-udp_1.ipfix</file>
+-			</fileWriter>
+-		</destination>
+-		<destination>
+-			<name>Write to /tmp folder</name>
+-			<fileWriter>
+-				<fileFormat>ipfix</fileFormat>
+-				<file>file://tmp/collected-records-udp.ipfix</file>
+-			</fileWriter>
+-		</destination>
+-	</exportingProcess>
+-	
+-	<exportingProcess>
+-		<name>File writer TCP</name>
+-		<destination>
+-			<name>Write to /tmp folder</name>
+-			<fileWriter>
+-				<fileFormat>ipfix</fileFormat>
+-				<file>file://tmp/collected-records-tcp.ipfix</file>
+-			</fileWriter>
+-		</destination>
+-
+-		<!--## Enable single Data manager - only one instance of storage plugin(s)
+-		shared between every ODID -->
+-		<!-- <singleManager>yes</singleManager>  -->
+-	</exportingProcess>
+-
+-	<exportingProcess>
+-		<name>File writer SCTP</name>
+-		<destination>
+-			<name>Store data using ipfix file format</name>
+-			<fileWriter>
+-				<fileFormat>ipfix</fileFormat>
+-				<file>file://tmp/collected-records-sctp.ipfix</file>
+-			</fileWriter>
+-		</destination>
+-	</exportingProcess>
+-
+-	<!-- List of active Intermediate Plugins -->
+-	<intermediatePlugins>
+-		<!-- Dummy Intermediate Plugin - does nothing -->
+-		<dummy_ip>
+-		</dummy_ip>
+-		
+-		<!-- Configuration for Anonymization Intermediate Plugin -->
+-		<!--
+-		<anonymization_ip>
+-			<type>cryptopan</type>
+-		</anonymization_ip>
+-		-->
+-		
+-		<!-- Configuration for next Anonymization Intermediate Plugin -->
+-		<!--
+-		<anonymization_ip>
+-			<type>truncation</type>
+-		</anonymization_ip>
+-		-->
+-		
+-		<!-- Configuration for joinflows plugin -->
+-		<!-- <joinflows_ip>	-->
+-			<!-- Set destination ODID -->
+-			<!-- <join to="2"> -->
+-				<!-- Set source ODIDs for this dst ODID -->
+-				<!-- <from>1</from>	-->
+-				<!-- <from>3</from> -->
+-			<!-- </join> -->
+-			<!-- Set another destination ODID -->
+-			<!-- <join to="4"> -->
+-				<!-- <from>5</from> -->
+-				<!-- All ODIDs not mentioned in any <join> block 
+-				  will be mapped on this dst ODID -->
+-				<!-- <from>*</from> -->
+-			<!-- </join> -->
+-		<!-- </joinflows_ip> -->
+-	</intermediatePlugins>
+ </ipfix>' > /etc/ipfixcol/startup.diff
+patch /etc/ipfixcol/startup.xml /etc/ipfixcol/startup.diff
+rm -f /etc/ipfixcol/startup.diff
+SCRIPT

From 00787eade5d542bd713a22085f8fc85ed83f8cec Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sat, 27 Feb 2016 21:36:10 +0100
Subject: [PATCH 064/169] update revisions of submodules

Changelog:
   Detectors
   - BUGFIX voip_fraud_detection
   - rename tunneldetector binary to dnstunnel_detection
   - doc improvement

   Framework
   - BUGFIX python offset computation (ordering of fields)
   - add test of python
   - python coding style
   - installation of trap_stats (connection to service IFC)

   Modules
   - BUGFIX report2idea test
   - report2idea improve template
   - add {amplification,voipfraud,dnstunnel}2idea
   - migrated json_dump and json_replay from internal repository
   - migrated email_reporter from internal repository

   Supervisor
   - improved validation of reload config
   - run supervisor as nemead:nemead (uid:gid)
   - add voip_fraud_detection into default config
---
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/detectors b/detectors
index c2cbc06..5f5174d 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit c2cbc06b681deaa532e6d735b07894b5a886c858
+Subproject commit 5f5174d21f31dcd6866c03aa0436c480a3ef37e1
diff --git a/modules b/modules
index 81dc4de..d1acfd8 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 81dc4dedbfe7bd600a55fff7a5ed99942a0a2f30
+Subproject commit d1acfd8fea9f5495383cfbfebb18227cecbe009a
diff --git a/nemea-framework b/nemea-framework
index d096887..d25179d 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit d096887c7f5a716894bc02bee6edce8f299dcfe9
+Subproject commit d25179d9b9c27c464e550d2cba6a6232ba2afcd5
diff --git a/nemea-supervisor b/nemea-supervisor
index a2d06c6..9908b94 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit a2d06c6c206adeea46deab49b5367a598707f10f
+Subproject commit 9908b94351592cb3c97a97ca3c85b8eb2a63e0e8

From 0fa136141927e07fef7c2a8c1f67c16964fc8695 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sat, 27 Feb 2016 21:59:11 +0100
Subject: [PATCH 065/169] update modules submodule

---
 modules | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules b/modules
index d1acfd8..cf8ee60 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit d1acfd8fea9f5495383cfbfebb18227cecbe009a
+Subproject commit cf8ee60472b3d287c65152f7e605b4bf595b5f3d

From c89cd29178f73fa8651faa9679136754b4822c65 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sat, 27 Feb 2016 22:47:22 +0100
Subject: [PATCH 066/169] Packer scripts

Inspired by https://github.com/shiguredo/packer-templates.git
---
 packer/README.md                            |  17 ++
 packer/centos-7.1/http/ks.cfg               |  42 +++
 packer/centos-7.1/scripts/base.sh           |   3 +
 packer/centos-7.1/scripts/cleanup.sh        |   5 +
 packer/centos-7.1/scripts/nemea-system.sh   | 276 ++++++++++++++++++++
 packer/centos-7.1/scripts/vagrant.sh        |   6 +
 packer/centos-7.1/scripts/virtualbox.sh     |  11 +
 packer/centos-7.1/scripts/vmware.sh         |   1 +
 packer/centos-7.1/scripts/zerodisk.sh       |   3 +
 packer/centos-7.1/template.json             |  45 ++++
 packer/centos-7.1/template.json-vagrant-box |   0
 11 files changed, 409 insertions(+)
 create mode 100644 packer/README.md
 create mode 100644 packer/centos-7.1/http/ks.cfg
 create mode 100644 packer/centos-7.1/scripts/base.sh
 create mode 100644 packer/centos-7.1/scripts/cleanup.sh
 create mode 100644 packer/centos-7.1/scripts/nemea-system.sh
 create mode 100644 packer/centos-7.1/scripts/vagrant.sh
 create mode 100644 packer/centos-7.1/scripts/virtualbox.sh
 create mode 100644 packer/centos-7.1/scripts/vmware.sh
 create mode 100644 packer/centos-7.1/scripts/zerodisk.sh
 create mode 100644 packer/centos-7.1/template.json
 create mode 100644 packer/centos-7.1/template.json-vagrant-box

diff --git a/packer/README.md b/packer/README.md
new file mode 100644
index 0000000..3b3b078
--- /dev/null
+++ b/packer/README.md
@@ -0,0 +1,17 @@
+Creation of image using Packer
+==============================
+
+Get Packer from https://www.packer.io
+
+Set PATH to its directory in order to use the binaries.
+
+```
+cd centos-7.1/
+packer build template.json
+```
+
+will create a directory with VirtualBox ovf and virtual disk.
+
+In case Vagrant box is needed, use `template.json-vagrant-box`
+instead of `template.json`.
+
diff --git a/packer/centos-7.1/http/ks.cfg b/packer/centos-7.1/http/ks.cfg
new file mode 100644
index 0000000..208b11b
--- /dev/null
+++ b/packer/centos-7.1/http/ks.cfg
@@ -0,0 +1,42 @@
+install
+cdrom
+lang en_US.UTF-8
+keyboard us
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+rootpw --plaintext vagrant
+firewall --enabled --service=ssh
+authconfig --enableshadow --passalgo=sha512
+selinux --disabled
+timezone Europe/Prague
+bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
+
+text
+skipx
+zerombr
+
+clearpart --all --initlabel
+autopart
+
+auth  --useshadow  --enablemd5
+firstboot --disabled
+reboot
+
+%packages --ignoremissing
+@core
+bzip2
+kernel-devel
+kernel-headers
+-ipw2100-firmware
+-ipw2200-firmware
+-ivtv-firmware
+%end
+
+%post
+/usr/bin/yum -y install sudo
+/usr/sbin/groupadd -g 501 vagrant
+/usr/sbin/useradd vagrant -u 501 -g vagrant -G wheel
+echo "vagrant"|passwd --stdin vagrant
+echo "vagrant        ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
+echo "Defaults:vagrant !requiretty"                 >> /etc/sudoers.d/vagrant
+chmod 0440 /etc/sudoers.d/vagrant
+%end
diff --git a/packer/centos-7.1/scripts/base.sh b/packer/centos-7.1/scripts/base.sh
new file mode 100644
index 0000000..f3e482c
--- /dev/null
+++ b/packer/centos-7.1/scripts/base.sh
@@ -0,0 +1,3 @@
+sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers
+yum -y install gcc make gcc-c++ kernel-devel-`uname -r` perl
+
diff --git a/packer/centos-7.1/scripts/cleanup.sh b/packer/centos-7.1/scripts/cleanup.sh
new file mode 100644
index 0000000..c7ee1a1
--- /dev/null
+++ b/packer/centos-7.1/scripts/cleanup.sh
@@ -0,0 +1,5 @@
+yum -y erase gtk2 libX11 hicolor-icon-theme avahi freetype bitstream-vera-fonts
+yum -y clean all
+rm -rf VBoxGuestAdditions_*.iso
+rm -rf /tmp/rubygems-*
+
diff --git a/packer/centos-7.1/scripts/nemea-system.sh b/packer/centos-7.1/scripts/nemea-system.sh
new file mode 100644
index 0000000..d34be4d
--- /dev/null
+++ b/packer/centos-7.1/scripts/nemea-system.sh
@@ -0,0 +1,276 @@
+rpm -ivh https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/liberouter-devel-1.0.0-1.noarch.rpm
+yum install -y nemea nemea-cesnet-modules ipfixcol ipfixcol-unirec-output
+
+echo '[mongodb-org-3.2]
+name=MongoDB Repository
+baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.2/x86_64/
+gpgcheck=0
+enabled=1
+' > /etc/yum.repos.d/mongodb-org-3.2.repo
+
+# install dependencies
+yum install -y https://centos7.iuscommunity.org/ius-release.rpm
+yum -y install mongodb-org git wget python34 python34-devel httpd
+yum groupinstall -y "Development Tools"
+wget -q https://bootstrap.pypa.io/get-pip.py
+python3.4 get-pip.py
+
+# start services
+systemctl enable httpd
+systemctl enable mongod
+service httpd start
+service mongod start
+
+# clone Nemea-Dashboard
+mkdir -p /var/www/html
+cd /var/www/html
+git clone --depth 1 https://github.com/CESNET/Nemea-Dashboard
+cd Nemea-Dashboard
+
+# install dashboard dependencies
+pip install -r requirements.txt
+
+mongo 127.0.0.1/nemeadb --eval '
+db.users.drop();
+var d = { "name" : "Nemea",
+"surname" : "Test User",
+"username" : "nemea",
+"password" : "$2a$12$Z9PaH.uCgAEOY7JDVEo78efEcoL0oiTWY88gbJTJhIIKFMOQGkOei",
+"settings" : []
+ };
+db.users.insert(d);
+'
+
+# start backend on background
+cd /var/log;
+nohup python3.4 /var/www/html/Nemea-Dashboard/apiv2.py > nemea-dashboard.out 2> nemea-dashboard.err < /dev/null &
+
+
+# Prepare IPFIXcol
+echo '--- startup.xml   2016-02-25 14:30:15.595229902 +0100
++++ startup_new.xml     2016-02-25 14:26:54.543236208 +0100
+@@ -1,148 +1,79 @@
+ <?xml version="1.0" encoding="UTF-8"?>
+ <ipfix xmlns="urn:ietf:params:xml:ns:yang:ietf-ipfix-psamp">
+ 
+-       <!--## Every collecting process will be started as new process -->
+-       <collectingProcess>
+-               <!--## Arbitrary collecting process name  -->
+-               <name>UDP collector</name>
+-               <!--## Type of the collector. Supported types are defined in internalcfg.xml -->
+-               <udpCollector>
+-                       <!--## Arbitrary udp collector name -->
+-                       <name>Listening port 4739</name>
+-                       <!--## Local listening port -->
+-                       <localPort>4739</localPort>
+-                       <!--## Template lifetime in seconds -->
+-                       <templateLifeTime>1800</templateLifeTime>
+-                       <!--## Options template lifetime in seconds -->
+-                       <optionsTemplateLifeTime>1800</optionsTemplateLifeTime>
+-                       <!--## Template lifetime in packets (for how many packets is template valid) -->
+-                       <!-- <templateLifePacket>5</templateLifePacket>  -->
+-                       <!--## Options template lifetime in packets -->
+-                       <!-- <optionsTemplateLifePacket>100</optionsTemplateLifePacket>  -->
+-                       <!--## Local address to listen on. If empty, bind to all interfaces -->
+-                       <localIPAddress>127.0.0.1</localIPAddress>
+-               </udpCollector>
+-               <!--## Name of the exporting process. Must match exporting process name -->
+-               <exportingProcess>File writer UDP</exportingProcess>
+-               <!--## File for exporting status information to (combined with -S) -->
+-               <statisticsFile>/tmp/ipfixcol_stat.log</statisticsFile>
+-       </collectingProcess>
++        <collectingProcess>
++                <name>UDP collector</name>
++                <udpCollector>
++                        <name>Listening port 4739</name>
++                        <localPort>4739</localPort>
++                        <localIPAddress></localIPAddress>
++                </udpCollector>
++                <exportingProcess>UniRec output</exportingProcess>
++        </collectingProcess>
++
++        <exportingProcess>
++                <name>UniRec output</name>
++                <destination>
++                        <name>Make unirec from the flow data</name>
++                        <fileWriter>
++                                <fileFormat>unirec</fileFormat>
++                                <!-- Default interface -->
++                                <interface>
++                                        <type>t</type>
++                                        <params>7500</params>
++                                        <ifcTimeout>10000</ifcTimeout>
++                                        <flushTimeout>1000000</flushTimeout>
++                                        <bufferSwitch>1</bufferSwitch>
++                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,PACKETS,?DST_PORT,?SRC_PORT,DIR_BIT_FIELD,PROTOCOL,?TCP_FLAGS,?TOS,?TTL</format>
++                                </interface>
++                               <!-- VOIP interface -->
++                                <interface>
++                                        <type>t</type>
++                                        <params>7501</params>
++                                        <ifcTimeout>1000</ifcTimeout>
++                                        <flushTimeout>1000000</flushTimeout>
++                                        <bufferSwitch>1</bufferSwitch>
++                                        <format>DST_IP,?INVEA_SIP_RTP_IP4,?INVEA_SIP_RTP_IP6,SRC_IP,BYTES,?INVEA_RTCP_OCTETS,?INVEA_RTCP_PACKETS,?INVEA_SIP_BYE_TIME,?INVEA_SIP_INVITE_RINGING_TIME,?INVEA_SIP_OK_TIME,?INVEA_SIP_STATS,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,?INVEA_RTCP_LOST,?INVEA_RTP_JITTER,PACKETS,?DST_PORT,?INVEA_SIP_RTP_AUDIO,?INVEA_SIP_RTP_VIDEO,?SRC_PORT,DIR_BIT_FIELD,?INVEA_RTCP_SOURCE_COUNT,?INVEA_RTP_CODEC,?INVEA_VOIP_PACKET_TYPE,PROTOCOL,?TCP_FLAGS,?TOS,?TTL,?INVEA_SIP_CALLED_PARTY,?INVEA_SIP_CALLING_PARTY,?INVEA_SIP_CALL_ID,INVEA_SIP_REQUEST_URI,?INVEA_SIP_USER_AGENT,?INVEA_SIP_VIA</format>
++                                </interface>
++                                <!-- SMTP interface -->
++                                <interface>
++                                        <type>t</type>
++                                        <params>7502</params>
++                                        <ifcTimeout>1000</ifcTimeout>
++                                        <flushTimeout>1000000</flushTimeout>
++                                        <bufferSwitch>1</bufferSwitch>
++                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,PACKETS,?SMTP_2XX_STAT_CODE_COUNT,?SMTP_3XX_STAT_CODE_COUNT,?SMTP_4XX_STAT_CODE_COUNT,?SMTP_5XX_STAT_CODE_COUNT,?SMTP_COMMAND_FLAGS,?SMTP_MAIL_CMD_COUNT,?SMTP_RCPT_CMD_COUNT,?SMTP_STAT_CODE_FLAGS,DST_PORT,SRC_PORT,DIR_BIT_FIELD,PROTOCOL,TCP_FLAGS,?TOS,?TTL,?SMTP_DOMAIN,?SMTP_FIRST_RECIPIENT,?SMTP_FIRST_SENDER</format>
++                                </interface>
++                                <!-- HTTP interface -->
++                                <interface>
++                                        <type>t</type>
++                                        <params>7503</params>
++                                        <ifcTimeout>1000</ifcTimeout>
++                                        <flushTimeout>1000000</flushTimeout>
++                                        <bufferSwitch>1</bufferSwitch>
++                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,?HTTP_REQUEST_AGENT_ID,?HTTP_REQUEST_METHOD_ID,?HTTP_RESPONSE_STATUS_CODE,PACKETS,DST_PORT,SRC_PORT,DIR_BIT_FIELD,PROTOCOL,TCP_FLAGS,?TOS,?TTL,?HTTP_REQUEST_AGENT,?HTTP_REQUEST_HOST,?HTTP_REQUEST_REFERER,?HTTP_REQUEST_URL,?HTTP_RESPONSE_CONTENT_TYPE</format>
++                                </interface>
++                                <!-- IPv6 Tunnel interface -->
++                                <interface>
++                                        <type>t</type>
++                                        <params>7504</params>
++                                        <ifcTimeout>1000</ifcTimeout>
++                                        <flushTimeout>1000000</flushTimeout>
++                                        <bufferSwitch>1</bufferSwitch>
++                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,PACKETS,?DST_PORT,?SRC_PORT,DIR_BIT_FIELD,?IPV6_TUN_TYPE,PROTOCOL,?TCP_FLAGS,?TOS,?TTL</format>
++                                </interface>
++                                <!-- DNS interface -->
++                                <interface>
++                                        <type>t</type>
++                                        <params>7505</params>
++                                        <ifcTimeout>1000</ifcTimeout>
++                                        <flushTimeout>1000000</flushTimeout>
++                                        <bufferSwitch>1</bufferSwitch>
++                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,DNS_RR_TTL,PACKETS,DNS_ANSWERS,DNS_CLASS,DNS_ID,?DNS_PSIZE,DNS_QTYPE,DNS_RLENGTH,?DST_PORT,?SRC_PORT,DIR_BIT_FIELD,?DNS_DO,DNS_RCODE,PROTOCOL,?TCP_FLAGS,?TOS,?TTL,?DNS_NAME,?DNS_RDATA</format>
++                                </interface>
++                        </fileWriter>
++                </destination>
++                <singleManager>yes</singleManager>
++        </exportingProcess>
+ 
+-       <collectingProcess>
+-               <name>TCP collector</name>
+-               <tcpCollector>
+-                       <name>Listening port 4739</name>
+-                       <localPort>4739</localPort>
+-                       <localIPAddress>127.0.0.1</localIPAddress>
+-               </tcpCollector>
+-               <exportingProcess>File writer TCP</exportingProcess>
+-       </collectingProcess>
+-
+-       <collectingProcess>
+-               <name>SCTP collector</name>
+-               <sctpCollector>
+-                       <name>Listening port 4739</name>
+-                       <localPort>4739</localPort>
+-                       <!--## Collector will listen on all addresses specified below -->
+-                       <localIPAddress>127.0.0.1</localIPAddress>
+-                       <localIPAddress>::1</localIPAddress>
+-               </sctpCollector>
+-               <exportingProcess>File writer SCTP</exportingProcess>
+-       </collectingProcess>
+-
+-       <!--## Exporting process configuration -->
+-       <exportingProcess>
+-               <!--## Name of the exporting process, must match <exportingProcess> element
+-                          in <collectingProcess> -->
+-               <name>File writer UDP</name>
+-               <!--## Specification of storage plugin -->
+-               <destination>
+-                       <!--## Arbitrary name -->
+-                       <name>Write to /tmp folder</name>
+-                       <!--## Observation domain ID valid for this storage plugin 
+-                                  Only packets with this ODID will be passed to the plugin
+-                                  If unspecified, plugin is used for unknown ODIDs 
+-                                        (and not for any of specified)
+-                       -->
+-                       <observationDomainId>1</observationDomainId>
+-                       <!--## This element is passed to storage plugin -->
+-                       <fileWriter>
+-                               <!--## fileFormat must be configured in internalcfg.xml -->
+-                               <fileFormat>ipfix</fileFormat>
+-                               <!--## Storage plugin specific element -->
+-                               <file>file://tmp/collected-records-udp_1.ipfix</file>
+-                       </fileWriter>
+-               </destination>
+-               <destination>
+-                       <name>Write to /tmp folder</name>
+-                       <fileWriter>
+-                               <fileFormat>ipfix</fileFormat>
+-                               <file>file://tmp/collected-records-udp.ipfix</file>
+-                       </fileWriter>
+-               </destination>
+-       </exportingProcess>
+-       
+-       <exportingProcess>
+-               <name>File writer TCP</name>
+-               <destination>
+-                       <name>Write to /tmp folder</name>
+-                       <fileWriter>
+-                               <fileFormat>ipfix</fileFormat>
+-                               <file>file://tmp/collected-records-tcp.ipfix</file>
+-                       </fileWriter>
+-               </destination>
+-
+-               <!--## Enable single Data manager - only one instance of storage plugin(s)
+-               shared between every ODID -->
+-               <!-- <singleManager>yes</singleManager>  -->
+-       </exportingProcess>
+-
+-       <exportingProcess>
+-               <name>File writer SCTP</name>
+-               <destination>
+-                       <name>Store data using ipfix file format</name>
+-                       <fileWriter>
+-                               <fileFormat>ipfix</fileFormat>
+-                               <file>file://tmp/collected-records-sctp.ipfix</file>
+-                       </fileWriter>
+-               </destination>
+-       </exportingProcess>
+-
+-       <!-- List of active Intermediate Plugins -->
+-       <intermediatePlugins>
+-               <!-- Dummy Intermediate Plugin - does nothing -->
+-               <dummy_ip>
+-               </dummy_ip>
+-               
+-               <!-- Configuration for Anonymization Intermediate Plugin -->
+-               <!--
+-               <anonymization_ip>
+-                       <type>cryptopan</type>
+-               </anonymization_ip>
+-               -->
+-               
+-               <!-- Configuration for next Anonymization Intermediate Plugin -->
+-               <!--
+-               <anonymization_ip>
+-                       <type>truncation</type>
+-               </anonymization_ip>
+-               -->
+-               
+-               <!-- Configuration for joinflows plugin -->
+-               <!-- <joinflows_ip>     -->
+-                       <!-- Set destination ODID -->
+-                       <!-- <join to="2"> -->
+-                               <!-- Set source ODIDs for this dst ODID -->
+-                               <!-- <from>1</from>     -->
+-                               <!-- <from>3</from> -->
+-                       <!-- </join> -->
+-                       <!-- Set another destination ODID -->
+-                       <!-- <join to="4"> -->
+-                               <!-- <from>5</from> -->
+-                               <!-- All ODIDs not mentioned in any <join> block 
+-                                 will be mapped on this dst ODID -->
+-                               <!-- <from>*</from> -->
+-                       <!-- </join> -->
+-               <!-- </joinflows_ip> -->
+-       </intermediatePlugins>
+ </ipfix>' > /etc/ipfixcol/startup.diff
+patch /etc/ipfixcol/startup.xml /etc/ipfixcol/startup.diff
+rm -f /etc/ipfixcol/startup.diff
diff --git a/packer/centos-7.1/scripts/vagrant.sh b/packer/centos-7.1/scripts/vagrant.sh
new file mode 100644
index 0000000..c3e2631
--- /dev/null
+++ b/packer/centos-7.1/scripts/vagrant.sh
@@ -0,0 +1,6 @@
+date > /etc/vagrant_box_build_time
+
+mkdir -pm 700 /home/vagrant/.ssh
+curl -L https://raw.githubusercontent.com/mitchellh/vagrant/master/keys/vagrant.pub -o /home/vagrant/.ssh/authorized_keys
+chmod 0600 /home/vagrant/.ssh/authorized_keys
+chown -R vagrant:vagrant /home/vagrant/.ssh
diff --git a/packer/centos-7.1/scripts/virtualbox.sh b/packer/centos-7.1/scripts/virtualbox.sh
new file mode 100644
index 0000000..7c9dcd1
--- /dev/null
+++ b/packer/centos-7.1/scripts/virtualbox.sh
@@ -0,0 +1,11 @@
+VBOX_VERSION=$(cat /home/vagrant/.vbox_version)
+
+# required for VirtualBox 4.3.26
+yum install -y bzip2
+
+cd /tmp
+mount -o loop /home/vagrant/VBoxGuestAdditions_$VBOX_VERSION.iso /mnt
+sh /mnt/VBoxLinuxAdditions.run
+umount /mnt
+rm -rf /home/vagrant/VBoxGuestAdditions_*.iso
+
diff --git a/packer/centos-7.1/scripts/vmware.sh b/packer/centos-7.1/scripts/vmware.sh
new file mode 100644
index 0000000..1de6d1e
--- /dev/null
+++ b/packer/centos-7.1/scripts/vmware.sh
@@ -0,0 +1 @@
+yum install -y fuse-libs open-vm-tools
diff --git a/packer/centos-7.1/scripts/zerodisk.sh b/packer/centos-7.1/scripts/zerodisk.sh
new file mode 100644
index 0000000..45f45ed
--- /dev/null
+++ b/packer/centos-7.1/scripts/zerodisk.sh
@@ -0,0 +1,3 @@
+dd if=/dev/zero of=/EMPTY bs=1M
+rm -f /EMPTY
+
diff --git a/packer/centos-7.1/template.json b/packer/centos-7.1/template.json
new file mode 100644
index 0000000..ffbb67e
--- /dev/null
+++ b/packer/centos-7.1/template.json
@@ -0,0 +1,45 @@
+{
+  "provisioners": [
+    {
+      "type": "shell",
+      "execute_command": "echo 'vagrant'|sudo -S sh '{{.Path}}'",
+      "override": {
+        "virtualbox-iso": {
+          "scripts": [
+            "scripts/base.sh",
+            "scripts/vagrant.sh",
+            "scripts/virtualbox.sh",
+            "scripts/nemea-system.sh",
+            "scripts/cleanup.sh"
+          ]
+        }
+      }
+    }
+  ],
+  "builders": [
+    {
+      "type": "virtualbox-iso",
+      "boot_command": [
+        "<tab> text ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ks.cfg<enter><wait>"
+      ],
+      "boot_wait": "10s",
+      "disk_size": 40520,
+      "guest_os_type": "RedHat_64",
+      "http_directory": "http",
+      "iso_checksum": "4c6c65b5a70a1142dadb3c65238e9e97253c0d3a",
+      "iso_checksum_type": "sha1",
+      "iso_url": "http://ftp.cvut.cz/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-1511.iso",
+      "ssh_username": "vagrant",
+      "ssh_password": "vagrant",
+      "ssh_port": 22,
+      "ssh_wait_timeout": "10000s",
+      "shutdown_command": "echo '/sbin/halt -h -p' > /tmp/shutdown.sh; echo 'vagrant'|sudo -S sh '/tmp/shutdown.sh'",
+      "guest_additions_path": "VBoxGuestAdditions_{{.Version}}.iso",
+      "virtualbox_version_file": ".vbox_version",
+      "vboxmanage": [
+        [ "modifyvm", "{{.Name}}", "--memory", "512" ],
+        [ "modifyvm", "{{.Name}}", "--cpus", "1" ]
+      ]
+    }
+  ]
+}
diff --git a/packer/centos-7.1/template.json-vagrant-box b/packer/centos-7.1/template.json-vagrant-box
new file mode 100644
index 0000000..e69de29

From cb4d915018eb066c0366bce986931b58fe085a99 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 29 Feb 2016 00:50:37 +0100
Subject: [PATCH 067/169] increase version and update submodules with new
 versions

---
 configure.ac     | 2 +-
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/configure.ac b/configure.ac
index ec56cc3..e5b1bac 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([nemea], [2.2.1], [traffic-analysis@cesnet.cz])
+AC_INIT([nemea], [2.2.2], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 RELEASE=1
 AC_SUBST(RELEASE)
diff --git a/detectors b/detectors
index 5f5174d..cda7631 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 5f5174d21f31dcd6866c03aa0436c480a3ef37e1
+Subproject commit cda76317a366bbb502161a2606e4591957f9f4d6
diff --git a/modules b/modules
index cf8ee60..d367a38 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit cf8ee60472b3d287c65152f7e605b4bf595b5f3d
+Subproject commit d367a38ff41abf186128c7fb66029c71bf380d05
diff --git a/nemea-framework b/nemea-framework
index d25179d..4c4c89a 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit d25179d9b9c27c464e550d2cba6a6232ba2afcd5
+Subproject commit 4c4c89a18b701f0506c353c25539be11bce1332c
diff --git a/nemea-supervisor b/nemea-supervisor
index 9908b94..f2302c6 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 9908b94351592cb3c97a97ca3c85b8eb2a63e0e8
+Subproject commit f2302c66e0fbfbf7704c433e06de643df2a453cb

From 2590b0f208b842a6ed452cc7110b782abbfa6beb Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Thu, 3 Mar 2016 11:33:21 +0100
Subject: [PATCH 068/169] vagrant: ipfixcol_startup: changed ports of output
 interfaces

it now matches: https://homeproj.cesnet.cz/projects/traffic-analysis/wiki/Porty_na_Nemea_serverech
---
 vagrant/common/ipfixcol_startup.rb | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/vagrant/common/ipfixcol_startup.rb b/vagrant/common/ipfixcol_startup.rb
index 453de0b..f07110a 100644
--- a/vagrant/common/ipfixcol_startup.rb
+++ b/vagrant/common/ipfixcol_startup.rb
@@ -53,7 +53,7 @@
 +                                <!-- Default interface -->
 +                                <interface>
 +                                        <type>t</type>
-+                                        <params>7500</params>
++                                        <params>7600</params>
 +                                        <ifcTimeout>10000</ifcTimeout>
 +                                        <flushTimeout>1000000</flushTimeout>
 +                                        <bufferSwitch>1</bufferSwitch>
@@ -62,16 +62,16 @@
 +                               <!-- VOIP interface -->
 +                                <interface>
 +                                        <type>t</type>
-+                                        <params>7501</params>
++                                        <params>7601</params>
 +                                        <ifcTimeout>1000</ifcTimeout>
 +                                        <flushTimeout>1000000</flushTimeout>
 +                                        <bufferSwitch>1</bufferSwitch>
-+                                        <format>DST_IP,?INVEA_SIP_RTP_IP4,?INVEA_SIP_RTP_IP6,SRC_IP,BYTES,?INVEA_RTCP_OCTETS,?INVEA_RTCP_PACKETS,?INVEA_SIP_BYE_TIME,?INVEA_SIP_INVITE_RINGING_TIME,?INVEA_SIP_OK_TIME,?INVEA_SIP_STATS,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,?INVEA_RTCP_LOST,?INVEA_RTP_JITTER,PACKETS,?DST_PORT,?INVEA_SIP_RTP_AUDIO,?INVEA_SIP_RTP_VIDEO,?SRC_PORT,DIR_BIT_FIELD,?INVEA_RTCP_SOURCE_COUNT,?INVEA_RTP_CODEC,?INVEA_VOIP_PACKET_TYPE,PROTOCOL,?TCP_FLAGS,?TOS,?TTL,?INVEA_SIP_CALLED_PARTY,?INVEA_SIP_CALLING_PARTY,?INVEA_SIP_CALL_ID,INVEA_SIP_REQUEST_URI,?INVEA_SIP_USER_AGENT,?INVEA_SIP_VIA</format>
++                                        <format>DST_IP,?INVEA_SIP_RTP_IP4,?INVEA_SIP_RTP_IP6,SRC_IP,BYTES,?INVEA_RTCP_OCTETS,?INVEA_RTCP_PACKETS,?INVEA_SIP_BYE_TIME,?INVEA_SIP_INVITE_RINGING_TIME,?INVEA_SIP_OK_TIME,?INVEA_SIP_STATS,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,?INVEA_RTCP_LOST,?INVEA_RTP_JITTER,PACKETS,?DST_PORT,?INVEA_SIP_RTP_AUDIO,?INVEA_SIP_RTP_VIDEO,?SRC_PORT,DIR_BIT_FIELD,?INVEA_RTCP_SOURCE_COUNT,?INVEA_RTP_CODEC,?INVEA_VOIP_PACKET_TYPE,PROTOCOL,?TCP_FLAGS,?TOS,?TTL,?INVEA_SIP_CALLED_PARTY,?INVEA_SIP_CALLING_PARTY,?INVEA_SIP_CALL_ID,?INVEA_SIP_REQUEST_URI,?INVEA_SIP_USER_AGENT,?INVEA_SIP_VIA</format>
 +                                </interface>
 +                                <!-- SMTP interface -->
 +                                <interface>
 +                                        <type>t</type>
-+                                        <params>7502</params>
++                                        <params>7602</params>
 +                                        <ifcTimeout>1000</ifcTimeout>
 +                                        <flushTimeout>1000000</flushTimeout>
 +                                        <bufferSwitch>1</bufferSwitch>
@@ -80,7 +80,7 @@
 +                                <!-- HTTP interface -->
 +                                <interface>
 +                                        <type>t</type>
-+                                        <params>7503</params>
++                                        <params>7604</params>
 +                                        <ifcTimeout>1000</ifcTimeout>
 +                                        <flushTimeout>1000000</flushTimeout>
 +                                        <bufferSwitch>1</bufferSwitch>
@@ -89,7 +89,7 @@
 +                                <!-- IPv6 Tunnel interface -->
 +                                <interface>
 +                                        <type>t</type>
-+                                        <params>7504</params>
++                                        <params>7605</params>
 +                                        <ifcTimeout>1000</ifcTimeout>
 +                                        <flushTimeout>1000000</flushTimeout>
 +                                        <bufferSwitch>1</bufferSwitch>
@@ -98,7 +98,7 @@
 +                                <!-- DNS interface -->
 +                                <interface>
 +                                        <type>t</type>
-+                                        <params>7505</params>
++                                        <params>7608</params>
 +                                        <ifcTimeout>1000</ifcTimeout>
 +                                        <flushTimeout>1000000</flushTimeout>
 +                                        <bufferSwitch>1</bufferSwitch>

From e0f56510260c9f7b90ae0ae71bc36155e44dee39 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Thu, 3 Mar 2016 13:40:05 +0100
Subject: [PATCH 069/169] vagrant: ipfixcol_startup: changed output sockets
 from TPC to UNIX

---
 vagrant/common/ipfixcol_startup.rb | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/vagrant/common/ipfixcol_startup.rb b/vagrant/common/ipfixcol_startup.rb
index f07110a..a532247 100644
--- a/vagrant/common/ipfixcol_startup.rb
+++ b/vagrant/common/ipfixcol_startup.rb
@@ -52,8 +52,8 @@
 +                                <fileFormat>unirec</fileFormat>
 +                                <!-- Default interface -->
 +                                <interface>
-+                                        <type>t</type>
-+                                        <params>7600</params>
++                                        <type>u</type>
++                                        <params>flow_data_source</params>
 +                                        <ifcTimeout>10000</ifcTimeout>
 +                                        <flushTimeout>1000000</flushTimeout>
 +                                        <bufferSwitch>1</bufferSwitch>
@@ -61,8 +61,8 @@
 +                                </interface>
 +                               <!-- VOIP interface -->
 +                                <interface>
-+                                        <type>t</type>
-+                                        <params>7601</params>
++                                        <type>u</type>
++                                        <params>voip_data_source</params>
 +                                        <ifcTimeout>1000</ifcTimeout>
 +                                        <flushTimeout>1000000</flushTimeout>
 +                                        <bufferSwitch>1</bufferSwitch>
@@ -70,8 +70,8 @@
 +                                </interface>
 +                                <!-- SMTP interface -->
 +                                <interface>
-+                                        <type>t</type>
-+                                        <params>7602</params>
++                                        <type>u</type>
++                                        <params>smtp_data_source</params>
 +                                        <ifcTimeout>1000</ifcTimeout>
 +                                        <flushTimeout>1000000</flushTimeout>
 +                                        <bufferSwitch>1</bufferSwitch>
@@ -79,8 +79,8 @@
 +                                </interface>
 +                                <!-- HTTP interface -->
 +                                <interface>
-+                                        <type>t</type>
-+                                        <params>7604</params>
++                                        <type>u</type>
++                                        <params>http_data_source</params>
 +                                        <ifcTimeout>1000</ifcTimeout>
 +                                        <flushTimeout>1000000</flushTimeout>
 +                                        <bufferSwitch>1</bufferSwitch>
@@ -88,8 +88,8 @@
 +                                </interface>
 +                                <!-- IPv6 Tunnel interface -->
 +                                <interface>
-+                                        <type>t</type>
-+                                        <params>7605</params>
++                                        <type>u</type>
++                                        <params>ipv6tunnel_data_source</params>
 +                                        <ifcTimeout>1000</ifcTimeout>
 +                                        <flushTimeout>1000000</flushTimeout>
 +                                        <bufferSwitch>1</bufferSwitch>
@@ -97,8 +97,8 @@
 +                                </interface>
 +                                <!-- DNS interface -->
 +                                <interface>
-+                                        <type>t</type>
-+                                        <params>7608</params>
++                                        <type>u</type>
++                                        <params>dns_data_source</params>
 +                                        <ifcTimeout>1000</ifcTimeout>
 +                                        <flushTimeout>1000000</flushTimeout>
 +                                        <bufferSwitch>1</bufferSwitch>

From 761e3d367d3ae4b8d2a6548af2ab1206bbb837be Mon Sep 17 00:00:00 2001
From: Vaclav Bartos <bartos@cesnet.cz>
Date: Thu, 3 Mar 2016 14:22:59 +0100
Subject: [PATCH 070/169] doc: minor improvements of README

---
 README.md           | 16 ++++++++--------
 use-cases/README.md |  2 +-
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 5c72386..4b678dd 100644
--- a/README.md
+++ b/README.md
@@ -5,9 +5,9 @@ Travis CI build: [![Build Status](https://travis-ci.org/CESNET/Nemea.svg?branch=
 
 The Nemea system consists of:
 * [Nemea framework](https://github.com/CESNET/Nemea-Framework): The heart of the system that provides interconnection of modules, data format (and its handling) and common functions, algorithms and data structures.
-* [Nemea modules](https://github.com/CESNET/Nemea-Modules): Base modules of the system for export&storage of flow data, replay of stored flow data, filtering, merging, and others. It also contains a basic flow exporter capable of L7 information. 
-* [Nemea detectors](https://github.com/CESNET/Nemea-Detectors): Detection modules that can detect and report various types of malicious traffic such as DoS, DDoS, scanning, bruteforce attacks.
-* [Nemea Supervisor](https://github.com/CESNET/Nemea-Supervisor): Central management and monitoring module of the Nemea system. It takes care of running modules according to configuration.
+* [Nemea modules](https://github.com/CESNET/Nemea-Modules): Base modules of the system for export&storage of flow data, replay of stored flow data, filtering, merging, and others. It also contains a basic flow exporter capable of extracting L7 information. 
+* [Nemea detectors](https://github.com/CESNET/Nemea-Detectors): Detection modules that can detect and report various types of malicious traffic such as DoS, DDoS, scanning, bruteforce attacks, etc.
+* [Nemea Supervisor](https://github.com/CESNET/Nemea-Supervisor): Central management and monitoring tool of the Nemea system. It takes care of running modules according to a specified configuration.
 
 This file describes the installation and basic usage of the Nemea system.
 To see more general information, please have a look at
@@ -154,20 +154,20 @@ nemea-supervisor/supervisor -f nemea-supervisor/configs/supervisor_config.xml
 ```
 To start `supervisor` in an interactive mode, use `-d`
 
-For more information about Supervisor see its README.
+For more information about Supervisor see its [README](https://github.com/CESNET/Nemea-Supervisor/blob/master/README.md).
 
 Note: It is totally up to user whether to use `nemea-supervisor/configs` or not.  It is just
-an example of working configuration.
+an example of a working configuration.
 
 
 Nemea Related Publications
 ==========================
 
-* Tomáš Čejka, Radoslav Bodó, Hana Kubátová: Nemea: Searching for Botnet Footprints. In: Proceedings of the 3rd Prague Embedded Systems Workshop, Prague, Czech Republic, 2015.
+* Tomáš Čejka, Radoslav Bodó, Hana Kubátová: Nemea: Searching for Botnet Footprints. In: Proceedings of the 3rd Prague Embedded Systems Workshop (PESW), Prague, CZ, 2015.
 
 * Tomáš Čejka, Václav Bartoš, Lukáš Truxa, Hana Kubátová: [Using Application-Aware Flow Monitoring for SIP Fraud Detection](http://link.springer.com/chapter/10.1007/978-3-319-20034-7_10). In: Proc. of 9th International Conference on Autonomous Infrastructure, Management and Security (AIMS15), 2015.
 
-* Tomáš Čejka, Zdeněk Rosa and Hana Kubátová: [Stream-wise Detection of Surreptitious Traffic over DNS](http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=7033254). In: 2014 IEEE 19th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD) (CAMAD 2014). Athens, 2014
+* Tomáš Čejka, Zdeněk Rosa and Hana Kubátová: [Stream-wise Detection of Surreptitious Traffic over DNS](http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=7033254). In: Proc. of 19th IEEE International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD 2014). Athens, 2014.
 
-* V. Bartos, M. Zadnik, T. Cejka: [Nemea: Framework for stream-wise analysis of network traffic](http://www.cesnet.cz/wp-content/uploads/2014/02/trapnemea.pdf), CESNET technical report 6/2013.
+* Václav Bartoš, Martin Žádník, Tomáš Čejka: [Nemea: Framework for stream-wise analysis of network traffic](http://www.cesnet.cz/wp-content/uploads/2014/02/trapnemea.pdf), CESNET technical report 6/2013.
 
diff --git a/use-cases/README.md b/use-cases/README.md
index 70c54f2..6479270 100644
--- a/use-cases/README.md
+++ b/use-cases/README.md
@@ -4,7 +4,7 @@ Use-Cases - Example scripts
 This directory contains example scripts that show
 usage of Nemea modules.
 To get more information, run a script without parameters
-to show description explaining functionality of a script.
+to show description explaining functionality of the script.
 The source codes of scripts may be used for educational
 purposes to understand how to use the Nemea modules.
 

From d8559e647efc41b3730fdd1d995812cdf2816898 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 4 Mar 2016 19:40:14 +0100
Subject: [PATCH 071/169] increased version of nemea, released RPM package

---
 configure.ac | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index e5b1bac..58cf188 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([nemea], [2.2.2], [traffic-analysis@cesnet.cz])
+AC_INIT([nemea], [2.2.3], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 RELEASE=1
 AC_SUBST(RELEASE)

From 1ed3e9abd4ef48b059754018d022426e0872702f Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Sat, 5 Mar 2016 18:25:40 +0100
Subject: [PATCH 072/169] rpm: changed generating python and pycommon rpm
 packages

---
 rpms.sh | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/rpms.sh b/rpms.sh
index 35abcd2..a06cbdf 100755
--- a/rpms.sh
+++ b/rpms.sh
@@ -86,14 +86,15 @@ export chuser
       su $chuser -p -c "$topdir/generate-rpm.sh"
       $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
    )
+   su $chuser -p -c "./bootstrap.sh >/dev/null 2>/dev/null&& ./configure -q"
    (
       cd python
-      su $chuser -p -c "python setup.py bdist_rpm --no-autoreq"
+      su $chuser -p -c "make && make rpm"
       $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
    )
    (
       cd pycommon
-      su $chuser -p -c "python setup.py bdist_rpm --no-autoreq"
+      su $chuser -p -c "make && make rpm"
       $pkginst install -y -q $(find \( -name '*noarch.rpm' -o -name '*64.rpm' \))
    )
 )
@@ -118,4 +119,5 @@ mkdir -p "`pwd`/RPMBUILD"
 rpmbuild  -ba nemea.spec --define "_topdir `pwd`/RPMBUILD"
 mkdir -p "`pwd`/rpms"
 find -name *.rpm -not -path "./rpms/*" -exec mv {} rpms/ \;
+chown -R $chuser rpms/
 

From 1a4167bb7e58e0218e9a213ba05bfd4d78a91222 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 11 Mar 2016 09:15:47 +0100
Subject: [PATCH 073/169] update revisions of submodules

Changelog:
   Detectors
   - add requirement on wget

   Modules
   - improved doc
   - add ipblacklist2idea
   - add email_reporter module
   - install json_dump & json_replay
   - flow_meter: set file capability to be able to run as non-root (after RPM install)

   Framework
   - bugfix name of module in help (-h)
   - bugfix report2idea: only DetectTime is mandatory even for mongodb

   Supervisor
   - add configs of new modules
   - template of configuration
   - feature "show logs"
   - bugfix systemd service start/stop/restart
   - bugfix XML config validation
---
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/detectors b/detectors
index cda7631..7e49474 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit cda76317a366bbb502161a2606e4591957f9f4d6
+Subproject commit 7e494748bba82ed61053a0f1d9af47427c32be80
diff --git a/modules b/modules
index d367a38..543910e 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit d367a38ff41abf186128c7fb66029c71bf380d05
+Subproject commit 543910eda41cd5034c5b37818e19329d0ab593ec
diff --git a/nemea-framework b/nemea-framework
index 4c4c89a..4057855 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 4c4c89a18b701f0506c353c25539be11bce1332c
+Subproject commit 405785563d6dc54af4ffa7db7b98f7f19010b993
diff --git a/nemea-supervisor b/nemea-supervisor
index f2302c6..1964aa7 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit f2302c66e0fbfbf7704c433e06de643df2a453cb
+Subproject commit 1964aa7c30bb670faf5de2c6349f7f76a555533d

From 37cdaf4b0cef94dfc9b6f853cb5aecd366d6ea6b Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sun, 13 Mar 2016 22:26:38 +0100
Subject: [PATCH 074/169] update revisions of submodules

Changelog:
   Modules
   - add bruteforce2idea
   - changed format of IDEA messages according to feedback of V.Bartos&P.Kacha

   Framework
   - bugfix trap_stats
   - improve file IFC error message

   Supervisor
   - added `file` and `blackhole` IFC types
   - config file for ipfixcol & adapted sup file
   - sup file for internal multopt detector
---
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules b/modules
index 543910e..a3af362 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 543910eda41cd5034c5b37818e19329d0ab593ec
+Subproject commit a3af3627e0f835c66851864690a49ea8f9c4d87c
diff --git a/nemea-framework b/nemea-framework
index 4057855..1392d51 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 405785563d6dc54af4ffa7db7b98f7f19010b993
+Subproject commit 1392d516f239b09d4df3626f5b44eef1fbac4e73
diff --git a/nemea-supervisor b/nemea-supervisor
index 1964aa7..d56c2c6 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 1964aa7c30bb670faf5de2c6349f7f76a555533d
+Subproject commit d56c2c6b612aff26cea68cde80587a5af606fa11

From 45c4b0f6d11f462b940fe63c0338c91de45c4dd3 Mon Sep 17 00:00:00 2001
From: Petr Stehlik <xstehl14@stud.fit.vutbr.cz>
Date: Fri, 18 Mar 2016 15:57:26 +0100
Subject: [PATCH 075/169] Updated default user configuration to match Dashboard
 v0.4

---
 packer/centos-7.1/scripts/nemea-system.sh | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/packer/centos-7.1/scripts/nemea-system.sh b/packer/centos-7.1/scripts/nemea-system.sh
index d34be4d..b800285 100644
--- a/packer/centos-7.1/scripts/nemea-system.sh
+++ b/packer/centos-7.1/scripts/nemea-system.sh
@@ -32,12 +32,13 @@ pip install -r requirements.txt
 
 mongo 127.0.0.1/nemeadb --eval '
 db.users.drop();
-var d = { "name" : "Nemea",
-"surname" : "Test User",
-"username" : "nemea",
-"password" : "$2a$12$Z9PaH.uCgAEOY7JDVEo78efEcoL0oiTWY88gbJTJhIIKFMOQGkOei",
-"settings" : []
- };
+var d = { 
+	"password" : "$2a$12$MuAuralQ8p01q8eXPtTm4eZsflipBKx6cK0HZMpQbCNyDgcX4YPse", 
+	"username" : "nemea", 
+	"name" : "Default", 
+	"surname" : "User", 
+	"settings" : [ { "settings" : { "title" : "Basic", "timeshift" : "0", "interval" : "60" }, "items" : [ { "content" : "Click the menu icon to select edit", "sizeY" : 3, "row" : 0, "type" : "piechart", "col" : 0, "loading" : false, "config" : { "type" : "piechart", "metric" : "Category", "period" : "24" }, "sizeX" : 4, "title" : "24h shares" } ] } ] 
+};
 db.users.insert(d);
 '
 

From 3880ccdb9cc39bf4c16b326ac781dfb51cdc4025 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Sun, 20 Mar 2016 15:57:38 +0100
Subject: [PATCH 076/169] increased version of Nemea, released RPM nemea
 package, increased revision

---
 configure.ac     | 2 +-
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/configure.ac b/configure.ac
index 58cf188..c3edef0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([nemea], [2.2.3], [traffic-analysis@cesnet.cz])
+AC_INIT([nemea], [2.2.4], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 RELEASE=1
 AC_SUBST(RELEASE)
diff --git a/detectors b/detectors
index 7e49474..5a57cfd 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 7e494748bba82ed61053a0f1d9af47427c32be80
+Subproject commit 5a57cfdc4e3a067a24b81bfdef8475223be7cee0
diff --git a/modules b/modules
index a3af362..092092c 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit a3af3627e0f835c66851864690a49ea8f9c4d87c
+Subproject commit 092092c8189aca75063f56e864b6dbfd98044f02
diff --git a/nemea-framework b/nemea-framework
index 1392d51..d31607e 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 1392d516f239b09d4df3626f5b44eef1fbac4e73
+Subproject commit d31607ecee05860ef6c52f20d3d3d2c024bb589d
diff --git a/nemea-supervisor b/nemea-supervisor
index d56c2c6..6881543 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit d56c2c6b612aff26cea68cde80587a5af606fa11
+Subproject commit 68815439bab6baa13c432b5566b63fe033fbf58a

From 13fea15cbb230de3795aefa466fb77c9524a95be Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 1 Apr 2016 09:48:20 +0200
Subject: [PATCH 077/169] add license

---
 COPYING | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 COPYING

diff --git a/COPYING b/COPYING
new file mode 100644
index 0000000..36bbc71
--- /dev/null
+++ b/COPYING
@@ -0,0 +1,31 @@
+COPYRIGHT AND PERMISSION NOTICE
+
+Copyright (C) 2012-2016 CESNET, z.s.p.o.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright
+     notice, this list of conditions and the following disclaimer.
+  2. Redistributions in binary form must reproduce the above copyright
+     notice, this list of conditions and the following disclaimer in
+     the documentation and/or other materials provided with the distribution.
+  3. Neither the name of the Company nor the names of its contributors may
+     be used to endorse or promote products derived from this software
+     without specific prior written permission.
+
+ALTERNATIVELY, provided that this notice is retained in full, this product
+may be distributed under the terms of the GNU General Public License (GPL)
+version 2 or later, in which case the provisions of the GPL apply INSTEAD OF
+those given above.
+
+This software is provided "as is", and any express or implied warranties,
+including, but not limited to, the implied warranties of merchantability
+and fitness for a particular purpose are disclaimed. In no event shall the
+company or contributors be liable for any direct, indirect, incidental,
+special, exemplary, or consequential damages (including, but not limited to,
+procurement of substitute goods or services; loss of use, data, or profits;
+or business interruption) however caused and on any theory of liability,
+whether in contract, strict liability, or tort (including negligence or
+otherwise) arising in any way out of the use of this software, even if
+advised of the possibility of such damage.

From 4dc2d71df973698d08a66600afcf5646acfea3cf Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Sun, 24 Apr 2016 23:23:21 +0200
Subject: [PATCH 078/169] increased version, added nemea-framework as a
 dependency, increased revision, released RPM package

---
 configure.ac     | 2 +-
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 nemea.spec.in    | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/configure.ac b/configure.ac
index c3edef0..8a23237 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([nemea], [2.2.4], [traffic-analysis@cesnet.cz])
+AC_INIT([nemea], [2.3.0], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 RELEASE=1
 AC_SUBST(RELEASE)
diff --git a/detectors b/detectors
index 5a57cfd..c493b95 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 5a57cfdc4e3a067a24b81bfdef8475223be7cee0
+Subproject commit c493b953306b32b32c0fde4ec9cbd99861133492
diff --git a/modules b/modules
index 092092c..19882b4 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 092092c8189aca75063f56e864b6dbfd98044f02
+Subproject commit 19882b4cabb5d6c6fabbe51fef4e2ed80d0abf3f
diff --git a/nemea-framework b/nemea-framework
index d31607e..ea023c8 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit d31607ecee05860ef6c52f20d3d3d2c024bb589d
+Subproject commit ea023c8af56ece5b53c2c7efc6ebb03760de4734
diff --git a/nemea-supervisor b/nemea-supervisor
index 6881543..b557869 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 68815439bab6baa13c432b5566b63fe033fbf58a
+Subproject commit b5578699e5795625a7acc82405ef9fc897ad3c0c
diff --git a/nemea.spec.in b/nemea.spec.in
index 2a9a8eb..23cdb75 100644
--- a/nemea.spec.in
+++ b/nemea.spec.in
@@ -10,7 +10,7 @@ Vendor: CESNET, z.s.p.o.
 Packager: @USERNAME@ <@USERMAIL@>
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}
 BuildArch: noarch
-Requires: libtrap nemea-common nemea-modules nemea-detectors nemea-python nemea-pycommon nemea-supervisor
+Requires: nemea-framework libtrap nemea-common nemea-modules nemea-detectors nemea-python nemea-pycommon nemea-supervisor
 
 %description
 Meta-package of the Nemea system, the distributed modular system for network traffic analysis and anomaly detection.

From 1fb4877da89d50f4c5143f578c9804e1c1f8cccd Mon Sep 17 00:00:00 2001
From: Vaclav Bartos <bartos@cesnet.cz>
Date: Wed, 4 May 2016 13:08:01 +0200
Subject: [PATCH 079/169] Fixed a typo in README.md

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 4b678dd..bbd3046 100644
--- a/README.md
+++ b/README.md
@@ -19,7 +19,7 @@ Installation
 For the list of dependencies, please have a look into [dependencies.md](./dependencies.md).
 
 There are three different ways of installation of the Nemea system covered
-in this document: vagrant, binary packages and spurce codes.
+in this document: vagrant, binary packages and source codes.
 
 Vagrant
 -------
@@ -58,7 +58,7 @@ and compilation process. For more information see:
 ./configure --help
 ```
 
-We recommend to set paths according to the used operating system e.g.:
+We recommend to set paths according to the used operating system, e.g.:
 ```
 ./configure --prefix=/usr --bindir=/usr/bin/nemea --sysconfdir=/etc/nemea --libdir=/usr/lib64
 ```

From 33a386cc5e063bb6c95e97798c018101a267e047 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=A1clav=20Barto=C5=A1?= <bartos@cesnet.cz>
Date: Wed, 4 May 2016 16:06:22 +0200
Subject: [PATCH 080/169] Readme: Add information about RPM packages

---
 README.md | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index bbd3046..32a2b38 100644
--- a/README.md
+++ b/README.md
@@ -30,8 +30,21 @@ For more information see [./vagrant/](./vagrant/).
 Binary packages
 ---------------
 
-The Nemea system can be installed from binary packages. Information will
-be supplied soon.
+The NEMEA system can be installed from binary RPM packages.
+To add CESNET's repository containing the packages, run (as root/sudo):
+```
+rpm -ivh https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/liberouter-devel-1.0.0-1.noarch.rpm
+```
+
+After that, NEMEA can be installed as any other package (run as root/sudo):
+```
+yum install nemea
+```
+
+Note: `yum` was replaced by `dnf` in some distributions.
+
+For development purposes, there is `nemea-framework-devel` package that installs
+all needed development files and docs.
 
 Source Codes installation
 -------------------------

From 1d238e5208d8ccd08dd0fcd8fabb7fb84017196d Mon Sep 17 00:00:00 2001
From: Vaclav Bartos <bartos@cesnet.cz>
Date: Wed, 4 May 2016 16:09:45 +0200
Subject: [PATCH 081/169] Readme: "Nemea" -> "NEMEA"

---
 README.md | 30 +++++++++++++++---------------
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/README.md b/README.md
index 32a2b38..ce85141 100644
--- a/README.md
+++ b/README.md
@@ -3,13 +3,13 @@ NEMEA System
 
 Travis CI build: [![Build Status](https://travis-ci.org/CESNET/Nemea.svg?branch=master)](https://travis-ci.org/CESNET/Nemea)
 
-The Nemea system consists of:
-* [Nemea framework](https://github.com/CESNET/Nemea-Framework): The heart of the system that provides interconnection of modules, data format (and its handling) and common functions, algorithms and data structures.
-* [Nemea modules](https://github.com/CESNET/Nemea-Modules): Base modules of the system for export&storage of flow data, replay of stored flow data, filtering, merging, and others. It also contains a basic flow exporter capable of extracting L7 information. 
-* [Nemea detectors](https://github.com/CESNET/Nemea-Detectors): Detection modules that can detect and report various types of malicious traffic such as DoS, DDoS, scanning, bruteforce attacks, etc.
-* [Nemea Supervisor](https://github.com/CESNET/Nemea-Supervisor): Central management and monitoring tool of the Nemea system. It takes care of running modules according to a specified configuration.
+The NEMEA system consists of:
+* [NEMEA framework](https://github.com/CESNET/Nemea-Framework): The heart of the system that provides interconnection of modules, data format (and its handling) and common functions, algorithms and data structures.
+* [NEMEA modules](https://github.com/CESNET/Nemea-Modules): Base modules of the system for export&storage of flow data, replay of stored flow data, filtering, merging, and others. It also contains a basic flow exporter capable of extracting L7 information. 
+* [NEMEA detectors](https://github.com/CESNET/Nemea-Detectors): Detection modules that can detect and report various types of malicious traffic such as DoS, DDoS, scanning, bruteforce attacks, etc.
+* [NEMEA Supervisor](https://github.com/CESNET/Nemea-Supervisor): Central management and monitoring tool of the NEMEA system. It takes care of running modules according to a specified configuration.
 
-This file describes the installation and basic usage of the Nemea system.
+This file describes the installation and basic usage of the NEMEA system.
 To see more general information, please have a look at
 https://www.liberouter.org/nemea.
 
@@ -18,7 +18,7 @@ Installation
 
 For the list of dependencies, please have a look into [dependencies.md](./dependencies.md).
 
-There are three different ways of installation of the Nemea system covered
+There are three different ways of installation of the NEMEA system covered
 in this document: vagrant, binary packages and source codes.
 
 Vagrant
@@ -82,7 +82,7 @@ After finishing `./configure`, build process can be started by:
 make
 ```
 
-The make(1) tool has various parameters, to build the Nemea package faster on
+The make(1) tool has various parameters, to build the NEMEA package faster on
 multicore systems, we recommend to use parameter -j with the number of jobs
 that should be run in parallel.
 
@@ -95,18 +95,18 @@ The installation can be done by (usually it requires root / sudo):
 make install
 ```
 
-Congratulations, the whole Nemea system should be installed right now... :-)
+Congratulations, the whole NEMEA system should be installed right now... :-)
 
 Quick Start Guide
 =================
 
-The heart of the Nemea system is a Nemea module. Nemea modules are building blocks - independent system processes
+The heart of the NEMEA system is a NEMEA module. NEMEA modules are building blocks - independent system processes
 that can be connected with each other. Information about every module can be found in its help:
 ````
 ./module -h
 ```
 
-Every Nemea module can have one or more communication interfaces (IFC) implemented in
+Every NEMEA module can have one or more communication interfaces (IFC) implemented in
 [libtrap](https://github.com/CESNET/Nemea-Framework/tree/master/libtrap). There are two types of IFCs: **input** and **output**. Numbers of module's IFCs
 can be found in its help.
 
@@ -137,7 +137,7 @@ Description:
 Two modules can be interconnected using one input IFC and one output IFC.
 
 The [./use-cases](./use-cases) directory contains example scripts that demonstrate usage and functionality of
-Nemea modules. `logreplay` and `logger` can be found in [./use-cases/logger-repeater.sh](./use-cases/logger-repeater.sh).
+NEMEA modules. `logreplay` and `logger` can be found in [./use-cases/logger-repeater.sh](./use-cases/logger-repeater.sh).
 Start the script to see how flow records are replayed from CSV file by `logreplay` and received by `logger`:
 ```
 cd use-cases
@@ -148,12 +148,12 @@ To get usage of scripts from `use-cases`, execute a script without parameter. Th
 `logger-repeater.sh` can be used to generate CSV file automatically. For more information, see source codes of
 scripts.
 
-`logreplay` is one of possible ways of getting data into the Nemea system.
+`logreplay` is one of possible ways of getting data into the NEMEA system.
 There is a [nfreader](https://github.com/CESNET/Nemea-modules/tree/master/nfreader) module that is able to read and replay `nfdump` files.
 Last but not least, there is an [ipfixcol](https://github.com/CESNET/ipfixcol/) with [ipfixcol2unirec](https://github.com/CESNET/ipfixcol/tree/master/plugins/storage/unirec)
 that is capable of exporting flow data in UniRec format and sending it via libtrap IFC.
 
-Manage Nemea modules efficiently
+Manage NEMEA modules efficiently
 ================================
 
 The Nemea system can be managed and monitored by a special module called
@@ -173,7 +173,7 @@ Note: It is totally up to user whether to use `nemea-supervisor/configs` or not.
 an example of a working configuration.
 
 
-Nemea Related Publications
+NEMEA Related Publications
 ==========================
 
 * Tomáš Čejka, Radoslav Bodó, Hana Kubátová: Nemea: Searching for Botnet Footprints. In: Proceedings of the 3rd Prague Embedded Systems Workshop (PESW), Prague, CZ, 2015.

From a5c276920bb8a314a1b0b4556536d8ad70034186 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=A1clav=20Barto=C5=A1?= <bartos@cesnet.cz>
Date: Wed, 4 May 2016 16:17:54 +0200
Subject: [PATCH 082/169] Vagrant readme: fixed link to download vagrant

---
 vagrant/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vagrant/README.md b/vagrant/README.md
index 374255d..8af95b1 100644
--- a/vagrant/README.md
+++ b/vagrant/README.md
@@ -11,7 +11,7 @@ The guide assumes that Virtualbox and Vagrant are properly installed in your mac
 You can download these software here:
 
 - Virtualbox: https://www.virtualbox.org/wiki/Downloads
-- Vagrant: http://www.vagrantup.com/downloads
+- Vagrant: http://www.vagrantup.com/downloads.html
 
 NEMEA Installation Steps
 ========================

From 987ecf514219f7ac6e7dcd39276837a7b28abcc9 Mon Sep 17 00:00:00 2001
From: Zdenek Rosa <rosazden@fit.cvut.cz>
Date: Wed, 22 Jun 2016 16:07:05 +0200
Subject: [PATCH 083/169] update revisions of submodules due to new B+ tree API

---
 detectors       | 2 +-
 nemea-framework | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/detectors b/detectors
index c493b95..18bdd12 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit c493b953306b32b32c0fde4ec9cbd99861133492
+Subproject commit 18bdd12c5b90068e02512d741310c47e72519080
diff --git a/nemea-framework b/nemea-framework
index ea023c8..878b451 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit ea023c8af56ece5b53c2c7efc6ebb03760de4734
+Subproject commit 878b45103a758fc3091872650b3b47be198d5748

From 20e664ecf1d07c3a279ca6dae8dda9cf8db84f42 Mon Sep 17 00:00:00 2001
From: Marek Svepes <svepemar@fit.cvut.cz>
Date: Sun, 26 Jun 2016 21:41:35 +0200
Subject: [PATCH 084/169] doc: README outline, system fig., moved dependencies
 to readme

---
 README.md           | 113 +++++++++++++++++++++++++++++++++++++-------
 dependencies.md     |  34 -------------
 doc/NEMEA-parts.png | Bin 0 -> 94852 bytes
 3 files changed, 97 insertions(+), 50 deletions(-)
 delete mode 100644 dependencies.md
 create mode 100644 doc/NEMEA-parts.png

diff --git a/README.md b/README.md
index ce85141..a16df90 100644
--- a/README.md
+++ b/README.md
@@ -1,8 +1,34 @@
-NEMEA System
-============
-
+## README outline
+- [Project status](#project-status)
+- [NEMEA System](#nemea-system)
+   - [Parts of the system](#parts-of-the-system)
+   - [Repositories](#repositories)
+- [Dependencies](#dependencies)
+- [Installation](#installation)
+   - [Binary packages](#binary-packages)
+   - [Source codes](#source-codes)
+   - [Vagrant](#vagrant)
+   - Packer
+- [Quick start and how to](#quick-start-and-how-to)
+   - [Deploy NEMEA](#deploy-nemea)
+   - [Create your own module](#create-your-own-module)
+- [NEMEA Related publications](#nemea-related-publications)
+
+
+
+## Project status
 Travis CI build: [![Build Status](https://travis-ci.org/CESNET/Nemea.svg?branch=master)](https://travis-ci.org/CESNET/Nemea)
 
+
+
+# NEMEA System
+
+## Parts of the system
+
+![NEMEA parts](doc/NEMEA-parts.png)
+
+## Repositories
+
 The NEMEA system consists of:
 * [NEMEA framework](https://github.com/CESNET/Nemea-Framework): The heart of the system that provides interconnection of modules, data format (and its handling) and common functions, algorithms and data structures.
 * [NEMEA modules](https://github.com/CESNET/Nemea-Modules): Base modules of the system for export&storage of flow data, replay of stored flow data, filtering, merging, and others. It also contains a basic flow exporter capable of extracting L7 information. 
@@ -13,22 +39,54 @@ This file describes the installation and basic usage of the NEMEA system.
 To see more general information, please have a look at
 https://www.liberouter.org/nemea.
 
-Installation
-============
 
-For the list of dependencies, please have a look into [dependencies.md](./dependencies.md).
 
-There are three different ways of installation of the NEMEA system covered
-in this document: vagrant, binary packages and source codes.
+## Dependencies
 
-Vagrant
--------
+### Building environment
 
-To try the system "out-of-box", you can use [Vagrant](https://www.vagrantup.com/).
-For more information see [./vagrant/](./vagrant/).
+* autoconf
+* automake
+* gcc
+* gcc-c++
+* libtool
+* libxml2-devel
+* libxml2-utils (contains xmllint on Debian)
+* make
+* pkg-config
+
+### Optional dependencies of modules and detectors
+
+* rpm-build (build of RPM packages)
+* libpcap (flow_meter)
+* libnfdump (http://sourceforge.net/projects/libnfdump/) or libnf (https://github.com/VUTBR/nf-tools/tree/master/libnf/c) (nfreader)
+* libidn (blacklistfilter)
+* bison and flex (unirecfilter)
 
-Binary packages
----------------
+### How to install dependencies:
+
+```
+dnf install -y autoconf automake gcc gcc-c++ libtool libxml2-devel make pkg-config libpcap libidn bison flex
+```
+
+On older systems use `yum` instead of `dnf`.
+
+On Debian-based systems:
+
+```
+apt-get update;
+apt-get install TODO
+```
+
+
+
+# Installation
+
+There are three different ways of installation of the NEMEA system covered
+in this document: **vagrant**, **binary packages** and **source codes**.
+
+
+## Binary packages
 
 The NEMEA system can be installed from binary RPM packages.
 To add CESNET's repository containing the packages, run (as root/sudo):
@@ -46,8 +104,8 @@ Note: `yum` was replaced by `dnf` in some distributions.
 For development purposes, there is `nemea-framework-devel` package that installs
 all needed development files and docs.
 
-Source Codes installation
--------------------------
+
+## Source codes
 
 The whole system is based on GNU/Autotools build system that makes dependency checking and
 building process much more easier.
@@ -97,6 +155,29 @@ make install
 
 Congratulations, the whole NEMEA system should be installed right now... :-)
 
+
+## Vagrant
+
+To try the system "out-of-box", you can use [Vagrant](https://www.vagrantup.com/).
+For more information see [./vagrant/](./vagrant/).
+
+
+
+
+# Quick start and how to
+## Deploy NEMEA
+## Create your own module
+
+
+
+
+
+
+
+
+
+
+
 Quick Start Guide
 =================
 
diff --git a/dependencies.md b/dependencies.md
deleted file mode 100644
index 87b4dd9..0000000
--- a/dependencies.md
+++ /dev/null
@@ -1,34 +0,0 @@
-# Building environment
-
-* autoconf
-* automake
-* gcc
-* gcc-c++
-* libtool
-* libxml2-devel
-* libxml2-utils (contains xmllint on Debian)
-* make
-* pkg-config
-
-## Optional dependencies of modules and detectors
-
-* rpm-build (build of RPM packages)
-* libpcap (flow_meter)
-* libnfdump (http://sourceforge.net/projects/libnfdump/) or libnf (https://github.com/VUTBR/nf-tools/tree/master/libnf/c) (nfreader)
-* libidn (blacklistfilter)
-* bison and flex (unirecfilter)
-
-## How to install everything:
-
-```
-dnf install -y autoconf automake gcc gcc-c++ libtool libxml2-devel make pkg-config libpcap libidn bison flex
-```
-
-On older systems use `yum` instead of `dnf`.
-
-On Debian-based systems:
-
-```
-apt-get update;
-apt-get install TODO
-```
diff --git a/doc/NEMEA-parts.png b/doc/NEMEA-parts.png
new file mode 100644
index 0000000000000000000000000000000000000000..be70b2dd7e0087a30e2acf1a197dba66024467bb
GIT binary patch
literal 94852
zcmeFZ_dnI|{|Ao9j)=-8l3ipwwyaS0reyEzW0NF%L>b4)-h1yTviDxu#|{VC--~*G
z-tYIT_xB(8-o8KNR&maGUf1=w?vMN9{<uE`JyVp%$05T(K|#Tnm623NK|zP2prEZ`
zT?hXo=f;JHf^xk9s;cQ|?JE8Hg`Js#?JHv|6ch#ZZ&7ca5_!c3jnzMW_L0Iq?g?2n
zYACnOfY6yied*2G+cLYkj|bK;7fy1mYUVMe4$3vha_&@6Km8^4+@UU^K;HXV&@U;P
z)54;=`U}<K1G{tnr{BCD-XQu+8TG4?_KTv5#v7>&-boFdRIf+7ELkiK=BIF>wAzfb
z_^9AI%0@bm`Vh#X4EirAuje>lyixtcn&dkj&CiwaaXv{G=XLX)9!Z}PH9kPjiOB3&
zRM;O~>)AW?WLrI&4DtSP@aeq>LXAS<M)zltk604k+~(zJkW)BJC+Y&8_&)f?4GMCC
zr035q6f~3R{Cco^AJ`IV$l0{sd)DhuH|XJNy-<&xr*Q&Rx98X{6+N#Q{Us~?b~}T-
zc+qiy0OvznAX@ipE=2_%pRZqB(rTA~DGz*XA)g<KfetrtV?JSR6Qxg3l_*`}nqXyH
zI@?e<l%<bf$`SimMJZHXXCH$lhyp|9)K^-dV77gq!Y@AY!S&Fmd13oeBbKe8)W}5H
zDz->OvjN^@Pg%_SUA!bXOYMclPZ#g714Wc?6kC0zij-*Wj<}UZlCIR*UnY$0F&%oJ
zcTQP94b@Y5Z~L@Bs7xr6zc6|`I&H$*dg^t>*FATlJp_SABbHOHJrfF>)8q$HH_5D%
zow-(QWH`*Y?FO+MCW?^$;?RLPv<i2Ru-$60#zNVyNt~fP^KsqNwn&azt<S=*#1^;|
zTIZt}EvXWQsHS`Aes+o09Ix*q8e+8=lKa!ps+#&ue(J^x%^E7$AJ!ydh6VLLNEv0H
z>r`>H3XIR3zxSk4LgaR^y2CYZ2~2`Rdbo@me)Y96(+s0~ShqcFRmw`H1;Q1z6?stk
z9bw4_L<)~$7xDTP``+(+j^1u|F=LVOGBYsNQu=<72Jz)7nM{0Qui2h_TO`~4;(>lZ
zZqVd|N;Wi{j3?Kw#j&a3ScfV9QWDO;<-!v_pSIuZ%AaN4^~~6pd)+Etv97+mno}f-
z>3u|~b{LUrdU{kGYp&F?+43ebLrnX-iZVec-w6L=hSCEwvatKr4xZ8OaWkb4<;(I!
zbG@M7Z*q-^DK`XX<s}one@D@Wox@>0;_kzD?-X(k4ey|YPXf2dl$~=@7N=>|_2BG|
zzZPEEZKH+nAD*^p<BJn2>?~6k%+~0K57Ci%KQ8k`XnY>%qZ%n#&CY^name$VFYswG
zKaVgy>{{i=qQHIxH$22v+VsL>?i5%=?lLGoZrBT`eW?&R+Ai~W*~XkvG&x>&_~0Jt
zj5;LdDbv@bC#!5Jv`HRrEnWq)w0obg%LQyF(0}lF#%_XHTr(3fC^>7hA8U(UC-$?$
z9s9<;AhoI_r#}4pofUFL*29H$wDFXV9=trcCmLPPzc0GZCpmaES_*UN1lcmWvTdMm
zMFm_V(vi;8Q5?P{&BQ2~|1jURTp-hur{Gq<_UMCo1`}alODg@q7ZRP<a@1ev7Vpau
zz;Aba+U>}k%abkC(WTr%%XnJS8c@f+(WEPAOqM&d7sb4vzDZGBC9x8+bBszsPdopm
zjeZ(43N5`0savpdUogS!`0+<+(;9z)aHYgJ&dS*mW<;>H!cD@7)7sTUPAZ!SHYG=l
zJxanVDSqpYt;dAgsd|~)+cA9vdvByVDE$(MTJb%2=~Z9Ki16{$3Jy$c%h<K>SQyy8
z5$BjnX*cdnRU#bzVKOGcvo|0(z4dmQHFDR;YnPYMSmHbkJ*KjlPvoa`VDRxsc(u~R
z4?EW&s>Ol5F}D8HDcGUEW}xAH!wY-;u|vr_QZm090<tz{%<na9OeTq2FT95;W(aXc
zxw(8)>S}-3uX}(e`$|15p2u+}B0f-C(d{T-Rc_wTl8g$@9`b{%RMM6=jr(nENDb2g
zRop;oJe40)Q7t{omJPwRSDX!Q3Gu<Z5k)=f^^N$*DWMyAw9FFuL}zG=zv!rC$BY-F
z<q>Azbc7Sslqt2@Hf|0M^jCg5+<d~{VRghTn~PB;yiCHnKk3BzGc4pwul|O;e(!xv
z)+Z&r!4G20KF`yYe$ACzv3FK$O6@(gc{)kjyw3`elj0ULz7^Z2J1gESJYgb{j1sHL
z+G^eJ#TCBj^*o}@aL&>AmPAR2RjEVI!$Wfxv_=6_pI9BjO&`J;iQ!kTje?Uq)G2-y
zcD;Oe_>m05GBGga<Kk-UyrSm{AG7lNw`BEvDgF2_DcwCrmo{F$DSs4zZG|`8jryoQ
z-7uN<YszPp667=%|AE#I?zuHXyq^Me{jTc5UE2+9KO`g0D;F*rF5IWTeDy{-qTRiZ
zf<l8LD=DVxs=qOfIn}*%(YE9AUFHB!<V}go0aZ2@lQuJ%Is=mkeokY*a?D%3$7K&b
zJdR<z+s@kYpu|*$ZsFpWhr`xvb$IEv!`4ZnLt{Z(%fe{kiD1F{(b-JR_F;8FuM^A+
zi^c~9?H^yTY3=mIL;S@4$G5QF!5J&`{idSiWSH5rv(kd;Nupv5l!avv_9>#+V`3DP
zNo7CL8;9h-=p#ob6h%S(zc0RgBzz33X=w{lVY0_612<*8WhOYxlhdZ7oaH9i&2!V(
zOdF{(B^2{)h>>aCd#B-P%u&p8%pBQyX`E3wX$me?EdP8?CZaJG^VGCthWuz`YT9s=
zmr}nPKmRLKKUhS&xG-&D8Z^p6K8GQ@bzDneMfZXG!A8xm`Czp=S9=mRZB?oFx1N6%
z4^V}RqAqpDDOEeHsP`oD8@K7%eZlC6VhH9m?nn!{`>Bt3S7i?U|CVvJAYTV`#Uz3B
zXhx;AUpouO>xGSuNW^nWVGm93)1APB?b*V5_d|=rt?7wkqreK=*@AqX%C%7gZ>O-m
zeyf9Cf~Z(oZRS-$Sxk613`I<7(c0QgjZ0R6fjd^Udyn*JZ$)D`M@=nTnc)M6f&Nm*
zhe3uo-FbAu$N&8lsOa+wO@7Jv<UD3)$NSoqHc2A|dbw)3>gKb;I;&2KI!xvbY1L87
zMH?(7N(pdAP8g5;ikz%QBECyhfd!Y%+Gt^6jnjILdcJm!R%r&8W#HR?go0=a?wD0F
z*d5F95@YQ;*J4sO?ZvJ;yJn=v9t^9UrKR3PNenp)_Ym00m62(d^yMEMgHDX&d8~6x
zy5qBDqwiac717G)HuEk&{qINjMJFmse}Q|OeW=cD@3CnQMR$^AG&HIlKPp51SaZM+
zoeY|T9{^{3Y>`myP@fhSC0DCh4ix~~IPyV5KN~#pYBR323M<(^Ljvm;@vpsJ5pIX&
zr=CYkamS~7y-779HrCN;*-^rV8A?C5Z;B}yvgB4f<fipRtySINP|JxCa74flHYanR
z-%FU1kob?7{e9RmSge{wqRAe+K^Y1O8QlrIwFVYJY3)%nDH-A3FZ`%xh4Ja9X|sdr
zO?7g?a@JbOZHM+p4YpZ3Q)vHrxkMe&t=vX2sXgF_Gww>5H|VX0oa6?`qx9pD){a{g
zvl<Kt{==j3uB5FksSnm#BW#sZDG4?;Oby9A_0s=%GMXD0GoFWf^=Ai@J-h6cCQ^xQ
zNlB~3fvN8m<FKLUPTe%wm1*v}0UxXndh}eT(<f~kr^n9||9QwLXyz=2la)$|e9wvR
zKebC<GQvnS_<$@)8#JG6DQk3x5<p92)>u}(WCJ$rRkM|)AnpgMAhyTZST<*sp#NN9
z6F*vo`)HN@!ef)JJNf$c6Z`wqQTj1RzqEzb4{Q)j$Qi?av}zNT*FtOPaIK52(}o$j
zMgM<6#pSlsP@!iiCgsE#cxmmeOv<rmZhk=4rM=kcyO2421i21@FhJ<Ct6o%?^^1F+
z9H=GmSkqZ|?*IKZAJ9#@K7PKf?<!Vm(*1hcJ~u6sAyhV<{p(lj0hPW%{Q;vWi+GQg
zxA?=2-rnWblRWpS(3AcXxBkQc?$cypJ@8|L%>lT2w{_Uf-=!%jd+m=kibJuW%yMM(
zs{-y6;HHfFpk5oQF10R@`a6&$Z+#SUD}j0J%7Q@d;jSZKfY7eCNm3MAJ`JKmYBudv
z;qw5HI&Qo;5!qiiHFo<Oog=8wVczF%j0Aj8WR_)>fA4i+Z2nV8d}!W}9<C_nah3Iv
z{DkWSRC(Yr85bp9J^Kf=W6}K3F&r(>gP!iRaeJM*j*3|_Kv>P6q*OC#_eCoV*vZy!
zhyn1CSAy)vXjfQ$GV2Z9`6~~IzC)Y!*bAldL_TNJspxWAHj^cg6Cj;We|hjz5(k=>
zvx^%gmvGScSt3bW=r7bF6m8OLvN*(};OpBj<dI!tF^AGUV36xGDs`nQ!W<|wR|&oI
zNPIX~L+Q;*%bmZE6bFq(J+JQ?fe;*Ec1?ls{Kf|C!4%s*``v9ZC4AXb`r${MCOc^}
z!7WMue6b8VYWO%ro_?BbHPDq(M+g%#%@E4{i&-rP0dVDc>XXp<ef~b%{{|}%0W$Y|
zF>px{Gw$2NYs0yE5CpBcE}0XfRAuNWyv<~X4<pW6I=??vn#HI!gvsy6tH0l%5iL_O
zNx4wJe#&LJM7*1)ma#y)4g-=-uMjgd7Sk4TH<b#)`YQD=z(7G`x_w8`IS+cUv0BsT
zAzLXwk+{o}*+VkVgfM4VRgewnh~p>(xkb-ueMEthVax9y7><Ir`owT&{#(sLm|&UB
zv;g^@jclcC{9OW+9U>(C@WN`}XaD;O@o9<t4z2zio|69n85Cc>TYMhBifWuUbIb=b
zs-e`ko!sYX5qIfV?NvN~e!<)a5ZgAlE*5w5pSOmF3gdWxJ#(%lu(n26bAY&5C`^+8
z+A8z<{m&2ze&xey7XwzE0p7p&O4K(_A1dp4jI<B!az;^No+q|!30;D(T$4@WeDxiE
zIO}adDd-%+EqLtz_hKat*M_od=H8M!9wW`kcW%j!w$1k$JwmkKZzpZiixlzpy89~n
zzQW7?FyX&8TU3DPBd;xt>!$H+gD1~gA-z+CBWo<yOEyG1+bZ#-a6N#(V?=7WYPrR*
z=57kdUzaN)3<Kn*bj!ke^#oo)!Gg(y^-YGen=JIjw~&h;ke||^ADGn!+Nizr2GZr*
z-V>kwbI-u;Q}`+*@T|sL7W7Y)TW(%>F|Jz3V!rfcRQIDwXy2<25CYe85V<<2mZw>)
z`SUZuUk~8}Ab7IES_S+mf4wB9F*YbbYI5*Zyw8Z+t)Xm5n{>D9<0A<`f96QU|9RS|
z=r6Sm+rlU<1~WogHj0gPH8PyKVVYP_*2U`PSWC~HZ@0S^gH|;@_WZSZKD9pG8`Wz$
zxw@TId7`BO5c81%0fc?Uv&!a9F4La0`%3Zk*Qf4W;pu;VX(lO(hvaLQza}wL9Lygb
z<V4)PmmO&R`MjHVwy0LU%9eQLug?;V#~riL1=!<gT`#Pz+*^iF)y9DM(?eji64$$7
z5FLg1$Fjl24oZIomnh9kw7unS74XLi1W4_&p{$bR#=MyR12#X{Rut>_Kn#=0P_a=P
zO>M`EzqeM@3ioM}fLfA((`%=az%={p@r9uqP;J?gW=S&s*J)d|+YLh$EQkMNUsKqB
z4#;z4D<umToaoY;n+(}P53Xn5MaD#x$tZsYjNn<X$c2YRXynOXaEpSL&D>XLAc9XV
zJhfG=qwFc0pptqGytXTPs7fO6#$`w<8(B?V`_FCt4Sh0PzL&u`n4wU5(i<1UjPYKD
z1#y=lTjOYVsoZtv<x<xtuI`BHM}P4sng}wqKmuy@=^CeUfEu;aX0k5QCk@#*k@O@6
z=U|<Qs005*S5XvSB#j}lK7hy-GK-;LE@?qTHm!MeC`iGN*7{po|0Y+c=mX(RW5q_p
zrKU=wK9+LFwA!iR&V8kt%1JiUHRe-Qs?!Rr+WNY;|6UrF7To=Ci%i6;E~!#dc_>y;
ziVIOZFhFogQAAFE`f~#Q!HLHBKXx;S#%^thX*lb-M6O0*#au`P((rLBNj^L?KTRpW
zWpAZd10;f!ewTuvf5A&yPE!yuV;Q(j-ARHP>h66wEaw3CWIZ3~ROHFUJop^XZFvcg
zIcmAFyNm77Ii8Cqe}adw77dq_^%-D0dX!d-=Fl{E@=!QqLK=6J908?(>b2{5?;Mk>
zsV)ydlni@}ql|aT&L4n?lOlnD(;B^wJH;ADIjA%)so?9L{er4_obl1!rOp+nvWA{u
z`p`mQ3PI<mfCD+Tl4n77zuzO{d?nMzr6W;&@Z*dB{+Lntw?rix;*%PT`vfAVMf$FD
z7>$9m(Di)i{;<Y}d(vTs?BwM}VN{ScRtahl!WCBIL`cuPS%9!Z3*jOKQ4I3eJ@ugi
zcH1-c(3K<?$4TqTfYU>1=<AnxS4#}K_j55?$>K+oFArQHidkNOw7p;I9=Q0*l}g3S
zU7v{C8(y<r-b3HVq(5&XHAiQl>ugS2Q(7xYw@<zGi6DsT-3}JYxYMIO%zY%QWYy7f
zLb+LgicedcL*E{#t=2LUYzCqjDkP^}Y7r^Hk3EkaP2WD%E(4&#$K|rsc;N+rfOUg?
zu{%NIpl+*Xo!z)SieY1&ejunVoO(2n+6z&oiM7lzrjTaOMfw{Np2D?CO?vR=%&e-Z
zPL<}rK!SOqgi9sz*_HO!hW!PDQ?FusUYzDx-ymG<+9k)P?bek+!WoC)^MFVXt7+(^
zgUv(tV4UYi9DxhyIPElwL6J)N(Bqe#>2<XSs4t)0zA+DX+gr|-k7K9pp5Jj9H-))9
zArSrr2c_k$uhYbPgt)!xd77UYVXorIp3A3WS)yFOh*bQZU*TPvDe8&s=izn!$%5F&
z_mrt3Z$Pcu)fr-~q}F!qD8VvlD$vm|AS08~)SjyT*YR<VZ;wk7K)YUDUA9!|X9R<>
zoRFVQ*Tg8v3&p~_7ZJ0Kjr!2lba?CdX9>*ug9*#*hP<}5?J2L5O;l4#4DNTOnB&Uq
z?$lO1D%$88pOM^TZ4;bqxLZ#`$v&`l(IbN1@{C^bgLh7-l?=L;z3g-EW#aDLMdC#v
zt4JtyYaGob1=^&pw(g}o%}00}PQSLRQK`G1`6?}<IHC<L(P}&|Bx&2E)OD+Rg~~Kr
z;~|^AKg@9E-r<f8-|n~D2Iyys7)G}dcW_hldf)*>kv5>59X{D^<Y1XfoQWUKErCkG
z!1bxG#}2uIgeHb(wa(U~yFb4~!QQ=jn&t<4AI0iB0QgXTESt`g6kFXZP^4)^_dCOw
zexK8Dy4%_DiOaO<W?CRT)9dV5u~-ZD%W3(uwY@Q?d2U4UIKO)C{TLIeOzUi=){wgr
z{A?RWn-aN}1=UXkUAB-={DjECdUqEsvuHsV8&l_=)xpei?+dTYjPP#FqqW>Zj~S8j
zHew#hH%ef?9zKY>ssi4*``R`fJpsi`wI#&|`m>J%Vp7bAPt2<|0Oa@umHV!?j7WuM
z4Bqy{wj7%G&;d>gmO18*xt35^7+As;yG{ne-SHy4YE*tQkO8DioEn|E>yZ9~9bS~l
z`n5}DnkF0F!{6m>a02#=+bQQvGqP?xPzHQ(M&9ysi^m4?2rK7E&+fH@U%915rKMC*
z1Z^l4WWv(LdJxC`F!&Zz6j@8qCwD^R*RE9fy{o(Zh~AKzDwJAe28#Tg7RI!xP45Rg
zh!XCBL27wyrm{ehky)mc7=8(pgsEts(IH<*O%%)EZGI>^DdncUuvbd`USG=7MH|*i
zG<~&oGB>OBpdfcT{%AtA9xIwltfZszhXJN9I2r0r9=_S+`16NYa;c~A(IRoV<tY2w
zEakahU4dTh8er#<XH&#k;2zqR{OrK7a_4bZVm-~(skDK2(hrSdLy6YxIqzJ-3>Nmr
zM7g|iM@*zA&HYs}+2pjvfk-T9L!9bf^$JX-(d$fk;C7GHCG~k{@B7S;id^ntz$aoh
zL~*(hX^(4<UAdi6^Be4r4=iz`nH#ynz1|lm28@K7<rZq<=#U1Jj*sIY&F40rAIpQa
zM3IOeSOG4Z{1%^_bbqtm`shRVlf4RLhe6fyxPif3(t1@{qSn%SAsKG9Rj2#p)^J7i
z#ZDV_^d_H)Q@{r1b9a4pjZE!wiw?lR`@9{b1Q7ggyJ>^704SQWZ&rgOoyk#=R6iVA
z)^yatQt0UH7m8FgH7Pgzf@Z3f;Wj=XUt7pFY&BVtUz)4i;BizpVKrT&wq1V++pD)e
ztJwA~&DSV|sbtlH@&?rsiV@o5dv&(<v_C-#>-5@+F4G+_W?FTW^M}DIR@?zI*dJ69
zNl&9r48A&8OtjC}AzyBpD1L=!Y82}CcxO#l$`Gjfj3(r>sX!0LO_ThZf(VggR!M@}
zbt-^r?A@Io<JfA5b*^rP2Xi#=<;=33`@wW<>(vSyj&rP@C_e0-eO;FcgUW>q?Y?vP
zM9ip&m<yzKjty|DkY}&{s@0>OF89IEX0^_x;XQPcXTRcGttp?;w@m9NA275I*so7A
zYZPpR%uQGp?vphIly>zy*?Nn89F~ZOxK|M0*P$WF(n1)`0HsFbE#BQzDjTjMG9D|}
zo<{{KYXJ70)*eoKUz~YuTYF!OLkht;rbV>FLXULtxegntg=|gEE@^Jk4@SsV4=KWJ
z*Xa^#pJOnqX8kxW%8j$0BHQ9qAwyb4stS>cMB?0jvv+lUJ#gQUA;&(Tkz8(+>DPBR
zOFrQqFg3dGRU#2!Kh;hSD#(t#yVt75l-Vb3AUFM}yfMPqUKJHJ#W%j}&fei_`z#Td
zxMVbAfq|iu%9z+F4Ma4CNx2yv6hoa7oj$^+dzC^xI{6P0?%Q<YNQY6}?OLj*8q8Fp
zHeLO^5>;V_4slk%6|r`XYb^SzBh7ZFMC3en<_H(M(Qx271(X(3S!1}#c5r||#T#2t
z8<fDib^2B}1xRnz@3fLz45Z1zCx2e96~!0*rrk-kYcBmot?RG54sw35^C(!kl91H|
zGyWwHquIe|#)dxqHp{URbO)*V`NhdMkBzb7c72?LBSX}Pm7eDnUrqbqVm;J{&fsPU
z3JPk?&AJjmPuYxi6SIvv13cJfanheCR?SA9n~YW!n0H!Qwb!ue;XIb0AM@G(S`?2F
zqLZUhXeH*E3DLOwXlbTGjp9rlNm<2RRZ{&itCSd?gzViP{si}R=tx%KZQ@J`3`X9~
z)(zrJqx&8hkc!ps#&LSfLWj@L?&DhJef2%lGo^k0ARin)AU>6<WoG@)6c;qF*2+g(
zv{Va}$g-P4^yZp;64<<mcDhv;S&R*08J)nVSNJXCf$9x1C{K|#$&453uEt0HoBpuN
zGBnxyyqb%+tzIji@Fbnh`~0;1yuR=*Jr7qFsKzgg(0O4*v2_PH6KmSFaUsj?Uz49Y
zV}q4GaY~V}sE4faCKetJ>}6CqwwqY$dhQR`AP3}CR54qdAL`T?zX&qLbv}x1G}f7^
za6AN!4OK%O3o|EEGG3cRM+<s?s=Z<X4N|X+vhk7!?%Q>2!Mh~LTdbPTcwo=OVKE1T
zJ(Z6pqol7SQqg0=kHVfcmU}_<QRnwoU9;{H@FI%CJz+NeDFLI@W8$0WZTBvfysv>i
zjqtYEH)Ffxy;`gVk>gKE6S#k95pwr~>XZA0ZyX8nf$r-UjaZZ3b(SM}pEi6?v@N)7
zXM{+YRUgoTkoNVfylZeCYa37!!Zfv=XW)G{%=F$ez{}s7$Dt*5a@>lZ<$D6763kFZ
zLBIw;O%J9SX^2~eVe6(PPYfIF@q92x;{4ZwW!vQ_3=MVD9Kbzlem3JKsaPF^lTbK!
ztM8Gzy1sRe#Di{}ECQt!shu@xVK_efNZr3J)>uo^jN5~CYL|z+$G{N5g0T0dQkO7A
z^nLExtAI)$)Ukdn7mxRiKdD|x_HNkFBj>Y&tAtGH;2QI2z}@$L2mdd^qGZNRQ$|_!
zuI*3H+$k0Nj7T<|WtfrUrpei$H2*vky>O*<%&RsT^ckr<-HekpXnZ%$@kM>_Ypifp
zCAf%@KlUqYqZ$qLtr_Xa2SJo%C)hS<1(UMLjZoS)=1t<!I5^mn-qJKgf+&&}LIhQW
zuk0%&2`sV7ml}M9BoxvOgFVEU_`*uGP&$5(qaGQhV#hmW@*-$+#<;ZP^>WwUA>-3-
z6C9JN1~ksxGa~~Bg5-m(>Gir)SZSVBM^(N1xA!D_6Q<ss^=KrN1TLd&-rEsuX9;}v
zDXeunR-{!kfb{8K6SU<@+&C2#3m+aR5uFs*JX|gut6JwXSh1OHnAWP`HSI}sX#H_q
z+jM>-{WmEk@V(1r!dDu=uo<f=Ik5Wd36)~sp!7g658J4)dD`!vq4pIOQv!u!l2ZA}
zVI`-{3Xd(wuYg=B9o27oEKXE2>Qq?Wh&V&DY_t<TLk_k#=_b!_j}_nB@~0yA$Do3J
z%eHQUQL&?Y`v!K09RFGfSF3g2%<|gPqTbM>;<iwIzh$IjqvLryw_3H%b;oCPcONom
z`9$-fiF#lg4r(oj+V1|@M*IhL(Ar7%EWgWI@up*qSgY?Ps#3OcIx_j<l+pZpL}hdf
zKJ>J^=rzaU<|d5V6B$`LTy0u9&S#>R_U`QTv~igOu~Q+`eWt4eU8#OGxbNh>a-1`0
zymB3<7p>tL#g*_)7>CBg<#B#`G~#kH#FR!!41m!q(lIDMyizIlw|u)Q4T=b(PI2eW
ziKPwASILsDJPA8oHd9rvN;QbM5$$mt$;2~bH$=9&_XgbzFkClpznsK22Rg34>Gg5$
zvu**Liq@x9wuO!E?)rn1VJ{1ePD$1dDm^-vh&S^yUAAX7H;P_~9Hy0N{V<Yuw<1-D
zWmVtmbKkpdp&4P}8(O)%eln;by10EZzV)KB$cj{!J`^n6qh6w+naqXSTP)SnY*k<7
zd(Yl&BznBslC?7|m&3QmbFZ5>sd;@SzWbx2fpgq|OXS{F(7!ZjGHITCZ6`}kuSX^q
zE`bjfm|SL3%Te8_nc<HicVN9LWKXftiIHPjR;G6oBIonp2ClGk22mhA&h|$whI5Ab
z2`0|s<PG-SbajfiXB%ff;qMJ=7$i9)xne=Xs71EA-WMA`gR%8J#qjQ|tlOj^$=`n9
z9&RnoG<jc;D8Tia_0DFYb68_h)97JTp@Rq8^lO(gXb2B^E7}Jjs|oI#DGz{SIPG>W
z)>7utVFEZMTx;A(o!?Ym`AKWWkIP%Emsm-N_GE$ORIa`HT%67i7E|YR#df|H`kdvx
z5@C_6ks4SulqRz1GqNlvoAiF*zQ0DY0pYuGmH))h{qUh^B!=brk(+VelO{ru{!|9~
zTaCI<^2W_Y<QGipEZyqY?+@W^vm3VzIxBQ%*}-)l-zWkSLA&3(Av02*F#_#g;gh`H
zl<LpOmPz%+t(6mI{Y^`-tZjY+sYFjUawPW+u1YNi^}r6aE<5MDxQvJ+Pz=A)NtxVI
zfw7H!GH%$i<cizSs>0MfZ;ltmC_YO%0f5LS*n4Dg-ot>vUaAc?0%zv?_2wN2w5$}V
z6O}(_LA3E*92;tt@HT*F)3p}{=^<FT66k%A41`vFM$G5V-|acN62FUu7g`VM?YmeV
zg>6cjI6<ZotQ`#}i*)9ut`a%zUZqv%(wyzl$h~l(`CG1v-N~}7KZ}zxS>KhO7iyK>
z&uc{AaBs5mU~Ai{q^z&hdeG3od(B$<;_Pr%P=3ey>1Q7Dmhw^k^&#q#XPh4y^ykna
z=M9+Ro24r|6<v;t-y>^&_~Ax1EOOXkBYU2#>w+T^Ht)G?fz7Kl3CA#L7Qt^&@EKk+
zGh+$yzbpGdtk*JXt4PUkbMSXlQ1qA>ivdx5@$iVH%c_w=yXl3LlWp}klhpgR1=G2C
zBcYYC11Pi%N*o{cD)VL=ViT)kS;qqzXPhCg2_B~0M4}%Xb2IR4tsEyr5}S?3t_z&c
zRF}<!B7pFE4A!u}6lWmdZAGg1K)zO}lFp^F)TOOK#Hu~gbg$x8r^c7LKShgu1;ydW
z#>vo{2?W_ELAyV_r_H1C%~_pAt0Zl9lra(BW)PYb(~vuJ4hvG(T*#-2aKHG}A3c!S
zesn1ay~G)dqX;kimlwc0H4vZN#NS<SAn8j8=NO!^GR-rJbAso?K{ozxW_E`Ch6wpl
z5!5rAx4S`GsH;iirdIA3l`^yEpt+^a<K9wVjrnMY0{JVqm^gbICMw7-wI=*Ux6Lo#
zxHGo>J!8YkR&9aOtOtzj!G?B&NA>7oi^J$6Z>I=9?0u_RM_fhg%B<4lJJ-3U9Kwq4
z3Iq0BlXoMoa2#@Zfaf#Vxv4gc=_Y-|X6iS@l;o1{uUyiKAf_U(Gw3*;-ejJdvX`tk
zI+=Nqn3An52apyg*4deTZJI}~(1l2XW(btPlvxiQfIyqH`3<5|*MqQU>nwrZAMqg3
zsn8N6MNYYI*SEjj((-43`NM!xn*$2X=blGr-S30eLa*sgnRt4Fq67*QhQyz38VURk
z8SIUxuL}(hc<*(1);bzEMOaNb;3l#+{F;Y9V6{sGIgzV{F)>}&nYcDnZ()NVZDooV
zoXqh{u36CVzBR-r&JS!4x7fn2YDO6rRGpEFqm|^z&FyI9Yq%FWIg+*F!ntv;N3do!
zBLPh>y6}oi(PxSBi7COGyBe~9varMYa3fbS{7l@6+tsQ)+<k9~T|ghe#zGjf@(En)
zQDlQb*63t|XYHjj!uS(8g4SKNqn4Tl^xcxealu8)5zQ*vkDJHkj;qR<HzM@}hx*$5
zbS6J_=xnCh`N8ZOF~vRA3l>t#9fR*e=7ewdTrt-o0-Fs90$F+bVSIX`r+q3C1Fv)M
z8D4z;lg$l$?fj?)F9~hGKkS(c&n|eVDTCL8C2u1kDh8clDLd0fwU4IVOrOb*_}82P
zBEvKZ^#EF?cCB;%-uXnCd4i|0&UD~}$8c})I{E~6$EX$M=x#nhc{etM^=O4%wqC9C
zXJ_8=odN+#Qm?U%RM4}#j^|ZSw=0+V(e?b4r&h=fK-<o3vg;FDLWy69k#AC4`L7Dp
ze$t}jaML)=(HNwE;|T^aQs~|)?a7zRToLL#TP=K*Y4C90kR#EVyEd%92XUshwH}<G
zY_9_t#9M2JZe?BS3FEJe0A)#ZXlRU}Ve_Z*4tV1)j<rM6yY!kC2HUVRkl);Z+nIj<
zg?j_2Y3FO(W4mmV`yI`Uy~YYKt`_B&^IiokzlxPet+nDS<Au*nv;shC!@Fl&JE+x2
zceJ6m0EC{Q$!4dkB9M;Bkn4?fD4B6w*>o|LqIqBGb7k`r^i0`kc%^mtqH7iD)l-LH
zfv46yJOi~N5<r0K4}Ry~B)3yG&){KrTQgI_3oh%4GF3MR$U0g2V#c|%Ye@~)WksK(
znoTsocG``=E_3X(c~$E+uFTd;S-&wm9`89xH&uG1BfKOqf_BSYoyVcwgmwI|(z;T=
z)I<Stv=|Nah0<R8W86JDN~9*E2S%K4ML5B#SQ6wToRNaNN9;-usqi@qF{56TnV`>p
z3hKTmQOj}6YH|rY<K=(Ij1~=pSa>x6)s5A787?TWO{{bY{mg4y;5V_I3}`dzGirQb
z;54kJU%7se_u|&Zp$eSAZtGi+e|<*f!f7{E@q+c+QfvD)%i7nymf8_7jbK0w<*zLD
zn>O&+2_SoH_M@^>oqoK6<6=3%Hj2^|RRfrEl6+e0$DP<-S%PY%cU{};RWjZL5lb(r
z)$~1sxnK+_(sv)29JYGlb6tqy^P|Zx-38`cUf_Kfo$5$q#z)HHbYBPMXcQK_Ct>OE
zs$f%2d$+JsEpZ0`RD(a?m5xXgkCrYUH?rKFut^%q!1mLrP*lG1tvvJx$mK)8P(s~(
z{@VI?y+|ly-bXC=Vi`2L(E>0Fq_?f_%7IQU>32M`$1(?<m6fDjc%%liIH2??2eQu6
zekWMI%5nap?e#FdN%4S7xwar_*kigkmV3N-p)LFnD$^Ouwhz|Zfky7lHk596Zn0Q3
z+oti^RPg>YxUrz${^sQ9`j~+8#)I617#58JhqwF4K_x+FShoS+tF~jEW|PU9a4Lv4
zk4<mi^3S=JwdvZ*g^h8c%4`?UBsgRGtk@roj?EWHp6$X@QIEw3{2R82A0UpT1{i*K
zJb0>q`+p)}7|LYGk9tJ`pHzsDlDl`^bf}g%Ja)K^zIpX;45SCo7HIKt8aDa7YRr3b
z4-u3RUO3L^+-qq1{?}S^qp{kTo-k~ajq}zY0*$YiI(l{=vpDO5f;-Jvk#ucbQKv%Z
z1I8sK+i~lBW<op8t~sjf5SnM}8((?&eUiWN>>$CWdWlr4Xf9t56vW5d-WR!G7nwlC
z&_k=91qE&>AYsSV^(dDB9^7`IA-EQBTmKnotS25`0D;whORaM2f`_y?Svr5@1MjuT
z$6v*{apiGInCWpTM)P$Tabxpf5tSq5mKyb-?Xc3-Lx;ddzTNp<`;`%C78&}I@m918
zP0*|=8=QfL1z)Z8H~|L`OyqOz?F_DB;11C{$v$E$5CgbSzwv;MNp{&CQsl1$C*rLV
zw$Vya_>#_-p>*tn$@W+(r|p^P_1#j#!ny4#(9q%Q%&_8r4g@e|mcu>IZsi@PaGCHy
zi|bl_Dphtb3M-L^UaqhocS~SGZUf^LXW5xBoVQ)uk9cs+F5B80C7nI|VQ|K8b-Gub
zTblQ1pw4p;R*hP8IApujC~`eZfF=qg0^M7+?diYkR4E!FvG7ptkIh{>K%sga3)&FN
ziQ*OKCaE8Tx(Sbfj-pziTm7m~LI?xm8=IB>YCIPAo53@}4dpDuhFL3f<%{z(y;>b~
z2f4mBfZ&geS`nZnBVd{x*%<sw$6`r<V~D|u6gJjHmw+EVU^3TEZd*6!vKI#0G6)dW
z!lrQ#Z4VC)>dV{@Z8Dc515)NHM9<M7a~-dLx4kT|#xS3o#sv^WEbb2y0Cq0K@^cRe
zf&w}&e|n7XRQrsgd~vwiEc+HL8S@%1&UMuHwl*q0uGBr{A#OHt1wA)L8-LiP+<?sy
z%c}Ld=a+JgRj1Pz(as!`p2X}+HHmIE&(~t(jRP_6T`TYucN*Sfp41eG7>x4YdlF(-
zKq*&R)aGSK0W^Wp%>n=FScpMxv`V2qq%m+ZkCnw_GhZ=$C8)u~XLGuC^hkeKT}I%U
zfpyR*c<T*T)XoT6|Irp~C>qn1UWnpbcFQi8fzKdnG{4^y15(XES=KYDI)}?q_mHja
zOa1R!N|Gk(iXa4$BFFB5Hr|!XW8YjDbnz5X7eelGwOaQr6uz^Ui?gnNhDPGvu-$Ny
zNJA?h%X;&up!jgeq;8BGQproOe;tsw;Y+&>L7zte-g&`lAx&|TX=jrazjD@O<7Bn^
z&+#==$jL^ju;qm7dIARHf#NKXK$)MxMW4|xo0Vs=+U<;<o>3Z-9=u4y$c5F09o1w6
zL>zdUl&+j|`@!H;_b`9g_K`lrMGljM&BC;&Eu}0Cey|%+!X=Q2m99_GPo`HYt`c|g
zeZqElTkCS+LkGI+kn;-4!}2^P{a70eoGrRytIqv1!%5>wA_m(p!NU#3^R>4PJnX+V
zc(S5vHG0*<+_(4{Ww5z_7BeXDbWg;#V3NQ6wN}@dZrSi2HxTWGQTftyhm{_{0X)-z
z7{mW9PS2>qu+3y!(>ejzSojj0#z>bwR{&X5kPF~b1WBxJ@yh@QY}^*$liAjtJik$N
zvCVO-^suMEh^v~ELq896m>9a{N*t^Oole{;fNob3e;ro)+HIXzOest0kJh8CbJZ~P
z&Se<i%{BjW9deIh+H^8i`25#G_O$6%;J+HhU(<Ysw~BwXH2Z*~QdD<nB~h*tuo9H|
zz^bLZzdq`6K86<sTJF-XgwDm;y=(QP7MFF=|Ma$BiZ_{*O<c!_(vKQq1f3vZ^=uRD
zNY51Ue>=%!bWpuJN32M@fJs5M_~o~<O?sC<wm{!3+^z)P-cQBM=ILo`U(g|L44ai`
zzUq7frRt(X?p^p-{N(CO&&{8ej+{iD6*T{PEzrCOyh}{FnJ1r#0W&Y=l>1ix6D4xl
zWNw=&%~+!Uu;&e^)ATuSN9Os)RNPzIx;k#q`w8*MZ-^I}<(U~6jxs^VfnJw|)_Gr?
z_w?ZY+x_J`bhAha0XB@llovmD-6(m;dZtcGN%$yj#$!*RFv+YB?#qfOt`Ys$OJu0g
z2q4IaQkJZ=FHwnpkb-6FC%r3C1tm^1pgH}NT0Dg4&(0CPL-iG{jdNQE>S4o!Np<0m
zl<6-G-#McG`92+up`fqx+E9A|G9Ycl*AJ!_g)^Qh9XS>M7;WJP(VtcLh>GKaVnF;)
zn>+yYNgF)fLn#H-18_)i)?9D=adr59CHw{aoj~(oBJZ-14LHMqTtt>}1NC<TsO&F8
zV9)>0b6`*Z@YQ!h2v{_#yDsP-fqt7dXfWftvSR-E8PR#{TMwRzo*ZnJ`jW&UYc1cv
z<SP@!yV$hL`gmtOqFr%9u>NnA_Nckv2GiwlH`do3ujTGfIrL@&o#Bx%S<Sx!u%F0m
zyd)ho4vgcJ)FZ~Z5UU)k<HDZD-$&dB{~Z9z8irr|FvuRgd@}+v;-vDl_Dr1{xCd-n
zb4xcU1+v5ga5^GrCDxonYOiiRs6?M)PXWNV^tkM=(#k3tn^?lcdL?D`emmEoUx!c-
zc$d`nUl-xe-<lfH)H4e~fp!ocO+UTGg3zMRo|&q4Fm^BbkLUUKlf6_j1dn1dQI_qr
zAt<{Kkkg%>WDHbA?{6^?xu?RV|NaORv`d%udr~$FqKX7{F<UVu8(GX!)7}D+i&J9G
z%Y6N>{rmGb-#esLKvH%BmhJTyRI=V<B2}Y^Y-V#~&~z#TTX%=*y57I9+`nHAG@TOQ
zu(l)|rqAESgHFgDmjSehe`IuB`+q&vBi6nQ1#-{xqm_{s=co+#>k#!EH^)kw>Bm6(
z`+xfk#7uo{YdEznVLg554&LQGIt^lk^<A9JUVIMt$KGE4lduIXb{3E9m3`QCd1x~*
zz$|9AWj#+F%8kPi``11C_X>a*q)Boq25mK**sRZJ%2p_|Xgylajw(ptG=2~G<(*t3
zxWWHgOw^?r7kJ)3eG80AeAwnWn$I5<58A*w-SOPl@cyyEm;a=BivheJsen-H5Uj|(
zZl*Ydn+907?Y9t!WI^}W9tq*q{B1<WqA7a$4F?!=T4>b&ye2hmfSlJxb#)-U|9_aO
z2;aT9bjxKw{lq!aq7aqnZASogmSrw;SWzTl*X4T~C^q`{`J<u(DK<Trz2-ZOv;5VQ
ztwf|H2Hv1l2BpUT+o!Yy5&+_@JJQnf`%}(iW0tlXFVq3oc<Fk_@k)L9N1*)xvjH9P
z+__>Daf_$^?tKo*%B{f2!wfv4W`C~Lf1T*pqNZ$>On~h7*XNjIdqk=*A*LG!iTn$v
z1pn*pX<9LQ1UZ-{?9YASjIGpnrvFFGdSDYGf7<+YD^bv}=|uaYX$YcT{EzRUL+Y;m
z9Rs3%ScFLW@BXju{QW%?F@o*?TFUQtji5n8hhXp0+`axcGKluI2>uf+z+2G21M?7m
zLNafC|9(HPlpFu!asU6N{D1CL(mpgr-jhZG`<VrpYym1$G;pP*fTV8*6l(#yA3huF
zz@s_{IKLABnX<L}hnLD69i5>FAFzGMf?*YvFbe({UR!+<&=0*F^a&zjPzCm+4=fsr
zpz-S1pm=#%{BCLjh0~-LmJe!w3(&BdsIX4h;~D~<9)JEMBSKM8W#Au3yf`3bQGW`&
z{TiDS<->Ju4#Rm`T+>H{$h2DN9-o^spL_xYfW@ybMJl+=YMhht$LFitoycP7s|1WX
zs*PTr+!jOMvAr)P6d(B?i2hVEZi|>1*9H6)2`<o|m6UEeKbZu1ecJPIx&sDrceEig
z0+S#?#hBtQgzuz$l|;@|xlFqH0CU_2<}-%%ml=3>Rrzi8KlCQ)7{6XpZpY<NE#4Sc
zd!WO!)E%$J-z#D;&S@M)>7vhi<G0V57Hh2TYjmd4`dE9kz-h0Dz|X_k3D1p>6_k*i
z+4EBsastYM8j<t9_-mMn3sXA4KnHBbEam2dPr#ya=L#s^qoAFmdz~MdPTRHMgNpov
z!`L5xA%oyI6Vl#zZu!FcgZRBhp7koL@sb?<`Woor)+TyM_V^{Izf_>WoK1woWQtU2
zuG9KF7!4}QQEks9Vqgc==cf;}*F+%c%MNq;J8X8x$h(vRj^a8Mr`f}~1ZH#1dSH+z
zf1=?mi>n9_9`hz2)JtK2eD)fC${{*LjK&@dZT0yN&>k59+HfX7(KVog$f8S?nrcJ`
zvn%^I2dHHliVc5HPDWvbG|+_HMMXcw(WF7PG<a&4n1(k@m&@-tZw(!!UYx_t*+AEG
zZLB!erf%nnp4ZWm8J&+P&ZX53IQR$N-Mlx{=zZa^^|DiF!#@wqPi4R{za(48m$7Od
zU)o}$fwU<C9I$>9<t#T(rT73x6({<I9AqPd95aHMr0pIzzyJq9)tJ~PUxNh|hf49?
z@%>85=lT;4GJhfPncmllQmYk3EoXZ!u0g_45P!7C$b*)88L=t!MIN)lp2beN8Mfmo
z>F$U3r@zIzPJ>?V8kqY4&Qs#_S_dt3B8|(IWBE1USjz)?E6m@J%WcMOg)*~My=)Sc
z%1*$;$?xRCtol7QGr2&aiP+k)AlxUx2SYeqs6<ud%&{+fWe-&D0^YpzFYh5_zh-uP
zB*c1d2sHUi@g>n|{^E2m+`;)%BEQofLmc9*a=NOofspvEB|DJ%n;M&xFbUSqx)b($
z-r`TVI*%*@wS0SspbFGPs(>|P-4vyf0X^dIl~LRJef5<U7+{3p@XnP-^0bl+j#I{g
z^Db4t9?D;d7|E||4Ke>-l4s`UV2$p9HMUy-gWR?_{pHkiGgUfV9RLDxPcWQuj*97;
zIE||>n5+Sj_2Sap8m(AUBZ=(<uKcF*Ty*{q_l`(#0Y&F=JZg-CTMG>edn>GD$rd4p
zQwywIO!{@M^EVPBX$fh4pZQbSa(mDXkrc)ie-Z+=+u*%&S_$^SCSUFpH^G8X6f`j`
zJj!E#D)$ZdmG70aUV?Kb2ZTuU9U?m{w4nQj7}%KjWQ(^@9j)DFmIma9Yn2&dO&BIx
zOoRYo<3+0|TVE=-+;8P*<nyec9>_CW1l`CvtJO<P+D2>eqw4kE-n8m9__?t{H~HKV
zSkdCSOv8XtbS}|ED#7|tXtMg!FDBNDQW7sz@vW3?lx}ej{|T^z>b?l?M(6;X6Cd87
zMFi!$gwD_qI-#DZnge&PY^~|EZbk@Ij<%ZG?o#k^eKqQp7H#M|d~&!xu9l1JX$|f9
zQlT>ngaqQP!PX`s3SUt>v`8GNRqfuTbrtwshX5{n%$)X1Q-3(aHc2qaMST?j#EFqA
z`%ph}LTOqb(Hv~Y?S>|;R%49#+icn~7Kfn+p;*uqwyyn~?{1>%WDEl%yTT{VZ>y1;
ziTje>@fPZ7G9k!_-z239w`;su!atV7#d)J-BwK|M0s@V7Wu9BCN#at(>UO3Q_Nb!r
z`ZWjl0D7@hCM<T6LuDn=R3~ea=qXEGor!|9#V$HSrx;dRfzR+pwys-_3Vd8no4#XY
z9UYQ=LS@g3J|Jlb%uZ{Anc<}h(6GJUQ7)%7#1;<8KpMx?tt;;O*!Q`}Sz2HmYk#Eo
zxqXFk<@j~b#=zgCqX-p6!<9^V(hJPWP79&D7Axb1<)CotAvy$*{#_i-(Rez5?Oc(V
zpRSgvNLde>X_q6X^&Jx%aF8C>z|I~oMzf6RvG~r4yd}Lrt031nIWS-X%yI(Mn$Jr2
zUwRIqLyFJeAgIxpZh=e@*cwW{qMNRgtxWd35cb}<7uKBnTHxy7EO4v@p{fKPhe;V$
zGaFMCmu`4LXDbV5Uw2x<QZy!f=;e@V8<qQ0kUz?}T7hYNz5Z}U1&p9XwOX|a?GLG3
zrq+V`18qI$absrPs-j+PNWr*}hW-&Xu)wK3vXpKk6#Ze~n_F-!Zs2v~-rTiDi<s+v
zLL-LZb-E)xZQn+z_~MaeA&=E}Rv5bH2p;aGpWml@tJ-u<+_Xvk$3Cc&HGo1nNPu!r
zswr3$SPcC!2|6ltlOGwqb#OW{os4`8oNO=LHF8vC4@&Qpx;5WlltfonYvRsrJ5K;Z
zM-!^`E{|=V^bzB$6$FWr;d&geX7&&;RjB4d&riu_s~**wr|)ph9bDe*G;}MM0-L=R
z%Wn;yJ<0`@Gf;Vuyn=_8s&Am#Ge!)++xAYSsoW$b-r_w62-8whlvH8Ws??t{UT&?k
zQdICo7K<k07$~X=BL|z(`=HI+c6LJ-gw4gdoiut1^FuIE0I<8WI&d?KJKJ0(DVbJ6
zb-VrBm6)fj@gsRKa~K%g(~_#6gj3~%Jf300SVfNZh>ma-Zu;}b7w}AW36|reg4O{n
z-`%j%LVYYT3nU+OJnf6-*(P+6qG3j>aP|Pnt*4wiUtdpYB!}d~iQV%n$$5<MPLb6o
zn09gVY6wYKIa{(hRvNFb3?}5#`Cp;c3(TXMF%=RsL)j|(t>oRnr62dk313kh#dqko
z>s~kh+JJEwDDXa(so1X_(s8<grd7y24KbQ-jE(3_U_2B!yQ9_Eu$8OI)O{j}c~vx}
zaQqyYC|@fzi*!i!y@n|uuV{vq#^@V!9RlNqZp77L6W`|({P|{3ci&AtuS#(^X9;(O
zC=rZgnbQ=#Uh+~aJpZh6!alQ(1Wf4*?pL;(@5+4Kzwbe#@7L5@jmymXtzYpZQ1*OH
z_8y_!TfTYl^(R+~Wj`_Kuq;%sk4W9tTimD_2D7BEk}B9nK%lG+eZABM<l@*joko<l
zrmB;yhY2VUDPXKp()NcgNb7XWc0YgEFLj^1CEh&;Hrt!^&K3qCaK`d))zoM=N$m^@
z_SH*GYL<vHu%thJ?7VyeV1zw*i(li^Ly=j?y6`?&`U&Gb`pamkdE|ZWG3~k#I#KPA
zIhcDLp9}#Knag`-oznR{KuiY#^d}6h1HGtk++w;^>*flO9oL7lZ8{?6>aaqiIzdd9
zVJIdGr-s~ZV*ycDg2D$Q7gG`vfgHoOFs5)hxS|=S8*iXoRyD7a$0dAC^xq-r2!r4&
zAW4(`3+cx4ZuEi?nGcLg)^cTp|MCLB9Ku}A{G67b9>NR0iGjo-h_;f%+p`KdqUp;_
zl^4i2a7MhxiefaR=vKJ<pid{L_xZjOtI*Bk%d+e1TOaps7!cpy<c}IH6!!%`z>%aw
z6mJ2J-G%LL)s_UX{?~>*D2kEIxExuMK}7oDAfwE;EDvBwYWct!JDPN<P|-bbPk}ot
z$Dpy{2DNb4mUi8PtKx74tIBx+*z7Ye=f!WurqM=ZU8a$)HsNmuK;u;jaRZgMw!O1P
zEg(v{pjli4W<HW8AX+8A3hE{LqO)wt7UT#(@wht2#PtOIr79dCnRbn1whg<=ljsEA
z@P7S)-y<buw-7?^6*J>i&w*cj1k9=ol(0;Z`#Lg!^0t7A*I(fw_-z2_?r=OzU)P&|
z;52jXXwR~pdlYescXvL09Z7tJ`6L+U{GQrQ!snVS2b(HjzBvg>2NaZd4WJ-JhE`ug
z>nEZ?1jVwBf>I+H4NMRYY*x;0d7PbC7OHih9{te`nlhVqJx?6RrK$N1l7X=RAlQ4*
z^8LRp^L>Crh?Kk;Cx6eUsTvJ*YSchOE2%~ZKxkGii>eRym6YP^gO=)bEPKeR`yh7|
z%q^3VaOeyD;J>t-&EXOv-`KW&!b&R#52h`Gx)m-eKwNcxyv_}VN}NEmmb%R9Q_quL
zyWglpXLrUsYu2&cUBdQR<kt`X7~S^{fPVRalD!ZMZHGm)kGQcn40eyu1?|s}Q3}OM
za$#~oqy9I*jB6kDy|}`kGU733WEQi>Pv0;={eXMW8Xz72ra(*5O&Pn(J@#(G<M@n$
z1tmJ(;p9VqDg6V4aLr<rJQ5Tv#jjYLsc<2eE#`T}rt&wruiB#~ieC6%&cV1C!CSDt
z`h&#?2{9bM^Kn7-qng13Bex{Jm#GWbAJhPaAD99IjZ3hpE3KU75k|aXa)Fzm%jMM3
z<-F6&8&S_`BU(Ykn4h9lLC}~8X%MogRGEOe+o7rZj0?L#9F{{&3_Q!@NtlSHf+&7#
zX+F1o`30S`j!cu=y>6C&O1WjS%q>P!?Q^!V4@NoGK;L&14CUo{pC2)*1@(xC_;<v1
zr;p?ZufyD#b6j_DRrb%P@O+W%AlPPRQCh=AnXxX-DLn+_ym3sa?cE8P&6L#`SIIgB
z*Ab{?+g4Lq?pxK;g~0xhLJ+q@OIX(Q2AkLsxTG_oRSUWPq{ks-!_Qo%)z}e_>}b%i
z(w>65X6%&+I43GPkL}Fm+^C>*e$AGET6-KpsU!2l#XxH0ufy3B%6gKuf>@5^_*+aV
z<Z>UB1BBdS=IZw9U|ensPo_EDoi*cad2I`Nj63*N&QIH@YhH}7=1(+=<XPf3Y;Z!<
zQ{VdCO)ey7wHj5#$GLsrcCjfPzBb6FgFG6^*DiCfyg?zdb&I=DuL!P9!jiEr|3Nv3
zf`3tgS$V->d+M&NP8dZ$W&*F}!NI0>g-hWeqoorrspIkR=U1}BEUGeEoF+*Af@iQ7
z`=>{0JR0oftlFxhF|64hTBUFI>-d=L(bd6k&By_xT6kt)f&dI;tIp$vMbZ#v_yh=n
z%G{x+N9V+Z#B54poTDIhkJA`?@BLho^YWrS<(X5^K@WBAHThY4c1|x3qh{DoK7L%^
z2oQ_n_ZPr#?!c1z0ZbvI-y`o012zs4_uw<dr7?73EJm#AR4XlrN@f_2>ruLJOhi*O
zr@kN6q!!}S2bTTaiSizHiH7(9;d&OeftKMMe$)u}V8^~vP^mmN9OtY*-|I!4?bF7<
z;p^><wS?k+ZuWeuwzo8hc#EGz6BOHkQPY!@%j<O{1tyvML1W@$!=pQ%HMfhFw1G%r
zZ?b!9{Z}21-nrq^j~nOEstSco#)R=w`-M=DgMu=}8Hx13(f21mT#%r_$GAZybg9bo
zi`aR1Z<gnL67eQGc&n3H4je||`_-Q9QDl=@kvO0WXoWTR7Tq}#I4PZ}1v6%5y>gin
zcrniqTLsU=TGmF?oGbO-(cMLkm2V}A7|d=>kT@o@x<YfDt@l|C^gnUFdN;;Z_7jnB
z(yjW~{Q!Q_>>I>*S#s(f^h*l>E?y2=xJy8H*}2~Sju1=v$LBz*fua{JiJydS&+_ws
zFI8SCGB8-*0Pc|4#vGVuh2q*&Of3x<i^hTu?6jC7uq1VwyvB;C1q#@oiw_o7(M?n?
z96w?wwCOWyftEp?@N=}dw4OzL7whehW*qk3c{$EA@VVjzAn3l#YX1*YUl~?aw6!Y;
zDBUT7fCv)OD6vTiLAqOM0YSREq>=9K4(V=??(UX`P1l{<bIx<WKe%}W)?72k7;ns|
zll_PqaX_`;J%<@`++AqoX;~Q(hkTn5e;@re(#%jsA|>5cS7^PvzLJ!KT*&PevYpU;
zY4ey70HOhVTM6LUxMnusELcGV3X&plWE7aSIMyFWbho9(p@==yeQkDgYYw1O`jg3F
z%ANgh@$PDXVQ}Sl7Y!3oM1*PW0gSg7Nnaw{fJ2?(#Pp8r7XDB$jIqhFMFce(s6+GD
zbBB{g+tz!k9EQoz)teXcZ`Vwy-!;lAFtupL;?sshk9dW>1Z>TP@K4diHLDz4v}i`I
zgz8#qo@9Y2zrIwSI`=_p3ys)j4f>67sYzoP2+D`6&86yHlD!bm&4UQ)KZs$p)Swx-
z<PIf`mVvx&XDqv~#L@O-?Z#rVpn_T*R{DW-X!V4CJM}{!ieOV&B;)Bb!D?D8ikGNA
zr=Kx0o?iU16HcbtsLHm`ZNe7kH(i)p<o5T8@7hrL$=fgIg>&xb(Ln!{3-FDu?N>V-
z@Yq<rfIh?)RNr0bp6eu)BCuGK0O4PVoK$PJUF+2H#Ms^gv9l032=L%x>4^j36|lvD
zm5`$Q;uT()H)6j*h`^`6Ab{55IwnF`H!Aws(?mnEh$-6q5LU<haeQVVl=x898Qbkf
z$Am3T>#awVDaFSErDW!=O2<kR!yHN4_1p7a>_v9dn3(<9NE_!w0|WPk*nqmrgNDV1
zNz>JKeUTFX>Egm>r2?OOwC$sX{5RvdG>bV>Cu>8e#k^|rHND2QM|j&JGAj|6OXJ-g
z{xFvqSb=A>0b4~B02V_$Jdu@Ks`T;X&fguw+zYFcxyB(E++tx^;{QL4P{pnVM89+J
zc6%oY9Ld!0*%5@$g$&K-b3%38lNEht&SGz1ejHok^Gq!hLoE+h+6iAwMhBM4g*#MA
zr#3}`xEtiP5_oFZ_Ih+ssdr9(W8}zOn0EV|?@hWs++~^DFev>|GmoaXHr!tJy+MO`
zr!)Wupx&EvThG`h!AG@F>f_GSO_D~Jy2ILa448~_*Yr4;z_SvZevK%=-~+@dt6Bi+
z$$P%>Ct4DSxTnIBxw$m-$FZJs?984_>-+^F)7Ih4>WbqKJPOC_=jVVl>N8U%{4%xl
zq4Bz(=`X9j`B*G@zOt0C$)rR<9q!)`E-%UVuNcb8vu!SVCPgO-bDN{-pY8vN;eVVM
ztTg1(XwTgsCgX9GH^m?w(OY(BLVcn&SY73wVL1469)XnTS!WWgCRDH%^%fQu0*n#Q
z`aV<md6pkI_f2T6F%i~;!7}4Z!EO5ZsssUu0u-t&mbI%;@kSyrUal1!*>E}m6&i)V
zbkc|xNbvs7YURGGUxAluIsKEhIN#2=@gi?3RPxo#t4>>&+OC{M`zL2;!TXQSZV-7H
z+L;rz-m%MuBlfA{i@wI{?~_*<LGX56)jlmCO>L_BDm+$xSQQ0!Z#xzX+eCP~pHFer
z(}sS3Q?Iu#{ht&uz30yg*6|wvTQ~z~;vFnVK?KoZtpMO%0YLAAnpCtWhsnpg8%<_D
zL?LviMntq<&yk-yJ-E8d<3JHKuDI2QN9;~2W_dXad#(E~uI>)grhj1(-E?3M6_p+?
zHkbkh)vwyu(*ofApF6GnwH#FgDJKZel(gT43f$n;f;s}M_`3@NPN@XfUwqU=RSi!B
z!!9o=$c&&_1|#EnKfdN(sGL!XM6H^w$~BK;F~b#F*n&_rAB0;sAQKl9e6<Jwq5qVv
zkKclK=?CwEjeiC5B$(S2{$PsMJhy%5PF0=iKQ)`fyTyvp+#X_x1^f4c`FBn1Ync4h
zY)*#N=EeO%_^30v;@}4;$C=(6r%76GQm!D=rn+I$aynL2lS2w%yQ^+j;4Y!puUtv6
zG1y$s5VON;gOk941>l1j@Bjys1H3I8>v-0Lg+|AZrGs5-8i4;x(?p<Gt^NT*$RO@C
z(}t&4eK1U}UGXvcbZZj7D=^<`sZqN|*WTS5aPXy*xiWiV7{|xyRo)~Y)=AZuz8^m$
zn<~XruU4!B*`b09{sf=n&F?8P-ktr7jpjiYPzvU#mZMV2YISybG{EXw(tx|P=QN)H
zxdHGX7^Ynckfg$L21}{@^79Th{5M!4p?tbP=!t+|dr&<Oozk$_o%BPuwf99q=9cio
z4;9E094<PTpZvNtU{lj{Q`2C#Tfo#TPGZlj5#Le`lAYSQNiSr7(AY*q);8!{ocY2d
zKD*Bl02t7;+{dt2b0eaf=#J;mxpOk0Y-?>Kb>b5N{iQVAF-$NC)Vqdj7*W3{Rzy6~
z{HH+>s0mx<s36~y^8^JQQ;>#EYzO3-=xQ=VrETXOKz|$m0=3Olc8B5O-?+BU=dSLL
z#TwfKqp>ZIDeQLiCJ)9{CfY{3MYrpii+uJaU@u)KweSthtuo0b5DB_*wS>t7x<{lc
z4XGD9-YpagAwo2AL#_FT4Jn3`Uh>%VEYwvnPH7EVzma7g9<g?@E0)fd;9_$=1(S?u
znKYPE7rulW0y8b+u1Q{_w0ru_M*s~ZEuF_5>88)KD!_uL^S0(ez)@QP5gBYZs6-tK
zXgC~m4B%DmCa4f#77RNW`@Pi)*K{*3<8&6Q6LGluo&Mm9kXJa*uALCA;Ll`&fh(_r
zux+%LDz&36CQ2X_mWgN65BL3ASz}>uN334u?mm{y1H#Mc1a@R1FCSJujb;wBNjeB9
zjaE>wGs=IQ%DwSLd8@KD!0oyf?8amD(ZXUO@0aP+PV33~ryiBTSec_5<Max1HcKy8
zKL8CV#&TIl_=<M?ofv(pR6t9G81L;`Jl17Nz-pMnELeSa1n`DGpf*}h^xpepD_Fn|
zn4l02CQnBLNZPP*Re^aL$aP_<=bpc5X~>LioviNj+GiB$p*y30Cpq#A2lX|+Ir|}`
zYgUR~pE{)j+L^7H5V8<2;AP+F_Bfeen^Q<Xb_E&q%L;wtY}f)3+C;N{pGU4QH=jj+
z9{keAKHO9(O9;ts4mkZ0TLDGsLh|-_vhci2V`PKz4z-$}G<F7_gYQNh<hSGY%dWWq
zyLfZ)h4>}BIc!Q{Jb(3HOct9kj{RGNdCR>W3X7N~C(An`5S^v_GLFBEV$@*$`4RXK
zq!AQBA1*YcW*fP72v_3gs?NVe)Ahl#=+O8BhN10#63_N<>?AfywOa3);=$ZswdOmn
zdlb$cOGk&Py|2hBWik}5FSqG>c`esI+8)etxT2?w=9t1ZiTf*JUidzQxX}(&*xrQe
zuwUN8ZnGl`(FP86w_bi84X}_GA4(<<oHm^DyCQZ3!)9kMHinBd^JAw=r09nB4~kh+
zvCseJgMCHNm$zhO%TKK`BF5Emi0<_K;_&{~!pLqgkK7$PPs7uq><KU3JKiXcU8<4c
zj{}`KZ)990nXWBAq*Dpa&bYIUd<{EnheE$UeTFdsC^6w+3k5iMR-)LT0QPfQusw(W
zd<u3mRk-O;jnenuGUoeZ&@b3SC28OR1&csc^}|RbkX|s!3B_&=9h?zffnwN9;a3i^
zYErHYOil|slT(KIhUt7)J!Rz=x!(hD>T~oz;X~t2@OG+Dj6}os5~gy$1Nk5b0Br+B
zH9}sgjBeH=q88Y-c~z(jRtqave~x#tqXwc06T}eJCiVMRhEMf52hHc&{V@d*?=8|O
z&dzNpnNPM;ZF?FW_Zy?7Q|u|xtO1)9gm)@|rV_x<rG37Y2<vAsSeW{xbtv%9#ZCT0
zA<B*~*4R7M?PC5%4HtMdiP*eUEmh3-sQEu~(%;K%zvn)5Wk8YuqT=CeYhbxYuko|3
zY0nJ-lK$tG&#gBcWT)%PJkJ!16J(BBmW2%Zx1>kWrBir|sU<IVyfHaVcgG;=jaSQy
ztN>lg0KNu!j%OJr%gsLExTz7EHEJzs(Cu<_z1bxgOso;6S2>*iMfLb$x<sQU4S=ep
z7YC9Ba+&QQF~9U@O7Z4#x$+@kn90spcyBsc@Kn8ASEu5E(^yvZC3lpfFN$Lnh4&?+
zDu6LD0gTB|tbX1iMdc;3KbqO7?U1f5pGqUMl&4`H|8im%c-W}SR@6;Y7|3Z^OML?H
zFGt=P&h9I(l#fmc!HB@jBu_p&5CB%0O4C}~`)D8kL%(=ch4|l0HV^c$DJU1`yE-5G
z3#h_3Ih~JzGM+6!reL-OCSVMDrzv)j;|I2pft+<H=@%g7)Eu_B|B7Lpe^C}$vuKy^
zhtc%;@p{<TEv#x!{pz$6cX_XJxEiUk#P<_Zv#Jizq@BKa{gU5Jg52$@5DD`^kYEDA
z#C}0eS%yzd(ic_d$58q=d}ytGr&s-G<_qq1X&K-u0fBt)4itz&1Z?=6gZY}h%b{c?
z2ImXf<&ge=x|LTyN?NNk#m-avB9(w{Xf}d~1pegJm-G#o=Lskf(pql~4Dny?j*9`8
zB{_hQdy&8k%E*2ee2JG2)C+N!%gb5LhiZ9GpM^fNwcw$Z{eXRFD;ZTQOC>s?;EzG*
zjP4BVX7b^l#+YpMRta8CVwg=9#A!Qbd%mlCtx|EO3%o)wI82p4S~N|5775BpU6z5t
zq`q9hJL(R3=H?V|arR`VOa8=jv8n#6H$Km*Z(YTui838~4GfLIGhRxZ-&zYJ0Bfmu
zUSMh{&J6*@W0*M)5*kq&_?J${V|EP2Ku&em2A&~~XLbdWv0QT%o5SHeD!I~vQb{w4
zoBgQ``V86ARU;j2QRUQMI{ZtgIxv~g>q_m~n=X|n%D&o0Fk%Kp1EJ9SuR?l2BvV(`
zO%O(d4eeZ4$Q*v&ndjjOe-7$LJDpngyLYenT?0qcNB&c`{D6P84gF>Sjt-a*Svu(h
zc5Y_c{I1*=;4oOAQBwk>Z7XQYUWqV^o5y)TH#k3B)ButY%cbuYU<9o!q<|3z#5puy
zqvl%rfK;Xb*Sd?^L3|2?zSnSC|4)=4jdaq~&AIyrivC24hX^w)Og_~vHG*hr$?h!o
z7S~(3MW;Q|!T8Gcq&>S`t9*rZ8tW~zij{8o92Pw{FiZC${$9*{3WF#M%kau65VJj$
zRu2ut&rg)EPxpmZ)_;7wx4_r3RkFl?mo%8)WxYT1$q0GQdbn7kT7RIM^Se5Im9ZRq
zz7C)WuC&E+U1H=qPVK1GmL(TSha2&@-UM@+eaL!7u2}^Ba!uC3VFSJK)v?o`gmd?p
zRVbDA5U4cA(unY5|9lFUsBXp|o^-gBTpYT-;y5Y-qn2SKnyJ*Ht#@;^kf!pva%21V
z#^I>8S}TVct&Epw@c_oX7Jz~I!~ieKib)joR2bh4SfrP>^11Mgi4|Xf9hI#UbTs?Z
z*M0yoq=oUDX9JGI8?EiC>8ZVvhAo<g!@bh?wlOr0^lN5qJsK9@!ECdR90EQ?j~^uC
zPq!ay#LF3H>o1pl6WDj%1tal)xSdZT@x}6}wQWBmyOPFzQzTP=7)}ujm<lAH?!|-B
zdM4wq&+H36MecrbH672XW!r*57Kb7MtMp*L{0ogb6Fv5x1+y(S^k_`)GW{zW!XqaE
ztv?&d?Xjny057r&P)`DIJ00wvfZ`xcy;pDQCv&ks3*)4~BqCf>93B4Pon^SQ0aWU=
zJAcVz^d_Vba${_ZPNFy--?d&iE3MMx%p}2C*<<n-dZ01OwK<ZGE8VNd^R;dcV7Ru^
zTAOzSs(cQ|wKq_;4Ifehhl!$i9mg|6DQ=_dQ&*Gu3(13p>sV_wjdvGI&WuXg651_!
z)y}|W%Jpbqt(+g9ZsVfChMvO^TFbpp42>J@{dI2JhS+w*OHlWo?!5HlNaW4d0=B0Q
zJ}A)6i1oJuq{*`uR#`9X5iwdsFe8{-v|m2hZ`~}MMKj@f2dM5QfENt&s>zL!S!#TI
zkk__0Geb)1cfM=*yfY9#^C-ZaEjYZ?<i59+XtbMXQO%=Q9nUqMtFw#1;F-X9ZnFGP
znANdRLtI0xJ+1Q?GF5bK@2GQs;|m?)VN5dk^7dP`evxGC<KR{Km)&@yzaJ!9<;TW!
zMZ<i}w)Ehl7{#nPEcz$qS*um~W7BA+QnBuZUxmUlw4JY`O0e1J2`hSEt#*%&0J3B3
z#C)Cg<306F7~s-?17MiA%cAA}&F%V<rl&NsFwAZNFibZ|B}Q<A;~w>Z(8d9Ylu?7g
z7Cs&x@j;7jv$R;-wKYFl&(^R=%Tk0zDrG_Q`qW?&Kn?O8eyMMg$@10c4%e%KT24e2
zW;u`EeqSZfvm>u8!~~d}&~75)SA|^dlKyw}Sbx4*x-tmLX!7%MhY6U0w6AmOEbToE
zCUt`KeW?uJdC&LsLEw^<bli<URV$Pnb>RoJLSCz><iJux<Hu^Deah-j;0EDZ9d>)}
zg{-;|L<~r*z(iIvnJ1PjH^{S{VAv9A9Mb{=9A8D^zX!L<)g&Hb27Mo^JGbIN26e5u
zgAZ>B@=V;=un=k3*@8?1(y1R|>~E0t1w#kN%3t+(y|iGnUf?m&$k-mbKbo2WY)+}0
zh+F=K2bhVMfxBuwK5m#g0we$%%5I{l8pf}!FqlYaX@@5He~&UiFhCpF{D*jWfysm%
z7~l>6Ts3?h#g1X2+(0Fz7yww(0(z?<zTBWDW&KbKpCbF~Z8vFws!eE^&B*xgZ`elH
zO1~%x5%z!3O4gV+o#Qm!m<Z1n;a?IAd?s;ca{?rk4YQ|5vug&TVT{qv*PBSdt3z}5
z-HIiI%`3%Y*#rj8v;lAjfxgS~-=Q>$2WEASxvtK9d-D4w2VrvH4b8=24Kz`k2;2l4
zGmlP*@saW`t5sz3zvvIi0I8r}kIvr($Lg)2#Z{Z$dCuKtr@zEGwbQG!wI^kOjPzpm
zo!V4^@?h@evPF7@!DBMlmI-j?IcjP7^nU5eB80}YImRcOeJ7y1M5CJVey-{nhr_Xz
zRN_Sow+cE5-qcKa2+$0q^fuyI+TnYpd~p6^L+GhW09v`3E4&O_h)^mpJZ>qruSIYA
zXi`7)m-BYKM71la+e*m#(F31iTn)UY^MGX)px`aPjMkjbpMT^uo%#&Su9blSZ$!1i
z<v!|sq1fSW7HGxP#b2?ol!>OxcN1BkT3(}H<mZ|cx<3~Di5q<!dp#W9?J7DP#!sf0
zE3IR?SnqCBtj2r}wv>t56L3ieq=z_9REFJ)Oy!yV5nm1&gkUF9=7I16z}vF8G@Q28
zK{Bv|unA(>9VCDUR$#`@{{N_*yub?~C(tdD8TXeltXu;x-4=Z|d(G8QMBWP;j>K)V
z6jCm$5A!*gM9c!pM>IOkE^ZCNBe-?B(E#yvIvo{j`CGr&Ed4i%v6O_PAl<yVE_izL
zV^3HrpnjP`cQPd-hfX+gcm8)&ywu~7fLv;70fXf(x7fFi=IMuIPzTg-^(wlYUsQXA
znq12ieXzn{Dqj%$*LJ5|{%@fAe$SX!e}7S@UZF1&A(JbeofHpoJk<|aK*f2cLb(&*
z?f;Pw`zImDha4Q`|KXG3X5gDnx8}FR$@q$7fQ1jVE>VisJ?+UrXwL1P0Ws}SSqA1z
z#f2sH5<GVMvVa$v?0yJ1E(z@4DCb@2;{b&sSpG*3KzU~?x8v$<6H8_I7bEs_nw*qm
zhg0yAo=}4jfZKBIcg(xROu0<Av4$h_&vr#M)QU?brWEqA?_xn<a{6f+0*>#CBmP6p
zdBZc8i&=t~T&FT)=ZoHCx3Op2M>a7Q;CxUSW2t_<4?wb=`aOyKAFF24;rjQBfW8Op
z*X(m!Pzm-WxcQ2`$@Y319eF0R`$@mgo*K!w_@NhOJ|oM+`7x#N!$Qo3RAdB~d^kXx
z5{nQdsFo*jJFmg17=8@CL4N!xOqPbo3nM?o7}X`<%U2UaIIU?G*7_*yJA07-PpsW<
zc=7xDJm-caP!@mQIzt#f==N@^*dEJzG&*8v&E&3UzQaz!@<Q~-VvseaK(G(g@XY8+
zreqXBY10a-=KuWxuSPzrw!s%c0@X7kySCxYqxG8wgUZ?0z<Hy=`RFiyJ3VSKo{epJ
z;7!93Svk_njk!R^{a&&LcK%uI-+7c)+ZUXS{#J{h6KqHX1<4_S8zoAAr<<JJuoOQf
zuzNa)OP8d@ZIuo1<7w=~*P)x<zADWHpm>@%Hn~QP{>%fK6PmM4;}2y4cNFHG(dGE#
zKvg(p5BwjiqQuVs;{u2w5<zR%^EH;)e2sxgC@BaIIBfGYYTf}gKaW(zTY9+%ka_GZ
zHoU)q?s|jxm-5?Kmc+o%B)$oFBT-tC((|;Hp<jDJKX<au747C#P@x|`K8f0?)u?&u
zaJ*8rZ;QQgb-m3>tH#<i$)az6FxS5`x%UHa7@rGwq9j?$$4L#fF9WNDMNg=cT!X|B
z&-F|S4gnEAP#$i8IL&|RJEKlmgYOTPo$^g2YaP(|pGt5@5EsFJFY*Nun)bw-43gw^
zHvI~YET4fJjtrhp5kpJn0JsOI9kcxD(~|+R;xH$<o&rQC$~FQl94ky=|CHA5km)r|
z{X%6&W*3K70IR;`^YL2>Q~pkugUol&&T(_e<ipeg6<+H+(bIh9*jc3Qs@9sq{}}uk
zjZC9Zho1)toi5nJ<M&l7iPT~;qLVS)RAUN|Ks_taHLM$|y)f?FCWaE7OgIb{c}U}b
z8Oa>?UNtC(FM2}1VhD!9vhr!o%sZtKkjE9j?PH~8ebbsL!es+_JD4WcG%kw^6)&Xp
zz`?Q7+1Q_LxI}tBCOecgk&l~cEJyD0;Al9JzmDqeexw>nr*Rlzb>ia->GnfcDL0*V
z|KN64(&r2)7dCmSEVw3<f8MlL;k*uyJqp-L3sjGqh?9s>NJ*s<qr@d0can^j2$P6r
z1!T$n<MZ=C?4%F4&_;K1&%Q{ROpE2rH+^|GQ>UBJC$mQRlMM{qRh?;Kxz9TKbrFN}
zK&Mlskd(&be?bJ*3k46su)XB`g_pkwF*g^}-)yd=zwSRA0rRTk?HQRGoFjPUU%9xK
zy5NV2VV@~*?7xD~U^GWG!DuE(7BwK#&RT(bBsK{N-PBaQt?6pl`u^+wP`p6FFsjL|
zI#oDV`qnhD<?W6_Jw&u@@O<HygiJC2o*%0Op5ISaJQ*TK&4@CYp~)My=l3M6!Qmth
zwLPt;=@4=hga1<sHf{L9Lj^d%jL&;R{Q}k;(1bE!@IQ7xjmpvi5gRMqpJWqQRA<)c
z_lHJA35I1xZ8@sK-NPRKXw*rskBF8D9^OHU&lL5ahbx1JOOls<vqo@u4wcQ6W!!yS
z)VmzD2P#G_nUu>x6xCZtW=UQmL4#$qg{)N5Cu^geo$h?><!qT2BdtaqlJ-=v6*&6!
zOj+$;kCelsIoY^;pko{)Jq6kn#AVmZWQmv%Q$N8l%i&O!A(Xu0C(h8kV%m8<#06E*
zc5|1jMqBVAUl47wK-*rv^h1(l@#h7~Z2Nu}-YI>9k<2y&y~rXDK`;~bM!eSzD&d_J
zL9@wZe5X56%HWGUZr`@1_1F$4QOFD!^@C4GkfUJyGT2J1rt7{3?Rq5&8hN}48*bRB
zd4o1Wf1vy=ZR0&*bw2$#9V-}iV;{;`0WS(03^|$5=|PkoS@8SZym;C;^sV42=CD~a
z%>xBj0HlH1zOEjiXLJGlSJNWW?(nBzSTg+S59L;0ye}i`LjHXkUlEgv!7mu4dfc2T
zaNZU_J_IE)X~#V*WIVcG%ikqFJZ?7F|CJda__|Mmd;@9KN5*-jSE1h<&Jcgaqc@gC
z{>ZP!s@R{vAtCbY{?JE-AQ7}#bI;Ak&kv>dY-g0Jqy)czly%3l*m=0&E8@N!XgB2V
zi7I%#pBb>0)?(S~G<TAN=SoeNd>yZHKe=1fn4Tdz^1=^K_b~GE$%|*CH!<w@Q&+2O
zr}-vNoLL*R1X`b2gIjI^frEp4HKS1WMKIh*=1<hy1Gb%vOk!y5PTOg<DjXtM1ahxP
zFky>e4}4}h9K5<+6}}Vvvc2qHzTF){`{KH@=DC&rpRnIc#J{?Eo{r`8(mwE?${@X#
zN?NFWu^ruz49}#)-_g`l^W*45YQfnG_j30L^Rd}xo$1c?{3D(eo&KNK9+;k~GV<A0
zJWav%Uy&f9kh-0{9IRsCs@^d_{{j$4zxLw(>w{$HVII&2u(4}GIduSizzmxa4za5X
znPNnQB!Rx$!(wVKyYL*cH{<HG3Tbaxv(MR<x*fWTJcJO<7aD?}8gZ_!q`I%H#1G09
z{T_;ZCg_Vo!Q_lft2k}hK?MCEZOUjw$wYR#m0oRkpgsW%`ulg$EO_KHK04f9Frvt~
z`#K=w?3wUmA8D`a*Sr>w8+mH6WHT~3=fG0rK~D!7gD*4b2YJcsfCU&30h}2?2&Vem
z7<(*7%5-uL2%koPA2YacfQSViutclBA}&lugTc^C8qZqbMsUbU=F(HQIfy8htruX7
zdieb&qC7U#5+hQjAReAco4=!t|NUxfJpXaes*cnd6o@LHkpDUBkV*xEGrC<jQ&0D&
zUpQSI6!Hk&t%I~+q6$2~^!Id6Z4ysuNGjQIvinNj{w7Au6F&cVJ2k|nic=enekBn6
zx@DI_)mIr7&lDiZ)&(V+=V)lbh6g|<0_f?9PXuE^1jEqR8osC?L2mdJC6YdS7@6(7
zZA5oxBG4@T?EJfg%%_O24%z~zO+ml%8u6j&7L&l7*nb&w0H0ob2b=sJ6(6sa=9?FS
zv^u`bi%2lXgWcZ)!CfFI@dSo5p6>SnztxlX*(Vs_MDz!=%U8DLhR3EYAJ=Ei*xVh>
zt$9CG<GJ1vbY7iweSa~~1lD@1Az14(4DqJuKars$@7%9932gvhYtFBuy?rF>6K)c>
zE!dS!wVpNDcck^0BXe*t^E05`hmv(Is+4x}Mn8R#E_LqKo5;vLGHF9$mW0n-2ESc`
zsMi*AGK1YHvENSf2`89IoAmqrJ$fVkv<9~~nO^E!rRmeNGhC(W-k>|+kji%9NBaB5
zbh?BB%u-4hddZFeah>cMZ^Ka6g!y@z)tkS3lxBOW?g^9{oI?k>LEft(wZCBt{Kf&K
z%Vuf*uQ2beq)g;2^}(S6qL~t<_5D%Ynyr!rZ^1A(8T*lwb)uIzlmx14kp;#Ikmn+I
z^ndN!8d;SEwo#Iv&xastbg%X<&v!~ZLqhnXIGVw&Q+3M_CKy&etS-^Izqdz^!)zT{
z+6uE>E!Puc@!)lK`D5#st7GZEy`P@MJIqAhwdl&`OM_W8TiFjNvW=(jJ0PHM1z@{7
zp5!*kQ%1qC*x1-7KxVNZ2%P0$b?^};wfrXcN9~OjVjepN+D3YyK6-^op3kyl8RDF7
zLx|=SMVGr+TeG@qT;=>eMyHYX&F-WFN`lgwg=m#R5@SOmyrjK!*G4p?t2%LOAV7y+
z`J)gfrhTNK{Vg~I8mN9Xy|T7Q0e1vtf>gPp$Ersh@%e?#!JLxA#ZLM!n&Dt#1ESNN
zRb~ftbJ!_Y!)3Dfq6z^50$Y4~q`;t@Y7h(qi}Wt`tEDDqAQq+u(kd@dsR(lTc4L6^
zVyDjikq=b0sjMDIxow_flJR0K<_CJUw6q*!6e#3k@IoNP?^t<xNdeou3lukllX>g|
zb<_c;ydAJ%=_Ag7=>r<T2e9<ON&FLNt)4e5kd}gm^q7*(2P?`2y&67guwRX4p!Tb|
z$KT{D%q$f-HBp5ll>M^2i%!Jdf}hgt;FH0}2Y>Oy;N3PEgE!gsUyI>=@Ye)D#k`9!
zWPdPI^ApN?0;v3PexG~Y9A(Q6rKnv$ItoePs7%+Wxg#yfzN2+~O`j$X&aOax>tw;0
zG?-w5l1T=*>Ir^|y}djN16UoU+ufD!cw1W={2u^6E4=QdIs&xx?#|~<fXo{FPODyZ
za9giL7f84|nW(IfD4ZTZuM>Uv@d{i6WT<3gbubw978h80fSBspbcA3S2F7X!&O@yo
zda>P6oA-2SIFrUJznWWoE>^dURK!yW@RABEV}mU$Hrn(_O$5Oc0g)@yf%vlY8k~gl
z*_PE{A$~A2sFVLQDD2_i<e22{mvd>0{p+Z*4n&<Emj8Cb$}#=yDS=^tR{PeVIWDWl
zsHJjQziEEBF)ferMJ4oVv>oU#O7u6EyCUp*t{_d$RSeRUv^wCh%TV9qe2D>gt3tA}
zvPB(leS%wYIWBg7W&XBvC4w5~7Bj{mpH3`Qh@j=;%%}>ad_<<yQ30`uvH%a_Qlm5D
zm*I<*Xx)gA$wIdMQRzcfMz$Txh+{kH{v}>Jl)Td)NDw;IKU=DB&tUt!r|zC5ooSkX
z!FP0G){jv#@0ltePB$f2yM)WcobG_yC#US~Tq@TN5ZLp8`={utrSALm{CVwhs3j0k
zdg_0y!h=G+2cR-%0tEoA`fpnKYzc#i-Od19V{oHXiFOkm8I?sUsHn)b(qLj@?t}6z
zNCiXI7(3H?>S}@o!>rG9XWwcTLhH}lBmHsS*_ZN9T?eh<g9s+4^>ONgFd(6?a{J37
z(}&=G<n7_K9^{NdW&@BlmVvtt&;UDSqiS%l4z}}`Jn-_+e+dICeqU}Fv0MEq1e7G(
ziqt9*eA3@UtI@2Cf$IF~u0pyHqHN1zgMH6)rya+)_R@fxE~2|lDH7PL975+7?~ID=
zV6xQ6m8HY2|MLsxU>g~v!eH_@l{cBxX2|#lYVCJT=E=Q%!YRCZJjFk)(d=PS+IPGi
z{=$G`uo*#~?M-bW49@kEW-1{;FbFh#cWIF;p}x!DG!r2cHy?tX`qt;$vube8uz3>Z
z^p1H72O8dk4u^l5^Q+M^i*@fA1}QT{H2&^w5wJ*?WcJ@+zTBah2g*dOI=3v*Pf>l&
zxj?sf1-$$-qRnG(;+-)^^`_`NM%Tm0`9%SwQs#7S!V(2>N^*Wn4E><;SZa5OH(5nX
zGrZvTj7zh>uBWZCp$;Ced(zG2+pkLh0!zk1#lAs&%l!-R<H{BshLP>nJ58F##(5-f
zX8n>u=awr7kPV@HkORw98czpPLBop-`LArw1E_8METi>e*hsDf?$>ha$q5^qdWThd
z$WFAsSbdcT<5;M=i*c^N?GP-$Fv^4d+gRL<+#&ht(rmqLp+m4xZC-tBO^rRC#@6N%
zc=n?x*nF3W(YW16Glhjd+7{QjVp^>kY`;Vt9zco1OG6kupot=wtVR0IF;Nui4Z3js
zRk~7A4v2AQDvdB{zADQpI7@*9Rz;9(80CWuXz|dvHX&ONf)lVS!0l2n1Xi}~rhX3&
zj*edej!COk|C`oe30!3~t~~&8+7YD7mS&lPGKSO{g>7!-lX6Gf<QC{aCA)B-;!gq#
zT+}!VP(-<WL5%e%0UA3*Jb;NR+yG2mHzFH~w{iXsaUrEd<ChgYiPk>ixJNx%Xgu8<
zomx(fw(<Zolk`<Zpn_~PV?njZ0f-C5<5>YPIU6MpLI7H&(4KPmAr&w^&W2m_=|ME`
z`cnh~K+p)?^T6$LWbe%vu#lq$JMtKMK=*&MR`fIl(%LJaeJKYbdN>aT4RCi*IgquU
z1f_tncVfho8A=l?w+VdK>~e|GEE&6YSg5k|?*s#0`ix|~AWN8|EwkBH{H#5T%l9c_
z#iY_uJmHlmCvLgYztF~(c&DF_?n<u4T<b*pS0W$i?94Fh6{RwG3E0Pv9E2pexH}ZX
z#B@Q@Ek77vY<9+TekXxlLs6I3vw##W1q|G|!5w={LhV_{41a}Fgz;FrxtxL>`#|?S
zEcm5-@WiH($>^j}I%y&Ml^&{I-7|coH?pwx;Z9}W+Ting(1IFD#z1bBY`QEY>p~)T
zv%=@##bxQ2y>bI%*$2}s@r!b=)GgdX_O^~(`|`~h`E<1@n>xjcznW|%wKUm*cB#tf
zVh>Ax6uzi>wdlUcQA68@>qJnZJtXnT>O8C-`{fft0w*qTNtqKDvi39jFAZRf%%%sj
zMLUt4fEt9+YCW7V%rOxlKvz?~2{<Eq=BD7jp>_>%lc;Aut<Gd46>LqxS*IH!uS!It
zXLoq6KeDcRZ_(u7X(k!F`u)oJZp@T0@JeOE1<pz^>{>|PAxCt&K2x^EOsw-#b~$o&
z%G*@6{FbI@_B}45bxeESh2+Y?HOqGFR>lk$+_(C}6<)be9^rzb4D|#HCq4hm+O?E@
zUPD;SR7&F>>O*#7Sv;!(%fg!8IJz)^mC7=8{>s7}Wf=t-SrFWr7+mE*s13aI2>CRZ
z68b@2-Lo0?;R3xI$%Iz49*~fMCWJqOh@uwk+R+~bF_k*GL2VJl8I*s@#^19m`u2~H
z<6>iDQ{n{+bpZJ_qgnj+L%RDTpr{#7<Y5C_3Hp@F^Ybncp}#hhrIJYlkqQ+9!@zGo
zu<V*fz=SV+wD-sOIv3BDM>_L-ox9kkcSAxT?01<(GpRp;l2ajyvv!MXz$bd=wHjBp
zE_UiO6*khH__H4Iy9z$mVbv4{L@jtIc<TuVPsBl!;FoQMBbfqlpBa@T&?C*Lkifzr
z+BS*X-cG;tUx32GsQV<uQlI~2(_6atdQTxS_{GM1o}QkRjetwsTjmwlt>7>P1b!?)
zB{mxfK**N>d1j8*q<Nv(4xy!`6@7u=PdgB7^+Zl@gi6C)iko$3^rLd2=rF{|$AzA1
zb!g3#Cj7ldn(&*NXVBM@Yre?IDnZO_RV3bIRZ)u57@%D0l+r*DOpqD$lV+IHJh(CG
zhw@^Oks-)F495!0<E&06N_BJ`926!Q&2Qvhf#~KrCT7p=<;&GoY#Dyk^=MEf5GX?N
z@fQRCH+y`1{KPfqy;UTi4m=jW&wx8lKq=DI3;4aB7b-i^2G=&H$ML{2{J1$?bctP_
z*zTsrk=0P5_Veb99)0P%;=p~JiIbC)fC^c<QNAB50>5y3D@I9Z8-tpWVd8d&1aKbd
zbc3PFbx(vimmS|ZPSB5&d8-du&UD74ZTDLxk2aj(y_UWzr(Bx1w>UoDeQCzk{Mm;J
z;`qRF&Fx5zZp@-kMam8Sf*q7osxytouuhcmuLnq)MD}<c%hH4p6Kyt!PC+?@N{8O)
z@^zSnQ>vH_mVCA{czKV4)L;G&-p`7E(JATPGX$%&gKept?)Z4sG)uY(YiVi80lM=m
zeNuNM^Z05F9s+{EJP_QPFEze3Oq1V2(0<(pMtCB%8Sx5Srcn;E-PL>RyDLkDu3`_5
zCvb-9HRd5eyz)vAO-Wq4#VsV{#d}>KX=)b*VqKAl9Wsd1%D4<a{*O-u7~N@Nt0J=B
zh`h<7eS$j%mNCgG0j)V>dQOfoe6q(fz<JYy>})fYw}nuc@OSs%tx8wN#^l*}O`;sL
z(JpO+%h_R7@7IcxV<8_c)V9g_Ulj3C6LlUsmWqsHc-j2L0Uwe1nn&6Fk*8i)`p8Ob
zg*#_}nnKUR_=_?g8^$3`K9f17&AF5QILvI634!c(^o$LRITssbq+wI+b-b;w##^qt
zCltk70oO76ag@L5Vrp>I6%V}SuM34S^vjc+^&7hK<ak;66C5Mi=YJSCf77w?L#!ag
zbuQ2@A|7)xVn;7GkTEG5C(z0g8GD(Nwa6n~g0v`O;(Hb)w%Lv@S3IMVux)>HdB~r~
zPg@grSt=TG{E2Rz8YA|${)ZtySkQ{g)phiWc^&{o3cL)Aii%Hk1CB^(9^%<pIAc$I
zQHW_Slilz(!0a88d&LgrgNL7b1-zChqXU1v042=Sl$WM8MMFx(>Kt-?^im`b2KxR*
zf&Q#Jatz5*Pia!PeUHM(M2aJdnHvX%61(T-XO&0J`0idBmXHTJCi44P+7-S>`fdt+
z&*)3XCZ)FcA~BR9(AJSd^7qGKzsT@E^kZkk1S6R?7+g+T4c2hDF}8&G(YmGxMK`V-
zFRxvwI`+*xDYsmMHVcE>>-ytQZ^9Y9m~b14@LR>uJ%l*F=_n|lw}au(TOjbPO$m9E
zshfVYhWbR~BCDJG`=~FkvyApk5KB-Cr{~B15bU_UMSVI6H~B%RuU`_+7t_?QsOoy_
zt2!*{4wf!DWogA7buDOMd+NpdM5C2;i4pZ8f>*qDR}Ah?bRCG#7&KL}i`7NoP0T@=
zI?Wx??fx8Iy=I9qkf8YHc(d$5<-4mds4h5Jl@}#i!ND$5$pem}Ap7&*pRG(hy%g`r
zn^OiBMP<fv8_z!WkFXL(iA-zgj;zP6=hs?NT`bgkmcLX<llavg8V~JYsP-Zwv4ig0
z*(BbuFoo6SN;zCPGc0h!jk}Y-G9`CSeDLYUZwP9(5|nAb3cwr2p3Yzp?pgb5K~`^w
ziWg95(Q&E;>YAA12{Q`#BWEjp--ERmh@EAMgG?pc_e@;2C$BndekurtRrx0DS^ZrT
zL`#@o*!Ye=-fhf}Aluh3R#<)CDFIDgM8Ib?Xg{2*s!HfCK49Hp89H(QeAOQicW!3_
zZUTFHb8!$9`tt1SR8fVK23e^;sIuzHrYYp!$3bq3dfjh9u=7Hl1_|QF$F~;*PGXRf
z++VGhIh?G;ahS$DpU!xiYvHyvluR#FlXdzxCf(p2ZBR)KNc(Qr>uyh}$6TKz-nzL2
z>IX!c^5@T@NeB$j7PjqhHDMe=Leb!g6>BMwY7)FRJ~dgcFBzc4okc%K%~0MNR|jEJ
z;BztO%Lm44G95qU{+6~N6`8KHm{nCPE9eZ5m>IlItsBX`At&Av(*zRxBO*s&4OXi!
zulONfvuB-qaC`szVG(0lw-#OTgJ{0Mnx8ns1g9(M3*zjtjvrnW3kE>WMi@<xiw!3E
zjJ4}xpN~78u2IAsCHbkn@K4P8c5_{GRo#X#uD($uD4kj>G{BG=_K8saEUqhAq>J8U
zqi#HN6|>!%#_bN_>h_Q2XSK-}2;O=5$&!CgF`69i(Keey25jwf4J5C?jYjK#(wU42
zQ$Xs)f)N|Rq*A0R=X2`s=SQM9YW`b7VpTRv99w^AKVWY<)Bm#m7ha>1a;q$geqRLw
zAhnPJx)N4bRPX{gcdwzksys?#z<`5ls#J%`)E-3ExcF^+xBF~r_jQpsAR3X=QIHHm
z9ZD6Ohd6^;Ao}N9!^jI<^?@`5s4PbOLuJCs-MK=0g5zQQ@y{O%?k=cp+m~Oa`#6jh
z(_aK`-7l~gZn|uR|K#q2gIo+@C-x#B&B@T}{bjAX6^(i)JDyWUPTlH#x+_aW)W+JM
z)0x7xQ+K=LckGhRmabg*ksf;gm&W1Er>_ZtX^UCW%M=>*ytGPb+*XEkSO$z%Q?GKv
ziqmM`Xze65UzhtK6G>k=q4Qy0u?E`EFzt7E%t|4K2fvMtN?@ub<DcwoV@qUd5kmak
z7bzw+ZWdHvHIP7Uv!Y9S(~N<$vl^&z1EF~<GhA;wdE7<Ve4|BM8VqKy5B%P=j>uxY
zh8871=7GOpSdjKUP;bI6Cd2;}r)T=`@Bq6rRD8|Ij#yI>|K2=EFzmu;+@S}fsNM$I
zwdIDKL}e%E-iLrK58X+3?#bpw-Tg85g-=meh1U4zRnDz&@pn7r_MtN$t9?`_Vy#ZX
zjd0-TC7<XH#^9`cjo<EFD8X^wO4}Zm6dU=ju7rz6!9;zURgvAN=AFb>?UfQ|qgJnn
z@}~4Jb#*w6q+syDZy|^Cxc7h7*?*X`k@7SM^DY#Q>a!OvjK_SRpRnId*`=&e$Ry<|
ztFSUi?6%sj1*bZ0jVQ>Ql&bU6knm^XxNQr_VmeLBWCc)`3$!8hoE9Z*H!##=2tQ9w
zkFDD5dYZbuTHFMH6)it57><BMZRYnkTwrhKA0Cb+H<qjp>{I1{_lO*Rk)StHlE*CB
zFC~)xG%;!lJ!auq)W)sBo-=!kayKZozQkVcfsb+#Jscz^T_dK<FNdN`c(NMfzDh(<
zh}(KI4w*fUse=q037~)8BnH*Uw9B+0cFlyeVmgK?GS1-<%Nqqv$)K-%HJ{LSj`?A5
zV?Qs;tAn3-n2^NLyQ@dPQ?3jN78-Ta<|jIPA6E4Z6Tz`LpC1Dm_jSd$q=g|o`Kzv0
z(&NwJSTgffBD{4^>rxqDJAOppZu0Aqj_gTr8nV1w0ktTYB#X9kNE-qsi8e940E+k$
zucGpO%j1K0Zf@?X@7EE%E2<6jS}%}){DyQf0vLoO@qJKMO$)|{k^_AfRTX$AUCHjx
z<KfTxFzK7|9p$q`mk1DS;jLo3PPO<cH`?7!qU1;PhDj}vrB?MM?LT*A9N?a8TzeBW
z<Q{)!Z2U;uNZTw1ufR{;s`t5PGfzD$V6rZ1hV9vF@Y?3fPif;SZ8TXwI%*G*Y(UF_
zylcE`%4c>=l;KQp_O-{rP;ob2*RqPt7wZs`ycCYY0l5XKP|((myp20PP4&fVqgO_V
z5h}wpsafr*?wmgU&oaMp)mxG)xBh}fu^_}!SwCtauMd8Yx!aT0^Q-3Pwl3J&L9Sb^
zqUWYcG<UEVG)JwWr<#a3Cr#jOt09Q#s31G0eIv`nadu21q06hUEvdk|#UxQ9?62<q
zi>0dcs;xvcl+1ZMoF00nB7+c~;nNbeytQ>-IO-?Qy8cPaUF>1MYabp`-bUyQ7f7uc
zzhL|F5B{A{30g+#|3){b9~RJ#&%KhpieVhYPBWVE;+%1CpxBCL3afsQ6YeupqrVI(
z0a=CK0tzy8f2rvO^l<@N_{4FPoX;hW{>Sd+PX`0@5)Z|1FroAZ;F{E*w_2U%e>R$D
z?a!r_$qiBmIkBF&qF`j?w$}BY(E|Qtx&Ltia-6X0r)wC|M2e$lQJmf_^9FfZH?vaf
z=De-}QHe--V{~W4fOYQ1pS!o+w(0@<#HR@{rt$AZK20(@Z_8#RM?JaOpTwQ9u_@1=
z!=0@dpvpvW=tYFEr&cw$93%#?NH%kRXRIcLNLWqw&PF<tQ}1Q5ST%*wnwj1lJ?(VU
z`!kxkk#z9#tflI{{7e6b;CJeHPvPPBIeOLyL3*zjya%#HqV11`Sty#o7)02?;e%)>
zgO{K;$_t~DMtSAdE_@=6zps%n`QSid4|w7Z97k6Vgn<n#NJqQ4rYBA8r7tlwFH`Tc
zax=sMi~s(d@P<7;FemkL#IAy<s2>gjbppp6oOH^v|FuT9C~_Ywlg4*qc|CL}DSr*B
z_jVO?v|$ZCG>^r<Nl2&87DKR-WIgrq0WYWdLD%P4JtBdWmXgpoT*^96@UeQJTsTDx
zH^$YQKlIK7%wOe2N{bXhMkA^!6>bIhKT_=09n1@k4q6-Jf3`IczBRJ7Ql<FsP#MWw
zltga*D(o+}<{91IzA0B;thh{y4$l3!9;xi&e|UYio;z0U+w(SlIJp~S*WKUPz!$Dh
zg_;%m$m+k1DIWUDdQ^>i3T?FzU-t_0Xf`^qB)qpclutAmdHU*8`<1c$I~pW*41tu-
zqmqa969M!K1J^IYSPTuGEAKb_RIyl2ECR<QZC)2M66Eg=QDn3zkKLE^Y{?8=+342p
ze~Up9+(|>(n`k7oJxP1=Nr`1ZJz@c*&Y4<+p2wfp5WRT$OLk39kuq2m2TeXUh=~7U
zh%WnzY<0)F_0%zUW9XDPrNzYyggkm%-CyN!PUg79%$&2XnHH~J^b8;1WmnK6a(+D5
z9sIoK{GXuXP5X3~VLbB;X<)eMI(G>c3B>hUJc=RLh0n?pX|VjD6GiTgrb(7sX}3c7
zBn{yqf1NKi&l|nb>HxWFgXTBfvA!BKalBvh^fFPjMytD@TsauE7rtjIyYEE#taaA(
zmIj+TiER99{9D1=B*<)ow0f+j)()xY!yH+I@Km6y0!E(sc~6>+Cy96x^V?3YgB$Ga
zM|6?=yGiUF9XK@?E787e{eG?3dHdUd=pFtBWRjcfuS)pyINJTm9a^_6V0`+XAt1bB
zXII3Vr&Y`gXCXM)D!c>NfQ$g+wsfJM(Cg!VCW8+~VTsGgOU>4JX-T{~?ygTNjZ*PZ
z0eL3%<b0aEsVcdW?%c@Md4#P+3^7;@-wX9US*GF=G;X8>L1J4HNR^SQ9gg?ELzC?h
z{D&4r4?iyvjnF>%o_m1J19H`&w*M~tD76-{XBLa?`+T<_BXo_}odt&9>x4cPBslxn
z3F7CD6-UNm<(Z0VepCDg28i$g+%v)SaMauVl#V&|o$c<UXIo#OYtj{A8M*?lXvTcF
z`He20^%y+;p&$8{1%h|WNY%zSBhcB68I-I^n78Q_mZ-RbDt%-yQx>{+x{?LAsdCTF
zKWiH<C*W-L%|?>!MWH$wV=4}Q-|?DKwx&@#WYHth2{viz+<HA>^_%rbm@AoEn!$gJ
zn02L<uzFLl!uFm09;mt#(U?0eV+q<)*Aa`ro$h~|EQo%-o`Eo^*F(@jsB=YPaNQ`a
z+<J^6Yg_zq9~RKrk5_UI)c5sCG+{R4=9o^DoHp&N)-|I>=C6BuBf4=r5(x$8=^o5=
zDx#OT2bRhF(j}!=Ztl0?eWc8E;Hl4Y#2UFPJ72<ja+v48D?_tCc6}|9MwRE(>+1L@
zI0pgRsrWr`>hbj4dO-C(R==HeWqoo2wK_^E*hmuswkxyyLr#)aP{Us4%S~puvAqzz
zeWJslV-RfKg7*oBy3#o`?)RH8GP+V}GG-=iNXWT(uVn6#$|J5bv&H*Eowk)a#vgyz
z+GxWP{VQhS*>|>Qr`G#FVvw1dQd$srv6@~EvpPzu(MwAAWzm%W{dVeAUd?qXV4_uA
z`ov*_n2LkTSza%>`fmlu?sJO%;?wU_xH`R$4~$4vWGjWH_4OYt^E{?KtSt2YqC|Yh
zdB5YE-KTGE2v{&I7)jvEP~RNgTccrMElh>Ou22X<sd}4hAI~t$uqYMtCy39F@9xf)
zXDT*z%GD(r??4fwPEneyU+>FECB^BB&ArPMz2k^=)w1=*=bI*)oHR%r$XH|yhcmq$
z-zEaFiWbO;3np`{$b!wZ@zlngP`Cg~$C(~{Da_607<N26UR&hZe>`~`@kaVz01}Jp
zw9`@HUi~EMwkVV~;P4>+P4{`T<0Z*6X$!n1mUQwj&!|mHlrr!o+|_X}$(P$(>jr<^
z=;|YSf=oJHEjuL#a}@!t{Q(_&Rowq^iLO21t`aFtDBa0evpg|weu+yLH*u@wdWG)7
z=OGmLYlG$L&0AdYaGSJ+kMeQh92y9s1ZHIPQ!*YRbWF>QR!rgc0gM9P`{N1k?(Efl
zLJqj9q>bf2$T&v5mBm#G;>4%0xHsYmz=wvv91FSly*lEuO7YQ@s&+lK3JYcX9aH-R
ztz&gn`xDE9Pa(E*1*n6LfY)KhRgLFAWY!%|--Ccg6=H4lmR9H~J-#{Co~zQC@8#(^
zTh#p&Y9G$))-$_<3HF1FYLEr3!-}rmTwT=?bWMCtP-9-VJ5`(hq*+`JQ$yi+R^nqo
z=vv)NBwbnx_|VvYB{s<OBMlxe=KSj9g=W(YTCNO#tLM`iaNiWi-Q}`%If{ja1sdrG
zEMWTH^i*XtDW3@H@&xkwaj)j6++|rLSeuymk4OqV?tHYs+xMuO+%^}SHv>GByvfgP
z(9K9aayG3fE!(ehH2$QCEfNAq*7p4O?>DYLxL6{!7OIpIiYwtm71G4F9oo-08zb+q
z1bT{xYT00W<}B<BS69`a?cr3Q_a#=X{Xqe|YD#PC&(2^a3RzF!q?QS626lj5A}@sM
zC81^$_?4%Sv9Gu*JCOG{Hu_SDq#X%}8Q%@uJ2UO0-Yw7$I6s6kqiK)?yB|St(@e+w
zWs8l;lelaoCldj~ONlF!SZ^e=xY;Zj|A!we@|8;#4CAaX_#Q17HW$dfOy&#F@+!$F
z2R`Quh7z5Y&|I0+Ko`D$P-hB!lzmTsKdM@VzF@P<wQP|piwiJte)lp1Kav%Y+&#!}
zf&_X-sM}P_sL%pvqY6J`pqZ=B7zo$(dVkwEjZ}49!CCq#%jk|~K}IVOTh&blIdz-q
zJ?KgkE0O<m!?Gin^CC<a5n2R-zwgo@aRcr8b`I(<$AC9M@f>K$<;U6QbrJRH1?<BP
zDOFq}8Hw%n5lIW4c&88vU?zJ#-<)&D&WuUz<bR*~Q@@kH_6secuZinpdVz9D@LT4*
zZ(rFNUvMb)pDKfs;?fq3mlh;*aa!$HUkB(QjpSKw`W11IO&Di#f)>~)jsFE46WMZI
zktl!#fhbfJPK;h4-2d>EX9@r_+4e1=aK|o19<Y*AC%n_^`vKv)itE=sBc+;DQIaT=
zB+U#&(}&$;1>gm{3;ROf0hkm^rdt-^%K!L*XgRPK#Q;?S*o%SzNHD2j%trbBZ5$~*
zJsqAi=X1P#J~3GjsLqlAvXU6m4#feokL)4I+o(dhcvASQ@Mpo;FC1yHSJVs$3PkFD
zKG*O2wm(WGMtu!H>)vUJPcldl3B`55FKUKSGzYH%*GE)^qZqusf>gCZ82rX;M|ckz
zq9X%+S~8dn`d(z*@F<(=b&oir444l@e<quKp6{~C^Vl46Hm5oxK;L^7P)I!;tu+g!
zRjOK>!}Lz6#j7}Q1SGm$15=Ctaq0eX2@~1CK@w78q7HZ&ISFP#ATb9-N*E~*Jx#10
zek)zGdAE@{>)Tgh#mxwzDp3ah03fO8R#&1g*&9ludFN~9oFW+Z-D!3%Q827H(9&I5
z;1MkQ(XC+E_!K561HaLK6d?IFz<!YZH!=QE_kLi5;h=p2vAIw=<n8)tKvVw3hzO@U
zEKJnkj=50{dt>4o?Q~b7471HHauN3rVvFS#u|$anqEn@>`ZC+uJ9G^sJIJW0!hj6$
z<L|`V^d4Yp$_$9Uv~!JsA^_MdodBWlS_a$?kCqmGczF2Z!S~B)fHV^LJ4+BoeW5XZ
z<xQr>YDojD;lNs4``;FW>&g580;vaX+)R7i?gqmO7I`a*D&Pc&QS4Aq<fCy#Q;}CQ
z5FyA*Y)Xa&97sHuA%<|A3j7sTsv24%cx5u9;t9x~(IF~x3+RB!`bY-q8ls>km-%UH
zbJO?xe04gIa!73Ik7TNHIX)$Z_KpWQm&1$7gI?#%1+(yl*5q$>0LJexHV^{pkqE%_
zC)fw8RXvSSevpwh;}v<Zz!;Rzc7BB>2}qRIiT&7E_^vN=<SQ8RbfiQ=yEABeK~gYX
z{j55*BQKhw*6Q}H#D-K@-@zoD+#!+^ux|H+d73loNu=<Cd)<9YOH0?D8ikQ{jrEcA
zrisOTUI@Tvj)HAFT<?$|b2|k&O8or%a#P%|U;Ff{7rtef56poPSwsvN>C%Tj#a?@r
z!FR)2kCNsedUtw|OH`+cvUw`dF~-H5A%eXzu#!}uNoWCS3-6*SyIG-bbR~Z$RE6}O
z5v>LKN2rRSw5q|Atbe2g=y=w8$ldW;puot~6JWfp9Ua0ag{gvJy1V-5`Xf}5Zw@<A
zh$H}VJx5CTpS54G3wi3A*%N|4A`W-DL2<<56&UrTQ8rzOWU$i^Msz|2^DGa+Y3BzZ
zfH3`u##F-z2A2~M{xKjch^7)o2{tBsPWLR8*7H=B5eZ_seO$hc_$RH0?0k)^KaIvb
zq!wVG?6A$oS{GD`jkasYMG^1SsgF?ppo?pFLgA8L(5Gd?BRKD*uxyOV8&nUX7{jnO
ze8DiAkCaiSLtjae8@x%08=2Fv{~u-V0gm<iz5$oWEEFZ<v9q$0L>^?1WK&2<BAXN*
zGb1aTlCov*y+U>&k1ZM5viDZ+_0jkDpTGD29`A8<@EmpYeD2RZuKOD2d0swtd+*ot
zO`k<dNK50+SdunGYcZDFFK{UCrZr5RWflB#X^IDheq;SGCw63_DNyF_+uk|aZ?QLh
zg`dq3=;+wxq{>>ie|^KvmH8OUd;1wF!)dhcCr&0v7I$esC<PD#0w5kr&%Hj^CDIam
zopWwr9@O1~0dJS=vbV0?@MWvY4pJ-#1~%J+88I~{=Mqn`gv51mN%6VMQJrhtk!VnN
zqv|VUZ*7nbl-)R^Yfqa+dcV19XFO^6psx93Oh-$?>?B8wR~&K`4wu_TLsdIY%$0gl
z4X7w5Hd}gn1kOpj$j?!9Wkg&UXjrm@MD{ji`PNVBZ&3O9NMmBN^bK#g+MRL-HC8t{
zOS(GIr%~;?BWuBD=qWA#rjd9wE+ee}=J~6sYci$w6=BR8C#O0tc#vciUD6{kaHTk2
z2*zG`@qZTL2;_<zok?;yt^S3`yet8H<pR?#rWED({h2p3Qg7b^fsQ1!Nlrk9Ti<ll
zU-Y{Oa^wj%v6N05Jo?^tXAE5Qr&bd)^&^I&$P~i*EFy6$cYHH-BfU%>2PV-=mPF3J
z_BVGW!6bR1IBUh8cC+B(;We?wJGwziZWl@rcvFV3J+C&!f>C?(jpJ0jsJn+3KvCzu
z)7@}#<Fy*rVH0K4h*@O+kR}>1oAtUI&y2~(#4K$wgiT8hmTi8{^r?&`Hu-t*O-oH|
zo)!nWfD?(vZ;BGV+X-yobbuW2DV$TMl9d%6Sb(RY?7`3mMY*N(kDQN<Q!4^}f0ZC7
z;+dYP&w;H~V=UHTj0}|Yp0Ofr7}QFv_mXb|55pRFq5T|b7qxz3Q<M=y?yQ0rAdV8D
zp=Y_%MrvpZh!{d+g=<6?c}P4Zpjj39!&%UKnAn5OXasuX2||`&5<bbmk3Jplh4&#m
z&86qL^8ai$vtRB>QD7F+2QH1t>dwx^ymtV5@<OSA`wnO*mi=0%jngV|qMwfrcGkds
z8wb&kgn?zio|4njUO@?28;fTJWy-`P$gW*5vwXR90|9Ig`Q-@Cjg$WV+8Jc`5!)%w
zJ?7qoi!uEM8m@SN*9$IvIaoiuR~;2!#w=$?_*^ct<5>YtFoK>wB|%EZs`Z(gS+e3A
z^Q}WiQ`N7eM!J+5`gnn&-lq>SB<9lT+PFj7-@Hx+oubvAZo4mvNqK9ipWtgpMuHNh
zGHMB?l!77p0x&6%G*vxW3>M&XQ{crlh?JA$!<bs3Pf}}NLxS87dPih322cwWZ%QyL
zox4YMw4#_7osR<~IDCi@uZtaee4;g?o8v^D6G8vqbJ*u#H&a_QE~^A$j71U*_jqVW
zKL&IM^VfsfkL|-j2Y<Cq3nJPtu6+0zN3~)B^esH?woJPookHU}u}gCS=S3|Qs<of)
zMwGw?2-Hv?xcpXCM@OZ!nP^T1rtK^a+WsfS*OHl^tR#2sX>}F}rmvFreT^F>HqyNy
z<JGOHrBtQL-A3G&VB&q^rn>X)Dr5T8KA_MTQAvLgCUSN4R8)}(HhC#T8Wv$bt5M`+
z+=H?^bzjjv$_;=U^9Mc51hr(@)wMOXN7~!bRSqkUfRC6!s|PAg*MrRU6KQm{7TW6M
zO2fY`z->aa1iX~U8N_b7>gMR=p^$bh4~eJeyOQpCqA>JQ4`;!~v1?^gyy3ae$?2xh
zaTv%$w8F%z<msXgPH+=PhDn4H1YfLr;B+Fs7``X!*D7i3ryzr8q?4wDbW`ooIJeFa
z`)BH-=+CV;+bh(IYxYr>iBMd$7Q1Denb}v9(t0#G*POt{IahEvQ|SKZH<hp*%S6jt
zoo;YmN`<1~$NrF+>&&af=ptJdCbCQW-vJS4|Es&n3`bSZlIxfI&$^QkRCZ3BA}Mk7
z^F3RFpZqL#T(NzP3LkO#XcA*jViv#rUAY)eElw={v&@+ctqOA`tdvdK-GWC<c?^Q<
zud+dHK_LN9r~bTUtr~?uqih9Kbh-#N&0Heikf3?L-v@C(snr8=T-qV?j^cR56diC2
z=`=nQwe=uC2mp~ZbuPj7p8(MVD0_wzgru20rnsQ;fLfI~1p61Nn$1<m+Pn88A15~h
zW{b@ORjG(;#$I+-YdT<sob-(1fuY61qt>`@mH4euH&wda$N95`9WSjkaA>wYnA&Gl
zoq7#Z^#W_OAaoZw?@h<&J$DP8xUkw|?P|NV?ZoeWLIwO8E#i*ws$jsanGS#e<n6i^
zAy<^k#x$-b`(rfA=g~dKYF99`1uC`CvRQZ-mIGTKF%5BNyWywFp1-pdjr+d5e+7HH
z4;a2BW_{8Iaj-K2&63_cc&zqY!1HQkd_MHtsXy?o@BR2>&&^Miop7<I^T(hrfLXmw
ziYs==w%9uJK-4$jt5H8FaW;fP*Ae@D)h5UjXbbr)6~Zky3b))O3s&ml<WiMQwwNQ~
zkvsYoIIxNKH6+o4HQw@>7Nf!5Be&wghgx0a-c3~sF31T;H2g&?KUW9GB(NQs2`TFr
z>Ft$~EZ1}CaY--}>a8`vsv1m-r%q<OvS3BjlSIb7?wD--aBFam<`Gdxq+})ghb%~!
z^h~OcV3c9{gx%yoX#LsW7Y7k^a_8;EuI%i}Vk5wp5-ElL4;U=J%XqyH)2~lX@18%y
zN{v4Ny$amv&9ENmMZg`P%W~(#UHi8SdoqlV)eT8bqwOMR#NZP63-V{03*(72X4k1b
z?Sri`O9}inY-vbU+q{>kOM*ED&G!hYz8O=!H#7GXNccAQx3{<7Y&`=k`jvMS4iF05
z6{*61bwuN-7AP{Y*!R#d@PsKq)fP(^2u?wlM>$p1&}hzhYlhP$AI|*AJ{cSxGaH%+
zo9q%3$J~S|*2p^eCZ684VX_S~Jx%4%`s8A>ehE^oA0Th)#~yEG@Z<<gYJH&Z!;sBg
z(Dc7;s8KAtv7_{(%=#jwLWY|A`XFN`-M;$k`T`#Pa*vazPWxpBfCQIpSCY)FaWnOs
zwiCE>M^T!eBCA~y?e3HD>G^o9KiGKHo>?=3PcTAJ+6K-I20;p*l_0$z?rtUadABby
zx(rQ%qWG%CS?F?EtB;5@giP3FU+{{z{vD#e!s=E4<o6}FtkWo9PDyE%K_GikMkK(H
z&0&(aW*3K&Q&R#^F-<hIU=4q#gU_B*!+&p#y!xEfOiBHFhdddlO=!*Pr%x(t2B1T!
zf!zBtPTSIi=ZvJQ9;gZD7lf7mEHsDcs-sH;WQE>O-l3t~G>$sQ+vAMSon@(Tv-C6u
z`tNw&D|$jmAf?P%bf?Zo(&kH#?`Y5e!s13>(PD`D!A@9GQAYMM4P5y5qf%jXp6F}%
z&YP`TQ3nXbItvL?*b;ns27l~Oe0_fD7IE;z(1^*zH{%V3U|Y+8WW%T8ETF)bscU=R
z@ibcP7U?hJcSZ?d>!LyG_m?t>>-oMk6?*J@_6)VFlAI+F<mJ+sjBP+r+@tbkZo0~?
zv5^wphy~a>(&b8R^fgz(uWWum!kG@_(xn&kmxw8+CjOco6EPPSUBN$g*eE}o!B})0
zTgO69R>RAFk`gj)PY5xsldn98KKcHI_C~fEU|xIdrYJ;6hZ_^lU`0AQBP<5e)ug8O
z!>D~$!*}k03$g~3ZfUL&o-KhLR8mW})`{d6dU3bcpvCtPyuL^5&YRMl@)dyu?H%#r
z584(QN|6Xa4)OKK=falpeC)Q~IY=KqdsKDqPDUo>0G%=RJl$q%5Z&A2kLS9lmTz1C
zgdD;1$wefnb>06if*DQiiY~AUrMm92YcsySLKGyH5725&i;w0bYNk5R61Xhd@|}^O
zy-S#8b1>$3b&aA<AmT(a>W{c1_>^vz;-b&>R=ik>;qZ=SAa<I)Vo-f|N+9{N(_Xam
z5_WPX!S@`8hAE|!Lvt^|A;|DiouR%a0gUI{BkVh*PAe88m0F?~H2kVR`U-lX{1h!I
zmgUIW$@5jk^H2taTt7#Vw_}`3<Z}95+cNQF=F1h{mcZmZey_N>1mABSHMU9C#p!k-
zdqUc8W;LLVODJ)nrn2XMTzfHkLcXGr?k{VmpMR94R|S8gIbROn7m_aTrEIRv6$l+i
z5)GWL5<8IIq3`{2-m99q#0q#sLe`_wYmteo_Ukc;;syo=gVjy~tr71O-w9a`^%mb&
zBIO3a@F**8{v+pj>1k|6%1y1Kq#gM;33529AWT!JR_OkV`1EOX*gR0-0>p#MrF6&C
zN;}~IuOk>*4J`A@?uP*=nmxx#u}K=DB43Aw^Y;j`F)}hvBtSs#P0Zg^q_K?32*5={
zN$p2fdxD&vE9=6{xGsp`U7#n@FX%FV&)K3n$;UGr%Ln0NvBQ6Pp_An60rrtXq)Q@~
zu@Ni^=L#<DOXWbE1WN6%<P$7Vvc|$<sj8xxbtOhEXH~yDX4=c2Xe|U0Yg%Y@dp<u9
zjoGwibD{*x`;ZoPIh3mG_3oe9WIuPS3Gxe?6g>ePi2tP2&#`8Q&A$AINoRAaKodJ$
zWTKx&`61!n0oMgfc>5v0WmBwFRX!Us&o{<0oj!8Qz53CJi)nrK>T8mQq-mS1YJ9j1
z8+cyS?BNm5{3XZoAm0a`bYLhShiKpoV<%%K=BqH~gFBlO9x@uF(2k78=+Y*8ICnD)
zrnj%B8xWY5TOZHOTed_2;$5GEO+`ObLD)H+df+gjK_7$W`K;*%oBpe(8{aGm)<^}3
zLu_iah}JG!UtIt2y~re_;Q|HCoUrSDachv2f#{4SbZSXz7ZI#Lq4_QS66lxi{Tt-3
zua)rP{HinzD?#9&VX-2^0=Q>o;g?eIU`sUvL`rEja82?~2M)SBWX;`DQ0EvxN;p@j
zZ6w3oMCIQ>A|mqFg#mUG50q|1H?4#1Qj1^b`N5341xa`J5%K`jeYuiBi6CP!)~Cw2
z(1ju69NS#t<2oS5eTI~RwCT;LpfpbXxVSi`#aPMDb8R?8M<1WW9r*q}8hGITlIY$C
zw6nIT3Ztd?(Pl*ctsv2taM1?k=krDA19J2EGe;Eg5U~ht6N0<S2uL1%xiHDFJ*TFl
zqGS%YdyhkX;qu)I6A=i|Yyn`|@J3Z9lg#x7hi);ur<Ye(xug)lZQK==*KW`td7I>i
zSF3IkZ(`RYr^+KLxEt&RRO*1<NE#M87{+}aYxGXVzh6fDfCItg>KAyT)`yZZeINu0
z`xFZrn}HJ-)a#9f;~wDpri)LXNSe8m;9FxqSmluS!*!hLK+;xDyAG*RLwM2^1%ABz
zb%-v%Uj6|a;Jf<wUR#wpk<Gn|II3sRI*@`(yFGO+w|ftm^$977y_a9?(NPk~bQ+Fx
zI`{R6Az2S<$a+|6kJo5_iSQN05U66uI5bl2)2VEI4DP*Au?Cg3);3uWA8IEMq>cs7
zzQ6nX*||jTHqBsk>H2*4lP^44{96dd*8P8AY}aXms09^8mv|Cd?g_`zVuYQp!ZhbA
zKnz3D!PRx}FDwAYqLNSD1R+5M+L8g^7^%X*v6=hv&`&&fR4l}HvN;h1`G;;lBFp;g
zqL8`t%zlm`r*Ak-Qs^SZ69HMZ7T9St_owfERK1Kt1<2VXic)5&(v+<xJWQ)|0SNOW
z0Wg*1$9BSM`4uAwwtB^Z9tO=Kg`im?*ZN*4Te_yLQs$i@V1xt5^EBZ(mVC}13j=ut
zwv)1IBas#?x1&{A{4bNH1KwM+jx|Fhx(f2_0iu|6Tf*nUdDoX4h{|jJ*+J9D4uS#Q
z|NdAHfl+gQr!%pl3iwVVm+%i%V$n8tI82cQkQ7vO=A^e~MZ#G9DxRi+qh(nPu0&9-
z?Y)nUZIK@DsBeX0wwOM#R(wzOFn*p30ldGW0mO&}9b`LC5RP=+Pq-covB`5p0&{9C
zdau0(lOdbVoda2XoiRPq+{8P77X2h}Un~y3RE*-xxcTx{&eCwjdC=996>V&IRiG2f
z`24!pawApS6S(Ar`5`ksFqj>_bJoW~%?)KTHEnws9MvIT;Q{TNgw}4RL1(M_NrkUt
z%=c2v^g#2x0XoJsN&(#P>ysHZFavc&R0#0|W?)1YSyKq`axDsBIAPpT*}>{KGoUQw
zZ>?D2s_F6d1n>RI$nyd>f2zX`C;J##bm|DLXRT6(vYXac{YXnqgm`6!3Aamz7LH2Z
z=3V&InMBtemi5UiS)+8yNVttG!2tlFiHrXjpMn2rd~9E^SjP<=xyp#|OGwh+E{Ery
z3%$UpDKDCDyQsB2-?eIoJX{}nxLHRg>y)kRx^c@=|L=F{;o9Ku6}TN??jc=i*f>31
zA^TCd|BMYD_z+M3cq7AW!q%lXhR{DI{YJslp37>MNaz-DO-qD5(HH;l(<e0nz3cXE
z@$}!r*>udl8n?j8teE~OD;2+BaS4BW#{Ztim#j49Ee88Mac%V4clCdAV8_Yok6N!p
zzuJpAt+Uh|ZR>@33zyEUtb`O8wFKzPJ)wUQshpXt_QB?!obP8PLp*x~tpjtO%kC8?
z|2=&IaaHNgIy@4&<|!rsa%;ZTPL#1(S!W>%82zHXyyPX<xoik(<4K%EWphN(Qu+k2
zB4oZ!JuNWmzW+uZQ426-hB}(1y<pkb&=#?vcu^;&8hwxjq?44CY<z3ctDbh}jADQa
zq++g_{<I^E=J1V(kB@JiMtW##rmKDyV|2O(JK~ryi<s7*Bp4<}(h9Obp^Hs1pVRbB
z9QP^Zs&V}(pJv*tHdYNdy6v$qFTeN4Z+Sx`P}CM>G-!00-3#@xjBCEUL++x{YV{la
zr%JCrsN>~^EnP^2Y|>R(n~Qpg&CPnWzApgc4-wr4Q(;}DmU{djBp(RtD`kW)3kNTg
zj$Hau)PmOfdA|r;=)c!_*fW)+En5eOzjQ0?rq9KR-lM)Fz0diH@>lwH!avkshR!(m
znCsJgxuiI7yk=9kJ{aI1s8~}Z226cv=6-?)B5jPEwUI~J*Hi6()Tuv3L_*F;;~^P?
z`(KEYA-qi`or829<)8Sg#)_7gA7>pO5n%Wsk^`_-1}B!!V*Vja6R4nSxA!we?13yj
z{=KK{;VmF9>v!!{4nZP#JAN(#(y2~)*Xqew8#mY13dYij^~#-hc%az=+lzAZb=Q>D
z+e`IT&%gCkZAuRu4HcP0{~mZSXum{Vj}mYGv1;Rsx&z4nTNP?%{n;E6CO~ze6{$5~
ztFoIWnjgrs&P+#|bGSg4hnOn^QR`i%Orf`v!R^25Y$tTQ<2R9P1B}@!wF;7?(@rz(
zmv(o)2ToPAadfL@-Rk67lp1VYXAkA1{B6-IpY@c)7{nTmT3CH7)t>$Ut-B#>?3pW?
zS=wj7cRuB7{q)%&q+91jW`{wL#HMcChAp*+bxtbI61wVPXK<(*=j(ll@p>6UP*4{>
zgysk_GumM2zBPgG7#wWj18499Vlj~s#aDU7LCM8GKc~Lufv_m}KKQc2&UaoYG1Zri
zmhaJ6C~!gUe<Y?np1w5U%ypE3A7C#7S5H~la!HI0?Lf2R5~b4S{OiOMs5-O-R6084
zDhSr?hs#t%6RJMg7MWDBE;90>zBWniX{HNv(uWAoDTMQh#YDFGLy9q!Euu_0kJsUs
z%kO5R*Y_@YQXcS3^!?aLwFLU<TbjCq$9VcW{}@Fp2YhrlF`G@Q*nMZOn=R*OsUee|
zwDG(I+_**YF5c51(ssnfwCN$1Zxg8Z5-!|CsCBePUcT8MQbD_OV%ZSkr!h?@+2jBy
zgjfZ2f9ADPG#S$B?uWN+*eoc5_wZQ^^4W?_HA$h+-L;mLQ$!+4D=ITP=^p%9k~ZVb
zMv-6Nqs|XSN&Is8MS0hLgb}}URCdfs&Sq}da_ZYu(8(Yi><e9%=x3Mb632=*(}2RA
z%OwUn9S`xYLF7&9g_3#u`j!fdJaX;q-*6!VStXWQC;^!5>`;C*TN$Y`iRZ^lhRe+l
z5`SKb^E~$oS-yo=MADl8;q-2W-ADFMN~{iCAb}73<pglaf##!{Ph>0w8ViBIdp4RJ
z%xVpd*@$A-=-Ow80HSj9CWhiXG&XejR$k-E?{?@Y81mq4Df^W`QPh|BzSOMxkbdPX
zH0fN<-%_+*Wd8Sv8$TEP$(o>=r1!OG5~;Tz>b4F#@d(}z*5E46D3hAh)_$xyPeulr
zwUHgn`nP*0`~LB<jP160C1nD&kDU|t)Kj;CVW~0&$ujKhEXGFGEe^=bhR~~xfQSfZ
zy4s(36Bi#pkR@L(1XWV`3rIE(H|M%mH#dt_DBdN16h)t}It(WAng2@LG&03rm%yg}
zQAH=G{+%!BR;)m-#K}WIVc7-ug}Snnk~%HQd$bG;=xFw4swR3i>=>QJn6CdPx<wR9
z`?lXdQ1!A%IOdldF_WgLaY^Rexj#<Ve*e{puh2>Du>#HBO=x>-&8mXpNn8#Viri@@
zO8?iPi9orLbLy5WdO`h+CB>^9$>hyBy_Yp=uDmtZlST>+?C=j>f9C`9G{D4$g>+40
zdbva=I8DCbbw7gcL%Yy`hR>{*eRpqfye~`VZqbu7(0|Gs1Tq2woFZ=mD1Y~Qw(PwD
zs8XST-7O9LKWy%dgt4q+q!!#R(qF?(ztNJHeq8uqOL%^w<Gm2i^9T-U5L$b#b|NIX
zp*Wk+j1ZIF`Tq+55>iV%d~}qf^hw@HAlu_T@csb7ko4B0>JJm-cIJj|SR(s1<?T8C
z&KD2WwTNnytXnh8LVCd`j8u6UP7kl8=dINKLHPWy9`|;+Tb<wn<AH|kElA?zoAq%{
zb;gg089sg;Ctz|GdX=>jzB4v8HopkFG(bUo%${Cxk!d>fBdsV!xXd4wAW=tT9UrCK
ze%IZfm2Kv3o*)<FaYAmTA}oQ~d}xZQ{|cEU*8y`}V2fQ>-}_o-l7=^@C&!#Sapz(-
z88zF~T^!uqv*wK-8^OKtQ}Z7u=j6!IMMgM<1I<ri?FQLgXB8;PUED~)$z!w|G5y{e
z=v!?q`<m({ggCng2Z7$rT-w=weaW+sQ8ESi+Fj<LKkIG0$=n-&&qkVg6J*$EZskMP
zISDe>1nn9p1)Nv<)kVsRI*`d@=0*FMsGUXaGYjH~;-+jxUK6^Gm0Gxr<+oShyRb+g
z#Y8mC8F9+%{e>6bRe9DQQdb<ZXrs!#g_tzk=o{YS6Jd>WDh>|x<Z4nKdEh3&YX4&k
z`5gYpKmnnv#P;}xQyBZl<A>;;$$GSU`%<9MwdtQvL5^}xtLlX%Ij5|X!(73jC<glG
zGT9MKw}wecFyct}Q#<Xu9BmCSHJXER*y{Rvx4k%&9Hamn^YgtJY5!}29(x`Kfp5sW
z^gF~!7O|8wJFQ?pME1u1430Yyk|G0@p?!bV+@p*9W_t>U&o=z!We>fGU)iap_wUeW
znoWO=#_@`|Alp-@CRK7}CA6xxwr^jsX&YS6I@^ET@6w6`UP;9H3hFtH7>NC^pIlex
zzM}!8fG;K{wtXq$BqsfuE#z8p=M+BND3GtCy*L-v<C{7PedA9^0tdAoE^?VxpEp60
zSoq`{`K9MkOG=gQo#_{)myme>p!<CL_bLZo&{AbS5fZ8YZYHe02+DV}SWey2Wwo<&
zVHPpIc1RX5@j-<w`&)`kL6>`cxg$Yn&9-|9zF*Tcm_xJ>%2geaDU#BK!7fvJp?LCg
z=O%7EMGl2GZyz@yBBKyaecrLF5DjoH%|^vghL=yNg~?2&TEnQ2G;hP53QYKAWwYn+
z@JUh9@2(oF=0E&=7wz6V#O#yA3cPLqb1cn?zw&yow!JuU9Gf%~f2LiOr>|kH!gU~6
z44n;D6AS%;gE5WAm1K7aqWIdEe*5f6m)29wenFy<1gqIsi9uUS8n<xjnp|})Yl5kP
z<OsWiQn1@FLW<f<_V@u*S6Ux_9ZAAFBLxL=ArRj|Hg8s|xCoz#?B(jJP4rQBerNib
z<UU+<<c{yTtMO2r17!gTXwYtX*MI5$FOw8sU;GJ1RB$Ir*~p0yKZM;6^k-M6Q0U|}
z${a%HDKfM7f<+JaCE>E_Q+tz0xw7XfZ;mVhVjd@1p}kz|P2T1u{>rX|mr=6vb?@2O
zs-Trw)X5{|1T*;_iEBLXnH9Bi%C{#8uu|p>j`9wn%SlD&9a}yUiX-W-W(0o2->EE=
z1u>TjmU39Qdy+j#gKcD((uBtwUS%Gf&0Kmf)bvo3U^ra3af8bQu6~!(nO&n(Ydba;
z<&D0W`+5Z9I=ud!s7E*#R?J5_y{<g#!>CM5lf;Rv{G&Yu{ZAX$`XLK^q;E?xm-rm(
zdTrk|P)Wrt?$~ki_~D6~Rrn@Q<%zS{Wt6S)7&@Xj3178u8&V8f>}p8V+aCEeC=33J
zHCBo~{EI-y@5_Etqariz*&}q|kCA)IJY<6+M`~?J)yLp63(~p7K7)!43g$Pljh?ZF
z@>Jqt)KO~<t50M?HPR9R8zS}@`;jewzRtMX^$*IDbI+(%$0rOOTPS@HjEfGgr4waF
z0tLjk8U9u5lvfV)`MIFDPf;%r&iYk2Q7hH7?_PiJlOSa?DqUITpYzuf|23=k^LDIr
zw5~TsDWQ4jEbBvNwA?tidXWpyWuNxMv!ChqrEFUI-hWE)-AueXr5WrpSon}ko+FAE
zeYup2QPg;|xAjy8saBtevz|w~;RCz?yEV=022UYo)f7I)dts2W`{*6-f#eJvB>4~Z
z)5dt{`_&koFPJOCH|MX!=!yo6aLtCzW2fgipyC$6|IF$6!7>UUSz7``bN<e3rCXsA
zXMJkO8Ve48TsP0{(K~}>&bY<!abTGFhTZb@!nB?Ggyxf`I;^}CGP1rmbI1iglpWE^
z=8$}j`k|u6WR1CPm3P(;=#9lj)BZ@h+Ze8a^egP|dunm+SK5DuO1#XknP9q`Ns#8a
z&I_F8j&R}UaKI0yRzx$HJUdrD!#}D*>y(4n98}zF_Db^_S=!uJbc+c<4yaHhLen5t
zQpof+z}zUZ<$s6%_iNydc&Kx8#tC058O6t%Sg8uzN9*~CEgkU!DghRI`X4Sfb%>-B
zV&p5^%HkhQ*>Oa+ojRj5TjzH{CRD)dS*G3n>MdNU3-NXHUT;^oUCRmjsE3RB4!gOC
zp)P|m^F(p5QOu6p7F}eteoKk<ht;>YBdaE9;ehViPkYnVPJ!}+M3S_B<DZ?mu2YZ-
zyx3<ubqz{ln%ye&5ER8W<>OiA1Mj#!4ow4bLw;wpXP2EsCkW@LmY8WlcR&2Lx4d$>
z`W4yVq(gTAmMsg(U4GYn`>KW;lS5GVd4{W+d%sZdRmnXv9S673V^%%!X1V#=X`0+(
z&ij3*(Z%UPE2DvS(^7A6C%d_4eeB-(noYNc;xNbHdw%`QrkEhAsl<hq3QYqYj{3u)
z67vxz3)Lv%c3DK0=3f$kSHp2OKL?6=C<NJUQ*Z;@1ph2<l(sT}+p>QE11hEG_ioS*
zVeCvkwkl@hdQkK0=U&pSlhCyD=j!y=lV~IrpQWASJ<t^+Xub+41zEjWklpM0<m_<e
zZvF`beg-|J1;^TU#@s`oId{@O)r*;piXNzFg6v<9>)R?FZi$d<WdzeP&#2_;ml@<v
z^OBfKC+h#^JK$q<cz1n^S^kE#GgWgo(dUnPDr)uObeA32GZeltlt5l^Q$EgAUveaM
za^@RcAqnBIRGR0)JE)Xi5?|y=fY=M5c`xtY_(V1rgnOhsR_C(OA(TKC3T0#65ulYD
z#R@rZ4mub(OAaJ<c5ZpMv_ma;Ng(xMF)daq4@o&DfE$hIXAyMXj{j{mp^9;Xa!~zy
zBrkrq#Ef!%wlnXcVCk6*?Hp=QhkE6I-%ZX(@;Ra;W(2x25R|z2OY2BLIld@Nu5&Jm
zF&dmH!U^XDLk{uRX7?zj43lM&_fB(*1o!#!OpZXu+GW>=lP5Z6G>A7tFVI$gYzlh#
z9^Q-r3DoSOCfs<^JU;4#u&(Y+1oC2`$#X9N28KYXg=#?r9Oad2D|GoQ$Se7z{Qyq*
z;y-WlB!gNd@B+64;af-@B6%7nP~A#6H#;>gV2WkX|Ae6gxdjP;E0KxUV3vRLTXI<r
z6_<mU)%D;{0RV#H7(|o$|4l6I_KiDYr37l6F7ilLoaPndvD;PE%2ilW^h;?qyRL{c
zav-I}{q?gzp-dNPqV9VAVpO(_GB)|K8>#`Wm~0PSa7@&c6iSV5;DL1iOArG131C^r
zKfhfgx0Fy~kSyN?yn~D%{#KNz3u0u;q2%pu@PK5sA?QGd4CFEEY3ROBd7^ZC04#Zn
za6lzi#Q3>?WC-XBcO?vz_6PM#^m$zU_$7GDh{qfq`{TO_q@-Jxcs{*8W4_d7RO9{M
zkV>L_v;PID#I2+NsL1li!$=fQf_NiRwC8!%iSg<i8oEl%b;u{kHIk>=dwFdq8bPM!
z8iXKhc6%vzVs%Lfd!K%L3qr6ZD$F9!yCp>$zQfh^Crp9x9bMFqW|yW?4-~b-&hq{C
z*qax*baJKT<^3E#sh9BKNR+bNFVhhuVrA}Rywhlr7vA3@fMiZPI<A&#$$6sG12P{5
zktgcUhB3H_USps3<<AM=$n}&#NuF{;zY=89<ifG!n*Hq2eDZA8dQ(En;7+^_a+}jr
z@?8T!-X6^ZiXAlx91*)0x9O=e9$)oB37h>&hK+g9X}HnVL?xQ{v1fgAu=Z4oUg-M9
zYl|`hU`pE@;^@1`BF=~YVF1@qT=Fea?r_P9e%fm9lYzmL0d$G_Gl{z2dz=k#w<VdX
z#$=j3y_jjtQJ4cnyH)neR8c>eKw2d2gzwj`0VE+r-H+K>yA?q=GPQ^~{XP-D6Ob+I
zF#C;ecXxNty4Qz0R7b7S{#WB!2j!X&inuTXkKtap=3t;(RuKz#?M}~y_1*+*J*ETw
zI@!=6RKSP`SMUl;rkzt`;O5of3?KLOOhK#X>^!3`o)el{S*{9U2Q6J4+E|F58Qwrf
z$_j~gy4t4qj&Z=?TS<AL#B{XlP<S`&+fZAt1>f8X5t;3KhM`*&|3u!CrgG6RWcZQx
zLqOhxR3Xh*H*Fe?O3Q~C*MKAmqdJotHLfgjelyhZ--2A)GD`tqEc3^wC4c6paW!cg
z0NcYBd?msJVz?9JI1}&qoJjW;nSMNZ4D|IdKuV8qBYr-=p?~sD^P<g{*y|8VJx_UC
zU#1AyCy)xwFzS`biG&`tEU#wrxtGpHBZFA7dTYyllV&s2&U(zpXzR1m+@A%0@UTce
zZWz}!ZnH|O8*jW|Sv<Snj`s92vHmP{-|n@g775&i5|a3@%<jb%b0_#VpIc<a0@AxY
z?~;Kq*UwBip|*Vy)2>Y!C*JCWXfVC~1&PB?$=Sm{@I&H88h#%g$gql7by421`FR3h
zp@IK|1Xsdj{{|gheOHU`p*>Iv5^buvZfA%RUA5fTHva<<vh9hIdT_x&^j{fRkSuh1
z#?N6hUXK^au7-oC=G{-Ro8NQ*isKprp4QIMO|_fv8YOV?6PnG`Yc4l}(&EjuKRHVw
zAXAtK2!;f+yTeIbSZL*N<$fiFWhQ>2^HIV77|%=8x%GI!b-O)h2MnwizK>nh`uTlz
zt(?_Wg0P0P2Mv;~(<ulR_f^euHKG9Ohrrrg(8KB{m8?;`yu51HU7=$x0P7gKQ~Ym>
z&}c*$+yFfYTL9CiJKQNl=}RsBuBm?r8eNW`Y!1@vpv}Z>o<o`z1DRL7-|wP={^o6x
zvy4rPFsINgGye@IAvtCt_Ju!J+4kC%C139~IvoJIH<Sq4bMZJIA~OX79thC6D00>*
zHnk2AjDUnY13=hQ{^wZF{TYKQ9zsIUbXB?ol^r?OqfM|N%lB^I?Wg0~xowh%;wn@e
z6%FFDmm16aotC?5!5siMB`De|F;(JVaM9hIKpN<*W}b)#8jB4QBrKC4=>3UVB$#A}
zb>;u6uqL9VkpQ^uXi&{F8^}Ggz6h@v+yP-Ah-GTvgI(8gTc6M95x)uH4q%58K*DJL
z&O=pmK*dW#Q!{eXwS2=x%I%r1U0Nh`?Ai^u)Lk8Si<A%p5CX{o(RZJoXXFWDdmv3-
z&<{C)1-p)F_TwCHHlW>nSA6t1Y!(OkH<w3fpe^hzK>vkZd#WyTa9nLnI|BuTnoR*A
zlBUHV<~qu9F*7c$q4~Sc1R?{Ma%<)+`2XuG<D)U+0zl(5Pz$UF*kNbx4)^N*v0)&C
zmmLrMsZFF`>qZA9JK!R2gKM{)KD%20Mc1zC&t&fUpIlLs%|TKSHW$BZWYBI2p$|z&
zVAxIV^b%yQCn+>D;*CI#r_tC$OKtGO#qQ@gZIb;=Y-a6U>UkrFB>RmJgxK9rPS-CY
z(9wdk;ZQA{En%~#+dtG-p%TYzvLh{qI;2I)6yrPr19~y*!{D@oCcCE2EZ2*mX@0mO
zCaHz)joe4lV=CXejN;uyV~*ocFuI81QlkX2YFNXtg^BEYk3O?Kk)<*pKYceRGFq6A
zj|@gE<ZxcFZhq;(BWY>x^udd?v?O=xENbIQ?;<tamNy3zJg%^^4&4X>C**j{ZitbJ
zFZvlpg{VWG7P$h_)%4nJ{4zG%W_&}%PbXh|;p9-5^~56%?Gz#lJpBQyZyxtE`R`6!
zV621>i&d2WU*9)a%V>Htmjwd;AcPJ9px2nr3|~SdaRfr5OlqEu(e(CIzwe#e%)e50
z?-Y_TuzL30au6yqG>wJbK$LOaUo%A#I*9V%=Ccdc=T5=)X_4>+ibGKY=3qI9y#Pgy
z3LassHN;k5c$5prDH-?<F&$a>4FXTvB|yZbQC+s=foFivyoS@M#vQ*9+_m%bhW<RY
zfSiCk@pm}aAcGeQFX`PG@RI-EW*(x$gM37hvo@EuCE3JbZFkRA)CF@9FzAg7WxTfg
z6NV8-&MH<DTkqdajKL;ElmZvy^g>S0w7>I$;3(iD>z!!aU+Pczxdk3<Gs%auBdS5t
z^|<~B%NJ2DD{TC-b}u-5b=5Dgh5M2nVE({mTAwhhHiaEa*bY1I$Pp=Z%^_ItePLn)
z|Cg|a&^7!K)~Ltu$YJFwjL%QwBI$(mAWFYxuZ-Xe5x_lj@O5&A*8OG;73*(*@o!+R
zml4<5T;$)GQV6>uC>r57-uL4oj$2cIVQQO?H{m(rkoe(u;!<5MQL0Q2C|UgC34jx8
zA;P>&`?oZ6sOyK+01vG2;K$}<7vibYL$o+Id&QCUG-B6Yo(;UElI^>-eMD33vPE)J
zCHHe~sG#HFqS)`6ef|ua?#3@oyA*L5p<`w2h${4Bh3Zf-Eo~NsNKJ1JR^=)GRll87
zr_%VlK7t2s<bPg#{D4-!gBsFl(e>)8#E_xTRlb2j-+qo9IN-eagxSEc9<6CSVk--)
zV`j`9sqmoL;hh{ViE!NAM0pT&g?QW*ZIr?qVt@V%3m_3^*BU)^5z%D=((`!4)rbNE
z{X6=g;s)xA)o#FXg-s_1r{@2d?ydZ|YDYgW_unrY+%21yv14oVThGF*eW`tDDBHD&
zoQm+6o(<6wwBFbDMl}g+4EryfzB0DOd^vZHu~JPi*J)$sQt771t#=^m=|8XA3&j0b
zsqyYKZ*fy+A5>#Ft3QlZyW%P8)2(-&^fnkI6*;vYjiLXIT0@^B@X+RT7u4kKr-eK3
zrA}dF;jB$d@NxJx`6<M_6M>epZy!TT=|hm}{Sg!Z<it%rbMc452_mrvIBpVczq<qP
zc<cA2yVb5t?6<i@4?huze|?v6LUAVV6$nK%2q+LaUf#N3D7#%u2mkZ20T=l`B^4C`
zku#@ub~O4jo!B;@J(vpYZEW(>a|M$|@<4y?Zq)PPa)(Phal`cw-iADCNW?4098|YD
zOFOv$n1Y-zjwW)&)1E_s=0bP|lO~BQf-ve@ce~UF47`Io!T;w`r|oYW=qxbnv_DC~
zGbX}S|H?((ST-VHL=7a5Tf^4Qhe^pU$)c_#UwGaKl0)^I0KmfLJrFNR>uMa`U7IAQ
zpkT3>-8j>j@TN%cN+RlIC^5dxemA4q=f(DEqer6@U(^#ZYcsor7IL5m@$T}$wM;d{
zIK0L<l;{h=@Oq8^FVpb(rTCw^fcxU(t7CdipQk$wNI*5KZuaDZdN$)HzO*ym#v=uG
zo%Z}X(8-72Zc1J=Q}YYsvmYW~pmxRYxcZP*jP{;dwyn>fA_o*!i}Jz6F>k9BFT86M
zUD&|HG8X$#9%W1(69bh5CW48boi4?TfStk5BhrI{gIrQ>m-trZCJ*;se}xOLcj#2f
z&6SaZ(YTVry2oI7#)KKZzY|X5k`#-1oOj80R>`C&)_1^ghPT0Hd;LL7Y;oQbi8S2?
za{Y3it0`^`hCkwpLnT8hyyMF4c!9hTN~%|L!P)AwCtlcf?s%c*Cvu4`6}8jsn>SiQ
zvJ^aUUrTvNhS)y3rE*&uKKOf1H%W%{zIs<_#_-1a{i_xg6w?oy3M}8QQ7>nouKCI3
zd2-A{%9<k%Y3C%CWQB;!1cZbyT^gQvlcP|<5Xn9QiOras>n@pkp9%;#HGgm~k5oF)
z9jI6}9Bvue&et2ti*A_kzElyT&FWKL-@cXDawr*s61E`skly3~DS{_g+1cd}`e>RM
zh|u4RDSc40yS9Rap&qsbs&o8zuFU!SBOlcAt2O5;+-4tae$bR!NQjz`vM1oYOQX!?
zn%OsDyAxf5;d_#E33dPQ9&S7=P%`u_u(Gv0*j@th9kb#(=FXv^J}SRpLEp-z_`&yL
zZtDbXWy($K*bKjN7o1By)&AG}4$Osus-56jZ?ViW9Y!GnCf_8)Ca4Q)FC5gug=D6&
zuZPP({!*GE`~mvji6pF%hHm3cf60(%hvhN2@^v?G**B@!E^IbR!-r`0y9Vr=7H8hR
z7jU(m>9$STRt^!PSC)-R3OYkstTfPRCZu(xv!YShsk;yI2iHuoCm><2KEDF^n|#nK
zy`o>vx9|VPf_*|Ekdx7o`BQxN5gotV`tU86swCbQsNa-NT?7*Bx@33Dm)Ub1ONGu7
zp=T~)He2-qPuOqFC<ACiLf{fLb>>k_C>4dqiEtVT5PL+efo5gMvwJd$Ey8a4$~Y_!
zX>lkpug?=>9x=g(+Z0!L&ts&gE>+|+=Z@99)^}SmlKvqx6v3T*mfYoyb!<S?50mkk
zk*qE&?Ogp!T3OmMAaC{Dd5Be|=(_djYrr!Yg1&s0^G8=f=K08{zWXm@&v2|Zz8;yT
z`SY-8ML_ULebyt1Q=4WtPQL4Ya^1`?YELH7S2BeAi!r&U^kISDEhYk}@hyCuwwsib
zrr!(I6MvKTuyoNVQkVksArSZ9?F|;CHzc6(+k6o5M~VqAHsHf8@~tVx--|Ig3a&1z
z>GyA%+;(aok`{PkYVuv^Xgci_>Y2R6f<>Quzub+36@{rzH5}$2t|9H0CV1@48lU~C
zbY{H1cyO|oUVp>W`O?+L*rB3}?5Za~lnNLdHwzzs!P#>G>KCIs%2*V$Nl<1z)(k*(
zo8N~{AAk-AQebtTz3@x6=hpY4lPz9Sr|YMXXHr@}k)|cwFWwHpi!M&0|NY4cWlY@L
zXcAP*ua&)Z;tnzg0#1*~U8PTihm>3WY0ZJc#Jnl}lZrK|#Fls2C;r{pMPvkTxa{&B
zI$Jkot-KM4oOOUR=WqM6^(_zGSwYi>>|?{zuZ0NE>$kH8dPV%o?Iq3M{&p(*m3q|t
zXZzE_psgeK3;G{^;(vw$hzBNe#|^E;{O7iQJHKR)t71}|&B{fa3v7@Tm`tcJmcLjy
zm-*H-*iAW=$=L3J0R0!9F^)~uxdJXji|8vtu2<?q4#k+5CVaH`W#V@$eZJ=hb#uUy
zH7NbNod%&pSLH?uZ$Iw$A3RqhXVYrU0~VYwFsA^pg~MQ2wWgx&lFCKQ@{t2RT{GT9
zqxb>&szK<sep^J`dh15+q{+_Y3bAj=55<dlGC${Yh(mKVyZsddDBI*?SS}eTgb_V;
z>0vgCX?GNm(%${F&13iYo3Fl`&zV10+QP)?hcrIn(J?fY>1qG+vf7fp`KUS4oE_dp
zEw=o^I08fnO^b)-B?|zlqtq?6c$z*W25-_v1lDP7((D|=$w{&V=<0A6d;UE64Its$
z&9rBr$1qvHZ&Vv(yk)GeJ^bPLL2p#gx%7Fat<mnM{Y=I~yR!3fS2jgm4o^JbKBC|%
z?Ub(65irE$algv_GP$h3+6b`J5Q?XF-mnN`gksYBmeyX~LN*20hQ8TRt7SY`1%ztF
zYr*ZQ0(Iy!YCZ6e&+dUO{h#OfDo)Xp4oR?kf_c+VR8sBe#@~M`Z!_PPSB`T|bC~>E
z`fErTbxEKtN~%h~nY(UbUe&n}%Pb^<QOU?cOHp^51#9Q|G#n7TelT=u%sM80<WbD-
z8gFZua9)d40(Rp{<CiBL^^>jgMgy;vVl=Z7r#YnN5Bz>I3%Ne(-wx9g18}qi2o#LG
zXgeOE?EfC2Bo5OykPc+3z8iTn3OS`la!7@-Y4f=}Y4?aU+%A69zMhh?^7_>c7mUz+
z)KWs<^!Vx>9388;7LSz}#>G6<UiR-qr(!xK!W$LP)UOE8SCd5SSLdGT-qinX+-9@e
zd<KTr_LdYp`N9_z8gBQk_HRe?-8%1jCAK=nuZTd*u1(Hu<ts9EL$I!sEqyE!IL(X_
zi7ht@K=_W8p|kw5O5AHW(`IyT`rP||ppS9+Oy<E}qWNgGOD?4x$|(~o;NI|dccz7`
zIzpJf`MJT%vIlKXyTxVf^+<7?L#!oNGPZ2~jMKRse8EJvYABEvy(+ntID5}@e{nRZ
zV0^qe_tM34o*>pwb^Yz8-R;J>=rWgK#$DApTb`KzJtTwM4Eyv?41PyE)#CW+FWLDk
zum$U;FFfq-c+pF@U9#_yvetO={RlF@fPltTyrlxntUhk_MZXNR5R)1ceT1WR?RyGL
z9RE!~gxT@jOG1xbecVx=qF@W$d4Okpr+*xg8>%a2m)xRWcTdC~QM~6G&c?uCg8BZp
zy}fuo0h@e%H;#St${^p_^X`Wv!bMXp)oxW`qE8h|$exZ+;98A-3V8A0O<$#rLQdSF
zuwrz*wcLjk?8b+oY!Lf$`*D5g{Hv@>LeDNkMPydqPq|jsYR9k6=xGm+XD5_h$S5dM
z7A;^Jr2e<<m}r8lHT_IY8X@`*x-z8SNO63s!iL037++ASM4dRaUs>j1cYs@TmDRPc
zwSO3!U+7zLjxE`~k?agCmR|f-=vwunsD*$TV6xFyjROV(MEQ-#^j5=uhym?RTfLU8
zS$r`l^mOVLBc~$gfo<ps@Issj!6C3-oU6bmN8UU-?((L^_dn;w-ft)N%ig!LeEcO+
zid#Zgi1OtTo4eeObr$p0d5)U-O6n#%ExxEfr6Nj+v&QP{ug%xPnD2tMxHDWiZPz8&
zNaybEu9;^*cfabzR_3g3|GKuw^Dj$rP@*x@&>C4z#2Rs*D|L;P46*!hBM`ica>Tn3
zy1v;S2;PtyjfKj2j9C14Dw^#hk5`}RnN!xv%*MMaIS5JK{U9=b(IGV;@*v@PiCe0u
zmtY#l=3VBg!GZG~(TUtsLY2X5MWu@KJH>!m*%y90yu1gBCOO=b14d+IZda#LDewuA
zH<uWOC-Mo%*PS??b5Axx^u@f`TPshuY$g`n+83&5oQf`L5Qp?DEBxG%GRHnsSEg7a
z?T@qmxUFpc^%=|5H6N59<40`rEA!h~1=c(A9dSTXWOw@d@%Odim$>pC@KS!rOYw7V
zepxtvDLa*Om^*Pd{X$+{lurC$y!w2gPku{Lw`A3HBodd2Ctf0t<GBquQ`yve;*Y<~
zIdvYuZctDrLYtL08*5qZKzl`eaMUD0<NI2HT%7&!3L=YG1kbsl6uO`wfe&tuy+^bM
zAw24G-XZNXH##5L&-9Z5Vn5X1-?&^h>L4p+L8ABSPRXmp5&ToiZZU61(y+;wQz$UK
zHbI^9Ksto47J2qj`TYfOwY#M0&%%v>{IPj;!UttCXUk1Ehq%>u7$*5A6(m)%x|(bu
zs3mzScu`QXRFgQkUs?I5FZbA^VbT$`D>^c_mkU1kn)tUl!COcwCd!=|@Xr3K!Q)gz
zi9+T2qq{xtH~!}%BH<BoUu@|J=j7oL!F-c^(;SkW$t`~pK{Bb_c84?7z4DS%A*I&e
z$80tknciUGEj0P&#p-poo-HgSqx1X^<Vp1k@FX2`ZJEWe`gTzKpX@-Lu<KEXEAU@!
zx`hJ<k>#QINh0*Nz$DQ*Y%Dx=B&_BkR>M0E-Ev*BlH<!=f&J_j*U8-L#MPbqpZ-`)
zdeyk;GR_$0%$h%s6@3aj^!)L%44G+Jt!L|&e9dY?kvjn;Lh!VDnV-sciw@K`W|+2@
zv&bf+`HxMOMu0Z|bJye6GhK#q)%&lPHkltC;^kgo$ax=L=jFS@_vqHm?6E4`2QT&s
zKl?1itkbRuD<{e+-{9CxA2-YDi|#C!{uvsB9(|G3R4);&@Y&4zW^GPIy%X|Ap=9tz
z?WE`UPQY(7ub(h;g*h60Pi%FHb4KZ7%|ld)gZj~)9=&t-3ioJSMlD3(`uRz2Qb_A5
z84_coKBv~uhsvUGK4Hk<#T0^m*HD3c>*@!XohPRVsXX9!$*on2M3ec<m%CO=1e@j}
zl=N>FQZ7*EIOD$Dqp4{W5`X2Gazh>l9B}+?23bH<>599eumBCRtBe4HyB+h><?nvt
zy$m-}pjT%yjW6=W1$<uEjg_EhyE`*@Q*8!U?og@3i8Z(SKwpd5Vchs}dAZzy?kCOW
zzed%Gqx#R>s?!}kTyJq9iR(G172xKbm@~_$Fp*-rZ`oX(2-_JCnXq|3EvHhJ60^sx
z=Xrj$|FiBAIHibtL(KY(@#L|!#j`k_I6La@fIa##?<k~nvX^Use5FR~Cmwr9yr}e~
zAs)Hy9&XLvluqPVy)B=-cu@y3am)9?fJuJzsH|jFIZTmTQ&$N0q`6bk5tet3KjU=a
zr}2;#{8!9R!>3RYLU6EB7{FBM)0J?>mS4W}A^my6P_4Uo{8eG1@P%VD(FWFGt<Ynm
zyqQHJQO;7oone#UWzKjO)>-lX<J$+9!B-8wpe6ZpXQ+z$gKr2b0i>;NxNlkCUZD)|
z*ug33j6d38naQIMr1Kq^nC}Rr8ZgGgA@0{Ej_f}p!;o10o%*)`MmZy>OklcKH=9l6
zO}EkdD_HYuDPX;_lC?i-2Z@dc`1!4tv*~9yOqy!j&><%BE*mV72=h0FlhcTal(D#w
zI6FRxKPQw-UP`B*b26-SaGH3a!FO7O>EOK+*3{HZzY_IQVPs&kFY@W?Wa+QL>OXA5
zH4gXRKgg9(em%c>DxA%AyF=91flQv=I(M|vkN2$$4t;#%uAAzOZ~CG${7zD^cic3P
zop>oLZr58$Ixf1i`>y@>cO>Jw$i8uWhwMhYf9*!TKrAzb^wckbPhu!>CyFzy_qwOj
z4XTCvSN2e(@uFC(gGI4z8Wh@%3eEO3{4rIJZN=qn8%O$=yX&dy63mCT_UL7Fc~EB4
z`$tR5cz+jbN*GzJ*b+0Rde-Nd6oZiO_<HH@(Vm;}V9@6fgN~Nm?BqH&=uZR)(UM66
zks?C^JZ<ue5mYM7@l53B7>U$|(zxS`+QVjbC#$kGiNpKPC^OVluPIC=Pb+I`M#@c}
zfrtEplX6A})I0c?;6cQ1(<q+I^l+OLc`iT_L!QA6OnEdN%fl1!yZ7{G3(3x!^Y7Pw
zMT$7CuI6rcR2a7kEna0xW=a-ktBAO|m$jSOrbw~In|FaFhbBg%+G#Rk_ui<q*jD=S
ziJ(JHM5b>al)4Oo-Kx98ty12XjDLRUuXXo(k4)_8|CreKSZ2vP1B6leJG)Qb*HLt6
zp(30QPY04c?qRyKegkLp&GEhl2TD+XD<1=Z_{W`b_XVB<cxCAo>E8?X1Yx6$ha~BS
zCoYKuSo0x<XyrL_YNmDjcdBZq&TnX|+*W^6{jS@HS$c7t;iUCf8n9aH;1E#fV(yg;
z&p(CcSD@;h_4eKn<M9Qw$_Eo6dL=<LSQva3H5wrSB6QjEeJN;6Rj?ynUxo?Tf7>z_
ztQ6KP<fZFZY(<1K8hJcQmg7+tQg3K?LMMQSn^s!tzAbZN^OQ7yznK|4AEOjg?8Q7*
z<oL~Xux}ECVNY?beJ{pPe;6#oToK+dPKzhgOb^!eD7NCn84W-FUe@F9E!Is}W%Ty-
zH3CdcD2<pb-J1*Z6M4H||6VgcMPShSEipI4B&v}^q<prB2o0u9HvZC?{H?l;v-<oB
zco#B*`03st2F&bacVz~FqtYn6V8k2bPVVcO2Pg@)$V7$eXs;ix=i>UVt5ZAK94RIj
zuosYH%5ocKS-|^0W?5^Fob%?{JejdeXV%7&@%{GySn2tn+hdR^jHDVd<Uj)73n;j7
zJcOo@U6^rvRibkOOx4S643`ulMaQnLlRYqQ%|ZQh^$)=OOp5dm`{Pa=Pmo>oy*cu$
zXtsg+6?~oA6B!mSV|FVSI?X<JRb~)6VvfficRcnVnZv>UetvaOXi`l(8^1E&@pk*z
z;w{2lM8laHV?I7dvPHz`gF6<V*~T;*lG#WFRlkI@v<Sr?1~C2p{O`Wj45ZljY$v4c
zp^e9SWT4lvx8;HR=v)G}!G+=EDX{R#*9o3n#H7q9mRV<-aSs^Fb8T6R-)k8XHS1~K
z>_?-m5!Xr$wp{tVrQo$|6wqS=`UZL*#{KKd;NHfUuX~6r+8Mv^KB&Zvmaa3qj*lqM
z^rkE?s4=M+mtajtm<b&1j$b(G?+cr?UtcJwx;p>q;!+rRW+w=vLrz$4M)N+|96WWr
zYc*BKFw4WWFU5LjOcR>z^<Qb`rD*)UnAv8L_2599Bppiak5n5#9YNq=WiN`&Mk-5Q
zh?c7AkQ)!NAg7@P=FRpsjZT<HE{t$4V1w1@2|0%6zIfn2*#q0{v50a<ZX6x!`*k_a
z1Gax^Z#r&Hg}o?!tPnmPMUfHOEQG$A`sKBdz+;~=^A#q!8JE^+9V+XT9gX8_qfT$*
zKd%U)tnNw|=*~7+Xsl#U^NjL<<#Ert_Z0w#TO=-<?GA?^3viA>BGLEPEu7QvTh5Z~
zHRmQ``_1EP4hCfp_Xf1}%U{S|Bzq_DxZz+0FUfH^K=)v)x8~RL0wv~VhPrB}3;2iu
z2ty12XSOcURVdR_NxdRbEAUai{#|n9^6d}Oi08%wd$8qWdBr8dMrFjTwDZMaHx`zC
z2J=_&58Z4!i19l^89~z+M>Rp>B!Iw~0j${?&PqJB0kvdV$Zr+z!S1OCs+#T6kl+V#
zcY~@@_lZVATIhReXlOVzYZP3FXO>_WCY!EZ{Z1EKoEv#!V@9SL);EO)Iq_O|qpb9x
z#i}#{r~^hGr5-kwhOqTdCt%fH!{7geBE$`cWm?Fzc(u053t^ga6zcSGU0hs3K|iH>
zt6#4*_NEXViB~|bGygNXy$P{;4|Ds*J5R(DGQ8@EW$rZpuh~d^fbm@gK49jNO4`HE
zo|PUTm@@F&wj8>lSwO?Jp(jH+0!eq?y-24YeAiiJ&zLhxuyNU~8Ad!s|98a3v)q)L
zBjy{RvI3DI5y0VnndO4Z2QDq&!9m?-0L*!e{3s~p?(XknrW80f9UtFyVlO(52p=s|
zV5Vrc_7++mJ)N7HlL9utIp8Epd7VCk$dY{Ytpyqt&>~(zgS$sSyz6onB$*EYcZGeI
z{o_ix?M%?~7ZjLm0lUYi!MRVbFo8|JW1~~D@b-b5Kfo2u@Jfvzf0+oJ?>kaWZKq*Z
zWk44`ais(yDz6X~CM_N;51}LN%hp!*;mR!na&iaT)t}ET#@q<a2jZIcHg<}O6kQ7d
zFfv)xDYj8wq%pTv9=a~^<k*qw9cJCU{Qyl>)K4NukyL!@`qOS)0C~znCb}1O1GNC^
z94!!26+jy^OIaos$tvnoT?I3$WxEZ^lb7qN3%CW?HwT-)jNYTbEV9nj>``EbTMRm5
zr~Q#897*m}8YS~T=7xnyp$l~8?Db+992PRKx=wMqhx5J3cgvRPmx|V<2CZw4`jg}A
z)#ePpMtGb&Hg~u>#OOqP?eQP+l4Q1fd8RMfSXiXX((Zlh4o|xe8cjhLTncM`qbmDo
z0uv-lVg)<4?vOnk9mEfj3~{Zth*eH((N<rMXOjs91mbH+A0mXys7M!nVIET82+g6}
zwYp;$=&9Hw8RDGfJ8`1F_{=o<i9|==;ELwy5&He?$s0q_qA{n`J57Ec?wJl1XXv?h
zn?EB$W5QDC&e<UQknQL9{N5<Z&cPM&V7F9OaXKn7=$NdT{?O}fZhRroJwdRPZ$Hg%
z{R7ujvO=zd_f60LhqJGa%4+Mr7DNS9Iwd6qrBhlOX%%S<6r@GEK}l&rDR~e9DJkhj
zNdXDz?vU<|Zymh%{ndZp7<XJ5_u_M&v(MRktu@!2b2%A$5CCMF07H9W-6Ves+I&7e
z#@k++O?&&K^fp6L%AN;E?;e;>+3|z4>dVN+`_3viOQpDnzU|*C*e^RirpF7L(~lRj
zXl#vX<aL<daRH0Ppz+xIVsO@B(~w4ZiXmrREtlBMY&>U`qkI~Al7hxOf6iaQok?;@
zstIDIxL+c+0eAXjHC7c{IIMl1^V7c4UbVg!^CE8q9@=d1)IRJrYkRD$v&@$@6F#TT
zK~a-qbiR}M-Kz*W)9s&RVilMduQ)!UsV$I1XBg-7!lyr}tMNK4*uFRPdr80rD(#Qh
zdh+N8$nKzNDY=zS;>_>MR{v>$ZEgOi)Urj6ZEM(0u+g>ORT@IL@>!m6;DX2fei~Uv
zhmss;d`>IHoa7m7xSsU|$-m)S5I8^BUk$dOInCd&!f?u#32&s}@igY=MhonxZ!ei1
zYcR5`RY`1Yijf_wK+5pK#D^?fw+4=`HXL{83ws_V+kiI0f1NaQ@Xa4{QC3!LAXf&Q
z{Ipn=CG0FYVisDJw2}05nsTLvg+x8kBY~JUk<rZRL#^?wXMjy3BXZ}N4$ACTwEDvl
z*#afFYdkL;D)&B=wE~teY#5<uwU~jB_+H1}`o4%nu{iV$Z`6R9+|%X^wAf8#%Jio@
zZ@Q`LWO@;cN$3xlmD{C@qFZF_I&`*;=3U*CO%S|4-|1&)eiI3k8qfLQ3+f23PzYE`
zxVJwsNB=FUAIl>@F(c)-kk1sFS1Yqx5$V~z^fSSu^x-G%*r@2jZ6P0O4&}$xLt02g
z4)()NWS$jR1paR?O4R9h*qku{O)33JHfk{f2WWuG(6mH<_<NhCYHD~zmLqRr^eJ*N
zJ#+w=kyDKKiDgd)>r(dfVYN;k0#Dni41E_-kh8r3esOJIU!Uy*$Whpz+4d8j1#XQ>
zA1FpFjoLm2K!ZG8)HCjDdo15&h$DUWb3E*GZ)z%FZIvz)Id9FF<jEpIT;t(3k+arI
zZH-9OK;iIgy3V%6(SaFXVO*yWfHqwi85)Pgi@nE&gSw(Ye9TJ!asdDvR6)B&i#7+>
zg^!dZ*&=dI_Ou)$4=z|1S!Yr;58<-f30he@f0<V}I-`~1__E9Wd23GctXoNc-zR4*
zQS-!XR>}6|SpbUVLMSIJsJGKf&tuI?*1XDOhSMJUD!J_Z`X=50!JF7{5cr=J;pvIc
z8O+Mn4P{Ta>)S|<73rPVHQkXH$iD67khfjN_c*VrtwJ3sX_u6wDN^sx=ix`*`J(NO
z0AHVggRkPmc=bXZwQicQ4_90LZ<9>KQSMzm>0BFMkH>i(NL<t;$Fqt_CXV)9`ird+
z{s_HPpI3iJz<U>c2g$){I9!Yu8Mk;(KVyc-c$=JJg48Ue(lXlF9deICOTE(ki;ut0
z9V)qzXbQLg{UY7ZxX&V-HWeszcHUfK`NUB@$H|1&lFw#8$Zh00PmEP3SM%GeB}gWQ
zWs5UM;a|9q`s`?H_}%d{Hn!Sf)u5|L%^|X&z<>j+Ev8f7U42tV2j^Ny>_&!ND}^0W
znEs++MAF5KZ$eLgU~DZ75W)-9UFV2nNbsWL6WRxkM<Gs|uRA~2mp9nHGl1l;Li+K^
zQN)XZSC>I#9105an74R7)c1V?+niYugob|cYX>28o}E?Q>>1tRrMv+w1|7evrf$G!
zzhO{OGCNYzb`$?WTG1U*K40C|IAd$I_ekOKw?fs>F6{2bI!jq=qcLu6JMFBV;`v}d
z=ll|}^%g^ZoDuyJj-J%S5Ah#CcFvH@CjRHv^CjE;-W&m}!4X6)dJURY>Wg2$XN8jU
zTm;WVnclv!+R$1RvSHobvc?Lhwns9fNHH?@cjIn@=mO~zB7#-ey=jBK_VEm~>)}Ok
zkHykuwm;(w8fG9%%cgrd)gYCuDz0jl?+*Q1O^eJHXfxS<m#1eKr-a*Y1CVx*Jkj`I
z;d^wc5g9^3g_A~SsQG4<0StmcX2vd?U6E{zm8zU<-JyQxw8_m?iKL{J+9pG;*rG+&
z+`qrhdq_#kXxk~G9Kg&<{&4&yl@|=5rRU}*P)#WEgY==#qBR~;(~n?$NA6P>VEm)8
z@e;%dyXFs>q_AiBtXJgFt<S0jHcH~N^f~tU8<g+;Fis1C-KSpl2(2-gR09MPe`$H|
zo}{+%;4OEi^<h3sZmY@JuMTHx(|)!#CK}RlAi;tutul+T#ACT4o9~7gLDVaU1idnu
zAudc2(kY>^%dqu-Vlv$2mD<!=(1<kw`2Bvtd}brmE=l|aA=siHB+DSN{tofGTgZfa
z5k$!KU{k3beLJLt%W6{9Nc1c*ujV~F-G2Y~Qs~~t+lfz1;@f`wVx`~sW`Ql5J@acs
zUP2X0(5++zU54@JXVpvzy=3Tcb6O`y=4?L{l%Qg}Q>YT#T6VP6|7zRgR~qK%!v5(V
zmlc7^v;TRm1#l2U27@lIJ}XVHeIf#%8$=2Xb@U?m@`g8A5XjRp0Etfu6aF1MCNko!
z`U2M~ei3?@-zw(O(O3=)T@1NLAswM*JgS8oX#l&bQOHcr2#z`LSeHI|uMX&&nW)I$
zF>;Ene{u`?cw$^<DfAr#vBPC+V}y_QLOvb~KK_25Cev_*3vu=7iEwiyOH%Kh2pwcP
z7{V6@0!dxNx~7sdw%dr&sMcJ%COoISw!v_6B4^6P*%Q7GLZYAym53Lz8(zf|^*<bQ
zQvcdn+f9px<h+JO{+*8qI1xD2^v#o;v+9COu>7{L#Q+|OB6G@w1<5C!btC?-Yr`z9
z6hnrYa>%F07mM<+Z1qdE2-^5vA%6`-!q2ehA0Jaq)zwd8S#6PVFm3r`m?PE8!+Rg)
z09hqKE)em<ATf1rI(F}P{F)L<gdBuT>Wd$LW~s(-Ux1J%Gl0&A^a+^6gKbuLtjy<9
z|M$gGKInm`UZJtB_~{W3@L}so78<Z{AzI%cv-QDPf<(Ac<?%<Ae~{e5fybd8Hix5j
zk*B<GW;<Z<0)a`AZr3*5o1<6yy3fExS-5^SC;NJ#m2*Tw6W4Bxz>aknJygs6jl;bI
zM9$`n&nuih%<1M-Y+%FG*9MY>i`e)+)aNg}$qw_3hxe-=E2s<bs~cM-te2MXoo}^U
zf!R+GD5=YvW$v%uPq|ABH4ED4k!v92i`c?(NHj6FMB2|qYTUDwPTzXKi3W)D1Xn5e
zrwQ55`v3#Q>-8N?`5F~?A(k*2{=o49n9BR}JD8$Uvqe8*^*7ggG#@2`=S23a&hA4*
z5xck5rK+CvOcB}=eci^^-A=Q?$I~Bw0mQV!Q~dmb54G+MavPP_72V%P`j&ey1y#pk
z!rtKh73hji!U^Jdw3oLjyPO-wn~r;Q-1W)XPTY1mmek!nXD~1JKHS|$<S}Z$)>B0{
zQ1VnQ?!GuiotWA?H()(6NG@Ob2KcEEHl)7#`T3cRsXc28yDIKsJt(E}e2gnvU}yc^
zK-(--L5DFz-vD}NiwqJ@1+Gc7fE9Hh_af0}pqrZ%9_X>H)Xi1-i{1Ycd8gdI)K=*F
zF9egNhYMf3?j8>Sp#dyIH<MqMWP8e@v3k;@htHbA&@^)lG!`R?7a?_)1OhQW3CV}?
zR$#3>0cN@7wg!JYjAzc)FZbn3qFa-77B4=Wx_jxt9DtHURr|9Ppl~_=JGKJ0Ar|#2
zaAOf+`!q!)P_4&-bOZp2bdqc^QdU5rI2Z(`ofiB@r-bo8k%j$TWFh85JtRnO_aWs*
z{$8W5Xq$|}368~BRizPwTOL!>gKT=&d{Vj33_s&}%;y%;m~pLFw=DGr_^JAKZ}mQG
z|EL}EG&G*_c02|pvb^fA^pIUrK>_(?a-yeamZa*um&UwkAx@B5f-zWW3<}Kk`l@?V
zD^|X@j@P71Q?oF$bm{KXnEM41tHOjfIcaGvVrOKAK$Y9!Q{bIhbCZP6m#<d6sjjY8
z=E^m;io4PfJFNt}*V?;en-8f{xeu<iWTAj*4aa!>{K~c8;!fG`d5l$-nc8)?8z;8!
zR$iHyn;C1E8r~QUixW*%;hW`Qmy-5TaTJ2xjG}&m3dJBI7!RiQd5PA~y47kROmP3<
zRf*NnO2lF}!>;-5Ho^r4cZ+!#p_lw2fT)jmV{a+Hozrqy(DrZ6EbuL}?C=Y#)ii&w
zYeerCWeVl#@bHdc6tgPo@!I(JJ<w$p82dq;h_I6;rl#J&&L;%hw7$1SeObDs?;c^<
zMdmwL$t4OQsTySpYE1}9Tox=eELWbjd{8z^rFMZv^hK~f>l0)1@be$9eL~|U=63MH
z!>?HxwPZm$P^`7S)HTM}W4Yt)O;i`nRZqMsyLq<nqR+!0IM5}Z;uMM_8D!nk!d_^$
z@Q0KbJfG^5!TiCbm|J?BOHutr3$cUMt){PZR@3`E5W)C5)h+*M$x2E>dgG!7-mh6%
z-@51h-RPCvCE3LPL|Gj%7=VL(FpnG6z)+|7r8WefluL(hfK;2^Lz!tT9GqTn>itd1
zsD7SjO?Ze|VP*o8YKh<yeVDk1J0)03om3W2_Bgbhef@Ig;)%KviRqRo96uaBwF-(~
z5$7PGeu4wLNDv^?(As%(ofnxMUDmFgKTfdg8-gj+!I?hJJTuyMs^KcH)hOkLD-81U
zDAb9N@xk309R4Q{@Z5dPSsCRZO5DL?HO&<4dY?(aCb>-o%-Pf`o$Z!o+rVLEs<Lx)
z>(Bk=xH8y8QxU3So$dtjBKs|N4ATQ2{G;JC?5jh;WOQl2!OqI%U+<$g&-PGTSf~e^
z6;hm~YW&H5UYbI9?b@}}4tg7DOkj<D*x3!h6sIgA#QUy?vZxf_7mw<j&YMl?UfRz$
z!(QI+O_EzVOpN3c-?t-JBZ9+0gz=roC9IOOklA5D>?}q(9qQlWF#!No)B6@TDz*?B
z@etpu6s9tXq-;9gklJNlNPc6tejBuVO$P@qd)EC}RJURqy-`l|SuQCrzS$<f6B44A
z4U&Kk!g{A1jY&e_s%)qXB{FC!_vM5nuf-s*iYKV!yQQhg5&fwb`i0MPx66uo!e22#
z3=xz<0lep&ozE&65>#Tjsa1iPqU=1le=*_Z04YUFbqo3zxq;#infzKIrr-8&-#)dF
zBfUPy4~MK|DCwmHIc79tq$v9E_{SpL59>~|H~5rJg7LO;u6uxvmDia2q4G^kwh=L8
z1Tdo_gx`bhFsr(mxKps_c+qY-omwbM4&HO$&2lPz|H%@9CO;@1!Lwv&cohdyQym>Q
zrt~Dj`<?-+^LfuhYD!*Cyk<iG$>s@1w8^2CZ<34f`GFYdsZ3o#I?eOs?HMVY`IwS0
zr$j}Kj2pGPvgt1wdf0DcOu%^!&IH*&%;W25glAZqRuQ&nO4*khz_<~&@cR8FnXIVx
zEJX_xVy;H0LM`I>sjx8w0I**fJ*(jfy*e9>8YlIIq1|>0;5hz{Q6VHg;?ySfCi|Ff
zdqudToUCkB2l@yJzT9A16w7_tn?H_famDL~G!}t-65B!l<H=H-c*x4~m6ygy!;fbg
znm~!hBAFkI4PMcQ>6e&?;=+loZOw%BKaMZRMDenz^o!rxZ`}dh%&K675#`_1ovFzI
zxdJ$C!})&&Oz~GMHbZvCP7lXU3+6<iX!i3LwI&|XP~@>(yf-FOCd?=au7uQoa7c%X
zQWq*Z@6Y3Nr9zO_>C5^j9$~%8e{N-5Ba9qVAFr!I$t-H9^M3Ld-G+Q6b?F4~Qz;FF
zOlfoeO=gCX*C6hE&9XvGE0W0uqp}2?A9&PSwy?~wD1xN8;C08VOgZWJ{;VD_<3VOi
zDqnd=A$sqz0Hjq#(VF~?F;@NWZ_m)xW^6W)<kk05h(ab2NyIejTOS=vC{h|6p>~zp
zMFc95>>VPli}lot(>J!XjO)l5#@XPCj*7`nDg<gsI}1IHO9@WD`F#wz<$!aFH<!UJ
z{Mu)pC?3_95AyF>JhB^g{MIq0G`c1m8ryn?^Hjna7EZG8n_54ILXfK-^>0hOY=&<W
z5Le|iCpCiHyYSH((jTGmjz@!}hc>kj6Xn`Jmzk<!)Gd8O_E*-+9AQ5m8M~1`#ndjD
zZ4{~`&L5HZ>-=oBg&(O2Omj3^Y;LlY(LB0r=VH-(6#X<5Q~p)CAAN}Ur2v#&;nO}g
zBcwy;Lp_UdM{41|1cTbX_`tjAT=cW(Cl@o*z#&FsK$f}Af>NA$96#q8LyuEZYDa_`
z*K7&i(6?fqMC-r1S?r_`DShnfGW<p9w&u58TPEKOPlxO1bMFP+Txo)PrzdaWV;GM?
z*3L-JiIw0b7IIfyL#$i2lr%xP)slq=f>67uEk;K4u8vjXmO6`@_1<z_uP2@F%SnhJ
ziPx<%>0){S#?ol37Z5^W8#&K_X^)d(VE@yYO%Qz>0wMQ?`e*5nM21D0QBLncz8F@-
z<|0hU{@-7D>P)VBYA5QV=Pe{77Z^7?90%@WiyDPcyD_7=!GY2l#hexHsd=_XhhZK5
zNh>*RW|a!e`c$&+uWJ<(^?>uPI5@e#1t&o5V_!F*&A;eQ3)ej=G-rK%9~g=MCY)JS
zCC)ZyUy)#w<&ot6%eC=4$n1Bi0@wXlFg&{^3t__|t?n<Ive502Ehu|6b9Y%b)OPBf
zt`yyl|9q|2d|RArS-m+lXQ8D<iO_GN;eq*e4it1eOf=pZ43GY1dJZx3<fuOS%{1h!
z`gULWI8^+^-+6nXzSL*9A<U}ZX1d9X#(fVBsJ+hRPopZ^#SX6^nzE=t`i?Ko9_78U
zZr>Iv@?_?n4z^f)aj4$@6RW;Md<YkD+KB47>&K7J#podY3|R5Ox<LOqqYa4PMjkp}
zhK3V0(^FMP$CBB}u<KGVqULc@*&=tfV^ZVuv{HO5G8BB{T0eiBcb?X;#_ALlx<06m
z^T28_rFsDLY7mNRE<O<HO}QLipmI7JXQc*KH%bX&R5{fr2bc3X9#wrMeq;a&c(KzX
zn`Me428DMe^^aP<Xk<L-L|qA9tRT4KV_M!rs%e!iWMz);Jl*<1#T*_=ZH3b&9vRsl
z`ddhmOqSn+ygn;H1Tu@lx6QqkS=ZhgzeZNSQGEd`2La5?Tpw;j8!K&Y@{Paf#wii`
ztIRpXF996ElbDpNLnK50NHv`g^R$GQc;5G&uYAqn8H#TMw*y4?&$88DK|yvt+n_R|
zHyz_^<B@NL<w)6}s@5h9T7U-7(pWXk`HNRNq~C+PjUm)(I(aG%p+V$4lGw-D<iuVA
zzYj}?sG?SK;4X-Dr5WJ&#T!Ctaz@tP>6*|b`(y6SC3u)Vil_+xNPxx#Q$HTw9w;l;
zkXl!IdA1AhB0ck0JGvU3k|XXMs2u<ONJX(B&}%N+hmO{NieK;4Fk{&&dCR+d9c>B{
zH^U>cPALM;TgXO~GR*9tH|RbP5oXsDK402qfM5Y3jE~(Qy@n}4=cg%_OMLxBHm)>|
zs20@;lx}c{qqTj!PT_tsSuhk`YGe4`$uP8^Zn@cId%@?zWs>=K0y|3<93IAJNKKtZ
zTss9IHNOo%6e#C_lGCX9_Y+0j^0t1wbp`hlq=Wk_$X|qRPk!CQiog}lp$Hj0MRXL<
z211SNBT}!UMIopNNwKJ8XiDyi<|8-a5%-5#4(qy6R)a97B^0c;3;`OHf6w~fJ}?yo
zOoRFCj~+d8DBbx{^{W09=HqQQOSY2Wv2HdP<jGj>eAUjEbwM%KSFR41CW%hHdp*LY
zQ;>VpYH4H$<!#H4RJl?^JEc(N8mBZW;X6Jf%fkHTuLeC1I=UYZUblm@d%>XL#;Kw)
z^s>&laE>Ifj3{DNlrM%Ja(3$sLseS6V&LzUA6H(e5~_3UK)1MCn|#y=4OsGDPA@X$
zHdW+_%m2>;u)?@)xYVYQLd*!?HThu-?}M;V@GQOlyg3r*LZD=*RDX#-hR8eEPN7$B
z;>w_B1DjWl&Dg~oHME<Zbd*ZY3x>bDkKz`h)3!(ZduMt(A-(x>yL3O(Ony0Tv>)f@
zMu?Lkjg}~~ecf6u{&tW?`BX6yun3u?9p>J3wdC{czW~eI#K*QP!`hir4?+A}U^PY!
zlN$<##IZ%~>8H>M*0hkMlD|NN3@Z(|L2_({F5cAZ$^ZZ8#o=so1UtU#Evhna&+Zlc
z?{W)!WD{6}&_Gbn(&5u9d5QMhN6nq1>L=kt8XB6o*R#u#?Q0VrPdh%j@#nFsPx4JS
zzbEO*JT#%Hs^V}!(=V7Oisc(JkEraAAYs21`bF8sG@;6VS)A9R433)w#g2yuTR+uv
zA76}QKfV~t`!jt%>W2D{AvqZ|Xe{R1{u%49*caJZseHZIM`Ic|9aR6e(znbmKk?bm
zJ~$939fJpKdVl!v{1_9z%KEVNwUFJn>r%c%90P^SBzdHl-_W?HeR3;PPg2Ijtu}JF
zB4pnhoKwvn5Xq8Iud%v0upCA~0?F%nTT2CWlq9??gYttnx3o|bk<d~F1@i+0_laWF
zK*p)O77!o$<{jo_=)%1i4(XBkoJG456xkgcqoqKq^RoRz(Al{0Rq=&9sk})G`;Sn}
zn=7p2w*;J$Rbrk46&27!(~(Olov&^ClwJTjr9U6=Gw;<*F{jBrlZr#jSkkpYdYrnD
zKzd14B?@rJsV99zB$cXC8qT0FEIF2<xZ7EMYS4<JayTCpz4Mmjmv?7UAibcV&Bw{`
zBx7QAqlIqn*f1g+V1fiVh3vH%`&P@aY(-zcyA_Uc1=$CKHT^fY`~`?zp8xn&uDO1=
zT8$`{OsRO&x1nQ_1l6_tp{cAnrAK{oYDb?1G>K8p2q|juD^(1%=<rRka!i2pz~n4%
zZKz6lPfZ7d2Hzcy)$JenGrpnzVss~%=QV?&{R1931mKxeR+Mrie3O;+?jfI`AQ@uM
zdx^%?6D;=|{t)<3H+oZh4ScS5fq6#v<l}|3d3ELLak<97cF^-nFU9a@-4Z*vF{e1$
z8bBz}S+vZ*)NlQBc1uZK<kjp~I%+m8yr5g!D1jm1KFW<Z*onm@mRr;LPz(H+>t%Rs
zkAN_;9r%gH{}8jm-~P2sAW6DiM{;i*zr|ZnRwrrnR3SR12$bZb;uwKmrv(JZ|C(?A
zw<TU*EsGKg$fb?{G))pzZdo$#lChT+Fi-zF)D?I|)x7H73DGpHAnPi2etKC928u`m
z_aAD_?Wm*Vj;WFkdb*~!#P6YaC8@;}o%9z8jTILsv#Q#^Tkt4~LtLUUq}s42gU9|9
zKR{LFmFzq|v(YbBzak48nL~uYt2dWVQSpCXOd+~0y)t(azJupIlo1{!%^FrAa~RV!
zYaev3n90f@Ab8z*Pp62N*XCp3R=SVEA(Dz~vOF`#7uYJc)C&YIgg2%>-9gi-+!TR(
zoy!w?^yuM(@axrYIcLo)6QI#xBJc`qbzei-RCTWTRV~;(l7h{V9DoCbr5`AuSAe=K
z`ay`}<izCB-6CdHx<Va(QJ0k;D<h|}9{Q-e+l!hv3=)kGcXV`)DP822u8HO?Hu_fr
zPXH(#xDm`W^^q)cFX!3}EhzAf_|5kuGK=Y_{&d|4qM`_C7a!YvO~GfnH<90tEs1)e
zpnomT;m_~$w{&a?lH_Rovxn#dr>|Tly-2TH^uRtrV+keVbh*;`*z1w|ZHme&#V8Rn
z@hXOU$^O+iVM-w^=NO6TV{R6Ic-lKp&i@tjB97~r!O`GRzvM&LJlh>toZG1{03nrm
zZ1Mr4;;a@|x0jyB4{dNi<@(^OGMj}G{9#!7zLPTz5kw~Qdoty>RRoAXc1AElJ`YYL
zr@x!oj_JQf|2cGqUTnSbhav`T;5gyt?uK0;CsBljlGhDx?t5lwv{WUN6!$)A&oZi_
zC{q-pWWlwoKu7FPm-r$rIj3lISmNcyy|3S1K6r46@nnFW&j0-8+^Nq8HmM}H0Jewy
ztT<Z2L2Qzt^$o{|svVVwDy^}0B7;jA8X9Vuz4<hg@nUY5Xxs|^T<}`hY`-ieHpzN}
z&CGteET}EMxLU0nKvRPGfqaRr2u_#wGK(P@jEiDcM(f`%xesn;+5UOQ>|cu_E0vnh
z6I`9&|2p&fW;L|5-xrjUVmXo_xybp2v<~`W9@Cu`-y70TAW=<Io6w#^x1xbvBneI(
z;g|ur&fVmrvjOk%TH{Jiz31c4UOi=Lq}QqwoZ#s%{_0S!j;1ANqm|7l+}L<u8-q%B
zsp)iaX7wgHk@F|JoOf-?)+6(IYe8&VSEwn^?dRH-ebYSh=TL#D{VF2WtZ!K>cl_B$
zNmcU%^K=^e_)=-Xg^nk>1-}lqZC<oz{Z4jz7|}GE-#{WcSlHqdK&UwJUejR3fFvSN
z8!+W|<CX*s&0hcwu>KzQ!w^Agtin5X59aZ6zT{8`#hCeeQI((?n|^bpy9M8w*Rn|)
z9FOT1+MJ!K`SbT)CLrDMy_qE>D}e#(Kzw+@V{~}+)O1Akc8Y*1xE)y#<FAam1uYM8
zBwCG$atyx;&^K-{Sg$2dltV?xNDtQ+n8<<4SKfT8?!7qU?S%|X%qC2Hb6=dRU1GPU
zGIQ>JHf}$9cqd?)Ntyr2TwBZFaKB`9ma*H~I2I07S%}y9U8v3HmM3Qv-upiTvBog&
zXfIhn=t@cF)YAUfi$8n_0ocdmFQ!9N1teO|LOLGbxh@~~(mws<#v>T9R$!ks6xSHd
zW!O<{_2`+~vFMRtt24ztE2H`fCu%q1vp#A9J3Q@@-x-ToYkxjWwZ^lYGglnBrYjn#
zugJ6$Os%`zQ~^PEqI?y-kXfBhQeOW${_9(i=f&R8Tv5(snkr)<%2x^IsgKSFo={7a
zreru>%-4g7pbo>Hy;Ie+doy71_JEq4JK5i0GGlXKA?fC<`n>gp=PP&6ssF|%p_^OY
z)LK5H_ZMHNtc+Gtz}t0yG51c^>OlS_IIsIEDEgcjUt{<1r=>Q$40PJOg_Chs`G}-;
zOp$4-S|zTK5$|R{<uYpA7iQf`R!yLcV2-+zB)eMC(J-uTEy0l}hY<<gV0^MYrKSMI
z`Mg4jg2KWOl*U_`77OZ9jYx)o(4O%a<@vl_*N12&FVTIdNq@{fWEeMr8Y4}>s<`W4
zE<kYF>e4{T=`@!6=`7AYCXb%PU$-vU1HCO5de&M`XT!J%+26i>`y2a#uaA${g=h<0
z+D%#IQ4vQ+(&yp|KAP_szE|>FnB!s^>mZmq>*pvYc}+Ha=VyqR6MV+<$1pYLRXmq_
zsN@#>K__Pf)E63`%f_yErtvu_iN&|@oRf<>($wn#uq}E~{WX9OD?GobH$49X+u_BF
zSFt7bH)1BHBGw|<0<DY)oGEW7Obuk7-o+L@;7O4oSi6QqN8f{ZM#Z(=<smJuBZg6T
zw$$1<zP~O0M5OHjJ^otz))KX<fN(3LSH@RsUbpYYtYcbk#yBN;j2>;SvUF4Jv5zXm
zUrW6vV6ST~YHf%u8X}`{QcbJ>X<8F!mrxLF;_pV@@PdlctW9e$y(I_OoQR{6*xvY?
zdHaPtQ6rb_x#gZLnS7^B2QFt@Yx%2`it97|W|a8ib-qcGq5jIR0#kJgi`OUo1|B&&
zGuTfNnDLvZh1`8V`psT1YgToMu02F-Btwhqa@BDW@2Cq$@Gtbx7;kFhHe)_K_K&c%
zKDnjDSdIwdXG*U#JC~3*^_#JEsq(7N7~A5S5%bAFXm66@WM_mQnUL)bKqIGf*?8C}
z`OV2L;!+1893ho4{WXvB+?Zj9a^MIZZyKHc9P0!jT%`NdRdc{}mbrEqE&+~mkGFF7
zR-V;n^4<4$%in{Pz=P<P79J>h<?(QQP;-*1txs!1sb!uvhA8TwJ=yQ!zQ)_+h2){P
zv|XpBP0hTXnvt8S_GNjSi@II&fgS&}JMDaD*VAH!P%F2k9}WAPsg1u=h{JDc>R2ea
z8o#IO^uryi$$j!fD{oTU%bNUN*NcO#Z%uIm@r6^>Yj(z#TXiHIO9TBHbNP+TJvIO_
zGASK0jDJU7<*Sx&#@uT+x>C6^j&ai-Bq!dFv$&%Bwu<MP2|uDj1RHF@=k4=>sY)@g
zp(|x-83MEx){BCT?elXQGc=pPciLw&XF2%w!u#O%tH;{)Z!><(zPAUs?0LWFLI>i*
z3i%LX>;y7tr9(GhQQ(6k#Gk6?EuT6Fi#rUTI4t!m7g$og9VtHzZqP2b=U2{kJl>Av
zxXuswC{9^sCCpjD?Z}&2)hb*l?Z02KXBN%Fj9F?UP8euTE=%ZqOKj0jOqZ<06vu~J
zGkjKzVchHN#!QQ;ggO5-;cuDpqS3rxUD+~H<o9@EEiRJJ^A|O0Gl`Ss<peORNmb_g
zmL)HKaEr%NX#wRa!cEy~HMRi}{3-W&FH5J*$++Js+dN8&0Q4|$3VT7H%@Evt)6|oE
zcTRJ`^>EOQ0b3O7vM9RkVs9YONdkMDhq;}%Sv|w)1L>SL>Nq$BK6lt0Y*D#xb$%hO
z%V>+=eB2s68TR9Qo?pSUv2Qczg9TV_6Rmkx=mW2MOT4*Di5VqhY%k<LCj+YZ*tTE-
z+Z8=NP_t&r+t3iKA<fn9i`#+6hn*g)1_c>|q%?h0DJ@3%eIa#`8s~X+QI7e{v&ty;
zLb*@M+b3l&H|^<LDcrdK6(-7(u)S@+yvdR%_8>tUv^dPlgRl6|{%rICe2n-iAp<y?
zBRR&{^Xi$gMSFdy@x`i6Pl$x<4)im1>7_8<k@GYsT2DD#;n-^0%*r#YUEiN`F<9ff
zaf3%v68rOm^uBN=Wo~I%*@@N|VXcxiA|@3PZ>ZN~+e7!i{@PH`^`?%Yh*IOXH@9{@
zFhOHbF|VY}5BH%KZG-51|Nlhic$-O#LGzKf*I)>vd}e8x1<7Wdy=umQVfs({Pd7H^
zKd^WDMhmp@P;nO%_b$cy4FJV*d3Ckoj*dSln3zwVg}vVL!6yDKCK#kJ4n@3t1k=@I
zrcj<YlA(5qa(koYyBOE6dpvHAOzJF2nQi^y^S$ZAveOkxwuW1>!uG9MJ*NsW+*n%~
zorc!@*~YR(v%&s4U0>eU%hAjz<-T`ywHQh<YTsMG)LFc0lc<0#&+*6rOXlsfZwtOW
zfD})0G1Zaen-hQgD4HNDmVr`Cl;e9c$c%;y-%ZZqW#928ZpQJ!&5dVlulEyHd+hR~
z+pUv_nxWaPJmjpelU8ifCA*l-_@=$kR{1??5SP_Q!=cH*&w|(TaH}6?`es;FFMs69
zc89DLRYFL|%llxlH<I5%C(EbosCl9kHbOtsmi)!KZ6)R%LiQwV(aCBeP0Jzsq099t
zS<j37MIO1TUx^o*k$uO&(d+h212bH7k|5UH?Z<Q5#KwV5?Le>pkp!~f+!%W%XFq>#
zF^W%gX^mY_B~p(WC3<NWCDPDNe=0j0G+;NPfxV0qJ0iK*K#YfX&S?jrVJ`h$H4CNe
za>XZq!1p_=yf>GBQ`=FS%XT){(33+?G+5`@rba;F-mpnmtcS6XFISt!hC@nw5P7T?
z6*+l&((`ssAWfj~<#bh`^t4Z8u42}E#gp=C#(23o_|}%chi3Ls>PU7B_l*1&Pr=?s
z@{3NT*rxkcuCs!=pNHtTny9TsC*I9jEf3DTE!MC6%JZgUs&(Id-)12LkWxLF*uyZ-
zO9Wxrc!-TdlKpa6cS8sswf~(z;nysO{hxcB28V?*B|hoMXTRr+W0ENP^o|Q<AZAx<
z$X|9=r_JT(MPL#52D;d$J2ns?J!g3aB=yOcNw4x)EnTYQwdF=?iE9A&rYw~_7q7v1
zC=wDR{Y^VR49v^G#6ezjh*uWfhz_EZeWKjt!MK;m#9**OM2NKCZ9zdEl3SR)I@uKZ
z^Z2PUxk3&r?7d%a2ih&3+;QA1od4Xyc(=m$X}y8eNZ9}_)wgMKZP!|ZM4)ZEZTH*>
zPIxZAo5iTe`dPwjYkkF#B(bq`ll;%>W$1goz36rwEdoDmcN+1K$a<I+CZx?B;bev5
zFn6*|s^jPT*|y3wy5Ay;J9UOaZD00*EMi0h)97G;%AEoCHnLG@xL(Ae^amP@iIMa<
z!s|h`+ZfRTMLeq~7IsU5M>l6NE+qE2tPWI#@njK{9M9wbZjBEFLiZH({~ylTpkq0*
zqFIqTi|}QOkYWiUhzospi7$q{1pQjCt`)ElH}_Ia?pMq#Dzai@>N%~Q%VE>{q&>Rx
zi>l(?k;a8`5gzit&M+AGQK!F8%Kv)9+yUd6_sb@s6F~L~q7o(vB<1M+@ElTI+e`rx
zfTV{EeQoRz`Z&(kNp1O!-JkjB38(y4Axb#*-Fa0J4sC)CtJI?g1(@33o_P@!&Vcp_
zNzHWW+ifChT3}Cc-UP}TB@?1wpcJyjoS<>{M<?eNH21qq$b?s6bXAf=uO@9r{L{T~
z-)3v&fBEgn8}&TjQ*GwjZruM8v{5-V`1n8OFcFvm9oY>MwqI{|vz@%`D#7Bknrsgm
z+hLQbjtRz#yv<Y8o%WsRcTCN9vp%)8Mw)P>oi5_2X1vHNhdzr~2Z-c-PG$HM3-wHo
zw@CtqNVEi`%-7pr@IS~2xoahQQ?D^m+>4{O7XO=zfN7+;*Y&K~Kh<|ANjN}|0?Gkd
z@ws;_8_Ai#Y(cn^+|R#_N_LUUA&ev7NId~eyi>KH4kglMs?LZ35)_*Tkv>+snu-95
zrSVd>^_J}Yy>E`zTl`H|Z_BWZljK*!=<sGRFaRfU%i(zvn&C<o-L!IH^oITf$xyCI
z2@d%hOjt;Su<V7QboUeBF<QBg(Tpx#{9IUFt)TkEwK#ON#H*s^gGop>nKglxaq}PK
zE!>^aO?^7Eqg~>(Yr0j1L@F?)P_J@z8bR6r?D`6G8Vmtif{E2qTLvbNe)$VMA53(A
zY>X|!9#~;R!DWToJe+HWbQSb@0rXd|(W;i&wtb&jh{9~WZH;bGWGMquWG;^r*Btr+
z==gMJ>1vwAS9zSe11sa#BH3C^J2V!aFd;M_<OlXMrh)|aWC$4-`Wtj~PF~uYC&GF!
z;w3UW)LIW0Il5W8NWdxLTb0E3phpfIb-r%m<GXLn402J|r7mWPmW#}6?(WI~HM~%V
ze8Y()gmq-#nY;ic%cvVDU$Tn2fQbS&vslaNJ_T}7?TwV+*&;DR7p#`$$a5hzQ9%=b
zZKr}f?-SKS%TpY-F&A8$H?Q@4MlyHEDM@@mDnrKk*z=+M=uiW!3wT+1gA(D6CCDo|
zAO{|$a6x^<cna-?+K*@5E6<}h-@rfT#XBBmlJ^{|xm4^0D&u><;+iUL)A_BRoVqp5
z%!xf&{y)AgZCc`<S9!RNn|yc2E=#Wu6RQh7vP<3xt`<$bIxATJ7^8yADkR}5m><g&
z$Wxm2<CXsY!l(5>q&EHwJgxQg`%qut=oFgHko$exB%<4C3Z}+cMYPA|Q|(<55=xNm
zMB|=OTK1+w#S6;Ve0YrN61Ep^!*;Wv?=YNGQ397>;`7%Y+xi)Q4#oEs>ALN1FMd+>
zlFay2G$62#?&Wsxg<)`n+C43Q1LjgDmQ2d;uH+=k`|wu%3FlHas))IM^T@!3^fvdL
z6npg#*ALIVAD4ApvTBNhH2A4uKeugr6fWW2_ph$&uMRF8C%FGO$<!=#HekFPxt3kK
zSpcFE*mqyfL$B5cewal+YubXkC`t5}!sOH&x#hv@;k6%1I!Mr?R>u6sCRf)5H(0*7
zm66LFy|K`4xD9t_Nt?S`M`C-BA@c5kp<#fDW+GVA!1@g-syb!sq7uIu2})YlR8{JJ
zigRxRDBvo>;X+nHLhVZE*2p7lMIPZ>3Am;;OaWZV)Wk(2=Mj1y7??#!R$)csd%Vwl
zcRD=?q`$h4YRHl6U0++TW8IsYzj(#@)a?q}#?n5C-wDQ#Yy+9_1b0c$Ga)vc#{!>Z
z2srWKbz#CL(Puo<W8b)_w8=332jf<JF;f)F8+NA+#{=sT_o_>(DB8uz`jU+?kG+D4
zz8Cir{f68=BV;5F0<8)Y^eUY}!kBx>64DV&@-Ylp_$+jsGcYQ0q-x}*kR=tkMJ=Y)
z>xjI4_w#(~z4>)d+6_#GPlRw~A+Ka|g0+X}U0;-?V0MOf*nkh#V-v<(y6!#O#*sJG
zx_ruQZi0~C8`E64<XVDCc8YQg6`6nU$qB}nFwYdcO^7$0;F9elT-sOQF9L;UY)3w{
zncs@8T=je65XBz#uXz*j-mcCVcSrc`0b7SbdEt#*=pcEsfRGeA3UNDNmVIwbhek>u
z_-Yyx8PR^Ls!Fi0ApNq#&PvwBrIEn!!(IBGn<ne}O*qqz5yj~h!t{>L^mu!Rlj;Rj
zy4M_5#-vYw_;7uGp-x{i(<xR__yWIetlY2G50@SY|I{uIi_~`eI~JUCA?%rXko@DS
z)YVgz->`xj_9dJ`59fF!L@Cr=qiqAcMux}8%k~8mUbZd_7%&t9Y>Zr$&@P5$p0&;|
z%32%XKT`bYT-9R!`JY#Ix`Yo^Y6ln|TcU@eM5KqfQmmKE$*xsz;#B3ReILHW?X~;i
zK;%`+%+{YSrnUatq@d@!?LL}Y23%}1Vf$OZNzGmZ?Tmb(>0hfPhGg1?AQsCTWAj(A
z9O>XWp~y5)0T_BppP;D=@X|$JQkK_ftJSNMBb5&2jp5-pDou%Z3`$?$MZ3zCQHwiz
z`3*BOngAgpR(HRw`}T7T_Y>GC@(WW_Mxi1ehxi^R0bYkYz|zHu7IQ0`qlso_K)Z?2
zh7t_~YMg0%@o0uPPLAfnb4;Ts4~kHm78kSjB9(a4E8^9fS0_m0Y0*@XLnI=pB|qFV
z5EGf8o~B>U|Mq#a_lVtM*$YiedW?{<ih$pl?hV_1r-}b`0A7QX`6ZW^!p(yxD`lPX
z2_hHlyR&`tOuEYY&#w+=@4Y4Nx0%5P5|WQjA*x4a5^@7(q=tl6oIx$EfD8BgMa;3K
zdVPa@In#|{;Yte4BIQ2Iji%_^`ILZ2&MaS_+*hb!gxFVt!6R@Tt(`fHN%`7vl^ccJ
zHC_pn?H`fTnu|gc9LDXR8_Mir<&bktEAE18!}Cvj9mMU7wC#l#+bt7Ero;2Tm}<C=
z&&`!y;_vtw@;6vsw_E5g0Unx{NYYJ)argh_bEE`5M~#@@Kj9i6{(F7iv6mRp3NZ$Y
zECPXOXs9M}&i5il+DK6EBRblrs)1~YgTGK<z-IOo_cAY!y1WDx8cW43y3p?F@Hmmp
zH*aoiq}3k3oB0l5hJ?fyW-^Zhanoj^&9wNPv%@_b|2M$F{VyvcgtW^}>LxwBzN`8M
zl!P6HW(Hz?ulPT~n{1De)0sI{n9&IQ<7z;T=L<A;dgFy|!GRJku2L^gktx%>=YbFN
z=fJjrH_tDtZv+q1^3OU(vd_WzZMK3HoqG|+?k_nL%t{3pR@t>*-!Ha8SSQGk`alQG
z{P+|fXCRVu0$YhMu7ee;{|+tiQ3jXN(s1m*PCfv!E<M6u_rB3_iC_&69eT(O>r;(+
z8Fz`hn`3)`6r61+?`4GVl1vd5q)Oo)%tY)Qy@<E<0pp6&<Ml6Cd!{C;zoh<TGt%K+
z<|yZXEG{SgY3E?O35I!tf$QwxFX9y@NmU>#*e5ZAj@d+eQQ^8pY!R}1b#GYXV39?@
zPlgRX2H~D8Sn`UhCd=CNW)Ht+->Z)_UL#7q^!I2nYh*#C66k0y`+?*d^-2VSfS$_Z
zu>dxm?=#{dmK{4Qk4iXYiP#oiiI-egvpIJD8sJ|8`w)+SU{YOPdI>+#k1kZsr>DRV
zoP7p6I;{!ds!V8bdRSsu4wrZVk5b>|QdN$DD8{qav^a}v-x6v*5;Auf?^^2ZuZmk(
z*Lxo57-#Fbe@%QQuAB`Aa$~zM>=CYhvLYp^FcukXa89GlIzFx>4$y6<vfpNXd$dIe
z(|Fzj&5)id@U)zddU!Y=cqZ#hdmFYWL>g?|7?nzo7DYJUnRE$!H~c@WR{E9Rxx+q|
zKv5+>{yl=3%x(OfEEQ(sR8#68>0+cw;0KMv$z`S60boc(OO1Z2ciYElQPyx~$Joa`
z;($T6TJl0?vD)=yrFY)L!_uELUfh^H-X<+`SPg+TddbhrmWt@3ci_Sfbup=1NM<3z
zlPyAwRT5kSWWQjCQ75?}aUkfa(@I?|-v1GtKv-gXTE(;n35MW71P!Fk-1}k@e~x<A
z?`~+qcc?(s9Q!%sO?Bu%v2z)~2by0=E>*6vHJc4La~wtK9nb|Gm#<-;>?O_qI6c`F
zhdD*H@hdN_2-X~tYm3#1e7b}Xb-#a~>6EY0#}GT&Gt5dcj`(;xFU{4-q4c}k6fG^Z
zIM%`w{2M7#HZ`RF9MODIs#<9J$R#`w?%9V|@^YKEh{gbXMcluK)K*u$v@DIefv(C<
zQqLzX#ye6$9;g~G37TInQ0q$VP5To<+wa*`YPlNg;1-0ZdHa>6JbD>ItD?AjjSh_<
z7Y_{OzCKjq28m*vS+~T?*;a2uPINh|;To9QxZWauO1t&LhqR(4q7V~I?E-^LMx`5g
zt!UpI#p<}9E>+*(*a`jqS;2vTZf$%*U$4>*3*_ytJJyGE*~h0Ir*0FNA+k#@Pn^_d
zThmT<hW2XOah<eI>p6cG&Vcp%qx_2-!E-S@#&E0|lZ`D|OG~51#~%~1KJaJjUPfyy
zwM0rCw*FEU5X!-0WG6H6h8Ka~3q&$c>-_OCT{o4zd%r43Tx5DV^ZmT?8vcaw@_@(7
z)t`pvT@?G|B_5$yDZKk!Ha3*DGUtao>P``J?@PDCd7UmFiH?Pye&=<%i&w}zfn~M$
zw2Ml%Uvh-1`&a%PbXfpkr-xRrnF=li|CNo^^yn$z5cfm*TXnc1yxa%4cJ0_0!1AQB
zAUswBdDIAwQlgwdB(F3&J7Ur@(^PsL%kdK0zF!lZl9|WTcCTW%=if1hI#3Qzrv{<t
zo+Nm@Tt9JJmNGrmb6p$XUtJw*JZ4r^a=&X>me3S!88dp5<>ReFyV1x{U@M%SoQiAC
zEEnI|X~5ZxOp@!gJG5W^G7sM=yl%Qa7lL>H{;bOCS1eJ8-}OMt@d*nHiyBsX&q~a1
z-tS4kcz50&16#B#G5I>d%i9pV+2z`<D%7}OBBOT@?RW;*vlTp%g35bQ)Nf7!u{!}x
z1=GuwQPFAbG9m{U+X*8uI}1$ir&|0zheh_@lP_@&{>xy3S4T%jR0yqr6A6bw5YTxR
z>_z_Xg~~B`&HM2{o-g%=@^)^)Q<+sE5mm)A+oy3NFJB6QrvqaiNq62{)GD)0zh6`m
zjS-|$6Wc*}xCoU@qrjMJ67epSWn%Y|<<Wq5G7<t78UK5+NzqtZq0{URu{BP$q~hk5
z2peMeAShF_@$4qVNkQBBFq6xi!WX;(E8lunLZ6+_bqfPzp{lVU6wgK~{=$k<3M@xP
zFNg@Ap)?vC*zL*m^9&-de0Lrfyh{<2DhjXMOilIa)P#bcHnXjFfSzow+oa9#_$m52
zmS~<hO&`9YxJ6`JDwwS|!fNC~;tBMzN4iWhad7*AAj>x$86zk|ixjke3XtjKpRS#?
z^(TBhgsCL@yWHsE;p*}q9lz|%>6*I4m}p@bjca4oM|*6_v#Dog@c>B_OlobH`tcFV
z@`)hwymA#PhMslPJZlvNRd`~^Lt|VM<R+-s%&vo?r880L5)k-Cv?JK{txOWZY`_8g
z0Xw7B$*(N}XP~?KflS*FLUoDFoJz%Ggx1&OXC=Z%G^5auSX~@DD<&&O4Ig<r0o8~A
zUBFUA`e17lNnn~zBU(Z47R{ow^&aCSK>{3k^Nic6d4I+b1~x}AlR}I|{&5VD==v3x
zx7W=A<G-%}A(x*j5sLWF2pvy6H)S)~HNW)^_&;?>&4*{FA|tgyFlI480HbMYm=j!I
zla1-g<Ul;3fiZipj}OJA6D7&bzcnhrqgY{nIbOp@#C}A-G5aeJlIrrY>%t-s)-T;s
zVMI&93-h=ouZfx7x9K$TgG{?1O<gaE26=)KV29BGIJ#?|hj=o3JAnIz9?7xRO%czX
zNa$%O86Mw66E)p3A1b;E)-(;!dn~ko*)2ifi!gb-JLcyv0ra*m?|6TI%;m)msS;$K
zBxF+_Kb2Wt!<4^Qt#PD5By6LF+hmBMY}^Qab1ngVDRkAU-QBWSLSlfX#v>D0^-kgn
zIwB8)nF?8MMo-i4?J+zO+xTm%LyP8Wv&UJsI-DMkj2i-1P#IQ+aSe=*#LmeijWu59
zxnRy^urAbodCz_l0DYA<HmMbv4YXE$dW^fh&?6O2C$rW-VO6J{IoHBb4RdEO2aDT-
z0mgUMxaFutz{!J%$q`LIr~Q(aD~yu<B82@{2>Y%k5aWw-oG&bkS;EJ^WtH@q%Ll`F
zJ;p3d@8Q=iHpTd&68{$D#ZFvTsYi6N1aEF3V<~>WItB-cPQ2z-(8UBjNWXX6oA=f&
zCBoO=o~_rH+9*?f`z`~^pUn(dUm)1miY^Tm<D#LVWjoXafEkh?TBxD|phVND3W#(@
zPaBUi$Y^!rZZ7_$Bn|Rz*YseJphN;@b&FmMH4_rD;I!O9AC<4sPGsIWa6dkHvbQ!7
zwxS(^qZp6U$jpEdB40ydCxqZNB*ov`pTq3Vt{jcrcESMW2Pq?V@pZKK7}L({{`m9-
zY>xSIj3$Fj$SZ3|;O`V+T;qv0D3C(QFrJ06MdA#Cj4z@yuZ*-%RvK9c{O-qvu{>W&
zKEOA+@E^r^v#~B9%VD&`uQBvwXutH=#)@WtZgV^P-p3eEd#AaQnz}$ohjH=ZH=nY@
z`#%juI&|m%4CJTw8i@k#h{N;l;WGT$Irw$+VQ4K`X&8ncXv5>=%EVCO9@JG;RqO+r
z?aGcxe~&9mCcI5@(sJw4+hoHiWZUaW)cn?0EaINBVf&N8D2WT`8?AQ5i_6A7sD3`@
z<f%3|j0!~TjI=DbVH6n%aC#6mu5l~42Zni~Bj-+2g2(L;>dGgBLn5zzBtu_Me^MZL
z$?O$<AvSKhH2~5yq*POhDiJ_V)iBRC3~D*q&yaDEBnYKw^V>|!z<}8o#ZLW_`g08H
zPi@+;Mf1unEB9yPKwbc|JS!zMbiS&76jWa{Ck1E<a<9gPtOSrpK7n*)sb;2r|7Q|K
zoM%ecLjaxgHcy4Mt_@9<R3>#8Hl%eL6XZ%t=;SE+`GZ49(#wXRXzgrDbZ#RCfxib0
zE-fA;po3OJzQ>w5ba2=s;G%Ati-evN#xW+mpZ?6ipOpd%i}m`X%&$Cz_Y1GA&h9Pp
z-#)3pM+SnmT)~t$WNy8tqKVh3N)R^~pbB51F~B%~u_9;eyGZ~%Zx(cV-;k5Rf4Km%
zM*+~S{SFdlu(aXQPtA(<13tn7)|XsZWKlJ6WORU5Y?*_FJfbD?PLzmK&?2WOVnPUc
z*WJg>ok{a$Zsq){RoWj#U5a|~y}{^c{5G1X_nEHjXm5Rfs5nRY1qJU5PrwD~K``-f
z4#e<CyzZJ+U&?zMNGK1LC6s99MSrC}-HeABgWw>*`mI0_{o?fwxT)4?E~(8gcS0!l
zGGKth^B=FDUi_{gaQ0fVVYER6P<2@T@vZu_cW1RD@y(7hBg7cMyn$s<w*Vfcym`h;
z{ds5MAq@_`KwyGj)6O3p<rker2=+FHg9Y4Q2Wp=&p$XuH#fto66;d$r>xf8*Neo-m
zQl1I8mDx<R_3Uu^XN%6<eb37xOUltUB$|zbzI(P9m#~`HP*vp)Q*Bd?gZJ6evFP|L
z1mPP_GJOK~gWjaipI-vTl|{A*!7~@IS&J@6Jd(h6=LHPqd05Wuv@vb(CuO-)@S;=F
zrGfE6tXwdwuTG&kY2eam*k$-216taV!h`LhBw~XPb2^}l5ja++Zb1Y0fdPdYMNC-z
zhc1d$;DNqe=VetD@Er{ev+d)6BIa5&5-=XKqwBKk)pX=?njfEDyS~9IZR!m+wlRye
z=aNP3AgF7<9Iy>fs?ERxmL~)@lMAuWAHXpo<j^MdU5?LjaMu)_ZcQoPnFyRElB~mi
zw16fmE8T3P4(Emsb&iTP^(dGXsfHq%C_p+d8l&3u+^|Wcy{?c~;9mm3559yi{mZpM
zz91~z(3Q0JY`XkGWL!TA#Ge-wsHw*Bv#BJAUEP0=ygf4Lzn$Hn>Oe4o9Uq_<s8^QJ
zG)L}N@2s3}&RB3i+@l|VWSxxZ&zqt^bcgH#o_aJ|=Zzb!WVv@R9%O_+{myXhNf1+b
z+7+^N^}DnrYGnB4H>3hSW1h#Hq)5m1_gT@Ro6)aMa-d|tZ&^KuIvg>}gP`EHbF#!!
z<2Ib)8_SpZxy(*gBjxUC;|99{CB|#K+~?YdyQiu{MQ%xjX1l;>*4N1$zrWlczS?~c
zXs#n3r^jWxqb_gK__){^=M{piKflM6eo(_t*4o_s>g3Lo`|q;04tjEIjk~^lY$H}T
zVU;?EhJj9++f{(lD^}?`Ieaw7bSM{leBKrc0uVOqjT4uy-PJWUYE;diZuNO16`@BT
zmXMHRJ=I_W^J>0H@!i0r#iK$KuB$PM!MVmO&q6&?9{C9@S#S#J!tl_GKDO|axh|xq
zVh_3~kCZLAtduSg)cL-~>eRj#a1I@_<iYri#SriQROohdk;MhJim4D`Ue~=fZ@n)w
z_l#nFBqXu=-(?q%xewhIwF6LM5QggJUoTjmle%-xs|Le-EFPPfH4TEN>2OJ&jm~pm
zj*1jYX9{AyM%9esXG_*}p~neW^}>M^e;T+22)K}&X!%o_k>Rv(%NHFIa~Gf+m+Cc7
zi4J%1#4B`XrDrovU~w$L^>gqg9Kpf_$H{=UQ+;R_<zC}`fj7Z?j|%xsH#FUhnAq56
zcfHQkSuD)R8xkG0mtUVlzku$tyV3&@f$w=U(VREdBNMxWKV?Oh`uc9Y+P9V`-R{6@
zOA_U#Xy>>eq|aImec7!($oTZZrd?DM@u`4x&F<QFXaBNc-*f1lB)N>w?SDsKxJ`tC
z_p<ohozU_|zuxP30$z~8-)|S){b<yVTBdASxmkGs-bcc6_AGTNQq7#~%NZJ7Sk`8Y
zxUz7uVV1|`30VgRW|g}$Q3vhW`fWe8g*Q9~k2>E{MT}<Y3XC{T1(!{}y*WI9rQ-t+
z<mgsde7yckXVkC3L|RYJ@(Y;G!=hpZIB1%f6-OH_vEm+8qwrT=ca^zby{Y*ns4eH7
zOz=(3-hub5>7(hX87g<*w%vGSprInBO{^-SKGX6(LSK${`t3wAJ}jKC=LJE(5Xw#m
zKb$``q2i|PyJL%it5sb)N3IsfvlJG?)sHB4mb?61b_Dx~+3lTsfqs|{*;6JA&3aPs
zBfj|Cv)cG6$xJ+dZ_oJN*zoW~KsdjpJ2Ob6pZB_P8E;FPJbD3tE!Hz0J<s;fy~@ot
zVV%6E^<0V-6}_4VZ{YsC=^rb816%lXfZWnRH1qAgScMMa!`RxYG&gS>qPDwmql<&%
zGGtTj`zI-|1OgbC&J|oCTj*XTSp8UdBq#kSF`#UM9DJw%5`DM*nJ6gkLv1AM9LC(3
zg@2DYM7j)LYk7k&an6hL!V-;&eYX<`nd2iwKtlT&<~k!H%nTTad5z!v#%0G_-FZ38
zig~yJ_O3#w#p2qsAKjf5kdB^CrE?+S@4;3nY;;V9s&jW#Cqu7`O29M43!6T?94ryu
zhXy~xMQSdXD?GHc%r@UoIsOQ5VE~6jN5r0?JTCmtv)}mpYhf7Xr&LB8-qMZAm?aNA
zKQ$IgN!9+(U+KUwzugO{*T?56V4rp+i(p0aoR>Ed?Yu(MlcY{eT2ENOfBq%0j!v@G
ze<IAU+qg3ZZ;HeQCf*i9yH?kI<U1i(q`ieEtlz?~KWmH1B`YQOipJ_!LP5=x&wJBo
zQUnvt0scaXA?1q;|9<AUDcTtRLV9|-PQeTOC!v{gfelXjH7aE-KYyyjWX+0EjRU`P
z=-1(|d3!dn{pX8(!`cf`EB@4|GKYMPBaEfPmk`rq!62N+&<~aalZb?Ne!}g))&f($
z<_Gl$iwn~AGMLgDw8Fwew+Y-p4b=APE-W=I>}BEqcBAkCB@aB+dQ#3y<>SfYp&4y4
zG)Z(Sovr-43$7lCRHDvAtbcEs;9iYNb8~B}tx?;|%nai*nist2n01dlKQW&eN?bl$
z7drTSLNw`&v#;Y{?&%}4Q!7dH;ckPQ;EQwUSS;}9!fIuc;N|)I)aEhGN6OwOMJGuq
zW?^D5)a*W%P}1{0ht3Ggu;%<<Pec%%|IH_$owv<q+sESOV>xo+`G54ZK#3T&l7T0@
z_ti-H#=FXxv})ex?%?M9XU#n&?sOPlSCy5$D3`XW0%sta@b#Ae*VuQ*Q{BJ+Bg#mG
zC^8C3R^3L~BV}bo_Ns)8V`Lv&X>)W)83!5Jdv6UXd+(%VlW<Vx_j()M_vgNUfBgEx
zqjJvs{d!%m>vhfNbzK25CY9*<jUzV<(=HPDn}G;$XaAc~$cgnt-ZuEjI1|r!+JM`n
z7GeOWGa+%$09mvWv1G;my|dY77n!3(^xt~h6(}4*RrtwNz~jD25=pTB&6<S7G&<Ko
z_KD3FbVM&hW$TN|Od3}XE9k>|m~CRdS+AXTkEsx<JiLqa8^9%l7mGF5cl<g2jFinG
z1GZ&PyvIr*w}@umh2Gky=Jt+0M_)WzjzNU|2)z6$+~u3ZO=jD>iRT$!qnL&0X`457
zA$!O$Q5Ab9O5m`#91ggqmZEp;6UbyoIMC+i`{eLmMN-0mn0rT0Z7VJ|jYznXR&rj<
z{;|Zo6S?f2vz@VngGLtIKX0;W1o(Mlker5<l~wZ!1qt$HV)(NBQO^E{dv{1)1K5xP
zt@oHl_FCFPhM#wJ;_KJwB46i&gv1qGGOZ((=aLluNlA^zH3e23w^Z_x;buo*tHa!c
z0W9j2TsTCn>>ZH546$u^GvMl?<LZ_(;t>upL8w@-*iQB5L-27@y&8+fUMmCog`B77
zu8Z)?6ZjKT!%g>-jeqpdw^En*&8C~32u4Y$A+N!z0yp<vj@~@Eb4UEfNoMwC;pl{*
zWdU@-9$4H+x(hcBruL*cag^~j)i*TkJAmw84ECSMbVuyz?*2^}ayYpoA|kAZDoUNA
z#Yp^b(d5K+$gvn=pW|@2E5^y$unIqRxQ$Q#+(vhVWQIj=huB$;4|2?5Nkl7pls0Kv
zy@{z$U-gT7z(9=9p@x>Is=5`>MN^M9Tgi|;`;U-Z4nCd=o%3$D#b0X9U`Fn_U(Gxb
zFzb=+&Bnmi=ii@gM?M}WkBrF^lWhTS_SP#Z<n(0V;covRGH~p*ns8Jf2Fg)6Z&TeC
zf#-o$V1bwa@{;TCO9>oDMnpe!B}zmUn$6$XXFdd~T!!rmkm4+1DKqlmZH9h8ppa5`
z5odW><vO?pX{OaxS{ooK`)oxGT05T*5GkDiu|W6k3fHb!sIeg`l2+2u2|uHq#<3RC
z$SrTe^!58RhB?qqC2vO0d3$>@6R^Ek1CCsKmx5ZCkiv83;<;q1T9>2l?gT`lqM|^3
zQO{}O>$RLf2ALB0##iz?(tF=P2v5f|EY6LL2F{Ds+PyX)!Hi9<75=6NTPg{t&}m|c
zDpsW+*>Obk9R>OHo*+WupTyWb`COp&qrksfcJ^N8Hz!b#pn$o&p)axhM47zMF8~lt
zfXg(V$h*B2KXJIXgXazv5FsSnqu=L3BCrUxK=|}J^cAv)4N~R@)%0ZOCsb5O47Gjt
zIWi#$vRe@}-KD#-J8MUH;Vlt#Cvma30`Qa`QMl`V1H?0x8Ahdfi+2%i!8UvdZk5~9
zeVMx=n2`7}T@Ix!SawaeWJ8#j<a&M(FFcx*l*G->&i=Y(?8Y_+eI*0EG+y_4`yV?$
z+|_E%NAXHZ8pGu11*5GAYUJtW@N@wTzc*rd?;O7j8!_R)?LN2TWwY<VtcCwpJPsW4
z{uqzJ<6V*=ha-=KlE!QoRJT9!GX@O8l@DPoC;r?HHjNAdF7x?22+4;)=glwwY8T&q
zhav%Cu!g#y?1Ba@YTH=I%g;CW{Hd|Mf(lNMHktE@=Xcj0a-9g&|25z*Cy6C+6ED0L
zd-DM^wsYf$MPLKPL8P<W%OF*%Sz+jhxaY;P*eL3UFZ@twoBT6gbt!e}%o6A4Np!MJ
zGNJQI3e>LVY2_mdfPm-|qU54S)Upw7ZUM5n+bK>0ZHT#ZT&8upppqP_+_5ANk-I|R
z{~a+unjMpSb{7W^V4-^n4GjMJ>o193!7|W=aQ9L`7{_TEfqk&|F_~y$TYbcs5xV)F
z6bfkt)G~*2w}1HvRB$M1f;`jiZ32p84Uj42ks_$b%NUl~nQ{5;&B?@FfV~b;5>x*S
ztAV8I((-`)G=wdCAcR%mz2?dc7&7QSIDbug@*vSCUX9mRj%fq74+17vAvOZgDjt`K
zR#^rU_gCrqwn{;$GTUUEtJI`AHNh8)-98e<c6N4Nw;xAuZ<B)twi*BCbvmiLHk-7x
zDLlYwQ+*ufV^{X8u7YKrM2hrNfvUK6=tUWZ#eO>@u;v#N5i#i{)6&r3q&;x^$~uYd
z$gKgz2m&xSWVg)?0l0<kH|Qq!5h?NhT&dnN#z-tYT%P+fcluhEvHrN5n5m_yYmxQ&
z^vpDu^fa%e1+iC+WJ($GJ%@jW*R-)KEPdXbEASk!o7F47$n*l$`G7*Ivx-?7_t!11
zLwmlaaff5DhFg<HN!E#~&^+7MJs`P^d!!h*4<^JNM9QP{76nHMi8=acGR5aAwC1YT
zvPRmzr=3z}dii?HIC2E+a-}mlW23?b5<a=z)yo}?RVw_Y^6FB*6Q^G|b51(6&B_rK
zmF6{#eQIvDNH8BdxJ|Mguq57|N+be{ps)s-ySOy)6<=8U(J7Jr`me1>r5f64*<laT
z61^ItSW(}X2`$pAMn$nL0MY1z;&F!Jm#_a^ooBQlk)k<;Px#3kBtCWJWgKM0#MG?^
ziZjtyCf?*_94%QSC8klW33qEcepX9`OTZ;k%4gl3^5|K%wlY~yS|jL)n_3SZcCdW0
zY8dwp3%-{FO-Wxbv5%1W<jL!T9_Zzn$<D5&7UQl-f3?G@FO)%3l@n30n8Za(k6vJo
z2GEC~XN7oY)=UJ6Bw~4pkQMKWT<V8`z~8)K9{a(8;k)j+(0jPP$mmH3m#x|v8Mahn
zuNxS?5%ku^N<x_>hS?vbkfKF>mT=(Sz|f<oPY=rMh?$2G@QlV354dUfph1EvljVrH
zVOEz@yLvu)+cJwI5?pO^2zTt;-vq5s)Z&UsTyXZw_fcu(x7$wkaVyi!k$?aG{WgTe
zoAY+$G69htu&raq?N)lwz?wC|8mv-YCHeCU52+M#xTxmH;8MeKmv7->M{QdrtUFUu
zj#t{TuA)RRO+(is)LJiwIh@xEDTXi<*vq0^7FTzc>hJ`Fo8jdER}g#8h<^Y6on~BK
zw1}CM6}@}G_{j=rc{%!=j*<^9%*jwkZdDh|tgNI&R+{zAZm`USr_M~ls0()l%)|DG
zLi0B<%$RM<1<1_@%xHIvtlyu2=o0xai$$T*v`71^#g1|UKe6%p=jvj*R(rY?P&(>*
zK_eDDq<Ysa0}1McFUnoqURMApE;6DgDu-p*mWiNmVHe!ah$dQ3bj(9PE)uVNG}Oi-
znJ$k!jPn@@LbZDG7EJlJkog8K8SU1&I1(_xpZehnT-q)%q~4jWM?0@2TtL|H@Zpl|
zX7B!Dvsk32Cncul$g>ZcN{uA8BAD6Ij&e79b4$y*_1_ZI+e*XV0b%_k-+h4fBmM0A
z=($jrf?hs8tf)-*h0N%cU45gJ#E>rvECDsu#mx&H7h!)j>9BbdX8qMbzXQaO)6arD
zOL|Lzl(n~t4Hf<&KNwp~#Nq0uS=^PcQw)pkz=G7#P|XW1>@T*Tv#k+_V*R)uqu+i}
z9Apw{6g}LeR)2E~_X~4?Z%2&>19LeWr5*uhXB!@f9rv#|;A}A!aX97K8H9F|`CYM-
zU+JlM!o1NJ<Ro*yuu)9hxpPMdjlWIFEGCpIesOw78lS!lrj{<;86%$S9b>b4OKqN)
zr^7nb98uy{N5K&euPOGd?#emyF50Xc^++uzFv;-E<I-_7#Z*Qwi^R6d0Q30_D73C;
zNv5RkGI3CgEq3So!&Ap&;%Mumhy7XFNFbha7ZGp5aWe$Zp|8*bDpuEvp|>x-B%<%_
zyMhC2L@es`uEn5e0lN4Wi}z}<Ujw*%GO7|{ZKHfi9;9p`w~02?C+39u0tl7AQS@HH
z(eoLA{DJpz&Wp?Mdf%iMK?)p{u)9RyKS2)hiJlkzhml9J%mr07eOFRfx4ev5xgWlx
z#)&~Q(sCSq!R{wBgLo>IO`+6^BL3|GEWtglJxn(QU2TgFDa4f97~Q5s6rG<q@WG%c
ze*w5B9Eb5g8R5PZ5G#|Ty%bUgK3$nvp~*Z<T4C}<N#8YEa^!FclkT<-=g5Y`S_qbu
zRH#`3rpRJF$@oy_EqNFn{t8Y^8wo@Kj(1c%iTj55l>hw!_ui`$eSLkzk}OBn%Yaw6
zP2GT)38qD2a3jF(=90f)2acj9iLzmtFm#N!tY!!&f3AFNi9+u(gUd~p?e7eqgH2;7
zPk)xJQ9(G7QFS%Iubfz!0zKGeU|(bbhA&7^?1mdy=tDCcm2%tm5!)g7tfLI#;!(eZ
zRbN*#0$un9B0a?R^g-gbA3C8oI*z>!m2bXnDZ=XRA$P6ngfP$|42T#{tWrqI#s(%`
z1#yu)zp(K0kUHjfvOL>2TH+)y$}|5&CQ^6UN8OVI<ydNm2M8<Iy$LrP{r>#|lfi(A
z!Y*4;Kg7YWW->fz5M$-fQPmJt#XVpz-*<{)>Mdj`#Mb8UQ(Y>q*7Vz+18n0acyqMk
zHZh<PWq}8X$v%w2c5?g#Cccs``F#o~YlZO%&nA}d9+Q-9b3C_W!rXv8-cwZsi9yW=
z9C-VarT`J?uYj0J&y_p((4^V#Ad-ZublEYfz^;@6@~#At@j=8U7P!Lw2#7QTqM0_@
zGFxa81|%Z;BzOM18lpJ~iQ|#gs~S&TCh*Sz8om8CVgUkN7LF3%14ivdk%YSCp&R--
z6TyQ>ly;k~fRvmnm9U&5AVTlGYjCQyNGxX48e(ObQM*@*d#=V+22iJB=cvGX(}1PO
zJs**Rr-S1-?*0m_dPtpK1}UlS>gsBB&uh;MGD7ZbyZ<YFI4odg`rUUvK7<AVlns8C
z6(k4R;*(8wc0m0w50(+;pUMKt0NzLTIavI#Ox!IXRlK+D7v_Px$&e<iklWG4Y$0*L
zM`U6SLQMX*5HI)s)z=u(_X=!%0W9L24dLcNERteU!xA9Aw&`>86wpV|ngvem4RT^U
zAC_R_DKdE^l1O|i-y#Tn@R7z|h&XMN$IlJ+Ss`A8Kj?oC7Nhj*MB+XOvLTN*#F|I(
zQ9(05`qdq4dt2=jOAav`qVLPRg;VBOr*22&-EbicjkoAKRlmn>dtRpz50Iw+)vFt%
z92I`L0W48Tp<wsjlko8HAd}{I-o7aC<1IplFCmO@@XD~;s{u&{5G#bwGbwKeb-)M~
z%-f}hpC7OY87!p`KAFYL$cQY(oqM9M*q*iS71uhG(t&M4KoAMY{GB(I3<Ntb5aosj
z5)&fwmnTKr?lTvs@rK^CwsDQ+;H7Rqnh?2~S84-+TsCkPdQTQ5h_MQ6hk?$!fu&D!
ztb13Ljrt)xolV&YEI>yHQaqv%r@F+(O-yrQA~&?aHh&aMNv_(Ltx9`m{uDlb>v$?$
ztav1jMsh7po`6t+ZAccz?Ae|O-i}%CF60^b4UZB}xqwY44~KKIUdbGkuOeFvd^X0b
z-zr%&v#;DufQft2VmFlWkIzvn!P*tAH5riT;X}(-v)P|b-;asj;egoLshy2NS_Q64
zeDpO4)&JvN8E`zgW>8#JAIHAK8w5n>kozDiN(CVn8IlTmJd7r|RxUM^w6e8PC8fXq
zNXl>{qDuN#rCOFlUh@@6t)O<s)KN-4?Zt{n#2&9ZH#*nc(;*qtz1q_wZfet0jmu*7
zu2kdoy_uW1xFumKApPsko1O;(Oj-9|i17X@-0FFfo+3NFKh4pOvaqc5Ib)$s;vKH%
z;$xayMI>S$T#Z9b&$poj?X{G<=*Ei#Hoq`LI=|yUndVn^TBkw$AyU=4zTZu@m?Bza
zbtp=8t1l5OBbTR{>t{A}o1M<|ocaB3rRezpzOzu>YHNHAw-#yCC11Qbt&=<?v(aSM
z^&}ntb)5?5Gc!~)kUHH+Z#mUCW|=ms%GZ^GN}#FBau~-P7mMecL$w_c@QTZvv+o)k
zjlu~eUsJkT8NTGK_P{BuUs$`#SGzK9>(W;eu_4!N`^G3&YnbV%S+A57tZ>qpI`fz$
z=p+cCzr6hP=!vMz9mg4wZ8!OVGi)4Vz!xM$So+hK(CnVg)yN_DnIO$I-$`gevuGcY
z=70_~%L=k=)haoW={sQXnPtxP%G$RhcsjcmBo@bfKWX&)2|ef5z5K;%BPizgtf0YG
zzxtb(&tKUe)E?nsd~snvg@Qn5M!CfiqmGUFA7x&>qpPkh#Yy`m=|Acn6<onMQM|={
zW3eD?qBOI2AbS4oap2vkFP}3Q?pMWS@)U)y{wSzQD*TJ3xz);Yvta9qFWIRHZm&5H
z-I(O4O~=r*^Jym5Of;hbw@D<S=1JSa;`RN5$4*js@5y^VnGE3Sn|#fSaNVyHW)n+F
z`>Z6G9N&zm-!Qvc<E_pbmNk9Z*sYP5yqH+Bn`~>j6fTvkes71btFQjq8z(*)CVXkn
zDEB2pWo^Fenpzm=KciK2<(b+1?2x_iM$u$_ROq-@rDl^dqmWz3RAE}O%(|{bu^hMv
zr(a&W*6-I-T~dWsolJ@hvSD#cE!?_0F5Q~%Cc#5NzK_o(vgayhUb1r-JF+iP<1UM5
zQJ~^^NsmyqEcZKcs*X!8ZRF^Tjw0tL;DE6BFz$HmerIlkSM6Z|l1addIiz&PbE5SG
zq-eW4NSzNM*{tE`apNP!Qr*8A=Lvm(tpt6@6twHAmE`9?8Z8sBf9u)P&UU^nG@r(?
z3zl)smFq_1Dt2V(3_cXPxGiX_1azQnL`TU}N0NpdMmO6GsgAV^glbo7x6p=%TpOhA
zul`mZRiQ-NruKvxzP|nLEv2mY#UsVUbJb6_(o-v6hl>fOq&zsnz!pf0|Aq0;z&U@d
zeMKy(udknXOx(jmn#BK)<gP&xfl;YbdZ$^0;sK|qG<OB}J(RUWJ9PBR4pm#|F7qm;
zB!&=*e>_PA4ZdQvM;DhQQPu9Kr;zmJ8UKLkhw!6)cUTABjV@iywwX*!BI)^kfS~OV
z+V+%U_4wN4Q>W$&7BW=>Te$9K!}Q-&EpE##^G6I%nG4>^xYu6vZOC&=5?v<Ic?q}G
zS^BX7wZGZWY^a?_Kby|0@<*VH%bHVh`f6X-sPx6;#GLq)V>0v$M(BYg!lkz5rejW{
zF9T#+ERML8Rfpz32%b&2wKTAh{XAdC`p1S7g~cS@sL#)ayQ{iie65-qY{*y5QN?cY
zpZ#1(=9*t^G2dDCMla5vFZ5bnFngL+vPNz$fpu*3Q4YKt^X<dHnOwK_@W+*BXGkpV
z<KjO^v~3NNL!MeywF~?WA%K{h-@3&iMmW0{T%;mj|M`we?Ds9p{mWD$UqAb3UVvs#
zr+Iz=3J|6;;IFStf-zQNT*CwLAJ(i5>A^L7&Ev{1X&Rr#V5NQyl;4zn8)l+KZo)*7
zVJq<J&Xz8}oh(LpY*_ce623{Dp)oO6=GI51i_w+#kIC(Mg~}}63)k^|S)dBE71gfR
z-?)~pl<611GO+H^X`VptwQhOqca_8UpNF|Rd5&-Xw#VXDG-FP!Tgb^8)04aU#+Pdf
zYCRdW?F)#grKJ~lSrv)pub64ny&5+cKZo8rSIp^IB;E0di=mpZWMIo^zEA*C<>$}$
z=!akW7<xM43Rp0RGFOy>_`{(TO-{?@Rl<QsHPRD(oRd#mq_>QOtveN^n9&eJcVzgf
z+&WTSnoYvNyx&dZd6~Ad#EDP71mBqPyb&exf(II%y<4@`*88Vc<fO-m`FS>zZyzc4
zYVhsT$q`Ijj~!{8@Q4d#G-+>*C_QpJR}yD?D#&B4zRS15z&NigOs{3-Kvhq^o0Ml`
zBMZfY8Sf|8TFnR}Hcl7(5O1|B{UNp$$Hm1}_gmpA8eKNsuY7mMS^$erh6H*gCq)Y5
zHds+-surofy%j`@C|j2}j$9VD{nc=_!e6J^1+gegh)l@PMcz58wB@Q2cG*Y7t;;91
zRdHt3sM0oWZ8h%sea;dAEMM-h8_MDP6SA4}ozop2QY#NU_LL?vE;G;9Tb><EzNF4C
zHYOyv#a0&{qgw4<rqg6HDv_5mYIvz>{n*cM1cfD8mt+N1rW2Y-BinrM=L@Af<n~<<
z`9QxeWZR*U+$Ea%zUG7PeQZ->so4;7v$&=~t|McQi_shN%^TWrf@q&#V+T-1MOOtj
zHj~VPO9d*zG7E}IHl~4_Vcb?4;Dhs$^k=F^mY*ef@0wN`*cu4bIs*=HfHR5%uKsa+
zuiD*I$ogtNp|4)Q$e;<<44V$Jd)|;7$!jwgos?=tS}RM&Ys)59pIm#jnyZjL;GIN5
zd8v!Ju|4zphb~`zjg+W!424FG(i3E_ja_G#`g+6#Uz4|p&BtnwRwJhx9#lKqGL&V#
zluiQg3-q^*vwedhQG79kPPLBF)#3`{Uf0czK8tFn3?(O`r^vEfTS3(ww=|9Zv|KoV
z)0l5iuX5&}H{E1twrHdjK&1>=48BfVO4~2akyTOU&^lrmY_5_AO*E(Km)lS8nqx9-
z)P!rXIt)e*{>EhnSlThV&7Rk|ebE3-w@-&$q<?3fFmlrJh>Sb>I8bt~$xA)|N2K=D
z)jn=*&1g<(t9|X!s$Sl;s<JIEzU68~ecAR(Si^uAigMEwrr3(BM_Mkp+KX-xy!Y+K
zY~^Lf2j8IT-0IMdohp6P@@aX7JG1xM=rJnGi2^}&o{~=KiFqm;<+S_)&x@4k8C=C=
zYLs&uC4<M!zVKuB^AyyrMn3iI#eDtUDFCgl$SmfZWAR=2&fDm>vMshs)e*ur;n0ej
zey(W23ofD@p#X_w;JZj|fvk40RoKK`D-$&hUTO~J4hBy1uD_{5CrnLAmsd{-rE57T
z<*=@!`m`RLV0P}B%f1sVAi#f*9Pbj;`IIG!(`?pyAba-Q>_Xu?k<&iQ!Ip*VrqZ}8
z+U~!@VPoIa#>j;xa#yJ~928@Df4}z_dax+Xdv4HXsIU~RHlt6i_ME=^z1W1+v%a@v
zEU46149jElzYpVySB>kD%Y@jxA&Nx#mMuEaA|&&Zz|M{^%qwlafXrjO;Bfuq(vzZ-
zetrtX6-V)OEQ|x<7UN~O)nBt1Tx(tU1|5GAABJ3Hg8R%hGLDH{>RP$@)y(PiuBOar
z)!+^3pLI5uF?^2G=UzQ%p7W}5TGdsm^%b=GvcNa+-hCC-@%((94zEfrs{8mAFsPVa
ziC1-_s_q1^GFh%YtLEBz`P$XDqMV=AwRB{P6;K0G#Z48e&uz5%m&C=fD#Zp{MTJgj
zk(Ccj$lXcN%HBaGh!jLbA&uU3K<)wbCS>V)d?Mkdta^Cj0fnbWUxA-}%Hh0~7(|59
z{Ce)PY&rIA{r2JWy7~1S6NTkE=f$F@A0PX+I)D*-D{3S>`&w1+34YY#=k_X=iE>(N
zQq5}{wWtrag7$}e95tTQ353s<j)-3#3_sF$Co}wfk%V1!)Z3*wqiU_tGWGUxCMoGt
zt$k~KCP58HxfYAtA&Bd;w4wWg(Sn4g;7FIWxORhu%cw+%R*q~ji8f*h<L>lxH}CII
zUvW3sYTDrb#WVF1|LsF<_yMU7n1d%^>bhoLcB7GUwOVVl<##10#<!;pt-}|Sqs_vj
z`!q|Y6-=}13stBhh`e<N?=TCZ2mhiefS}kmQBHDS|E;PMUMq@LY$sh)`g%+<eEsPh
zpc_xAM$&y6N1PTm>JUGM0G2JS5M}Ygk6RagzMlQ+`(;xd>P1W%HcK1lc~GzGFkiM(
z`rKM{eq1n&;dw5SkerfzKuF_+9i6e!=OkR2cIQ}k(O|vBazRC^d2YVC&&Ms<mW>~x
zm4Zvm<87`jb7Na-vAmn_$u4As(WQmaS<DU<8LEF-FA%9*?5L91HMw#>n%`PpVt;^{
z7?rNf(A`>{ax|lD8R_C9j_S6IEUG9@y6(RIBAjGZtz<(C5=$8B+1<>TzXmbHSCgSC
zV<59gs6oe?nHF!vGdT)iFDsbp_Nuc*5)m$XL?)!@^%w2Ejg%CgXSy%A=3i$G+j?Cy
zdAGf5cHT~G{yVLCKL6OdPq1KAt*$M-VmeFa<AdjCF0M)2uUbAzKF`_yH0G^9XrPDy
zrEe<R`@HNv8o`0PDL*dNvR>SbP2L(gUigEDK5=%a%y8P&bZ%WoDL)a6)AbdCyqbyb
zW5rX0hsNoDOAh<izhK7s>{?d1=|z+Jj(cA&_zH;E%B4oteV*aPElMXfRM~kFRsMb-
z6}eVdO0q(C#DL_lp-Z^q7EJb*64+PZrBz7qXW0Kb`sGS1t(gPMUP9~K;fcZ0e0pBJ
z>n&3!tztG3e?E;Fb3LvLWxY#ZAFzH%l$Aho-=}$p1LNv^=^rh%SbSSY|H|%4F-{0L
z##&^Gnf-cGP^Bol&!nbx<I#_)3mIl_vNtef#RPF38#w2AdjXv!#^=%0H5T`5jdQgr
zSoGsCL%&jnO$MB5)ztDly*NXtHvKD}=jxS>ehJ=Zdc5`NreMJ-OVu|oY)6J!Xg%pX
z=}Na2__oAQIw675m!7w;POzTT|9NZeM?uA_q%+Z1-;j;)W(+LN^H(kx_Y{2VJ3@k)
zr+RtF$3tUlYE7W;Y0g_t)b+@I%G={Jp|?C~^u6g1^=D+hUFws(#K%W*s{-{Xx=Yxp
zrZHgDak&{E-PxhfGX7kyb>#W8MAkjkt2YdVsy!gUXNomBMYmq^f-VeLujJ<DUWEqC
zAqZ#P<VQ%<%KOlLthj~F>-HhKJd2UYsq^Wv*21aU4k}i%my}!>3T=6j{T7_>Y<lVK
zLS-sq1WIvYJ+C0iFmOPtb0%~;KU?>~8|KH+qt`m~PMdmP@?h}Mv696!9YmLncMvkC
z|FAdc?4|1}mih2DE7jN0dnvMAr91g8XX`w_^@p&a7L=f!Ru@`(AL@R3Hv5F*($Cfl
zyK0s6>Tsu)y0%Z1)6Y69>~fzv`2or0X#q}Lm08`PuC%3w13}cWbtr`SHMXq?qnC?y
zqG+DAOusdI!PB<vV|ej)3>oj^NYr7)q@vU;=C7!zjr$94stYXN^GtACSI4x6JN&lS
zo0&GWisE@ekJpprvCMR~c>60hO&j|K+$mR)&}CL8rfI5}tr}5!sh6v^*-0!To+)oQ
zDT6(2<76?P^*VhdO$^>%YSrp@6E@v7*Zt*bdrO^?p$r4nw5i;#?ny*<7~dQG{KfaN
zu`_&pd~K_Wo{&6wgV+PTXZ3m)$42a@z{7bVmS3m#ERWNWo*;}{cdX=Ufy2AEkM-S}
z$WIfL;Ja0DW_di(CMPneHaRQR=D~MVy~OtwNnCu!e^(VN{U*@R={36&d+z(%2BE+q
zjVIFvbOTK?0W1`jQs@nKNol-?rG=(d?ecZR&CNR}kf!GyJL>(~gMG|umd8dVU9B7H
zUX35)Txdak4bt!r9GI-&Y2hj4v#W-v@GQIh+OB!arsoeeEIg8upY1$*nh(r>o|8_n
ze4IE06*d|$r1Gx!{vIUibAt@x4)d}zznwApZ9nRu?O1f{_o!6I52BV68T6K^eT7Y(
z-+NTUGz%xFHUni*tS`EpbZtJTPe=DLR9$~#u@4u4e$AL9d}sMVs)tF_O$;;D*xhQw
zyDT;@m?`ZPumh92RX08Bd*{DZt$bWrD{`EF^3Jq#!0ZcuNq4x|=gpbfG@WXL+|LI&
zCgwles>F8l>5Z@V;(xpj$jy~WHfcbMCBG9@o{dbKs!lVR;l2^bbo1*_vPZ0#=W;Li
zjo8f1MzVtxJ(hE7K~C0T?(e;FMo@%F`h2T(@d0De9h=9;PydpazJrV7%8-sJJ+`Zs
zj7}pBuPKjSKagURmMB$ABKeL}QVd{0kh&_*VG@D}Vg>JTZCqW$$fYmTiX0GOlV{}X
z--9^#lOhvO%sxELRhbJFN-K#=&QH|kuU@~yXY{MVvC3b<&jt?RADOSyY6vK2PbpTM
zLh$*OOX2wf6T;Xr1_pdI_hbiD`%I>1+X`$)9I3_OmA(3l9RCI}4SV}TD{W&_-;F{S
zJg-vh5e9tk+#J^V1I&@thDxKkhE~X+IRrsc(&m1^eKsg72w-WU<YwN@QKXW<2(<Y9
zl+jwcv+^N~f#=rGn-yjAg*Y!knFzp4iWBcAEP_rpMBa~H6e7kdLFh2za#YnWq{7=D
zNyY)fq`OU*)8!1`#3w9%_~+MmOA`qgwCMvDu-j}POm8GeCq(>D!~|maDe*ac@m{g&
zJZ-r(`hX+oG~a}y$Su2`EZoc$S0v6#%>!@MQ(8Puj8%uX{{9fnvJ;pbHuo<m5aQF%
zdtc_>c)4+z=@Q@Pw3AkDrFTa00CGr&JeEn(D|<*SoP_N%Q0`ZitucdWF$<GM8G@t*
z@k2uaQ)%>|v@Gusv)C<iZO&Ql#;f2cnzn?7MMg#Os65(EEc3$JZ@y|2q*hdewR}JB
zh7Q{Pz8?dL?UFV)kS?ggMEXr{UjB(=>{bqdJ7MwqDJxLc$^}$^1yrXv5P0gu@L?o@
zbdclowvP-yB=M~m8PC1#3%ATjJmJ4zG6HLocMk!0okhrc4v8m|2~x?jaYLXCd#862
zu$TzJV(4ze$R=Bo@Wg43CNiOkR9>rWV<;Mx#i6HCW8S~gf*te2tK5PPWd0*pwX@>|
za<9dv^JyBd0;q<Cl-7vA&kz&8lm7XMKvl|gR({As1VSXQ3xqDK>I|0o3kmNpPIS2K
zi1rHhpY19Fljo~{2f2I<9z1hLYxLXlL~hjP>B(nE_bZsrIdt_E7c9U47SMBulJX+k
zS6Drb59#Fg`{9QoOd^D_Kry!TD=MohS5I@2NHQoIK<7UcOrm1efETe%A<=)XF+x&~
zOo*4aAChF=k<T?+M1W0cgR=Szbp~aFBetz(JzKh(2{1?ofkMZ;eI@wML{be8Jjdji
z(ki6Ok<(rv=QS?7Hrrn)=%>!Hk#^w`7SdLd7?rZ=ALVo1W*Euvib(u%(6EqHqouWA
z36Rl*+zH2MPKVXb_9ZwS0Jc6cU&r^ljTZakknlvVm4pgd_i>O+_aJ}R3>nQe;FZDi
zrwT|3vk~lyImhIIon!mN(+YiwP(u}c1hxh(?GRNgw@*mC?|RwOz~C8^7+3aRk_rU=
z50M;eSZF<<_(Bk%>%N^YlXB$Mz=)>jF)?<=Ir<kYUv$1`54Y>9^bK|X0&p5U=v&S_
z3KWp(1)Nxkm)~s`A~HyKgx1_u=-71`W!wfGAHWnPOB#&ws&|Pj#%WatfJz0PD|YVi
z5&slGGRX&pLlzzlT%PDlLa@WAY_CX=+14;QTaWdzB&wn3jSSGOuz}Nfea?3a5ctko
zawDzo!0M2e#dy};4?hutK=&R=1r+RnWc|M%affh%3veD&jVIRN#i_%$Tb+^<bD=Fm
zJG47dNe|6N?(_)+g7*FcpnR$Q;NS@qjkW=8@S7~UJ@XO8#5?(^o$=W1RxSPZ9&Ei`
zZ;tGEjHjK|(t-=ZJGWu&ai2;6T22HB6f)|^4ZEtZMw^J$cRiQ!yqzsdj5jqh(K|`_
zY-?QIl!rlkCKQbJBw+f7q>%t9TOO?b*;1kiG4-!YAft<SaO&XAT^)vk?+$4Fm@(O+
zSjHD3MGPkW8LJ4G;(|;M1Bv6`*|HrnsDVciYB`?xXQFk73kOLKu}Wn?@^ek(M%9&e
zUm~k(XJs*6#d@0J;_Wst1@8an5y<=rsE^hc4_8#CD3E=#Us95z>2`NUM0bWh?Sx<n
z#G0u|0XfLUc8VVos?@-gaxx<Ta@ju8hv_nqATM;CHL$s;t|Yh*btMN@ux6?hWYH9v
z1Vu|EtH-ktTT}T6+XVOXhXBQ5lLxv|e=VWhRhHjQp7mU|b(tIb9JBE#(Uhd)p+-Q=
z32fd#p-pn_6BH){k~@C*ce*PWQb=F-5Q+ZsG>R%J9azqyn<^JMgUDXbLKNDZV>Zkg
z8Yfho6mLNQ%%t)N{)pyrCjxc>#`tN12tVW=$CEb3N}Ki=IRy!?P$(60Fz-A-XKRjg
zV`-s5pa%-V?s~BFAX2oJyw}PHFm7%4-qAYCMQCif69JNo`hw2z#IpoO4Oc%%|FMf#
z2JA5!X^B44!3I5@S)B36Hw0gNeSmR_D>anE`_v>J>RI(+0wXG?WfTFu4PWpFP@N6f
zO^lV61!|(RboUSq|B%$He8rG5{V%Au*KP-~cv6$=`R>}GDux>72*#8-Pu|q_<(#~t
zBu%^)jbs>_9h5L8u6^bPWzJTAKOX{d){y;1v&|9WBCLI1Blsf!pCm}ajm2(0XBV#%
zXo{c(wuwVPbd~1zKv5>39xV#La9LeDjUnTj$Q?(8I(NfJlg@+(xQcBwksL#g@hHme
zw^YY!$`W7Z#q5Vj@YY|Bs3BRP2O`eV9dfgs8h;X<!<YS`F+-ZAy10^Yta2KYHPbsv
z^nOLgFC~s<-uO0!S4IBYHm1Tb$b|CyRIFJ=-UDgl9OG0Mwv~8M%~K!20_O$IAVy(j
zDDblHUAjuRE8EzpDgB|)MV(2+HYe?XawPSX;9Jm3rL2l&tx|EHp}6Q((cSH*XBw4i
zG8j8QJJXYup-?RSm=vBseb|3(YB1Sbe0lONl~ijWgUQinVyW9eY9tEtFtG+C``8+*
zCJ(1Eo!aMTr06o`$S5o}9tyhCE(bAwEqH*~^q)w)*6;`Gk0k=2kE?Y5XOP7XB;6Gi
zmq*Hi&3t1VPL%Ee{^L*O*!1w@yqEjxTUv@OZz<N3jo*OB!jw18jn~LzbLi@LVfHH|
z`W5dGep$#or7PS9@%lec{a_-gGi_?vl9%~EPi@UMl~#?B=$rDrs#)y7N|zd!{D@=x
z=o6$`%5_W}xlp8+YBXW;u8nwIhG04uo$L>QdB*zLi(r`35#OqB#_aC{JLM1kD5f6s
zWc?IQO-)?-S|p$;iz#GRX}^oiMTUV7tajxkuqUiu&H41?F%MzkZ|@F^y}H7&m7;u8
zuPj)GhU~cHooo8zmXnJZDN7M`njmrGO9)A2*xHDpV_OpBFZA+Ru|g+lW-<8WWGYT!
z?_XaZxB!e#A>JFgwn}FZm|o@DkMii6=ZPcg#fM3CYuwtqIbRsXL&Y!G;1sfeU71u;
z!;X=NKfvN%GgWv*b6jDH@Yx}>m<qa<vDmunOd&w{G-nf8fTn*Diu*UT&jP|XWjeMz
ztz#b!d&Td^Nk5sCJuqSljIwCvHB;*+*T(+wd<=*HZcsKHK;hM8%5LS87;|JYuC8CW
zx!FryUA+h9ah&W@n}UQE2i;3ir`HJB5g(nyMP^D+_Ed(Hs4Aq+4tLJ%J{mu9SdMS-
zkGPQ6MT%DHo0<wAJbfW_8ms=~a;ugJ7QDNUG+By=j<}o%i6#Q?suc?Lam~fE13HqY
z@Yh>nzIz>+5GLXz?~RdwR7Yp~Cl%Z@BGd`@?T>?m{I;P-TA~)$ip^A&7U)~$#|AyU
z3~Bswo%V+1&|QP)nXMoK55SW3HpUp*mDcKiFlQ37+!WSoDi>1!i=+%N4Yg#wlLk(k
zXY2ah`@(HhW2JBr5*7SAk7pZJ_D@oI0oX*>sv?(XLIUlSK|1gbFQay2s6cXBp5_MB
zf8u}|WClWDh_Gb~&TVMYw$(Q2leTJ@$l0J8u17<JWsm);{YWGr1_|kXAF;qr5fh(<
zPh5SW4|MnNLq^;Vzkc4ZG>w7rtp;l`A<k|>jEqe{{c@xBS|DE+%mImS^O*vC0S9eP
zLJul!1VKf`=>ESkzPxkFc`E@w(1tb8*0Xp^9EsbBcmHUG-7kF&penSllS&=|*?UKA
ztpY?%C8g}#4v)!zDYF}rGh`hK?G!V>J#uX|GgQnj_%I;F1bqfDI?^c&a3>UZA<P|6
zuu|Z&p}xfx3rGHmt2I%H7Vx7gclT3jDl0255Vo4_@~`4ie`pj#KP3HAPCP@xAP55w
zp8dgP6~FO5+z1+67q*@;xQx_7@IzUoF?6{qa=N$hHx9eCuLY^~8lukec0&eRi@8jt
zK#eN+f6v97Cu(T;><<c5?$~2Bi$u@^!!7*fmXYoLE7x8~)SjHkt-7F)H6Y!baTiG{
zuFJH`?k;QRE6A-?v_q0|7idjpe3cbOPA|nfn;pUT<};{RzlexPePM#;E>(ye`h)q{
zWf4E9kI5?kA=VTjShrd#uW7(5cDx}j*+0>Z1LwH%*=;(vj^)XvEq4I+{?S0Yf1`Ht
zhiX{`jI`YW>@<ZEiUSpViT&m=yq<4X7`|-d7Sy6MO1L}lu6`8UJ)UjhvhxF~?Vxw7
z&c*u&=OyQQutN{K-kCAu^{UB5EMs<49O+dH$N#fS8Md^&EP{8-!_~2dP23}eRx{K`
zEItkwe<OJ`F{$=egu%4~*!sOp%AN$0VJjtpt~E2!hgKK4Yp9eM58FI*Cz0%KA;Yff
zrt7FuFz{akv&rnU8v@Pv_jcvwufv_0>dj54+FZ3sx8ji<As`^%P?DFuW)G47!>JcO
zDu08`Yng_0R)Xn<9tk?%nRDYETT}~x>GqWO-rr=rNT9wm5v(E2sPp1$d@WdK?+OFD
zxwyL3jmSjP^Qiu7*;T7)fZC=NporPSF716AR!7X40|0+x=m89qHgTUV4`>)4xkhrh
zs+Uq${derU7*~LSA+@l;U`M{%ZC3^VYYo);{xD`S4Zs^nA*Xi5_wkVN@{dxSCH;fc
zc)ce)Dh6zmG!&i?VyJ738UFAr{lE0QPb3mL-fxq=6euyLJjG#UdN4}kd%_?MUT-8#
z5nT(VP#+Mu<?_s<m4P>l|M~v#1;T+)E_U{J#YPQsF*Y2tj{BZR1+XmUL`aHa`vK)G
zP>H8Wb}aqM_loi#Ti+q(FewPW9%DD0{WeOxi&D_T>)l8Z2px0J<;Gmf$k~Y{2wL#)
z@dfojWar-;_%I#ux4NLf7)m;e=I^{tEcx+igzDRexVoOp;}c7Nnb%MJ9*=cn+Xc)2
z^8{rih;2{SQ=T7;10B^nGJ?K`R@!iL0(lU_mRkLX@g+WBEqCH4|DZgCB=-28>`ItW
zP3CbsDs&?sXzk@tXdPvUkz9Uh$Y+J5NdECHIB@qX!!e#e+Mq)G$8^_4?B$ZuCy%J{
zFHNPD!e4R=3Ti>kkT&!L{yd{R@bA6Ku=$f5I({Jzz-l(l#|JL=au<EOjU6ZtJ1vV5
zHQ}}@OB4jJDZ?_x<1)m8T+0RaG8})C&7YW7uga^`u5w8S)tmFiU^6h$kfZV$>1V~n
zxH<_Y#mJj=*#iPdWy0nLj?e242<Y#7B-2Yo%ca)oM@VA$vv+>dn*(*I{M%9OklV5t
zjCpjT|MC+gzyQg#GoX{6esn+hUka!qAty)`#zAypX1d>9=`KxX>?20}OQ$zgl1Q5j
z>CJhnLezjr+qxBCQU682_xjf-+mlv5&-o;Snp!o$Qm@U^)rNnR#Vm~zDT$Pi-(0JO
z;jI~9IY~EXAHeJ(JpQnbzx-kM@6QzQHT$T3MXn9C<h$!|Dz9w}L`=wHvZY;{`;3>L
z;PK9q^Y3Y`A;=RSOg4*Dxc|>-Kn?i!(a}kexSCK9JqKN!%Eaq2LFgq&wjZ1_P)gtw
zE-*b?&NVf62+*nj`(?HhB<mLQwpgJn?G^WCo|-09(&6=b>Q(akB%3ccAx59+<^qGu
zOm7>7*(KKhc`foFwu9RSBgS_<K_^4+YkIASQIWpHm%yu;>2^y7tt0Pdc_;0$k^T0)
zpNyy^@gYzQ@%4-s<4z>)?{fqXhoQI7<^@E+-n`|q&J4wSDlH~#;d`atq|0K|&mo-r
zBrJ?B=(won%Ak|FZJ-C^f6qd781#zMg5UbOmnjnqn3#5yj~DJ%vfz)J(kjvaTL0kF
z29C%0tt=Kvw0uPP)PH0L3}1)t8DX=v`8VF}H>EXM7ai7T%@(QsR{Dt=|Lb_U@@i-z
z#q4?h@|nLVS*476Ol&+a>;mThLDw1zB9Qoq!(RaXKuq0qlvnc;j|<?l3#2%-T1WDa
zvQ1K9oAbVuKxYAA+upM-KWqp7pk)6(9=5|IV=b}SP-O;g<<NrgmX?z5bD<N5*J!Py
zLeEXi>r=kC#k3r4SKXFnEdJSJ95)3G(o@0*|Ep%s(Z7V|Ffm>WN=V#u<$E@V<SDCb
zPous)uHys&v(EvWcmsQ1S?rxp0`&4`ga*)vy_09&P<Auq_MhtFKaykpBx0DUMhYn*
zCMq}<-lo6gG>a13us(`9*|(_BULz)#+i}<*A)Oz6@}X3vY-4$#D_NZt2b%rUs!yx^
z|FSQjfZ2b}*Rk4wSG_tey_E_<qhI|?j}ntPB)KOa+AuOD->1eOr?RheT*~h<suF;3
zo)UbfQ}z63y5t+*cIw;yaWgrxYw}y9(vJyR+=j01fro7~yE&8uLv_b~#n9sEwnU81
zOzJ3Aa){cL*oL<RogYep!JtUda>f4?9&hiLniENVOoM;einOb6Uv9pk)WIRiJ}G?_
z?JTFO(yF!kQ#%}Qs3g)ce)G#HC8LlAfELSKXVaijLbwTq?!V*(1R@?0L0boHHML*>
zQzt-cI)<v{%2>-E>niP1N1q^I<{z^qGVM#)ncG?Ss|;;=viJ;#T)MP%C+m5#J5!Tm
z7>zQGb|T4t-ya#8?FcPm9^gTBiZ<lA&h%c@yAhh$hcyW)I78+kH}#jSx}t5fsz?ym
z#rDD~%4l!xq~v4-u+qGc)xcl=w4+?^{Mas1{?9$9BI~u%2MBs7Ujy_fcy`ChX~WZ!
ziKiu0NVi>+%0<$`_{7AcgN04_Qswq+3j1%i+Anx?)lmHfSD~_@E6-fT*!^oDl=k}E
zic#kK#}RFlr9|&KJlX(;g@f#P1#{x2!Bv2Ea}U-HZKKXq^G^y}{J1Cm5~_2VR(q~{
zt`@uq+jN=;o${51@i3hg9!|nw(SSql8f<S5GkX!M<af6Q`@aRlReB^nC-wU~ZQuMj
zgbP|BQ(9or#OS@T)N@JFqmYBb%~q`C<nrL7nPCWKcIT(`rzw`nYw{@ZarVu`3O+77
z%gI?AG3(T=Z~19?BX@ZGsbF*KWO8g)8uSPQ%yXJvZv0G{mYV1#E}Sz~&@9DPe_Z42
zAE$cn;@lwXZ9fy`xCr`SV!*yy+sCI0QJ`=FRsdgFol4Kf!@$Om0n7vH<B*wo-qfEv
z{g~TyT|&h&FmZ*mlE(@Pw7!qgKxq8iVn8%^YDD5GETf8;LVF)p4WsVle&*jhzd`23
zX_b(;#btFjaS7Y4yvmzlP%63;?2Jd><y%YRndDU}<m_7aSXLKS(&p^z;Ze*ptE^WM
z`&2}TeIFK+a){#j|62D-><)TZRQ%%I#5oRc_Q~OvhIChzyh1$@m2oE}SNZN_Y*Frd
zz2w{hi0Xa_2>%cNBY8py*w)rH{hJ*i4(>_3DgB$m`4FlgsgwZzC|y#M&yu?y@PE-z
Bdfos4

literal 0
HcmV?d00001


From 35de66694851877887ad4b8d53a5f5e2268eb702 Mon Sep 17 00:00:00 2001
From: Marek Svepes <svepemar@fit.cvut.cz>
Date: Mon, 27 Jun 2016 12:55:46 +0200
Subject: [PATCH 085/169] doc: README - nemea description

---
 README.md | 30 ++++++++++++++++++------------
 1 file changed, 18 insertions(+), 12 deletions(-)

diff --git a/README.md b/README.md
index a16df90..af5ebd4 100644
--- a/README.md
+++ b/README.md
@@ -15,30 +15,36 @@
 - [NEMEA Related publications](#nemea-related-publications)
 
 
-
 ## Project status
 Travis CI build: [![Build Status](https://travis-ci.org/CESNET/Nemea.svg?branch=master)](https://travis-ci.org/CESNET/Nemea)
 
 
-
 # NEMEA System
 
+NEMEA (Network Measurements Analysis) system is a **stream-wise**, **flow-based** and **modular** detection system for network traffic analysis. It consists of many independent modules which are interconnected via communication interfaces and each of the modules has its own task. Communication between modules is done by message passing where the messages contain flow records, alerts, some statistics or preprocessed data.
+
 ## Parts of the system
 
-![NEMEA parts](doc/NEMEA-parts.png)
+The following picture shows all important parts of the system.
 
-## Repositories
+![NEMEA parts](doc/NEMEA-parts.png)
 
-The NEMEA system consists of:
-* [NEMEA framework](https://github.com/CESNET/Nemea-Framework): The heart of the system that provides interconnection of modules, data format (and its handling) and common functions, algorithms and data structures.
-* [NEMEA modules](https://github.com/CESNET/Nemea-Modules): Base modules of the system for export&storage of flow data, replay of stored flow data, filtering, merging, and others. It also contains a basic flow exporter capable of extracting L7 information. 
-* [NEMEA detectors](https://github.com/CESNET/Nemea-Detectors): Detection modules that can detect and report various types of malicious traffic such as DoS, DDoS, scanning, bruteforce attacks, etc.
-* [NEMEA Supervisor](https://github.com/CESNET/Nemea-Supervisor): Central management and monitoring tool of the NEMEA system. It takes care of running modules according to a specified configuration.
+1. Modules - basic building blocks; separate system processes; receive stream of data on their input interfaces, process it and send another stream of data to their output interfaces; all modules are simply divided into two groups according to their task:
+   * **detectors** (*red*) - detect some malicious traffic, e.g. *DNS tunnel*, *DoS*, *scanning*
+   * **modules** (*yellow*) - export&storage of flow data, preprocess or postprocess the data (filter, aggregate, merge etc.)
+2. NEMEA Framework - set of libraries implementing features common for all modules
+   * **TRAP** (Traffic Analysis Platform) (*blue*) - implements communication interfaces and functions for sending/receiving the messages between interfaces
+   * **UniRec** (Unified Record) (*orange*) - implements efficient data format of the sent/received messages
+   * **Common** library (*purple*) - implements common algorithms and data structures used in modules
+3. **Supervisor** (*green*) - central management and monitoring tool of the NEMEA system. It takes care of running modules according to a specified configuration.
 
-This file describes the installation and basic usage of the NEMEA system.
-To see more general information, please have a look at
-https://www.liberouter.org/nemea.
+## Repositories
 
+The project is divided into four repositories added as submodules:
+* [NEMEA framework](https://github.com/CESNET/Nemea-Framework)
+* [NEMEA modules](https://github.com/CESNET/Nemea-Modules)
+* [NEMEA detectors](https://github.com/CESNET/Nemea-Detectors)
+* [NEMEA Supervisor](https://github.com/CESNET/Nemea-Supervisor)
 
 
 ## Dependencies

From e067b4ec63e7c8b264b1f426cf0717aceae3b0dc Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 4 Jul 2016 00:59:58 +0200
Subject: [PATCH 086/169] vagrant: remove ipfixcol config that is contained in
 the NEMEA package

---
 vagrant/CentOS7/Vagrantfile        |   2 -
 vagrant/common/Makefile.am         |   2 +-
 vagrant/common/ipfixcol_startup.rb | 232 -----------------------------
 3 files changed, 1 insertion(+), 235 deletions(-)
 delete mode 100644 vagrant/common/ipfixcol_startup.rb

diff --git a/vagrant/CentOS7/Vagrantfile b/vagrant/CentOS7/Vagrantfile
index d495acf..958e593 100644
--- a/vagrant/CentOS7/Vagrantfile
+++ b/vagrant/CentOS7/Vagrantfile
@@ -2,7 +2,6 @@
 # vi: set ft=ruby :
 
 load '../common/nemea-dashboard.rb'
-load '../common/ipfixcol_startup.rb'
 
 Vagrant.configure(2) do |config|
   config.vm.box = "centos/7"
@@ -15,5 +14,4 @@ Vagrant.configure(2) do |config|
      sudo yum install -y nemea nemea-cesnet-modules ipfixcol ipfixcol-unirec-output
 SHELL
    config.vm.provision "shell", inline: $nemeadashboard
-   config.vm.provision "shell", inline: $ipfixcolpatch
 end
diff --git a/vagrant/common/Makefile.am b/vagrant/common/Makefile.am
index 03ed820..24c02c1 100644
--- a/vagrant/common/Makefile.am
+++ b/vagrant/common/Makefile.am
@@ -1,2 +1,2 @@
-EXTRA_DIST=nemea-dashboard.rb ipfixcol_startup.rb
+EXTRA_DIST=nemea-dashboard.rb
 
diff --git a/vagrant/common/ipfixcol_startup.rb b/vagrant/common/ipfixcol_startup.rb
deleted file mode 100644
index a532247..0000000
--- a/vagrant/common/ipfixcol_startup.rb
+++ /dev/null
@@ -1,232 +0,0 @@
-# -*- mode: ruby -*-
-# vi: set ft=ruby :
-
-$ipfixcolpatch = <<-SCRIPT
-echo '--- startup.xml	2016-02-25 14:30:15.595229902 +0100
-+++ startup_new.xml	2016-02-25 14:26:54.543236208 +0100
-@@ -1,148 +1,79 @@
- <?xml version="1.0" encoding="UTF-8"?>
- <ipfix xmlns="urn:ietf:params:xml:ns:yang:ietf-ipfix-psamp">
- 
--	<!--## Every collecting process will be started as new process -->
--	<collectingProcess>
--		<!--## Arbitrary collecting process name  -->
--		<name>UDP collector</name>
--		<!--## Type of the collector. Supported types are defined in internalcfg.xml -->
--		<udpCollector>
--			<!--## Arbitrary udp collector name -->
--			<name>Listening port 4739</name>
--			<!--## Local listening port -->
--			<localPort>4739</localPort>
--			<!--## Template lifetime in seconds -->
--			<templateLifeTime>1800</templateLifeTime>
--			<!--## Options template lifetime in seconds -->
--			<optionsTemplateLifeTime>1800</optionsTemplateLifeTime>
--			<!--## Template lifetime in packets (for how many packets is template valid) -->
--			<!-- <templateLifePacket>5</templateLifePacket>  -->
--			<!--## Options template lifetime in packets -->
--			<!-- <optionsTemplateLifePacket>100</optionsTemplateLifePacket>  -->
--			<!--## Local address to listen on. If empty, bind to all interfaces -->
--			<localIPAddress>127.0.0.1</localIPAddress>
--		</udpCollector>
--		<!--## Name of the exporting process. Must match exporting process name -->
--		<exportingProcess>File writer UDP</exportingProcess>
--		<!--## File for exporting status information to (combined with -S) -->
--		<statisticsFile>/tmp/ipfixcol_stat.log</statisticsFile>
--	</collectingProcess>
-+        <collectingProcess>
-+                <name>UDP collector</name>
-+                <udpCollector>
-+                        <name>Listening port 4739</name>
-+                        <localPort>4739</localPort>
-+                        <localIPAddress></localIPAddress>
-+                </udpCollector>
-+                <exportingProcess>UniRec output</exportingProcess>
-+        </collectingProcess>
-+
-+        <exportingProcess>
-+                <name>UniRec output</name>
-+                <destination>
-+                        <name>Make unirec from the flow data</name>
-+                        <fileWriter>
-+                                <fileFormat>unirec</fileFormat>
-+                                <!-- Default interface -->
-+                                <interface>
-+                                        <type>u</type>
-+                                        <params>flow_data_source</params>
-+                                        <ifcTimeout>10000</ifcTimeout>
-+                                        <flushTimeout>1000000</flushTimeout>
-+                                        <bufferSwitch>1</bufferSwitch>
-+                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,PACKETS,?DST_PORT,?SRC_PORT,DIR_BIT_FIELD,PROTOCOL,?TCP_FLAGS,?TOS,?TTL</format>
-+                                </interface>
-+                               <!-- VOIP interface -->
-+                                <interface>
-+                                        <type>u</type>
-+                                        <params>voip_data_source</params>
-+                                        <ifcTimeout>1000</ifcTimeout>
-+                                        <flushTimeout>1000000</flushTimeout>
-+                                        <bufferSwitch>1</bufferSwitch>
-+                                        <format>DST_IP,?INVEA_SIP_RTP_IP4,?INVEA_SIP_RTP_IP6,SRC_IP,BYTES,?INVEA_RTCP_OCTETS,?INVEA_RTCP_PACKETS,?INVEA_SIP_BYE_TIME,?INVEA_SIP_INVITE_RINGING_TIME,?INVEA_SIP_OK_TIME,?INVEA_SIP_STATS,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,?INVEA_RTCP_LOST,?INVEA_RTP_JITTER,PACKETS,?DST_PORT,?INVEA_SIP_RTP_AUDIO,?INVEA_SIP_RTP_VIDEO,?SRC_PORT,DIR_BIT_FIELD,?INVEA_RTCP_SOURCE_COUNT,?INVEA_RTP_CODEC,?INVEA_VOIP_PACKET_TYPE,PROTOCOL,?TCP_FLAGS,?TOS,?TTL,?INVEA_SIP_CALLED_PARTY,?INVEA_SIP_CALLING_PARTY,?INVEA_SIP_CALL_ID,?INVEA_SIP_REQUEST_URI,?INVEA_SIP_USER_AGENT,?INVEA_SIP_VIA</format>
-+                                </interface>
-+                                <!-- SMTP interface -->
-+                                <interface>
-+                                        <type>u</type>
-+                                        <params>smtp_data_source</params>
-+                                        <ifcTimeout>1000</ifcTimeout>
-+                                        <flushTimeout>1000000</flushTimeout>
-+                                        <bufferSwitch>1</bufferSwitch>
-+                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,PACKETS,?SMTP_2XX_STAT_CODE_COUNT,?SMTP_3XX_STAT_CODE_COUNT,?SMTP_4XX_STAT_CODE_COUNT,?SMTP_5XX_STAT_CODE_COUNT,?SMTP_COMMAND_FLAGS,?SMTP_MAIL_CMD_COUNT,?SMTP_RCPT_CMD_COUNT,?SMTP_STAT_CODE_FLAGS,DST_PORT,SRC_PORT,DIR_BIT_FIELD,PROTOCOL,TCP_FLAGS,?TOS,?TTL,?SMTP_DOMAIN,?SMTP_FIRST_RECIPIENT,?SMTP_FIRST_SENDER</format>
-+                                </interface>
-+                                <!-- HTTP interface -->
-+                                <interface>
-+                                        <type>u</type>
-+                                        <params>http_data_source</params>
-+                                        <ifcTimeout>1000</ifcTimeout>
-+                                        <flushTimeout>1000000</flushTimeout>
-+                                        <bufferSwitch>1</bufferSwitch>
-+                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,?HTTP_REQUEST_AGENT_ID,?HTTP_REQUEST_METHOD_ID,?HTTP_RESPONSE_STATUS_CODE,PACKETS,DST_PORT,SRC_PORT,DIR_BIT_FIELD,PROTOCOL,TCP_FLAGS,?TOS,?TTL,?HTTP_REQUEST_AGENT,?HTTP_REQUEST_HOST,?HTTP_REQUEST_REFERER,?HTTP_REQUEST_URL,?HTTP_RESPONSE_CONTENT_TYPE</format>
-+                                </interface>
-+                                <!-- IPv6 Tunnel interface -->
-+                                <interface>
-+                                        <type>u</type>
-+                                        <params>ipv6tunnel_data_source</params>
-+                                        <ifcTimeout>1000</ifcTimeout>
-+                                        <flushTimeout>1000000</flushTimeout>
-+                                        <bufferSwitch>1</bufferSwitch>
-+                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,PACKETS,?DST_PORT,?SRC_PORT,DIR_BIT_FIELD,?IPV6_TUN_TYPE,PROTOCOL,?TCP_FLAGS,?TOS,?TTL</format>
-+                                </interface>
-+                                <!-- DNS interface -->
-+                                <interface>
-+                                        <type>u</type>
-+                                        <params>dns_data_source</params>
-+                                        <ifcTimeout>1000</ifcTimeout>
-+                                        <flushTimeout>1000000</flushTimeout>
-+                                        <bufferSwitch>1</bufferSwitch>
-+                                        <format>DST_IP,SRC_IP,BYTES,LINK_BIT_FIELD,TIME_FIRST,TIME_LAST,DNS_RR_TTL,PACKETS,DNS_ANSWERS,DNS_CLASS,DNS_ID,?DNS_PSIZE,DNS_QTYPE,DNS_RLENGTH,?DST_PORT,?SRC_PORT,DIR_BIT_FIELD,?DNS_DO,DNS_RCODE,PROTOCOL,?TCP_FLAGS,?TOS,?TTL,?DNS_NAME,?DNS_RDATA</format>
-+                                </interface>
-+                        </fileWriter>
-+                </destination>
-+                <singleManager>yes</singleManager>
-+        </exportingProcess>
- 
--	<collectingProcess>
--		<name>TCP collector</name>
--		<tcpCollector>
--			<name>Listening port 4739</name>
--			<localPort>4739</localPort>
--			<localIPAddress>127.0.0.1</localIPAddress>
--		</tcpCollector>
--		<exportingProcess>File writer TCP</exportingProcess>
--	</collectingProcess>
--
--	<collectingProcess>
--		<name>SCTP collector</name>
--		<sctpCollector>
--			<name>Listening port 4739</name>
--			<localPort>4739</localPort>
--			<!--## Collector will listen on all addresses specified below -->
--			<localIPAddress>127.0.0.1</localIPAddress>
--			<localIPAddress>::1</localIPAddress>
--		</sctpCollector>
--		<exportingProcess>File writer SCTP</exportingProcess>
--	</collectingProcess>
--
--	<!--## Exporting process configuration -->
--	<exportingProcess>
--		<!--## Name of the exporting process, must match <exportingProcess> element
--			   in <collectingProcess> -->
--		<name>File writer UDP</name>
--		<!--## Specification of storage plugin -->
--		<destination>
--			<!--## Arbitrary name -->
--			<name>Write to /tmp folder</name>
--			<!--## Observation domain ID valid for this storage plugin 
--				   Only packets with this ODID will be passed to the plugin
--				   If unspecified, plugin is used for unknown ODIDs 
--					 (and not for any of specified)
--			-->
--			<observationDomainId>1</observationDomainId>
--			<!--## This element is passed to storage plugin -->
--			<fileWriter>
--				<!--## fileFormat must be configured in internalcfg.xml -->
--				<fileFormat>ipfix</fileFormat>
--				<!--## Storage plugin specific element -->
--				<file>file://tmp/collected-records-udp_1.ipfix</file>
--			</fileWriter>
--		</destination>
--		<destination>
--			<name>Write to /tmp folder</name>
--			<fileWriter>
--				<fileFormat>ipfix</fileFormat>
--				<file>file://tmp/collected-records-udp.ipfix</file>
--			</fileWriter>
--		</destination>
--	</exportingProcess>
--	
--	<exportingProcess>
--		<name>File writer TCP</name>
--		<destination>
--			<name>Write to /tmp folder</name>
--			<fileWriter>
--				<fileFormat>ipfix</fileFormat>
--				<file>file://tmp/collected-records-tcp.ipfix</file>
--			</fileWriter>
--		</destination>
--
--		<!--## Enable single Data manager - only one instance of storage plugin(s)
--		shared between every ODID -->
--		<!-- <singleManager>yes</singleManager>  -->
--	</exportingProcess>
--
--	<exportingProcess>
--		<name>File writer SCTP</name>
--		<destination>
--			<name>Store data using ipfix file format</name>
--			<fileWriter>
--				<fileFormat>ipfix</fileFormat>
--				<file>file://tmp/collected-records-sctp.ipfix</file>
--			</fileWriter>
--		</destination>
--	</exportingProcess>
--
--	<!-- List of active Intermediate Plugins -->
--	<intermediatePlugins>
--		<!-- Dummy Intermediate Plugin - does nothing -->
--		<dummy_ip>
--		</dummy_ip>
--		
--		<!-- Configuration for Anonymization Intermediate Plugin -->
--		<!--
--		<anonymization_ip>
--			<type>cryptopan</type>
--		</anonymization_ip>
--		-->
--		
--		<!-- Configuration for next Anonymization Intermediate Plugin -->
--		<!--
--		<anonymization_ip>
--			<type>truncation</type>
--		</anonymization_ip>
--		-->
--		
--		<!-- Configuration for joinflows plugin -->
--		<!-- <joinflows_ip>	-->
--			<!-- Set destination ODID -->
--			<!-- <join to="2"> -->
--				<!-- Set source ODIDs for this dst ODID -->
--				<!-- <from>1</from>	-->
--				<!-- <from>3</from> -->
--			<!-- </join> -->
--			<!-- Set another destination ODID -->
--			<!-- <join to="4"> -->
--				<!-- <from>5</from> -->
--				<!-- All ODIDs not mentioned in any <join> block 
--				  will be mapped on this dst ODID -->
--				<!-- <from>*</from> -->
--			<!-- </join> -->
--		<!-- </joinflows_ip> -->
--	</intermediatePlugins>
- </ipfix>' > /etc/ipfixcol/startup.diff
-patch /etc/ipfixcol/startup.xml /etc/ipfixcol/startup.diff
-rm -f /etc/ipfixcol/startup.diff
-SCRIPT

From 9259beba0a3ee651e963545bedf7d0b2071ab50e Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 4 Jul 2016 01:00:54 +0200
Subject: [PATCH 087/169] vagrant: install python-pymongo for reporters storing
 into mongodb

---
 vagrant/common/nemea-dashboard.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/vagrant/common/nemea-dashboard.rb b/vagrant/common/nemea-dashboard.rb
index 6443ae8..0b77b32 100644
--- a/vagrant/common/nemea-dashboard.rb
+++ b/vagrant/common/nemea-dashboard.rb
@@ -15,6 +15,7 @@
 yum groupinstall -y "Development Tools"
 wget -q https://bootstrap.pypa.io/get-pip.py
 python3.4 get-pip.py
+yum install -y python-pymongo
 
 # start services
 systemctl enable httpd

From 599d1496b9ebfecfa6c32f83d4f62bd1a415d580 Mon Sep 17 00:00:00 2001
From: Marek Svepes <svepemar@fit.cvut.cz>
Date: Mon, 4 Jul 2016 13:28:22 +0200
Subject: [PATCH 088/169] doc: README: section about module creation

---
 README.md | 124 ++++++++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 120 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index af5ebd4..3dbcbb3 100644
--- a/README.md
+++ b/README.md
@@ -11,7 +11,7 @@
    - Packer
 - [Quick start and how to](#quick-start-and-how-to)
    - [Deploy NEMEA](#deploy-nemea)
-   - [Create your own module](#create-your-own-module)
+   - [Create your own module in C step by step](#create-your-own-module-in-c-step-by-step)
 - [NEMEA Related publications](#nemea-related-publications)
 
 
@@ -122,7 +122,7 @@ To clone the read-only repositories, use:
 git clone --recursive https://github.com/CESNET/nemea
 ```
 
-After successful clone, use:
+After successful clone and [dependencies](#dependencies) installation (**!**), use:
 ```
 ./bootstrap.sh
 ```
@@ -171,17 +171,133 @@ For more information see [./vagrant/](./vagrant/).
 
 
 # Quick start and how to
-## Deploy NEMEA
-## Create your own module
 
 
+## Create your own module in C step by step
+
+
+**Important**: Nemea-Framework has to be installed in advance. Follow [these instructions](#installation) to install whole NEMEA system (including NEMEA framework) or [these instructions]() to install only NEMEA framework.
+
+
+#### Use Example module as a template
+
+Let `/data/mighty-module/` be the directory we want to develop our module in (replace path `/data/mighty-module/` in all commands with another directory if needed) and *mighty_module* the name of our module. We will use example module as a template - copy all files from [this directory](https://github.com/CESNET/Nemea-Framework/tree/master/examples/module) to `/data/mighty-module/`.
+
+In `/data/mighty-module/configure.ac` replace the following lines
+```
+AC_INIT([example_module], [1.0.0], [traffic-analysis@cesnet.cz])
+AC_CONFIG_SRCDIR([example_module.c])
+```
+with
+```
+AC_INIT([migty_module], [1.0.0], [YOUR EMAIL ADDRESS])
+AC_CONFIG_SRCDIR([mighty_module.c])
+```
+
+In `/data/mighty-module/Makefile.am` replace the following lines
+```
+bin_PROGRAMS=example_module
+example_module_SOURCES=example_module.c fields.c fields.h
+example_module_LDADD=-lunirec -ltrap
+```
+with
+```
+bin_PROGRAMS=mighty_module
+mighty_module_SOURCES=mighty_module.c fields.c fields.h
+mighty_module_LDADD=-lunirec -ltrap
+```
+
+Finally execute `mv /data/mighty-module/example_module.c /data/mighty-module/mighty_module.c` to rename the source file.
+
 
+####Build the module
 
+Execute the following commands in `/data/might-module/`:
+
+1) Let Autotools process the configuration files.
+```
+autoreconf -i
+```
 
+2) Configure the module directory.
+```
+./configure
+```
 
+3) Build the module.
+```
+make
+```
 
+4) (**Optional**) Install the module. The command should be performed as root (e.g. using sudo).
+```
+make install
+```
+
+
+### Code explanation
+
+The example module already links **TRAP** (libtrap) and **UniRec** libraries. It is a simple module with one input and one output interface which receives on input inteface a message in UniRec format with two numbers and sends them together with their sum to output interface.
+
+The code contains comments but here is the list of important operations:
+
+
+#### LibTRAP
+
+1. [Basic module information](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L74) - specify name, description and number of input / output interfaces of the module
+2. [Module parameters](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L87) - define parameters the module accepts as program arguments
+3. [Module info structure initialization](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L111) - initialize a structure with information from the two previsous points
+4. [TRAP initialization](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L116) - initialize module interfaces
+5. [GETOPT macro](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L127) - parse program arguments
+6. Main loop:
+   * [Receive a message](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L172) - receive a message in UniRec format from input interface
+   * [Handle receive error](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L175) - check whether an error has occured during receive
+   * [Send a message](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L200) - send a message in UniRec format via output interface
+   * [Handle send error](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L203) - check whether an error has ocurred during send
+7. [TRAP and module info clean-up](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L210) - free everything, libtrap finalization
+
+
+#### UniRec
+
+1. [UniRec fields definition](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L62) - define data types and names of the fields which will be used in UniRec messages (both received and sent messages), e.g. *uint32 PACKETS*
+2. [Templates creation](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L141) - create UniRec templates separately for every interface (a template defines set of fields in the message) note: two input interfaces receiving same messages can use one template
+3. [Output record allocation](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L154) - allocate a memory for message sent via output interface
+4. Main loop (*fields manipulation*):
+   * [get field](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L191) - get a value of specified field from received message according to UniRec template
+   * [set field](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L196) - set a value of specified field in message which will be sent according to UniRec template
+   * [copy fields](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L195) - copy values of fields in received message to fields in message which will be sent according to UniRec templates of both interfaces (only fields that are common for both interfaces are copied)
+5. [UniRec cleanup](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L219) - free everything, UniRec finalization
+
+
+### Execute the module
+
+Modules using TRAP library have two implicit program arguments. `module -h` for help (optional) and `module -i IFC_SPEC` for interface specification (mandatory).
+
+
+#### Module help
+
+After executing `/data/mighty-module/mighty_module -h`, program prints help which contains information from module info structure:
+
+* module basic information - name, description, number of input / output interfaces
+* module parameters - short opt, long opt, description, argument data type
+* TRAP library parameters - parameters common for all modules using libtrap
+
+
+#### Interface specifier
+
+Format of the specifier with examples is explained in detail [here](https://github.com/CESNET/Nemea-Framework/blob/master/libtrap/README.ifcspec.md).
+
+
+### Develop the module
+
+Now just modify the algorithm in the main loop and job is done :-)
+
+
+## Deploy NEMEA
 
+#### Add a new module to running conf
 
+#### Get flows to your system - nfreader, logreplay, flowmeter, ipfixcol
 
 
 Quick Start Guide

From 874882ddda3a0c6d556260fce61b0666904ce9e0 Mon Sep 17 00:00:00 2001
From: Marek Svepes <svepemar@fit.cvut.cz>
Date: Sat, 9 Jul 2016 19:39:24 +0200
Subject: [PATCH 089/169] doc: README: section "try out NEMEA modules"

---
 README.md | 188 ++++++++++++++++++++++++++++++++----------------------
 1 file changed, 111 insertions(+), 77 deletions(-)

diff --git a/README.md b/README.md
index 3dbcbb3..ea25016 100644
--- a/README.md
+++ b/README.md
@@ -10,6 +10,7 @@
    - [Vagrant](#vagrant)
    - Packer
 - [Quick start and how to](#quick-start-and-how-to)
+   - [Try out NEMEA modules](#try-out-nemea-modules)
    - [Deploy NEMEA](#deploy-nemea)
    - [Create your own module in C step by step](#create-your-own-module-in-c-step-by-step)
 - [NEMEA Related publications](#nemea-related-publications)
@@ -168,14 +169,122 @@ To try the system "out-of-box", you can use [Vagrant](https://www.vagrantup.com/
 For more information see [./vagrant/](./vagrant/).
 
 
+# Quick start and how to
 
 
-# Quick start and how to
+## Try out NEMEA modules
 
+**Important**: Nemea has to be compiled in advance. Follow [these instructions](#installation) to install NEMEA system from source codes (for this part the *make install* step is optional).
 
-## Create your own module in C step by step
+
+### Execute a module
+
+Modules using TRAP library have two implicit program arguments. `module -h` for help (optional) and `module -i IFC_SPEC` for interface specification (mandatory).
+
+
+**Module help `-h`**
+
+The example below shows part of help output of the [logger]() module. It contains modules name, description, number of input and output interfaces, modules paramteters and TRAP library parameters (common for all modules).
+
+```
+TRAP module, libtrap version: 0.7.6 b258bb4
+===========================================
+Name: Logger
+Inputs: variable
+Outputs: 0
+Description:
+  This module logs all incoming UniRec records to standard output or into a specified file. Each record
+  is written as one line containing values of its fields in human-readable format separated by chosen
+  delimiters (CSV format). If you use more than one input interface you have to specify output format by
+  parameter "-o".
+
+Usage:  logger [COMMON]... [OPTIONS]...
+
+Parameters of module [OPTIONS]:
+-------------------------------
+  -w  --write <string>             Write output to FILE instead of stdout (rewrite the file).
+
+  -a  --append <string>            Write output to FILE instead of stdout (append to the end).
+
+  -t  --title                      Write names of fields on the first line.
+
+  -c  --cut <uint32>               Quit after N records are received, 0 can be useful in combination
+                                   with -t to print UniRec.
+
+Common TRAP parameters [COMMON]:
+--------------------------------
+  -h [trap,1]                      If no argument, print this message. If "trap" or 1 is given, print
+                                   TRAP help.
+
+  -i IFC_SPEC                      Specification of interface types and their parameters, see "-h trap"
+                                   (mandatory parameter).
+
+  -v                               Be verbose.
+
+Environment variables that affects output:
+------------------------------------------
+  LIBTRAP_OUTPUT_FORMAT            If set to "json", information about module is printed in JSON format.
+
+  PAGER                            Show the help output in the set PAGER.
+```
+
+
+**Interface specifier `-i`**
+
+The `-i` parameter with the interface specifier *IFC_SPEC* (`module -i IFC_SPEC`) specifies modules interfaces - their types and parameters. The interface specifier has the following format:
+
+`<IFC 1>,<IFC 2>,...,<IFC N>`.
+
+where `<IFC x>` looks like
+
+`<type>:<par1>:<par2>:...:<parN>`.
+
+Interfaces are separated by `,` and their parameters are separated by `:`. Input IFCs must be specified at first, output IFCs follow. Examples below show the two most common cases.
+
+* `module1 -i t:address:port1,t:port2`
+* `module2 -i u:sock1,u:sock2`
+
+First example *module1* uses TCPIP interfaces (for machine to machine communication) and it has one input and one output interface. The first interface (`t:address:port1`) has type `t` (TCPIP) and it will connect to machine with address `address` on port `port1` (it behaves as a client). The second interface (`t:port2`) is also TCPIP and it will listen on port `port2` for incoming connections (it behaves as a server).
+
+Second example *module2* uses UNIX-SOCKET interfaces (for communication on the same machine) and it has also one input and one output interface. The first interface (`u:sock1`) has type `u` (UNIX-SOCKET) and it will connect to socket `sock1` (it behaves as a client). The second interface (`u:sock2`) is also UNIX-SOCKET and it will listen on `sock2` for incoming connections (it behaves as a server).
+
+**Important findings:**
+* TCPIP interface for machine to machine communication, UNIX-SOCKET for communication on the same machine
+* input interface behaves as a client, output interfaces behaves as a server
+
+For detailed information and another examples with *IFC_SPEC* click [here](https://github.com/CESNET/Nemea-Framework/blob/master/libtrap/README.ifcspec.md).
+
+
+### Interconnect two modules
+
+Let´s try to interconnect [logreplay](https://github.com/CESNET/Nemea-Modules/tree/master/logreplay) and [logger](https://github.com/CESNET/Nemea-Modules/tree/master/logger) modules to see them communicate.
+Logreplay module has one output interface and it reads CSV file from logger module and sends it in UniRec format.
+Logger has one input interface and it logs all incoming UniRec records to standard output or into specified file in CSV format.
+These two modules can be interconnected using one input IFC and one output IFC.
+
+[This script](https://github.com/CESNET/Nemea/blob/master/use-cases/logger-repeater.sh) can be used for the demonstration. With no parameter it prints help with description, otherwise it accepts *generate* parameter or a name of input CSV file. With *generate* parameter it first creates tmp CSV file with header and 3 flow records (see [this](https://github.com/CESNET/Nemea/blob/master/use-cases/logger-repeater.sh#L53)). Thereafter it executes logreplay and logger modules
+
+```
+logreplay -i "u:my_socket"` -f CSV_file
+```
+and
+```
+logger -i "u:my_socket" -t
+```
+
+Logreplay has one UNIX-SOCKET output interface listening on *my_socket* and logger has one UNIX-SOCKET input interface which connects to *my_socket*.
+
+Now finally open [this directory](https://github.com/CESNET/Nemea/tree/master/use-cases) and execute the script:
+```
+./logger-repeater.sh generate
+```
+
+It should print exactly the same output as generated CSV tmp input (header with 3 records). In [use-cases](https://github.com/CESNET/Nemea/tree/master/use-cases) there are more examples with basic modules.
+`logreplay` is one of possible ways of getting data into the NEMEA system. [Here]() is the list of all possible ways.
 
 
+## Create your own module in C step by step
+
 **Important**: Nemea-Framework has to be installed in advance. Follow [these instructions](#installation) to install whole NEMEA system (including NEMEA framework) or [these instructions]() to install only NEMEA framework.
 
 
@@ -300,81 +409,6 @@ Now just modify the algorithm in the main loop and job is done :-)
 #### Get flows to your system - nfreader, logreplay, flowmeter, ipfixcol
 
 
-Quick Start Guide
-=================
-
-The heart of the NEMEA system is a NEMEA module. NEMEA modules are building blocks - independent system processes
-that can be connected with each other. Information about every module can be found in its help:
-````
-./module -h
-```
-
-Every NEMEA module can have one or more communication interfaces (IFC) implemented in
-[libtrap](https://github.com/CESNET/Nemea-Framework/tree/master/libtrap). There are two types of IFCs: **input** and **output**. Numbers of module's IFCs
-can be found in its help.
-
-At the beginning, let's try the `logreplay` module ([modules/logreplay](https://github.com/CESNET/Nemea-Modules/tree/master/logreplay)).
-The help output shows that `logreplay` has one output IFC:
-```
-Name: LogReplay
-Inputs: 0
-Outputs: 1
-Description:
-  This module converts CSV from logger and sends it in UniRec. The first row
-  of CSV file has to be data format of fields.
-```
-
-The complement module is `logger` ([modules/logger](https://github.com/CESNET/Nemea-Modules/tree/master/logger)), help output:
-```
-Name: Logger
-Inputs: variable
-Outputs: 0
-Description:
-  This module logs all incoming UniRec records to standard output or into a
-  specified file. Each record is written as one line containing values of its
-  fields in human-readable format separated by chosen delimiters (CSV format).
-  If you use more than one input interface you have to specify output format
-  by parameter "-o".
-```
-
-Two modules can be interconnected using one input IFC and one output IFC.
-
-The [./use-cases](./use-cases) directory contains example scripts that demonstrate usage and functionality of
-NEMEA modules. `logreplay` and `logger` can be found in [./use-cases/logger-repeater.sh](./use-cases/logger-repeater.sh).
-Start the script to see how flow records are replayed from CSV file by `logreplay` and received by `logger`:
-```
-cd use-cases
-./logger-repeater.sh generate
-```
-
-To get usage of scripts from `use-cases`, execute a script without parameter. The `generate` parameter of
-`logger-repeater.sh` can be used to generate CSV file automatically. For more information, see source codes of
-scripts.
-
-`logreplay` is one of possible ways of getting data into the NEMEA system.
-There is a [nfreader](https://github.com/CESNET/Nemea-modules/tree/master/nfreader) module that is able to read and replay `nfdump` files.
-Last but not least, there is an [ipfixcol](https://github.com/CESNET/ipfixcol/) with [ipfixcol2unirec](https://github.com/CESNET/ipfixcol/tree/master/plugins/storage/unirec)
-that is capable of exporting flow data in UniRec format and sending it via libtrap IFC.
-
-Manage NEMEA modules efficiently
-================================
-
-The Nemea system can be managed and monitored by a special module called
-[Supervisor](https://github.com/CESNET/Nemea-Supervisor).
-
-Some modules that are contained in Nemea-Modules and Nemea-Detectors provide their default
-configuration in [nemea-supervisor/configs/](https://github.com/CESNET/Nemea-Supervisor/tree/master/configs/).
-To use prepared configuration, run `make` in `nemea-supervisor/configs` and start:
-```
-nemea-supervisor/supervisor -f nemea-supervisor/configs/supervisor_config.xml
-```
-To start `supervisor` in an interactive mode, use `-d`
-
-For more information about Supervisor see its [README](https://github.com/CESNET/Nemea-Supervisor/blob/master/README.md).
-
-Note: It is totally up to user whether to use `nemea-supervisor/configs` or not.  It is just
-an example of a working configuration.
-
 
 NEMEA Related Publications
 ==========================

From 0f1cc8dea9701dbe0b1f5043e58d441478a5d3f1 Mon Sep 17 00:00:00 2001
From: Marek Svepes <svepemar@fit.cvut.cz>
Date: Sat, 9 Jul 2016 19:45:49 +0200
Subject: [PATCH 090/169] doc: README: few fixes

---
 README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index ea25016..1b4c852 100644
--- a/README.md
+++ b/README.md
@@ -184,7 +184,7 @@ Modules using TRAP library have two implicit program arguments. `module -h` for
 
 **Module help `-h`**
 
-The example below shows part of help output of the [logger]() module. It contains modules name, description, number of input and output interfaces, modules paramteters and TRAP library parameters (common for all modules).
+The example below shows part of help output of the [logger](https://github.com/CESNET/Nemea-Modules/tree/master/logger) module. It contains modules name, description, number of input and output interfaces, modules paramteters and TRAP library parameters (common for all modules).
 
 ```
 TRAP module, libtrap version: 0.7.6 b258bb4
@@ -279,8 +279,8 @@ Now finally open [this directory](https://github.com/CESNET/Nemea/tree/master/us
 ./logger-repeater.sh generate
 ```
 
-It should print exactly the same output as generated CSV tmp input (header with 3 records). In [use-cases](https://github.com/CESNET/Nemea/tree/master/use-cases) there are more examples with basic modules.
-`logreplay` is one of possible ways of getting data into the NEMEA system. [Here]() is the list of all possible ways.
+It should print exactly the same output as generated CSV tmp input (header and 3 records). In [use-cases](https://github.com/CESNET/Nemea/tree/master/use-cases) there are more examples with basic modules.
+`logreplay` is one of possible ways of getting data into the NEMEA system. Here(TODO) is the list of all possible ways.
 
 
 ## Create your own module in C step by step

From b8b6200d69a93819f44ae5c650f82b9efcf1ad19 Mon Sep 17 00:00:00 2001
From: Marek Svepes <svepemar@fit.cvut.cz>
Date: Tue, 12 Jul 2016 10:47:09 +0200
Subject: [PATCH 091/169] doc: README: deployment section

---
 README.md | 79 ++++++++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 73 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 1b4c852..8278bf0 100644
--- a/README.md
+++ b/README.md
@@ -283,6 +283,78 @@ It should print exactly the same output as generated CSV tmp input (header and 3
 `logreplay` is one of possible ways of getting data into the NEMEA system. Here(TODO) is the list of all possible ways.
 
 
+## Deploy NEMEA
+
+This section shows how to deploy NEMEA in four steps.
+
+It only covers the basics needed to run the system in its default configuration. Keep in mind that NEMEA was designed as a very flexible framework, so every user can (and should) adjust the configuration of NEMEA modules to their own purposes.
+
+
+### 1. Installation
+
+First of all, the whole system (NEMEA Framework, Modules, Detectors and Supervisor) has to be installed. Follow [these](#installation) instructions to install the system from RPM or from source codes.
+
+
+### 2. Prepare configurations
+
+To avoid manual control of the system, there is [NEMEA Supervisor](https://github.com/CESNET/Nemea-Supervisor). It is central management and monitoring tool of the system and it takes care of running modules **according to a specified XML configuration**.
+
+We need to prepare XML configuration file for Supervisor. Fortunatelly, almost everything is already done.
+
+After installation (from RPM or from source codes with recommended `configure` parameters), there are 2 important paths with configurations:
+* `/ush/share/nemea-supervisor/` - contains default prepared XML configuraions of all NEMEA modules (like [here](https://github.com/CESNET/Nemea-Supervisor/tree/master/configs))
+* `/etc/nemea/` - contains XML configuration file for Supervisor and directories with used modules configurations (they are empty after installation)
+
+Note: these two paths depend on *datarootdir* and *sysconfdir* parameters of the `configure` script during the installation.
+
+The only thing we have to do is this (probably with sudo / root):
+```
+cp -r /usr/share/nemea-supervisor /etc/nemea
+```
+
+After this command, supervisor will use default configurations of the modules. It is shown [here]() that the paths from sysconfdir (/etc/nemea in our case) are included in the configuration file. For detailed information about supervisor configuration file click [here]().
+
+
+### 3. Start and control modules
+
+Once the set of NEMEA modules was configured, all of them can be started easily by [Nemea Supervisor](https://github.com/CESNET/Nemea-Supervisor):
+* `service nemea-supervisor start`
+* OR? `supcli`, option 6 (reload configuration)
+  * (*TODO*: will this start the modules? and would this work for every installation option or for RPM/Vagrant only?)
+* Check status of the modules:
+  * `supcli`, option 4
+  * All modules previously enabled should be *running*.
+
+The modules are running, but they don't receive any data yet. We need to send some flow data to the system ...
+
+
+### 4. Get flows to your system
+
+**IpfixCol**
+
+*(recommended)* Use IPFIXcol to collect NetFlow/IPFIX data from routers/probes and an IPFIXcol [unirec plugin](https://github.com/CESNET/ipfixcol/tree/master/plugins/storage/unirec) to re-send the data to NEMEA.
+  * needed to install IPFIXcol and the plugin and to set up the routers/probes
+  * default and recommended solution for production
+
+
+**FlowMeter**
+
+Use NEMEA internal flow exporter (*flow_meter* module).
+  * it reads data directly from network interface (via libpcap), measures flows and export it to other NEMEA modules
+  * simple, but not very performing solution (flow_meter was not designed for performance), suitable only for testing or very small networks
+    * *TODO*: measure how much traffic can flow_meter handle and make recommendation what "very small network" means?
+
+
+**NfReader**
+
+[NfReader](https://github.com/CESNET/Nemea-Modules/tree/master/nfreader) reads **nfdump** files and sends flow records in UniRec format on its output TRAP interface.
+
+
+**LogReplay**
+
+[LogReplay](https://github.com/CESNET/Nemea-Modules/tree/master/logreplay) converts CSV format of data, from logger module to UniRec format and sends it to the output interface.
+
+
 ## Create your own module in C step by step
 
 **Important**: Nemea-Framework has to be installed in advance. Follow [these instructions](#installation) to install whole NEMEA system (including NEMEA framework) or [these instructions]() to install only NEMEA framework.
@@ -402,12 +474,7 @@ Format of the specifier with examples is explained in detail [here](https://gith
 Now just modify the algorithm in the main loop and job is done :-)
 
 
-## Deploy NEMEA
-
-#### Add a new module to running conf
-
-#### Get flows to your system - nfreader, logreplay, flowmeter, ipfixcol
-
+### Add a new module to running conf
 
 
 NEMEA Related Publications

From 44ca53e9342dc58c8a6761a48c703d9fbac4f76d Mon Sep 17 00:00:00 2001
From: Marek Svepes <svepemar@fit.cvut.cz>
Date: Wed, 13 Jul 2016 19:33:29 +0200
Subject: [PATCH 092/169] doc: README: deploy NEMEA section and add new module
 to running conf section

---
 README.md | 37 ++++++++++++++++++++++++++-----------
 1 file changed, 26 insertions(+), 11 deletions(-)

diff --git a/README.md b/README.md
index 8278bf0..705e5f6 100644
--- a/README.md
+++ b/README.md
@@ -12,7 +12,8 @@
 - [Quick start and how to](#quick-start-and-how-to)
    - [Try out NEMEA modules](#try-out-nemea-modules)
    - [Deploy NEMEA](#deploy-nemea)
-   - [Create your own module in C step by step](#create-your-own-module-in-c-step-by-step)
+   - [Create your own module in C](#create-your-own-module-in-c)
+   - [Add new module to running configuration](#add-new-module-to-running-configuration)
 - [NEMEA Related publications](#nemea-related-publications)
 
 
@@ -312,18 +313,23 @@ The only thing we have to do is this (probably with sudo / root):
 cp -r /usr/share/nemea-supervisor /etc/nemea
 ```
 
-After this command, supervisor will use default configurations of the modules. It is shown [here]() that the paths from sysconfdir (/etc/nemea in our case) are included in the configuration file. For detailed information about supervisor configuration file click [here]().
+After this command, supervisor will use default configurations of the modules. It is shown [here](https://github.com/CESNET/Nemea-Supervisor/blob/master/configs/supervisor_config_template.xml.in#L8) that the paths from sysconfdir (/etc/nemea in our case) are included in the configuration file. For detailed information about supervisor configuration file click [here](https://github.com/CESNET/Nemea-Supervisor#configuration).
 
 
 ### 3. Start and control modules
 
-Once the set of NEMEA modules was configured, all of them can be started easily by [Nemea Supervisor](https://github.com/CESNET/Nemea-Supervisor):
-* `service nemea-supervisor start`
-* OR? `supcli`, option 6 (reload configuration)
-  * (*TODO*: will this start the modules? and would this work for every installation option or for RPM/Vagrant only?)
-* Check status of the modules:
-  * `supcli`, option 4
-  * All modules previously enabled should be *running*.
+Once the configurations are prepared, modules can be managed by Supervisor. It can be easily started as a systemd service with
+
+`service nemea-supervisor start` (recommended, probably with root / sudo)
+
+or manually
+
+`/usr/bin/nemea/supervisor --daemon -T /etc/nemea/supervisor_config_template.xml -L /var/log/nemea-supervisor` TODO run as nemead user
+
+See all service commands [here](https://github.com/CESNET/Nemea-Supervisor#program-modes) and all program parameters with `/usr/bin/nemea/supervisor -h`. You can also check whether the process is running or not with `ps -ef | grep supervisor`.
+If Supervisor did not start successfully, it should print error info directly to terminal (in case of manual start) or to system log (in case of service) which can be browsed with `journalctl -xe`. Runtime errors and events can be found in `supervisor_log` file located in the -L directory (`/var/log/nemea-supervisor` by default).
+
+Now we can connect to running supervisor with supervisor client simply with command `supcli`. The menu with options is described in detail [here](https://github.com/CESNET/Nemea-Supervisor#supervisor-functions). After pressing number *4* and *enter*, it prints current status of the system. By default, all *detectors* and *loggers* (except flow_meter logger) should be enabled and running.
 
 The modules are running, but they don't receive any data yet. We need to send some flow data to the system ...
 
@@ -355,7 +361,7 @@ Use NEMEA internal flow exporter (*flow_meter* module).
 [LogReplay](https://github.com/CESNET/Nemea-Modules/tree/master/logreplay) converts CSV format of data, from logger module to UniRec format and sends it to the output interface.
 
 
-## Create your own module in C step by step
+## Create your own module in C
 
 **Important**: Nemea-Framework has to be installed in advance. Follow [these instructions](#installation) to install whole NEMEA system (including NEMEA framework) or [these instructions]() to install only NEMEA framework.
 
@@ -474,7 +480,16 @@ Format of the specifier with examples is explained in detail [here](https://gith
 Now just modify the algorithm in the main loop and job is done :-)
 
 
-### Add a new module to running conf
+## Add new module to running configuration
+
+This section is for those who has already deployed the system ([see this section](#deploy-nemea)) and wants to add their module to the running configuration. It can be done in 3 steps:
+
+1. Create a *.sup* config file for your module. You can use [this](https://github.com/CESNET/Nemea-Supervisor/blob/master/configs/template.sup#L10) empty template and fill it according to [this](https://github.com/CESNET/Nemea-Supervisor/blob/master/configs/detectors/dnstunnel_detection.sup) example ([example with comments](https://github.com/CESNET/Nemea-Supervisor/blob/master/configs/config_example.xml#L19)).
+2. Add the new *.sup* file to directory included in the Supervisor configuration file. If you have used recommended parameters of the `configure` script during the installation, both the configuraion file and the directories should be located in `/etc/nemea`, otherwise check the paths in the configuration file the Supervisor is running with. Than copy the file to one of the directories you want e.g. `cp ./your_module.sup /etc/nemea/others`.
+3. Connect to Supervisor using `supcli` command and select option 6 *reload configuration*. New module should be added and if the enabled flag is set to *true*, it should be also running.
+
+For detailed information about Supervisor configuration see [this](https://github.com/CESNET/Nemea-Supervisor#configuration).
+
 
 
 NEMEA Related Publications

From 1aaad42d8691e05a4fa353e2ca66118689f35a13 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Tue, 19 Jul 2016 17:53:24 +0200
Subject: [PATCH 093/169] nemea: revision of README

---
 README.md | 258 ++++++++++++++++++++++++++++++++++++------------------
 1 file changed, 171 insertions(+), 87 deletions(-)

diff --git a/README.md b/README.md
index 705e5f6..329c7be 100644
--- a/README.md
+++ b/README.md
@@ -32,8 +32,8 @@ The following picture shows all important parts of the system.
 ![NEMEA parts](doc/NEMEA-parts.png)
 
 1. Modules - basic building blocks; separate system processes; receive stream of data on their input interfaces, process it and send another stream of data to their output interfaces; all modules are simply divided into two groups according to their task:
-   * **detectors** (*red*) - detect some malicious traffic, e.g. *DNS tunnel*, *DoS*, *scanning*
-   * **modules** (*yellow*) - export&storage of flow data, preprocess or postprocess the data (filter, aggregate, merge etc.)
+   * **Detectors** (*red*) - detect some malicious traffic, e.g. *DNS tunnel*, *DoS*, *scanning*
+   * **Modules** (*yellow*) - export&storage of flow data, preprocess or postprocess the data (filter, aggregate, merge etc.)
 2. NEMEA Framework - set of libraries implementing features common for all modules
    * **TRAP** (Traffic Analysis Platform) (*blue*) - implements communication interfaces and functions for sending/receiving the messages between interfaces
    * **UniRec** (Unified Record) (*orange*) - implements efficient data format of the sent/received messages
@@ -43,6 +43,7 @@ The following picture shows all important parts of the system.
 ## Repositories
 
 The project is divided into four repositories added as submodules:
+
 * [NEMEA framework](https://github.com/CESNET/Nemea-Framework)
 * [NEMEA modules](https://github.com/CESNET/Nemea-Modules)
 * [NEMEA detectors](https://github.com/CESNET/Nemea-Detectors)
@@ -66,26 +67,18 @@ The project is divided into four repositories added as submodules:
 ### Optional dependencies of modules and detectors
 
 * rpm-build (build of RPM packages)
-* libpcap (flow_meter)
-* libnfdump (http://sourceforge.net/projects/libnfdump/) or libnf (https://github.com/VUTBR/nf-tools/tree/master/libnf/c) (nfreader)
-* libidn (blacklistfilter)
-* bison and flex (unirecfilter)
+* libpcap ([flow_meter](https://github.com/CESNET/Nemea-Modules/tree/master/flow_meter))
+* [libnf](https://github.com/VUTBR/nf-tools/tree/master/libnf/c) or [libnfdump](http://sourceforge.net/projects/libnfdump/) ([nfreader](https://github.com/CESNET/Nemea-Modules/tree/master/nfreader))
+* libidn ([blacklistfilter](https://github.com/CESNET/Nemea-Detectors/tree/master/blacklistfilter))
+* bison and flex ([unirecfilter](https://github.com/CESNET/Nemea-Modules/tree/master/unirecfilter))
 
 ### How to install dependencies:
 
 ```
-dnf install -y autoconf automake gcc gcc-c++ libtool libxml2-devel make pkg-config libpcap libidn bison flex
-```
-
-On older systems use `yum` instead of `dnf`.
-
-On Debian-based systems:
-
-```
-apt-get update;
-apt-get install TODO
+yum install -y autoconf automake gcc gcc-c++ libtool libxml2-devel make pkg-config libpcap libidn bison flex
 ```
 
+Note: Latest systems (e.g. Fedora) use `dnf` instead of `yum`.
 
 
 # Installation
@@ -94,10 +87,17 @@ There are three different ways of installation of the NEMEA system covered
 in this document: **vagrant**, **binary packages** and **source codes**.
 
 
+## Vagrant
+
+To try the system "out-of-box", you can use [Vagrant](https://www.vagrantup.com/).
+For more information see [./vagrant/](./vagrant/).
+
+
 ## Binary packages
 
 The NEMEA system can be installed from binary RPM packages.
-To add CESNET's repository containing the packages, run (as root/sudo):
+To add CESNET repository containing the packages, run (as root/sudo):
+
 ```
 rpm -ivh https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/liberouter-devel-1.0.0-1.noarch.rpm
 ```
@@ -107,37 +107,43 @@ After that, NEMEA can be installed as any other package (run as root/sudo):
 yum install nemea
 ```
 
-Note: `yum` was replaced by `dnf` in some distributions.
+Note: Latest systems (e.g. Fedora) use `dnf` instead of `yum`.
+
 
 For development purposes, there is `nemea-framework-devel` package that installs
 all needed development files and docs.
 
+Currently, we do not have .deb packages (for Debian/Ubuntu/...) but we are working on it. Please follow installation from [source codes](#source-codes)
 
 ## Source codes
 
 The whole system is based on GNU/Autotools build system that makes dependency checking and
 building process much more easier.
 
-To clone the read-only repositories, use:
+To clone the NEMEA repositories, use:
 
 ```
 git clone --recursive https://github.com/CESNET/nemea
 ```
 
 After successful clone and [dependencies](#dependencies) installation (**!**), use:
+
 ```
 ./bootstrap.sh
 ```
+
 that will create `configure` scripts and other needed files.
 
 The `configure` script supplies various possibilities of
 configuration and it uses some environmental variables that influence the build
 and compilation process. For more information see:
+
 ```
 ./configure --help
 ```
 
 We recommend to set paths according to the used operating system, e.g.:
+
 ```
 ./configure --prefix=/usr --bindir=/usr/bin/nemea --sysconfdir=/etc/nemea --libdir=/usr/lib64
 ```
@@ -164,28 +170,24 @@ make install
 Congratulations, the whole NEMEA system should be installed right now... :-)
 
 
-## Vagrant
-
-To try the system "out-of-box", you can use [Vagrant](https://www.vagrantup.com/).
-For more information see [./vagrant/](./vagrant/).
-
-
 # Quick start and how to
 
 
 ## Try out NEMEA modules
 
-**Important**: Nemea has to be compiled in advance. Follow [these instructions](#installation) to install NEMEA system from source codes (for this part the *make install* step is optional).
-
-
 ### Execute a module
 
-Modules using TRAP library have two implicit program arguments. `module -h` for help (optional) and `module -i IFC_SPEC` for interface specification (mandatory).
+NEMEA modules using have two implicit arguments. `module -h` for help
+(optional) and `module -i IFC_SPEC` for communication interface (IFC)
+specification.  The `-i` parameter is mandatory for all NEMEA modules.
 
 
 **Module help `-h`**
 
-The example below shows part of help output of the [logger](https://github.com/CESNET/Nemea-Modules/tree/master/logger) module. It contains modules name, description, number of input and output interfaces, modules paramteters and TRAP library parameters (common for all modules).
+The example below shows part of help output of [logger](https://github.com/CESNET/Nemea-Modules/tree/master/logger).
+It contains module's name, description, number of input and output IFC, modules
+parameters and TRAP library parameters (common for all modules).
+
 
 ```
 TRAP module, libtrap version: 0.7.6 b258bb4
@@ -232,38 +234,75 @@ Environment variables that affects output:
 
 **Interface specifier `-i`**
 
-The `-i` parameter with the interface specifier *IFC_SPEC* (`module -i IFC_SPEC`) specifies modules interfaces - their types and parameters. The interface specifier has the following format:
+The `-i` parameter with the interface specifier *IFC_SPEC* (`module -i IFC_SPEC`)
+specifies modules interfaces - their types and parameters.  The interface
+specifier has the following format:
 
-`<IFC 1>,<IFC 2>,...,<IFC N>`.
+`<IFC 1>,<IFC 2>,...,<IFC N>`
 
 where `<IFC x>` looks like
 
 `<type>:<par1>:<par2>:...:<parN>`.
 
-Interfaces are separated by `,` and their parameters are separated by `:`. Input IFCs must be specified at first, output IFCs follow. Examples below show the two most common cases.
+`<type>` can be one of the following: `t` - TCP socket (for remote
+communication), `u` - UNIX socket (for local communication), `b` - blackhole to
+drop all messages during sending, `f` - File IFC.
+
+Interfaces are separated by `,` and their parameters are separated by `:`.
+Input IFCs must be specified at first, output IFCs follow. Examples below show
+
+Example:
+
+```
+module1 -i t:address:port1,t:port2
+```
+
+*module1* uses TCP interfaces (for machine to machine communication). Let's
+assume it has one input and one output interface (number of input and output
+IFCs is given by programmer of the module). Therefore, input IFC will connect
+to `address:port1` and output IFC will listen on `port2`.
 
-* `module1 -i t:address:port1,t:port2`
-* `module2 -i u:sock1,u:sock2`
+TCP type of IFC expects mandatory parameter `port` and optionally, additional
+parameter `address` (as it is used in example).  Default value of `address` is
+`localhost`.
 
-First example *module1* uses TCPIP interfaces (for machine to machine communication) and it has one input and one output interface. The first interface (`t:address:port1`) has type `t` (TCPIP) and it will connect to machine with address `address` on port `port1` (it behaves as a client). The second interface (`t:port2`) is also TCPIP and it will listen on port `port2` for incoming connections (it behaves as a server).
 
-Second example *module2* uses UNIX-SOCKET interfaces (for communication on the same machine) and it has also one input and one output interface. The first interface (`u:sock1`) has type `u` (UNIX-SOCKET) and it will connect to socket `sock1` (it behaves as a client). The second interface (`u:sock2`) is also UNIX-SOCKET and it will listen on `sock2` for incoming connections (it behaves as a server).
+Example:
+
+```
+module2 -i u:sock1,u:sock2
+```
+
+UNIX type of IFC expects unique identifier of the socket.  For compatibility
+with TCP IFC, `address` can be specified but **it has no effect!**
+
 
 **Important findings:**
-* TCPIP interface for machine to machine communication, UNIX-SOCKET for communication on the same machine
+
+* TCP interface for machine to machine communication, UNIX-SOCKET for communication on the same machine
 * input interface behaves as a client, output interfaces behaves as a server
 
-For detailed information and another examples with *IFC_SPEC* click [here](https://github.com/CESNET/Nemea-Framework/blob/master/libtrap/README.ifcspec.md).
+Detailed information and another examples of *IFC_SPEC* can be found in [libtrap/README.ifcspec.md](https://github.com/CESNET/Nemea-Framework/blob/master/libtrap/README.ifcspec.md).
 
 
 ### Interconnect two modules
 
-Let´s try to interconnect [logreplay](https://github.com/CESNET/Nemea-Modules/tree/master/logreplay) and [logger](https://github.com/CESNET/Nemea-Modules/tree/master/logger) modules to see them communicate.
-Logreplay module has one output interface and it reads CSV file from logger module and sends it in UniRec format.
-Logger has one input interface and it logs all incoming UniRec records to standard output or into specified file in CSV format.
-These two modules can be interconnected using one input IFC and one output IFC.
+Let´s try to interconnect
+[logreplay](https://github.com/CESNET/Nemea-Modules/tree/master/logreplay) and
+[logger](https://github.com/CESNET/Nemea-Modules/tree/master/logger) modules to
+see them communicate.
+Logreplay module has one output IFC.  It reads CSV file created by logger
+module and sends it in UniRec format.  Logger has one input interface and it
+logs all incoming UniRec records to standard output or into specified file in
+CSV format.  These two modules can be interconnected using one input IFC and
+one output IFC.
 
-[This script](https://github.com/CESNET/Nemea/blob/master/use-cases/logger-repeater.sh) can be used for the demonstration. With no parameter it prints help with description, otherwise it accepts *generate* parameter or a name of input CSV file. With *generate* parameter it first creates tmp CSV file with header and 3 flow records (see [this](https://github.com/CESNET/Nemea/blob/master/use-cases/logger-repeater.sh#L53)). Thereafter it executes logreplay and logger modules
+[use-cases/logger-repeater.sh](https://github.com/CESNET/Nemea/blob/master/use-cases/logger-repeater.sh)
+can be used for the demonstration. With no parameter, it prints help with
+description.  With *generate* parameter, the script creates a CSV file with header and 3
+flow records (see
+[use-cases/logger-repeater.sh#L53](https://github.com/CESNET/Nemea/blob/master/use-cases/logger-repeater.sh#L53)).
+Thereafter it executes logreplay and logger modules
 
 ```
 logreplay -i "u:my_socket"` -f CSV_file
@@ -273,47 +312,65 @@ and
 logger -i "u:my_socket" -t
 ```
 
-Logreplay has one UNIX-SOCKET output interface listening on *my_socket* and logger has one UNIX-SOCKET input interface which connects to *my_socket*.
+Logreplay has one UNIX output IFC listening on *my_socket* and logger has one UNIX input IFC which connects to *my_socket*.
 
-Now finally open [this directory](https://github.com/CESNET/Nemea/tree/master/use-cases) and execute the script:
+To see the effect, go to `use-cases/` and execute the script:
 ```
 ./logger-repeater.sh generate
 ```
 
-It should print exactly the same output as generated CSV tmp input (header and 3 records). In [use-cases](https://github.com/CESNET/Nemea/tree/master/use-cases) there are more examples with basic modules.
-`logreplay` is one of possible ways of getting data into the NEMEA system. Here(TODO) is the list of all possible ways.
+It should print exactly the same output as generated CSV tmp input (header and
+3 records). In
+[use-cases](https://github.com/CESNET/Nemea/tree/master/use-cases) there are
+more examples with basic modules.
+`logreplay` is one of possible ways of getting data into the NEMEA system.
+
+Other data sources are discussed later in [Get flows to your system](https://github.com/CESNET/Nemea#4-get-flows-to-your-system).
 
 
 ## Deploy NEMEA
 
 This section shows how to deploy NEMEA in four steps.
 
-It only covers the basics needed to run the system in its default configuration. Keep in mind that NEMEA was designed as a very flexible framework, so every user can (and should) adjust the configuration of NEMEA modules to their own purposes.
+It only covers the basics needed to run the system in its default
+configuration.  Keep in mind that NEMEA was designed as a very flexible
+framework, so every user can (and should) adjust the configuration of NEMEA
+modules to their own purposes.
 
 
 ### 1. Installation
 
-First of all, the whole system (NEMEA Framework, Modules, Detectors and Supervisor) has to be installed. Follow [these](#installation) instructions to install the system from RPM or from source codes.
+First of all, the whole system (NEMEA Framework, Modules, Detectors and
+Supervisor) has to be installed.  Follow [installation instructions](#installation) to
+install the system from RPM or from source codes.
 
 
 ### 2. Prepare configurations
 
-To avoid manual control of the system, there is [NEMEA Supervisor](https://github.com/CESNET/Nemea-Supervisor). It is central management and monitoring tool of the system and it takes care of running modules **according to a specified XML configuration**.
+To avoid manual control of the system, there is [NEMEA Supervisor](https://github.com/CESNET/Nemea-Supervisor).
+It is a central management and monitoring tool of the system and it takes care of running
+modules **according to a specified XML configuration**.
 
-We need to prepare XML configuration file for Supervisor. Fortunatelly, almost everything is already done.
+We need to prepare XML configuration file for Supervisor.  Fortunately, almost
+everything is already done.
 
-After installation (from RPM or from source codes with recommended `configure` parameters), there are 2 important paths with configurations:
-* `/ush/share/nemea-supervisor/` - contains default prepared XML configuraions of all NEMEA modules (like [here](https://github.com/CESNET/Nemea-Supervisor/tree/master/configs))
+After installation (from RPM or from source codes with recommended `configure`
+parameters), there are 2 important paths with configurations:
+* `/ush/share/nemea-supervisor/` - contains default prepared XML configuraions of all NEMEA modules (like [nemea-supervisor/configs/](https://github.com/CESNET/Nemea-Supervisor/tree/master/configs))
 * `/etc/nemea/` - contains XML configuration file for Supervisor and directories with used modules configurations (they are empty after installation)
 
 Note: these two paths depend on *datarootdir* and *sysconfdir* parameters of the `configure` script during the installation.
 
 The only thing we have to do is this (probably with sudo / root):
 ```
-cp -r /usr/share/nemea-supervisor /etc/nemea
+cp -r /usr/share/nemea-supervisor/*/ /etc/nemea
 ```
 
-After this command, supervisor will use default configurations of the modules. It is shown [here](https://github.com/CESNET/Nemea-Supervisor/blob/master/configs/supervisor_config_template.xml.in#L8) that the paths from sysconfdir (/etc/nemea in our case) are included in the configuration file. For detailed information about supervisor configuration file click [here](https://github.com/CESNET/Nemea-Supervisor#configuration).
+After this command, supervisor will use default configurations of the modules.
+It is shown in [nemea-supervisor/configs/supervisor_config_template.xml.in#L8](https://github.com/CESNET/Nemea-Supervisor/blob/master/configs/supervisor_config_template.xml.in#L8)
+that the paths from `sysconfdir` (`/etc/nemea/` in our case) are included in the
+configuration file.  For detailed information about supervisor configuration
+see [README](https://github.com/CESNET/Nemea-Supervisor#configuration) of Supervisor.
 
 
 ### 3. Start and control modules
@@ -324,21 +381,38 @@ Once the configurations are prepared, modules can be managed by Supervisor. It c
 
 or manually
 
-`/usr/bin/nemea/supervisor --daemon -T /etc/nemea/supervisor_config_template.xml -L /var/log/nemea-supervisor` TODO run as nemead user
+`/usr/bin/nemea/supervisor --daemon -T /etc/nemea/supervisor_config_template.xml -L /var/log/nemea-supervisor`
+Note: manual approach does not change UID that supervisor runs with.
+Contrary, using `service`, NEMEA runs as `nemead` UID and `nemead` GID.
 
-See all service commands [here](https://github.com/CESNET/Nemea-Supervisor#program-modes) and all program parameters with `/usr/bin/nemea/supervisor -h`. You can also check whether the process is running or not with `ps -ef | grep supervisor`.
-If Supervisor did not start successfully, it should print error info directly to terminal (in case of manual start) or to system log (in case of service) which can be browsed with `journalctl -xe`. Runtime errors and events can be found in `supervisor_log` file located in the -L directory (`/var/log/nemea-supervisor` by default).
+See all service commands in
+[README](https://github.com/CESNET/Nemea-Supervisor#program-modes) and all
+program parameters with `/usr/bin/nemea/supervisor -h`.  You can also check
+whether the process is running or not with `ps -ef | grep supervisor`.
+If Supervisor has not started successfully, it should print error info directly
+to system log (in case of service), which can be browsed with `journalctl -xe`,
+or to stdout (in case of manual start).  Runtime errors and events can be
+found in `supervisor_log` file located in the -L directory
+(`/var/log/nemea-supervisor` by default).
 
-Now we can connect to running supervisor with supervisor client simply with command `supcli`. The menu with options is described in detail [here](https://github.com/CESNET/Nemea-Supervisor#supervisor-functions). After pressing number *4* and *enter*, it prints current status of the system. By default, all *detectors* and *loggers* (except flow_meter logger) should be enabled and running.
+Now we can connect to running supervisor with supervisor client simply with
+command `supcli`.  The menu with options is described in detail
+in [README](https://github.com/CESNET/Nemea-Supervisor#supervisor-functions).
+After pressing number *4* and *enter*, it prints current status of the system.
+By default, all *detectors* and *loggers* (except flow_meter logger) should be
+enabled and running.
 
-The modules are running, but they don't receive any data yet. We need to send some flow data to the system ...
+The modules are running, but they don't receive any data yet. We need to send
+some flow data to the system...
 
 
 ### 4. Get flows to your system
 
-**IpfixCol**
+**IPFIXcol**
 
-*(recommended)* Use IPFIXcol to collect NetFlow/IPFIX data from routers/probes and an IPFIXcol [unirec plugin](https://github.com/CESNET/ipfixcol/tree/master/plugins/storage/unirec) to re-send the data to NEMEA.
+*(recommended)* Use IPFIXcol to collect NetFlow/IPFIX data from routers/probes
+and an [IPFIXcol](https://github.com/CESNET/ipfixcol) [unirec plugin](https://github.com/CESNET/ipfixcol/tree/master/plugins/storage/unirec)
+to re-send the data to NEMEA.
   * needed to install IPFIXcol and the plugin and to set up the routers/probes
   * default and recommended solution for production
 
@@ -353,24 +427,29 @@ Use NEMEA internal flow exporter (*flow_meter* module).
 
 **NfReader**
 
-[NfReader](https://github.com/CESNET/Nemea-Modules/tree/master/nfreader) reads **nfdump** files and sends flow records in UniRec format on its output TRAP interface.
+[NfReader](https://github.com/CESNET/Nemea-Modules/tree/master/nfreader) reads
+**nfdump** files and sends flow records in UniRec format on its output TRAP
+interface.
 
 
 **LogReplay**
 
-[LogReplay](https://github.com/CESNET/Nemea-Modules/tree/master/logreplay) converts CSV format of data, from logger module to UniRec format and sends it to the output interface.
+[LogReplay](https://github.com/CESNET/Nemea-Modules/tree/master/logreplay)
+converts CSV format of data, from logger module to UniRec format and sends it
+to the output interface.
 
 
 ## Create your own module in C
 
-**Important**: Nemea-Framework has to be installed in advance. Follow [these instructions](#installation) to install whole NEMEA system (including NEMEA framework) or [these instructions]() to install only NEMEA framework.
+**Important**: Nemea-Framework has to be installed in advance.  Follow
+[installation instructions](#installation)
 
 
 #### Use Example module as a template
 
-Let `/data/mighty-module/` be the directory we want to develop our module in (replace path `/data/mighty-module/` in all commands with another directory if needed) and *mighty_module* the name of our module. We will use example module as a template - copy all files from [this directory](https://github.com/CESNET/Nemea-Framework/tree/master/examples/module) to `/data/mighty-module/`.
+Let `~/mighty-module/` be the directory we want to develop our module in (replace path `~/mighty-module/` in all commands with another directory if needed) and *mighty_module* the name of our module.  We will use example module as a template - copy the directory [nemea-framework/examples/module/](https://github.com/CESNET/Nemea-Framework/tree/master/examples/module) to `~/mighty-module/`.
 
-In `/data/mighty-module/configure.ac` replace the following lines
+In `~/mighty-module/configure.ac` update the following lines
 ```
 AC_INIT([example_module], [1.0.0], [traffic-analysis@cesnet.cz])
 AC_CONFIG_SRCDIR([example_module.c])
@@ -381,7 +460,7 @@ AC_INIT([migty_module], [1.0.0], [YOUR EMAIL ADDRESS])
 AC_CONFIG_SRCDIR([mighty_module.c])
 ```
 
-In `/data/mighty-module/Makefile.am` replace the following lines
+In `/data/mighty-module/Makefile.am` update the following lines
 ```
 bin_PROGRAMS=example_module
 example_module_SOURCES=example_module.c fields.c fields.h
@@ -394,24 +473,31 @@ mighty_module_SOURCES=mighty_module.c fields.c fields.h
 mighty_module_LDADD=-lunirec -ltrap
 ```
 
-Finally execute `mv /data/mighty-module/example_module.c /data/mighty-module/mighty_module.c` to rename the source file.
+Finally, execute
+```
+mv /data/mighty-module/example_module.c /data/mighty-module/mighty_module.c
+```
+to rename the source file.
 
 
-####Build the module
+#### Build the module
 
-Execute the following commands in `/data/might-module/`:
+Execute the following commands in `~/might-module/`:
 
 1) Let Autotools process the configuration files.
+
 ```
 autoreconf -i
 ```
 
 2) Configure the module directory.
+
 ```
 ./configure
 ```
 
 3) Build the module.
+
 ```
 make
 ```
@@ -424,16 +510,19 @@ make install
 
 ### Code explanation
 
-The example module already links **TRAP** (libtrap) and **UniRec** libraries. It is a simple module with one input and one output interface which receives on input inteface a message in UniRec format with two numbers and sends them together with their sum to output interface.
+The example module already links **TRAP** (libtrap) and **UniRec** libraries.
+It is a simple module with one input and one output interface which receives on
+input inteface a message in UniRec format with two numbers and sends them
+together with their sum to output interface.
 
 The code contains comments but here is the list of important operations:
 
 
-#### LibTRAP
+#### Libtrap
 
 1. [Basic module information](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L74) - specify name, description and number of input / output interfaces of the module
 2. [Module parameters](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L87) - define parameters the module accepts as program arguments
-3. [Module info structure initialization](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L111) - initialize a structure with information from the two previsous points
+3. [Module info structure initialization](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L111) - initialize a structure with information from the two previous points
 4. [TRAP initialization](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L116) - initialize module interfaces
 5. [GETOPT macro](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L127) - parse program arguments
 6. Main loop:
@@ -458,9 +547,6 @@ The code contains comments but here is the list of important operations:
 
 ### Execute the module
 
-Modules using TRAP library have two implicit program arguments. `module -h` for help (optional) and `module -i IFC_SPEC` for interface specification (mandatory).
-
-
 #### Module help
 
 After executing `/data/mighty-module/mighty_module -h`, program prints help which contains information from module info structure:
@@ -470,31 +556,29 @@ After executing `/data/mighty-module/mighty_module -h`, program prints help whic
 * TRAP library parameters - parameters common for all modules using libtrap
 
 
-#### Interface specifier
-
-Format of the specifier with examples is explained in detail [here](https://github.com/CESNET/Nemea-Framework/blob/master/libtrap/README.ifcspec.md).
-
-
 ### Develop the module
 
-Now just modify the algorithm in the main loop and job is done :-)
+Now just modify the algorithm in the main loop and the job is done :-)
 
 
 ## Add new module to running configuration
 
-This section is for those who has already deployed the system ([see this section](#deploy-nemea)) and wants to add their module to the running configuration. It can be done in 3 steps:
+This section is for those who has already deployed the system ([Deploy NEMEA](#deploy-nemea)
+section) and wants to add their module to the running configuration.  It can be done in 3 steps:
 
 1. Create a *.sup* config file for your module. You can use [this](https://github.com/CESNET/Nemea-Supervisor/blob/master/configs/template.sup#L10) empty template and fill it according to [this](https://github.com/CESNET/Nemea-Supervisor/blob/master/configs/detectors/dnstunnel_detection.sup) example ([example with comments](https://github.com/CESNET/Nemea-Supervisor/blob/master/configs/config_example.xml#L19)).
-2. Add the new *.sup* file to directory included in the Supervisor configuration file. If you have used recommended parameters of the `configure` script during the installation, both the configuraion file and the directories should be located in `/etc/nemea`, otherwise check the paths in the configuration file the Supervisor is running with. Than copy the file to one of the directories you want e.g. `cp ./your_module.sup /etc/nemea/others`.
+2. Add the new *.sup* file to directory included in the Supervisor configuration file. If you have used recommended parameters of the `configure` script during the installation, both the configuration file and the directories should be located in `/etc/nemea`, otherwise check the paths in the configuration file the Supervisor is running with. Than copy the file to one of the directories you want e.g. `cp ./your_module.sup /etc/nemea/others`.
 3. Connect to Supervisor using `supcli` command and select option 6 *reload configuration*. New module should be added and if the enabled flag is set to *true*, it should be also running.
 
-For detailed information about Supervisor configuration see [this](https://github.com/CESNET/Nemea-Supervisor#configuration).
+For detailed information about Supervisor configuration see its [README](https://github.com/CESNET/Nemea-Supervisor#configuration).
 
 
 
 NEMEA Related Publications
 ==========================
 
+* Tomas Cejka, Marek Svepes. [Analysis of Vertical Scans Discovered by Naive Detection](http://dx.doi.org/10.1007/978-3-319-39814-3_19). Management and Security in the Age of Hyperconnectivity: 10th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2016.
+
 * Tomáš Čejka, Radoslav Bodó, Hana Kubátová: Nemea: Searching for Botnet Footprints. In: Proceedings of the 3rd Prague Embedded Systems Workshop (PESW), Prague, CZ, 2015.
 
 * Tomáš Čejka, Václav Bartoš, Lukáš Truxa, Hana Kubátová: [Using Application-Aware Flow Monitoring for SIP Fraud Detection](http://link.springer.com/chapter/10.1007/978-3-319-20034-7_10). In: Proc. of 9th International Conference on Autonomous Infrastructure, Management and Security (AIMS15), 2015.

From 6abdf15f80484f767598233debf14500e447b974 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Tue, 19 Jul 2016 18:06:48 +0200
Subject: [PATCH 094/169] nemea: add links to doxygen (libtrap&unirec) into
 README

---
 README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/README.md b/README.md
index 329c7be..adacf4a 100644
--- a/README.md
+++ b/README.md
@@ -520,6 +520,10 @@ The code contains comments but here is the list of important operations:
 
 #### Libtrap
 
+Generated doxygen doc for module developers: https://rawgit.com/CESNET/Nemea-Framework/master/libtrap/doc/doxygen/html/index.html
+
+Generated doxygen doc for libtrap developers: https://rawgit.com/CESNET/Nemea-Framework/master/libtrap/doc/devel/html/index.html
+
 1. [Basic module information](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L74) - specify name, description and number of input / output interfaces of the module
 2. [Module parameters](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L87) - define parameters the module accepts as program arguments
 3. [Module info structure initialization](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L111) - initialize a structure with information from the two previous points
@@ -535,6 +539,8 @@ The code contains comments but here is the list of important operations:
 
 #### UniRec
 
+Generated doxygen doc: https://rawgit.com/CESNET/Nemea-Framework/master/unirec/doc/html/index.html
+
 1. [UniRec fields definition](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L62) - define data types and names of the fields which will be used in UniRec messages (both received and sent messages), e.g. *uint32 PACKETS*
 2. [Templates creation](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L141) - create UniRec templates separately for every interface (a template defines set of fields in the message) note: two input interfaces receiving same messages can use one template
 3. [Output record allocation](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L154) - allocate a memory for message sent via output interface

From 88555b6f49bc2266f2ec19c5076c2e37e77facef Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 5 Aug 2016 16:51:48 +0200
Subject: [PATCH 095/169] rpm: update spec file, dependencies

---
 nemea.spec.in | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/nemea.spec.in b/nemea.spec.in
index 23cdb75..8f5d10e 100644
--- a/nemea.spec.in
+++ b/nemea.spec.in
@@ -1,8 +1,8 @@
-Summary: Nemea system
+Summary: NEMEA system
 Name: nemea
 Version: @PACKAGE_VERSION@
 Release: @RELEASE@
-URL: http://www.liberouter.org/
+URL: https://github.com/CESNET/nemea
 #Source: https://www.liberouter.org/
 Group: Liberouter
 License: BSD
@@ -10,10 +10,10 @@ Vendor: CESNET, z.s.p.o.
 Packager: @USERNAME@ <@USERMAIL@>
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}
 BuildArch: noarch
-Requires: nemea-framework libtrap nemea-common nemea-modules nemea-detectors nemea-python nemea-pycommon nemea-supervisor
+Requires: nemea-framework nemea-modules nemea-detectors nemea-supervisor
 
 %description
-Meta-package of the Nemea system, the distributed modular system for network traffic analysis and anomaly detection.
+Meta-package of the NEMEA system, the distributed modular system for network traffic analysis and anomaly detection.
 
 %files
 

From 0af599ad0a11d9d01fe6810949f3f2be836534b9 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 5 Aug 2016 16:53:56 +0200
Subject: [PATCH 096/169] increased version, released RPM nemea package

---
 configure.ac     | 2 +-
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/configure.ac b/configure.ac
index 8a23237..eb6fafa 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([nemea], [2.3.0], [traffic-analysis@cesnet.cz])
+AC_INIT([nemea], [2.3.1], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 RELEASE=1
 AC_SUBST(RELEASE)
diff --git a/detectors b/detectors
index 18bdd12..3f11406 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 18bdd12c5b90068e02512d741310c47e72519080
+Subproject commit 3f11406616774ec6afb9242282ff8c2a6e4ccdd1
diff --git a/modules b/modules
index 19882b4..1272605 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 19882b4cabb5d6c6fabbe51fef4e2ed80d0abf3f
+Subproject commit 127260589f96f2fd0e9e7ea50955e9d81596d35d
diff --git a/nemea-framework b/nemea-framework
index 878b451..b9e2499 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 878b45103a758fc3091872650b3b47be198d5748
+Subproject commit b9e24990699e5d3e8d8ea5d8258c610060f21dbe
diff --git a/nemea-supervisor b/nemea-supervisor
index b557869..3495b0c 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit b5578699e5795625a7acc82405ef9fc897ad3c0c
+Subproject commit 3495b0cc641fb2ea6b6b0dbb96b10d27b583f9a7

From 7d1c835373244bf85f9470d87005ed75894031b4 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Thu, 11 Aug 2016 11:56:13 +0200
Subject: [PATCH 097/169] updated Vagrantfile for CentOS7

---
 vagrant/CentOS7/Vagrantfile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/vagrant/CentOS7/Vagrantfile b/vagrant/CentOS7/Vagrantfile
index 958e593..3fe9874 100644
--- a/vagrant/CentOS7/Vagrantfile
+++ b/vagrant/CentOS7/Vagrantfile
@@ -11,6 +11,9 @@ Vagrant.configure(2) do |config|
 
   config.vm.provision "shell", inline: <<-SHELL
      sudo rpm -ivh https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/liberouter-devel-1.0.0-1.noarch.rpm
+     sudo yum install -y wget
+     sudo wget -O /etc/yum.repos.d/cesnet-nemea.repo https://copr.fedorainfracloud.org/coprs/g/CESNET/NEMEA/repo/epel-7/group_CESNET-NEMEA-epel-7.repo
+     sudo rpm --import https://copr-be.cloud.fedoraproject.org/results/@CESNET/NEMEA/pubkey.gpg
      sudo yum install -y nemea nemea-cesnet-modules ipfixcol ipfixcol-unirec-output
 SHELL
    config.vm.provision "shell", inline: $nemeadashboard

From 0c28d3994f1d4d55bb134dabec4a19ac1a3ee5bc Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 18 Aug 2016 10:27:23 +0200
Subject: [PATCH 098/169] doc: add links/contact

---
 README.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/README.md b/README.md
index adacf4a..540101b 100644
--- a/README.md
+++ b/README.md
@@ -578,7 +578,12 @@ section) and wants to add their module to the running configuration.  It can be
 
 For detailed information about Supervisor configuration see its [README](https://github.com/CESNET/Nemea-Supervisor#configuration).
 
+Further Information
+===================
 
+* Public mailing list: nemea@cesnet.cz
+* The archive of mailing list: [https://random.cesnet.cz/pipermail/nemea/](https://random.cesnet.cz/pipermail/nemea/)
+* Twitter: [@NEMEA_System](https://twitter.com/NEMEA_System)
 
 NEMEA Related Publications
 ==========================

From afb2719e106ce00cafa04c7b57a66d26106348c4 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 18 Aug 2016 11:23:22 +0200
Subject: [PATCH 099/169] doc: add mailinglist subscription link

---
 README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 540101b..378b2ba 100644
--- a/README.md
+++ b/README.md
@@ -14,6 +14,7 @@
    - [Deploy NEMEA](#deploy-nemea)
    - [Create your own module in C](#create-your-own-module-in-c)
    - [Add new module to running configuration](#add-new-module-to-running-configuration)
+- [Further Information](#further-information)
 - [NEMEA Related publications](#nemea-related-publications)
 
 
@@ -581,7 +582,7 @@ For detailed information about Supervisor configuration see its [README](https:/
 Further Information
 ===================
 
-* Public mailing list: nemea@cesnet.cz
+* Public mailing list: nemea@cesnet.cz, subscribe at: [https://random.cesnet.cz/mailman/listinfo/nemea](https://random.cesnet.cz/mailman/listinfo/nemea)
 * The archive of mailing list: [https://random.cesnet.cz/pipermail/nemea/](https://random.cesnet.cz/pipermail/nemea/)
 * Twitter: [@NEMEA_System](https://twitter.com/NEMEA_System)
 

From 1eb7661e4f146828ae1cafe4168cbc7d643ff4b5 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Fri, 23 Sep 2016 13:43:32 +0200
Subject: [PATCH 100/169] vagrant: Centos7: updated Vagrantfile

---
 vagrant/CentOS7/Vagrantfile | 59 +++++++++++++++++++++++++++++--------
 1 file changed, 46 insertions(+), 13 deletions(-)

diff --git a/vagrant/CentOS7/Vagrantfile b/vagrant/CentOS7/Vagrantfile
index 3fe9874..6757583 100644
--- a/vagrant/CentOS7/Vagrantfile
+++ b/vagrant/CentOS7/Vagrantfile
@@ -3,18 +3,51 @@
 
 load '../common/nemea-dashboard.rb'
 
+$tools = <<SCRIPT
+rpm -i https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
+yum install -y https://centos7.iuscommunity.org/ius-release.rpm
+yum install -y vim wget
+SCRIPT
+
+$install_nemea = <<SCRIPT
+rpm -ivh https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/liberouter-devel-1.0.0-1.noarch.rpm
+wget -O /etc/yum.repos.d/cesnet-nemea.repo https://copr.fedorainfracloud.org/coprs/g/CESNET/NEMEA/repo/epel-7/group_CESNET-NEMEA-epel-7.repo
+rpm --import https://copr-be.cloud.fedoraproject.org/results/@CESNET/NEMEA/pubkey.gpg
+yum install -y nemea nemea-cesnet-modules ipfixcol ipfixcol-unirec-output
+SCRIPT
+
+$run_supervisor = <<SCRIPT
+cp -R /usr/share/nemea-supervisor/* /etc/nemea/
+service nemea-supervisor start
+SCRIPT
+
+$munin = <<SCRIPT
+yum install -y httpd munin munin-node
+cat > /etc/httpd/conf.d/munin.conf <<SCRIPT2
+<Directory /var/www/html/munin/>
+Order Allow,Deny
+Allow from all
+</Directory>
+SCRIPT2
+ln -s /usr/share/munin/plugins/nemea_supervisor /etc/munin/plugins/
+service httpd restart
+service munin-node start
+chkconfig munin-node on
+chkconfig httpd on
+iptables -I INPUT 1 -p TCP --dport 80 -j ACCEPT
+SCRIPT
+
+
 Vagrant.configure(2) do |config|
-  config.vm.box = "centos/7"
-
-  config.vm.network "forwarded_port", guest: 80, host: 2280
-  config.vm.network "forwarded_port", guest: 5555, host: 5555
-
-  config.vm.provision "shell", inline: <<-SHELL
-     sudo rpm -ivh https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/liberouter-devel-1.0.0-1.noarch.rpm
-     sudo yum install -y wget
-     sudo wget -O /etc/yum.repos.d/cesnet-nemea.repo https://copr.fedorainfracloud.org/coprs/g/CESNET/NEMEA/repo/epel-7/group_CESNET-NEMEA-epel-7.repo
-     sudo rpm --import https://copr-be.cloud.fedoraproject.org/results/@CESNET/NEMEA/pubkey.gpg
-     sudo yum install -y nemea nemea-cesnet-modules ipfixcol ipfixcol-unirec-output
-SHELL
-   config.vm.provision "shell", inline: $nemeadashboard
+  config.vm.define "Nemea-Demo" do |nemeademo|
+    nemeademo.vm.box = "centos/7"
+    nemeademo.vm.network "forwarded_port", guest: 80, host: 2280
+    nemeademo.vm.network "forwarded_port", guest: 5555, host: 5555
+
+    nemeademo.vm.provision :shell, inline: $tools
+    nemeademo.vm.provision :shell, inline: $install_nemea
+    nemeademo.vm.provision :shell, inline: $run_supervisor
+    nemeademo.vm.provision :shell, inline: $munin
+    nemeademo.vm.provision :shell, inline: $nemeadashboard
+  end
 end

From 1d6482aea254754757d7fd9af114bbc9dc7c2c54 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 6 Oct 2016 15:35:11 +0200
Subject: [PATCH 101/169] Create CONTRIBUTING.md

---
 CONTRIBUTING.md | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 CONTRIBUTING.md

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
new file mode 100644
index 0000000..f7aae78
--- /dev/null
+++ b/CONTRIBUTING.md
@@ -0,0 +1,29 @@
+## How to contribute
+
+#### **Did you find a bug?**
+
+* **Ensure the bug was not already reported** by searching on GitHub under [Issues](https://github.com/CESNET/NEMEA/issues).
+
+* If you're unable to find an open issue addressing the problem, [open a new one](https://github.com/CESNET/NEMEA/issues/new). Be sure to include a **title and clear description**, as much relevant information as possible, and a **code sample** or an **executable test case** demonstrating the expected behavior that is not occurring.
+
+#### **Did you write a patch that fixes a bug?**
+
+* For patches in the C language, check if the patch meets the [coding style](https://github.com/CESNET/Nemea-Framework/blob/master/libtrap/CodingStyle.md).
+
+* Open a new GitHub pull request with the patch.
+
+* Ensure the PR description clearly describes the problem and solution. Include the relevant issue number if applicable.
+
+#### **Do you intend to add a new feature or change an existing one?**
+
+* Suggest your change in the [NEMEA mailing list](https://random.cesnet.cz/mailman/listinfo/nemea) and start writing code.
+
+* Do not open an issue on GitHub until you have collected positive feedback about the change.
+
+#### **Do you have questions about the source code?**
+
+* Ask any question about how to use NEMEA or its parts in the [NEMEA mailing list](https://random.cesnet.cz/mailman/listinfo/nemea).
+
+Thanks for any patch or feedback!
+
+NEMEA Team

From 6b0fb910e06a531a324d255e663da839b2dc4006 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 6 Oct 2016 23:37:02 +0200
Subject: [PATCH 102/169] vagrant: update NEMEA-Dashboard install&init config

---
 vagrant/common/nemea-dashboard.rb | 209 ++++++++++++++++++++++++++++--
 1 file changed, 200 insertions(+), 9 deletions(-)

diff --git a/vagrant/common/nemea-dashboard.rb b/vagrant/common/nemea-dashboard.rb
index 0b77b32..5b853aa 100644
--- a/vagrant/common/nemea-dashboard.rb
+++ b/vagrant/common/nemea-dashboard.rb
@@ -34,18 +34,209 @@
 
 mongo 127.0.0.1/nemeadb --eval '
 db.users.drop();
-var d = { "name" : "Nemea",
-"surname" : "Test User",
-"username" : "nemea",
-"password" : "$2a$12$Z9PaH.uCgAEOY7JDVEo78efEcoL0oiTWY88gbJTJhIIKFMOQGkOei",
-"settings" : []
- };
+
+var d = {
+   "password" : "$2a$12$MuAuralQ8p01q8eXPtTm4eZsflipBKx6cK0HZMpQbCNyDgcX4YPse",
+   "username" : "nemea",
+   "name" : "Nemea",
+   "surname" : "Test User",
+   "settings": [{
+      "items": [{
+              "loading": false,
+              "title": "",
+              "type": "sum",
+              "sizeX": 1,
+              "sizeY": 1,
+              "content": "Attempt.Login in last 24h",
+              "config": {
+                  "category": "Attempt.Login",
+                  "endtime": 1461062898,
+                  "type": "sum",
+                  "period": "24",
+                  "begintime": 1460976498
+              },
+              "col": 7,
+              "row": 4
+          },
+          {
+              "loading": false,
+              "title": "24h/30m categories (events)",
+              "type": "barchart",
+              "sizeX": 4,
+              "sizeY": 3,
+              "selector": false,
+              "content": "",
+              "config": {
+                  "metric": "Category",
+                  "period": "24",
+                  "window": "30",
+                  "begintime": 1460976498,
+                  "endtime": 1461062898,
+                  "type": "barchart"
+              },
+              "col": 0,
+              "row": 0
+          },
+          {
+              "loading": false,
+              "title": "24h categories",
+              "type": "piechart",
+              "sizeX": 2,
+              "sizeY": 3,
+              "content": "Share categories",
+              "config": {
+                  "metric": "Category",
+                  "period": "24",
+                  "filter": false,
+                  "begintime": 1460976524,
+                  "endtime": 1461062924,
+                  "type": "piechart"
+              },
+              "col": 4,
+              "row": 0
+          },
+          {
+              "loading": false,
+              "title": "24h Top flows",
+              "type": "top",
+              "sizeX": 3,
+              "sizeY": 2,
+              "content": "",
+              "config": {
+                  "endtime": 1461062898,
+                  "type": "top",
+                  "period": "60",
+                  "begintime": 1460846898
+              },
+              "col": 3,
+              "row": 3
+          },
+          {
+              "loading": false,
+              "title": "",
+              "type": "sum",
+              "sizeX": 1,
+              "sizeY": 1,
+              "content": "Events in last 24h",
+              "config": {
+                  "category": "any",
+                  "endtime": 1461062898,
+                  "type": "sum",
+                  "period": "24",
+                  "begintime": 1460976498
+              },
+              "col": 7,
+              "row": 3
+          },
+          {
+              "loading": false,
+              "title": "",
+              "type": "sum",
+              "sizeX": 1,
+              "sizeY": 1,
+              "content": "Events in last 1h",
+              "config": {
+                  "category": "any",
+                  "endtime": 1461062898,
+                  "type": "sum",
+                  "period": "1",
+                  "begintime": 1461059298
+              },
+              "col": 6,
+              "row": 3
+          },
+          {
+              "loading": false,
+              "title": "24h reporters",
+              "type": "piechart",
+              "sizeX": 2,
+              "sizeY": 3,
+              "content": "Share reporters",
+              "config": {
+                  "metric": "Node.SW",
+                  "endtime": 1461062898,
+                  "type": "piechart",
+                  "period": "24",
+                  "begintime": 1460976498
+              },
+              "col": 6,
+              "row": 0
+          },
+          {
+              "loading": false,
+              "title": "",
+              "type": "sum",
+              "sizeX": 1,
+              "sizeY": 1,
+              "content": "DDoS per 12h",
+              "config": {
+                  "category": "Availibility.DDoS",
+                  "endtime": 1461062898,
+                  "type": "sum",
+                  "period": "12",
+                  "begintime": 1461019698
+              },
+              "col": 6,
+              "row": 4
+          },
+          {
+              "loading": false,
+              "title": "24h/30m categories (flows)",
+              "type": "barchart",
+              "sizeX": 3,
+              "sizeY": 3,
+              "selector": true,
+              "content": "",
+              "config": {
+                  "metric": "Category",
+                  "period": "24",
+                  "window": "30",
+                  "begintime": 1460976498,
+                  "endtime": 1461062898,
+                  "type": "barchart"
+              },
+              "col": 0,
+              "row": 3
+          },
+          {
+              "loading": false,
+              "title": "HostStats 24h",
+              "type": "piechart",
+              "sizeX": 2,
+              "sizeY": 3,
+              "content": "Example of own filter",
+              "config": {
+                  "filter_value": "cz.cesnet.nemea.hoststats",
+                  "metric": "Category",
+                  "period": "24",
+                  "filter_field": "Node.Name",
+                  "filter": true,
+                  "begintime": 1460976498,
+                  "endtime": 1461062898,
+                  "type": "piechart"
+              },
+              "col": 3,
+              "row": 5
+          }
+      ],
+      "settings": {
+          "timeshift": "0",
+          "interval": "60",
+          "title": "Default"
+      }
+  }]
+};
+
 db.users.insert(d);
 '
 
-# start backend on background
-cd /var/log;
-nohup python3.4 /var/www/html/Nemea-Dashboard/apiv2.py > nemea-dashboard.out 2> nemea-dashboard.err < /dev/null &
+# install and start backend
+
+cp nemea-dashboard.service "`pkg-config --variable=systemdsystemunitdir systemd`"
+
+systemctl enable nemea-dashboard
+
+service nemea-dashboard start
 
 SCRIPT
 

From beb37fec7e298edfc6067dc78c4b3e1b40984dae Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sun, 9 Oct 2016 15:45:26 +0200
Subject: [PATCH 103/169] Update README.md

---
 README.md | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 378b2ba..e40e4a2 100644
--- a/README.md
+++ b/README.md
@@ -96,14 +96,11 @@ For more information see [./vagrant/](./vagrant/).
 
 ## Binary packages
 
-The NEMEA system can be installed from binary RPM packages.
-To add CESNET repository containing the packages, run (as root/sudo):
+Latest RPM packages can be found in COPR: https://copr.fedorainfracloud.org/groups/g/CESNET/coprs/
+The NEMEA repository is at https://copr.fedorainfracloud.org/coprs/g/CESNET/NEMEA/
 
-```
-rpm -ivh https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/liberouter-devel-1.0.0-1.noarch.rpm
-```
+After installation of COPR repository, NEMEA can be installed as any other package (run as root/sudo):
 
-After that, NEMEA can be installed as any other package (run as root/sudo):
 ```
 yum install nemea
 ```

From de05ad5be7a95031165319606c9ca3413576e242 Mon Sep 17 00:00:00 2001
From: Marek Svepes <svepemar@fit.cvut.cz>
Date: Thu, 1 Dec 2016 15:45:19 +0100
Subject: [PATCH 104/169] doc: README: fixed inconsistent paths

---
 README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index e40e4a2..8077ea5 100644
--- a/README.md
+++ b/README.md
@@ -458,7 +458,7 @@ AC_INIT([migty_module], [1.0.0], [YOUR EMAIL ADDRESS])
 AC_CONFIG_SRCDIR([mighty_module.c])
 ```
 
-In `/data/mighty-module/Makefile.am` update the following lines
+In `~/mighty-module/Makefile.am` update the following lines
 ```
 bin_PROGRAMS=example_module
 example_module_SOURCES=example_module.c fields.c fields.h
@@ -473,7 +473,7 @@ mighty_module_LDADD=-lunirec -ltrap
 
 Finally, execute
 ```
-mv /data/mighty-module/example_module.c /data/mighty-module/mighty_module.c
+mv ~/mighty-module/example_module.c ~/mighty-module/mighty_module.c
 ```
 to rename the source file.
 
@@ -553,7 +553,7 @@ Generated doxygen doc: https://rawgit.com/CESNET/Nemea-Framework/master/unirec/d
 
 #### Module help
 
-After executing `/data/mighty-module/mighty_module -h`, program prints help which contains information from module info structure:
+After executing `~/mighty-module/mighty_module -h`, program prints help which contains information from module info structure:
 
 * module basic information - name, description, number of input / output interfaces
 * module parameters - short opt, long opt, description, argument data type

From aabb190b2acf9671024790e14209b9fac49cb963 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ing=2E=20=C4=8Cejka=20Tom=C3=A1=C5=A1?=
 <cejkat@collector-nemea.liberouter.org>
Date: Fri, 2 Dec 2016 13:55:03 +0100
Subject: [PATCH 105/169] doc: add CNSM2016 into the list of publicationa

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 8077ea5..a2d5bc3 100644
--- a/README.md
+++ b/README.md
@@ -586,6 +586,10 @@ Further Information
 NEMEA Related Publications
 ==========================
 
+* Tomas Cejka, Václav Bartoš, Marek Svepes, Zdenek Rosa, Hana Kubatova. [NEMEA: A Framework for Network Traffic Analysis](https://www.liberouter.org/wp-content/uploads/2016/11/cnsm2016-nemea.pdf). In 12th International Conference on Network and Service Management (CNSM 2016), Montreal, Canada, 2016.
+
+* Zdenek Rosa, Tomas Cejka, Martin Zadnik, Viktor Puš. [Building a Feedback Loop to Capture Evidence of Network Incidents](https://www.liberouter.org/wp-content/uploads/2016/11/cnsm2016-timemachine.pdf). In 12th International Conference on Network and Service Management (CNSM 2016), Montreal, Canada, 2016.
+
 * Tomas Cejka, Marek Svepes. [Analysis of Vertical Scans Discovered by Naive Detection](http://dx.doi.org/10.1007/978-3-319-39814-3_19). Management and Security in the Age of Hyperconnectivity: 10th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2016.
 
 * Tomáš Čejka, Radoslav Bodó, Hana Kubátová: Nemea: Searching for Botnet Footprints. In: Proceedings of the 3rd Prague Embedded Systems Workshop (PESW), Prague, CZ, 2015.

From da55027e565c1de19bcbd2bc3d2b2733b8583cd7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=A1clav=20Barto=C5=A1?= <bartos@cesnet.cz>
Date: Fri, 2 Dec 2016 14:40:13 +0100
Subject: [PATCH 106/169] doc: README: Added instruction to cite NEMEA

---
 README.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/README.md b/README.md
index a2d5bc3..194bfd3 100644
--- a/README.md
+++ b/README.md
@@ -583,6 +583,19 @@ Further Information
 * The archive of mailing list: [https://random.cesnet.cz/pipermail/nemea/](https://random.cesnet.cz/pipermail/nemea/)
 * Twitter: [@NEMEA_System](https://twitter.com/NEMEA_System)
 
+Attribution
+===========
+
+We kindly ask anyone using NEMEA for research and write an academic paper about it to cite NEMEA as follows:
+```
+@inproceedings{nemea16,
+    author = {Tomas Cejka, Vaclav Bartos, Marek Svepes, Zdenek Rosa, Hana Kubatova},
+    title = {NEMEA: A Framework for Network Traffic Analysis},
+    booktitle = {12th International Conference on Network and Service Management (CNSM 2016)},
+    year = 2016
+}
+```
+
 NEMEA Related Publications
 ==========================
 

From 5e8848b4a8eb11b014ea0ce0988c9b353e8eb09b Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sun, 4 Dec 2016 00:18:43 +0100
Subject: [PATCH 107/169] doc: add generated fields list + some descriptions

Related to #5.
---
 unirec_fields.md | 139 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 139 insertions(+)
 create mode 100644 unirec_fields.md

diff --git a/unirec_fields.md b/unirec_fields.md
new file mode 100644
index 0000000..2d4fdf3
--- /dev/null
+++ b/unirec_fields.md
@@ -0,0 +1,139 @@
+# About this file
+This file contains a list of UniRec fields collected from all parts of project (including git submodules).
+The part of this file is generated automatically, so be careful during any editing.
+
+
+# List of UniRec fields
+| Field name | Field data type | Description |
+| uint32 | ADDR_CNT |  |
+| bytes | ARP_DST_HA |  |
+| bytes | ARP_DST_PA |  |
+| uint16 | ARP_HA_FORMAT |  |
+| uint16 | ARP_OPCODE |  |
+| uint16 | ARP_PA_FORMAT |  |
+| bytes | ARP_SRC_HA |  |
+| bytes | ARP_SRC_PA |  |
+| uint32 | BAR |  |
+| uint32 | BAZ |  |
+| uint8 | BLACKLIST_TYPE |  |
+| uint64 | BYTES |  |
+| uint64 | CALLEE_CNT |  |
+| uint64 | CALLER_CNT |  |
+| time | DETECTION_TIME |  |
+| uint8 | DIR_BIT_FIELD |  |
+| uint8 | DIRECTION_FLAGS |  |
+| uint16 | DNS_ANSWERS |  |
+| uint8 | DNS_BLACKLIST |  |
+| uint16 | DNS_CLASS |  |
+| uint8 | DNS_DO |  |
+| uint16 | DNS_ID |  |
+| string | DNS_NAME |  |
+| uint16 | DNS_PSIZE |  |
+| uint16 | DNS_QTYPE |  |
+| uint8 | DNS_RCODE |  |
+| bytes | DNS_RDATA |  |
+| uint16 | DNS_RLENGTH |  |
+| uint32 | DNS_RR_TTL |  |
+| uint64 | DST_BLACKLIST |  |
+| ipaddr | DST_IP | Destination IP address. |
+| bytes | DST_MAC | Destination MAC address (L2). |
+| uint16 | DST_PORT | Destination port of Transport layer (L4), e.g. TCP, UDP. |
+| uint16 | ETHERTYPE |  |
+| uint32 | EVENT_ID |  |
+| uint32 | EVENT_SCALE |  |
+| uint8 | EVENT_TYPE |  |
+| uint64 | FLOWS |  |
+| uint32 | FOO |  |
+| string | HTTP_CONTENT_TYPE |  |
+| string | HTTP_HOST |  |
+| string | HTTP_METHOD |  |
+| string | HTTP_REFERER |  |
+| string | HTTP_REQUEST_HOST | HTTP Hostname from request. |
+| string | HTTP_REQUEST_REFERER |  |
+| string | HTTP_REQUEST_URL |  |
+| uint16 | HTTP_RESPONSE_CODE |  |
+| string | HTTP_SDM_REQUEST_HOST |  |
+| string | HTTP_SDM_REQUEST_REFERER |  |
+| string | HTTP_SDM_REQUEST_URL |  |
+| string | HTTP_URL |  |
+| string | HTTP_USER_AGENT |  |
+| uint64 | INVITE_CNT |  |
+| ipaddr | IP |  |
+| uint64 | LINK_BIT_FIELD |  |
+| string | NOTE |  |
+| uint32 | NTP_DELAY |  |
+| uint32 | NTP_DISPERSION |  |
+| uint8 | NTP_LEAP |  |
+| uint8 | NTP_MODE |  |
+| string | NTP_ORIG |  |
+| uint8 | NTP_POLL |  |
+| uint8 | NTP_PRECISION |  |
+| string | NTP_RECV |  |
+| string | NTP_REF |  |
+| string | NTP_REF_ID |  |
+| string | NTP_SENT |  |
+| uint8 | NTP_STRATUM |  |
+| uint8 | NTP_VERSION |  |
+| uint32 | PACKETS |  |
+| uint32 | PORT_CNT |  |
+| uint8 | PROTOCOL |  |
+| uint64 | REQ_BYTES |  |
+| uint32 | REQ_FLOWS |  |
+| uint32 | REQ_PACKETS |  |
+| uint64 | RSP_BYTES |  |
+| uint32 | RSP_FLOWS |  |
+| uint32 | RSP_PACKETS |  |
+| uint32 | SBFD_ATTEMPTS |  |
+| uint32 | SBFD_AVG_ATTEMPTS |  |
+| time | SBFD_BREACH_TIME |  |
+| time | SBFD_CEASE_TIME |  |
+| uint64 | SBFD_EVENT_ID |  |
+| time | SBFD_EVENT_TIME |  |
+| uint8 | SBFD_EVENT_TYPE |  |
+| uint64 | SBFD_LINK_BIT_FIELD |  |
+| uint8 | SBFD_PROTOCOL |  |
+| ipaddr | SBFD_SOURCE |  |
+| ipaddr | SBFD_TARGET |  |
+| string | SBFD_USER |  |
+| string | SDM_CAPTURE_FILE_ID |  |
+| string | SIP_CALLED_PARTY |  |
+| string | SIP_CALL_ID |  |
+| string | SIP_CALLING_PARTY |  |
+| string | SIP_CSEQ |  |
+| uint16 | SIP_MSG_TYPE |  |
+| string | SIP_REQUEST_URI |  |
+| uint16 | SIP_STATUS_CODE |  |
+| string | SIP_USER_AGENT |  |
+| string | SIP_VIA |  |
+| uint64 | SRC_BLACKLIST |  |
+| ipaddr | SRC_IP |  |
+| bytes | SRC_MAC | Destination MAC address (L2). |
+| uint16 | SRC_PORT | Source port of Transport layer (L4), e.g. TCP, UDP. |
+| string | STR1 |  |
+| string | STR2 |  |
+| uint8 | TCP_FLAGS | TCP flags of all packets from the flow - flag bits are added bitwise. |
+| time | TIME |  |
+| time | TIME_FIRST | Timestamp of the first packet of the flow. |
+| time | TIME_LAST | Timestamp of the last packet of the flow. |
+| uint32 | TIMEOUT |  |
+| uint8 | TOS |  |
+| uint8 | TTL | Time-To-Live value. |
+| uint32 | TUNNEL_CNT_PACKET |  |
+| string | TUNNEL_DOMAIN |  |
+| float | TUNNEL_PER_NEW_DOMAIN |  |
+| float | TUNNEL_PER_SUBDOMAIN |  |
+| uint8 | TUNNEL_TYPE |  |
+| string | URL |  |
+| string | VOIP_FRAUD_COUNTRY_CODE |  |
+| uint32 | VOIP_FRAUD_INVITE_COUNT |  |
+| uint32 | VOIP_FRAUD_PREFIX_EXAMINATION_COUNT |  |
+| uint16 | VOIP_FRAUD_PREFIX_LENGTH |  |
+| string | VOIP_FRAUD_SIP_FROM |  |
+| string | VOIP_FRAUD_SIP_TO |  |
+| uint32 | VOIP_FRAUD_SUCCESSFUL_CALL_COUNT |  |
+| string | VOIP_FRAUD_USER_AGENT |  |
+| uint8 | WARDEN_TYPE |  |
+
+This table can be updated using `ur_dict_updater.sh` which completes missing fields.
+Description of the fields must be filled manually.
+

From 77bac1ebae65041e4f2c904a3947436b83af91ae Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sun, 4 Dec 2016 00:38:14 +0100
Subject: [PATCH 108/169] doc: unirec field list: table rendering

Table requires special additional line in header.
Related to #5.
---
 unirec_fields.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/unirec_fields.md b/unirec_fields.md
index 2d4fdf3..3e4f10e 100644
--- a/unirec_fields.md
+++ b/unirec_fields.md
@@ -5,6 +5,7 @@ The part of this file is generated automatically, so be careful during any editi
 
 # List of UniRec fields
 | Field name | Field data type | Description |
+| ----- | ----- | ----- |
 | uint32 | ADDR_CNT |  |
 | bytes | ARP_DST_HA |  |
 | bytes | ARP_DST_PA |  |

From 8455a7fdf43dff1f88dd99229215c814d3525f83 Mon Sep 17 00:00:00 2001
From: ladislavmacoun <ladislavmacoun@gmail.com>
Date: Sat, 3 Dec 2016 13:12:24 +0100
Subject: [PATCH 109/169] working version of ur_dict_updater.sh

closes #5
---
 ur_dict_updater.sh | 82 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 82 insertions(+)
 create mode 100755 ur_dict_updater.sh

diff --git a/ur_dict_updater.sh b/ur_dict_updater.sh
new file mode 100755
index 0000000..5e7997c
--- /dev/null
+++ b/ur_dict_updater.sh
@@ -0,0 +1,82 @@
+#!/bin/bash
+
+DEBUG=1
+EXISTING_FILE="`mktemp`"
+NEW_FILE="`mktemp`"
+TARGET_FILE=unirec_fields.md
+# Check for md file
+if ! [ -s "$TARGET_FILE" ]; then
+    echo "Target MD file does not exist or its empty."
+	echo "Generating new one.."
+	echo "# About this file
+This file contains a list of UniRec fields collected from all parts of project (including git submodules).
+The part of this file is generated automatically, so be careful during any editing.
+# List of UniRec fields
+
+" >"$TARGET_FILE"
+fi
+
+if fgrep -q "# List of UniRec fields" "$TARGET_FILE"; then
+   existing=1
+else
+   existing=0
+fi
+
+if [ "$existing" -eq 1 ]; then
+   # we need to retrieve the list of fields before any updates
+   if [ "$DEBUG" -eq 1 ]; then
+      echo "Existing section, loading..."
+   fi
+ # Find the head of the list
+ sed -n "/^\# List of UniRec fields\s*$/,/^$/p" "$TARGET_FILE" | tail -n +3 | sed 's/| *\([^ ]*\) *| *\([^ ]*\) *| *\([^|]*\)|/\1 \2 \3/g' >"$EXISTING_FILE"
+
+fi
+
+if [ "$DEBUG" -eq 1 ]; then
+   echo "Searching for files with UR_FIELDS..."
+fi
+
+find . \( -name '*.c' -o -name '*.h' -o -name '*.cpp' \) -exec grep -l "\s*UR_FIELDS\s*" {} \; | #tee /dev/stderr |
+# remove line and block comments
+   xargs -I{} sed 's,\s*//.*$,,;:a; s%\(.*\)/\*.*\*/%\1%; ta; /\/\*/ !b; N; ba' {} |
+# print contents of UR_FIELDS
+   sed -n '/^\s*UR_FIELDS\s*([^)]*$/,/)/p; /^\s*UR_FIELDS\s*([^)]*$/,/)/p' 2>/dev/null |
+# clean output to get fields only
+   sed 's/^\s*UR_FIELDS\s*(\s*//g; s/)//g; s/,/\n/g; /^\s*$/d; s/^\s*//; s/\s\s*/ /g; s/\s\s*$//' |
+# sort by name
+   sort -k2 -t' ' | uniq >> "$EXISTING_FILE" 
+
+#merge temporary files together and sort them
+cat "$EXISTING_FILE" |tail -n+2 |sort -bk2,2 -bk3,3r |
+awk '
+BEGIN {
+   print "# List of UniRec fields"
+   print "| Field name | Field data type | Description |"
+   print "| ----- | ----- | ----- |"
+}
+/^..*$/ {
+   if (name != $2) {
+      type=$1
+      name=$2
+      desc=$3
+      for (i=4; i<=NF; i++) {
+		desc=desc" "$i
+      }
+      print "| "type" | "name" | "desc" |"
+    } else if (type != $1) {
+		printf("Conflicting types (%s, %s) of UniRec field (%s)\n", type, $1, name) > "/dev/stderr";
+	exit 1;
+    }
+}
+END {
+   print ""
+}' > "$NEW_FILE" 
+
+sed -i "/^\# List of UniRec fields\s*$/r $NEW_FILE
+/^\# List of UniRec fields\s*$/,/^$/d;" unirec_fields.md
+
+rm "$EXISTING_FILE" "$NEW_FILE" 2> /dev/null
+
+exit 0;
+
+

From eda9770a7baaec2615098cf2679a46530ca2f111 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Tue, 6 Dec 2016 22:23:39 +0100
Subject: [PATCH 110/169] ur_dict_updater.sh: coding style

related to #5
---
 ur_dict_updater.sh | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/ur_dict_updater.sh b/ur_dict_updater.sh
index 5e7997c..aa1b3dc 100755
--- a/ur_dict_updater.sh
+++ b/ur_dict_updater.sh
@@ -44,7 +44,7 @@ find . \( -name '*.c' -o -name '*.h' -o -name '*.cpp' \) -exec grep -l "\s*UR_FI
 # clean output to get fields only
    sed 's/^\s*UR_FIELDS\s*(\s*//g; s/)//g; s/,/\n/g; /^\s*$/d; s/^\s*//; s/\s\s*/ /g; s/\s\s*$//' |
 # sort by name
-   sort -k2 -t' ' | uniq >> "$EXISTING_FILE" 
+   sort -k2 -t' ' | uniq >> "$EXISTING_FILE"
 
 #merge temporary files together and sort them
 cat "$EXISTING_FILE" |tail -n+2 |sort -bk2,2 -bk3,3r |
@@ -60,17 +60,17 @@ BEGIN {
       name=$2
       desc=$3
       for (i=4; i<=NF; i++) {
-		desc=desc" "$i
+         desc=desc" "$i
       }
       print "| "type" | "name" | "desc" |"
     } else if (type != $1) {
-		printf("Conflicting types (%s, %s) of UniRec field (%s)\n", type, $1, name) > "/dev/stderr";
-	exit 1;
+       printf("Conflicting types (%s, %s) of UniRec field (%s)\n", type, $1, name) > "/dev/stderr";
+       exit 1;
     }
 }
 END {
    print ""
-}' > "$NEW_FILE" 
+}' > "$NEW_FILE"
 
 sed -i "/^\# List of UniRec fields\s*$/r $NEW_FILE
 /^\# List of UniRec fields\s*$/,/^$/d;" unirec_fields.md

From 8745cdf62b85cb390d2f7d309e786896d7854062 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Tue, 6 Dec 2016 22:48:13 +0100
Subject: [PATCH 111/169] unirec dict: add description for some fields

---
 unirec_fields.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/unirec_fields.md b/unirec_fields.md
index 3e4f10e..cb5588e 100644
--- a/unirec_fields.md
+++ b/unirec_fields.md
@@ -17,7 +17,7 @@ The part of this file is generated automatically, so be careful during any editi
 | uint32 | BAR |  |
 | uint32 | BAZ |  |
 | uint8 | BLACKLIST_TYPE |  |
-| uint64 | BYTES |  |
+| uint64 | BYTES | Total number of bytes transferred by the flow. |
 | uint64 | CALLEE_CNT |  |
 | uint64 | CALLER_CNT |  |
 | time | DETECTION_TIME |  |
@@ -43,7 +43,7 @@ The part of this file is generated automatically, so be careful during any editi
 | uint32 | EVENT_ID |  |
 | uint32 | EVENT_SCALE |  |
 | uint8 | EVENT_TYPE |  |
-| uint64 | FLOWS |  |
+| uint64 | FLOWS | Number of flows, used after aggregation. |
 | uint32 | FOO |  |
 | string | HTTP_CONTENT_TYPE |  |
 | string | HTTP_HOST |  |
@@ -75,9 +75,9 @@ The part of this file is generated automatically, so be careful during any editi
 | string | NTP_SENT |  |
 | uint8 | NTP_STRATUM |  |
 | uint8 | NTP_VERSION |  |
-| uint32 | PACKETS |  |
+| uint32 | PACKETS | Number of packets of the flow. |
 | uint32 | PORT_CNT |  |
-| uint8 | PROTOCOL |  |
+| uint8 | PROTOCOL | Transport protocol identification (e.g. 6 for TCP, 17 for UDP, https://en.wikipedia.org/wiki/List_of_IP_protocol_numbers). |
 | uint64 | REQ_BYTES |  |
 | uint32 | REQ_FLOWS |  |
 | uint32 | REQ_PACKETS |  |
@@ -118,7 +118,7 @@ The part of this file is generated automatically, so be careful during any editi
 | time | TIME_LAST | Timestamp of the last packet of the flow. |
 | uint32 | TIMEOUT |  |
 | uint8 | TOS |  |
-| uint8 | TTL | Time-To-Live value. |
+| uint8 | TTL | Time-To-Live value from IP header (https://en.wikipedia.org/wiki/Time_to_live). |
 | uint32 | TUNNEL_CNT_PACKET |  |
 | string | TUNNEL_DOMAIN |  |
 | float | TUNNEL_PER_NEW_DOMAIN |  |

From aa4387669949056589bbc23a309b2ed5a9903548 Mon Sep 17 00:00:00 2001
From: Jiri Havranek <havraji6@fit.cvut.cz>
Date: Sat, 10 Dec 2016 11:46:12 +0100
Subject: [PATCH 112/169] update unirec_fields.md

---
 unirec_fields.md | 164 +++++++++++++++++++++++------------------------
 1 file changed, 82 insertions(+), 82 deletions(-)

diff --git a/unirec_fields.md b/unirec_fields.md
index cb5588e..5a9a2d3 100644
--- a/unirec_fields.md
+++ b/unirec_fields.md
@@ -7,83 +7,83 @@ The part of this file is generated automatically, so be careful during any editi
 | Field name | Field data type | Description |
 | ----- | ----- | ----- |
 | uint32 | ADDR_CNT |  |
-| bytes | ARP_DST_HA |  |
-| bytes | ARP_DST_PA |  |
-| uint16 | ARP_HA_FORMAT |  |
-| uint16 | ARP_OPCODE |  |
-| uint16 | ARP_PA_FORMAT |  |
-| bytes | ARP_SRC_HA |  |
-| bytes | ARP_SRC_PA |  |
-| uint32 | BAR |  |
-| uint32 | BAZ |  |
-| uint8 | BLACKLIST_TYPE |  |
+| bytes | ARP_DST_HA | ARP destination hardware address. |
+| bytes | ARP_DST_PA | ARP destination protocol address. |
+| uint16 | ARP_HA_FORMAT | Type of ARP hardware address. |
+| uint16 | ARP_OPCODE | Type of ARP message. |
+| uint16 | ARP_PA_FORMAT | Type of ARP protocol address. |
+| bytes | ARP_SRC_HA | ARP source hardware address. |
+| bytes | ARP_SRC_PA | ARP source protocol address. |
+| uint32 | BAR | Generic field containing 32bit unsigned integer (used for testing and example purposes). |
+| uint32 | BAZ | Generic field containing 32bit unsigned integer (used for testing and example purposes). |
+| uint8 | BLACKLIST_TYPE | Type of the used blacklist (spam, C&C, malware, etc.). |
 | uint64 | BYTES | Total number of bytes transferred by the flow. |
 | uint64 | CALLEE_CNT |  |
 | uint64 | CALLER_CNT |  |
-| time | DETECTION_TIME |  |
-| uint8 | DIR_BIT_FIELD |  |
-| uint8 | DIRECTION_FLAGS |  |
-| uint16 | DNS_ANSWERS |  |
-| uint8 | DNS_BLACKLIST |  |
-| uint16 | DNS_CLASS |  |
-| uint8 | DNS_DO |  |
-| uint16 | DNS_ID |  |
-| string | DNS_NAME |  |
-| uint16 | DNS_PSIZE |  |
-| uint16 | DNS_QTYPE |  |
-| uint8 | DNS_RCODE |  |
-| bytes | DNS_RDATA |  |
-| uint16 | DNS_RLENGTH |  |
-| uint32 | DNS_RR_TTL |  |
-| uint64 | DST_BLACKLIST |  |
+| time | DETECTION_TIME | Timestamp of the detection of some event. |
+| uint8 | DIR_BIT_FIELD | Bit field used for detemining incomming/outgoing flow. |
+| uint8 | DIRECTION_FLAGS | Bit field for identification of flow direction. |
+| uint16 | DNS_ANSWERS | Number of DNS answer records. |
+| uint8 | DNS_BLACKLIST | ID of blacklist which contains suspicious domain name. |
+| uint16 | DNS_CLASS | Class field from DNS question. |
+| uint8 | DNS_DO | DNSSEC OK bit. |
+| uint16 | DNS_ID | DNS transaction ID. |
+| string | DNS_NAME | DNS question domain name. |
+| uint16 | DNS_PSIZE | Requestor's payload size (RFC 6891). |
+| uint16 | DNS_QTYPE | DNS question type field. |
+| uint8 | DNS_RCODE | DNS response code field. |
+| bytes | DNS_RDATA | Resource record specific data. |
+| uint16 | DNS_RLENGTH | Length of DNS_RDATA. |
+| uint32 | DNS_RR_TTL | DNS resource record TTL field. |
+| uint64 | DST_BLACKLIST | Bit field of blacklists IDs which contains the destination address of the flow. |
 | ipaddr | DST_IP | Destination IP address. |
 | bytes | DST_MAC | Destination MAC address (L2). |
 | uint16 | DST_PORT | Destination port of Transport layer (L4), e.g. TCP, UDP. |
-| uint16 | ETHERTYPE |  |
-| uint32 | EVENT_ID |  |
-| uint32 | EVENT_SCALE |  |
-| uint8 | EVENT_TYPE |  |
+| uint16 | ETHERTYPE | Protocol encapsulated in payload of L2 frame. |
+| uint32 | EVENT_ID | Identification number of reported event. |
+| uint32 | EVENT_SCALE | Attack intensity. |
+| uint8 | EVENT_TYPE | Type of detected event. |
 | uint64 | FLOWS | Number of flows, used after aggregation. |
-| uint32 | FOO |  |
-| string | HTTP_CONTENT_TYPE |  |
-| string | HTTP_HOST |  |
-| string | HTTP_METHOD |  |
-| string | HTTP_REFERER |  |
-| string | HTTP_REQUEST_HOST | HTTP Hostname from request. |
-| string | HTTP_REQUEST_REFERER |  |
-| string | HTTP_REQUEST_URL |  |
-| uint16 | HTTP_RESPONSE_CODE |  |
+| uint32 | FOO | Generic field containing 32bit unsigned integer (used for testing and example purposes). |
+| string | HTTP_CONTENT_TYPE | Content type field from HTTP response message. |
+| string | HTTP_HOST | Host field from HTTP request message. |
+| string | HTTP_METHOD | Method field from HTTP request message. |
+| string | HTTP_REFERER | Referer field from HTTP request message. |
+| string | HTTP_REQUEST_HOST | Host field from HTTP request message. |
+| string | HTTP_REQUEST_REFERER | Referer field from HTTP request message. |
+| string | HTTP_REQUEST_URL | URL field from HTTP request message. |
+| uint16 | HTTP_RESPONSE_CODE | Response code from HTTP response message. |
 | string | HTTP_SDM_REQUEST_HOST |  |
 | string | HTTP_SDM_REQUEST_REFERER |  |
 | string | HTTP_SDM_REQUEST_URL |  |
-| string | HTTP_URL |  |
-| string | HTTP_USER_AGENT |  |
+| string | HTTP_URL | URL field from HTTP request message. |
+| string | HTTP_USER_AGENT | User agent field from HTTP request message. |
 | uint64 | INVITE_CNT |  |
-| ipaddr | IP |  |
-| uint64 | LINK_BIT_FIELD |  |
-| string | NOTE |  |
-| uint32 | NTP_DELAY |  |
-| uint32 | NTP_DISPERSION |  |
-| uint8 | NTP_LEAP |  |
-| uint8 | NTP_MODE |  |
-| string | NTP_ORIG |  |
-| uint8 | NTP_POLL |  |
-| uint8 | NTP_PRECISION |  |
-| string | NTP_RECV |  |
-| string | NTP_REF |  |
-| string | NTP_REF_ID |  |
-| string | NTP_SENT |  |
-| uint8 | NTP_STRATUM |  |
-| uint8 | NTP_VERSION |  |
+| ipaddr | IP | IP address. |
+| uint64 | LINK_BIT_FIELD | Bit field where each bit marks whether a flow was captured on corresponding link. |
+| string | NOTE | Generic string note. |
+| uint32 | NTP_DELAY | NTP root delay. |
+| uint32 | NTP_DISPERSION | NTP root dispersion. |
+| uint8 | NTP_LEAP | NTP leap field. |
+| uint8 | NTP_MODE | NTP mode field. |
+| string | NTP_ORIG | NTP origin timestamp. |
+| uint8 | NTP_POLL | NTP poll interval. |
+| uint8 | NTP_PRECISION | NTP precision field. |
+| string | NTP_RECV | NTP receive timestamp. |
+| string | NTP_REF | NTP reference timestamp. |
+| string | NTP_REF_ID | NTP reference ID. |
+| string | NTP_SENT | NTP transmit timestamp. |
+| uint8 | NTP_STRATUM | NTP stratum field. |
+| uint8 | NTP_VERSION | NTP message version. |
 | uint32 | PACKETS | Number of packets of the flow. |
 | uint32 | PORT_CNT |  |
 | uint8 | PROTOCOL | Transport protocol identification (e.g. 6 for TCP, 17 for UDP, https://en.wikipedia.org/wiki/List_of_IP_protocol_numbers). |
-| uint64 | REQ_BYTES |  |
-| uint32 | REQ_FLOWS |  |
-| uint32 | REQ_PACKETS |  |
-| uint64 | RSP_BYTES |  |
-| uint32 | RSP_FLOWS |  |
-| uint32 | RSP_PACKETS |  |
+| uint64 | REQ_BYTES | Number of bytes in a flow or in an interval (requests). |
+| uint32 | REQ_FLOWS | Number of flows in an interval (requests). |
+| uint32 | REQ_PACKETS | Number of packets in a flow or in an interval (requests). |
+| uint64 | RSP_BYTES | Number of bytes in a flow or in an interval (responses). |
+| uint32 | RSP_FLOWS | Number of flows in an interval (responses). |
+| uint32 | RSP_PACKETS | Number of packets in a flow or in an interval (responses). |
 | uint32 | SBFD_ATTEMPTS |  |
 | uint32 | SBFD_AVG_ATTEMPTS |  |
 | time | SBFD_BREACH_TIME |  |
@@ -96,7 +96,7 @@ The part of this file is generated automatically, so be careful during any editi
 | ipaddr | SBFD_SOURCE |  |
 | ipaddr | SBFD_TARGET |  |
 | string | SBFD_USER |  |
-| string | SDM_CAPTURE_FILE_ID |  |
+| string | SDM_CAPTURE_FILE_ID | ID of file for sdmcap. |
 | string | SIP_CALLED_PARTY |  |
 | string | SIP_CALL_ID |  |
 | string | SIP_CALLING_PARTY |  |
@@ -106,34 +106,34 @@ The part of this file is generated automatically, so be careful during any editi
 | uint16 | SIP_STATUS_CODE |  |
 | string | SIP_USER_AGENT |  |
 | string | SIP_VIA |  |
-| uint64 | SRC_BLACKLIST |  |
-| ipaddr | SRC_IP |  |
+| uint64 | SRC_BLACKLIST | Bit field of blacklists IDs which contains the source address of the flow. |
+| ipaddr | SRC_IP | Source IP address. |
 | bytes | SRC_MAC | Destination MAC address (L2). |
 | uint16 | SRC_PORT | Source port of Transport layer (L4), e.g. TCP, UDP. |
 | string | STR1 |  |
 | string | STR2 |  |
 | uint8 | TCP_FLAGS | TCP flags of all packets from the flow - flag bits are added bitwise. |
-| time | TIME |  |
+| time | TIME | Timestamp of packet capture. |
 | time | TIME_FIRST | Timestamp of the first packet of the flow. |
 | time | TIME_LAST | Timestamp of the last packet of the flow. |
 | uint32 | TIMEOUT |  |
-| uint8 | TOS |  |
+| uint8 | TOS | Type of service field from IP header. |
 | uint8 | TTL | Time-To-Live value from IP header (https://en.wikipedia.org/wiki/Time_to_live). |
-| uint32 | TUNNEL_CNT_PACKET |  |
-| string | TUNNEL_DOMAIN |  |
-| float | TUNNEL_PER_NEW_DOMAIN |  |
-| float | TUNNEL_PER_SUBDOMAIN |  |
-| uint8 | TUNNEL_TYPE |  |
+| uint32 | TUNNEL_CNT_PACKET | Number of packets which were recorded recognized like anomaly. |
+| string | TUNNEL_DOMAIN | Anomaly domain name. |
+| float | TUNNEL_PER_NEW_DOMAIN | Percent of new domains (searched just ones). |
+| float | TUNNEL_PER_SUBDOMAIN | Percent of subdomains in the most used domain for tunnel type, for another anomaly it is percent of different domains. |
+| uint8 | TUNNEL_TYPE | Type of detected event. |
 | string | URL |  |
-| string | VOIP_FRAUD_COUNTRY_CODE |  |
-| uint32 | VOIP_FRAUD_INVITE_COUNT |  |
-| uint32 | VOIP_FRAUD_PREFIX_EXAMINATION_COUNT |  |
-| uint16 | VOIP_FRAUD_PREFIX_LENGTH |  |
-| string | VOIP_FRAUD_SIP_FROM |  |
-| string | VOIP_FRAUD_SIP_TO |  |
-| uint32 | VOIP_FRAUD_SUCCESSFUL_CALL_COUNT |  |
-| string | VOIP_FRAUD_USER_AGENT |  |
-| uint8 | WARDEN_TYPE |  |
+| string | VOIP_FRAUD_COUNTRY_CODE | Country identification (ISO 3166, 2 char). |
+| uint32 | VOIP_FRAUD_INVITE_COUNT | Total number of INVITE requests in the context of prefix examination. |
+| uint32 | VOIP_FRAUD_PREFIX_EXAMINATION_COUNT | Number of unique SIP TO that was evaluated as prefix examination attack. |
+| uint16 | VOIP_FRAUD_PREFIX_LENGTH | Prefix length of VOIP_FRAUD_SIP_TO (in prefix examination attack). |
+| string | VOIP_FRAUD_SIP_FROM | SIP FROM header. |
+| string | VOIP_FRAUD_SIP_TO | SIP TO header. |
+| uint32 | VOIP_FRAUD_SUCCESSFUL_CALL_COUNT | Number of successful calls initiation to unique SIP TO in the context of prefix examination. |
+| string | VOIP_FRAUD_USER_AGENT | SIP User-Agent header. |
+| uint8 | WARDEN_TYPE | Type of event. |
 
 This table can be updated using `ur_dict_updater.sh` which completes missing fields.
 Description of the fields must be filled manually.

From 0d4cda1a1f9bc2d0a7bb000ea9a30ea5231958d0 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Fri, 16 Dec 2016 10:55:33 +0100
Subject: [PATCH 113/169] added description of SBFD fields

---
 unirec_fields.md | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/unirec_fields.md b/unirec_fields.md
index cb5588e..eba69b7 100644
--- a/unirec_fields.md
+++ b/unirec_fields.md
@@ -84,18 +84,18 @@ The part of this file is generated automatically, so be careful during any editi
 | uint64 | RSP_BYTES |  |
 | uint32 | RSP_FLOWS |  |
 | uint32 | RSP_PACKETS |  |
-| uint32 | SBFD_ATTEMPTS |  |
-| uint32 | SBFD_AVG_ATTEMPTS |  |
-| time | SBFD_BREACH_TIME |  |
-| time | SBFD_CEASE_TIME |  |
-| uint64 | SBFD_EVENT_ID |  |
-| time | SBFD_EVENT_TIME |  |
-| uint8 | SBFD_EVENT_TYPE |  |
-| uint64 | SBFD_LINK_BIT_FIELD |  |
-| uint8 | SBFD_PROTOCOL |  |
-| ipaddr | SBFD_SOURCE |  |
-| ipaddr | SBFD_TARGET |  |
-| string | SBFD_USER |  |
+| uint32 | SBFD_ATTEMPTS | total number of attack messages received |
+| uint32 | SBFD_AVG_ATTEMPTS | average count of attack messages received (relevant in case of user scan attack type) |
+| time | SBFD_BREACH_TIME | time of breach occurrence (can be 0 if the breach did not occur) |
+| time | SBFD_CEASE_TIME | time of the last attack message received |
+| uint64 | SBFD_EVENT_ID | a unique number of an alert |
+| time | SBFD_EVENT_TIME | time of the first attack message received |
+| uint8 | SBFD_EVENT_TYPE | type of an alert (0 - simple brute-force, 1 - distributed brute-force, 2 - user scan) |
+| uint64 | SBFD_LINK_BIT_FIELD | indicator of the particular monitoring probe |
+| uint8 | SBFD_PROTOCOL | used to perform the attack (TCP or UDP) |
+| ipaddr | SBFD_SOURCE | IP address of the attacker |
+| ipaddr | SBFD_TARGET | IP address of the targeted server |
+| string | SBFD_USER | name of the targeted user (can be empty in case of user scan alert) |
 | string | SDM_CAPTURE_FILE_ID |  |
 | string | SIP_CALLED_PARTY |  |
 | string | SIP_CALL_ID |  |

From 735511f412cfe9e93ea99cff1532f78371db5619 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Fri, 16 Dec 2016 11:55:22 +0100
Subject: [PATCH 114/169] added description of some fields to unirec_fields.md

---
 unirec_fields.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/unirec_fields.md b/unirec_fields.md
index 61dca69..d88a293 100644
--- a/unirec_fields.md
+++ b/unirec_fields.md
@@ -6,7 +6,7 @@ The part of this file is generated automatically, so be careful during any editi
 # List of UniRec fields
 | Field name | Field data type | Description |
 | ----- | ----- | ----- |
-| uint32 | ADDR_CNT |  |
+| uint32 | ADDR_CNT | Number of probed destination addresses. |
 | bytes | ARP_DST_HA | ARP destination hardware address. |
 | bytes | ARP_DST_PA | ARP destination protocol address. |
 | uint16 | ARP_HA_FORMAT | Type of ARP hardware address. |
@@ -18,8 +18,8 @@ The part of this file is generated automatically, so be careful during any editi
 | uint32 | BAZ | Generic field containing 32bit unsigned integer (used for testing and example purposes). |
 | uint8 | BLACKLIST_TYPE | Type of the used blacklist (spam, C&C, malware, etc.). |
 | uint64 | BYTES | Total number of bytes transferred by the flow. |
-| uint64 | CALLEE_CNT |  |
-| uint64 | CALLER_CNT |  |
+| uint64 | CALLEE_CNT | VoIP Fraud Detection specific field for counting number of unique calling parties. |
+| uint64 | CALLER_CNT | VoIP Fraud Detection specific field for counting number of unique called parties. |
 | time | DETECTION_TIME | Timestamp of the detection of some event. |
 | uint8 | DIR_BIT_FIELD | Bit field used for detemining incomming/outgoing flow. |
 | uint8 | DIRECTION_FLAGS | Bit field for identification of flow direction. |
@@ -58,7 +58,7 @@ The part of this file is generated automatically, so be careful during any editi
 | string | HTTP_SDM_REQUEST_URL |  |
 | string | HTTP_URL | URL field from HTTP request message. |
 | string | HTTP_USER_AGENT | User agent field from HTTP request message. |
-| uint64 | INVITE_CNT |  |
+| uint64 | INVITE_CNT | VoIP Fraud Detection specific field for counting number INVITE requests observed. |
 | ipaddr | IP | IP address. |
 | uint64 | LINK_BIT_FIELD | Bit field where each bit marks whether a flow was captured on corresponding link. |
 | string | NOTE | Generic string note. |
@@ -76,7 +76,7 @@ The part of this file is generated automatically, so be careful during any editi
 | uint8 | NTP_STRATUM | NTP stratum field. |
 | uint8 | NTP_VERSION | NTP message version. |
 | uint32 | PACKETS | Number of packets of the flow. |
-| uint32 | PORT_CNT |  |
+| uint32 | PORT_CNT | Number of probed destination ports. |
 | uint8 | PROTOCOL | Transport protocol identification (e.g. 6 for TCP, 17 for UDP, https://en.wikipedia.org/wiki/List_of_IP_protocol_numbers). |
 | uint64 | REQ_BYTES | Number of bytes in a flow or in an interval (requests). |
 | uint32 | REQ_FLOWS | Number of flows in an interval (requests). |
@@ -116,7 +116,7 @@ The part of this file is generated automatically, so be careful during any editi
 | time | TIME | Timestamp of packet capture. |
 | time | TIME_FIRST | Timestamp of the first packet of the flow. |
 | time | TIME_LAST | Timestamp of the last packet of the flow. |
-| uint32 | TIMEOUT |  |
+| uint32 | TIMEOUT | Timeout for capture rule. (related to time machine). |
 | uint8 | TOS | Type of service field from IP header. |
 | uint8 | TTL | Time-To-Live value from IP header (https://en.wikipedia.org/wiki/Time_to_live). |
 | uint32 | TUNNEL_CNT_PACKET | Number of packets which were recorded recognized like anomaly. |

From 3b940071187c70a8f844bcf4cd87f208126bd2b4 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Fri, 30 Dec 2016 09:52:11 +0100
Subject: [PATCH 115/169] travis.yml: updated names of dependency packages

---
 .travis.yml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index bdf802a..b48e7b6 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -13,15 +13,17 @@ addons:
     sources:
       - ubuntu-toolchain-r-test
     packages:
-      - gcc-c++
+      - gcc-multilib
+      - gcc
+      - g++
       - autoconf
       - pkg-config
       - make
       - automake
-      - libxml2-devel
+      - libxml2-dev
       - libxml2
-      - libpcap-devel
-      - libpcap
+      - libpcap0.8-dev
+      - libpcap0.8
 
 script:
   - git submodule init; git submodule update

From 76a9753c94be4ac3c8e9a60e09b1fa75097b5b63 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Fri, 30 Dec 2016 14:58:33 +0100
Subject: [PATCH 116/169] travis.yml: added libnf to dependencies

---
 .travis.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.travis.yml b/.travis.yml
index b48e7b6..2d9dcaa 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -25,6 +25,11 @@ addons:
       - libpcap0.8-dev
       - libpcap0.8
 
+before_install:
+  - ( wget -qO - http://libnf.net/packages/libnf-1.25.tar.gz | 
+  tar -xzf - && cd libnf-1.25 && 
+  ./configure -q && make -j3 install; )
+
 script:
   - git submodule init; git submodule update
   - ./bootstrap.sh && ./configure && make clean && make -j5

From 9ba3f7d28aac371913b530a9b1959f92001feda8 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Fri, 30 Dec 2016 15:06:47 +0100
Subject: [PATCH 117/169] travis.yml: attempt #1 to fix bug in parsing
 travis.yml

---
 .travis.yml | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 2d9dcaa..21b6d82 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -26,9 +26,7 @@ addons:
       - libpcap0.8
 
 before_install:
-  - ( wget -qO - http://libnf.net/packages/libnf-1.25.tar.gz | 
-  tar -xzf - && cd libnf-1.25 && 
-  ./configure -q && make -j3 install; )
+  - ( wget -qO - http://libnf.net/packages/libnf-1.25.tar.gz | tar -xzf - && cd libnf-1.25 && ./configure -q && make -j3 install; )
 
 script:
   - git submodule init; git submodule update

From 42bcbca89a0ecc7efa5cacab074fcba8f52e9df9 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Fri, 30 Dec 2016 15:11:25 +0100
Subject: [PATCH 118/169] travis.yml: attempt #2 to fix travis build

---
 .travis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index 21b6d82..abb2e07 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -26,7 +26,7 @@ addons:
       - libpcap0.8
 
 before_install:
-  - ( wget -qO - http://libnf.net/packages/libnf-1.25.tar.gz | tar -xzf - && cd libnf-1.25 && ./configure -q && make -j3 install; )
+  - ( wget -qO - http://libnf.net/packages/libnf-1.25.tar.gz | tar -xzf - && cd libnf-1.25 && ./configure -q && sudo make -j3 install; )
 
 script:
   - git submodule init; git submodule update

From a8eb3a02ffc739c1010eaf43f53de319d87cc037 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Sat, 7 Jan 2017 14:55:30 +0100
Subject: [PATCH 119/169] increased version, released RPM package

---
 configure.ac     | 2 +-
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/configure.ac b/configure.ac
index eb6fafa..b036f14 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([nemea], [2.3.1], [traffic-analysis@cesnet.cz])
+AC_INIT([nemea], [2.3.2], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 RELEASE=1
 AC_SUBST(RELEASE)
diff --git a/detectors b/detectors
index 3f11406..b1d0d79 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 3f11406616774ec6afb9242282ff8c2a6e4ccdd1
+Subproject commit b1d0d79690910265b5a5b914a00105da22c3a27a
diff --git a/modules b/modules
index 1272605..2355c62 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 127260589f96f2fd0e9e7ea50955e9d81596d35d
+Subproject commit 2355c62c3ab91d6dba7fb43d25e6d9a1feb5d097
diff --git a/nemea-framework b/nemea-framework
index b9e2499..19ae1ae 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit b9e24990699e5d3e8d8ea5d8258c610060f21dbe
+Subproject commit 19ae1aefd9b0d487b40534da6012adfc67f017e3
diff --git a/nemea-supervisor b/nemea-supervisor
index 3495b0c..4921883 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 3495b0cc641fb2ea6b6b0dbb96b10d27b583f9a7
+Subproject commit 49218838416bf41b5288596d8498fdc7e1f367cf

From ec39fb13e04be22513e57c4593a387cbe2341fd3 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sun, 22 Jan 2017 00:20:10 +0100
Subject: [PATCH 120/169] updated submodules

ChangeLog:
* added man pages
* changed of haddrscan
* changed handling sysconfdir in modules/
* unirec2json module in python
* added proto_traffic
* added link_traffic
* improved&fixed unirecfilter
* fixed pycommon bug in trap ifc usage, +compatibility fix
* fixed unirec - explicit cast of UR_INVALID_FIELD
* cleaned and improved pytrap&pycommon
* changed path to socket directory
* made the socket directory configurable
* added tmpfiles.d config to create /var/run/libtrap automatically
* changed mechanism of connection to service IFCs by supervisor
* improved nemea_status
* fixed memory leaks in service thread
---
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/detectors b/detectors
index b1d0d79..c891957 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit b1d0d79690910265b5a5b914a00105da22c3a27a
+Subproject commit c891957328fb8ca2719bcd246d83661b99b0a12a
diff --git a/modules b/modules
index 2355c62..4de3300 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 2355c62c3ab91d6dba7fb43d25e6d9a1feb5d097
+Subproject commit 4de33002a0e89f4e6016bcc412ca0f3ba3204cda
diff --git a/nemea-framework b/nemea-framework
index 19ae1ae..78672a5 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 19ae1aefd9b0d487b40534da6012adfc67f017e3
+Subproject commit 78672a5d9391e24421960d7f7d273dc881127699
diff --git a/nemea-supervisor b/nemea-supervisor
index 4921883..2e022f0 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 49218838416bf41b5288596d8498fdc7e1f367cf
+Subproject commit 2e022f088cda6c2bfcce584379e5e90ff8ca573d

From 80a566993d3c3e8202893333237a5ed9ec1055cc Mon Sep 17 00:00:00 2001
From: OttoHollmann <hollmott@fit.cvut.cz>
Date: Thu, 9 Feb 2017 11:32:45 +0100
Subject: [PATCH 121/169] doc: update

Fixed link to libnf. (#9)
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 194bfd3..39f7595 100644
--- a/README.md
+++ b/README.md
@@ -69,7 +69,7 @@ The project is divided into four repositories added as submodules:
 
 * rpm-build (build of RPM packages)
 * libpcap ([flow_meter](https://github.com/CESNET/Nemea-Modules/tree/master/flow_meter))
-* [libnf](https://github.com/VUTBR/nf-tools/tree/master/libnf/c) or [libnfdump](http://sourceforge.net/projects/libnfdump/) ([nfreader](https://github.com/CESNET/Nemea-Modules/tree/master/nfreader))
+* [libnf](https://github.com/VUTBR/libnf) or [libnfdump](http://sourceforge.net/projects/libnfdump/) ([nfreader](https://github.com/CESNET/Nemea-Modules/tree/master/nfreader))
 * libidn ([blacklistfilter](https://github.com/CESNET/Nemea-Detectors/tree/master/blacklistfilter))
 * bison and flex ([unirecfilter](https://github.com/CESNET/Nemea-Modules/tree/master/unirecfilter))
 

From 7e6e84c4665002779594f7babf2a3a260f796121 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 9 Feb 2017 11:35:04 +0100
Subject: [PATCH 122/169] doc: update

libnfdump support was removed
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 39f7595..0835107 100644
--- a/README.md
+++ b/README.md
@@ -69,7 +69,7 @@ The project is divided into four repositories added as submodules:
 
 * rpm-build (build of RPM packages)
 * libpcap ([flow_meter](https://github.com/CESNET/Nemea-Modules/tree/master/flow_meter))
-* [libnf](https://github.com/VUTBR/libnf) or [libnfdump](http://sourceforge.net/projects/libnfdump/) ([nfreader](https://github.com/CESNET/Nemea-Modules/tree/master/nfreader))
+* [libnf](https://github.com/VUTBR/libnf) ([nfreader](https://github.com/CESNET/Nemea-Modules/tree/master/nfreader))
 * libidn ([blacklistfilter](https://github.com/CESNET/Nemea-Detectors/tree/master/blacklistfilter))
 * bison and flex ([unirecfilter](https://github.com/CESNET/Nemea-Modules/tree/master/unirecfilter))
 

From 96cbfb1182971fdb5d7f6ad0bdb3f9667fa2703f Mon Sep 17 00:00:00 2001
From: Jiri Havranek <havraji6@fit.cvut.cz>
Date: Wed, 15 Feb 2017 15:31:38 +0100
Subject: [PATCH 123/169] unirec dict: fixed column headers

---
 unirec_fields.md   | 2 +-
 ur_dict_updater.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/unirec_fields.md b/unirec_fields.md
index d88a293..a740528 100644
--- a/unirec_fields.md
+++ b/unirec_fields.md
@@ -4,7 +4,7 @@ The part of this file is generated automatically, so be careful during any editi
 
 
 # List of UniRec fields
-| Field name | Field data type | Description |
+| Field data type | Field name | Description |
 | ----- | ----- | ----- |
 | uint32 | ADDR_CNT | Number of probed destination addresses. |
 | bytes | ARP_DST_HA | ARP destination hardware address. |
diff --git a/ur_dict_updater.sh b/ur_dict_updater.sh
index aa1b3dc..2a2006c 100755
--- a/ur_dict_updater.sh
+++ b/ur_dict_updater.sh
@@ -51,7 +51,7 @@ cat "$EXISTING_FILE" |tail -n+2 |sort -bk2,2 -bk3,3r |
 awk '
 BEGIN {
    print "# List of UniRec fields"
-   print "| Field name | Field data type | Description |"
+   print "| Field data type | Field name | Description |"
    print "| ----- | ----- | ----- |"
 }
 /^..*$/ {

From 3d4832ae273d6cf53524ff3dadc563983b70101b Mon Sep 17 00:00:00 2001
From: Marek Svepes <svepemar@fit.cvut.cz>
Date: Fri, 24 Mar 2017 09:36:57 +0100
Subject: [PATCH 124/169] readme: fixed links and number of lines of example
 module

---
 README.md | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/README.md b/README.md
index 0835107..468999c 100644
--- a/README.md
+++ b/README.md
@@ -445,7 +445,7 @@ to the output interface.
 
 #### Use Example module as a template
 
-Let `~/mighty-module/` be the directory we want to develop our module in (replace path `~/mighty-module/` in all commands with another directory if needed) and *mighty_module* the name of our module.  We will use example module as a template - copy the directory [nemea-framework/examples/module/](https://github.com/CESNET/Nemea-Framework/tree/master/examples/module) to `~/mighty-module/`.
+Let `~/mighty-module/` be the directory we want to develop our module in (replace path `~/mighty-module/` in all commands with another directory if needed) and *mighty_module* the name of our module.  We will use example module as a template - copy the directory [nemea-framework/examples/c/module/](https://github.com/CESNET/Nemea-Framework/tree/master/examples/c/module) to `~/mighty-module/`.
 
 In `~/mighty-module/configure.ac` update the following lines
 ```
@@ -522,31 +522,31 @@ Generated doxygen doc for module developers: https://rawgit.com/CESNET/Nemea-Fra
 
 Generated doxygen doc for libtrap developers: https://rawgit.com/CESNET/Nemea-Framework/master/libtrap/doc/devel/html/index.html
 
-1. [Basic module information](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L74) - specify name, description and number of input / output interfaces of the module
-2. [Module parameters](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L87) - define parameters the module accepts as program arguments
-3. [Module info structure initialization](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L111) - initialize a structure with information from the two previous points
-4. [TRAP initialization](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L116) - initialize module interfaces
-5. [GETOPT macro](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L127) - parse program arguments
+1. [Basic module information](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L71) - specify name, description and number of input / output interfaces of the module
+2. [Module parameters](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L84) - define parameters the module accepts as program arguments
+3. [Module info structure initialization](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L114) - initialize a structure with information from the two previous points
+4. [TRAP initialization](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L120) - initialize module interfaces
+5. [GETOPT macro](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L131) - parse program arguments
 6. Main loop:
-   * [Receive a message](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L172) - receive a message in UniRec format from input interface
-   * [Handle receive error](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L175) - check whether an error has occured during receive
-   * [Send a message](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L200) - send a message in UniRec format via output interface
-   * [Handle send error](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L203) - check whether an error has ocurred during send
-7. [TRAP and module info clean-up](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L210) - free everything, libtrap finalization
+   * [Receive a message](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L176) - receive a message in UniRec format from input interface
+   * [Handle receive error](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L179) - check whether an error has occured during receive
+   * [Send a message](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L204) - send a message in UniRec format via output interface
+   * [Handle send error](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L207) - check whether an error has ocurred during send
+7. [TRAP and module info clean-up](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L214) - free everything, libtrap finalization
 
 
 #### UniRec
 
 Generated doxygen doc: https://rawgit.com/CESNET/Nemea-Framework/master/unirec/doc/html/index.html
 
-1. [UniRec fields definition](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L62) - define data types and names of the fields which will be used in UniRec messages (both received and sent messages), e.g. *uint32 PACKETS*
-2. [Templates creation](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L141) - create UniRec templates separately for every interface (a template defines set of fields in the message) note: two input interfaces receiving same messages can use one template
-3. [Output record allocation](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L154) - allocate a memory for message sent via output interface
+1. [UniRec fields definition](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L59) - define data types and names of the fields which will be used in UniRec messages (both received and sent messages), e.g. *uint32 PACKETS*
+2. [Templates creation](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L144) - create UniRec templates separately for every interface (a template defines set of fields in the message) note: two input interfaces receiving same messages can use one template
+3. [Output record allocation](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L157) - allocate a memory for message sent via output interface
 4. Main loop (*fields manipulation*):
-   * [get field](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L191) - get a value of specified field from received message according to UniRec template
-   * [set field](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L196) - set a value of specified field in message which will be sent according to UniRec template
-   * [copy fields](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L195) - copy values of fields in received message to fields in message which will be sent according to UniRec templates of both interfaces (only fields that are common for both interfaces are copied)
-5. [UniRec cleanup](https://github.com/CESNET/Nemea-Framework/blob/master/examples/module/example_module.c#L219) - free everything, UniRec finalization
+   * [get field](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L195) - get a value of specified field from received message according to UniRec template
+   * [set field](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L200) - set a value of specified field in message which will be sent according to UniRec template
+   * [copy fields](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L199) - copy values of fields in received message to fields in message which will be sent according to UniRec templates of both interfaces (only fields that are common for both interfaces are copied)
+5. [UniRec cleanup](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L219) - free everything, UniRec finalization
 
 
 ### Execute the module

From e3cb4b2634c95e06914989a7cff16b17a7090e19 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Mon, 3 Jul 2017 13:31:12 +0200
Subject: [PATCH 125/169] increased version, released RPM package

---
 configure.ac     | 2 +-
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/configure.ac b/configure.ac
index b036f14..3572c11 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([nemea], [2.3.2], [traffic-analysis@cesnet.cz])
+AC_INIT([nemea], [2.3.3], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 RELEASE=1
 AC_SUBST(RELEASE)
diff --git a/detectors b/detectors
index c891957..b01cc7a 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit c891957328fb8ca2719bcd246d83661b99b0a12a
+Subproject commit b01cc7a976df6712bdd156e041a7970ee9fb74c3
diff --git a/modules b/modules
index 4de3300..bb2c87d 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 4de33002a0e89f4e6016bcc412ca0f3ba3204cda
+Subproject commit bb2c87dfe025714dbac58158b29ba2c509b26158
diff --git a/nemea-framework b/nemea-framework
index 78672a5..6f0b292 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 78672a5d9391e24421960d7f7d273dc881127699
+Subproject commit 6f0b2928fdec4718e5b23d2062597f3a662d602c
diff --git a/nemea-supervisor b/nemea-supervisor
index 2e022f0..dab9281 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 2e022f088cda6c2bfcce584379e5e90ff8ca573d
+Subproject commit dab9281644bbc46dd5eeba386b35502f03427f88

From e44b8f42f2745815f21f4afee5bd96ddb23d3754 Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Sun, 24 Sep 2017 14:58:12 +0200
Subject: [PATCH 126/169] increased version, released RPM metapackage

---
 configure.ac     | 2 +-
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/configure.ac b/configure.ac
index 3572c11..1da0ac3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([nemea], [2.3.3], [traffic-analysis@cesnet.cz])
+AC_INIT([nemea], [2.3.4], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 RELEASE=1
 AC_SUBST(RELEASE)
diff --git a/detectors b/detectors
index b01cc7a..49b3f09 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit b01cc7a976df6712bdd156e041a7970ee9fb74c3
+Subproject commit 49b3f09a6bcf165ffeeae6239c59e5f6022b51fe
diff --git a/modules b/modules
index bb2c87d..8ef5ae8 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit bb2c87dfe025714dbac58158b29ba2c509b26158
+Subproject commit 8ef5ae870f8908c23cca89618bd2aecec87b3c8d
diff --git a/nemea-framework b/nemea-framework
index 6f0b292..7778edd 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 6f0b2928fdec4718e5b23d2062597f3a662d602c
+Subproject commit 7778edd34d18ec73ca154fdb289aafc8dcd41cf4
diff --git a/nemea-supervisor b/nemea-supervisor
index dab9281..e77cadd 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit dab9281644bbc46dd5eeba386b35502f03427f88
+Subproject commit e77caddb54e51d97cff62bf543586694ce1e96f9

From 7407bc66550c69b97fda8b1ab4b042b55fef9d2d Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Wed, 27 Sep 2017 17:45:19 +0200
Subject: [PATCH 127/169] enabled repobuild for submodules on travis

---
 .travis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index abb2e07..601c288 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -30,5 +30,5 @@ before_install:
 
 script:
   - git submodule init; git submodule update
-  - ./bootstrap.sh && ./configure && make clean && make -j5
+  - ./bootstrap.sh && ./configure --enable-repobuild && make clean && make -j5
 

From 09cf49cc27937d215d411ee702199ff3fe66ce4c Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Thu, 28 Sep 2017 15:17:59 +0200
Subject: [PATCH 128/169] increased submodules revision, in order to fix build
 on travis

---
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/detectors b/detectors
index 49b3f09..3469288 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 49b3f09a6bcf165ffeeae6239c59e5f6022b51fe
+Subproject commit 34692880724c39c98fc09349aff35ce9113062e2
diff --git a/modules b/modules
index 8ef5ae8..9492231 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 8ef5ae870f8908c23cca89618bd2aecec87b3c8d
+Subproject commit 9492231564ece92a9cc86e5c909d19d23772a82e
diff --git a/nemea-framework b/nemea-framework
index 7778edd..48f1e0c 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 7778edd34d18ec73ca154fdb289aafc8dcd41cf4
+Subproject commit 48f1e0c65de91b76d2361e678e58302c2af7482d
diff --git a/nemea-supervisor b/nemea-supervisor
index e77cadd..2da4900 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit e77caddb54e51d97cff62bf543586694ce1e96f9
+Subproject commit 2da49004e3403fe86671f3e3a5cd80da98900cd7

From 0e052720c00d91ff1889b25f5ee3fc79e11e7dfe Mon Sep 17 00:00:00 2001
From: Tomas Jansky <janskto1@fit.cvut.cz>
Date: Mon, 4 Dec 2017 10:44:44 +0100
Subject: [PATCH 129/169] increased version, moved revision of submodules,
 added new release of NEMEA on GitHub

---
 configure.ac     | 2 +-
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/configure.ac b/configure.ac
index 1da0ac3..aca2b6f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([nemea], [2.3.4], [traffic-analysis@cesnet.cz])
+AC_INIT([nemea], [2.4.0], [traffic-analysis@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 RELEASE=1
 AC_SUBST(RELEASE)
diff --git a/detectors b/detectors
index 3469288..02d2e30 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 34692880724c39c98fc09349aff35ce9113062e2
+Subproject commit 02d2e30ad5e5b24bcf43b80e74d39e00517b427c
diff --git a/modules b/modules
index 9492231..c84a0c3 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 9492231564ece92a9cc86e5c909d19d23772a82e
+Subproject commit c84a0c3e1e6300e9491bdd7f0a221fd30a113a93
diff --git a/nemea-framework b/nemea-framework
index 48f1e0c..6b65653 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 48f1e0c65de91b76d2361e678e58302c2af7482d
+Subproject commit 6b656539af9791407d4e322571afdf6df936c8c0
diff --git a/nemea-supervisor b/nemea-supervisor
index 2da4900..a8b26cd 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 2da49004e3403fe86671f3e3a5cd80da98900cd7
+Subproject commit a8b26cd8b65c64c92232ed085c4fef63e8001c64

From 25447fdfb7e0e9f1bd597c2bdf71326bea1098e1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20Ber=C3=A1nek?= <martin.beranek@ecommerceholding.cz>
Date: Mon, 18 Dec 2017 18:06:09 +0100
Subject: [PATCH 130/169] Removed package with dependency problems

---
 vagrant/CentOS7/Vagrantfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vagrant/CentOS7/Vagrantfile b/vagrant/CentOS7/Vagrantfile
index 6757583..06f47d5 100644
--- a/vagrant/CentOS7/Vagrantfile
+++ b/vagrant/CentOS7/Vagrantfile
@@ -13,7 +13,7 @@ $install_nemea = <<SCRIPT
 rpm -ivh https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/liberouter-devel-1.0.0-1.noarch.rpm
 wget -O /etc/yum.repos.d/cesnet-nemea.repo https://copr.fedorainfracloud.org/coprs/g/CESNET/NEMEA/repo/epel-7/group_CESNET-NEMEA-epel-7.repo
 rpm --import https://copr-be.cloud.fedoraproject.org/results/@CESNET/NEMEA/pubkey.gpg
-yum install -y nemea nemea-cesnet-modules ipfixcol ipfixcol-unirec-output
+yum install -y nemea nemea-framework-devel ipfixcol ipfixcol-unirec-output
 SCRIPT
 
 $run_supervisor = <<SCRIPT

From 6c809323914d7686d784592e27b8d7ebbe88c675 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Tue, 19 Dec 2017 17:00:50 +0100
Subject: [PATCH 131/169] vagrant: centos7: replace repo with copr

---
 vagrant/CentOS7/Vagrantfile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/vagrant/CentOS7/Vagrantfile b/vagrant/CentOS7/Vagrantfile
index 06f47d5..a23f207 100644
--- a/vagrant/CentOS7/Vagrantfile
+++ b/vagrant/CentOS7/Vagrantfile
@@ -10,7 +10,8 @@ yum install -y vim wget
 SCRIPT
 
 $install_nemea = <<SCRIPT
-rpm -ivh https://homeproj.cesnet.cz/rpm/liberouter/devel/x86_64/liberouter-devel-1.0.0-1.noarch.rpm
+wget -O /etc/yum.repos.d/copr-cesnet-ipfix.repo https://copr.fedorainfracloud.org/coprs/g/CESNET/IPFIXcol/repo/epel-7/group_CESNET-IPFIXcol-epel-7.repo
+rpm --import https://copr-be.cloud.fedoraproject.org/results/@CESNET/IPFIXcol/pubkey.gpg
 wget -O /etc/yum.repos.d/cesnet-nemea.repo https://copr.fedorainfracloud.org/coprs/g/CESNET/NEMEA/repo/epel-7/group_CESNET-NEMEA-epel-7.repo
 rpm --import https://copr-be.cloud.fedoraproject.org/results/@CESNET/NEMEA/pubkey.gpg
 yum install -y nemea nemea-framework-devel ipfixcol ipfixcol-unirec-output

From 364edb372e7cb607b961425ca54d7633439bd5a2 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 8 Mar 2018 09:25:39 +0100
Subject: [PATCH 132/169] build: options to disable
 supervisor/modules/detectors

---
 Makefile.am  | 14 +++++++++++++-
 configure.ac | 18 ++++++++++++++++++
 2 files changed, 31 insertions(+), 1 deletion(-)

diff --git a/Makefile.am b/Makefile.am
index 5380cb4..ad4c3c9 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,4 +1,16 @@
-SUBDIRS=nemea-framework nemea-supervisor modules detectors
+SUBDIRS=nemea-framework
+
+if ENABLE_SUPERVISOR
+SUBDIRS+=nemea-supervisor
+endif
+
+if ENABLE_MODULES
+SUBDIRS+=modules
+endif
+
+if ENABLE_DETECTORS
+SUBDIRS+=detectors
+endif
 
 # because of supervisor, disable systemd checking and installation during
 # distcheck
diff --git a/configure.ac b/configure.ac
index aca2b6f..36c896e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -22,7 +22,25 @@ RPM_RELEASE=1
 AC_SUBST(RPM_RELEASE)
 AM_CONDITIONAL(MAKE_RPMS, test x$RPMBUILD != x)
 
+AC_ARG_ENABLE([supervisor], AC_HELP_STRING([--disable-supervisor], [Disable supervisor.]),
+        [AM_CONDITIONAL([ENABLE_SUPERVISOR], [test "x$enableval" = xyes])],
+        [AM_CONDITIONAL([ENABLE_SUPERVISOR], [true])])
+
+AC_ARG_ENABLE([modules], AC_HELP_STRING([--disable-modules], [Disable NEMEA modules.]),
+        [AM_CONDITIONAL([ENABLE_MODULES], [test "x$enableval" = xyes])],
+        [AM_CONDITIONAL([ENABLE_MODULES], [true])])
+
+AC_ARG_ENABLE([detectors], AC_HELP_STRING([--disable-detectors], [Disable NEMEA detectors.]),
+        [AM_CONDITIONAL([ENABLE_DETECTORS], [test "x$enableval" = xyes])],
+        [AM_CONDITIONAL([ENABLE_DETECTORS], [true])])
+
 AC_CONFIG_FILES([Makefile
                   nemea.spec])
 AC_CONFIG_SUBDIRS([nemea-framework nemea-supervisor modules detectors])
 AC_OUTPUT
+
+echo "Components:"
+echo "  NEMEA modules....................: `if [[ -z "$ENABLE_MODULES_TRUE" ]]; then echo enabled; else echo disabled; fi`"
+echo "  NEMEA detectors..................: `if [[ -z "$ENABLE_DETECTORS_TRUE" ]]; then echo enabled; else echo disabled; fi`"
+echo "  NEMEA supervisor.................: `if [[ -z "$ENABLE_SUPERVISOR_TRUE" ]]; then echo enabled; else echo disabled; fi`"
+

From c54e1b5525fcf433191f39e1972a3b5436526de8 Mon Sep 17 00:00:00 2001
From: Lukas Hutak <xhutak01@stud.fit.vutbr.cz>
Date: Fri, 9 Mar 2018 14:43:28 +0100
Subject: [PATCH 133/169] README: add Debian dependencies, add
 --enable-repobuild

---
 README.md | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 468999c..8e1c805 100644
--- a/README.md
+++ b/README.md
@@ -75,12 +75,17 @@ The project is divided into four repositories added as submodules:
 
 ### How to install dependencies:
 
+Debian/Ubuntu:
 ```
-yum install -y autoconf automake gcc gcc-c++ libtool libxml2-devel make pkg-config libpcap libidn bison flex
+apt-get install -y gawk autoconf automake gcc g++ libtool libxml2-dev make pkg-config libpcap0.8-dev libidn11-dev bison flex
 ```
 
-Note: Latest systems (e.g. Fedora) use `dnf` instead of `yum`.
+RHEL/CentOS/Fedora:
+```
+yum install -y autoconf automake gcc gcc-c++ libtool libxml2-devel make pkg-config libpcap-devel libidn-devel bison flex
+```
 
+Note: Latest systems (e.g. Fedora) use `dnf` instead of `yum`.
 
 # Installation
 
@@ -143,7 +148,7 @@ and compilation process. For more information see:
 We recommend to set paths according to the used operating system, e.g.:
 
 ```
-./configure --prefix=/usr --bindir=/usr/bin/nemea --sysconfdir=/etc/nemea --libdir=/usr/lib64
+./configure --enable-repobuild --prefix=/usr --bindir=/usr/bin/nemea --sysconfdir=/etc/nemea --libdir=/usr/lib64
 ```
 
 After finishing `./configure`, build process can be started by:

From 8375be478106da77ffad1e0cf029eb0118c03c03 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 14 Mar 2018 10:18:32 +0100
Subject: [PATCH 134/169] README: replace specific version of libpcap, add
 bc(1) (used in tests)

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 8e1c805..17e4014 100644
--- a/README.md
+++ b/README.md
@@ -77,12 +77,12 @@ The project is divided into four repositories added as submodules:
 
 Debian/Ubuntu:
 ```
-apt-get install -y gawk autoconf automake gcc g++ libtool libxml2-dev make pkg-config libpcap0.8-dev libidn11-dev bison flex
+apt-get install -y gawk bc autoconf automake gcc g++ libtool libxml2-dev make pkg-config libpcap-dev libidn11-dev bison flex
 ```
 
 RHEL/CentOS/Fedora:
 ```
-yum install -y autoconf automake gcc gcc-c++ libtool libxml2-devel make pkg-config libpcap-devel libidn-devel bison flex
+yum install -y bc autoconf automake gcc gcc-c++ libtool libxml2-devel make pkg-config libpcap-devel libidn-devel bison flex
 ```
 
 Note: Latest systems (e.g. Fedora) use `dnf` instead of `yum`.

From 854e76749862a62438fa67b40e8ed9aa836d3c27 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 12 Jul 2018 13:16:00 +0200
Subject: [PATCH 135/169] add jenkins configuration for CESNET's internal CI

---
 jenkins/Centos-Dockerfile | 16 ++++++++++++
 jenkins/Debian-Dockerfile | 15 +++++++++++
 jenkins/Jenkinsfile       | 53 +++++++++++++++++++++++++++++++++++++++
 3 files changed, 84 insertions(+)
 create mode 100644 jenkins/Centos-Dockerfile
 create mode 100644 jenkins/Debian-Dockerfile
 create mode 100644 jenkins/Jenkinsfile

diff --git a/jenkins/Centos-Dockerfile b/jenkins/Centos-Dockerfile
new file mode 100644
index 0000000..cb1127a
--- /dev/null
+++ b/jenkins/Centos-Dockerfile
@@ -0,0 +1,16 @@
+FROM centos:7
+
+RUN rpm -ih http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm; \
+   yum install -y autoconf automake gcc gcc-c++ libtool libxml2-devel m4 make \
+      openssl openssl-devel pkg-config libxslt-devel graphviz \
+      xsltproc git bc libxml2-python libxslt-python doxygen \
+      libpcap-devel bison flex python python-devel python-pip \
+      python-setuptools python34 python34-devel python34-pip python34-setuptools python-yaml python34-ply python34-yaml \
+      rpm-build epel-rpm-macros; \
+   curl -s 'https://copr.fedorainfracloud.org/coprs/g/CESNET/NEMEA/repo/epel-7/group_CESNET-NEMEA-epel-7.repo' > /etc/yum.repos.d/group_CESNET-NEMEA-epel-7.repo; \
+   yum install -y python-pynspect python34-pynspect
+
+RUN chmod  u+s,o+rx /usr/sbin/useradd /usr/sbin/groupadd; yum install -y sudo; sed -i "\$aALL ALL=(ALL) NOPASSWD:ALL" /etc/sudoers
+
+CMD ["/usr/bin/cat"]
+
diff --git a/jenkins/Debian-Dockerfile b/jenkins/Debian-Dockerfile
new file mode 100644
index 0000000..4123e9b
--- /dev/null
+++ b/jenkins/Debian-Dockerfile
@@ -0,0 +1,15 @@
+FROM debian:stable
+
+RUN apt-get update; apt-get install -y gawk autoconf automake gcc g++ libtool make pkg-config libpcap-dev \
+       libxml2-dev libidn11-dev bison flex \
+       libssl-dev pkg-config libxslt-dev xsltproc doxygen graphviz \
+       bc git \
+       python python-dev python-pip python-setuptools python3 python3-dev python3-pip python3-setuptools \
+       debmake devscripts debhelper python3-all-dev
+
+RUN pip install stdeb; pip3 install stdeb
+
+RUN chmod  u+s,o+rx /usr/sbin/useradd /usr/sbin/groupadd; apt-get install -y sudo; sed -i "\$aALL ALL=(ALL) NOPASSWD:ALL" /etc/sudoers
+
+CMD ["/bin/bash"]
+
diff --git a/jenkins/Jenkinsfile b/jenkins/Jenkinsfile
new file mode 100644
index 0000000..3c9b4ca
--- /dev/null
+++ b/jenkins/Jenkinsfile
@@ -0,0 +1,53 @@
+pipeline {
+    agent none
+    stages {
+        stage('Build Centos') {
+            agent {
+                dockerfile {
+                    filename 'Centos-Dockerfile'
+                    dir 'jenkins'
+                }
+            }
+            steps {
+                //sh './bootstrap.sh && ./configure --prefix=$PWD/install --libdir=$PWD/install/lib -q --enable-debug CXXFLAGS=-coverage CFLAGS=-coverage LDFLAGS=-lgcov && make rpm make install && export LD_LIBRARY_PATH=$PWD/install/lib && export CPPFLAGS=-I$PWD/install/include && (cd pytrap && make coverage; python setup.py install;)'
+
+               sh '/usr/sbin/groupadd -f -g `id -g` jenkins; /usr/sbin/useradd jenkins -u `id -u` -g `id -g`; true'
+
+               sh '( cd nemea-framework/libtrap; ./bootstrap.sh && ./configure -q && make rpm && sudo yum install -y ./RPMBUILD/RPMS/*/libtrap*.rpm;)'
+               sh '( cd nemea-framework/unirec; ./bootstrap.sh && ./configure -q && make rpm && sudo yum install -y ./RPMBUILD/RPMS/*/unirec*.rpm;)'
+               sh '( cd nemea-framework/common; ./bootstrap.sh && ./configure -q && make rpm && sudo yum install -y ./RPMBUILD/RPMS/*/nemea-common*.rpm;)'
+               sh '( ./bootstrap.sh && ./configure -q;)'
+               sh '( cd nemea-framework/pytrap; make rpm; sudo yum install -y ./dist/*.rpm;)'
+               sh '( cd nemea-framework/pycommon; make rpm; sudo yum install -y ./dist/*.rpm;)'
+               sh '( cd modules; ./bootstrap.sh && ./configure -q && make rpm; sudo yum install -y ./RPMBUILD/RPMS/*/*.rpm;)'
+               sh '( cd detectors; ./bootstrap.sh && ./configure -q && make rpm; sudo yum install -y ./RPMBUILD/RPMS/*/*.rpm;)'
+               sh '( cd supervisor; ./bootstrap.sh && ./configure -q && make rpm; sudo yum install -y ./RPMBUILD/RPMS/*/*.rpm;)'
+               sh 'mkdir -p rpms; find libtrap unirec common pytrap pycommon -name "*.rpm" -exec mv {} rpms ";"'
+               archiveArtifacts artifacts: 'rpms/*', onlyIfSuccessful: true
+            }
+        }
+        stage('Build Debian packages') {
+            agent {
+                dockerfile {
+                    filename 'Debian-Dockerfile'
+                    dir 'jenkins'
+                }
+            }
+            steps {
+               sh '/usr/sbin/groupadd -f -g `id -g` jenkins; /usr/sbin/useradd jenkins -u `id -u` -g `id -g`; true'
+
+               sh '( cd nemea-framework/libtrap; ./bootstrap.sh && ./configure -q && make deb && sudo dpkg -i ./libtrap*.deb;)'
+               sh '( cd nemea-framework/unirec; ./bootstrap.sh && ./configure -q && make deb && sudo dpkg -i ./unirec*.deb;)'
+               sh '( cd nemea-framework/common; ./bootstrap.sh && ./configure -q && make deb && sudo dpkg -i ./nemea-common*.deb;)'
+               sh '( cd nemea-framework/pytrap; python setup.py --command-packages=stdeb.command bdist_deb; python3 setup.py --command-packages=stdeb.command bdist_deb; sudo dpkg -i ./deb_dist/*.deb;)'
+               sh '( cd nemea-framework/pycommon; python setup.py --command-packages=stdeb.command bdist_deb; python3 setup.py --command-packages=stdeb.command bdist_deb; sudo dpkg -i ./deb_dist/*.deb;)'
+               sh '( cd modules; ./bootstrap.sh && ./configure -q && make rpm; sudo dpkg -i ./nemea-modules*.deb;)'
+               sh '( cd detectors; ./bootstrap.sh && ./configure -q && make rpm; sudo dpkg -i ./nemea-detectors*.deb;)'
+               sh '( cd supervisor; ./bootstrap.sh && ./configure -q && make rpm; sudo dpkg -i ./nemea-supervisor*.deb;)'
+               sh 'mkdir -p debs; find libtrap unirec common pytrap pycommon -name "*.deb" -exec mv {} debs ";"'
+               archiveArtifacts artifacts: 'debs/*', onlyIfSuccessful: true
+            }
+        }
+    }
+}
+

From 44f951d7510d3995111a9c230ba41536be511048 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 12 Jul 2018 13:56:12 +0200
Subject: [PATCH 136/169] updated framework submodule, debugging jenkins

---
 nemea-framework | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nemea-framework b/nemea-framework
index 6b65653..d264606 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 6b656539af9791407d4e322571afdf6df936c8c0
+Subproject commit d264606dcaabd8e9eb4394572f3c99d44cde8817

From 663f034b848ed6db03e7e92801a1c891cb54f526 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 30 Jul 2018 21:25:01 +0200
Subject: [PATCH 137/169] tools: add script to prepare ChangeLog, NEWS, and
 commit

---
 prepare-package.sh | 101 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 101 insertions(+)
 create mode 100755 prepare-package.sh

diff --git a/prepare-package.sh b/prepare-package.sh
new file mode 100755
index 0000000..b8bb461
--- /dev/null
+++ b/prepare-package.sh
@@ -0,0 +1,101 @@
+#!/bin/bash
+#
+# Copyright (C) 2018 CESNET
+#
+# LICENSE TERMS
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+# 3. Neither the name of the Company nor the names of its contributors
+#    may be used to endorse or promote products derived from this
+#    software without specific prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL) version 2 or later, in which case the provisions
+# of the GPL apply INSTEAD OF those given above.
+#
+# This software is provided ``as is'', and any express or implied
+# warranties, including, but not limited to, the implied warranties of
+# merchantability and fitness for a particular purpose are disclaimed.
+# In no event shall the company or contributors be liable for any
+# direct, indirect, incidental, special, exemplary, or consequential
+# damages (including, but not limited to, procurement of substitute
+# goods or services; loss of use, data, or profits; or business
+# interruption) however caused and on any theory of liability, whether
+# in contract, strict liability, or tort (including negligence or
+# otherwise) arising in any way out of the use of this software, even
+# if advised of the possibility of such damage.
+#
+
+
+function cont_prompt()
+{
+   read -p "Continue? [y/n] " -n 1 prompt
+   echo ""
+   if [ "$prompt" != "y" -a "$prompt" != "Y" ]; then
+      exit 1
+   fi
+}
+
+lastreleased=$(git log -n 1 --grep="released\? \(RPM \)\?package" --format=%h -- ./configure.ac)
+
+if [ -z "$lastreleased" ]; then
+   echo "I didn't find the last commit that released new package."
+   exit 1
+else
+   echo "The package was lastly released by $lastreleased."
+   git show -q $lastreleased
+   echo ""
+
+   echo "I found these changes since the last release:"
+   git shortlog --no-merges $lastreleased..HEAD -- ./
+   cont_prompt
+fi
+
+lastversion=$(git show $lastreleased:./configure.ac | sed -n 's/AC_INIT([^,]*, \?\([^,]*\),.*/\1/p;' |tr -d '[]')
+currversion=$(sed -n 's/AC_INIT([^,]*, \?\([^,]*\),.*/\1/p;' configure.ac |tr -d '[]')
+name=$(sed -n 's/AC_INIT(\([^,]*\),.*/\1/p;' configure.ac |tr -d '[]')
+
+echo "Version is changing from $lastversion to $currversion."
+
+cont_prompt
+
+changelog="$(date "+%F $name-$currversion"
+git log --pretty='subject:%s%nbody:%b' $lastreleased..master -- .| sed -n 's/subject:\([^:]*\):.*/\t* \1:/p; s/\(body:\)\?\s*changelog: \(.*\)/\t\t\2/p;'
+echo ""
+)"
+
+echo "$changelog" > ChangeLog.tmp
+$EDITOR ChangeLog.tmp
+
+cat ChangeLog.tmp
+
+echo "I will update ChangeLog with Your entry..."
+cont_prompt
+
+cat ChangeLog >> ChangeLog.tmp
+mv ChangeLog.tmp ChangeLog
+
+git log --date=short --no-merges --format="%cd (%an): %s" $lastreleased..HEAD -- ./>> NEWS.tmp
+$EDITOR NEWS.tmp
+
+echo "I will Insert this NEWS..."
+cont_prompt
+
+cat NEWS >> NEWS.tmp
+mv NEWS.tmp NEWS
+
+echo "I will prepare a commit about released package..."
+cont_prompt
+
+git commit -a -m "$name: increased version, updated ChangeLog, released RPM package" -e
+
+

From d52e9a763189b689fed9d27d0dee6fd5069f36b5 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 30 Jul 2018 22:40:20 +0200
Subject: [PATCH 138/169] tools: prepare-package: add code to check and
 increase LIBTOOL version

---
 prepare-package.sh | 57 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)

diff --git a/prepare-package.sh b/prepare-package.sh
index b8bb461..71aa510 100755
--- a/prepare-package.sh
+++ b/prepare-package.sh
@@ -45,6 +45,7 @@ function cont_prompt()
    fi
 }
 
+# Look up commit of last releasing
 lastreleased=$(git log -n 1 --grep="released\? \(RPM \)\?package" --format=%h -- ./configure.ac)
 
 if [ -z "$lastreleased" ]; then
@@ -60,6 +61,7 @@ else
    cont_prompt
 fi
 
+# Look up version of the latest package and the current version
 lastversion=$(git show $lastreleased:./configure.ac | sed -n 's/AC_INIT([^,]*, \?\([^,]*\),.*/\1/p;' |tr -d '[]')
 currversion=$(sed -n 's/AC_INIT([^,]*, \?\([^,]*\),.*/\1/p;' configure.ac |tr -d '[]')
 name=$(sed -n 's/AC_INIT(\([^,]*\),.*/\1/p;' configure.ac |tr -d '[]')
@@ -68,6 +70,61 @@ echo "Version is changing from $lastversion to $currversion."
 
 cont_prompt
 
+echo "Analysing Makefiles..."
+for makefile in $(grep -Rl --include=*am -e '-version-info [0-9]\+:[0-9]\+:[0-9]\+' .); do
+   echo -e "\t$makefile"
+   lastlibvers="$(git show $lastreleased:$makefile |
+                  sed -n 's/^\(.*\)_la_LDFLAGS\s*=.*-version-info \([0-9]\+\):\([0-9]\+\):\([0-9]\+\).*/\1:\2:\3:\4/pg')"
+
+   currlibvers="$(sed -n 's/^\(.*\)_la_LDFLAGS\s*=.*-version-info \([0-9]\+\):\([0-9]\+\):\([0-9]\+\).*/\1:\2:\3:\4/pg' $makefile)"
+
+   tmplist=$(mktemp)
+   paste -d: <(echo "$lastlibvers" | sort) <(echo "$currlibvers" | sort) > $tmplist
+   while read -u 3 line; do
+      IFS=":" read -r -a cols <<< "$line"
+      if [ "${cols[0]}" = "${cols[4]}" -a "${cols[1]}" = "${cols[5]}" -a \
+           "${cols[2]}" = "${cols[6]}" -a "${cols[3]}" = "${cols[7]}" ]; then
+          read -p "Do You want to increase version of ${cols[0]}? [y/n]" -n1 prompt
+          echo ""
+          if [ "$prompt" = y -o "$prompt" = "Y" ]; then
+            current="${cols[1]}"
+            release="${cols[2]}"
+            age="${cols[3]}"
+            echo "FYI: Old version was: $current:$release:$age"
+            read -p "2. Was the library source code changed at all since the last update? [y/n] " -n1 prompt
+            echo ""
+            if [ "$prompt" = y -o "$prompt" = Y ]; then
+               ((release++))
+            fi
+            read -p "3. Was any interface added, removed, or changed since the last update? [y/n] " -n1 prompt
+            echo ""
+            if [ "$prompt" = y -o "$prompt" = Y ]; then
+               ((current++))
+               revision=0
+            fi
+            read -p "4. Was any interface added since the last public release? [y/n] " -n1 prompt
+            echo ""
+            if [ "$prompt" = y -o "$prompt" = Y ]; then
+               ((age++))
+            fi
+            read -p "5. Was any interfaces removed or changed since the last public release (INcompatibility)? [y/n] " -n1 prompt
+            echo ""
+            if [ "$prompt" = y -o "$prompt" = Y ]; then
+               age=0
+            fi
+            echo "New version for ${cols[0]} is $current:$release:$age."
+            echo ""
+            read -p "Should I update $makefile? [y/n] " -n1 prompt
+            echo ""
+            if [ "$prompt" = y -o "$prompt" = Y ]; then
+               sed -i "s/\(${cols[0]}_la_LDFLAGS.*-version-info \)\([0-9]\+:[0-9]\+:[0-9]\+\)\(.*\))/\1$current:$release:$age\3/" $makefile
+            fi
+          fi
+      fi
+   done 3< $tmplist
+   rm $tmplist
+done
+
 changelog="$(date "+%F $name-$currversion"
 git log --pretty='subject:%s%nbody:%b' $lastreleased..master -- .| sed -n 's/subject:\([^:]*\):.*/\t* \1:/p; s/\(body:\)\?\s*changelog: \(.*\)/\t\t\2/p;'
 echo ""

From f06c921e6ca8ee47f0e551b83fab4ecb10f0cc90 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 8 Aug 2018 12:45:37 +0200
Subject: [PATCH 139/169] tools: prepare-package: add RPM build and copr upload

---
 prepare-package.sh | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/prepare-package.sh b/prepare-package.sh
index 71aa510..7ac4f0b 100755
--- a/prepare-package.sh
+++ b/prepare-package.sh
@@ -155,4 +155,11 @@ cont_prompt
 
 git commit -a -m "$name: increased version, updated ChangeLog, released RPM package" -e
 
+echo "I will build the new RPM to get source package (SRPM)"
+./bootstrap.sh &&./configure -q && make rpm
+
+echo "I will upload the new RPM to copr"
+cont_prompt
+
+copr build @CESNET/NEMEA RPMBUILD/SRPMS/$name-$currversion-1.src.rpm
 

From 3efe49d282a1d086b1f5616b16058cea3eaa6a42 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 3 Oct 2018 23:09:27 +0200
Subject: [PATCH 140/169] build: attempt to pass --enable-repobuild
 automatically to submodules

This patch is related to issues:
https://github.com/CESNET/Nemea/issues/15
https://github.com/CESNET/Nemea-Modules/issues/96

Argument "--enable-repobuild" is added now by default to configure in
subdirs.
---
 configure.ac | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/configure.ac b/configure.ac
index 36c896e..56f8dc8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -37,6 +37,13 @@ AC_ARG_ENABLE([detectors], AC_HELP_STRING([--disable-detectors], [Disable NEMEA
 AC_CONFIG_FILES([Makefile
                   nemea.spec])
 AC_CONFIG_SUBDIRS([nemea-framework nemea-supervisor modules detectors])
+
+# By default, users expects "repobuild" behavior, i.e., use relative path to NEMEA framework.
+# If there is some "repobuild" arg of configure, do not add "--enable-repobuild".
+if test -z "$ac_configure_args" || echo "$ac_configure_args" | grep -q -v -e 'repobuild'; then
+ac_configure_args="$ac_configure_args --enable-repobuild"
+fi
+
 AC_OUTPUT
 
 echo "Components:"

From ae468e7926dcf54b6d4cdcc55368cfd9b304e275 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 12 Apr 2019 09:56:52 +0200
Subject: [PATCH 141/169] increased submodules revision

---
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/detectors b/detectors
index 02d2e30..3343c36 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 02d2e30ad5e5b24bcf43b80e74d39e00517b427c
+Subproject commit 3343c36ce0ee09a66be5b91e523bf3d399c1c204
diff --git a/modules b/modules
index c84a0c3..cbc242e 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit c84a0c3e1e6300e9491bdd7f0a221fd30a113a93
+Subproject commit cbc242edd122a0d8625aac30c80b7f8fe21de8c4
diff --git a/nemea-framework b/nemea-framework
index d264606..811c5cf 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit d264606dcaabd8e9eb4394572f3c99d44cde8817
+Subproject commit 811c5cfd888d97befa6e8433f9fcd0594eabcf95
diff --git a/nemea-supervisor b/nemea-supervisor
index a8b26cd..735650e 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit a8b26cd8b65c64c92232ed085c4fef63e8001c64
+Subproject commit 735650e510e16a8c10cc0a6b02558e2034f69857

From ef6853816404d3ffdbad4cc3085185517c280512 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 12 Apr 2019 13:12:50 +0200
Subject: [PATCH 142/169] build: fixed modules&detectors submodules

---
 detectors | 2 +-
 modules   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/detectors b/detectors
index 3343c36..8785007 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 3343c36ce0ee09a66be5b91e523bf3d399c1c204
+Subproject commit 8785007dfd43e84a305ff4bbcc770cb694d4f710
diff --git a/modules b/modules
index cbc242e..13994ea 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit cbc242edd122a0d8625aac30c80b7f8fe21de8c4
+Subproject commit 13994ea3854f53b3a60cbc2b7792a1f518c9f591

From 4bc8c587a296acae1cde5d9f92036768126dcb17 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sun, 21 Apr 2019 10:09:47 +0200
Subject: [PATCH 143/169] increased submodules revision, released package

NEMEA modules -> 2.11.0
NEMEA framework -> 2.1.0
---
 modules         | 2 +-
 nemea-framework | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules b/modules
index 13994ea..47d54e3 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 13994ea3854f53b3a60cbc2b7792a1f518c9f591
+Subproject commit 47d54e330f5a33e93b260367001ef9beee1092f5
diff --git a/nemea-framework b/nemea-framework
index 811c5cf..4f5681c 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 811c5cfd888d97befa6e8433f9fcd0594eabcf95
+Subproject commit 4f5681c805b46c1fbaed63456bf15a2fa6ddecb7

From 4b31763f51ae06ed07c7ae72bb2d4e71021a27fc Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sun, 21 Apr 2019 10:35:54 +0200
Subject: [PATCH 144/169] increased version, released package

---
 configure.ac    | 2 +-
 nemea-framework | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index 56f8dc8..67d015e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([nemea], [2.4.0], [traffic-analysis@cesnet.cz])
+AC_INIT([nemea], [2.5.0], [nemea@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 RELEASE=1
 AC_SUBST(RELEASE)
diff --git a/nemea-framework b/nemea-framework
index 4f5681c..f1839c0 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 4f5681c805b46c1fbaed63456bf15a2fa6ddecb7
+Subproject commit f1839c061d8b9b6dd8d57ad23493201cd6879088

From d9fbab8310f85b8859f51823efd50e1998f8d712 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20=C4=8Cejka?= <cejkat@cesnet.cz>
Date: Tue, 21 Apr 2020 12:45:09 +0200
Subject: [PATCH 145/169] rpms: maintenance and improvement

---
 prepare-package.sh | 61 ++++++++++++++++++++++++++++++----------------
 1 file changed, 40 insertions(+), 21 deletions(-)

diff --git a/prepare-package.sh b/prepare-package.sh
index 7ac4f0b..8afefee 100755
--- a/prepare-package.sh
+++ b/prepare-package.sh
@@ -35,16 +35,27 @@
 # if advised of the possibility of such damage.
 #
 
+function prompt()
+{
+   read -p "$1" -n 1 p
+   echo ""
+   if [ "$p" != "y" -a "$p" != "Y" ]; then
+      return 1
+   else
+      return 0
+   fi
+}
 
 function cont_prompt()
 {
-   read -p "Continue? [y/n] " -n 1 prompt
-   echo ""
-   if [ "$prompt" != "y" -a "$prompt" != "Y" ]; then
+   if prompt "Continue? [y/n] "; then
+      return 0
+   else
       exit 1
    fi
 }
 
+
 # Look up commit of last releasing
 lastreleased=$(git log -n 1 --grep="released\? \(RPM \)\?package" --format=%h -- ./configure.ac)
 
@@ -57,7 +68,7 @@ else
    echo ""
 
    echo "I found these changes since the last release:"
-   git shortlog --no-merges $lastreleased..HEAD -- ./
+   git shortlog $lastreleased..HEAD -- ./
    cont_prompt
 fi
 
@@ -68,6 +79,15 @@ name=$(sed -n 's/AC_INIT(\([^,]*\),.*/\1/p;' configure.ac |tr -d '[]')
 
 echo "Version is changing from $lastversion to $currversion."
 
+if [ "$lastversion" = "$currversion" ]; then
+   if prompt "Should I increase version? [y/n] "; then
+      echo ""
+      read -p "Write a new version in x.y.z format, please: " currversion
+      sed -i '/AC_INIT/ s/'"$lastversion"'/'"$currversion"'/;' configure.ac
+      echo "Version was replaced."
+   fi
+fi
+
 cont_prompt
 
 echo "Analysing Makefiles..."
@@ -84,39 +104,29 @@ for makefile in $(grep -Rl --include=*am -e '-version-info [0-9]\+:[0-9]\+:[0-9]
       IFS=":" read -r -a cols <<< "$line"
       if [ "${cols[0]}" = "${cols[4]}" -a "${cols[1]}" = "${cols[5]}" -a \
            "${cols[2]}" = "${cols[6]}" -a "${cols[3]}" = "${cols[7]}" ]; then
-          read -p "Do You want to increase version of ${cols[0]}? [y/n]" -n1 prompt
-          echo ""
-          if [ "$prompt" = y -o "$prompt" = "Y" ]; then
+
+          if prompt "Do You want to increase version of ${cols[0]}? [y/n]"; then
             current="${cols[1]}"
             release="${cols[2]}"
             age="${cols[3]}"
             echo "FYI: Old version was: $current:$release:$age"
-            read -p "2. Was the library source code changed at all since the last update? [y/n] " -n1 prompt
             echo ""
-            if [ "$prompt" = y -o "$prompt" = Y ]; then
+            if prompt "2. Was the library source code changed at all since the last update? [y/n] "; then
                ((release++))
             fi
-            read -p "3. Was any interface added, removed, or changed since the last update? [y/n] " -n1 prompt
-            echo ""
-            if [ "$prompt" = y -o "$prompt" = Y ]; then
+            if prompt "3. Was any interface added, removed, or changed since the last update? [y/n] "; then
                ((current++))
                revision=0
             fi
-            read -p "4. Was any interface added since the last public release? [y/n] " -n1 prompt
-            echo ""
-            if [ "$prompt" = y -o "$prompt" = Y ]; then
+            if prompt "4. Was any interface added since the last public release? [y/n] "; then
                ((age++))
             fi
-            read -p "5. Was any interfaces removed or changed since the last public release (INcompatibility)? [y/n] " -n1 prompt
-            echo ""
-            if [ "$prompt" = y -o "$prompt" = Y ]; then
+            if prompt "5. Was any interfaces removed or changed since the last public release (INcompatibility)? [y/n] "; then
                age=0
             fi
             echo "New version for ${cols[0]} is $current:$release:$age."
             echo ""
-            read -p "Should I update $makefile? [y/n] " -n1 prompt
-            echo ""
-            if [ "$prompt" = y -o "$prompt" = Y ]; then
+            if prompt "Should I update $makefile? [y/n] "; then
                sed -i "s/\(${cols[0]}_la_LDFLAGS.*-version-info \)\([0-9]\+:[0-9]\+:[0-9]\+\)\(.*\))/\1$current:$release:$age\3/" $makefile
             fi
           fi
@@ -128,6 +138,7 @@ done
 changelog="$(date "+%F $name-$currversion"
 git log --pretty='subject:%s%nbody:%b' $lastreleased..master -- .| sed -n 's/subject:\([^:]*\):.*/\t* \1:/p; s/\(body:\)\?\s*changelog: \(.*\)/\t\t\2/p;'
 echo ""
+echo ""
 )"
 
 echo "$changelog" > ChangeLog.tmp
@@ -142,6 +153,7 @@ cat ChangeLog >> ChangeLog.tmp
 mv ChangeLog.tmp ChangeLog
 
 git log --date=short --no-merges --format="%cd (%an): %s" $lastreleased..HEAD -- ./>> NEWS.tmp
+echo "" >> NEWS.tmp
 $EDITOR NEWS.tmp
 
 echo "I will Insert this NEWS..."
@@ -163,3 +175,10 @@ cont_prompt
 
 copr build @CESNET/NEMEA RPMBUILD/SRPMS/$name-$currversion-1.src.rpm
 
+echo "Last commit:"
+git log -1
+
+if prompt "Push to git origin? [y/n] "; then
+   git push
+fi
+

From 01c9d8bd9d4074702f74363d09297720a1c7167b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20=C4=8Cejka?= <cejkat@cesnet.cz>
Date: Tue, 21 Apr 2020 13:15:26 +0200
Subject: [PATCH 146/169] increased revision of submodule nemea-framework

nemea-framework contains bugfixes and new features (such as
ip_prefix_search) and improved libtrap's buffering
---
 nemea-framework | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nemea-framework b/nemea-framework
index f1839c0..467e5b7 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit f1839c061d8b9b6dd8d57ad23493201cd6879088
+Subproject commit 467e5b7e17b968c488e9b7324bf6aeba0aadbe5d

From 7043b35627b4413aff16c8b139ae480eac2998cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20=C4=8Cejka?= <cejkat@cesnet.cz>
Date: Tue, 21 Apr 2020 13:25:54 +0200
Subject: [PATCH 147/169] increased revision of submodule detectors

bugfixes, maintenance of blacklistfilter
---
 detectors | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/detectors b/detectors
index 8785007..5c4fca5 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 8785007dfd43e84a305ff4bbcc770cb694d4f710
+Subproject commit 5c4fca501247a1f23b4bbf25fe0755547cfb9aa2

From 0bc69460eebc2d45993c20afd92388d3f944cbe2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20=C4=8Cejka?= <cejkat@cesnet.cz>
Date: Tue, 21 Apr 2020 13:27:53 +0200
Subject: [PATCH 148/169] increased revision of submodule modules

* improved merger
* improved luamodule
* improved prefix_tags - uses ip_prefix_search API
* minor changes and bugfixes
---
 modules | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules b/modules
index 47d54e3..78443b7 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 47d54e330f5a33e93b260367001ef9beee1092f5
+Subproject commit 78443b73837176825204c847988bfbae8709ab8a

From 56c0a2c2aa6b8d316ace04e73c105cdad4f0bd19 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20=C4=8Cejka?= <cejkat@cesnet.cz>
Date: Tue, 21 Apr 2020 13:37:38 +0200
Subject: [PATCH 149/169] travis: update dependencies: blacklistfilter needs
 libidn

---
 .travis.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.travis.yml b/.travis.yml
index 601c288..35725dd 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -24,6 +24,7 @@ addons:
       - libxml2
       - libpcap0.8-dev
       - libpcap0.8
+      - libidn2-dev
 
 before_install:
   - ( wget -qO - http://libnf.net/packages/libnf-1.25.tar.gz | tar -xzf - && cd libnf-1.25 && ./configure -q && sudo make -j3 install; )

From e36ea0fe32039ffb764a65d35420bc825c1dce37 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20=C4=8Cejka?= <cejkat@cesnet.cz>
Date: Tue, 21 Apr 2020 13:51:12 +0200
Subject: [PATCH 150/169] travis: dependencies: libidn version in ubuntu16

---
 .travis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index 35725dd..2890fa3 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -24,7 +24,7 @@ addons:
       - libxml2
       - libpcap0.8-dev
       - libpcap0.8
-      - libidn2-dev
+      - libidn2-0-dev
 
 before_install:
   - ( wget -qO - http://libnf.net/packages/libnf-1.25.tar.gz | tar -xzf - && cd libnf-1.25 && ./configure -q && sudo make -j3 install; )

From 6e49435f9d0f8e3a72703c4fb87b58c67cc5728e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20=C4=8Cejka?= <cejkat@cesnet.cz>
Date: Tue, 21 Apr 2020 20:51:25 +0200
Subject: [PATCH 151/169] increased revision of submodule detectors

fixed conditional build when libidn is missing
---
 detectors | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/detectors b/detectors
index 5c4fca5..d43627c 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 5c4fca501247a1f23b4bbf25fe0755547cfb9aa2
+Subproject commit d43627cd50885d7f288674ac78138ad50a061dc5

From d68b4100196e2e49146246a6372ff17804de3948 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20=C4=8Cejka?= <cejkat@cesnet.cz>
Date: Tue, 21 Apr 2020 20:52:46 +0200
Subject: [PATCH 152/169] increased revision of submodule nemea-supervisor

updated and improved monitoring scripts
---
 nemea-supervisor | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nemea-supervisor b/nemea-supervisor
index 735650e..9ce253c 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 735650e510e16a8c10cc0a6b02558e2034f69857
+Subproject commit 9ce253c532ed384612e70c7951afb8de051d2c0d

From b1684648d3c63fbff891f8240ef37a6f9521c949 Mon Sep 17 00:00:00 2001
From: Adam Piecek <warband.times@gmail.com>
Date: Tue, 18 Aug 2020 15:06:01 +0200
Subject: [PATCH 153/169] increased version, released package, increased
 revision of submodules

---
 configure.ac     | 2 +-
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/configure.ac b/configure.ac
index 67d015e..d55773a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([nemea], [2.5.0], [nemea@cesnet.cz])
+AC_INIT([nemea], [2.6.0], [nemea@cesnet.cz])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 RELEASE=1
 AC_SUBST(RELEASE)
diff --git a/detectors b/detectors
index d43627c..ef48d01 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit d43627cd50885d7f288674ac78138ad50a061dc5
+Subproject commit ef48d015ffe644489e0f398cbb92a9647543e832
diff --git a/modules b/modules
index 78443b7..3bb01b9 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 78443b73837176825204c847988bfbae8709ab8a
+Subproject commit 3bb01b93a51d61cdbc31458758ce6d650894d1d7
diff --git a/nemea-framework b/nemea-framework
index 467e5b7..2af0e3b 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 467e5b7e17b968c488e9b7324bf6aeba0aadbe5d
+Subproject commit 2af0e3b567b68ed07528e28c38f6f54b141da623
diff --git a/nemea-supervisor b/nemea-supervisor
index 9ce253c..95b8a65 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 9ce253c532ed384612e70c7951afb8de051d2c0d
+Subproject commit 95b8a653a6244dd148734baf30ba1897731d06fc

From ed4a43ac0e2ae8d7d7df3139b6aa5dbd8ca8869d Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 24 Aug 2020 15:50:27 +0200
Subject: [PATCH 154/169] increased revision of submodules

migrated ipfixprobe
updated prepare-package.sh
---
 detectors          | 2 +-
 modules            | 2 +-
 nemea-framework    | 2 +-
 prepare-package.sh | 5 +++++
 4 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/detectors b/detectors
index ef48d01..f0c539f 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit ef48d015ffe644489e0f398cbb92a9647543e832
+Subproject commit f0c539f31728c354b5c30c16cbb456e290685540
diff --git a/modules b/modules
index 3bb01b9..cf5b717 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit 3bb01b93a51d61cdbc31458758ce6d650894d1d7
+Subproject commit cf5b717a8aa587d8b45c2853d67feecce2a459bc
diff --git a/nemea-framework b/nemea-framework
index 2af0e3b..ba2fca3 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 2af0e3b567b68ed07528e28c38f6f54b141da623
+Subproject commit ba2fca3d1d148cf2fcbf7f417ed674c7b06a99a4
diff --git a/prepare-package.sh b/prepare-package.sh
index 8afefee..5b86d4a 100755
--- a/prepare-package.sh
+++ b/prepare-package.sh
@@ -168,7 +168,12 @@ cont_prompt
 git commit -a -m "$name: increased version, updated ChangeLog, released RPM package" -e
 
 echo "I will build the new RPM to get source package (SRPM)"
+if [ "$name" = ipfixprobe ]; then
+# ipfixprobe has no bootstrap.sh
+autoreconf -i &&./configure -q --enable-nemearpm && make rpm
+else
 ./bootstrap.sh &&./configure -q && make rpm
+fi
 
 echo "I will upload the new RPM to copr"
 cont_prompt

From 5dfa30b0dd0bee9b6b3b0bc9f78370328efbeb95 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Tue, 1 Sep 2020 12:40:44 +0200
Subject: [PATCH 155/169] doc: about biflow

---
 README-on_biflow.md | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 README-on_biflow.md

diff --git a/README-on_biflow.md b/README-on_biflow.md
new file mode 100644
index 0000000..5c766c5
--- /dev/null
+++ b/README-on_biflow.md
@@ -0,0 +1,32 @@
+This documents briefly explains "biflow" representation and how it is used in
+[ipfixprobe](https://github.com/CESNET/ipfixprobe) and how it should be used in
+NEMEA. Biflow is an abbreviation of bidirectional flow (record) which
+represents both directions of one connection between two devices in form of one
+"message"/flow record.
+
+Interpretation of UniRec record (how to work with UniRec template and UniRec
+message):
+
+1. If the UniRec template contains both fields: `BYTES_REV` and `PACKETS_REV`,
+   it is considered as biflow template. Otherwise, it is not (i.e., it is
+   probably unidirectional flow record). Note: ipfixprobe ALWAYS export both
+   fields for biflow.
+2. If the UniRec template is not biflow (due to missing fields in 1.), the
+   UniRec messages should be paired/aggregated "manually" to get biflow.
+3. If a biflow message contains `PACKETS_REV == 0`, it is still a biflow
+   record, however, it contains only one direction of the communication. This
+   means one of the cases:
+    1. the communication was really unidirectional (e.g., broadcast messages, UDP streams),
+    2. the communication was bidirectional, but the flow exporter observed only
+       one direction of it,
+    3. the communication was bidirectional, but the flow exporter was not able
+       to pair/aggregated both directions.
+
+3.2 can happen in case of assymetric routing, where packets of different
+directions might be routed via different links.
+3.3 can happen in case of splitting flow records due to timeouts or limited
+flow cache.
+
+In any case, it is highly recommended to do pairing/aggregation of UniRec
+message before processing.
+

From 768470451ffcb2acbc710a3ed2b206f487c575f3 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Wed, 9 Sep 2020 19:11:09 +0200
Subject: [PATCH 156/169] increased revision of submodule nemea-framework

bugfix of pytrap array with signed int8
---
 nemea-framework | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nemea-framework b/nemea-framework
index ba2fca3..06a2cf7 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit ba2fca3d1d148cf2fcbf7f417ed674c7b06a99a4
+Subproject commit 06a2cf714804315d6879e8e54b7002c1e48c0ba4

From 8ca06abc30f65c6cf1d2e73a4ea86fc54283c414 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Fri, 11 Sep 2020 17:53:20 +0200
Subject: [PATCH 157/169] increased revision of submodule nemea-framework

Add gcc version check in UniRec and insert -fcommon flag.

This should solve #20.
---
 nemea-framework | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nemea-framework b/nemea-framework
index 06a2cf7..6a47066 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 06a2cf714804315d6879e8e54b7002c1e48c0ba4
+Subproject commit 6a470665d6db82a47db72dd5f0decf5a9a949b08

From a536390619e82082fe52f9494a42da0f42a97f42 Mon Sep 17 00:00:00 2001
From: Josef Schlehofer <pepe.schlehofer@gmail.com>
Date: Sat, 7 Nov 2020 07:29:39 +0100
Subject: [PATCH 158/169] README: fix misspelling in word occurred

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 17e4014..f323f9b 100644
--- a/README.md
+++ b/README.md
@@ -534,9 +534,9 @@ Generated doxygen doc for libtrap developers: https://rawgit.com/CESNET/Nemea-Fr
 5. [GETOPT macro](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L131) - parse program arguments
 6. Main loop:
    * [Receive a message](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L176) - receive a message in UniRec format from input interface
-   * [Handle receive error](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L179) - check whether an error has occured during receive
+   * [Handle receive error](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L179) - check whether an error has occurred during receive
    * [Send a message](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L204) - send a message in UniRec format via output interface
-   * [Handle send error](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L207) - check whether an error has ocurred during send
+   * [Handle send error](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L207) - check whether an error has occurred during send
 7. [TRAP and module info clean-up](https://github.com/CESNET/Nemea-Framework/blob/master/examples/c/module/example_module.c#L214) - free everything, libtrap finalization
 
 

From eb78f5670390fd354daef0b2ce398c7239cbf663 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Hejcman?=
 <11482455+achieveOrbit@users.noreply.github.com>
Date: Sun, 14 Feb 2021 14:21:47 +0100
Subject: [PATCH 159/169] Updated installation instructions

Added clearer instructions for installing the nemea-framework-devel package on CentOS/Fedora.
---
 README.md | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index f323f9b..ff7293c 100644
--- a/README.md
+++ b/README.md
@@ -5,9 +5,9 @@
    - [Repositories](#repositories)
 - [Dependencies](#dependencies)
 - [Installation](#installation)
+   - [Vagrant](#vagrant)
    - [Binary packages](#binary-packages)
    - [Source codes](#source-codes)
-   - [Vagrant](#vagrant)
    - Packer
 - [Quick start and how to](#quick-start-and-how-to)
    - [Try out NEMEA modules](#try-out-nemea-modules)
@@ -104,7 +104,14 @@ For more information see [./vagrant/](./vagrant/).
 Latest RPM packages can be found in COPR: https://copr.fedorainfracloud.org/groups/g/CESNET/coprs/
 The NEMEA repository is at https://copr.fedorainfracloud.org/coprs/g/CESNET/NEMEA/
 
-After installation of COPR repository, NEMEA can be installed as any other package (run as root/sudo):
+The repository can be added trough `dnf copr enable` or by using the following commands (for CentOS/Fedora):
+
+```
+wget -O /etc/yum.repos.d/cesnet-nemea.repo https://copr.fedorainfracloud.org/coprs/g/CESNET/NEMEA/repo/epel-7/group_CESNET-NEMEA-epel-7.repo
+rpm --import https://copr-be.cloud.fedoraproject.org/results/@CESNET/NEMEA/pubkey.gpg
+```
+
+After installation of the COPR repository, NEMEA can be installed as any other package (run as root/sudo):
 
 ```
 yum install nemea
@@ -112,9 +119,8 @@ yum install nemea
 
 Note: Latest systems (e.g. Fedora) use `dnf` instead of `yum`.
 
-
 For development purposes, there is `nemea-framework-devel` package that installs
-all needed development files and docs.
+all needed development files and docs. To install this package, also add the `NEMEA-testing` repository.
 
 Currently, we do not have .deb packages (for Debian/Ubuntu/...) but we are working on it. Please follow installation from [source codes](#source-codes)
 

From 65d246f2a31e89b535ba738ed1e6f8f2718c619a Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 12 Jul 2021 19:22:33 +0200
Subject: [PATCH 160/169] setup github actions workflow

---
 .github/workflows/c-cpp.yml | 33 +++++++++++++++++++++++++++++++++
 .travis.yml                 | 35 -----------------------------------
 2 files changed, 33 insertions(+), 35 deletions(-)
 create mode 100644 .github/workflows/c-cpp.yml
 delete mode 100644 .travis.yml

diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml
new file mode 100644
index 0000000..083465e
--- /dev/null
+++ b/.github/workflows/c-cpp.yml
@@ -0,0 +1,33 @@
+name: C/C++ CI
+
+on:
+  push:
+    branches: '*'
+  pull_request:
+    branches: '*'
+    
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Install dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get -y install git build-essential autoconf libtool libpcap-dev pkg-config libxml2-dev gawk libcurl4-openssl-dev libxml2-dev libyaml-dev make python3 python3-dev python3-pip python3-setuptools libxml2-dev libxml2 libpcap0.8-dev libpcap0.8 libidn2-0-dev
+        ( cd /tmp; wget -qO - http://libnf.net/packages/libnf-1.25.tar.gz | tar -xzf - && cd libnf-1.25 && ./configure -q && sudo make -j3 install; )
+    - name: init repository
+      run: git submodule init; git submodule update
+    - name: autoreconf
+      run: autoreconf -i
+    - name: configure
+      run: ./configure --enable-repobuild
+    - name: make
+      run: make -j10
+    - name: make check
+      run: make check
+    - name: make distcheck
+      run: make distcheck
+
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 2890fa3..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-language: c
-compiler:
-  - gcc
-os:
-  - linux
-
-branches:
-  only:
-    - master
-
-addons:
-  apt:
-    sources:
-      - ubuntu-toolchain-r-test
-    packages:
-      - gcc-multilib
-      - gcc
-      - g++
-      - autoconf
-      - pkg-config
-      - make
-      - automake
-      - libxml2-dev
-      - libxml2
-      - libpcap0.8-dev
-      - libpcap0.8
-      - libidn2-0-dev
-
-before_install:
-  - ( wget -qO - http://libnf.net/packages/libnf-1.25.tar.gz | tar -xzf - && cd libnf-1.25 && ./configure -q && sudo make -j3 install; )
-
-script:
-  - git submodule init; git submodule update
-  - ./bootstrap.sh && ./configure --enable-repobuild && make clean && make -j5
-

From 8e81f92d61f9ece88f5d281dc61bcb2ad319cc94 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Mon, 12 Jul 2021 19:23:05 +0200
Subject: [PATCH 161/169] update submodules

---
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/detectors b/detectors
index f0c539f..8da9197 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit f0c539f31728c354b5c30c16cbb456e290685540
+Subproject commit 8da919746d3a1b9c993996007c13272d960ade6b
diff --git a/modules b/modules
index cf5b717..c087d9a 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit cf5b717a8aa587d8b45c2853d67feecce2a459bc
+Subproject commit c087d9a63f8feb0023e9f6400400450d2474f725
diff --git a/nemea-framework b/nemea-framework
index 6a47066..8b21855 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 6a470665d6db82a47db72dd5f0decf5a9a949b08
+Subproject commit 8b218558b62d6e3d7e921ab9175eb3bed8c2bb24
diff --git a/nemea-supervisor b/nemea-supervisor
index 95b8a65..76ef020 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 95b8a653a6244dd148734baf30ba1897731d06fc
+Subproject commit 76ef02097724974bb3630f6c6ae0562696306ef3

From cd513359cb7552e9bbe42bdc564b4ca8988e99bd Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 15 Jul 2021 15:17:41 +0200
Subject: [PATCH 162/169] update nemea-framework - fixed tls test in libtrap

---
 nemea-framework | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nemea-framework b/nemea-framework
index 8b21855..34219c9 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 8b218558b62d6e3d7e921ab9175eb3bed8c2bb24
+Subproject commit 34219c9a0db3dbab1d8e4de072a2d641f160002b

From d29127704900b0d4daed8b910c54d8d81b50225e Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sun, 18 Jul 2021 00:04:38 +0200
Subject: [PATCH 163/169] ghactions: install framework components before checks

---
 .github/workflows/c-cpp.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml
index 083465e..e34f429 100644
--- a/.github/workflows/c-cpp.yml
+++ b/.github/workflows/c-cpp.yml
@@ -16,16 +16,18 @@ jobs:
     - name: Install dependencies
       run: |
         sudo apt-get update
-        sudo apt-get -y install git build-essential autoconf libtool libpcap-dev pkg-config libxml2-dev gawk libcurl4-openssl-dev libxml2-dev libyaml-dev make python3 python3-dev python3-pip python3-setuptools libxml2-dev libxml2 libpcap0.8-dev libpcap0.8 libidn2-0-dev
+        sudo apt-get -y install git wget build-essential autoconf libtool libpcap-dev pkg-config libxml2-dev gawk libcurl4-openssl-dev libxml2-dev libyaml-dev make python3 python3-dev python3-pip python3-setuptools libxml2-dev libxml2 libpcap0.8-dev libpcap0.8 libidn2-0-dev
         ( cd /tmp; wget -qO - http://libnf.net/packages/libnf-1.25.tar.gz | tar -xzf - && cd libnf-1.25 && ./configure -q && sudo make -j3 install; )
     - name: init repository
       run: git submodule init; git submodule update
     - name: autoreconf
       run: autoreconf -i
     - name: configure
-      run: ./configure --enable-repobuild
+      run: ./configure --enable-repobuild --prefix=/usr --bindir=/usr/bin/nemea/
     - name: make
-      run: make -j10
+      run: make -j10 install
+    - name: Install python components
+      run: ( cd nemea-framework/pytrap; python3 setup.py install; cd ../pycommon; python3 setup.py install; )
     - name: make check
       run: make check
     - name: make distcheck

From 5138f3bb8939e979881fcd61eb0bd8ccf2879ebf Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sun, 18 Jul 2021 00:10:14 +0200
Subject: [PATCH 164/169] ghactions: installation with sudo

---
 .github/workflows/c-cpp.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml
index e34f429..81d03a9 100644
--- a/.github/workflows/c-cpp.yml
+++ b/.github/workflows/c-cpp.yml
@@ -25,9 +25,9 @@ jobs:
     - name: configure
       run: ./configure --enable-repobuild --prefix=/usr --bindir=/usr/bin/nemea/
     - name: make
-      run: make -j10 install
+      run: make -j10; sudo make install
     - name: Install python components
-      run: ( cd nemea-framework/pytrap; python3 setup.py install; cd ../pycommon; python3 setup.py install; )
+      run: ( cd nemea-framework/pytrap; sudo python3 setup.py install; cd ../pycommon; sudo python3 setup.py install; )
     - name: make check
       run: make check
     - name: make distcheck

From f699e7a401b906ba1e457ae1e47ada881b4576c5 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sun, 18 Jul 2021 00:34:26 +0200
Subject: [PATCH 165/169] ghactions: ldconfig and log for debug

---
 .github/workflows/c-cpp.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml
index 81d03a9..a17ce6a 100644
--- a/.github/workflows/c-cpp.yml
+++ b/.github/workflows/c-cpp.yml
@@ -25,11 +25,11 @@ jobs:
     - name: configure
       run: ./configure --enable-repobuild --prefix=/usr --bindir=/usr/bin/nemea/
     - name: make
-      run: make -j10; sudo make install
+      run: make -j10; sudo make install; sudo ldconfig
     - name: Install python components
       run: ( cd nemea-framework/pytrap; sudo python3 setup.py install; cd ../pycommon; sudo python3 setup.py install; )
     - name: make check
-      run: make check
+      run: make check || find -name '*.sh.log' -exec cat {} +
     - name: make distcheck
       run: make distcheck
 

From 509c94f562f3cb57f6015231492a574eaff258c1 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sun, 18 Jul 2021 01:04:40 +0200
Subject: [PATCH 166/169] ghactions: init submodule in modules

---
 .github/workflows/c-cpp.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml
index a17ce6a..1c90419 100644
--- a/.github/workflows/c-cpp.yml
+++ b/.github/workflows/c-cpp.yml
@@ -19,7 +19,7 @@ jobs:
         sudo apt-get -y install git wget build-essential autoconf libtool libpcap-dev pkg-config libxml2-dev gawk libcurl4-openssl-dev libxml2-dev libyaml-dev make python3 python3-dev python3-pip python3-setuptools libxml2-dev libxml2 libpcap0.8-dev libpcap0.8 libidn2-0-dev
         ( cd /tmp; wget -qO - http://libnf.net/packages/libnf-1.25.tar.gz | tar -xzf - && cd libnf-1.25 && ./configure -q && sudo make -j3 install; )
     - name: init repository
-      run: git submodule init; git submodule update
+      run: ( git submodule init; git submodule update --recursive; cd modules; git submodule init; git submodule update --recursive; )
     - name: autoreconf
       run: autoreconf -i
     - name: configure

From 47c3d4ceb4a10b5e5428ee7c58a9e36dd52df91a Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Sun, 18 Jul 2021 01:15:28 +0200
Subject: [PATCH 167/169] ghactions: remove distcheck

---
 .github/workflows/c-cpp.yml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml
index 1c90419..57c1021 100644
--- a/.github/workflows/c-cpp.yml
+++ b/.github/workflows/c-cpp.yml
@@ -30,6 +30,4 @@ jobs:
       run: ( cd nemea-framework/pytrap; sudo python3 setup.py install; cd ../pycommon; sudo python3 setup.py install; )
     - name: make check
       run: make check || find -name '*.sh.log' -exec cat {} +
-    - name: make distcheck
-      run: make distcheck
 

From 71ff56a10dc2b9795db6806553aaa849232d71e7 Mon Sep 17 00:00:00 2001
From: Tomas Cejka <cejkat@cesnet.cz>
Date: Thu, 1 Sep 2022 23:59:57 +0200
Subject: [PATCH 168/169] tools: prepare-package: fixed RPM release for
 ipfixprobe&COPR

`--enable-coprbuild` enforces NEMEA and libpcap in spec file that is
used for building SRPM and which is also used at COPR.
---
 prepare-package.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/prepare-package.sh b/prepare-package.sh
index 5b86d4a..03df4e7 100755
--- a/prepare-package.sh
+++ b/prepare-package.sh
@@ -170,7 +170,7 @@ git commit -a -m "$name: increased version, updated ChangeLog, released RPM pack
 echo "I will build the new RPM to get source package (SRPM)"
 if [ "$name" = ipfixprobe ]; then
 # ipfixprobe has no bootstrap.sh
-autoreconf -i &&./configure -q --enable-nemearpm && make rpm
+autoreconf -i &&./configure -q --enable-coprrpm && make rpm
 else
 ./bootstrap.sh &&./configure -q && make rpm
 fi

From 440e5b7829a1b1aa68918d3dfaad1713419c1c5b Mon Sep 17 00:00:00 2001
From: Karel Hynek <hynekkar@fit.cvut.cz>
Date: Tue, 8 Aug 2023 14:02:50 +0200
Subject: [PATCH 169/169] Updated git submodules

---
 detectors        | 2 +-
 modules          | 2 +-
 nemea-framework  | 2 +-
 nemea-supervisor | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/detectors b/detectors
index 8da9197..84f6f1b 160000
--- a/detectors
+++ b/detectors
@@ -1 +1 @@
-Subproject commit 8da919746d3a1b9c993996007c13272d960ade6b
+Subproject commit 84f6f1b15f43f0b81e34c4859ff1ada6fb6e8270
diff --git a/modules b/modules
index c087d9a..c167667 160000
--- a/modules
+++ b/modules
@@ -1 +1 @@
-Subproject commit c087d9a63f8feb0023e9f6400400450d2474f725
+Subproject commit c16766702209b4b899cf1ee101ae97c08e0e0b05
diff --git a/nemea-framework b/nemea-framework
index 34219c9..a554edf 160000
--- a/nemea-framework
+++ b/nemea-framework
@@ -1 +1 @@
-Subproject commit 34219c9a0db3dbab1d8e4de072a2d641f160002b
+Subproject commit a554edfb3bb834218ba4a1268188a641cd07ae6f
diff --git a/nemea-supervisor b/nemea-supervisor
index 76ef020..89afda1 160000
--- a/nemea-supervisor
+++ b/nemea-supervisor
@@ -1 +1 @@
-Subproject commit 76ef02097724974bb3630f6c6ae0562696306ef3
+Subproject commit 89afda171fc119db253235f7a8e0c71614296dec