From 2a338addde9c5b335ebddfb56c8d1faac938b578 Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Sun, 27 Aug 2017 21:19:46 +0300
Subject: [PATCH 01/15] Initial proto without encryption

---
 .gitignore                            | 296 +-------------------------
 AutoTunnel.sln                        |  20 ++
 AutoTunnel/AutoTunnel.csproj          |  92 ++++++++
 AutoTunnel/BaseSender.cs              |  94 ++++++++
 AutoTunnel/ClientSender.cs            |  55 +++++
 AutoTunnel/InterfaceHelper.cs         |  24 +++
 AutoTunnel/Listener.cs                |  77 +++++++
 AutoTunnel/NativeHelper.cs            |  45 ++++
 AutoTunnel/Program.cs                 |  32 +++
 AutoTunnel/Properties/AssemblyInfo.cs |  36 ++++
 AutoTunnel/ReplySender.cs             |  21 ++
 AutoTunnel/TunnelStorage.cs           |  29 +++
 AutoTunnel/WinDivert.cs               |  83 ++++++++
 AutoTunnel/WinDivert32.sys            | Bin 0 -> 31408 bytes
 AutoTunnel/WinDivert64.sys            | Bin 0 -> 38064 bytes
 AutoTunnel/x64/WinDivert.dll          | Bin 0 -> 21504 bytes
 AutoTunnel/x86/WinDivert.dll          | Bin 0 -> 18944 bytes
 17 files changed, 617 insertions(+), 287 deletions(-)
 create mode 100644 AutoTunnel.sln
 create mode 100644 AutoTunnel/AutoTunnel.csproj
 create mode 100644 AutoTunnel/BaseSender.cs
 create mode 100644 AutoTunnel/ClientSender.cs
 create mode 100644 AutoTunnel/InterfaceHelper.cs
 create mode 100644 AutoTunnel/Listener.cs
 create mode 100644 AutoTunnel/NativeHelper.cs
 create mode 100644 AutoTunnel/Program.cs
 create mode 100644 AutoTunnel/Properties/AssemblyInfo.cs
 create mode 100644 AutoTunnel/ReplySender.cs
 create mode 100644 AutoTunnel/TunnelStorage.cs
 create mode 100644 AutoTunnel/WinDivert.cs
 create mode 100644 AutoTunnel/WinDivert32.sys
 create mode 100644 AutoTunnel/WinDivert64.sys
 create mode 100644 AutoTunnel/x64/WinDivert.dll
 create mode 100644 AutoTunnel/x86/WinDivert.dll

diff --git a/.gitignore b/.gitignore
index 940794e..90f1c9a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,288 +1,10 @@
-## Ignore Visual Studio temporary files, build results, and
-## files generated by popular Visual Studio add-ons.
-##
-## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
-
-# User-specific files
-*.suo
+bin
+obj
 *.user
-*.userosscache
-*.sln.docstates
-
-# User-specific files (MonoDevelop/Xamarin Studio)
-*.userprefs
-
-# Build results
-[Dd]ebug/
-[Dd]ebugPublic/
-[Rr]elease/
-[Rr]eleases/
-x64/
-x86/
-bld/
-[Bb]in/
-[Oo]bj/
-[Ll]og/
-
-# Visual Studio 2015 cache/options directory
-.vs/
-# Uncomment if you have tasks that create the project's static files in wwwroot
-#wwwroot/
-
-# MSTest test Results
-[Tt]est[Rr]esult*/
-[Bb]uild[Ll]og.*
-
-# NUNIT
-*.VisualState.xml
-TestResult.xml
-
-# Build Results of an ATL Project
-[Dd]ebugPS/
-[Rr]eleasePS/
-dlldata.c
-
-# .NET Core
-project.lock.json
-project.fragment.lock.json
-artifacts/
-**/Properties/launchSettings.json
-
-*_i.c
-*_p.c
-*_i.h
-*.ilk
-*.meta
-*.obj
-*.pch
-*.pdb
-*.pgc
-*.pgd
-*.rsp
-*.sbr
-*.tlb
-*.tli
-*.tlh
-*.tmp
-*.tmp_proj
-*.log
-*.vspscc
-*.vssscc
-.builds
-*.pidb
-*.svclog
-*.scc
-
-# Chutzpah Test files
-_Chutzpah*
-
-# Visual C++ cache files
-ipch/
-*.aps
-*.ncb
-*.opendb
-*.opensdf
-*.sdf
-*.cachefile
-*.VC.db
-*.VC.VC.opendb
-
-# Visual Studio profiler
-*.psess
-*.vsp
-*.vspx
-*.sap
-
-# TFS 2012 Local Workspace
-$tf/
-
-# Guidance Automation Toolkit
-*.gpState
-
-# ReSharper is a .NET coding add-in
-_ReSharper*/
-*.[Rr]e[Ss]harper
-*.DotSettings.user
-
-# JustCode is a .NET coding add-in
-.JustCode
-
-# TeamCity is a build add-in
-_TeamCity*
-
-# DotCover is a Code Coverage Tool
-*.dotCover
-
-# Visual Studio code coverage results
-*.coverage
-*.coveragexml
-
-# NCrunch
-_NCrunch_*
-.*crunch*.local.xml
-nCrunchTemp_*
-
-# MightyMoose
-*.mm.*
-AutoTest.Net/
-
-# Web workbench (sass)
-.sass-cache/
-
-# Installshield output folder
-[Ee]xpress/
-
-# DocProject is a documentation generator add-in
-DocProject/buildhelp/
-DocProject/Help/*.HxT
-DocProject/Help/*.HxC
-DocProject/Help/*.hhc
-DocProject/Help/*.hhk
-DocProject/Help/*.hhp
-DocProject/Help/Html2
-DocProject/Help/html
-
-# Click-Once directory
-publish/
-
-# Publish Web Output
-*.[Pp]ublish.xml
-*.azurePubxml
-# TODO: Comment the next line if you want to checkin your web deploy settings
-# but database connection strings (with potential passwords) will be unencrypted
-*.pubxml
-*.publishproj
-
-# Microsoft Azure Web App publish settings. Comment the next line if you want to
-# checkin your Azure Web App publish settings, but sensitive information contained
-# in these scripts will be unencrypted
-PublishScripts/
-
-# NuGet Packages
-*.nupkg
-# The packages folder can be ignored because of Package Restore
-**/packages/*
-# except build/, which is used as an MSBuild target.
-!**/packages/build/
-# Uncomment if necessary however generally it will be regenerated when needed
-#!**/packages/repositories.config
-# NuGet v3's project.json files produces more ignorable files
-*.nuget.props
-*.nuget.targets
-
-# Microsoft Azure Build Output
-csx/
-*.build.csdef
-
-# Microsoft Azure Emulator
-ecf/
-rcf/
-
-# Windows Store app package directories and files
-AppPackages/
-BundleArtifacts/
-Package.StoreAssociation.xml
-_pkginfo.txt
-
-# Visual Studio cache files
-# files ending in .cache can be ignored
-*.[Cc]ache
-# but keep track of directories ending in .cache
-!*.[Cc]ache/
-
-# Others
-ClientBin/
-~$*
-*~
-*.dbmdl
-*.dbproj.schemaview
-*.jfm
-*.pfx
-*.publishsettings
-orleans.codegen.cs
-
-# Since there are multiple workflows, uncomment next line to ignore bower_components
-# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
-#bower_components/
-
-# RIA/Silverlight projects
-Generated_Code/
-
-# Backup & report files from converting an old project file
-# to a newer Visual Studio version. Backup files are not needed,
-# because we have git ;-)
-_UpgradeReport_Files/
-Backup*/
-UpgradeLog*.XML
-UpgradeLog*.htm
-
-# SQL Server files
-*.mdf
-*.ldf
-*.ndf
-
-# Business Intelligence projects
-*.rdl.data
-*.bim.layout
-*.bim_*.settings
-
-# Microsoft Fakes
-FakesAssemblies/
-
-# GhostDoc plugin setting file
-*.GhostDoc.xml
-
-# Node.js Tools for Visual Studio
-.ntvs_analysis.dat
-node_modules/
-
-# Typescript v1 declaration files
-typings/
-
-# Visual Studio 6 build log
-*.plg
-
-# Visual Studio 6 workspace options file
-*.opt
-
-# Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
-*.vbw
-
-# Visual Studio LightSwitch build output
-**/*.HTMLClient/GeneratedArtifacts
-**/*.DesktopClient/GeneratedArtifacts
-**/*.DesktopClient/ModelManifest.xml
-**/*.Server/GeneratedArtifacts
-**/*.Server/ModelManifest.xml
-_Pvt_Extensions
-
-# Paket dependency manager
-.paket/paket.exe
-paket-files/
-
-# FAKE - F# Make
-.fake/
-
-# JetBrains Rider
-.idea/
-*.sln.iml
-
-# CodeRush
-.cr/
-
-# Python Tools for Visual Studio (PTVS)
-__pycache__/
-*.pyc
-
-# Cake - Uncomment if you are using it
-# tools/**
-# !tools/packages.config
-
-# Telerik's JustMock configuration file
-*.jmconfig
-
-# BizTalk build output
-*.btp.cs
-*.btm.cs
-*.odx.cs
-*.xsd.cs
+*.suo
+packages
+.tools
+*.snk
+sign.cmd
+_releases
+.idea
diff --git a/AutoTunnel.sln b/AutoTunnel.sln
new file mode 100644
index 0000000..3f90b5f
--- /dev/null
+++ b/AutoTunnel.sln
@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 2012
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "AutoTunnel", "AutoTunnel\AutoTunnel.csproj", "{BC409F07-4C77-4930-8597-B9BD5837E672}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{BC409F07-4C77-4930-8597-B9BD5837E672}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{BC409F07-4C77-4930-8597-B9BD5837E672}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{BC409F07-4C77-4930-8597-B9BD5837E672}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{BC409F07-4C77-4930-8597-B9BD5837E672}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/AutoTunnel/AutoTunnel.csproj b/AutoTunnel/AutoTunnel.csproj
new file mode 100644
index 0000000..e3d377d
--- /dev/null
+++ b/AutoTunnel/AutoTunnel.csproj
@@ -0,0 +1,92 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{BC409F07-4C77-4930-8597-B9BD5837E672}</ProjectGuid>
+    <ProjectTypeGuids>{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}</ProjectTypeGuids>
+    <OutputType>Exe</OutputType>
+    <AppDesignerFolder>Properties</AppDesignerFolder>
+    <RootNamespace>Force.AutoTunnel</RootNamespace>
+    <AssemblyName>AutoTunnel</AssemblyName>
+    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <FileAlignment>512</FileAlignment>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+    <UseVSHostingProcess>false</UseVSHostingProcess>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup>
+    <SignAssembly>true</SignAssembly>
+  </PropertyGroup>
+  <PropertyGroup>
+    <DelaySign>false</DelaySign>
+  </PropertyGroup>
+  <PropertyGroup>
+    <AssemblyOriginatorKeyFile>..\force.snk</AssemblyOriginatorKeyFile>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="System" />
+    <Reference Include="System.Core" />
+    <Reference Include="System.Xml.Linq" />
+    <Reference Include="System.Data.DataSetExtensions" />
+    <Reference Include="System.Data" />
+    <Reference Include="System.Xml" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="ClientSender.cs" />
+    <Compile Include="InterfaceHelper.cs" />
+    <Compile Include="Listener.cs" />
+    <Compile Include="NativeHelper.cs" />
+    <Compile Include="Program.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
+    <Compile Include="BaseSender.cs" />
+    <Compile Include="ReplySender.cs" />
+    <Compile Include="TunnelStorage.cs" />
+    <Compile Include="WinDivert.cs" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="..\force.snk">
+      <Link>force.snk</Link>
+    </None>
+    <None Include="x86\WinDivert.dll">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
+    <None Include="x64\WinDivert.dll">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="WinDivert32.sys">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
+    <None Include="WinDivert64.sys">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
+  </ItemGroup>
+  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
+       Other similar extension points exist, see Microsoft.Common.targets.
+  <Target Name="BeforeBuild">
+  </Target>
+  <Target Name="AfterBuild">
+  </Target>
+  -->
+</Project>
\ No newline at end of file
diff --git a/AutoTunnel/BaseSender.cs b/AutoTunnel/BaseSender.cs
new file mode 100644
index 0000000..ff27d1f
--- /dev/null
+++ b/AutoTunnel/BaseSender.cs
@@ -0,0 +1,94 @@
+using System;
+using System.Net;
+using System.Threading.Tasks;
+
+namespace Force.AutoTunnel
+{
+	public abstract class BaseSender : IDisposable
+	{
+		private IntPtr _handle;
+
+		private bool _isExiting;
+
+		private readonly string _dstAddr;
+
+		private WinDivert.WinDivertAddress _receiveAddr;
+
+		public IPEndPoint RemoteEP { get; private set; }
+
+		public DateTime LastActivity { get; private set; }
+
+		public BaseSender(string dstAddr, IPEndPoint remoteEP)
+		{
+			Console.WriteLine("Sender was created for " + dstAddr);
+			_dstAddr = dstAddr;
+			_receiveAddr = new WinDivert.WinDivertAddress();
+			_receiveAddr.IfIdx = InterfaceHelper.GetInterfaceId();
+
+			RemoteEP = remoteEP;
+			var udpSuff = remoteEP.Address.Equals(IPAddress.Parse(_dstAddr))
+							? "(udp and udp.DstPort != " + remoteEP.Port + ")"
+							: "udp";
+			//  or (udp and udp.DstPort != 12017)
+			_handle = WinDivert.WinDivertOpen("outbound and (tcp or icmp or " + udpSuff + ") and (ip.DstAddr == " + _dstAddr + ")", WinDivert.LAYER_NETWORK, 0, 0);
+			Task.Factory.StartNew(StartInternal);
+		}
+
+		protected abstract void Send(byte[] packet, int packetLen);
+
+		protected void UpdateLastActivity()
+		{
+			LastActivity = DateTime.UtcNow;
+		}
+
+		public void OnReceive(byte[] packet, int packetLen)
+		{
+			UpdateLastActivity();
+			if (packetLen == 0)
+				return;
+			var writeLen = 0;
+			Console.WriteLine("< " + packetLen + " " + _receiveAddr.IfIdx + " " + _receiveAddr.SubIfIdx + " " + _receiveAddr.Direction);
+			// Console.WriteLine(" " + packet[9] + " " + packet[12] + "." + packet[13] + "." + packet[14] + "." + packet[15] + "->" + packet[16] + "." + packet[17] + "." + packet[18] + "." + packet[19] + " " + packet[10].ToString("X2") + packet[11].ToString("X2"));
+			// Console.WriteLine(BitConverter.ToString(inBuf, 0, cnt));
+			var x = WinDivert.WinDivertSend(_handle, packet, packetLen, ref _receiveAddr, ref writeLen);
+			//var s = new Socket(AddressFamily.InterNetwork, SocketType.Raw, ProtocolType.IP);
+			// s.SendTo(packet, packetLen, SocketFlags.None, new IPEndPoint(IPAddress.Parse("192.168.16.7"), 0));
+			/*if (!x)
+			{
+				Console.WriteLine(Marshal.GetLastWin32Error());
+			}*/
+		}
+
+		private void StartInternal()
+		{
+			byte[] packet = new byte[65536];
+			WinDivert.WinDivertAddress addr = new WinDivert.WinDivertAddress();
+			int packetLen = 0;
+			while (!_isExiting && WinDivert.WinDivertRecv(_handle, packet, packet.Length, ref addr, ref packetLen))
+			{
+				Console.WriteLine("> " + packetLen + " " + addr.IfIdx + " " + addr.SubIfIdx + " " + addr.Direction);
+				try
+				{
+					Send(packet, packetLen);
+				}
+				catch (Exception ex)
+				{
+					Console.WriteLine(ex.Message);
+				}
+			}
+		}
+
+		public virtual void Dispose()
+		{
+			_isExiting = true;
+			if (_handle != IntPtr.Zero && _handle != (IntPtr)(-1))
+				WinDivert.WinDivertClose(_handle);
+			_handle = IntPtr.Zero;
+		}
+
+		~BaseSender()
+		{
+			Dispose();
+		}
+	}
+}
diff --git a/AutoTunnel/ClientSender.cs b/AutoTunnel/ClientSender.cs
new file mode 100644
index 0000000..287e89a
--- /dev/null
+++ b/AutoTunnel/ClientSender.cs
@@ -0,0 +1,55 @@
+using System.Net;
+using System.Net.Sockets;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace Force.AutoTunnel
+{
+	public class ClientSender : BaseSender
+	{
+		private readonly Socket _socket;
+
+		private bool _disposed;
+
+		public ClientSender(string dstAddr, IPEndPoint remoteEP)
+			: base(dstAddr, remoteEP)
+		{
+			_socket = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
+			_socket.Connect(remoteEP);
+			Task.Factory.StartNew(ReceiveCycle);
+			// Task.Factory.StartNew(PingCycle);
+		}
+
+		private void PingCycle()
+		{
+			while (!_disposed)
+			{
+				Send(new byte[0], 0);
+				Thread.Sleep(15 * 1000);
+			}
+		}
+
+		protected override void Send(byte[] packet, int packetLen)
+		{
+			_socket.Send(packet, packetLen, SocketFlags.None);
+		}
+
+		private void ReceiveCycle()
+		{
+			byte[] buf = new byte[65536];
+			while (!_disposed)
+			{
+				var len = _socket.Receive(buf);
+				OnReceive(buf, len);
+			}
+		}
+
+
+		public override void Dispose()
+		{
+			base.Dispose();
+			_disposed = true;
+			_socket.Dispose();
+		}
+	}
+}
diff --git a/AutoTunnel/InterfaceHelper.cs b/AutoTunnel/InterfaceHelper.cs
new file mode 100644
index 0000000..ccf15a8
--- /dev/null
+++ b/AutoTunnel/InterfaceHelper.cs
@@ -0,0 +1,24 @@
+using System.Net.NetworkInformation;
+using System.Reflection;
+
+namespace Force.AutoTunnel
+{
+	public static class InterfaceHelper
+	{
+		public static uint GetInterfaceId()
+		{
+			NetworkInterface[] allNetworkInterfaces = NetworkInterface.GetAllNetworkInterfaces();
+			foreach (NetworkInterface interface2 in allNetworkInterfaces)
+			{
+				if ((((interface2.OperationalStatus == OperationalStatus.Up) && (interface2.Speed > 0L)) && (interface2.NetworkInterfaceType != NetworkInterfaceType.Loopback)) && (interface2.NetworkInterfaceType != NetworkInterfaceType.Tunnel))
+				{
+					var prop = interface2.GetType().GetField("index", BindingFlags.Instance | BindingFlags.NonPublic);
+					return (uint)prop.GetValue(interface2);
+					// Console.WriteLine(interface2.Id + " " + interface2.Name + " " + prop.GetValue(interface2));
+				}
+			}
+
+			return 0;
+		}
+	}
+}
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
new file mode 100644
index 0000000..9644ace
--- /dev/null
+++ b/AutoTunnel/Listener.cs
@@ -0,0 +1,77 @@
+using System;
+using System.Collections.Concurrent;
+using System.Net;
+using System.Net.Sockets;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace Force.AutoTunnel
+{
+	public class Listener
+	{
+		private readonly TunnelStorage _storage;
+
+		public Listener(TunnelStorage storage)
+		{
+			_storage = storage;
+		}
+
+		public void Start()
+		{
+			Task.Factory.StartNew(StartInternal);
+			Task.Factory.StartNew(CleanupThread);
+		}
+
+		private void CleanupThread()
+		{
+			while (true)
+			{
+				_storage.RemoveOldSenders(TimeSpan.FromMinutes(10));
+				Thread.Sleep(10 * 60 * 1000);
+			}
+		}
+
+		private void StartInternal()
+		{
+			Socket s = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
+			try
+			{
+				s.Bind(new IPEndPoint(IPAddress.Any, 12017));
+				byte[] inBuf = new byte[65536];
+				EndPoint ep = new IPEndPoint(IPAddress.Any, 0);
+				while (true)
+				{
+					try
+					{
+						int cnt = s.ReceiveFrom(inBuf, ref ep);
+						if (cnt == 0) continue;
+						var sourceIp = inBuf[12] + "." + inBuf[13] + "." + inBuf[14] + "." + inBuf[15];
+
+						// 			_sender = new BaseSender(dstAddr, this);
+						// _sender.Start(remoteEp);
+
+						Func<BaseSender> creatorFunc = () => new ReplySender(sourceIp, s, (IPEndPoint)ep);
+						var sender = _storage.GetOrAdd(sourceIp, creatorFunc);
+						if (!sender.RemoteEP.Equals(ep))
+						{
+							sender.Dispose();
+							_storage.Remove(sourceIp);
+							sender = _storage.GetOrAdd(sourceIp, creatorFunc);
+						}
+
+						sender.OnReceive(inBuf, cnt);
+					}
+					catch (Exception ex)
+					{
+						Console.WriteLine(ex.Message);
+						break;
+					}
+				}
+			}
+			catch (SocketException)
+			{
+				return;
+			}
+		}
+	}
+}
diff --git a/AutoTunnel/NativeHelper.cs b/AutoTunnel/NativeHelper.cs
new file mode 100644
index 0000000..1cd6683
--- /dev/null
+++ b/AutoTunnel/NativeHelper.cs
@@ -0,0 +1,45 @@
+using System;
+using System.IO;
+using System.Runtime.InteropServices;
+
+namespace Force.AutoTunnel
+{
+	public static class NativeHelper
+	{
+		private static readonly bool _isNativePossible;
+
+		[DllImport("Kernel32.dll")]
+		private static extern IntPtr LoadLibrary(string path);
+
+		public static bool IsNativeAvailable { get; private set; }
+
+		static NativeHelper()
+		{
+			_isNativePossible = Init();
+			IsNativeAvailable = _isNativePossible;
+		}
+
+		private static bool Init()
+		{
+			try
+			{
+				InitInternal();
+				return true;
+			}
+			catch (Exception) // will use software realization
+			{
+				return false;
+			}
+		}
+
+		private static void InitInternal()
+		{
+			var architectureSuffix = IntPtr.Size == 8 ? "x64" : "x86";
+			var libraryName = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, architectureSuffix);
+			libraryName = Path.Combine(libraryName, "WinDivert.dll");
+
+			if (LoadLibrary(libraryName) == IntPtr.Zero)
+				throw new InvalidOperationException("Unexpected error in dll loading");
+		}
+	}
+}
diff --git a/AutoTunnel/Program.cs b/AutoTunnel/Program.cs
new file mode 100644
index 0000000..e8b50a9
--- /dev/null
+++ b/AutoTunnel/Program.cs
@@ -0,0 +1,32 @@
+using System;
+using System.Net;
+using System.Threading;
+
+namespace Force.AutoTunnel
+{
+	public class Program
+	{
+		public static void Main(string[] args)
+		{
+			if (!NativeHelper.IsNativeAvailable)
+			{
+				Console.Error.WriteLine("Cannot load WinDivert library");
+				return;
+			}
+
+			var ts = new TunnelStorage();
+			var l = new Listener(ts);
+			l.Start();
+
+			var targetIp = args.Length > 0 ? args[0] : null;
+
+			if (targetIp != null)
+			{
+				var endpoint = new IPEndPoint(IPAddress.Parse(targetIp), 12017);
+				var sender = ts.GetOrAdd(targetIp, () => new ClientSender(targetIp, endpoint));
+			}
+
+			Thread.Sleep(-1);
+		}
+	}
+}
\ No newline at end of file
diff --git a/AutoTunnel/Properties/AssemblyInfo.cs b/AutoTunnel/Properties/AssemblyInfo.cs
new file mode 100644
index 0000000..b160203
--- /dev/null
+++ b/AutoTunnel/Properties/AssemblyInfo.cs
@@ -0,0 +1,36 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// General Information about an assembly is controlled through the following 
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("AutoTunnel")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("Force.AutoTunnel")]
+[assembly: AssemblyCopyright("Copyright © Force 2017")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// Setting ComVisible to false makes the types in this assembly not visible 
+// to COM components.  If you need to access a type in this assembly from 
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("BC409F07-4C77-4930-8597-B9BD5837E672")]
+
+// Version information for an assembly consists of the following four values:
+//
+//      Major Version
+//      Minor Version 
+//      Build Number
+//      Revision
+//
+// You can specify all the values or you can default the Build and Revision Numbers 
+// by using the '*' as shown below:
+// [assembly: AssemblyVersion("1.0.*")]
+[assembly: AssemblyVersion("1.0.0.0")]
+[assembly: AssemblyFileVersion("1.0.0.0")]
\ No newline at end of file
diff --git a/AutoTunnel/ReplySender.cs b/AutoTunnel/ReplySender.cs
new file mode 100644
index 0000000..bb053bf
--- /dev/null
+++ b/AutoTunnel/ReplySender.cs
@@ -0,0 +1,21 @@
+using System.Net;
+using System.Net.Sockets;
+
+namespace Force.AutoTunnel
+{
+	public class ReplySender : BaseSender
+	{
+		private readonly Socket _socket;
+
+		public ReplySender(string dstAddr, Socket socket, IPEndPoint remoteEP)
+			: base(dstAddr, remoteEP)
+		{
+			_socket = socket;
+		}
+
+		protected override void Send(byte[] packet, int packetLen)
+		{
+			_socket.SendTo(packet, packetLen, SocketFlags.None, RemoteEP);
+		}
+	}
+}
diff --git a/AutoTunnel/TunnelStorage.cs b/AutoTunnel/TunnelStorage.cs
new file mode 100644
index 0000000..92f60c5
--- /dev/null
+++ b/AutoTunnel/TunnelStorage.cs
@@ -0,0 +1,29 @@
+using System;
+using System.Collections.Concurrent;
+using System.Linq;
+
+namespace Force.AutoTunnel
+{
+	public class TunnelStorage
+	{
+		private readonly ConcurrentDictionary<string, BaseSender> _clients = new ConcurrentDictionary<string, BaseSender>();
+
+		public BaseSender GetOrAdd(string ip, Func<BaseSender> creatorFunc)
+		{
+			return _clients.GetOrAdd(ip, s => creatorFunc());
+		}
+
+		public bool Remove(string ip)
+		{
+			BaseSender value;
+			return _clients.TryRemove(ip, out value);
+		}
+
+		public void RemoveOldSenders(TimeSpan killTime)
+		{
+			var dt = DateTime.UtcNow;
+			var toRemove = (from client in _clients where client.Value is ReplySender && dt.Subtract(client.Value.LastActivity) >= killTime select client.Key).ToList();
+			toRemove.ForEach(x => Remove(x));
+		}
+	}
+}
diff --git a/AutoTunnel/WinDivert.cs b/AutoTunnel/WinDivert.cs
new file mode 100644
index 0000000..3c5447d
--- /dev/null
+++ b/AutoTunnel/WinDivert.cs
@@ -0,0 +1,83 @@
+using System;
+using System.Runtime.InteropServices;
+
+namespace Force.AutoTunnel
+{
+	public static class WinDivert
+	{
+		public const int LAYER_NETWORK = 0;
+
+		public const int LAYER_NETWORK_FORWARD = 1;
+
+		public const int FLAG_SNIFF = 1;
+
+		public const int FLAG_DROP = 2;
+
+		[StructLayout(LayoutKind.Sequential)]
+		public struct WinDivertAddress
+		{
+			public uint IfIdx;                       /* Packet's interface index. */
+			public uint SubIfIdx;                    /* Packet's sub-interface index. */
+			public byte Direction;                   /* Packet's direction. */
+		}
+
+		[StructLayout(LayoutKind.Explicit)]
+		public struct WinDivertIpHeader
+		{
+			[FieldOffset(0)]
+			public byte HdrLengthAndVersion;
+
+			[FieldOffset(1)]
+			public byte Tos;
+
+			[FieldOffset(2)]
+			public ushort Length;
+
+			[FieldOffset(4)]
+			public ushort Id;
+
+			[FieldOffset(6)]
+			public ushort FragOff0;
+
+			[FieldOffset(8)]
+			public byte Ttl;
+
+			[FieldOffset(9)]
+			public byte Protocol;
+
+			[FieldOffset(10)]
+			public short Checksum;
+
+			[FieldOffset(12)]
+			public uint SrcAddr;
+
+			[FieldOffset(16)]
+			public uint DstAddr;
+		}
+
+		[DllImport("WinDivert.dll")]
+		public static extern bool WinDivertHelperParsePacket(
+			byte[] pPacket,
+			int packetLen,
+			ref WinDivertIpHeader ipHdr,
+			IntPtr ipv6Hdr,
+			IntPtr icmpHdr,
+			IntPtr icmpv6Hdr,
+			IntPtr tcpHdr,
+			IntPtr updHdr,
+			IntPtr ppdataHdr,
+			ref int dataLen);
+
+		[DllImport("WinDivert.dll")]
+		public static extern IntPtr WinDivertOpen(string filter, int layer, short priority, ulong flags);
+
+		[DllImport("WinDivert.dll")]
+		public static extern bool WinDivertClose(IntPtr handle);
+
+		[DllImport("WinDivert.dll")]
+		public static extern bool WinDivertRecv(IntPtr handle, byte[] packet, int packetLen, ref WinDivertAddress addr, ref int readLen);
+
+		[DllImport("WinDivert.dll")]
+		public static extern bool WinDivertSend(IntPtr handle, byte[] packet, int packetLen, ref WinDivertAddress addr, ref int writeLen);
+	}
+}
diff --git a/AutoTunnel/WinDivert32.sys b/AutoTunnel/WinDivert32.sys
new file mode 100644
index 0000000000000000000000000000000000000000..724c398e199c221b0cedf055d01e3ae7c3f4d039
GIT binary patch
literal 31408
zcmeIb30zZ0*D!uV0tSpE0xBwML{wD78xocf!Xku40V4>w0U`te*$g)VRul**;hJi#
zT5Gj+ZLL~s)hgBv#Da?ZQnfCRyTMS!7L_V(zB4xo1g*>SeDC}JzTfwMV^8kPnVB<Z
z&YU@O=FBCHn7jm|V;IH&(CIL&3ZCfWPkq1p>k1TG5BSL%+iiJjU==O=)W8X8>3Q5-
zdCm-ZQWiHkDLXrd;7*ru<%(=>dNwy`Tr@W;Cq?Gkt(%pTf%NkE{FUeW$2S<^O6t{y
z^HhFn!{6|{l6tz~SL%7Q;WG6+-f)(Bo}`{p>B(uR?dzOMB^VY?v%oH@_Qn{?ZeeD$
zt~5&w^9GEw9@`>@CkH@^@-%(g48trSZ3I+;?EnBFIl0hKEl9zCs2%#Ep6w5W#C(b|
ztN<mJU|2H}u<<h$NcD%zS`1?WiL+7+b1;^D$P?<HeMdc4LRLUP`D`4%H~?+{(2wbd
zi(zT5@{}YZ3BwY*LkZBtYydm}Og{b?7V4_6hE21Af?NQQ4HgPu^6|&8V_}hD6A+4P
z0bj)cOn@-}CLb<_-Eo!Y$&&#`$z%y65N}ZcCLezc8|^BWW#&M|$EbWQ0HPZUVDj;Y
zdM4TbN&d$YAayZh6aRP>CZ}Nm&FmUx04ZUz_Z~ObD0Mn`*4*NBt%*Ovz)qsiy5?Cl
zth}1AkZSI`V%WNt_Utbx+p5oYk?MM|q%>?@8<l65eF^MkU{cK{s8n9fUZjNlx|CcR
zrmS|B>fBK^O%Wonu`@0m;qG<D#UPv$v@mHKfN&|DaU&^uopHSZXXwtXBdHyUVYSro
zPEyiPHsR|wLqq=0DoI;xT!xEUau#u)KLW!@x;oEUU37L6d{mNKWFSK&xu-nJszMet
zRV8W7z@WBqOs9Y{8PS%=Kb4^QZ8(M<*LOqpQeLfKxK(TWlz7Rv2#+dSN(vZL9OAbq
zw4^^%1XHlAx?So9u2`{Ta|Wi{(*)AfOa{_OlpjMzDQm@|)gL3HtWKC1N4`=;w5TH5
zpl78JBL=BM{H2CgnN+K}PH~33RG+ugNm`YXHiojEqbzD=$bT-cF6w5eG7ze0hZ!;_
zT~M!c`;dy33<mjXN}T37V3b2JWgTifR`ED-N`mPqb?z*fJ~D<$b_*|{VY(i;f`+9X
z0Zz$dnwGzHy0U7bOML+I0$@6icYJhg99hI76T`_62LHI|DvW5Z1u12zV%o@D&huak
zbHbbqW@)W6IOE4>(8kB=dQ?d%?PR6J1*OjhB|HFmKv%;fPBRxc)hXJdbqc1=UC)fm
zY#NrBFy;6WmR`M$^B)>b#<O7NEhh1+GwjtxSN_;K5hnMFT5?4it#8bKu2QtA6s<5K
zAfha~Zp|(?hwVWvX_2ZW&C*yyJzWnUC>PbS7g<87vZ#ecSXFhyu<FJ?kq{Kk#q-SQ
z?DD&isk)#69THlw%P&DLg9)9hi>m(E>aUU<RY{Jm<ANkrl8b6dEA&uhWTakF#f9p+
z9s-ao(uj4CBPAO1o7aBRDO(-b3yT54-c!8M4&?7tz6>5@Fav6q5jvet9l;u(!7>ul
z^+*A3wF3+lqW_`7G^hY7;0v0lU>OC;fxcm}kdjtVIu+AY#zY<vWL3e2RIRn7Mh?nl
z-O-^F(4*#niIKWjwlvHE7>owU0>J2W8l6rz`v;(#QA?IzZJa!6m7s}(MH$;kL%L^h
zGQj?1&@zxVyhBN%HF2;?6Q;zs(+p;UwPT{y9|k3qUI7WDSEd%@oF*;<n;bQXuqKPZ
zc>0W^Uk(r*lmAZEp3`JtlZdW>i`3(uB|fjE5nb4Og8J*|XW4s?kSA&yIrL*>O^t>_
zuX%CSWEI55X+20jd(S)?d(SatBS!R4HjW@TVFX{<*o7FZY-AGs!W4bftiRBfE3(S#
zR%t<hs^Sl`QhJ-^|GYz#m{6-`9YlrN+n`U{>z%BeKmU9j*;+4Y0XbvB7?#3X7{gIm
z3S;cpWid!ub$0C1a7aYQk_sk!j|F+Grjem+WDr4NVeE1oN;(=iLQWOaqSQIFOM60E
z9qg>EzXCc@8Em1BX;sI!sft=P&Y)0aOe-1RrsXMbv1@Lbkyk{o*roUM91t9SbyTV<
z*h;erOan?(23wAJMZZa2R>ikfNZ39W1lOlKyL>m)R~Fe}?6NH=^^(ahU56627TTW5
zA`ak}Qg|4Eio%0kYr$0UcEn&ZlBJ5!kdd4U$x~HCQ!06+Qd1{s#xhuyCsS1szpEoO
zS{G#<Q(aVzj6957SqCNnS$y`MYVrj8_@<g$_Ns_mVEEM$)fvuYksbdzm<LZ%(Kep^
zRrBaCv~gC0eeYUa#O|&zr}hRi!Y)-sOPG>){0K*HYz$W2DVl!`rhyD$sp4Bz@%L2m
zEvoot7_KV5NhQ%JTkZ0?@T(hh%)to~!T@HI?)IR5(HXSp47)hpFR<r`YT0GsP+kd>
zbWVAPU3s<Uj#=^DW>t(`@hg9rDJV-N{mm*{E3dQn)`}z=cDV!Kif^-v|1@Wpav&{=
z(XbbGfds7K%88a}y+p<7dN@E=jhm4OTVY}!f=g!7y))JQJ=FavD5>ORI2Ye(o}`Mf
zD}FhRUA_-+!Uzq!bO$7$e@10<<wekVdJV<FDnv|juX3UV>TJAr6nl>p6uki{x(!nF
zZec_`QuJ}kMoYy|HR}>m<Vt&5gdNquz@2_wXP5ymAoBg}J+-04Sf$3C@K9>H5(AZ*
zVTv)*44O29Npah(^-;5yQ%hnuS`yzI+UrZ3wEYcvy=dEDccJWtp>+%7!0tg|4-QBM
zncE9=7)H!Jes#U%RtYdjM%b4~ZXtI7lwfAHJ-r4Lg}n#N<8}UX(0TqfzHUSv;U7xy
zLy6&`1UHoE8A`B1+2u2Ul2Fp5<?^eAk~VE`^k~-Fpht_gE5Ew@yw)6LTG`91wRC>9
zKeFL&sC(3bKTX*xWG`F{UOHHLmww>CKwS>_5sgKFBPE<h1@&Y$W>HU8qYR!#f{hcY
z4D|84zC$f~G;3jCh?yJc(WLzav;)Qh!)SD-h(OMt*65&5Q#z)pJjvc$(`ea_VraFf
z)n0!K<t_ilr(he}v)slz`Yg1x*f#*VP=ji;2dGZ`nT<ai>hAHkY~0sg(MtOTR3QCX
z>|>1^^jOlLqkYQWW5wPxnx?$XuF)`RZZo>pG?qaz!m;;`F{8{4__Eq#spM!z;{>oo
zP-M|KO<$)=V;rI-XOeSR<YW#x+KzpieTLnj{hXBBlXD!%$y{=@lL1#wN?Je+jZRee
zEsZb0S^=u@mHr8;-k69i9mwwrd^KLC@Xd|a^iS<gQqq=6VvT30d|P9!{;914Jh*?2
zj#T3|kQocc(x}!K>$BaIw`h%9k)lZq6<FG)_H<Y6t@gB)_F{Y5QhTgD%|sH0{{5{R
zBlVOa&1oFnp0;W9F!mVA0#^cAeUR#Hvk^5TBz9UJDQRjHQ!F+$GO3zPjkfwHn#jgh
zuz=7E>MAu%tr@?XjJQXJ*@>R!nJbU!v_ofu8vARxq~ac!VbP!RNBK{{DvPelZ|6TC
zBblOO`B(Z@zqmq1T&MOMjPMR4T*C;*FrsG|VHKtb0L5QZqaDFN4vDX7w2oBb%NkfR
z2(!9I%b^m>YqVXc#IhQ)2KI4Fv{3f?n`yh~6O4T&Ajecu4bdk6eRoY&7Tv<w<-#_d
zj$fUS2#%p0ED(QfOS%IMyWN|HJqCCV@Hc=(9~x#0&>LVVfGYqOz#SkEU>v}7fSCYu
z08{|00KNv;39ujF7{FP8hX8*9nDwP$T><O>oB@0QLIB1A!~skPm;sOjkPk2yU?IR_
zfMoz*0c;1T1~>_D1>hb)Ge8>v6UJc&zy<II7!5E6APOJ>z{EcwC9G&lKCy8i8+O@7
zq;f^}WIS_Usa|UAvh9#i*8Gji7p{l2-r}hR_LUZu$6$Byj^HRJRYuahBkUC8VfO@O
zR%$T9CzKc!N(>Dp280r}p^7-sJZ4{H&4>v0-e5EBSRu;4xT5_H659Jvs%_?1!vop9
ztNPTkYV8?RIS!1mPQj5zYeGOFfrJ&z7r2x0Fmq7eKEv$tU?|t#;a6*KQ-d^~sp2wv
z^3P9t@szJq6}5o7BD%~jw+7oKE=J=~(jiHCeQ6jA!@%tC0JD#_+<JD|Ls<RMvBIJ@
z_5x&w_{Y&Pr)Fk#Px_Hc`{Gw%jDG}laRJSoy>Kg}*n4x$*n58|d07Ia=Q2xPB00{p
zNfo_dFCd{@6w}65mg*}q-d1tCvEn316u)vH9E)G|Bl_{r3#C@<@*qG8rEnAxQ3)G%
zxf>+ddoCzn3iC&^_biPXhz<eEJ>a1%u%Kz3;hU{>EGe)6<BMr~qr?D6a8LqJ+AdUr
zjj<PMpaS@AGmqP=1>Gx|6_K<`DXr2Prn&kK!|FtZbt)NZma2+0gC_%?3^LS070Dz+
ztyGaLGSpfX$st2+RFQUQ18E&NU#M*DU*rPoRey$UwVKyQ+1hhnH)U(T`SU9+oPKAS
zY5m~&ltt5e77uCG3Lx_bi>@86Y;~L)uWTKR8VFDW;rvJ_d(N`ZTEp`h%Uo*#&lVP=
z!Xkvd_lzi_ja`}u28zA+#mwjSdM_UKal>S`fZABc>J+VTV%!bW3&(k?3SjiEe!>(m
z?%=pF;Dmy4VdVp`0Qv*;02m4&0DzAL3Rb~~21gc%aG9CWEiBB;>1Jl|fHVR+ps2d&
zbYuAF*PUj~W1Y?zYSEuXOPW|vw<8<@hhi|H<kJzs6Ec{pa&&^`S5HzGUH@Y%#BFMB
zG3a%wA0eEpQ|C@p{m4LxqU*?w{Z&=ohD>yz7ytaG3?G%GIZ7>AD^)FT1uUEa>fp4c
zifPp>?E|w+H6#PU2VRSOV3lMC8OTyecB}Ki6F#<SQ`$-x;wE)D6X?U)Xp?3t)e3c>
zJZfK3hl<q)Q7P&=kh2LjJc#S_oAl&W<@S&#1MO7h4v?rXp9bIN{-|M!p&|;k9P~G2
zNNQNR*&H=BYW>MmRgU&?vhMTxaw#Ohqr_C@1&~rLp9|l*9%T^L;_Kqn5!c5{HCrIu
z3JZ5pF;p`~Kx_a9XOMptv31m_HG>hNR+|_XhvZ|3d!!g@&FuqdYS_jSUt@b?yyR(L
zST(y0?N&nuQJ=dWW~aVv0SeKexkp=KTVewL)D+Dndx#4eC*5e3Ob^hkd|0yjFbWkz
zA<r73C_exp@``5rZzzhwE>ojXsmHR^F)g|t80fM3BRioVF*=s?BrQ~3R0Rw&*jW_l
zLJZQ4bx=n@B?eT|^nMCD64L?=^{s?{iql#a*+pfcn#WM(GE|-k?Ulg^40OrRflry%
zd<9LtF3(vN=%N`9V~CRK@|=wE00!`kwogOYP_N7FQ6Oa#D^5Qm(~-1l?ltL0avw$#
z9h*VZ<+l@L0zvh-j<MB;Fpoejb)p^k5quaQT{V$m7*R;GenjI8BLen?eHB;rrTlBr
z(Yk!x$mnVUgxiq~g*b*uuPCd|7t~9bunk~34`V9~g|gans20S(bP-I&b+TR)38T>M
zZGr}xPkIB3dz&FiT8L^1Ys#z`;!>*q)M2obgp^GV)FAKar=ny&6U{NZ9NGG47;CJs
zFS~3EWXKR4Ml~MdjQT)UF$@D)Qdd;gE{<_9%|HrGGYU!R6fMU3p%8R|m>L{SS|O~)
zUi2+uQPTX}AA)L3D#q5T?P-Xs0lz3@0#%^~|F|%sRbg2#X<dZ^Is_SN2QfIHA*#uv
z!}bXQHg&KIbk(Yv&=Y9JwCDqWU{iJOD1fD(aT2&Cx|5N1Dkd3euL@;U!g)NDNrr?D
zM%M!T<6UcDU!Uy+eyVOZS2x=M5tKXu^8%qxO)8j4h*M&7dqH=|N_PwlMf9{bopC6_
zq>i}<lI<+kvh8565~j4v$TV)LY_f+Hi;m`LXbPwkxrRERw`s(WkeVv24#V-Hy74g*
zxr9^c&-9@Y*50**)nO{U_Y2@-^<r-ilOeH_tq|~7q@r3G1s)0#Y|`3gaH7$%zFpwp
z);E)iCea`4vIA&>{O#1C5EE!A`BMv9GkYQ0<n<~QZQRSKSioYaoMAqRZ2bd57ED9T
z#udeEPz;hR(no3jf?D9NGb;5bHVCJSTG{0f0n2}`?E@udh7ve_vdhmP28vqv&x0W>
zG`o*Fq)7_L0A;luJX+C1lVS(X;89j|bTl|+uybw%r6F5YMH<m7kQGvw#!rC=_)wcE
zg=|9#865}9(H-3zXncA>4<MYmxnvJ?%^><iVL|plHw+MHgvlr_@THLvoU~Oo2-BwM
zqvO4}+4p(0@_|-a*9+pUxf7x^T2MMI$7>Q(!3M$za|)?ptG1VJ7DLA~;J!n(9#Qio
zdR62qjBg{DKvFXa@WOZvVX0GS^kHLRe5+yEQe#4azXY-#nKnbnn6lWw9oV#Jaw031
znh$lLi`3{}kjQs!R-hP8D-0inB9L`g1v6C%ppYn*191ymz@vpj8GZ_>wT_k|jD}@P
z$rS=fl@boPPY__>U#kd)q&;XMFz-OH0#ykPssyeo!AUy|9Cy-RN}lB(52$%$Ht1Z9
zhOUZqP{nfLXwBqTtAZU=!Q4PquoD^LqBp6kVCPONgRpJ4_?nlX?2Tv-R)^SuUkAHF
zBtyl6eS!a67veyUa}bT=&bB5wq?L-P3Sj8QIgk)SGi)y9&k1u)6;L2+QIy@@^n5X%
z3h;wXaUgT`{ucjQY&68ZOjMbY8giD<vH%awK`$>+t-=N{Fe4o}ZMRs;>fD4|O}!Q(
zk4~?JDv1L$u{uQQ;6gMB9Xbelqi|@~!79*UvRU-U+!X4j3pCf9y5k}vn8k&@wCJ?6
z;3gsE>kEgD7ys(3i&j3=D(id20Tp|xCJUNt2YJP_6y1O%!i+<h?)pQD0fig-C>qwT
zcei1R(L93Q!4T1PMP~;TH0TfZnrbRcZV)1+cl`5F@QKxo{T-cs6t<v;Dq9r?Gyr{Z
zR2=QxIKD0<E)G>10+mEZh^|o?W+>YWvT;;WMb}vA%dDcPnr+|`z=-2A%%P%+rfGt_
zzNH0fd4nou!S#r~_!Q(5_2sC6<{(whQPJAN=*D{$aQ#Dk`Nv1p)Jb$0F(TA>6|x`Z
zL>R##Skxt+O40=7G+~4tkwf;_2nIkqRT#k}x*MwGqRq%qg+=s4*zW8-5*^fqqQ50N
z)r9gU)BuX?j78`cvAu|D1w~{JbdiYK8j7ObuElyq=w|aEj7S0%DS1Xiw1704%b(Bf
z_IIs!yiR@(HqNI-U0|nAxrcmDq}d#}$>C@<9VbgLf$g_UZSQp8S~b7jrLMuuHLWi|
zkS6hexS0iy09<~Po0h4tg}mJxY}Kr#h$&e0k~V64+7F(KT5=C=j9R4N`<PIo?xkvB
z&t@-L0hLIFJy|z$n3D}gu$7t~aF9N(ihzK0vvvsD#n7#jX={JrL!@twB8Ox|YZVXL
zikjIA=fHwxm+{e7Q#aBPknFN&Fu_U<on7`bm0%FVl^O;_JW(A<i*O>7y|61#Q5G<0
z?1eN)Rr)h3Ld1=KK?OL_s~4lg=R$~Z(%5AvI93@Vt_blZL;O`Cp=3yqDg-VGrK*q#
zu;gLS)C>R*P_+>GT_`sF0}xS1*pF97v;j1YSI29}X3c&G^1u?MJcuT+_nL_iwaU;L
z9ou|okc_4PwsLT6JN!`O*ft`z_1+8_!!o_t)ZrlCIL%Kmk0_K-s~v)T%Z_WZOiE})
z=1{0*YAl~awfHu$0&MjVAlb-<FAxU_j*yfgYG5yX0V61RX+Ia_S*k^&0o+}9%2_2Z
zHA>_Hpqs)djpr?(6e4Xr4LOjxJ0)}KW>~`@{7^6)=>xigqaugOqGl$$9IPSg4Fb6I
z5w%nRx&mQBoV9c^gsY;#z79UMwup>qA;&Yw0JvNTqmO7H`iCi|lP8ol#mcifQEh&#
zoLTZ`aTg5B4_C!GYa>ySPG2NKMJSw*&r`*5wR~!93{nbFlEH1Sbh@rbK<8?dx9AWU
zZ>1|3qCW_xYMj3+E=b!2_(g6MH9hVAQ~O<^o#{@3)(9ETeI95J+Hn`jFv6kyIJ@i$
zB;&{eXUc<v<ysC>f*rGKJ>7x}(yoGHxF3%tXE79fbeW`<v`NQ<BjAp_53PmH9r+%b
zAFQETD~&KmEcOJ46dW*7$OO5O4A>P=Q7;LTyb0$b@RD_UhrgCG`rw;#Kmj!D2b6_o
zl6}jsDQ;*P@XaJ8+(wAGfyhH4ri*-D!j=33a{Oz`TW0*@+Oed>4tB8?Jq@rZahjS|
zM2B65=AHBa7wNk8w4uYgP91)EA0h(~4Fz(<FdzpGbs(kgh#h2{6b`W(KTuRe4eg2i
zYk}H<zz0<9^Jc$cRKG+L=~4b%@p1VzBJLj!Dhi?A;q5q2Wx}~csA!(eRp<M_1)`2v
zC@>yDT45#qZBguNCa2d~!1^>CRLJ?E{A%SxT31-eT!L8-!4}v-t(Bn;H03n=zw0p?
zs4*3qbuiU|k|yLKcf?7M6BNVIuTAPj0+?3xCW5M{N+mg<im5i7Lz?;5(y(F-tG7UJ
zVbljx?_ksiGuHw&)jSTkRrSGKbR+@Ssy^5my#rN|Ag)O8RVDbV5`t6-p{j&%&ED&<
z{(_~d;0dZPk=22V`+0(`TPqTLAaw{G`nSSI9c-ui5*adZ{8au76;=`70DDgZL~YbQ
zxH@DaxFu_)db4^IUXlUTD5+lw^}%H}!OsNz-;##nq6UV%Izx~M0f`_mWzka2FHBI?
zqbzkWE{)bBr8-5G>L4oCi@m-)9Fi~ytiC)HQV^qp6ImL}60+scsWqj|>VqhTf_UDV
z0WKrNmljd4A*@tMR+AD?^0n$<C)g4eN!3)e#c&R-r!wH)0Cg08SvCj+9$&1Auc(uh
z(ds3OxKwu-%)FtyuK<DGa@f|XC+GsamU_uH2)SbQk{uIA(m+<b4Fpt0D^*3Sfd_;5
z)IkdbdR`>k+7HAn#y;ly>1AamzmS2eB_}~l-*>?<%OdpFj(Pz)rbFYC(&!9bwC0=@
z+A%;7b1gv!(7{ieN(SSQz6WVI!FOx#03G_tV5c{5>R<u7Q?EucCcC^*tgMGPLAByO
zNxj7b2G1f^GZWrR)G3bY6bFoJ1KGLu0MTv;DYhRs^q!PX!3F;eOfpyo@)#K=P~N7&
zD=@lT7hNu#nc;p^bLXW_7k{MF8u{l|m}#qRZ?=NFf9~^Odm51ruj6pab;LAy9|yf=
zL0yGH{71qCz181_7BTBBsP!t+vlmM-7xy}MG))lnQ{s!3GC{qX0dXYYPJi7zB{89$
zamveW=O8H>vB1A3dPPh?OhjimOQHKWdiQ*zcQ^_fMMKln|JmL-xak=kJ;S?8oqN_x
z3<)_5mH|4t>1O%Bf!9u>1RC$GD{Zej(X^^Ds>^_NW@@dNV5BmvCaENw!E$9d9}4$}
zm_^aHKQ^U8^mXIJjN$P5QN={Ku!d*lq2W~N6;!I0Y*R@VWpK%E$oYlW5U4n6h9gQ%
zhcyVVEUC&-K$UvmPF-MssA?JwLs4C_2l9#4h4zQ87%}~jJFK2#f9RM2qyEVLkj7Xl
zrrxltw?EX{jzP}35-`jpJxz6i^P$!8hIFCxp>4+W9Opv^jOmY@51llmNdryiL)Y6e
zdYaCMnhY4Q4+oLeqRf$U6N>Y~R=osF55l5zwqhgynohAfP``XE*GvSw-qPu95sDEn
zMHe4EuE5JkWNW#Oy(j=oUs^>1I?XLHF1t(!7Q+m{Ny-qfaDYk~HtlPk1FbXY(37!2
z8#GW$D!|INqwEYl6v4GrJMtFPYit0MkYSdff3NFc8u0YT)^*gLBq>vuqdW{rfF97Y
zo=QPj6&y_z;;S$Bf|6ryDCGmGX*MW@&gGd-D20qU>{6KOM`Y~lDRNwtUqe7%wFcR9
zT@NQ<F3rvs4Z58-91V(k*UZ3^TCx!s(eoqOY#998C<+Y2WiRRm9q4x>bPa&sm<oXb
zE7dNjXXPdid}GQ@cGTl2i|SEz5LHzh`z^<zu)S;Qx&lP8QGbo07emDwOQ@s2;i#uB
z5Z1!pV8YywXt?@)2#G_#x9Mkm94t9CwK@=0;}nLr4`39On-mZ*XKBb2%wWZ8jsh{V
zmH%AyH+xYRsF#LZ!wgnNFU=OJ1mT}Re`qgTMs1rM^upi@wPcwzwobCFxFUXeMf~UW
zlGW(VM3rK#u7@4$^czs%3*HSZQ^VOK4ZQ{%8=Ikv)r7SZMNWFG;gwbNeh37}psO;#
zlKoO(`D(^of-@*+^xPP-AF==%p%D>8_CpI?<7`CmNosv-dKnRpKm+>JSQruAfd)c6
zyQn7$FM;Y`&P5ABYs}QcyrM3P%r#9Hpd!3!TCcy$fQ<~cDyH5s6Lmu`(JJUiz}JTN
ziu6dzppS=mF)Um6ZBVXrN43DsPeX?tU5}L@7X59QZtyXa^ih-aHe;I9#U9!L&0{qy
z(d1DpB{t0m){CY;aGYTBy6w6kz(UZOC2sVgVT3tyfzN98gSNCExHaEF&d5E*C~P;(
za-G7OI@OJaJ*yG<1Sk^4;#a3`Kpj<~tARr(6{`|U;gPz*7ryJw{o#8efUd_fU^fjd
z;{AwMF!UNVw1IahWzm{qphpE4>@?^INOg1-HVlL-vefhij>tN#&pOn+xWENo0VG2N
zFbwkzXgu{H0yG+JpXdGzGs1423pgbkLQ#P^N_H2cmw@1!A->b7G+jo+%eIYufObc~
zBKFV~U@ne4eHc9<;B+R>N9pULa3h1cpn#}<mHTxl0>MH5mTC6>kUpz5*PH~tVKCOp
zIv3Fkd4txx3bYquRqb-6M7a*N-G^w$l265F;YqlPYUIPghcb{i5_U2Yo)3f(QL5Y7
zzjP4Xr-A0=xhnJ!oy{8>8#kgR!!DG%$3Kjg6xke1c0p3oomGXjDeLVb6;I$@NTXg&
zHR{hv-QZ~^=@gT6nn^m-B%N!LCQQ-=Ch55*>0*;~nMu0BB)!Na9b}UBGD%M~N&A?j
z{Y}!LCh2gKwA3U$!6c2Fq+LwXP9|w*NKeK5;NMg%4ok<fu^{-Kjma=MMqoV56##>>
zAi&Iql4N+kt0q+bpU?jl68N|j!!iNT=PW#%0Q{90<^sS1K%WQY7}f@G5uh3XeU8HJ
z^EZG4<aff;1D?|WN&%JuTnAhRw4VpC5@0vLNq|QHe*-u`xd0#%APt}tU@ZXpQ~?i>
zhz|f9fD6C?K(EZ)0k{HC1+WodCBVl3WdO#H@o&D&01*OUp9Fvs@Ohi|a<Np<+f2}A
zq|;o`a2cfYu^h<FguFA9qjWx&1m7uu34=eInhk$4HSC>q6R}_uy1|`jM0V=KNRJ}-
z4nC8CgG~6BgDHT+f0xs@jXx0!>_qoNIei;FE|v%UO$R=cu)_aPrtg}sL@b)3AKp&?
z!#I9BzyI0%3;v7eU!b4<|AzV3bNaUN|NHZ==k#s#{&(izDAWJy`9~bTo!|G(zka<<
zr`BEe8y4VgbUUyAanzdapz(GK@HTo}*jwMX{@=~1Ucuf*|8+h1P>$b5@5A)q{T#oI
z{+o8-Lpgr89NxblATOw6CjYbjAgmLOw`;?@^!EMw@Gef@F4xZc!H07CHhLeX2k+wa
z-ShRP9()+bZ|C<vwFmFBv!?#Qhv@42?CksJ|81-5!|ZHlJ@`<L-!9h=@eAJ1@!ROX
zsRtj*@w@fwKeY!&8NZ!hQ+;^9&i+^U2midv-lw;n_25G}ecQPIckF>trfA0AM*mGc
z_%M#;vRR4AIoaq}6cY1*zG+&oA^LZBX^=tZ3j}lnFyM*6+yJP~htxyu(HrBaE!;{`
z?cov+^Zeay8`Exb;F70Lw@eH_F@MST!+t+mKR&QBVf+ubfBej9am`?s?>OIaKkXiJ
zuzz*{FFI$%kW*vtL~ODCI(HJ+v---2kWo2;)e)7C(@y+_&FWtF(~5P$vP<JuT(G}X
zG*w(M7Rv%ZCKU^Z6UuZr)u5A2A@qwrLGU9PQg~Xx4>{OFfLxz<#sV-A{0lKWMc{=`
zqCDXKa1wETZ@o9$j|NKU1m%HwVbXu2eH8F8k>W)JKLVkr;f?uVOMnLYyqn(+J`kO_
zH)xrbqw$KMP7uXsEcANi-{kYd>A%@;6r9VDe6r!kH@p(xHxH)m-#0E)ZaOy8wtBp=
zZxrL%0e%11%C$3pdik32(7D{m%RH<Y!>7@(!{>62of<eVZ0-JDqo-C(o!H>Uedh4_
z!{E>Q4WUU^eR5*^S5y0!Rk{ak;4SYu!STyeGq>*Akm9~5^pjqHM3&kOO?EmteDm$d
z+mX9vfAt&Oz}aXYy5ghy-riw*2Pj=U%FZu}iVlk2>2f%8X=&ovosNSJA89_k14$s+
zduo1qc1rqenVguKo}EV|WoAx|3kn)LHJ$I}F*Pnd8$$a~#&>hgO_@%K?EmU7JK&BB
zcWmgbR4i9N#|Xy(9I{7t23+-28a54p15h;uLfHTufcJeIJ>YNHfJW712!sPL0XD;%
z>=V)3><HfT+2am<LHivOX_yoM1K1n~?Ex?Z@A+(m{x?JW&9O8r6reSRhOGn$1!$h|
z{`O7KzXsZ`g}VL#&C$>vAQYfE>izBed&2l37`+zi`U5nNhxP!W0L{|(w;u!T)1ZCi
z1ONR$^gbNKh4Hq*+@O}|qGd-v3|j;lru<D>D8BwdAL<TzAL;_a<qQ$L`?GE}@J3?P
zwakXiKu6Jqtf3Mw&Tc?AHYki9TGBy1p%mhNuwm>j?!fH;9NI*xO>om7_QwKTlL>Ao
z#0$Lucf|x}w*Y=?32^`P`F|~D`FEE@up(KCOl%x8OO}-<BQUJHSy)c6TqcW1$%J{3
z6ri*;Cnqy5ok*LIGy{7<kI0Hh$_>v+o+(R_Ce4uLMd!+r(^CrrlakY97#4vjW#!D4
zK^#s}5ReH!rj$f<qA(WKNX~@~|02*Dtw_&IfzE<+<dHeqh+qop4y&hy<rrHdUakYR
z7)5$Ypj-y@Fl;q_tZYJh^31>-MK*!mFdHiyt(Xy*CQF_vDS%yz$jO^2&(3s}6+qp|
z*jQPVEK`=0CkxAtCX$k8j#tPOvXtoD^lUT`;2LTKB+pW$%imTbG$7nHB{LH%GLIrM
z19Nf<W3tne;Wx#i33+<<4D?e`ktykUNLrCHVzeSPRVEKl&m*X@d__ZLQ8EJY-d-F8
zzk>zL$O+7fY8#L;J1IN4qj^X9_f&a^j6f(oZLF`pjX}QcMBDp}3<`^Ojh+;ZVZE^6
z{M;-__KfswSzu;Po(xAfCI~k{o|K)JluV@OWC!MCWu+5PGJz_IR!k31DwN5CKx%|+
zbm3T8A(Tydz13(L5XCVS!smr$XUHg8p-I^(nX({R9wE<xW>K9e2Bf3_rCC&qK+wJ%
z1rd`i2ReC#Om66C^6UKsOwW-6b8HH4Xw``|C#obkJrjs@Du7)Z@%F~N01xxpOF$~w
z9dbt^#Ib=U6!ko_D2$<Z3YA4sFkqq#V*tuZ3a^(3%uIfcd}fp^SqA%aKwe>XGSn!0
zvqrQmJH=33YEla8B0ouPESX7_7}rJntOsPLw5Rp#W1mnpLC@udQc!pq(LOz(a|F_X
zKB$I4FUIA{U>++>`URcP&!c|9LH*SH+?mOl*@SCeAskScSX@eKtW2H<6=SlegKL6(
z_72==3e)8^OkieGULNcp9rg5W_4v4;;P9X*z1IGd{rw-@|Em%JpALowFB}zj9--df
z0OflFZ^_XA9N@Gi@KcBAAp6>92^~c&V&R;a2;UO0LeX$@HV%t~d>DKOLmGV!GM@b1
zak54jz3<`&DRdTQz(3<T8I__>GaSC*RSGzr$l(N=jm<FJwaI{THg#VIcaBsY91~zT
zCIk?`X%WVOxxgxcUub}6eiodplAwMeaFYZ%*r?z$8q#^x%^my&CpHc0>f<yrI0vFV
zHJR!&7y3>I8rf8vH)9d#-Y_5PPlwYq7fXZM1oY;Oje>u2z|W#i+=z-RP?5t3MnQcv
zmK69l-mkk-EwkV*Z5U8-hBDM+610+0ba^licc?v?lJj(EIS1S>8RWfSR4K5ROaclq
zAdxH>e>j|$-GKi{=xH?IlBrU3#*BnLs$-n7KtWE)z&JkrJ-;hZ<-&**&=0yVMd?C{
z599cQu(6apd@yUEhvq_mtBQEeG?B8gzUfHwfEJ3oOod;?qyeuokO^vqW-1rT&`i&u
z<bnMIj*EQ@{B+D67e<Q1y9qpOq#@-Fw1X(V#u;cKX`>#D^NVtNEqE7yqp|M5pA=~1
zfP@twMZ#oc{}h+vLOsO2epZoya7qU|(|BF#9WqCJBYlqr{^af4c4#{I%dkd}=YS$P
z*&s!9_iC!2mJIY8Os{>=f~UdnxZ>`35FU*u;K_I~UWqTmzr;7=JMjZ}9ex)76~Bi+
z#{a|_yneg{-VC=~x7ltN-0r$Pa{J4T&iCer@~89D_&@M#`Dgjf{1<$Vpr?Q*@Dv0K
z!Uai!8G;hQLcub@O2KNuT0yIT>CSc+x&P!j*h}bD>*XiBA#@SrVu9F8>?8IU2Z=+)
z;bN(Hf_S2Ms(6|>MVuzi6z7Twae;WQxL8~!t`IL0FA*;juN1EquN7|;Zx(M8?-1`6
zSBVdZtHnpf$HXVaXT=xASH#!Fx5W3v8gY}jS==IS6}O2oUxqK!m*vax_3(S<*X9T6
zg0+AM=)4}hAv_PBH_w+hnitF)!;9o?<5{~^yWMwN&)>}7&fm>Hz`wya6W9ty31S6P
z1+xXkf(3$a1m6kv2`&om3w{^q1m^D6?so3|+y}Y4!w3W2!`we||I)qA{iJ)N`*Zg;
z_YofH9&(QYk24;ZJnnildOY*!=9%T0=egSRjOR43IbNjKYOk-os=NjY1;S+E0^t`z
zw)a5qMDJDJd%RD0Kk)wBn=Kk3au&IZJ{Nr>TJH0WPnFLFpT|Dt;$(5UI7h4y7l9=9
zfE<p9Pl#W_XuW)WeMkAZ`}zBY`Hl0-^2<X86$~I8<FW7XU3ed!BQL})!7atD&~3ik
zQn!mR-luLDe>wj<m`N)^q+q(BP_RXCS#U$(<?ibq?jGen(|wlva`!LXBRrOQG<aBh
zmU^!7-0ykTv)QxN)6C1t%g)Qe%h}7#%iAl+E8J_MSBh7z*Icg!ULSj{^jhn6(d)5S
zix*wU650q|gl<ByFi<EJ#tLP^nZk16x58b*gTi{@AHr54&AW^DFmH+X4(~b`J0`La
z^@h<qiNvD$qB7AZqHUrY(RtBbQH#jjr>D<QAA!$wpHiO+pA|mqeYX4j<Wmo_x$5)8
zr`2aPXjHU#k~oo)Q?@uy{GIr)xK4ZlbmXS^j+o<X?>o|$@9XEA<4gF?^<Ct<(szsR
ze%~X$mwjLQTKL)c_4ga@=ixWnFVb(aU#g$nZ=PSJ-wMC=e%t+i@~iVZ?|0Mhk>7J9
zTYvq}?waA&cprQSj?TX*p5o*i4ph(j3jDVD!FGavM+S4ocjI8xsNV@@;4Iu8=i<(|
z3y$Lg+za=?r{O7h8lH*g;sjoR&&Ai`8(~du!*@WtDp;AfU{z}HCcGJM!CUb*oXd0K
zIrCh2I8VUy;`#8V@ltqcyi8s$kKh&X=JM9^Hu84!j`6Oem$i!Zd|5!R18^sNB=iZ`
z|M~p?OajzzQJa~;dsh9|SXd5U5W3(+H(D37wWa+(22`aPjmGPWTUwZpu%?^!F~{&U
z3#$<pGzP8I(~QPgI~kvd^Gz^pd@vniUEKBkiya^skN%AV_aF~8$xPVFksIKP{^0{n
zXfo`A){i;N_{%c8+ut|(AFul9YB$SM@oP(aU%^Z1j{)M=(#>dQW}JDSYG2K*i=6am
z?5g~W7HuNDTRX=zbKtFnq<E#rFf44%CI|3(;I<Z!VcN3d;1Dd6XLAFSa%DU_+y<e$
z*mez4$fqY|&rZ+Gl=0X=4X{?W78BBv@(CHQAKn)sy4u?55!^rs>!zosLmUOpTD$>x
zKU7S&?P(~Uke&s-BxOM`V+J=c0Po+c8_$jB=Ej5d44=upy1C&zH$LvhcNe+~C*uhw
z%*I3;yR)*ji!RJcf(xi*ZeWf)H%G4T4#!>f-3@IoMjdkD6shkqS|*>Jo-E6QuDK(*
zA#Qjn&CygqG;@qzN@K%B)2z%&X*BGIZM(uIjQz~P#_G!8!cQFIhUZ+b8geu+Z|0H1
zuF}b`?2gR-IFL3taQC`9k`~S0k7|jNj+b{Y!^~bp{C0Tv-XN!$rxGQib3vyAZSs1R
zlIgogG<@EFo4oIkh*<-E;N5sNKFKWl>n+d1T+9n3n?|WlKm7dR-;3_V`HAb6ULVu?
z5&vGH)vIPjMZjv^&-C%1Z@HZL)u-tTWy6%^N2b{wJ$77V_iJ@Y^MG!|&83c8PrP_V
z%pLmR#hAYHzp4Fl<o3!(Uq9F~v}aM$i<PswAGjl3H}-z~%lp>fxO}xm#=UT5h344Y
zO_8BNy54t!x-9K_IjyWXKBFK-a%x)eya_e7bAK*;dc0<q8E7hPL&;0L<OMaA{j3>1
z8Fq=Qo@Gxxd6HOl@kY@TziUn5#jZDSHwz{xy}5Z88jUdojHRP7kJA?POe2U~?@^<2
zlJjz12}*TblXJ2t9qVUHqv;q-+yWkEGz|BHDeO0Z;e~tPg0*gI@dd7i#>w(bleVMu
z8fB_bfdQ^ihtlVMgBdK`%E$qoiCZJ8Y}6A2)`<n~jPl(X1MvYHL5F$0@m_k(;UI#P
zzKnFk1zsb0rs@Ifhh9>G(JjANT=-=EBz()0v>#vIwd}WlT&YF8XX4jUU-eW!a#(5^
zl>IDAJ8>?q`7>QTD6gwcPRO_0h22|+|M10*KD8ffC#}G~JI#vNd6xGzbL#LpZFlDM
ziwoZ@vu`Z)pFVg+c745PhH@bD<A6suuEzQG%MV*Pyr)IN*IpTpHXFwGR?gdlmohfM
ziYE;#-ug_7*Rj73yJs`5WUTDlNBSDa|Lto?zlL$1SEn`XCN!?$>HpRm7JwpACS%0=
z)^K$CjBJ@4tz*G^*YWz~uEL<I{e!*<3fph3Ti2Xq75(XsmDj#=VUPJaTerX`I)>fj
zG{bMiU*E1+arIDAVb>|g!xzlHe=BgT<MPKxMg-P;btP^0$Nu9UmwWB&{_~*UQzka|
zaLb8|TerPpquJ%*{ZEa(eIxl&FO}Pr9SNUL-n_<HYTfJcifc(C$@qR}Y+}1E4QboD
z{duZ5WLvKM;nIhRr#SnLDpQvAJ~+7ew&uL!rn5hp%~_ZK=@eP*<6gvpfCa;^Gs71x
zUG&MwFY|*2r2Vp)$iHSi#f^+5`3J8i9}8RK{qxU{_+8IG-O#s%Jalze94WfV_-2md
zPN(gz^|?PEic}6^zUq4L+i{;WZ*!dGTTbcMaVaehBo&Rbkn&T@&J4%!o+vjMEsb|9
znJ&e6o^d(B0-u4)@ZrWhEb#t@HA>`-q}F(T9z@>s7Mfb<p6zwb7L4eqo0Oj9`dZad
zL|)#=<fM@^++34oa@+?oH-O=e^KstVQENw<wnhfw9j(C>eCR57Gcj(#b?F<d$Jq71
z6#i>eaxcFGj|1Hv-~$jFgBbRB&*Fc!ew}w&*hFYpfoS(9!?Ez@#nW-mf(>OuyX4sK
zygB&#+KbERTNXqP{%Vy!-QmXRyM+w{(=2}7<F-5NaEr^3Wd6Odl&o$KYG+u#FyH8&
zIak%Qu5stTb~fJN*3Dv{T25TwGxg>{&jEo24+?%f<;>u2*z$Dj(TZW8SQnq`-gaZ^
z?Cfy~){@|W>~1?Ad9C`v`&Y|ZoHmET-NhemOK<sW^&VEw5l`n&u@rwX<xbBNwk27Z
zt5>(p!xp>T-q|wwTiW+MR=bP}>wC>{f9>A|%f{C(_@T5SzFE9`{JKK^2-lDHUFTZb
z&eCS|o^nRB36FD8h579}GynKuU&plM=v4>PiETgk^O?W&R_y_YD+~o*YVHB1s=vWZ
zS&e>rH!W@NV2el6{KFp|nDV-r%Ij<<41S4~Eh{K}MmlmUxMA7JMnm1zmXn{K@0tQd
zpd|#-F`gTa!z_WbF|55sX!?vaZa`k10xl1dW#B8MfHMGQL+^cnaYwcb&JiZIi|39D
zaUmiG?g(D8(1fdK2@ezi^})1d$0os*K@vA42QIha4uNNbb5KbaTgzwyu4&S8GP8JS
z69k-<ZQn>)mMn=Ik)fD5J4vok5VPU#ClhfIFxps){?1zOwQ!BqU(8x`Jb%;PHFDd5
zEV63F=A)KL(>aV;=Y(-ihc-Uxm%4OzLHF<spO96T3%^=lIOy&teBY9N!ZyLJ?on;G
zL~cWB96a-#PNw2_GgE#3^2u=2_Mh$e^vd0h-raZ1^1x;`_+?FBaqj2nAJYrzWNp?^
zeCg%wwDETni;`~K`8bHTV#c&>9=$6r;_j@gk7Cw)E*tn+FIw;Mwy_?^4^G=v;kj-)
z-Q#6L)%d-cCqLgz%;S9@aBhokafFR>?@sr%-8RX#r)KT+YpTotoTSemv7V#6GOg_9
z(eKAD6h-G>7-@%3R1{B2+#9^KV&8Ww+2&8kaZ4Z9`kwlW{B@l=^S)(Y%OazN`yM2<
zwbOe2ER?S8!JN5o=fpuLm$^Qzlbuib*krvsgin8@CStRC?cVp3@5zYGW*gJ*baofO
z_8}knHJ^fxrz7M5#&kG?x~_FuJA8q2ho{2tq?@DCl13)yfk(mPB~d=g8}$Y6u0I-e
z#bt;<H$5#Zr!5GjE%+;wPQ!<Ti8HueX0)CTsQ*0hvtC~tqXMPTc*z1|RWRUl;IQmu
z%!2{9H?U4wZ_{OkOWSLiEeJ9WFbS=?yv{ruR~=e(?Q0G#Im3zz3>e9S!4t1-KmTAk
zdA2t^Q`D&|7yk16?7FX)?0q=ns~d-(`v1vUzG$q+Z%gM)ntN|wMS9TE$jTB`*_KS9
z&4JDLCiDx%i$k6^rQbP+^{lk;&I~C#lNxH#ZQ!-<#_9$P*i(8r>SQEA?{a<X-eY;E
z%7a*|EpPqQ>)>f$$x-uu6T+7KbTF#_eu1`Ohjq`*6OVWO*AZ1;x21D53G%}6cgp#{
z)c2b9>|Y0~mCyFcZ@0Qln;&1hKG(b`E5@hksvYs?_JS`{yIvwL=YQ<8qAutB?jw7|
z(vTZ{Y7U0Vcbp!zJ(;t*h8HeAvugUT&tDv_oHX01+q4x8rz)-fdSK@;TKt$9FTEFB
zvy$=kjH@%9LlT8xIYr>$4bodqD=-|psT23m*KOu}6YB)WBU`*XvNudytGJ}RG%zm&
zoWVGhGJ|325+zH?$^lc=A9q02tZaKkq$kUB@^Vs%PRFQW_)t_%x8<6agXx4TwDz+d
zH!3HGpzJ3P7x3J9LV-J<kIrv~tUJo$nVlK@_l^1pe3+gWN27XiUo+~GSc(;Nntb1B
zuI}Xhya%r??!P~Bq}$j3x?kdV{M6vEJ+p?_URoxYvEIsIM`HTd{y!YuyL0i`l^eee
znB;xo`m$eqt`S}v$DE89T>4_nrf3_l$A5%n&H7|s@}8|<C)RE(YaKUz{GryLo342+
zy=!rw`3dW&b3n|ihRLcP^JZz>4@bx?#fQATq*L;Febu|_og}Ni*_MUbO=j%<$yPhw
zYGpuxW27u;VM&1W>%yt3o4v=xU2=U8?-1=WZ{?{z7Ckqn<((BUY^Sc9bz$<{m}?0s
zw>=l)v5foOcMmJJd0Hr}SZ~&S?$Fe|6?+SQKVh}mYpYetk;AF+%gbuk4eq}%zK^sk
z*XCrv{_L*fy{g7G7*2Byc*!wJQ^2BF;c)V@V1RMK@U9@~er)Q1v;b$L4CN!5<8*Ki
zO)TaQzP0J}*25vRiz|opVVXTjP8m_#$>L6bWi@ch{J`w)zgkX^&U|)$#jK}a;xUNe
z07fJpj*nRzx;D7On1CCXWmH78laI=snLY}fyHW5zNlQ^A6M3WB^$?j8N(+(pQI_;|
z^8rUl?xLDWzvZl+IkIMqucDtMJV5Gju=vr{9ZN}z;kJI!J->_<W>hBcDR3%$R#dew
zWS!NDBhMQSu222S;`X-lg_hQT`CQ*-#>)NPuWwVqyo=hg=F^5;%}e@Z;BPz9l5c%x
zvo&X}&2Lw~I{)iXpI!H2|2%iGggxuv=(%63uAjPeaQXVJPe1Kmq}j$BwmCjEH(*Vh
z;`pUqeT2i$mYYk-ZJ(St`f0<gO=~tT%bCb}naw@Q<o#H_W?spk=fx+c*q3KoEogGI
z?7N8&jGOO#VELG>{r0Tf5pTIMfA+j5-+UZj_T1j7;at|&wd+<N;V6oAYux^Na3;{Z
z^u_7Lx8=jXn7%jhx8;3=Q%5b!3f)Uf<d52aePo_M#TaenKo<VF;bpHUFW2?q{Oi`v
zn&sN5Ec4Gq?!NXF5!W&gJE_#i4qo}{BcZp`+DrdB_s5t%pFRINXU>2fOTOK;jVAo$
zLek!pr@nDs^zTp4IsfC5XWOp}Kfkoc=d<6wZs=KGG;?_Pl4TFVC;Zj_6u0Sg+UkW9
z8<VCT(pn$C)Vt`b#)5;^+XgDSEdDn8)}oBzGgsezC_8Xqq)*m$#`PHz54Z0bB?mTR
z*-7Ecf1Y~r<Bz`@RpUk+JlI`E?{ezN-UPF_Ul&~L<1F~TB5dcGO*cwobJDih-I+Au
zZ{4HEPaZAJb(~gmckrO<uTHYVcDiqwSnFMTwdXPpUTSd!Oz0Ma<7syE-2KWiX{=cF
z2FAR35s9xG(f@C46!JKExEqgWa52GRdO#MUUV4x7|A-s>KEwI*pMxGO8+x?ZZey`q
zqW=bUPHy#mk6E+46&ttoS-MP>ux-$+hR7L30e)NVj@|pwp*1y|y%wjB@^)&>pJY>?
z$_PBtZAhugzxVGhj~<3UoNL~vN>^byZiwd-?~N}VGb@gd>6`TXc1}XhfpdjlOtPPL
z|M9RN>BBdkeyZ#}F5NuO+47Ym=TpbEOM3SS=ly<R#FetZ?|qVWE3a|STaK7e^XRV(
z<wMQ}n_16(xqRDZ&ZS$ilTSaQO-YkYsqvc_#sAhlDblf_<b=ltn+A(t&h(A2pSN%6
zKASWCL$0jyDBsm%OUS2XGrR0RaB0`g!B}?{mR2*&=aKKo$I`8r9dL^RpG}-WGd?jm
zmvlHj)1x~(hqML%>>QTTYLUU?GD>Mb!NvqZ8`@3_rqOeQ+(z8n=vjg5W(;z@;ko7I
zWsXeF%^N9~<>ut26FKrisG0@sQ`%dbK`yp`DJ=>vt<e=d7p_|KAd1X|h;k}?6L1xr
z4j3+62J8PAJst4q57713<LJ-j(Dij5brDKXe}0Fq@3~N(4F6<s|3W}In@XEfMSY+@
za-RWUq>Xx!!WBLGj;3hn{}2#yf$B%WcP4O&u9Rm$UJ8`a%hQPO0KlLte;IYTjIPAF
zZ~>3FPlj(Uv`dGQbPA8sNf0+j7wiaw+9Mv(pB*ELs4vt98k-zOfWGzPMKusFs1B;Z
zr7q{WR6f;!*N@fpA0w3WjgkjHIuD=qfqrzDu@!E%K>Tm}(UMrS<53Y#0xwyt-%Cpt
z;w5Fc|61R*J`22!B;}c}ojr_>QzyUNgkI*G6ka=xyq^LJ^Xp^7|9ILm4WIm@_wf2I
z4&jq9?c8aHwm&&Och}E9jZOJi&-6PBUJko@b7gsvf9eqasGyiFTb4As=UNF4UD!Us
z^<x?K%N#eZZ|0DymEQ_~IIz5aOXIW0!Krn-G&ZffK3k(BCYB05S4g)7E!HeOT|}~Z
zE9$Rb=#H->de+^aDVe=t8SNAwn-lsxX94ec><GT&rB>RWpwo+XpQt#0ujk!|&+qu&
zwya)L7#KJ|W~%vjpK|J4y3MTq@=?M4^ZCD2{km%9{GY;?j#zVWW5o|QzOM~G|JfJx
zy6uU5gV=n}9(Nmbqhc@g+&Cp>#+vmft_d<(d1HS3Xycw;jqYXzxlP!dhPJWe96k2i
zl^tLF$qlxTV$q4N6%To(3>?BIE@m_ugdy<%6Z?W0=Z&CE$1T^|T!?sd+;g#bD3;i}
z{j$lD&SRMrGvLh8QMoJ68cu;7`5yS7j)n{#TruR^F6TVu?Rqf8YkmHw;lHeTe&nNL
zrW-fh)PQBhz8`+jef&O=^^4-E8S<E8mLlQgVata<U2~K(EiGh1ZtUXu53;=zkIP*f
zhK~0B?aLjbSr)dv5`Wlsc}CQkLS3w?E>}_Sx_o`qhAH1Q?{<7ht|*taxa@v4Al1V*
z=P%au&w^VWr`A|~k|)f3*0lHA>pwk<8)ct=;PYF9)_eLYnRPS2wj!_0PYv!B)bgM#
zXZ6TAiA5hjH$Sr}*z@M^{@tp3II6Dy^on_T+_g9n?b)B1-&T#lFVz3;b}K~Py}D)9
z<I&p9XZy{WrHOM>-(+q$T}ro@FnVmm#vVVYA8hr|D)*dRd~eo}A0n0}UpoKof#;bI
zp0BdGTDyI((?(sZ&!s7T%_mgrO3k|BrDk0^q-Vh^rM1F_(1P?v{@)$^H{-l<`(UCW
z@wj~lV{~5E_DmNVsDtq$)zX~D2B*j!_jL2(@!dUe_sMUlgSp$H+Rc8ioM(=;VIB1S
zdFYeUGN*q~hmfizAs4eP1^Z7Ie>;A6-BQi0=g%#dBu7nnHYRGBPkGuPTgg4e`YXE@
zuc;CA`ty^zY`;T`l`pz*l!F9Y2gI&hx^(1qfqKG|{u_FzhadL;bn2BKk3P&Fb7pw)
zzw(%tX3IC->Dlk1?Huv%oIc+U8Q)cWN=)zRp1%JZ(Ra?rKbty57vcF$Vyg7Ul(O<e
zOOK!UrrbGysA!bp9Mh#X`3oEF?%-|n5~5%I{=50M)$1=G<TqRzW8Kv6reE9q`Y%S!
zSiG~F?v8(9*rVY)J%ryS%wH9=U{v**CgJ)Yv8O|RldXReDfC!4SIk*a{h(yU)QcNz
ez8Q9L^S*UMTkYp(9S@$oU}0s+a&yDI{Qm-TDgv4S

literal 0
HcmV?d00001

diff --git a/AutoTunnel/WinDivert64.sys b/AutoTunnel/WinDivert64.sys
new file mode 100644
index 0000000000000000000000000000000000000000..515b72bcd9aa7d184f43cfe0fd6dd1fdc9899a72
GIT binary patch
literal 38064
zcmeIb30zZ0_cwk60RjR+S;RdmTHG)!Du_!WK`t5;#eD@?gvura1?vI?lyF6@wbr(_
zb!%&_ZLM0DR$CAk+)-<*RV!+j#I%ZC6z!7#_uPAf!Iq~!zvX>Dpa1*Z_THH}bLPyM
zGiT16S%@)HRx$Pr!$|R3EDW;`Aw4So`>#Ls$ae4au{*Qd`E=)f67A{E<5JUd71=pi
zvvU$M6p0C$nOQo;tYk$_UZx@~Q=u6hr^v`kN)B*ybMX^N&oCtyw=HXN&iZ=RFF)4~
zY0rB7xi&o9<(!gFuRG_-hp+Q+&-$`+o%nRIi2sHdzQTuN(-KpO=94XmjbxalrB2Kt
z!`|`Myn3b!)56Y~VYGmR2vF%LgdP-^2mp%PF^nV9)|bzy!xzFUK5xY&N#fzl+C&=D
zHd)Ay-vNFIt&(BtsUtQpOncPB%ww1x9TC<t%qj%g34kMf>L(s$MArYVOn@#qUx$oC
z!|);AG<ZeU5#t{P!=wh}Bqiuj_iitM;_>?6W%1fPDnJ4RH0Ek6WEA3c#5)78&7)$N
znt*Hpk#FM$WKx|;cx@gP=tYl;9!H?HL<cfrWO!5Y+B^z|xfzg?o0A9_FS|-ah+Z~c
zn@7bk!vb=W)3bnhpWwB4Nya1qn@0sao8<pfQ7v~h+A!5O+Av2kVWN5*Tl7OEw1?#!
zu0WV<@L|?a;<t~7JYu=apZ0`sqAN!3U@N?PLS|a-sPSefl&B)*Pqw1OuMC(ehTVRf
zfTpg{`8{GQmixt1@kaa<jbV%52ILdvtq6@9L7*b@&!6R44vy%1gl-)X5<Q{laz9c8
zEqCN+`4R{Fxjc%4IgY|5ZgEHlpHDGt_bUSuRbDO<Uxko}-4HMx3}Q(!?RHs6H|F=q
z5hxeM3zQ3lw40cAco`BQCaw7<A>EiCCepX&i}f|;3-v8=3j|%`??cf-&dqHJHPm4Q
zw3p;jNvxyY>ktOtXAK%Ze>99*Pf!XgG9{70$F<xs=k0zq1m`Xgnu0~c$%b3J&*w2r
z_)+eXeEC7x6_#7WQ$t-F7ej~@4neVm^*NZJf=V|0Xr9X_ufPzQDtLUi0^q6lwc?4_
zTD*VCB`V{9$+^wovw#K)J8j^@dD10(zgoO&kV70SYHcmo9r+e-7I2dvRZ`(lixz)o
z2STI{wNw|He~H2hhxT&PsM-AqR40Hc+$cxu7aPMJ4nBXZ#P1itX~+|f5uxFLUp)fj
zmLY&~4tbdr2u#1Th}w;^TFB5^RUwcyh9tjOL%Lro-gJw1piP7F_%aUny@+omWi(c9
zRP$B1jTOnV+6s+dEL(xfo*>AGa*!|o<xh*HV&()I4VXuuuUf9!_;4`8=$HG&0$@R_
zKZS*TTnn|!A328gd<is9hLoyoyPq3D5BNzDP^bHfp#q`tEs&&Uv*@dx3yEHdUjtg&
z*nFy;*B61+g?_2WG=AwMNQ?J=omFv42umb02V_WaG`cL_<DoW!a`8h`#EAlq#ryee
zhT+aa!zQ7(D+*k=FO9X~R`fuStQg$_xx<i)tdAPAe2^7fNdgQFK2FSq(nnPhB|VCG
zp{gw1FN{8eQve<aepM4SY4Z#^KaIsZawN6K;Xe8TiYzY){=-7Dyn{4`Nn~)P{)9y!
zsxaOfXk}&#+5!pH04w;saaSXJIl(L3veO~Tcfl34bm6mrd`gg)t&mB8xMl#d%nBI}
z$P|L)Ss@{SY$Zsd719Ne`ve(dg?NAm4R|oV1`fDOW>=&`C>=>0eZ9!R2u)+SYL;6r
z*x=w(Mz3J%j`e<(AQH_@RYr4jLZi7`>S;4)RG$(blM{-GaaR9>Kgb>-Whgzab1;qv
zZ2%550yF|(mk4mQcrzn-ly?M(yyQiYgPgc99=sah(#rhBFzL(YfLRZr{Bwj|;r%&*
z{tz%z1yE-a-faOiUI1kh=t}`KOaOgCpu+;FuK<#fv_2F-?Ey0832_gK-wQ>3`osQW
zt5tEBx(dN42EXE21T=MN{IY}3W7?u&rO;FiV~wRev-S|c$>(@$K1YQ~B%SOh*+MQt
zMtaDnLidqh3>6}^i#I0ob!+{yS@gn+K-5rlnChF_DE3pVVVa*}JWZqO@#+cciQtG_
zF>tgZP2@<J(qg!JE$48KfMCu5(*%a>3Xn8l>_&56SiBElpb_s4?7p0BVTY%-pT3PX
zI8_Xj9E*}|K((x4rmtb5@>o;|nL*YtG4xoJikzFWi3w#BX919kH@jY5<zQMs2rrR=
zuvBU*X2;6+*02>(3RU?}MaLmYd&B5_!{~+41~0#8)GsTW7!P#8QoKY~$MBK|HN!B`
zgEgpRtbx(U_uPrDh>@{XH>9lnS&O%0G{YPuYtCINt(2GD0y^?t8}q+otywk5QvG>U
zRrsegXJ5s1-X!ioLBS+`N1Y0zLh|@&KH?QoFt5VQhw%(!NVtaW{8WcoU^h}U8&U5m
zEZz^Ytkoo-nu_TispBUJq&bk*C;6q)CmVzv+~HwX<n<?%d_p;j-kU^(;$e2uCB`W{
zFK%<dhPGmKC|UV@QjSTmJo%`573xJT45Dkqs228k9pV=6*I-KpS$v5!SvS;zIs`RC
zC4!9u8_&t8@vv%2Utm&xDC$=+#;*pTrOj5Q3c7Et4YE3lRf9^t=P1u4jQufTKC*cK
z0cU{t$d4nT5BxRfJd_Hv5OpX&Aatk&laLZ=30tv@W)rQL-_&}(*-xb83=RActeTTp
zZX%1sH^g`8d7T>=84N}&-hD9>AT!hoeTIj&0W_NP^0Pu)@=$w%>JQ6U{g0BoI+k0>
zPiVZUaz~ZcY3Lg?M8j2Eyg7JTEGK%E7>f1*lwR*giiIIb15Q0tJwrX6Oycy$!AWBi
z>YMK8%R;D%iLi?*sPULtL04GL6bbf&)%r&goy$Hqa)nNyO_5;29X)hoHpA?a@G7QX
z2;I@;z>@b)g#>1zn5PwOU`iueWND?&hu|&cd#ZuF1X+JpW1t^aaIhdK<=vR+eMrn4
zcUVE?_#BjJfm%^oEQanbxuWX^j*p_BzhJr3qd3iBg>f+W<QmYwt@!@^Ip>;L$}RMZ
zEwvQLfMgtuLCGCsIZ|yd-7lWybbhHYo2r?Oc9S<)FjX5!fSkjvBm`tUq2Yk&Yb@MX
z!RLFa7e>PtardA!N>XNjULMANd>2K<vKUpdWU!#WD#$FYC8$))fi>0o#iPt5w(47{
zmb*pyENg!Uesm<c?{IL9_d=-RC=b%hO0)-g8T5%#5_UGSe1p%c_thYa0QtPZj>lK<
zH;o?(<rOS9!576wE0HDmS(H*iE8ivu4h^a$5?qu&k3d6!fR_k}!L86%Om&U1zk>0s
zLY9MyAKD5;VPJVof4;<Szexyx9wyI{e$6vciEPxwx2MEUgG`I}o9I0<7XBDSELUS(
z5=4`xyv#tPxD}-1m{G$3<wxfn5k^Jg1;@phZOt6kn7M|RkC-pB=64bEjT5Yp_QQ^q
zyhX+d|HJs0eXJNi(7Xk;*g}}RUqO9LGunZk2#XGHK$0Ig)@hC9pbC><^iwf<vN3q_
z6<8(ee^AiO#TmqgWP>g>?<Hzp#V1rRmM`30J-iuRf0pC;L0vHcGr~>G7#EDo_yYMo
zA7^1Q5wb1`S#rx!R)0jQ$2_sWw6efm#5DFmwmHa}N)(X0uzGXhr+hzgCyhq|)IS67
z;Fy%vS9`GfJCeNbX$)Y3Plx5j7*MeoB`gMlLOt!VjcBH=Kt2a8N|;MMdj%^COx|9z
zNRn<bfUz7_Nv`mFB7?tSxl7UEhvg+7lOP_?++p_e(zgLBdX6`p^3qp$L6N6XG19~0
z{l1#y_ME~zkmUxjoFi*+f}~|!geGiwsIIqVBtPa97Vio|<jxo?Fj)wm3ST~xz+pr4
zs?04}4n-HE!$2e(!2lY9C>aM7O<1Bv!$qJyagc)BDwtlie9hsQw95KR7K_G^2#?wf
zr;B8TDL9>shK`H|)(K=ZY-I&|3hL=(RCRv7ygh|j{)ng2B&}c&w|M```#23Ol%s?n
zJ~lFOl9zf*Ad@AcOk_y#vj*pO9}~HHhs5HYOx*AuS;c6`X{ic>GD>!cm)?AZ8T!+a
z<?O}ATD&un&q4z-TQ?~-n!qFmHmrZ%DT_BeC8~*5Ny|}_FrX~n3fOcJoCmPQdp6HK
z<}uDKi3dy|K*h}1Pwj{U&J!6U`Hc7Y^(Ljm`E(yb)K_CxgYLmxpEd6K9V-)Ib~E<l
z=d6_qYA_~(Rv*)X#^Sw?_5?cb<-t$%fQ`jIb&7m?$ol!2!~@Ct7;3k88;E_(Af4F#
zjV@!DEYG7TpBGr3(=nCo0`dLWYZhn;M2dMLS0QlF?#I)1%jBB{_3k6mRy3vE60|=A
z$vjLpHAdGbh|`=4i;?cfZ!M8e49=lf@W*LouCGFm?#2?Qaa5F&Kq}^-n=%-A$$VZP
z;;5ItBd*{F7NQ1=w+b^RS(^zwLLT3>7}`+yNZ9FA8HS6+I}wCgZVg`q6t;*I%6JOo
zk4FaoNHeFr>@YwqC#-Pqt6Us(jx3k&YwiiPAP>AIvO+C^f9CH2JWXe`#^U`Q=3Vm5
z#ZqjkCC}+IjOj}A0u7hy&sIzrgg)1VW%_F5!!ms%xg(L>uf~1dc-cy3G~vtzoLRh2
zp-n6&BXwxW4fiuhxZ(Z=wX}S=qD&1tkj=_Ju5-z0%MB0FaHEtOZg_7j6Ho^xM1}Dg
zZ`fOC*BN7;R}<RrV^O8yj+I*STSRiFE#5QGjb^OyhEsR)oxq!qzG#lM6H1m~uYv{(
zWY`ICZ3S!rR+=iTG_f?fWp%AYt0~M6=;c@s+m#RXvp!w{t{`T%bG|Hw_a4wZc}XP(
zkF9N#$V=Y?sHi}+0~?S~m#buv70D9yz{5KCl1iP+CvN1Hl~Ym9?MoP2QirX4XI5dZ
z6@2YLK3jlWdotD6j7j)-B<&laGp!xjc_H;<$3aBTNc~8(*wP=Zdtu)}x423E`^{Jb
zRz&;|UL{|40wDE18micI3qEe~_T@{Hanqe(Inq5R1h9%xGA`1?5am(sRB4o!*9?;C
z0tPwCOAR2P|IJ@sT!@H#Z<I8pszyeOF@2Rk8-7_{nhH235wj;U?S#zA@JsU2SiYdw
zyp~$9!d8s;Vk<^_8PmE#3Z##M{lZ2dhox8q_EofK5?S0p3)!3+^f!Qz+gYdsZ3(TS
zwnB51!RO(h#Bir+r22QpbY$!aKR^)XH-yBwy?`>@goTl%->~vXw?#-5E}kXH8>4=3
zbsq^QC9)muv!rOc){q!!`9q{tZ~}ivJVmXqYE1wbQJad@oD*RF@ER42F|!A>64Rbg
z8pNnUp;5BDXLu$-X{Sil-<F8NI2i@8ZxUv$kQ33KtSd@Nl?in!j4P?S8eXAFuM}X$
zT`mX&L(jpu!k=McN`KTjN7Hz59EjGGT6EsLh34h!36R<06Ks)Hk_WZkZv$1TKOFnl
zRY!BalakxEoC<MMWaK41(sDOSf6TY%a(!8Ds^WfxV1goi&7DLObkf!Y@iK#bqx}eI
zp1a5zdO4rpqBv>s9?eJ28mpe6THLl`v}?ID8tzCm_c_h&Dw^A2S9LVYFT^abKde+w
zV=di=Bw06(MBXu`X=wm%iBl7pWjkjpDrUgMv1QoAgcBPCaiWq4s-%KCp8GNd>ZG!G
zHzY#e7y4=3<)v$&!9eN=Bo;_mO~b(OzVVmTc^HbffK1l7h%iwq)YZBc%i_zzdn<g-
z4t~^9B==n~Lbb@N%14Tpv|7JZEHgrlTm1QoK7viyhb#sTexVSQAi(-YKZ*EU&b$4@
zZz}j@fklc7<B%GP5c`S=0yjS+#cBK|_37f*iqXy28|`%}y-_MJ*@p~1@_{w-mNoL4
zHL`{x4G!`W(#w6AJ}OO{5z}%J(ij?^9r)qt<_unGRMsL-z26mIo+Vx?-jIq}*;v9%
zwi))1CW~fDm}e2^`GaZhBZ}1jK!>a?-p|BSx}FBnCCV~j)^saJF3uBJ?xMx}%rq)o
zKz>Xvz#6U+tXRBTgC?nZB^AOV0RgS8`K7Y?taaOw-~W2TCyWQB9>gto8}l~Ez_++O
zfzocRcrbj6bG)x1_=vyTA+M>AXacCwN4!e;oZA=42+(<xNRL#!9$ggm=vDNbV8A{C
zF1MQ>+uYGUJ*We{^$p%SkKprIltJrQ+HQ+A_XojJksx-Pup8He;MhijNqps0j<%?Z
z?vPH%OF9Fpzhf^iF-s@{-3YNpysVK!kQkq}LWt;w>i=}Wq{i!n8<EvF$mFF%fX_nR
zu*7HWVUFDO4>38C-^@j+%=TPV2y3u2U3-ibi=9kXiv5Jn*t?LI{t4=Ag}RU(T<C-u
zX4xI24Wm^i+RFyq!Vb1{BKQ|PJjC>Zl@d{5A5{JRo5dn8CDksk^0Oa=Hf<-0hS8}e
znwogl*rI%???O;1UPXCG8TCZ77%5QU2OaG?lKxmKi>i!zi>2y@hkS2kiyCY+nmRQS
z(&tMh^GB7dq-9YFCUXAyvdfmy!d%}Vk(b;hMxqkRqGn;yo{DKTn~TafL@gBegwRpO
zBfiAnGQpFs#N^Gp37-&WWMQZ`LuizT(k`olTpl=PHO3)6q}(tm8tliwqXGiDl=s<S
zx)jDUKVmrqnTyMj*%*c5B8j_%^R0Lc$|=y~0pmz0ZY;9-;o~%&k6@nAa*XlDeT#)O
zv0#|FkCuyq*0^=FVvdK-Q(nFckc}69u~>qylwL7^&d)1A{B;&Fi1`JB@@4po<b}n<
z3-f>%<{QoBD&UD(w{T7cS2iwTPvJZlPWB|08zZA(UPiq#A~o6&VWeasl8D#E7)D--
zF+|jAxM7pHv8?`vgv6uX56LsZ$BiHG8hLn<NcO)&lV-5v#u-fs!eWreVQVXB&s<m?
ztmjQ}3}?cI)BOlv3CsP22~u7{_8VqXw<MZNm2qRqsl!$VZ`TH3!4Emhj@dgZ&^6Pe
z(V2Ync@?F}2n~e-(Zqx0h*GVulL(Dv4GaDJH8cZ>qEMF~H|~HKiozuroVr%r1m1h3
zT^#rWN0mZXkVA|vnB$MGz!A(Xez&o)6Pla%G1;!?dnAUt(bzbXyrf8M8MfH6W#sz=
zSE?(<_`{#Kcuzx(Hcgw%a^v}y6`~Bu(6(hsLd*CzfsAdlK9m^0LJ6@|o<b$4fa<Y$
z-|b6!3k@T`AeH=rZ1M~8dAH{A{>b0xLGW>IY<_dv#d|8$7+$Z8lZj=0qgI{zJ6(M$
zdf?u=*0ieVDac%7U=<pJ$`?zKGFBGXbUBjGatHX6)JV>xDSvoB$`=Nv0cxq`w(tkY
zF{R(gOTH&P#W<-aR=G(^w)Bd;<P-sI<|KF>`vI~pm`b-J5v?EO$3#PVu;S}^B5pKq
zkm<pq>2vG_=V5K&HXJacxg&4ibaH)zz0O60DT;x@ndMr@oz;ZrE|lvhg9P-T1e5)*
z@-<ZkVLOxM^knEXV6YYpVuG(hpyBvKQ&JZVt+kEO&ZIJV-YnOjExj)<aRo6>pkO}0
zLmq+3{fKNxfH$1n9Sww22U=LH0dAK!RIEZ%E^NtaFieyfCH{a@oiW%c<1S*Sg+`9C
z2IR<}sX(Ych!13kRXNoyM~d4ncpFyk1y-JD1r1JW0^fpVGJzm@$;6Mmlq~ww@brb1
zCz^war-vvg@MK<KB>-ViBWPzriKV%^{7aP5U>nPyZ_b;L7Zv@KaJUQ{EZ@mHY`P5B
zi)5A;`~;bDVON&6!7!a1X+mlWPf9mm?26I`5Q)U<B89g7Xf}$)J&Hb!x|A1zojDeI
zavy#e?@UA0E#Cg)p)d>mRLs1t@;!0!$o~TQm<2DOcvnRKjEFCMF5WIjdNd-QpZEYz
z1X-S65B=!&68&u7KaV+)Ni#bhb0RB=k(h6@Wcio-z1FQ84fm|Cmb;1LOO|^WT`^uI
zEQf=StIO|Myq!@a_CK*G$#V*>Gz~xxu=;opI&f3Ku_e7AW58XE=1yr1slFEPmA!xh
z^!A;hMir?NEN=&CxYGiP#XB3>W~_Bb4vHbU)*9zycZ1h2bipc+Q<dc^3=w`vtwYKX
z;jb#WpBJn@;I{!uM%ThHr?+8_(l95)+%uY6N+kf{YO0L(RVKTxr@J08M1&YdD$TC?
z#NLcPQHeJMu9gPNYrc1shKNv$cgx=BAYqeI=PT}vH~@y8HaghjN{gKQ_=?dAmQ!O&
zYrz_Difq7^$Yhx$OUXqkgRg`~h0OC{xi++AXlThAM#wCq`7K?g#rtDk2v>A6qR0EJ
zN344;HdD-V{3$<wtkv8+L-z0S*|YwKcowFm5{-`J>NMp)af{J+4}-5*`;1>?Ov18p
z3^9NmgYas;-(EpSHTD+PMi`TDi7ehXX`Kh0wnC<sJ7SZ01es=cei>0q2MniMQD@Uk
zMo9er0!X|~hYV02P;ue6%S^w4J${E`3!mlIhZMVl?$cl>(gKlAX3y|58gXId+TdnH
zHP;|tUd5Mm`(-L`2+3#Fgx{hqimw1s7cQBF<4lL20L~lA&yz$D`vO+d(3!2s#4ZMH
zV36@aWhv^S8)get#BW;|FT%Stj~CjZ8TfNvJEFv&O2Jf#loZAbgw?m1N_L<UqAu2l
zsKV$jHeyj97Vc*(8-5ZS58j}{hX1T{hQP7U4|$3Ud$=8MAQk?b{IzPX+Uf|x>!6Dt
zxhnELtmmDgW)Lef+L2eX+%TvWZthKb+HD0_>gA@}3Y`hWVOycWpCV_49RzF{%rwPg
zpB>H|9^AjM9tuT!&@QGEwg%duO=2rf!rmyRVvFGdhzLbQAMo65HCcC1z8uM2h~`e}
z<nq1Jk*uXkV_(aLpUAlvjT!EoN#_v(_@rn{HQ?It%Q^Mx`&AO1bA)`4MrI*gcrY@x
zeD5JOccRMVVPC^lRT(`}?5k29)HXL}`135`vIYiBWUxie-DA10u+<?<8j<10@;oEM
z&*r&n!UVG-FR8)+VfBx^<i&dtE0?H0MUxnDr%zt88VTC%qjB^^NxCl-$=!_(|3Y5;
z9OA0-MUFTnxTLL!^k?<I*~ynC1FDwqiIrdpcvc;LR@X*v>ZSA2n<TnGy~#<}MQ@Vn
zGW8E7d1-8g^rDR97G9m(UR@rlwXbA*T{7<l{6&JBzuU(L*HwGN&EYsXj$zdL8}jI?
z8+Os*=j6qYfP?1gyfKooB0i3bnTuSEshFWs43REi%{jW)<(LX-4^^SXQRk0uOL^%L
z6nZR)y;QyaH<`TnJ;b6bvK`H>)!`51C9ew^5E1QxAj2av{H`vLi*(hL!Qocn(}RWr
zwn@pLDiHUR@2ysU>I!t)_@p~GJ<S1htSZAN#+R#><I)P2bjXN>aE?{g`64<FC$KOS
z_+lSG%bmogINCA9xDofjG+1*||9KGWc`p2Qo)m+lSqcnC>p1$0iRH&qqq;odS3coX
zvKp?ymo~;8YPs*U+#R})N3#s?3url9;MDnrM(Zt*!+ThehwbLCugFXEz^RxashHpe
zqoaWrmA%g5UF=8BXdQozZ3!*k_h9In%B%F>%Khqbd~P>LB`-}u22@<*XWbr-4nKzd
zVL%IS$O|7j$cr_IM~B~)FAFEsa-E;EXoumhVS8ALT2QI!ELb>5daDipLtZQgZpHM=
z$lxv#Ke!=b@xIrU7{a`Odv$jlq3MiY{h)Yx=}pA>QkM|{Gm(w^*!HKR!_Ue~s|a46
z=g3_&he4SmNSVJ-hu7-b>2LSa`SiLVFL?zu>u);=t2+H7=e%K1+asi}>hfUL-pJJo
zT=P7~f)QR$6|r_;5is;T7$i8-S~_#B%zF{FoauE^Bx!Qc&C;7%=!WPY_K=r855g5=
zu8S+8lL8Tow;TlciN>6Z>PxA5(?U$<{J=5gAjX#fI)tLGh((7$gqOPrr9#bvn`V3Q
z*&icY%hj8)76F$}lzojaD|jzW`bCF~;Pc^!<jeIAAP;|hAGm=r`?QD;EBDiFG!1t?
z#r~eQqP;4(a=3ht^ty&Sq2_8Ztix+`V|$&{Y4C>O?SZ#F-j?Af<)yBmh{bZ4)-TlT
zkITd1_spGzw9@QL5n%(|>`HkivjYV;<S$m@DoJ(laU6Y=oRH#*ynK)Lx<vo5gM6jh
z4y=`Q#8>~&UB2=Gaadx)SO3sy$#c4l;L7kCdC5EW3<DNM;T?iE0B=XUZp0E@HP(h3
z&Gy>xI<7|kVwLFvAaKk#fQspu5MM{}PlWhZihqE3m@sjp(3&dK>i|F@0Ha}N{)nvO
z6x1;S??AjHhPG5+J0RMQn;KIB580#jlb9w5QCC06(G)F`gjF%kf(8(Icn+osd|Vq|
zZ_*;h(~_EZ>L2>ZS5}~I-4eY?u1iOKRDT5C5WL;+`al}s;8jRVjp^Q1e%wUMOrC;^
zDT5~lHk?goc_^YX(_t%u<Ni+Q_LQzwCXG<5*3VIYLt)x1An+-b=|xI`wg+e%5Z9Yp
z>(Ws57`((vKfKQfY<Tgg<7JUtjB6w}-b2mBc*#$w<;T_X6Q%@#nHVQi1W$iYjH4-x
zk71CT4q<A*aE_7Cn74zhu&vjk#>^26&Dj$vA(&B$OMxwFOcJ3YoPEZ$M@0%$<kwiy
zI8>y6*jv7`0iu(a81dCV>?U7Hx~|LDn>zCBPX*gCcuArC@%oS)>Gmu+UrPC2m7OU7
zJPD~iti(hMP%$Ml74iu|Gq5pfs^d{bO*urXd|qdcHpXy<2eRf1dQ*2@EUFuZmn273
zx2CFT+Z1gd<yvKO>w1#k$rO`PQxzs0H8)CTDj+Fwqok&6UR-;J+nEfMC*SL6Dik6_
zz}0+E|1fw-hAu&G>Z2QtDrk)K!Arx|J^W<e926PuVbTg^hP#`FJuWTd&6HTVvnfl^
z4WjG9E3KH*!ZcpU8Q#hyMQOb$L^l!ShvN;!+a0eLyiZ5i{TlN)HFvhxX$&DVOOgnM
zfE`Vz`D+V8N^1JdnlddG1rIF7v=w0D))f?>0Qx$4Rh?b0nqH@aD~E-TyY7|ifNR)h
zzj;#bg1O`HaP4)EoICS>9*!*6oNwpf9tMak=PFk#f9a4K<*{`YUZoqZ=~b-@rB6@#
zw5N}|21^H3_&Kgh{#vEE7aw_}(%glQyk2Q;!$;OvnmzakOqdfNSyKsuvXo(*=DMBP
zkq@Q&N!d~W_upSE##-PHNy2}Eb$Y~)d;MXy(Y2m2eJZ?fvsrXq1>cqTv9;V+(O3<0
zm*_B+Ry=f$s^!iZB~U;tZoSl<?eQPBe{i)_uV73UQ5!C_eTYBgsEp=L;LwS7VHo2%
zeBgO|Q69~6L<jlC{UScWkX9S)8;g*iWi3MFtVNcJMI3}8HYL(+N;uk-z)m*L6v0r5
z!KtwhoOfd0!CtklHE~8Ht<~T#fwK6PX|Upj1FnLfuWa0z#y)S8J5>rznTo$Fq})f+
zSC`{N@nK4Mt-Rz*B<ZfvKA|rFxemy_LVPHH83_loA&aT6TzcJ4t{zyKH%}FseqEB6
zCEw$Ey~-rTq9c|ZWfgst^ij~qgS_QbSU=r$nf!%Hb3ZZqQl+`47+qUw?j%N6SDL-V
zD742}jIOCf^WmY6gZgyg15Np9@<ZS#8QWltp`U#<<#0_?xN+B|eB+4i(mu%Jk2M6@
zSdU%#6W5v5xSIF9buH9HPS`xK-m}wkhv;6}zRg^~$Hq-u0PVbRKd=vOVqcuCx?{)U
zQt_NhA8mLg?hnA`vPFNA(B%55NPNt|p~m(Me`^8vnc9(k6mF;uLUyEl@2TkUU*t>g
zKmlo+5~mCjR2Tz->T=i6!iQn<Wez}87cLByILMbh1Re&uCe&^)_1{9L!Nmv`d#0$v
ztK>_sAeX#F{dp^z^zYDiThZuPs_<cZUH8I=9dw-|!;(T><fUr?q$m!JIWgKwUP{JX
zzNbpx5H^3Bw!(V|ydlguC3Xv0FvKk{jz<`6f5LJjGHhC?qd7>eUl{5rH}_N*A;b*I
zm^%qksI1vbhyrYO7Nc^UV6{gb>T+o)Tj4df-1S14=7L0Bt_hV?)=A-9yVR7qUJ%-j
z#mNObJ}RZCRLyBZ9TAaH#03%9K~1PTBA8w^p{)?{0=LpoeM9FZk@|*?i~6f^NpShQ
z;7i}&vbc-B!Dq3jzM+GBCAmC>eiwc!biH6_9)Z|Bjja6zvkI|#^FVxmMvlE%sc-1A
zFiYRiZE;6^L&#$6B!?}DNA7*(I+|M{_A6ozW*K6?ASO+Tv_A=s&#|=hY%9!6RgF7A
z6@yf4)%Q3{#940yHYczfgj<X{VLu1gN@|RMfG_Jx9)2^ALt7yjvMS*!CGF7B<w`w&
zrE=A!;S6&f@Ar8B!21(kSro&x#*4?%kq;P&ojv?5shyp@qobXJy`3Eb#ObvM2t7iN
zz4ftLUu&3>BJWhfqp;y_JwmbB(~7OC@<@45WwGShA3{s2j(eD7z_6CUE=8!8b8`SL
z4)E>|01Cf9i92xn$&a;oKWhCL`!RhjZmspgs`+)W6ph2$oLTp)oOA<d2g0>n>Jn|K
zDU;wHkK}%polc&@0irkBr5FficfU%ia}z*P9wLq5YND%54te-<Hj3Emuyl~RuzaR0
z+HyRvK3ZSrgww7(r)aLaTHc949jL%kg^KciCRmE_Slf@(D*PW^^pH_7OztqEr{%`E
z;09uqf;Fh?w1zQ87-|>%<;ggg2GjvyJ%9~)pQEl${Ave88tJWKiyko^43qQGJ`iN&
zzET&tuf|2i7F87@4K{vYi%f*EPldFWa~0~-%B!96j*)3Ot&0a$=8I&s2f?rbsdd5J
zIL-yz9aSoV*Ad)EaDg#P4MFP(+K{&`y2wa1L>DzsAlJ`@Ijt{r^<zvQLx)KMjr{WM
zhYVIl+t=_Nlt3NSpE{@oYdLQ1BffuFy~)m|kNExpOxoB-f73tki%6!t;3R+TADb$k
zvVSx#4J3(rR7@S@i@xxn4uaskglg0>t)XS!MZSA-(eftk<@=}JVwo@W5Bh?-rLmiY
z{;9I*AFWs)$+v;z3xR80Ao_7G)Cti>g4Gf162WT07vDqFePhs(T7fg6gJb}<{HOl0
z8FRQV<o0q1oE(}AG4Q-K7<d)lO94X8_YpJ<5Br;ZvCb4qnU0~sA_0t9f85+TM_8DL
z@i!UXCgif=hjexp@QH#iKgRy+*)r`+;ua$2OYR{XemW29T%)wwVlmZ0V*6y6-&lhi
zN7O6arXff%I85YI4omq|pD0Qh99RVS`&v)5pu#N<32lYL;b1D}-HkAClAmago!TSv
z<x4>s)ZRj_F%nG<KZ3s`%rG8Bl;!Vj8uf=P79KhgO>;zXRcNXb2Y{S|X&8{gvQn{`
z9fd<{hs%_%aJWw%w;?Lk+~vMXW~XZp%$0+XV{oVx5RUT*4hsN;W8q{hMVhV<@OHZK
z-aG8G)jez6Csy!Vo)3+86No*!M<|pcT+{m?BXoo<zQg8zg!>SUETULNhjI$wPDirg
zm*%Tjx@L~f!jO0H=lOG+X-8dul4hA&b1Rnf_5d7r$VhIq-o#EQ_QE@i0G)Z2j~TGp
zi=%yQ+Eeo&$6JBgu{f{j(2}pep9^3A*SVwg;jwud)Q>wK9sVE%6WQ3PCO+Lxp%0p{
zVE|lYgHHZ&DWe6kV&1tA+9)!Dd5)jjtfG7D|0~cn9|&r^m4fi9+(B%w8g}1ltM*oO
z;PYW|AKakL_^P`OtmPP8TL)u~P+&tu11f|`yer9rji&yx=_O0IOR#+cF-y14ZQ`{y
z@l!VO8k_iGn|P&7{D4iIuBKV(@3x8Wu!(QCiEp)uZ?TDQu!*m?iF??@ugV|SRc{kN
zWfQNli66F!ud<0Rw28;t#HTgJt!EOE92O>DX}RNS{jCP|eFlGqbWZ1~=2Wtn#8~Nr
zOIrJLY+{YJ>$&K}>Jgk5Y;c4J$I4jyk+S=0d%4b4zDI4Zud8R*Y3*yY!6)c60^Kv!
zWO!g57!V%Ws2EO-6DA;>GZw)f34TAU(_;;OJYTU~6+cVG$@iR(-Y*fKX!!@{09NI6
zWFK7C-*D17YI{|&1`pQ0hNdKa-B5T7j(K51!ijesT4GvQwTg}v^;Nv@@C*C~ol99u
z(ObBG2o?>#L8E`r9{vFiv2YBDJ3=(+U@As<32z-gy}?m1jH$=lkax+v22(5<YuJ0d
zC_%FUUj&g$l;R5^G*Y6TJ`H)b!YobuJc4FT!w-!l<Ht?Xm_&rrn2CsG0+t3?GLwU!
z<OpN}@LIKF8Z#9C{VP16{^$8GOJLS6p=hxfZW6;oVmMq3trbk$BgAsVaD*847eg!F
z`j3Rz=VEwY3|&OLJz{!+7}kmPJQ73q-9q{9Vi+ohBgAl)7%mXQHDdU_7*>km*J9Wp
zhCX6_DlwcPhE~1<#QHs~?H0p2x_XZ1b1~c}hHJ%8Cx-E27%PUMVkndrzSiF!!d%B-
zy$atN?-YtK%t$5!KZlcopCU?QW+5X1Z-J1-e>KcNCKfSAhE_B9X&m|sXFLMjpHVa6
z_%BKf!<jf{GJ|tlrX!;uG^XaM@c&9@7$_2*{tQ-3cpCmqI%C1pB%Zf${K$?#i|7nw
z;HKbF&3c-4Jm!n&P5cW@+kBEkIB+yP-xE+fJ*&ie_yj)xT5h)V{+;@4%L#mpWg>V!
zGOa&OM85~|KUzQWXWQoHd7yg9($Z5X^1&zY`Ja<VQ+WyfV9Qg}e5-sGGle`W9!Y|H
zK0B9HbGq~5=nbE=9yYCP+N6^~ieKBm{QdBkI&_yrzViHu_urV-v8248dUN25Eyi_u
z{q&r7cWqAUx14>x_0OY<y`D+*JJoaRjZrs7?N0uqL${M2TYTBI&mC(sFnVt%eeeDy
z=a)A(|0pm9)0lKfiDo4Q=BQ-E=QCMI%|Y59`4peekI*DQqA@P#VSLaidHgg-e<m~B
zhW_v-v_>_l%Su<E*&ICu=F<f5n+{5O;Pk)BadY%%LVs=PKP|`2(No|@aq?i{(m}Q0
zzaiu1=+A`ZBl_A#`cKDkbM*eJ`VjKJqz@sYiZ##ge^nova@-vKe_tO2j+>+R-_ZwK
zj+>+ZU(pBRxH)?NtPjFCoW+mFOw8$jZy}na-_$;g=EwA7TFqOC=IA|*eRvv<o1_1v
zK0GbQ&Cz>0efVdNo1_0%eRx`qAKP|{HAnxS^@G+uk9+j*wWE3ZP4y$X39aU}qj`Ey
zqaRPhadYx`Qa_%S<L2l+oqqf?$Ia3ItA0Ek$Ia3EXMJc+mu;<E^ZnOUAD%{+|H&Tz
z^ZfBN95*MAC-vcJIc|>L)9J%MbKD&Lzv{!&a{Rw*FPdt{)9S}R>+=7EfARODuPMjP
z%e$$+`LrB2NAKzM<DWThj{aZu<LNlgNuE11F)NdPjdx})RK+$<nls?1pzSiRDG{sg
z-P<-vdt%9|4|@D`>e!fw@)=`3yz$XXE-S0LxeggUWc0_oyC3YBsSb?GTHF2f$eS_S
z+~3NctQb&vsaI6rtdR9F<#$p~{K3p^dGzD88;2)f9KH5}@5M#a2Ir5B)5N{RUON|U
zdJyq$m$!>zTIJHYJd-$Z+WfT4q_la-Il5_SnYp@z^z>;HHJXvr5;BtdhfJH8mWdxg
zKxY3C{G{(JMk19k(pkbU4N1IYj8_ugaZZd^h$G__<dH3Lkuolby97Dn?~NQ8d6E+&
zM_L}#B3shNg=wR6X4;@k8<c4Sc$*;aN{O$G@l9&M_>OaCd_xc)>m|~WF)m|42Uijt
z@CQB;M?1zb$WAFyxH5_)FGexWlTn1UViY^u*SD?nt@Ww&%5LLp$2k9Fr;HsV{5-Iv
zqchX7xNW^}olmV-WvlF#@gA{qCHU{)%5>0qG98jyF&)OWWIBX+FdcTbsc&89T`S}P
zmIT;1Ir7|@4y)VLwXOxPot>G^H#^j~t7}u+y3#w_E8a7<7148&Fix8g@@<r(jqYfp
z8`|i~v{_AUbU_<E&_+4h=+5}A_Nr}F33;`2Vp@jyGA$)uj7zq2ybPN@0*w}+0eL|t
zZ6K32V?m>>3)42li)p*sr{1fsRjo&*d$wD=Yit{Z6XPxkVVo)*vZe9%v3B5x+P?}N
zEcB5Z`p6Z1)PnKKL7hG>j1Oez1KIhkZdK<|>t5-a-6CGV1>QK|g}4Z~e0$K2B(wwY
zHh{Ou@vdysqXpACB#db-31B?x-RoRyT`FbSPVtW5pX!cptlI<h<e=xyc<uDaZsYHa
zx`(3fA&ieCl#y4uWxK`;WoQGP*RNp+X;A#<`Ja`*|HDEJ+H}3o%lN~m)6*5_Q$Dv?
zFhuxgmAJo2qH)H%qXWY%N5Z3|sj&P7bY|6D0q!qmtBU>}uTaDjc5m^M=1<@$#r)cA
zp?skjD#Wmsegy+hwit@lHyacN2>7eSdOXB(J2C}$ycjZKxFbV=$BJRIgvE?YeFXe^
zYdgep8`4EOVpu;%NN*5Bl^FgL{b_wgI>ka*_pA^WilI^rYtuxy7%If@pXm1%<+DSi
zUz;k>$reL}7*@^};bQ0^hW|uAL@AW>&<kN@iV((&p@$gmpuhOR6EB90HT;JPN<{kE
zBK_vjYyTm?xpM!3|NmP8G7p?-dE@7Tb-1B|@PrS;Y(=~l;Yi$oGvaJ&9EEK$7Xx08
z&<-cZ4RBUv2)p2q*smh)kI)sDDocRxg)mfs7x*fKyE`+CAL0iPGF=4vGKAB`coM>4
zekczd7U7I%80Ii&CLwGK1G^n@1;UZ|+t780k3)C_e`Kr!{w0Ln12Ap??~QQ27%xOP
zt}o6v0H21iHw=3!;vonZ;wAhNgvZ5rEy7kIs2^}&ga`Ve4C03oelY;2(P-CIgd=eL
zwFB{3gp2SVM!W=JJzn~)<_3hF!ZA;vtUtm~+~{clT!nBZ&d;fADnk539kU+sRS5U6
zg4`Mqc8UfMfGZIuX;Ba2=?GuJOZ~DP;RP{%72%&TXeV&!-zy2gn~Hb{!gs~^ZiHc@
zAuGUD2)E!RoNr<oCJO!-@lSqP2413Hi1695;1luxJpb=V0Jq5Q)#75=$5w}kE+skO
zYF%Dm+?D!*vi2!(sjU!~U04o36<fvP?lnEo*REBpTyqFF(B3D!2e`@PupKeF?{ewG
z$1+sx!njDl8T5|FurB~(;xWE$@ceN{U=m;rHhATLDFJKlnMHK)6pP^|F+3!O!^Kd*
zf=vKDdj4~dL6F10dygTPiOg50<Db+?&?U!aWu;F{)1{6}n9Y0v`1riEq==kk<lt{P
zkRG0s+yqBuKQei2a(Z$?ZgO;HoGu}8&X~O9yyT>~?6gd6R^l93AG?vs>cqKuX*tbd
zyk{SiF)S}FJt-zBeRx*RsI1J`gxSeS#0t|OiO!-rk;T*kFD4<I$RZagxpCRaiD@YX
z5ebQ@;O~9lTH8VRHK=)5-t36f<it6V`3#e(%gUXTlbIfnoDb|V4r6uc5n0&<<1^C|
z@h@4$>2lICXVX90G%6`Am+BmqtQ(e>l9HUGP0Q8s+_><0>ZExInTe0HHTYMR(DWP~
z^M-`Vj!o8)#2Sk~&Tl7_7iHau&`AFSK0hj1M@59XnNgbPxPZ9HaTu@6@cG$)<qWf3
zYs$%p%$%K;nH-Uxm75IMR30`iCm}O8AyJo>l{qXK*-EA}4<DYEu1n5QCnW*1txf6C
z*~!3}@?=@{tgIZJ68Bk%g9z*&W##F{f?h6&fI=}3kIsBHIZ=lmoS%@Bq|PnK#IJAo
z@sxzxG|&@W^00!D$pt9m%IAo*ct%QWs6aOJvvTIdC1+YGP2=%x+7pqLk&y<bm@=Dk
zXeXPHnUtO^C@pg5@VQpKXq34+GpR97@&~5j@91cfb9FgcV0au~e_Y-yZ9+kEPSdtL
z&zFSe=M=<Z2qfzSQGglfg^qed&X*Qj+obSfzAWh*dM@*^RtZe$`CNgVD3h_tiOJZm
z69vqS<tbbF5_)tlUrMZPd}fZ=Q=;fo=4a1IOwZH><QC-8KgKmNDP=-(PA<3|pE(N~
zg>)n7F>DwQae4w0k)Dv7i`DdFJfW-rpQstG)r=LiR<KF``Tn1lfQ0@|fbk`>(d5A%
zE7DNOzrdZPnE#O%UkP6p{=t*aDtkE7%mm!Vn2B#BG%pS}WkxfjkdDT8IO6mil-~VQ
z*xjR==n=x9h{^Cu@gI>F|6T|&_}q4c6^Gj{Ik-!c$;=k-)Fgv)CVxK%emjq&#6Rn&
zWWw-<;Px5X!Sn_t3GTFH!9Hc<jz}hMp^QS9fx9U53`0DZzoCP*4;&OpBW=3Bnv2^u
zR44us2z;|pnx4O&4bVNI`M{rrdu|FQ71%nI8OZd-e>s59#kYW`5&$YWXhC1#Q(Kbo
zwcdyg;7exUu1pV5@kbujm;hSIJl#OFqaU!R@N%Aok_&JbDH-WdP)~vtnhXl#A(0HU
zU(2YOAn-p5H4OtSk<X=DOQSF+JZ|R%P{`qBU~QjpGdBQK6=+c&>Y@8l6ffZUu(n@=
zTa5G!V%$NG`a-xxMLeh5NZE>S+tOUnf`P$}-}Wf01rM|NQq)t~$RnxG=H<cgz1I|`
zVBP^gkNZx6mMU?ZIFRWh#;}~j9XH}@v`CAjO?(OWv6A_epauVmzhO*E(1-<%EJ!#H
zQq<YB?C*6UiLX)URg#aA*TJSVo|O7ynG@fn?-RgnP9wLEH63egj1jB`kxTlVi#Cyt
zJl0QV=?+3@`o#0&ovGYdzcF-E*{1qU`J0(7>$Wh33<LLv@!hE0$ZnjpF?(a-##I~F
zZQQVN>&6`$_ie1(XheyIjm#$5CXY?Nn^c?FO|hFMZHnKNx+!~8{-zC^wr<+7Y2T*G
zO*NZpH(lDqY?f{I*zCJmvDtsKa&zeB_|2)Cvp45&F5FzUdDZ51n=3chY&LFg%G!TY
z|N9c)|BX>QJ4RXD@ij;1o=e%K58Nb9b{mR2t^laqP9h0xp>%e1=;dy2*VchiraHRx
za>QXw@c=uCbi)+oBxSG-M6T>+FJU$)Hgzm)kKs@MjfQ#1#UM$?P$n}lg#J@@wxKEY
z`fA5>gSx)G@$4?At%FyWoY}cKXTN?!ahprZV*5LICvLE}li1mLEPlcK+rp!xCf^?U
z%KXnAe-Br>HF7L*0B=Pc&#V1-siUXe6m_7t($f(MnWyVSIAqB=nTm*n?BqZ%Wh(+Z
zdA88x<;+URoR^lKo*XC#H9%cF9ml06%-1Ccc2Kq>KnqVV0icM$X=hqW8df~;dICEs
zJ5aX0r;nIDE-eGKBxGO_Gg}d%R(5Rd78n#56cniBpDC@~f|P+l!OEcEeqsH>rYL9F
zFgrfZTAhohS6o3x0uF=|6%koE*;zS4bxLJ`P~9_)*;JtdzM@cLTyoC5w8Z3GRITWv
zhze2`OS;$!NaDcQ7fa;mXo-tmu|&drxP4djxREclZ{>2STfy^PCicv_y081;h}=1c
zJ`0GQ@|)M8c`G6$-6D2xyczk6aqn~0x>H@g+`Wdedl2*EXS?ysLvv2gj0``gITO(;
zw{<a>w!7EKmpg9HY1chwZl@0eul+VA!7lEtZNEnMcF2!>v#;UI_b-3{=kl8qhYmiv
z`s#>==Yqc}aQUr1uS~t(a>Rbj%iF$8f8&L;WywACrHA6Z4%ZwH_xh@`sJ@e%?(5ZE
z-aYZ)H{HT#zI!mD-IBMfU+?pN`R%v9+xCplqJ#(Q=C(X=Gj`+1Z>K-{*8T0?Z){6e
zT)4E>ShMiWQLM(&=BCDJb&D@kOA4nyo1YYUI)3=#aaEoRj}+WHUNzSankv~`^hjCs
zfbYr<?ouDA*UVRb&75}Xl<t+!uPwSe^vVy~!hmbaAV(RL-oe31B9V4i`YF3u(@M!w
zpH!VLdtl$bS&6yX0XklF0ur+_cpdBDDUn#DGNmH|I|-v4iZ1NXNgAr`uMF7`v_ZKv
zKrEb?lWtSCub@%33KgLa01mIu9lA+fl`d8e>}5)KqAI7Fq!=fTN`FeXly+8j+5#O8
zY@=)~XpRRF<n^UbkTN8+PoS-OVEot@6*2bCudXb(yJWI*+uhWU9^G>8@X6?6$LRxR
zzBTp@pNiY<S37Gmf6XvYTBtNWOsnXc+oDxg)I0BowQT75;j25^R<AHmUdz09#x-VV
zZQxt7X+0PGese*GiQ28nzNP}ztZr*Fj~yHEtiH2sh5Gij%M*uom><2Yr;p=|w?d!o
z(rWXVHu}YTl*Q7`81bAq;@!{w5?b@;XZ<pzm!4hMu5IiS9RIJ6Az=(F14EmP;h-?<
z7@qZSjo}a|5^pkk{nHqZOPigUoI~R{<R8cJro<Lunth*ieOnX#iMwTEeS%Be3p>_b
zd9Sy8#F0$P(m`?K<=$tcLwo)4&f2w?KTRlTG4;51>AY|2B1U$3@y?-M5mj$oO5MFe
zHTq6z=>C>Ry8e_jsopy%Yt+Pz@0V?{`?6=p(<5(OOT5_H5HxkijF+cuea%1Cz4e{7
zR}#V_$8<Q`YC?<EQNO?Y{{57}QQNa~zF+<Q%+ntG59^cGv^m(V@P_exmp5xawp*}q
z{tHu+tM9bd9Z)arc~z!ezIyrdeO{lh>6H4#R^9w7?o)%f30&~O%ZWA7uMIqM<aTh2
z^Y=El`-S`T@~(+o_}9|67j)U__kO^!>?5C!(s!5r*5cqhqhFTY@bJ&sc3K$6#gd7T
zRGiY4l%F4Vc1lL+L#b{wH2%eqaVk{iT89$`_-tjevZpnT0p3v@qq^Ka{1~5~i#4!d
zq4|M6pb^(@X|Kn)326xdPoVbI<>vNDOz1N^C?FAAAcKgxPSSqLU}fNjz8m`3mL`Mn
zFG|A{JnbkCvN3MMkEU&QAK}&UqV}t?iLHmu=zqZNJ7p(gqpQ?c=~MXk*01R-i%CSn
z<cIHmz9*xtUpY%TAb)eoGfr8)JHPIBb;IXt?6)l))$NT}RQBz!ow-$TvU95AS9^kX
zXMFZc@9v4g-$W;6xP4bW+x>yVmVW6A4L(OrJFo9FT~i#LD?k0B?&_XtUmqOMDI)*7
z{EtriOBI{9-5YthtjF{2h38uSer?*k%+WL4BZsRq-FDm#edWV}Upde9_`Q9>?!xD`
zr~UHB`aP~bz3wfU>OA<>sW*L2cot<a0ikYNd#vnzW9KhZ-jRIZy}ozf=yq4Sd{X^q
z{+cn>OFt|wn_fS7_n3_Z!My^W+kaKz>^ax`Y@4ZPjc+O^_BKQh-G6q;@y~{INllD<
z<zSj_`;iWVmaML;KG6P>G*4OV&>yC%qiCjFhTXfBn!2}}<L%h_pFMYA>XT+Fx2c&B
z{Sp^XS54aNG;%8x(V2->L*2sDWB&a40ZGV$mgq>w0)v!F^b(wn9*rf~wArZ&b#87R
zHtQ0T;VUG;8GzXkybl<6vRxs{P#fD7*iRXz3?pJn<rHPnG8?YqA_JiSRENw{J|O|y
zR|$%!EL{4+zF1%@r3d9Wc{<1Gu#cLWm7WnulOSL&p6x~@XCx;mVxG;LGcO@0FHbiQ
zJE!Tyg?gA3%l=<t{iB65RlYiR`SJO0?tLxCv$HF=Z|&B@&Iz+Tq;t=OP4xS8%iRts
ztLNpn)IK{X>Xk1G-q=*o_15#jLyGo?{T@=+a_sMQ;X&Q2+7FoTcPd4BD?Me<AA_Fl
zV(vJv%e_mtwhU~!V{U(D&dH$}v(}zF68BMBfjw89@r-iym+wo)+?u&4;o8j=n!vTQ
z<G1&3Q}(&CpX=q@<2Mah)A^;=k~U*JC-gslFn(9rfQ_^4`#(ClZ_M8GQ!j7TEe`xZ
zeQuj&WlSsm-ktq6xV@SDeoDs9p+6j*|1xL4q}L`7{iXPluMdAPa#?uX{0n`&l#}ub
zC(qnFe0ACW_twcB?sB77->DvQ`Va1_jTPzNI=6FPWVLV~KvM5E8Luy~_GWL{oc%i|
zbv?Bv;NH>X^GPdg#(R71tlJg32^p<-@BetnshF*HTheYebr)d!$VYy{r?6M15wMeV
zmNH%$u%Y*co=g27dn&<AbhB@2LZ8H3coczw3A~T;7yOWajX#X4Qb@z0n*$u3<Cn6M
zrGKQ`OO!of;zYO0PU6#^>d%Fr_2k&-8xb3)ELv(sg#lln%vbtZ(=gz^BI~^MwjEZ=
z*hVb7r5bAk6KK@sHs#qm>S)k4jyW1~;)sh-_X$Mfbx%w`e`7fVJ+BQ&sz_P4?2G%g
z8{b;B_xsszT>I>v>Y>Mr%SZPAarJ`93%}W4mZn)fs=UZhvMoKV)q$<wjO)NE3#0D+
zkaqJN<5TW9Fg>c|Yzph>*7?eNBQ2de?J53p?5R;Yd#9`K?ybo^U8-?i?_BqB>w{;8
zL>_kNFfMx4#|OuD{3OJDa)-Om)=9@(Tt8%J7qohTaYjzTn46`+UmR;4|LgUGmHJ=z
z=iF!rieECldQ-N;qKxr_ez@$Vd-#6->nSZR>b{)6V$j;7S?6~j+A}yd>RQ{XgKW-@
zGkxDr^jKdNs2zOvm07!9e(+iO<avH>@oP_>E_eCkJFoV`2H%lQkNswN)jH{0voFu_
zkD3_<%NY&_ud84=U0^tN^NZYPp0t@uY^)QON1n=-WN&1iE)x@SQ(<0oSc7@+$_&Hg
zG&VUYBMYXgqq04rxp;cVq$TEL<z}Vmnk=JwD4(HxdryUJK1?Szvm4iTim_Q)I^KQ;
zDnkPM1%`$63l66Bo0#lJNo9Id2LFAd-b>j-;H8UIy%bLv^~ec4E3}&Yr`6oiQ{U!(
z_uJ>6eA}l_&|BBPEgE|Kbhqd|b9+`_ToW>TlS}&@Gt=HueRz29&Xu+6w!EXBJn+KR
zHD3(6q6^(J;#5qx;s+z%jB6Eo=jZ5*xz8_7-1F{RGpo0hG>o1#=F^5FKU@i2earD%
z+4HW4{ng`tJ2}PRy?Cy%-)Av7&VxT47#cfueqg(bUB~<)UwM0b2IDnFy7yyG^B9+P
zYIT=U$qCDf)Uj_BOf!7lX2isc0pCq;AJ=>Fy3=hPeYT|L)`mzur)`{jVamesS7s#L
z7_dw^LHcdW-8~9h-75$y+ho^r;WH_F%l78~bi!q8=({dShdxW0{$feh#%>*#O>Z09
zLec7!`jgBSV?y_hJSnc`PAZFPcuj#taZzIB<tT-5VU#T(=?-#!fwWX9rv&dKIw<Yo
z9NJjS4~JBz**AO^CHZ_^_qH;-yNOA?s+(BcS--h-p1LF=v*lOL<6`IhdVcNPd#@|U
z6Twc>QA(|H#0GZ5@W;jkZd`^{5ospxn>{D3FPyu+**RHBd5OB*zKwcF=7iTm(mvjj
zK50I%gj6iAn*3wd`Z;~7Mhwa85UEwiwm(>S`|^&}oMTVVp>aO1PY8RqJaJFHU%{`7
z_U(__=(6_E{gVebrM%&IWBd66XZJq_UEOZyn*G7hc0c4V{@gs$A-?<N+=S;l|F|PH
zvF@c-?`Cai_2cC?&VTjHpk3cgczEvfBKh2d!xp|}xO)2H!525Zd+&voi;UX?du*Ma
zlC6I2_q^j5ceM@cSzGE5%WZ%D#NiiC&VBQ>Eo-tSxjxEN9F_%sRQlTDqKD@PpP1@f
zn(ngnhc3?T-qeMRUgCe?#S!mz*t2fObmuMe=Pkbb_KN8x_kI0Np38WvdgJ;-9(je9
z*Mk1|?rg-s;s<9|-pJ|s>a4vpe|)iR*tEWDGT6P6nZbQOx!NZ;#2_8!(w-}LxcO1*
zyN@=u^|)TQv+70jG*^e0!ut*JEsMF5{+XYlqUPYGH=YX{=(pkG^>aUuX#3Lrx3U&=
z+Og`LUE3vL&tFK`n{;o;#8CSW&MY|p(W+nHzZ&-P#XW;w`thxkKF1c#>8V|{<~!}U
zKRTXP{BS09{jy1>g!oU*?#C~-S@eb}|DgN!&UsEN-^r|7{%p@V>u-IZeBeNzK^a%2
zS7%4|5Bfk_bYLr!nV@~~$h6N_tazhuRgmuB!IsJPPN(ngonbfetEHc}^$+==EPChJ
zH?I{>$V%Pjb#wB#KP|WK+`YXzyGwl0t!`Z_-#8_Y-q~;4r0RjymwncFD2p8r!GvxT
z9Z$Q%=e{i;k?K03VzYGd;+UCF8qxo=Hi|sXKxI&1py*=4V)jQ8yIz9F`G3U?{wKqE
z<YCwE);x2#&}&O!&`j0limdF)Z~M=kJ1}p{wzjL+7-nqmI``zL*^AUex7`}K_qk7B
ztJ)g6GOh1GKhyllt&XKgBM!NBFE*&!{M7sQ_uB6lI<(zqDRUm(eZbv;TOM^uFFQV>
zUBXZAd(6l>aIWCh$-eR5-s$m?ea|gt?&;f%PIJihcmA!5#|vFHtZLI%8~D?OUYAND
zJ{Xi}S$9Qo-nrMfs@s1&tN-3(bE~<(e(~jvRtqlHO_*}#wq$B*^3<xKlg0+W(=TCE
zmy<;&`fqM^((#M4?P7cv?_a&Y)mc^dORw}V-Q~S4>V=XyPM;jOxa;d~OiKfkTGeCF
z?IC^c#J>Awd!=Lkpf^3b&VF8WF72^=wvTJ-97>k{y>nPBsV0M`kQPfm#>9k88_7;b
znbmVcYKwB9)w6=@X5Hlai|3Y`o8BieJGW0xa&}g3nl3A+0H_%#pVU~|4yg$pizQ=m
zXhlbK3LLfMVi#F~9pw~!bvO!214MztAmQg@(g3F)ml2M~=+7GI_$rq_2+{F>MoY(c
z3gjo^zhwUKjgCtwZcCL?^s_Xx@mgt9EwMPFqi-BfL-@m9;)3wU;+qaG=}2id(y^$8
zerSRCRs%vue#!h1BOQq;Z~#Z#C*rF>xisXY@o<VKVBee$*a$-9iAVY)VxmZOQ61E_
z9JGMGLVF2=cp)6ZQ1FLy3O=18!iBa5{Ou0q6079lN9QW%KBXTWZ7rp=TRQmP_M;;w
z(2U3LaO#vrD}}kVXqmF8M5)>^WW%7P1Fa-;(w|s+SRJP(ez^_3^uJPgVm0#56lj}Y
z*c<-a)t2q{$=`YpPtM}lK8ZFjjQ{lgyT=#qI`Z+zr0YIuH<v!@arx_YrHfQ4-GlpT
z#&6rU%G590CFIi!?~e;uk<5ItAV@JJz5Bj(?}UAL;KgIxOuyb4o^o`Tu~oyamtM2z
zCKZRgoEN)Yv(mWw%py)6xc1o93oVuFbUsJFofA24^BT$NU}gb(KWk~=@d>?xyIgFL
z?9rTAzWYSk`EPt~eSiPvkQ>gGuN6c@EEzw|;k_3;j`nt&Q~CPs{BO_C|6<=)udG}0
zv37N@*A8we`|#Qa)!Oqfy=s5-{h94F^56m9w@zC6PPpK+W$O6ZuWdSUB_!Q7cf?1}
zZP~NS)Xy$I`v+#h$=^qg?$ZAguae^{pT8y_l(+mui?Z(ni=|3zpY*nqNU#l|{J$|T
z*m?YA)8_Fh*M@BDcsxGmat)-t#5RqGP0sd#t~S|HtT`Sdw+M8{D)4dITiNw-L1`e4
z7<6vilzn^Nt-E`>`cw{A93GUvdaLckjguN!Rwn5?r-Q@Sm25e6oeNCydGk1P_7$b$
z9<S@Yu75JC8`C~{+@F199p024x^z_|Y1#hbn|;62pO0Cgd~;a`$4Ab))};FffAanA
zwQf`9w{e*IOT^E&uH8zWGqJW$uhf8becvlrJnXe}e<z<aew#m)Ec+s$C?NCL!V{a<
zD!*Gb$!D7+eaMd+>&j!d++3JHIpKxekh;&`$XW2HcEe4Fhi_f1zY;b)Wm(YJ*IlpO
zy|u{a_V;hSx4_W$UV!w6oNa5KA9ZP1?;k3@eEvoEeRl(X9JFR%?rXhN-CKV4c743-
zfV!P`HOnh+4&4{{bII4YeQJ{j#@(vc%wIm&P7(Xe_|H5-D({cjx-9?0BMG}(Z!ETJ
zp)9s@dMrK1z+y=QCWK!|Z*u;(H~;NC{&M<Yqao9kzK<ER4{XtxaFReBtOu#i4uNtw
zMg5cmf<gm>`}J31-T0(B9I02_=yU&*XLl|LcrWbssGav*25tNsb%^rqHy|u}MXRbl
z>!Ua2w|L{F*Kf@2v);|)eBX1u4lHhE9PyI=_MFhei!^Otp7TN1f{@;wI=ph@!m~f+
z&kwHF#SZFwbALeJ*P_?IQ#t*EHYbB)vi@9~(Z}P}dzrZ&*CKSc7Jn4A`u8t44;|We
z#jtBXJeoXiQ*LJN7ti)jjFC^>|4g@lsZo9HR}9%8mA<$6r-sSJ8_i#B{Ve12gRg${
zb+W;<zHfQYKT@ja6%GC-=gpjelk4kWdL>C-yW;-zxLs+rp07QB?Y%2kdw(^-A#+vr
z&4`{W#?0xMTJ)92YOgd!`rX%0UVUd%MqJ-7e+wKx@!;TjEr(BexpMVKp0zzcx!ZHZ
T(OKV3>~QG7tap>dqwxO^Xt}Qi

literal 0
HcmV?d00001

diff --git a/AutoTunnel/x64/WinDivert.dll b/AutoTunnel/x64/WinDivert.dll
new file mode 100644
index 0000000000000000000000000000000000000000..c53d919bb79df5f36ebfdc56f15081d7fb25ebd8
GIT binary patch
literal 21504
zcmeHv3w)H-nfIB@OqkqwhsZ!sE+Y&j772ktE+*)_WCq{J1V;!+Et<q+A}Jx6oy>4q
z(FP_FrmthEYj?G^UFEXUwcBNT;Z}<?1W7>D04`$PuF-be8OLh0F5soU`+v@RCKuGY
z`+fU;-|zcvUwz)^a-MU}bIx<F&pV{*_8rW~7&8Ghjj@Bk^tkx@Proi9dE}(SBiT=L
zp1=B_!TbEx)oYsC?15nG-NCwb_WHV(me!E{F26k(Zm~DD*xk1*x36n$@Rt-6<T^yr
z%b$8}{n(TLG&KWfrN5kN1AkW9Eb!N-j_3S+oF98~-&6<q^e-$^3xP}Xzdm&g$M*=l
zQQ&(yUe;8<hRVLYB|Z;h4fkiWncq0DB9qq7CfoC}@)#?HL>M^!deBy`(QY6_bQWXT
zTr`N;;}B3M;>lvQP}MVK(5HD_(zlGUU!uIyD#m=2xt*~-swlwN4<R3Tb})wjzwilE
z@~ne;F2?q8!v{q}sgjU?V+ew$X5wW9lmbLMK=H@USZztLp)OR%*kKz)F2EST9Kevr
zg_IIqjrEz4Pz#_o+zc4<xEPC<1aw8-#sCtjPVW#UkS;1O*cPk@&HJPs1eNCl40&8!
z&)?h%#d9Rz0U$l}?a;@?*rK8QpJ~QY)8VL7gHP(`xx@K;Fdqh!Po>fY!}+yW4C9r^
zTZ&sf*?A^3Mb=J)^DASnc4cAv2*%b=Jaij+T(cQ4#GG*@a!lz$s-`T|CNZ|*jViUr
zE$u(5bh{l;z(`x*C}d!Yi6N<-h~!6BaFka!O3|h!FmwkjME%8`XQYl!=xQfJa{#w!
zC#BBsf>#UX-a-Z_$e?t_rH=a{RMZ~Lb{`}MX_lbm;w~jxVCIT5A&#02pd**G@Ca^n
zahJz=!sCoP&p1zLwh7QcQK8?c1;1QMh4pH-cT0vArWPcSpxMqsN}4&m!UE(|3!daD
zIiLqCA83haUv#y@qC}e=RwWv86y2t5d21hrwxXIBA+zE<rbIg&k3-`8Jy|3lypc)l
z2n~MqSDNihRH=H2H`a;vDKXm>^B9v4Y6eMf`NuOz<2-3}K204Ed%!`{C%GKz9q6N-
zBt-qS^jbwPAH5WMxs+H3*H)r#$9!@e^`SRr{?S}s*ONf<A-%2_$(6LzkS9q^vpq6U
zci64j-UGLA7M202b32kdFGwBjz%aR%iV-HisJ)=sZW_oabu7^|Ep1jhUk$C`UQyKN
zG}}rjbjHIKn(Z-AYX3qz$_<;GC(>W`#@vp;VKRVgj^{-oi!nnKa^hDi>bVW1X8Q`>
zYQNH{k?&rFf3F3P)CF9zOHm)-4p5w@lAlbW=0D~j7gefXwN|QYiz?MNd!_p88hyYj
zx<5nY&&`e^c_jv{-Ki<+yWZG!w_JykUsJYxWP*Ltwr`P<T34gIp#08oN>NWMYC$vB
zNckY8qyNZ|9*n8=jgj)Dt3zf5Gwyv(dt>=a!_`VmHYmm}Wg+Rec@7(as?>xs{dCpz
z<BifJH_9*jaKp8-bij09Wh{TAqIEYeikfCM%8~N>SojS}9m!K0<)~@XK0~_T&=asq
zvz4Rn*>Oc(?I=~$kYm20ZpLtk9J9-JikT_KFV=&|hlUN;4$NyB2Nsm!#h9_vjK_RB
zd;{is(p~_2Xljdv;{5c1g<@b<@cxqzBR`W4{8Blcmer#k^_QVB(xi40E|Lz6{z|3R
zWjyLFdo}p3j7~fKW~c~_?Vw~<Asxu~Rcc3#32)gMq+duFLV0qmQd=bL&o>wo)FO-8
zD;?-bylFL_R*xo<)<)ye#*4j!{wt!XXkT#~oEK|$9Kw{0qhw6Uf5b+|r=;gbCFXhA
z`D!J`4VsC`vYIA~X9S-pAl~uDs$L_e6pZGLc`g!D4CZ(0M?~6_ThU2g)pM~54lZ_G
zIBp0}h7(rhdZhgp=NUQjx`gSTcs(nb`b5)W_ZX1q%Jr(@-&J*92$dp3mehF!!``h{
zz3e<wr5=ZRBw>Ntomt7BArGj<S+Sc8sqa9`tFF+hXyF`%F@nq{sdEd&idyxWTfO7u
zZciDSc)coH<Vcsrtv(m^j8)})Sv?!|T&2p^EpK2@u&8H}Dv!qSgl^O`MU{)9o@uH)
zKI)mS%J!&drYbvR%In<nI@Fo0c2W1r(c81~dWq??Cf>B<^(0=m<eiSLn5V>6Opp#N
z`dB(}^M^`oS+21M-241}iN7znjXiGTiAt>}{4xqwPNzZ>8~Ky*Hx1s~F^Qn4l)Vz{
zmoIb~Liuv6f*fwLLJW<Bte!}uti~QS!QGvJyJ6KL-aDJIXrXuB;k~m<?;VTOSr0L?
z-kh&`UQVP;aECiKemgm9y{x+Ok@Q?+w?|^xjfsRM>KOr{RXVU@MAVZf9q{BBF~mH1
z)O0H+3;0{2H>`Qi*h_60)wm;LKLjuz;}zy(ybAM;z3NHnz|qt@eEe0t27l<D%7&+O
zpA7m+xP{!MJL<pYBJ1b6h&nve-~Uy2P14;pkU!JjKjAO+1e6k=<u5CZ=2LJH{5696
z>leDetWxJsK+#C1@e40W9e;~H8|JA|U*xIm&-c{WO#3tTf1bbKE%oGQ*`D1<TW}t%
zJV^Jj)W?^*bku*pOS3=UrJ45pU-0MW&%bP~TkXaYbR+GpJIBMX*jwZ180@X3*jMLc
zUzP8yxnszVBlg#U^OC$$zKyn6kMn|8{ZLUqz&Ytv=Y{!`LT!BilaAz<X|@NyMCXOj
zc<G3#Og$Hyvp=>z8JiO*JGY?<Ye#!|84I6Nj2~_J1fF3V7DWDN4CPAuM_{`wFA0D7
z5FKl#Kd(KTc-?sRx9+?Pkw2P(kG9{)!crAZ4MtCN9zWk<^VCnknuBj_*lJvgN@pqT
zpgz8N)}T2<T65}@YdLnAEpO3@2ph~&x7c9Zj#bWh`-1D0Xf<{X^%dGOu*<j|K6fl&
zAYwkfT;U1rn+(^7tTE*_&9<FaoB9}I4Beqby0Vn$4;}lc=;%)!?Hq4*Z1hGO904zm
zcWY3B-K{n_>|UHzYCX>1dz@N(+4aA`=>~1{&=KuEQJB`H#6pfzoMfi|K{}GB*_=~(
zmyVM58?|n9;&%5$Euxu%Z**!>hk{)2Y~+$zigbd8(s6frDJ#D|WWk}cvzW`gC@=23
z&~YME)BZteIH!HHW7bARazCrYHe=&7UUJQ!7m}qTl4g4rO@jmHfKlI0{MMw|ey&R_
z(vcC7<Gty8u693!k>fuw_LsfAArIaoA3ft%e~YGs3RSPe-sp}tcoi)X1)a`mTpVp^
zo-b?9wwJNcD4DlIj%b!PYwF*zfl{t)@FT+aKq0)|3x^h0;Uwz!#5@LX%<E9(!zT3A
zko8f<jYn2{B9|;d6X=Vwpp;9}fok`BEFXr-NS7%O`+(a!Uyj7H5^q>5BMC^5CVv7H
zUH);Ub~604;bZEl$uy?C7*1=va9My3WE&M#_*K>Y?1ivaK|@#3jPi|x=eHcAu_fR6
z)vn|tV~1R%#EEP8e8NC*;}RlQ%PVMNIWN$VxPVdNasGx6k24<Ut2E7CQ94gZ9W>G+
zIR0<_0|+mjU*DDX=Sce#ZuPZz(j@KgEjLLW|A6|P7s|7xPFlJZH6784rLA-ckq#_}
z(oviV5`7k>zDGT(<n<`Ao6aj`J>j6Ve|fe$R&(APTV5<jKFV6ZT8T}#_I3D0+P}zv
ze347#(l#nx+TUSZb2WzC1CeSV#rT}|`XM@lrVAIv@;f<Y0rf0Va@lijg|f82P))d}
zzv4CaQrR1x`f*v>@BDr08kiW-MoU{Kg23rDA-DHQaytg{)_h2${U>k|P;e|$%07^`
ze!v^CBnx_p6g46*QPwSW;;;nG<vFM&-k9jia!Uu`@3_}^);;~awEv`rzIzlpk(4>K
zB$CPtO^JMPjnw%VL{;eB&fkY}VU$IRY=s29pZY7F@+Jv`HjI;-(QN}Y%4J=l)$mR_
zP^G>BmC?a6s4UBu4xDVn$)ynnH%2}%2d65DH%&N&MczOI-arG61`8X}60FbY1-xNg
z`YL!jJ*`T8Pr=|X;uRKFMvl_4@RFzV)o{MYc_uvqgCd=UB?cqSrC)73PlWPtf9|}X
zL}y9gj#q)VRYtGDoXw~9jL-*j7F3YOhtU(Vd84x^nU1r=lUIr41$we}S#qsNzFJTI
z&1K1JL^7|t>Qi+GMDi#-_nFIbZ=__SJ33BWeVXa&6T(Et$}Qg^udeB8+>twpu@5G~
zCBP2}V5a}{!wkA=mdIfojBe0=uwo_6Kibx|yw#3Mur18H0f<5YZmizwZbu&%Kj!G?
z_+7Q&1}IdiA7Enit8e1|4CC~$KzRDlXvQrAa;f7*<W&pIR5ArM#v=*K3og%V<U{#X
zE-FJzAhYcdwd&y6Br^STBj_~>RI#zWKne4SanpsD=O|S>98hG(-HxvrkzDNF9&)Uu
zJ*JuV9=m3HVFF*y3+Y<FNJZYLQ6C^TXtt9`TljC-a>Fyp99*la(fx-o`Cuuo<=+{S
zH=71vG;i48+DJ>^iqX*Ca;zPhxaU^a+<C`WY2$S*$7!J!efsNiXy|>qN`b+9q3Ts1
z*25j@V~)qc546qY-tKlRA(q<q2$lMC>I*OS5n3{f$x;|e9p}ZCZAa5@He$0`?NBsZ
zA5JzHZF$sMVe!Bk{X>M;a5AXn#*uw1Rvz4b4dOFSN|@dUOBZA;?Qr;zQmLkt`u8d?
zCO-a1)1=PB*sNXB{%0M=a--Bi;nv6}2I-r-Kq%3t9UGBDmY%t^rJJ=g7TcDLXxhSF
zgzKbj%~0_oz~e&%P(Ji^bg+8Pi!5uX`VfS4igrQ?D-dmVE^4HY+~HPY5AbXh>v5ya
zXz6B$o4;MjN@Ss|muS5_Km#L|-yV7T0jlRFsq=M+d9VP19ZiW9Y{j0f4^q1I$Cc<~
zj&@i;VFXz0qAKY8<;4*u0J&yMT!jJ<(n8Em>O6)d&Gy$2MdF`CE*UlyQ`qi4@X06M
z(ljpxcH-e%HCr1*pmJhMS~c69R79i)$$Fs*98Q&bRlWHNF!db8eyGoBNM#iQV>bnR
z=N(-`TM(ZztOb`_uGu71SBa^jp4V*mT*+z8_6-n9<RhGxg6Ie=f?uW?QtDM-K%DFF
z3<OLNz@mOFCb>QN2HZ{Es-nfTq<%@LKTqn{eM<c&Ts>5~MI*-xZMXU&Y0vtUcBigA
zoBZYC1q+v4qpPlskD*~s^BmzpxForp=LnDFQMQR_OX?{cnH04v^(3%32w$KR2>Lm-
zYf$z^M)o&@vKKNk6|#X?5D|1fDWYj+r=u`}YF>v0E2N?#?DUq8j#JoN3oF%E8l#@R
zB{9=Ojk0zW(XlNE&ETvetFp<X8lJ(JL&V}Ou$HK&A1FWSc^}A%F<U4dxGL(obP(Od
z8q3a0k#>a4al<T@Cb^jN49b75YVC<JUgHaLx16<wZDp0wTXW^;t%W$;RfMl|$8I;k
zkV1uO*N(bX(-w^QEvOka>J{qsQFU^(5Oq;}=Te!pZ47FvtdC<BRG-&0^?@y?5Oz~y
z=EdL?V~_T_SFOVSQ)Tz6$1Bw{ndz4NExL)u!a0*}siNL%NBBn=5h>qRE<K!}6WY(9
z0Gp`VR34_0dK4AUZIrudZay4WKa`_#c8YG%@^M2}>ZdwkNIj(!#?(%oFr^;V33F<P
zPGqOH>BNW>-4T#IHx<?iOR8BXa#Hm=k(at%C-PIb>O?_`?g+>=GIgU)NU6CxVNK1@
ziBTzsP86oD(upflg*q`hm7^236w`?@sf+L*3LKkyTPKQA|E3e;Qvae8SEkPD#8s)2
zIx#+#(1{5t`Z9{_6I1`F6O&SZrxW(n_jKaw)WbS4IYpBY%2QHXb;6O}40dXIJ>FkR
z2k@Sj{u<uJ=?1*7N#BY0m(#28o}ONY_qAy+-ZRpR@h(Zb@Sd5z9`Dlh9K2_xOYokZ
zF2>uLo{aaL^mx3lOOL^OZrY0XymT(!^V2507hs6Yk5w2NqXxQt(a{x=MLWhr7OlOq
z>fVln-{|dp2DrEDQ^37lp9Ajg2p3(7E$X7<-E>^pHjGD1{@6cb1U{lZu=Qz*f*Vh2
zugk|}14~yDGNgWjX4CC%+a3^5|8_?GrJ?GE^p&J;PG3RDl+Gt)Oq&U1VWMVv$U=-=
zOx$+xadq@Iw_3do0m#+ctT26BbVbq~UD2PJOJuR4dWtb?S>(gTQs+OTsSqSRn2|JP
zl|<6+iGHP!hBf5<#DgB09z}IBOkn<Dm+GXtsb17cHL31xpD|x~&peHNMcTFkRV`TI
zx_5+h;EulN3K!Yi=!s@U-gJk8^a*N?Zp(Zu7})o^<g&OFdya<3p)Gie_%#+21&fJd
zd_g*JYnD9ybSMvZy?iuC&PtnsDsdja)if-@q$ijfwJyEf&4<!qv~EaE_xkl(Jh591
zJmNMO-{JM)@;QswmXF#-q8hO2Y+&~+)K@)=S2&nv5@|!K+)v%hR~RfuSXsqt$5+<>
z%#ug;N(YKEt8CjuTGmqE`%u&P>5cEeG?pUAd^oFh(M17!@(@Ymj+$bume_t>fO&ut
zz#7QD2HXJnDqtC)3bK~~PXc}mI0T3Qz7O~|U?1Q)z^?!g0FDAy0;VGGCEzQ74S-z0
zc)&Z5{RQA*&|3iq0qX%j1kiEd7~ngA#{ruGbWHg>z=MDzfFA??68ZlHxEF8^@CM){
zK!TiLHsBgS8NdyAW*R=Lf0?mOfNujH1Z)Ge14u?`M3aotNQdv2_#UI+L>=IVRrnX1
zHXTS0PsT=$y+8TgKVV`<2EVUDpDt^KV#jvll*7M+D){i#!5!emAse@*co=~wTtMi9
zB>9EP22+i%ZK7-{HdRLDBMI9UPsfq@Gpq=|FRZ{W{@M0U751jz`;+!QJnDbJUQsr;
zSEcel*WQd3&t`g!?ERwe--9L%{r>HYXTE@=wo*Vb{{pU`rp%dE(s{?KUjcatM%-4e
zE5+2%Z!11ICL<n0QJG5h6938uCtT}QQ&c9M3TUfVV%HgZHEqX|SpG9~uXB8}63M1Y
ze9$r}QIDkpfzcAp=7+7gnp`y)pVy9yq?>tC`0XXqk?|$6c3e@<Mn2jsZKF*U0hfsu
z{5nK^;Ql@*Dl@)-{h{0BC_`FmKF%4$;M#(pAAqT7FE3dbwxSFY<HpHSqlHcdF(U?a
zj6!E2iTiPn7@pNd;#VN1a&9E%)TeY7k@#mqM<!-3G3s#?y{Nss_)Fn?DYu(a9vqgk
zIb2UE9!d!zMLoG4UqA63*vfAXx$Pg7gv{+9T^}yziyp;8XYCN3Wz%&ED)7;%q`V|#
zDu)_pD5!XR`(h2%M>Koz#Y_YQH;R2`bRAZ?y{Hjmv34NFfc1|@Pwi6V3K(+SZ7Rjw
zJtH5Yet~C4pf<6eRK!f99-V%aZe^vXFL~?Zm1<luV(~N`SElzi?!d>y>+`K)1ViH;
zC&KSK<7x9%@ko!MGrlR?6Z09;+4t3YVv6P|J9+O<r2QC~2%l^8!+_1G3;B<D$D<Fb
zBtA|iN=Mw|OVyWS<<G>vo{W`mEPHvwGK!#Y9$(7BXLTe~FD^#z=)Ej831hKR?M1-J
zq!`bIzK0O%wfKU6A}pzkERp0q+FI{V;y4QypP(K5@TS{wLARqFC6$+k3wU(+Ai9G|
z?tUdkAEu4}>Y85`TFT?myGC*g%fYDcBz}ho@uRu~5n^Mcn@5Ndwr+qh()|PDrLuQ6
zTm#Q!3Zek-0X{q0H_t&^3WhWyeMcp#Gbu3ytT79c8-GWq@9>Ru(;Qtu9uWyMllrl|
zh}x5fW0%7kH4@5~ac{B8SV+-GH@&=&iEg4ut{q;z^^}HD((Nw8l~3AQ@v)|*Ui_n`
zEs2eOhHsJGroXuftxr7-VUj|rr=&^jD5hTr7KahDunz)n06YWO3-~qQYRJm~EawXz
z1Epu>7)_tnGiQ(ZwD7+mv0!83aThxR$C|AYQ4$``iJCuwg~>FIWVl5pQ^1jhZ$iYv
zxm+RH3(=t*6QTl<WA?A6o(IeCgy=^sjPnm6pv{sMx!m(34$;_n{u*4SUY-u|4|%ct
zLy7qazg7_)iCdJYc`5O#`AI@ia}m^Ow{n3V4^g-IJ?y4bZMXR?Q0QvNE(q$N1+20*
z4!0M)4VltyGEmKfa<$-ol1IHJdq!x$PdjMa=0arr*%h#mhCLcKpW;$zPB9NzCt)_N
z2E|>c=&sA<yqT+Wcrz_9v{dck?R*C%CXet{gzxj_bJP;t(Thbp8+psj&k%~5OQGIv
z9)q{uHY+H-ZC45^V=lF=5Hc03iV_`d0Ba<R=js;2HnOWqm9fj8tW-}YF$;$O#!2_L
zM=es+UwZLHH}dOC@&#tXM}p85_$q6us`r^Lp7$D0Bkb>;a=Nm<>t=PdRZ%Ofs$x-$
zODq>;qZG=Q_RGddU%&E**VyBAqN)@6NC=}oI_`*P@cT6EvU;PV5tYO5JgS_pda*DT
zd8hYQNsG?<z3TX>R^+TIJKHv<QN{=K{;Jq_SwH68aU)5?{azJ$u}Gogk6Fnv{25Yy
zS-}r*JPVIf5(#VL#e}AXv;NSfBu-dUe#}cT&JR()YPN5}W%xN5kNcDn9W|Gia5RGu
z?ptQu+R{^$$P|`5N8>eCFaoi;<T>(btl&nXPlDzrGCRcx6%}FNRT#r-5DVFe$VjbS
z|5k&B<99}tYSOE|i{E*4UIz<Q^Aj^@&`1y3$(|m!szuEYLgdH(FqI~ng5JijtI84~
z$r<lgq<<=iAUXVYI$P$OoNB%YeB@GANIHZ_H%s1yy*l-Ml!gHvK$2#=9rHm^lQ<ws
z9pC3g7Tm%UWF&ai-+R?QMByqUZ(F=&{~o-(a={Iu_h{w(GLkD7WQYE(QXPqP6rA$}
z@2OFg5Y5)kqKX1u(na(Gm`i-tB8K)m@ZPd?*z7Iq3+?f$X?#>l|BVv)BmW84^O|iW
zFHN%@r;JhaGx|J_14S49J>DK%lRM9ovD+3t1U_{Nv@_150{AtP{!_VuPQp*NKGjXD
zkqg~q{yDk={k#G!eNfOlX(85w^bNQcuY?`&<2;~l^9<;acJeNG6#K_Fp<vS$vVoEw
zh`Y@rphe3G21l-fQ@}R!yEJ<jEX+kh=xUT^0Fj&n9aK2Vt3FE+U<xmyU!bX({{e4t
zryBeKz1iWT&xWgL`sn8j%wd`%^jjw@|Adayr20#I!b1my&B?WJv{&s`;ROUPX}9G+
z14H(j6q5KloEeJ&J{I|J-SFAIU;PkckatXURWfRePKBvw!i5WLSHQAxuJcuhQ_rD{
z*dmQWw)3zQ{}lT&hET|&^{VHwMcO-Gl{%h;4kBOb%V=FP3)4#^VWd4UG-(42(v$Et
zGCT);i!kbO=NZcORo)K49KoiF%5D;sA!MK@XubH3Z;oij@VtTg9)j-0^H-gi@|^k#
zR$_Z-JaQI@oYst5#@uu^nzh<t?>7In15UuB;sV9{KSbY2(EsTAQv7;On|dCO)~04*
zzH3vDae6<0yZCz%f4lLfrN>(@mm?JGRnK^h30%KjqY<}Qm5ueisL~im$R;#V_2tuV
z-EuKTjVHZjr-LJ9EdhmMPuX+9H=OZ53@l?PkNcdvn?B;k7XC{Y^~j4!`l&a%f3h+i
zgB?D9F}an(^AJg@%aKS<y4V}(GvK3NTptWH4yas3O&qGa9Vf*FmXOgI?^5cOazrkj
z@huDJC-~v~!+98<jSFrqLbwr@h;u+>;cQ%fS$OVYjC>Zmxk$4;givK>u^dTs)GR><
zh!N5k%c3-zK4r*yIB>4O`p{R59<`l>!}SXt{irvO$EO#gy!3tg{z@OMcR>5cT>G&B
zZMEPLF8PL#xOmPE;?$mjFH!T8J$&&yPhW86<2=c=&3<GhiA%FB(<MtF(JTBG&(Os;
zF1+6=PToXai?J2IcwXy)oc2>1JS+6DwjBe_JsAZ?{6$Rp`Rtvq&3F_uM=9$H-=oB;
z&{r>@PZiaJA1ZpRnym*MPW`iprVl_$qOVBjzE51N%C2*C5kgoH$#w{>iW9Wc1DsF}
z(TJtrB`H(DI0tLQ&oL5k!OyOy3h^~dx!4Q#N5o<X;5!J~Lkosgi7b34mt2~S-_@cb
zeFYk5n?)aUu?frb$fSi{pfo-n7-@)QX}$QhibW}VE%^H(!)wS`jZK)Y=X3lg@@Z2i
z!T@cmowvT=i7#P+FM?^>)G=IM#NSu)w}Zb+_<JuL<yt`-siM9~KgW$$A>?6DEzv4R
zvL4I94!zCzNGFuK&3o-A7mr98OhQKIi7oRnjpK;L<43u?y9U$su@OerOsTN&zyDe3
z)5~-VJV)Tk0$T<C@D^RKQScc{_6hkBfp-ghPT+?H-YRgjz^euJ3VegWrvxq)c(3?3
z91jY-QQ$iTUMlbn0v{H5vcMw+&e%KgR-L+8;MD?uP2ixw?E*g_@OK3MvA~A~J|^%P
zf%^o0Q(z`=QuNzFfqx|MZh^le@Ph((2>gP;8T&sE2j;PM3{SSBT*n!`xJT#RLU2s*
z_(?r~P6=MH?7ZNqEP9fH#{}TdCBb76<Bw&rUOpC3{)`qp#x;NJf~Q*xJ*9%j!HYjG
z!CM6H6MT-~R||fD;MWL#p5Oz5r=^9Sje^HAz@HAm=L>#^;0px*xZtsG^JkynCBer9
zZxwux;71AmCBYX8zEAMD4e_U6@c6v}e?AtxP4K3h^!^(o_<X_Bm5!bw!PELgPqE<f
zL6kr91&<G`{80ptFUtH`CHV1zUnBSlg5M~3{Jeud4+y?O@H+&Ly_!Fd2!6ic_X_@c
z!T(h7bQz%Mpy2JC!(u0RY!LkE75rqu_X&QA;QIyd5d0;<PZhjH(fbc;IDhPdpC<TX
z!DF}OPpRN>WZ;iW@VLzK$0zvdf?p+goT>R!D|p;H_!AI(iQqR2{yM>T2!5vEw+p^h
z@Q(<7mf-gaezxEb3Laq`{`3l-&SUh{wKTBCy5=@N=%)I00WK7D$)eVVO+r9vB^7J@
z^=sS0>oVyT_{W$-)2lZHGUcon3k2m`KX<Ss!4H&_;WH%(o|n|rSlO^KQ+~@`tzp>O
zBrI$iVhw2b;*1{XwvgP=5Yz=oTO6#r`<BMW0bXecdi^bTht`k;>6HyS9uPuSHKaUW
zur<_L-`dOzK-%(Py<R@(>RXocGODY+gfp$y>7kZTTFK(()(zgeyZk7M^Ga*L+qAAJ
z#Op`;fCVCbDgJFGtfh*%{y@!wuMXBVHa68)G}pDYK?na@mbHp@w}wM{hf!ucZQ;8r
zGu;`g4=_N9T)#GhmvW~<kK_Z+5j;B7*BT@%_4LI}EnIJCM^Zjt-KOT&x`rXG(Di+7
zYq<Whwh+h5{eLm6J~V4s`O7!y<*x|d&GmtOA<-_X=eDMnhSm)zI~eA}FWeAdfMIqM
zKh$pGhZ;uwXW2{gq4un1x3MPH!rXYTXMPrBAvPEPaJ7WBu}y%?^J%SF(8<h7##ZCM
z62KSfmDcL(QLn(6@-ui~f@TE&UHEhA`=a8<O*S#BVV2ogo8?=DIZwZ4y4sS(ETNg^
zeOQD)riJ)sA$xy@nfRGlj7O8qZesS|l$b4ZO3ftuCqOaDk>zrJSU#i=E1O~WN7)Qz
zG1SXY-tcsjo_@Ja6bQLYW|)x2CN$)*3DqOmggM!4LjP5L<9f%&ZRmJIQ7$WL095C&
zqB#~;G<$S^VV^ZH?n)EOGmK)UzN}K}gH^Ea>KXZL#{2nf(n|&G%3~v$EhI5(gOypT
z$FRq-xqbpLEz#RLoX>}?0OVuH$B>U9AG<8yxZ)gkWy2(P<(!G^N<$GF*_R*4^Pz6k
ze-QN>@K5$kTY(V)vV{N*BbW{CvCSUUH}0AoHn!n*Hn#dJZ0wv>Y^-4=v!Z>J_i=Q|
zxT`I!@V&hLoW2opbHG$<^y%%QwRoH@i)H_Ku$|+k<g(FoY;5$8t^Kf}H#cqxjHu1l
z#{$_gF`G@CV`UQ`8XFi>Yx5b*S<H-IG8ildW?3ZcB#htN<lF_Ejq+z_m2&$F!BZI%
z^4WxA@JlEcet~b$_Y-E1>mS=^>mA42my7o0pnYiPvQd5c_;iP6ux&V0d<~xrOTiP~
z0zLq|0z5qiDVs^?7YY3$&CUzt<eFG6=-k=a0V;#)o`A26K0p9G;ZefAO!`=SGP@VB
zBU7fH?lTmaSizheRxmr;XBbj$yoy)NUvJ@#;&L(8K18-2K4g#umU0#TD#sn5AF|JS
z{(S$^d*%O^``0;E5%kxE{EM5K{kO3PSw(Yen_s~xtl7^3SvUDZ-nzDsCm5uCe5!f*
zFn%wk-?H8xY_1Cg{0+<eZQ<q+n`LnO*EiMsD_bjCTS7scQ%;IHJnQ`}q1!Mv&DG6q
zax?$?1`iR9Vpi5QWApqg;!ugseT%roLBF3xsHUpchHx`CbZOl>7|WJ;mM!&oowG|C
znsI{h>$WfV2dQ?^1oky1tPpb4F02s(l=CKY`<wkCe@10=)-3^l%kqk<x|X`T{XuAq
z(ItA(;4fq?57h-j14YR0m9nogW63YfO>GTLcjFv&2GmBKWL==!0(JF%b{JG$a|@0*
z3$sJ5ID`3vOf}Th)CWT~4gR~rccappHLa~{**A3Qik3CpBMqL7_5MJpskMbg^^|IV
za9vXi{D(tfy&tEpc3oak7YK!e{)%ugh(4z-;C~il%dk{m5RPgMw`G#6manW>HfvU?
z-k){Qtq25G)dxZt93j})XQ-)L*LHV}e<K|ccbOZ>HS8v1&AK{rCfU!9XVo;dG=-qP
zj&%>xHGcdJ5tLWc7Vy_M;fz?Lw+N$ZuCWH0*Rt=LYQim?x?rfOA1pD3d~k4U3$ON9
z#u`E0M{Q~L*R|AyaLh-ojjc5;7#M9JQGH7t#>D-`$~L#?QM9%VeZf@7L~peQ7h~+B
zpE7AKgQuk)M}J={FM}0fEDz;xG~F8Z2RHfr!N%6$y1JHne+6y<)HfwGLPd91ufddR
zpkw?;BwfC#E#zNU-L%dxx6w2siWM1=Qr%R)mKQJ=*Pq!2H-^PsNaxwTO?L(Bf}1MP
z5rd~XeQnA7jhDBV>wCgjhzTs<8vt<vY|*u&Aq2Jp?0`~$3(!9U`zkJYKG3As3n1N6
zT;h9i@uvOXjtexMSxDCoUDEHRJh=FMjPfnjs1q;?uoSQs5CJ?0coeW3@DspMz)OJN
z0*osdn*yi++zDs~{3YNUfJXp(0o0-_W@IL2X4z~6PEt86m*ug1R=`H$PeEAOC|1a>
zV56B0f3gK9Z+8<Gpb#IjI>}csrqk$SUmgB-k6;ylbHE=&m)2*l6m7#&pxfrJ^sS#m
z_bHl9dMSFgOyb<nP4v~(ul0vSCR#!Sxy)a`UXaWExHIadVwuxz8)$@X`2g!~ZuVdS
z-89(Bf#wY8d{&DtOU&3k(5TNzA86NSrHiHwB=Ob_aJ+%TIM2pGt9hFTQi&U$D!PGu
z|G)oaJ{~-Ohy6_BOBAW5DF2_I|0z8{YuaJJBe=`Zy7nyuHeFt<U%>RIeSQjg0JwTI
zWT0u?dlEqU`+%q0unt0>*23dh3pY|Zzz<_hd<%EMp?4#?GyMU9$0Fzu&cmAN0!?@n
zzz3Sv(LK08_9E{--~z0vFF|ev{(D+qK@Ytf4!u_ny>rrCv}7uN8HREQ&jnP2CVT^+
z0W{%NfDmZH8xTb708Lm0>;_HvZvjt(Cj1is>BoWJqO~4vr#1gdto76<nYEv2+5=7s
zd1fylIqeDi07Mh+oP*JZa<&7X2KYd~1ia@ud<p}-7x?D@^2^h}x8a^QA2i+f!T^$Q
z1b!7jdHaEHn1^)GKHyeBEogirU@rhjrx*At+@~5q)89Dz3gBtbtAQWF9jhI*75Ak(
z0H;9Xy8`=H0Ojoi-hn$)Kgofg1dt7TfopGof2(vH0ZsA_;HLo&$O*qMXu8+YUCs(Q
z;Z{M@U5)NzBq#iop#P`L$^UolG_WF64rm{41D!E2$3H`kUy3mWX|>34FI~7Vd&+Oz
zxUSibBS#xf;R~nDDk+_2_tTlNspam4(^gb3o-u!#y)A^}dL12E7f##cZ<}`G4F$R7
zh>7~w-POFwjsjZR7ETKXTdr@bU*lg_*EVBaQ+=?tt+g>UqrP?B^>uCQO4iSsX2$`u
zsnOpSS~;{f6lJ%UBh=Uys>G33ls5SbN^?%;`H-{CUmp%Og*FKulA!-D!l=dH;0rdb
z$NBVbf7?Lf&}7d>WTnf8*T3H1Y;UIb!fADFl`ZRA*ZPCg?BOQ4o-QE^r|}5>H2chf
za>{3Zel6uQhuKs<bD(j^UOqF^Z(uI-#b>fE%rPYNJkk3^-xK{$u$|VO_MN3WT|0d{
zYj*~Aw(s1r^YNYgcE)%1?(Eyyzmx5<?y~PH-R0Wl+f}<Ou&aI7j$M!M+P5pdt9Mu5
zuKrzYw{^FDcj<1|Zr|?O-GSZhyLaq<eD}WH@!h?<`*!#5W_zrA?0ZW0xc2z=)b0uF
eY2UMB&*OXc?eYC!)em}p@R=6=S@?gj2mS*Y<|rHh

literal 0
HcmV?d00001

diff --git a/AutoTunnel/x86/WinDivert.dll b/AutoTunnel/x86/WinDivert.dll
new file mode 100644
index 0000000000000000000000000000000000000000..7e02d4b14163e9e056a752b8eb67fdc7aa37734a
GIT binary patch
literal 18944
zcmeHu4|r5XmTz^slQbl78%Q(?N~=MlK<Ix7-T4Cn(jknAbO=d^0wE?HJ2C&Zb1#4V
zj3(SfY3{Vc%s4wb>Khr{dFtcs;;c(hS?vIm1Vtw*!!Rq)i7UF@cGiiC5H-tvzjJSQ
z6A))+=Y8LP?|aYYJ9SP~ovJ!@>eQ)IbwlYLyP1|TrUS?_V+VohSD>VSIvGRt^tmrh
zXD>{7<A#Hpk~eNx=V|OPwtL&|_SUu->uOtD+j!$$ZlhOdH8!>y3)hqzTiWW~nbW3C
zO^<Y4Ej>SU-N%1;JPN;Gobvcw<bS_-W(3c8e1?)YDEaF?e(&*2<lld?;qf%!oP{$U
zpQGT^2)-(UXDN7XW1WZkj?Tp8WUNFJ&uqK;Dxzg0EbfLRO%h`ZQ8Gs@-H-)r02C;B
zgF?qKmY`%WV%CKMQXYPBtU#kQqIT3k!7AE+8)N^1_M=6Nxu|+GV<X`H#;={Rc3O}>
z^UFX#1(SJ@IW;+d8J)?yxA7<o+=_(cqPa%o2BrLrkSfz#U(44rwre_y3IN1w0!;c9
zpe9pgW1C4<7XWj+R3IfA$n<u2>rkc4b#sJo1@NR_0rlr~H@AUtCdt$eAVn7fCjAN+
zyR7A;%J0a(N&^+rs4VE^)RF>b*m&glaV4K33kF$8Mn!NR)<Ha~R2`=u>NkcGr!c1E
zBKf|{@`=fl>t!KL7AAH17)(k$nnI&R#!Hi&RR0*pT<dCLo*UC=G8%jhN1R5LQyuVf
z`SPy)hJ59fRZ^$k`mXhyeXhXOY_bII+;}9M;8%PA_lj<*OHMtG>54~ny#fAODv{pt
z&w1Q`XV5=qeeOG3j~8|2EoH(9sWiFw7$5J~E%j+6r=iA|wrRfxeMP3OAjnfDmFg>Z
zX{xNU^;}OtNT}H)eYo*Ro=HgV+OFAlkTwQaIKE5AmHX##Jpq0*_euaF48=q!;a<`D
zgb7#wN4iOpp^%Rk2ZqDbz&xxniv!PU#~i}MRs+Udg)WsIg})Cc-&tb`DC43+sz~mA
zo8;zvagh5?pQ&cQMyXWveNcZrW5LgjjP1eBHCTV`b52N3eWfI%Kye1o18_@z|HS*U
zT!sa41w*QedjrDE8Y>1Vov^+Ud=kxRnoWh)KxKn3p~~MojutL|FEw-xDmk*q;K%B6
zL)HCUpHf`oPwuh?#6!v$tI!|!NWl8Wrr_#GpO@)Zawd!8TJE9U=uJ-VEuO^;5O;4H
zWS3KoP|V&rAjNT6NU#Pr9!_RWk$-Zk9km!Z=#sODM^4Q^!9jAn#1}10SGf|QXW9nQ
zV%J~58|!OgCNmrWoB(7%!sr}eAKjx1VFMR+4g2&gV;r-dtE_yLtV2%KVJPWT@4H;j
zY2-b!hGU-7PG%^VQyEo_^_~;%4Qu_YnZI}JKcL@WJthGIhB<ADPPZvq*`#UGHfb*Q
z674EE+SOt?wHS218O~N{>6Q7$i_GO~E{@6nFs$o6$KOUHRLZGoXag(AQ(H^p-LjE7
z&^58}4gTH}Bv+FLd<O6V=~a{hWIb24rw~{kj<)T6mrum(sIp2<r8?L_jWn>y`o^8X
z0vIS67nBJ7aebx9Twg_UIoG$*ko$V)1~S$LNl2?|kUCTDId&D-SEz|w)D6w?(~40k
za1B0Q6BpKlZt&fwi6aKxHyCs=2Hgs-@3q|5@B7D^O_yzN8o#W(((jyraV&(CKqjEx
z0N48i3}}Iu>As-DVsH;VhkQ|km?s>>$}u5GUdTgLRdSYUtTvkFQ13CW=LzsC>k0lf
z8+h$%;haMGQ`QLE{6!jVe?GPBXg>G|I(vnB?0J_f9B>`fqIf~SYi)4HRb&Cluz*!H
z<d;ZcV&??o9ytQmo_bk^KiaJdw{?ah81==3(a>F}^X!2Ls^-Z<QtL@Yir1tv%wO4m
znyuHv3iR;OWDG9P(uj-R2iLE-=%&arVhc`okZ50C$@K}zZ+-F-24q#zYy5O5hU?R<
zS*{(<ebf7ev@r#4NBaD&PhKPrK50_jxg#1rkvmX0SJn=5eTSvj`a=fokksEFG}LJO
zH=Q58!g`6L>n_=BumXSS(K4%C<u47C`Ahc$UI6R^90VLv-Q3!E7~RH0l7NFD1LnCv
z8W2Y`NrS?T4Zf9AxdU2pgzF!PbCp+B1#gA|aVk>9t5^>vmF~kyu}u6ZPJEMby>Fw;
z8ffq>hx<J$2K277%F5tp7i1ZHO0(s0{#6<no9au;W~=5dcD}&)wc<xQr4v6ok%Xh-
zfWERR$L}0+$-=?lKPQrqFH~9s<rq8;#Z4Km;7`#t7C|YQ)bE#Y+^SXVXI#%eKu+-^
zz0$W?>3ct<<N9t-?hon2_c?#^P9JoEnSW1One20pNh=LL=h+6Szo9>XedPQ~@$^Lo
zzjLf9+0`)U9A^o^Im*z`1j;83eSc)=ri7^ET1YMnhhlvwg1-l!p$L9y>w=iz0SMls
z2yTGj!hI2iKuBjyNNHn0k#pdpoTMC#9FucKkXJ^c6-#J<53?Mk%T9QH(~PKmbqS=|
zKt!`7Hfc6LD&WclI;f<<8pT2V{2EoWihmME^=im5=$wG4j1+^P8gHm!2-nj^CH3j-
zFNr^@BJqdzLig8@l5H)LD#pdHw0z>O#8r8j!jcy$=w9$z|NGi^K7dp!d==wKulq_T
z#IJPThr5<BAr*TT=U$voU$aR$qLlp|-J+O-y5Uv-DvlOj+%IT|KtRt`1-h2zyhyg~
za~|@Q4mEHmouibTrQ|dvXN37(_iJ+aYoh(ef`hI!RXx^YXekcFS+PLFe&=ZUpz}C-
zM3;do|I_J2VidtZ9`QMhHRv3ovLgS+6IOY_d#b(?;BtrHIMr}1c~`<topn`_DC@i*
z^vYb17wtqjo)ddO>`E9Y%s;{Ma(I0YJai?B{LZ5;zw-oqR?u~hcHmG0%wDQE4&RAA
z%VEvMBXO{c3%-qk@RSB$VZ~`E^mx}&#?O+R!v#f<T^!eQJIb)>!_(1bs@OT4$o0}H
zgNy6^BM5j7I=<f|^042l5x>%Vwf+_3;ss#w6ZpFl=V`9bIhr(t(?~eo|Gt4J=O;-+
z{uOb)B!9aGgMc-tzr4xVWlcV#COY43x<Aq8>}74vQJVzcZF;}!;y5It_;F0MaivW~
zOti0(hJ3dr*W9TXP$ca8B@P{ODbXdTL;Fta8(8_E6sZb6lNyWuBl}}cd8PGOBq)E|
zdd|0T+*f+mS32e^9rcw4X%z>sQqsm`@oNpYgT~_yaOC85((k0teVr3xP{(h!9utFc
zT<>G3hOPTL$HlKRxE;HQyKjw-JJ8=hqVEss#UrPZ`g4y68U9rnKDd788LYqF#T{6c
z;PP!e6QrB1RH2uIGq8YNL*Y9xhfpDU5x-91b~r%nN=)Z=I+OC^xgEDs`TJb|`*FFy
z=XT6d$BK)MMFVlY@zlndv}?^2?m(acX9U+5STN>Kv4gKz9CvJ8!5!$b%|-Z=-fIN%
zRg8)kQoPH#z7@&Rkm`NKFXO!?Ojtc+a>u+k`E`C66Xq7s4lfuZ=d*FV_Z-(t*BI;D
zp-0Hll)^#hC^3e1An{cM$$VyWec!vN5lA^8=*7c&*kSlUv{8^6g<Z({D$c^Hr%}Tw
z*N-vSp!2N4vIw-VVhlca7O_l63$?FM3w8u@gU&I9QD;47eHTZ$Vlap*r&t5M$9x?3
zlYms3f)Qr<u7OiZLPv=TOBjwpDosPpRZ{0!pF^pXFR7fPR*qe<(x_IBUa>M=tqfkV
zG6R*fd^3~*-@atPg{X=1ndxkXnM<<fdS>9SV}{=V(m_81%yjr^C{cfLQR2^Gt+F2w
zk3b)vbN3g}ohw;-3(howvIY=EdZN;ZG7x3#{#S-G0GnaNkTfjy&%-Io5CkP*cj){7
zRi8Ax%W2qIG{3un+^J0M(tMT1O_u~=(aT8G-<u};`#I&(MiL|)VJcmce9kj+YC1)#
z<Gr$Qg9|_PB1L(w=hqk}!Wp?vy#q@^crZqSI6uc#9;dP7O!GO%{mx<RJ>0$oBMxI(
zID=yap#yG}gU%5$nR3YM9H!)yuXAL;`I%Nu&BM@Gn7O!k6iLotjV~d3geezK#GQ%<
zid<nn#8D{Nnlw0FFx0RMcZ!0G9mGq{Q6Dbkin&Fitq*3X9l&tuFvn3C9F7#J`sp4`
z##`Vd6_uutzv!Pg@wF@`In&Cy-cPaPrG9Zl3!gNu74&p~{Vyt0UDyxa0$s(u+G*$>
zWL-Fe9tw)GoIi{Zh<oT~sKaIXta@1{RK7Oo9#aBJTq}C+MSW$H>_NK%+~W{!d!VU+
zXB@%1oVtz{W=y;wbG;9tSk;0!9*3s_2r^&FqN`LBlTQYBd@9Sn-m@40@y?AZBPd-{
zt9)`(jW{Gn^zjbv=ZZ`JQ$x!CL>)<E>a9-Askb+X!tckHo=cK8G3m%-$`j5atW#z1
zVKscha&CvoOBHESf6`%oj>@{W3{%Te_!?q-W!*AqjK5ChX<}7iGAm5WV@wO_Ap!E-
z6SxZJI-VRzi)sVUEedaHlvkLIn`jAiGI`1)cvn)k_rRu_h!)<66h#lVNecSaWmPa7
z>l>uM;G>b6%lDU2sz||YH4bJ&Z&3)Q&vJb@&=4SEahYG&6^RkC!*x5z{6|0)?$Aqx
zJFx%8{L3{BzC`S#7oiHA0OSsw!3G>b;vG7OE*PYW5w7ob+<gZN&2imq2Lql8Ucxxv
z6pW36!|SV+LO$1bHDWsHFh-4xPXj*~8~8yC{Gb8d(%36B=v*CM8CLu%mwV^~Y%@9i
zC+Qh5u0mI36}`^QP%c3!WV1(69Ua7a4D%E79?V03+#~(8HU19O=og)a-j1WIk@!_M
z-h3Jcb!H0sl&INPXif<IGsGLvnd3q)sDvi;KU6{+`h`m9LUjIvCqA@WB@#jpsYGJv
zewCOS5>!GTYF3FUp*odF3f-X+$)Pfpm=-EliRqzbD#3-aRl*Qjq!Kei=_)ZZG+QNR
zg=VTmN@$8oq=uMETopPGy+gvQL!YQbTIfTSxF$r;JE*!g^o~l*4!x!lb3*+pab4)3
zN?afM2bGu``lU)3Lr<#24a(_{er^m&YROH?>5r21@O?<<g|{HRIoytPez*x~Mz|j7
zE#XZ_Zw;?Ux*)t3>B4Xc(naASq?zFYq>IBjNKIiIQgb*HsU@6&)Ed4KsVzJQX;%0u
zq}gEu(k0=kNbO-AQU^Ui!1(<uvDk53&lyO^^(A5-z$U)M*d^zP7{JTLI8)3`xK138
z-#Q(kQpzpNFi?oAYB-mWCiF0RLnZf67YHycj4)`z*Ahc~cordDIGK<(98V~&K~8Lt
z$o%nq5D`K(e6e$+h;|)}pMTIm=BaElA0qoN(7#lHSH?5G!WjuTgn*{fQNqud339sh
zS$G<CPP+})M%DK5?iwASJGQgBv9r4Iv^Ao1j_oCWS;$WjzjPvwMLS1nTIUqWiC8#|
z>pP`x5iwNA&sZ&VV*7J_cxmYdUpN^#4+VHs<SMTWo*9*8@+ovM;W1rtDT;IX7A=3n
zr9?cCI%x`SpT+4GyBWrgOawu@htiqhSM!+RS-?|(p90=O**m~*0FDA)1{^?HKCl6>
z25=)_6lICP7l5w;wgHL&Um(8#_*LMCfolQx0h$0EfL_3Qz`vmWKY+u48*XNXKLDo!
ze+s+^SPPf}_z?Nu131v<f#(Cy27G|_PGARM8Q?a66~LpM;Bml@0Jx1B{wKf!_&MqW
zfYX5A0^S4+0;r7Yh^8{CBc4g_pWX|_(UeKSgEIvogH$m`DosbAMVD(M-Gunrv6Du*
zjVrNDF&@*DbLsG7y~l+4m3VC{U+XGUzK2u=m*e`1$CB8y(X|ooG8``y{(u`%RyhJJ
zwE@ENcY<163C3eV)f5C(@e*!b6vV4f87K7Wn2||9etfTiwN3sWGY@AfdHh$uP$ZZf
zTmB!-cYS1R>9YCKcvZnNb+p)gZ;fzYVZKU(zihr|=miZ{eR00@<RJzbpIIzi58ow~
z8hYOrQo6tF!gllGONyZH{*qzrEeoPchU+fw2BkQKQ>0JD0a-dM4kOCi`UkJR`+__d
zFE+o8hB%0IJ&uU_x)7#d0WXQomG@B?gh5;ux8*h%$S(MiS-3cI2k?k6p0{-=?v4`+
zl)GaP=oJXU!Un(XpA;g|Z~KCX+$9~;cTM%{EI#cmOVHKUm+>Z?i^tKLO}qMmb_dXQ
zKcEjV5&`8N^XKj?YCVfwccNDv?WFI2Fl&SL?aHbK$1L6i)22Jk>kGbC-@kHCZcS~F
za2n`1u|IA_gXmyFIQQh1#K?EK21!?rPgXUXz)|*%uWQPENqJmLw!XV&TZx40rope9
z``CiR(irYhZ(Wd5#&*T!XoPF=4nA|&3Qf*(jWAt29EZX1E$)mp5RRW65Qj9qf$j1B
zO`350{nP#T%eh~79#DK8meHxN@$1H-5C4iiU-BLXgTNOx1D-I>6<7I6hkX?RpKuDV
zVqDMTIPs;ge4Qu!cjzMTS-9cArD_2y^?2(u<L-16(P!jaqtrRfy;8VDQ#83)7?nCt
z;H9Z(SBXjHUU_S0>2JiZ?&BUB!Mbt>c9fWu#ZLzsOw2`D=qkiegNb=WCV`Zkr=-&1
zg04JszR!6|NG=*oTuOCcLb}1kl|+6*f|d>wi=aV$J{8g{^%dF{P#pzggNe(C{MD7&
zR#4sFDs0P%l!&bqlPEOHc{g*t51?=`v5=}7Cs*Akcm@-lRJ<0&Yj>8OmQw>!4GBrR
zoWIG-<aK#D!tz1q32;C}=uBsV#xAl=N8v7=DZ+Uxa#HCD6znXVc6xb{uk?iYrO`W}
zo@R<?{R9!H;#r+11`6X(<5lpqt7)lc3<C!rQ|=1%UV0tA_^uYFNyR$x%O!k3{L;?9
zEEVVww(f->>PzAfu9>G@!AJ0wQ~mmax7ML9J3}+)(ZR$bF#5FNEtfF=?oTtXMvvvL
z;PWBsQcthbm~0_LQ_HJAj+Apfx6*@4lC;X;(@Lw7eQONT8oh6o-nS-M9T^LN6)k`n
zh=VEOkrbF_E(~=C-LEETV}z`Ro;S#H0*D=I26f%5NY|wkxDu<k<={&ZuHFB!m>G^N
zVusR8oRPo>0W#oYz|AQ003HCaDSzgtq58NfTHQDK;u8|TS@@qQ(bK_|x(!Ne((KJE
z$FiP?N05j^>uq2$pNd#@wV-d(1Ybf)wP%Ws1%fXVseI+?9!-ahG+iBh8pkSZA-*ZD
z`i)!m8q4q^GHni}scDp6mqKZlfzteBqz&IswJT`aLIqu?S5Ul8LGze`7ERz~<%u7}
zn~;;7Y;U@Pb$c^_@jAKJM)}^;6S6!Q-wsv{E)#pGa_>Uq2IGxLN#Mcwbfp%1E8Y~L
znsn>$39!K~8}e8(rskz-^l{%;5<iZ7{|J+&=^}a0oFb^_I6mAQqtAOy`XIH6C}EDO
zgrDP3Atk`~{Z}jD43zMnn>vK_?WEbOGy4q2e(XrDGJhfN^CO|_G1X{{R^~5B*DV;D
z9XLOH(~yM76%Q}DL*A)UfAu30^Xbyb&@p!w4pq_<3|?4v!l<gHF}x$RgW9_umb7;r
z5`2@7w+0F}9T9J4!L14SZvTM;ihTkmHK<EB<bd8y=7ng1^juaZb|y0%W?b(r@N0Vt
zsEYvia4Iszdns4H2j5MYRhC>jym`M|f}*f4_b@*l&!n%7anC2gHH?K5Bd-Wzz6%U-
z{IsUIL55YU4(&isau&%ar#3@WY0QUjE9bbLpV2(BNajezDW8z++o%`O{d?XGj$Hl=
ze7&XFIkf!8vQ_1(qURne^l9ajYQItz^-DSG3@?20NvU+)QJRd`1;OBO>iK=rr@qo;
zjEkpt=~VbhdLGh4bv<ZT9T`N?o}x!(jy`1~j?M|LH$d|bJfscvDMaWWfuJ=F*ZWIQ
zlk_8<|2Fk#t>=myN{>x(HT)DP=L4uEoaGsX1fCHjgYl#|6tbY6)~6b3{jujXRi8o<
z{C7ODRI5T&V~uqrkeI&#Z5ThtLpb;mTB8|14N)?^g~+K?EXUI-!Xyx~9>d?4P%HuA
zh4|o;SRb$=7$lE`2$a6uD}SnD@a&}B_!EqYhO}a5tnd0ZPSC4SzJYeEa{|w>$&P&L
zo9j7&wz=bY?UUmK`<`^Pg&5PLVhk%C(2_q7zDQ~C0c?m^#iNrdo`P6Pg(z!;Ow9FG
zG$|($A5;Za=mIp4jx;60AP?hxA3|t_+oGdf1Ge+0W(RJfIq<e<iv^K-8M1|E<L)78
zu+N+$Wv(Cv2i4U_BzF*>4L(OJ%p1my-6{w10?VX<;9<yd1fOaK<4G5&kdMgo4q=t#
zc?XsB1ts0Dq+Lj%b3}CIQgNPk2!D659CzsI1Tm0ieOudKg=fmyP^{FRoO{7LMJm>7
z-^~5eJ9UK^$jE)i8?*+naIu?#>M_VcUhwRPo;};KqwDuTF6L4{`6{<Ovvb_~Ys3U&
z^?Rwx=MF|5v^>Zeg7+a+gTHl<YY~;X)S9)JjB?!bIZ{D-e{k;kVf?*8Wd2g=SiNr=
zxLGybf0VO&RASa+-FBF40Pkv2KPfK4PTx^3ZxE9o<GxsW2j1u%dLG7%W1o~`4RkwP
zPCT9`zmx=PZg7;P;YkjELXuAogz;Ky;7DbYuE{8;J^{T}f13wvN?WgZK=N`;DV|}n
z=0S9Lsl&iW1^NRmGJiSsY3eWR#=&zfPM&JfJrQ+VC+XvZ>Zm}D_?;ur>>1o_^->mj
zBKf2%_!&CK?vciQou~0hK|ZN?5?L4lMPBI=3mOb|f&GZoc^acpBwJ0cm@M1{^^>`t
zKUH0<oPE)2yXZd4ME5wWta|nKj|yIX1yhl82l;8e1N@Zp!+Yrz4LA6mXAz@qfJhS7
z9}hUr2|0B$vSuRItAuhXPpv1W(lKl4DE^AbifD8w_cub~i)+w#*wFhXE=&E>W+3?L
z#|NGvtU3BW|CUcVt!p+ZC$!>3W{UZ=+nInZ2pxLRD;x&-kjko8wxQ-#O2SD}0vtk|
zJS-0Aa?g7|t=V)0^<7j?$(8Dl%k#dE-sE|^k$MWD!XSNItX8hbs@2Q%*U(HVOgH$N
z(+z&Wf)Si#kqt0`4FJ2Bg>lIl-N4G%pU9rTRr#WEs^(m#F2lvY3ibTng28F>!Rs)T
zcr<MzcKRcVT#qX0Q%d@blI~Md9x2K7-S4m0z~<GA-40j^SO~ZlpaZl6==Vf1W6uB%
z0Coc21dIT-0U7`<Kmou6xDjv^kOJ6t8)KUQ#eht}F2MDG>449^$Jl!S`rQg_2NVEq
z2iyVh0NMff0(Jua7Vs3{C?E~+8Du*JI1KoEz|(+70S^NX0xti}wlc#EyJ{;VE0}@K
zoio7Mz@xy#e-;?-fw7fp5N!a)*~8`l<7{Rb!0^1x1e^ez2TbR939ue`J@6FZdSC}|
zGw>2%9(XG7HsB=S9^ho)?*o&6e-wB+@YBHfn#5iJCV>tC<Etba0-gyx3_J_?G;j)V
z5Ey@F!N!2E0v-px8W?{wZ=fg=lQiIul$a6tT3{0}{>+T!0nY(00j7<%0r-00cHou3
zJTOiLwhh=0+yk5gyc-w~TkH{FBk&WzHvm5ad?WBd;G2Mt0;dBX2c8Ff8u(`5G2r>Y
z<G>lf%*hP503`$83Y-SK0N4n;5I6&vPD>kbCU5~TIiX_U#lR)NCg2Ug_=v<jz!qR0
z*b2N8*alqNTF)A4n>*Z~8|zxyffSs%qOE>=lwRp^*WJ@0w8ZlGPbyJ*-S+k<y#)qC
zeQe2ATSw?v>u8=@M`)#WW5eqDZPZ`uU2Ov7X@nGw?U@(bwPzL<Q9W=6zr4QQtI$Q>
z+Pl{@G$?d&y|={OdN=O@8}Y5KS8=QmWu=imT;4Xmt*)(^_{zO?vHsSrDOcLATUSDu
zW~1VZqek*Y&23vtYVUG4NAksO?In#ZjeL|pGAi|vc{~1J38ahl6&o?qcAdAjp`o#E
zWpiyu2bl0bf>;~4+XP-!2Ff~wyH-b3#Q3^)g3RT0_eAmSv@lc_QyAJ%9?EjHd3l8{
zYHU^TWJM8=t9E;HTWx(zPfA&bN8w%Dp|&k||4nQRh#%{-e7o9bh4*fSAK1l1cIu<5
zv9-Q!D`>Ak=D~#ec7jV}q<mCHqN73(eYspz79D#7t746;6<fKHZDDTaWjwPo3(I63
zY&(E{SK`TLwo7=v*^3$Vv|FhC2GCdP<suI~I?!VT@x!J6^*`zd!3X(Q1kqRgQP58n
z!x0?KKb@_P-v%rKqUEP1@jbhQ84dxceYF1gq<Sj<2>yQqqO9oe942HefIpm6)<tIr
z$_`B`n~L+M3uRaO{l9v4o@6V%?poem)Y$B<Vh^*G&21g-VtCSKH*1Pp<>pIjJ9wwp
zOZ)ih`0`8gd#HZR7Pq&#w!Ph5zt-I$H1lkcrqI2mvCh4^ZDm_4?}cxAEi#64i@TMt
zV(cbrw^HzWk%a@RbHiJ7$FFPdSl+Dszc7(#uvFGIW5e}O4g;&X9h58by4~zY+SMIZ
zZCkT#(Jojg^;_CjFElIDxxKapQ)0I{*WT_dv05_go8jZ!>I}=>UXn2~QT#1SMAk?-
z&cKMwkplGdF)MU8yLoq%B_(c6ySue~Wod0|?cHuKIIdDl)UJ^~7gx^Ldihuv%L^-)
zyH-af`6RxvqrUNOcv@{jW5+g?WM@&@(Oz5UW?@jZ&8={V^$C0%ytLcPa^q_1ynIc)
z`!3;bj9KGpYrBWBpJ{5SxT4jgtXsWvTb;X|Z)|I2kEu25+}@VPR;+SVRi)*XE7zLM
zCRHaL;9A+<zP_%VhZ*n~CqAyGwx#3l8uvCj2u{Q|kiuD~wx*?)mWW1UpTyNPwl?x$
zZ()DDNY}Vov$h6I_pp<?8lhF8W<&0aEuX-6Sd6w-rTdw>nh5m+lD64h+giipAV%*E
zZ8fb}#14=crnMI9w>b_%(e!H6$$D)yb!{yzn5zhTD2yn^<#l(!xY$mVMdsY*ErOj3
zUg$ur%hNbp>u`L#+LYee)v(*i`8-{j;P!5JxxEc--j>?dI`>MP=%k&DN%p(WgY8pK
zNAy`LE#Kb3yIa;Zwz!vf(3T>K&CsG|U1QxnN(b2pRWdb&Slqi%uQV@dyvtkb-M$hk
zQa%1f4;1~stFPc3C!czC1WqBgwxMh{fV`m*fguHxCO`qe1=tMe0#MMkADH-_nyK;*
zgTH`+Mg)wT5hPN8N4zcsYQ$eaff|Ce<LLhs;NJk6QpELuTtGQs6QB{m14O`&08axB
z0Nw$74w!X2W(&vzd=GF3zysI@pc%z6Ez_}hmcSD6-E|6^%92<zo5rT&KTR3f3^tR^
zVks<@UBz$;7dFD#@QTr@q~fiZN<+u4TKr$+NVeGB-0t>5rFGFzqT`Yp@OHRYySCUU
zW+D%y_M$e6R%U-|rK`5?9ycFpM2;Xru65UKiIC-P#D8k9a9^ryu}P?s$FhaZ%}zMW
z?H6Ymn@)`9N;A5wGAeg$Qr}V^o7a`<BU6i2DYJ{^lnGvvb8fpRwKC^eE#)q)ji`av
z{=46QwFc;k>-lS5EsTzfut|x-qWSOe|4$mwFnT)xbX_`Y^2s<yu27DTlFHp+^Jc^X
zbQoRs%UiasrP&A<-GSI6f4(`>G~ei^Gq$ny?)>=`>xvfH=NmhC1Sz$2_~*~x?(Ues
zZ0WSAdAKjSTkdM!ZbS#I9r^PGZ);9RoyXl$+p(ynvCiAp(bm8(!a<)?+tHG_#XR4L
z1G%xm-N9E*9t~X?jd{4Hb?~bZJVbiC@z3;Ty-{h0mL2Xo!Q04hkK|F}b^nckQQY+|
zZ{rr6=Xbk1VwIDto!iiqLaq|`7I(9;nbQ3EwH>Qlx3t~k_Rcp7jmzsO(9NH(yim+H
zE{^q+xA@yf$y<DhOnHlAlSA{o#ZkQ>bJ<#4F^lv45me|+=S}yTe`x;i<_qRuSzfXP
zEWftAX9-#UXt`j~SvhN}b++|ZtI3*cEw+|eUDkEhChLRNpIP@<N30)ON3G-5X|`0`
zLR+?No$XHBUA88h*Y<$zLEFMCYu37~yR%xd_GJAs>)*3j_N?sE?B8W?b&NR@bBc3*
znUkB>nBSgnT$a8pW7)!Gre)`sF(clIAk%cy)u#C-yJ@NEN2Zre@0hMNKWE-=?l-?>
z{@8q-<tB^Sl5hFYl44zK&9pt9eJDHKo?%~TH`#4=yFJfdU@x>6+e_>&`#Sr2`v&`F
zd%fLbZ??DFdHXi|efBPUkA0{8`}W=TN9>Q<pRhk=f7<?xeV={5{RR6$`yqS4e$+l>
zKW-nkpRk{@pSF+K&)9?ZQTv$vtbN=*VP_7VL+?m-7#t~%G{+o=(UI=Ra4d9~95#pD
zk>@CIR5|W<{F`G{PHWEZa?H7Zm%A@Fm^+#~mU}jLJooDSy8L_df06%ee(%zKOD`;a
zY#Anu4Mu;AoNmf6Ei{=-Hq1TGRA4GJ6`S5P{nivT8O=AF7n&_*yLqYEX)ZCBo9{5!
znmy(=^H%c%=7-EbHa}tBgEf5K{IdCV^SkD-`K)=KWdSs`1iD&j`JScBvfff-X|S|d
zc*}j39?SPFKeaqz`GsYl<$&dw<xR`GmYb}LtQPAMYpJ!`dare-^>OPV>)X~-*0A+c
zYm)71o6&Zw&1AFNJhpb5V7nKq+-rNu_B-3hwm;gwuuaLDo^@^3Em`KQ;;h@Vc4R%7
z^<35~SsB@PWIvnzLiS79f$V|o<JmVaS+FF3$(>8umIzB`+0*Tdv1Sge)SdQPtd0*W
z@*K4PrhU4@?8tYNI4T@>IezGP%(2gL&@te6-SLql>`2H-&Y6*OL(bA1U(Ulh|1Ia~
zoab`(=N!m6ltXv;C!o$V(Ab!1+{Da!v%#EZHkvccCg`rfTx@ok*PAy(bM5AB<}UM2
z^KSE_=BLchz`hQe1Lh&~u=$jE#2hq_na9n{qPG|<X%?d;!(y`7Ed`chiwk<(Z1Gsy
zE!!+zmYtT}mPaj5S)Q@%w;aUY8L|vpPFdz;8?)=PJ=srXKa;&L`)Kx1c2Ie9gJ|FV
LzSF?}6&m>8CyZoM

literal 0
HcmV?d00001


From 0d52978d8154a5691894375b82084fc6ec249ef3 Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Tue, 29 Aug 2017 09:12:17 +0300
Subject: [PATCH 02/15] encryption proto version 1

---
 AutoTunnel/AutoTunnel.csproj             |  6 ++
 AutoTunnel/BaseSender.cs                 | 16 ++---
 AutoTunnel/ClientSender.cs               | 80 +++++++++++++++++++++---
 AutoTunnel/Encryption/ClientHandshake.cs | 42 +++++++++++++
 AutoTunnel/Encryption/DecryptHelper.cs   | 43 +++++++++++++
 AutoTunnel/Encryption/EncryptHelper.cs   | 59 +++++++++++++++++
 AutoTunnel/Encryption/PasswordHelper.cs  | 36 +++++++++++
 AutoTunnel/Encryption/ServerHandshake.cs | 24 +++++++
 AutoTunnel/FirewallHelper.cs             | 58 +++++++++++++++++
 AutoTunnel/Listener.cs                   | 61 +++++++++++++++---
 AutoTunnel/Program.cs                    |  5 +-
 AutoTunnel/ReplySender.cs                | 15 ++++-
 AutoTunnel/TunnelStorage.cs              | 43 ++++++++++++-
 13 files changed, 461 insertions(+), 27 deletions(-)
 create mode 100644 AutoTunnel/Encryption/ClientHandshake.cs
 create mode 100644 AutoTunnel/Encryption/DecryptHelper.cs
 create mode 100644 AutoTunnel/Encryption/EncryptHelper.cs
 create mode 100644 AutoTunnel/Encryption/PasswordHelper.cs
 create mode 100644 AutoTunnel/Encryption/ServerHandshake.cs
 create mode 100644 AutoTunnel/FirewallHelper.cs

diff --git a/AutoTunnel/AutoTunnel.csproj b/AutoTunnel/AutoTunnel.csproj
index e3d377d..74cdde1 100644
--- a/AutoTunnel/AutoTunnel.csproj
+++ b/AutoTunnel/AutoTunnel.csproj
@@ -52,9 +52,15 @@
   </ItemGroup>
   <ItemGroup>
     <Compile Include="ClientSender.cs" />
+    <Compile Include="Encryption\ClientHandshake.cs" />
+    <Compile Include="Encryption\DecryptHelper.cs" />
+    <Compile Include="Encryption\EncryptHelper.cs" />
+    <Compile Include="Encryption\ServerHandshake.cs" />
+    <Compile Include="FirewallHelper.cs" />
     <Compile Include="InterfaceHelper.cs" />
     <Compile Include="Listener.cs" />
     <Compile Include="NativeHelper.cs" />
+    <Compile Include="Encryption\PasswordHelper.cs" />
     <Compile Include="Program.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
     <Compile Include="BaseSender.cs" />
diff --git a/AutoTunnel/BaseSender.cs b/AutoTunnel/BaseSender.cs
index ff27d1f..a2918b1 100644
--- a/AutoTunnel/BaseSender.cs
+++ b/AutoTunnel/BaseSender.cs
@@ -10,7 +10,7 @@ public abstract class BaseSender : IDisposable
 
 		private bool _isExiting;
 
-		private readonly string _dstAddr;
+		protected readonly string DstAddr;
 
 		private WinDivert.WinDivertAddress _receiveAddr;
 
@@ -18,19 +18,21 @@ public abstract class BaseSender : IDisposable
 
 		public DateTime LastActivity { get; private set; }
 
+		public int SessionId { get; protected set; }
+
 		public BaseSender(string dstAddr, IPEndPoint remoteEP)
 		{
 			Console.WriteLine("Sender was created for " + dstAddr);
-			_dstAddr = dstAddr;
+			this.DstAddr = dstAddr;
 			_receiveAddr = new WinDivert.WinDivertAddress();
 			_receiveAddr.IfIdx = InterfaceHelper.GetInterfaceId();
 
 			RemoteEP = remoteEP;
-			var udpSuff = remoteEP.Address.Equals(IPAddress.Parse(_dstAddr))
+			var udpSuff = remoteEP.Address.Equals(IPAddress.Parse(this.DstAddr))
 							? "(udp and udp.DstPort != " + remoteEP.Port + ")"
 							: "udp";
 			//  or (udp and udp.DstPort != 12017)
-			_handle = WinDivert.WinDivertOpen("outbound and (tcp or icmp or " + udpSuff + ") and (ip.DstAddr == " + _dstAddr + ")", WinDivert.LAYER_NETWORK, 0, 0);
+			_handle = WinDivert.WinDivertOpen("outbound and (tcp or icmp or " + udpSuff + ") and (ip.DstAddr == " + this.DstAddr + ")", WinDivert.LAYER_NETWORK, 0, 0);
 			Task.Factory.StartNew(StartInternal);
 		}
 
@@ -41,13 +43,13 @@ protected void UpdateLastActivity()
 			LastActivity = DateTime.UtcNow;
 		}
 
-		public void OnReceive(byte[] packet, int packetLen)
+		public virtual void OnReceive(byte[] packet, int packetLen)
 		{
 			UpdateLastActivity();
 			if (packetLen == 0)
 				return;
 			var writeLen = 0;
-			Console.WriteLine("< " + packetLen + " " + _receiveAddr.IfIdx + " " + _receiveAddr.SubIfIdx + " " + _receiveAddr.Direction);
+			// Console.WriteLine("< " + packetLen + " " + _receiveAddr.IfIdx + " " + _receiveAddr.SubIfIdx + " " + _receiveAddr.Direction);
 			// Console.WriteLine(" " + packet[9] + " " + packet[12] + "." + packet[13] + "." + packet[14] + "." + packet[15] + "->" + packet[16] + "." + packet[17] + "." + packet[18] + "." + packet[19] + " " + packet[10].ToString("X2") + packet[11].ToString("X2"));
 			// Console.WriteLine(BitConverter.ToString(inBuf, 0, cnt));
 			var x = WinDivert.WinDivertSend(_handle, packet, packetLen, ref _receiveAddr, ref writeLen);
@@ -66,7 +68,7 @@ private void StartInternal()
 			int packetLen = 0;
 			while (!_isExiting && WinDivert.WinDivertRecv(_handle, packet, packet.Length, ref addr, ref packetLen))
 			{
-				Console.WriteLine("> " + packetLen + " " + addr.IfIdx + " " + addr.SubIfIdx + " " + addr.Direction);
+				// Console.WriteLine("> " + packetLen + " " + addr.IfIdx + " " + addr.SubIfIdx + " " + addr.Direction);
 				try
 				{
 					Send(packet, packetLen);
diff --git a/AutoTunnel/ClientSender.cs b/AutoTunnel/ClientSender.cs
index 287e89a..df6c9ea 100644
--- a/AutoTunnel/ClientSender.cs
+++ b/AutoTunnel/ClientSender.cs
@@ -1,25 +1,66 @@
-using System.Net;
+using System;
+using System.Net;
 using System.Net.Sockets;
 using System.Threading;
 using System.Threading.Tasks;
 
+using Force.AutoTunnel.Encryption;
+
 namespace Force.AutoTunnel
 {
 	public class ClientSender : BaseSender
 	{
-		private readonly Socket _socket;
+		private Socket _socket;
 
 		private bool _disposed;
 
-		public ClientSender(string dstAddr, IPEndPoint remoteEP)
+		private EncryptHelper _encryptHelper;
+
+		private DecryptHelper _decryptHelper;
+
+		private static int _sessionId;
+
+		private int _currentSessionId;
+
+		private readonly byte[] _serverKey;
+
+		private ManualResetEvent _initingEvent = new ManualResetEvent(true);
+
+		public ClientSender(string dstAddr, IPEndPoint remoteEP, byte[] serverKey)
 			: base(dstAddr, remoteEP)
 		{
 			_socket = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
 			_socket.Connect(remoteEP);
+
+			_serverKey = serverKey;
+			Init();
+
 			Task.Factory.StartNew(ReceiveCycle);
 			// Task.Factory.StartNew(PingCycle);
 		}
 
+		private void Init()
+		{
+			_initingEvent.Reset();
+			_currentSessionId = Interlocked.Increment(ref _sessionId);
+
+			var cs = new ClientHandshake();
+			var sendingPacketLen = cs.GetPacketForSending();
+			_encryptHelper = new EncryptHelper(_serverKey);
+			_decryptHelper = new DecryptHelper(_serverKey);
+
+			Console.WriteLine("Initializing connection to " + DstAddr);
+			SendEncryptedCommand(1, cs.SendingPacket, sendingPacketLen);
+			_socket.Receive(_receiveBuffer);
+			var decLen = _decryptHelper.Decrypt(_receiveBuffer);
+			var sessionKey = cs.GetPacketFromServer(_decryptHelper.InnerBuf, decLen);
+			_encryptHelper = new EncryptHelper(sessionKey);
+			_decryptHelper = new DecryptHelper(sessionKey);
+			_currentSessionId = _receiveBuffer[1] | (_receiveBuffer[2] << 8) | (_receiveBuffer[3] << 16);
+			Console.WriteLine("Initialized connection to " + DstAddr + ", SessionId: " + _sessionId);
+			_initingEvent.Set();
+		}
+
 		private void PingCycle()
 		{
 			while (!_disposed)
@@ -29,22 +70,45 @@ private void PingCycle()
 			}
 		}
 
+		protected void SendEncryptedCommand(byte commandId, byte[] packet, int packetLen)
+		{
+			var lenToSend = _encryptHelper.Encrypt(packet, packetLen);
+			var packetToSend = _encryptHelper.InnerBuf;
+			packetToSend[0] = commandId;
+			packetToSend[1] = (byte)(_currentSessionId & 0xff);
+			packetToSend[2] = (byte)((_currentSessionId >> 8) & 0xff);
+			packetToSend[3] = (byte)((_currentSessionId >> 16) & 0xff);
+			_socket.Send(packetToSend, lenToSend, SocketFlags.None);
+		}
+
 		protected override void Send(byte[] packet, int packetLen)
 		{
-			_socket.Send(packet, packetLen, SocketFlags.None);
+			_initingEvent.WaitOne();
+			// _socket.Send(packet, packetLen, SocketFlags.None);
+			SendEncryptedCommand(0, packet, packetLen);
 		}
 
+		private readonly byte[] _receiveBuffer = new byte[65536];
+
 		private void ReceiveCycle()
 		{
-			byte[] buf = new byte[65536];
+			byte[] buf = _receiveBuffer;
 			while (!_disposed)
 			{
-				var len = _socket.Receive(buf);
-				OnReceive(buf, len);
+				_socket.Receive(buf);
+				if (buf[0] == 0x3)
+				{
+					Console.WriteLine("Received an error flag from " + DstAddr);
+					// failed data
+					Init();
+					continue;
+				}
+
+				var decLen = _decryptHelper.Decrypt(buf);
+				OnReceive(_decryptHelper.InnerBuf, decLen);
 			}
 		}
 
-
 		public override void Dispose()
 		{
 			base.Dispose();
diff --git a/AutoTunnel/Encryption/ClientHandshake.cs b/AutoTunnel/Encryption/ClientHandshake.cs
new file mode 100644
index 0000000..b1a8aba
--- /dev/null
+++ b/AutoTunnel/Encryption/ClientHandshake.cs
@@ -0,0 +1,42 @@
+using System;
+using System.Text;
+
+namespace Force.AutoTunnel.Encryption
+{
+	public class ClientHandshake
+	{
+		private readonly string _publicKey;
+
+		private readonly string _privateKey;
+
+		public ClientHandshake()
+		{
+			var tuple = PasswordHelper.CreateRsa();
+			_publicKey = tuple.Item1;
+			_privateKey = tuple.Item2;
+		}
+
+		public byte[] SendingPacket { get; private set; }
+
+		public int GetPacketForSending()
+		{
+			var toSend = Encoding.UTF8.GetBytes(_publicKey);
+			SendingPacket = new byte[4096];
+			var outBuf = SendingPacket;
+			outBuf[0] = 0x1;
+			outBuf[1] = 0x0;
+			outBuf[2] = (byte)'A';
+			outBuf[3] = (byte)'T';
+			Buffer.BlockCopy(toSend, 0, outBuf, 4, toSend.Length);
+
+			return toSend.Length + 4;
+		}
+
+		public byte[] GetPacketFromServer(byte[] data, int dataLen)
+		{
+			var tb = new byte[dataLen];
+			Buffer.BlockCopy(data, 0, tb, 0, dataLen);
+			return PasswordHelper.Decrypt(_privateKey, tb);
+		}
+	}
+}
diff --git a/AutoTunnel/Encryption/DecryptHelper.cs b/AutoTunnel/Encryption/DecryptHelper.cs
new file mode 100644
index 0000000..8400f39
--- /dev/null
+++ b/AutoTunnel/Encryption/DecryptHelper.cs
@@ -0,0 +1,43 @@
+using System.Security.Cryptography;
+
+namespace Force.AutoTunnel.Encryption
+{
+	public class DecryptHelper
+	{
+		private readonly byte[] _innerBuf = new byte[65536];
+
+		private readonly byte[] _key;
+
+		private readonly byte[] _headerBuf = new byte[16];
+
+		public byte[] InnerBuf
+		{
+			get
+			{
+				return _innerBuf;
+			}
+		}
+
+		public DecryptHelper(byte[] key)
+		{
+			_key = key;
+		}
+
+		public int Decrypt(byte[] data)
+		{
+			var aes = Aes.Create();
+			aes.Key = _key;
+			aes.IV = new byte[16];
+			aes.Mode = CipherMode.CBC;
+			aes.Padding = PaddingMode.None;
+			var decryptor = aes.CreateDecryptor();
+			decryptor.TransformBlock(data, 4, 16, _headerBuf, 0);
+			var len = _headerBuf[0] | (_headerBuf[1] << 8) | (_headerBuf[2] << 16) | (_headerBuf[3] << 24);
+			if (len > data.Length) return -1;
+			if (_headerBuf[4] != 1 && _headerBuf[5] != 0 && _headerBuf[6] != 'A' && _headerBuf[7] != 'T') return -1;
+			var len16 = (len + 15) & ~15;
+			decryptor.TransformBlock(data, 4 + 16, len16, _innerBuf, 0);
+			return len;
+		}
+	}
+}
diff --git a/AutoTunnel/Encryption/EncryptHelper.cs b/AutoTunnel/Encryption/EncryptHelper.cs
new file mode 100644
index 0000000..b27762c
--- /dev/null
+++ b/AutoTunnel/Encryption/EncryptHelper.cs
@@ -0,0 +1,59 @@
+using System.Security.Cryptography;
+using System.Threading;
+
+namespace Force.AutoTunnel.Encryption
+{
+	public class EncryptHelper
+	{
+		private readonly byte[] _key;
+
+		private readonly RandomNumberGenerator _random = RandomNumberGenerator.Create();
+
+		private readonly byte[] _innerBuf = new byte[65536];
+
+		private readonly byte[] _headerBuf = new byte[16];
+
+		private int _counter;
+
+		public byte[] InnerBuf
+		{
+			get
+			{
+				return _innerBuf;
+			}
+		}
+
+		public EncryptHelper(byte[] key)
+		{
+			_key = key;
+		}
+
+		public int Encrypt(byte[] data, int len)
+		{
+			var aes = Aes.Create();
+			aes.Key = _key;
+			aes.IV = new byte[16];
+			aes.Mode = CipherMode.CBC;
+			aes.Padding = PaddingMode.None;
+			var encryptor = aes.CreateEncryptor();
+			_random.GetBytes(_headerBuf);
+			_headerBuf[0] = (byte)(len & 0xff);
+			_headerBuf[1] = (byte)((len >> 8) & 0xff);
+			_headerBuf[2] = (byte)((len >> 16) & 0xff);
+			_headerBuf[3] = (byte)((len >> 24) & 0xff);
+			// var c = Interlocked.Increment(ref _counter);
+			/*_headerBuf[4] = (byte)(c & 0xff);
+			_headerBuf[5] = (byte)((c >> 8) & 0xff);
+			_headerBuf[6] = (byte)((c >> 16) & 0xff);
+			_headerBuf[7] = (byte)((c >> 24) & 0xff);*/
+			_headerBuf[4] = 0x1;
+			_headerBuf[5] = 0x0;
+			_headerBuf[6] = (byte)'A';
+			_headerBuf[7] = (byte)'T';
+
+			encryptor.TransformBlock(_headerBuf, 0, 16, _innerBuf, 0 + 4);
+			if (len == 0) return 16 + 4;
+			return encryptor.TransformBlock(data, 0, (len + 15) & ~15, _innerBuf, 16 + 4) + 16 + 4;
+		}
+	}
+}
diff --git a/AutoTunnel/Encryption/PasswordHelper.cs b/AutoTunnel/Encryption/PasswordHelper.cs
new file mode 100644
index 0000000..ee13d45
--- /dev/null
+++ b/AutoTunnel/Encryption/PasswordHelper.cs
@@ -0,0 +1,36 @@
+using System;
+using System.Linq;
+using System.Security.Cryptography;
+
+namespace Force.AutoTunnel
+{
+	public class PasswordHelper
+	{
+		public static byte[] GenerateKey(string password)
+		{
+			// we encrypt all data with random value, so, we can use static password here
+			return new Rfc2898DeriveBytes(password, "AutoTunnel".Select(x => (byte)x).ToArray(), 4096).GetBytes(16);
+		}
+
+		public static Tuple<string, string> CreateRsa()
+		{
+			var rsa = RSA.Create();
+			rsa.KeySize = 2048;
+			return new Tuple<string, string>(rsa.ToXmlString(false), rsa.ToXmlString(true));
+		}
+
+		public static byte[] Encrypt(string publicRsaKey, byte[] data)
+		{
+			var rsa = new RSACryptoServiceProvider();
+			rsa.FromXmlString(publicRsaKey);
+			return rsa.Encrypt(data, true);
+		}
+
+		public static byte[] Decrypt(string privateRsaKey, byte[] data)
+		{
+			var rsa = new RSACryptoServiceProvider();
+			rsa.FromXmlString(privateRsaKey);
+			return rsa.Decrypt(data, true);
+		}
+	}
+}
diff --git a/AutoTunnel/Encryption/ServerHandshake.cs b/AutoTunnel/Encryption/ServerHandshake.cs
new file mode 100644
index 0000000..83ae98f
--- /dev/null
+++ b/AutoTunnel/Encryption/ServerHandshake.cs
@@ -0,0 +1,24 @@
+using System.Security.Cryptography;
+using System.Text;
+
+namespace Force.AutoTunnel.Encryption
+{
+	public class ServerHandshake
+	{
+		public ServerHandshake()
+		{
+		}
+
+		public byte[] SessionKey { get; private set; }
+
+		public byte[] GetOutPacket(byte[] inPacket, int len)
+		{
+			if (inPacket[0] != 1 && inPacket[1] != 0 && inPacket[2] != 'A' && inPacket[3] != 'T') return null;
+			var publicRsa = Encoding.UTF8.GetString(inPacket, 4, inPacket.Length - 4);
+			SessionKey = new byte[16];
+			using (var random = RandomNumberGenerator.Create())
+				random.GetBytes(SessionKey);
+			return PasswordHelper.Encrypt(publicRsa, SessionKey);
+		}
+	}
+}
diff --git a/AutoTunnel/FirewallHelper.cs b/AutoTunnel/FirewallHelper.cs
new file mode 100644
index 0000000..9d49190
--- /dev/null
+++ b/AutoTunnel/FirewallHelper.cs
@@ -0,0 +1,58 @@
+using System;
+using System.Diagnostics;
+using System.IO;
+
+namespace Force.AutoTunnel
+{
+	public static class FirewallHelper
+	{
+		public static void AddOpenFirewallRule(string port)
+		{
+			if (Environment.OSVersion.Version.Major < 6)
+				ProcessRunner.RunProcess("netsh", "firewall add portopening TCP " + port + " AutoTunnel ENABLE all");
+			else
+			{
+				ProcessRunner.RunProcess("netsh", "advfirewall firewall delete rule name=\"AutoTunnel\" protocol=TCP dir=in localport=" + port);
+				ProcessRunner.RunProcess("netsh", "advfirewall firewall add rule name=\"AutoTunnel\" protocol=TCP dir=in localport=" + port + " action=allow");
+			}
+		}
+
+		public static void DeleteFirewallRule(string port)
+		{
+			if (Environment.OSVersion.Version.Major < 6)
+			{
+				ProcessRunner.RunProcess("netsh", "firewall delete portopening TCP " + port);
+			}
+			else
+			{
+				ProcessRunner.RunProcess("netsh", "advfirewall firewall delete rule name=\"AutoTunnel\" protocol=TCP dir=in localport=" + port);
+			}
+		}
+
+		public static class ProcessRunner
+		{
+			public static string RunProcess(string fileName, string args)
+			{
+				using (var process =
+						Process.Start(
+							new ProcessStartInfo
+							{
+								FileName = fileName,
+								Arguments = args,
+								WorkingDirectory = Path.GetDirectoryName(fileName) ?? Environment.CurrentDirectory,
+								UseShellExecute = false,
+								RedirectStandardError = true,
+								RedirectStandardInput = true, // don't remove or change these 2 lines, 
+								RedirectStandardOutput = true,
+								// "The handle is invalid" message will flood error output otherwise
+								CreateNoWindow = true
+							}))
+				{
+					string errors = process.StandardError.ReadToEnd();
+					process.WaitForExit();
+					return string.IsNullOrEmpty(errors) ? null : errors;
+				}
+			}
+		}
+	}
+}
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
index 9644ace..7f3ca4a 100644
--- a/AutoTunnel/Listener.cs
+++ b/AutoTunnel/Listener.cs
@@ -5,15 +5,20 @@
 using System.Threading;
 using System.Threading.Tasks;
 
+using Force.AutoTunnel.Encryption;
+
 namespace Force.AutoTunnel
 {
 	public class Listener
 	{
 		private readonly TunnelStorage _storage;
 
-		public Listener(TunnelStorage storage)
+		private readonly byte[] _serverKey;
+
+		public Listener(TunnelStorage storage, byte[] serverKey)
 		{
 			_storage = storage;
+			_serverKey = serverKey;
 		}
 
 		public void Start()
@@ -38,32 +43,74 @@ private void StartInternal()
 			{
 				s.Bind(new IPEndPoint(IPAddress.Any, 12017));
 				byte[] inBuf = new byte[65536];
+				byte[] decBuf = null;
 				EndPoint ep = new IPEndPoint(IPAddress.Any, 0);
 				while (true)
 				{
 					try
 					{
 						int cnt = s.ReceiveFrom(inBuf, ref ep);
+						int sessionId = 0;
 						if (cnt == 0) continue;
-						var sourceIp = inBuf[12] + "." + inBuf[13] + "." + inBuf[14] + "." + inBuf[15];
+						if (inBuf[0] == 1)
+						{
+							var decryptHelper = new DecryptHelper(_serverKey);
+							var dataLen = decryptHelper.Decrypt(inBuf);
+							var serverHandshake = new ServerHandshake();
+							var outPacket = serverHandshake.GetOutPacket(decryptHelper.InnerBuf, dataLen);
+							var encryptHelper = new EncryptHelper(_serverKey);
+							var outLen = encryptHelper.Encrypt(outPacket, outPacket.Length);
+							var toSend = encryptHelper.InnerBuf;
+							sessionId = _storage.GetNewSessionId(serverHandshake.SessionKey);
+							toSend[0] = 0x2;
+							toSend[1] = (byte)sessionId;
+							toSend[2] = (byte)(sessionId >> 8);
+							toSend[3] = (byte)(sessionId >> 16);
+							s.SendTo(toSend, outLen, SocketFlags.None, ep);
+							continue;
+						}
+						else
+						{
+							sessionId = inBuf[1] | (inBuf[2] << 8) | (inBuf[3] << 16);
+							var decryptor = _storage.GetSessionDecryptor(sessionId);
+							if (decryptor == null)
+							{
+								s.SendTo(new byte[] { 0x3, inBuf[1], inBuf[2], inBuf[3] }, 4, SocketFlags.None, ep);
+								continue;
+							}
+
+							var len = decryptor.Decrypt(inBuf);
+							if (len < 0)
+							{
+								s.SendTo(new byte[] { 0x3, inBuf[1], inBuf[2], inBuf[3] }, 4, SocketFlags.None, ep);
+								continue;
+							}
+
+							decBuf = decryptor.InnerBuf;
+							cnt = len;
+						}
+
+						var sourceIp = decBuf[12] + "." + decBuf[13] + "." + decBuf[14] + "." + decBuf[15];
 
-						// 			_sender = new BaseSender(dstAddr, this);
+						// 			_sender = new BaseSender(DstAddr, this);
 						// _sender.Start(remoteEp);
 
-						Func<BaseSender> creatorFunc = () => new ReplySender(sourceIp, s, (IPEndPoint)ep);
-						var sender = _storage.GetOrAdd(sourceIp, creatorFunc);
+						var sender = _storage.GetOrAdd(sourceIp, () => new ReplySender(sourceIp, s, (IPEndPoint)ep, sessionId, _storage.GetSessionKey(sessionId)));
+						// ip was changed, sending error and waiting for reconnect
 						if (!sender.RemoteEP.Equals(ep))
 						{
 							sender.Dispose();
 							_storage.Remove(sourceIp);
-							sender = _storage.GetOrAdd(sourceIp, creatorFunc);
+							s.SendTo(new byte[] { 0x3, inBuf[1], inBuf[2], inBuf[3] }, 4, SocketFlags.None, ep);
+							continue;
 						}
 
-						sender.OnReceive(inBuf, cnt);
+						sender.OnReceive(decBuf, cnt);
 					}
 					catch (Exception ex)
 					{
 						Console.WriteLine(ex.Message);
+						Console.WriteLine(ex.StackTrace);
 						break;
 					}
 				}
diff --git a/AutoTunnel/Program.cs b/AutoTunnel/Program.cs
index e8b50a9..9217947 100644
--- a/AutoTunnel/Program.cs
+++ b/AutoTunnel/Program.cs
@@ -8,6 +8,7 @@ public class Program
 	{
 		public static void Main(string[] args)
 		{
+			var serverKey = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8 };
 			if (!NativeHelper.IsNativeAvailable)
 			{
 				Console.Error.WriteLine("Cannot load WinDivert library");
@@ -15,7 +16,7 @@ public static void Main(string[] args)
 			}
 
 			var ts = new TunnelStorage();
-			var l = new Listener(ts);
+			var l = new Listener(ts, serverKey);
 			l.Start();
 
 			var targetIp = args.Length > 0 ? args[0] : null;
@@ -23,7 +24,7 @@ public static void Main(string[] args)
 			if (targetIp != null)
 			{
 				var endpoint = new IPEndPoint(IPAddress.Parse(targetIp), 12017);
-				var sender = ts.GetOrAdd(targetIp, () => new ClientSender(targetIp, endpoint));
+				var sender = ts.GetOrAdd(targetIp, () => new ClientSender(targetIp, endpoint, serverKey));
 			}
 
 			Thread.Sleep(-1);
diff --git a/AutoTunnel/ReplySender.cs b/AutoTunnel/ReplySender.cs
index bb053bf..1a25271 100644
--- a/AutoTunnel/ReplySender.cs
+++ b/AutoTunnel/ReplySender.cs
@@ -1,21 +1,32 @@
 using System.Net;
 using System.Net.Sockets;
 
+using Force.AutoTunnel.Encryption;
+
 namespace Force.AutoTunnel
 {
 	public class ReplySender : BaseSender
 	{
 		private readonly Socket _socket;
 
-		public ReplySender(string dstAddr, Socket socket, IPEndPoint remoteEP)
+		private readonly EncryptHelper _encryptHelper;
+
+		public ReplySender(string dstAddr, Socket socket, IPEndPoint remoteEP, int sessionId, byte[] sessionKey)
 			: base(dstAddr, remoteEP)
 		{
 			_socket = socket;
+			_encryptHelper = new EncryptHelper(sessionKey);
+			_encryptHelper.InnerBuf[0] = 0x0;
+			_encryptHelper.InnerBuf[1] = (byte)(sessionId & 0xff);
+			_encryptHelper.InnerBuf[2] = (byte)((sessionId >> 8) & 0xff);
+			_encryptHelper.InnerBuf[3] = (byte)((sessionId >> 16) & 0xff);
+			SessionId = sessionId;
 		}
 
 		protected override void Send(byte[] packet, int packetLen)
 		{
-			_socket.SendTo(packet, packetLen, SocketFlags.None, RemoteEP);
+			var len = _encryptHelper.Encrypt(packet, packetLen);
+			_socket.SendTo(_encryptHelper.InnerBuf, len, SocketFlags.None, RemoteEP);
 		}
 	}
 }
diff --git a/AutoTunnel/TunnelStorage.cs b/AutoTunnel/TunnelStorage.cs
index 92f60c5..676798b 100644
--- a/AutoTunnel/TunnelStorage.cs
+++ b/AutoTunnel/TunnelStorage.cs
@@ -1,6 +1,9 @@
 using System;
 using System.Collections.Concurrent;
 using System.Linq;
+using System.Threading;
+
+using Force.AutoTunnel.Encryption;
 
 namespace Force.AutoTunnel
 {
@@ -16,7 +19,17 @@ public BaseSender GetOrAdd(string ip, Func<BaseSender> creatorFunc)
 		public bool Remove(string ip)
 		{
 			BaseSender value;
-			return _clients.TryRemove(ip, out value);
+			if (_clients.TryRemove(ip, out value))
+			{
+				DecryptHelper helper;
+				_sessionDecryptors.TryRemove(value.SessionId, out helper);
+				byte[] dummy;
+				_sessionKeys.TryRemove(_sessionId, out dummy);
+				value.Dispose();
+				return true;
+			}
+
+			return false;
 		}
 
 		public void RemoveOldSenders(TimeSpan killTime)
@@ -25,5 +38,33 @@ public void RemoveOldSenders(TimeSpan killTime)
 			var toRemove = (from client in _clients where client.Value is ReplySender && dt.Subtract(client.Value.LastActivity) >= killTime select client.Key).ToList();
 			toRemove.ForEach(x => Remove(x));
 		}
+
+		private readonly ConcurrentDictionary<int, byte[]> _sessionKeys = new ConcurrentDictionary<int, byte[]>();
+
+		private readonly ConcurrentDictionary<int, DecryptHelper> _sessionDecryptors = new ConcurrentDictionary<int, DecryptHelper>();
+
+		private static int _sessionId;
+
+		public int GetNewSessionId(byte[] sessionKey)
+		{
+			var currentSessionId = Interlocked.Increment(ref _sessionId);
+			_sessionKeys[_sessionId] = sessionKey;
+			_sessionDecryptors[_sessionId] = new DecryptHelper(sessionKey);
+			return currentSessionId;
+		}
+
+		public byte[] GetSessionKey(int sessionId)
+		{
+			byte[] value;
+			if (_sessionKeys.TryGetValue(sessionId, out value)) return value;
+			return null;
+		}
+
+		public DecryptHelper GetSessionDecryptor(int sessionId)
+		{
+			DecryptHelper value;
+			if (_sessionDecryptors.TryGetValue(sessionId, out value)) return value;
+			return null;
+		}
 	}
 }

From 868ff91af5b584de95c9a8fcdb41cf24e8fce906 Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Tue, 29 Aug 2017 23:00:36 +0300
Subject: [PATCH 03/15] encryption version 2 (it seems relatively final) +
 stability improvements

---
 AutoTunnel/AutoTunnel.csproj           |   1 +
 AutoTunnel/BaseSender.cs               |  52 +++-----
 AutoTunnel/ClientSender.cs             | 160 +++++++++++++++++--------
 AutoTunnel/Encryption/DecryptHelper.cs |   6 +-
 AutoTunnel/Encryption/EncryptHelper.cs |   4 +-
 AutoTunnel/Listener.cs                 |  93 ++++++++------
 AutoTunnel/PacketWriter.cs             |  36 ++++++
 AutoTunnel/Program.cs                  |   6 +-
 AutoTunnel/ReplySender.cs              |  20 ++--
 AutoTunnel/TunnelStorage.cs            |  59 +++++----
 10 files changed, 283 insertions(+), 154 deletions(-)
 create mode 100644 AutoTunnel/PacketWriter.cs

diff --git a/AutoTunnel/AutoTunnel.csproj b/AutoTunnel/AutoTunnel.csproj
index 74cdde1..906254d 100644
--- a/AutoTunnel/AutoTunnel.csproj
+++ b/AutoTunnel/AutoTunnel.csproj
@@ -52,6 +52,7 @@
   </ItemGroup>
   <ItemGroup>
     <Compile Include="ClientSender.cs" />
+    <Compile Include="PacketWriter.cs" />
     <Compile Include="Encryption\ClientHandshake.cs" />
     <Compile Include="Encryption\DecryptHelper.cs" />
     <Compile Include="Encryption\EncryptHelper.cs" />
diff --git a/AutoTunnel/BaseSender.cs b/AutoTunnel/BaseSender.cs
index a2918b1..a301150 100644
--- a/AutoTunnel/BaseSender.cs
+++ b/AutoTunnel/BaseSender.cs
@@ -10,29 +10,19 @@ public abstract class BaseSender : IDisposable
 
 		private bool _isExiting;
 
-		protected readonly string DstAddr;
-
-		private WinDivert.WinDivertAddress _receiveAddr;
-
-		public IPEndPoint RemoteEP { get; private set; }
+		public readonly string DstAddr;
 
 		public DateTime LastActivity { get; private set; }
 
-		public int SessionId { get; protected set; }
+		private readonly TunnelStorage _storage;
 
-		public BaseSender(string dstAddr, IPEndPoint remoteEP)
+		protected BaseSender(string dstAddr, TunnelStorage storage)
 		{
-			Console.WriteLine("Sender was created for " + dstAddr);
-			this.DstAddr = dstAddr;
-			_receiveAddr = new WinDivert.WinDivertAddress();
-			_receiveAddr.IfIdx = InterfaceHelper.GetInterfaceId();
+			_storage = storage;
+			DstAddr = dstAddr;
 
-			RemoteEP = remoteEP;
-			var udpSuff = remoteEP.Address.Equals(IPAddress.Parse(this.DstAddr))
-							? "(udp and udp.DstPort != " + remoteEP.Port + ")"
-							: "udp";
 			//  or (udp and udp.DstPort != 12017)
-			_handle = WinDivert.WinDivertOpen("outbound and (tcp or icmp or " + udpSuff + ") and (ip.DstAddr == " + this.DstAddr + ")", WinDivert.LAYER_NETWORK, 0, 0);
+			_handle = WinDivert.WinDivertOpen("outbound and ip and (ip.DstAddr == " + DstAddr + ")", WinDivert.LAYER_NETWORK, 0, 0);
 			Task.Factory.StartNew(StartInternal);
 		}
 
@@ -43,24 +33,6 @@ protected void UpdateLastActivity()
 			LastActivity = DateTime.UtcNow;
 		}
 
-		public virtual void OnReceive(byte[] packet, int packetLen)
-		{
-			UpdateLastActivity();
-			if (packetLen == 0)
-				return;
-			var writeLen = 0;
-			// Console.WriteLine("< " + packetLen + " " + _receiveAddr.IfIdx + " " + _receiveAddr.SubIfIdx + " " + _receiveAddr.Direction);
-			// Console.WriteLine(" " + packet[9] + " " + packet[12] + "." + packet[13] + "." + packet[14] + "." + packet[15] + "->" + packet[16] + "." + packet[17] + "." + packet[18] + "." + packet[19] + " " + packet[10].ToString("X2") + packet[11].ToString("X2"));
-			// Console.WriteLine(BitConverter.ToString(inBuf, 0, cnt));
-			var x = WinDivert.WinDivertSend(_handle, packet, packetLen, ref _receiveAddr, ref writeLen);
-			//var s = new Socket(AddressFamily.InterNetwork, SocketType.Raw, ProtocolType.IP);
-			// s.SendTo(packet, packetLen, SocketFlags.None, new IPEndPoint(IPAddress.Parse("192.168.16.7"), 0));
-			/*if (!x)
-			{
-				Console.WriteLine(Marshal.GetLastWin32Error());
-			}*/
-		}
-
 		private void StartInternal()
 		{
 			byte[] packet = new byte[65536];
@@ -68,6 +40,18 @@ private void StartInternal()
 			int packetLen = 0;
 			while (!_isExiting && WinDivert.WinDivertRecv(_handle, packet, packet.Length, ref addr, ref packetLen))
 			{
+				// Console.WriteLine("Recv: " + packet[16] + "." + packet[17] + "." + packet[18] + "." + packet[19] + ":" + (packet[23] | ((uint)packet[22] << 8)));
+				if (packet[9] == 17)
+				{
+					var key = ((ulong)(packet[16] | ((uint)packet[17] << 8) | ((uint)packet[18] << 16) | (((uint)packet[19]) << 24)) << 16) | (packet[23] | ((uint)packet[22] << 8));
+					// do not catch this packet, it is our tunnel to other computer
+					if (_storage.HasSession(key))
+					{
+						var writeLen = 0;
+						WinDivert.WinDivertSend(_handle, packet, packetLen, ref addr, ref writeLen);
+						continue;
+					}
+				}
 				// Console.WriteLine("> " + packetLen + " " + addr.IfIdx + " " + addr.SubIfIdx + " " + addr.Direction);
 				try
 				{
diff --git a/AutoTunnel/ClientSender.cs b/AutoTunnel/ClientSender.cs
index df6c9ea..c9c7676 100644
--- a/AutoTunnel/ClientSender.cs
+++ b/AutoTunnel/ClientSender.cs
@@ -1,4 +1,5 @@
 using System;
+using System.Diagnostics;
 using System.Net;
 using System.Net.Sockets;
 using System.Threading;
@@ -10,7 +11,7 @@ namespace Force.AutoTunnel
 {
 	public class ClientSender : BaseSender
 	{
-		private Socket _socket;
+		private readonly Socket _socket;
 
 		private bool _disposed;
 
@@ -18,47 +19,99 @@ public class ClientSender : BaseSender
 
 		private DecryptHelper _decryptHelper;
 
-		private static int _sessionId;
+		private readonly byte[] _serverKey;
 
-		private int _currentSessionId;
+		private readonly ManualResetEvent _initingEvent = new ManualResetEvent(false);
 
-		private readonly byte[] _serverKey;
+		private readonly PacketWriter _packetWriter;
 
-		private ManualResetEvent _initingEvent = new ManualResetEvent(true);
+		private bool _isInited;
 
-		public ClientSender(string dstAddr, IPEndPoint remoteEP, byte[] serverKey)
-			: base(dstAddr, remoteEP)
+		public ClientSender(string dstAddr, IPEndPoint remoteEP, byte[] serverKey, TunnelStorage storage)
+			: base(dstAddr, storage)
 		{
+			Console.WriteLine("Tunnel watcher was created for " + dstAddr);
+			_packetWriter = new PacketWriter();
 			_socket = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
 			_socket.Connect(remoteEP);
 
 			_serverKey = serverKey;
-			Init();
 
 			Task.Factory.StartNew(ReceiveCycle);
 			// Task.Factory.StartNew(PingCycle);
 		}
 
+		private int _isIniting;
+
 		private void Init()
 		{
-			_initingEvent.Reset();
-			_currentSessionId = Interlocked.Increment(ref _sessionId);
-
-			var cs = new ClientHandshake();
-			var sendingPacketLen = cs.GetPacketForSending();
-			_encryptHelper = new EncryptHelper(_serverKey);
-			_decryptHelper = new DecryptHelper(_serverKey);
-
-			Console.WriteLine("Initializing connection to " + DstAddr);
-			SendEncryptedCommand(1, cs.SendingPacket, sendingPacketLen);
-			_socket.Receive(_receiveBuffer);
-			var decLen = _decryptHelper.Decrypt(_receiveBuffer);
-			var sessionKey = cs.GetPacketFromServer(_decryptHelper.InnerBuf, decLen);
-			_encryptHelper = new EncryptHelper(sessionKey);
-			_decryptHelper = new DecryptHelper(sessionKey);
-			_currentSessionId = _receiveBuffer[1] | (_receiveBuffer[2] << 8) | (_receiveBuffer[3] << 16);
-			Console.WriteLine("Initialized connection to " + DstAddr + ", SessionId: " + _sessionId);
-			_initingEvent.Set();
+			if (_isIniting == 1)
+				return;
+			Task.Factory.StartNew(InitInternal);
+		}
+
+		private void InitInternal()
+		{
+			if (Interlocked.CompareExchange(ref _isIniting, 1, 0) == 1)
+				return;
+			try
+			{
+				_initingEvent.Reset();
+
+				var cs = new ClientHandshake();
+				var sendingPacketLen = cs.GetPacketForSending();
+				_encryptHelper = new EncryptHelper(_serverKey);
+				_decryptHelper = new DecryptHelper(_serverKey);
+
+				Console.WriteLine("Initializing connection to " + DstAddr);
+
+				var lenToSend = _encryptHelper.Encrypt(cs.SendingPacket, sendingPacketLen);
+				var packetToSend = _encryptHelper.InnerBuf;
+				var initBuf = new byte[lenToSend + 4];
+				Buffer.BlockCopy(packetToSend, 0, initBuf, 4, lenToSend);
+				initBuf[0] = 1;
+				initBuf[1] = 1; // version
+				var recLength = 0;
+
+				Task task = null;
+				while (true)
+				{
+					_socket.Send(initBuf, initBuf.Length, SocketFlags.None);
+					task = task ?? Task.Factory.StartNew(() => recLength = _socket.Receive(_receiveBuffer));
+					/*var sw = Stopwatch.StartNew();
+					recLength = _socket.Receive(_receiveBuffer);
+					Console.WriteLine(sw.ElapsedMilliseconds);*/
+
+					if (task.Wait(2000))
+						break;
+
+					Console.WriteLine("No response from server " + DstAddr);
+				}
+
+				if (recLength < 4 || _receiveBuffer[0] != 0x2)
+				{
+					Console.Error.WriteLine("Invalid server response");
+					return;
+				}
+
+				var decLen = _decryptHelper.Decrypt(_receiveBuffer, 4);
+				if (decLen < 9)
+				{
+					Console.Error.WriteLine("Invalid server response");
+					return;
+				}
+
+				var sessionKey = cs.GetPacketFromServer(_decryptHelper.InnerBuf, decLen);
+				_encryptHelper = new EncryptHelper(sessionKey);
+				_decryptHelper = new DecryptHelper(sessionKey);
+				Console.WriteLine("Initialized connection to " + DstAddr);
+				_isInited = true;
+				_initingEvent.Set();
+			}
+			finally
+			{
+				Interlocked.Exchange(ref _isIniting, 0);
+			}
 		}
 
 		private void PingCycle()
@@ -70,22 +123,21 @@ private void PingCycle()
 			}
 		}
 
-		protected void SendEncryptedCommand(byte commandId, byte[] packet, int packetLen)
-		{
-			var lenToSend = _encryptHelper.Encrypt(packet, packetLen);
-			var packetToSend = _encryptHelper.InnerBuf;
-			packetToSend[0] = commandId;
-			packetToSend[1] = (byte)(_currentSessionId & 0xff);
-			packetToSend[2] = (byte)((_currentSessionId >> 8) & 0xff);
-			packetToSend[3] = (byte)((_currentSessionId >> 16) & 0xff);
-			_socket.Send(packetToSend, lenToSend, SocketFlags.None);
-		}
-
 		protected override void Send(byte[] packet, int packetLen)
 		{
-			_initingEvent.WaitOne();
-			// _socket.Send(packet, packetLen, SocketFlags.None);
-			SendEncryptedCommand(0, packet, packetLen);
+			if (!_isInited)
+			{
+				Init();
+				// if (!_initingEvent.WaitOne(4000))
+				//	return;
+			}
+
+			if (_isInited)
+			{
+				var lenToSend = _encryptHelper.Encrypt(packet, packetLen);
+				var packetToSend = _encryptHelper.InnerBuf;
+				_socket.Send(packetToSend, lenToSend, SocketFlags.None);
+			}
 		}
 
 		private readonly byte[] _receiveBuffer = new byte[65536];
@@ -95,17 +147,28 @@ private void ReceiveCycle()
 			byte[] buf = _receiveBuffer;
 			while (!_disposed)
 			{
-				_socket.Receive(buf);
-				if (buf[0] == 0x3)
+				if (!_isInited)
+					_initingEvent.WaitOne();
+				if (_disposed)
+					return;
+
+				var len = _socket.Receive(buf);
+				// just drop data, assume that it is invalid
+				if (len % 16 != 0)
 				{
-					Console.WriteLine("Received an error flag from " + DstAddr);
-					// failed data
-					Init();
-					continue;
+					// in any case, this is error
+					// if (buf[0] == 0x3)
+					{
+						Console.WriteLine("Received an error flag from " + DstAddr);
+						_isInited = false;
+						// failed data
+						Init();
+						continue;
+					}
 				}
 
-				var decLen = _decryptHelper.Decrypt(buf);
-				OnReceive(_decryptHelper.InnerBuf, decLen);
+				var decLen = _decryptHelper.Decrypt(buf, 0);
+				_packetWriter.Write(_decryptHelper.InnerBuf, decLen);
 			}
 		}
 
@@ -113,6 +176,7 @@ public override void Dispose()
 		{
 			base.Dispose();
 			_disposed = true;
+			_initingEvent.Set();
 			_socket.Dispose();
 		}
 	}
diff --git a/AutoTunnel/Encryption/DecryptHelper.cs b/AutoTunnel/Encryption/DecryptHelper.cs
index 8400f39..d47e62d 100644
--- a/AutoTunnel/Encryption/DecryptHelper.cs
+++ b/AutoTunnel/Encryption/DecryptHelper.cs
@@ -23,7 +23,7 @@ public DecryptHelper(byte[] key)
 			_key = key;
 		}
 
-		public int Decrypt(byte[] data)
+		public int Decrypt(byte[] data, int offset)
 		{
 			var aes = Aes.Create();
 			aes.Key = _key;
@@ -31,12 +31,12 @@ public int Decrypt(byte[] data)
 			aes.Mode = CipherMode.CBC;
 			aes.Padding = PaddingMode.None;
 			var decryptor = aes.CreateDecryptor();
-			decryptor.TransformBlock(data, 4, 16, _headerBuf, 0);
+			decryptor.TransformBlock(data, offset, 16, _headerBuf, 0);
 			var len = _headerBuf[0] | (_headerBuf[1] << 8) | (_headerBuf[2] << 16) | (_headerBuf[3] << 24);
 			if (len > data.Length) return -1;
 			if (_headerBuf[4] != 1 && _headerBuf[5] != 0 && _headerBuf[6] != 'A' && _headerBuf[7] != 'T') return -1;
 			var len16 = (len + 15) & ~15;
-			decryptor.TransformBlock(data, 4 + 16, len16, _innerBuf, 0);
+			decryptor.TransformBlock(data, offset + 16, len16, _innerBuf, 0);
 			return len;
 		}
 	}
diff --git a/AutoTunnel/Encryption/EncryptHelper.cs b/AutoTunnel/Encryption/EncryptHelper.cs
index b27762c..9567f7e 100644
--- a/AutoTunnel/Encryption/EncryptHelper.cs
+++ b/AutoTunnel/Encryption/EncryptHelper.cs
@@ -51,9 +51,9 @@ public int Encrypt(byte[] data, int len)
 			_headerBuf[6] = (byte)'A';
 			_headerBuf[7] = (byte)'T';
 
-			encryptor.TransformBlock(_headerBuf, 0, 16, _innerBuf, 0 + 4);
+			encryptor.TransformBlock(_headerBuf, 0, 16, _innerBuf, 0);
 			if (len == 0) return 16 + 4;
-			return encryptor.TransformBlock(data, 0, (len + 15) & ~15, _innerBuf, 16 + 4) + 16 + 4;
+			return encryptor.TransformBlock(data, 0, (len + 15) & ~15, _innerBuf, 16) + 16;
 		}
 	}
 }
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
index 7f3ca4a..8678a01 100644
--- a/AutoTunnel/Listener.cs
+++ b/AutoTunnel/Listener.cs
@@ -15,10 +15,13 @@ public class Listener
 
 		private readonly byte[] _serverKey;
 
+		private readonly PacketWriter _packetWriter;
+
 		public Listener(TunnelStorage storage, byte[] serverKey)
 		{
 			_storage = storage;
 			_serverKey = serverKey;
+			_packetWriter = new PacketWriter();
 		}
 
 		public void Start()
@@ -44,45 +47,64 @@ private void StartInternal()
 				s.Bind(new IPEndPoint(IPAddress.Any, 12017));
 				byte[] inBuf = new byte[65536];
 				byte[] decBuf = null;
-				EndPoint ep = new IPEndPoint(IPAddress.Any, 0);
+				EndPoint ep1 = new IPEndPoint(IPAddress.Any, 0);
 				while (true)
 				{
 					try
 					{
-						int cnt = s.ReceiveFrom(inBuf, ref ep);
-						int sessionId = 0;
+						int cnt = s.ReceiveFrom(inBuf, ref ep1);
+						IPEndPoint ep = (IPEndPoint)ep1;
+
 						if (cnt == 0) continue;
-						if (inBuf[0] == 1)
+						if (cnt % 16 != 0)
 						{
-							var decryptHelper = new DecryptHelper(_serverKey);
-							var dataLen = decryptHelper.Decrypt(inBuf);
-							var serverHandshake = new ServerHandshake();
-							var outPacket = serverHandshake.GetOutPacket(decryptHelper.InnerBuf, dataLen);
-							var encryptHelper = new EncryptHelper(_serverKey);
-							var outLen = encryptHelper.Encrypt(outPacket, outPacket.Length);
-							var toSend = encryptHelper.InnerBuf;
-							sessionId = _storage.GetNewSessionId(serverHandshake.SessionKey);
-							toSend[0] = 0x2;
-							toSend[1] = (byte)sessionId;
-							toSend[2] = (byte)(sessionId >> 8);
-							toSend[3] = (byte)(sessionId >> 16);
-							s.SendTo(toSend, outLen, SocketFlags.None, ep);
-							continue;
+							if (inBuf[0] == 1)
+							{
+								Console.WriteLine("Estabilishing connection from " + ep.Address + ":" + ep.Port);
+								var decryptHelper = new DecryptHelper(_serverKey);
+								var dataLen = decryptHelper.Decrypt(inBuf, 4);
+								var serverHandshake = new ServerHandshake();
+								var outPacket = serverHandshake.GetOutPacket(decryptHelper.InnerBuf, dataLen);
+								_storage.SetNewEndPoint(serverHandshake.SessionKey, ep);
+								var encryptHelper = new EncryptHelper(_serverKey);
+								var outLen = encryptHelper.Encrypt(outPacket, outPacket.Length);
+								var initBuf = new byte[outLen + 4];
+								Buffer.BlockCopy(encryptHelper.InnerBuf, 0, initBuf, 4, outLen);
+								initBuf[0] = 2;
+								initBuf[1] = 1; // version
+
+								s.SendTo(initBuf, initBuf.Length, SocketFlags.None, ep);
+								Console.WriteLine("Estabilished connection from " + ep.Address + ":" + ep.Port);
+								continue;
+							}
+
+							if (inBuf[0] == 0x5) // ping
+							{
+								continue;
+							}
+							else
+							{
+								// error
+								Console.WriteLine("Unsupported data from " + ep.Address + ":" + ep.Port);
+								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, ep);
+								continue;
+							}
 						}
 						else
 						{
-							sessionId = inBuf[1] | (inBuf[2] << 8) | (inBuf[3] << 16);
-							var decryptor = _storage.GetSessionDecryptor(sessionId);
+							var decryptor = _storage.GetSessionDecryptor(ep);
 							if (decryptor == null)
 							{
-								s.SendTo(new byte[] { 0x3, inBuf[1], inBuf[2], inBuf[3] }, 4, SocketFlags.None, ep);
+								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, ep);
+								Console.WriteLine("Missing decryptor for " + ep.Address + ":" + ep.Port);
 								continue;
 							}
 
-							var len = decryptor.Decrypt(inBuf);
+							var len = decryptor.Decrypt(inBuf, 0);
 							if (len < 0)
 							{
-								s.SendTo(new byte[] { 0x3, inBuf[1], inBuf[2], inBuf[3] }, 4, SocketFlags.None, ep);
+								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, ep);
+								Console.WriteLine("Unable to decrypt data from " + ep.Address + ":" + ep.Port);
 								continue;
 							}
 
@@ -91,21 +113,22 @@ private void StartInternal()
 						}
 
 						var sourceIp = decBuf[12] + "." + decBuf[13] + "." + decBuf[14] + "." + decBuf[15];
-
-						// 			_sender = new BaseSender(DstAddr, this);
-						// _sender.Start(remoteEp);
-
-						var sender = _storage.GetOrAdd(sourceIp, () => new ReplySender(sourceIp, s, (IPEndPoint)ep, sessionId, _storage.GetSessionKey(sessionId)));
-						// ip was changed, sending error and waiting for reconnect
-						if (!sender.RemoteEP.Equals(ep))
+						// if we already has option to estabilish connection to this ip, do not add additional sender
+						if (!_storage.OutgoingConnectionAdresses.Contains(sourceIp))
 						{
-							sender.Dispose();
-							_storage.Remove(sourceIp);
-							s.SendTo(new byte[] { 0x3, inBuf[1], inBuf[2], inBuf[3] }, 4, SocketFlags.None, ep);
-							continue;
+							var sender = _storage.GetOrAddSender(ep, () => new ReplySender(sourceIp, s, ep, _storage));
+
+							// ip was changed for client
+							if (sender.DstAddr != sourceIp)
+							{
+								Console.WriteLine("Remote endpoint " + ep.Address + ":" + ep.Port + " has changed ip: " + sender.DstAddr + "->" + sourceIp);
+								sender.Dispose();
+								_storage.Remove(ep);
+								_storage.GetOrAddSender(ep, () => new ReplySender(sourceIp, s, ep, _storage));
+							}
 						}
 
-						sender.OnReceive(decBuf, cnt);
+						_packetWriter.Write(decBuf, cnt);
 					}
 					catch (Exception ex)
 					{
diff --git a/AutoTunnel/PacketWriter.cs b/AutoTunnel/PacketWriter.cs
new file mode 100644
index 0000000..7365b95
--- /dev/null
+++ b/AutoTunnel/PacketWriter.cs
@@ -0,0 +1,36 @@
+using System;
+
+namespace Force.AutoTunnel
+{
+	public class PacketWriter : IDisposable
+	{
+		private IntPtr _handle;
+
+		private WinDivert.WinDivertAddress _addr;
+
+		public PacketWriter()
+		{
+			_handle = WinDivert.WinDivertOpen("false", WinDivert.LAYER_NETWORK, 0, 0);
+			_addr = new WinDivert.WinDivertAddress();
+			_addr.IfIdx = InterfaceHelper.GetInterfaceId();
+		}
+
+		public void Dispose()
+		{
+			if (_handle != IntPtr.Zero && _handle != (IntPtr)(-1))
+				WinDivert.WinDivertClose(_handle);
+			_handle = IntPtr.Zero;
+		}
+
+		public void Write(byte[] packet, int packetLen)
+		{
+			int writeLen = 0;
+			WinDivert.WinDivertSend(_handle, packet, packetLen, ref _addr, ref writeLen);
+		}
+
+		~PacketWriter()
+		{
+			Dispose();
+		}
+	}
+}
diff --git a/AutoTunnel/Program.cs b/AutoTunnel/Program.cs
index 9217947..e00b315 100644
--- a/AutoTunnel/Program.cs
+++ b/AutoTunnel/Program.cs
@@ -24,7 +24,11 @@ public static void Main(string[] args)
 			if (targetIp != null)
 			{
 				var endpoint = new IPEndPoint(IPAddress.Parse(targetIp), 12017);
-				var sender = ts.GetOrAdd(targetIp, () => new ClientSender(targetIp, endpoint, serverKey));
+				// adding fake tunnel info
+				ts.SetNewEndPoint(new byte[16], endpoint);
+				ts.OutgoingConnectionAdresses.Add(targetIp);
+				var sender = new ClientSender(targetIp, endpoint, serverKey, ts);
+				// var sender = ts.GetOrAddSender(targetIp, () => new ClientSender(targetIp, endpoint, serverKey));
 			}
 
 			Thread.Sleep(-1);
diff --git a/AutoTunnel/ReplySender.cs b/AutoTunnel/ReplySender.cs
index 1a25271..061602d 100644
--- a/AutoTunnel/ReplySender.cs
+++ b/AutoTunnel/ReplySender.cs
@@ -1,4 +1,5 @@
-using System.Net;
+using System;
+using System.Net;
 using System.Net.Sockets;
 
 using Force.AutoTunnel.Encryption;
@@ -11,22 +12,21 @@ public class ReplySender : BaseSender
 
 		private readonly EncryptHelper _encryptHelper;
 
-		public ReplySender(string dstAddr, Socket socket, IPEndPoint remoteEP, int sessionId, byte[] sessionKey)
-			: base(dstAddr, remoteEP)
+		private readonly IPEndPoint _remoteEP;
+
+		public ReplySender(string dstAddr, Socket socket, IPEndPoint remoteEP, TunnelStorage storage)
+			: base(dstAddr, storage)
 		{
+			Console.WriteLine("Tunnel watcher was created for " + dstAddr);
 			_socket = socket;
-			_encryptHelper = new EncryptHelper(sessionKey);
-			_encryptHelper.InnerBuf[0] = 0x0;
-			_encryptHelper.InnerBuf[1] = (byte)(sessionId & 0xff);
-			_encryptHelper.InnerBuf[2] = (byte)((sessionId >> 8) & 0xff);
-			_encryptHelper.InnerBuf[3] = (byte)((sessionId >> 16) & 0xff);
-			SessionId = sessionId;
+			_encryptHelper = new EncryptHelper(storage.GetSessionKey(remoteEP));
+			_remoteEP = remoteEP;
 		}
 
 		protected override void Send(byte[] packet, int packetLen)
 		{
 			var len = _encryptHelper.Encrypt(packet, packetLen);
-			_socket.SendTo(_encryptHelper.InnerBuf, len, SocketFlags.None, RemoteEP);
+			_socket.SendTo(_encryptHelper.InnerBuf, len, SocketFlags.None, _remoteEP);
 		}
 	}
 }
diff --git a/AutoTunnel/TunnelStorage.cs b/AutoTunnel/TunnelStorage.cs
index 676798b..c0f5b16 100644
--- a/AutoTunnel/TunnelStorage.cs
+++ b/AutoTunnel/TunnelStorage.cs
@@ -1,7 +1,8 @@
 using System;
 using System.Collections.Concurrent;
+using System.Collections.Generic;
 using System.Linq;
-using System.Threading;
+using System.Net;
 
 using Force.AutoTunnel.Encryption;
 
@@ -9,22 +10,31 @@ namespace Force.AutoTunnel
 {
 	public class TunnelStorage
 	{
-		private readonly ConcurrentDictionary<string, BaseSender> _clients = new ConcurrentDictionary<string, BaseSender>();
+		private readonly ConcurrentDictionary<ulong, BaseSender> _clients = new ConcurrentDictionary<ulong, BaseSender>();
 
-		public BaseSender GetOrAdd(string ip, Func<BaseSender> creatorFunc)
+		public readonly HashSet<string> OutgoingConnectionAdresses = new HashSet<string>();
+
+		public BaseSender GetOrAddSender(IPEndPoint remoteHost, Func<BaseSender> creatorFunc)
+		{
+			return _clients.GetOrAdd(GetHostKey(remoteHost), s => creatorFunc());
+		}
+
+		public bool Remove(IPEndPoint remoteHost)
 		{
-			return _clients.GetOrAdd(ip, s => creatorFunc());
+			var hostKey = GetHostKey(remoteHost);
+			return Remove(hostKey);
 		}
 
-		public bool Remove(string ip)
+		private bool Remove(ulong hostKey)
 		{
 			BaseSender value;
-			if (_clients.TryRemove(ip, out value))
+			
+			if (_clients.TryRemove(hostKey, out value))
 			{
 				DecryptHelper helper;
-				_sessionDecryptors.TryRemove(value.SessionId, out helper);
+				_sessionDecryptors.TryRemove(hostKey, out helper);
 				byte[] dummy;
-				_sessionKeys.TryRemove(_sessionId, out dummy);
+				_sessionKeys.TryRemove(hostKey, out dummy);
 				value.Dispose();
 				return true;
 			}
@@ -39,32 +49,39 @@ public void RemoveOldSenders(TimeSpan killTime)
 			toRemove.ForEach(x => Remove(x));
 		}
 
-		private readonly ConcurrentDictionary<int, byte[]> _sessionKeys = new ConcurrentDictionary<int, byte[]>();
-
-		private readonly ConcurrentDictionary<int, DecryptHelper> _sessionDecryptors = new ConcurrentDictionary<int, DecryptHelper>();
+		private readonly ConcurrentDictionary<ulong, byte[]> _sessionKeys = new ConcurrentDictionary<ulong, byte[]>();
 
-		private static int _sessionId;
+		private readonly ConcurrentDictionary<ulong, DecryptHelper> _sessionDecryptors = new ConcurrentDictionary<ulong, DecryptHelper>();
 
-		public int GetNewSessionId(byte[] sessionKey)
+		public void SetNewEndPoint(byte[] sessionKey, IPEndPoint remoteHost)
 		{
-			var currentSessionId = Interlocked.Increment(ref _sessionId);
-			_sessionKeys[_sessionId] = sessionKey;
-			_sessionDecryptors[_sessionId] = new DecryptHelper(sessionKey);
-			return currentSessionId;
+			var hostKey = GetHostKey(remoteHost);
+			_sessionKeys[hostKey] = sessionKey;
+			_sessionDecryptors[hostKey] = new DecryptHelper(sessionKey);
 		}
 
-		public byte[] GetSessionKey(int sessionId)
+		public byte[] GetSessionKey(IPEndPoint remoteHost)
 		{
 			byte[] value;
-			if (_sessionKeys.TryGetValue(sessionId, out value)) return value;
+			if (_sessionKeys.TryGetValue(GetHostKey(remoteHost), out value)) return value;
 			return null;
 		}
 
-		public DecryptHelper GetSessionDecryptor(int sessionId)
+		public DecryptHelper GetSessionDecryptor(IPEndPoint remoteHost)
 		{
 			DecryptHelper value;
-			if (_sessionDecryptors.TryGetValue(sessionId, out value)) return value;
+			if (_sessionDecryptors.TryGetValue(GetHostKey(remoteHost), out value)) return value;
 			return null;
 		}
+
+		private static ulong GetHostKey(IPEndPoint endpoint)
+		{
+			return ((ulong)endpoint.Address.Address << 16) | (uint)endpoint.Port;
+		}
+
+		public bool HasSession(ulong key)
+		{
+			return _sessionKeys.ContainsKey(key);
+		}
 	}
 }

From 0e24270df22435568fbfa1410bcf75ff80a16777 Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Wed, 30 Aug 2017 00:16:58 +0300
Subject: [PATCH 04/15] added configuration support, bugfixes

---
 AutoTunnel/AutoTunnel.csproj            | 11 ++++++
 AutoTunnel/BaseSender.cs                |  6 +--
 AutoTunnel/ClientSender.cs              |  6 ++-
 AutoTunnel/Config/ListeningConfig.cs    | 12 ++++++
 AutoTunnel/Config/MainConfig.cs         | 21 ++++++++++
 AutoTunnel/Config/RemoteServerConfig.cs |  9 +++++
 AutoTunnel/Encryption/PasswordHelper.cs |  4 +-
 AutoTunnel/Listener.cs                  | 52 +++++++++++++++++++------
 AutoTunnel/Program.cs                   | 48 +++++++++++++++++------
 AutoTunnel/ReplySender.cs               |  2 +-
 AutoTunnel/TunnelStorage.cs             | 23 +++++++++--
 AutoTunnel/packages.config              |  4 ++
 12 files changed, 163 insertions(+), 35 deletions(-)
 create mode 100644 AutoTunnel/Config/ListeningConfig.cs
 create mode 100644 AutoTunnel/Config/MainConfig.cs
 create mode 100644 AutoTunnel/Config/RemoteServerConfig.cs
 create mode 100644 AutoTunnel/packages.config

diff --git a/AutoTunnel/AutoTunnel.csproj b/AutoTunnel/AutoTunnel.csproj
index 906254d..2d64c8d 100644
--- a/AutoTunnel/AutoTunnel.csproj
+++ b/AutoTunnel/AutoTunnel.csproj
@@ -43,6 +43,10 @@
     <AssemblyOriginatorKeyFile>..\force.snk</AssemblyOriginatorKeyFile>
   </PropertyGroup>
   <ItemGroup>
+    <Reference Include="Newtonsoft.Json, Version=9.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
+      <HintPath>..\packages\Newtonsoft.Json.9.0.1\lib\net40\Newtonsoft.Json.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
     <Reference Include="System" />
     <Reference Include="System.Core" />
     <Reference Include="System.Xml.Linq" />
@@ -51,7 +55,13 @@
     <Reference Include="System.Xml" />
   </ItemGroup>
   <ItemGroup>
+    <None Include="config.json">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
     <Compile Include="ClientSender.cs" />
+    <Compile Include="Config\RemoteServerConfig.cs" />
+    <Compile Include="Config\ListeningConfig.cs" />
+    <Compile Include="Config\MainConfig.cs" />
     <Compile Include="PacketWriter.cs" />
     <Compile Include="Encryption\ClientHandshake.cs" />
     <Compile Include="Encryption\DecryptHelper.cs" />
@@ -73,6 +83,7 @@
     <None Include="..\force.snk">
       <Link>force.snk</Link>
     </None>
+    <None Include="packages.config" />
     <None Include="x86\WinDivert.dll">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
diff --git a/AutoTunnel/BaseSender.cs b/AutoTunnel/BaseSender.cs
index a301150..35b4ca7 100644
--- a/AutoTunnel/BaseSender.cs
+++ b/AutoTunnel/BaseSender.cs
@@ -10,13 +10,13 @@ public abstract class BaseSender : IDisposable
 
 		private bool _isExiting;
 
-		public readonly string DstAddr;
+		public readonly IPAddress DstAddr;
 
 		public DateTime LastActivity { get; private set; }
 
 		private readonly TunnelStorage _storage;
 
-		protected BaseSender(string dstAddr, TunnelStorage storage)
+		protected BaseSender(IPAddress dstAddr, TunnelStorage storage)
 		{
 			_storage = storage;
 			DstAddr = dstAddr;
@@ -28,7 +28,7 @@ protected BaseSender(string dstAddr, TunnelStorage storage)
 
 		protected abstract void Send(byte[] packet, int packetLen);
 
-		protected void UpdateLastActivity()
+		public void UpdateLastActivity()
 		{
 			LastActivity = DateTime.UtcNow;
 		}
diff --git a/AutoTunnel/ClientSender.cs b/AutoTunnel/ClientSender.cs
index c9c7676..5a7fef4 100644
--- a/AutoTunnel/ClientSender.cs
+++ b/AutoTunnel/ClientSender.cs
@@ -1,5 +1,4 @@
 using System;
-using System.Diagnostics;
 using System.Net;
 using System.Net.Sockets;
 using System.Threading;
@@ -27,10 +26,13 @@ public class ClientSender : BaseSender
 
 		private bool _isInited;
 
-		public ClientSender(string dstAddr, IPEndPoint remoteEP, byte[] serverKey, TunnelStorage storage)
+		public readonly IPEndPoint RemoteEP;
+
+		public ClientSender(IPAddress dstAddr, IPEndPoint remoteEP, byte[] serverKey, TunnelStorage storage)
 			: base(dstAddr, storage)
 		{
 			Console.WriteLine("Tunnel watcher was created for " + dstAddr);
+			RemoteEP = remoteEP;
 			_packetWriter = new PacketWriter();
 			_socket = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
 			_socket.Connect(remoteEP);
diff --git a/AutoTunnel/Config/ListeningConfig.cs b/AutoTunnel/Config/ListeningConfig.cs
new file mode 100644
index 0000000..6659ae7
--- /dev/null
+++ b/AutoTunnel/Config/ListeningConfig.cs
@@ -0,0 +1,12 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+
+namespace Force.AutoTunnel.Config
+{
+	public class ListeningConfig
+	{
+
+	}
+}
diff --git a/AutoTunnel/Config/MainConfig.cs b/AutoTunnel/Config/MainConfig.cs
new file mode 100644
index 0000000..c10829d
--- /dev/null
+++ b/AutoTunnel/Config/MainConfig.cs
@@ -0,0 +1,21 @@
+using System.ComponentModel;
+
+using Newtonsoft.Json;
+
+namespace Force.AutoTunnel.Config
+{
+	public class MainConfig
+	{
+		[DefaultValue(true)]
+		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
+		public bool EnableListening { get; set; }
+
+		[DefaultValue(true)]
+		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
+		public bool AddFirewallRule { get; set; }
+
+		public string[] Keys { get; set; }
+
+		public RemoteServerConfig[] RemoteServers { get; set; }
+	}
+}
diff --git a/AutoTunnel/Config/RemoteServerConfig.cs b/AutoTunnel/Config/RemoteServerConfig.cs
new file mode 100644
index 0000000..6344844
--- /dev/null
+++ b/AutoTunnel/Config/RemoteServerConfig.cs
@@ -0,0 +1,9 @@
+namespace Force.AutoTunnel.Config
+{
+	public class RemoteServerConfig
+	{
+		public string Address { get; set; }
+
+		public string Key { get; set; }
+	}
+}
diff --git a/AutoTunnel/Encryption/PasswordHelper.cs b/AutoTunnel/Encryption/PasswordHelper.cs
index ee13d45..84ba7b2 100644
--- a/AutoTunnel/Encryption/PasswordHelper.cs
+++ b/AutoTunnel/Encryption/PasswordHelper.cs
@@ -23,14 +23,14 @@ public static byte[] Encrypt(string publicRsaKey, byte[] data)
 		{
 			var rsa = new RSACryptoServiceProvider();
 			rsa.FromXmlString(publicRsaKey);
-			return rsa.Encrypt(data, true);
+			return rsa.Encrypt(data, false);
 		}
 
 		public static byte[] Decrypt(string privateRsaKey, byte[] data)
 		{
 			var rsa = new RSACryptoServiceProvider();
 			rsa.FromXmlString(privateRsaKey);
-			return rsa.Decrypt(data, true);
+			return rsa.Decrypt(data, false);
 		}
 	}
 }
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
index 8678a01..cefbe4e 100644
--- a/AutoTunnel/Listener.cs
+++ b/AutoTunnel/Listener.cs
@@ -1,5 +1,4 @@
 using System;
-using System.Collections.Concurrent;
 using System.Net;
 using System.Net.Sockets;
 using System.Threading;
@@ -13,19 +12,20 @@ public class Listener
 	{
 		private readonly TunnelStorage _storage;
 
-		private readonly byte[] _serverKey;
+		private readonly byte[][] _serverKeys;
 
 		private readonly PacketWriter _packetWriter;
 
-		public Listener(TunnelStorage storage, byte[] serverKey)
+		public Listener(TunnelStorage storage, byte[][] serverKeys)
 		{
 			_storage = storage;
-			_serverKey = serverKey;
+			_serverKeys = serverKeys;
 			_packetWriter = new PacketWriter();
 		}
 
 		public void Start()
 		{
+			Console.WriteLine("Started listening for incoming connections");
 			Task.Factory.StartNew(StartInternal);
 			Task.Factory.StartNew(CleanupThread);
 		}
@@ -34,7 +34,13 @@ private void CleanupThread()
 		{
 			while (true)
 			{
-				_storage.RemoveOldSenders(TimeSpan.FromMinutes(10));
+				var oldSenders = _storage.GetOldSenders(TimeSpan.FromMinutes(10));
+				foreach (var os in oldSenders)
+				{
+					Console.WriteLine("Removing idle session " + os.Address + ":" + os.Port);
+					_storage.Remove(os);
+				}
+
 				Thread.Sleep(10 * 60 * 1000);
 			}
 		}
@@ -46,7 +52,6 @@ private void StartInternal()
 			{
 				s.Bind(new IPEndPoint(IPAddress.Any, 12017));
 				byte[] inBuf = new byte[65536];
-				byte[] decBuf = null;
 				EndPoint ep1 = new IPEndPoint(IPAddress.Any, 0);
 				while (true)
 				{
@@ -56,17 +61,37 @@ private void StartInternal()
 						IPEndPoint ep = (IPEndPoint)ep1;
 
 						if (cnt == 0) continue;
+						byte[] decBuf = null;
 						if (cnt % 16 != 0)
 						{
 							if (inBuf[0] == 1)
 							{
 								Console.WriteLine("Estabilishing connection from " + ep.Address + ":" + ep.Port);
-								var decryptHelper = new DecryptHelper(_serverKey);
-								var dataLen = decryptHelper.Decrypt(inBuf, 4);
+								int dataLen = -1;
+								DecryptHelper decryptHelper = null;
+								EncryptHelper encryptHelper = null;
+								foreach (var serverKey in _serverKeys)
+								{
+									decryptHelper = new DecryptHelper(serverKey);
+									dataLen = decryptHelper.Decrypt(inBuf, 4);
+									if (dataLen > 0)
+									{
+										encryptHelper = new EncryptHelper(serverKey);
+										break;
+									}
+								}
+
+								// data is invalid, do not reply
+								if (dataLen < 0)
+								{
+									Console.WriteLine("Invalid data from " + ep.Address + ":" + ep.Port);
+									continue;
+								}
+								
 								var serverHandshake = new ServerHandshake();
 								var outPacket = serverHandshake.GetOutPacket(decryptHelper.InnerBuf, dataLen);
 								_storage.SetNewEndPoint(serverHandshake.SessionKey, ep);
-								var encryptHelper = new EncryptHelper(_serverKey);
+								
 								var outLen = encryptHelper.Encrypt(outPacket, outPacket.Length);
 								var initBuf = new byte[outLen + 4];
 								Buffer.BlockCopy(encryptHelper.InnerBuf, 0, initBuf, 4, outLen);
@@ -112,19 +137,22 @@ private void StartInternal()
 							cnt = len;
 						}
 
-						var sourceIp = decBuf[12] + "." + decBuf[13] + "." + decBuf[14] + "." + decBuf[15];
+						// var sourceIp = decBuf[12] + "." + decBuf[13] + "." + decBuf[14] + "." + decBuf[15];
+						var sourceIp = new IPAddress(decBuf[12] | (decBuf[13] << 8) | (decBuf[14] << 16) | (decBuf[15] << 24));
 						// if we already has option to estabilish connection to this ip, do not add additional sender
 						if (!_storage.OutgoingConnectionAdresses.Contains(sourceIp))
 						{
 							var sender = _storage.GetOrAddSender(ep, () => new ReplySender(sourceIp, s, ep, _storage));
+							sender.UpdateLastActivity();
 
 							// ip was changed for client
-							if (sender.DstAddr != sourceIp)
+							if (!sender.DstAddr.Equals(sourceIp))
 							{
 								Console.WriteLine("Remote endpoint " + ep.Address + ":" + ep.Port + " has changed ip: " + sender.DstAddr + "->" + sourceIp);
+								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, ep);
 								sender.Dispose();
 								_storage.Remove(ep);
-								_storage.GetOrAddSender(ep, () => new ReplySender(sourceIp, s, ep, _storage));
+								// _storage.GetOrAddSender(ep, () => new ReplySender(sourceIp, s, ep, _storage));
 							}
 						}
 
diff --git a/AutoTunnel/Program.cs b/AutoTunnel/Program.cs
index e00b315..9ba412c 100644
--- a/AutoTunnel/Program.cs
+++ b/AutoTunnel/Program.cs
@@ -1,14 +1,39 @@
 using System;
+using System.IO;
+using System.Linq;
 using System.Net;
 using System.Threading;
 
+using Force.AutoTunnel.Config;
+
+using Newtonsoft.Json;
+
 namespace Force.AutoTunnel
 {
 	public class Program
 	{
 		public static void Main(string[] args)
 		{
-			var serverKey = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8 };
+			var configPath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "config.json");
+			if (!File.Exists(configPath))
+			{
+				Console.Error.WriteLine("Missing config file");
+				return;
+			}
+
+			MainConfig config;
+
+			try
+			{
+				config = new JsonSerializer().Deserialize<MainConfig>(new JsonTextReader(new StreamReader(File.OpenRead(configPath))));
+			}
+			catch (Exception ex)
+			{
+				Console.Error.WriteLine("Error in parsing config: " + ex.Message);
+				return;
+			}
+
+			var serverKeys = (config.Keys ?? new string[0]).Select(PasswordHelper.GenerateKey).ToArray();
 			if (!NativeHelper.IsNativeAvailable)
 			{
 				Console.Error.WriteLine("Cannot load WinDivert library");
@@ -16,19 +41,20 @@ public static void Main(string[] args)
 			}
 
 			var ts = new TunnelStorage();
-			var l = new Listener(ts, serverKey);
-			l.Start();
 
-			var targetIp = args.Length > 0 ? args[0] : null;
+			if (config.EnableListening)
+			{
+				if (config.AddFirewallRule)
+					FirewallHelper.AddOpenFirewallRule("12017");
+
+				var l = new Listener(ts, serverKeys);
+				l.Start();
+			}
 
-			if (targetIp != null)
+			foreach (var rs in config.RemoteServers ?? new RemoteServerConfig[0])
 			{
-				var endpoint = new IPEndPoint(IPAddress.Parse(targetIp), 12017);
-				// adding fake tunnel info
-				ts.SetNewEndPoint(new byte[16], endpoint);
-				ts.OutgoingConnectionAdresses.Add(targetIp);
-				var sender = new ClientSender(targetIp, endpoint, serverKey, ts);
-				// var sender = ts.GetOrAddSender(targetIp, () => new ClientSender(targetIp, endpoint, serverKey));
+				var endpoint = new IPEndPoint(IPAddress.Parse(rs.Address), 12017);
+				ts.AddClientSender(new ClientSender(endpoint.Address, endpoint, PasswordHelper.GenerateKey(rs.Key), ts));
 			}
 
 			Thread.Sleep(-1);
diff --git a/AutoTunnel/ReplySender.cs b/AutoTunnel/ReplySender.cs
index 061602d..e04545f 100644
--- a/AutoTunnel/ReplySender.cs
+++ b/AutoTunnel/ReplySender.cs
@@ -14,7 +14,7 @@ public class ReplySender : BaseSender
 
 		private readonly IPEndPoint _remoteEP;
 
-		public ReplySender(string dstAddr, Socket socket, IPEndPoint remoteEP, TunnelStorage storage)
+		public ReplySender(IPAddress dstAddr, Socket socket, IPEndPoint remoteEP, TunnelStorage storage)
 			: base(dstAddr, storage)
 		{
 			Console.WriteLine("Tunnel watcher was created for " + dstAddr);
diff --git a/AutoTunnel/TunnelStorage.cs b/AutoTunnel/TunnelStorage.cs
index c0f5b16..f8eccf3 100644
--- a/AutoTunnel/TunnelStorage.cs
+++ b/AutoTunnel/TunnelStorage.cs
@@ -12,7 +12,9 @@ public class TunnelStorage
 	{
 		private readonly ConcurrentDictionary<ulong, BaseSender> _clients = new ConcurrentDictionary<ulong, BaseSender>();
 
-		public readonly HashSet<string> OutgoingConnectionAdresses = new HashSet<string>();
+		public readonly HashSet<IPAddress> OutgoingConnectionAdresses = new HashSet<IPAddress>();
+
+		private readonly List<ClientSender> _clientSenders = new List<ClientSender>();
 
 		public BaseSender GetOrAddSender(IPEndPoint remoteHost, Func<BaseSender> creatorFunc)
 		{
@@ -42,11 +44,13 @@ private bool Remove(ulong hostKey)
 			return false;
 		}
 
-		public void RemoveOldSenders(TimeSpan killTime)
+		public IPEndPoint[] GetOldSenders(TimeSpan killTime)
 		{
 			var dt = DateTime.UtcNow;
-			var toRemove = (from client in _clients where client.Value is ReplySender && dt.Subtract(client.Value.LastActivity) >= killTime select client.Key).ToList();
-			toRemove.ForEach(x => Remove(x));
+			var toRemove = (from client in _clients where client.Value is ReplySender && dt.Subtract(client.Value.LastActivity) >= killTime select client.Key)
+				.Select(x => new IPEndPoint((long)(x >> 16), (int)(x & 0xffff)))
+				.ToArray();
+			return toRemove;
 		}
 
 		private readonly ConcurrentDictionary<ulong, byte[]> _sessionKeys = new ConcurrentDictionary<ulong, byte[]>();
@@ -76,12 +80,23 @@ public DecryptHelper GetSessionDecryptor(IPEndPoint remoteHost)
 
 		private static ulong GetHostKey(IPEndPoint endpoint)
 		{
+#pragma warning disable 612,618
 			return ((ulong)endpoint.Address.Address << 16) | (uint)endpoint.Port;
+#pragma warning restore 612,618
 		}
 
 		public bool HasSession(ulong key)
 		{
 			return _sessionKeys.ContainsKey(key);
 		}
+
+		public void AddClientSender(ClientSender sender)
+		{
+			// adding fake tunnel info
+			SetNewEndPoint(new byte[16], sender.RemoteEP);
+			OutgoingConnectionAdresses.Add(sender.DstAddr);
+
+			_clientSenders.Add(sender);
+		}
 	}
 }
diff --git a/AutoTunnel/packages.config b/AutoTunnel/packages.config
new file mode 100644
index 0000000..7c276ed
--- /dev/null
+++ b/AutoTunnel/packages.config
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packages>
+  <package id="Newtonsoft.Json" version="9.0.1" targetFramework="net40" />
+</packages>
\ No newline at end of file

From a370a5de1ad9cd21ce3e38a799f75e46454d9e5f Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Wed, 30 Aug 2017 00:16:58 +0300
Subject: [PATCH 05/15] added configuration support, bugfixes

---
 AutoTunnel/AutoTunnel.csproj            | 11 ++++++
 AutoTunnel/BaseSender.cs                |  6 +--
 AutoTunnel/ClientSender.cs              |  6 ++-
 AutoTunnel/Config/ListeningConfig.cs    | 12 ++++++
 AutoTunnel/Config/MainConfig.cs         | 21 ++++++++++
 AutoTunnel/Config/RemoteServerConfig.cs |  9 +++++
 AutoTunnel/Encryption/PasswordHelper.cs |  4 +-
 AutoTunnel/Listener.cs                  | 52 +++++++++++++++++++------
 AutoTunnel/Program.cs                   | 48 +++++++++++++++++------
 AutoTunnel/ReplySender.cs               |  2 +-
 AutoTunnel/TunnelStorage.cs             | 23 +++++++++--
 AutoTunnel/config.json                  |  6 +++
 AutoTunnel/packages.config              |  4 ++
 13 files changed, 169 insertions(+), 35 deletions(-)
 create mode 100644 AutoTunnel/Config/ListeningConfig.cs
 create mode 100644 AutoTunnel/Config/MainConfig.cs
 create mode 100644 AutoTunnel/Config/RemoteServerConfig.cs
 create mode 100644 AutoTunnel/config.json
 create mode 100644 AutoTunnel/packages.config

diff --git a/AutoTunnel/AutoTunnel.csproj b/AutoTunnel/AutoTunnel.csproj
index 906254d..2d64c8d 100644
--- a/AutoTunnel/AutoTunnel.csproj
+++ b/AutoTunnel/AutoTunnel.csproj
@@ -43,6 +43,10 @@
     <AssemblyOriginatorKeyFile>..\force.snk</AssemblyOriginatorKeyFile>
   </PropertyGroup>
   <ItemGroup>
+    <Reference Include="Newtonsoft.Json, Version=9.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
+      <HintPath>..\packages\Newtonsoft.Json.9.0.1\lib\net40\Newtonsoft.Json.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
     <Reference Include="System" />
     <Reference Include="System.Core" />
     <Reference Include="System.Xml.Linq" />
@@ -51,7 +55,13 @@
     <Reference Include="System.Xml" />
   </ItemGroup>
   <ItemGroup>
+    <None Include="config.json">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
     <Compile Include="ClientSender.cs" />
+    <Compile Include="Config\RemoteServerConfig.cs" />
+    <Compile Include="Config\ListeningConfig.cs" />
+    <Compile Include="Config\MainConfig.cs" />
     <Compile Include="PacketWriter.cs" />
     <Compile Include="Encryption\ClientHandshake.cs" />
     <Compile Include="Encryption\DecryptHelper.cs" />
@@ -73,6 +83,7 @@
     <None Include="..\force.snk">
       <Link>force.snk</Link>
     </None>
+    <None Include="packages.config" />
     <None Include="x86\WinDivert.dll">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
diff --git a/AutoTunnel/BaseSender.cs b/AutoTunnel/BaseSender.cs
index a301150..35b4ca7 100644
--- a/AutoTunnel/BaseSender.cs
+++ b/AutoTunnel/BaseSender.cs
@@ -10,13 +10,13 @@ public abstract class BaseSender : IDisposable
 
 		private bool _isExiting;
 
-		public readonly string DstAddr;
+		public readonly IPAddress DstAddr;
 
 		public DateTime LastActivity { get; private set; }
 
 		private readonly TunnelStorage _storage;
 
-		protected BaseSender(string dstAddr, TunnelStorage storage)
+		protected BaseSender(IPAddress dstAddr, TunnelStorage storage)
 		{
 			_storage = storage;
 			DstAddr = dstAddr;
@@ -28,7 +28,7 @@ protected BaseSender(string dstAddr, TunnelStorage storage)
 
 		protected abstract void Send(byte[] packet, int packetLen);
 
-		protected void UpdateLastActivity()
+		public void UpdateLastActivity()
 		{
 			LastActivity = DateTime.UtcNow;
 		}
diff --git a/AutoTunnel/ClientSender.cs b/AutoTunnel/ClientSender.cs
index c9c7676..5a7fef4 100644
--- a/AutoTunnel/ClientSender.cs
+++ b/AutoTunnel/ClientSender.cs
@@ -1,5 +1,4 @@
 using System;
-using System.Diagnostics;
 using System.Net;
 using System.Net.Sockets;
 using System.Threading;
@@ -27,10 +26,13 @@ public class ClientSender : BaseSender
 
 		private bool _isInited;
 
-		public ClientSender(string dstAddr, IPEndPoint remoteEP, byte[] serverKey, TunnelStorage storage)
+		public readonly IPEndPoint RemoteEP;
+
+		public ClientSender(IPAddress dstAddr, IPEndPoint remoteEP, byte[] serverKey, TunnelStorage storage)
 			: base(dstAddr, storage)
 		{
 			Console.WriteLine("Tunnel watcher was created for " + dstAddr);
+			RemoteEP = remoteEP;
 			_packetWriter = new PacketWriter();
 			_socket = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
 			_socket.Connect(remoteEP);
diff --git a/AutoTunnel/Config/ListeningConfig.cs b/AutoTunnel/Config/ListeningConfig.cs
new file mode 100644
index 0000000..6659ae7
--- /dev/null
+++ b/AutoTunnel/Config/ListeningConfig.cs
@@ -0,0 +1,12 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+
+namespace Force.AutoTunnel.Config
+{
+	public class ListeningConfig
+	{
+
+	}
+}
diff --git a/AutoTunnel/Config/MainConfig.cs b/AutoTunnel/Config/MainConfig.cs
new file mode 100644
index 0000000..c10829d
--- /dev/null
+++ b/AutoTunnel/Config/MainConfig.cs
@@ -0,0 +1,21 @@
+using System.ComponentModel;
+
+using Newtonsoft.Json;
+
+namespace Force.AutoTunnel.Config
+{
+	public class MainConfig
+	{
+		[DefaultValue(true)]
+		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
+		public bool EnableListening { get; set; }
+
+		[DefaultValue(true)]
+		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
+		public bool AddFirewallRule { get; set; }
+
+		public string[] Keys { get; set; }
+
+		public RemoteServerConfig[] RemoteServers { get; set; }
+	}
+}
diff --git a/AutoTunnel/Config/RemoteServerConfig.cs b/AutoTunnel/Config/RemoteServerConfig.cs
new file mode 100644
index 0000000..6344844
--- /dev/null
+++ b/AutoTunnel/Config/RemoteServerConfig.cs
@@ -0,0 +1,9 @@
+namespace Force.AutoTunnel.Config
+{
+	public class RemoteServerConfig
+	{
+		public string Address { get; set; }
+
+		public string Key { get; set; }
+	}
+}
diff --git a/AutoTunnel/Encryption/PasswordHelper.cs b/AutoTunnel/Encryption/PasswordHelper.cs
index ee13d45..84ba7b2 100644
--- a/AutoTunnel/Encryption/PasswordHelper.cs
+++ b/AutoTunnel/Encryption/PasswordHelper.cs
@@ -23,14 +23,14 @@ public static byte[] Encrypt(string publicRsaKey, byte[] data)
 		{
 			var rsa = new RSACryptoServiceProvider();
 			rsa.FromXmlString(publicRsaKey);
-			return rsa.Encrypt(data, true);
+			return rsa.Encrypt(data, false);
 		}
 
 		public static byte[] Decrypt(string privateRsaKey, byte[] data)
 		{
 			var rsa = new RSACryptoServiceProvider();
 			rsa.FromXmlString(privateRsaKey);
-			return rsa.Decrypt(data, true);
+			return rsa.Decrypt(data, false);
 		}
 	}
 }
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
index 8678a01..cefbe4e 100644
--- a/AutoTunnel/Listener.cs
+++ b/AutoTunnel/Listener.cs
@@ -1,5 +1,4 @@
 using System;
-using System.Collections.Concurrent;
 using System.Net;
 using System.Net.Sockets;
 using System.Threading;
@@ -13,19 +12,20 @@ public class Listener
 	{
 		private readonly TunnelStorage _storage;
 
-		private readonly byte[] _serverKey;
+		private readonly byte[][] _serverKeys;
 
 		private readonly PacketWriter _packetWriter;
 
-		public Listener(TunnelStorage storage, byte[] serverKey)
+		public Listener(TunnelStorage storage, byte[][] serverKeys)
 		{
 			_storage = storage;
-			_serverKey = serverKey;
+			_serverKeys = serverKeys;
 			_packetWriter = new PacketWriter();
 		}
 
 		public void Start()
 		{
+			Console.WriteLine("Started listening for incoming connections");
 			Task.Factory.StartNew(StartInternal);
 			Task.Factory.StartNew(CleanupThread);
 		}
@@ -34,7 +34,13 @@ private void CleanupThread()
 		{
 			while (true)
 			{
-				_storage.RemoveOldSenders(TimeSpan.FromMinutes(10));
+				var oldSenders = _storage.GetOldSenders(TimeSpan.FromMinutes(10));
+				foreach (var os in oldSenders)
+				{
+					Console.WriteLine("Removing idle session " + os.Address + ":" + os.Port);
+					_storage.Remove(os);
+				}
+
 				Thread.Sleep(10 * 60 * 1000);
 			}
 		}
@@ -46,7 +52,6 @@ private void StartInternal()
 			{
 				s.Bind(new IPEndPoint(IPAddress.Any, 12017));
 				byte[] inBuf = new byte[65536];
-				byte[] decBuf = null;
 				EndPoint ep1 = new IPEndPoint(IPAddress.Any, 0);
 				while (true)
 				{
@@ -56,17 +61,37 @@ private void StartInternal()
 						IPEndPoint ep = (IPEndPoint)ep1;
 
 						if (cnt == 0) continue;
+						byte[] decBuf = null;
 						if (cnt % 16 != 0)
 						{
 							if (inBuf[0] == 1)
 							{
 								Console.WriteLine("Estabilishing connection from " + ep.Address + ":" + ep.Port);
-								var decryptHelper = new DecryptHelper(_serverKey);
-								var dataLen = decryptHelper.Decrypt(inBuf, 4);
+								int dataLen = -1;
+								DecryptHelper decryptHelper = null;
+								EncryptHelper encryptHelper = null;
+								foreach (var serverKey in _serverKeys)
+								{
+									decryptHelper = new DecryptHelper(serverKey);
+									dataLen = decryptHelper.Decrypt(inBuf, 4);
+									if (dataLen > 0)
+									{
+										encryptHelper = new EncryptHelper(serverKey);
+										break;
+									}
+								}
+
+								// data is invalid, do not reply
+								if (dataLen < 0)
+								{
+									Console.WriteLine("Invalid data from " + ep.Address + ":" + ep.Port);
+									continue;
+								}
+								
 								var serverHandshake = new ServerHandshake();
 								var outPacket = serverHandshake.GetOutPacket(decryptHelper.InnerBuf, dataLen);
 								_storage.SetNewEndPoint(serverHandshake.SessionKey, ep);
-								var encryptHelper = new EncryptHelper(_serverKey);
+								
 								var outLen = encryptHelper.Encrypt(outPacket, outPacket.Length);
 								var initBuf = new byte[outLen + 4];
 								Buffer.BlockCopy(encryptHelper.InnerBuf, 0, initBuf, 4, outLen);
@@ -112,19 +137,22 @@ private void StartInternal()
 							cnt = len;
 						}
 
-						var sourceIp = decBuf[12] + "." + decBuf[13] + "." + decBuf[14] + "." + decBuf[15];
+						// var sourceIp = decBuf[12] + "." + decBuf[13] + "." + decBuf[14] + "." + decBuf[15];
+						var sourceIp = new IPAddress(decBuf[12] | (decBuf[13] << 8) | (decBuf[14] << 16) | (decBuf[15] << 24));
 						// if we already has option to estabilish connection to this ip, do not add additional sender
 						if (!_storage.OutgoingConnectionAdresses.Contains(sourceIp))
 						{
 							var sender = _storage.GetOrAddSender(ep, () => new ReplySender(sourceIp, s, ep, _storage));
+							sender.UpdateLastActivity();
 
 							// ip was changed for client
-							if (sender.DstAddr != sourceIp)
+							if (!sender.DstAddr.Equals(sourceIp))
 							{
 								Console.WriteLine("Remote endpoint " + ep.Address + ":" + ep.Port + " has changed ip: " + sender.DstAddr + "->" + sourceIp);
+								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, ep);
 								sender.Dispose();
 								_storage.Remove(ep);
-								_storage.GetOrAddSender(ep, () => new ReplySender(sourceIp, s, ep, _storage));
+								// _storage.GetOrAddSender(ep, () => new ReplySender(sourceIp, s, ep, _storage));
 							}
 						}
 
diff --git a/AutoTunnel/Program.cs b/AutoTunnel/Program.cs
index e00b315..9ba412c 100644
--- a/AutoTunnel/Program.cs
+++ b/AutoTunnel/Program.cs
@@ -1,14 +1,39 @@
 using System;
+using System.IO;
+using System.Linq;
 using System.Net;
 using System.Threading;
 
+using Force.AutoTunnel.Config;
+
+using Newtonsoft.Json;
+
 namespace Force.AutoTunnel
 {
 	public class Program
 	{
 		public static void Main(string[] args)
 		{
-			var serverKey = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8 };
+			var configPath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "config.json");
+			if (!File.Exists(configPath))
+			{
+				Console.Error.WriteLine("Missing config file");
+				return;
+			}
+
+			MainConfig config;
+
+			try
+			{
+				config = new JsonSerializer().Deserialize<MainConfig>(new JsonTextReader(new StreamReader(File.OpenRead(configPath))));
+			}
+			catch (Exception ex)
+			{
+				Console.Error.WriteLine("Error in parsing config: " + ex.Message);
+				return;
+			}
+
+			var serverKeys = (config.Keys ?? new string[0]).Select(PasswordHelper.GenerateKey).ToArray();
 			if (!NativeHelper.IsNativeAvailable)
 			{
 				Console.Error.WriteLine("Cannot load WinDivert library");
@@ -16,19 +41,20 @@ public static void Main(string[] args)
 			}
 
 			var ts = new TunnelStorage();
-			var l = new Listener(ts, serverKey);
-			l.Start();
 
-			var targetIp = args.Length > 0 ? args[0] : null;
+			if (config.EnableListening)
+			{
+				if (config.AddFirewallRule)
+					FirewallHelper.AddOpenFirewallRule("12017");
+
+				var l = new Listener(ts, serverKeys);
+				l.Start();
+			}
 
-			if (targetIp != null)
+			foreach (var rs in config.RemoteServers ?? new RemoteServerConfig[0])
 			{
-				var endpoint = new IPEndPoint(IPAddress.Parse(targetIp), 12017);
-				// adding fake tunnel info
-				ts.SetNewEndPoint(new byte[16], endpoint);
-				ts.OutgoingConnectionAdresses.Add(targetIp);
-				var sender = new ClientSender(targetIp, endpoint, serverKey, ts);
-				// var sender = ts.GetOrAddSender(targetIp, () => new ClientSender(targetIp, endpoint, serverKey));
+				var endpoint = new IPEndPoint(IPAddress.Parse(rs.Address), 12017);
+				ts.AddClientSender(new ClientSender(endpoint.Address, endpoint, PasswordHelper.GenerateKey(rs.Key), ts));
 			}
 
 			Thread.Sleep(-1);
diff --git a/AutoTunnel/ReplySender.cs b/AutoTunnel/ReplySender.cs
index 061602d..e04545f 100644
--- a/AutoTunnel/ReplySender.cs
+++ b/AutoTunnel/ReplySender.cs
@@ -14,7 +14,7 @@ public class ReplySender : BaseSender
 
 		private readonly IPEndPoint _remoteEP;
 
-		public ReplySender(string dstAddr, Socket socket, IPEndPoint remoteEP, TunnelStorage storage)
+		public ReplySender(IPAddress dstAddr, Socket socket, IPEndPoint remoteEP, TunnelStorage storage)
 			: base(dstAddr, storage)
 		{
 			Console.WriteLine("Tunnel watcher was created for " + dstAddr);
diff --git a/AutoTunnel/TunnelStorage.cs b/AutoTunnel/TunnelStorage.cs
index c0f5b16..f8eccf3 100644
--- a/AutoTunnel/TunnelStorage.cs
+++ b/AutoTunnel/TunnelStorage.cs
@@ -12,7 +12,9 @@ public class TunnelStorage
 	{
 		private readonly ConcurrentDictionary<ulong, BaseSender> _clients = new ConcurrentDictionary<ulong, BaseSender>();
 
-		public readonly HashSet<string> OutgoingConnectionAdresses = new HashSet<string>();
+		public readonly HashSet<IPAddress> OutgoingConnectionAdresses = new HashSet<IPAddress>();
+
+		private readonly List<ClientSender> _clientSenders = new List<ClientSender>();
 
 		public BaseSender GetOrAddSender(IPEndPoint remoteHost, Func<BaseSender> creatorFunc)
 		{
@@ -42,11 +44,13 @@ private bool Remove(ulong hostKey)
 			return false;
 		}
 
-		public void RemoveOldSenders(TimeSpan killTime)
+		public IPEndPoint[] GetOldSenders(TimeSpan killTime)
 		{
 			var dt = DateTime.UtcNow;
-			var toRemove = (from client in _clients where client.Value is ReplySender && dt.Subtract(client.Value.LastActivity) >= killTime select client.Key).ToList();
-			toRemove.ForEach(x => Remove(x));
+			var toRemove = (from client in _clients where client.Value is ReplySender && dt.Subtract(client.Value.LastActivity) >= killTime select client.Key)
+				.Select(x => new IPEndPoint((long)(x >> 16), (int)(x & 0xffff)))
+				.ToArray();
+			return toRemove;
 		}
 
 		private readonly ConcurrentDictionary<ulong, byte[]> _sessionKeys = new ConcurrentDictionary<ulong, byte[]>();
@@ -76,12 +80,23 @@ public DecryptHelper GetSessionDecryptor(IPEndPoint remoteHost)
 
 		private static ulong GetHostKey(IPEndPoint endpoint)
 		{
+#pragma warning disable 612,618
 			return ((ulong)endpoint.Address.Address << 16) | (uint)endpoint.Port;
+#pragma warning restore 612,618
 		}
 
 		public bool HasSession(ulong key)
 		{
 			return _sessionKeys.ContainsKey(key);
 		}
+
+		public void AddClientSender(ClientSender sender)
+		{
+			// adding fake tunnel info
+			SetNewEndPoint(new byte[16], sender.RemoteEP);
+			OutgoingConnectionAdresses.Add(sender.DstAddr);
+
+			_clientSenders.Add(sender);
+		}
 	}
 }
diff --git a/AutoTunnel/config.json b/AutoTunnel/config.json
new file mode 100644
index 0000000..9144f9f
--- /dev/null
+++ b/AutoTunnel/config.json
@@ -0,0 +1,6 @@
+{
+	"keys": ["key1"],
+	"remoteServers": [
+		{ "address": "192.168.16.8", "key": "key1", keepAlive: true, connectOnStart: true }
+	]
+}
\ No newline at end of file
diff --git a/AutoTunnel/packages.config b/AutoTunnel/packages.config
new file mode 100644
index 0000000..7c276ed
--- /dev/null
+++ b/AutoTunnel/packages.config
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packages>
+  <package id="Newtonsoft.Json" version="9.0.1" targetFramework="net40" />
+</packages>
\ No newline at end of file

From 66a8b0d8a54187b14105de0bdbf51fb53c5e811a Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Thu, 31 Aug 2017 00:10:09 +0300
Subject: [PATCH 06/15] improvements and bug fixes (ability to set ports,
 logging, auto connect, keep alive

---
 AutoTunnel/AutoTunnel.csproj                  |  7 +-
 AutoTunnel/BaseSender.cs                      | 41 ++++++--
 AutoTunnel/ClientSender.cs                    | 57 +++++++----
 AutoTunnel/Config/MainConfig.cs               | 10 ++
 AutoTunnel/Config/RemoteServerConfig.cs       |  4 +
 AutoTunnel/Encryption/EncryptHelper.cs        |  2 -
 AutoTunnel/Encryption/PasswordHelper.cs       |  2 +-
 AutoTunnel/EndpointHelper.cs                  | 27 +++++
 AutoTunnel/Listener.cs                        | 64 ++++++------
 AutoTunnel/Logging/AggregateLog.cs            | 28 ++++++
 AutoTunnel/Logging/ConsoleLog.cs              | 13 +++
 AutoTunnel/Logging/FileLog.cs                 | 26 +++++
 .../ListeningConfig.cs => Logging/ILog.cs}    |  6 +-
 AutoTunnel/Logging/LogHelper.cs               | 27 +++++
 AutoTunnel/Program.cs                         | 22 +++--
 AutoTunnel/ReplySender.cs                     | 17 ++--
 AutoTunnel/TunnelStorage.cs                   | 99 +++++++++----------
 AutoTunnel/config.json                        |  2 +-
 18 files changed, 325 insertions(+), 129 deletions(-)
 create mode 100644 AutoTunnel/EndpointHelper.cs
 create mode 100644 AutoTunnel/Logging/AggregateLog.cs
 create mode 100644 AutoTunnel/Logging/ConsoleLog.cs
 create mode 100644 AutoTunnel/Logging/FileLog.cs
 rename AutoTunnel/{Config/ListeningConfig.cs => Logging/ILog.cs} (52%)
 create mode 100644 AutoTunnel/Logging/LogHelper.cs

diff --git a/AutoTunnel/AutoTunnel.csproj b/AutoTunnel/AutoTunnel.csproj
index 2d64c8d..1ed9491 100644
--- a/AutoTunnel/AutoTunnel.csproj
+++ b/AutoTunnel/AutoTunnel.csproj
@@ -60,8 +60,13 @@
     </None>
     <Compile Include="ClientSender.cs" />
     <Compile Include="Config\RemoteServerConfig.cs" />
-    <Compile Include="Config\ListeningConfig.cs" />
     <Compile Include="Config\MainConfig.cs" />
+    <Compile Include="EndpointHelper.cs" />
+    <Compile Include="Logging\AggregateLog.cs" />
+    <Compile Include="Logging\ConsoleLog.cs" />
+    <Compile Include="Logging\FileLog.cs" />
+    <Compile Include="Logging\ILog.cs" />
+    <Compile Include="Logging\LogHelper.cs" />
     <Compile Include="PacketWriter.cs" />
     <Compile Include="Encryption\ClientHandshake.cs" />
     <Compile Include="Encryption\DecryptHelper.cs" />
diff --git a/AutoTunnel/BaseSender.cs b/AutoTunnel/BaseSender.cs
index 35b4ca7..ea3eb6f 100644
--- a/AutoTunnel/BaseSender.cs
+++ b/AutoTunnel/BaseSender.cs
@@ -1,7 +1,11 @@
 using System;
 using System.Net;
+using System.Runtime.InteropServices;
+using System.Threading;
 using System.Threading.Tasks;
 
+using Force.AutoTunnel.Logging;
+
 namespace Force.AutoTunnel
 {
 	public abstract class BaseSender : IDisposable
@@ -10,22 +14,33 @@ public abstract class BaseSender : IDisposable
 
 		private bool _isExiting;
 
-		public readonly IPAddress DstAddr;
+		protected IPAddress DstAddr { get; set; }
 
 		public DateTime LastActivity { get; private set; }
 
-		private readonly TunnelStorage _storage;
+		protected readonly TunnelStorage Storage;
+
+		public TunnelStorage.Session Session { get; set; }
 
-		protected BaseSender(IPAddress dstAddr, TunnelStorage storage)
+		protected BaseSender(TunnelStorage.Session session, IPAddress watchAddr, TunnelStorage storage)
 		{
-			_storage = storage;
-			DstAddr = dstAddr;
+			Storage = storage;
+			Session = session;
 
-			//  or (udp and udp.DstPort != 12017)
-			_handle = WinDivert.WinDivertOpen("outbound and ip and (ip.DstAddr == " + DstAddr + ")", WinDivert.LAYER_NETWORK, 0, 0);
+			ReInitDivert(watchAddr);
 			Task.Factory.StartNew(StartInternal);
 		}
 
+		protected void ReInitDivert(IPAddress newDstAddr)
+		{
+			DstAddr = newDstAddr;
+			if (_handle != IntPtr.Zero && _handle != (IntPtr)(-1))
+				WinDivert.WinDivertClose(_handle);
+
+			//  or (udp and udp.DstPort != 12017)
+			_handle = WinDivert.WinDivertOpen("outbound and ip and (ip.DstAddr == " + newDstAddr + ")", WinDivert.LAYER_NETWORK, 0, 0);
+		}
+
 		protected abstract void Send(byte[] packet, int packetLen);
 
 		public void UpdateLastActivity()
@@ -38,14 +53,20 @@ private void StartInternal()
 			byte[] packet = new byte[65536];
 			WinDivert.WinDivertAddress addr = new WinDivert.WinDivertAddress();
 			int packetLen = 0;
-			while (!_isExiting && WinDivert.WinDivertRecv(_handle, packet, packet.Length, ref addr, ref packetLen))
+			while (!_isExiting)
 			{
+				if (!WinDivert.WinDivertRecv(_handle, packet, packet.Length, ref addr, ref packetLen))
+				{
+					LogHelper.Log.WriteLine("Cannot receive network data: " + Marshal.GetLastWin32Error());
+					Thread.Sleep(1000);
+					continue;
+				}
 				// Console.WriteLine("Recv: " + packet[16] + "." + packet[17] + "." + packet[18] + "." + packet[19] + ":" + (packet[23] | ((uint)packet[22] << 8)));
 				if (packet[9] == 17)
 				{
 					var key = ((ulong)(packet[16] | ((uint)packet[17] << 8) | ((uint)packet[18] << 16) | (((uint)packet[19]) << 24)) << 16) | (packet[23] | ((uint)packet[22] << 8));
 					// do not catch this packet, it is our tunnel to other computer
-					if (_storage.HasSession(key))
+					if (Storage.HasSession(key))
 					{
 						var writeLen = 0;
 						WinDivert.WinDivertSend(_handle, packet, packetLen, ref addr, ref writeLen);
@@ -59,7 +80,7 @@ private void StartInternal()
 				}
 				catch (Exception ex)
 				{
-					Console.WriteLine(ex.Message);
+					LogHelper.Log.WriteLine(ex);
 				}
 			}
 		}
diff --git a/AutoTunnel/ClientSender.cs b/AutoTunnel/ClientSender.cs
index 5a7fef4..66311ea 100644
--- a/AutoTunnel/ClientSender.cs
+++ b/AutoTunnel/ClientSender.cs
@@ -1,16 +1,17 @@
 using System;
-using System.Net;
 using System.Net.Sockets;
 using System.Threading;
 using System.Threading.Tasks;
 
+using Force.AutoTunnel.Config;
 using Force.AutoTunnel.Encryption;
+using Force.AutoTunnel.Logging;
 
 namespace Force.AutoTunnel
 {
 	public class ClientSender : BaseSender
 	{
-		private readonly Socket _socket;
+		private Socket _socket;
 
 		private bool _disposed;
 
@@ -26,21 +27,23 @@ public class ClientSender : BaseSender
 
 		private bool _isInited;
 
-		public readonly IPEndPoint RemoteEP;
+		private readonly RemoteServerConfig _config;
 
-		public ClientSender(IPAddress dstAddr, IPEndPoint remoteEP, byte[] serverKey, TunnelStorage storage)
-			: base(dstAddr, storage)
+		public ClientSender(RemoteServerConfig config, TunnelStorage storage)
+			: base(null, EndpointHelper.ParseEndPoint(config.Address, 1).Address, storage)
 		{
-			Console.WriteLine("Tunnel watcher was created for " + dstAddr);
-			RemoteEP = remoteEP;
+			storage.OutgoingConnectionAdresses.Add(DstAddr);
+			_config = config;
+			_serverKey = PasswordHelper.GenerateKey(config.Key);
 			_packetWriter = new PacketWriter();
-			_socket = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
-			_socket.Connect(remoteEP);
 
-			_serverKey = serverKey;
+			LogHelper.Log.WriteLine("Tunnel watcher was created for " + config.Address);
 
 			Task.Factory.StartNew(ReceiveCycle);
-			// Task.Factory.StartNew(PingCycle);
+			if (config.KeepAlive)
+				Task.Factory.StartNew(PingCycle);
+			if (config.ConnectOnStart)
+				Init();
 		}
 
 		private int _isIniting;
@@ -65,7 +68,17 @@ private void InitInternal()
 				_encryptHelper = new EncryptHelper(_serverKey);
 				_decryptHelper = new DecryptHelper(_serverKey);
 
-				Console.WriteLine("Initializing connection to " + DstAddr);
+				var ep = EndpointHelper.ParseEndPoint(_config.Address, 12017);
+				if (!ep.Address.Equals(DstAddr))
+				{
+					Storage.OutgoingConnectionAdresses.Remove(DstAddr);
+					ReInitDivert(ep.Address);
+					Storage.OutgoingConnectionAdresses.Add(DstAddr);
+				}
+
+				Storage.SetNewEndPoint(new byte[16], ep);
+
+				LogHelper.Log.WriteLine("Initializing connection to " + ep);
 
 				var lenToSend = _encryptHelper.Encrypt(cs.SendingPacket, sendingPacketLen);
 				var packetToSend = _encryptHelper.InnerBuf;
@@ -75,7 +88,14 @@ private void InitInternal()
 				initBuf[1] = 1; // version
 				var recLength = 0;
 
+				// killing old socket
+				if (_socket != null)
+					_socket.Dispose();
+				_socket = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
+				_socket.Connect(ep);
+
 				Task task = null;
+				var period = 2000;
 				while (true)
 				{
 					_socket.Send(initBuf, initBuf.Length, SocketFlags.None);
@@ -84,10 +104,12 @@ private void InitInternal()
 					recLength = _socket.Receive(_receiveBuffer);
 					Console.WriteLine(sw.ElapsedMilliseconds);*/
 
-					if (task.Wait(2000))
+					if (task.Wait(period))
 						break;
 
-					Console.WriteLine("No response from server " + DstAddr);
+					period = Math.Min(period + 2000, 1000 * 60);
+
+					LogHelper.Log.WriteLine("No response from server " + ep);
 				}
 
 				if (recLength < 4 || _receiveBuffer[0] != 0x2)
@@ -106,7 +128,7 @@ private void InitInternal()
 				var sessionKey = cs.GetPacketFromServer(_decryptHelper.InnerBuf, decLen);
 				_encryptHelper = new EncryptHelper(sessionKey);
 				_decryptHelper = new DecryptHelper(sessionKey);
-				Console.WriteLine("Initialized connection to " + DstAddr);
+				LogHelper.Log.WriteLine("Initialized connection to " + ep);
 				_isInited = true;
 				_initingEvent.Set();
 			}
@@ -120,7 +142,8 @@ private void PingCycle()
 		{
 			while (!_disposed)
 			{
-				Send(new byte[0], 0);
+				if (_isInited)
+					_socket.Send(new byte[] { 0x5, 0, 0, 0 }, 4, SocketFlags.None);
 				Thread.Sleep(15 * 1000);
 			}
 		}
@@ -161,7 +184,7 @@ private void ReceiveCycle()
 					// in any case, this is error
 					// if (buf[0] == 0x3)
 					{
-						Console.WriteLine("Received an error flag from " + DstAddr);
+						LogHelper.Log.WriteLine("Received an error flag from " + _socket.RemoteEndPoint);
 						_isInited = false;
 						// failed data
 						Init();
diff --git a/AutoTunnel/Config/MainConfig.cs b/AutoTunnel/Config/MainConfig.cs
index c10829d..62017b7 100644
--- a/AutoTunnel/Config/MainConfig.cs
+++ b/AutoTunnel/Config/MainConfig.cs
@@ -16,6 +16,16 @@ public class MainConfig
 
 		public string[] Keys { get; set; }
 
+		[DefaultValue(12017)]
+		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
+		public int Port { get; set; }
+
 		public RemoteServerConfig[] RemoteServers { get; set; }
+
+		[DefaultValue(10 * 60)]
+		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
+		public int IdleSessionTime { get; set; }
+
+		public string LogFileName { get; set; }
 	}
 }
diff --git a/AutoTunnel/Config/RemoteServerConfig.cs b/AutoTunnel/Config/RemoteServerConfig.cs
index 6344844..1b0d3db 100644
--- a/AutoTunnel/Config/RemoteServerConfig.cs
+++ b/AutoTunnel/Config/RemoteServerConfig.cs
@@ -5,5 +5,9 @@ public class RemoteServerConfig
 		public string Address { get; set; }
 
 		public string Key { get; set; }
+
+		public bool KeepAlive { get; set; }
+
+		public bool ConnectOnStart { get; set; }
 	}
 }
diff --git a/AutoTunnel/Encryption/EncryptHelper.cs b/AutoTunnel/Encryption/EncryptHelper.cs
index 9567f7e..1283ca1 100644
--- a/AutoTunnel/Encryption/EncryptHelper.cs
+++ b/AutoTunnel/Encryption/EncryptHelper.cs
@@ -13,8 +13,6 @@ public class EncryptHelper
 
 		private readonly byte[] _headerBuf = new byte[16];
 
-		private int _counter;
-
 		public byte[] InnerBuf
 		{
 			get
diff --git a/AutoTunnel/Encryption/PasswordHelper.cs b/AutoTunnel/Encryption/PasswordHelper.cs
index 84ba7b2..0162962 100644
--- a/AutoTunnel/Encryption/PasswordHelper.cs
+++ b/AutoTunnel/Encryption/PasswordHelper.cs
@@ -9,7 +9,7 @@ public class PasswordHelper
 		public static byte[] GenerateKey(string password)
 		{
 			// we encrypt all data with random value, so, we can use static password here
-			return new Rfc2898DeriveBytes(password, "AutoTunnel".Select(x => (byte)x).ToArray(), 4096).GetBytes(16);
+			return new Rfc2898DeriveBytes(string.IsNullOrEmpty(password) ? "no_password" : password, "AutoTunnel".Select(x => (byte)x).ToArray(), 4096).GetBytes(16);
 		}
 
 		public static Tuple<string, string> CreateRsa()
diff --git a/AutoTunnel/EndpointHelper.cs b/AutoTunnel/EndpointHelper.cs
new file mode 100644
index 0000000..7097297
--- /dev/null
+++ b/AutoTunnel/EndpointHelper.cs
@@ -0,0 +1,27 @@
+using System;
+using System.Linq;
+using System.Net;
+
+namespace Force.AutoTunnel
+{
+	public static class EndpointHelper
+	{
+		public static IPEndPoint ParseEndPoint(string address, int defaultPort)
+		{
+			var sepIdx = address.IndexOf(':');
+			string host = address;
+			int port = defaultPort;
+			if (sepIdx >= 0)
+			{
+				host = address.Substring(0, sepIdx);
+				port = Convert.ToInt32(address.Remove(0, sepIdx + 1));
+			}
+
+			IPAddress ipAddress;
+			if (!IPAddress.TryParse(host, out ipAddress)) 
+				ipAddress = Dns.GetHostAddresses(host).First();
+
+			return new IPEndPoint(ipAddress, port);
+		}
+	}
+}
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
index cefbe4e..dd08449 100644
--- a/AutoTunnel/Listener.cs
+++ b/AutoTunnel/Listener.cs
@@ -1,10 +1,13 @@
 using System;
+using System.Linq;
 using System.Net;
 using System.Net.Sockets;
 using System.Threading;
 using System.Threading.Tasks;
 
+using Force.AutoTunnel.Config;
 using Force.AutoTunnel.Encryption;
+using Force.AutoTunnel.Logging;
 
 namespace Force.AutoTunnel
 {
@@ -14,18 +17,21 @@ public class Listener
 
 		private readonly byte[][] _serverKeys;
 
+		private readonly MainConfig _config;
+
 		private readonly PacketWriter _packetWriter;
 
-		public Listener(TunnelStorage storage, byte[][] serverKeys)
+		public Listener(TunnelStorage storage, MainConfig config)
 		{
 			_storage = storage;
-			_serverKeys = serverKeys;
+			_config = config;
+			_serverKeys = config.Keys.Select(PasswordHelper.GenerateKey).ToArray();
 			_packetWriter = new PacketWriter();
 		}
 
 		public void Start()
 		{
-			Console.WriteLine("Started listening for incoming connections");
+			LogHelper.Log.WriteLine("Started listening for incoming connections on " + _config.Port);
 			Task.Factory.StartNew(StartInternal);
 			Task.Factory.StartNew(CleanupThread);
 		}
@@ -34,11 +40,11 @@ private void CleanupThread()
 		{
 			while (true)
 			{
-				var oldSenders = _storage.GetOldSenders(TimeSpan.FromMinutes(10));
-				foreach (var os in oldSenders)
+				var oldSessions = _storage.GetOldSessions(TimeSpan.FromSeconds(_config.IdleSessionTime));
+				foreach (var os in oldSessions)
 				{
-					Console.WriteLine("Removing idle session " + os.Address + ":" + os.Port);
-					_storage.Remove(os);
+					LogHelper.Log.WriteLine("Removing idle session: " + os);
+					_storage.RemoveSession(os);
 				}
 
 				Thread.Sleep(10 * 60 * 1000);
@@ -50,7 +56,7 @@ private void StartInternal()
 			Socket s = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
 			try
 			{
-				s.Bind(new IPEndPoint(IPAddress.Any, 12017));
+				s.Bind(new IPEndPoint(IPAddress.Any, _config.Port));
 				byte[] inBuf = new byte[65536];
 				EndPoint ep1 = new IPEndPoint(IPAddress.Any, 0);
 				while (true)
@@ -59,6 +65,7 @@ private void StartInternal()
 					{
 						int cnt = s.ReceiveFrom(inBuf, ref ep1);
 						IPEndPoint ep = (IPEndPoint)ep1;
+						TunnelStorage.Session session;
 
 						if (cnt == 0) continue;
 						byte[] decBuf = null;
@@ -66,7 +73,7 @@ private void StartInternal()
 						{
 							if (inBuf[0] == 1)
 							{
-								Console.WriteLine("Estabilishing connection from " + ep.Address + ":" + ep.Port);
+								LogHelper.Log.WriteLine("Estabilishing connection from " + ep);
 								int dataLen = -1;
 								DecryptHelper decryptHelper = null;
 								EncryptHelper encryptHelper = null;
@@ -84,7 +91,7 @@ private void StartInternal()
 								// data is invalid, do not reply
 								if (dataLen < 0)
 								{
-									Console.WriteLine("Invalid data from " + ep.Address + ":" + ep.Port);
+									LogHelper.Log.WriteLine("Invalid data from " + ep);
 									continue;
 								}
 								
@@ -99,42 +106,45 @@ private void StartInternal()
 								initBuf[1] = 1; // version
 
 								s.SendTo(initBuf, initBuf.Length, SocketFlags.None, ep);
-								Console.WriteLine("Estabilished connection from " + ep.Address + ":" + ep.Port);
+								LogHelper.Log.WriteLine("Estabilished connection from " + ep);
 								continue;
 							}
 
 							if (inBuf[0] == 0x5) // ping
 							{
+								session = _storage.GetSession(ep);
+								if (session != null) session.UpdateLastActivity();
 								continue;
 							}
 							else
 							{
 								// error
-								Console.WriteLine("Unsupported data from " + ep.Address + ":" + ep.Port);
+								LogHelper.Log.WriteLine("Unsupported data from " + ep);
 								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, ep);
 								continue;
 							}
 						}
 						else
 						{
-							var decryptor = _storage.GetSessionDecryptor(ep);
-							if (decryptor == null)
+							session = _storage.GetSession(ep);
+							if (session == null)
 							{
 								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, ep);
-								Console.WriteLine("Missing decryptor for " + ep.Address + ":" + ep.Port);
+								LogHelper.Log.WriteLine("Missing decryptor for " + ep);
 								continue;
 							}
 
-							var len = decryptor.Decrypt(inBuf, 0);
+							var len = session.Decryptor.Decrypt(inBuf, 0);
 							if (len < 0)
 							{
 								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, ep);
-								Console.WriteLine("Unable to decrypt data from " + ep.Address + ":" + ep.Port);
+								LogHelper.Log.WriteLine("Unable to decrypt data from " + ep);
 								continue;
 							}
 
-							decBuf = decryptor.InnerBuf;
+							decBuf = session.Decryptor.InnerBuf;
 							cnt = len;
+							session.UpdateLastActivity();
 						}
 
 						// var sourceIp = decBuf[12] + "." + decBuf[13] + "." + decBuf[14] + "." + decBuf[15];
@@ -142,17 +152,16 @@ private void StartInternal()
 						// if we already has option to estabilish connection to this ip, do not add additional sender
 						if (!_storage.OutgoingConnectionAdresses.Contains(sourceIp))
 						{
-							var sender = _storage.GetOrAddSender(ep, () => new ReplySender(sourceIp, s, ep, _storage));
+							var sender = _storage.GetOrAddSender(sourceIp, () => new ReplySender(session, sourceIp, s, _storage));
 							sender.UpdateLastActivity();
 
-							// ip was changed for client
-							if (!sender.DstAddr.Equals(sourceIp))
+							// session was changed for client, killing it and update data
+							if (!sender.Session.RemoteEP.Equals(ep))
 							{
-								Console.WriteLine("Remote endpoint " + ep.Address + ":" + ep.Port + " has changed ip: " + sender.DstAddr + "->" + sourceIp);
-								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, ep);
-								sender.Dispose();
-								_storage.Remove(ep);
-								// _storage.GetOrAddSender(ep, () => new ReplySender(sourceIp, s, ep, _storage));
+								Console.WriteLine("Client for " + sourceIp + " has changed endpoint from " + sender.Session.RemoteEP + " to " + ep);
+								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, sender.Session.RemoteEP);
+								_storage.RemoveSession(sender.Session.RemoteEP);
+								sender.Session = session;
 							}
 						}
 
@@ -160,8 +169,7 @@ private void StartInternal()
 					}
 					catch (Exception ex)
 					{
-						Console.WriteLine(ex.Message);
-						Console.WriteLine(ex.StackTrace);
+						LogHelper.Log.WriteLine(ex);
 						break;
 					}
 				}
diff --git a/AutoTunnel/Logging/AggregateLog.cs b/AutoTunnel/Logging/AggregateLog.cs
new file mode 100644
index 0000000..06e3aea
--- /dev/null
+++ b/AutoTunnel/Logging/AggregateLog.cs
@@ -0,0 +1,28 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+
+namespace Force.AutoTunnel.Logging
+{
+	public class AggregateLog : ILog
+	{
+		private List<ILog> _logs = new List<ILog>();
+
+		public AggregateLog AddLog(ILog log)
+		{
+			_logs = _logs.Concat(new[] { log }).ToList();
+			return this;
+		}
+
+		public void ClearLogs()
+		{
+			_logs = new List<ILog>();
+		}
+
+		public void WriteLine(string line)
+		{
+			_logs.ForEach(x => x.WriteLine(line));
+		}
+	}
+}
diff --git a/AutoTunnel/Logging/ConsoleLog.cs b/AutoTunnel/Logging/ConsoleLog.cs
new file mode 100644
index 0000000..4b5b22b
--- /dev/null
+++ b/AutoTunnel/Logging/ConsoleLog.cs
@@ -0,0 +1,13 @@
+using System;
+using System.Globalization;
+
+namespace Force.AutoTunnel.Logging
+{
+	public class ConsoleLog : ILog
+	{
+		public void WriteLine(string line)
+		{
+			Console.WriteLine(DateTime.Now.ToString("[yyyy-MM-dd HH:mm:ss] ", CultureInfo.InvariantCulture) + line);
+		}
+	}
+}
diff --git a/AutoTunnel/Logging/FileLog.cs b/AutoTunnel/Logging/FileLog.cs
new file mode 100644
index 0000000..d18005e
--- /dev/null
+++ b/AutoTunnel/Logging/FileLog.cs
@@ -0,0 +1,26 @@
+using System;
+using System.Collections.Generic;
+using System.Globalization;
+using System.IO;
+using System.Linq;
+using System.Text;
+
+namespace Force.AutoTunnel.Logging
+{
+	public class FileLog : ILog
+	{
+		private readonly string _fileName;
+
+		public FileLog(string fileName)
+		{
+			if (!Path.IsPathRooted(fileName)) 
+				fileName = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, fileName);
+			_fileName = fileName;
+		}
+
+		public void WriteLine(string line)
+		{
+			File.AppendAllText(_fileName, DateTime.Now.ToString("[yyyy-MM-dd HH:mm:ss] ", CultureInfo.InvariantCulture) + line + Environment.NewLine);
+		}
+	}
+}
diff --git a/AutoTunnel/Config/ListeningConfig.cs b/AutoTunnel/Logging/ILog.cs
similarity index 52%
rename from AutoTunnel/Config/ListeningConfig.cs
rename to AutoTunnel/Logging/ILog.cs
index 6659ae7..ed6a426 100644
--- a/AutoTunnel/Config/ListeningConfig.cs
+++ b/AutoTunnel/Logging/ILog.cs
@@ -3,10 +3,10 @@
 using System.Linq;
 using System.Text;
 
-namespace Force.AutoTunnel.Config
+namespace Force.AutoTunnel.Logging
 {
-	public class ListeningConfig
+	public interface ILog
 	{
-
+		void WriteLine(string line);
 	}
 }
diff --git a/AutoTunnel/Logging/LogHelper.cs b/AutoTunnel/Logging/LogHelper.cs
new file mode 100644
index 0000000..1b15464
--- /dev/null
+++ b/AutoTunnel/Logging/LogHelper.cs
@@ -0,0 +1,27 @@
+using System;
+
+namespace Force.AutoTunnel.Logging
+{
+	public static class LogHelper
+	{
+		private static ILog _log = new ConsoleLog();
+
+		public static void SetLog(ILog log)
+		{
+			_log = log;
+		}
+
+		public static ILog Log
+		{
+			get
+			{
+				return _log;
+			}
+		}
+
+		public static void WriteLine(this ILog log, Exception ex)
+		{
+			log.WriteLine(ex.ToString());
+		}
+	}
+}
diff --git a/AutoTunnel/Program.cs b/AutoTunnel/Program.cs
index 9ba412c..7900f67 100644
--- a/AutoTunnel/Program.cs
+++ b/AutoTunnel/Program.cs
@@ -1,10 +1,12 @@
 using System;
+using System.Collections.Generic;
+using System.Globalization;
 using System.IO;
-using System.Linq;
 using System.Net;
 using System.Threading;
 
 using Force.AutoTunnel.Config;
+using Force.AutoTunnel.Logging;
 
 using Newtonsoft.Json;
 
@@ -26,6 +28,15 @@ public static void Main(string[] args)
 			try
 			{
 				config = new JsonSerializer().Deserialize<MainConfig>(new JsonTextReader(new StreamReader(File.OpenRead(configPath))));
+				if (config.Keys == null)
+					config.Keys = new string[0];
+				if (config.Keys.Length == 0) 
+					config.EnableListening = false;
+
+				var log = new AggregateLog();
+				if (Environment.UserInteractive) log.AddLog(new ConsoleLog());
+				if (!string.IsNullOrEmpty(config.LogFileName)) log.AddLog(new FileLog(config.LogFileName));
+				LogHelper.SetLog(log);
 			}
 			catch (Exception ex)
 			{
@@ -33,7 +44,6 @@ public static void Main(string[] args)
 				return;
 			}
 
-			var serverKeys = (config.Keys ?? new string[0]).Select(PasswordHelper.GenerateKey).ToArray();
 			if (!NativeHelper.IsNativeAvailable)
 			{
 				Console.Error.WriteLine("Cannot load WinDivert library");
@@ -45,16 +55,16 @@ public static void Main(string[] args)
 			if (config.EnableListening)
 			{
 				if (config.AddFirewallRule)
-					FirewallHelper.AddOpenFirewallRule("12017");
+					FirewallHelper.AddOpenFirewallRule(config.Port.ToString(CultureInfo.InvariantCulture));
 
-				var l = new Listener(ts, serverKeys);
+				var l = new Listener(ts, config);
 				l.Start();
 			}
 
+			var clientSenders = new List<ClientSender>();
 			foreach (var rs in config.RemoteServers ?? new RemoteServerConfig[0])
 			{
-				var endpoint = new IPEndPoint(IPAddress.Parse(rs.Address), 12017);
-				ts.AddClientSender(new ClientSender(endpoint.Address, endpoint, PasswordHelper.GenerateKey(rs.Key), ts));
+				clientSenders.Add(new ClientSender(rs, ts));
 			}
 
 			Thread.Sleep(-1);
diff --git a/AutoTunnel/ReplySender.cs b/AutoTunnel/ReplySender.cs
index e04545f..3c93613 100644
--- a/AutoTunnel/ReplySender.cs
+++ b/AutoTunnel/ReplySender.cs
@@ -1,8 +1,8 @@
-using System;
-using System.Net;
+using System.Net;
 using System.Net.Sockets;
 
 using Force.AutoTunnel.Encryption;
+using Force.AutoTunnel.Logging;
 
 namespace Force.AutoTunnel
 {
@@ -12,21 +12,18 @@ public class ReplySender : BaseSender
 
 		private readonly EncryptHelper _encryptHelper;
 
-		private readonly IPEndPoint _remoteEP;
-
-		public ReplySender(IPAddress dstAddr, Socket socket, IPEndPoint remoteEP, TunnelStorage storage)
-			: base(dstAddr, storage)
+		public ReplySender(TunnelStorage.Session session, IPAddress watchAddr, Socket socket, TunnelStorage storage)
+			: base(session, watchAddr, storage)
 		{
-			Console.WriteLine("Tunnel watcher was created for " + dstAddr);
+			LogHelper.Log.WriteLine("Tunnel watcher was created for " + watchAddr);
 			_socket = socket;
-			_encryptHelper = new EncryptHelper(storage.GetSessionKey(remoteEP));
-			_remoteEP = remoteEP;
+			_encryptHelper = new EncryptHelper(session.Key);
 		}
 
 		protected override void Send(byte[] packet, int packetLen)
 		{
 			var len = _encryptHelper.Encrypt(packet, packetLen);
-			_socket.SendTo(_encryptHelper.InnerBuf, len, SocketFlags.None, _remoteEP);
+			_socket.SendTo(_encryptHelper.InnerBuf, len, SocketFlags.None, Session.RemoteEP);
 		}
 	}
 }
diff --git a/AutoTunnel/TunnelStorage.cs b/AutoTunnel/TunnelStorage.cs
index f8eccf3..71f20d4 100644
--- a/AutoTunnel/TunnelStorage.cs
+++ b/AutoTunnel/TunnelStorage.cs
@@ -10,71 +10,79 @@ namespace Force.AutoTunnel
 {
 	public class TunnelStorage
 	{
-		private readonly ConcurrentDictionary<ulong, BaseSender> _clients = new ConcurrentDictionary<ulong, BaseSender>();
+		private readonly ConcurrentDictionary<long, BaseSender> _clients = new ConcurrentDictionary<long, BaseSender>();
 
 		public readonly HashSet<IPAddress> OutgoingConnectionAdresses = new HashSet<IPAddress>();
 
 		private readonly List<ClientSender> _clientSenders = new List<ClientSender>();
 
-		public BaseSender GetOrAddSender(IPEndPoint remoteHost, Func<BaseSender> creatorFunc)
+		public BaseSender GetOrAddSender(IPAddress dstAddr, Func<BaseSender> creatorFunc)
 		{
-			return _clients.GetOrAdd(GetHostKey(remoteHost), s => creatorFunc());
+#pragma warning disable 612,618
+			return _clients.GetOrAdd(dstAddr.Address, s => creatorFunc());
+#pragma warning restore 612,618
+		}
+
+		public IPEndPoint[] GetOldSessions(TimeSpan killTime)
+		{
+			var dt = DateTime.UtcNow;
+			return _sessions.Where(x => dt.Subtract(x.Value.LastActivity) >= killTime)
+				.Select(x => x.Key)
+				.Select(x => new IPEndPoint((long)(x >> 16), (int)(x & 0xffff)))
+				.ToArray();
 		}
 
-		public bool Remove(IPEndPoint remoteHost)
+		public void RemoveSession(IPEndPoint endPoint)
 		{
-			var hostKey = GetHostKey(remoteHost);
-			return Remove(hostKey);
+			var hostKey = GetHostKey(endPoint);
+			Session session;
+			if (_sessions.TryRemove(hostKey, out session))
+				_clients.Where(x => x.Value.Session == session).Select(x => x.Key).ToList().ForEach(x =>
+					{
+						BaseSender value;
+						if (_clients.TryRemove(x, out value))
+							value.Dispose();
+					});
 		}
 
-		private bool Remove(ulong hostKey)
+		public class Session
 		{
-			BaseSender value;
-			
-			if (_clients.TryRemove(hostKey, out value))
+			public Session(IPEndPoint remoteEP)
 			{
-				DecryptHelper helper;
-				_sessionDecryptors.TryRemove(hostKey, out helper);
-				byte[] dummy;
-				_sessionKeys.TryRemove(hostKey, out dummy);
-				value.Dispose();
-				return true;
+				RemoteEP = remoteEP;
+				UpdateLastActivity();
 			}
 
-			return false;
-		}
+			public IPEndPoint RemoteEP { get; private set; }
 
-		public IPEndPoint[] GetOldSenders(TimeSpan killTime)
-		{
-			var dt = DateTime.UtcNow;
-			var toRemove = (from client in _clients where client.Value is ReplySender && dt.Subtract(client.Value.LastActivity) >= killTime select client.Key)
-				.Select(x => new IPEndPoint((long)(x >> 16), (int)(x & 0xffff)))
-				.ToArray();
-			return toRemove;
-		}
+			public byte[] Key { get; set; }
 
-		private readonly ConcurrentDictionary<ulong, byte[]> _sessionKeys = new ConcurrentDictionary<ulong, byte[]>();
+			public DecryptHelper Decryptor { get; set; }
 
-		private readonly ConcurrentDictionary<ulong, DecryptHelper> _sessionDecryptors = new ConcurrentDictionary<ulong, DecryptHelper>();
+			public DateTime LastActivity { get; private set; }
 
-		public void SetNewEndPoint(byte[] sessionKey, IPEndPoint remoteHost)
-		{
-			var hostKey = GetHostKey(remoteHost);
-			_sessionKeys[hostKey] = sessionKey;
-			_sessionDecryptors[hostKey] = new DecryptHelper(sessionKey);
+			public void UpdateLastActivity()
+			{
+				LastActivity = DateTime.UtcNow;
+			}
 		}
 
-		public byte[] GetSessionKey(IPEndPoint remoteHost)
+		private readonly ConcurrentDictionary<ulong, Session> _sessions = new ConcurrentDictionary<ulong, Session>();
+
+		public void SetNewEndPoint(byte[] sessionKey, IPEndPoint remoteEP)
 		{
-			byte[] value;
-			if (_sessionKeys.TryGetValue(GetHostKey(remoteHost), out value)) return value;
-			return null;
+			var hostKey = GetHostKey(remoteEP);
+			_sessions[hostKey] = new Session(remoteEP)
+									{
+										Key = sessionKey,
+										Decryptor = new DecryptHelper(sessionKey)
+									};
 		}
 
-		public DecryptHelper GetSessionDecryptor(IPEndPoint remoteHost)
+		public Session GetSession(IPEndPoint remoteHost)
 		{
-			DecryptHelper value;
-			if (_sessionDecryptors.TryGetValue(GetHostKey(remoteHost), out value)) return value;
+			Session value;
+			if (_sessions.TryGetValue(GetHostKey(remoteHost), out value)) return value;
 			return null;
 		}
 
@@ -87,16 +95,7 @@ private static ulong GetHostKey(IPEndPoint endpoint)
 
 		public bool HasSession(ulong key)
 		{
-			return _sessionKeys.ContainsKey(key);
-		}
-
-		public void AddClientSender(ClientSender sender)
-		{
-			// adding fake tunnel info
-			SetNewEndPoint(new byte[16], sender.RemoteEP);
-			OutgoingConnectionAdresses.Add(sender.DstAddr);
-
-			_clientSenders.Add(sender);
+			return _sessions.ContainsKey(key);
 		}
 	}
 }
diff --git a/AutoTunnel/config.json b/AutoTunnel/config.json
index 9144f9f..064b852 100644
--- a/AutoTunnel/config.json
+++ b/AutoTunnel/config.json
@@ -1,6 +1,6 @@
 {
 	"keys": ["key1"],
 	"remoteServers": [
-		{ "address": "192.168.16.8", "key": "key1", keepAlive: true, connectOnStart: true }
+		{ "address": "192.168.16.8", "key": "key1", "keepAlive": true, "connectOnStart": true }
 	]
 }
\ No newline at end of file

From b9a7b29d899877af85c16cabd56eff23589bbce8 Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Sun, 3 Sep 2017 20:39:05 +0300
Subject: [PATCH 07/15] ability to work as service (with installation)
 separated connect addres and send address lot of improvements

---
 AutoTunnel/AutoTunnel.csproj                  |  30 +++++++
 AutoTunnel/BaseSender.cs                      |  15 +++-
 AutoTunnel/ClientSender.cs                    |  76 ++++++++++++++----
 AutoTunnel/Config/MainConfig.cs               |   2 +-
 AutoTunnel/Config/RemoteClientConfig.cs       |  14 ++++
 AutoTunnel/Config/RemoteServerConfig.cs       |   4 +-
 AutoTunnel/FirewallHelper.cs                  |   6 +-
 AutoTunnel/Listener.cs                        |  49 ++++++++---
 AutoTunnel/Program.cs                         |  51 ++++++++----
 AutoTunnel/Service/ConsoleHelper.cs           |  44 ++++++++++
 AutoTunnel/Service/MainService.cs             |  23 ++++++
 .../Service/MainServiceInstallHelper.cs       |  68 ++++++++++++++++
 AutoTunnel/Service/MainServiceInstaller.cs    |  25 ++++++
 AutoTunnel/Starter.cs                         |  47 +++++++++++
 AutoTunnel/TunnelStorage.cs                   |  47 ++++++++---
 AutoTunnel/app.manifest                       |  19 +++++
 AutoTunnel/config.json                        |  12 ++-
 AutoTunnel/credits.txt                        |   1 +
 tunnel.png                                    | Bin 0 -> 14567 bytes
 tunnel_active.png                             | Bin 0 -> 1034 bytes
 tunnel_hUB_icon.ico                           | Bin 0 -> 31230 bytes
 21 files changed, 465 insertions(+), 68 deletions(-)
 create mode 100644 AutoTunnel/Config/RemoteClientConfig.cs
 create mode 100644 AutoTunnel/Service/ConsoleHelper.cs
 create mode 100644 AutoTunnel/Service/MainService.cs
 create mode 100644 AutoTunnel/Service/MainServiceInstallHelper.cs
 create mode 100644 AutoTunnel/Service/MainServiceInstaller.cs
 create mode 100644 AutoTunnel/Starter.cs
 create mode 100644 AutoTunnel/app.manifest
 create mode 100644 AutoTunnel/credits.txt
 create mode 100644 tunnel.png
 create mode 100644 tunnel_active.png
 create mode 100644 tunnel_hUB_icon.ico

diff --git a/AutoTunnel/AutoTunnel.csproj b/AutoTunnel/AutoTunnel.csproj
index 1ed9491..0427e57 100644
--- a/AutoTunnel/AutoTunnel.csproj
+++ b/AutoTunnel/AutoTunnel.csproj
@@ -42,23 +42,34 @@
   <PropertyGroup>
     <AssemblyOriginatorKeyFile>..\force.snk</AssemblyOriginatorKeyFile>
   </PropertyGroup>
+  <PropertyGroup>
+    <ApplicationManifest>app.manifest</ApplicationManifest>
+  </PropertyGroup>
+  <PropertyGroup>
+    <ApplicationIcon>..\tunnel_hUB_icon.ico</ApplicationIcon>
+  </PropertyGroup>
   <ItemGroup>
     <Reference Include="Newtonsoft.Json, Version=9.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
       <HintPath>..\packages\Newtonsoft.Json.9.0.1\lib\net40\Newtonsoft.Json.dll</HintPath>
       <Private>True</Private>
     </Reference>
     <Reference Include="System" />
+    <Reference Include="System.Configuration.Install" />
     <Reference Include="System.Core" />
+    <Reference Include="System.Drawing" />
+    <Reference Include="System.ServiceProcess" />
     <Reference Include="System.Xml.Linq" />
     <Reference Include="System.Data.DataSetExtensions" />
     <Reference Include="System.Data" />
     <Reference Include="System.Xml" />
   </ItemGroup>
   <ItemGroup>
+    <None Include="app.manifest" />
     <None Include="config.json">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
     <Compile Include="ClientSender.cs" />
+    <Compile Include="Config\RemoteClientConfig.cs" />
     <Compile Include="Config\RemoteServerConfig.cs" />
     <Compile Include="Config\MainConfig.cs" />
     <Compile Include="EndpointHelper.cs" />
@@ -81,6 +92,15 @@
     <Compile Include="Properties\AssemblyInfo.cs" />
     <Compile Include="BaseSender.cs" />
     <Compile Include="ReplySender.cs" />
+    <Compile Include="Service\ConsoleHelper.cs" />
+    <Compile Include="Service\MainService.cs">
+      <SubType>Component</SubType>
+    </Compile>
+    <Compile Include="Service\MainServiceInstaller.cs">
+      <SubType>Component</SubType>
+    </Compile>
+    <Compile Include="Service\MainServiceInstallHelper.cs" />
+    <Compile Include="Starter.cs" />
     <Compile Include="TunnelStorage.cs" />
     <Compile Include="WinDivert.cs" />
   </ItemGroup>
@@ -104,6 +124,16 @@
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
   </ItemGroup>
+  <ItemGroup>
+    <None Include="..\tunnel_hUB_icon.ico">
+      <Link>tunnel_hUB_icon.ico</Link>
+    </None>
+  </ItemGroup>
+  <ItemGroup>
+    <EmbeddedResource Include="..\tunnel_active.png">
+      <Link>tunnel_active.png</Link>
+    </EmbeddedResource>
+  </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
        Other similar extension points exist, see Microsoft.Common.targets.
diff --git a/AutoTunnel/BaseSender.cs b/AutoTunnel/BaseSender.cs
index ea3eb6f..051b100 100644
--- a/AutoTunnel/BaseSender.cs
+++ b/AutoTunnel/BaseSender.cs
@@ -57,8 +57,19 @@ private void StartInternal()
 			{
 				if (!WinDivert.WinDivertRecv(_handle, packet, packet.Length, ref addr, ref packetLen))
 				{
-					LogHelper.Log.WriteLine("Cannot receive network data: " + Marshal.GetLastWin32Error());
-					Thread.Sleep(1000);
+					// showing error only if handle is not removed
+					if (_handle != IntPtr.Zero)
+					{
+						LogHelper.Log.WriteLine("Cannot receive network data: " + Marshal.GetLastWin32Error());
+						Thread.Sleep(1000);
+					}
+
+					continue;
+				}
+				// we cannot handle such packets,
+				// todo: think about writing to log
+				if (packetLen >= ((65507 / 16) * 16) - 16)
+				{
 					continue;
 				}
 				// Console.WriteLine("Recv: " + packet[16] + "." + packet[17] + "." + packet[18] + "." + packet[19] + ":" + (packet[23] | ((uint)packet[22] << 8)));
diff --git a/AutoTunnel/ClientSender.cs b/AutoTunnel/ClientSender.cs
index 66311ea..1c516c6 100644
--- a/AutoTunnel/ClientSender.cs
+++ b/AutoTunnel/ClientSender.cs
@@ -1,4 +1,6 @@
 using System;
+using System.Linq;
+using System.Net;
 using System.Net.Sockets;
 using System.Threading;
 using System.Threading.Tasks;
@@ -17,8 +19,6 @@ public class ClientSender : BaseSender
 
 		private EncryptHelper _encryptHelper;
 
-		private DecryptHelper _decryptHelper;
-
 		private readonly byte[] _serverKey;
 
 		private readonly ManualResetEvent _initingEvent = new ManualResetEvent(false);
@@ -29,21 +29,47 @@ public class ClientSender : BaseSender
 
 		private readonly RemoteServerConfig _config;
 
+		private IPEndPoint _connectEP;
+
 		public ClientSender(RemoteServerConfig config, TunnelStorage storage)
-			: base(null, EndpointHelper.ParseEndPoint(config.Address, 1).Address, storage)
+			: base(null, EndpointHelper.ParseEndPoint(config.TunnelHost, 1).Address, storage)
 		{
 			storage.OutgoingConnectionAdresses.Add(DstAddr);
 			_config = config;
 			_serverKey = PasswordHelper.GenerateKey(config.Key);
 			_packetWriter = new PacketWriter();
 
-			LogHelper.Log.WriteLine("Tunnel watcher was created for " + config.Address);
+			LogHelper.Log.WriteLine("Tunnel watcher was created for " + config.TunnelHost);
 
 			Task.Factory.StartNew(ReceiveCycle);
 			if (config.KeepAlive)
 				Task.Factory.StartNew(PingCycle);
 			if (config.ConnectOnStart)
 				Init();
+			IPAddress dummy;
+			if (!IPAddress.TryParse(config.TunnelHost, out dummy))
+				Task.Factory.StartNew(CheckHostChange);
+		}
+
+		private void CheckHostChange()
+		{
+			// checking if target host has changed it ip address to other
+			while (!_disposed)
+			{
+				var addresses = Dns.GetHostAddresses(_config.TunnelHost);
+				if (addresses.Length > 0)
+				{
+					if (!addresses.Any(x => x.Equals(DstAddr)))
+					{
+						Storage.OutgoingConnectionAdresses.Remove(DstAddr);
+						DstAddr = addresses.First();
+						ReInitDivert(DstAddr);
+						Storage.OutgoingConnectionAdresses.Add(DstAddr);
+					}
+				}
+
+				Thread.Sleep(60 * 1000);
+			}
 		}
 
 		private int _isIniting;
@@ -66,17 +92,18 @@ private void InitInternal()
 				var cs = new ClientHandshake();
 				var sendingPacketLen = cs.GetPacketForSending();
 				_encryptHelper = new EncryptHelper(_serverKey);
-				_decryptHelper = new DecryptHelper(_serverKey);
+				var decryptHelper = new DecryptHelper(_serverKey);
+
+				var ep = EndpointHelper.ParseEndPoint(_config.ConnectHost, 12017);
 
-				var ep = EndpointHelper.ParseEndPoint(_config.Address, 12017);
-				if (!ep.Address.Equals(DstAddr))
+				if (!ep.Equals(_connectEP) && _connectEP != null)
 				{
-					Storage.OutgoingConnectionAdresses.Remove(DstAddr);
-					ReInitDivert(ep.Address);
-					Storage.OutgoingConnectionAdresses.Add(DstAddr);
+					Storage.RemoveSession(_connectEP);
 				}
 
-				Storage.SetNewEndPoint(new byte[16], ep);
+				_connectEP = ep;
+
+				Storage.AddSession(new byte[16], ep).IsClientSession = true;
 
 				LogHelper.Log.WriteLine("Initializing connection to " + ep);
 
@@ -118,16 +145,18 @@ private void InitInternal()
 					return;
 				}
 
-				var decLen = _decryptHelper.Decrypt(_receiveBuffer, 4);
+				var decLen = decryptHelper.Decrypt(_receiveBuffer, 4);
 				if (decLen < 9)
 				{
 					Console.Error.WriteLine("Invalid server response");
 					return;
 				}
 
-				var sessionKey = cs.GetPacketFromServer(_decryptHelper.InnerBuf, decLen);
+				var sessionKey = cs.GetPacketFromServer(decryptHelper.InnerBuf, decLen);
 				_encryptHelper = new EncryptHelper(sessionKey);
-				_decryptHelper = new DecryptHelper(sessionKey);
+				var session = Storage.GetSession(ep);
+				session.Decryptor = new DecryptHelper(sessionKey);
+				Session = session;
 				LogHelper.Log.WriteLine("Initialized connection to " + ep);
 				_isInited = true;
 				_initingEvent.Set();
@@ -177,7 +206,19 @@ private void ReceiveCycle()
 				if (_disposed)
 					return;
 
-				var len = _socket.Receive(buf);
+				int len;
+
+				try
+				{
+					len = _socket.Receive(buf);
+				}
+				catch (Exception)
+				{
+					LogHelper.Log.WriteLine("Receive data error");
+					Thread.Sleep(1000);
+					continue;
+				}
+
 				// just drop data, assume that it is invalid
 				if (len % 16 != 0)
 				{
@@ -192,8 +233,9 @@ private void ReceiveCycle()
 					}
 				}
 
-				var decLen = _decryptHelper.Decrypt(buf, 0);
-				_packetWriter.Write(_decryptHelper.InnerBuf, decLen);
+				var decryptHelper = Session.Decryptor;
+				var decLen = decryptHelper.Decrypt(buf, 0);
+				_packetWriter.Write(decryptHelper.InnerBuf, decLen);
 			}
 		}
 
diff --git a/AutoTunnel/Config/MainConfig.cs b/AutoTunnel/Config/MainConfig.cs
index 62017b7..032e3a6 100644
--- a/AutoTunnel/Config/MainConfig.cs
+++ b/AutoTunnel/Config/MainConfig.cs
@@ -14,7 +14,7 @@ public class MainConfig
 		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
 		public bool AddFirewallRule { get; set; }
 
-		public string[] Keys { get; set; }
+		public RemoteClientConfig[] RemoteClients { get; set; }
 
 		[DefaultValue(12017)]
 		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
diff --git a/AutoTunnel/Config/RemoteClientConfig.cs b/AutoTunnel/Config/RemoteClientConfig.cs
new file mode 100644
index 0000000..17a0cd2
--- /dev/null
+++ b/AutoTunnel/Config/RemoteClientConfig.cs
@@ -0,0 +1,14 @@
+using Newtonsoft.Json;
+
+namespace Force.AutoTunnel.Config
+{
+	public class RemoteClientConfig
+	{
+		public string Key { get; set; }
+
+		[JsonIgnore]
+		public byte[] BinaryKey { get; set; }
+
+		public string Description { get; set; }
+	}
+}
diff --git a/AutoTunnel/Config/RemoteServerConfig.cs b/AutoTunnel/Config/RemoteServerConfig.cs
index 1b0d3db..ce982a5 100644
--- a/AutoTunnel/Config/RemoteServerConfig.cs
+++ b/AutoTunnel/Config/RemoteServerConfig.cs
@@ -2,7 +2,9 @@
 {
 	public class RemoteServerConfig
 	{
-		public string Address { get; set; }
+		public string TunnelHost { get; set; }
+
+		public string ConnectHost { get; set; }
 
 		public string Key { get; set; }
 
diff --git a/AutoTunnel/FirewallHelper.cs b/AutoTunnel/FirewallHelper.cs
index 9d49190..676a13e 100644
--- a/AutoTunnel/FirewallHelper.cs
+++ b/AutoTunnel/FirewallHelper.cs
@@ -12,8 +12,8 @@ public static void AddOpenFirewallRule(string port)
 				ProcessRunner.RunProcess("netsh", "firewall add portopening TCP " + port + " AutoTunnel ENABLE all");
 			else
 			{
-				ProcessRunner.RunProcess("netsh", "advfirewall firewall delete rule name=\"AutoTunnel\" protocol=TCP dir=in localport=" + port);
-				ProcessRunner.RunProcess("netsh", "advfirewall firewall add rule name=\"AutoTunnel\" protocol=TCP dir=in localport=" + port + " action=allow");
+				ProcessRunner.RunProcess("netsh", "advfirewall firewall delete rule name=\"AutoTunnel\" protocol=UDP dir=in localport=" + port);
+				ProcessRunner.RunProcess("netsh", "advfirewall firewall add rule name=\"AutoTunnel\" protocol=UDP dir=in localport=" + port + " action=allow");
 			}
 		}
 
@@ -25,7 +25,7 @@ public static void DeleteFirewallRule(string port)
 			}
 			else
 			{
-				ProcessRunner.RunProcess("netsh", "advfirewall firewall delete rule name=\"AutoTunnel\" protocol=TCP dir=in localport=" + port);
+				ProcessRunner.RunProcess("netsh", "advfirewall firewall delete rule name=\"AutoTunnel\" protocol=UDP dir=in");
 			}
 		}
 
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
index dd08449..9e7769f 100644
--- a/AutoTunnel/Listener.cs
+++ b/AutoTunnel/Listener.cs
@@ -11,21 +11,23 @@
 
 namespace Force.AutoTunnel
 {
-	public class Listener
+	public class Listener : IDisposable
 	{
 		private readonly TunnelStorage _storage;
 
-		private readonly byte[][] _serverKeys;
-
 		private readonly MainConfig _config;
 
 		private readonly PacketWriter _packetWriter;
 
+		private bool _disposed;
+
+		private readonly ManualResetEvent _stopEvent = new ManualResetEvent(false);
+
 		public Listener(TunnelStorage storage, MainConfig config)
 		{
 			_storage = storage;
 			_config = config;
-			_serverKeys = config.Keys.Select(PasswordHelper.GenerateKey).ToArray();
+
 			_packetWriter = new PacketWriter();
 		}
 
@@ -38,7 +40,7 @@ public void Start()
 
 		private void CleanupThread()
 		{
-			while (true)
+			while (!_disposed)
 			{
 				var oldSessions = _storage.GetOldSessions(TimeSpan.FromSeconds(_config.IdleSessionTime));
 				foreach (var os in oldSessions)
@@ -47,19 +49,22 @@ private void CleanupThread()
 					_storage.RemoveSession(os);
 				}
 
-				Thread.Sleep(10 * 60 * 1000);
+				_stopEvent.WaitOne(10 * 60 * 1000);
 			}
 		}
 
+		private Socket _socket;
+
 		private void StartInternal()
 		{
 			Socket s = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
+			_socket = s;
 			try
 			{
 				s.Bind(new IPEndPoint(IPAddress.Any, _config.Port));
 				byte[] inBuf = new byte[65536];
 				EndPoint ep1 = new IPEndPoint(IPAddress.Any, 0);
-				while (true)
+				while (!_disposed)
 				{
 					try
 					{
@@ -77,13 +82,17 @@ private void StartInternal()
 								int dataLen = -1;
 								DecryptHelper decryptHelper = null;
 								EncryptHelper encryptHelper = null;
-								foreach (var serverKey in _serverKeys)
+								RemoteClientConfig selectedRemoteClient = null;
+								foreach (var remoteClient in _config.RemoteClients)
 								{
-									decryptHelper = new DecryptHelper(serverKey);
+									if (remoteClient.BinaryKey == null) 
+										remoteClient.BinaryKey = PasswordHelper.GenerateKey(remoteClient.Key);
+									decryptHelper = new DecryptHelper(remoteClient.BinaryKey);
 									dataLen = decryptHelper.Decrypt(inBuf, 4);
 									if (dataLen > 0)
 									{
-										encryptHelper = new EncryptHelper(serverKey);
+										encryptHelper = new EncryptHelper(remoteClient.BinaryKey);
+										selectedRemoteClient = remoteClient;
 										break;
 									}
 								}
@@ -97,7 +106,7 @@ private void StartInternal()
 								
 								var serverHandshake = new ServerHandshake();
 								var outPacket = serverHandshake.GetOutPacket(decryptHelper.InnerBuf, dataLen);
-								_storage.SetNewEndPoint(serverHandshake.SessionKey, ep);
+								_storage.AddSession(serverHandshake.SessionKey, ep);
 								
 								var outLen = encryptHelper.Encrypt(outPacket, outPacket.Length);
 								var initBuf = new byte[outLen + 4];
@@ -106,7 +115,8 @@ private void StartInternal()
 								initBuf[1] = 1; // version
 
 								s.SendTo(initBuf, initBuf.Length, SocketFlags.None, ep);
-								LogHelper.Log.WriteLine("Estabilished connection from " + ep);
+								var descr = selectedRemoteClient != null ? (!string.IsNullOrEmpty(selectedRemoteClient.Description) ? " as " + selectedRemoteClient.BinaryKey : string.Empty) : string.Empty;
+								LogHelper.Log.WriteLine("Estabilished connection from " + ep + descr);
 								continue;
 							}
 
@@ -169,7 +179,8 @@ private void StartInternal()
 					}
 					catch (Exception ex)
 					{
-						LogHelper.Log.WriteLine(ex);
+						if (!_disposed)
+							LogHelper.Log.WriteLine(ex);
 						break;
 					}
 				}
@@ -179,5 +190,17 @@ private void StartInternal()
 				return;
 			}
 		}
+
+		public void Dispose()
+		{
+			_disposed = true;
+			_stopEvent.Set();
+			_packetWriter.Dispose();
+			if (_socket != null)
+			{
+				_socket.Dispose();
+				_socket = null;
+			}
+		}
 	}
 }
diff --git a/AutoTunnel/Program.cs b/AutoTunnel/Program.cs
index 7900f67..65b7562 100644
--- a/AutoTunnel/Program.cs
+++ b/AutoTunnel/Program.cs
@@ -1,12 +1,12 @@
 using System;
-using System.Collections.Generic;
-using System.Globalization;
 using System.IO;
-using System.Net;
+using System.Linq;
+using System.ServiceProcess;
 using System.Threading;
 
 using Force.AutoTunnel.Config;
 using Force.AutoTunnel.Logging;
+using Force.AutoTunnel.Service;
 
 using Newtonsoft.Json;
 
@@ -14,8 +14,12 @@ namespace Force.AutoTunnel
 {
 	public class Program
 	{
+		public static MainConfig Config { get; private set; }
+
 		public static void Main(string[] args)
 		{
+			if (ProcessArgs(args)) return;
+
 			var configPath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "config.json");
 			if (!File.Exists(configPath))
 			{
@@ -28,9 +32,9 @@ public static void Main(string[] args)
 			try
 			{
 				config = new JsonSerializer().Deserialize<MainConfig>(new JsonTextReader(new StreamReader(File.OpenRead(configPath))));
-				if (config.Keys == null)
-					config.Keys = new string[0];
-				if (config.Keys.Length == 0) 
+				if (config.RemoteClients == null)
+					config.RemoteClients = new RemoteClientConfig[0];
+				if (config.RemoteClients.Length == 0) 
 					config.EnableListening = false;
 
 				var log = new AggregateLog();
@@ -50,23 +54,38 @@ public static void Main(string[] args)
 				return;
 			}
 
-			var ts = new TunnelStorage();
+			Config = config;
 
-			if (config.EnableListening)
+			if (Environment.UserInteractive)
 			{
-				if (config.AddFirewallRule)
-					FirewallHelper.AddOpenFirewallRule(config.Port.ToString(CultureInfo.InvariantCulture));
-
-				var l = new Listener(ts, config);
-				l.Start();
+				RunInConsole();
+			}
+			else
+			{
+				LogHelper.Log.WriteLine("Starting service...");
+				ServiceBase.Run(new MainService());
 			}
+		}
 
-			var clientSenders = new List<ClientSender>();
-			foreach (var rs in config.RemoteServers ?? new RemoteServerConfig[0])
+		private static bool ProcessArgs(string[] args)
+		{
+			if (args.Any(x => x == "service"))
 			{
-				clientSenders.Add(new ClientSender(rs, ts));
+				bool isUninstall = args.Any(x => x == "uninstall" || x == "remove");
+				MainServiceInstallerHelper.Process(!isUninstall, new string[0]);
+				return true;
 			}
 
+			return false;
+		}
+
+		private static void RunInConsole()
+		{
+			AppDomain.CurrentDomain.DomainUnload += (sender, args) => ConsoleHelper.RestoreOriginalIcon();
+			Console.CancelKeyPress += (sender, args) => ConsoleHelper.RestoreOriginalIcon();
+			Console.WriteLine("Press Ctrl+C for exit");
+			LogHelper.Log.WriteLine("Starting interactive...");
+			Starter.Start();
 			Thread.Sleep(-1);
 		}
 	}
diff --git a/AutoTunnel/Service/ConsoleHelper.cs b/AutoTunnel/Service/ConsoleHelper.cs
new file mode 100644
index 0000000..72784ec
--- /dev/null
+++ b/AutoTunnel/Service/ConsoleHelper.cs
@@ -0,0 +1,44 @@
+using System;
+using System.Drawing;
+using System.Runtime.InteropServices;
+
+namespace Force.AutoTunnel.Service
+{
+	public static class ConsoleHelper
+	{
+		[DllImport("kernel32.dll")]
+		private static extern IntPtr GetConsoleWindow();
+		[DllImport("user32.dll")]
+		private static extern IntPtr SendMessage(IntPtr hWnd, uint message, int lParam, IntPtr wParam);
+
+		private static IntPtr _iconMainHandle = IntPtr.Zero;
+		private static IntPtr _iconParentHandle = IntPtr.Zero;
+
+		public static void RestoreOriginalIcon()
+		{
+			if (!Environment.UserInteractive)
+				return;
+			SendMessage(GetConsoleWindow(), 0x80, 1, _iconParentHandle);
+			SendMessage(GetConsoleWindow(), 0x80, 0, _iconParentHandle);
+		}
+
+		public static void SetActiveIcon()
+		{
+			if (!Environment.UserInteractive)
+				return;
+			if (_iconMainHandle == IntPtr.Zero)
+			{
+// ReSharper disable AssignNullToNotNullAttribute
+				var icon = new Bitmap(typeof(ConsoleHelper).Assembly.GetManifestResourceStream("Force.AutoTunnel.tunnel_active.png")).GetHicon();
+// ReSharper restore AssignNullToNotNullAttribute
+
+				_iconMainHandle = icon;
+
+				SendMessage(GetConsoleWindow(), 0x80, 1, _iconMainHandle);
+				_iconParentHandle = SendMessage(GetConsoleWindow(), 0x80, 0, _iconMainHandle);
+			}
+
+			SendMessage(GetConsoleWindow(), 0x80, 0, _iconMainHandle);
+		}
+	}
+}
diff --git a/AutoTunnel/Service/MainService.cs b/AutoTunnel/Service/MainService.cs
new file mode 100644
index 0000000..0ae8976
--- /dev/null
+++ b/AutoTunnel/Service/MainService.cs
@@ -0,0 +1,23 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.ServiceProcess;
+using System.Text;
+
+namespace Force.AutoTunnel.Service
+{
+	public class MainService : ServiceBase
+	{
+		protected override void OnStart(string[] args)
+		{
+			base.OnStart(args);
+			Starter.Start();
+		}
+
+		protected override void OnStop()
+		{
+			Starter.Stop();
+			base.OnStop();
+		}
+	}
+}
diff --git a/AutoTunnel/Service/MainServiceInstallHelper.cs b/AutoTunnel/Service/MainServiceInstallHelper.cs
new file mode 100644
index 0000000..2553967
--- /dev/null
+++ b/AutoTunnel/Service/MainServiceInstallHelper.cs
@@ -0,0 +1,68 @@
+using System;
+using System.Collections;
+using System.Configuration.Install;
+
+using Force.AutoTunnel.Logging;
+
+namespace Force.AutoTunnel.Service
+{
+	public static class MainServiceInstallerHelper
+	{
+		public static void Process(bool install, string[] args)
+		{
+			var log = Logging.LogHelper.Log;
+
+			try
+			{
+				log.WriteLine("Started service installation process");
+
+				using (var installer = new AssemblyInstaller(typeof(Program).Assembly, args))
+				{
+					var state = new Hashtable();
+
+					try
+					{
+						if (install)
+						{
+							log.WriteLine("Installing service");
+							installer.Install(state);
+
+							log.WriteLine("Commiting installation");
+							installer.Commit(state);
+
+							log.WriteLine("Disabling server header");
+						}
+						else
+						{
+							log.WriteLine("Uninstalling service");
+							installer.Uninstall(state);
+						}
+
+						log.WriteLine("Installation process completed successfully");
+					}
+					catch (Exception ex)
+					{
+						log.WriteLine("Exception during installation process");
+						log.WriteLine(ex);
+						log.WriteLine("Rolling back installation process");
+
+						try
+						{
+							installer.Rollback(state);
+						}
+						catch (Exception rex)
+						{
+							log.WriteLine("Exception in rollback");
+							log.WriteLine(rex);
+						}
+					}
+				}
+			}
+			catch (Exception ex)
+			{
+				log.WriteLine("Exception in installation process: ");
+				log.WriteLine(ex);
+			}
+		}
+	}
+}
diff --git a/AutoTunnel/Service/MainServiceInstaller.cs b/AutoTunnel/Service/MainServiceInstaller.cs
new file mode 100644
index 0000000..5a39ba2
--- /dev/null
+++ b/AutoTunnel/Service/MainServiceInstaller.cs
@@ -0,0 +1,25 @@
+using System.ComponentModel;
+using System.Configuration.Install;
+using System.ServiceProcess;
+
+namespace Force.AutoTunnel.Service
+{
+	[RunInstaller(true)]
+	public class MainServiceInstaller : Installer
+	{
+		public MainServiceInstaller()
+		{
+			Installers.Add(new ServiceProcessInstaller
+			{
+				Account = ServiceAccount.LocalSystem
+			});
+
+			Installers.Add(new ServiceInstaller
+			{
+				StartType = ServiceStartMode.Automatic,
+				ServiceName = "AutoTunnel",
+				DisplayName = "AutoTunnel",
+			});
+		}
+	}
+}
diff --git a/AutoTunnel/Starter.cs b/AutoTunnel/Starter.cs
new file mode 100644
index 0000000..02df80b
--- /dev/null
+++ b/AutoTunnel/Starter.cs
@@ -0,0 +1,47 @@
+using System.Collections.Generic;
+using System.Globalization;
+
+using Force.AutoTunnel.Config;
+
+namespace Force.AutoTunnel
+{
+	public class Starter
+	{
+		private static TunnelStorage _storage;
+
+		private static List<ClientSender> _clientSenders;
+
+		private static Listener _listener;
+
+		public static void Start()
+		{
+			_storage = new TunnelStorage();
+			var config = Program.Config;
+
+			if (config.EnableListening)
+			{
+				if (config.AddFirewallRule)
+					FirewallHelper.AddOpenFirewallRule(config.Port.ToString(CultureInfo.InvariantCulture));
+
+				_listener = new Listener(_storage, config);
+				_listener.Start();
+			}
+
+			_clientSenders = new List<ClientSender>();
+			foreach (var rs in config.RemoteServers ?? new RemoteServerConfig[0])
+			{
+				_clientSenders.Add(new ClientSender(rs, _storage));
+			}
+		}
+
+		public static void Stop()
+		{
+			_clientSenders.ForEach(x => x.Dispose());
+			_storage.RemoveAllSessions();
+			if (_listener != null)
+				_listener.Dispose();
+			if (Program.Config.AddFirewallRule)
+				FirewallHelper.DeleteFirewallRule(Program.Config.Port.ToString(CultureInfo.InvariantCulture));
+		}
+	}
+}
diff --git a/AutoTunnel/TunnelStorage.cs b/AutoTunnel/TunnelStorage.cs
index 71f20d4..7fc4686 100644
--- a/AutoTunnel/TunnelStorage.cs
+++ b/AutoTunnel/TunnelStorage.cs
@@ -5,6 +5,7 @@
 using System.Net;
 
 using Force.AutoTunnel.Encryption;
+using Force.AutoTunnel.Service;
 
 namespace Force.AutoTunnel
 {
@@ -26,23 +27,38 @@ public BaseSender GetOrAddSender(IPAddress dstAddr, Func<BaseSender> creatorFunc
 		public IPEndPoint[] GetOldSessions(TimeSpan killTime)
 		{
 			var dt = DateTime.UtcNow;
-			return _sessions.Where(x => dt.Subtract(x.Value.LastActivity) >= killTime)
+			return _sessions.Where(x => !x.Value.IsClientSession && dt.Subtract(x.Value.LastActivity) >= killTime)
 				.Select(x => x.Key)
 				.Select(x => new IPEndPoint((long)(x >> 16), (int)(x & 0xffff)))
 				.ToArray();
 		}
 
+		public void RemoveAllSessions()
+		{
+			_sessions.Keys
+				.Select(x => new IPEndPoint((long)(x >> 16), (int)(x & 0xffff)))
+				.ToList()
+				.ForEach(RemoveSession);
+		}
+
 		public void RemoveSession(IPEndPoint endPoint)
 		{
 			var hostKey = GetHostKey(endPoint);
 			Session session;
 			if (_sessions.TryRemove(hostKey, out session))
-				_clients.Where(x => x.Value.Session == session).Select(x => x.Key).ToList().ForEach(x =>
-					{
-						BaseSender value;
-						if (_clients.TryRemove(x, out value))
-							value.Dispose();
-					});
+			{
+				if (session.IsClientSession)
+					return;
+				_clients.Where(x => x.Value.Session == session).Select(x => x.Key).ToList().ForEach(
+					x =>
+						{
+							BaseSender value;
+							if (_clients.TryRemove(x, out value)) value.Dispose();
+						});
+			}
+
+			if (_sessions.Count == 0)
+				ConsoleHelper.RestoreOriginalIcon();
 		}
 
 		public class Session
@@ -61,6 +77,8 @@ public Session(IPEndPoint remoteEP)
 
 			public DateTime LastActivity { get; private set; }
 
+			public bool IsClientSession { get; set; }
+
 			public void UpdateLastActivity()
 			{
 				LastActivity = DateTime.UtcNow;
@@ -69,14 +87,17 @@ public void UpdateLastActivity()
 
 		private readonly ConcurrentDictionary<ulong, Session> _sessions = new ConcurrentDictionary<ulong, Session>();
 
-		public void SetNewEndPoint(byte[] sessionKey, IPEndPoint remoteEP)
+		public Session AddSession(byte[] sessionKey, IPEndPoint remoteEP)
 		{
+			ConsoleHelper.SetActiveIcon();
 			var hostKey = GetHostKey(remoteEP);
-			_sessions[hostKey] = new Session(remoteEP)
-									{
-										Key = sessionKey,
-										Decryptor = new DecryptHelper(sessionKey)
-									};
+			var s = new Session(remoteEP)
+				{
+					Key = sessionKey,
+					Decryptor = new DecryptHelper(sessionKey)
+				};
+			_sessions[hostKey] = s;
+			return s;
 		}
 
 		public Session GetSession(IPEndPoint remoteHost)
diff --git a/AutoTunnel/app.manifest b/AutoTunnel/app.manifest
new file mode 100644
index 0000000..4877ebb
--- /dev/null
+++ b/AutoTunnel/app.manifest
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="utf-8"?>
+<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
+  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
+    <security>
+      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
+        <requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
+      </requestedPrivileges>
+    </security>
+  </trustInfo>
+
+  <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
+    <application>
+      <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}" />
+      <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}" />
+      -<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}" />
+    </application>
+  </compatibility>
+</asmv1:assembly>
diff --git a/AutoTunnel/config.json b/AutoTunnel/config.json
index 064b852..0249b8f 100644
--- a/AutoTunnel/config.json
+++ b/AutoTunnel/config.json
@@ -1,6 +1,14 @@
 {
-	"keys": ["key1"],
+	"remoteClients": [
+		{ "key": "key1" }
+	],
 	"remoteServers": [
-		{ "address": "192.168.16.8", "key": "key1", "keepAlive": true, "connectOnStart": true }
+		{
+			"tunnelHost": "192.168.16.8",
+			"connectHost": "192.168.18.1:12017",
+			"key": "key1",
+			"keepAlive": true,
+			"connectOnStart": true
+		}
 	]
 }
\ No newline at end of file
diff --git a/AutoTunnel/credits.txt b/AutoTunnel/credits.txt
new file mode 100644
index 0000000..00bc43c
--- /dev/null
+++ b/AutoTunnel/credits.txt
@@ -0,0 +1 @@
+<div>Icons made by <a href="http://www.freepik.com" title="Freepik">Freepik</a> from <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a> is licensed by <a href="http://creativecommons.org/licenses/by/3.0/" title="Creative Commons BY 3.0" target="_blank">CC 3.0 BY</a></div>
\ No newline at end of file
diff --git a/tunnel.png b/tunnel.png
new file mode 100644
index 0000000000000000000000000000000000000000..c9984dffe318fb04882ce14704cf6dcac26e1621
GIT binary patch
literal 14567
zcmeHuhd)(+{Qt4a2uX5{sH|jU6tXT2T&rx?mX$4gTrNV%wXRL5TzhZXBfF?;MqFD6
zWv}c0&h7L2{SUw2<M;J=yw5$(d5_n4zQ+4~-tWj~n##1)tkeJi(85$6YXbl&cuNXU
zUI2ggd`C~fA99a}FkMRU4?$`D2K=AOO$F`&)}J62l83i5e8Gn-o=*%tbzE&deJtH=
z03RP8VS5)x4=YPI8(~*>yNoSaRsgsGz#c2=`o7zo@k_L}3tTx~4cu;Fh*z_AeyC=z
zc<mZ#h{BEb$%hu|^(?F=-&R$|%3y1rNtgO&$ZAs7UQTnwZjRJU&xns4P0Bkjz8pM)
zc=hx2j9^|;Ke}t7P{;7_%KOYKMmmmqHcG;kGdAaM1PhZ(ioW!n_5^Tk9eQYT6jq5X
zoO|w!1!nthH>C;=k^{g%_lYn_{Ur_(00_Qv3%q^y5PS@%5*byXVgRqVZxThq^BBCm
z52FOHiI@MU^8c;UpblgP>>EF*V8_SGo%zlK&OV-pJg=>?Y8}-Q-zZ4(9@Q=ywK|48
zhZ`FR=%}R`!KY61weMH!3hke(Pd{u+N3ZZ)hvQdY66C9uO=D{n(fw6ld}wn;X1?je
zT$4S=)+d(Hb;T3kpE|97)!~maXiL{_6wFoAZp5B)e5)@xOtL|v#|~<y#y^*mWmK1#
zL8JuNf?z(SL4g6bu`7Ys^skWv7xUPr%FOtXPOp)Xu|`z~4iLkj<EUrBCfwRew}aVY
z*Haa4td*t7N&l|Le18P=b$C8vf)So!Ytca_*lzia2MHxYJhc1|xOr$6@}kc$+T%%8
zn%gve->uNCx7Iw+t+Lh1H5D4SfW5U;O@cIxQ`hx2@|SgGBKyrt?IFLHZzw<%hE{k2
z&9Kh5F6~7F6(q%(=TFy{HIY%cw>wEZ+U~ylj%HybORq%$pKE*WkfSS>7I;cv1C&A&
z&t^i68rS$*wrX-o%q3Y|fC;d)@&fYWkb@a`U=(+cYwfA+!7t>IaNaLUAYWuAE@|&3
zjG&4&mP=XGYvlG?_2(i}$cia5vD5|Ve)6x?^Wam`<OJ<ZX-MYCiye2$Q})!*!n-D#
zA21sHSqTfw-HRkk0&BJ9C7Vr`QSV=K<7HskHrpYK41m6d<h`3~Ip`ooEJfBJe@zLO
zS9biuD!2Q6_aqKR@`n32&7Z<f=+WmdY-5uHnRUo>>46d2OrEtxw0z!dkE~(7VDf@p
zfcbBsU=thd@%3<$P{7^W5WB5*(vl|U|J_GaK1l*7q1z{fV$4TueHH|obl2s_*qG*Q
zqfKmzxkxo|;TGgVY9|xu^G9$_+C(uxUDC4_15MoX$JL_Ho=?`#6jYf54MMdNc(m(2
zt1!Mh%EDx4{>X7X61M)P$^?Kw$eXo}qgNBl8f1b0-PJy%avAS4A77`?P)d)hR>yLx
zo#cW*SZGRB<ktXFU4Hq)2=$oizzOXOaD#RE*2d>RpH8FyHzt7#ac!$S_=PVVf#W_m
zUy1CHSTuexP&*-mLFb#2#Z+0fSHI8lN#1x0ulH$4x`IoxAjkW_2u`-K90#Uv)VSCH
zeZFJ-Ta0<K?!JlUr`(q4u*RoRAB>lxV4-gLLTfnHlTxirZYeae-^}$*8oX7jW5*!&
zNg<xHsr4oj-Yk8b7|0*jCc|wiS*`5RO4C2xM-jXhG0VRejPXEBgeKU`m{F=cFbDk9
z0;csnS^;)nP3%^h+zA^le5wCL_{P%_T6`#mz$;DY6pPmlD7~7s+H?iQF7SiDe-yzS
z%HSD;A=Ejx1$Fq`^ka==2p)4rxF*+3`v@7fEyaz>-;QvOZz>sKqqP{KVwbwH)}uA4
z>HCYUeO-`1c#2&HsqM+tD8yebCZAKd#S`^B2{36e$3i&{^hh7!DM7C23w@TjG6`{2
zR@$4?{Bu_?ED6Ph3ZV;+gvq&nxx;+6rpoD$g{{RSBtSLq!C=Un_5(gblkAKtV+Ly9
z!&?P9`b5#CYTiG6ZbB4w(C5!5f&#HVH}R~E${_4mU<57f@JSiPaa8t3CLgdQ<XGy$
zPQJ8F&x7Ahlk2*_VO>Dl?)fMLL*QP^2J3BozPsm5&t67I61h}$u)d^l1Btw|W@meF
zX}Bce0~Oe1I9gs{E&B+p%JUj?aQK8$VXKOcProw_n&OH7!a>`u_2Ll&h_Rxg`n~5V
z+eRW%{qeJTih_)fXAOBNU)zpO-z)gjtH&e{@^de5R;=w19QIYp7q!jT|N7cmS5c^R
z4S{GPOJ~J89%gH6{Q^K2fWh2V@dvw`dpZ?oL?5~Tv+w#%fG$uEd(rlwprTrnnvIC-
zTWeA1*{!Bz#lFTgtY%S3!X4-Q0crR)PNpTcweGpi9sRuL*2OKzdL{uzmf<9NrAF>r
z&N#7$fO~Rxv7OG<UHv!n2R`WY{4_bEKc;;~)GUBL^q4>obNy=?MYE>*acjP8q06-U
zwLd}K7$5y|I$f_pPP>6i8@$%Yp|8`smo-4JHiceo5GsW&N)oqU#^_no&+);X6v1P;
zL4+sRi--wyN=;_b?qjvheB-zD`?w$FDW&jmnOl0p<%RBA8g<e&r*fIx52~d3-Wz_s
z#uYpU_CkY}*RA0R{jg0s{)azWVKuu>$1BUJ5bvv&xjIF*S%K9r8X9r-%5qWj5iW4o
z)EhGx*Zt&n)TL0NQPixxF1rF^npG$MH+cp{M<jj0M15eV&&}RDqm-cTIaBtUS~q?f
z^VV`W7U5szNe|Q2jhHiY=?#?@ojkHCGL_|}{ks=3WTkypvVBM7E!KuEKU6$B^+yhF
z*YvYiI1v;r=Gavp+8MIng8ie?le)X-JUoNptn&|YEpC0ATuvxzaZu-lbaKb-Yci;>
z1Tu$eB?=#KPyr9rxC7m6W6uYCZfYwMacH1=l8%AlYMmZmvvZKE`j~VvIZ@)Z$A`x2
z)vN)Vm>%KlDO9foDY;u<A(wvK@`1Z*TS#0z{bboE2y3*pjotcd`sR>`mSgm}8TQzW
z=0~vL&?v$J{`GZoQr+w7MQD7fQM9SVhsp`fOL~|4q_sB!5Js=a3KIq2XcWwKj-Z3A
zZDX?z;9(QQUc&sd&u~knZ)n%Q)Yk5O4gbKhjw=8;TAHpasH$FXO7v1o$sG?|P>TLp
zDSMf2rgT;%xL#D<74%j&i)Y>2vUjxGFXWc$s^J_8@V*~>yuWDdCt0N<1{0l}rSxgJ
zmHj<PgPVy>@wxtkWGx89Uq2s$7cFcRC*AO|3wiv|UK$B=fX<H2w;>cuUkS9T!BZ?U
zuA0s@QKN2w>TCe@@i9oXrS%)lT`o`!_*6`rR)^ggpIYQKg16bs>L5P&fppWylUNr$
z5%@2216P(6JjgKH8fgOQ{Nr0|nc@MSz3=bJ{sGy2W{Q<V3$y$Rmn_)zREu`~BCxUZ
z=P6p<`kvRmzTQyzvG8(DRo&<bo!y1@5Nj{(8}*<c(SjKa{r;{1Z9VcO{}XV>eKi|4
zh=Y%I8pM1%=H%M2H98t#5JK8jev?$tN%|NSXb=*Ab<dlcoW0>O>)8cGvg;&Zc#(!(
zyx`qIJ0M-iic2-HE8A>Jd|3Ru#9@8CR4i#h^Rg547SC&hL5S98UPZSThhI2mBnqNv
z1&MJl1hcI&B@svC@=O+|w^*#4C@AXP%+X=}zR<^6r{VsN=|Fmw@4glw>98bZJQISp
z$?wB4z+6G_=3jVO8G;DQaOqPy(P66Db%p-Go|$ug+{Fc3^M42Lv`_n=yQI53EZpg8
zEpAs4LtihFQxkn$2Rj)tJ-z6mJ@~%I4XK5Fdg+%D8#bt<uxBFXb`;H-MbrB#DV;?}
z<<X#$)IqLS{QT0xK1`4&yy!2f|J3!cMSkSLYAook{Btm_szp*Q&p3@@C2Eg+cEhtq
zC9a}$k*E4&!u)gBMH7s0N!a<xA>dI&ZipL(Yt0$dSNUL+6j5vich;cAZ!!s70!C-X
z(gYK0>;i76cwdDi0M4Z+oP-l97peM<i8wKIzN-HOi=3@B*F3cL2{b<QgQdu{_C(z0
zG#X!!WJaWjx?gMi^nT@0w@mtQ4D9<SBDd7sI=@RrMVf^T%IUp&esF;?)mznHg+gY*
zXF0@12-!5>go>B=yTTvcR%bzz$5`lhx0rMe0Lu^>GiZD8VyHW#iJj!gnW<#gRle%s
zDij#RxfH-_dPzdAnl3d_qPV-@ByP6aEv=(ee8lixuhux*9dKAIJ~58XymU%GfX$={
zpMJ(K8?|ig)}<Su_LSse8Lrmc)#q=|r;EX3_X%yqq#DtYt5)}0gTknguM%O=<(yiw
z<|X{tBoJu9S~k=NqcmJyDkrAQ0b~sjl1YKJQo7mtyY>QOod$H(<!u*RcFE`joS9bV
z3o;Ws4UWo4bNa$s;(_*%`l5;Yl{*u#;9@?!oM7Q)kFsj+k+T$fe)-XTQ`JJyTRY=l
z%UFj#zeH_gTIfa3ccC-H)9c}lY{|GbJDwKlVMelD4w9q$OqksiOt;L++8NCa`O&e3
z>$|OkzLAlbKM0(j1^18HDxLNakFgCakA!KWD^5{8$)c`W8{TP&GCH0`Z;QF1{!Tn~
zScvw*+3Z;t50XatC6Yv#h~153;9V-`TH6;7*i+$fO<tvJ&)1C`YCA<J3mkqwX8t-5
zsJ1R|9v6NTK^5Zm+6KhVM>F$`C=;TOolx;da%|Va;gULwbah8U7<GrAqUNboX&w6g
z*Q^ytbGmi?W7C0)vu%!TW&MlMJFFx}%kO6GMu;f!OslN_sG5@S(7B6Ulo^O|GrGY(
zkUKo%NlX(}VcUZrk~JKm<AT4x*Z9KYgPwwYRt2%qrM~$ZGWX@wdvhWwBQQZ$384PF
z1~t{J@#UL7ql@a6VGCy|jPyP!19IMK0a7(<tv)&=7G5ia+6<xRBQf&ETUYJ6Sl*e9
z!)U|}xF$OyT|h)|Q-DBy)95`BWZIY}Ir*Ei{qFJ~j*Pk;g%H~mtC_}OpPC&7QGG`d
zYQSI;B-L>LWKN?+(L9f>Q2|Sv@yVBCA>45A@LCRIM~@J$3FF&A@FSTQ(1(_iJP_Ao
znzOp1G)miaun`($-kfH89CfF?k+AG~A5#M?_WgRAz900um4#^A3=lmOX?y%z|G<~#
zC)A)926O!!yxG0Gnfb=+vc@G`c9kzP?WWgdH<4<sf7orEyJ&UvLWY#P-yHuc!%G)u
zGaty1{-J^e9X6`w<~F&@Fp^{m&D7pL&g!zyjne`eEFcuY;*0D1{cLsfK!yJTuJ`1V
zVOBc5kN|v-@EdZha?J{~<pWbC*Q>$sX}9*#&$j`S<H<7o)SuQoJPP=oR8tx|vCQk7
zZ?y70JHGm?g(ug!tqb5y3^ni-BFPyjk*5ZB>NQ$g{T`iA0jDRv8fE%hrq*8xl%Px2
z-`Xb_@^J(045R@2lpC)312HtRaktp#F!$@oauy%snX-A>Kdc-YTpd0Qtg+&g`bz7P
z8mFx8wxR)wkCx4^LrEDpaQU<9QI9alx!ly-5%09`^P43Ha0@r(oBuW&efFo33`FJ!
z%v!X5LjKn7^<;dK!s?H@!_4cisy~MbNp(c%xV`Y72r3N_-BnTo&f_uFl4ehX^tY@Q
z%;87prWpl3+Bf24)F^|+?TRN1$_JH5gD3ite-Q?m59IMFPwdJ{eOotbFL02xGx3sj
ze(*XR+n@%DWe6>8+wSfa?%9O<3lKqE+pYzh3|S|w4nu6}+`#EXllYv!GLXmf1V2&z
zpx^!D!J>wF%4@#O-VD`bMkGb**e4*EjHrB-jd$hsvp_}twzm5>ghg5!!6vcvd`oUY
z6fn67w0~&XIQ}4hfjBX_y*BVwf217D0KMY82sUHV4GUgA3J2uD0=!EMjPE|VPXx96
zRfpDOF$A|{l;<LenM*g~>~68(P;)jzJE&R9s{q}m+z5RMA7IjSEPXQ4biBLP_B)-v
z)R#7-gU&Uj=Z)2a8|>0nxWFl*s+iEieWmYc!8F2p7<qdGW5ySfP8~}!_r}K2Ldv6~
z4Bxom33bb32tHgk{1Q>iVY34DN7PeDP=tzutYwZI%!ktgYwinyGKN=`507KCW7SB7
zNPrlKD@}<ODV{jpT1S@+wY>9kzz07iNM#L6FpRPkg|qQq$sp}WD)!kl!0RIY8o>ej
z7FVF9y_A4d)`Wy5cT+cRS#$~nH&?uW;BmSpGtf*+=zZO!dhINWDs};O?RocWd?tOn
zEYR=}2!53Rdys|&fSmUh`UYN70D`#$FNQs0qakLWn%MB6fd`rD4&rCAIxnE(dv!uJ
zg(}`(hHFI^4CyF+gn!nWmm6=~)x1wSw>g4bO{>FRb0k#O)g%?|qS~xJuz&_e<n{jP
zUMB?*L3qh4KmBHAWfKc|`GqX_(FSo44ORcwyYAy?m}zYGmI!;}a7~Nc1<G|aq$r$>
zNXhnOt$6}pkVh#)uuuPpg)X9DV}D8V((9Vc6JuHn{YStY00JKL!?>V#wWRIFGZR%3
z*~8wVCWtzw0PUCyI~{-9-F{(O14{w7F@PGbvkE5##(V9ID;Z~nqqTY$c^W*lajp7*
z?;t?^0Cvr8y>-qtf%#I(7LBQ^GPyV@U;rTre#E!G*-KQ3x2m*{#WH)&sfn^GKJz%{
zW`b>t#9~O~WCKNvVdn80iTBV|aBi8|8?^X2Z)JI;?eia~L`*LLc>)UJ!{W&iBUy0U
zDnT9ie8Df1QUw$@IUwa}!fE~nh%4h}KYvB5cI|ntKxB%eI6W{V!f<)(odn?PNB+%k
ze7M@=64c!JH3QJlNeQqUoic#7y{aZ{H@B?vmYxCl#tFWR40ekE%j!GRQ?K*yQ1<CB
z%^CoT9#r7@k&_Ha1CtWT+&8sAd?iWyFnPQB+f_Ir_Wbj%sp~4K2t81C86duGIb;aN
zFa%70qv*ODCC)<&%>htAI}0iB6YfDiN6SI2g$R2}m}ED1?u!ZdB&gb6aRu0F9-T0T
zrMnc|T9f5W@(j#ekBFZyrcHY*)ym`|LIpBX?}*&~jLZ4@o7B(29R*laBkFGIleV*f
z6h-Kj4<idlkh$fmh9tpXcN(v}UnjyO0`$|ns%y)DTYM}vdigP&Z~vt|Dh`~0!Vjvs
z-h)1X2_)*1$__j5Jd41^*E)427MQz40&KB^u$LwMQ;VR<=`}EZP7aiTG}0X-$>%n1
zFrzrkog)Fj4%Dm+1%$+K{usJ5Uo0d_b-4_rl<vADsoRHGY6yvfS#vZXa`B&7hQiU-
z`E1h0*wk2R?Wf}PqW;abJkv5Pm-{jqZUSYf&8hP0Qdv2|Fjn0@LmB8(p3+Rp4H`<c
zxC)g0fdF)-OF{rfmY_U@sO9G+?Ia5GFVXIlTMem#;~xRRGR$z8F~a1>#E>(@bk>{9
zx<$fdzJkA@x?6R}y?~z!=*y^==+3_<^_&uLv-@cdyb!wx9Pf<fr4~@wfscC4fxbp^
zU}?}e<JNz2`3nJ_L)Gd;8o?n~008okgG}KepwQY}%dZ5?QF9Ty85j``1{*~K|IuJI
zs|0+8wfAM@OLTK9ND;}BC2jv@0WPDDgLS?u0__EsoPgBlI{=DKpTuGb1WZgDa6<`*
zlT-pk96&lifTHMJxd5<9mz^vsCB*?Qal~fl^XX<hNgN-SR|>DJ$@py-Z0dZd7WSia
z2Zatz)1aCX2dTnOBXsP>^DveiU%&ogFDk&T1MK~cXb-DZbB%D<p8nDogA6g*f^e=H
zp@!$yVgf8rl?%RC#EY9dzpcAu@WR-wJ9TuRZ}{f=J*TB;2?}5%$&h7{2Y?KIWj)@R
z$a^v97G6i8jDnTKulYANqzpa}J9g0d@|{$~8l^rl(5D7~Z2DP|139njDC`>bvy=eJ
z|AY>j+q^K9ow_Ue`^Du2P+VV)f%igP(I`s5M_OM@=xz$#i^;yUa*6K$YWk=TvU1%e
zX}<!*5s9M}nx}TA8G_W7Sf`tn$@Q=l^`+EHEZYeP0lzZh?TuLcsDKVB5>T1rd7uEp
zK?@(LL8l$QTz;<!stZwD_+{8E{WcjXU?OTe%WB2(_vNMq&Fca#^VTWd9(!juo)69)
zOuKKAL~;8s*DPp2sHBujBnf*YM6lVbPlvMgq;4Crc%-C6y;kZGqYg$u9Bm##ivcVT
zFG+iJiQ051SI<uy`rjqEZAW@9Mq&+LN41{Y@OfU^izuyYBXx7ZqUkdRZ8%kQ<@lgW
za2<#uc|<Lb6{I_qji?Ou@?j_|aINL477uWPb9PF*M}xKOTislQXp20q?0h~h_Lg7<
z$xS}+O=nE9TUP~xhzWdiH-KRzJs&Z8*@Y_5<Qi9>f$_i@dv5rZKHoEXWz^dKaSLGa
zJ4gQQo1sX=fA2wHvq+?d3KR#PuX6z&ZLzGK*GU*nE9`p=!)0VQN!qCaDKt-wkW|&w
zYIzKh>Uvt#H4dR@UpaDm)PIGoww+djBve4DMV|1h*Y$1&2~7JLA7J5usQVD65j>|d
z4$6^XWMj9K`}!o@Tx{ImZ{ey77qLR^O)H^*+Ab=qlEm+IaZoE~v8M7??(5axM#<+b
zIlDneov~a>Ya?hC&J|HdA&Cn7R1W0@CNBnFWo)^XSYG-@loYjAdy~FOV)I%I1{9g)
zm%+dmxs?p_L+$7!r*JJ`uUG$;D_dT!*}?E*7VFAwYH*tQUll@m%5!dt1ah#7-E<^<
z<uf)HjL_7zpCT*Et>?Lbn}r=-*s3(eKL0x%DR8n_ya};N5_C^cI!9FwG}Z_$4MQ@9
zwu;+o*0&ovbQr_#(zS9Io(vSl4n8OMb(B#D!UVv=#dq+Rj~sw9lDsMnar*oTn1rx}
zQ`en*f{T${9ugtB9K$X{@=RJ3fSlHLB=1(a(d2+tvYmNNcf9RUQoKMXO8|n?_34qC
zD<erxCOP1Q8kS&e>k~I>=pa{UaQ{uNuom`@Ru^+dl4529o}sp$#<Ves#rc8pJMabG
z=rd80%Vi~+K=bM3c4kfJ6!|>OD}lAtheb*qhTXlnqG6$xZ=J?;EY#C56w0XprSkat
z^aLdk#7nBG-H_P}7;<Jihf{&^4=hWcse-XaB<)k>moVw~b?@E+ECLaAN!Ia?jOLWa
zbDcZl@1GnbNNU|bphs+eHUGh~uW3l8*=1NfplP0=%;L40nn%lw!ty%P2t!z`2y>se
zvqq;mCgI4Ti23-At6ro66bUHOxxLW-qIx_bn(8?50w0Pt>1Fdh_6kK`Yj1P>r-atF
zar%rKXA!69as4LWFB7?<+=#k(&v3gMH*OGT(K`EUju!z(!ld(qeEp`H9xLD-x>CPZ
z&2hGj6WV)4sG;Ko+3@_!RNzUv+-AsbzPzi`T>gC{{;8qc!1y(1&RxkfS29f?jIrke
zm_t}P#eJET+CQ#6-%704W(%ip5?I@FNQpUZyhlCcIQ^?iiOmJ_9kfU)&6$*JF#y6=
zk_Nf(!Cmq5yn<9@^g})2KR%wGV#DM@4e{QfD_!&qJTAPbQ;Ij`8!OTAl*j?I%WaA8
zmdBjzFrusNO4T`B&c6g)^d8Ty)VjBwhY@E(3he@Jvf0j^sVXel*ty_JhC#wy812X7
zAA$RJn#YIv0hLspGCOze14ErdLRsy|-t!gcU3J<$e3!V4bc+DXl6v6L8d-2Hfgk5C
zk>^elOY&{8N$B&i_#-wKkyFkxh{uWiSq;ft`>_tvvSfc;x>uOf>M77?SX?<MM@KL&
zK6>JU?aQuA1^_-(ZU66R9puZ#><3oc4mkrpI|BArPGbe`Lt*8EIXCXCsvpUm7-)}M
zKA~psCvrq?x79QZ0n{&_O(O=@hCgTUE^WBox*9CnA~C1sBfRe)h${00BZy>)oChwj
z2XLD^E1Xt`NbK_4Fa8eGvyt&287Qg>H1Y1lS>3RD)P1+&G0m~KgznTw=bK1g%8Y7B
z%^B~!Y~zW{v54=?lIGfk9-P$L?#`dS!)<v}YdUIn7?F$%8ynRVW273F&x*e$RX>=I
zQJBAWKyf?6Z7{X-dQiQ}rfdh_y@q%}qB1Lqb(sLV-z89|oB@7GMo3ts0EFT;8?MbG
z=M9Lo&M6f*_$~C@$<WW%+dR<J?zkl2(m=%gSA0s1-*><G(7#2)S40##eD%Kjogd&+
zFiV#cp3W;xfdHjtENLq@BRsn82(>TSXNC8g8z1`lU5eYr)r#tG@=2RHw!aWtFIYr?
znS~*7FF?;7IFZwy$x+B@|Ni+IIQb08+)s|abGT=qFJF|Rdle;0EwUb3SyYsAG;=|E
zBjO5IjoYon$rDbx)C%|E->v?REzq_P_64nn<Z+n(;<_VYk{G6WpPzy0vz#s><>X~0
zcAJEk(6)F^dAIY?Rm2w64cK?T4<E1prjsiAc%AX>&~B4VdgX@&=ClvdXO#z>WhG^J
z!cQf$>iO^j3DmhmPI<pEUU^+C;(kp|52W}c_9%O`V+twN1(xTpq7T2axkU3)%3GrL
zPsj%~4fXC?!{-VL&7{`6CZP6SJGdOv^7|H#S&FUW>%z}iti-KeJ$2giVr%{98+!Bw
z%yGXqb|j9IsnX(J-BSvudZf|XO~}bCxqfFu<Piu4c!A&tP(%_Xh(J&qT><-h`!5H{
z=U=yQeq)40w|Nh^()N8la?HoHdt`_yZN8Gt4krWSFvhuq#L7R=ofBLL0S%6m?#@`#
zsh@LJkC~1Ye2$W`r-(H`<Esygc1k8;E`mXZ&_T<lziqZXgyd_f!$qZwH20t04#xD?
zyTmWG(d`YEoYMu0ugj(%36pa5|LdNDi!DrY|8%|epUz}n6<`h4`*b`t3#P))?P7AE
zwKN-VhyFrSx-blq_EMJ47%*%2hbmvt*A2Crx1~j8+&-DKHOo%vuh+O!a6I#Xj*WTr
zPCCL^RNupsWAOs5B$@{dS`{5D;Cc~7FqzDTd0o;#LWW<giJ|@a_324Ai#HIf`};A@
z8BQS&#?X3KIp@Kkz+$X5mG@6%vJV2R@Pirtv0s@P@Pl7ll{r8!(jzR;S#4d?J85Hl
z)rkg?auc>L+rK2((1Fozc>e0^VM_)baB(R6#Dh)GZ1VT%lI7W3(QqBB*1>j`FdZw_
zwvUiDKC4@xsmc;fReK8aZ>VOGfW^^l*ONeZe%`l1;<1PQU86GfedOIo){zNmH@=O^
zM2TyUWbT@hDCw>2k6uNIF)od)rV9?**%di*%Iuj;ZNAGK%y8B|{T_2|8~pgpV)zJO
zRNc(EACRbpNotx*XCjV<cmty7N5#$=Gqh^)oyn{~tYkd5aiNKMSRe^^p+D@&m<OEI
z@ZOlmM)=xUz{a_sJPjC>Kq;DtR4Fc>G|vjv|BI-Din%9Wn`d3C*C$4q#-skeW6?I`
z)WN5dhF7_K{(_XUR3}~;9*?=Yc&`vD-A%)6I{!TCnd*Fu6Wac9$5?29Z)m4#>}_4M
zUGcV<+4B;;4aEq%c&JqgnqunOjvY!v<8sjL;lnTYfjv#?l0e?!!=INJS)Bb2y?H78
ztwY}*%Dj2|*H;CN_0v3i#YM$;4&rZ2eq=ZjnIAYTi&ICVYB?({8{QqB9tac|Yv6y;
zG1&w?EQI6~a?X5sZx%cgq|d@uw6D_Z!vaz4iFnKW!niM+s?)}5Q+X!{_jCIT2znjk
z!gG_^?Isq`;CXQsGd?W2;>Qu2pvkul6Dk|e4@*D4QH38|R1U2;@u)ss{{%G~c4nE2
zEDJpQ(@`_h`nf;j(Ehm0=02zCA5$fMlxfuyMgxr_;YBIl;up))h=-5PQKh%#AOC}O
z;9eBxkMlcx+nWm-JpD@FYsK=O(RcBdr9a#3<j2{dny12b!Z*%rP*e2c;%sz~9E{?0
zC|QrS1ggwy|6que==hpmIc%zx&9<2*xMq(|c6a}XbQwjNHa|&lz1u^D>>WsF$gk?4
zN^t*q_b27YsTAA8v2E}Db4@$Dv>TJop%t4utoT&ljj$fGCzO5Dlf`u}7D_2jm+tmY
z2HPOrIwuuG2hYI}YdJk>Q9tM?MN4!HY>Ku1j~MLco;LeEv`V>V=X_GZ*5p~tJ8RNB
zWG=QYYs;N%d(%g0tty`VYtF+o77DHX2rxEB3>Hh7XL}LDS*XJ%O<DO!Y@|T%{h%Kb
zIGal?e+TRA7Y1J9Y)beY-KRKzioh{7Pe3V!s&3K{L)yxTG#UK8bLiYFiMKJA7L3^L
zpGSylG`q;0lJ9jvz?-HX+_Nu2DbbOmjoE2Gz~~&m;75ejt6y&_J1$;yFI6<L_HqqA
zWVNDspfBO=r(s+suf{7lp1yxe+_FH(AUn5m&=LGbmjH&H*VNSl_mv_mRayT_Y=0D-
zm@zw^Pl#0rO@UDm$1>{BCSI`Ntm|opao(0w>v$|GQ*(=o*J0{lw)$!&Gx)VF5#1Gn
zeqw9Oh2*76-KXbs(ml-tg&=d$OU{msBy*rPmh(Jl%3kKj=ndw=8sFZJQ^SHMWth04
z)iFIn<q43p*ppWCF{z0q>&f}#pNnOa75;ySXz3zrS-EkS7bfwxOjPmNPcL!(qPCo}
zNP)V+RMJCtGF#NxXQpXAq;iK0lC8kc{AC7nL`r1{`kyGAzSUZKetlmq^T+rYgpM7k
zhQ(K{TT0O_d3i$H@@k6Fi(#*fo*2&tCWAizte0yhUyu*q5m{pYV2xgLvf$uv^V1XK
z*bpeG)OsUdEaJX>?d;m}0$UB@@U78Bwt*^ljWf}nqJtuSjpo8swKGj@S;4U!(Z+M$
zE`ZbNrMqt&kRGS6>stnUYg;q|Bo&W1*z~egn=(BRV-;qMuB--|uN{q=trTD8uqy|F
z9<+!snf&nja)7i_y#ChWh3GRlTj8JwQp%!hz=M|(x43Zvt|V~VAO2kU0c+Yfyw=-o
zqS6{M{zym&SN~p+<tx0Mm-61<Mxi28{j>S=92D(XGoRMDjqkN%F$rDS?1}_#ce~IE
zmdCYGc86oxhx)IEfg7-<)obOd=>o{?T>H7&I9iqIwB&6g?bS3Jo3$6R*F?sP+-Ji;
zBTX!&8_rYdF{<UfCwTm53stFljaKbEPR7dlif#{*n4JrkdmYgM=$g~D9%y8Sz-f|A
z*T`-GGr9g2T>rEX?9OeL8%3)thkUr`nhq(7F-KdY8e=ay?MI!l<dm@7cE;AliCa}w
zh_%`s^b|r5%~TmkgSj_@{O2VXl9J31O_iZlE_q1-2BZGZ?O$-vrrvnA`4JY~_R@rx
zwJHXwxAPn`v?w?jN;ad?f5n;Rn5Jm4&F?hYIH=3#x^@WImFeNqnKP`|uXJ1bBw1Ae
z=UjvzeTz=&%nTKTQTG%VnTeGB73iUE$s(v%Ex$FQ7ZW9B7vX{D^N*jgoc`Q|R_{yW
zyx8>$K&eg0y#%)^%>?CaOG^ltYK|caa)(TGU?Z*&FmWjQ%|0?|bN@%=&8_{|w*n5c
zgS4#2;&~sBL_o5twf1N42Kk;QwQfl1&ug}cTJA|?*gn0~wbMRQ$*9lh$}#adqc=$~
z&p{5Wd-$UcZQFbNS<$K#oT+{EC@wOUmbj;OJl=I1JK*z4kqg<Q<g`n}2d1J!7rsv;
zCSHE*j0RM&Tc5f;u-+RMti6n_jxTS*RYub`?#PeoHGk8ZT0gi>jjFAxRhdtI+j%|y
zjtm!tafGd6cSOZc`Z5UHowTQuYxJMQ6&u(e*BX4?Du%8$B{MRK{nsnai1+FFy)Dg?
zGMmd-{XEYHdgH1|5<0n?y7n?UQ(F{d#<f*?Bd4pWNrmtqR076qLsSSh8>fO5pDQ+-
z&+7~>-IWF>V4*Mg-xQ?`gMF_xCD&e+091;(NHPyz+1EFX`3U{#O;!0CU?qRd<<q02
zx?&}bTmqSEjxH+aU*IF;P+$Mg1`cXQf^Khm5AT@LT!<Y4=P_*j@>kUOK@nFe?tP3d
zN&#u-JTM(xyDI-5?S(ZXeqe*4eXv0<C_g#T>55xE<4WrsF}XJz2$l_#6+0!g0>pNb
zhzWOIaBmRN*q#e*dUL4CWJVz-NDtMo*)M06-D8yz%27Z?U*+6V?RvS<b-B`VIdW{M
zZMi9VACkUr35E@0i6RpRfw5Pujv>aprQeRhWe$P2^xu!Uz(kd!#&Q{JxptO&lNvyK
zTG+K%<@_20!%Q2vXD9-8$LLejqt)1-aAV6%=(`H7{UA1_@~jyH&Y}wv_hJD}&lyJL
z)~p(1gVQpy2kW|{)(M<a7P{c-F_`#JXl=69BYmf35EI{HKd_QWjXN_t2PjKPoKK6{
zN-<tCvqfPaF=Rr){Nt*!=XqbYDE!%V!lvaWNDBvvl*6IPB42`j0I%9Y(Y8^=%bpAC
z2=lkGmwNf%LO6OZsHR|QG^QW6qG+cTb!YB_`CJNOqKf4a=l^y}_Vv4^H6x$CfjiEi
z33{VvE-ClV`!Xw;x_3>J<8Jv#l*rn54H$z#Is4Fb&^G!pKy<9D(CnJ@Cd5RD_@MqB
z2f6kN!JXcht!_L8sINcI#f_oAnqrzSZL$Z~{`8(7r;k`<%oZ6Jd)@pVRrxkM^4D3s
zj8)0#f4@$wx_t7Ys+n!~o^t`pn_0#PohcXO{pcnyT<x4qPnZKVl^?#4Cb$FQ5fjh9
z0s5P}jE|!fbpt1Ux1P+jI`&ViTmWEGa`jSKJb%r3HV<N}XY%cOR7zF8p2Bgl%`7aX
zLF=nXkEMazZ;H%C6_3ur7{`PgYY?d-nJbv_h|X4*$uu5u@yXaW8t6+^$$Z6MO(c*j
zSMA>o+hb)X!{ar}>}4b`7bg%ig&*zY<lY=tuD*A@(2xF!4N6apvj`uU)qBgl$B>_n
zNfON2QbZ+cwKij22x&ruFFr!Ao~8fiw2`-?nyO(<cvf&HrC5UgsQ(T9sprj{$5nM7
zedYC&zk$rL>2cO5?!|%vN6vv8&G_{IP{Sk9*&0)uPi<f(yQYJ;MJ03(`E$0!O>wyv
zpF!hyWaSY6L)YMBg-y=-FfM3uloK@dZ>lT+CMSVBVVGxg{4|xj0oHTdIC9iK4i?mx
zCMsr+@eTQRNBwbXv**G@%sO|QIKMM-w4V#b)!gSutR|SrYeaARM?{M1!v%CtzZ<Sm
z%R$|(OVqF3fuoYT!7+Ow8DQRipD~OxZN>mO=_4nfBoDCH2DtqFEeJcmy;%c|14C3(
z)-CbzJEqiQ=kn7>pqPyKshI9oMc>`ADba8;#D`XPC@WjC;bboZniT;qFJ;w6aB4D}
z8`a!}M`igcDB8rKiw@VV3pl}$7`O0VvO3%Nio3Pbw@S<X>Yl0C6t4n;F1RfhY$~do
zey%^YdA55mh7U2Zm{9ov%^W=y>-FgYmqAa2cJH42U$O^ciVaS$29Wp0&j-Mn_HU55
zTR=(IRz4dvyXS9jmCNeuDnWr>*^r!s@+`G6zjT669G8`~I;JG)4ji0;DTCQ<!C5=`
z{5Db2`G^!9Px4^eNf3aA_wXt9Xmz`pAs#N~3o+g&uf@Ew-uhjLI%D75n}(N<thT;t
z-jl{FYh3>M9EFF10X+qga!-&F2qfaSP!MlEBK0XKwJTUuN%dCu>$Sajap}N@9rt_!
z-0C;sNj{E~RDmvrifjaa#rz!)>{nCXh@X8YQ>MJTt<#Mh1^$0Gm)Y3l>rP<Vn$U~j
zu59mNp;lG6w{vpd_5gP2tsrcuAI-g^6;&CMNUmzEJ=J%$Ew$pwU3W{T8~kxs_&01-
zjj4?HZZY><FtvKMilS{5uxfKa9sdN4O%dl6%}UxHe73%gkald|xgwMuP-bLYS72Ot
zdu$zZ^7Wh!wMM%<s2Zs?C8o-(-ThiyI>0GLR7?zAiAE(tz^$@PAFF%wAUR`A$sbEf
zjS!C$zUJSrJqyGSxt>RTKwzYusO5C!R6pkOY&LAmOufYUXr46PyEK-Wsw*p6xb?YV
zq4Fh9ZF=KaI@&>R(5gIcK|L=+HS=*^#vMl<vCYR0eEHWq%~_#`#lnQ9Io#4f_4fK<
ztw4uF+Px&0IKPGs_AxKadf_qe1N`N4cV|9l$IluyD<>|-yirWNLgDsmmQ^2b!?hrH
z`QI`#bw^e43n(DCfUCjLR(i}UdZwwv_!i_MlF-dLjMvb*-S)RX<CNo}5qu44o`@tE
zw;e17wm}}vBTtiXc5i&c;5Z5Z2=3ql4_EyEa{Qvt8eX@>*=o71G0oFrh8-F!=U4WM
ze&;;xbJiHU!SMj`OES=e`BimV-F+w$v%OJg{I&c5|NK(8gY$1w`7*WXDavXK6i3S5
z8*5wFmgSXK8$ruyr0ov*$Q(>I8r+3$A)ZTmJI2<d+lLBpw=Ojm=?VG@+4ZoaCIgpX
zC4aZrt7F^Zz`gc$E9SfajuHS@=6bBhr|yDl*Q>^^pN{{eL#y?H29Ut=cyL$0cJF=C
zKj5Jll!TSKBxNW4jQ`-*YQFOsSOVZW88C9njc@sNMgl+_;K@&3vLom7^AGV;kw~AP
zl<l+uuKrD!a+M;wGFhNigcL|rhD30F+E0caFXkYF_<^4lhk3g^foj-KSq@|(;1{*`
zvM5pe%VDlf`^g#G=olpVpVuFEF9H_aHgMaKd&k8&$U3xV*K9^v{2qy`9(WpO6?;!^
zl{n;G>>w9F=&_Om01E}|J-j5^x{Q#|*`k0=$l4&8Bk=%&-Ko2NIqP4-lL61}z?1RK
zNqh7NX7Gs51-?P7j}feV&lEi511TugZ_&YnXMkYVaQ$lZ(9XZ7?*s=)1=gP6!ijJd
z?cvtPzT18X0PS-SD<ggEVk-?u3)y{F9=rig@4qVN(Mfw0|EE4;;QWW3JU$TvZs7zE
zST)#{nl=zwl=X*vEB7x2A6*KoJuu+uw}$h=8bQ$``G+U~)$p$1VE4*#c^?Zxc9uX3
zg1v$pUxKm2CxYKgO~iUI;}^D}C#xx>?b(4VBTv;%deKwz)MNm#MXu;JQd<8L%$A^>
zGNkXJr(g03nk|>VK|C!%qA3!>Esu~t{Rgwp{{F?8W|Fy;upP|qvBJdB!q=a90kRf!
zfXEa|bmj&n)N?~fayaYA$GepIjL5=!jHK#`4Qw}N103f8h#bYsXI_`XR?EhY)$$==
zVg@RGN_b5P2IX0EfGKVzk^Tu~04!<@9hp&;=HfkPKZ$hx@q`9|i{d3?B7gj0G6rpV
z5_<gO)}^INTApRKiZe#WDVTd2%p>>UzrCA=^Xvy6YwUF!$y|H#{fF}O_`tx99z3}g
zd(Sz~-u<@5Nb)wTXo<Q-Y398i-DpuJ*g#cDf(=|oV}yra4PhXa{v}k@-vrBrPLtEg
zNB$I$yaIZg_7{d8bl@+<85HIJ9Qyiy{|MYK!o?43SAIMcVip1w3c#LdJ}!G`5&FLX
D#MX>1

literal 0
HcmV?d00001

diff --git a/tunnel_active.png b/tunnel_active.png
new file mode 100644
index 0000000000000000000000000000000000000000..f6177abaac81a586ea5e1b23d4291bfa0af769b9
GIT binary patch
literal 1034
zcmV+l1oiugP)<h;3K|Lk000e1NJLTq001BW001Be1^@s6b9#F800009a7bBm0002&
z0002&0eL8Ky#N3J8FWQhbW?9;ba!ELWdL_~cP?peYja~^aAhuUa%Y?FJQ@H11D8oe
zK~#9!?U&C_8%G$1S5Xg0x#iTqf=kX#EGS+>yrwq0u5Ao)P)i$x)NsI2E2BC_phzJ(
zv{F$kwaOu)sni@Q^-x6xB_JnG3)qI>IFL95%G&E+Sz_WQ6#RAu3j&V4v&tnG4$s9i
zn)jJ+zFp690JwJvcPMZuaNvih{v%M_2FR`ea*hbL?Q#KPd==JvEBGi>jYnwB#$id!
zL70s|2-RRb3Ly}M+3*ucMpc1DPaW1=H%K_%px}TED@b5Xo)Q*d0SVKDh}@Wlq3)o7
z+Hn-g_8<-0%-NB6Cg88M2}^l1Uad=IiDwQZ84{G34v7fN!5J8jz7~*OJ{t1sxrEzE
zBmR_|_Lv|PU$m7aw(Lv+T8TNP0Ih`CR~A^4j*-RHQqqZ_!XF6V<rb0J&N_gk3uzry
zSVXIiDhTQV_+w=E?OwXO{D!q^_%5sKmU0!g*;SxKbyOh?i<cv3KSmc0XPPwyrc(S~
zL+TNj*VPNc7&!uGgf3ip_SM){oIu*COF&;U3K6cDu)o~+N5b!q8<?ny6~)BIST0(y
zSQIq5|F0RLVhf9xT>5_7rX026=a~;MHm%L-q6JAZcUCrGnnkvmS<#8Kag)o&#FQMi
z;@8MY&G73)kj_gl*x2EOyBQNx;C7Zzaru}Sq6^=A(4Z;s+q_{%AiJbb;8u#=Q&V|9
z#Hn#fqzlvXY8}Iq<(3_ROvb_tXFXB71l4A7=S`T4wJp=dCm()THT;iQL%IAheY?Mt
z=Go=X@ymO!V)db;F%`9zXvp2ACS0FAv3Kqh@y4BS+I(vnfxUYj%{QKEDov@T#smL`
zg(cCZ%-ObR7=0>M9+|Ngv6jOlHppomrO&otoYnb?aci=0%2xG0pgwRN&&S2EGEW{&
z60FSIkbP`JLNV72ok^C@{BOq2N$}=mo)3pq<8kJVXy~%v^X>Ov;>Tb5Mx%L4eJ#Gb
z>V1Cshu%^sZ>q1wH`mUN4qiEjfk3}U_mzwa43B(`;Y)tM)^%!l#IO1W`%7AL1}=F0
zzCeF%fmXlay{;b5`}-LfI{(GsMISB<eKk@!wx7U7-}-sqxsv-6XMHXDyuG7j4*I-3
z1C?XE$56+e>2`++cv~FqwztOFAr`r=Zubx&w4XDdb<B46cICQ0?~GQC?dQ`T&r17g
z`<AOiD%8T+DZX%>mi}{fN*k49?VVEa@Vnqp;GGNn4<zMh7jtz5^8f$<07*qoM6N<$
Ef(8KXlK=n!

literal 0
HcmV?d00001

diff --git a/tunnel_hUB_icon.ico b/tunnel_hUB_icon.ico
new file mode 100644
index 0000000000000000000000000000000000000000..eb6b261bfe4115a3f092ccb6b403ed0f492d0560
GIT binary patch
literal 31230
zcmeHw2UHYE*Y+R+0s;a8DiTG(h^`n=36g_kh74l@B#EfxFoS>!sGt%Alq5My&PfCV
z0+MqMLy#<SVEV5{aglYEeb@iI?>V1+e5mf~O3$rZ)wjEDjR*t*Vk2V976b@c5mz=M
z5Ml@ff|d32brgtC0C9qXpRc)u5C|1IkN_NTdJH=P;h>5@aDi)(6vTXv2LS>Ui)f(u
zjOFY9fj@dEtxEvL0EW6cng$>=TES&)4MS~JWg{&WC6g6sA{7n6x$&24U69sM7p3K9
zta~x)hLJ&|u8#J-%Q{+jFKKJtxvH=GQvU*~SY27kRRgKyrlF$z;L64GO&7J)V?h3U
z0M5{o48p?bE+XRDP3d57i;Ui6`F#^HVjQ?+A-3oDOdkZ_F?xUt5@4GM5aH<dmEPxz
zG0q6QWgu-}j7C7o0tjr2!bWVX!uhUBh5FV~g}J_WvIG4uq_F*w64>r=>8b88sj2>8
zacsY@D7N26bfCjaVy?$qydLW#dLHX5x)Ix^sM7UDW~ACr2&%j<05!&oL49v!q5fD&
z2$b<Bg2W+^e>FzHwMt)ud`VrX2vp|82fcUZgUavlL+$y}P=6*s#H#$^;QYxq`Qfrk
zdMo8-svZhL<t`xaZ2(Y4Q=AxtEtY|>pnh!B7r^HMARe><w0i|J(``sx&r?yT^O5jp
zJQRk8GS5NtHOkO@sw_00_66{H6o?O%UJcyRuzJhKI4P*#`_HybzgK{uDrE@Dl!u_K
zFM!WuWFaU*W;I%%DGkib2Sps*Hn@zB@lw!YhYAE0DgK!kE+a(_f+D}kivwk0peapS
z{FuhGxd!D~xZdTw@0GsIn+Ebme^d7?$omX{7W$-#0N4yoYf3;98v0N*QXjPWPo#tM
zSXq6Lb_IIiTmoP-z<+%NLJ$H0W929$Tsiyu5JT`e51bF4XIKFQ0pR&(`2Z8o|JpqB
zxnaNm{<kCm=IM<9o7O`Ayf*3DxV6_{ekVn#A<4kA;D^xp{(VxA53c(eKt4d;KLvO$
z<$*E^!1JQ;C-}QGA)wAWfN_Aa6#(wj1{YBf2xnK~z7tM>`%CB5RhB^AlK>On18CnI
zN*xJ-a0c8TUz4U0l)Dq);0i8jsqaHu+(5h7TSJakH+?Q?YwTOOw-N&02d*3H3p&|Y
zblTl8?F8)*2IX=C99|6#Wrc$lR}Fn_Z<s<ijSU>tl@$)Gz7Nis*XrFpCk(><7UmKF
z1c1KhghseHxP6n%9i+ME?8xBeh;DMSv1-CtnKL+ATYQto#s-79Wo?cC@n`@D;L_SO
zt25xoRKYV_5uWo1p8MT2d-}){iuSwaJCY=J5F0LW7(DO3VklaiyCP6cIMD5Sr=PP)
zXW3(A;UQlUZtx5|44#2sG3qCLF!Yw5ua|=f6o4@>gXR$g;64H$CB3?8#6YVeVz^zA
z0N4yC0D^lOl=?brkx);a;tck^+(>`A^ayz7uf<qbxb$LYnDk<Qn8a9rkoX9Aj>FIX
zZvbqHnRYKpsM}k-540~B)PG{wPmEyT32Z$gmg^qvR)XtR>u*u$>2FqmdMae0&XRLb
z_j_P(G$}y+4f0Tb-Z`irJoCS?JyzQx@Odb(MgD3_thP<y^B&L+wb7^I%WVMl!M4&_
zP<MY{y*$*EC=OM62teg``IqgUhG;RUw?+=?Zv^dtZI`umuDuQcZ2)!%sOLxM2W>bD
z(jW#}6lp*kvS6N#z`l78>>b!%`Wk}s`Y;g)*i%q{6=+BN8vAQ){qXfOU~~Mqe)xXY
zfUhVG;I0L@Pj?ibgUVg`Ki3PlVHL{n@Ih@kz!qu&GROt}u-bn6Uj5J4C4*@o1Gw&Z
zn0tM==%2h-)x9Ezny120Un7t~8PJKJ=>gn6|8>bA9@O8}TP+8Dcr5tC`e7TmyBySA
z3)=AO`k)KQe*xC>ihBaz$b7Z@;d59YJ71lHu&^G!0DbYZKKQF${ym*om>E*VPc$k)
z?LNX#tA`NO=J_`OcJ$Z>1!$&U1)9l|gJzOt{vIjdUd%aYCRplcz(bQ7Q;WT-&|vUi
z-Xp$g?*Oo)7ut{zG@=ecFW1=6E4KJbm<{ae7r-|D)+Ybn^%Ss;tMMPzq2ZWsZT)Y?
z53t_{pG!cCSTzWOkq6!bR_gk@F#a36{Cjo7an+#y$3O<q<V!HNSG{Yjt$!>Nydz9#
zKu{}qhxofXSK>1O|8L(5{;vMVpiBW!{~)dh^g$>XH*4Dft_PlpL-Vab_T!-bci<gl
z_506CovTCmo#yAV9|UOxK>b7jUa$;is+E@O>h}V3C)^GYV!=56^bW`y+=n_;At(oM
zTV2=MbGU7>>yo_}s2{Ey0l*4S3;@kFDMO>F=b+(8NoXWV8k(&Id||l{fPOCqdiOK#
ziR-Gn7}U)Q0N1^Oec(J5@LT}zeGqv6gz#fP*WtQ*K;0!j(RsMf;kv(lmt5Nq3!u(a
zfPKq#e|gVa)dp&Ct_2VRkPQv1=Ryt0T&PeX7x2yna{nvf_*A)EAoE;M=HDS3+zSEF
z0-y#!z*u{HZO5d>22l4V=#3I76nbtG;I#?V{e2|MeNGbu(uK=x0_A=WBp`mn-_^Ue
z9lx*t???bzbF5`Pw<y3ejzCZqA`pZa@F@Yt+B849hSL{<yqyRH$s7W~vZgu+{!SqX
zfC2dWodQJs{!Re|^85HLf!`ANErH(>_$`6o68J5F|AGX7y#~I?{)vCngw^H1=l|pY
z-@f+)*Z@3OCp^G+anE(8{b8Bld;3EjHKY&tUhe&G0oDP0VElt}FxueTKHyOX0R1-r
z_`~ZL5NPv%3m*XQ>Hh|IxX%9p{&S!mj{t@MrhW#X_qZz;bfC}BUIOVq{VdPl-2Vix
zap|4cf>7!zunxd$UGO^Ae}Y+%9}m_7AsFC%ah>IS1nGQ1`^W$e0|)@{{~f@(oiN7g
z=4-Gv2EhPpP*^hqJr&T0e1Dhcd+}gxlix)5qO_y6c_RR1ZDs;lTs3L}>vIaAJ;I><
zBI^a59@L>}X=*fJb<G%pVQymh7RXfcCuN9&`^Nyt*E3f>aB)Nc5Z`ykq~3QzL(6c+
zbbxCXfb|sdH4U5|fEu98{gwmdY-<TQS(}#unNkCMO}CyCI6VLhK!=l!Ip`M{7O5__
zmc#(-DPmn|;I&Es5`Z)S=nFbP$O^EoGFB47=>ez#-oyMsdtqIA4?qpCYyOi1P7lBe
z&;bCK10xN91mK?(^~1DZ+Wdc(zbnQO0YC!Qt<%1&Uqf!UFdeRrjw}E_l-=5!ARhvN
z8mx7fxjLeuTQ-&u#>%1$ZDm0Xur~P*ui^A)D@zuPwM7R2ycP~4&B4l&1mK5x*L(A0
zhZ3;U_y|6{(xDIbG0zL}HHX6euS1c3W&>4m>Y78b62b!!5+VaplIy}?w1jZ;a|MNH
zkE=~#_pU)fw+*4t+xksSzOo8KPeg?We8oi83pjm+r=n)?E&YLKjs}n)#t?dfHp(ma
zP@;$8xCuV`i?5gFU(yY>Ew9~g1Z(&_U@h@BSWAB0Ri`}NRi^}jb$qC|P7&W<EkBEW
zEjxovm!9d5mYe}=*y~1bgw#?`gcQ^hE(P_5OD=)6{uykr_zduCn*r<GGhm%+y_f~Q
z0C)hX%Uc5K^pcncd0zv6fZJdlng{p<Y#jXJ6Yv+3--!VJ3J7@Z9`I%YyxqY$76AHN
zz-!m=+9~YAm;~1PzPE1uPvYS9S9q=8?}zLB->hMNv!?g$`aBlM!5!!m6G(#qviJ_;
zKcj|$u6NhT0qzRNu+0iD0cZR-ykV|uu_7Bdz6PveXRX7RVLkE)19E_U9KYrBpIqaC
zKfp_%3&*-23j-N^e@u*YD<gUv<$>RX0x#fPvz9mPtI_fD9MqaF3ALn2K<x$6P){Z3
zbC^HOeI*3G9{t(BNCvPE>#vakEVmjU1KwV5QN+kIi9b6XoXroY!@er8&U1o(fA^I;
z;061xv}Q^|)jnsJeFawh2Vmcg55SMMDM1|Sf&E8TWB|(nmO=U&f86!-`S;SmGFYF_
z#ZPqu=)pTM7C2#FrTJi~uQC_}eoA1z+YDq7zM4DizXAJ?z+Auj&aCz!`QlGg1ALjg
z-pc$b16UTYOcK`NQ}aE}YvW+Qm!JC|{ggjEmVgYx!F;%RWlkLFR7UhP$iw}Q0^Da;
z`1b;T6xh#trN4g|0y$Ix{aE&^TCE4KfJ}boQ?r)q-(3g(*pK5M%oDSq|4}_&B8ZUy
ziDf@Ap!W<w@87O)hy8|Nf2|*KUabf4IgmkZkT7^I0^MJk6X9`?vJRh`zvH|*9v%n3
z=9vKNz+2!a#{k9xqOWP$PwfI|Gj6%vp#NYWxn;khFZ#W1IRJn97BD}4oeN-HC;@Zi
zY99aQe0{!0>lp_)paU2Bz+5=gu1F4aKV_xQU|+Chz5l1&zvw`f*IB6N!>aiZ_Urmp
z^8oxz{B`p{%Fq)ra-jRi0r&ouz6X0VpbGaN`;7fiAAk<P&x@}*0FMRudH6HGvi0Z%
zT*j|^9`*zMKMwl-I^h0Q_nVWzxc^W3eq}!RG7l{K6n?P@u%-XAW8gaAAN^JLfiGz7
zGvR;D|AVLCXWIxK|1c`Sc!>E$&qCN2_ut!u%VmIhFdFdxZ0mt`!s8aUY5rCJ13iF!
zDq+9ZuVdhUcMgELkA5Bdz=o-C|Guy856Aq9?ym}4vsTRk4L}Eyf8}%Vm%JCiIskKD
zT;ad$s|@<?pK@KBz6{I(@I3Oh|Kaz;v|q#@o&)`U8UMwxZe{#vw=y)=gM_f)9k%|y
zAXMl6FX0A!nlq$8nZV}}F1r&TR|Xo5lZHm){~g9a8Dl{b&}hKF$JkQ|Jn#)%09f_|
zooiHvu)jdIz^;I%N`c=b>{|+#4g4;F&*9H~JlFc1e(!qO2ltzOeQSL&|H(DXeSC#K
z><10|L;s5Tb-L_}Z!OG!6!@E#uEWRmdwkc%{aXGo_vRJ;IM`nt{`RugSNR`4Z?I3q
zpjq&p>}&r6pW9{M@}K$muI2i@>vZ4)9rerlALgF6%pdd<?63YY7R*!shCj$V0N&Mb
zUBI6l)_)l5^=<zi-?ee6fd7wuk^hPQ!`z(!;CWzqtWM+uTkT)+hxhlwvRp0`=HCwd
z%i+BPYq|U<*GcR0fnSdd@W5{w<}MB}w$j$w`hPhG0@+O#gEp?reXv}s*X(WnPk687
ziCdQ+{CfD00sb&|dVtr<{6SlnhSdJ^G4MtA7vTNaEBxVoC9i(b+?Nh?DEgO;{nvm$
z%pKk*V86m2ZufMBB82@<-ZKIJ@m$b9@O}=s-(eYau48Y-O5gr0{B^ny>xVtS${vaR
zpuL?dGJwbKXfm+h|H(W6(hh<5b6hvzyVCdYb06MY|10KwxQzAfKUt6NcLMJFSMlEf
zxVx<Ihugo<sR9kb-<;MX1CVCmDR}0AeKudY!!qasvdCS>o~EDmJA6O+m(6>yd|UvQ
z_iex*fdOwAtN>-JWia22{J9KZ?qDC&^m{PISM(m%eR$meDw}V4-2bw9uMBWs-XpZ~
z0sISpSO(_+hE~e})`QU$us;yCi(y?@4X_^--roj4Grs15xx;b*`+R@N^A6Vg_3e3E
zkKPXf?&kphvQG%KALb8_10#S5fUk2H9`q&5aUxF^8hIfNjU<3~5U_7<rcx1Fg7<H&
zjQ5p1&0zk|1?^ssUjHo3i(l676M(l7z*oIr>Hn1waE4_7?_Dzn7zX&WU%zm~16v-(
zav#HSE8O7_?)N6ZeLedaf5sc`cX+Smud(%p0dHdfB7haT-wgq0SO$auG63*=umtd@
z9M+z%$Y2P_1pW<|pY0?38E^PLJl=ne&MyJJ@OYO2Ap9Bk6@dW0unb@@0ayaSa)9@=
zezlXq`RDgqSpOSApTm0?*Te1a(!l)<|LzQ|@Bhxmf$iEU0GPKW029Dp#`_A_ABBJ;
zECT`nIshR6695<RKI;kIX&!(*j1R#6$p?V<1MrOh9Kz@8hX=^#33xvMy8Zy{t$hI6
z`k&%H$O}K$OaO!c=l}=+enj#2z26e}ErH(>_$`6o68J5F-xByOf&XI?0Q<#$>9Jn%
zL50v93q%P0ZHR$OB7pFp3q&t|4h6t(9l!_t+X?VN)wvuXND4oPgexKD^ELdt3h?od
zep}&lmS6K1^SPL>?O3@k{2UMeegk}vbb>$NAX(wH!gGcHmtB3ow6Ea8T;*lODadw^
zfx0OqB}5cIi;4iTi5SFaU60a3AlStvMb0W)HIKB}dTBRkH%^S12Hij%eO@JTokMf-
z=$10s9fvty&`4?MxI5F+r&?@srU@i<@!8N<MZ?7=DZSV6QR;3JReF;iA~Szy3j($z
za<(Jt&UD<uPw$w0<VZiDE+_53z5KoX)7SWE4||ULy;bkCu<d@f`lDkhJ_poqjAh}j
zK3i%TvoG9s>E4mj|IdG(kg`6P6)e!ni9%35A&$UkOklMO?~Pp(Y&mBjB}Z%H?`cTv
zj~T=0u_g}%nC9%<#$IAj%6w*fpa>t|8D^q#N4q*BPTrtHQ-x$NlovG!6oa)Fo1h7!
z3{|oF=7#PsDMNx$BxhJMpU;_Z%XF0=9~RvFic7{zf{v<}ONz3YoS@KB@N{QR@Lpfj
z$)pNbnXp=dgV))&;@u%%21nNY_zI6xNxLEi(}z@rHf?;3dF@!qP!PDWf@T9@&(5u-
zhjdlx7O;e9mbpEhht9Kvq<ic~E1~BjW=!5N6mh#?1o<EE{&8`KLo`YChg;Q~$%&21
zHXU@lQMjuxh>(hA!%H<{rzA-kh4D+BWf)U}{OxlZod_hEU6bjUuyi4}umi!O5cTGp
zPp|9W)B4C9#@4|@j@GaDB8YUngYiJ1iS0<=l<wYg?+l%2Q6d5NhJ2E_*M%m=Dj_It
z&aJ8BP1bKJUFbJB?7VJp&Y+5Yz~u-%`NrXQm`Dsnn9E?bRYII;li19lXpt#`n;@TR
zj<T~<A;RF83~SJxkH%M+)L7MCmk4@pbu7##8CK}r-s$1kL4w~gaDU$x<N3&hp&m5v
zIBlU3Y58JO*xp`!Ha;c|5<Po=m$ND|N%TdfvV>y<?WA_p=??eKm+_k*i#mu}DHeIg
z=`{UrpPf5?nNxTcW1JIaBa-^WJnQ5O!}{li`j`wtwBQqDW3u3j-9d_59SC&D7I%)1
zI4j^sgfVAsl2<<#%_xlH=8n*`RWmw&$)wY%&~yV8VK&{_^ECn&kSHj}5yi%{l)+6Z
z)B4G38_NquTS6OaYM(S>sd@Hs`c8Y}qQ=4qZF}TnG|TwWLIDyB)1i!}eKZT%P0=3?
ze%LxpV=Q>|gT+Hty<P5wXaa|T7ZK-cvNr}?uS2>(vO+vK*_X;46``Kx!WMB+UGEp{
zl4!tf-LOIy8jW&~qW+DJAt*Cs7j#N!Bd)ppU5HtiFPrtLI4&MWu6m6*O8SlOtnYrf
zh2OYYVAJMl!&oxt1Og(pn$W{msBIbF@5xLWOIlu<dg*L1RS*%LX#B{wt6R1;d#ljl
zO^MpiHoi!ie`n_upZS*K99@L?OZ<kEBO~;&2M=!Yny~H!ok~(nzCk$aU5r6K5MpI(
z?n69sZ~eI{<*HhSg8lycX-E}w=E__;dg@GDb5jjS9_{kvHrAm0$VI<#VN&$vf*;k9
zFoTzli7#UMA^Oe&T8nWCRFc_i%j?xQ_BPo`Ik4?2@a)O4ZmfOo4BZ7TH<VgO+5PX|
z)w|TqcgzrHn5nW=c5CCk0NIx^&(0VebWA?5=~JI%=j%<3?!;F~H-8!hB0SWIrZ1q9
zdw8m2I!vFY`Y~ViQPTPA5A<xx8wics&(V-qof9!ZKWnC-FvJaKM&$GllSpQuZud%G
zFfNSPbfUi{Wcsp{^~Sl7?peoMg@-L#+sJb7%Wy5`_eegl9OSQKJM9}9t+UW{+r{vH
zkWs>A^6gDRVzbed6Zt#JTQq8^j+q@ik;@v~84+S3eTDQ&hKLR4QzJ*!7E^_4ZRbB`
zZ93nuGQ`+v(x*ZEFEJfPBw6)!d#jZt0|%?ELz&1N5(1PkTRCXD?T=|>$SD*gxz=8e
zig)~Iylq>pF>Q50&D@8J)t75Yo9Mk>JRFF`+(2p)c(<n+T8{-d2I=0lolSA^s<^cO
z(*q0P`vr8zB5&0?mzK+DSjy5?Qka!Lx}8TjcqGn4Q;a!Vj{dOpTTI7>c99a@V*7$i
z$O6a~1C<{3nU&gBHO4gf!QrOMqR?^wJt;ywj7O(K4R&OtzkFY`g)F|`lb^IHi`p*I
zMB?$q6mO#Uf6zOkrA}TB8=F9=P6(qm=00SjbLf~(6-aqCS<E1&I_I9+%kYN}OTHlP
zsPtR{i<Ab(?K$}YY_m+>k!UBQ2dC&-O0Np3+bMXTn59FwHKXb0L~kd(lVe4_SHt(R
zkGxiS`34_FQs!1KflH$E5y+CrKk1AK>x>ZE;u+63VBGR(&zp)CzGQWsb6k&8Iwk_~
zhEJ*q&evTGV&T|1aAcdKG5@8($L>HVuM_o@2be~ZKfM)Ap6^PP>dxE3XIhIg4!Fju
zB*-)5Y|Lm$`!3=W?Z$<X4Y^(~XbfHu`wLp|>&}OWR@b~8Fj_LN_6w9%bGY*GqunX1
zQ@f(t5La(ckXv1nxHwGqDMXShfO`Zh6TU%E0hh7KcEOa9%TKhtVDSS{_0daObE@Gd
z_#VGl{NPfgxq+-2Glx(~@#ZiG8M}@PZ8z~YAu`^EP`STQKr@%%_=wY!8ymM+PE@U*
zakdNPJ^HE1*}EW1F#jpl)6py3A~{Jag4++>BQXxJ)%}$3F0ZnecH=t>f*IQMT@@;_
zKA4#^`-61Yd7D}spx_N}-!g+MAzP<%N{P)A6d@Kz86W%iAzAcDb<NR!42g^gl{$O}
zx!n?LbhVZNG(wiQtHrj+a!lgROh<xqovZgz!cgrkBaG7-O?$$w5Gg-P4LpOA<4R#n
z-|+78;E40F*LAiRH@vMn^o&y_9TMJk=4PN88*ejH99_>#HB2L`>Ry^V6SPWF_vQ6W
zI|f`DHX~vUA=^#*IHc0%g)|mzvByWAU|GB{d!%qxeMQ7X#|~_Ei>H(KH#+YW+1Dn?
zl{1{a;kY3|D_L&DtKkF#E*ITaEv8!HOxe^*!}Mx)M)CotU0!XPCv2*2#KkNXkXv=J
zMi1~eG3RETdEj<cX7;Vcw9(dh%$2dIg7-6Q6vhXFa~Txhw`#}Iz0gr%<}jX$Pq#_~
zzbR`S%GZc#+E$}Ac&3WkIO_#@8zQ#p9kmhBr(Juzx||wpif(KujA@2i924Uft9Wnb
zH!_d(2bQZCGY{D%X)i^eDCuIWYK1Gg5Rb{X+Z}Qsv572G<#+`(b06|xJz1Fk<HLO!
zNB2WzJm)AP^hwkjd)<-{jGg;L*)^FO@0<!bP#Hg6Y(#`fB-T-!ragu{<&oHVy0}U9
zbiLd2GH{{ApB#r0-Crn^GDX;bSb`d1v5<G{3^$wCAU2a7v9%m6ezM&*p<0|YEYh~+
zMj8rPvajgV&FQfNM>6@&$p%tL7_!z=a2Y+2k7%oF!=xpTvvzecdtZsT88o!{IA1!2
zfuh}5T=%Tc3xPu7OsVV2Bf+vUrn>iw3Z=nt>g?E$VNhP!1ZE?t>xPUbpSIIG_9_cm
zq<5!ZpwL9M9RNkY%_gw7CI~S`9oc4OP97||?MPgzAo51IZJ3iq2F|9#Fm<?iHu2QR
z_Ooa1#9Qo_ym<OTG?kIhNGxIDedox988GJGNIaMoTM`xD$J@RO6?Jkty3<1aL@-ZM
z6NcZODdZmNx;esX?=}0nSWZscxr$C)U&cXFk3-V3Dpa==Q<^aOug;Aw)fWtB4ZUI|
zQN4#Rcp6g<1#<FMr7)_p@m7)R6Dw1@#J{vq^4;~YoERRnJ-&K`D*A0Yox0wKG@nlR
zB25-XIfSeh8xi`OvbPVn`1EhP{Ct7KW_w5+p(-)vbku^HDMdN-F0GyNIUh?l0a8O)
zW2dW0<rc2;Te_(Hr}Fg#*J2|e9paCJxa%cOe2<i71T*R$DM|K`xJ&FLCX|spl71pM
zmv8IAr7<fHop<SbE<~RX7c+8TV|;hP@3ffNoPk3~H{s~UPy^#rFF4H7JwmC3xQ1mi
zcb?GS-dP*;Ny}|d{US<+R?g;7{Gx+FlZ>|i`J!Y2OU0ezwnq><H&P<A9_dM098baz
z)oo2qkxUCO${ym-Dr-<Ypf=ODr6jr2ouHF47}C+Nf-3uC8*ZLfKOUsQLUQ+G;fH(?
zHHOq&?X85441|Rj_EkVw@}|qixDnMPnUkP5D7Vnb(H;-KON4RYA=PCTx9V+RLMD2l
z-o%VyTDo{@h6o+E5)}HU_uVxoT)0W{;kq-{oh9KWDa!`Tv{K?(_r>Uw{QG2bqNP(D
z3muq<El$6@K;X@+5g*N|8KYAybIW+Ia19xC@U~5<0oi9XX<B`;1UDWW-qDCQRVw7%
z(GQg$>nr2UA0kxHqTU$if_wnlk&1D8aCo=;VAa<7>-7DQ$+)fwO+8_6S)GPtw{eaU
zYNrLaPXmHddo#jY4`KIORe;h~u~(EId4V8U;1&^P(tj&KCo7T}&(^hZ=X5>4wucP`
zCkHa?NC_p$;GO#fpLXjZ8G_Md`PdAo#^FQ&_hj^tddRUjQ%xVWEdw=dBp(w$)jxd~
z+qy?8Nh8@%Rr2Gj0KA&c^rZsAh}c}EyzZRi2>IJ%{dGA~l&`K1O&&;GI5HA-5^=X-
zNbaTIVgG%~n-TS4BadN;avvfZ4cK=aq4vl|G*-`B#>88HzBW-MjUKawI4zDuURL%^
zqT5jdi%YXblQArHnuzlUG0DX5IEOcUdc8qVK;uYET{fcqxt}=lU}Zyy)EmyRv*87U
zg>~`7?rD8oKB|3b-IvWm>d_BKtvNZh{W(!dDTs#fPFD%~U7;MI9l7-)5<Y&Jcj8sp
z*ykwc9`qr372T)8#J#Eab(FoWImBOX9B9ZF<5@bV!=MFe;&|xnVy@gGYNp}w9tud@
z^Pp330aeD?CBS}MBrgd$&m*Cte%$n2!a`e|+^f^n`>rC3|HzJWoP763_L;I+hfS9$
zqwGQ>PnLcB15jYB{UbnBf{A@e0L)%X4&;cwlce*=355%##*~sfKg54hAxXIUxK=ka
zJ2pS8VS}KxkLuFUsZKj@ODT@bz2pep%)NI+kj#__8#B6)y|2?FXM1vmrzfOL@4rCE
zKMJ_+O*LDa5Sk^5QLLSe;g0b*?Q+Sx{Q#@kWv2wj?T3SSiVV}LU-?ANp6z;aqv9Z2
zH9BFhMBDLLQwfe<rEr|$%gGB$k62Z9d2<Xs)x3Vvl57B(CBj3?mZUpp!$BYF7c+vE
zxBVz&ZCJe9et>P%i!dK!nDdS<)Nhlj$AN}K(W1KNLj<g<srr7JKK&X7>bT3*$H$2x
zt??Y}`<Ds?YOh{xX4Xz&KB1lZDCW%WR`PuP;b!TS?T;r#RBEwurx+TV*{|kTA2Srn
z&4Fl3I3;sWiy6{MzwjL|^EzLK!LfDsYbzV&MAi9|ES(FFJ$bDriDILUyTqHIeJSA^
z^0ng#4>P7rJmMeJ4;3?N-|bGWEy5gYL2=izA*SKlX{{@4$dgw?g0+bP8V;4$BR&Z;
zORLalSBO&6h{~}k8c1H_VWgHRsh`dE7viC#EmzsOYvR@(dNt{k1Vxsx{fBI%w49ZY
z;|qJwhl~whQNuEirI9qo?{3#5$L)^UjOg!FHAcKRP#(jQ$L~llzqB>xr0Ycvw+i>n
zquz(;&gMp5Jx!R{&(SMgC;3P#PEOPR;FF;{CoRRaZt7^=yJ04BhL4YGp#jOgZ7jBH
z2U0a>M35|@>+USlcsuEwcc{uyMy0aY{3yJ6?bASCu9x=HA#EJ)<k6V}7s6gnoF}Wg
zDRRcB4O7?Mw4>@~iKybfx#Q_1!3XF94(^r7%^c{usmr!B!P0&oC%U&^P83gLm0rDj
zSZHJ+Vp^4(CQ7?QWQgu42VueGV;bu9(3sQs0d}<OrjETddQsXtySnG1?kczJ*j!6h
zYj!YzLa-?9;t<JDT|0L$Uy>3=n)c1X=kI79zTWNTA!R0%M(CL-hJ7DxEyAxe7(;ed
z^_&T+B*5WL^hj)v1(NFae6mJR`hgN=#TJHnD^q-JuDg(L8$mAg;lMPXEj0t5vH=Rw
z#XB=S%y^u!(|KW<B5a6kP-}cYT_x31k*wh3DvFQd?z%I_j5L?sL0i$QrAZ)PW=&JM
zzp0AxO=P;_TvRBTXMJolzK)V72F0E>4>?@9J%Tt8&DBDc$bYm;5pgYTNBr>2GofC&
z{o2~aRjT&`G#=Ydk?~wLblFuH)B1RWgJhhfrjLfsv}mtfKnhM)($2bcR1skX$=pbl
z6BsVZqGG!q(o7<_RJy0?{l@eSTSNVJOf!-^p?K?Jch+PfF;2^P32kuw>{Fb){)9Rj
z@_4Vk(6WCfTC#Tw10M%_P{OC}WK{`wOGEmj3PvP&D37^XAfMtGJ|uLiK53;_Ms1Yw
z%XN!jH=7)kPfu+1w<&={(@qUeR-fs{hb?fPUFxT=`m|Aobe~Agk?8=E0X$bPd3tC(
zkLh!0$qfA{-M3$R<egvk{tbmV%5s`C4T)Z6!QRW^l?r#U7k6ZwlaZC#^C45$&FU&9
z*q3yk=yYwuf%3R{l>Zw^vr)&Ws_tR|9@`R+z#Gag?iaP<@z&I{Nkc4~%3C7tVuwyc
zw^cyEW6H?dNjj%XTA3E)70kPZadG(0UECA*;ULSZ8`y{-S_J>KGM!1CjQtOBd?G&k
z>_cw_nDG=CXE)QDrBk~)_xsB9=n*$=_9k!QrO<EoqcG4T2<CaXn|jvPx_YD?dTtvu
z)pLw0_PT<zyAk?`{C>d@vrCVg@%<GhL|nBqCk$Fo7Fy=2;kYlPq4(aJY0R3f^>oej
zkkrDFyVke+=IbG%M%snjM-I5(7!wPte%OVm-lAdozSE-H^(@)deG%rbH&<^9?zLeP
z(04+ItB-V$80;Etv#wUZdTva8iq41_gX`a^7`rQNZWsHc>${*td0U<P^&>}L)MRgX
z_#xZ=cJmam+7xT2s#{S3lMi2j@HlDuWFm*zBq>7)i<!bR0h^I#&KjMm+~&+C_OYAv
zuS93r6$js*WjJPPRCThknKvHcQd&e0-lUzhu@^^7k7@8`)#1ZkKZ%6ePKBjxX-KpW
z(m9G)92<_jHcd?Pnq{jQ6{VL?_TlN5+q>INpH~rNYuDBvayeQziz^P#N9UhUL-UGu
zbj&RIvS*U)b`u!rCPq&>DK*%&Wpmay=;^=Bd1md}dU}g`)YBa<R}Se7m84|WA9wJ2
za?42cT%MKB6;EFDrd^PJtzl~NA4Qz$V%b|C5}A!MSy%fd9@B5IAIv7`%(FGh6r)u&
zwG(-YD-?89jADrcFU;y;=@gYz%AWq0hD1|psVEyCQNLk`8$<b%<r}$&y`wQ>xn|b0
zE1|yEDNz%O%BKiYpCZZlSTbwF=Nf9sJ{o<Nwjno7ba=+kB!gej?QB7RJmCzEKt^c9
zbPC^h#n2wAe#N)@kWFNzO&*C(fn~9;ugw+jTElZp&9iq!MlH`0=a?|1Qp(lX6dk%8
zu#=fx_DbG)hWO%|I_4>J@5Q*rKqxuanUlkhhJyj?U}-p(FV3;gQo?jlb9^+ig1w@x
zv!-{p4rjXaz_SazIa7^f&$th`@Q#}u*jz&Esma|aI$SY0zA2R;0PoQB(C+O5zHd`A
zwOzvkUiWUMM|LLOJ_g@QXquT&Yb({DpEkHX`6@O{WI|K4_m$w@y7AWBdh$pECgz$W
zj-izur_M+Zy9jeFBBDK?$@6T_;65D)Y>P@V^mg{^LZNf<>eamJMipKTs6oVd`;ts|
z{noUsERqsYQ*jO^u96)KbxM}9N9`L%Co~SK#Z3m}8=X+Hq{nS1mJRTHmgHDaohy9$
z__*qWFo{ny3$?9IW|!Qk@)H)VciMNjS+eln$-Gh#nP+Jb*l{#2(KAre06nu|aNe<g
zCxxhqsZ%sVrDBUf*qvva=7_|vzmmlr6dyM^8$ZJ>s`ZJ0;e<{iKgz0;0=Hmm>P?l4
zi`GBed#F5lHfHwDovDMYsER@Ue4*JZj53S$^<HF(mOQ3`q1IOZSM(%?>D+GMA9FWd
z2+}pE>}pY&E8Ak`A-xq%72|Pc{8HsGZppheRXe_PQJ>jfMC+6EU1b~p4>!0(j#AfH
zmM0Gz&B*5@5F``5zO<iJXe66BCtr^W+@MSxC%i0Vv(v7H487Nn{03g{5__eayMqD#
z)pL)`N6+z<St50n`MAL;k$9gnA72Npsl^6`g94NC?8y9)L8jqq+iaQiC%1P87atIm
zvbr@ky5qiP#Ff_CI0yf+G%Gefw#$+6$M^5HoTE#7?C@@jIz7YEaAwwULBHf{U%x5T
z)E`b^U4hTBW@hnz=BG>*gP@%;NR~Th<zDmYoV@MNE#rjKpExI+^{!3Kjtm<G28cmx
zZKy*OH5ne6xV@C&O~s}`Gt<aLpRSU?yITI2yF)wf?T9~tJ2S#R{=AM%U~`CU9`+6I
zwW}48Z(EL4qE6g1O7IpM*$ckG*+htgfBBC>qPfkBB@RfGQ_H*tGh)<;>6Xe8-`NQ&
zTp;b6%G1@)j}NFyP4HX}U_K~XB039HwI;@)%duhh#DHa5$kzJ9TmzJbK1=%3^8!2S
z%^S|e-)1bCJu@#Pmj9?LhqqbDuDeR>p~N-wJ3Jd3?%j>J6q>cI;o1cfl-aX#spqI`
z9C8d(OZ8)@AhKqHj+B?ETW;?7M3D)(Q2Z-G(*g8{F+<@TK6gJyCx2`~yfuF4f{tym
z*Z!_2S5Rk^i(UG1GLPwGyj=|4#cSwpFQrgqX`G$NLC25>ewXfORAAH}-32}&^wpue
zuL(|l%;1^rAV1~oJ=G$fFVBOE@9%hW42NUYd72}qwV2W=NA<kF;AY<i&S@~9Z#~8u
z_$-l3<ISVQoKWVir1REneEr2WhH>MGa!mOq@nP4&JTOYf0PX*vUzRYzZ9iQuG07)h
z;rK=;NY_+3sDQbysVMPOM6PELZ8dEPG0XnN;i+3=YUL=mH$)Eyv=6zVWssG#Iqwo{
z#f?>($9Qd+UAtA<haD38@u~{wnh3pmmB%mCcb`6cvZf<DiP7^~AiAZ0UYgqS+*4d#
zRDG_TeSH=h6P<4^pm(&OxJ@o-mw(_RJA*z(o=SYY4K!Jfe}9mzQ*~#P8AX8Yd*Y2F
zbdd{<eh!QZ)U&EIB?UWAL<sooHetFMW6BqBN@5nwrNY;5b|qCh)Rv@;`Eq45JoGMK
zd@r*bBlV;Qt@xH<M6cbGiqY2YwPsg`Cor5wy`yH9%3ky16kKEuF1~O{o8XfRBE;(P
zl;<ni<5Px~v^D4Fi-WbrEp|*!F_&j(4rTZUOP(x$?Z3#VNIiQub0CAm4cap1JJ#Wh
z$7`g2qQ{TYO7md#!j?YHYufoN9i7IL$TPJ+E!Erd^093t`JjQQNzuE~>vt@QBHL%C
zOhtOtsb{acc6S(jY{uPe)~Tn0#uMUka|(7?+Xodr-5LkS%uyly5a~2NK;apqs78Ic
zpVqi^7oyVcEoEe*CskVhm^unA%udcex~n_XGCOnLY}&vE@)+H|n7y>;l9#poP4Wny
zGM$9>0@*w${b9zYL-lhE&WlgGeQW)3!;eBc??m$%jheF7&auz~U2uiSrbprpM-%;?
zDqu;R_X=y(*77Xvo1UNTn)Y^UcQ(9KcD;z)pT=<Uh8yZo#7rssol;L7<am53>dvPv
zynEQG?z%gmLYpJUt!MFWnpSuGlNC76r>P3uAaK><8?!JKoTeLEIuW`sdz*RlA%|gi
zmwc-;mifwYvMIL;Zg*evVXx#-;wfgXwU+TETSBppK4+gaQ#A@y9(#;KU$(0+xj$lp
zAJV6%#_q7L&S9=oy%Gp9iR6=wnOaI-f1FsyK6Yrdr@)RjVcx}U@N_xPne)jEvIA8K
z=R`sp%=4eb%?pTLP|bU4s<S8TgY?@F<}5FiET3#mYtF)vSA32`k*`F9gnN4u>Q9EZ
z&yGS5+n(buHZ0Khj2(+?x$7R*5+#R%I)gg+Z%p=**ydPvc-9SDQBT@9<<_w$HoP4=
zm@DRKEpg^D^Vttt<0g{L@A>=fy{<%bp=>mJ1$8wlRVeF{M~l+(BiVa3cB1?F9^KK;
zcV4{Z)$jVMe5d%skf1j_4$3@<Cu&?y6QNKzI=33HMoZU8N`>~4kXQNQyPgSTwPsJW
z$hD5Y<J{pN7gaf3JbcFMhL&+Gy81+3p9$gw*&^M*eTK>@CF}<-p=ZT8T%Y99wz;Yt
zy5AoA#&s&C5?%NBPX3^k_UWril|<VJ-E%A=(X*!Q)1_Q;4j1BsV)wOih~^c{F-Sbr
zz4b`Eyu)g4Tn^uCtZydqdY4BcPvFdnpoQ^}wlcX^?t!8-RJiDtH`L|SlV!6WZ;q02
zlLT6~6rgLO3S<q6Pro$UFL76ut&;mhk-TW~W`fp|{=w#ua+W7h>!Ra)<umkD!Th`e
zIzVPNA|sz7IB!Od2r2i}qRNP8a94)`x((Z&ocZkPK#T*Pp=0ymlG{0_4t1!xwdf%S
zZkQy3?<>Yr=!YTAT-;%=jP{gV?k^T$YP@hS>k$#+(w-;3_)p`Fin9xx0^_&c(Q$MI
zrF$ee@&XIy>#-e;hH3bnCzZQsUY~weae|3&viIn;*d^oq20dQ$A(4e---2#ck>2}8
zOIpZ5iyW(IBj&q(dC+}s`-usZQCft>Vo0!c;QVmH>1$UEZTcOkDQ9pFNZC|XAC&pb
z$H5+jtsXUbeWF^Gyv;EK_64&733FZH=-JTD6PQFqKK04XA1~xqP$*-yVw;Tfghc$8
zb`I>v#8~9CRlLrdW!lrT<s>Tc#AsBV;hn^a{RFu-r$%OuQ4y6-eH8K0eeHKISCKlp
z!EpMtXjuDf0P-=946{<5^TfNv%_k|&?Ca*=^O6(eJ=->W6>%APA5A;X?bv`I+4kHY
zZGx<rVva=n#;2<2xF|W==CvOq#59@Fi}remv=*GU_&C>-(Pl9f-n?|Y(-NbaWFqzU
zxMaVYC-^^JKg#DIr*TE-d6^STcEbL9f^HOU9xp4*xM1mg<aA(6z811$NGr9H0NRpi
zTkHBqsWB7MK0GGBnIMt4bn2~3>67wm#kz)*o#D@AU61H-<kwS+E#5yuD~8mh9JqIi
zt@KGeCwn^qYMZ&xy(7EKS_#m^y~`=f?B5WK5#TLq_Z|UdQd>)jjG7ldFH9uFia+DJ
z^xj8}c-|vTW9czN1FnE&j;QlZl#<@PCgn=E%oE}dacu{r^9sYCVJNLg$DN$pFeKYj
zMhY3JA8xyg(L$yuMC!liWgVT)K1Q(^Maxqm^2*FWX)yiWexhvFDRw&{k#;)K38!{!
z6K>RY*4qej7nCQNp|v1+&|=YPL_@6_Tc`K*2E~{?w@gi+$qZFmcqo^lm_ll7!|=%4
z<O37@WA{(V^hm$rRb_Z6fxIzhzoA8!JbY`5<MdQTR!_{$cFPWEhk5A#f1e8AveBdg
av8ZftJrG(=sQ^2=NQ%meBnX|q_5T3526Zz4

literal 0
HcmV?d00001


From 17812483b08367090dfd42283221224c18c1a051 Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Sun, 3 Sep 2017 22:24:15 +0300
Subject: [PATCH 08/15] added support for proxy. created simple proxy with
 node.js

---
 .../AutoTunnel.Proxy.Node.csproj              |  47 ++++++++
 AutoTunnel.Proxy.Node/proxy.js                | 101 ++++++++++++++++++
 AutoTunnel.Proxy.Node/proxyStarter.js         |   3 +
 AutoTunnel.sln                                |   6 ++
 AutoTunnel/AutoTunnel.csproj                  |   6 ++
 AutoTunnel/ClientSender.cs                    |  84 ++++++++++++---
 AutoTunnel/Config/RemoteServerConfig.cs       |  12 ++-
 AutoTunnel/Listener.cs                        |   8 +-
 AutoTunnel/Program.cs                         |  16 ++-
 AutoTunnel/Service/ConsoleHelper.cs           |  30 ++++--
 AutoTunnel/Starter.cs                         |   2 +-
 AutoTunnel/StateFlags.cs                      |  12 +++
 AutoTunnel/TunnelStorage.cs                   |  34 +++++-
 AutoTunnel/config.json                        |   1 +
 tunnel_estabilishing.png                      | Bin 0 -> 1024 bytes
 15 files changed, 324 insertions(+), 38 deletions(-)
 create mode 100644 AutoTunnel.Proxy.Node/AutoTunnel.Proxy.Node.csproj
 create mode 100644 AutoTunnel.Proxy.Node/proxy.js
 create mode 100644 AutoTunnel.Proxy.Node/proxyStarter.js
 create mode 100644 AutoTunnel/StateFlags.cs
 create mode 100644 tunnel_estabilishing.png

diff --git a/AutoTunnel.Proxy.Node/AutoTunnel.Proxy.Node.csproj b/AutoTunnel.Proxy.Node/AutoTunnel.Proxy.Node.csproj
new file mode 100644
index 0000000..8ed523e
--- /dev/null
+++ b/AutoTunnel.Proxy.Node/AutoTunnel.Proxy.Node.csproj
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{9C40B1D7-BB7E-4B64-9B85-2C106910FF2A}</ProjectGuid>
+    <ProjectTypeGuids>{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}</ProjectTypeGuids>
+    <OutputType>Library</OutputType>
+    <AppDesignerFolder>Properties</AppDesignerFolder>
+    <RootNamespace>AutoTunnel.Proxy.Node</RootNamespace>
+    <AssemblyName>AutoTunnel.Proxy.Node</AssemblyName>
+    <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
+    <FileAlignment>512</FileAlignment>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Content Include="proxy.js" />
+    <Content Include="proxyStarter.js" />
+  </ItemGroup>
+  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
+       Other similar extension points exist, see Microsoft.Common.targets.
+  <Target Name="BeforeBuild">
+  </Target>
+  <Target Name="AfterBuild">
+  </Target>
+  -->
+</Project>
\ No newline at end of file
diff --git a/AutoTunnel.Proxy.Node/proxy.js b/AutoTunnel.Proxy.Node/proxy.js
new file mode 100644
index 0000000..7e9e97a
--- /dev/null
+++ b/AutoTunnel.Proxy.Node/proxy.js
@@ -0,0 +1,101 @@
+const dgram = require('dgram');
+
+var logFunc = console.log;
+
+var start = function (portNumber) {
+	var server = dgram.createSocket('udp4');
+	
+	var proxyPairs = {};
+	var failPairs = {};
+	
+	server.bind(portNumber, function () {
+		address = server.address();
+		logFunc('Server listening ' + address.address + ':' + address.port);
+	});
+	server.on('error', function (err) {
+		logFunc('Server error: ', err);
+	});
+	
+	server.on('message', function (msg, ep) {
+		// try {
+			// proxy init
+			if (ep.size % 16 !== 0 && msg[0] === 0x7) {
+				// invalid data
+				if (ep.size <= 9)
+					return;
+				var len = msg.readInt32LE(4);
+				var dstHostAndPort = msg.toString('utf8', 8, 8 + len);
+				var spl = dstHostAndPort.split(':');
+				var dstHost = spl[0];
+				var dstPort = (spl[1] || 12017) * 1;
+				var socket = dgram.createSocket('udp4');
+				socket.on('message', function (bmsg, bep) {
+					var pair = proxyPairs[ep.address + ':' + ep.port];
+					if (pair) {
+						pair.lastActivity = new Date().getTime();
+						server.send(bmsg, 0, bep.size, ep.port, ep.address);
+					}
+				});
+				proxyPairs[ep.address + ':' + ep.port] = {
+					sourceHost: ep.address,
+					sourcePort: ep.port,
+					host: dstHost,
+					port: dstPort,
+					targetSocket: socket, 
+					lastActivity: new Date().getTime()
+				};
+				logFunc('Estabilished tunnel ', ep.address + ':' + ep.port + '->' + dstHost + ':' + dstPort);
+				
+				// TODO: think about answer
+			} else {
+				var pair = proxyPairs[ep.address + ':' + ep.port];
+
+				if (!pair) {
+					var failPair = failPairs[ep.address + ':' + ep.port];
+					// one-time error sending, to add info to sender about 'we do not know who are you'
+					// sender should reconnect to proxy
+					if (!failPair) {
+						logFunc('Missing binding for ', ep.address + ':' + ep.port);
+						failPairs[ep.address + ':' + ep.port] = { lastActivity: new Date().getTime() };
+						var buffer = Buffer.alloc ? Buffer.alloc(4) : new Buffer(4);
+						buffer.writeUInt32LE(8);
+						server.send(buffer, 0, 4, ep.port, ep.address);
+					}
+				} else {
+					pair.lastActivity = new Date().getTime();
+					pair.targetSocket.send(msg, 0, ep.size, pair.port, pair.host);
+				}
+			}
+		// } catch (e) {
+		//	logFunc('Error in proxy message processing', e);
+		// }
+	});
+	
+	setInterval(function () {
+		var now = new Date().getTime();
+		Object.keys(proxyPairs).forEach(function (p) {
+			var proxyPair = proxyPairs[p];
+			if (now - proxyPair.lastActivity > 10 * 60 * 1000) {
+				proxyPair.targetSocket.close();
+				delete proxyPairs[p];
+				logFunc('Removing idle session ' + proxyPair.sourceHost + ':' + proxyPair.sourcePort);
+			}
+		});
+
+		Object.keys(failPairs).forEach(function (p) {
+			var proxyPair = failPairs[p];
+			if (now - proxyPair.lastActivity > 10 * 60 * 1000) {
+				delete failPairs[p];
+			}
+		});
+	}, 10 * 60 * 1000);
+};
+
+module.exports = {
+	start: function (portNumber) {
+		return start(portNumber);
+	},
+	setLogger: function (loggerFunc) {
+		logFunc = loggerFunc;
+	}
+};
\ No newline at end of file
diff --git a/AutoTunnel.Proxy.Node/proxyStarter.js b/AutoTunnel.Proxy.Node/proxyStarter.js
new file mode 100644
index 0000000..1282106
--- /dev/null
+++ b/AutoTunnel.Proxy.Node/proxyStarter.js
@@ -0,0 +1,3 @@
+var p = require('./proxy.js');
+
+p.start(12018);
\ No newline at end of file
diff --git a/AutoTunnel.sln b/AutoTunnel.sln
index 3f90b5f..4198141 100644
--- a/AutoTunnel.sln
+++ b/AutoTunnel.sln
@@ -3,6 +3,8 @@ Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio 2012
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "AutoTunnel", "AutoTunnel\AutoTunnel.csproj", "{BC409F07-4C77-4930-8597-B9BD5837E672}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "AutoTunnel.Proxy.Node", "AutoTunnel.Proxy.Node\AutoTunnel.Proxy.Node.csproj", "{9C40B1D7-BB7E-4B64-9B85-2C106910FF2A}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -13,6 +15,10 @@ Global
 		{BC409F07-4C77-4930-8597-B9BD5837E672}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{BC409F07-4C77-4930-8597-B9BD5837E672}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{BC409F07-4C77-4930-8597-B9BD5837E672}.Release|Any CPU.Build.0 = Release|Any CPU
+		{9C40B1D7-BB7E-4B64-9B85-2C106910FF2A}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{9C40B1D7-BB7E-4B64-9B85-2C106910FF2A}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{9C40B1D7-BB7E-4B64-9B85-2C106910FF2A}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{9C40B1D7-BB7E-4B64-9B85-2C106910FF2A}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
diff --git a/AutoTunnel/AutoTunnel.csproj b/AutoTunnel/AutoTunnel.csproj
index 0427e57..f73295a 100644
--- a/AutoTunnel/AutoTunnel.csproj
+++ b/AutoTunnel/AutoTunnel.csproj
@@ -101,6 +101,7 @@
     </Compile>
     <Compile Include="Service\MainServiceInstallHelper.cs" />
     <Compile Include="Starter.cs" />
+    <Compile Include="StateFlags.cs" />
     <Compile Include="TunnelStorage.cs" />
     <Compile Include="WinDivert.cs" />
   </ItemGroup>
@@ -134,6 +135,11 @@
       <Link>tunnel_active.png</Link>
     </EmbeddedResource>
   </ItemGroup>
+  <ItemGroup>
+    <EmbeddedResource Include="..\tunnel_estabilishing.png">
+      <Link>tunnel_estabilishing.png</Link>
+    </EmbeddedResource>
+  </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
        Other similar extension points exist, see Microsoft.Common.targets.
diff --git a/AutoTunnel/ClientSender.cs b/AutoTunnel/ClientSender.cs
index 1c516c6..57da245 100644
--- a/AutoTunnel/ClientSender.cs
+++ b/AutoTunnel/ClientSender.cs
@@ -2,6 +2,7 @@
 using System.Linq;
 using System.Net;
 using System.Net.Sockets;
+using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
 
@@ -74,8 +75,12 @@ private void CheckHostChange()
 
 		private int _isIniting;
 
+		private DateTime _lastInitRequest;
+
+
 		private void Init()
 		{
+			_lastInitRequest = DateTime.UtcNow;
 			if (_isIniting == 1)
 				return;
 			Task.Factory.StartNew(InitInternal);
@@ -94,24 +99,31 @@ private void InitInternal()
 				_encryptHelper = new EncryptHelper(_serverKey);
 				var decryptHelper = new DecryptHelper(_serverKey);
 
-				var ep = EndpointHelper.ParseEndPoint(_config.ConnectHost, 12017);
+				var proxyEP = !string.IsNullOrEmpty(_config.ProxyHost) ? EndpointHelper.ParseEndPoint(_config.ProxyHost, 12018) : null;
+				var connectEP = proxyEP == null ? EndpointHelper.ParseEndPoint(_config.ConnectHost, 12017) : null;
 
-				if (!ep.Equals(_connectEP) && _connectEP != null)
+				var destEP = proxyEP ?? connectEP;
+
+				if (!destEP.Equals(_connectEP) && _connectEP != null)
 				{
 					Storage.RemoveSession(_connectEP);
 				}
 
-				_connectEP = ep;
+				_connectEP = destEP;
 
-				Storage.AddSession(new byte[16], ep).IsClientSession = true;
+				Storage.AddSession(new byte[16], destEP).IsClientSession = true;
+				Storage.IncrementEstabilishing();
 
-				LogHelper.Log.WriteLine("Initializing connection to " + ep);
+				if (proxyEP != null)
+					LogHelper.Log.WriteLine("Initializing connection to " + _config.ConnectHost + " via proxy " + proxyEP);
+				else
+					LogHelper.Log.WriteLine("Initializing connection to " + connectEP);
 
 				var lenToSend = _encryptHelper.Encrypt(cs.SendingPacket, sendingPacketLen);
 				var packetToSend = _encryptHelper.InnerBuf;
 				var initBuf = new byte[lenToSend + 4];
 				Buffer.BlockCopy(packetToSend, 0, initBuf, 4, lenToSend);
-				initBuf[0] = 1;
+				initBuf[0] = (byte)StateFlags.Connecting;
 				initBuf[1] = 1; // version
 				var recLength = 0;
 
@@ -119,12 +131,33 @@ private void InitInternal()
 				if (_socket != null)
 					_socket.Dispose();
 				_socket = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
-				_socket.Connect(ep);
+				_socket.Connect(destEP);
 
 				Task task = null;
 				var period = 2000;
 				while (true)
 				{
+					if (proxyEP != null)
+					{
+						// do not encrypt data to proxy, bcs it should be simple and do not work with encryption
+						// can be changed in future version
+						var bytesHost = Encoding.UTF8.GetBytes(_config.ConnectHost);
+						var totalLen = 4 + 4 + bytesHost.Length;
+						// should not be divided to 16 (we need to separate message from usual packets
+						if (totalLen % 16 == 0) totalLen++;
+						var proxyBuf = new byte[totalLen];
+						proxyBuf[0] = (byte)StateFlags.ProxyConnecting;
+						proxyBuf[1] = 1; // version
+						proxyBuf[4] = (byte)bytesHost.Length;
+						proxyBuf[5] = (byte)(bytesHost.Length >> 8);
+						proxyBuf[6] = (byte)(bytesHost.Length >> 16);
+						proxyBuf[7] = (byte)(bytesHost.Length >> 24);
+						Buffer.BlockCopy(bytesHost, 0, proxyBuf, 8, bytesHost.Length);
+						_socket.Send(proxyBuf, proxyBuf.Length, SocketFlags.None);
+						// just to give more chances to process this message by other parts of network
+						Thread.Sleep(10);
+					}
+
 					_socket.Send(initBuf, initBuf.Length, SocketFlags.None);
 					task = task ?? Task.Factory.StartNew(() => recLength = _socket.Receive(_receiveBuffer));
 					/*var sw = Stopwatch.StartNew();
@@ -136,10 +169,14 @@ private void InitInternal()
 
 					period = Math.Min(period + 2000, 1000 * 60);
 
-					LogHelper.Log.WriteLine("No response from server " + ep);
+					LogHelper.Log.WriteLine("No response from server " + destEP);
+					if (DateTime.UtcNow.Subtract(_lastInitRequest).TotalSeconds > 60)
+					{
+						LogHelper.Log.WriteLine("Stopping connect atteptions to " + destEP + " until another request will occure");
+					}
 				}
 
-				if (recLength < 4 || _receiveBuffer[0] != 0x2)
+				if (recLength < 4 || _receiveBuffer[0] != (byte)StateFlags.ConnectAnswer)
 				{
 					Console.Error.WriteLine("Invalid server response");
 					return;
@@ -154,16 +191,17 @@ private void InitInternal()
 
 				var sessionKey = cs.GetPacketFromServer(decryptHelper.InnerBuf, decLen);
 				_encryptHelper = new EncryptHelper(sessionKey);
-				var session = Storage.GetSession(ep);
+				var session = Storage.GetSession(destEP);
 				session.Decryptor = new DecryptHelper(sessionKey);
 				Session = session;
-				LogHelper.Log.WriteLine("Initialized connection to " + ep);
+				LogHelper.Log.WriteLine("Initialized connection to " + destEP);
 				_isInited = true;
 				_initingEvent.Set();
 			}
 			finally
 			{
 				Interlocked.Exchange(ref _isIniting, 0);
+				Storage.DecrementEstabilishing();
 			}
 		}
 
@@ -171,9 +209,14 @@ private void PingCycle()
 		{
 			while (!_disposed)
 			{
-				if (_isInited)
-					_socket.Send(new byte[] { 0x5, 0, 0, 0 }, 4, SocketFlags.None);
-				Thread.Sleep(15 * 1000);
+				if (_isInited) _socket.Send(new byte[] { (byte)StateFlags.Ping, 0, 0, 0 }, 4, SocketFlags.None);
+				else
+				{
+					// force renew connection attepmt
+					_lastInitRequest = DateTime.UtcNow;
+				}
+
+				Thread.Sleep(_config.PingInterval * 1000);
 			}
 		}
 
@@ -212,9 +255,20 @@ private void ReceiveCycle()
 				{
 					len = _socket.Receive(buf);
 				}
-				catch (Exception)
+				catch (Exception ex)
 				{
 					LogHelper.Log.WriteLine("Receive data error");
+					_isInited = false;
+					// LogHelper.Log.WriteLine(ex);
+					if (_socket != null)
+					{
+						_socket.Dispose();
+						_socket = null;
+					}
+
+					if (_config.KeepAlive)
+						Init();
+
 					Thread.Sleep(1000);
 					continue;
 				}
diff --git a/AutoTunnel/Config/RemoteServerConfig.cs b/AutoTunnel/Config/RemoteServerConfig.cs
index ce982a5..aa60edf 100644
--- a/AutoTunnel/Config/RemoteServerConfig.cs
+++ b/AutoTunnel/Config/RemoteServerConfig.cs
@@ -1,9 +1,15 @@
-namespace Force.AutoTunnel.Config
+using System.ComponentModel;
+
+using Newtonsoft.Json;
+
+namespace Force.AutoTunnel.Config
 {
 	public class RemoteServerConfig
 	{
 		public string TunnelHost { get; set; }
 
+		public string ProxyHost { get; set; }
+
 		public string ConnectHost { get; set; }
 
 		public string Key { get; set; }
@@ -11,5 +17,9 @@ public class RemoteServerConfig
 		public bool KeepAlive { get; set; }
 
 		public bool ConnectOnStart { get; set; }
+
+		[DefaultValue(15)]
+		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
+		public int PingInterval { get; set; }
 	}
 }
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
index 9e7769f..08db7cd 100644
--- a/AutoTunnel/Listener.cs
+++ b/AutoTunnel/Listener.cs
@@ -111,7 +111,7 @@ private void StartInternal()
 								var outLen = encryptHelper.Encrypt(outPacket, outPacket.Length);
 								var initBuf = new byte[outLen + 4];
 								Buffer.BlockCopy(encryptHelper.InnerBuf, 0, initBuf, 4, outLen);
-								initBuf[0] = 2;
+								initBuf[0] = (byte)StateFlags.ConnectAnswer;
 								initBuf[1] = 1; // version
 
 								s.SendTo(initBuf, initBuf.Length, SocketFlags.None, ep);
@@ -130,7 +130,7 @@ private void StartInternal()
 							{
 								// error
 								LogHelper.Log.WriteLine("Unsupported data from " + ep);
-								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, ep);
+								s.SendTo(new byte[] { (byte)StateFlags.ErrorFromServer, 0, 0, 0 }, 4, SocketFlags.None, ep);
 								continue;
 							}
 						}
@@ -139,7 +139,7 @@ private void StartInternal()
 							session = _storage.GetSession(ep);
 							if (session == null)
 							{
-								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, ep);
+								s.SendTo(new byte[] { (byte)StateFlags.ErrorFromServer, 0, 0, 0 }, 4, SocketFlags.None, ep);
 								LogHelper.Log.WriteLine("Missing decryptor for " + ep);
 								continue;
 							}
@@ -147,7 +147,7 @@ private void StartInternal()
 							var len = session.Decryptor.Decrypt(inBuf, 0);
 							if (len < 0)
 							{
-								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, ep);
+								s.SendTo(new byte[] { (byte)StateFlags.ErrorFromServer, 0, 0, 0 }, 4, SocketFlags.None, ep);
 								LogHelper.Log.WriteLine("Unable to decrypt data from " + ep);
 								continue;
 							}
diff --git a/AutoTunnel/Program.cs b/AutoTunnel/Program.cs
index 65b7562..278e251 100644
--- a/AutoTunnel/Program.cs
+++ b/AutoTunnel/Program.cs
@@ -36,6 +36,18 @@ public static void Main(string[] args)
 					config.RemoteClients = new RemoteClientConfig[0];
 				if (config.RemoteClients.Length == 0) 
 					config.EnableListening = false;
+				if (config.RemoteServers == null)
+					config.RemoteServers = new RemoteServerConfig[0];
+				foreach (var remoteServerConfig in config.RemoteServers)
+				{
+					if (string.IsNullOrEmpty(remoteServerConfig.ConnectHost) && string.IsNullOrEmpty(remoteServerConfig.TunnelHost))
+						throw new InvalidOperationException("Missing host info in config");
+
+					if (string.IsNullOrEmpty(remoteServerConfig.TunnelHost))
+						remoteServerConfig.TunnelHost = remoteServerConfig.ConnectHost;
+					if (string.IsNullOrEmpty(remoteServerConfig.ConnectHost))
+						remoteServerConfig.ConnectHost = remoteServerConfig.TunnelHost;
+				}
 
 				var log = new AggregateLog();
 				if (Environment.UserInteractive) log.AddLog(new ConsoleLog());
@@ -81,8 +93,8 @@ private static bool ProcessArgs(string[] args)
 
 		private static void RunInConsole()
 		{
-			AppDomain.CurrentDomain.DomainUnload += (sender, args) => ConsoleHelper.RestoreOriginalIcon();
-			Console.CancelKeyPress += (sender, args) => ConsoleHelper.RestoreOriginalIcon();
+			AppDomain.CurrentDomain.DomainUnload += (sender, args) => ConsoleHelper.SetActiveIcon(ConsoleHelper.IconStatus.Default);
+			Console.CancelKeyPress += (sender, args) => ConsoleHelper.SetActiveIcon(ConsoleHelper.IconStatus.Default);
 			Console.WriteLine("Press Ctrl+C for exit");
 			LogHelper.Log.WriteLine("Starting interactive...");
 			Starter.Start();
diff --git a/AutoTunnel/Service/ConsoleHelper.cs b/AutoTunnel/Service/ConsoleHelper.cs
index 72784ec..7119492 100644
--- a/AutoTunnel/Service/ConsoleHelper.cs
+++ b/AutoTunnel/Service/ConsoleHelper.cs
@@ -11,10 +11,11 @@ public static class ConsoleHelper
 		[DllImport("user32.dll")]
 		private static extern IntPtr SendMessage(IntPtr hWnd, uint message, int lParam, IntPtr wParam);
 
-		private static IntPtr _iconMainHandle = IntPtr.Zero;
+		private static IntPtr _iconActiveHandle = IntPtr.Zero;
+		private static IntPtr _iconEstabilishingHandle = IntPtr.Zero;
 		private static IntPtr _iconParentHandle = IntPtr.Zero;
 
-		public static void RestoreOriginalIcon()
+		private static void RestoreOriginalIcon()
 		{
 			if (!Environment.UserInteractive)
 				return;
@@ -22,23 +23,32 @@ public static void RestoreOriginalIcon()
 			SendMessage(GetConsoleWindow(), 0x80, 0, _iconParentHandle);
 		}
 
-		public static void SetActiveIcon()
+		public enum IconStatus
+		{
+			Active,
+			Estabilishing,
+			Default
+		}
+
+		public static void SetActiveIcon(IconStatus status)
 		{
 			if (!Environment.UserInteractive)
 				return;
-			if (_iconMainHandle == IntPtr.Zero)
+			if (_iconActiveHandle == IntPtr.Zero)
 			{
 // ReSharper disable AssignNullToNotNullAttribute
-				var icon = new Bitmap(typeof(ConsoleHelper).Assembly.GetManifestResourceStream("Force.AutoTunnel.tunnel_active.png")).GetHicon();
+				_iconActiveHandle = new Bitmap(typeof(ConsoleHelper).Assembly.GetManifestResourceStream("Force.AutoTunnel.tunnel_active.png")).GetHicon();
+				_iconEstabilishingHandle = new Bitmap(typeof(ConsoleHelper).Assembly.GetManifestResourceStream("Force.AutoTunnel.tunnel_estabilishing.png")).GetHicon();
 // ReSharper restore AssignNullToNotNullAttribute
 
-				_iconMainHandle = icon;
-
-				SendMessage(GetConsoleWindow(), 0x80, 1, _iconMainHandle);
-				_iconParentHandle = SendMessage(GetConsoleWindow(), 0x80, 0, _iconMainHandle);
+				_iconParentHandle = SendMessage(GetConsoleWindow(), 0x80, 0, _iconActiveHandle);
 			}
 
-			SendMessage(GetConsoleWindow(), 0x80, 0, _iconMainHandle);
+			var icon = _iconParentHandle;
+			if (status == IconStatus.Active) icon = _iconActiveHandle;
+			else if (status == IconStatus.Estabilishing) icon = _iconEstabilishingHandle;
+			SendMessage(GetConsoleWindow(), 0x80, 0, icon);
+			SendMessage(GetConsoleWindow(), 0x80, 1, icon);
 		}
 	}
 }
diff --git a/AutoTunnel/Starter.cs b/AutoTunnel/Starter.cs
index 02df80b..51f6603 100644
--- a/AutoTunnel/Starter.cs
+++ b/AutoTunnel/Starter.cs
@@ -28,7 +28,7 @@ public static void Start()
 			}
 
 			_clientSenders = new List<ClientSender>();
-			foreach (var rs in config.RemoteServers ?? new RemoteServerConfig[0])
+			foreach (var rs in config.RemoteServers)
 			{
 				_clientSenders.Add(new ClientSender(rs, _storage));
 			}
diff --git a/AutoTunnel/StateFlags.cs b/AutoTunnel/StateFlags.cs
new file mode 100644
index 0000000..de7d084
--- /dev/null
+++ b/AutoTunnel/StateFlags.cs
@@ -0,0 +1,12 @@
+namespace Force.AutoTunnel
+{
+	public enum StateFlags : byte
+	{
+		Connecting = 1,
+		ConnectAnswer = 2,
+		ErrorFromServer = 3,
+		Ping = 5,
+		ProxyConnecting = 7,
+		ErrorFromProxy = 8
+	}
+}
diff --git a/AutoTunnel/TunnelStorage.cs b/AutoTunnel/TunnelStorage.cs
index 7fc4686..63db284 100644
--- a/AutoTunnel/TunnelStorage.cs
+++ b/AutoTunnel/TunnelStorage.cs
@@ -3,6 +3,7 @@
 using System.Collections.Generic;
 using System.Linq;
 using System.Net;
+using System.Threading;
 
 using Force.AutoTunnel.Encryption;
 using Force.AutoTunnel.Service;
@@ -15,8 +16,6 @@ public class TunnelStorage
 
 		public readonly HashSet<IPAddress> OutgoingConnectionAdresses = new HashSet<IPAddress>();
 
-		private readonly List<ClientSender> _clientSenders = new List<ClientSender>();
-
 		public BaseSender GetOrAddSender(IPAddress dstAddr, Func<BaseSender> creatorFunc)
 		{
 #pragma warning disable 612,618
@@ -57,8 +56,7 @@ public void RemoveSession(IPEndPoint endPoint)
 						});
 			}
 
-			if (_sessions.Count == 0)
-				ConsoleHelper.RestoreOriginalIcon();
+			SetIcon();
 		}
 
 		public class Session
@@ -89,7 +87,6 @@ public void UpdateLastActivity()
 
 		public Session AddSession(byte[] sessionKey, IPEndPoint remoteEP)
 		{
-			ConsoleHelper.SetActiveIcon();
 			var hostKey = GetHostKey(remoteEP);
 			var s = new Session(remoteEP)
 				{
@@ -97,6 +94,7 @@ public Session AddSession(byte[] sessionKey, IPEndPoint remoteEP)
 					Decryptor = new DecryptHelper(sessionKey)
 				};
 			_sessions[hostKey] = s;
+			SetIcon();
 			return s;
 		}
 
@@ -118,5 +116,31 @@ public bool HasSession(ulong key)
 		{
 			return _sessions.ContainsKey(key);
 		}
+
+		private int _estabilishingCount;
+
+		public void IncrementEstabilishing()
+		{
+			Interlocked.Increment(ref _estabilishingCount);
+			SetIcon();
+		}
+
+		public void DecrementEstabilishing()
+		{
+			Interlocked.Decrement(ref _estabilishingCount);
+			SetIcon();
+		}
+
+		private void SetIcon()
+		{
+			if (_estabilishingCount > 0)
+			{
+				ConsoleHelper.SetActiveIcon(ConsoleHelper.IconStatus.Estabilishing);
+			}
+			else
+			{
+				ConsoleHelper.SetActiveIcon(_sessions.Count > 0 ? ConsoleHelper.IconStatus.Active : ConsoleHelper.IconStatus.Default);
+			}
+		}
 	}
 }
diff --git a/AutoTunnel/config.json b/AutoTunnel/config.json
index 0249b8f..a519105 100644
--- a/AutoTunnel/config.json
+++ b/AutoTunnel/config.json
@@ -6,6 +6,7 @@
 		{
 			"tunnelHost": "192.168.16.8",
 			"connectHost": "192.168.18.1:12017",
+			"proxyHost": "127.0.0.1:12018",
 			"key": "key1",
 			"keepAlive": true,
 			"connectOnStart": true
diff --git a/tunnel_estabilishing.png b/tunnel_estabilishing.png
new file mode 100644
index 0000000000000000000000000000000000000000..5e1ca0deb59dc21a1dd8694900b77b6d67f5369a
GIT binary patch
literal 1024
zcmV+b1poVqP)<h;3K|Lk000e1NJLTq001BW001Be1^@s6b9#F800009a7bBm0002&
z0002&0eL8Ky#N3J8FWQhbW?9;ba!ELWdL_~cP?peYja~^aAhuUa%Y?FJQ@H11C2>U
zK~#9!?U&zgQfC;)PmC8$yz|PxqBmY|Bkc;bgX4e$D-@9Q2NcBqu)?eXcc7BemYKPA
z#kRVsGc45fPuOJ>OtkH?WYZW;<FXbgWyiH+ij}YLdyIrKIOoJ0Z+h{$An%*!`+1-D
zJ)HM20GJO6b0}~qQ2XODk0YaYsLt9D9qYz=#DdK$93CzjaPRu($TZ^CDHQIoc$(H@
z^{yV7Cj7FbM|4RC75G<28VU@!(BijYnS`UB@owOn0U&`*xk31u1xT1AL}WRoLdyYx
zaR-hK_h5yF1uSJu>Ho%e+B~LpMU0zYiV^`Lk(803q!dWp)nO&A#<8jZ2?)`UizF<m
z-oir1W|eD%u&E?U@D_Oi+KIGYK__$wi2{RW94EzvA!`M5n%sf#ssxc5>wb+PA~CC=
z3qPGw&;>n&+Zr5ahI$aBtBV@;8iv1Pl6@|AA)=rQlqCgSSY{Dq$lj-D;cq&(B?Xe2
zZ1q4Y5lFL&x{zYdSg}qE*YABJMy;<gVpS%PQYNs@crB$D!{$BAwmp&Myg`8XixRG~
zCCurixuN?HsjiY7FPH&SzT9uv#MDO*2=^s9%l?Tz!xpBsn@Gqo+gXt9=nv|AnelLi
zY%dX*{$yP;JWd4ZJhw3~8%{}Tx8(&ig)B3`6*IK(WZNIo9Z>xy3iyl#MFR8ctgOI~
znqr1=n+1**rtOv5hOw><QQ!i*EgLTPM7`ryr@*~^514i~Xz__pA2kf0Z2Mgd_b6=t
zoF=be^*bBYzhYmv(B5mvR%l41<1wZ`UajtXto@-FP7hyLFTeV$3J%|5N49cXE3_YY
z8@jn&W1lg%Ps8X_F{FD&LjQUjZrnnMm0$h0T?Nd`gkM+Z_S2v38XMjRyf)#ahbyiP
zm~v%N#F&Gh9J+`uClS0Q?)mpJD<{F_o0{U<qFOj9dn20RzjnpP=aCpqC+FB=Ycpno
zH~)$G7b*+dVrw&IymyilBUca(L|uxnWTL=V3B>ssUg|nE#U}(lFj0}36AniBOMz%}
z0bX_KsL$m+QOm@avEj?1I3gEgiTbfxVxjo+3nQUQzqP-$8Rz}MB$<PAzF@e1%%yU+
zF#UG-8UgQ%)ntEfY@DOS^x54pLZ%kC!?Sv(*T3U&4*ps{R?DEv_sniNy>Bx+cAH`6
uoc}t^r(gA$oqPWucdi_M7aR(FaDg{P+3o9cO8wCQ0000<MNUMnLSTZRo!}V&

literal 0
HcmV?d00001


From b834d4ac0f93d118590835014b148a9cc2160ea5 Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Sun, 3 Sep 2017 22:46:54 +0300
Subject: [PATCH 09/15] better detection of dead connection added ability for
 proxy to limit destination hosts + host resolve to ip at client level

---
 AutoTunnel.Proxy.Node/proxy.js           | 56 +++++++++++++++++-------
 AutoTunnel.Proxy.Node/proxyStarter.js    |  6 +++
 AutoTunnel/ClientSender.cs               | 55 ++++++++++++++++-------
 AutoTunnel/Config/MainConfig.cs          |  4 ++
 AutoTunnel/Encryption/DecryptHelper.cs   |  3 +-
 AutoTunnel/Encryption/ServerHandshake.cs |  2 +-
 AutoTunnel/Listener.cs                   |  3 +-
 AutoTunnel/StateFlags.cs                 |  9 +++-
 8 files changed, 102 insertions(+), 36 deletions(-)

diff --git a/AutoTunnel.Proxy.Node/proxy.js b/AutoTunnel.Proxy.Node/proxy.js
index 7e9e97a..db9c320 100644
--- a/AutoTunnel.Proxy.Node/proxy.js
+++ b/AutoTunnel.Proxy.Node/proxy.js
@@ -1,6 +1,10 @@
 const dgram = require('dgram');
+const dns = require('dns');
 
 var logFunc = console.log;
+var checkFunc = function () {
+	return true;
+};
 
 var start = function (portNumber) {
 	var server = dgram.createSocket('udp4');
@@ -28,25 +32,40 @@ var start = function (portNumber) {
 				var spl = dstHostAndPort.split(':');
 				var dstHost = spl[0];
 				var dstPort = (spl[1] || 12017) * 1;
-				var socket = dgram.createSocket('udp4');
-				socket.on('message', function (bmsg, bep) {
-					var pair = proxyPairs[ep.address + ':' + ep.port];
-					if (pair) {
-						pair.lastActivity = new Date().getTime();
-						server.send(bmsg, 0, bep.size, ep.port, ep.address);
+
+				dns.lookup(dstHost, 4, function (err, addr) {
+					if (err !== null) {
+						logFunc('Cannot resolve host ' + dstHost, err);
+						return;
+					}
+
+					if (!checkFunc(addr, dstHost)) {
+						logFunc('Host ' + dstHost + " was considered as invalid for proxyfying");
+						return
 					}
+
+					dstHost = addr;
+
+					var socket = dgram.createSocket('udp4');
+					socket.on('message', function (bmsg, bep) {
+						var pair = proxyPairs[ep.address + ':' + ep.port];
+						if (pair) {
+							pair.lastActivity = new Date().getTime();
+							server.send(bmsg, 0, bep.size, ep.port, ep.address);
+						}
+					});
+					proxyPairs[ep.address + ':' + ep.port] = {
+						sourceHost: ep.address,
+						sourcePort: ep.port,
+						host: dstHost,
+						port: dstPort,
+						targetSocket: socket,
+						lastActivity: new Date().getTime()
+					};
+					logFunc('Estabilished tunnel ', ep.address + ':' + ep.port + '->' + dstHost + ':' + dstPort);
+
+					// TODO: think about answer
 				});
-				proxyPairs[ep.address + ':' + ep.port] = {
-					sourceHost: ep.address,
-					sourcePort: ep.port,
-					host: dstHost,
-					port: dstPort,
-					targetSocket: socket, 
-					lastActivity: new Date().getTime()
-				};
-				logFunc('Estabilished tunnel ', ep.address + ':' + ep.port + '->' + dstHost + ':' + dstPort);
-				
-				// TODO: think about answer
 			} else {
 				var pair = proxyPairs[ep.address + ':' + ep.port];
 
@@ -97,5 +116,8 @@ module.exports = {
 	},
 	setLogger: function (loggerFunc) {
 		logFunc = loggerFunc;
+	},
+	setAllowedTargetIpCheckFunc: function(checkingFunc) {
+		checkFunc = checkingFunc;
 	}
 };
\ No newline at end of file
diff --git a/AutoTunnel.Proxy.Node/proxyStarter.js b/AutoTunnel.Proxy.Node/proxyStarter.js
index 1282106..84d2b90 100644
--- a/AutoTunnel.Proxy.Node/proxyStarter.js
+++ b/AutoTunnel.Proxy.Node/proxyStarter.js
@@ -1,3 +1,9 @@
 var p = require('./proxy.js');
 
+p.setAllowedTargetIpCheckFunc(function (dstAddr, dstHost) {
+	// just for example
+	console.log(dstAddr)
+	return /192\.168\.\d+\.\d+/.test(dstAddr);
+});
+
 p.start(12018);
\ No newline at end of file
diff --git a/AutoTunnel/ClientSender.cs b/AutoTunnel/ClientSender.cs
index 57da245..99844b7 100644
--- a/AutoTunnel/ClientSender.cs
+++ b/AutoTunnel/ClientSender.cs
@@ -43,8 +43,7 @@ public ClientSender(RemoteServerConfig config, TunnelStorage storage)
 			LogHelper.Log.WriteLine("Tunnel watcher was created for " + config.TunnelHost);
 
 			Task.Factory.StartNew(ReceiveCycle);
-			if (config.KeepAlive)
-				Task.Factory.StartNew(PingCycle);
+			Task.Factory.StartNew(PingCycle);
 			if (config.ConnectOnStart)
 				Init();
 			IPAddress dummy;
@@ -77,7 +76,6 @@ private void CheckHostChange()
 
 		private DateTime _lastInitRequest;
 
-
 		private void Init()
 		{
 			_lastInitRequest = DateTime.UtcNow;
@@ -111,8 +109,8 @@ private void InitInternal()
 
 				_connectEP = destEP;
 
-				Storage.AddSession(new byte[16], destEP).IsClientSession = true;
 				Storage.IncrementEstabilishing();
+				Storage.AddSession(new byte[16], destEP).IsClientSession = true;
 
 				if (proxyEP != null)
 					LogHelper.Log.WriteLine("Initializing connection to " + _config.ConnectHost + " via proxy " + proxyEP);
@@ -179,6 +177,7 @@ private void InitInternal()
 				if (recLength < 4 || _receiveBuffer[0] != (byte)StateFlags.ConnectAnswer)
 				{
 					Console.Error.WriteLine("Invalid server response");
+					Storage.RemoveSession(destEP);
 					return;
 				}
 
@@ -186,6 +185,7 @@ private void InitInternal()
 				if (decLen < 9)
 				{
 					Console.Error.WriteLine("Invalid server response");
+					Storage.RemoveSession(destEP);
 					return;
 				}
 
@@ -207,9 +207,27 @@ private void InitInternal()
 
 		private void PingCycle()
 		{
+			DateTime lastReceiveLast = DateTime.MinValue;
 			while (!_disposed)
 			{
-				if (_isInited) _socket.Send(new byte[] { (byte)StateFlags.Ping, 0, 0, 0 }, 4, SocketFlags.None);
+				if (_isInited)
+				{
+					// problem with server? no answers, dropping connection
+					if (Session.LastActivity == lastReceiveLast)
+					{
+						_isInited = false;
+						lastReceiveLast = DateTime.MinValue;
+						if (_config.KeepAlive)
+							Init();
+					}
+
+					if (_config.KeepAlive || _lastSend.Subtract(Session.LastActivity).TotalSeconds > _config.PingInterval)
+					{
+						lastReceiveLast = Session.LastActivity;
+						_socket.Send(new byte[] { (byte)StateFlags.Ping, 0, 0, 0 }, 4, SocketFlags.None);
+						_lastSend = DateTime.UtcNow;
+					}
+				}
 				else
 				{
 					// force renew connection attepmt
@@ -233,12 +251,15 @@ protected override void Send(byte[] packet, int packetLen)
 			{
 				var lenToSend = _encryptHelper.Encrypt(packet, packetLen);
 				var packetToSend = _encryptHelper.InnerBuf;
+				_lastSend = DateTime.UtcNow;
 				_socket.Send(packetToSend, lenToSend, SocketFlags.None);
 			}
 		}
 
 		private readonly byte[] _receiveBuffer = new byte[65536];
 
+		private DateTime _lastSend;
+
 		private void ReceiveCycle()
 		{
 			byte[] buf = _receiveBuffer;
@@ -257,18 +278,20 @@ private void ReceiveCycle()
 				}
 				catch (Exception ex)
 				{
-					LogHelper.Log.WriteLine("Receive data error");
-					_isInited = false;
-					// LogHelper.Log.WriteLine(ex);
-					if (_socket != null)
+					if (_isIniting == 1 && _isInited)
 					{
-						_socket.Dispose();
-						_socket = null;
+						LogHelper.Log.WriteLine("Receive data error");
+						_isInited = false;
+						// LogHelper.Log.WriteLine(ex);
+						if (_socket != null)
+						{
+							_socket.Dispose();
+							_socket = null;
+						}
+
+						if (_config.KeepAlive) Init();
 					}
 
-					if (_config.KeepAlive)
-						Init();
-
 					Thread.Sleep(1000);
 					continue;
 				}
@@ -277,7 +300,7 @@ private void ReceiveCycle()
 				if (len % 16 != 0)
 				{
 					// in any case, this is error
-					// if (buf[0] == 0x3)
+					if (buf[0] != (byte)StateFlags.Pong)
 					{
 						LogHelper.Log.WriteLine("Received an error flag from " + _socket.RemoteEndPoint);
 						_isInited = false;
@@ -287,6 +310,8 @@ private void ReceiveCycle()
 					}
 				}
 
+				Session.UpdateLastActivity();
+
 				var decryptHelper = Session.Decryptor;
 				var decLen = decryptHelper.Decrypt(buf, 0);
 				_packetWriter.Write(decryptHelper.InnerBuf, decLen);
diff --git a/AutoTunnel/Config/MainConfig.cs b/AutoTunnel/Config/MainConfig.cs
index 032e3a6..83a38dd 100644
--- a/AutoTunnel/Config/MainConfig.cs
+++ b/AutoTunnel/Config/MainConfig.cs
@@ -27,5 +27,9 @@ public class MainConfig
 		public int IdleSessionTime { get; set; }
 
 		public string LogFileName { get; set; }
+
+		[DefaultValue(15)]
+		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
+		public int PingBackTime { get; set; }
 	}
 }
diff --git a/AutoTunnel/Encryption/DecryptHelper.cs b/AutoTunnel/Encryption/DecryptHelper.cs
index d47e62d..ad08361 100644
--- a/AutoTunnel/Encryption/DecryptHelper.cs
+++ b/AutoTunnel/Encryption/DecryptHelper.cs
@@ -34,8 +34,9 @@ public int Decrypt(byte[] data, int offset)
 			decryptor.TransformBlock(data, offset, 16, _headerBuf, 0);
 			var len = _headerBuf[0] | (_headerBuf[1] << 8) | (_headerBuf[2] << 16) | (_headerBuf[3] << 24);
 			if (len > data.Length) return -1;
-			if (_headerBuf[4] != 1 && _headerBuf[5] != 0 && _headerBuf[6] != 'A' && _headerBuf[7] != 'T') return -1;
+			if (_headerBuf[4] != 1 || _headerBuf[5] != 0 || _headerBuf[6] != 'A' || _headerBuf[7] != 'T') return -1;
 			var len16 = (len + 15) & ~15;
+			if (len < 0 || len > _innerBuf.Length) return -1;
 			decryptor.TransformBlock(data, offset + 16, len16, _innerBuf, 0);
 			return len;
 		}
diff --git a/AutoTunnel/Encryption/ServerHandshake.cs b/AutoTunnel/Encryption/ServerHandshake.cs
index 83ae98f..70d1119 100644
--- a/AutoTunnel/Encryption/ServerHandshake.cs
+++ b/AutoTunnel/Encryption/ServerHandshake.cs
@@ -13,7 +13,7 @@ public ServerHandshake()
 
 		public byte[] GetOutPacket(byte[] inPacket, int len)
 		{
-			if (inPacket[0] != 1 && inPacket[1] != 0 && inPacket[2] != 'A' && inPacket[3] != 'T') return null;
+			if (inPacket[0] != 1 || inPacket[1] != 0 || inPacket[2] != 'A' || inPacket[3] != 'T') return null;
 			var publicRsa = Encoding.UTF8.GetString(inPacket, 4, inPacket.Length - 4);
 			SessionKey = new byte[16];
 			using (var random = RandomNumberGenerator.Create())
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
index 08db7cd..c8a4c5e 100644
--- a/AutoTunnel/Listener.cs
+++ b/AutoTunnel/Listener.cs
@@ -49,7 +49,7 @@ private void CleanupThread()
 					_storage.RemoveSession(os);
 				}
 
-				_stopEvent.WaitOne(10 * 60 * 1000);
+				_stopEvent.WaitOne(_config.IdleSessionTime * 1000);
 			}
 		}
 
@@ -124,6 +124,7 @@ private void StartInternal()
 							{
 								session = _storage.GetSession(ep);
 								if (session != null) session.UpdateLastActivity();
+								s.SendTo(new byte[] { (byte)StateFlags.Pong, 0, 0, 0 }, 4, SocketFlags.None, ep);
 								continue;
 							}
 							else
diff --git a/AutoTunnel/StateFlags.cs b/AutoTunnel/StateFlags.cs
index de7d084..b2c8297 100644
--- a/AutoTunnel/StateFlags.cs
+++ b/AutoTunnel/StateFlags.cs
@@ -3,10 +3,17 @@
 	public enum StateFlags : byte
 	{
 		Connecting = 1,
+
 		ConnectAnswer = 2,
+
 		ErrorFromServer = 3,
+
 		Ping = 5,
+
 		ProxyConnecting = 7,
-		ErrorFromProxy = 8
+
+		ErrorFromProxy = 8,
+
+		Pong = 9
 	}
 }

From 8b7f3ee33867017dea16c97235f34aa19db85843 Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Mon, 4 Sep 2017 23:06:39 +0300
Subject: [PATCH 10/15] config auto reload, bug fixes and improvements

---
 AutoTunnel/AutoTunnel.csproj           |   2 +
 AutoTunnel/BaseSender.cs               |   4 +-
 AutoTunnel/ClientSender.cs             |  65 +++++++-----
 AutoTunnel/Config/ConfigHelper.cs      | 124 ++++++++++++++++++++++
 AutoTunnel/Config/MainConfig.cs        |   4 +
 AutoTunnel/Encryption/DecryptHelper.cs |  27 +++--
 AutoTunnel/Encryption/EncryptHelper.cs |  49 +++++----
 AutoTunnel/Listener.cs                 |  19 ++--
 AutoTunnel/Program.cs                  |  54 ++--------
 AutoTunnel/Properties/AssemblyInfo.cs  |   1 -
 AutoTunnel/ReplySender.cs              |   3 +-
 AutoTunnel/Starter.cs                  |   6 +-
 AutoTunnel/StateFlags.cs               |   5 +-
 AutoTunnel/TunnelSession.cs            |  47 +++++++++
 AutoTunnel/TunnelStorage.cs            |  38 ++-----
 README.md                              | 140 ++++++++++++++++++++++++-
 16 files changed, 432 insertions(+), 156 deletions(-)
 create mode 100644 AutoTunnel/Config/ConfigHelper.cs
 create mode 100644 AutoTunnel/TunnelSession.cs

diff --git a/AutoTunnel/AutoTunnel.csproj b/AutoTunnel/AutoTunnel.csproj
index f73295a..1ba1b64 100644
--- a/AutoTunnel/AutoTunnel.csproj
+++ b/AutoTunnel/AutoTunnel.csproj
@@ -69,6 +69,7 @@
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
     <Compile Include="ClientSender.cs" />
+    <Compile Include="Config\ConfigHelper.cs" />
     <Compile Include="Config\RemoteClientConfig.cs" />
     <Compile Include="Config\RemoteServerConfig.cs" />
     <Compile Include="Config\MainConfig.cs" />
@@ -102,6 +103,7 @@
     <Compile Include="Service\MainServiceInstallHelper.cs" />
     <Compile Include="Starter.cs" />
     <Compile Include="StateFlags.cs" />
+    <Compile Include="TunnelSession.cs" />
     <Compile Include="TunnelStorage.cs" />
     <Compile Include="WinDivert.cs" />
   </ItemGroup>
diff --git a/AutoTunnel/BaseSender.cs b/AutoTunnel/BaseSender.cs
index 051b100..1a5b0ab 100644
--- a/AutoTunnel/BaseSender.cs
+++ b/AutoTunnel/BaseSender.cs
@@ -20,9 +20,9 @@ public abstract class BaseSender : IDisposable
 
 		protected readonly TunnelStorage Storage;
 
-		public TunnelStorage.Session Session { get; set; }
+		public TunnelSession Session { get; set; }
 
-		protected BaseSender(TunnelStorage.Session session, IPAddress watchAddr, TunnelStorage storage)
+		protected BaseSender(TunnelSession session, IPAddress watchAddr, TunnelStorage storage)
 		{
 			Storage = storage;
 			Session = session;
diff --git a/AutoTunnel/ClientSender.cs b/AutoTunnel/ClientSender.cs
index 99844b7..40dff41 100644
--- a/AutoTunnel/ClientSender.cs
+++ b/AutoTunnel/ClientSender.cs
@@ -84,6 +84,16 @@ private void Init()
 			Task.Factory.StartNew(InitInternal);
 		}
 
+		private void CloseSocket()
+		{
+			if (_socket != null)
+			{
+				_socket.Dispose();
+			}
+
+			_socket = null;
+		}
+
 		private void InitInternal()
 		{
 			if (Interlocked.CompareExchange(ref _isIniting, 1, 0) == 1)
@@ -126,8 +136,7 @@ private void InitInternal()
 				var recLength = 0;
 
 				// killing old socket
-				if (_socket != null)
-					_socket.Dispose();
+				CloseSocket();
 				_socket = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
 				_socket.Connect(destEP);
 
@@ -170,7 +179,7 @@ private void InitInternal()
 					LogHelper.Log.WriteLine("No response from server " + destEP);
 					if (DateTime.UtcNow.Subtract(_lastInitRequest).TotalSeconds > 60)
 					{
-						LogHelper.Log.WriteLine("Stopping connect atteptions to " + destEP + " until another request will occure");
+						LogHelper.Log.WriteLine("Stopping connect atteptions to " + destEP + " until another request will occur");
 					}
 				}
 
@@ -205,36 +214,42 @@ private void InitInternal()
 			}
 		}
 
+		private void DropInit()
+		{
+			_isInited = false;
+			if (_config.KeepAlive)
+				Init();
+		}
+
 		private void PingCycle()
 		{
-			DateTime lastReceiveLast = DateTime.MinValue;
+			DateTime lastPingDate = DateTime.MinValue;
+			var pingSpan = TimeSpan.FromSeconds(_config.PingInterval);
+
 			while (!_disposed)
 			{
 				if (_isInited)
 				{
 					// problem with server? no answers, dropping connection
-					if (Session.LastActivity == lastReceiveLast)
+					if (Session.SendReceiveDifference > TimeSpan.FromSeconds(_config.PingInterval * 2))
 					{
-						_isInited = false;
-						lastReceiveLast = DateTime.MinValue;
-						if (_config.KeepAlive)
-							Init();
+						DropInit();
 					}
 
-					if (_config.KeepAlive || _lastSend.Subtract(Session.LastActivity).TotalSeconds > _config.PingInterval)
+					if ((_config.KeepAlive && DateTime.UtcNow.Subtract(lastPingDate) > pingSpan) || Session.SendReceiveDifference > pingSpan)
 					{
-						lastReceiveLast = Session.LastActivity;
 						_socket.Send(new byte[] { (byte)StateFlags.Ping, 0, 0, 0 }, 4, SocketFlags.None);
-						_lastSend = DateTime.UtcNow;
+						lastPingDate = DateTime.UtcNow;
 					}
 				}
 				else
 				{
-					// force renew connection attepmt
-					_lastInitRequest = DateTime.UtcNow;
+					// force renew connection attempt
+					if (_config.KeepAlive)
+						_lastInitRequest = DateTime.UtcNow;
 				}
 
-				Thread.Sleep(_config.PingInterval * 1000);
+				Thread.Sleep(1000);
 			}
 		}
 
@@ -251,15 +266,13 @@ protected override void Send(byte[] packet, int packetLen)
 			{
 				var lenToSend = _encryptHelper.Encrypt(packet, packetLen);
 				var packetToSend = _encryptHelper.InnerBuf;
-				_lastSend = DateTime.UtcNow;
+				Session.UpdateReceiveActivity();
 				_socket.Send(packetToSend, lenToSend, SocketFlags.None);
 			}
 		}
 
 		private readonly byte[] _receiveBuffer = new byte[65536];
 
-		private DateTime _lastSend;
-
 		private void ReceiveCycle()
 		{
 			byte[] buf = _receiveBuffer;
@@ -276,18 +289,14 @@ private void ReceiveCycle()
 				{
 					len = _socket.Receive(buf);
 				}
-				catch (Exception ex)
+				catch (Exception/* ex*/)
 				{
 					if (_isIniting == 1 && _isInited)
 					{
 						LogHelper.Log.WriteLine("Receive data error");
 						_isInited = false;
 						// LogHelper.Log.WriteLine(ex);
-						if (_socket != null)
-						{
-							_socket.Dispose();
-							_socket = null;
-						}
+						CloseSocket();
 
 						if (_config.KeepAlive) Init();
 					}
@@ -303,14 +312,12 @@ private void ReceiveCycle()
 					if (buf[0] != (byte)StateFlags.Pong)
 					{
 						LogHelper.Log.WriteLine("Received an error flag from " + _socket.RemoteEndPoint);
-						_isInited = false;
-						// failed data
-						Init();
+						DropInit();
 						continue;
 					}
 				}
 
-				Session.UpdateLastActivity();
+				Session.UpdateReceiveActivity();
 
 				var decryptHelper = Session.Decryptor;
 				var decLen = decryptHelper.Decrypt(buf, 0);
@@ -323,7 +330,7 @@ public override void Dispose()
 			base.Dispose();
 			_disposed = true;
 			_initingEvent.Set();
-			_socket.Dispose();
+			CloseSocket();
 		}
 	}
 }
diff --git a/AutoTunnel/Config/ConfigHelper.cs b/AutoTunnel/Config/ConfigHelper.cs
new file mode 100644
index 0000000..79cc718
--- /dev/null
+++ b/AutoTunnel/Config/ConfigHelper.cs
@@ -0,0 +1,124 @@
+using System;
+using System.IO;
+using System.Threading;
+using System.Threading.Tasks;
+
+using Force.AutoTunnel.Logging;
+
+using Newtonsoft.Json;
+
+namespace Force.AutoTunnel.Config
+{
+	public static class ConfigHelper
+	{
+		public static MainConfig Config { get; private set; }
+
+		private static FileSystemWatcher _fsw;
+
+		public static bool LoadConfig(bool isFirstTime)
+		{
+			try
+			{
+				if (_fsw != null)
+				{
+					_fsw.Dispose();
+					_fsw = null;
+				}
+
+				if (!isFirstTime)
+					LogHelper.Log.WriteLine("Reloading config");
+
+				var configPath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "config.json");
+				if (!File.Exists(configPath))
+				{
+					if (isFirstTime)
+						Console.Error.WriteLine("Missing config file");
+					else
+						LogHelper.Log.WriteLine("Missing config file");
+
+					return false;
+				}
+
+				MainConfig config;
+				using (var f = File.OpenRead(configPath))
+					config = new JsonSerializer().Deserialize<MainConfig>(new JsonTextReader(new StreamReader(f)));
+
+				if (config.RemoteClients == null)
+					config.RemoteClients = new RemoteClientConfig[0];
+				if (config.RemoteClients.Length == 0)
+					config.EnableListening = false;
+				if (config.RemoteServers == null)
+					config.RemoteServers = new RemoteServerConfig[0];
+				foreach (var remoteServerConfig in config.RemoteServers)
+				{
+					if (string.IsNullOrEmpty(remoteServerConfig.ConnectHost) && string.IsNullOrEmpty(remoteServerConfig.TunnelHost))
+						throw new InvalidOperationException("Missing host info in config");
+
+					if (string.IsNullOrEmpty(remoteServerConfig.TunnelHost))
+						remoteServerConfig.TunnelHost = remoteServerConfig.ConnectHost;
+					if (string.IsNullOrEmpty(remoteServerConfig.ConnectHost))
+						remoteServerConfig.ConnectHost = remoteServerConfig.TunnelHost;
+				}
+
+				if (!isFirstTime)
+					Starter.Stop();
+
+				var log = new AggregateLog();
+				if (Environment.UserInteractive) log.AddLog(new ConsoleLog());
+				if (!string.IsNullOrEmpty(config.LogFileName)) log.AddLog(new FileLog(config.LogFileName));
+				LogHelper.SetLog(log);
+
+				Config = config;
+
+				if (!isFirstTime)
+					Starter.Start();
+
+				if (config.AutoReloadOnChange)
+				{
+					_fsw = new FileSystemWatcher(Path.GetDirectoryName(configPath) ?? string.Empty, Path.GetFileName(configPath) ?? string.Empty);
+					_fsw.Changed += FswOnChanged;
+					_fsw.Created += FswOnChanged;
+					_fsw.Deleted += FswOnChanged;
+					_fsw.EnableRaisingEvents = true;
+				}
+			}
+			catch (Exception ex)
+			{
+				if (isFirstTime) Console.Error.WriteLine("Error in parsing config: " + ex.Message);
+				else
+				{
+					LogHelper.Log.WriteLine("Error in parsing config. Leaving old config " + ex.Message);
+				}
+
+				return false;
+			}
+
+			return true;
+		}
+
+		private static DateTime _reloadTime;
+
+		private static Task _activatedTask;
+
+		private static void FswOnChanged(object sender, FileSystemEventArgs fileSystemEventArgs)
+		{
+			_reloadTime = DateTime.UtcNow.AddSeconds(4);
+			if (_activatedTask != null)
+				return;
+			_activatedTask = Task.Factory.StartNew(
+				() =>
+					{
+						while (true)
+						{
+							Thread.Sleep(TimeSpan.FromSeconds(1));
+							if (DateTime.UtcNow > _reloadTime)
+							{
+								_activatedTask = null;
+								LoadConfig(false);
+								break;
+							}
+						}
+					});
+		}
+	}
+}
diff --git a/AutoTunnel/Config/MainConfig.cs b/AutoTunnel/Config/MainConfig.cs
index 83a38dd..ddb520b 100644
--- a/AutoTunnel/Config/MainConfig.cs
+++ b/AutoTunnel/Config/MainConfig.cs
@@ -31,5 +31,9 @@ public class MainConfig
 		[DefaultValue(15)]
 		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
 		public int PingBackTime { get; set; }
+
+		[DefaultValue(true)]
+		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
+		public bool AutoReloadOnChange { get; set; }
 	}
 }
diff --git a/AutoTunnel/Encryption/DecryptHelper.cs b/AutoTunnel/Encryption/DecryptHelper.cs
index ad08361..db200b5 100644
--- a/AutoTunnel/Encryption/DecryptHelper.cs
+++ b/AutoTunnel/Encryption/DecryptHelper.cs
@@ -6,7 +6,7 @@ public class DecryptHelper
 	{
 		private readonly byte[] _innerBuf = new byte[65536];
 
-		private readonly byte[] _key;
+		private readonly Aes _aes;
 
 		private readonly byte[] _headerBuf = new byte[16];
 
@@ -19,25 +19,30 @@ public byte[] InnerBuf
 		}
 
 		public DecryptHelper(byte[] key)
-		{
-			_key = key;
-		}
-
-		public int Decrypt(byte[] data, int offset)
 		{
 			var aes = Aes.Create();
-			aes.Key = _key;
+			aes.Key = key;
 			aes.IV = new byte[16];
 			aes.Mode = CipherMode.CBC;
 			aes.Padding = PaddingMode.None;
-			var decryptor = aes.CreateDecryptor();
-			decryptor.TransformBlock(data, offset, 16, _headerBuf, 0);
-			var len = _headerBuf[0] | (_headerBuf[1] << 8) | (_headerBuf[2] << 16) | (_headerBuf[3] << 24);
+			_aes = aes;
+			// _decryptor = aes.CreateDecryptor();
+		}
+
+		public int Decrypt(byte[] data, int offset)
+		{
+			var hb = _headerBuf;
+			// strange situation, decryptor cannot be used multiple times, problem with resetting cbc data, or my fault...
+			// but encrypting is work with extracted encryptor
+			var decryptor = _aes.CreateDecryptor();
+			decryptor.TransformBlock(data, offset, 16, hb, 0);
+			var len = hb[0] | (hb[1] << 8) | (hb[2] << 16) | (hb[3] << 24);
 			if (len > data.Length) return -1;
-			if (_headerBuf[4] != 1 || _headerBuf[5] != 0 || _headerBuf[6] != 'A' || _headerBuf[7] != 'T') return -1;
+			if (hb[4] != 1 || hb[5] != 0 || hb[6] != 'A' || hb[7] != 'T') return -1;
 			var len16 = (len + 15) & ~15;
 			if (len < 0 || len > _innerBuf.Length) return -1;
 			decryptor.TransformBlock(data, offset + 16, len16, _innerBuf, 0);
+			// decryptor.TransformFinalBlock(new byte[0], 0, 0);
 			return len;
 		}
 	}
diff --git a/AutoTunnel/Encryption/EncryptHelper.cs b/AutoTunnel/Encryption/EncryptHelper.cs
index 1283ca1..830b32d 100644
--- a/AutoTunnel/Encryption/EncryptHelper.cs
+++ b/AutoTunnel/Encryption/EncryptHelper.cs
@@ -1,18 +1,17 @@
 using System.Security.Cryptography;
-using System.Threading;
 
 namespace Force.AutoTunnel.Encryption
 {
 	public class EncryptHelper
 	{
-		private readonly byte[] _key;
-
 		private readonly RandomNumberGenerator _random = RandomNumberGenerator.Create();
 
 		private readonly byte[] _innerBuf = new byte[65536];
 
 		private readonly byte[] _headerBuf = new byte[16];
 
+		private readonly ICryptoTransform _encryptor;
+
 		public byte[] InnerBuf
 		{
 			get
@@ -22,36 +21,40 @@ public byte[] InnerBuf
 		}
 
 		public EncryptHelper(byte[] key)
-		{
-			_key = key;
-		}
-
-		public int Encrypt(byte[] data, int len)
 		{
 			var aes = Aes.Create();
-			aes.Key = _key;
+			aes.Key = key;
 			aes.IV = new byte[16];
 			aes.Mode = CipherMode.CBC;
 			aes.Padding = PaddingMode.None;
-			var encryptor = aes.CreateEncryptor();
-			_random.GetBytes(_headerBuf);
-			_headerBuf[0] = (byte)(len & 0xff);
-			_headerBuf[1] = (byte)((len >> 8) & 0xff);
-			_headerBuf[2] = (byte)((len >> 16) & 0xff);
-			_headerBuf[3] = (byte)((len >> 24) & 0xff);
+			_encryptor = aes.CreateEncryptor();
+		}
+
+		public int Encrypt(byte[] data, int len)
+		{
+			var hb = _headerBuf;
+			// _random.GetBytes(hb);
+			hb[0] = (byte)(len & 0xff);
+			hb[1] = (byte)((len >> 8) & 0xff);
+			hb[2] = (byte)((len >> 16) & 0xff);
+			hb[3] = (byte)((len >> 24) & 0xff);
 			// var c = Interlocked.Increment(ref _counter);
 			/*_headerBuf[4] = (byte)(c & 0xff);
 			_headerBuf[5] = (byte)((c >> 8) & 0xff);
 			_headerBuf[6] = (byte)((c >> 16) & 0xff);
 			_headerBuf[7] = (byte)((c >> 24) & 0xff);*/
-			_headerBuf[4] = 0x1;
-			_headerBuf[5] = 0x0;
-			_headerBuf[6] = (byte)'A';
-			_headerBuf[7] = (byte)'T';
-
-			encryptor.TransformBlock(_headerBuf, 0, 16, _innerBuf, 0);
-			if (len == 0) return 16 + 4;
-			return encryptor.TransformBlock(data, 0, (len + 15) & ~15, _innerBuf, 16) + 16;
+			hb[4] = 0x1;
+			hb[5] = 0x0;
+			hb[6] = (byte)'A';
+			hb[7] = (byte)'T';
+
+			_encryptor.TransformBlock(hb, 0, 16, _innerBuf, 0);
+			var tl = 0;
+			if (len > 0) 
+				tl = _encryptor.TransformBlock(data, 0, (len + 15) & ~15, _innerBuf, 16);
+
+			_encryptor.TransformFinalBlock(new byte[0], 0, 0);
+			return tl + 16;
 		}
 	}
 }
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
index c8a4c5e..44e01d8 100644
--- a/AutoTunnel/Listener.cs
+++ b/AutoTunnel/Listener.cs
@@ -70,13 +70,13 @@ private void StartInternal()
 					{
 						int cnt = s.ReceiveFrom(inBuf, ref ep1);
 						IPEndPoint ep = (IPEndPoint)ep1;
-						TunnelStorage.Session session;
+						TunnelSession session;
 
 						if (cnt == 0) continue;
 						byte[] decBuf = null;
 						if (cnt % 16 != 0)
 						{
-							if (inBuf[0] == 1)
+							if (inBuf[0] == (byte)StateFlags.Connecting)
 							{
 								LogHelper.Log.WriteLine("Estabilishing connection from " + ep);
 								int dataLen = -1;
@@ -120,13 +120,20 @@ private void StartInternal()
 								continue;
 							}
 
-							if (inBuf[0] == 0x5) // ping
+							if (inBuf[0] == (byte)StateFlags.Ping) // ping
 							{
 								session = _storage.GetSession(ep);
-								if (session != null) session.UpdateLastActivity();
+								if (session != null) session.UpdateReceiveActivity();
 								s.SendTo(new byte[] { (byte)StateFlags.Pong, 0, 0, 0 }, 4, SocketFlags.None, ep);
 								continue;
 							}
+								// it is good idea, but attacker can cause close of our connection
+								// so, think in future about this
+							/*else if (inBuf[0] == (byte)StateFlags.ConnectionClosing) // ping
+							{
+								_storage.RemoveSession(ep);
+								continue;
+							}*/
 							else
 							{
 								// error
@@ -155,7 +162,7 @@ private void StartInternal()
 
 							decBuf = session.Decryptor.InnerBuf;
 							cnt = len;
-							session.UpdateLastActivity();
+							session.UpdateReceiveActivity();
 						}
 
 						// var sourceIp = decBuf[12] + "." + decBuf[13] + "." + decBuf[14] + "." + decBuf[15];
@@ -169,7 +176,7 @@ private void StartInternal()
 							// session was changed for client, killing it and update data
 							if (!sender.Session.RemoteEP.Equals(ep))
 							{
-								Console.WriteLine("Client for " + sourceIp + " has changed endpoint from " + sender.Session.RemoteEP + " to " + ep);
+								LogHelper.Log.WriteLine("Client for " + sourceIp + " has changed endpoint from " + sender.Session.RemoteEP + " to " + ep);
 								s.SendTo(new byte[] { 0x3, 0, 0, 0 }, 4, SocketFlags.None, sender.Session.RemoteEP);
 								_storage.RemoveSession(sender.Session.RemoteEP);
 								sender.Session = session;
diff --git a/AutoTunnel/Program.cs b/AutoTunnel/Program.cs
index 278e251..f648c51 100644
--- a/AutoTunnel/Program.cs
+++ b/AutoTunnel/Program.cs
@@ -1,6 +1,6 @@
 using System;
-using System.IO;
 using System.Linq;
+using System.Reflection;
 using System.ServiceProcess;
 using System.Threading;
 
@@ -8,65 +8,22 @@
 using Force.AutoTunnel.Logging;
 using Force.AutoTunnel.Service;
 
-using Newtonsoft.Json;
-
 namespace Force.AutoTunnel
 {
 	public class Program
 	{
-		public static MainConfig Config { get; private set; }
-
 		public static void Main(string[] args)
 		{
 			if (ProcessArgs(args)) return;
 
-			var configPath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "config.json");
-			if (!File.Exists(configPath))
-			{
-				Console.Error.WriteLine("Missing config file");
-				return;
-			}
-
-			MainConfig config;
-
-			try
-			{
-				config = new JsonSerializer().Deserialize<MainConfig>(new JsonTextReader(new StreamReader(File.OpenRead(configPath))));
-				if (config.RemoteClients == null)
-					config.RemoteClients = new RemoteClientConfig[0];
-				if (config.RemoteClients.Length == 0) 
-					config.EnableListening = false;
-				if (config.RemoteServers == null)
-					config.RemoteServers = new RemoteServerConfig[0];
-				foreach (var remoteServerConfig in config.RemoteServers)
-				{
-					if (string.IsNullOrEmpty(remoteServerConfig.ConnectHost) && string.IsNullOrEmpty(remoteServerConfig.TunnelHost))
-						throw new InvalidOperationException("Missing host info in config");
-
-					if (string.IsNullOrEmpty(remoteServerConfig.TunnelHost))
-						remoteServerConfig.TunnelHost = remoteServerConfig.ConnectHost;
-					if (string.IsNullOrEmpty(remoteServerConfig.ConnectHost))
-						remoteServerConfig.ConnectHost = remoteServerConfig.TunnelHost;
-				}
-
-				var log = new AggregateLog();
-				if (Environment.UserInteractive) log.AddLog(new ConsoleLog());
-				if (!string.IsNullOrEmpty(config.LogFileName)) log.AddLog(new FileLog(config.LogFileName));
-				LogHelper.SetLog(log);
-			}
-			catch (Exception ex)
-			{
-				Console.Error.WriteLine("Error in parsing config: " + ex.Message);
-				return;
-			}
-
 			if (!NativeHelper.IsNativeAvailable)
 			{
 				Console.Error.WriteLine("Cannot load WinDivert library");
 				return;
 			}
 
-			Config = config;
+			if (!ConfigHelper.LoadConfig(true))
+				return;
 
 			if (Environment.UserInteractive)
 			{
@@ -93,9 +50,12 @@ private static bool ProcessArgs(string[] args)
 
 		private static void RunInConsole()
 		{
+			Console.WriteLine("Press Ctrl+C for exit");
+
+			var attr = typeof(Program).Assembly.GetCustomAttributes(typeof(AssemblyFileVersionAttribute), false).Cast<AssemblyFileVersionAttribute>().First();
+			LogHelper.Log.WriteLine("AutoTunnel by Force. Version: " + attr.Version);
 			AppDomain.CurrentDomain.DomainUnload += (sender, args) => ConsoleHelper.SetActiveIcon(ConsoleHelper.IconStatus.Default);
 			Console.CancelKeyPress += (sender, args) => ConsoleHelper.SetActiveIcon(ConsoleHelper.IconStatus.Default);
-			Console.WriteLine("Press Ctrl+C for exit");
 			LogHelper.Log.WriteLine("Starting interactive...");
 			Starter.Start();
 			Thread.Sleep(-1);
diff --git a/AutoTunnel/Properties/AssemblyInfo.cs b/AutoTunnel/Properties/AssemblyInfo.cs
index b160203..7c34637 100644
--- a/AutoTunnel/Properties/AssemblyInfo.cs
+++ b/AutoTunnel/Properties/AssemblyInfo.cs
@@ -1,5 +1,4 @@
 using System.Reflection;
-using System.Runtime.CompilerServices;
 using System.Runtime.InteropServices;
 
 // General Information about an assembly is controlled through the following 
diff --git a/AutoTunnel/ReplySender.cs b/AutoTunnel/ReplySender.cs
index 3c93613..03fdac5 100644
--- a/AutoTunnel/ReplySender.cs
+++ b/AutoTunnel/ReplySender.cs
@@ -12,7 +12,7 @@ public class ReplySender : BaseSender
 
 		private readonly EncryptHelper _encryptHelper;
 
-		public ReplySender(TunnelStorage.Session session, IPAddress watchAddr, Socket socket, TunnelStorage storage)
+		public ReplySender(TunnelSession session, IPAddress watchAddr, Socket socket, TunnelStorage storage)
 			: base(session, watchAddr, storage)
 		{
 			LogHelper.Log.WriteLine("Tunnel watcher was created for " + watchAddr);
@@ -22,6 +22,7 @@ public ReplySender(TunnelStorage.Session session, IPAddress watchAddr, Socket so
 
 		protected override void Send(byte[] packet, int packetLen)
 		{
+			Session.UpdateSendActivity();
 			var len = _encryptHelper.Encrypt(packet, packetLen);
 			_socket.SendTo(_encryptHelper.InnerBuf, len, SocketFlags.None, Session.RemoteEP);
 		}
diff --git a/AutoTunnel/Starter.cs b/AutoTunnel/Starter.cs
index 51f6603..9e78daf 100644
--- a/AutoTunnel/Starter.cs
+++ b/AutoTunnel/Starter.cs
@@ -16,7 +16,7 @@ public class Starter
 		public static void Start()
 		{
 			_storage = new TunnelStorage();
-			var config = Program.Config;
+			var config = ConfigHelper.Config;
 
 			if (config.EnableListening)
 			{
@@ -40,8 +40,8 @@ public static void Stop()
 			_storage.RemoveAllSessions();
 			if (_listener != null)
 				_listener.Dispose();
-			if (Program.Config.AddFirewallRule)
-				FirewallHelper.DeleteFirewallRule(Program.Config.Port.ToString(CultureInfo.InvariantCulture));
+			if (ConfigHelper.Config.AddFirewallRule)
+				FirewallHelper.DeleteFirewallRule(ConfigHelper.Config.Port.ToString(CultureInfo.InvariantCulture));
 		}
 	}
 }
diff --git a/AutoTunnel/StateFlags.cs b/AutoTunnel/StateFlags.cs
index b2c8297..bab6a20 100644
--- a/AutoTunnel/StateFlags.cs
+++ b/AutoTunnel/StateFlags.cs
@@ -14,6 +14,9 @@ public enum StateFlags : byte
 
 		ErrorFromProxy = 8,
 
-		Pong = 9
+		Pong = 9,
+
+		// todo : think about it
+		// ConnectionClosing = 10
 	}
 }
diff --git a/AutoTunnel/TunnelSession.cs b/AutoTunnel/TunnelSession.cs
new file mode 100644
index 0000000..82b51e6
--- /dev/null
+++ b/AutoTunnel/TunnelSession.cs
@@ -0,0 +1,47 @@
+using System;
+using System.Net;
+
+using Force.AutoTunnel.Encryption;
+
+namespace Force.AutoTunnel
+{
+	public class TunnelSession
+	{
+		public TunnelSession(IPEndPoint remoteEP)
+		{
+			RemoteEP = remoteEP;
+			UpdateReceiveActivity();
+			UpdateSendActivity();
+		}
+
+		public IPEndPoint RemoteEP { get; private set; }
+
+		public byte[] Key { get; set; }
+
+		public DecryptHelper Decryptor { get; set; }
+
+		public DateTime LastReceiveActivity { get; private set; }
+
+		public DateTime LastSendActivity { get; private set; }
+
+		public bool IsClientSession { get; set; }
+
+		public void UpdateReceiveActivity()
+		{
+			LastReceiveActivity = DateTime.UtcNow;
+		}
+
+		public void UpdateSendActivity()
+		{
+			LastSendActivity = DateTime.UtcNow;
+		}
+
+		public TimeSpan SendReceiveDifference
+		{
+			get
+			{
+				return LastSendActivity.Subtract(LastReceiveActivity);
+			}
+		}
+	}
+}
\ No newline at end of file
diff --git a/AutoTunnel/TunnelStorage.cs b/AutoTunnel/TunnelStorage.cs
index 63db284..6d5e24c 100644
--- a/AutoTunnel/TunnelStorage.cs
+++ b/AutoTunnel/TunnelStorage.cs
@@ -26,7 +26,7 @@ public BaseSender GetOrAddSender(IPAddress dstAddr, Func<BaseSender> creatorFunc
 		public IPEndPoint[] GetOldSessions(TimeSpan killTime)
 		{
 			var dt = DateTime.UtcNow;
-			return _sessions.Where(x => !x.Value.IsClientSession && dt.Subtract(x.Value.LastActivity) >= killTime)
+			return _sessions.Where(x => !x.Value.IsClientSession && dt.Subtract(x.Value.LastReceiveActivity) >= killTime)
 				.Select(x => x.Key)
 				.Select(x => new IPEndPoint((long)(x >> 16), (int)(x & 0xffff)))
 				.ToArray();
@@ -43,7 +43,7 @@ public void RemoveAllSessions()
 		public void RemoveSession(IPEndPoint endPoint)
 		{
 			var hostKey = GetHostKey(endPoint);
-			Session session;
+			TunnelSession session;
 			if (_sessions.TryRemove(hostKey, out session))
 			{
 				if (session.IsClientSession)
@@ -59,36 +59,12 @@ public void RemoveSession(IPEndPoint endPoint)
 			SetIcon();
 		}
 
-		public class Session
-		{
-			public Session(IPEndPoint remoteEP)
-			{
-				RemoteEP = remoteEP;
-				UpdateLastActivity();
-			}
-
-			public IPEndPoint RemoteEP { get; private set; }
-
-			public byte[] Key { get; set; }
-
-			public DecryptHelper Decryptor { get; set; }
-
-			public DateTime LastActivity { get; private set; }
-
-			public bool IsClientSession { get; set; }
-
-			public void UpdateLastActivity()
-			{
-				LastActivity = DateTime.UtcNow;
-			}
-		}
-
-		private readonly ConcurrentDictionary<ulong, Session> _sessions = new ConcurrentDictionary<ulong, Session>();
+		private readonly ConcurrentDictionary<ulong, TunnelSession> _sessions = new ConcurrentDictionary<ulong, TunnelSession>();
 
-		public Session AddSession(byte[] sessionKey, IPEndPoint remoteEP)
+		public TunnelSession AddSession(byte[] sessionKey, IPEndPoint remoteEP)
 		{
 			var hostKey = GetHostKey(remoteEP);
-			var s = new Session(remoteEP)
+			var s = new TunnelSession(remoteEP)
 				{
 					Key = sessionKey,
 					Decryptor = new DecryptHelper(sessionKey)
@@ -98,9 +74,9 @@ public Session AddSession(byte[] sessionKey, IPEndPoint remoteEP)
 			return s;
 		}
 
-		public Session GetSession(IPEndPoint remoteHost)
+		public TunnelSession GetSession(IPEndPoint remoteHost)
 		{
-			Session value;
+			TunnelSession value;
 			if (_sessions.TryGetValue(GetHostKey(remoteHost), out value)) return value;
 			return null;
 		}
diff --git a/README.md b/README.md
index a7f9516..4f65257 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,140 @@
 # AutoTunnel
-Secured network tunnel for two computers connection
+Secured network tunnel for connecting two computers. Main usage: connecting travelling computer to one server.
+
+## Features
+
+* Works for Windows 7 or greater
+* Client-Server model
+* Works on IP level and tunnels ICMP, TCP and UDP data
+* Uses only one UDP port (12017 by default)
+* Can connect by hostnames with periodic refreshing data
+* Client can be NAT'ed
+* Server can be NAT'ed, but you need to use a special proxy
+* Creates transparent secured tunnel between two computers without allocation of additional IP-addresses, so you do not need for separate DNS-names for computers 
+
+## Differences from VPN
+
+* No server needed
+* No separate IP address or network interface
+* Always active (if service running)
+
+## Differences from IPSec
+
+* No need to specify both endpoints to static addresses
+* Only one UDP port for usage (insted of ESP, AH protocols and 500 and 4500 UDP ports)
+* Just some settings to make tunnel works, you no need to specify lot of parameters in different configs and phases
+* Currently, no IPv6 support
+
+## Limitations
+
+* Due usage existing IPs for computers there are can be collision with current IPs
+* If network has problems with UDP fragmentation (or badly configured Jumbo Frames), there are can be strange errors and packet loss
+
+# Description
+
+AutoTunnel uses [WinDivert](https://reqrypt.org/windivert.html) library to catch outgoing network packets, transfers it to another computer and puts them back, as normal packets.
+So, this packets looks like usual network packets, but you do not need to specify routing tables between computers. These computers are in virtual local network.
+After estabilishing connection with another computer, it begin to catch packets to source computer and transfers it back to it through estabilished tunnel.
+
+## Encryption
+Tunnel is encrypted with AES256 with PFS support. Currently, for auth you can use only preshared keys (I think, it simple and good variant for authentication, because one key can be changed to another in some seconds, you do not need to regenerate certificates or private keys).
+This key is used only for initial handshake and has not transferred in open form. After handshake stage, another, temporary session key is used for data encryption.
+
+## Tunnel Handling
+
+There are two types of computers:
+
+* Server - listens incoming connections
+* Client - connects to server
+
+Any computer can be server for others computers and client for anothers. There are no need to use separate program.
+So, despite only two computers can use one tunnel, you can create a lot of tunnels between pairs of different computers.
+
+Also, you can estabilish connection between two computers in client mode. Two tunnels will be created, but packets will be passed correctly.
+
+
+# Installation and running
+
+You need:
+
+* Windows 7/2008R2 or greater
+* Enabled .NET Framework 4.0
+* [VC Redist 2012](https://www.microsoft.com/en-us/download/details.aspx?id=30679)
+
+Program can be runned in console or work as a service. Service can be installed in next way:
+```
+AutoTunnel.exe service install
+sc start AutoTunnel
+```
+## Configuration
+
+Before starting, you need to configure config.json file. Example config:
+```
+{
+	"enableListening": true,
+	"addFirewallRule": true,
+	"port": 12017,
+	"logFileName": "somelog.log",
+	"autoReloadOnChange": true,
+	"remoteClients": [
+		{
+			"key": "key1",
+			"description": "my key"
+		}
+	],
+	"remoteServers": [
+		{
+			"tunnelHost": "192.168.16.8",
+			"connectHost": "192.168.18.1:12017",
+			"proxyHost": "192.168.24.1:12018",
+			"key": "key1",
+			"keepAlive": true,
+			"connectOnStart": true
+		}
+	]
+}
+```
+
+Key | Default Value | Description
+----|---------------|------------
+enableListening | true | Is Application listen incoming connections
+addFirewallRule | true | Add opening rule to Windows Firewall
+port | 12017 | Listening port
+logFileName | null | Name of file to log program messages
+autoReloadOnChange | true | Reload config automatically if it changed
+remoteClients | null | Data of remote clients for server (if multiple clients are specified - any key can be used for connection)
+remoteClients.key | null | Pre-shared Key for remote client
+remoteClients.description | null | Description of remote client for logging and your notes
+remoteServers | null | Servers for connecting as client
+remoteServers.tunnelHost | null | IP address or host name of remote computer. If any packets will be send to this computer, it will be passed through tunnel
+remoteServers.connectHost | null | IP address or host with port of remote computer to connect. If skipped - tunnel host data can be used. You can specify it, it target computer has different IP addresses and you want to connect to one of them, but pass data for another
+remoteServers.proxyHost | null | IP address or host with port of proxy. Proxy can be used to connect to server which is not available from outer network
+remoteServers.key | null | Pre-shared key to estabilish connection with remote server
+remoteServers.keepAlive | false | Send special keep alive packets to keep connection alive. If you need permament connection, you can set it to true 
+remoteServers.connectOnStart | false | Connect to another computer on application start or only when first packet will be sent to it
+
+
+# Proxy
+If target computer is unavailabe from outer network but you have separate computer which can transfer packets from local network to outer network, you can use special proxy program.
+
+Full scheme of connection can be similar:
+
+```
+Client computer (gray ip, NAT) <-> Router <-> (Internet) <-> Router      <-> Proxy       <-> Server (NAT)
+192.168.1.42 <-> 192.168.1.1|91.10.20.42  <-> (Internet) <-> 82.40.10.1 <-> 82.40.10.54 <-> 10.0.1.15
+```
+
+
+Current implementation does not encrypt data, it just transfer packets from one computer to another. For better compatibility, current version of proxy is written on node.js, so it can be run at lot of hardware.
+
+Also, when you use a proxy, just proxy resolves host name to ip. So, it can be useful for internal host names.
+
+By default, proxy is listening on 12018 port and can filter destination ip addresses or host names.
+
+# Licensing
+
+AutoTunnel has [MIT](https://github.com/force-net/AutTunnel/blob/develop/LICENSE) license, but it uses [WinDivert](https://reqrypt.org/windivert.html) library with [LGPL3](https://reqrypt.org/windivert-doc-v1.2.html#license) license.
+ 
+<div>Application Icons made by <a href="http://www.freepik.com" title="Freepik">Freepik</a> from <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a> is licensed by <a href="http://creativecommons.org/licenses/by/3.0/" title="Creative Commons BY 3.0" target="_blank">CC 3.0 BY</a></div>
+ 
+

From cafde918c227fd1f346577256ba9f1688387051a Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Wed, 6 Sep 2017 23:33:12 +0300
Subject: [PATCH 11/15] bug fixes

---
 AutoTunnel/AutoTunnel.csproj                    |   4 ++--
 AutoTunnel/BaseSender.cs                        |   5 +++--
 AutoTunnel/ClientSender.cs                      |  14 +++++++++-----
 AutoTunnel/Encryption/EncryptHelper.cs          |   7 +------
 AutoTunnel/Listener.cs                          |   6 +++---
 AutoTunnel/Properties/AssemblyInfo.cs           |   2 +-
 AutoTunnel/Service/ConsoleHelper.cs             |   8 ++++----
 AutoTunnel/TunnelStorage.cs                     |  14 +++++++-------
 README.md                                       |  16 ++++++++--------
 ...estabilishing.png => tunnel_establishing.png | Bin
 10 files changed, 38 insertions(+), 38 deletions(-)
 rename tunnel_estabilishing.png => tunnel_establishing.png (100%)

diff --git a/AutoTunnel/AutoTunnel.csproj b/AutoTunnel/AutoTunnel.csproj
index 1ba1b64..924adb0 100644
--- a/AutoTunnel/AutoTunnel.csproj
+++ b/AutoTunnel/AutoTunnel.csproj
@@ -138,8 +138,8 @@
     </EmbeddedResource>
   </ItemGroup>
   <ItemGroup>
-    <EmbeddedResource Include="..\tunnel_estabilishing.png">
-      <Link>tunnel_estabilishing.png</Link>
+    <EmbeddedResource Include="..\tunnel_establishing.png">
+      <Link>tunnel_establishing.png</Link>
     </EmbeddedResource>
   </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
diff --git a/AutoTunnel/BaseSender.cs b/AutoTunnel/BaseSender.cs
index 1a5b0ab..8b3a28e 100644
--- a/AutoTunnel/BaseSender.cs
+++ b/AutoTunnel/BaseSender.cs
@@ -55,10 +55,11 @@ private void StartInternal()
 			int packetLen = 0;
 			while (!_isExiting)
 			{
+				var oldHandle = _handle;
 				if (!WinDivert.WinDivertRecv(_handle, packet, packet.Length, ref addr, ref packetLen))
 				{
-					// showing error only if handle is not removed
-					if (_handle != IntPtr.Zero)
+					// showing error only if handle is not removed and not changed
+					if (_handle != IntPtr.Zero && oldHandle == _handle)
 					{
 						LogHelper.Log.WriteLine("Cannot receive network data: " + Marshal.GetLastWin32Error());
 						Thread.Sleep(1000);
diff --git a/AutoTunnel/ClientSender.cs b/AutoTunnel/ClientSender.cs
index 40dff41..97ebd10 100644
--- a/AutoTunnel/ClientSender.cs
+++ b/AutoTunnel/ClientSender.cs
@@ -1,6 +1,7 @@
 using System;
 using System.Linq;
 using System.Net;
+using System.Net.NetworkInformation;
 using System.Net.Sockets;
 using System.Text;
 using System.Threading;
@@ -119,7 +120,7 @@ private void InitInternal()
 
 				_connectEP = destEP;
 
-				Storage.IncrementEstabilishing();
+				Storage.IncrementEstablishing();
 				Storage.AddSession(new byte[16], destEP).IsClientSession = true;
 
 				if (proxyEP != null)
@@ -177,7 +178,7 @@ private void InitInternal()
 					period = Math.Min(period + 2000, 1000 * 60);
 
 					LogHelper.Log.WriteLine("No response from server " + destEP);
-					if (DateTime.UtcNow.Subtract(_lastInitRequest).TotalSeconds > 60)
+					if (!_config.ConnectOnStart && DateTime.UtcNow.Subtract(_lastInitRequest).TotalSeconds > 60)
 					{
 						LogHelper.Log.WriteLine("Stopping connect atteptions to " + destEP + " until another request will occur");
 					}
@@ -185,7 +186,7 @@ private void InitInternal()
 
 				if (recLength < 4 || _receiveBuffer[0] != (byte)StateFlags.ConnectAnswer)
 				{
-					Console.Error.WriteLine("Invalid server response");
+					LogHelper.Log.WriteLine("Invalid server response");
 					Storage.RemoveSession(destEP);
 					return;
 				}
@@ -193,7 +194,7 @@ private void InitInternal()
 				var decLen = decryptHelper.Decrypt(_receiveBuffer, 4);
 				if (decLen < 9)
 				{
-					Console.Error.WriteLine("Invalid server response");
+					LogHelper.Log.WriteLine("Invalid server response");
 					Storage.RemoveSession(destEP);
 					return;
 				}
@@ -206,11 +207,14 @@ private void InitInternal()
 				LogHelper.Log.WriteLine("Initialized connection to " + destEP);
 				_isInited = true;
 				_initingEvent.Set();
+
+				// after connect - sending packet to estabilish backward connection
+				using (var p = new Ping()) p.Send(DstAddr, 1);
 			}
 			finally
 			{
 				Interlocked.Exchange(ref _isIniting, 0);
-				Storage.DecrementEstabilishing();
+				Storage.DecrementEstablishing();
 			}
 		}
 
diff --git a/AutoTunnel/Encryption/EncryptHelper.cs b/AutoTunnel/Encryption/EncryptHelper.cs
index 830b32d..adedfe1 100644
--- a/AutoTunnel/Encryption/EncryptHelper.cs
+++ b/AutoTunnel/Encryption/EncryptHelper.cs
@@ -33,16 +33,11 @@ public EncryptHelper(byte[] key)
 		public int Encrypt(byte[] data, int len)
 		{
 			var hb = _headerBuf;
-			// _random.GetBytes(hb);
+			_random.GetBytes(hb);
 			hb[0] = (byte)(len & 0xff);
 			hb[1] = (byte)((len >> 8) & 0xff);
 			hb[2] = (byte)((len >> 16) & 0xff);
 			hb[3] = (byte)((len >> 24) & 0xff);
-			// var c = Interlocked.Increment(ref _counter);
-			/*_headerBuf[4] = (byte)(c & 0xff);
-			_headerBuf[5] = (byte)((c >> 8) & 0xff);
-			_headerBuf[6] = (byte)((c >> 16) & 0xff);
-			_headerBuf[7] = (byte)((c >> 24) & 0xff);*/
 			hb[4] = 0x1;
 			hb[5] = 0x0;
 			hb[6] = (byte)'A';
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
index 44e01d8..7aaf6aa 100644
--- a/AutoTunnel/Listener.cs
+++ b/AutoTunnel/Listener.cs
@@ -78,7 +78,7 @@ private void StartInternal()
 						{
 							if (inBuf[0] == (byte)StateFlags.Connecting)
 							{
-								LogHelper.Log.WriteLine("Estabilishing connection from " + ep);
+								LogHelper.Log.WriteLine("Establishing connection from " + ep);
 								int dataLen = -1;
 								DecryptHelper decryptHelper = null;
 								EncryptHelper encryptHelper = null;
@@ -116,7 +116,7 @@ private void StartInternal()
 
 								s.SendTo(initBuf, initBuf.Length, SocketFlags.None, ep);
 								var descr = selectedRemoteClient != null ? (!string.IsNullOrEmpty(selectedRemoteClient.Description) ? " as " + selectedRemoteClient.BinaryKey : string.Empty) : string.Empty;
-								LogHelper.Log.WriteLine("Estabilished connection from " + ep + descr);
+								LogHelper.Log.WriteLine("Established connection from " + ep + descr);
 								continue;
 							}
 
@@ -167,7 +167,7 @@ private void StartInternal()
 
 						// var sourceIp = decBuf[12] + "." + decBuf[13] + "." + decBuf[14] + "." + decBuf[15];
 						var sourceIp = new IPAddress(decBuf[12] | (decBuf[13] << 8) | (decBuf[14] << 16) | (decBuf[15] << 24));
-						// if we already has option to estabilish connection to this ip, do not add additional sender
+						// if we already has option to establish connection to this ip, do not add additional sender
 						if (!_storage.OutgoingConnectionAdresses.Contains(sourceIp))
 						{
 							var sender = _storage.GetOrAddSender(sourceIp, () => new ReplySender(session, sourceIp, s, _storage));
diff --git a/AutoTunnel/Properties/AssemblyInfo.cs b/AutoTunnel/Properties/AssemblyInfo.cs
index 7c34637..b5909df 100644
--- a/AutoTunnel/Properties/AssemblyInfo.cs
+++ b/AutoTunnel/Properties/AssemblyInfo.cs
@@ -32,4 +32,4 @@
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
 [assembly: AssemblyVersion("1.0.0.0")]
-[assembly: AssemblyFileVersion("1.0.0.0")]
\ No newline at end of file
+[assembly: AssemblyFileVersion("1.1.0.2")]
\ No newline at end of file
diff --git a/AutoTunnel/Service/ConsoleHelper.cs b/AutoTunnel/Service/ConsoleHelper.cs
index 7119492..1cc61f4 100644
--- a/AutoTunnel/Service/ConsoleHelper.cs
+++ b/AutoTunnel/Service/ConsoleHelper.cs
@@ -12,7 +12,7 @@ public static class ConsoleHelper
 		private static extern IntPtr SendMessage(IntPtr hWnd, uint message, int lParam, IntPtr wParam);
 
 		private static IntPtr _iconActiveHandle = IntPtr.Zero;
-		private static IntPtr _iconEstabilishingHandle = IntPtr.Zero;
+		private static IntPtr _iconEstablishingHandle = IntPtr.Zero;
 		private static IntPtr _iconParentHandle = IntPtr.Zero;
 
 		private static void RestoreOriginalIcon()
@@ -26,7 +26,7 @@ private static void RestoreOriginalIcon()
 		public enum IconStatus
 		{
 			Active,
-			Estabilishing,
+			Establishing,
 			Default
 		}
 
@@ -38,7 +38,7 @@ public static void SetActiveIcon(IconStatus status)
 			{
 // ReSharper disable AssignNullToNotNullAttribute
 				_iconActiveHandle = new Bitmap(typeof(ConsoleHelper).Assembly.GetManifestResourceStream("Force.AutoTunnel.tunnel_active.png")).GetHicon();
-				_iconEstabilishingHandle = new Bitmap(typeof(ConsoleHelper).Assembly.GetManifestResourceStream("Force.AutoTunnel.tunnel_estabilishing.png")).GetHicon();
+				_iconEstablishingHandle = new Bitmap(typeof(ConsoleHelper).Assembly.GetManifestResourceStream("Force.AutoTunnel.tunnel_establishing.png")).GetHicon();
 // ReSharper restore AssignNullToNotNullAttribute
 
 				_iconParentHandle = SendMessage(GetConsoleWindow(), 0x80, 0, _iconActiveHandle);
@@ -46,7 +46,7 @@ public static void SetActiveIcon(IconStatus status)
 
 			var icon = _iconParentHandle;
 			if (status == IconStatus.Active) icon = _iconActiveHandle;
-			else if (status == IconStatus.Estabilishing) icon = _iconEstabilishingHandle;
+			else if (status == IconStatus.Establishing) icon = _iconEstablishingHandle;
 			SendMessage(GetConsoleWindow(), 0x80, 0, icon);
 			SendMessage(GetConsoleWindow(), 0x80, 1, icon);
 		}
diff --git a/AutoTunnel/TunnelStorage.cs b/AutoTunnel/TunnelStorage.cs
index 6d5e24c..c873431 100644
--- a/AutoTunnel/TunnelStorage.cs
+++ b/AutoTunnel/TunnelStorage.cs
@@ -93,25 +93,25 @@ public bool HasSession(ulong key)
 			return _sessions.ContainsKey(key);
 		}
 
-		private int _estabilishingCount;
+		private int _establishingCount;
 
-		public void IncrementEstabilishing()
+		public void IncrementEstablishing()
 		{
-			Interlocked.Increment(ref _estabilishingCount);
+			Interlocked.Increment(ref _establishingCount);
 			SetIcon();
 		}
 
-		public void DecrementEstabilishing()
+		public void DecrementEstablishing()
 		{
-			Interlocked.Decrement(ref _estabilishingCount);
+			Interlocked.Decrement(ref _establishingCount);
 			SetIcon();
 		}
 
 		private void SetIcon()
 		{
-			if (_estabilishingCount > 0)
+			if (_establishingCount > 0)
 			{
-				ConsoleHelper.SetActiveIcon(ConsoleHelper.IconStatus.Estabilishing);
+				ConsoleHelper.SetActiveIcon(ConsoleHelper.IconStatus.Establishing);
 			}
 			else
 			{
diff --git a/README.md b/README.md
index 4f65257..764ba84 100644
--- a/README.md
+++ b/README.md
@@ -21,7 +21,7 @@ Secured network tunnel for connecting two computers. Main usage: connecting trav
 ## Differences from IPSec
 
 * No need to specify both endpoints to static addresses
-* Only one UDP port for usage (insted of ESP, AH protocols and 500 and 4500 UDP ports)
+* Only one UDP port for usage (instead of ESP, AH protocols and 500 and 4500 UDP ports)
 * Just some settings to make tunnel works, you no need to specify lot of parameters in different configs and phases
 * Currently, no IPv6 support
 
@@ -34,7 +34,7 @@ Secured network tunnel for connecting two computers. Main usage: connecting trav
 
 AutoTunnel uses [WinDivert](https://reqrypt.org/windivert.html) library to catch outgoing network packets, transfers it to another computer and puts them back, as normal packets.
 So, this packets looks like usual network packets, but you do not need to specify routing tables between computers. These computers are in virtual local network.
-After estabilishing connection with another computer, it begin to catch packets to source computer and transfers it back to it through estabilished tunnel.
+After establishing connection with another computer, it begins to catch packets to source computer and transfers it back to it through established tunnel.
 
 ## Encryption
 Tunnel is encrypted with AES256 with PFS support. Currently, for auth you can use only preshared keys (I think, it simple and good variant for authentication, because one key can be changed to another in some seconds, you do not need to regenerate certificates or private keys).
@@ -47,10 +47,10 @@ There are two types of computers:
 * Server - listens incoming connections
 * Client - connects to server
 
-Any computer can be server for others computers and client for anothers. There are no need to use separate program.
+Any computer can be server for others computers and client for another. There is no need to use separate program.
 So, despite only two computers can use one tunnel, you can create a lot of tunnels between pairs of different computers.
 
-Also, you can estabilish connection between two computers in client mode. Two tunnels will be created, but packets will be passed correctly.
+Also, you can establish connection between two computers in client mode. Two tunnels will be created, but packets will be passed correctly.
 
 
 # Installation and running
@@ -61,7 +61,7 @@ You need:
 * Enabled .NET Framework 4.0
 * [VC Redist 2012](https://www.microsoft.com/en-us/download/details.aspx?id=30679)
 
-Program can be runned in console or work as a service. Service can be installed in next way:
+Program can be started in console or work as a service. Service can be installed in next way:
 ```
 AutoTunnel.exe service install
 sc start AutoTunnel
@@ -109,18 +109,18 @@ remoteServers | null | Servers for connecting as client
 remoteServers.tunnelHost | null | IP address or host name of remote computer. If any packets will be send to this computer, it will be passed through tunnel
 remoteServers.connectHost | null | IP address or host with port of remote computer to connect. If skipped - tunnel host data can be used. You can specify it, it target computer has different IP addresses and you want to connect to one of them, but pass data for another
 remoteServers.proxyHost | null | IP address or host with port of proxy. Proxy can be used to connect to server which is not available from outer network
-remoteServers.key | null | Pre-shared key to estabilish connection with remote server
+remoteServers.key | null | Pre-shared key to establish connection with remote server
 remoteServers.keepAlive | false | Send special keep alive packets to keep connection alive. If you need permament connection, you can set it to true 
 remoteServers.connectOnStart | false | Connect to another computer on application start or only when first packet will be sent to it
 
 
 # Proxy
-If target computer is unavailabe from outer network but you have separate computer which can transfer packets from local network to outer network, you can use special proxy program.
+If target computer is unavailable from outer network but you have separate computer which can transfer packets from local network to outer network, you can use special proxy program.
 
 Full scheme of connection can be similar:
 
 ```
-Client computer (gray ip, NAT) <-> Router <-> (Internet) <-> Router      <-> Proxy       <-> Server (NAT)
+Client computer (gray ip, NAT) <-> Router <-> (Internet) <-> Router     <-> Proxy       <-> Server (NAT)
 192.168.1.42 <-> 192.168.1.1|91.10.20.42  <-> (Internet) <-> 82.40.10.1 <-> 82.40.10.54 <-> 10.0.1.15
 ```
 
diff --git a/tunnel_estabilishing.png b/tunnel_establishing.png
similarity index 100%
rename from tunnel_estabilishing.png
rename to tunnel_establishing.png

From cc509fab81cd131277bea967f3b4a6cfbc4666a1 Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Tue, 5 Feb 2019 23:28:06 +0300
Subject: [PATCH 12/15] ability to bind to specific address, test code for
 changing mss

---
 AutoTunnel/BaseSender.cs        | 20 ++++++++++++++++++++
 AutoTunnel/Config/MainConfig.cs |  2 ++
 AutoTunnel/Listener.cs          | 16 ++++++++++++++--
 AutoTunnel/Logging/ILog.cs      |  7 +------
 AutoTunnel/PacketWriter.cs      | 12 ++++++++++++
 AutoTunnel/WinDivert.cs         |  3 +++
 6 files changed, 52 insertions(+), 8 deletions(-)

diff --git a/AutoTunnel/BaseSender.cs b/AutoTunnel/BaseSender.cs
index 8b3a28e..e09f1c2 100644
--- a/AutoTunnel/BaseSender.cs
+++ b/AutoTunnel/BaseSender.cs
@@ -85,6 +85,26 @@ private void StartInternal()
 						continue;
 					}
 				}
+
+				// tcp SYN
+				/*if (packet[9] == 6)
+				{
+					Console.WriteLine(packet[20 + 13].ToString("X2"));
+				}*/
+
+				// tcp + syn + MSS + valid length
+				if (packet[9] == 6 && (packet[20 + 13] & 2) != 0 && packet[20 + 20] == 2 && packetLen > 20 + 24)
+				{
+					var len = packet[20 + 22] << 8 | packet[20 + 23];
+					Console.WriteLine(packet[20 + 22] << 8 | packet[20 + 23]);
+					// UDP + encryption
+					len -= 28 + 32;
+					// len = 1200;
+					packet[20 + 22] = (byte)(len >> 8);
+					packet[20 + 23] = (byte)(len & 0xFF);
+					WinDivert.WinDivertHelperCalcChecksums(packet, packetLen, ref addr, 0);
+				}
+
 				// Console.WriteLine("> " + packetLen + " " + addr.IfIdx + " " + addr.SubIfIdx + " " + addr.Direction);
 				try
 				{
diff --git a/AutoTunnel/Config/MainConfig.cs b/AutoTunnel/Config/MainConfig.cs
index ddb520b..b80a86c 100644
--- a/AutoTunnel/Config/MainConfig.cs
+++ b/AutoTunnel/Config/MainConfig.cs
@@ -16,6 +16,8 @@ public class MainConfig
 
 		public RemoteClientConfig[] RemoteClients { get; set; }
 
+		public string ListenAddress { get; set; }
+
 		[DefaultValue(12017)]
 		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
 		public int Port { get; set; }
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
index 7aaf6aa..3b50752 100644
--- a/AutoTunnel/Listener.cs
+++ b/AutoTunnel/Listener.cs
@@ -33,7 +33,9 @@ public Listener(TunnelStorage storage, MainConfig config)
 
 		public void Start()
 		{
-			LogHelper.Log.WriteLine("Started listening for incoming connections on " + _config.Port);
+			LogHelper.Log.WriteLine("Started listening for incoming connections on "
+				+ (string.IsNullOrEmpty(_config.ListenAddress) ? string.Empty : (_config.ListenAddress + ":"))
+				+ _config.Port);
 			Task.Factory.StartNew(StartInternal);
 			Task.Factory.StartNew(CleanupThread);
 		}
@@ -61,7 +63,17 @@ private void StartInternal()
 			_socket = s;
 			try
 			{
-				s.Bind(new IPEndPoint(IPAddress.Any, _config.Port));
+				var addr = IPAddress.Any;
+				if (!string.IsNullOrEmpty(_config.ListenAddress))
+				{
+					if (!IPAddress.TryParse(_config.ListenAddress, out addr))
+					{
+						Console.Error.WriteLine("Invalid IP Address in config: " + _config.ListenAddress);
+						Environment.Exit(1);
+					}
+				}
+
+				s.Bind(new IPEndPoint(addr, _config.Port));
 				byte[] inBuf = new byte[65536];
 				EndPoint ep1 = new IPEndPoint(IPAddress.Any, 0);
 				while (!_disposed)
diff --git a/AutoTunnel/Logging/ILog.cs b/AutoTunnel/Logging/ILog.cs
index ed6a426..2f239e0 100644
--- a/AutoTunnel/Logging/ILog.cs
+++ b/AutoTunnel/Logging/ILog.cs
@@ -1,9 +1,4 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Text;
-
-namespace Force.AutoTunnel.Logging
+namespace Force.AutoTunnel.Logging
 {
 	public interface ILog
 	{
diff --git a/AutoTunnel/PacketWriter.cs b/AutoTunnel/PacketWriter.cs
index 7365b95..1266ce6 100644
--- a/AutoTunnel/PacketWriter.cs
+++ b/AutoTunnel/PacketWriter.cs
@@ -1,4 +1,5 @@
 using System;
+using System.Runtime.InteropServices;
 
 namespace Force.AutoTunnel
 {
@@ -25,6 +26,17 @@ public void Dispose()
 		public void Write(byte[] packet, int packetLen)
 		{
 			int writeLen = 0;
+			/*if (packet[9] == 6 && (packet[20 + 13] & 2) != 0 && packet[20 + 20] == 2 && packetLen > 20 + 24)
+			{
+				var len = packet[20 + 22] << 8 | packet[20 + 23];
+				Console.WriteLine("X: " + (packet[20 + 22] << 8 | packet[20 + 23]));
+				// UDP + encryption
+				len -= 28 + 32;
+				packet[20 + 22] = (byte)(len >> 8);
+				packet[20 + 23] = (byte)(len & 0xFF);
+				WinDivert.WinDivertHelperCalcChecksums(packet, packetLen, ref _addr, 0);
+			}*/
+
 			WinDivert.WinDivertSend(_handle, packet, packetLen, ref _addr, ref writeLen);
 		}
 
diff --git a/AutoTunnel/WinDivert.cs b/AutoTunnel/WinDivert.cs
index 3c5447d..bd6f78c 100644
--- a/AutoTunnel/WinDivert.cs
+++ b/AutoTunnel/WinDivert.cs
@@ -79,5 +79,8 @@ public static extern bool WinDivertHelperParsePacket(
 
 		[DllImport("WinDivert.dll")]
 		public static extern bool WinDivertSend(IntPtr handle, byte[] packet, int packetLen, ref WinDivertAddress addr, ref int writeLen);
+
+		[DllImport("WinDivert.dll")]
+		public static extern bool WinDivertHelperCalcChecksums(byte[] packet, int packetLen, ref WinDivertAddress addr, ulong flags);
 	}
 }

From febf26bd07710cd0f4e53d8cf3a9cc63581925c5 Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Wed, 10 Apr 2019 23:59:26 +0300
Subject: [PATCH 13/15] configurable mss clamping (no documentation yet)

---
 AutoTunnel/BaseSender.cs                | 32 +++++++++++++++++--------
 AutoTunnel/ClientSender.cs              |  2 +-
 AutoTunnel/Config/RemoteClientConfig.cs |  2 ++
 AutoTunnel/Config/RemoteServerConfig.cs |  2 ++
 AutoTunnel/Listener.cs                  |  4 +++-
 AutoTunnel/PacketWriter.cs              |  1 -
 AutoTunnel/ReplySender.cs               |  2 +-
 AutoTunnel/TunnelSession.cs             |  3 +++
 8 files changed, 34 insertions(+), 14 deletions(-)

diff --git a/AutoTunnel/BaseSender.cs b/AutoTunnel/BaseSender.cs
index e09f1c2..d92366c 100644
--- a/AutoTunnel/BaseSender.cs
+++ b/AutoTunnel/BaseSender.cs
@@ -22,10 +22,13 @@ public abstract class BaseSender : IDisposable
 
 		public TunnelSession Session { get; set; }
 
-		protected BaseSender(TunnelSession session, IPAddress watchAddr, TunnelStorage storage)
+		protected int? ClampMss;
+
+		protected BaseSender(TunnelSession session, IPAddress watchAddr, TunnelStorage storage, int? clampMss)
 		{
 			Storage = storage;
 			Session = session;
+			ClampMss = clampMss;
 
 			ReInitDivert(watchAddr);
 			Task.Factory.StartNew(StartInternal);
@@ -39,6 +42,11 @@ protected void ReInitDivert(IPAddress newDstAddr)
 
 			//  or (udp and udp.DstPort != 12017)
 			_handle = WinDivert.WinDivertOpen("outbound and ip and (ip.DstAddr == " + newDstAddr + ")", WinDivert.LAYER_NETWORK, 0, 0);
+			if (_handle == new IntPtr(-1))
+			{
+				LogHelper.Log.WriteLine("Cannot open divert driver: " + Marshal.GetLastWin32Error());
+				Environment.Exit(1);
+			}
 		}
 
 		protected abstract void Send(byte[] packet, int packetLen);
@@ -93,16 +101,20 @@ private void StartInternal()
 				}*/
 
 				// tcp + syn + MSS + valid length
-				if (packet[9] == 6 && (packet[20 + 13] & 2) != 0 && packet[20 + 20] == 2 && packetLen > 20 + 24)
+				if (ClampMss.HasValue)
 				{
-					var len = packet[20 + 22] << 8 | packet[20 + 23];
-					Console.WriteLine(packet[20 + 22] << 8 | packet[20 + 23]);
-					// UDP + encryption
-					len -= 28 + 32;
-					// len = 1200;
-					packet[20 + 22] = (byte)(len >> 8);
-					packet[20 + 23] = (byte)(len & 0xFF);
-					WinDivert.WinDivertHelperCalcChecksums(packet, packetLen, ref addr, 0);
+					if (packet[9] == 6 && (packet[20 + 13] & 2) != 0 && packet[20 + 20] == 2 && packetLen > 20 + 24)
+					{
+						var len = packet[20 + 22] << 8 | packet[20 + 23];
+						Console.WriteLine(packet[20 + 22] << 8 | packet[20 + 23]);
+						// UDP + encryption
+						if (ClampMss.Value == 0) len -= 28 + 32;
+						else len = ClampMss.Value - 28 + 32;
+						// len = 1200;
+						packet[20 + 22] = (byte)(len >> 8);
+						packet[20 + 23] = (byte)(len & 0xFF);
+						WinDivert.WinDivertHelperCalcChecksums(packet, packetLen, ref addr, 0);
+					}
 				}
 
 				// Console.WriteLine("> " + packetLen + " " + addr.IfIdx + " " + addr.SubIfIdx + " " + addr.Direction);
diff --git a/AutoTunnel/ClientSender.cs b/AutoTunnel/ClientSender.cs
index 97ebd10..26c786b 100644
--- a/AutoTunnel/ClientSender.cs
+++ b/AutoTunnel/ClientSender.cs
@@ -34,7 +34,7 @@ public class ClientSender : BaseSender
 		private IPEndPoint _connectEP;
 
 		public ClientSender(RemoteServerConfig config, TunnelStorage storage)
-			: base(null, EndpointHelper.ParseEndPoint(config.TunnelHost, 1).Address, storage)
+			: base(null, EndpointHelper.ParseEndPoint(config.TunnelHost, 1).Address, storage, config.ClampMss)
 		{
 			storage.OutgoingConnectionAdresses.Add(DstAddr);
 			_config = config;
diff --git a/AutoTunnel/Config/RemoteClientConfig.cs b/AutoTunnel/Config/RemoteClientConfig.cs
index 17a0cd2..1ce444e 100644
--- a/AutoTunnel/Config/RemoteClientConfig.cs
+++ b/AutoTunnel/Config/RemoteClientConfig.cs
@@ -10,5 +10,7 @@ public class RemoteClientConfig
 		public byte[] BinaryKey { get; set; }
 
 		public string Description { get; set; }
+
+		public int? ClampMss { get; set; }
 	}
 }
diff --git a/AutoTunnel/Config/RemoteServerConfig.cs b/AutoTunnel/Config/RemoteServerConfig.cs
index aa60edf..b3987d6 100644
--- a/AutoTunnel/Config/RemoteServerConfig.cs
+++ b/AutoTunnel/Config/RemoteServerConfig.cs
@@ -18,6 +18,8 @@ public class RemoteServerConfig
 
 		public bool ConnectOnStart { get; set; }
 
+		public int? ClampMss { get; set; }
+
 		[DefaultValue(15)]
 		[JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
 		public int PingInterval { get; set; }
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
index 3b50752..8dcef2e 100644
--- a/AutoTunnel/Listener.cs
+++ b/AutoTunnel/Listener.cs
@@ -118,7 +118,9 @@ private void StartInternal()
 								
 								var serverHandshake = new ServerHandshake();
 								var outPacket = serverHandshake.GetOutPacket(decryptHelper.InnerBuf, dataLen);
-								_storage.AddSession(serverHandshake.SessionKey, ep);
+								var newSession = _storage.AddSession(serverHandshake.SessionKey, ep);
+								if (selectedRemoteClient != null)
+									newSession.ClampMss = selectedRemoteClient.ClampMss;
 								
 								var outLen = encryptHelper.Encrypt(outPacket, outPacket.Length);
 								var initBuf = new byte[outLen + 4];
diff --git a/AutoTunnel/PacketWriter.cs b/AutoTunnel/PacketWriter.cs
index 1266ce6..8659a91 100644
--- a/AutoTunnel/PacketWriter.cs
+++ b/AutoTunnel/PacketWriter.cs
@@ -1,5 +1,4 @@
 using System;
-using System.Runtime.InteropServices;
 
 namespace Force.AutoTunnel
 {
diff --git a/AutoTunnel/ReplySender.cs b/AutoTunnel/ReplySender.cs
index 03fdac5..d2ea9c7 100644
--- a/AutoTunnel/ReplySender.cs
+++ b/AutoTunnel/ReplySender.cs
@@ -13,7 +13,7 @@ public class ReplySender : BaseSender
 		private readonly EncryptHelper _encryptHelper;
 
 		public ReplySender(TunnelSession session, IPAddress watchAddr, Socket socket, TunnelStorage storage)
-			: base(session, watchAddr, storage)
+			: base(session, watchAddr, storage, session.ClampMss)
 		{
 			LogHelper.Log.WriteLine("Tunnel watcher was created for " + watchAddr);
 			_socket = socket;
diff --git a/AutoTunnel/TunnelSession.cs b/AutoTunnel/TunnelSession.cs
index 82b51e6..d34f356 100644
--- a/AutoTunnel/TunnelSession.cs
+++ b/AutoTunnel/TunnelSession.cs
@@ -43,5 +43,8 @@ public TimeSpan SendReceiveDifference
 				return LastSendActivity.Subtract(LastReceiveActivity);
 			}
 		}
+
+		public int? ClampMss { get; set; }
+		
 	}
 }
\ No newline at end of file

From 4838b47d8428d825df6472a86a59a13862618c62 Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Thu, 11 Apr 2019 00:00:02 +0300
Subject: [PATCH 14/15] updated WinDivert to 1.4.3

---
 AutoTunnel/AutoTunnel.csproj          |   5 +++--
 AutoTunnel/Properties/AssemblyInfo.cs |   2 +-
 AutoTunnel/WinDivert32.sys            | Bin 31408 -> 0 bytes
 AutoTunnel/WinDivert64.sys            | Bin 38064 -> 0 bytes
 AutoTunnel/x64/WinDivert.dll          | Bin 21504 -> 23552 bytes
 AutoTunnel/x64/WinDivert64.sys        | Bin 0 -> 53200 bytes
 AutoTunnel/x86/WinDivert.dll          | Bin 18944 -> 23040 bytes
 AutoTunnel/x86/WinDivert32.sys        | Bin 0 -> 46544 bytes
 8 files changed, 4 insertions(+), 3 deletions(-)
 delete mode 100644 AutoTunnel/WinDivert32.sys
 delete mode 100644 AutoTunnel/WinDivert64.sys
 create mode 100644 AutoTunnel/x64/WinDivert64.sys
 create mode 100644 AutoTunnel/x86/WinDivert32.sys

diff --git a/AutoTunnel/AutoTunnel.csproj b/AutoTunnel/AutoTunnel.csproj
index 924adb0..603e8a0 100644
--- a/AutoTunnel/AutoTunnel.csproj
+++ b/AutoTunnel/AutoTunnel.csproj
@@ -32,6 +32,7 @@
     <DefineConstants>TRACE</DefineConstants>
     <ErrorReport>prompt</ErrorReport>
     <WarningLevel>4</WarningLevel>
+    <UseVSHostingProcess>false</UseVSHostingProcess>
   </PropertyGroup>
   <PropertyGroup>
     <SignAssembly>true</SignAssembly>
@@ -120,10 +121,10 @@
     </None>
   </ItemGroup>
   <ItemGroup>
-    <None Include="WinDivert32.sys">
+    <None Include="x86\WinDivert32.sys">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
-    <None Include="WinDivert64.sys">
+    <None Include="x64\WinDivert64.sys">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
   </ItemGroup>
diff --git a/AutoTunnel/Properties/AssemblyInfo.cs b/AutoTunnel/Properties/AssemblyInfo.cs
index b5909df..8c6b851 100644
--- a/AutoTunnel/Properties/AssemblyInfo.cs
+++ b/AutoTunnel/Properties/AssemblyInfo.cs
@@ -32,4 +32,4 @@
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
 [assembly: AssemblyVersion("1.0.0.0")]
-[assembly: AssemblyFileVersion("1.1.0.2")]
\ No newline at end of file
+[assembly: AssemblyFileVersion("1.2.0.3")]
\ No newline at end of file
diff --git a/AutoTunnel/WinDivert32.sys b/AutoTunnel/WinDivert32.sys
deleted file mode 100644
index 724c398e199c221b0cedf055d01e3ae7c3f4d039..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 31408
zcmeIb30zZ0*D!uV0tSpE0xBwML{wD78xocf!Xku40V4>w0U`te*$g)VRul**;hJi#
zT5Gj+ZLL~s)hgBv#Da?ZQnfCRyTMS!7L_V(zB4xo1g*>SeDC}JzTfwMV^8kPnVB<Z
z&YU@O=FBCHn7jm|V;IH&(CIL&3ZCfWPkq1p>k1TG5BSL%+iiJjU==O=)W8X8>3Q5-
zdCm-ZQWiHkDLXrd;7*ru<%(=>dNwy`Tr@W;Cq?Gkt(%pTf%NkE{FUeW$2S<^O6t{y
z^HhFn!{6|{l6tz~SL%7Q;WG6+-f)(Bo}`{p>B(uR?dzOMB^VY?v%oH@_Qn{?ZeeD$
zt~5&w^9GEw9@`>@CkH@^@-%(g48trSZ3I+;?EnBFIl0hKEl9zCs2%#Ep6w5W#C(b|
ztN<mJU|2H}u<<h$NcD%zS`1?WiL+7+b1;^D$P?<HeMdc4LRLUP`D`4%H~?+{(2wbd
zi(zT5@{}YZ3BwY*LkZBtYydm}Og{b?7V4_6hE21Af?NQQ4HgPu^6|&8V_}hD6A+4P
z0bj)cOn@-}CLb<_-Eo!Y$&&#`$z%y65N}ZcCLezc8|^BWW#&M|$EbWQ0HPZUVDj;Y
zdM4TbN&d$YAayZh6aRP>CZ}Nm&FmUx04ZUz_Z~ObD0Mn`*4*NBt%*Ovz)qsiy5?Cl
zth}1AkZSI`V%WNt_Utbx+p5oYk?MM|q%>?@8<l65eF^MkU{cK{s8n9fUZjNlx|CcR
zrmS|B>fBK^O%Wonu`@0m;qG<D#UPv$v@mHKfN&|DaU&^uopHSZXXwtXBdHyUVYSro
zPEyiPHsR|wLqq=0DoI;xT!xEUau#u)KLW!@x;oEUU37L6d{mNKWFSK&xu-nJszMet
zRV8W7z@WBqOs9Y{8PS%=Kb4^QZ8(M<*LOqpQeLfKxK(TWlz7Rv2#+dSN(vZL9OAbq
zw4^^%1XHlAx?So9u2`{Ta|Wi{(*)AfOa{_OlpjMzDQm@|)gL3HtWKC1N4`=;w5TH5
zpl78JBL=BM{H2CgnN+K}PH~33RG+ugNm`YXHiojEqbzD=$bT-cF6w5eG7ze0hZ!;_
zT~M!c`;dy33<mjXN}T37V3b2JWgTifR`ED-N`mPqb?z*fJ~D<$b_*|{VY(i;f`+9X
z0Zz$dnwGzHy0U7bOML+I0$@6icYJhg99hI76T`_62LHI|DvW5Z1u12zV%o@D&huak
zbHbbqW@)W6IOE4>(8kB=dQ?d%?PR6J1*OjhB|HFmKv%;fPBRxc)hXJdbqc1=UC)fm
zY#NrBFy;6WmR`M$^B)>b#<O7NEhh1+GwjtxSN_;K5hnMFT5?4it#8bKu2QtA6s<5K
zAfha~Zp|(?hwVWvX_2ZW&C*yyJzWnUC>PbS7g<87vZ#ecSXFhyu<FJ?kq{Kk#q-SQ
z?DD&isk)#69THlw%P&DLg9)9hi>m(E>aUU<RY{Jm<ANkrl8b6dEA&uhWTakF#f9p+
z9s-ao(uj4CBPAO1o7aBRDO(-b3yT54-c!8M4&?7tz6>5@Fav6q5jvet9l;u(!7>ul
z^+*A3wF3+lqW_`7G^hY7;0v0lU>OC;fxcm}kdjtVIu+AY#zY<vWL3e2RIRn7Mh?nl
z-O-^F(4*#niIKWjwlvHE7>owU0>J2W8l6rz`v;(#QA?IzZJa!6m7s}(MH$;kL%L^h
zGQj?1&@zxVyhBN%HF2;?6Q;zs(+p;UwPT{y9|k3qUI7WDSEd%@oF*;<n;bQXuqKPZ
zc>0W^Uk(r*lmAZEp3`JtlZdW>i`3(uB|fjE5nb4Og8J*|XW4s?kSA&yIrL*>O^t>_
zuX%CSWEI55X+20jd(S)?d(SatBS!R4HjW@TVFX{<*o7FZY-AGs!W4bftiRBfE3(S#
zR%t<hs^Sl`QhJ-^|GYz#m{6-`9YlrN+n`U{>z%BeKmU9j*;+4Y0XbvB7?#3X7{gIm
z3S;cpWid!ub$0C1a7aYQk_sk!j|F+Grjem+WDr4NVeE1oN;(=iLQWOaqSQIFOM60E
z9qg>EzXCc@8Em1BX;sI!sft=P&Y)0aOe-1RrsXMbv1@Lbkyk{o*roUM91t9SbyTV<
z*h;erOan?(23wAJMZZa2R>ikfNZ39W1lOlKyL>m)R~Fe}?6NH=^^(ahU56627TTW5
zA`ak}Qg|4Eio%0kYr$0UcEn&ZlBJ5!kdd4U$x~HCQ!06+Qd1{s#xhuyCsS1szpEoO
zS{G#<Q(aVzj6957SqCNnS$y`MYVrj8_@<g$_Ns_mVEEM$)fvuYksbdzm<LZ%(Kep^
zRrBaCv~gC0eeYUa#O|&zr}hRi!Y)-sOPG>){0K*HYz$W2DVl!`rhyD$sp4Bz@%L2m
zEvoot7_KV5NhQ%JTkZ0?@T(hh%)to~!T@HI?)IR5(HXSp47)hpFR<r`YT0GsP+kd>
zbWVAPU3s<Uj#=^DW>t(`@hg9rDJV-N{mm*{E3dQn)`}z=cDV!Kif^-v|1@Wpav&{=
z(XbbGfds7K%88a}y+p<7dN@E=jhm4OTVY}!f=g!7y))JQJ=FavD5>ORI2Ye(o}`Mf
zD}FhRUA_-+!Uzq!bO$7$e@10<<wekVdJV<FDnv|juX3UV>TJAr6nl>p6uki{x(!nF
zZec_`QuJ}kMoYy|HR}>m<Vt&5gdNquz@2_wXP5ymAoBg}J+-04Sf$3C@K9>H5(AZ*
zVTv)*44O29Npah(^-;5yQ%hnuS`yzI+UrZ3wEYcvy=dEDccJWtp>+%7!0tg|4-QBM
zncE9=7)H!Jes#U%RtYdjM%b4~ZXtI7lwfAHJ-r4Lg}n#N<8}UX(0TqfzHUSv;U7xy
zLy6&`1UHoE8A`B1+2u2Ul2Fp5<?^eAk~VE`^k~-Fpht_gE5Ew@yw)6LTG`91wRC>9
zKeFL&sC(3bKTX*xWG`F{UOHHLmww>CKwS>_5sgKFBPE<h1@&Y$W>HU8qYR!#f{hcY
z4D|84zC$f~G;3jCh?yJc(WLzav;)Qh!)SD-h(OMt*65&5Q#z)pJjvc$(`ea_VraFf
z)n0!K<t_ilr(he}v)slz`Yg1x*f#*VP=ji;2dGZ`nT<ai>hAHkY~0sg(MtOTR3QCX
z>|>1^^jOlLqkYQWW5wPxnx?$XuF)`RZZo>pG?qaz!m;;`F{8{4__Eq#spM!z;{>oo
zP-M|KO<$)=V;rI-XOeSR<YW#x+KzpieTLnj{hXBBlXD!%$y{=@lL1#wN?Je+jZRee
zEsZb0S^=u@mHr8;-k69i9mwwrd^KLC@Xd|a^iS<gQqq=6VvT30d|P9!{;914Jh*?2
zj#T3|kQocc(x}!K>$BaIw`h%9k)lZq6<FG)_H<Y6t@gB)_F{Y5QhTgD%|sH0{{5{R
zBlVOa&1oFnp0;W9F!mVA0#^cAeUR#Hvk^5TBz9UJDQRjHQ!F+$GO3zPjkfwHn#jgh
zuz=7E>MAu%tr@?XjJQXJ*@>R!nJbU!v_ofu8vARxq~ac!VbP!RNBK{{DvPelZ|6TC
zBblOO`B(Z@zqmq1T&MOMjPMR4T*C;*FrsG|VHKtb0L5QZqaDFN4vDX7w2oBb%NkfR
z2(!9I%b^m>YqVXc#IhQ)2KI4Fv{3f?n`yh~6O4T&Ajecu4bdk6eRoY&7Tv<w<-#_d
zj$fUS2#%p0ED(QfOS%IMyWN|HJqCCV@Hc=(9~x#0&>LVVfGYqOz#SkEU>v}7fSCYu
z08{|00KNv;39ujF7{FP8hX8*9nDwP$T><O>oB@0QLIB1A!~skPm;sOjkPk2yU?IR_
zfMoz*0c;1T1~>_D1>hb)Ge8>v6UJc&zy<II7!5E6APOJ>z{EcwC9G&lKCy8i8+O@7
zq;f^}WIS_Usa|UAvh9#i*8Gji7p{l2-r}hR_LUZu$6$Byj^HRJRYuahBkUC8VfO@O
zR%$T9CzKc!N(>Dp280r}p^7-sJZ4{H&4>v0-e5EBSRu;4xT5_H659Jvs%_?1!vop9
ztNPTkYV8?RIS!1mPQj5zYeGOFfrJ&z7r2x0Fmq7eKEv$tU?|t#;a6*KQ-d^~sp2wv
z^3P9t@szJq6}5o7BD%~jw+7oKE=J=~(jiHCeQ6jA!@%tC0JD#_+<JD|Ls<RMvBIJ@
z_5x&w_{Y&Pr)Fk#Px_Hc`{Gw%jDG}laRJSoy>Kg}*n4x$*n58|d07Ia=Q2xPB00{p
zNfo_dFCd{@6w}65mg*}q-d1tCvEn316u)vH9E)G|Bl_{r3#C@<@*qG8rEnAxQ3)G%
zxf>+ddoCzn3iC&^_biPXhz<eEJ>a1%u%Kz3;hU{>EGe)6<BMr~qr?D6a8LqJ+AdUr
zjj<PMpaS@AGmqP=1>Gx|6_K<`DXr2Prn&kK!|FtZbt)NZma2+0gC_%?3^LS070Dz+
ztyGaLGSpfX$st2+RFQUQ18E&NU#M*DU*rPoRey$UwVKyQ+1hhnH)U(T`SU9+oPKAS
zY5m~&ltt5e77uCG3Lx_bi>@86Y;~L)uWTKR8VFDW;rvJ_d(N`ZTEp`h%Uo*#&lVP=
z!Xkvd_lzi_ja`}u28zA+#mwjSdM_UKal>S`fZABc>J+VTV%!bW3&(k?3SjiEe!>(m
z?%=pF;Dmy4VdVp`0Qv*;02m4&0DzAL3Rb~~21gc%aG9CWEiBB;>1Jl|fHVR+ps2d&
zbYuAF*PUj~W1Y?zYSEuXOPW|vw<8<@hhi|H<kJzs6Ec{pa&&^`S5HzGUH@Y%#BFMB
zG3a%wA0eEpQ|C@p{m4LxqU*?w{Z&=ohD>yz7ytaG3?G%GIZ7>AD^)FT1uUEa>fp4c
zifPp>?E|w+H6#PU2VRSOV3lMC8OTyecB}Ki6F#<SQ`$-x;wE)D6X?U)Xp?3t)e3c>
zJZfK3hl<q)Q7P&=kh2LjJc#S_oAl&W<@S&#1MO7h4v?rXp9bIN{-|M!p&|;k9P~G2
zNNQNR*&H=BYW>MmRgU&?vhMTxaw#Ohqr_C@1&~rLp9|l*9%T^L;_Kqn5!c5{HCrIu
z3JZ5pF;p`~Kx_a9XOMptv31m_HG>hNR+|_XhvZ|3d!!g@&FuqdYS_jSUt@b?yyR(L
zST(y0?N&nuQJ=dWW~aVv0SeKexkp=KTVewL)D+Dndx#4eC*5e3Ob^hkd|0yjFbWkz
zA<r73C_exp@``5rZzzhwE>ojXsmHR^F)g|t80fM3BRioVF*=s?BrQ~3R0Rw&*jW_l
zLJZQ4bx=n@B?eT|^nMCD64L?=^{s?{iql#a*+pfcn#WM(GE|-k?Ulg^40OrRflry%
zd<9LtF3(vN=%N`9V~CRK@|=wE00!`kwogOYP_N7FQ6Oa#D^5Qm(~-1l?ltL0avw$#
z9h*VZ<+l@L0zvh-j<MB;Fpoejb)p^k5quaQT{V$m7*R;GenjI8BLen?eHB;rrTlBr
z(Yk!x$mnVUgxiq~g*b*uuPCd|7t~9bunk~34`V9~g|gans20S(bP-I&b+TR)38T>M
zZGr}xPkIB3dz&FiT8L^1Ys#z`;!>*q)M2obgp^GV)FAKar=ny&6U{NZ9NGG47;CJs
zFS~3EWXKR4Ml~MdjQT)UF$@D)Qdd;gE{<_9%|HrGGYU!R6fMU3p%8R|m>L{SS|O~)
zUi2+uQPTX}AA)L3D#q5T?P-Xs0lz3@0#%^~|F|%sRbg2#X<dZ^Is_SN2QfIHA*#uv
z!}bXQHg&KIbk(Yv&=Y9JwCDqWU{iJOD1fD(aT2&Cx|5N1Dkd3euL@;U!g)NDNrr?D
zM%M!T<6UcDU!Uy+eyVOZS2x=M5tKXu^8%qxO)8j4h*M&7dqH=|N_PwlMf9{bopC6_
zq>i}<lI<+kvh8565~j4v$TV)LY_f+Hi;m`LXbPwkxrRERw`s(WkeVv24#V-Hy74g*
zxr9^c&-9@Y*50**)nO{U_Y2@-^<r-ilOeH_tq|~7q@r3G1s)0#Y|`3gaH7$%zFpwp
z);E)iCea`4vIA&>{O#1C5EE!A`BMv9GkYQ0<n<~QZQRSKSioYaoMAqRZ2bd57ED9T
z#udeEPz;hR(no3jf?D9NGb;5bHVCJSTG{0f0n2}`?E@udh7ve_vdhmP28vqv&x0W>
zG`o*Fq)7_L0A;luJX+C1lVS(X;89j|bTl|+uybw%r6F5YMH<m7kQGvw#!rC=_)wcE
zg=|9#865}9(H-3zXncA>4<MYmxnvJ?%^><iVL|plHw+MHgvlr_@THLvoU~Oo2-BwM
zqvO4}+4p(0@_|-a*9+pUxf7x^T2MMI$7>Q(!3M$za|)?ptG1VJ7DLA~;J!n(9#Qio
zdR62qjBg{DKvFXa@WOZvVX0GS^kHLRe5+yEQe#4azXY-#nKnbnn6lWw9oV#Jaw031
znh$lLi`3{}kjQs!R-hP8D-0inB9L`g1v6C%ppYn*191ymz@vpj8GZ_>wT_k|jD}@P
z$rS=fl@boPPY__>U#kd)q&;XMFz-OH0#ykPssyeo!AUy|9Cy-RN}lB(52$%$Ht1Z9
zhOUZqP{nfLXwBqTtAZU=!Q4PquoD^LqBp6kVCPONgRpJ4_?nlX?2Tv-R)^SuUkAHF
zBtyl6eS!a67veyUa}bT=&bB5wq?L-P3Sj8QIgk)SGi)y9&k1u)6;L2+QIy@@^n5X%
z3h;wXaUgT`{ucjQY&68ZOjMbY8giD<vH%awK`$>+t-=N{Fe4o}ZMRs;>fD4|O}!Q(
zk4~?JDv1L$u{uQQ;6gMB9Xbelqi|@~!79*UvRU-U+!X4j3pCf9y5k}vn8k&@wCJ?6
z;3gsE>kEgD7ys(3i&j3=D(id20Tp|xCJUNt2YJP_6y1O%!i+<h?)pQD0fig-C>qwT
zcei1R(L93Q!4T1PMP~;TH0TfZnrbRcZV)1+cl`5F@QKxo{T-cs6t<v;Dq9r?Gyr{Z
zR2=QxIKD0<E)G>10+mEZh^|o?W+>YWvT;;WMb}vA%dDcPnr+|`z=-2A%%P%+rfGt_
zzNH0fd4nou!S#r~_!Q(5_2sC6<{(whQPJAN=*D{$aQ#Dk`Nv1p)Jb$0F(TA>6|x`Z
zL>R##Skxt+O40=7G+~4tkwf;_2nIkqRT#k}x*MwGqRq%qg+=s4*zW8-5*^fqqQ50N
z)r9gU)BuX?j78`cvAu|D1w~{JbdiYK8j7ObuElyq=w|aEj7S0%DS1Xiw1704%b(Bf
z_IIs!yiR@(HqNI-U0|nAxrcmDq}d#}$>C@<9VbgLf$g_UZSQp8S~b7jrLMuuHLWi|
zkS6hexS0iy09<~Po0h4tg}mJxY}Kr#h$&e0k~V64+7F(KT5=C=j9R4N`<PIo?xkvB
z&t@-L0hLIFJy|z$n3D}gu$7t~aF9N(ihzK0vvvsD#n7#jX={JrL!@twB8Ox|YZVXL
zikjIA=fHwxm+{e7Q#aBPknFN&Fu_U<on7`bm0%FVl^O;_JW(A<i*O>7y|61#Q5G<0
z?1eN)Rr)h3Ld1=KK?OL_s~4lg=R$~Z(%5AvI93@Vt_blZL;O`Cp=3yqDg-VGrK*q#
zu;gLS)C>R*P_+>GT_`sF0}xS1*pF97v;j1YSI29}X3c&G^1u?MJcuT+_nL_iwaU;L
z9ou|okc_4PwsLT6JN!`O*ft`z_1+8_!!o_t)ZrlCIL%Kmk0_K-s~v)T%Z_WZOiE})
z=1{0*YAl~awfHu$0&MjVAlb-<FAxU_j*yfgYG5yX0V61RX+Ia_S*k^&0o+}9%2_2Z
zHA>_Hpqs)djpr?(6e4Xr4LOjxJ0)}KW>~`@{7^6)=>xigqaugOqGl$$9IPSg4Fb6I
z5w%nRx&mQBoV9c^gsY;#z79UMwup>qA;&Yw0JvNTqmO7H`iCi|lP8ol#mcifQEh&#
zoLTZ`aTg5B4_C!GYa>ySPG2NKMJSw*&r`*5wR~!93{nbFlEH1Sbh@rbK<8?dx9AWU
zZ>1|3qCW_xYMj3+E=b!2_(g6MH9hVAQ~O<^o#{@3)(9ETeI95J+Hn`jFv6kyIJ@i$
zB;&{eXUc<v<ysC>f*rGKJ>7x}(yoGHxF3%tXE79fbeW`<v`NQ<BjAp_53PmH9r+%b
zAFQETD~&KmEcOJ46dW*7$OO5O4A>P=Q7;LTyb0$b@RD_UhrgCG`rw;#Kmj!D2b6_o
zl6}jsDQ;*P@XaJ8+(wAGfyhH4ri*-D!j=33a{Oz`TW0*@+Oed>4tB8?Jq@rZahjS|
zM2B65=AHBa7wNk8w4uYgP91)EA0h(~4Fz(<FdzpGbs(kgh#h2{6b`W(KTuRe4eg2i
zYk}H<zz0<9^Jc$cRKG+L=~4b%@p1VzBJLj!Dhi?A;q5q2Wx}~csA!(eRp<M_1)`2v
zC@>yDT45#qZBguNCa2d~!1^>CRLJ?E{A%SxT31-eT!L8-!4}v-t(Bn;H03n=zw0p?
zs4*3qbuiU|k|yLKcf?7M6BNVIuTAPj0+?3xCW5M{N+mg<im5i7Lz?;5(y(F-tG7UJ
zVbljx?_ksiGuHw&)jSTkRrSGKbR+@Ssy^5my#rN|Ag)O8RVDbV5`t6-p{j&%&ED&<
z{(_~d;0dZPk=22V`+0(`TPqTLAaw{G`nSSI9c-ui5*adZ{8au76;=`70DDgZL~YbQ
zxH@DaxFu_)db4^IUXlUTD5+lw^}%H}!OsNz-;##nq6UV%Izx~M0f`_mWzka2FHBI?
zqbzkWE{)bBr8-5G>L4oCi@m-)9Fi~ytiC)HQV^qp6ImL}60+scsWqj|>VqhTf_UDV
z0WKrNmljd4A*@tMR+AD?^0n$<C)g4eN!3)e#c&R-r!wH)0Cg08SvCj+9$&1Auc(uh
z(ds3OxKwu-%)FtyuK<DGa@f|XC+GsamU_uH2)SbQk{uIA(m+<b4Fpt0D^*3Sfd_;5
z)IkdbdR`>k+7HAn#y;ly>1AamzmS2eB_}~l-*>?<%OdpFj(Pz)rbFYC(&!9bwC0=@
z+A%;7b1gv!(7{ieN(SSQz6WVI!FOx#03G_tV5c{5>R<u7Q?EucCcC^*tgMGPLAByO
zNxj7b2G1f^GZWrR)G3bY6bFoJ1KGLu0MTv;DYhRs^q!PX!3F;eOfpyo@)#K=P~N7&
zD=@lT7hNu#nc;p^bLXW_7k{MF8u{l|m}#qRZ?=NFf9~^Odm51ruj6pab;LAy9|yf=
zL0yGH{71qCz181_7BTBBsP!t+vlmM-7xy}MG))lnQ{s!3GC{qX0dXYYPJi7zB{89$
zamveW=O8H>vB1A3dPPh?OhjimOQHKWdiQ*zcQ^_fMMKln|JmL-xak=kJ;S?8oqN_x
z3<)_5mH|4t>1O%Bf!9u>1RC$GD{Zej(X^^Ds>^_NW@@dNV5BmvCaENw!E$9d9}4$}
zm_^aHKQ^U8^mXIJjN$P5QN={Ku!d*lq2W~N6;!I0Y*R@VWpK%E$oYlW5U4n6h9gQ%
zhcyVVEUC&-K$UvmPF-MssA?JwLs4C_2l9#4h4zQ87%}~jJFK2#f9RM2qyEVLkj7Xl
zrrxltw?EX{jzP}35-`jpJxz6i^P$!8hIFCxp>4+W9Opv^jOmY@51llmNdryiL)Y6e
zdYaCMnhY4Q4+oLeqRf$U6N>Y~R=osF55l5zwqhgynohAfP``XE*GvSw-qPu95sDEn
zMHe4EuE5JkWNW#Oy(j=oUs^>1I?XLHF1t(!7Q+m{Ny-qfaDYk~HtlPk1FbXY(37!2
z8#GW$D!|INqwEYl6v4GrJMtFPYit0MkYSdff3NFc8u0YT)^*gLBq>vuqdW{rfF97Y
zo=QPj6&y_z;;S$Bf|6ryDCGmGX*MW@&gGd-D20qU>{6KOM`Y~lDRNwtUqe7%wFcR9
zT@NQ<F3rvs4Z58-91V(k*UZ3^TCx!s(eoqOY#998C<+Y2WiRRm9q4x>bPa&sm<oXb
zE7dNjXXPdid}GQ@cGTl2i|SEz5LHzh`z^<zu)S;Qx&lP8QGbo07emDwOQ@s2;i#uB
z5Z1!pV8YywXt?@)2#G_#x9Mkm94t9CwK@=0;}nLr4`39On-mZ*XKBb2%wWZ8jsh{V
zmH%AyH+xYRsF#LZ!wgnNFU=OJ1mT}Re`qgTMs1rM^upi@wPcwzwobCFxFUXeMf~UW
zlGW(VM3rK#u7@4$^czs%3*HSZQ^VOK4ZQ{%8=Ikv)r7SZMNWFG;gwbNeh37}psO;#
zlKoO(`D(^of-@*+^xPP-AF==%p%D>8_CpI?<7`CmNosv-dKnRpKm+>JSQruAfd)c6
zyQn7$FM;Y`&P5ABYs}QcyrM3P%r#9Hpd!3!TCcy$fQ<~cDyH5s6Lmu`(JJUiz}JTN
ziu6dzppS=mF)Um6ZBVXrN43DsPeX?tU5}L@7X59QZtyXa^ih-aHe;I9#U9!L&0{qy
z(d1DpB{t0m){CY;aGYTBy6w6kz(UZOC2sVgVT3tyfzN98gSNCExHaEF&d5E*C~P;(
za-G7OI@OJaJ*yG<1Sk^4;#a3`Kpj<~tARr(6{`|U;gPz*7ryJw{o#8efUd_fU^fjd
z;{AwMF!UNVw1IahWzm{qphpE4>@?^INOg1-HVlL-vefhij>tN#&pOn+xWENo0VG2N
zFbwkzXgu{H0yG+JpXdGzGs1423pgbkLQ#P^N_H2cmw@1!A->b7G+jo+%eIYufObc~
zBKFV~U@ne4eHc9<;B+R>N9pULa3h1cpn#}<mHTxl0>MH5mTC6>kUpz5*PH~tVKCOp
zIv3Fkd4txx3bYquRqb-6M7a*N-G^w$l265F;YqlPYUIPghcb{i5_U2Yo)3f(QL5Y7
zzjP4Xr-A0=xhnJ!oy{8>8#kgR!!DG%$3Kjg6xke1c0p3oomGXjDeLVb6;I$@NTXg&
zHR{hv-QZ~^=@gT6nn^m-B%N!LCQQ-=Ch55*>0*;~nMu0BB)!Na9b}UBGD%M~N&A?j
z{Y}!LCh2gKwA3U$!6c2Fq+LwXP9|w*NKeK5;NMg%4ok<fu^{-Kjma=MMqoV56##>>
zAi&Iql4N+kt0q+bpU?jl68N|j!!iNT=PW#%0Q{90<^sS1K%WQY7}f@G5uh3XeU8HJ
z^EZG4<aff;1D?|WN&%JuTnAhRw4VpC5@0vLNq|QHe*-u`xd0#%APt}tU@ZXpQ~?i>
zhz|f9fD6C?K(EZ)0k{HC1+WodCBVl3WdO#H@o&D&01*OUp9Fvs@Ohi|a<Np<+f2}A
zq|;o`a2cfYu^h<FguFA9qjWx&1m7uu34=eInhk$4HSC>q6R}_uy1|`jM0V=KNRJ}-
z4nC8CgG~6BgDHT+f0xs@jXx0!>_qoNIei;FE|v%UO$R=cu)_aPrtg}sL@b)3AKp&?
z!#I9BzyI0%3;v7eU!b4<|AzV3bNaUN|NHZ==k#s#{&(izDAWJy`9~bTo!|G(zka<<
zr`BEe8y4VgbUUyAanzdapz(GK@HTo}*jwMX{@=~1Ucuf*|8+h1P>$b5@5A)q{T#oI
z{+o8-Lpgr89NxblATOw6CjYbjAgmLOw`;?@^!EMw@Gef@F4xZc!H07CHhLeX2k+wa
z-ShRP9()+bZ|C<vwFmFBv!?#Qhv@42?CksJ|81-5!|ZHlJ@`<L-!9h=@eAJ1@!ROX
zsRtj*@w@fwKeY!&8NZ!hQ+;^9&i+^U2midv-lw;n_25G}ecQPIckF>trfA0AM*mGc
z_%M#;vRR4AIoaq}6cY1*zG+&oA^LZBX^=tZ3j}lnFyM*6+yJP~htxyu(HrBaE!;{`
z?cov+^Zeay8`Exb;F70Lw@eH_F@MST!+t+mKR&QBVf+ubfBej9am`?s?>OIaKkXiJ
zuzz*{FFI$%kW*vtL~ODCI(HJ+v---2kWo2;)e)7C(@y+_&FWtF(~5P$vP<JuT(G}X
zG*w(M7Rv%ZCKU^Z6UuZr)u5A2A@qwrLGU9PQg~Xx4>{OFfLxz<#sV-A{0lKWMc{=`
zqCDXKa1wETZ@o9$j|NKU1m%HwVbXu2eH8F8k>W)JKLVkr;f?uVOMnLYyqn(+J`kO_
zH)xrbqw$KMP7uXsEcANi-{kYd>A%@;6r9VDe6r!kH@p(xHxH)m-#0E)ZaOy8wtBp=
zZxrL%0e%11%C$3pdik32(7D{m%RH<Y!>7@(!{>62of<eVZ0-JDqo-C(o!H>Uedh4_
z!{E>Q4WUU^eR5*^S5y0!Rk{ak;4SYu!STyeGq>*Akm9~5^pjqHM3&kOO?EmteDm$d
z+mX9vfAt&Oz}aXYy5ghy-riw*2Pj=U%FZu}iVlk2>2f%8X=&ovosNSJA89_k14$s+
zduo1qc1rqenVguKo}EV|WoAx|3kn)LHJ$I}F*Pnd8$$a~#&>hgO_@%K?EmU7JK&BB
zcWmgbR4i9N#|Xy(9I{7t23+-28a54p15h;uLfHTufcJeIJ>YNHfJW712!sPL0XD;%
z>=V)3><HfT+2am<LHivOX_yoM1K1n~?Ex?Z@A+(m{x?JW&9O8r6reSRhOGn$1!$h|
z{`O7KzXsZ`g}VL#&C$>vAQYfE>izBed&2l37`+zi`U5nNhxP!W0L{|(w;u!T)1ZCi
z1ONR$^gbNKh4Hq*+@O}|qGd-v3|j;lru<D>D8BwdAL<TzAL;_a<qQ$L`?GE}@J3?P
zwakXiKu6Jqtf3Mw&Tc?AHYki9TGBy1p%mhNuwm>j?!fH;9NI*xO>om7_QwKTlL>Ao
z#0$Lucf|x}w*Y=?32^`P`F|~D`FEE@up(KCOl%x8OO}-<BQUJHSy)c6TqcW1$%J{3
z6ri*;Cnqy5ok*LIGy{7<kI0Hh$_>v+o+(R_Ce4uLMd!+r(^CrrlakY97#4vjW#!D4
zK^#s}5ReH!rj$f<qA(WKNX~@~|02*Dtw_&IfzE<+<dHeqh+qop4y&hy<rrHdUakYR
z7)5$Ypj-y@Fl;q_tZYJh^31>-MK*!mFdHiyt(Xy*CQF_vDS%yz$jO^2&(3s}6+qp|
z*jQPVEK`=0CkxAtCX$k8j#tPOvXtoD^lUT`;2LTKB+pW$%imTbG$7nHB{LH%GLIrM
z19Nf<W3tne;Wx#i33+<<4D?e`ktykUNLrCHVzeSPRVEKl&m*X@d__ZLQ8EJY-d-F8
zzk>zL$O+7fY8#L;J1IN4qj^X9_f&a^j6f(oZLF`pjX}QcMBDp}3<`^Ojh+;ZVZE^6
z{M;-__KfswSzu;Po(xAfCI~k{o|K)JluV@OWC!MCWu+5PGJz_IR!k31DwN5CKx%|+
zbm3T8A(Tydz13(L5XCVS!smr$XUHg8p-I^(nX({R9wE<xW>K9e2Bf3_rCC&qK+wJ%
z1rd`i2ReC#Om66C^6UKsOwW-6b8HH4Xw``|C#obkJrjs@Du7)Z@%F~N01xxpOF$~w
z9dbt^#Ib=U6!ko_D2$<Z3YA4sFkqq#V*tuZ3a^(3%uIfcd}fp^SqA%aKwe>XGSn!0
zvqrQmJH=33YEla8B0ouPESX7_7}rJntOsPLw5Rp#W1mnpLC@udQc!pq(LOz(a|F_X
zKB$I4FUIA{U>++>`URcP&!c|9LH*SH+?mOl*@SCeAskScSX@eKtW2H<6=SlegKL6(
z_72==3e)8^OkieGULNcp9rg5W_4v4;;P9X*z1IGd{rw-@|Em%JpALowFB}zj9--df
z0OflFZ^_XA9N@Gi@KcBAAp6>92^~c&V&R;a2;UO0LeX$@HV%t~d>DKOLmGV!GM@b1
zak54jz3<`&DRdTQz(3<T8I__>GaSC*RSGzr$l(N=jm<FJwaI{THg#VIcaBsY91~zT
zCIk?`X%WVOxxgxcUub}6eiodplAwMeaFYZ%*r?z$8q#^x%^my&CpHc0>f<yrI0vFV
zHJR!&7y3>I8rf8vH)9d#-Y_5PPlwYq7fXZM1oY;Oje>u2z|W#i+=z-RP?5t3MnQcv
zmK69l-mkk-EwkV*Z5U8-hBDM+610+0ba^licc?v?lJj(EIS1S>8RWfSR4K5ROaclq
zAdxH>e>j|$-GKi{=xH?IlBrU3#*BnLs$-n7KtWE)z&JkrJ-;hZ<-&**&=0yVMd?C{
z599cQu(6apd@yUEhvq_mtBQEeG?B8gzUfHwfEJ3oOod;?qyeuokO^vqW-1rT&`i&u
z<bnMIj*EQ@{B+D67e<Q1y9qpOq#@-Fw1X(V#u;cKX`>#D^NVtNEqE7yqp|M5pA=~1
zfP@twMZ#oc{}h+vLOsO2epZoya7qU|(|BF#9WqCJBYlqr{^af4c4#{I%dkd}=YS$P
z*&s!9_iC!2mJIY8Os{>=f~UdnxZ>`35FU*u;K_I~UWqTmzr;7=JMjZ}9ex)76~Bi+
z#{a|_yneg{-VC=~x7ltN-0r$Pa{J4T&iCer@~89D_&@M#`Dgjf{1<$Vpr?Q*@Dv0K
z!Uai!8G;hQLcub@O2KNuT0yIT>CSc+x&P!j*h}bD>*XiBA#@SrVu9F8>?8IU2Z=+)
z;bN(Hf_S2Ms(6|>MVuzi6z7Twae;WQxL8~!t`IL0FA*;juN1EquN7|;Zx(M8?-1`6
zSBVdZtHnpf$HXVaXT=xASH#!Fx5W3v8gY}jS==IS6}O2oUxqK!m*vax_3(S<*X9T6
zg0+AM=)4}hAv_PBH_w+hnitF)!;9o?<5{~^yWMwN&)>}7&fm>Hz`wya6W9ty31S6P
z1+xXkf(3$a1m6kv2`&om3w{^q1m^D6?so3|+y}Y4!w3W2!`we||I)qA{iJ)N`*Zg;
z_YofH9&(QYk24;ZJnnildOY*!=9%T0=egSRjOR43IbNjKYOk-os=NjY1;S+E0^t`z
zw)a5qMDJDJd%RD0Kk)wBn=Kk3au&IZJ{Nr>TJH0WPnFLFpT|Dt;$(5UI7h4y7l9=9
zfE<p9Pl#W_XuW)WeMkAZ`}zBY`Hl0-^2<X86$~I8<FW7XU3ed!BQL})!7atD&~3ik
zQn!mR-luLDe>wj<m`N)^q+q(BP_RXCS#U$(<?ibq?jGen(|wlva`!LXBRrOQG<aBh
zmU^!7-0ykTv)QxN)6C1t%g)Qe%h}7#%iAl+E8J_MSBh7z*Icg!ULSj{^jhn6(d)5S
zix*wU650q|gl<ByFi<EJ#tLP^nZk16x58b*gTi{@AHr54&AW^DFmH+X4(~b`J0`La
z^@h<qiNvD$qB7AZqHUrY(RtBbQH#jjr>D<QAA!$wpHiO+pA|mqeYX4j<Wmo_x$5)8
zr`2aPXjHU#k~oo)Q?@uy{GIr)xK4ZlbmXS^j+o<X?>o|$@9XEA<4gF?^<Ct<(szsR
ze%~X$mwjLQTKL)c_4ga@=ixWnFVb(aU#g$nZ=PSJ-wMC=e%t+i@~iVZ?|0Mhk>7J9
zTYvq}?waA&cprQSj?TX*p5o*i4ph(j3jDVD!FGavM+S4ocjI8xsNV@@;4Iu8=i<(|
z3y$Lg+za=?r{O7h8lH*g;sjoR&&Ai`8(~du!*@WtDp;AfU{z}HCcGJM!CUb*oXd0K
zIrCh2I8VUy;`#8V@ltqcyi8s$kKh&X=JM9^Hu84!j`6Oem$i!Zd|5!R18^sNB=iZ`
z|M~p?OajzzQJa~;dsh9|SXd5U5W3(+H(D37wWa+(22`aPjmGPWTUwZpu%?^!F~{&U
z3#$<pGzP8I(~QPgI~kvd^Gz^pd@vniUEKBkiya^skN%AV_aF~8$xPVFksIKP{^0{n
zXfo`A){i;N_{%c8+ut|(AFul9YB$SM@oP(aU%^Z1j{)M=(#>dQW}JDSYG2K*i=6am
z?5g~W7HuNDTRX=zbKtFnq<E#rFf44%CI|3(;I<Z!VcN3d;1Dd6XLAFSa%DU_+y<e$
z*mez4$fqY|&rZ+Gl=0X=4X{?W78BBv@(CHQAKn)sy4u?55!^rs>!zosLmUOpTD$>x
zKU7S&?P(~Uke&s-BxOM`V+J=c0Po+c8_$jB=Ej5d44=upy1C&zH$LvhcNe+~C*uhw
z%*I3;yR)*ji!RJcf(xi*ZeWf)H%G4T4#!>f-3@IoMjdkD6shkqS|*>Jo-E6QuDK(*
zA#Qjn&CygqG;@qzN@K%B)2z%&X*BGIZM(uIjQz~P#_G!8!cQFIhUZ+b8geu+Z|0H1
zuF}b`?2gR-IFL3taQC`9k`~S0k7|jNj+b{Y!^~bp{C0Tv-XN!$rxGQib3vyAZSs1R
zlIgogG<@EFo4oIkh*<-E;N5sNKFKWl>n+d1T+9n3n?|WlKm7dR-;3_V`HAb6ULVu?
z5&vGH)vIPjMZjv^&-C%1Z@HZL)u-tTWy6%^N2b{wJ$77V_iJ@Y^MG!|&83c8PrP_V
z%pLmR#hAYHzp4Fl<o3!(Uq9F~v}aM$i<PswAGjl3H}-z~%lp>fxO}xm#=UT5h344Y
zO_8BNy54t!x-9K_IjyWXKBFK-a%x)eya_e7bAK*;dc0<q8E7hPL&;0L<OMaA{j3>1
z8Fq=Qo@Gxxd6HOl@kY@TziUn5#jZDSHwz{xy}5Z88jUdojHRP7kJA?POe2U~?@^<2
zlJjz12}*TblXJ2t9qVUHqv;q-+yWkEGz|BHDeO0Z;e~tPg0*gI@dd7i#>w(bleVMu
z8fB_bfdQ^ihtlVMgBdK`%E$qoiCZJ8Y}6A2)`<n~jPl(X1MvYHL5F$0@m_k(;UI#P
zzKnFk1zsb0rs@Ifhh9>G(JjANT=-=EBz()0v>#vIwd}WlT&YF8XX4jUU-eW!a#(5^
zl>IDAJ8>?q`7>QTD6gwcPRO_0h22|+|M10*KD8ffC#}G~JI#vNd6xGzbL#LpZFlDM
ziwoZ@vu`Z)pFVg+c745PhH@bD<A6suuEzQG%MV*Pyr)IN*IpTpHXFwGR?gdlmohfM
ziYE;#-ug_7*Rj73yJs`5WUTDlNBSDa|Lto?zlL$1SEn`XCN!?$>HpRm7JwpACS%0=
z)^K$CjBJ@4tz*G^*YWz~uEL<I{e!*<3fph3Ti2Xq75(XsmDj#=VUPJaTerX`I)>fj
zG{bMiU*E1+arIDAVb>|g!xzlHe=BgT<MPKxMg-P;btP^0$Nu9UmwWB&{_~*UQzka|
zaLb8|TerPpquJ%*{ZEa(eIxl&FO}Pr9SNUL-n_<HYTfJcifc(C$@qR}Y+}1E4QboD
z{duZ5WLvKM;nIhRr#SnLDpQvAJ~+7ew&uL!rn5hp%~_ZK=@eP*<6gvpfCa;^Gs71x
zUG&MwFY|*2r2Vp)$iHSi#f^+5`3J8i9}8RK{qxU{_+8IG-O#s%Jalze94WfV_-2md
zPN(gz^|?PEic}6^zUq4L+i{;WZ*!dGTTbcMaVaehBo&Rbkn&T@&J4%!o+vjMEsb|9
znJ&e6o^d(B0-u4)@ZrWhEb#t@HA>`-q}F(T9z@>s7Mfb<p6zwb7L4eqo0Oj9`dZad
zL|)#=<fM@^++34oa@+?oH-O=e^KstVQENw<wnhfw9j(C>eCR57Gcj(#b?F<d$Jq71
z6#i>eaxcFGj|1Hv-~$jFgBbRB&*Fc!ew}w&*hFYpfoS(9!?Ez@#nW-mf(>OuyX4sK
zygB&#+KbERTNXqP{%Vy!-QmXRyM+w{(=2}7<F-5NaEr^3Wd6Odl&o$KYG+u#FyH8&
zIak%Qu5stTb~fJN*3Dv{T25TwGxg>{&jEo24+?%f<;>u2*z$Dj(TZW8SQnq`-gaZ^
z?Cfy~){@|W>~1?Ad9C`v`&Y|ZoHmET-NhemOK<sW^&VEw5l`n&u@rwX<xbBNwk27Z
zt5>(p!xp>T-q|wwTiW+MR=bP}>wC>{f9>A|%f{C(_@T5SzFE9`{JKK^2-lDHUFTZb
z&eCS|o^nRB36FD8h579}GynKuU&plM=v4>PiETgk^O?W&R_y_YD+~o*YVHB1s=vWZ
zS&e>rH!W@NV2el6{KFp|nDV-r%Ij<<41S4~Eh{K}MmlmUxMA7JMnm1zmXn{K@0tQd
zpd|#-F`gTa!z_WbF|55sX!?vaZa`k10xl1dW#B8MfHMGQL+^cnaYwcb&JiZIi|39D
zaUmiG?g(D8(1fdK2@ezi^})1d$0os*K@vA42QIha4uNNbb5KbaTgzwyu4&S8GP8JS
z69k-<ZQn>)mMn=Ik)fD5J4vok5VPU#ClhfIFxps){?1zOwQ!BqU(8x`Jb%;PHFDd5
zEV63F=A)KL(>aV;=Y(-ihc-Uxm%4OzLHF<spO96T3%^=lIOy&teBY9N!ZyLJ?on;G
zL~cWB96a-#PNw2_GgE#3^2u=2_Mh$e^vd0h-raZ1^1x;`_+?FBaqj2nAJYrzWNp?^
zeCg%wwDETni;`~K`8bHTV#c&>9=$6r;_j@gk7Cw)E*tn+FIw;Mwy_?^4^G=v;kj-)
z-Q#6L)%d-cCqLgz%;S9@aBhokafFR>?@sr%-8RX#r)KT+YpTotoTSemv7V#6GOg_9
z(eKAD6h-G>7-@%3R1{B2+#9^KV&8Ww+2&8kaZ4Z9`kwlW{B@l=^S)(Y%OazN`yM2<
zwbOe2ER?S8!JN5o=fpuLm$^Qzlbuib*krvsgin8@CStRC?cVp3@5zYGW*gJ*baofO
z_8}knHJ^fxrz7M5#&kG?x~_FuJA8q2ho{2tq?@DCl13)yfk(mPB~d=g8}$Y6u0I-e
z#bt;<H$5#Zr!5GjE%+;wPQ!<Ti8HueX0)CTsQ*0hvtC~tqXMPTc*z1|RWRUl;IQmu
z%!2{9H?U4wZ_{OkOWSLiEeJ9WFbS=?yv{ruR~=e(?Q0G#Im3zz3>e9S!4t1-KmTAk
zdA2t^Q`D&|7yk16?7FX)?0q=ns~d-(`v1vUzG$q+Z%gM)ntN|wMS9TE$jTB`*_KS9
z&4JDLCiDx%i$k6^rQbP+^{lk;&I~C#lNxH#ZQ!-<#_9$P*i(8r>SQEA?{a<X-eY;E
z%7a*|EpPqQ>)>f$$x-uu6T+7KbTF#_eu1`Ohjq`*6OVWO*AZ1;x21D53G%}6cgp#{
z)c2b9>|Y0~mCyFcZ@0Qln;&1hKG(b`E5@hksvYs?_JS`{yIvwL=YQ<8qAutB?jw7|
z(vTZ{Y7U0Vcbp!zJ(;t*h8HeAvugUT&tDv_oHX01+q4x8rz)-fdSK@;TKt$9FTEFB
zvy$=kjH@%9LlT8xIYr>$4bodqD=-|psT23m*KOu}6YB)WBU`*XvNudytGJ}RG%zm&
zoWVGhGJ|325+zH?$^lc=A9q02tZaKkq$kUB@^Vs%PRFQW_)t_%x8<6agXx4TwDz+d
zH!3HGpzJ3P7x3J9LV-J<kIrv~tUJo$nVlK@_l^1pe3+gWN27XiUo+~GSc(;Nntb1B
zuI}Xhya%r??!P~Bq}$j3x?kdV{M6vEJ+p?_URoxYvEIsIM`HTd{y!YuyL0i`l^eee
znB;xo`m$eqt`S}v$DE89T>4_nrf3_l$A5%n&H7|s@}8|<C)RE(YaKUz{GryLo342+
zy=!rw`3dW&b3n|ihRLcP^JZz>4@bx?#fQATq*L;Febu|_og}Ni*_MUbO=j%<$yPhw
zYGpuxW27u;VM&1W>%yt3o4v=xU2=U8?-1=WZ{?{z7Ckqn<((BUY^Sc9bz$<{m}?0s
zw>=l)v5foOcMmJJd0Hr}SZ~&S?$Fe|6?+SQKVh}mYpYetk;AF+%gbuk4eq}%zK^sk
z*XCrv{_L*fy{g7G7*2Byc*!wJQ^2BF;c)V@V1RMK@U9@~er)Q1v;b$L4CN!5<8*Ki
zO)TaQzP0J}*25vRiz|opVVXTjP8m_#$>L6bWi@ch{J`w)zgkX^&U|)$#jK}a;xUNe
z07fJpj*nRzx;D7On1CCXWmH78laI=snLY}fyHW5zNlQ^A6M3WB^$?j8N(+(pQI_;|
z^8rUl?xLDWzvZl+IkIMqucDtMJV5Gju=vr{9ZN}z;kJI!J->_<W>hBcDR3%$R#dew
zWS!NDBhMQSu222S;`X-lg_hQT`CQ*-#>)NPuWwVqyo=hg=F^5;%}e@Z;BPz9l5c%x
zvo&X}&2Lw~I{)iXpI!H2|2%iGggxuv=(%63uAjPeaQXVJPe1Kmq}j$BwmCjEH(*Vh
z;`pUqeT2i$mYYk-ZJ(St`f0<gO=~tT%bCb}naw@Q<o#H_W?spk=fx+c*q3KoEogGI
z?7N8&jGOO#VELG>{r0Tf5pTIMfA+j5-+UZj_T1j7;at|&wd+<N;V6oAYux^Na3;{Z
z^u_7Lx8=jXn7%jhx8;3=Q%5b!3f)Uf<d52aePo_M#TaenKo<VF;bpHUFW2?q{Oi`v
zn&sN5Ec4Gq?!NXF5!W&gJE_#i4qo}{BcZp`+DrdB_s5t%pFRINXU>2fOTOK;jVAo$
zLek!pr@nDs^zTp4IsfC5XWOp}Kfkoc=d<6wZs=KGG;?_Pl4TFVC;Zj_6u0Sg+UkW9
z8<VCT(pn$C)Vt`b#)5;^+XgDSEdDn8)}oBzGgsezC_8Xqq)*m$#`PHz54Z0bB?mTR
z*-7Ecf1Y~r<Bz`@RpUk+JlI`E?{ezN-UPF_Ul&~L<1F~TB5dcGO*cwobJDih-I+Au
zZ{4HEPaZAJb(~gmckrO<uTHYVcDiqwSnFMTwdXPpUTSd!Oz0Ma<7syE-2KWiX{=cF
z2FAR35s9xG(f@C46!JKExEqgWa52GRdO#MUUV4x7|A-s>KEwI*pMxGO8+x?ZZey`q
zqW=bUPHy#mk6E+46&ttoS-MP>ux-$+hR7L30e)NVj@|pwp*1y|y%wjB@^)&>pJY>?
z$_PBtZAhugzxVGhj~<3UoNL~vN>^byZiwd-?~N}VGb@gd>6`TXc1}XhfpdjlOtPPL
z|M9RN>BBdkeyZ#}F5NuO+47Ym=TpbEOM3SS=ly<R#FetZ?|qVWE3a|STaK7e^XRV(
z<wMQ}n_16(xqRDZ&ZS$ilTSaQO-YkYsqvc_#sAhlDblf_<b=ltn+A(t&h(A2pSN%6
zKASWCL$0jyDBsm%OUS2XGrR0RaB0`g!B}?{mR2*&=aKKo$I`8r9dL^RpG}-WGd?jm
zmvlHj)1x~(hqML%>>QTTYLUU?GD>Mb!NvqZ8`@3_rqOeQ+(z8n=vjg5W(;z@;ko7I
zWsXeF%^N9~<>ut26FKrisG0@sQ`%dbK`yp`DJ=>vt<e=d7p_|KAd1X|h;k}?6L1xr
z4j3+62J8PAJst4q57713<LJ-j(Dij5brDKXe}0Fq@3~N(4F6<s|3W}In@XEfMSY+@
za-RWUq>Xx!!WBLGj;3hn{}2#yf$B%WcP4O&u9Rm$UJ8`a%hQPO0KlLte;IYTjIPAF
zZ~>3FPlj(Uv`dGQbPA8sNf0+j7wiaw+9Mv(pB*ELs4vt98k-zOfWGzPMKusFs1B;Z
zr7q{WR6f;!*N@fpA0w3WjgkjHIuD=qfqrzDu@!E%K>Tm}(UMrS<53Y#0xwyt-%Cpt
z;w5Fc|61R*J`22!B;}c}ojr_>QzyUNgkI*G6ka=xyq^LJ^Xp^7|9ILm4WIm@_wf2I
z4&jq9?c8aHwm&&Och}E9jZOJi&-6PBUJko@b7gsvf9eqasGyiFTb4As=UNF4UD!Us
z^<x?K%N#eZZ|0DymEQ_~IIz5aOXIW0!Krn-G&ZffK3k(BCYB05S4g)7E!HeOT|}~Z
zE9$Rb=#H->de+^aDVe=t8SNAwn-lsxX94ec><GT&rB>RWpwo+XpQt#0ujk!|&+qu&
zwya)L7#KJ|W~%vjpK|J4y3MTq@=?M4^ZCD2{km%9{GY;?j#zVWW5o|QzOM~G|JfJx
zy6uU5gV=n}9(Nmbqhc@g+&Cp>#+vmft_d<(d1HS3Xycw;jqYXzxlP!dhPJWe96k2i
zl^tLF$qlxTV$q4N6%To(3>?BIE@m_ugdy<%6Z?W0=Z&CE$1T^|T!?sd+;g#bD3;i}
z{j$lD&SRMrGvLh8QMoJ68cu;7`5yS7j)n{#TruR^F6TVu?Rqf8YkmHw;lHeTe&nNL
zrW-fh)PQBhz8`+jef&O=^^4-E8S<E8mLlQgVata<U2~K(EiGh1ZtUXu53;=zkIP*f
zhK~0B?aLjbSr)dv5`Wlsc}CQkLS3w?E>}_Sx_o`qhAH1Q?{<7ht|*taxa@v4Al1V*
z=P%au&w^VWr`A|~k|)f3*0lHA>pwk<8)ct=;PYF9)_eLYnRPS2wj!_0PYv!B)bgM#
zXZ6TAiA5hjH$Sr}*z@M^{@tp3II6Dy^on_T+_g9n?b)B1-&T#lFVz3;b}K~Py}D)9
z<I&p9XZy{WrHOM>-(+q$T}ro@FnVmm#vVVYA8hr|D)*dRd~eo}A0n0}UpoKof#;bI
zp0BdGTDyI((?(sZ&!s7T%_mgrO3k|BrDk0^q-Vh^rM1F_(1P?v{@)$^H{-l<`(UCW
z@wj~lV{~5E_DmNVsDtq$)zX~D2B*j!_jL2(@!dUe_sMUlgSp$H+Rc8ioM(=;VIB1S
zdFYeUGN*q~hmfizAs4eP1^Z7Ie>;A6-BQi0=g%#dBu7nnHYRGBPkGuPTgg4e`YXE@
zuc;CA`ty^zY`;T`l`pz*l!F9Y2gI&hx^(1qfqKG|{u_FzhadL;bn2BKk3P&Fb7pw)
zzw(%tX3IC->Dlk1?Huv%oIc+U8Q)cWN=)zRp1%JZ(Ra?rKbty57vcF$Vyg7Ul(O<e
zOOK!UrrbGysA!bp9Mh#X`3oEF?%-|n5~5%I{=50M)$1=G<TqRzW8Kv6reE9q`Y%S!
zSiG~F?v8(9*rVY)J%ryS%wH9=U{v**CgJ)Yv8O|RldXReDfC!4SIk*a{h(yU)QcNz
ez8Q9L^S*UMTkYp(9S@$oU}0s+a&yDI{Qm-TDgv4S

diff --git a/AutoTunnel/WinDivert64.sys b/AutoTunnel/WinDivert64.sys
deleted file mode 100644
index 515b72bcd9aa7d184f43cfe0fd6dd1fdc9899a72..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 38064
zcmeIb30zZ0_cwk60RjR+S;RdmTHG)!Du_!WK`t5;#eD@?gvura1?vI?lyF6@wbr(_
zb!%&_ZLM0DR$CAk+)-<*RV!+j#I%ZC6z!7#_uPAf!Iq~!zvX>Dpa1*Z_THH}bLPyM
zGiT16S%@)HRx$Pr!$|R3EDW;`Aw4So`>#Ls$ae4au{*Qd`E=)f67A{E<5JUd71=pi
zvvU$M6p0C$nOQo;tYk$_UZx@~Q=u6hr^v`kN)B*ybMX^N&oCtyw=HXN&iZ=RFF)4~
zY0rB7xi&o9<(!gFuRG_-hp+Q+&-$`+o%nRIi2sHdzQTuN(-KpO=94XmjbxalrB2Kt
z!`|`Myn3b!)56Y~VYGmR2vF%LgdP-^2mp%PF^nV9)|bzy!xzFUK5xY&N#fzl+C&=D
zHd)Ay-vNFIt&(BtsUtQpOncPB%ww1x9TC<t%qj%g34kMf>L(s$MArYVOn@#qUx$oC
z!|);AG<ZeU5#t{P!=wh}Bqiuj_iitM;_>?6W%1fPDnJ4RH0Ek6WEA3c#5)78&7)$N
znt*Hpk#FM$WKx|;cx@gP=tYl;9!H?HL<cfrWO!5Y+B^z|xfzg?o0A9_FS|-ah+Z~c
zn@7bk!vb=W)3bnhpWwB4Nya1qn@0sao8<pfQ7v~h+A!5O+Av2kVWN5*Tl7OEw1?#!
zu0WV<@L|?a;<t~7JYu=apZ0`sqAN!3U@N?PLS|a-sPSefl&B)*Pqw1OuMC(ehTVRf
zfTpg{`8{GQmixt1@kaa<jbV%52ILdvtq6@9L7*b@&!6R44vy%1gl-)X5<Q{laz9c8
zEqCN+`4R{Fxjc%4IgY|5ZgEHlpHDGt_bUSuRbDO<Uxko}-4HMx3}Q(!?RHs6H|F=q
z5hxeM3zQ3lw40cAco`BQCaw7<A>EiCCepX&i}f|;3-v8=3j|%`??cf-&dqHJHPm4Q
zw3p;jNvxyY>ktOtXAK%Ze>99*Pf!XgG9{70$F<xs=k0zq1m`Xgnu0~c$%b3J&*w2r
z_)+eXeEC7x6_#7WQ$t-F7ej~@4neVm^*NZJf=V|0Xr9X_ufPzQDtLUi0^q6lwc?4_
zTD*VCB`V{9$+^wovw#K)J8j^@dD10(zgoO&kV70SYHcmo9r+e-7I2dvRZ`(lixz)o
z2STI{wNw|He~H2hhxT&PsM-AqR40Hc+$cxu7aPMJ4nBXZ#P1itX~+|f5uxFLUp)fj
zmLY&~4tbdr2u#1Th}w;^TFB5^RUwcyh9tjOL%Lro-gJw1piP7F_%aUny@+omWi(c9
zRP$B1jTOnV+6s+dEL(xfo*>AGa*!|o<xh*HV&()I4VXuuuUf9!_;4`8=$HG&0$@R_
zKZS*TTnn|!A328gd<is9hLoyoyPq3D5BNzDP^bHfp#q`tEs&&Uv*@dx3yEHdUjtg&
z*nFy;*B61+g?_2WG=AwMNQ?J=omFv42umb02V_WaG`cL_<DoW!a`8h`#EAlq#ryee
zhT+aa!zQ7(D+*k=FO9X~R`fuStQg$_xx<i)tdAPAe2^7fNdgQFK2FSq(nnPhB|VCG
zp{gw1FN{8eQve<aepM4SY4Z#^KaIsZawN6K;Xe8TiYzY){=-7Dyn{4`Nn~)P{)9y!
zsxaOfXk}&#+5!pH04w;saaSXJIl(L3veO~Tcfl34bm6mrd`gg)t&mB8xMl#d%nBI}
z$P|L)Ss@{SY$Zsd719Ne`ve(dg?NAm4R|oV1`fDOW>=&`C>=>0eZ9!R2u)+SYL;6r
z*x=w(Mz3J%j`e<(AQH_@RYr4jLZi7`>S;4)RG$(blM{-GaaR9>Kgb>-Whgzab1;qv
zZ2%550yF|(mk4mQcrzn-ly?M(yyQiYgPgc99=sah(#rhBFzL(YfLRZr{Bwj|;r%&*
z{tz%z1yE-a-faOiUI1kh=t}`KOaOgCpu+;FuK<#fv_2F-?Ey0832_gK-wQ>3`osQW
zt5tEBx(dN42EXE21T=MN{IY}3W7?u&rO;FiV~wRev-S|c$>(@$K1YQ~B%SOh*+MQt
zMtaDnLidqh3>6}^i#I0ob!+{yS@gn+K-5rlnChF_DE3pVVVa*}JWZqO@#+cciQtG_
zF>tgZP2@<J(qg!JE$48KfMCu5(*%a>3Xn8l>_&56SiBElpb_s4?7p0BVTY%-pT3PX
zI8_Xj9E*}|K((x4rmtb5@>o;|nL*YtG4xoJikzFWi3w#BX919kH@jY5<zQMs2rrR=
zuvBU*X2;6+*02>(3RU?}MaLmYd&B5_!{~+41~0#8)GsTW7!P#8QoKY~$MBK|HN!B`
zgEgpRtbx(U_uPrDh>@{XH>9lnS&O%0G{YPuYtCINt(2GD0y^?t8}q+otywk5QvG>U
zRrsegXJ5s1-X!ioLBS+`N1Y0zLh|@&KH?QoFt5VQhw%(!NVtaW{8WcoU^h}U8&U5m
zEZz^Ytkoo-nu_TispBUJq&bk*C;6q)CmVzv+~HwX<n<?%d_p;j-kU^(;$e2uCB`W{
zFK%<dhPGmKC|UV@QjSTmJo%`573xJT45Dkqs228k9pV=6*I-KpS$v5!SvS;zIs`RC
zC4!9u8_&t8@vv%2Utm&xDC$=+#;*pTrOj5Q3c7Et4YE3lRf9^t=P1u4jQufTKC*cK
z0cU{t$d4nT5BxRfJd_Hv5OpX&Aatk&laLZ=30tv@W)rQL-_&}(*-xb83=RActeTTp
zZX%1sH^g`8d7T>=84N}&-hD9>AT!hoeTIj&0W_NP^0Pu)@=$w%>JQ6U{g0BoI+k0>
zPiVZUaz~ZcY3Lg?M8j2Eyg7JTEGK%E7>f1*lwR*giiIIb15Q0tJwrX6Oycy$!AWBi
z>YMK8%R;D%iLi?*sPULtL04GL6bbf&)%r&goy$Hqa)nNyO_5;29X)hoHpA?a@G7QX
z2;I@;z>@b)g#>1zn5PwOU`iueWND?&hu|&cd#ZuF1X+JpW1t^aaIhdK<=vR+eMrn4
zcUVE?_#BjJfm%^oEQanbxuWX^j*p_BzhJr3qd3iBg>f+W<QmYwt@!@^Ip>;L$}RMZ
zEwvQLfMgtuLCGCsIZ|yd-7lWybbhHYo2r?Oc9S<)FjX5!fSkjvBm`tUq2Yk&Yb@MX
z!RLFa7e>PtardA!N>XNjULMANd>2K<vKUpdWU!#WD#$FYC8$))fi>0o#iPt5w(47{
zmb*pyENg!Uesm<c?{IL9_d=-RC=b%hO0)-g8T5%#5_UGSe1p%c_thYa0QtPZj>lK<
zH;o?(<rOS9!576wE0HDmS(H*iE8ivu4h^a$5?qu&k3d6!fR_k}!L86%Om&U1zk>0s
zLY9MyAKD5;VPJVof4;<Szexyx9wyI{e$6vciEPxwx2MEUgG`I}o9I0<7XBDSELUS(
z5=4`xyv#tPxD}-1m{G$3<wxfn5k^Jg1;@phZOt6kn7M|RkC-pB=64bEjT5Yp_QQ^q
zyhX+d|HJs0eXJNi(7Xk;*g}}RUqO9LGunZk2#XGHK$0Ig)@hC9pbC><^iwf<vN3q_
z6<8(ee^AiO#TmqgWP>g>?<Hzp#V1rRmM`30J-iuRf0pC;L0vHcGr~>G7#EDo_yYMo
zA7^1Q5wb1`S#rx!R)0jQ$2_sWw6efm#5DFmwmHa}N)(X0uzGXhr+hzgCyhq|)IS67
z;Fy%vS9`GfJCeNbX$)Y3Plx5j7*MeoB`gMlLOt!VjcBH=Kt2a8N|;MMdj%^COx|9z
zNRn<bfUz7_Nv`mFB7?tSxl7UEhvg+7lOP_?++p_e(zgLBdX6`p^3qp$L6N6XG19~0
z{l1#y_ME~zkmUxjoFi*+f}~|!geGiwsIIqVBtPa97Vio|<jxo?Fj)wm3ST~xz+pr4
zs?04}4n-HE!$2e(!2lY9C>aM7O<1Bv!$qJyagc)BDwtlie9hsQw95KR7K_G^2#?wf
zr;B8TDL9>shK`H|)(K=ZY-I&|3hL=(RCRv7ygh|j{)ng2B&}c&w|M```#23Ol%s?n
zJ~lFOl9zf*Ad@AcOk_y#vj*pO9}~HHhs5HYOx*AuS;c6`X{ic>GD>!cm)?AZ8T!+a
z<?O}ATD&un&q4z-TQ?~-n!qFmHmrZ%DT_BeC8~*5Ny|}_FrX~n3fOcJoCmPQdp6HK
z<}uDKi3dy|K*h}1Pwj{U&J!6U`Hc7Y^(Ljm`E(yb)K_CxgYLmxpEd6K9V-)Ib~E<l
z=d6_qYA_~(Rv*)X#^Sw?_5?cb<-t$%fQ`jIb&7m?$ol!2!~@Ct7;3k88;E_(Af4F#
zjV@!DEYG7TpBGr3(=nCo0`dLWYZhn;M2dMLS0QlF?#I)1%jBB{_3k6mRy3vE60|=A
z$vjLpHAdGbh|`=4i;?cfZ!M8e49=lf@W*LouCGFm?#2?Qaa5F&Kq}^-n=%-A$$VZP
z;;5ItBd*{F7NQ1=w+b^RS(^zwLLT3>7}`+yNZ9FA8HS6+I}wCgZVg`q6t;*I%6JOo
zk4FaoNHeFr>@YwqC#-Pqt6Us(jx3k&YwiiPAP>AIvO+C^f9CH2JWXe`#^U`Q=3Vm5
z#ZqjkCC}+IjOj}A0u7hy&sIzrgg)1VW%_F5!!ms%xg(L>uf~1dc-cy3G~vtzoLRh2
zp-n6&BXwxW4fiuhxZ(Z=wX}S=qD&1tkj=_Ju5-z0%MB0FaHEtOZg_7j6Ho^xM1}Dg
zZ`fOC*BN7;R}<RrV^O8yj+I*STSRiFE#5QGjb^OyhEsR)oxq!qzG#lM6H1m~uYv{(
zWY`ICZ3S!rR+=iTG_f?fWp%AYt0~M6=;c@s+m#RXvp!w{t{`T%bG|Hw_a4wZc}XP(
zkF9N#$V=Y?sHi}+0~?S~m#buv70D9yz{5KCl1iP+CvN1Hl~Ym9?MoP2QirX4XI5dZ
z6@2YLK3jlWdotD6j7j)-B<&laGp!xjc_H;<$3aBTNc~8(*wP=Zdtu)}x423E`^{Jb
zRz&;|UL{|40wDE18micI3qEe~_T@{Hanqe(Inq5R1h9%xGA`1?5am(sRB4o!*9?;C
z0tPwCOAR2P|IJ@sT!@H#Z<I8pszyeOF@2Rk8-7_{nhH235wj;U?S#zA@JsU2SiYdw
zyp~$9!d8s;Vk<^_8PmE#3Z##M{lZ2dhox8q_EofK5?S0p3)!3+^f!Qz+gYdsZ3(TS
zwnB51!RO(h#Bir+r22QpbY$!aKR^)XH-yBwy?`>@goTl%->~vXw?#-5E}kXH8>4=3
zbsq^QC9)muv!rOc){q!!`9q{tZ~}ivJVmXqYE1wbQJad@oD*RF@ER42F|!A>64Rbg
z8pNnUp;5BDXLu$-X{Sil-<F8NI2i@8ZxUv$kQ33KtSd@Nl?in!j4P?S8eXAFuM}X$
zT`mX&L(jpu!k=McN`KTjN7Hz59EjGGT6EsLh34h!36R<06Ks)Hk_WZkZv$1TKOFnl
zRY!BalakxEoC<MMWaK41(sDOSf6TY%a(!8Ds^WfxV1goi&7DLObkf!Y@iK#bqx}eI
zp1a5zdO4rpqBv>s9?eJ28mpe6THLl`v}?ID8tzCm_c_h&Dw^A2S9LVYFT^abKde+w
zV=di=Bw06(MBXu`X=wm%iBl7pWjkjpDrUgMv1QoAgcBPCaiWq4s-%KCp8GNd>ZG!G
zHzY#e7y4=3<)v$&!9eN=Bo;_mO~b(OzVVmTc^HbffK1l7h%iwq)YZBc%i_zzdn<g-
z4t~^9B==n~Lbb@N%14Tpv|7JZEHgrlTm1QoK7viyhb#sTexVSQAi(-YKZ*EU&b$4@
zZz}j@fklc7<B%GP5c`S=0yjS+#cBK|_37f*iqXy28|`%}y-_MJ*@p~1@_{w-mNoL4
zHL`{x4G!`W(#w6AJ}OO{5z}%J(ij?^9r)qt<_unGRMsL-z26mIo+Vx?-jIq}*;v9%
zwi))1CW~fDm}e2^`GaZhBZ}1jK!>a?-p|BSx}FBnCCV~j)^saJF3uBJ?xMx}%rq)o
zKz>Xvz#6U+tXRBTgC?nZB^AOV0RgS8`K7Y?taaOw-~W2TCyWQB9>gto8}l~Ez_++O
zfzocRcrbj6bG)x1_=vyTA+M>AXacCwN4!e;oZA=42+(<xNRL#!9$ggm=vDNbV8A{C
zF1MQ>+uYGUJ*We{^$p%SkKprIltJrQ+HQ+A_XojJksx-Pup8He;MhijNqps0j<%?Z
z?vPH%OF9Fpzhf^iF-s@{-3YNpysVK!kQkq}LWt;w>i=}Wq{i!n8<EvF$mFF%fX_nR
zu*7HWVUFDO4>38C-^@j+%=TPV2y3u2U3-ibi=9kXiv5Jn*t?LI{t4=Ag}RU(T<C-u
zX4xI24Wm^i+RFyq!Vb1{BKQ|PJjC>Zl@d{5A5{JRo5dn8CDksk^0Oa=Hf<-0hS8}e
znwogl*rI%???O;1UPXCG8TCZ77%5QU2OaG?lKxmKi>i!zi>2y@hkS2kiyCY+nmRQS
z(&tMh^GB7dq-9YFCUXAyvdfmy!d%}Vk(b;hMxqkRqGn;yo{DKTn~TafL@gBegwRpO
zBfiAnGQpFs#N^Gp37-&WWMQZ`LuizT(k`olTpl=PHO3)6q}(tm8tliwqXGiDl=s<S
zx)jDUKVmrqnTyMj*%*c5B8j_%^R0Lc$|=y~0pmz0ZY;9-;o~%&k6@nAa*XlDeT#)O
zv0#|FkCuyq*0^=FVvdK-Q(nFckc}69u~>qylwL7^&d)1A{B;&Fi1`JB@@4po<b}n<
z3-f>%<{QoBD&UD(w{T7cS2iwTPvJZlPWB|08zZA(UPiq#A~o6&VWeasl8D#E7)D--
zF+|jAxM7pHv8?`vgv6uX56LsZ$BiHG8hLn<NcO)&lV-5v#u-fs!eWreVQVXB&s<m?
ztmjQ}3}?cI)BOlv3CsP22~u7{_8VqXw<MZNm2qRqsl!$VZ`TH3!4Emhj@dgZ&^6Pe
z(V2Ync@?F}2n~e-(Zqx0h*GVulL(Dv4GaDJH8cZ>qEMF~H|~HKiozuroVr%r1m1h3
zT^#rWN0mZXkVA|vnB$MGz!A(Xez&o)6Pla%G1;!?dnAUt(bzbXyrf8M8MfH6W#sz=
zSE?(<_`{#Kcuzx(Hcgw%a^v}y6`~Bu(6(hsLd*CzfsAdlK9m^0LJ6@|o<b$4fa<Y$
z-|b6!3k@T`AeH=rZ1M~8dAH{A{>b0xLGW>IY<_dv#d|8$7+$Z8lZj=0qgI{zJ6(M$
zdf?u=*0ieVDac%7U=<pJ$`?zKGFBGXbUBjGatHX6)JV>xDSvoB$`=Nv0cxq`w(tkY
zF{R(gOTH&P#W<-aR=G(^w)Bd;<P-sI<|KF>`vI~pm`b-J5v?EO$3#PVu;S}^B5pKq
zkm<pq>2vG_=V5K&HXJacxg&4ibaH)zz0O60DT;x@ndMr@oz;ZrE|lvhg9P-T1e5)*
z@-<ZkVLOxM^knEXV6YYpVuG(hpyBvKQ&JZVt+kEO&ZIJV-YnOjExj)<aRo6>pkO}0
zLmq+3{fKNxfH$1n9Sww22U=LH0dAK!RIEZ%E^NtaFieyfCH{a@oiW%c<1S*Sg+`9C
z2IR<}sX(Ych!13kRXNoyM~d4ncpFyk1y-JD1r1JW0^fpVGJzm@$;6Mmlq~ww@brb1
zCz^war-vvg@MK<KB>-ViBWPzriKV%^{7aP5U>nPyZ_b;L7Zv@KaJUQ{EZ@mHY`P5B
zi)5A;`~;bDVON&6!7!a1X+mlWPf9mm?26I`5Q)U<B89g7Xf}$)J&Hb!x|A1zojDeI
zavy#e?@UA0E#Cg)p)d>mRLs1t@;!0!$o~TQm<2DOcvnRKjEFCMF5WIjdNd-QpZEYz
z1X-S65B=!&68&u7KaV+)Ni#bhb0RB=k(h6@Wcio-z1FQ84fm|Cmb;1LOO|^WT`^uI
zEQf=StIO|Myq!@a_CK*G$#V*>Gz~xxu=;opI&f3Ku_e7AW58XE=1yr1slFEPmA!xh
z^!A;hMir?NEN=&CxYGiP#XB3>W~_Bb4vHbU)*9zycZ1h2bipc+Q<dc^3=w`vtwYKX
z;jb#WpBJn@;I{!uM%ThHr?+8_(l95)+%uY6N+kf{YO0L(RVKTxr@J08M1&YdD$TC?
z#NLcPQHeJMu9gPNYrc1shKNv$cgx=BAYqeI=PT}vH~@y8HaghjN{gKQ_=?dAmQ!O&
zYrz_Difq7^$Yhx$OUXqkgRg`~h0OC{xi++AXlThAM#wCq`7K?g#rtDk2v>A6qR0EJ
zN344;HdD-V{3$<wtkv8+L-z0S*|YwKcowFm5{-`J>NMp)af{J+4}-5*`;1>?Ov18p
z3^9NmgYas;-(EpSHTD+PMi`TDi7ehXX`Kh0wnC<sJ7SZ01es=cei>0q2MniMQD@Uk
zMo9er0!X|~hYV02P;ue6%S^w4J${E`3!mlIhZMVl?$cl>(gKlAX3y|58gXId+TdnH
zHP;|tUd5Mm`(-L`2+3#Fgx{hqimw1s7cQBF<4lL20L~lA&yz$D`vO+d(3!2s#4ZMH
zV36@aWhv^S8)get#BW;|FT%Stj~CjZ8TfNvJEFv&O2Jf#loZAbgw?m1N_L<UqAu2l
zsKV$jHeyj97Vc*(8-5ZS58j}{hX1T{hQP7U4|$3Ud$=8MAQk?b{IzPX+Uf|x>!6Dt
zxhnELtmmDgW)Lef+L2eX+%TvWZthKb+HD0_>gA@}3Y`hWVOycWpCV_49RzF{%rwPg
zpB>H|9^AjM9tuT!&@QGEwg%duO=2rf!rmyRVvFGdhzLbQAMo65HCcC1z8uM2h~`e}
z<nq1Jk*uXkV_(aLpUAlvjT!EoN#_v(_@rn{HQ?It%Q^Mx`&AO1bA)`4MrI*gcrY@x
zeD5JOccRMVVPC^lRT(`}?5k29)HXL}`135`vIYiBWUxie-DA10u+<?<8j<10@;oEM
z&*r&n!UVG-FR8)+VfBx^<i&dtE0?H0MUxnDr%zt88VTC%qjB^^NxCl-$=!_(|3Y5;
z9OA0-MUFTnxTLL!^k?<I*~ynC1FDwqiIrdpcvc;LR@X*v>ZSA2n<TnGy~#<}MQ@Vn
zGW8E7d1-8g^rDR97G9m(UR@rlwXbA*T{7<l{6&JBzuU(L*HwGN&EYsXj$zdL8}jI?
z8+Os*=j6qYfP?1gyfKooB0i3bnTuSEshFWs43REi%{jW)<(LX-4^^SXQRk0uOL^%L
z6nZR)y;QyaH<`TnJ;b6bvK`H>)!`51C9ew^5E1QxAj2av{H`vLi*(hL!Qocn(}RWr
zwn@pLDiHUR@2ysU>I!t)_@p~GJ<S1htSZAN#+R#><I)P2bjXN>aE?{g`64<FC$KOS
z_+lSG%bmogINCA9xDofjG+1*||9KGWc`p2Qo)m+lSqcnC>p1$0iRH&qqq;odS3coX
zvKp?ymo~;8YPs*U+#R})N3#s?3url9;MDnrM(Zt*!+ThehwbLCugFXEz^RxashHpe
zqoaWrmA%g5UF=8BXdQozZ3!*k_h9In%B%F>%Khqbd~P>LB`-}u22@<*XWbr-4nKzd
zVL%IS$O|7j$cr_IM~B~)FAFEsa-E;EXoumhVS8ALT2QI!ELb>5daDipLtZQgZpHM=
z$lxv#Ke!=b@xIrU7{a`Odv$jlq3MiY{h)Yx=}pA>QkM|{Gm(w^*!HKR!_Ue~s|a46
z=g3_&he4SmNSVJ-hu7-b>2LSa`SiLVFL?zu>u);=t2+H7=e%K1+asi}>hfUL-pJJo
zT=P7~f)QR$6|r_;5is;T7$i8-S~_#B%zF{FoauE^Bx!Qc&C;7%=!WPY_K=r855g5=
zu8S+8lL8Tow;TlciN>6Z>PxA5(?U$<{J=5gAjX#fI)tLGh((7$gqOPrr9#bvn`V3Q
z*&icY%hj8)76F$}lzojaD|jzW`bCF~;Pc^!<jeIAAP;|hAGm=r`?QD;EBDiFG!1t?
z#r~eQqP;4(a=3ht^ty&Sq2_8Ztix+`V|$&{Y4C>O?SZ#F-j?Af<)yBmh{bZ4)-TlT
zkITd1_spGzw9@QL5n%(|>`HkivjYV;<S$m@DoJ(laU6Y=oRH#*ynK)Lx<vo5gM6jh
z4y=`Q#8>~&UB2=Gaadx)SO3sy$#c4l;L7kCdC5EW3<DNM;T?iE0B=XUZp0E@HP(h3
z&Gy>xI<7|kVwLFvAaKk#fQspu5MM{}PlWhZihqE3m@sjp(3&dK>i|F@0Ha}N{)nvO
z6x1;S??AjHhPG5+J0RMQn;KIB580#jlb9w5QCC06(G)F`gjF%kf(8(Icn+osd|Vq|
zZ_*;h(~_EZ>L2>ZS5}~I-4eY?u1iOKRDT5C5WL;+`al}s;8jRVjp^Q1e%wUMOrC;^
zDT5~lHk?goc_^YX(_t%u<Ni+Q_LQzwCXG<5*3VIYLt)x1An+-b=|xI`wg+e%5Z9Yp
z>(Ws57`((vKfKQfY<Tgg<7JUtjB6w}-b2mBc*#$w<;T_X6Q%@#nHVQi1W$iYjH4-x
zk71CT4q<A*aE_7Cn74zhu&vjk#>^26&Dj$vA(&B$OMxwFOcJ3YoPEZ$M@0%$<kwiy
zI8>y6*jv7`0iu(a81dCV>?U7Hx~|LDn>zCBPX*gCcuArC@%oS)>Gmu+UrPC2m7OU7
zJPD~iti(hMP%$Ml74iu|Gq5pfs^d{bO*urXd|qdcHpXy<2eRf1dQ*2@EUFuZmn273
zx2CFT+Z1gd<yvKO>w1#k$rO`PQxzs0H8)CTDj+Fwqok&6UR-;J+nEfMC*SL6Dik6_
zz}0+E|1fw-hAu&G>Z2QtDrk)K!Arx|J^W<e926PuVbTg^hP#`FJuWTd&6HTVvnfl^
z4WjG9E3KH*!ZcpU8Q#hyMQOb$L^l!ShvN;!+a0eLyiZ5i{TlN)HFvhxX$&DVOOgnM
zfE`Vz`D+V8N^1JdnlddG1rIF7v=w0D))f?>0Qx$4Rh?b0nqH@aD~E-TyY7|ifNR)h
zzj;#bg1O`HaP4)EoICS>9*!*6oNwpf9tMak=PFk#f9a4K<*{`YUZoqZ=~b-@rB6@#
zw5N}|21^H3_&Kgh{#vEE7aw_}(%glQyk2Q;!$;OvnmzakOqdfNSyKsuvXo(*=DMBP
zkq@Q&N!d~W_upSE##-PHNy2}Eb$Y~)d;MXy(Y2m2eJZ?fvsrXq1>cqTv9;V+(O3<0
zm*_B+Ry=f$s^!iZB~U;tZoSl<?eQPBe{i)_uV73UQ5!C_eTYBgsEp=L;LwS7VHo2%
zeBgO|Q69~6L<jlC{UScWkX9S)8;g*iWi3MFtVNcJMI3}8HYL(+N;uk-z)m*L6v0r5
z!KtwhoOfd0!CtklHE~8Ht<~T#fwK6PX|Upj1FnLfuWa0z#y)S8J5>rznTo$Fq})f+
zSC`{N@nK4Mt-Rz*B<ZfvKA|rFxemy_LVPHH83_loA&aT6TzcJ4t{zyKH%}FseqEB6
zCEw$Ey~-rTq9c|ZWfgst^ij~qgS_QbSU=r$nf!%Hb3ZZqQl+`47+qUw?j%N6SDL-V
zD742}jIOCf^WmY6gZgyg15Np9@<ZS#8QWltp`U#<<#0_?xN+B|eB+4i(mu%Jk2M6@
zSdU%#6W5v5xSIF9buH9HPS`xK-m}wkhv;6}zRg^~$Hq-u0PVbRKd=vOVqcuCx?{)U
zQt_NhA8mLg?hnA`vPFNA(B%55NPNt|p~m(Me`^8vnc9(k6mF;uLUyEl@2TkUU*t>g
zKmlo+5~mCjR2Tz->T=i6!iQn<Wez}87cLByILMbh1Re&uCe&^)_1{9L!Nmv`d#0$v
ztK>_sAeX#F{dp^z^zYDiThZuPs_<cZUH8I=9dw-|!;(T><fUr?q$m!JIWgKwUP{JX
zzNbpx5H^3Bw!(V|ydlguC3Xv0FvKk{jz<`6f5LJjGHhC?qd7>eUl{5rH}_N*A;b*I
zm^%qksI1vbhyrYO7Nc^UV6{gb>T+o)Tj4df-1S14=7L0Bt_hV?)=A-9yVR7qUJ%-j
z#mNObJ}RZCRLyBZ9TAaH#03%9K~1PTBA8w^p{)?{0=LpoeM9FZk@|*?i~6f^NpShQ
z;7i}&vbc-B!Dq3jzM+GBCAmC>eiwc!biH6_9)Z|Bjja6zvkI|#^FVxmMvlE%sc-1A
zFiYRiZE;6^L&#$6B!?}DNA7*(I+|M{_A6ozW*K6?ASO+Tv_A=s&#|=hY%9!6RgF7A
z6@yf4)%Q3{#940yHYczfgj<X{VLu1gN@|RMfG_Jx9)2^ALt7yjvMS*!CGF7B<w`w&
zrE=A!;S6&f@Ar8B!21(kSro&x#*4?%kq;P&ojv?5shyp@qobXJy`3Eb#ObvM2t7iN
zz4ftLUu&3>BJWhfqp;y_JwmbB(~7OC@<@45WwGShA3{s2j(eD7z_6CUE=8!8b8`SL
z4)E>|01Cf9i92xn$&a;oKWhCL`!RhjZmspgs`+)W6ph2$oLTp)oOA<d2g0>n>Jn|K
zDU;wHkK}%polc&@0irkBr5FficfU%ia}z*P9wLq5YND%54te-<Hj3Emuyl~RuzaR0
z+HyRvK3ZSrgww7(r)aLaTHc949jL%kg^KciCRmE_Slf@(D*PW^^pH_7OztqEr{%`E
z;09uqf;Fh?w1zQ87-|>%<;ggg2GjvyJ%9~)pQEl${Ave88tJWKiyko^43qQGJ`iN&
zzET&tuf|2i7F87@4K{vYi%f*EPldFWa~0~-%B!96j*)3Ot&0a$=8I&s2f?rbsdd5J
zIL-yz9aSoV*Ad)EaDg#P4MFP(+K{&`y2wa1L>DzsAlJ`@Ijt{r^<zvQLx)KMjr{WM
zhYVIl+t=_Nlt3NSpE{@oYdLQ1BffuFy~)m|kNExpOxoB-f73tki%6!t;3R+TADb$k
zvVSx#4J3(rR7@S@i@xxn4uaskglg0>t)XS!MZSA-(eftk<@=}JVwo@W5Bh?-rLmiY
z{;9I*AFWs)$+v;z3xR80Ao_7G)Cti>g4Gf162WT07vDqFePhs(T7fg6gJb}<{HOl0
z8FRQV<o0q1oE(}AG4Q-K7<d)lO94X8_YpJ<5Br;ZvCb4qnU0~sA_0t9f85+TM_8DL
z@i!UXCgif=hjexp@QH#iKgRy+*)r`+;ua$2OYR{XemW29T%)wwVlmZ0V*6y6-&lhi
zN7O6arXff%I85YI4omq|pD0Qh99RVS`&v)5pu#N<32lYL;b1D}-HkAClAmago!TSv
z<x4>s)ZRj_F%nG<KZ3s`%rG8Bl;!Vj8uf=P79KhgO>;zXRcNXb2Y{S|X&8{gvQn{`
z9fd<{hs%_%aJWw%w;?Lk+~vMXW~XZp%$0+XV{oVx5RUT*4hsN;W8q{hMVhV<@OHZK
z-aG8G)jez6Csy!Vo)3+86No*!M<|pcT+{m?BXoo<zQg8zg!>SUETULNhjI$wPDirg
zm*%Tjx@L~f!jO0H=lOG+X-8dul4hA&b1Rnf_5d7r$VhIq-o#EQ_QE@i0G)Z2j~TGp
zi=%yQ+Eeo&$6JBgu{f{j(2}pep9^3A*SVwg;jwud)Q>wK9sVE%6WQ3PCO+Lxp%0p{
zVE|lYgHHZ&DWe6kV&1tA+9)!Dd5)jjtfG7D|0~cn9|&r^m4fi9+(B%w8g}1ltM*oO
z;PYW|AKakL_^P`OtmPP8TL)u~P+&tu11f|`yer9rji&yx=_O0IOR#+cF-y14ZQ`{y
z@l!VO8k_iGn|P&7{D4iIuBKV(@3x8Wu!(QCiEp)uZ?TDQu!*m?iF??@ugV|SRc{kN
zWfQNli66F!ud<0Rw28;t#HTgJt!EOE92O>DX}RNS{jCP|eFlGqbWZ1~=2Wtn#8~Nr
zOIrJLY+{YJ>$&K}>Jgk5Y;c4J$I4jyk+S=0d%4b4zDI4Zud8R*Y3*yY!6)c60^Kv!
zWO!g57!V%Ws2EO-6DA;>GZw)f34TAU(_;;OJYTU~6+cVG$@iR(-Y*fKX!!@{09NI6
zWFK7C-*D17YI{|&1`pQ0hNdKa-B5T7j(K51!ijesT4GvQwTg}v^;Nv@@C*C~ol99u
z(ObBG2o?>#L8E`r9{vFiv2YBDJ3=(+U@As<32z-gy}?m1jH$=lkax+v22(5<YuJ0d
zC_%FUUj&g$l;R5^G*Y6TJ`H)b!YobuJc4FT!w-!l<Ht?Xm_&rrn2CsG0+t3?GLwU!
z<OpN}@LIKF8Z#9C{VP16{^$8GOJLS6p=hxfZW6;oVmMq3trbk$BgAsVaD*847eg!F
z`j3Rz=VEwY3|&OLJz{!+7}kmPJQ73q-9q{9Vi+ohBgAl)7%mXQHDdU_7*>km*J9Wp
zhCX6_DlwcPhE~1<#QHs~?H0p2x_XZ1b1~c}hHJ%8Cx-E27%PUMVkndrzSiF!!d%B-
zy$atN?-YtK%t$5!KZlcopCU?QW+5X1Z-J1-e>KcNCKfSAhE_B9X&m|sXFLMjpHVa6
z_%BKf!<jf{GJ|tlrX!;uG^XaM@c&9@7$_2*{tQ-3cpCmqI%C1pB%Zf${K$?#i|7nw
z;HKbF&3c-4Jm!n&P5cW@+kBEkIB+yP-xE+fJ*&ie_yj)xT5h)V{+;@4%L#mpWg>V!
zGOa&OM85~|KUzQWXWQoHd7yg9($Z5X^1&zY`Ja<VQ+WyfV9Qg}e5-sGGle`W9!Y|H
zK0B9HbGq~5=nbE=9yYCP+N6^~ieKBm{QdBkI&_yrzViHu_urV-v8248dUN25Eyi_u
z{q&r7cWqAUx14>x_0OY<y`D+*JJoaRjZrs7?N0uqL${M2TYTBI&mC(sFnVt%eeeDy
z=a)A(|0pm9)0lKfiDo4Q=BQ-E=QCMI%|Y59`4peekI*DQqA@P#VSLaidHgg-e<m~B
zhW_v-v_>_l%Su<E*&ICu=F<f5n+{5O;Pk)BadY%%LVs=PKP|`2(No|@aq?i{(m}Q0
zzaiu1=+A`ZBl_A#`cKDkbM*eJ`VjKJqz@sYiZ##ge^nova@-vKe_tO2j+>+R-_ZwK
zj+>+ZU(pBRxH)?NtPjFCoW+mFOw8$jZy}na-_$;g=EwA7TFqOC=IA|*eRvv<o1_1v
zK0GbQ&Cz>0efVdNo1_0%eRx`qAKP|{HAnxS^@G+uk9+j*wWE3ZP4y$X39aU}qj`Ey
zqaRPhadYx`Qa_%S<L2l+oqqf?$Ia3ItA0Ek$Ia3EXMJc+mu;<E^ZnOUAD%{+|H&Tz
z^ZfBN95*MAC-vcJIc|>L)9J%MbKD&Lzv{!&a{Rw*FPdt{)9S}R>+=7EfARODuPMjP
z%e$$+`LrB2NAKzM<DWThj{aZu<LNlgNuE11F)NdPjdx})RK+$<nls?1pzSiRDG{sg
z-P<-vdt%9|4|@D`>e!fw@)=`3yz$XXE-S0LxeggUWc0_oyC3YBsSb?GTHF2f$eS_S
z+~3NctQb&vsaI6rtdR9F<#$p~{K3p^dGzD88;2)f9KH5}@5M#a2Ir5B)5N{RUON|U
zdJyq$m$!>zTIJHYJd-$Z+WfT4q_la-Il5_SnYp@z^z>;HHJXvr5;BtdhfJH8mWdxg
zKxY3C{G{(JMk19k(pkbU4N1IYj8_ugaZZd^h$G__<dH3Lkuolby97Dn?~NQ8d6E+&
zM_L}#B3shNg=wR6X4;@k8<c4Sc$*;aN{O$G@l9&M_>OaCd_xc)>m|~WF)m|42Uijt
z@CQB;M?1zb$WAFyxH5_)FGexWlTn1UViY^u*SD?nt@Ww&%5LLp$2k9Fr;HsV{5-Iv
zqchX7xNW^}olmV-WvlF#@gA{qCHU{)%5>0qG98jyF&)OWWIBX+FdcTbsc&89T`S}P
zmIT;1Ir7|@4y)VLwXOxPot>G^H#^j~t7}u+y3#w_E8a7<7148&Fix8g@@<r(jqYfp
z8`|i~v{_AUbU_<E&_+4h=+5}A_Nr}F33;`2Vp@jyGA$)uj7zq2ybPN@0*w}+0eL|t
zZ6K32V?m>>3)42li)p*sr{1fsRjo&*d$wD=Yit{Z6XPxkVVo)*vZe9%v3B5x+P?}N
zEcB5Z`p6Z1)PnKKL7hG>j1Oez1KIhkZdK<|>t5-a-6CGV1>QK|g}4Z~e0$K2B(wwY
zHh{Ou@vdysqXpACB#db-31B?x-RoRyT`FbSPVtW5pX!cptlI<h<e=xyc<uDaZsYHa
zx`(3fA&ieCl#y4uWxK`;WoQGP*RNp+X;A#<`Ja`*|HDEJ+H}3o%lN~m)6*5_Q$Dv?
zFhuxgmAJo2qH)H%qXWY%N5Z3|sj&P7bY|6D0q!qmtBU>}uTaDjc5m^M=1<@$#r)cA
zp?skjD#Wmsegy+hwit@lHyacN2>7eSdOXB(J2C}$ycjZKxFbV=$BJRIgvE?YeFXe^
zYdgep8`4EOVpu;%NN*5Bl^FgL{b_wgI>ka*_pA^WilI^rYtuxy7%If@pXm1%<+DSi
zUz;k>$reL}7*@^};bQ0^hW|uAL@AW>&<kN@iV((&p@$gmpuhOR6EB90HT;JPN<{kE
zBK_vjYyTm?xpM!3|NmP8G7p?-dE@7Tb-1B|@PrS;Y(=~l;Yi$oGvaJ&9EEK$7Xx08
z&<-cZ4RBUv2)p2q*smh)kI)sDDocRxg)mfs7x*fKyE`+CAL0iPGF=4vGKAB`coM>4
zekczd7U7I%80Ii&CLwGK1G^n@1;UZ|+t780k3)C_e`Kr!{w0Ln12Ap??~QQ27%xOP
zt}o6v0H21iHw=3!;vonZ;wAhNgvZ5rEy7kIs2^}&ga`Ve4C03oelY;2(P-CIgd=eL
zwFB{3gp2SVM!W=JJzn~)<_3hF!ZA;vtUtm~+~{clT!nBZ&d;fADnk539kU+sRS5U6
zg4`Mqc8UfMfGZIuX;Ba2=?GuJOZ~DP;RP{%72%&TXeV&!-zy2gn~Hb{!gs~^ZiHc@
zAuGUD2)E!RoNr<oCJO!-@lSqP2413Hi1695;1luxJpb=V0Jq5Q)#75=$5w}kE+skO
zYF%Dm+?D!*vi2!(sjU!~U04o36<fvP?lnEo*REBpTyqFF(B3D!2e`@PupKeF?{ewG
z$1+sx!njDl8T5|FurB~(;xWE$@ceN{U=m;rHhATLDFJKlnMHK)6pP^|F+3!O!^Kd*
zf=vKDdj4~dL6F10dygTPiOg50<Db+?&?U!aWu;F{)1{6}n9Y0v`1riEq==kk<lt{P
zkRG0s+yqBuKQei2a(Z$?ZgO;HoGu}8&X~O9yyT>~?6gd6R^l93AG?vs>cqKuX*tbd
zyk{SiF)S}FJt-zBeRx*RsI1J`gxSeS#0t|OiO!-rk;T*kFD4<I$RZagxpCRaiD@YX
z5ebQ@;O~9lTH8VRHK=)5-t36f<it6V`3#e(%gUXTlbIfnoDb|V4r6uc5n0&<<1^C|
z@h@4$>2lICXVX90G%6`Am+BmqtQ(e>l9HUGP0Q8s+_><0>ZExInTe0HHTYMR(DWP~
z^M-`Vj!o8)#2Sk~&Tl7_7iHau&`AFSK0hj1M@59XnNgbPxPZ9HaTu@6@cG$)<qWf3
zYs$%p%$%K;nH-Uxm75IMR30`iCm}O8AyJo>l{qXK*-EA}4<DYEu1n5QCnW*1txf6C
z*~!3}@?=@{tgIZJ68Bk%g9z*&W##F{f?h6&fI=}3kIsBHIZ=lmoS%@Bq|PnK#IJAo
z@sxzxG|&@W^00!D$pt9m%IAo*ct%QWs6aOJvvTIdC1+YGP2=%x+7pqLk&y<bm@=Dk
zXeXPHnUtO^C@pg5@VQpKXq34+GpR97@&~5j@91cfb9FgcV0au~e_Y-yZ9+kEPSdtL
z&zFSe=M=<Z2qfzSQGglfg^qed&X*Qj+obSfzAWh*dM@*^RtZe$`CNgVD3h_tiOJZm
z69vqS<tbbF5_)tlUrMZPd}fZ=Q=;fo=4a1IOwZH><QC-8KgKmNDP=-(PA<3|pE(N~
zg>)n7F>DwQae4w0k)Dv7i`DdFJfW-rpQstG)r=LiR<KF``Tn1lfQ0@|fbk`>(d5A%
zE7DNOzrdZPnE#O%UkP6p{=t*aDtkE7%mm!Vn2B#BG%pS}WkxfjkdDT8IO6mil-~VQ
z*xjR==n=x9h{^Cu@gI>F|6T|&_}q4c6^Gj{Ik-!c$;=k-)Fgv)CVxK%emjq&#6Rn&
zWWw-<;Px5X!Sn_t3GTFH!9Hc<jz}hMp^QS9fx9U53`0DZzoCP*4;&OpBW=3Bnv2^u
zR44us2z;|pnx4O&4bVNI`M{rrdu|FQ71%nI8OZd-e>s59#kYW`5&$YWXhC1#Q(Kbo
zwcdyg;7exUu1pV5@kbujm;hSIJl#OFqaU!R@N%Aok_&JbDH-WdP)~vtnhXl#A(0HU
zU(2YOAn-p5H4OtSk<X=DOQSF+JZ|R%P{`qBU~QjpGdBQK6=+c&>Y@8l6ffZUu(n@=
zTa5G!V%$NG`a-xxMLeh5NZE>S+tOUnf`P$}-}Wf01rM|NQq)t~$RnxG=H<cgz1I|`
zVBP^gkNZx6mMU?ZIFRWh#;}~j9XH}@v`CAjO?(OWv6A_epauVmzhO*E(1-<%EJ!#H
zQq<YB?C*6UiLX)URg#aA*TJSVo|O7ynG@fn?-RgnP9wLEH63egj1jB`kxTlVi#Cyt
zJl0QV=?+3@`o#0&ovGYdzcF-E*{1qU`J0(7>$Wh33<LLv@!hE0$ZnjpF?(a-##I~F
zZQQVN>&6`$_ie1(XheyIjm#$5CXY?Nn^c?FO|hFMZHnKNx+!~8{-zC^wr<+7Y2T*G
zO*NZpH(lDqY?f{I*zCJmvDtsKa&zeB_|2)Cvp45&F5FzUdDZ51n=3chY&LFg%G!TY
z|N9c)|BX>QJ4RXD@ij;1o=e%K58Nb9b{mR2t^laqP9h0xp>%e1=;dy2*VchiraHRx
za>QXw@c=uCbi)+oBxSG-M6T>+FJU$)Hgzm)kKs@MjfQ#1#UM$?P$n}lg#J@@wxKEY
z`fA5>gSx)G@$4?At%FyWoY}cKXTN?!ahprZV*5LICvLE}li1mLEPlcK+rp!xCf^?U
z%KXnAe-Br>HF7L*0B=Pc&#V1-siUXe6m_7t($f(MnWyVSIAqB=nTm*n?BqZ%Wh(+Z
zdA88x<;+URoR^lKo*XC#H9%cF9ml06%-1Ccc2Kq>KnqVV0icM$X=hqW8df~;dICEs
zJ5aX0r;nIDE-eGKBxGO_Gg}d%R(5Rd78n#56cniBpDC@~f|P+l!OEcEeqsH>rYL9F
zFgrfZTAhohS6o3x0uF=|6%koE*;zS4bxLJ`P~9_)*;JtdzM@cLTyoC5w8Z3GRITWv
zhze2`OS;$!NaDcQ7fa;mXo-tmu|&drxP4djxREclZ{>2STfy^PCicv_y081;h}=1c
zJ`0GQ@|)M8c`G6$-6D2xyczk6aqn~0x>H@g+`Wdedl2*EXS?ysLvv2gj0``gITO(;
zw{<a>w!7EKmpg9HY1chwZl@0eul+VA!7lEtZNEnMcF2!>v#;UI_b-3{=kl8qhYmiv
z`s#>==Yqc}aQUr1uS~t(a>Rbj%iF$8f8&L;WywACrHA6Z4%ZwH_xh@`sJ@e%?(5ZE
z-aYZ)H{HT#zI!mD-IBMfU+?pN`R%v9+xCplqJ#(Q=C(X=Gj`+1Z>K-{*8T0?Z){6e
zT)4E>ShMiWQLM(&=BCDJb&D@kOA4nyo1YYUI)3=#aaEoRj}+WHUNzSankv~`^hjCs
zfbYr<?ouDA*UVRb&75}Xl<t+!uPwSe^vVy~!hmbaAV(RL-oe31B9V4i`YF3u(@M!w
zpH!VLdtl$bS&6yX0XklF0ur+_cpdBDDUn#DGNmH|I|-v4iZ1NXNgAr`uMF7`v_ZKv
zKrEb?lWtSCub@%33KgLa01mIu9lA+fl`d8e>}5)KqAI7Fq!=fTN`FeXly+8j+5#O8
zY@=)~XpRRF<n^UbkTN8+PoS-OVEot@6*2bCudXb(yJWI*+uhWU9^G>8@X6?6$LRxR
zzBTp@pNiY<S37Gmf6XvYTBtNWOsnXc+oDxg)I0BowQT75;j25^R<AHmUdz09#x-VV
zZQxt7X+0PGese*GiQ28nzNP}ztZr*Fj~yHEtiH2sh5Gij%M*uom><2Yr;p=|w?d!o
z(rWXVHu}YTl*Q7`81bAq;@!{w5?b@;XZ<pzm!4hMu5IiS9RIJ6Az=(F14EmP;h-?<
z7@qZSjo}a|5^pkk{nHqZOPigUoI~R{<R8cJro<Lunth*ieOnX#iMwTEeS%Be3p>_b
zd9Sy8#F0$P(m`?K<=$tcLwo)4&f2w?KTRlTG4;51>AY|2B1U$3@y?-M5mj$oO5MFe
zHTq6z=>C>Ry8e_jsopy%Yt+Pz@0V?{`?6=p(<5(OOT5_H5HxkijF+cuea%1Cz4e{7
zR}#V_$8<Q`YC?<EQNO?Y{{57}QQNa~zF+<Q%+ntG59^cGv^m(V@P_exmp5xawp*}q
z{tHu+tM9bd9Z)arc~z!ezIyrdeO{lh>6H4#R^9w7?o)%f30&~O%ZWA7uMIqM<aTh2
z^Y=El`-S`T@~(+o_}9|67j)U__kO^!>?5C!(s!5r*5cqhqhFTY@bJ&sc3K$6#gd7T
zRGiY4l%F4Vc1lL+L#b{wH2%eqaVk{iT89$`_-tjevZpnT0p3v@qq^Ka{1~5~i#4!d
zq4|M6pb^(@X|Kn)326xdPoVbI<>vNDOz1N^C?FAAAcKgxPSSqLU}fNjz8m`3mL`Mn
zFG|A{JnbkCvN3MMkEU&QAK}&UqV}t?iLHmu=zqZNJ7p(gqpQ?c=~MXk*01R-i%CSn
z<cIHmz9*xtUpY%TAb)eoGfr8)JHPIBb;IXt?6)l))$NT}RQBz!ow-$TvU95AS9^kX
zXMFZc@9v4g-$W;6xP4bW+x>yVmVW6A4L(OrJFo9FT~i#LD?k0B?&_XtUmqOMDI)*7
z{EtriOBI{9-5YthtjF{2h38uSer?*k%+WL4BZsRq-FDm#edWV}Upde9_`Q9>?!xD`
zr~UHB`aP~bz3wfU>OA<>sW*L2cot<a0ikYNd#vnzW9KhZ-jRIZy}ozf=yq4Sd{X^q
z{+cn>OFt|wn_fS7_n3_Z!My^W+kaKz>^ax`Y@4ZPjc+O^_BKQh-G6q;@y~{INllD<
z<zSj_`;iWVmaML;KG6P>G*4OV&>yC%qiCjFhTXfBn!2}}<L%h_pFMYA>XT+Fx2c&B
z{Sp^XS54aNG;%8x(V2->L*2sDWB&a40ZGV$mgq>w0)v!F^b(wn9*rf~wArZ&b#87R
zHtQ0T;VUG;8GzXkybl<6vRxs{P#fD7*iRXz3?pJn<rHPnG8?YqA_JiSRENw{J|O|y
zR|$%!EL{4+zF1%@r3d9Wc{<1Gu#cLWm7WnulOSL&p6x~@XCx;mVxG;LGcO@0FHbiQ
zJE!Tyg?gA3%l=<t{iB65RlYiR`SJO0?tLxCv$HF=Z|&B@&Iz+Tq;t=OP4xS8%iRts
ztLNpn)IK{X>Xk1G-q=*o_15#jLyGo?{T@=+a_sMQ;X&Q2+7FoTcPd4BD?Me<AA_Fl
zV(vJv%e_mtwhU~!V{U(D&dH$}v(}zF68BMBfjw89@r-iym+wo)+?u&4;o8j=n!vTQ
z<G1&3Q}(&CpX=q@<2Mah)A^;=k~U*JC-gslFn(9rfQ_^4`#(ClZ_M8GQ!j7TEe`xZ
zeQuj&WlSsm-ktq6xV@SDeoDs9p+6j*|1xL4q}L`7{iXPluMdAPa#?uX{0n`&l#}ub
zC(qnFe0ACW_twcB?sB77->DvQ`Va1_jTPzNI=6FPWVLV~KvM5E8Luy~_GWL{oc%i|
zbv?Bv;NH>X^GPdg#(R71tlJg32^p<-@BetnshF*HTheYebr)d!$VYy{r?6M15wMeV
zmNH%$u%Y*co=g27dn&<AbhB@2LZ8H3coczw3A~T;7yOWajX#X4Qb@z0n*$u3<Cn6M
zrGKQ`OO!of;zYO0PU6#^>d%Fr_2k&-8xb3)ELv(sg#lln%vbtZ(=gz^BI~^MwjEZ=
z*hVb7r5bAk6KK@sHs#qm>S)k4jyW1~;)sh-_X$Mfbx%w`e`7fVJ+BQ&sz_P4?2G%g
z8{b;B_xsszT>I>v>Y>Mr%SZPAarJ`93%}W4mZn)fs=UZhvMoKV)q$<wjO)NE3#0D+
zkaqJN<5TW9Fg>c|Yzph>*7?eNBQ2de?J53p?5R;Yd#9`K?ybo^U8-?i?_BqB>w{;8
zL>_kNFfMx4#|OuD{3OJDa)-Om)=9@(Tt8%J7qohTaYjzTn46`+UmR;4|LgUGmHJ=z
z=iF!rieECldQ-N;qKxr_ez@$Vd-#6->nSZR>b{)6V$j;7S?6~j+A}yd>RQ{XgKW-@
zGkxDr^jKdNs2zOvm07!9e(+iO<avH>@oP_>E_eCkJFoV`2H%lQkNswN)jH{0voFu_
zkD3_<%NY&_ud84=U0^tN^NZYPp0t@uY^)QON1n=-WN&1iE)x@SQ(<0oSc7@+$_&Hg
zG&VUYBMYXgqq04rxp;cVq$TEL<z}Vmnk=JwD4(HxdryUJK1?Szvm4iTim_Q)I^KQ;
zDnkPM1%`$63l66Bo0#lJNo9Id2LFAd-b>j-;H8UIy%bLv^~ec4E3}&Yr`6oiQ{U!(
z_uJ>6eA}l_&|BBPEgE|Kbhqd|b9+`_ToW>TlS}&@Gt=HueRz29&Xu+6w!EXBJn+KR
zHD3(6q6^(J;#5qx;s+z%jB6Eo=jZ5*xz8_7-1F{RGpo0hG>o1#=F^5FKU@i2earD%
z+4HW4{ng`tJ2}PRy?Cy%-)Av7&VxT47#cfueqg(bUB~<)UwM0b2IDnFy7yyG^B9+P
zYIT=U$qCDf)Uj_BOf!7lX2isc0pCq;AJ=>Fy3=hPeYT|L)`mzur)`{jVamesS7s#L
z7_dw^LHcdW-8~9h-75$y+ho^r;WH_F%l78~bi!q8=({dShdxW0{$feh#%>*#O>Z09
zLec7!`jgBSV?y_hJSnc`PAZFPcuj#taZzIB<tT-5VU#T(=?-#!fwWX9rv&dKIw<Yo
z9NJjS4~JBz**AO^CHZ_^_qH;-yNOA?s+(BcS--h-p1LF=v*lOL<6`IhdVcNPd#@|U
z6Twc>QA(|H#0GZ5@W;jkZd`^{5ospxn>{D3FPyu+**RHBd5OB*zKwcF=7iTm(mvjj
zK50I%gj6iAn*3wd`Z;~7Mhwa85UEwiwm(>S`|^&}oMTVVp>aO1PY8RqJaJFHU%{`7
z_U(__=(6_E{gVebrM%&IWBd66XZJq_UEOZyn*G7hc0c4V{@gs$A-?<N+=S;l|F|PH
zvF@c-?`Cai_2cC?&VTjHpk3cgczEvfBKh2d!xp|}xO)2H!525Zd+&voi;UX?du*Ma
zlC6I2_q^j5ceM@cSzGE5%WZ%D#NiiC&VBQ>Eo-tSxjxEN9F_%sRQlTDqKD@PpP1@f
zn(ngnhc3?T-qeMRUgCe?#S!mz*t2fObmuMe=Pkbb_KN8x_kI0Np38WvdgJ;-9(je9
z*Mk1|?rg-s;s<9|-pJ|s>a4vpe|)iR*tEWDGT6P6nZbQOx!NZ;#2_8!(w-}LxcO1*
zyN@=u^|)TQv+70jG*^e0!ut*JEsMF5{+XYlqUPYGH=YX{=(pkG^>aUuX#3Lrx3U&=
z+Og`LUE3vL&tFK`n{;o;#8CSW&MY|p(W+nHzZ&-P#XW;w`thxkKF1c#>8V|{<~!}U
zKRTXP{BS09{jy1>g!oU*?#C~-S@eb}|DgN!&UsEN-^r|7{%p@V>u-IZeBeNzK^a%2
zS7%4|5Bfk_bYLr!nV@~~$h6N_tazhuRgmuB!IsJPPN(ngonbfetEHc}^$+==EPChJ
zH?I{>$V%Pjb#wB#KP|WK+`YXzyGwl0t!`Z_-#8_Y-q~;4r0RjymwncFD2p8r!GvxT
z9Z$Q%=e{i;k?K03VzYGd;+UCF8qxo=Hi|sXKxI&1py*=4V)jQ8yIz9F`G3U?{wKqE
z<YCwE);x2#&}&O!&`j0limdF)Z~M=kJ1}p{wzjL+7-nqmI``zL*^AUex7`}K_qk7B
ztJ)g6GOh1GKhyllt&XKgBM!NBFE*&!{M7sQ_uB6lI<(zqDRUm(eZbv;TOM^uFFQV>
zUBXZAd(6l>aIWCh$-eR5-s$m?ea|gt?&;f%PIJihcmA!5#|vFHtZLI%8~D?OUYAND
zJ{Xi}S$9Qo-nrMfs@s1&tN-3(bE~<(e(~jvRtqlHO_*}#wq$B*^3<xKlg0+W(=TCE
zmy<;&`fqM^((#M4?P7cv?_a&Y)mc^dORw}V-Q~S4>V=XyPM;jOxa;d~OiKfkTGeCF
z?IC^c#J>Awd!=Lkpf^3b&VF8WF72^=wvTJ-97>k{y>nPBsV0M`kQPfm#>9k88_7;b
znbmVcYKwB9)w6=@X5Hlai|3Y`o8BieJGW0xa&}g3nl3A+0H_%#pVU~|4yg$pizQ=m
zXhlbK3LLfMVi#F~9pw~!bvO!214MztAmQg@(g3F)ml2M~=+7GI_$rq_2+{F>MoY(c
z3gjo^zhwUKjgCtwZcCL?^s_Xx@mgt9EwMPFqi-BfL-@m9;)3wU;+qaG=}2id(y^$8
zerSRCRs%vue#!h1BOQq;Z~#Z#C*rF>xisXY@o<VKVBee$*a$-9iAVY)VxmZOQ61E_
z9JGMGLVF2=cp)6ZQ1FLy3O=18!iBa5{Ou0q6079lN9QW%KBXTWZ7rp=TRQmP_M;;w
z(2U3LaO#vrD}}kVXqmF8M5)>^WW%7P1Fa-;(w|s+SRJP(ez^_3^uJPgVm0#56lj}Y
z*c<-a)t2q{$=`YpPtM}lK8ZFjjQ{lgyT=#qI`Z+zr0YIuH<v!@arx_YrHfQ4-GlpT
z#&6rU%G590CFIi!?~e;uk<5ItAV@JJz5Bj(?}UAL;KgIxOuyb4o^o`Tu~oyamtM2z
zCKZRgoEN)Yv(mWw%py)6xc1o93oVuFbUsJFofA24^BT$NU}gb(KWk~=@d>?xyIgFL
z?9rTAzWYSk`EPt~eSiPvkQ>gGuN6c@EEzw|;k_3;j`nt&Q~CPs{BO_C|6<=)udG}0
zv37N@*A8we`|#Qa)!Oqfy=s5-{h94F^56m9w@zC6PPpK+W$O6ZuWdSUB_!Q7cf?1}
zZP~NS)Xy$I`v+#h$=^qg?$ZAguae^{pT8y_l(+mui?Z(ni=|3zpY*nqNU#l|{J$|T
z*m?YA)8_Fh*M@BDcsxGmat)-t#5RqGP0sd#t~S|HtT`Sdw+M8{D)4dITiNw-L1`e4
z7<6vilzn^Nt-E`>`cw{A93GUvdaLckjguN!Rwn5?r-Q@Sm25e6oeNCydGk1P_7$b$
z9<S@Yu75JC8`C~{+@F199p024x^z_|Y1#hbn|;62pO0Cgd~;a`$4Ab))};FffAanA
zwQf`9w{e*IOT^E&uH8zWGqJW$uhf8becvlrJnXe}e<z<aew#m)Ec+s$C?NCL!V{a<
zD!*Gb$!D7+eaMd+>&j!d++3JHIpKxekh;&`$XW2HcEe4Fhi_f1zY;b)Wm(YJ*IlpO
zy|u{a_V;hSx4_W$UV!w6oNa5KA9ZP1?;k3@eEvoEeRl(X9JFR%?rXhN-CKV4c743-
zfV!P`HOnh+4&4{{bII4YeQJ{j#@(vc%wIm&P7(Xe_|H5-D({cjx-9?0BMG}(Z!ETJ
zp)9s@dMrK1z+y=QCWK!|Z*u;(H~;NC{&M<Yqao9kzK<ER4{XtxaFReBtOu#i4uNtw
zMg5cmf<gm>`}J31-T0(B9I02_=yU&*XLl|LcrWbssGav*25tNsb%^rqHy|u}MXRbl
z>!Ua2w|L{F*Kf@2v);|)eBX1u4lHhE9PyI=_MFhei!^Otp7TN1f{@;wI=ph@!m~f+
z&kwHF#SZFwbALeJ*P_?IQ#t*EHYbB)vi@9~(Z}P}dzrZ&*CKSc7Jn4A`u8t44;|We
z#jtBXJeoXiQ*LJN7ti)jjFC^>|4g@lsZo9HR}9%8mA<$6r-sSJ8_i#B{Ve12gRg${
zb+W;<zHfQYKT@ja6%GC-=gpjelk4kWdL>C-yW;-zxLs+rp07QB?Y%2kdw(^-A#+vr
z&4`{W#?0xMTJ)92YOgd!`rX%0UVUd%MqJ-7e+wKx@!;TjEr(BexpMVKp0zzcx!ZHZ
T(OKV3>~QG7tap>dqwxO^Xt}Qi

diff --git a/AutoTunnel/x64/WinDivert.dll b/AutoTunnel/x64/WinDivert.dll
index c53d919bb79df5f36ebfdc56f15081d7fb25ebd8..7d6215e19b327a7f759c561eac667632c4dc446f 100644
GIT binary patch
literal 23552
zcmeHvdwf*Ywf~vPBupT11_?BHv5Yz*RE&uN5(qU1CgBWBaDWI@&?Y1^5Q)h&nS_9}
z49pC0I!uigAGeqG2C&w)wxw#rLzEdF2~e#8AK>FEP>?wc6l@g}1n2i%`<#=RU`=}a
z``kb7@7Kd;&Dv|Pwbx$zz4kgM6yM*(rEnZ)0L0@Qw;h<C0`}YUj~DC#!*>qgUP^!c
z#_c-$>o=AxuB<b=YikzOmOX4PFRQMu@t7An&9(K_=E`cb_1@X$hifXF+5P+XwWz8c
zg&bG0#>h2q*}6rm?IM?bQ$M}_dTtzYZUX2zu5==>i6p!W>6fLEPj=IjN<#Fs1CTjx
zqK>tT<II$+mQ6}9U5ulsZRR*5so2VKPg93zkDKGh>ofv5%yCUg<Ug9c0=+2uwNJLk
z+2{c`JQhDD0JU9f9Fp{yIY()BZAF=<3`8ctq2dX^NlyV+T9EBl<e2SlFsW@bl7x^f
z;BpGG8x^?{YNHoGa-=uuVR8%W>L`m$`??PBa*lAeQ_;uzvKg|}hFO55hv}<S<XB&C
z1(W3FBncr2xo~!^v#O?Ctul;EvhRLC(gV54N#wth|BW7S9X{&{9I^7--t)}OJ(3$n
zDs!gj+oQAU+HHAn)?ctnhYp_&91)}=o<X@sngo7ZhJ*OJ1Gc;)^%sRp5uK->5Skem
z_?AqQuASf39*F`=dm?9nK5yTf8;<RC@x%ShD&an%<i5FcW{bXa<Hg`EOA~Tkg@Ldr
zy(3D0v`TyUbwjcItkMBjB+C24e4sB#zD3B&pUV3`gmk{mGcCV}_iskp9vmtLZAM`y
z&E8<8!5Y*B&h!2=pakzDS>yS&yD(o0`Ih-vVyM6A9xQ?KVgGK|y&FHl5BEZfLvd3f
zzx#y1?~WEqCj==fN`Dol6&7=JW;`AjgVT+Iv>zOnr?8`U6Gu{vN8#74{O+(A>_;Vi
z`^L|I@VgHP3xo$`6H@^5_}#KvT!uK>`q${EUnW!tk{sKWu!rQMkUPj~gC!)tFG(KN
z9RM%3o*&K?<{lA!%Z!}BKe0zPqQb(wW4!MY`lB##gb$oYLdc7vJ8MVr!>wp9zdOz4
z>sZM@`T|&@G_1`f&A#4cm8K8lx21&~I+rvgxe<GXm#J@Gp&x#D0q2X}lb^bD2YU0_
zZ_~Jh#d5<cQ5T7yzz{<}t9}urS@jPhf$F99+F!>4UHr9kHU12R5Azy+D3`(dCP?#-
zM@Y+4VPk|3jMhYNM#7r+UwmK!#FQrS{#i)NqwtfMU)PlX0CqD|-b8|xzl@$_Hu3&J
zRQxPxSGG1ksphr6&<gzw2}O3z8HmZRQd!m^x##6iKr{(2)2RvS&!8|Kpiu_&n_cv9
zM(@>VUg5u}(I`gpTNJu5_k9pgf>8RC^vC1K@+ti7M9TMf@zHg%ow1blCAG_w6sAJY
znQi4;(sRRw{)3)-Fj)j|XO1Wx;Qc<BF(b5KppG&_wsvo4dc#dt>7eh#M?M)+sSTN8
z;D{$hl=Ov?X*+tKoB!Zmtp8UdR_V=<yFKz}L&%=e?)x&mVK5Zz_I3_kY7~4CGd6+<
zIKQ;!9j<lQrDMgR`8q7Y>2X0i1T*R%i#?m@Z|^c)BOj<kqhO~^FZ#lIVJGeJkmLjN
zkq`UiT41F=a>HarqI_{6>?tk|9Q24moi*ez3#%@FbO*;R9Vv#aI+IlzC_-Sg*jA7Q
zog6Sbz}7jk>=I{}MB`qOc|6oSQ4)-~VQg2)`nz_koWj6CQF_BBy=9kLg-~UjUw0UV
zf_{q^C=jl%Z?js=qzB76x*rCM(q1v}zQ++v6Qw<3$WR~z4f}i@MV=+Tj;Zx?u!lm@
zCSAmWlRE9vNv(Wz9SYl|V>T(Wb1L+K8y(!GuYPN87z;E<*=6=pWsOW|Z|pJ5KT$fC
z#C0`&rIzS4NUPe5RPEa^V_>aZj9P>sN45q__863|p}`Q-+m+slZDy-D(f`T&IqRW6
ziPBNKw3lDkh<#fKnnbBx3}wy|Lm5Yd1AUh#@qu)75_O<2tP`cnf&`mCp|+zQ)^`%D
z2@bMJ`>rYaZQfrEV|<rwe1JB5lus%qrJzyJ2W8Qz)Sf`tChh0_&p<Lbs7qDmQQriS
z52TW!uPxt4DbM?9Bcpx&5X`p$-tgspn-5H)%J=A`LBS!RY35a(G~xKQ_d%r?Dj8yu
z24Lav{@WlWwoO*%oiv#`qIGhX%`V+!mmV_81Hfkc_d(y~!uk;~rZD$lEX68?r9Fc0
z6HMj;U2?}2dQM3xzRUUi+E=Ncwto}9JM!^^^>J7h^4f)$i4sG%%ab^+ZlpCdQ&*Vx
z9=~=PDw-0?xL%MBK<;qV7CD|;#J5;evrwq^SVMnn=sWS)Tk82^52gMR<;BQ}RGaPq
z&I4%>SrN=U8k!dIb*3(@#wdG6`OX&jE*to@VQOTk{|n=R$}=Amb%*08c20pE+I|`m
z_1JEteu)m8=9wRysm`r5vY6&p5msKeV@E45_&Rm=Q2)=+wxLHpKjPa{fB{aHlrMjg
zynkDR0}4YkwQZomE$&7Y9IQk?Vg3HVh>n(0Vmmec!C8OL6xofHz-BrVw@b(62U!j$
z?jU_erY|f?GmP>vOqRrYm=UrMz_v4lwxoM(ZB#L5YZIsdVKy6p*)Als3R%;F0vrro
zP{<G@!4MQoK*peu36v2`k!R4l-%f=|lhRM@XxVuWX!&QTdnZm^PToMN$&~sbQavwX
z`Ee2!NcaIt6;Nt6QkakAn3Zndy&2U8H(Hv(aY<H-L&QG!90=<=t7W!bvRg{*A!N5&
zEwj>u9U0(=5F3w8*J7ts4&<LkE|MduEV+4<Z;lWC@JZS(J^g5JObeD+?3iJ`eWmmF
zvi=t4B<(0}G5C_@I4k;wAiY&6?Jt)86zuP)$6a;s$IydCj(v;ww?YQB93#<C70i`9
zmYibg6C6AHt<p(Rs)B7&r-=Q+0hund+Nl6C=TRmlN?Af$U|Gzpjh;uZz}TVe{DYZp
z&AAgERP2op9s)ZioyKMd|Cr`*vWTlm*g*qForQim3mf8tKYN08z!5QU$@7aK7*bm7
zKehRYSz4GIh9`b7KKL03DlPQ<97jm7|6JS<mGbfcHXRG#zfuolvW*DN%y0>jh*2^H
zXPR0Ij2NqebU1cmU&&$EPD2EXxxeu>)8Jqp<VP7PnFXO+A!Fu8iKbPh7D&ank5pv6
zK%6i)X+(kxER8fI#6g|pzpq2m9^AkN*fSXp!?*dCQBpJ<HRKyqe?6^!xbO0<4cGJA
z1cUUp=sQ2s6$u;pZDA3<ntwj}N0eTV^;OUJBe~}bb59l0@1?@rc<#a6FwS`1PyQd<
z(>eZ$F#JwhV3<P(ZBjb_MC8T;qHl#|G3POfLAzyfaUgD&^1AZfYQDQTaLF#^D*2dx
z{fYzU?b2;3eTnE(c4>r4$4UQrQM!ZC#pDbL(shXmAbfW(&ezL>_%-<$4Bu(K0JF{4
zVc>r>8Z;4@vts19-j=tIU!6q*woTBhZO_|-Lr4)jA2R#~y~y#~qUe-SdvMuF7j>`a
zr}6$nXf(g(C-}`D$ouyap1=qGi@HKO(7l`FcQ935O>CmdA5mJ_zs`<?zBDmZInsAo
z-(a<44Bh#o;cPvu<NfPVZNt6!cNK*!zo9LP4+QXQ%{$4j2_aD^owklT$+r}8cHMat
zU)pNN(s09@Od28F4PS;VXXC9gc_u3Mhdo94w|OS#r!i^XFM-=om_N`{l0Tt-lJ9b#
zhVeG(FTS%z(YGJ_zNRc5dr8<uR>+T_WAgLsUxiucS;j-iV9GREHZ{WX$*b^<!=&*W
zxVSnESOEKsh5WWtLf%`v|EJKETtI$N6(7_PMF%)Dgzz~7wup0r@2cSkZ?ly2jxBOp
zU!3=s+WnwU*(A)vxDYv|ht^L?Gdjes`;4i*BqL-N&)3!83k&!)m1sML#U@?QnuevU
z&SW+^VB(1PG9*t$QJZv5744eu@^2I^C`mhkx(ei{kgM#E+WmRexdTe`XwO|xEbX^T
zuhTYDY7b!n&|X#mKIVzlB8nkDTc|`}k5*h(B66s3Bc;e+wzw%}jvBAf?(eab(hl{_
zf=l~#^;x;^W39NP2m5*+5H1y(jKVHVLe7JO0TY6@@><_%y;VBnxlZa3SM4L)w3V{g
ziY2)K7aKTe*pKGxX?OFr>2OytMps<GOqHhSV+WM^ig6i0eE7vm6@u>sFGNo0qq88%
zYI8|NeNkimkBDkSiuYp+=6t6OsK4He4H1<c5ku?Qri4mSmo+3BX{%gp56&~%gQeIe
z9A+_Ckk#t9Y(wD*tDdpE1dIn0Z6hmbm!4r~m?-%z&0yfFB}yCEF~}d-ITATwYz0E2
zX6vIb{6%Sr`~}7ejZyAjbohB8gRP7A(<$gXZG@S8;B82uOFcK^x^$oE(jJp%sP80}
z<Yma@9&|~fNeHd5=-7PVTM9C8QZBHEl#N!{&KxJ{6T4JmF=MaAerOF1TP;FpaiR2X
z^y5zD{HB_5oFFEHT)T7_mQFFDN1~~Uv8LEh$iQ_FgHg;zx;^?%oA|&O)xZI&fo48H
zJw)AW4=Fvw>JzpPL^ixKTA*g!!Hk8{;b?_w0jbVCf*iZ_E+P$Ss2tWr1Lxs)U<Jfo
z=ojlA%z!jG1LQx}(hQ}g(RfFqnbbyhcA}Zl5m5hmJG7eQ7Bs_q5-}=QTLF4aeipRS
z2Bj~rZ38-#CQEdSs+$_nP4}U5s_ry)4QHz|;s2qt3QW%#J#&4>KUcz1!j3Gc5Y{2v
z<jG-toA1Qu0=fAoFFa>1T<0)((gkm+=_BM{kgvz;OXz#fTz?Aji~8u_6n}$m>pO-*
zVeI#;W)?{!2f!x%k@v5pn)p{!5Jb4ds>NPhjhjTf;O$7~*FFk1QN^L@y4dxs{M1mU
z*XE1pib5rh_QJgOrS}v{?NFgBMl>$uK*7uD4etr7I^rn1^d{dIDV|)LZ?7&tyM8e4
zDoDL~+$S5;Td7)qxc>1Sb0HWXoP+a&xkDpyUl-CZf_0kW37J+&uQ^l1!t9Lwie<#k
zQ+z4O+khh~u(%WM+<eQx#FmD=O++QkVPo!GmkZ~;Jc0NB5IYl`2mFhJCVy}=&P>P`
zV!7ewGZPmI0k^I5h<1jiwM!91JJK6$f^-;r%|`;FA1wSa9u5Yg1bbsMQI7YsTbJ+4
zKD?h+f!fMxI6zq|OSR1oe&M<jLk{8?I$LO-PJ};zA$RCJH1lJRHtjH=G|XzXX5?@l
zga1hVOCmPxoZKTeDH@%DWl2^}z(O7^bztLiNhQ_-??jIGH(+@PzE)fcr(^5<(&)K`
zZ<(!QExs8n8v;SM0ke`9Ax9-0v3=f0bU4=S;J~@@JV2*Ifi+a5gIg7vsSnNQfGPxa
zGj;eGrniP3>=gOQe-eBh@X+jbM<GA?n6FhIIcX9Qnn`~za>A5;$SS?dnCXWEDbs+q
z0y<3fFK7ds+#3k+z-4(2s}4P{N3V;%h+bYmG{p<azudlVBogYu7VV3htvG65?s?lQ
z+z9pF6T&8njuS(Q?}=Ub7>XcZY{wRS97(&h-V$Y5IQQr%^I)Aw=jc3h5XsKCc~<GT
z7+gUDh5~zNOq(rKWVE#v88IZdoE4b}QxP$-{-k!kB_qY#X>O<w37_Tb8a&?434%1o
zU=1zDZv6%>{VSJvJ4f*T4M_5jJ`WX$T=|D$5_&st<O5$IVU;?(`6-il|0Xm-@a@wH
zZE1xNv?Bbm>dFrw!3Rn)LgG%c09OgR6w7;nn{51+*Xsg^HYhQ$CT}OgAWKnV<#KOl
zKJR}GwR$@dRrzspJ+4GObWcpKrvp77d$Q|%@^+5o{r58^qxb-e$13)Ho0aQO?SlqB
z@Cu5`^I)g9^B&%>XN6Yq0cxsM>h$LKTfzG`!g}Sx3KP(b18@dtcoXXbZZn!cow&hC
zpRB`XaTH^<{UU-Wq7=cs4q2kqnsn=h7qWx4X^a_0vW?C@tbJwJgdH3z!j52Oxh#^@
zNXh7A?9=Q-+lcW+=|+lU_;$TT6KOi{{}T+Qn&D`$YL}u~oC}ab@N2_9Kco~B*inn&
zxC;$;HFXW;U8!9|IR(`vckvT&GvypM!x7Lrux`D@%OpAk-*N0OQS2`rL;1D4sfy4K
z;G0Y{)9Zo7HmM_)Dj{suMsuzZlVj8o=>W>0NdC|UQ%Gpf@7s{>?abx_26Va*nyM4l
z8Ex2Wta%6O_Y0x9CzAWVU0w+zl%W~H2b>^6llAKSD}qVt;Not{2ae;|kspEON(-@%
zCQVk6*`JuKFOu*K2sf$PY-$6Q+016kqa^b!$fzQSDxsIUO{gjo=>w6(dh6=nOBf%u
zq;O5`W2sm>esG_)O6^uSL8YyJgBM~%`=UDUE=HjdTQN)dSFwG7x0}{N?s<eT7GaU+
zv;7Bd(;Z?c_3bgJ?eG`H<!{;|Ck-~;p5kC%It8UYw?VT07C!=dtElvmm;sUWW%LFN
ze8WI1euhX9>!`5jOd!0>A%vFb@-BS;IqwR~BCP65C}YR8f}dPsnMbk7B~iK|@%|t!
z6q<0}@sRsIC=ed342sXPh9f8zyITl75|8~h(LcUjZ0pkr!O6z@>p~7h4|V*S&oCPl
z|5+)S*0pRq*jS_>MkfCZKTU}VK%wR23GmTn$Sj9ULZsjtkzFJ*7a|FJ62jEEn7XJ>
zeiR~zFj^M*qB;5SJH}zHFh2_yfqec|y-&{3oRXy$Yser`cTNsj3)=Gz@T=*pkRlM%
zWEwv3heZr>BjQdTKJYyFT0bEGM=fT)BYFH@7y*|8aafB7&Mx)nj@8H$w$tc|P=KWt
zi8lNhZ3u)ZwB_N~Eue*nj-`VH2dxR68ERTd%bj)Z@2O;PBRgO4>g||4_zV*jLbGug
z-+t(3s`4PkNpE-uX}mB+u=8>3Hq&rUT1OqU2mP;kp~Du+EP*c|W)%lV76%<hpL`Eq
zv+!#TG(}quiskkYC+g(*2^>+SzPQdaFf{i|@2*TLi<vwQ>qML7g71P(z6BZR?b|T>
zl~s>kW(S9aVIqU6J+4WsV7#9hzmxiabw_Ioq9{{zZBwp84%aqifP(reh;6WN*7YuF
zx}l9l9^*%`PvTNV8+5UcoF4gR)MCY!gw3okzveCsIc-e-Zy}+aW9U_8&ShK$y3U)#
ze6fO^JpaB6hg-gkpM=QdYee!%<S2d;^AGnoFQg{OFTkAE$vT7J{eBjL<iDe$d`oeb
zSe_9S>4h(tDKYxh$KJ=UF7`Hlx!4={O^qRzRf2mm*5|K3rHG$$oNKd;X4tQ=-?ZxU
zgkWE3TAC1?W{{@!1u{z01^{J9)2@R9C0=h0J;r8^fT`1vF5p$ss6SbyPh8S8J@JQG
zL#tGN$2EKd?!$=K|B?6Y#K5vJZma(8*pFKE<6=^)etgW|s!x|!U|P27b7c?1cga-@
z-zHZue22V%;Sq8P!y{#K{95(dvX$Z6<$Q+6$YU7(mOPr_9NEI~t@1F2@02qc9>o?`
ztA4a>V6;)bg2mUW|AtKOuUqxQ<Z}#PFP~y~sQdxL|0ci1aF$GqxmACIOz*E-^=a}h
zhOd)fVmL#l#oVeNEI-5WAbBIhCKk_b)%TazGkSpRXSkodg5iO(hv6Y|6~nw-!SF=p
zShngX$R&(6uy>=a`r)#b(PlZH;Tz>K4EK>oGn^?~7*3UkF?^Gp$?(l`2E!KF!0;{d
z6<US*zVfFGe^WlkaEg42VZHnT!#epbhR4dU0VgjW6K1QjTCwAE@`smbsXk~-7CFBX
zBGNH=5AhJlZfwIY1z}Ep0V|0D!*7y=HenC_m4&Ep5rRcVAvgzb4vGMCkS@vqjTZ_<
zfH@g*HcaWZUuX;TJE%yDS9IMc@s`t0SIRF?v2wAFIzEL#flIvqDDtosh!NTB>%{Ae
z1N_=3WrYTxFawom{7}>#il3zW9P<7!oE=VnNKmmM6fM$ADG2;woo%3yIb8&`?;k>g
ze+2p1(FDDo=(Ys?6w%uf^e>72MS_kH{ZxWJN%YzT{RwEcepLHXU^81kjE3hK`HLC5
z9a}<8>P4^Y2kJ$SOhuby(vgFq?G_(LOs*ftAzY2lvr2CWtaZCAITU<HS}=zBz!ID;
zxUTd5g_J-bB@Ct=M;FCnDKv8y<0(d>X7XLxt41w)M?z0CVeNg&CwSe7$x(nzbS&;I
zB)T00qKEd-*fD0(eESVIQbl7Qg2^Pr0)Si95(oe)FLsE77@!jABElTi!BfH6#bRM1
zLj0_594pNzOCkT~NJnrz3xU~zsbaL<injvP7JQMi4<|8Rg+39cgLg5MmQXPNePkd#
zkJ7|MdI1R@RMMrCucj+d{W|D^2%^r`ypFm%#HYnjz8BEQw>-Zh3})#2pA~rH*-OVF
z<Q^Bx^IsKppU2Or<E@V0rWI`b5SYXOb-Rlcc&|=e`mU`!|F?E3hA>zlUVm1p!_dfY
z^IP|!4mw78e;g;QYtm}?Yv04rBXaTECY;q3vDXvl5uM$!SGv&)V!!D|&x`%E8(k6$
zp_Cgp0FSFlYaGHBkEHEJE%9J+M&Mxmt-)d=kU3av02&&ECp58`dxZoF_@~;a>HOrY
zRDLu%XY^uGciy{ebOffu!}uJV7kZ14w(_dqP&hw+n)$z<AB|iX9*Fb)zR;B1>OCkb
z(;JEaDtLlb5IgE>B5H#|9i;U_^nWV!4vqeqLjMv6-m)}Tqz#dTIJHh54t11iNY12+
z(f$QY;wmhqE@i|;g(zhNeP094JVwyF4iF`bI0(WjRY3o4r0As-Ex6#y495L+w>%@u
zW6|`M<!Owd_oe){<=t#*puCocbja7^#ZKh3Dg8p^yit;+tC2HVk<-Rir*V7a(qB)%
zidTysxroVsi*H%3qxV4J3x>#P1C5Ew9|67)Y&7w2uqwZykQpjzB$D6O*f+Ub{)XKe
z4oqV@D{)$-6#I`dYFlHPbQNzDVGiGN6&7KEtM#>L0<Oq~RNomL)3GTjGfm4}uV!{@
z{!%p)FRK!Rw~%GFG%CtU6l%Qh49}EXL2F&lx2!aMepIW0u7JrLE&n>?cb#mh*9f5t
z^_rl3MVU3-ta(ex%uBW~jJ)KU3feDdI)2VrxMTC%R$iA}W_=RFl+370Vhl)T+~37$
zS=nFHUznVkRPXKG@{<~sc?}~))AR-T&zReb(Tn|QCTWb5*D$)q^<WYsgG$iEV}tTL
zjT2mHROi~pM3zC#lC&)JO}9RFCm8o6_rN^l3&G`Dc^i?mQj%rHuuQB6X2=MIn!t#m
ztoS2Z@xDs&N4gdN4Bk9u|07EAGYU146@L#zaCsJt?+h*<#@f&rTyAEG6~W~erB&jR
zjv?4XC#Lz{h)*oe;8*_{#TusX#-Yo}N0|!h5~xsCAyg=<6Dl$l6|tAGp8K#mT_~X3
zua)<!FTxSS7Th?o*vPM@>(<g|L9UosY~WWfC-N!zejxRG3N!8kp1b+gO{g1hQ9V}Q
z<&^q{VE=U`9LGK;j1L~#fU^`I8q8uhtS$98^5{D*^ZdP{)PEl25EnzHuOlv{&IIXM
zp8TP}BVbW!C)3706&TIR97<B8*v}+1-LNm%U(Y0;R#l`k18xEp>>r)oW#9Lb6y?63
zRQ?+O=U9I@F`q|pMZ?#ANAa}=zSl&T+bN8df*^4UE{LG%UcL54B<OQkA@nrorMqA_
z3ZEFS8ru87U0SOLn*zS=dc{B5h~9%+7Cj_mfoT2_3+uDjKI90ILq>bbNT@3SHj|G{
zG1V}>QMxmW+?7e}8;YYa1->;t51UO!;QR~hg%~~$!1u<;S@i{3<QYq$1kwv0#Tap)
zh7M9p2|;>yXRhTsI8}1A@V}H>;~$W}#BU*6hbSYoa}<eaO30r#qW~P5kx>&0;mbfN
ziuXICkQpERD|}-wwuPw~v2U>RS@mB|Bp3*&QZILNViNvD&lc}M+qj*#t423{z>H?!
zA+YLiOVkp3TA43B>cbZ{JIAWZrl`syILu<d7lXHdS&LcwwlAvpb?BD<QVgcv0PXY*
z7GhrUc6!GvY`=%&F|#*764RI7vwC44@4pH&?V;zHYuu)IfS3dv-pew_a(i6IV`>au
zJ%mP73Hrnb&r!7Sfj3Z^-*y9W;Ri#m5h)j57-z(WG}%^NNd@0yv*A+jn(WJ8$koT}
z(ph0UMO4LL|Coaon+?h^G<ae4kS%1rk8}CPFYqi8(HhZrR#$(~g>X?ACN1#H-mwW-
zMDPx+vIlSf#rLS$`1DgXOaSq&%8tKHKK)P7Lo8!QHA=?YMc;wAOdbMCSE6(b*N3Pr
zWY5%zt2$F))zXc^PQq-S+eRI6`6fLxm?{ko{wZ*MW-JGTrQEM<d58Gbm6$&+X_$yt
zEpTCmO|yp#>C^!y8FxCk^cIozqH3jUvXqG~PrU>BXtI_<Jxk2f66h8sN7NDpl(0*C
z?DTaNO>mgVRtc>-S|mir2S4jZIeZ^GG5+?XTmyzCkOhY7*i)p1z6V9j7NbwDzI+3E
z0(}-y`%G>Fjais`1Xm9le)eG~!cf)Fi#_jQ$nMuV8$Ea{vZ>EywY<6tQIIx)+cT9$
z{N0@*eiU1RT{;mTe7S~Nb^>}t-&Jf5@8OJ+PvXc%8_Z}!{Qyj4Wyo1X#;#tR*xw<b
zpxT!B;7y96_~7T11Pok*6ck(0^VD9Z2H#!B+vWXmg5qyOq#Ppn9CrsfMZR+)iMXw_
zWl$8<jLz736I*rY^XMOsk<dPIud-fA-j2|Kn?Ceu#6^mNe_qs6KbB62$q6;Z(qUSQ
z<LR}1j;1qu<*2Hz`~9g57GW=>dPoCar=bdH(8|#_6I2UH$m3y>HXoHg^>C0O(i@`m
zrd4Y7OfSY4q4*;Ue34+ch|z<`X+0?SOgoNI5lXR5qOtg%VCOBYrJZDIPV_^?ItMmC
zwY}>87{O9v_Ayq{_u<-WMWr9L%j@&(@(QDD(rft36RXrF2A^ja+4>n2p0ME}u6#;7
znvBC6*}3c+LYnG1HtAhB1uzd=IklfG#F$4T?<ifT?aT;i6lgDsZ`AA)ySU1DL0OUx
zyQElwzb$!=dQ*DI(yaEXR!)8o)g<<NF@8(^!^!a#j6b;>i)!bPt8txn|AmY?ezuTT
z$HCG`_|+}_s2D3vJDu?H%^svjqDr>-&6L=ghxSD))W+?#g$gc;lP=zaPrCNSHZ_4f
zCr%oTt4G5hVvpngsnoypHaiB)+@)EN+DWky`mi8(ew$Pd)KscAUajh~v8n5s=@2Jz
zCYTelTe510imPNs`O-P@c9vq?rDw!Z5fPd5zO%QhC`-g|X@%ORruZ!_Dt=bQPpWv0
ziW^kyQt=!W7pZuhibtq;h>Fuxd})bN&&LdF^B?uA`7J7bR>e=Mc#Vo1RP187t30*@
zdT1o*QK$s1<o@%&ckYeHn*jv?hYDYpM=~0(6lphr^0a&^->lM<CfSP-ycYl_n&b#m
zp2pYo5s!dqcTzf;PicZ=SuLH6Z`^|yU8*d}pF@4m1J(o1hvV@o;L(uTbpWwkz}&WY
zydC%|;2eCij{(O4?*U!`{1x!lNAdV;fPH{nfK2QQ82|&|3g}M(=K!Yw9{@H2HUQQG
z{D2hz51<NA0aySi0oVanKt5m$U^Ku27zW4$WB?3+D<7f`z&XGvzz2Z00Ivb|0d@gi
z0z40R2CxyZ0k9t62do4v2h;;n0b^iyIWPh3aTdTZz)Ps>dB8J(88v2SZEa00cW=GN
zT;no7?0mSUb{SVxS><uonw^dAT4!BdWlgo&Q&VHEa5~*z!>X#OUZl;?uNE$^srHmr
zR@a%!%nQpZplgW}o8><yXLi-pnybo|Icxt;0e4w#ol|Xr#;#fTkh2_rlU(m|p$Yh7
zWiq{PaZRm<vsI&2)n!%Yvbs8Ft%us>Dyyt=R&e)KFR89sTCJ(#XpCt5ssJkh>j4`9
z)Ni{0uK~87`0v5Ulkxc1K^Az)U<92E9jNP{g(%8i3lE)&$7cb?0}i9ER{$>po(23n
zU_D?ZpcXI^GS>rA0T=%qkG~IS1^gWF6hH!a08YRhz&Jn};IAlq8jyYl_~UqdGvEop
zT0kwJ954qU0`3A>02zS4oyOV(ybgE~@Dso)z+%9?fV%-V0nz~%Vbf7SE!y}T@Q(ox
zpiU7$dAmR_1&l`en}9Dd|Lwr}fGbGToLzu_*?_rRC0ET^@!P;TxmwP{<syF!B)*=b
zl>aJ!9Li;Lb=)$*Kl{*E0{=G;`Q|-6bl>XfAs@e|2TpR2Pil``j$`kjdyqkhpvQ+i
zjh>$Lo|xdVSK&R#^y`5~tc+gxxWV`M4Cs-ITU0N6xJ*4h^v!Nh&viX9!5h>IANQ;t
zAG*Kx^x(?g<MWLkxg3XJPmd3MLfg}GeNRmA{;e1OuwM8#^uotSkUc(dxO;reJ#snj
z#$Nb0^}@fo7rvzz{w=-mNA$wKwHH3S!}K6Css|pizSRr=wqE$7d*R>S3qQLT{vEyW
zb9&+D_QJoj7yezn@abgi=^5J-6TES~@bB)0KfV`!UN8I!z3?aY!p~RvWz`j&tE{Td
z$yJs=>}EgNlWQuLDXA%oo#jjFaDgXg_7wczI7+HynOjLUjAI!M;}V6C?pBOwtsv4$
zQJ1Zvk*j>zT~p_Q|6W<Wu%;e{RKfsM(^aWE+ge09);f<+Q2{x3c2RBFqI+E~N{SV=
zc4ze>&tf8MR609B7qfzn+8R$yc}*4ZX4jT$N=ojXO*thcb|7j3ev&EyQB+m4)LypG
zNhLvwHEw(5!<8O|>Z%2t8TfB;V2Hv<Q~^#&ZJEneSw5u-{yJAxQ{!G(R=$M8|2V{<
z#WnRFrO9>m3vH}3JmvT+z;buC03j96K*v+Et3!xDUpVMGK<T2&YK9X%LAj2yWmPq0
z6{?jirw)I42+piJrQB@i_cYxwxl7&bWs17{Y8NqaV21~;BudV$tgfh8%6V$*om_o|
zn;>Bp5t><)R%@nYcUve&t5BVPr4K0oUs91uSE#hMz8+F(Z93PewB{c!Q)$f~T&vQW
z|M!?mYyRGUsI=zaZB}W`pZl#!YyR7-Dy{izhg4eg&)!jKZM}Y=(%Skut<u_la9*V~
z|LvkmYyR35mDc<-{ew#XX#QA#mDc>PES1*$ty@%D^RI4GY0aM+tJ0ePG*P8Be`%^p
zYyQzJmDc>B@2Irq|CFk<=I=OFTJvveRa*0BR;je+zdWkan!oZNDy{h^&#AQLkNiQU
zHUFbcrM3O8U8M`v3G<dpPgUuoDy{9m$5mR}Pi2+X{Fn18ZC1;FrqW&h$#<3U(fpDA
zDy{h+LseSyH*QpE&A+%qr8R#-P-)G7u&K1>FU(YF%|BS6(waZ8Sf#b|->uTxdEcng
z+WGENY3)4!kxFal-;Y&VJI|j|Y3=-eMy0j$daFun=kv=dt)0iOtF(6hPMtDkf_dcB
z8TXAckIlX-JJ)<?PVTszJ99OC6hmD^liAC0Zs4Pss0O5u1OEY&Gz;l4@L)_(Gty?@
zTue?2(gnc%G10~#Z2}GgM5LR5cVWUgkPZV6#bm2M+6??_4E$oGw*m_o#1%+8fL{hQ
zAsq%@kHOr4bQAC+7`SGny}(8^`X!`Izy)aVYe*A*0F(0=()54CP0HuEi<A%CEO1;0
z(u5BIOsnwU!vW8mjCLVi3j8*}jP!BfmMI)J8tE`_8=wH`cHkLSeASJ#1NcdR9qIp9
z9vvE@%jm;pEHviyDNS>yIt*cbJM!@7J^CD7DdYD|<ND4@%SkOYxKkYZ@ZXik|EQAs
zf-Xllz{m|a(l;l))adTxNDCX<^~aSuj9f-eztX<$bcZpV)^0eizo_Gl9IqS7CD+Vk
z(^9y!$y7V+Abl@fqi<+mZm4cx>cAXRDeoTO=pXK<=u0j)s4q82w@mkyI?2vEVJG9i
z{8c_)0~=POUJds#aD5(6$<deU+^pTJldXju^`9oI;{R=PBYb$me6sn~W~DuJ))9;Z
zT>)qY(3+t2MQec8uC@kgz0x|RwXLl=T4S`fXid@jc@5>?2b>4Q0mC+N+}(hgfbRhw
z13VAd2{-^a2KX3o2|yO<xfIU8rE+OpAI`|7BR10y@s<AE01j@GwXy-x+U$y|ssuHq
zss;{s7t>l*Raoso<hm<os?*~r!~ap4$Pt}YZfEV3vZ`{;8?5^Zll*2SE`2Slu%WE#
z?{iR1ozv!M7(>1>!sXYN)cE6i;yd8kIz5S^_qq`x?`q5}XL&<+s<1IZ&vwG`?~)~|
zJ6G)p>gj(y|Nr$s{?<gB^IzmR`hQASB;~C`UjFYBGRdi3YW@)wpHlH96{o$RNN1^d
zq>42i<5jvy#dB0#q2dM=uTk+v6~Cb3eJXBO@dqkCr{WG3>(K^!Oe$6=_$dF&?VroB
zjc&HHwxP1zDI(NR<)k+jQ}9Nuwx&wW$JcD!lv-z*$Ejw_<+%4atFy}4mBV%FXiJ$r
zrMRrRY>~4T5??4eifYh@^s_x>wVo~&_bGL&l}c(2g$>SX52QD!H1<U2T<#2NBMWUc
zs%4x>j~&=vR_7^X?-#k7i7u|GsIPKTkr`zVqZntS+<URTSCzTl&Wc&iy80>)H=lA5
zcqqqiDmu&D9QUD~uuxT1Q_h`Y>7rUEdZNlOyIU>04JB1|iWnEBG!u(Z3M%K6RpIiz
zhbR<ND9jXE3tt0*b&lY$-E}8Bd?1zyxqlX>7tWedXiw<U=IH-8b|~*Ej{olB@3>O@
z?K)N1Y-%<)=QI~IJDN+I-Ob+Srsn46t<B-)_U7Zw7n`|FrcLHeIhzVLIX0DUa&Pi(
zYTDGiY3ru&ruI$8H(lJsZ8mK-Z_e3Vu-UP>bhCT2cXQL`=FM9-hc~xxKEC<lW^RjV
ni+M}VmVzygEu~xBTfAGEwlw4ae-3YH-||1+-hWlltq1-OUQUIZ

literal 21504
zcmeHv3w)H-nfIB@OqkqwhsZ!sE+Y&j772ktE+*)_WCq{J1V;!+Et<q+A}Jx6oy>4q
z(FP_FrmthEYj?G^UFEXUwcBNT;Z}<?1W7>D04`$PuF-be8OLh0F5soU`+v@RCKuGY
z`+fU;-|zcvUwz)^a-MU}bIx<F&pV{*_8rW~7&8Ghjj@Bk^tkx@Proi9dE}(SBiT=L
zp1=B_!TbEx)oYsC?15nG-NCwb_WHV(me!E{F26k(Zm~DD*xk1*x36n$@Rt-6<T^yr
z%b$8}{n(TLG&KWfrN5kN1AkW9Eb!N-j_3S+oF98~-&6<q^e-$^3xP}Xzdm&g$M*=l
zQQ&(yUe;8<hRVLYB|Z;h4fkiWncq0DB9qq7CfoC}@)#?HL>M^!deBy`(QY6_bQWXT
zTr`N;;}B3M;>lvQP}MVK(5HD_(zlGUU!uIyD#m=2xt*~-swlwN4<R3Tb})wjzwilE
z@~ne;F2?q8!v{q}sgjU?V+ew$X5wW9lmbLMK=H@USZztLp)OR%*kKz)F2EST9Kevr
zg_IIqjrEz4Pz#_o+zc4<xEPC<1aw8-#sCtjPVW#UkS;1O*cPk@&HJPs1eNCl40&8!
z&)?h%#d9Rz0U$l}?a;@?*rK8QpJ~QY)8VL7gHP(`xx@K;Fdqh!Po>fY!}+yW4C9r^
zTZ&sf*?A^3Mb=J)^DASnc4cAv2*%b=Jaij+T(cQ4#GG*@a!lz$s-`T|CNZ|*jViUr
zE$u(5bh{l;z(`x*C}d!Yi6N<-h~!6BaFka!O3|h!FmwkjME%8`XQYl!=xQfJa{#w!
zC#BBsf>#UX-a-Z_$e?t_rH=a{RMZ~Lb{`}MX_lbm;w~jxVCIT5A&#02pd**G@Ca^n
zahJz=!sCoP&p1zLwh7QcQK8?c1;1QMh4pH-cT0vArWPcSpxMqsN}4&m!UE(|3!daD
zIiLqCA83haUv#y@qC}e=RwWv86y2t5d21hrwxXIBA+zE<rbIg&k3-`8Jy|3lypc)l
z2n~MqSDNihRH=H2H`a;vDKXm>^B9v4Y6eMf`NuOz<2-3}K204Ed%!`{C%GKz9q6N-
zBt-qS^jbwPAH5WMxs+H3*H)r#$9!@e^`SRr{?S}s*ONf<A-%2_$(6LzkS9q^vpq6U
zci64j-UGLA7M202b32kdFGwBjz%aR%iV-HisJ)=sZW_oabu7^|Ep1jhUk$C`UQyKN
zG}}rjbjHIKn(Z-AYX3qz$_<;GC(>W`#@vp;VKRVgj^{-oi!nnKa^hDi>bVW1X8Q`>
zYQNH{k?&rFf3F3P)CF9zOHm)-4p5w@lAlbW=0D~j7gefXwN|QYiz?MNd!_p88hyYj
zx<5nY&&`e^c_jv{-Ki<+yWZG!w_JykUsJYxWP*Ltwr`P<T34gIp#08oN>NWMYC$vB
zNckY8qyNZ|9*n8=jgj)Dt3zf5Gwyv(dt>=a!_`VmHYmm}Wg+Rec@7(as?>xs{dCpz
z<BifJH_9*jaKp8-bij09Wh{TAqIEYeikfCM%8~N>SojS}9m!K0<)~@XK0~_T&=asq
zvz4Rn*>Oc(?I=~$kYm20ZpLtk9J9-JikT_KFV=&|hlUN;4$NyB2Nsm!#h9_vjK_RB
zd;{is(p~_2Xljdv;{5c1g<@b<@cxqzBR`W4{8Blcmer#k^_QVB(xi40E|Lz6{z|3R
zWjyLFdo}p3j7~fKW~c~_?Vw~<Asxu~Rcc3#32)gMq+duFLV0qmQd=bL&o>wo)FO-8
zD;?-bylFL_R*xo<)<)ye#*4j!{wt!XXkT#~oEK|$9Kw{0qhw6Uf5b+|r=;gbCFXhA
z`D!J`4VsC`vYIA~X9S-pAl~uDs$L_e6pZGLc`g!D4CZ(0M?~6_ThU2g)pM~54lZ_G
zIBp0}h7(rhdZhgp=NUQjx`gSTcs(nb`b5)W_ZX1q%Jr(@-&J*92$dp3mehF!!``h{
zz3e<wr5=ZRBw>Ntomt7BArGj<S+Sc8sqa9`tFF+hXyF`%F@nq{sdEd&idyxWTfO7u
zZciDSc)coH<Vcsrtv(m^j8)})Sv?!|T&2p^EpK2@u&8H}Dv!qSgl^O`MU{)9o@uH)
zKI)mS%J!&drYbvR%In<nI@Fo0c2W1r(c81~dWq??Cf>B<^(0=m<eiSLn5V>6Opp#N
z`dB(}^M^`oS+21M-241}iN7znjXiGTiAt>}{4xqwPNzZ>8~Ky*Hx1s~F^Qn4l)Vz{
zmoIb~Liuv6f*fwLLJW<Bte!}uti~QS!QGvJyJ6KL-aDJIXrXuB;k~m<?;VTOSr0L?
z-kh&`UQVP;aECiKemgm9y{x+Ok@Q?+w?|^xjfsRM>KOr{RXVU@MAVZf9q{BBF~mH1
z)O0H+3;0{2H>`Qi*h_60)wm;LKLjuz;}zy(ybAM;z3NHnz|qt@eEe0t27l<D%7&+O
zpA7m+xP{!MJL<pYBJ1b6h&nve-~Uy2P14;pkU!JjKjAO+1e6k=<u5CZ=2LJH{5696
z>leDetWxJsK+#C1@e40W9e;~H8|JA|U*xIm&-c{WO#3tTf1bbKE%oGQ*`D1<TW}t%
zJV^Jj)W?^*bku*pOS3=UrJ45pU-0MW&%bP~TkXaYbR+GpJIBMX*jwZ180@X3*jMLc
zUzP8yxnszVBlg#U^OC$$zKyn6kMn|8{ZLUqz&Ytv=Y{!`LT!BilaAz<X|@NyMCXOj
zc<G3#Og$Hyvp=>z8JiO*JGY?<Ye#!|84I6Nj2~_J1fF3V7DWDN4CPAuM_{`wFA0D7
z5FKl#Kd(KTc-?sRx9+?Pkw2P(kG9{)!crAZ4MtCN9zWk<^VCnknuBj_*lJvgN@pqT
zpgz8N)}T2<T65}@YdLnAEpO3@2ph~&x7c9Zj#bWh`-1D0Xf<{X^%dGOu*<j|K6fl&
zAYwkfT;U1rn+(^7tTE*_&9<FaoB9}I4Beqby0Vn$4;}lc=;%)!?Hq4*Z1hGO904zm
zcWY3B-K{n_>|UHzYCX>1dz@N(+4aA`=>~1{&=KuEQJB`H#6pfzoMfi|K{}GB*_=~(
zmyVM58?|n9;&%5$Euxu%Z**!>hk{)2Y~+$zigbd8(s6frDJ#D|WWk}cvzW`gC@=23
z&~YME)BZteIH!HHW7bARazCrYHe=&7UUJQ!7m}qTl4g4rO@jmHfKlI0{MMw|ey&R_
z(vcC7<Gty8u693!k>fuw_LsfAArIaoA3ft%e~YGs3RSPe-sp}tcoi)X1)a`mTpVp^
zo-b?9wwJNcD4DlIj%b!PYwF*zfl{t)@FT+aKq0)|3x^h0;Uwz!#5@LX%<E9(!zT3A
zko8f<jYn2{B9|;d6X=Vwpp;9}fok`BEFXr-NS7%O`+(a!Uyj7H5^q>5BMC^5CVv7H
zUH);Ub~604;bZEl$uy?C7*1=va9My3WE&M#_*K>Y?1ivaK|@#3jPi|x=eHcAu_fR6
z)vn|tV~1R%#EEP8e8NC*;}RlQ%PVMNIWN$VxPVdNasGx6k24<Ut2E7CQ94gZ9W>G+
zIR0<_0|+mjU*DDX=Sce#ZuPZz(j@KgEjLLW|A6|P7s|7xPFlJZH6784rLA-ckq#_}
z(oviV5`7k>zDGT(<n<`Ao6aj`J>j6Ve|fe$R&(APTV5<jKFV6ZT8T}#_I3D0+P}zv
ze347#(l#nx+TUSZb2WzC1CeSV#rT}|`XM@lrVAIv@;f<Y0rf0Va@lijg|f82P))d}
zzv4CaQrR1x`f*v>@BDr08kiW-MoU{Kg23rDA-DHQaytg{)_h2${U>k|P;e|$%07^`
ze!v^CBnx_p6g46*QPwSW;;;nG<vFM&-k9jia!Uu`@3_}^);;~awEv`rzIzlpk(4>K
zB$CPtO^JMPjnw%VL{;eB&fkY}VU$IRY=s29pZY7F@+Jv`HjI;-(QN}Y%4J=l)$mR_
zP^G>BmC?a6s4UBu4xDVn$)ynnH%2}%2d65DH%&N&MczOI-arG61`8X}60FbY1-xNg
z`YL!jJ*`T8Pr=|X;uRKFMvl_4@RFzV)o{MYc_uvqgCd=UB?cqSrC)73PlWPtf9|}X
zL}y9gj#q)VRYtGDoXw~9jL-*j7F3YOhtU(Vd84x^nU1r=lUIr41$we}S#qsNzFJTI
z&1K1JL^7|t>Qi+GMDi#-_nFIbZ=__SJ33BWeVXa&6T(Et$}Qg^udeB8+>twpu@5G~
zCBP2}V5a}{!wkA=mdIfojBe0=uwo_6Kibx|yw#3Mur18H0f<5YZmizwZbu&%Kj!G?
z_+7Q&1}IdiA7Enit8e1|4CC~$KzRDlXvQrAa;f7*<W&pIR5ArM#v=*K3og%V<U{#X
zE-FJzAhYcdwd&y6Br^STBj_~>RI#zWKne4SanpsD=O|S>98hG(-HxvrkzDNF9&)Uu
zJ*JuV9=m3HVFF*y3+Y<FNJZYLQ6C^TXtt9`TljC-a>Fyp99*la(fx-o`Cuuo<=+{S
zH=71vG;i48+DJ>^iqX*Ca;zPhxaU^a+<C`WY2$S*$7!J!efsNiXy|>qN`b+9q3Ts1
z*25j@V~)qc546qY-tKlRA(q<q2$lMC>I*OS5n3{f$x;|e9p}ZCZAa5@He$0`?NBsZ
zA5JzHZF$sMVe!Bk{X>M;a5AXn#*uw1Rvz4b4dOFSN|@dUOBZA;?Qr;zQmLkt`u8d?
zCO-a1)1=PB*sNXB{%0M=a--Bi;nv6}2I-r-Kq%3t9UGBDmY%t^rJJ=g7TcDLXxhSF
zgzKbj%~0_oz~e&%P(Ji^bg+8Pi!5uX`VfS4igrQ?D-dmVE^4HY+~HPY5AbXh>v5ya
zXz6B$o4;MjN@Ss|muS5_Km#L|-yV7T0jlRFsq=M+d9VP19ZiW9Y{j0f4^q1I$Cc<~
zj&@i;VFXz0qAKY8<;4*u0J&yMT!jJ<(n8Em>O6)d&Gy$2MdF`CE*UlyQ`qi4@X06M
z(ljpxcH-e%HCr1*pmJhMS~c69R79i)$$Fs*98Q&bRlWHNF!db8eyGoBNM#iQV>bnR
z=N(-`TM(ZztOb`_uGu71SBa^jp4V*mT*+z8_6-n9<RhGxg6Ie=f?uW?QtDM-K%DFF
z3<OLNz@mOFCb>QN2HZ{Es-nfTq<%@LKTqn{eM<c&Ts>5~MI*-xZMXU&Y0vtUcBigA
zoBZYC1q+v4qpPlskD*~s^BmzpxForp=LnDFQMQR_OX?{cnH04v^(3%32w$KR2>Lm-
zYf$z^M)o&@vKKNk6|#X?5D|1fDWYj+r=u`}YF>v0E2N?#?DUq8j#JoN3oF%E8l#@R
zB{9=Ojk0zW(XlNE&ETvetFp<X8lJ(JL&V}Ou$HK&A1FWSc^}A%F<U4dxGL(obP(Od
z8q3a0k#>a4al<T@Cb^jN49b75YVC<JUgHaLx16<wZDp0wTXW^;t%W$;RfMl|$8I;k
zkV1uO*N(bX(-w^QEvOka>J{qsQFU^(5Oq;}=Te!pZ47FvtdC<BRG-&0^?@y?5Oz~y
z=EdL?V~_T_SFOVSQ)Tz6$1Bw{ndz4NExL)u!a0*}siNL%NBBn=5h>qRE<K!}6WY(9
z0Gp`VR34_0dK4AUZIrudZay4WKa`_#c8YG%@^M2}>ZdwkNIj(!#?(%oFr^;V33F<P
zPGqOH>BNW>-4T#IHx<?iOR8BXa#Hm=k(at%C-PIb>O?_`?g+>=GIgU)NU6CxVNK1@
ziBTzsP86oD(upflg*q`hm7^236w`?@sf+L*3LKkyTPKQA|E3e;Qvae8SEkPD#8s)2
zIx#+#(1{5t`Z9{_6I1`F6O&SZrxW(n_jKaw)WbS4IYpBY%2QHXb;6O}40dXIJ>FkR
z2k@Sj{u<uJ=?1*7N#BY0m(#28o}ONY_qAy+-ZRpR@h(Zb@Sd5z9`Dlh9K2_xOYokZ
zF2>uLo{aaL^mx3lOOL^OZrY0XymT(!^V2507hs6Yk5w2NqXxQt(a{x=MLWhr7OlOq
z>fVln-{|dp2DrEDQ^37lp9Ajg2p3(7E$X7<-E>^pHjGD1{@6cb1U{lZu=Qz*f*Vh2
zugk|}14~yDGNgWjX4CC%+a3^5|8_?GrJ?GE^p&J;PG3RDl+Gt)Oq&U1VWMVv$U=-=
zOx$+xadq@Iw_3do0m#+ctT26BbVbq~UD2PJOJuR4dWtb?S>(gTQs+OTsSqSRn2|JP
zl|<6+iGHP!hBf5<#DgB09z}IBOkn<Dm+GXtsb17cHL31xpD|x~&peHNMcTFkRV`TI
zx_5+h;EulN3K!Yi=!s@U-gJk8^a*N?Zp(Zu7})o^<g&OFdya<3p)Gie_%#+21&fJd
zd_g*JYnD9ybSMvZy?iuC&PtnsDsdja)if-@q$ijfwJyEf&4<!qv~EaE_xkl(Jh591
zJmNMO-{JM)@;QswmXF#-q8hO2Y+&~+)K@)=S2&nv5@|!K+)v%hR~RfuSXsqt$5+<>
z%#ug;N(YKEt8CjuTGmqE`%u&P>5cEeG?pUAd^oFh(M17!@(@Ymj+$bume_t>fO&ut
zz#7QD2HXJnDqtC)3bK~~PXc}mI0T3Qz7O~|U?1Q)z^?!g0FDAy0;VGGCEzQ74S-z0
zc)&Z5{RQA*&|3iq0qX%j1kiEd7~ngA#{ruGbWHg>z=MDzfFA??68ZlHxEF8^@CM){
zK!TiLHsBgS8NdyAW*R=Lf0?mOfNujH1Z)Ge14u?`M3aotNQdv2_#UI+L>=IVRrnX1
zHXTS0PsT=$y+8TgKVV`<2EVUDpDt^KV#jvll*7M+D){i#!5!emAse@*co=~wTtMi9
zB>9EP22+i%ZK7-{HdRLDBMI9UPsfq@Gpq=|FRZ{W{@M0U751jz`;+!QJnDbJUQsr;
zSEcel*WQd3&t`g!?ERwe--9L%{r>HYXTE@=wo*Vb{{pU`rp%dE(s{?KUjcatM%-4e
zE5+2%Z!11ICL<n0QJG5h6938uCtT}QQ&c9M3TUfVV%HgZHEqX|SpG9~uXB8}63M1Y
ze9$r}QIDkpfzcAp=7+7gnp`y)pVy9yq?>tC`0XXqk?|$6c3e@<Mn2jsZKF*U0hfsu
z{5nK^;Ql@*Dl@)-{h{0BC_`FmKF%4$;M#(pAAqT7FE3dbwxSFY<HpHSqlHcdF(U?a
zj6!E2iTiPn7@pNd;#VN1a&9E%)TeY7k@#mqM<!-3G3s#?y{Nss_)Fn?DYu(a9vqgk
zIb2UE9!d!zMLoG4UqA63*vfAXx$Pg7gv{+9T^}yziyp;8XYCN3Wz%&ED)7;%q`V|#
zDu)_pD5!XR`(h2%M>Koz#Y_YQH;R2`bRAZ?y{Hjmv34NFfc1|@Pwi6V3K(+SZ7Rjw
zJtH5Yet~C4pf<6eRK!f99-V%aZe^vXFL~?Zm1<luV(~N`SElzi?!d>y>+`K)1ViH;
zC&KSK<7x9%@ko!MGrlR?6Z09;+4t3YVv6P|J9+O<r2QC~2%l^8!+_1G3;B<D$D<Fb
zBtA|iN=Mw|OVyWS<<G>vo{W`mEPHvwGK!#Y9$(7BXLTe~FD^#z=)Ej831hKR?M1-J
zq!`bIzK0O%wfKU6A}pzkERp0q+FI{V;y4QypP(K5@TS{wLARqFC6$+k3wU(+Ai9G|
z?tUdkAEu4}>Y85`TFT?myGC*g%fYDcBz}ho@uRu~5n^Mcn@5Ndwr+qh()|PDrLuQ6
zTm#Q!3Zek-0X{q0H_t&^3WhWyeMcp#Gbu3ytT79c8-GWq@9>Ru(;Qtu9uWyMllrl|
zh}x5fW0%7kH4@5~ac{B8SV+-GH@&=&iEg4ut{q;z^^}HD((Nw8l~3AQ@v)|*Ui_n`
zEs2eOhHsJGroXuftxr7-VUj|rr=&^jD5hTr7KahDunz)n06YWO3-~qQYRJm~EawXz
z1Epu>7)_tnGiQ(ZwD7+mv0!83aThxR$C|AYQ4$``iJCuwg~>FIWVl5pQ^1jhZ$iYv
zxm+RH3(=t*6QTl<WA?A6o(IeCgy=^sjPnm6pv{sMx!m(34$;_n{u*4SUY-u|4|%ct
zLy7qazg7_)iCdJYc`5O#`AI@ia}m^Ow{n3V4^g-IJ?y4bZMXR?Q0QvNE(q$N1+20*
z4!0M)4VltyGEmKfa<$-ol1IHJdq!x$PdjMa=0arr*%h#mhCLcKpW;$zPB9NzCt)_N
z2E|>c=&sA<yqT+Wcrz_9v{dck?R*C%CXet{gzxj_bJP;t(Thbp8+psj&k%~5OQGIv
z9)q{uHY+H-ZC45^V=lF=5Hc03iV_`d0Ba<R=js;2HnOWqm9fj8tW-}YF$;$O#!2_L
zM=es+UwZLHH}dOC@&#tXM}p85_$q6us`r^Lp7$D0Bkb>;a=Nm<>t=PdRZ%Ofs$x-$
zODq>;qZG=Q_RGddU%&E**VyBAqN)@6NC=}oI_`*P@cT6EvU;PV5tYO5JgS_pda*DT
zd8hYQNsG?<z3TX>R^+TIJKHv<QN{=K{;Jq_SwH68aU)5?{azJ$u}Gogk6Fnv{25Yy
zS-}r*JPVIf5(#VL#e}AXv;NSfBu-dUe#}cT&JR()YPN5}W%xN5kNcDn9W|Gia5RGu
z?ptQu+R{^$$P|`5N8>eCFaoi;<T>(btl&nXPlDzrGCRcx6%}FNRT#r-5DVFe$VjbS
z|5k&B<99}tYSOE|i{E*4UIz<Q^Aj^@&`1y3$(|m!szuEYLgdH(FqI~ng5JijtI84~
z$r<lgq<<=iAUXVYI$P$OoNB%YeB@GANIHZ_H%s1yy*l-Ml!gHvK$2#=9rHm^lQ<ws
z9pC3g7Tm%UWF&ai-+R?QMByqUZ(F=&{~o-(a={Iu_h{w(GLkD7WQYE(QXPqP6rA$}
z@2OFg5Y5)kqKX1u(na(Gm`i-tB8K)m@ZPd?*z7Iq3+?f$X?#>l|BVv)BmW84^O|iW
zFHN%@r;JhaGx|J_14S49J>DK%lRM9ovD+3t1U_{Nv@_150{AtP{!_VuPQp*NKGjXD
zkqg~q{yDk={k#G!eNfOlX(85w^bNQcuY?`&<2;~l^9<;acJeNG6#K_Fp<vS$vVoEw
zh`Y@rphe3G21l-fQ@}R!yEJ<jEX+kh=xUT^0Fj&n9aK2Vt3FE+U<xmyU!bX({{e4t
zryBeKz1iWT&xWgL`sn8j%wd`%^jjw@|Adayr20#I!b1my&B?WJv{&s`;ROUPX}9G+
z14H(j6q5KloEeJ&J{I|J-SFAIU;PkckatXURWfRePKBvw!i5WLSHQAxuJcuhQ_rD{
z*dmQWw)3zQ{}lT&hET|&^{VHwMcO-Gl{%h;4kBOb%V=FP3)4#^VWd4UG-(42(v$Et
zGCT);i!kbO=NZcORo)K49KoiF%5D;sA!MK@XubH3Z;oij@VtTg9)j-0^H-gi@|^k#
zR$_Z-JaQI@oYst5#@uu^nzh<t?>7In15UuB;sV9{KSbY2(EsTAQv7;On|dCO)~04*
zzH3vDae6<0yZCz%f4lLfrN>(@mm?JGRnK^h30%KjqY<}Qm5ueisL~im$R;#V_2tuV
z-EuKTjVHZjr-LJ9EdhmMPuX+9H=OZ53@l?PkNcdvn?B;k7XC{Y^~j4!`l&a%f3h+i
zgB?D9F}an(^AJg@%aKS<y4V}(GvK3NTptWH4yas3O&qGa9Vf*FmXOgI?^5cOazrkj
z@huDJC-~v~!+98<jSFrqLbwr@h;u+>;cQ%fS$OVYjC>Zmxk$4;givK>u^dTs)GR><
zh!N5k%c3-zK4r*yIB>4O`p{R59<`l>!}SXt{irvO$EO#gy!3tg{z@OMcR>5cT>G&B
zZMEPLF8PL#xOmPE;?$mjFH!T8J$&&yPhW86<2=c=&3<GhiA%FB(<MtF(JTBG&(Os;
zF1+6=PToXai?J2IcwXy)oc2>1JS+6DwjBe_JsAZ?{6$Rp`Rtvq&3F_uM=9$H-=oB;
z&{r>@PZiaJA1ZpRnym*MPW`iprVl_$qOVBjzE51N%C2*C5kgoH$#w{>iW9Wc1DsF}
z(TJtrB`H(DI0tLQ&oL5k!OyOy3h^~dx!4Q#N5o<X;5!J~Lkosgi7b34mt2~S-_@cb
zeFYk5n?)aUu?frb$fSi{pfo-n7-@)QX}$QhibW}VE%^H(!)wS`jZK)Y=X3lg@@Z2i
z!T@cmowvT=i7#P+FM?^>)G=IM#NSu)w}Zb+_<JuL<yt`-siM9~KgW$$A>?6DEzv4R
zvL4I94!zCzNGFuK&3o-A7mr98OhQKIi7oRnjpK;L<43u?y9U$su@OerOsTN&zyDe3
z)5~-VJV)Tk0$T<C@D^RKQScc{_6hkBfp-ghPT+?H-YRgjz^euJ3VegWrvxq)c(3?3
z91jY-QQ$iTUMlbn0v{H5vcMw+&e%KgR-L+8;MD?uP2ixw?E*g_@OK3MvA~A~J|^%P
zf%^o0Q(z`=QuNzFfqx|MZh^le@Ph((2>gP;8T&sE2j;PM3{SSBT*n!`xJT#RLU2s*
z_(?r~P6=MH?7ZNqEP9fH#{}TdCBb76<Bw&rUOpC3{)`qp#x;NJf~Q*xJ*9%j!HYjG
z!CM6H6MT-~R||fD;MWL#p5Oz5r=^9Sje^HAz@HAm=L>#^;0px*xZtsG^JkynCBer9
zZxwux;71AmCBYX8zEAMD4e_U6@c6v}e?AtxP4K3h^!^(o_<X_Bm5!bw!PELgPqE<f
zL6kr91&<G`{80ptFUtH`CHV1zUnBSlg5M~3{Jeud4+y?O@H+&Ly_!Fd2!6ic_X_@c
z!T(h7bQz%Mpy2JC!(u0RY!LkE75rqu_X&QA;QIyd5d0;<PZhjH(fbc;IDhPdpC<TX
z!DF}OPpRN>WZ;iW@VLzK$0zvdf?p+goT>R!D|p;H_!AI(iQqR2{yM>T2!5vEw+p^h
z@Q(<7mf-gaezxEb3Laq`{`3l-&SUh{wKTBCy5=@N=%)I00WK7D$)eVVO+r9vB^7J@
z^=sS0>oVyT_{W$-)2lZHGUcon3k2m`KX<Ss!4H&_;WH%(o|n|rSlO^KQ+~@`tzp>O
zBrI$iVhw2b;*1{XwvgP=5Yz=oTO6#r`<BMW0bXecdi^bTht`k;>6HyS9uPuSHKaUW
zur<_L-`dOzK-%(Py<R@(>RXocGODY+gfp$y>7kZTTFK(()(zgeyZk7M^Ga*L+qAAJ
z#Op`;fCVCbDgJFGtfh*%{y@!wuMXBVHa68)G}pDYK?na@mbHp@w}wM{hf!ucZQ;8r
zGu;`g4=_N9T)#GhmvW~<kK_Z+5j;B7*BT@%_4LI}EnIJCM^Zjt-KOT&x`rXG(Di+7
zYq<Whwh+h5{eLm6J~V4s`O7!y<*x|d&GmtOA<-_X=eDMnhSm)zI~eA}FWeAdfMIqM
zKh$pGhZ;uwXW2{gq4un1x3MPH!rXYTXMPrBAvPEPaJ7WBu}y%?^J%SF(8<h7##ZCM
z62KSfmDcL(QLn(6@-ui~f@TE&UHEhA`=a8<O*S#BVV2ogo8?=DIZwZ4y4sS(ETNg^
zeOQD)riJ)sA$xy@nfRGlj7O8qZesS|l$b4ZO3ftuCqOaDk>zrJSU#i=E1O~WN7)Qz
zG1SXY-tcsjo_@Ja6bQLYW|)x2CN$)*3DqOmggM!4LjP5L<9f%&ZRmJIQ7$WL095C&
zqB#~;G<$S^VV^ZH?n)EOGmK)UzN}K}gH^Ea>KXZL#{2nf(n|&G%3~v$EhI5(gOypT
z$FRq-xqbpLEz#RLoX>}?0OVuH$B>U9AG<8yxZ)gkWy2(P<(!G^N<$GF*_R*4^Pz6k
ze-QN>@K5$kTY(V)vV{N*BbW{CvCSUUH}0AoHn!n*Hn#dJZ0wv>Y^-4=v!Z>J_i=Q|
zxT`I!@V&hLoW2opbHG$<^y%%QwRoH@i)H_Ku$|+k<g(FoY;5$8t^Kf}H#cqxjHu1l
z#{$_gF`G@CV`UQ`8XFi>Yx5b*S<H-IG8ildW?3ZcB#htN<lF_Ejq+z_m2&$F!BZI%
z^4WxA@JlEcet~b$_Y-E1>mS=^>mA42my7o0pnYiPvQd5c_;iP6ux&V0d<~xrOTiP~
z0zLq|0z5qiDVs^?7YY3$&CUzt<eFG6=-k=a0V;#)o`A26K0p9G;ZefAO!`=SGP@VB
zBU7fH?lTmaSizheRxmr;XBbj$yoy)NUvJ@#;&L(8K18-2K4g#umU0#TD#sn5AF|JS
z{(S$^d*%O^``0;E5%kxE{EM5K{kO3PSw(Yen_s~xtl7^3SvUDZ-nzDsCm5uCe5!f*
zFn%wk-?H8xY_1Cg{0+<eZQ<q+n`LnO*EiMsD_bjCTS7scQ%;IHJnQ`}q1!Mv&DG6q
zax?$?1`iR9Vpi5QWApqg;!ugseT%roLBF3xsHUpchHx`CbZOl>7|WJ;mM!&oowG|C
znsI{h>$WfV2dQ?^1oky1tPpb4F02s(l=CKY`<wkCe@10=)-3^l%kqk<x|X`T{XuAq
z(ItA(;4fq?57h-j14YR0m9nogW63YfO>GTLcjFv&2GmBKWL==!0(JF%b{JG$a|@0*
z3$sJ5ID`3vOf}Th)CWT~4gR~rccappHLa~{**A3Qik3CpBMqL7_5MJpskMbg^^|IV
za9vXi{D(tfy&tEpc3oak7YK!e{)%ugh(4z-;C~il%dk{m5RPgMw`G#6manW>HfvU?
z-k){Qtq25G)dxZt93j})XQ-)L*LHV}e<K|ccbOZ>HS8v1&AK{rCfU!9XVo;dG=-qP
zj&%>xHGcdJ5tLWc7Vy_M;fz?Lw+N$ZuCWH0*Rt=LYQim?x?rfOA1pD3d~k4U3$ON9
z#u`E0M{Q~L*R|AyaLh-ojjc5;7#M9JQGH7t#>D-`$~L#?QM9%VeZf@7L~peQ7h~+B
zpE7AKgQuk)M}J={FM}0fEDz;xG~F8Z2RHfr!N%6$y1JHne+6y<)HfwGLPd91ufddR
zpkw?;BwfC#E#zNU-L%dxx6w2siWM1=Qr%R)mKQJ=*Pq!2H-^PsNaxwTO?L(Bf}1MP
z5rd~XeQnA7jhDBV>wCgjhzTs<8vt<vY|*u&Aq2Jp?0`~$3(!9U`zkJYKG3As3n1N6
zT;h9i@uvOXjtexMSxDCoUDEHRJh=FMjPfnjs1q;?uoSQs5CJ?0coeW3@DspMz)OJN
z0*osdn*yi++zDs~{3YNUfJXp(0o0-_W@IL2X4z~6PEt86m*ug1R=`H$PeEAOC|1a>
zV56B0f3gK9Z+8<Gpb#IjI>}csrqk$SUmgB-k6;ylbHE=&m)2*l6m7#&pxfrJ^sS#m
z_bHl9dMSFgOyb<nP4v~(ul0vSCR#!Sxy)a`UXaWExHIadVwuxz8)$@X`2g!~ZuVdS
z-89(Bf#wY8d{&DtOU&3k(5TNzA86NSrHiHwB=Ob_aJ+%TIM2pGt9hFTQi&U$D!PGu
z|G)oaJ{~-Ohy6_BOBAW5DF2_I|0z8{YuaJJBe=`Zy7nyuHeFt<U%>RIeSQjg0JwTI
zWT0u?dlEqU`+%q0unt0>*23dh3pY|Zzz<_hd<%EMp?4#?GyMU9$0Fzu&cmAN0!?@n
zzz3Sv(LK08_9E{--~z0vFF|ev{(D+qK@Ytf4!u_ny>rrCv}7uN8HREQ&jnP2CVT^+
z0W{%NfDmZH8xTb708Lm0>;_HvZvjt(Cj1is>BoWJqO~4vr#1gdto76<nYEv2+5=7s
zd1fylIqeDi07Mh+oP*JZa<&7X2KYd~1ia@ud<p}-7x?D@^2^h}x8a^QA2i+f!T^$Q
z1b!7jdHaEHn1^)GKHyeBEogirU@rhjrx*At+@~5q)89Dz3gBtbtAQWF9jhI*75Ak(
z0H;9Xy8`=H0Ojoi-hn$)Kgofg1dt7TfopGof2(vH0ZsA_;HLo&$O*qMXu8+YUCs(Q
z;Z{M@U5)NzBq#iop#P`L$^UolG_WF64rm{41D!E2$3H`kUy3mWX|>34FI~7Vd&+Oz
zxUSibBS#xf;R~nDDk+_2_tTlNspam4(^gb3o-u!#y)A^}dL12E7f##cZ<}`G4F$R7
zh>7~w-POFwjsjZR7ETKXTdr@bU*lg_*EVBaQ+=?tt+g>UqrP?B^>uCQO4iSsX2$`u
zsnOpSS~;{f6lJ%UBh=Uys>G33ls5SbN^?%;`H-{CUmp%Og*FKulA!-D!l=dH;0rdb
z$NBVbf7?Lf&}7d>WTnf8*T3H1Y;UIb!fADFl`ZRA*ZPCg?BOQ4o-QE^r|}5>H2chf
za>{3Zel6uQhuKs<bD(j^UOqF^Z(uI-#b>fE%rPYNJkk3^-xK{$u$|VO_MN3WT|0d{
zYj*~Aw(s1r^YNYgcE)%1?(Eyyzmx5<?y~PH-R0Wl+f}<Ou&aI7j$M!M+P5pdt9Mu5
zuKrzYw{^FDcj<1|Zr|?O-GSZhyLaq<eD}WH@!h?<`*!#5W_zrA?0ZW0xc2z=)b0uF
eY2UMB&*OXc?eYC!)em}p@R=6=S@?gj2mS*Y<|rHh

diff --git a/AutoTunnel/x64/WinDivert64.sys b/AutoTunnel/x64/WinDivert64.sys
new file mode 100644
index 0000000000000000000000000000000000000000..465f967ca18826ded88dc9e9480e9f4fda87a6fa
GIT binary patch
literal 53200
zcmeFa3tUuH*FSy+1{iJ*Dx+v#MjZ`rGzc1sml+u3prfMTCB+1}2#P>3D3&QOU=Byr
z%F4_NFWt@5OffSDuXszml-Clobf(e7OvRpbe&2P@85l~-_xZo?=kvV(w^Qfrz1LoQ
z?X}lld+oI^gCiy`Wn3ACk>a)68Kx2;JsSS|*Pl9MH|zL$GiI~rkxrEo{gF=b=^1&-
zoZRebxk)pX$w^sR*#_m*RAp{{mNFwtsT&oioSB`H8szKir4mU$b>Xu<?Y}&i<aqt}
zB_y>&+J9eMQU@M>Hc8E=*`!u{IFg6^@0*Ymz^BKE_@l&d7$1(wNKPl3e{4Z)6vLz}
z@L&`_OrGe-t7AGd-Y%XDGX{`;0`!MCgnks42mp$^FpN9Wj+f7<#TUYhIOf14N#fzl
zIz<}NPFcuK+`upegl2}!sb~erp&n))!_<sMSi>+&5iCVZ+97=8ClO^t)*n<R$dFoK
zK*l#LKE&HFydvv}@sE;W(t~nSk_@Q(us=YFcw6BeiP!1TFbo?cpfPnVkWq-&9d8O=
zr$@su)j>G|BHzXeWKx~e@j5*k(2E%v6Hg#N4}2gaMus;FuhXMsnD2vf^Kz2`<7H<?
zgzBAz*XhxqdxCOPGqZtso8XWs^(8Zx5{-`rc#Wz5TQNO%KE^aDAjUL9Ic~f*UOQGh
zjxD-Mrh(<$PURp7*~6MjRP~S>%l*c3XTIzK3B{BTuVBj+?$9DVx6ktBV206^XWeJZ
zOH|dsOfzj(tpJ*~JpVVge37bxN|!4<1oSkWX`O00vWaj7Ld!gqr?P|>Ri0l@WeTCi
zgg{Dw5}Q@;Qv~6M2<?hDVi~49t2X3z_`bOvjbErrfbKrqJHKWBb*hDk=X&jTyHf;I
zzUoCPGH`Z<+b9sNJbEYY(mQYLQEI;cB6Cxo?e;N-Jwo5T2&wXFz}Y+N_)=`uZyqDK
zeJr<&t+EWcDWC5)A9A5mFYu-2`yM4Zxz@zUbthSq!h~8wjuSO8-%b8ZQ~W7Hx*`7)
zG5_&I!kh1F7xTrmTSu`zM}D@D_I2d%{6oH2Uqil7-+bS#plg{5OUQD*FT>F2JlCpf
zsioy^OQn!}$N@dKpJaZT2bQSJ6mln6lTH=L_bt-Y6})%=RI*6a0BBcC%4eAHecWmJ
zB2SQFxn*Ku-yWz)U+#7elD8`+=OPaU)ol2_e6Q`$5wrCSuWY_9z|&Te8DY5^yW+V#
zio^qx^S$ysWdRKo!kyqp0oOxqNSEx2(a0eVo^S0a_X+atiesqLnnRV8yY+Pgr7yuC
z5_(l4wY82<xNVh_y3PwFP`v<J>PsC7k&wPx0Hdb+KxGJr<_Caf2rP0P@#;o)%29PF
zswT9h0;!KdT~9R<yF|(~SCweWR27gga&#txYOY<efrKMA`B&H|NX^=sTJQ;F@TIx^
zA;&Ehk%Z@aj7QO{Cg{s`Xi7O`MO1aB6jcFzKye-l3Y}uTZ?~6EQIc*e!7?>#w`DvL
zDtD`FBa+t|kJ!=NkmJNTOATDfW22pcNa+@?RrMz5I+co&2y+mU4upxJ2BC%F`HNRg
z0F%AIBx#NxG8zOx98klR4k?HNcoH*{!0ukcfGCKB^*N!J--p=jiWAUb0cVvH&R*cy
z6>^LN^q~xbI|=!7r??}Q-dYF#Gr%t&<&Dgpe5R#EL)JKCg_uc%?Dp}xj9J7SOP|>C
zXlclSeMlAR7N)3T(f}Jqu@R;ORV=zK-mb7>3S~`hxzyv~`{X6v?%C}Ev9OQ>L?jHa
z1~kHW8vWDI>H#P|5XCii#cH8=xTE-$-|cpEN(j;zkWnFKE%&uRM`>X+j>fDdz2ba*
zfd!4I8RCF1B6zv)$1~6md(bKp)!gZT{EHx)9FPfs#AE_e;eZSU<TZjUc0fV_`H>)V
z9gxm|gv<nFx&z_|9!%(B%je*LJ8knpdJd(h5=Y-X?`DB6Fx+mITO>>&A%`u&Vbq^1
zRW!-OaFaAK+zd8`yQF<uJ6W4B<>}pr9gmfK05QQDuLgqlJ@hkMdcfdjnTZMj__YC$
zAOLJ4z}>Ex5W}NfY=m?ZAg2U~yyO*B0P(#@(+}rs2DsE*Fb^};$J5b<RszKj2)kVI
z8-ZK}(5nI{nq*oh6gCQ=Wd!<G0Obgviv&6-fF=u|AQJ0V0W=IC%X30}Fvaf-LVd<P
zfenJt#9>M<1go$yx(oy~CBtlBoN{N#E+}>75v;|;^X7_%+<BItZ)RvPnPifYCWFgG
z%1FWaR9GeX{Ln4Z=S0h7zIMGTheh|i1W%YP+C%kCYGC0o3x!pVb+`!H@!*KYIyl;t
zE^<_&QUfxAtJQOEw*b_0R`AlZfMUPIa3}4GD;T=~rGvew5If7A-cN2Xqc^4du^9&}
z&<EDUPSBeY19YYWHC}eVMo%6fqOtoma11rfeoZ1F>J}Ev(VHrXOKo|yq)uMt<_WTT
z({{2{cC)tZx_qk{2HfImGA`sRc`iq{@VNqDkO@cNk3eVI-i}W_2jN6QHX0dgLT^Wg
ziBXMw%PqF*vJ{51!y=HeD+aKrGJHQ*FJBagqLgu%&*;>cF#s8w`+GHo_oTTyc1}Px
z8QwyK{Cr~hj=GrhmCvS($aI<%C==s7hWnbjOKJLohwLv=5%Vs15iLQ0wu1@Z>;@*j
z0wBb^6N3u0^n%$^^Ja%W8kmyAPSgc3>-(Vx0l?EOoQn+PhFRjlNqP1Gm?Rd{5lu-c
zddwZ^+Oj)fFbf_vB(RTW7#8MxcMd<z*cI<!w&#T~cZ|m6mS(`M++)y2w6T`RlQ#Zq
zAj5dB<EKfs+(;H*FJ?pSj0f!wlh!-jK}ojXbt6jKB3UjjeZT7uh{uGVGWddz%c#z-
zIE_XlFUJ9`;i0>DC`UEKgdc@v*gAk0?k42wxcxEQH+IE1Uhx+33Q9V@K7>$Ks+OY=
zbe%L=JH=suCOfpAbRO!Esq$lCssqNu25CZW_c_OMR-Jsy@si_)5UueyiNUK9dS<pB
z0>k|csvJWz$b8*2hWS)NGFAdsV3-BdSr3>knZwA9Dm5Eg;030yOPYX*VH^d^rU1CP
ze9La+u*kW;n>Fe8C^@~VfC?#qA>=B`#N7BjVmaiX&<TK1Tr8*QV=p;p=mU25qaRPP
z+>w!-ZjaJ}UT3&E7&|Y`{r#E&|H}Q==KDEG9~hRCP&e{-F~hN3Ce6VH_!q`Knkf#+
z96ro)d*T|*0gOQ{L@4i`Qz`FW@IH*fn<*eAtQ<BVhZYW2!TK1hWFt5W=5Zav6g|)I
zb&?4)_}LXl0jq=~Z??827TzS)XSvU)Ygss^u4X+4t$f}OzIDl78jXm2v6n_43>|dc
zt|$iuW3@fxc+cI?LNyJDSV7TeKr3Rns8|%iv<rL#a*S}5FeC{h9i0}fKt<v}Mezv)
z&#?pxCH-z{<=Ihcl-#T;M3t=Q-GOL;L-Ua-IL#r)wUyN((sG2BtNr=vl~Cq3@KYOT
zeZh|yo@fd+6GX`&1yM|Qr+9kQd>$V|*5R9C=)xW(BF9a`w_Y&5fN21e@-?qh6^Inc
zm9s0FL;a`^Vle<&uG(_wNt*8D3)cgirjoBLCP28;1Y1lL%9p7M5ei-i<?j&l3*b;J
z;~8(vd&-eFk}yAVq*$TX%SXuUirR=jbh)oxaUQVk)aAAg5&KI%Bh!rk!R>BjgqUsq
zL`?x|)Rh{`PNK_u6Qou&lrKF&mSv@?7HO?KFs}}u=W3n&iOCJKn6TFM!&(>X-8`kZ
z+{IjGyqXA|wI&foerkn#^ps3TT6;I9JZ?G59kMGrgCSl2A@b5eR5Q0#NdalDUD29&
z<s}%6$&<5?1mEB#_k+It6Vgw8`Br}6z)!$L?W9&L&67L}6uyhi^c}%yxen-hbTYm$
z>2}3uKrcOKP?0oQ5=l2ygyGwZ0AU0u5^FAKqqXmeG47Mb829?I<x^x@<L}bk1*O;K
zWD(lIzEtlNS;#e3U`b#89*rcSn~1Xks0vKwKSiuaRa^&SH=&&ZM|MSbffp}oe3+#-
z>b37>`3m>&6&f+=ZLoEv+SZ~r+fuvYwgxpIt*5lND7A|`5bGD}#&$s@qy$wWJi;(|
zgqj#GkM{~4W?3{nf3(T8WkGfsK1Wd^RdNg?Y%8V&yJ8MpCCoBhy<O3aTq9og<)dWq
zJM4;hR9-ZMtdG3(B?(k#$1cR#^4VcJ(-Ss`Dv0Nj<)Sbq-C0wP%svW<u<p^ZcE#f;
ztmh^N#)O}n>lV}VoXuU|^IQyfjt!pzV|ir0hh=YjG}O(~rz5doS1cw6t4aMQ!I7^2
z6Y^38Drfum%P&XWN?S5j>|CeXuGj|Dzpib(P}`mkLT$=F)t2U{?LEGcP+F?;WtN+g
zZdW{oObD$wt8u8Guq#@Uwcva+0mTjg*7xZkew!`N=3M|K3qcBUMJw{-SZ*>J$PWfD
zfn12A;7eFAfKV4lx&;W?_p!#kGUI(o?k22mSnjALkybt25*k#N+kKq0WIOMhLNRD6
zN~ftPho&Natsv?I{9{1_=08nUkp_H*O6`i-qQwKZtkCV`=@x|xT@7yY-S@kmfJmSZ
zR1N4lj70;@o((jUc$!`QMAMU}No05l7$6sSfNV;ZdxLjI6}(4};oIzUesM{o>?&qp
z=lU?8vZe{}HsA`Ia+G9~;If}VQ+~>%k)a7-xnJyxuOU3H9s_>}3zs1Fw${td;I8Ll
z0&FUnV&20G^aCfD*p%2w(@N}$F;o*F>$&O?r3dnR?_2?I1%zJ&VK_)EIY@m$mnM7-
zNf`#lfKh4Oqn@&x(+0xj!e~6uKQc@n5gDfA%$&t?qzCDwTffOv%r_d8crxyAK3L9=
zEj=zT`HBR>MFz4a7cMfu6d~gx+nFMK$|C&wMEa>D>IgqB(%)DstFpMdnEOQdsa)_`
z2<UKs<3(we)x~_#rB8L?MQNYvg~R-ANBYYQZiNTJY@Ud^7-WSP_XBL3R`{GB!$qp|
zdsJDZ=33W2RVrDZDxQp*r-9;y7yWn|KtpA=z$%N|pD<m`R8bR5kaGh$B~Pw!svkt|
zI~i*^J$J+*wq{TU>mF>aIF_vZIte|PsR|&UQJ7;$J6Y}q8G=&y5~3j(35~Sa6^G#e
z77Z2*(H>rh=7q7CW=gj5^6SWQuB^#}H5C9I!VI^}bz^&4Z0>B&y(k|Q@&g;5H9;$X
zdk;A?iA+@K5BY6bZd^K;-GCJ<zc+;SLNY&HjJ0ES#@dEPYWJbAWRp=l6@il-PebgG
zB@eq76wYod7?TrlT$*y+rh()9R@TvWLI;0XK$*ZPsc=Wp5->m{r2;RR7`0HUf<F#j
z@*{;pv3?EiBtIi#lqbH=gxI5CbUGCTXv;Ky@EcVUJ<ZBD@|%^I4PM)Mzk3lcDBoQ$
z_taXn>XTH#k15cy@U~-bYiN|P+=KvIH-41B`=POc<q$tuI?bg?ya#m+cbYH3mY&NW
z!|zVA+#;2kD&RLAVuP^2Exm2<jN!hrD;O$KYHt|UN9_s)K;)mS<hQNS+8pO~1(zPU
z&1T1fE9z=^mHdS#T!HL64l1Rs6b!@HcEu%<H&@TXhbVcL7cSrbw0bv1V+{G3qW#J|
z%ob@`^+2g1XrQ~i^ok1x{JlVV@pp*Gw?<3Ts;Xu3t<|it3JPPDm+k``3vOE*WV#5M
z=5UL=bUonOoiMp5?mw%!9(=LoasIIF{uWy|<lT<)lNw^Q@-0z*pA#B}&z+hsyP`_%
z@{-SyE*m8qa8SO$jA)O83rESYLU{~zcx}6nR;Gnl<+`UC%`P_AG}m2erf4sHCkzR}
zW#p~CUGXuNt$MDGZ|x$CBlHaRK>>vNc7poS)*(?RPh1^x9G>e4?kgHzft|3GVM*vM
zbhLb7JQXg-n8GYO!LG;$31L)`E>1A?v@3D};yq1kAaKi~JqGNW<<(=?!e|d`3go=K
zMFrL!zLfR!93A)WLaLS9Qi#B==!de}Z6pEhfHQ_{mUHZG7xVkOaLcPHuPn+>TT&(8
zV&<yz+raw3y1AN-7k#{|IRV31d&$=Nn3b$vt&8zufK$eP?`o5H?jRzwCZ4*j9npQ?
zPhNTpb-b^XmtLb#CNKRFA>?!ewi`X7Dci@&qkPXHrIKR1<@V_jkD2vdO87Gju$@0l
z4<Tx_cP><t4yHvtMw^Rix-QjN`S7HW4OdbSc$(H&)tZ;OmWz@hCy<{~EUSBBW_to9
zK1JnGB_sUugNUq}Py-!>#Z>`7O3N!Kpy$5exxfbDaGnXmZm7ypiw}ws6{--N@ujy?
zb!K6lKf}8Sn|XcUA*JW!3ljj;+}<aZmzMI`zS}YOc?-QehC5|fWG2BvPe+zxACcDd
z;_NyRCiOQO*j;p7F<BAf8*{5v#|_7HOMb*mP=mh*A}lvac{@@tB#{BOj=&|C|B$mG
z;YEaX4*A%$x)-N=sPsJo(Y$|{j~o@|TAE?4zjt?Ra*DPPb`T5d3h)EdM|)_$v7K_1
z<xdB~i&=<mdu&*~1+jp;qbY*P(_pEXhK6bEijqVO=D8|eGkNJU=qr#u1QH9o7)IOg
zYJTl^ibM{RmknfEs}vC?N`?72_A;{hvI#16;d3sqFbj~Z+_@TB)8AEIO3O;L9puun
zN)EI53EXH=Q6;h%42MD?C_#Xgm3%DmxrjejA`^`X0W1jTHZa2J7+sL^F*p;%%}u0W
zwkP!NtZKm+W*aT82941om6uc^gO7aTh`j5Fyy=K6qe#7*yo5uf60VThx&|>l7bzV<
zCbd0pQhi^+d`PyX26@_T0r>JP@lshe1v;m0C}HExl5g@~l$ebY(3?SI7l<OH9tw2G
z+OGICfzov}G)_~N32vQlE9BBq8wZ0w@hK`irzODlspOHF!HQk6hW9&H3f8Y^PX)?O
zd3y40eyhoLw9(&i%%8m92&bb!sf~yF@OFvw{TLMW-1m0H9*~2>HaU*x?p1*KQ?{`@
zcfJb<4gJZ|%!3Zf0qZa!qMEQMD{Ko~bwx}Vf!w~{-Kl>R#(IUpFXS2&!bC0vY;(G;
z9~#q#>Hw`oBAniYpdCFe5PSm!Mb`u6ihiapmzM+sYW&$%UUJWcBIx?wjz|p@jE6k!
zh}?%{05PN*@4LYz;JaMMlf`nGHU0)eX$LMXSZH#<f@%WR7ml^x9%RY4jC6$+2rybD
zhGxdQ5_#zg(Bz`yZ89!8(dNoU>seD2V_isOc>mZzi{<jAc7@D|o`I(~g6QdpUOUjs
zAIX+u1Yv^0)`49zdx&XvyfvKXY3NmUP_K>*GrK2-No+F4&g?{1{>eVf^%JZC0!ke_
zsBQ>QWTx4AtCWXfAlntIf??WJl*VX5&*ezjJNxRP-}2ICfMPySxekO7C47;F)=xw+
zN9*^I>~_))IF`ZN@MTR~3lUgpJPBlr3ZwyZkzGvlJ&TmZh|~+~kmAy%Us6$QzV}_k
z_qL;weRjo7wWFH+WU-3;iRI-MBlz38uj-;7=DQ^{$=X7Nii`zP$?OT5GBm>>Uib%%
zRN6bJ_-hu<o<r6LGI$gDRyw^C)8&*lgDUM~&TUH}ITtu;=3T{JO+_)Pk@_qL^_gW;
z1mgQ&Ah}TcAQWL8_XO~1lOmo}nm=|;AeD;6)`lMDS84gYH4R`Okp0qO(UqV>ELMli
zz_Jrq=kk-<TC3g8owmMBq=jaDgH0@PvVdP%gOso*HXlRw_$X?H?<EXE{t#vL1U>>{
zdXBMt@hj0PHQUBGq*j1+F9---Y~Xik3asD5i0Qd#7+&8M4noH!3iTK8`ynV&daj@u
zt;NG`;sEnp={epe%>cTN!(@u{8#zkQUfWV|j(r+G?9&8bpGFzOJr_tjZV8S1!y)Fz
zIMzQCSZ=h8Y#{ac2<{j+EM3P9<2P8Lxx##5yvXmDYsf<g!&It9y%E^`R)O{~IDeQa
zXnTOM)KV`R_e^lq@ZUn8pSv-&8k-U)+WIEEpV5N(sE0AnMFjHvM-l7riv;$Et2fbV
zLtwvC(;Bds{@+vw--JyPiy1=t8~Kn#iN6NnQ=+Nl3qUTATp}mQV|m|%vcUTv`t~nq
zqeBZq%sfqAIPmrmDlN_aOjnrKbS74*Gid@AHeDX#h7t)8QxVx@P1#S_D!Dy0Kq4<0
z<4*J3T7K($MClLm5-kAx-QAVYSmQtybkCrY>2YJB0#(XOyC4^rhY~@B2H9Jfn6TGU
z2yM^zK>AgrEsu3V9`?Jd38#Fxj5ZV%y)eSUY1M9MNt^$ahw%ZZwZ;vW(O3w8o_j7p
z$9+U94_cikp{iPmc3Y$;?;;Ucz=Na89<$JOibYfkM}KC7z;*aYA?Cv8=1AnrAUQMK
zCc&#Rl1(Cv4M2uNezr3uc@O3_oRl_lH3#mQajmKlXpGS=F$5Xyu7>VLyGy<|&I<@k
zt%r-Aju6Y)2pn5V@&{_SC4f<zpAHwQ$n(nmR=aHkAZW^X-g3C5qegyScleW!qh4!`
zRM<FJ(VYy3<BCWLe|;;e^qQdqdD;A}27VFE0S)etOuKCcRkw<cKz|Nf#9u#=FRQ|u
zh^!6S2x_Me;RLV=M=O?ZK1_vZK5&GoM)L!ar0&#l*!n%fYu67Tj5(kM%guyee$CK~
z6NuVAKq@~94O##n3?h836M2J+fZn88v2dEexxC~S+=`~$?+rwYzXKRbL>&sVcwb)1
z&z|A;<R#>d66^1atS?76g2N^eTr7a8yF-p6k&dyJ$N)lJfb;}J3z3N>15&X_QJ*79
z#He+MY7iw+AW9-2aUiNLE8#`A5Rzaa5~ZaB^pQN@f4LC7A=YGg2;i1j!2mdbVw~@B
zbm-?S0K!HD_Jz<Zj$Md%fuiH`132H0fF@w@r>bFuWQx|%1PkMS)Jm%c-Utb6Wxkic
zK`-b{v%~C)jgJ$}8p3Xixk%Fqx~eN@C0dSf?1~qWPZvl=X>i-lGNTpW%OnuAt`NK#
zr}@`mP#C|L&?qz>bivk;>v8WIWRrA|C8kI~VoH>T=Xn2x(S8moMF${8qH~;LnWEbP
zLcL*%Ryz6%EyKhk-rzDt!`V=xv&BJ=n=ryzw_VW|P?|M|deDd$3=8&J3ha^UqUY3f
zdtnxKRE8_{TyPABlLU-vR%Rbg%K-U!;vo)IMqqab%k5|cVXWy{nS4uJ0sP_<Id(<F
zI6@L?+ZR~?GxI(KMY~Wk3?R!<-rxz<@>@AH##%Jh(vIC|V9QJD(L$V`(x#QX#D)Zh
zCkdE_DG7}XD(Qu;><eCrbVwH>O(GFSpD=J9Gz#JOqe(~UCRd;i38iHwIAbx?-UkJY
z*M&p~(_s!kBx;NUq|%|Yi6GDGH_n==d@Nv8C3O*z(&)H-PFgMu3N>9~5LG-Js*UwF
zbY}=PtyIr1@`TBO_8!bsHRoG_Whh4Z#`ZMItN%F4r^C;3jN<%e#*ytL#<YO@``sme
zRCpzSu!_3^4487>({tWepv4b1f9bA(crFFkkhT%Jp=P_H5atmM-I*w!n-;_k-E=%Q
zlGvhSJpPmdv&+`5sAC7sF8mRZn!2Vu8)r5%u{i3?cT_$gIDTVEqoN?!bevB?Maxn0
z_E3L6dC57HrXA;&DuKF^_YcX{dkQ!_-8DerM#Z!JM~2B?c$JsYP;3~UrXA+fw8M;z
z%+qwHHGeJ_9m~274P(QrW_xkbtlb<Qt)JD0EgvuJC9@p%oUu>o!kS|FgR)5BpzJ<X
zj?LsAQkcms>Xq_Q;8_bbZ^oL2B7hh2jLaU*av+WdDJ68iwx2I{)bfeNZnw4P;daF)
z9{81otgQ{^<||7gSu{a#bQo0x1Zr2wNm{X!bnJ@f0V9t+7VawC)EOAjd1`W1>8e?S
z{|NUStTgF6?KplHI+lh&EkrYdyNko%sM6c{%}S3O<dx_I#=0F}Y#7<DbG}Q_oBY*5
z-i*Rwwkz834Ab(%P(v<B1&VOK(}0NVD6AvlJ7fL-OBa+Rau5iaQhCX*NbqJ<hwUYC
zraY`SWuZMYI|B~}w2ht{Di~1i5KhoyxWl;riaeW~<wnAO;%uPC64)FS3fm6GH2+#%
zmz!O7N4eq*Z<I{uU5A_+sucoM^YD;s0<;=X9v~#mPDz+k8qGS-S^f)$l07A>U>ZvH
zw33gJ9kuW=C5_-ZMA0lr{e`7M6gqkae2S}+7Sv4ueFIPk?$vx{OOZ@b7tI&UrUIOT
zOn2cxRIr<)$Znn*O?;0>9@))S4Vsh-yE&fh=BXUJ!iz@&`F+u3H1l}LT{A#)j#ySe
z-rR17Vn88g;LJHsLyGZ$^JYKVFO20zhtUy>5(<rDxfqRLV(p5bI)NE+!@e8n@>|%~
zc%bjowB1q;3r90PIFAgYZ4yk)w0n)N)nndRj){)8y)Ke~uv$!Hx#4OKlY(g>$qa{N
zXt6H{Rn>N^s_$58rd{4!V=&I?94zwAX_&NbHoKiRbcsO?Bo3E=CzYlxx@f}@ikYt;
z$8h|%E-}Ej#Bx#rl^KV8GzMfY{A9Q5!Xo|hAJb!UcI@ej>?<t?2|MtQb%><f5mh?q
zBY&QLErJa(57wBhVQkpi!p&z(OBBZpVOLZuDRRi-&$pP)hm3n-8%E>d!~EH+QWP`o
z&wBG~W7tI$bR40gjB*ld@45yshYjZTIMxfMSii>WN&HA=b=;f)+EBf#=Pv8HpUF(4
zg`0WzQqSF{bXbhh?k_JsiJ83rW?r}DB}On={<NfgoIk{b0cpxvZdY9HK$g6gzwY}k
zu;p8zR@SmA<BxJx9b5II%Rr61v>X{)`Bt6EapV#czF%HC8_>dw^1{1r^5PkY$An*(
zzc7_h%M2<{L8-*Uk#y98O07r1!j3?E^zbQ*`vJFn@)=}sUlTt#Qn4$>@(fvch7>?3
zV^nnm6Xm6zi1VcwszJUrO6oWpay^3Ea`I9OCTVS1zB~7|tv}9rA|<#c_Kh~Y#_*W&
zr=EsZJx|C>$eT6(<RLG4fg-<o=0~vQ(!DYyv}GZztA(o(xaRwIGbUGFPUW%i&&+_4
zLf91qM_SLFjtMvCzk*u6>Ul^cX?4Tqoz>f*HQwzmFMSb&%ST_(Q8~c?@`Uq1fL1#+
zCTzHaAT1>htaC7_RPwQG#P~v}2IaKnvE-BDJ_}zEBf>VIX*R|cvL8b>PM~b<n`R1S
z@3*5$F%+8g%V|JEj)(7(FZ$4pH2DjD`6u7H>&qgrglnhU=yt7+JD%oxLtoxb6Jj1J
z-y*%B;|^-MYU4$Dc(q|n&qD?s-u`%d;cbVvdH5lDX$UA{EcVCjWeddbF~V=yI#F6&
zu_%N*watg}tTs0aF3Mjq+oU)cIDk{dk{eR|oJqb#e?elr+d;l0&IK%$Xz(@OmCKiS
zNGN#&d>Ze1%r7v^3^9jS%S)`7RKdbXyo2!u;q8FemsmQ2Jbk#u=Bf{`<*MbcR9Sxm
zgu}0Tr~`f$;^a13zZc@~Q~Vpm`wP<r3N5R$?gan}(I3*ZRT`}_Ln<m5i#GyqFy791
zTT+D+fyoaXsr3a%)WtfNk8aVcB-R2U>Z5`%tuv4yx`Jw0CqfN`YQn4|`M5s3&Z<KU
zB=suyDyw^!L)LyMWW3v2zT|cAYIxpg^)pOI^>KKqTl(VdhPM@@1BMPkdRo{pKluUc
zeKGEXcpb%QgnL=(=oRBfuky5>bwp*>qYec3Z5^Q!X<e$Up9vtI6F2KKJYQRI;|pi3
z5;O<57^*Hxy{oOufM>J@7;?cz3f^&eS-g)6EQJvnZfrmlH=<n>H&&_TMyTWmweka6
z`9bSgqRNexA=3w$e#rE1$P`4eWrT+{m}h0n2zTq_0#i{^Yby~ZA!C6fN;$t%Yn6i{
z%_wSEI_q8NknwJB`4Vze<RusJHQwzuf3D#fqqQU7t>eL{9xv%qcf0{4MSf=uP60ow
zu~O@H{$NGyHky&iW1vj=7FJ>vPOk)j&BWJj!-^g(ShILs(xb1zrMq=1@ne15Fd8*c
z?>&i^dQU;M`XUopBYmo@K2{f0DJFcaw{X)zOh~PpD8Y@CS-TPnH&SYCC*TfsvAQ&p
z@V4#*qVaBD`4XPfl0s^{HOP>K`X=Lbv|5dLXR5y(2&iSKkCr=%&NbG`arE1>y5|w=
zCNZalb(I+Nv%V(Anpwqi#J9{ktdUhu>!8MjmsO1fNhM6am9Zrlt^N2hJOs7#9E6w=
z!=TFd#&{(c&8Ee?QEdxH(oD%dV5{d53`bixk&MQjE?x2zHBy_WBPvc})gk7H@c0Y<
zd2YDFZBxyXawlvZhKB1e_~rgQ`{qz&`Q-jM`=<y%WVz?L8u@Fxv}kt70bO{NVW_U>
zZbKM-deEmGeVXaQcjs%uk8xG<H_f)5eB^Djtur5a%WP}IM^>6`etZO$&V!FEGlQTk
zErQcsaIv}bp>$gjnuKcyhQMvbV$3__cv|=`^3t^5c(Y*K!!~$$Pvd4Nx7%iGJWHc>
z0Dm^D=g!99>L+)at{l*A75Qs=?wEznQs933Ydg8(KWq`gIWj64>({6bcYZfYfE&Xd
zY}o5P1~~kGf6Alzkmw-aLT4=w7}8pkYeSK@oQe=RN09|$5jUX<rxKY?CET4#V7bXx
zLNHWf@@S}I0CIG6Y+z_jTo6e|H64X4zGXU7K;uERW3|NJ{dT^qrdz1t@5ZYuN&MO}
zD}1c9@EUo^DI~Gonpi1x1|SyzsVu~Y@?Rj~VAf<YMV3h~sN~uK=KNWju*?gR{A~Fa
zp9@u1DV)DpI!4pbM@=6kef;QDEghE7a6u-2*=*}8Mqe}AdWg|i&9;tW^d(#)7Nbxf
zPcgd8jOMH4TjQZWo%ujlc7*&DI8>H4uy^R^09_fj-_p4F3sSyu#CB<K<nil2K{kK5
zFo!$KR~-K61J;#TNkEZy(Y>w8HC)i=meq9O6RLKVz4JY;__0+#yRf)?Kf~NgA8wYH
z8eCu(i|&)m<i=@8M3rZ%B%d=rkTid3NK0F1>v`82uGJoSNdzIuw;qlO|5d)A4*H7C
zZ0&aH8q_-ibhTwZVTE_Y<u7;vQ(HJUOyVYg;XV*yrgUL0+VI_TJq8s6e_qQpEj)?^
z-y@GaOXC>_lJw6=I~+)x5h=Xe&d{y!ZhJ$gsQxKoUh>kn0i>vSErFsf<fSG+<y)$Z
z_5Eij=*t!9pOQh|QsOcJJ0e<cQSm^8F|G&g7o+-ThPlI58Rv$%%WXZhMF=sUGPaIF
z6iRFJ7oq^$JjJLS2bEn>hqg?L-39+KWj-es>P|?sWx6nlxmF4{+^c$_&k3R3_$ky0
z7d|Sbs8q}8!rT#&QN#-oSa4lfGej_->cUze;ty`6VaEEd^G6!%J3l`}3;8eF48Dx@
zUh_s7>s!t1Y^-lTucfiRlYGfazzbC;ZWj8SaJ3CX>=(pbY#PLF=w!W4*!m&%D_~Mv
zFJpbTx!K10(0Oekn|a>G`tbRQ$gQ)r!1p$A+-)+%ZXxED7Ug;bY#(F8zmXTW!KB6c
zx<>JxStV!)TRu?3R$X!BuN9QEq<Pi?O))g%Zy?}Qvf6SVyg3$Dc10|Y!(Rr)W*keK
z37K@1jvq|(+a~Mv4D%V@9e7XRt;YKu-fMXAxMN8{kHp0lUY69w#ns*2#m&{l1p(sp
zx&nlLp~uznG?-zhNLre_V+oJOhWp0gm>rw=RaJgzcdG36eAiuQO4R{BE4lxULKt6R
zdd{~iaIw|a3V~zMer($v;Mo;@S~Oxe($`~A-}9Kf_${y%W2~3uPQ6{_VR-U(mBipv
zCiRN3S1**{KAq%tm5V{1#sOlqxTIk-*I4CpyGm;C6+luRA|1h1$5dI}@?(XFs{u2r
z)Qk3hja9N3`+@wr7-OvmE~Mmp#BjTJ%R4ft0~Oe-P*MI(f~5(Mqy0!N#s4uycNrza
z<V6rYJs0mK14Sik($?xtqb)GnUUdYmM;!px0a%}Z5_NU7=E7=$NCUm4Y|(FwAC7fC
zs{}zt9w7CS2k5*sY*AGq(qQ8%TVy4SN)6I_&PS+EFW>EnceG5;>An1@vH&Dw{0J66
zFqpS^FYFRjX$W3Ra0|f&#_ZJuts`iC{)aI|7OEkpsGb73k=)_BLLU`l{Tzx+5@_I;
zZ$D(PG{&`>@1P{=pnlXr-mLwAqmTIhVU1Q7r#|BQ2QX<vA3dOd-~y3MdBI8k+&@lL
zJYxUoyy{63b*Pv+C;)xoM;!#g`3u!(aS+)&|7*T`@`UbbY%kwGb$0t~p?}a9)GZC&
zB=k>}Q~&72`bfU@Bwq+z?*-Avdr>FESO`{2u+s#q0bhI%QTL5TN9qO6gbtDc*!=JM
z$7#&rZkq45ARLy`#E5~{cQ6KCx#C@bkmErq<DNjP57wqaDeHbTSR{Zk8;I*KHwFO<
zb25Gur@##fI~%^s;9>`#DEN9KHvEr2%&Rn~;`c0=Jh4d|ek31jV~c8s-EOUg#42T&
z<ye#NM?}5ccP@f7liO@Q<@PS0>OGB8Cbx71*f(s37L@zuA%UNY|InL?DWV7in|0%1
z(Zcu27m+gtYWt9Di9(aZ_u^;PGcEfN#YK3+T=Rw9&O^teY28p<6PB*VjU>*^lW6tN
zPRBkTE@YV8?hYhcZnvTFH~~txb-t~Uxft33^OJtaF}c+W2nTosw-o@w$?&k0lC8%U
zJ#OidfyRy>e%MA<+Od_!%ZdD1CCi<KY%KBwVvp{j2&D+ux*lYNj&R0z+l>n$B+qi+
zRTL|4{~-nNt)p;4Fk8cNk+fNDz>s%idH#H9r$NshqG_hahQn5c8gSfKBxyWJonYJ@
z%Z9g~4mz{UjSM*Xl|sK7RQ!gk618I?U*0~LufJ~(zW(p>MjFFo^L3~n2W9Qs6HsKM
zimscN`<i(TbYkNJz(qFJA`knL-o%P+Qzf)fWCWta?rx*#1RWD(SMGLHP~&O}!mIKI
zvOTNW$|DZ#EpN}~!{Xk#NS8IMuDh}J{d67z#@wO6rpS6!2$OhSk`EhA{pD1Zy{ppO
zF)Hj`+d0JpoZ|jYaX+WHk5gRc6qh>18K?N~UX69tJH>x>iq|>CuR6tZoZ<;i@j$1z
z$|<gNinnu$2ROyg;}}j5q`fO0$vNWdoZ{~{#2tIXQ5+T~XZ73xt?^R5_BJEM+RV^W
z%V}gIl4GTJPU~HdvB}l?F2`b$cMs$IVRs|_IQ#_2b-3)d)>Ursk#Etu8f)v=<$Bj@
zeaJ!lyoI`ClJ%84j==y%$S#fGv=~@GIA$q=4HEo*Sfoa+71e+b8s{sPtKw&=IQ&pJ
zW}8HOV&tD316Y&WfxUCac+msD-RW7yn*3PTYMPRawL{=Gxaap55*|pn8k*D8zmzpK
zclZv!!f!BmEo?4&3%B70k#Er8AGCvifSv8;tO-}HXwtz{jPNwxT7G(iqhK0chqpfe
zv~3xt93Au;_8u=v&}_gLLF6>0_(BLRl&GUmeSVEFOUE~u<pf5@q~Z@SWiZJI6PWRc
zWdW7}SSpjt7?@xthzW(+6y%k_48ebYkLQqX@_>Zd8CfYAvr=;ny@P{7gVeoqlN0jh
z<TZkWl0p5S=g}mP^=VVQePa5u7>=W544w!v>?VfpV))@7%73#(z`rVnd&F>q7z()z
z(?U##is48x%n`#9F}(emP~x;07Krt}B!=&b;g@1qBZl9L;csHtLM-1)42O#01TmZ?
zhD*h8y%;+9eMxL*tQcy<P$`D~VpzXPDDjOL?i0hcVz^Wc3&k*93?21Q==j@om@Apl
zc$K+$6A{5PoSBI~tCq&-F`}koJSE|sBV_Sk9e#`yi<moIIKfksgsBdX01sre_%T*E
z6D@|}OdRtR(;fL87$u=GmPf+>Go1)fBs%?=FrH4p)JLhek<J+KG=b+W9DjsOphbiR
zFmN95B>o%p#{Y??bA2R-aM&ju&-XagPR|Ch9zKE3U(3yzUNmU^u?^1o&h`BnJ_dg*
ziR72X<nUE1lmF}T`|J9NzenSN7$8ecPld<_pTOt8PaaL>CG>-{T$<)P<TH;c<XKUt
z2=du^EW7$hr+G0I+gnE@EKHbisE_hiyVtJ_eXV^rNz{rL53YYZp+iYoU+tRUSG?mp
zzjb8BN1v`q>AQ%1vGvW7#r}^cs}A>g|KiAtBR8ksYv1*d-`W87)#vuN84$Czqp?@N
zlH-dWHh(EG1~ZsUNQq`OCHgHD@!3o^QZtYaL_Wo5^CL6`kQj{1Sr{MG%Z<;&=ucsW
zI?*56gx1I=bvft?G#^G!iTOAQ{APkuJ~;h%Ier-ZDbQbM`j5)-!{{lQJn%Uc{3gM^
z{rfV082u@*d_-U0K>yJ=ei*%fS06(Ehx8#-RI!Ki`|s*QQ;r`-|G%ye0>=-d_y0v7
zoH>3N{eMRvh~tOR`+I#5#^F?cJZ51|f3Ssk82zU9VH7{68)-e<LOhJ#qu7T>;rL<n
z|ELd-%JIYKJ(@oJJ;x8D|7U%8RE`^MJH;MG|L^sK)=iB)`e5yNIQ^#j5z~a$!?ok#
z^d3b&9);tF$>Wdu@u(a>jNYT^$KP}OF#3Pik4NM9Vf6l9A0DR5&erYW{nu0<9z~b`
z&L02${P8FpKTIBf)Q3mq_+j)OO&|WA<A>4zvpzg3$N#hTqN#Q~s($>vF8_D<7Y`nN
zO*wwJyqo%)kIM1G=slW#{5{7HqyK09cr=c4Q=gfVoSj8~t$j)!RK+<?nzJ`=m*+-#
zobHti^V$U#T)S{9Vt4ad5u;+Zt4qcfWKL5{(x(J<y5c*moULv@s%zBCDT>isE`MFE
zTbZ}Lv!cJP?2;zos_aKjvu(kI@Agkw@I#)b@0BSpFO6QDa_3IJ$KP2pCQcVO`s3p7
zXZigUy?NUBx6@nfxF;b#9=H#ek(Fmi%FIj{uhR`rNSc|_FEn9%Mi%~%E_Unsh2n3&
zPbHq|kw_(s6e*%5@s~0FDR|>O82?ar#=nnWj>JpKcp>i9$2~_PcW2}&9*i7mc^~f_
zNq~$ANbzO@;ysywP{hah=d|hR!?a6LFzw>~nRcNqnRc53>RQ$M*R(ME<*4xU8d}}A
z32<RNe{oS$npW974-p8l5gm|%*Fmq3P)^dplj%_0wl1KyRgJ&7MNacXzgW2%`0c2!
z7O1N^>hfdSz0_EjMCHw>LIW9<M9H+Td#tuiO>46v$3L+pHf8wwRwHcg!88vIV46$(
z8Lu4AL>cAr?UgZJW6<8VUQFB2R!rODt?K-1Th#cOo8|Z>`oy*g@@3i;v||F&+cW->
zfsAjhca5jnBgZ|_EmjJ?s9hT%P(hwPkf%4~>BacxI^^lgc)bMryu6Wz_WDD9{$r5u
z?!vg|x~K(NG=nUBAzL3NAXk(HFC#hN$O}bY6SyDX$O}c@OCmlFFxnYfLr$$AC-h4w
z`bE-$QJB#W-MyLCp&?9bNg(4_*R0m3#>*_r@kn%s9H<TSJC`=SyqUJ~8IVId(^itm
zw5)AjBRBiz_#_HA^mpiap8L3<<%rYgpXc9`!2e<4^;vzP_v<|w=E!8_@wAh6JFiTT
z;s$Xaltkl6>Glk>2noNErosvoCBA|FsyH6fU3xS{55}ty@r2!3`~w?*z>5|0>vDwh
z6=J9n!#etHC7z{X$S3~d6Br`mi}k3*ay4{$7EhrVD#fs7rU1_o!@nTSXJz&g@ashS
zO0k?dQ=}t?eqv~zA;1&G@bBm^68VoU7RoVVxeEHz<9K4lur5PLSBRlT4F8V)VUhn0
zBK<o09VDKmVyF?r+G!$O4Ao-zcl57{{QDV&^0jF~SSW^SF|0`y;bN#1!@r}?h6?3!
zMEVcIulbw&hn4#W{{L?Y$ov@QjaCe^+yEPgaBXXb`5os?>kvL3z%W-4r@s~6{xSSM
z0yrv!PvT_xB%DzV!fPFXi}<eyHz{!k5cqVFY+q;CO5h(x*tQG)`5wfT2+PFyQiP+r
zq8!RjKv>j`VFH1(5aEp;46_XIdW4H%n-?O!4B<}PvN0fDjc|M)lmmVy!o7Gi0Y8ke
zbBGWRL|7um7a{ynj9*1KBvim*5xyqID-g!uf=Fy0UW9IRQ^&wCJ_tJxVVF?B0};Ng
z!5JCiD-j;S`vq`LBJ_^Izt04?Kf;h<0?z{xP9DxMn{)9`At8KeB(6aM=QKh)-U7h=
zM&V3l4D2xCdW6s7CHXHx_^BBG0^xUYXb<4@?@~33M}HyikB}4N%Mi91i~a*#iLeAO
z;Z%-en8)B#5ufB+Y4H;MM1;fO6juZO&-0H2=-yooE}nhvaER#Ak{hnx<>Qb1`F=xL
zl}cCWDK5sa9R5Cb6^mcD(Sti9U8-2QZWnH-ttY%Yxas7!4l%kL!)$7lZQ`dGLrKv8
z4UMoez?ejgDJNLgW{eBKVmCJ8t=@w10$89EOu7{~fIaB>=U#&#mH(7`4S7sdfi@HW
z1Y43JH8wjtb9{y&Jw9m~^9|r*^D|N+b5oH6dxrGT+|(vG8rR{eV^T9ylk!qyvf>O$
z$umahr{<@o#N}jU>9dn(FwA<lF^0_ORKvK`+`NqJEM|kt@KkN`Gx-_04=eGp>xh{V
z`5BohBT_PlX6KH~&WcT%mYPDWG4+y|Y~le~ObzfxB;`;w$OTGXTuy3oM%tXnq~vt)
zyB@fXb`gFxYL3XC7MY%!JR_<A=lO>0ycxM!nL()qz>Z~xr-Jv~IkBm^Y1z3mld_Ui
zBeV0dy_3tZT76JTW+pS5+7g+aGiPj8Ml$}j#5hB4M%Fa?hXF^XWaJTFBU23#`DtmX
zx%!Me1JAJ+pQlZkMFbnNb@-S2Ag){k^R|S_j!89;lpm1)m{4Bqp9X{m`t2W_&)5A4
zp9kSnbpl_^DjwE^R~~nyE+#H0?x{G~5oYM@oIke)%dggyGczh{T1HlCWM+0=Dqxd%
zSbT0$R$fxF0X-a%iflF0iH8r($b<m3DJj5g>r{GFPAYIF{;{lfYId$cje9i2K_s@T
zvhxjNKratOK%tn2$7D@UO*TL?W+&yQX!GV|C94?~Pf4gv2Yoc8M$8$WItOKZ_#BZI
z&q#?A707dTcJ7S0)GP<31Rme1J(1ZnXJ&vYW}#C#w3AKBO36$W1_yFy@VO3sYv?C!
zR!T#h`V5$+2hq``<{5Ic!EiiZe_Z}lebSuN+@@`LkuND|DTZ3AK@bI)fi4-SH{^V2
zv9(PK8=YzuTRkQ<ITibVq6qO%Y*Oz!Y8LwJ8NQTAZ){es*cYO3(`M()NY2bM1mTh&
z{WFl`Q_{p?J~nGAt^(3sr$$%=5ApZ|Br-E8FAwYZMm(Xc03WX#s@IJX^zuP-$^RXg
zgnmcBz}+uw+GYvAzlN^=6WmjZ`5(xMW`;Qr|KN|$dDl>Y#^JWb6nvx5|8ckpGYbEN
z=oEw_amxh`FrFRK>-U9SJYhZS*wKT_&EI5`GE#=fyA!hb3<N*|dIsFHp`H0@;+>gP
zP|o7--=Hl#jv6;k)l7f9p}1X!cHr9_Wg~I=J`;PvNx+{2Zjz9KndbA8a07*I_&knK
z3Co=e-08?oMtx93JT8)%pdsATNyW{mRKSyYUUGnw0sJf;FP=$9p7H@_!AhL_6Ys*^
zSS9S-SV%~ZTW?B~G2p)(&>X-#f&X$r;~9MC0A|1)TDn~{4e;4~+fy2-P#%??3En4z
z&Lp%o1L<UxASn^;V6?n1YMsdU%v8XiMGI4r4g>uZ*oUV;V=QDi6B5%iTBZ-mk3?M&
zfF<*}llis{V-!v@7zY};;JC5v!fjtAPO|d>rTbD8pTl$EI4jZNRwF$FnP#9xeJ9+i
z%0ho+I`xVJ-ytt*X&z`%Z{(t%B;Yg^GNDq`vpL8k=}zP2!8`z_WIg~t5h(FjeXT_6
z)sR^*(_4%^$@8n@`5h(JL9(Tq9r{2iL7V=HZ$W;7cBMc@q+QN>_~)|Jdvt@ksqPR%
zy)Z^3qNX}%{jo<Jx36`;m!S9Q{-}fF#!-W{B4{zt1G-_F1?kW|EN7kelx`q|f1dyC
z5=i9jJyW~NZ}o)L@2~b-vwV$mZRJ{~Q22ML16HY5v8yJm%2`#oYU!%wt14E#ziPv(
z%2l<iEUW5P)vsb!%U1iX4p^;O&906Gg~ZkAt8-QttgZm94XZ0xn^#w_u33G0HM2&x
z#&1o)8s(b6HR?5CYZBL_ugO_cu%>X$!Zk}#r+H2F8q1ph?ZW)u$3OpXjJvon>f+J6
z-939OU>Dr+m3X*R6p!8v&;}QYB-mT+>F(CEnX5}%H%6^@_v-16gUsS5T_n<q!RmqP
z)=m()+S66SR7h956f){gPUWQju|M^%7&_iR_E1(g%kjR|M_a9Xs;;8gZ?C#o`ntN<
zwWz|?MdIQjZ?&+lf7hpz7iakQ_qZJ5t@dqTO5%p<i(cW`aUCmlZ|O2N&XJHI5g*)I
zt#C(<N6Th$Ntp(vK50g(GBU$3C%A*U9c6g6RK%yJD#yk}jfo#KHZEQ%x~RdO)Ez0`
zyJbMS!H_fHi6>^yo*k5*hePY!{5(TYa`w#N_Ugw7#kHmX*!YpXiNw&1+&n|?QB!H1
zpzhGxH@I(bpO9cR|4c-(zxqja|KPAtbx6O7>Y@?{tKd62BKR?N8zLub*&>=>_~t4{
zVCj|)|2#D}*iYSzGCf*)pdDByrUbWD2N1-oW%I~UBSz^)DI>K?eFjzxsVTud)PVwL
zoy5F2R@*yR8J{sTRSA!MCKk!llyMo;vaq@-mUMQOsKkwNEtbg9`4TUeVu^&YS_fS?
z^`z`Thp<g!;v!~tzOiwSyL84|_lga%k<ag|*xqsEU6*INZM+_N+PH}Q{fhjxXII!(
ze)sO0X5sC00r`sy-f5k2KPF)9_uCUj-e24!{@K{NuWuiI@yhFSPJK6L*{N4U?l&`j
z*?DJjt6poq4SejAK_C6}+VLAZrG8fiu~GLrrl(fTf9mxNbLU{6safwOq)Iw%NZ!*q
z;PIa?|9+eq6dm+_<$`gOrRQ6=?wZx^f=;eDvi00M<7Y)=GwH>zAHP)fT^+Y<y#A_e
zY3EK~b?&*`C*pF%%gdI(eEpvLnIT_HdLw?Ia^ug_zlnZ!??;7J^@{IqtQ|6TgqLS%
zS$_B986UqUkKI{+(9;FlD_K+YtGeh0uM+LMNCVWZ3jNPsOELJb^dI=qx37P&V-kK0
zHt@h{b$f`teKTn*ssG{`y+daF8uH%DpSE1_POaCS7Ja8L<omF_Tq3bcrLHdSX0;EY
zx1_X-no+l+R98y*sJ+}}7*lR;9<DNV1i?E>!_`oqioO*g3xY+JOwP@0s*+DUND+g8
zrta&YCy_|Is~=Z)b)?mj1#Luf*~xi1P3bu+28J3GL&AI>qS9y<%{@2a?N1YzZ@Og;
zzHjT86?@yO_J_+wA9s6U^@V$%p8YlNCiAcEkC`4*3_dqw%*#FZtm|KNYT&f-EBg1V
z4V108)PK|)CeQiL?M<5hl&Mcwuj%XC4z64M`1@OSSH5tkm6X*EN;rM>?Gegg>6z43
z*N$X(#I+jqZ9f;Ug*MHP?rQJKR>RL<|6;7Cec#{~L9;$R|5e2GyR*h$-0J0~Sw3OK
z<Y!vF{LG@%qMx#Fn(q87@8iu^cAi<B{h{}$t~V<$e*JC!^7Nwm56#C4ckS8J-&A$`
zz+0K840q4GRzGUj3a=wiFR5>1t$pY1J#{a2y4-tC*8`pJ?yeh9GXCQMt$s~j=GT65
z%|3Op+kF_Q%Yt!g&iu-KaH!zhSARL5_{8<T=?8i^%gme1(~JLO!~98fD{p{;#9=-r
zPOFS6Fkn+5HAOitDKjG_iFQVmk=Qfh$2*PtNG)%go(xt8hcuX`K58WU^a<(Pzi)q-
zruz<q<JQt6EF?H2tk09dE!EB4y+uPm&_&|P8(XrkPC%EI?!#$ACeL9U<t_bVb2DaP
zlR!BtcUn?b#<M&}P9lNDZpIG;X>%X9e&FiKU^!$+me9vRjH)K<=i@a3J7X!i87b3J
zgIlQm2<YkK2@9*#&VpeN?yOc4%*&?@wu$mnW~F9iD&td=)3dTOv!~5b#$+W2IdEM6
z0_Sgy;@AFR3yZ&er)<`q&?%DUEw6u`ers{Z6A4GA=WkhQI9}JOOWy6?i`?(Gcs=9S
z`2N?9b={=8^t3E=!nRSFUj=+xA-goU*&^3{8e4_S%o%r2)u*gq($V&>vqx6QmMlvf
z*5b2!>D@QwoH;$!5O^$c`S%|tf4F(f{cFdc`CzK$m+87!QeU{fjB8okudt12;3xY!
zdp|KNy2Z3DibZ1wRp*(e%%AgG*2UngoYW8hwL7-*-Dcjtipv&*{GOt0*8H4nuMCgr
zSJo+N_V3ZFI}da(=<;NUWzPCv&%b?faL6asVK;5DuU<T!_~!8YZ%#WF{KT+H(_&i6
zUmeAi<YjOC;nF)7`pM^iT6nPL^5wpQQ7o3!LQ?0On8gcAZYq7O2j7*Ro;2af9)ms_
zdfpi0WEQ(W9Tgri==E&-nz{Ff|IjD>{<_!;P0gZ5;UCOmOY~^_u1##BEA+uLaRDn?
zP#*z<24gDqQx7FPrF4jTkUHGmhgZ~1!4emVyF}en-Q8jDTqLd9lfBEsl%AKGoS&OY
zb9r`3HU&>a#>T0~5}l6Hk!rnqSOr@#bb-#v+zPnKNdh)M@nX<9#$4l&qY+0FECyVp
zmbbt~3mhzf<7d?c>R3lw?c!7g?^=MJ|9TY$wW@)lWP!tN;f=a8*Xmx>zUI=d>Mj+X
z90g>q6$*7rpXOuZdJor*jMK*T7DxRbtQkK8^t@km@|VOudiMnbN8FqL`s2O3`%gQZ
zk>grixidU&-Da6SZ@_t3{hTW+TaCWo-#cjH_nj}jwLsEqXs=g_JAHn}Wp71z=d`(D
zBUJI0ZTFvkC3pI|iaDL1dZOjrbGJ7={(V&8)h`DJ9FV_y^~9Og&s@&0dFuTa!y<>q
z&-b4<t7b!Ozn^Zs`1|iiE}UvJY4p|^-Fh1rz8EpsU3Q`%ug%7<rrtHY71sLh%dK*5
ze0A;1WxF-c&;O+Fmxtea@!227|G4+_W0yK_{o>t}8B@*eh6VQZtS<1X&+PqD#wTN6
zTHEE`s=+TN)xY@R>o?p+=ogPW5!&sofWc?Ks(tGErEw#;qwi0?aZBOl&MeRPbkYfR
zv3qCC0A9ij;5YMRuFYk=)cw-8B}1lMjJoJ7G9Q`%N}a6Tf3KfMdJS{u+Oo6L1P}=y
zH6twprz&LnwfTnh>|A)fywML0?xS`x`u&k?H2VL66V=~2r)BqcMAi+e9^3KeQ)P7%
zH=lp`Sc+m;S;;%S4|S`rjS5?{O|o}XOW9L3!SM%=EKOQ7xYsWu6bUDP-aWnZYwR)i
z$WYJM4;)qRd0TgH+{&L1UombgI#PYsyIl*`p1u0&p8P|eIY&qTxSf0Z!yN_g&%g3b
zQqk?Rar@W3`6=^xhm&7wrh2|^92E8Kh}2i4hkyTV|D<QX5Aqo_w(t19tjYAtwsG$a
zkA1A&cgvUVxEXYQ;RiSJ-*|uUYPU1m&#uq@xV3rWtu^OHynSrX#^;Qm{p`1_XHf3?
zFR#DSedU;`dwb37eCK)Hvwl;OU(OhD=J`!4Hje!4sh#%Hf9+Uz^<vL=FZJqWIg@p6
z%81qlhvFP|cpmKVvrX*q_D|-y4EpWe8v{!gfBbXU@~db1^f~EdhaYIBX^GL`o=O&|
zTTq&JPi1O%_@yoqM*To*JeUxbQurh45O*n}%zw?~>ZyE3X_Purt*sbRF=#>f-<sSe
zTHc`Kyrq4{Vbx%0Q`O0s4MblWhW3dD!VfdFIDd$zB_40KAJwKhElDxtU5g>9w2@c0
zwwj&Y-16Au=_Akl!ewq87pURP!Fyh3y9}ytW+{B_`b?#F$Ci5*{Ht}S;^N}?JG&~G
zJVkBbnX{k&Rvf?Uj&0}eel_a1e_YjW*@f$KEw_6WtX_At+jPY$MesMlq04u~joMRU
zT(jrZgh8k8e{(n9KJDe1^@DrP=(SolcN|;PCty?7x}{a;e)z6Gx8TS90h*`QUU)V7
z^G)+N){mE$78=5u4VW;s!~HRrF0YUCTyTHM8|TK2JM6K+R3*I;=bf27`|75SS8q?!
zL?+4~`zRoOv!8TveKYGJ<Hl!y2^~2-UT-z_ux?OyZTHpG#m#J`m%HEJIPB6d>j%Dg
zOTX&N>ekH?wnvP()VA!UBZHOmzP09W{HdcM;jQ>x%bwhn^sPs$r{=#}*sAvR&yHtp
zIMBsivF=!xUqiUB^6RP=oUmUE`fcf``$O+;KR0Uo*89hNdrEH{KlVy#ud<-Z(s94+
zE*Z1R8nV$ATfJ(-+n088173LR%GeVpW`?#_`=)pH{(9TByuP`+uf6x=kxP;5qmG2`
z3_SS4)N7GzKl$xY@S#o<l7>FLW#6;!c8Kfoetp8|jsqt8$pg(l7&yZ|>4){hy9Ijn
zF`av}N8&TncfUHa)wblFNv}*>G(2eghLJ|=h~OU=Ki>J)z;4g!UOaJfV%>?kzlMG3
zzvA^~+{Q^i{lLkazd1XixLv}4lV?9#_(b`5b$oEKrc_<5DRPlW)J5<8CoThA9<X?6
z+}5ecfq&h&vEvg=OVl<ETQ8oj!9GseQf#L*B75^LePddo?$TIL8jR)fh{uOtUDN!T
zn_0mfau4)Ly}7e{^J&f#C$=G^xPG~M_loB6UEX+gKrC}`^R8E=(pUTgPVDn5nx+j}
zwC&?Jp6LCJ=gZdLI^}#gHX!f&nw<QzN}uoBjKA{Jq7~eZmn!d7hE52*9=3aR^UG1+
z``Eo--?@0ZI`wrXYFdT5dA{8v;<K|`Kb-N?`nQs9CY|eK-a2KwQL*FxPm@<a=5hV4
zkEXgMOvrrZ$pr<rz^y}896#uB@cFMktTDWPc&a_1xg=z0?MsiJ+HBALaBEDf--jh0
zT7Btrk5P4f-%99|{qB%L_ZtImSBHH(>BgZ8W8dn3cFc>r5AQQ4_|4R{eY!k*z-#xf
z@4DVC&*Rmyok@E?Iy<3wUB<Wb-aC2g;+e<iyfdnsw)UjF`R0J9+7_-V9;{Ipy9{ZR
zo_lbyiyEL_yk33qpSt_?=UqD|&6<p@E62Vf^vJs*;UR$<HRQMj%duw`rVb8%GPqx#
zCqtf`_$M`5^i%Yhf=-jUj;7z=IltTzn6v&Z?g47l;kAf}&?^H@oSArS>z<Xeg)3Lc
z-fZ43f55jrKTDZ^aa`cc+UKH=c{ZOsbMd~#U8c;wXYbs6fMJR3+rC4G`v3k#wCY~)
z^PinPs#>0#)<0<ZfI~YDb{vyGX~Bve3kRlmt(>y<#lwfjwPiztdd#&JzmxIB)b>Z_
zJ$Zd<C+?Z7jfW&jr``z4DoFSHbnx1*Pwkm<+CyEr?&}k!8C?U*<MzJZbDB@h?+MRy
zPp`awma{&V@LI^lpwZP+K7ac8$2yI9v(>ucts~uB{f=*ae&DFxZ?x}}xB0lG_WnoH
zC9RXa*S@m%y)~iF_Fdb$Vos}h`&#Vo_1^iHZCs0=j`;q%Id^--%)EI6Kak!$wZ22B
zx;Xr9<M5P9f{Vkg>f+X>23gbYZtG_OngzAu*Wdi|D%Dl$f|00BXe^8!URoJFbcZ*X
z#7|2zv8+_-|KX<hhWsr5_*?Hyxz`h)-fW#Sd5G%NFo{0<ch@~9z8zCh>=XFUrV4h?
z|JhXeXH!M8=ATU!I?ecJQ{|scm47x>{_>FT-`@TIXH(^$O%>-I;U|R6LzvuuHdX%F
zRQV6zRPj2gF7~SV-?gdIbVXEAwB!LhE6v@##G5vrZKT1t_#*lDH(Q=)Sl4+<gF8!=
zGcHZY4(@bQb)`CO(X1Cfe&fAgDproH%(>ZRw0G*;$JUI0z>0ay$y*(B&Yjvi=kl0#
zwu?R5b~s;{&~x<0h|Ggb_m}RR{^`Wt7Po#c%)9o1c4LW~Z1InwmCp`q-oNLQAAPp|
zx!=}=ue>(*#l>SZufI8u>993n;U^t0O+5B^->Ozu-X1)`(`C<XkCts(r+)QG+oShd
z{S^HCftc^wtXkHyI-_mIr7v&vegCKXm!98veq)bq(biWZcdXsJ?VYWeRUh7M*=_#9
zzQwN(8=sK)mCs{O4LR2#?_OK3euvxj7P0H@F0pNSI{UHcareK!dyDIQxKoPzcg60T
zhgm`jJ<AeuKjDfNaK^Uk>7J&KKke$eedWp*&u8Au>%V?qKDYhr!?Sk2`|P6kK8X8v
z`h|Y){;=h4`&GrV8R}x$w1$PRt1DK`vhje$HAt6M%`zQ88XSlJdDV<-H16JxPW8jW
zxyUXp`dwXg7o988-4sk6{pU5aDg2ijMfHU8h|}{Im)z@J`c&nR(h2Kty}M)k^pcOa
zgl%zAFz5Yt-|`FU_Wk&Q?UolVKmOzGNo$w@InMDLHcUeMOsptcw6@5kE?V$Eb_CT+
z-2<EVID+cpbk(R&-+m9gY*bM!t-#6IN?h(L5l_!XZg^qIVO8ILn@%6Nv$Ox$+0MGi
zU!VBjdb{gCMC5;amEo%|3|n&wM?HOW$np<^4xMZv>C!jDyYm;9?|Ehh{?M|;y6vC$
z{_*Q?JO7-wrC0s&wa;9M>00nn*R4zaD&F8`cl%cJlXlI$g-3GVHHF8HZ})6hRcDvc
zn!eM@f-`)7?4K9Y|BY89rDJ~S>2F#wQo8mF&HDcDeyee*9gu&2(DP%LO}a5sHMhEQ
zLYsr;vtLeVx#DuWE61wB>n1OWk#%~j=H{2*oJ<>)klXLM-Nh%C%a(oek#1DLe*d$r
zHg@RKtVNjlvw^d&=EpKhY4bMM_Sr9tye}(yJb2VIhAdZ~oX3mCPG1rE(%Sjw?hV=7
zx`TH6SC;qYFM8$fz4`S?3r);mySL=ry{|u8`@@UP|IPbd&+mNk)O(o|qtkTHEj_t-
zX|8rj>s?JRGW;*Q--W@(pYF$QxOHL5$06r;$4!{<#jck5&ner-AN+hs?2ymPex2c&
zY@Rfk`zF6_-VV+leM516bgM3H`drR>X~eO8K@&SHjPO5@`{OBDY}xc%DVlNXRhN=p
zQ$*DDV%Hll_Z`Sh+O=f;;=`e1LTmqZ|KPois`O)Pn|JYZzqe_Z>hb-jti#$Z88Z0j
zHCz6i%*9jgblMVox$CMUY0Fw<?mYMD`WH^8yXGogcFjAx>}IaV!10!`sw-|4?e`Q(
ziidX`B7ZaFjk-~X-~6Vu=;)y<_l8+ts=VWyo7dYq`)>A<z-I?{*dbeRzPv;8DR(Aq
ze___XxAgHzHPg<$Tyi$}1=p9ZynV@fbmF+`^x82o%M!4^{tWilXYww_hyStr>wXV1
zoKE|$6-CR{Z5w7P?6UhdnT!5npB>YNx~CJei%)PnHEx@#act9X%=4pGPfx#Vi+c6O
znHAf6HG6O7Z|Xm~8#$>J(b3=4uamZ37o4_aiFw}n|JUA`$3yk@eViHlnl+Jq-_HzV
z-?L;*5h2-^AqGPvVI~QQ5LvTtMLQ{Emwl~}>`N3SOOn)cW~9__dtR^m{yq2ae!ZT5
z%sGd1oH^&Z&gXl5uJ`wQGR+Tkz2+U2Jm|E49PxbjBmUbwPs+SrIE(g~uupGg-8hxo
z3W}0ERygv20tM9+2<K=vaY4eY(Y?9BYY(io1n1Tj`wER7%JA|%Ts;^}+Fh)fb}u@c
zG{w2Bm>_Lz5W~VuQ0D59Re0%~1h+*vE7zsqEHqK<YVqeW_41Tsrr6;JCV3na>|d_D
zggj04M`EQ`e5S8FS9GF~*Uo{?2arX3%x5M0v^nlgX;T8Y^5Nw~qJ~(N=_}6pvz#?z
zbEuAjq4`VHn1PFjkr}Ju<iZQ8>rby;QvQVUChDNm2?XEY_R8Qg*EqUIx0`l~^f)3!
znL#H>p-JtPxA)bQ8cmj?bDbAt?we%JM2Cz$x<KU7hxr5nuzbh9-z;2M!KVvu(gNGy
zZ^Mee*^H;I0QnYMP^AxUD>Q=?NU(Dz6SUGn5|NMbG&|?+JBSzQm|gJ&2=sm9^~e|~
z%<a&wAOq!#^4uW`L4^5;lcNX9({UGrZHRR6L7`F3z96dT<Aw6sh6LpRneEs@^2hJN
z+F_0;e>9h=E7Hf2%NWdLJq_;T;f3;a@&xx*=K>=j=^elkK)__BrC~BS_F4|41b0?{
zo{jzYoiK>#Zl5sxw<mlMOd16fM?p#vJX`Sl*&|PaR1TN1pZ!TB+Vy_{Vs}<vht?zk
zpF@1o_cktGic85Z&pU!W<0#f0J9Wm55}JP@qJ6w>>C*(o*GjK+4*3pdYG8(aLUTba
zzF5G$;+aeEi!D=vhAsr0Bpyy`*jtC0pQ<vPvY9Qo*bb)-dZcnzXp3rE*VSxZNP6f)
z{mK0nm|T_gI$`1Q!BDb#DOAT*-siRxVx{JicGB!-rL1H=Nu&?-&9AW7$0n}`LQix&
zrA*9oJP*4*I^di+D6sHiu|lK!mjCtplOn-GJbEck7f(`t&{yqIpgCK0s66@N)XC(6
zEcyJRQGv*Dg!NM$8YBgw48qC&_Q+F8i;N@<xi=5)UwAZQCLk(D*tJ4ey2HBM21A;X
zZHkQ_N3nem(J7$B-&s^}nQ#aDfI@eHFS*w%0=UZxmEu1t#k9BI9@XRz)&Qh&{0SYA
zI3St_!qG5lfD(5bDH(_i4;deUF$0XaRbmEexD*^FEh`F_hRe#z{)F4KD5MwaHSjL;
z2S0pqL)Zi?$I*}t_~H)BN#p^z1IR3wET?dXZ}bT+m%wAE$>UK%FLxx$3oQwv+CSPl
zKOFeh+QB7!dj~)9Egt;*-sW-3>fjGtyWa*4F*{!z<X`*%H1M5=0r?lFzdQqw9z*|&
z=ivJb!MTf$!ABV&9b*m2=&Nm`P4PRr5P85*Dl%;-d(oSH-A~S0C;v1T71x-6<!F&Z
zhyB0|AHPdr^*+iK??C!a-qUuS4|Ea|DAu1VnNL@^4v(kBLT&XdB}7AB9E#sllAYie
z8+Hky>be#uccFPQyy*PC;rL@}90{qSrW`pBy|gJlrDSIIx#vHqBkv`PQWDp=AQSgh
zto<NQB-i1~J<{o%R!1{!!X|6-P7ofUV;3{+7<kStW?VLkq8K^n@BV}mmbxeO)YkM>
zWg!k)2(8pe>{)YTdgf-`47HJ{W-aG@$1f8%*7}{#DyFrz5{*3yqRJDc#=6|`jGZ)p
zzh7&4b8@IM>qA7Z*r81`Mc2<97w3dO5Ma}Fw@MEA1?L#~8xqj0wB=g7&ox>z@XxKS
z<7~(eyS7D^1~8a?HHavpyRlXJx-QD`14qt4oOWF_wJM2Q6(w!)9JDBRJ~fGQyzxFo
zpiE(31ntMvz3anqESxSQ40^BpSZk}sh=K%!q`xQ(wh2wH8z>B{c$L2o+dM|V$wpsy
zom+kH%3Tv?aS`Esat~)NxPe2{l!(&0oVH_D>eWk?Z^p}~3|X(UC0?_qq>=T5@@Oe{
z?&X)QzU&>8o=8^8sThwTXR>b=5dnxQG7xWr%3tpjyeIjovHEp(SyEHB%=n0A@@9WS
z!TTViN$05BaN)cx1^`QH3{LvW?a~-(B(-%wLeHr&yv9)fMq?uW7L9=e0IqXG8H9g4
zvX7uppp<;aD4l*llsI((zLAsw3<1KFFt{wJE^v7ep9fb#z7nJqF#j|;#6o_X;{(Cv
z_&~rMAFwyJ+i=`CyxM=(PP}hlYBm4X)#HAh9lW<wjxIk8h03_0LYt||9w`ZG5s@&t
zm(q*|>)e!sqTQ8+7^wNgB;{ES7HXd$D{eHgZH)$Uo6kCMYmbv9NLD0XMG1dBJs5LU
zzC|k6oCEM-eET3U<g3LnqQ`H(^{!8bSzY@Bu?J7mI3(RO#&s3gR^|Jvizo|`DOL>o
zja<lOZ)Oz<I9WalDXr9PizIR3X_|{?+ZPM*=CrEw<s&JX3lu7LJ(s6ZCCL|zc^@L^
z80+QY+TgQ^9GF?65#y1XW_!Xmz;7t|`P3#XXgN7EhSM#@_D0QnIBnaO)WHmk<Ht%T
zm4yR@0N)mb(ek?_7RzDVqQ|ecQcE^!m8Z@c>2*^&jdACBPxJ7cTQ;#h5_1@%fXI41
z|GCa@{Cqvh0kH&{{s;EAjtC;qs>5`7x*L^KW2%Wm8&4DFyoO4w$f$H-Xq#peu{3hO
zgPKyhDgFQt9p>pCGcyUkm(h)B_nC6-q6Qn^&2(yRmio>?b3Bl>35BO>n1@auzFV~C
zGU3Y$GAf5}cn|d&CC1DSTCEf#ye^O{Mju^zhDLZZesQNUW4h-qUE@pqHcQdtqbH1h
zQfF2F)dOAXH%{%@ykU7~tlm#<IU>96ak5!ux-R+g1fYuK+n2sf7q~p6)b{=o80^QO
zVm@JJoUtRV#h|q2gXSdpw=@qXLJ+M7q0b*_O~0#ijyRp;BC-ao0FrO`=izSzK33M?
z+*#1#QU_FbR0$;TrT$8VG(l`#@`#fc3XSwd`J9$;_4UBnq2Er65kf@8K>=p@<KEVA
zfIuBD*X*>oJOGedrNx~Mo?0aapdhvSlTJVTVAdWxmvh|SwO9GdWvhX%RF+1-Y+I)f
z0fvBnmTs0#xYl<{^yF`K8ZXjbJ}5^&hi#<<9~a=m0%TBaa8CzuKt>!cg;!$Bov#cE
zF+QDOXB`w`l|Q=#k`6m6{0GPO{pIP1Cr*>f8Wds6XWX+nEk=CBWF7BRWhHE^Na@UP
zSTD0ju9{z)Qr(klVa!6T$SAB{UPxnw$?2#L)2M5F+#6QkSWOkJQ&k-izG+F8bW==n
ztR}%ZSCp$QEDEV5sEX!=C%Ey>f882lS?u~+?XHf#WS;)<zK3oy@oX-lcq!O3yw<&l
z%!U6}ZA$cTA&H?{0?Wl>i`f*$hxB_fnkD89H)C#IIn%BfGZJ{;+v<^M!;_x#y!x{A
z{`q>6A*>G^9%@=F#seMGLFDoDbeu=lI3RI(0|PU$p*mk#(n5OENxWaKoZ9Dq`I!i9
z)k*rsCMquHH5y6dgu%AWkQuW@^1(urJ5NNA0WX(qUg>j{-*PCMxN|(zC_S*4-Edt<
zJAj)c(GWgjt1(^9+PJJOGm1b%>dIzp9*SCM1;!s3Xq<N#k%>L^M5wJulWh*p>fAYV
z@VFj@t*CZ9iEUEy%OR-&ZvT)7j}jf97dhIVHym9>`;3w|5gj25stg`<GsFIibq&Fs
zZhDL#?-z16dxyJtbq?;!wdTx9OATtWHuQ<{B@HPwB=|hy%17@na@0?-vsjEhCTQPV
zq*$gezZ8~iSgs@J$)S@9?)9>C0X|=jS~%KDsYr}9ioX&Y*rdSnqbdfd!ty5?eLY1I
z;n%Xhblzu)?N=;?-@TJs;X!<0^D8wi49g7aDl;wKxhVL@sSxCkMv_0d7Vp8-o?m7{
zApeImAwJ(n6A(fwm?L1HB^?R}pE29-$Z^D1<-paf-~#I);Oc(3f|U?Z_}{vKl_hX*
zWbg#HN@R<K3gJ39F3ae*!M>BHxF1>)_s%-pNOpHu{$__*H+daST|qUUE$=>;kB&qz
zslKTd?PTRR4H-Gqhq)RWN+AE#4eQ%-mByosYf||F>k4y|uDxf6P9@pp8&e~dAx~H5
znL8@c>smB*TkQlZI$gncMX7w5!oxK7!+HacB5rRc27HcuHKc!ZPwzM}7AY8{bWy36
zae88_Ikm~fi;Wv~2V0Dus2eFP^!JWli96W$MQPC&#yj}#95#bdU+N_)l%0u0`9r5n
z(YZ|Ofu`P^XLchS;no7^ri`?h=LVOpAI!dd(U_@xg7@Z}9HW<;f}N3V+Ez^Ig<~g&
zX>^0+9V0IeEae1Uy1nO&YQ>wzSFrR>vygtfJfjaP0sM5?SO(DlV9@%0Gw`!73<z)=
z>?fOq0ZhbU;P`{t7o}Y$7C8HYB@_jbVnI;ic)=d>?a*Ns6wu$BfQhC*?qL_q>&5Ib
zRZ}tg$udD00kwS@+^Z+(%hyWFdKE%qY1B$&YRSR?KJ#%iE^=V-2f$<{WZ?))fE4@(
zp%B8=EKEfnrVPN`{aZp;T$V6?m<m-tbO46S>BX;ccpgA{frbK?rim7pmWh#qthxq5
z9ImMi7uQsm(uU!N%=n0R|Br|lml-aO&kW}>aq>BZba2YT(sY7G5NL%GS!@UC6n5ko
z5qxY8+1+IE{?9)vHV42odl(!hC4)fVVspgysx)pD2>M%Yg#eg)hrg!mzk5xMw|yy)
z+y0AW`(k$LDu22t1+In93|H4ag&?oE`<m`~mQO)|J-@ja<f<=b)6_6ySAXh(inFNI
z5|fD_5sXuvjWv<Ii<}`Q$PTc$18CB|w~YuhJwP>JSRqGtPh%vZ<T)BJ7r^FfQTM!F
z)4_Ds@Y%wT*=jEz(+P)%aroM~#Mxj>?{p^^#Md<zSohj7cnUSMZiI(cj@f<It`lVE
zbD{TP<&L_g?-*%pf5&>upHq3s+^?iMO2bg?a4&5-iHb|ensY5QNi+CekN%eDOlsSm
zqUAsl3fR&MBa*oC2r|T6!2a9wDV<8MBsCuuuD*1v&LgbjB2NhD{9IMrs%d?KIh~OB
z5Rc(bAUX?PsmVVLM4y3g8;F8kUO8|kNSm!m%GL6`$I<@}5qE{3z5pf*Y?JI<xPk(h
zL;w>HU}C?A&=ODpg8`Ix0#Yz0-zh5aTe&jU*OdelQqj2VSV>1GXFI=>zW9h-?fdQ!
zK$-*2#lEZ9k_}jN2q%oVm%g3`3wz;8a^cDaIpGT+;mSElaIydL9KlDiq_Yu+sVAGq
zlT|U^Q00u=Y;M%OHw7JQu*coRlf_>?nS1O5?$tLrx4Mn3y;=&Weo}Oee`=#@(cRRX
zO!P2TlYaA|Np#1mEq&Cf4mCCPw3o;Cem%Z%VlN_@&rIL<oyMM)TQwogA<MF7Emij~
zr<~S{J3??vj&|>w<Y|o4P;r_2^pma+ZGi+ReL$0sN2z-enx7PFAzW3yMKs}+3D*<c
zI(kd;OZiNURHeO5>ae-m{QIsH=gZMw-Rwg~n)E2+1SaJd_UU;$WSrslXh_e^QTh~e
zHp%UBK!Hc!MEVB%XSu;EtIhcoN#S|b*H~{7X`HJl3r*vZ<0|8yaa>qmtqFFp;HM3g
zkT*Y-<9(eZiZ+t@kzFBOd+H#KPHJdVPiJAzyR+w(CKSEN$E<ymdC2Tu+&1PwRllDg
z7<&aH%}Y>NchU)%`&e}F#`>sFu$?=~zZlbANM0gexzOA`h`sOA$-Y`~o{%GSlPyxj
zRQ|5jix%pmDS;Qzie$6N;;%1_OG(fRuhmML3UaTvlo-7bs<=};oOHKPBd4`{pSt0A
z_=ZSoE}b*bU+D|iA9FafmJ%h&_JsSEMcK`lno3uVy$7=UnvPB(N6qVcM}gX{j#<M^
z>Kf}q^BElb<Rq)Qj}c3}qs}r$ym&`0xc}L`U<3!*qZcy6{Wh_qz7e|gpx_LFd_dhU
zXXwTWwT!pgV`3-q>T~0lR`VZzq~prG$lywIz+@3J2x<IO!>-l;O7Z_oow_$0Y@D2>
zO@7;%P#{XWU%2&bG9r~qY(%OJ+D!u)pnO+3(ITOn*WWYr65U^^bw1sChH&k(Xn}p&
zL@1<iMOH{lA2C|-$a6FN^5VpeJ<D=S{`FSfY7B4X_1OAE0y#ckB>Y%hl^S~*+A!tS
zTSBl>P}|Nu;`{XJg)kvZDXYa1`_YB1jwWcNfg$O=tfw5;&JflsbUGl(FGnyWG>Bix
z79$d_kbS0C28)`0>=`FD9Q3vW9(24;e4^s^bDl_U5x&!t)4AOe`<@?dJxIrwSJb+8
zu;oZSEdKH*XBmQxY=G63wiM~8Z~6WWG7}vhSZ>RCCGJEFSM}2|8j;H_`a3$s241PX
zyX+C_Cpta*ZQJK--LG`mkkHsy47wHm>_7aTZ2gP=0~ox4p&J-ueDfb<#R1sA%YXQT
zWB=;#|4vpg*)QD`4;QFret9He_ufaO^g5GsViuA9*?aZcBRy}d)Rb1E{fJAmF(|$>
z)DnHUk&l*SL^oQR{AmI!f<{dzw`c`yl&DULe`4v)*;5p8LSMupvBkze<clU>1tcXb
z?#eC5lLC?Ousat&#_>Jr@ywN}+5A{Rnu=0EE|$MfvvV;mm6;n}elcTTpxENkaUfNI
zXGJsmjku10Uw{2<+ViLkrb7vHp<G=w;)zg`6}55Jm&oG=+yi<HLXuj~uv>X`W88|Z
zZ&c;-RpFmHN%Si?tI}BS#obA;p8R?`o4L0F@nIsaZQXle>q}I_xD(=7d)^7!q}f8A
zTdpfA-J^Mzt`EMY&zsD~Lj6J4)doLApUnR69UkQHQ-H4CkDNXz6G7`j<w0@8(3QvK
zG3x@wFwdw9G4L!*9e{b9hp7ZG6@N?M{a0fkBU2On7zi#SgAkWKAf+vS0HLV``%yUI
z=XjmV1m)-B-~?9Q!d2bk0*lBvxbJSqU=bt;F~KOst7?GfJ8UNh$V&lWcH;L9^4~T9
z{$PZ)odpYyGr_bwNzfgn_;vuCuSx;_fI#TSA)reMjv2va*0$|GppsX{{ejG`-61d`
zKmeRs`+h(uVHO2IhT9FwJY}1`vrL-(lclgzw+R;3&!b}5H7LD*dBMHRW<4N#c#Ywi
z&vUEzFo*pYj%c>bGeT8c&+JLa6S&1nGU)&nP410nx8R#p@nX!IjVca>#KLokYy=V<
z8)^dRM@MqZL=(%V+#*Y&=c}vF`<9lXO%ju6mPA!cn9zrq1oky3ZF*>}#txL*oqNWv
zp98b}Y!$9-P?ylF!JgS+;HKu2J?3W9m8y_tgRL@|+h8)Ny55Ig^;a%UIcmN3(dN|K
zf!s3#6z8y}Bs|v=+1d-=-rtZb3GL*ylME%;ICb#^_jx@YZTG88H}vQG6n&yj$wX{9
z9OH>R0%cwb7_fP)+c+OyIllt%qUZSCU9Te7K(1#E?0WC<T`%E38#HWNVZRgB?6$(N
zgz!Hlcz(rhYP%xm$+9fedX8c9366<~mej<1am<@|DoEPyJ^wad5Wr0CGDJYC2h#^&
zx&cfFfVo4&_<Ow<02v}oXkPF?@nV56lB3wImI`O=J63HiiuNxz_LEPO+3oJEpfdp)
zJ_N*jV@>#ZZ*B~K?Q0AwT`!Tb3w^lok;MBfna}v!Vk&_DbK*=@UpQsEwxtmb5lbai
zbkJh=vDfToD$DzU4<FKt2i3yfoYamMejP$&A=_xJSK4-3y@@eFD?oPOI%S7;o;_)x
z!PCAa(uT;p=TuO`60E|0p&mp|CE|?IUStt`&n(I$ml-)6+gp}x(jA{u(8lx?=%8ay
zF0(~gF&vhQbkG`+x>H`CHw(cSbW7*JD#u6{%bBV7pkv<=$i%8Y;;^iDY7^LS`fw@n
zwvnN}2(mS2s;acz^lc;T!)<SA2J?ljw1m0Nt29x9G0KMh%*2wQ9n4tIS=&KLcY3MX
Hh~R$!j?w?`

literal 0
HcmV?d00001

diff --git a/AutoTunnel/x86/WinDivert.dll b/AutoTunnel/x86/WinDivert.dll
index 7e02d4b14163e9e056a752b8eb67fdc7aa37734a..e2df17955b2bee22de3f987a31585a4f94bccf8e 100644
GIT binary patch
literal 23040
zcmeHv4|r77weOiQgb56s0Rl#iI@&=)jp;cv0TUSVha?an>OcYnjW#iv2ojPsnF*-a
zPB=4=)8W+U#n!gA#cJ=h@6ucDD-DQ<lK=_$uOW?yMFs!QVW5rw_!EVBzqQZIB+*H~
zckg@O``&xE=lj;Iz1LoQ?X}n5d+oLNImvBzwsT`Rj?)9eVUF7aOiv#B{rf*26i>Qt
z?<8(l(yQ0+(UrV<ec9?Y&F03YhWnbT)|soT>gyX^=6jvyCU?DgO})ABj#Bfwh8kza
z#EIiA5z&q!jw{h6j%er<H|bjwbO~2+Ss-5vNZ>fnTwoKir9a7W{nacDI_a$g5N6L#
z{30{y36AxP<IItIsLbj|kcZ<8sL!=?TrwG8v}ZfVmH)l+QR+PdxvNJhBXWkzxxodz
zV>W(BFY0To6G-DRbB@Z4rkW~O700C#j{`6TU<V9)^0>;pjC-4#iDaOkM*8{Y<Kcur
zhEtQr`tAV_wR!tU-aJmo%UGlFG2669_?CTxFObpXtZS%_*l2r%Z^bwG=8vTOBlmxc
z1!|9;UcR!{*SDh7@3JJjs`%Zf#S>zmd`{VS6Y0qBwwFr>bh^Rpx80w~pB)Xku2k%+
z<iqXCt{b)T6e*CP`%89@`}6bNv=Uw8_>Mv`tn1=;cXggN>AK|J&Y(%xd)N8id%k=3
z0kJQ%M{(WAMdUAEDZjd+RDQX(GsH`0?A{Yl!{Og(DdT+-mYw_=6?jkZJ~!nK@Ev(3
zxy+JkU&wpkM`QLyuG{Pjc<*nJ_D}68w4{*=;IQ~h_5Sg4iN)++toI$!xc#7e9yDd~
zTc$x8-?7XTwmi-``m2?es6PGz1GrN87tir8o|Q8#@<xkZR)fpK;c%^72x$e#f(|uP
zS=pz-Y?SdY9_C*}F-T=#bNI(d2kr8wccI7Xl_-zd6ZM(wS6OAqe?55dGRmnQdJZ{S
z)zhr%J17D>t3=wcR#jH@(_kkGpI{YLYBJ;}v-%es&|BXWwCP`F^!4$Nckvy4Fi4tu
z8T{?&oH_d?UMhs|^TS-e0Po8}dM->O4>ZjL4V~v|r3*jcAJL&ePThjxNUfFEPN|if
zllk4_6o;->z5@Lt6%RZ|28ZD-glpTSV6J`a`setLK-l8@0H%#LcmU=85;O?yb|cLi
z3^wfvDG`n>|4tkcm3|ZD7-;#ix*DB{&Nnbyve5_ru|mstvN61TN15e2{7(XgF5cHL
zOhPrKiTNeocM}9qC3%4N79y=q$B)thg*BGZ<nhDgjTt8I4Oo)N3-aF2kyg9$6O%{w
z-O^98Bb_;nwANjI^C4pY39)PICuTlUM%|Bs=V%)ygEGnvMnN)0`59G?&DZC`*9|NC
zK5_HIx$88E{80TnN7NUO#02M~pdGD;!!c3@NPCE)PNZ6xU-E#OfMjew%R%+iOT+TZ
zSFR|P&KTrm3*TYF^3!|!c<&ZyBp&e$3UUwc{UI`n%b*iaFgGy2*PhfeQ|^^cos@$4
z_OUJ3`1KZFz?C3p!G3x<MLKBM1KV?Kwzc#7yX2F~>fX+e^-9UOUg=U&%M@kti=K;D
zu1}P@FdMo+{%!V~P1EJ`N{f!~SP_<A_V&4d5_-0s+JiJPz(i@|<=LRy!29aZMZUw4
zAoV1OC!WKs=b*N41$De0KTJ{0ANr0^53wSWT`phP)#y)Anp0XYpZpHTtzV#2q?lyE
zcfz$wY1Yffd*Ea+I0eas#Iw>zU(Fnl0x8m|uX^+uM3WBbvkx_W+E!|kC&<U;hxAOb
zo;<dR_v9I=+YxP}^Zza}K&vihf6d<M{t8Q;@=(}!0{$SCZ##yH@*&u-P<~B*!xwOG
zKspt}swa`M-XaHsUFev60Lm8o6P4sVfASmB-~v~JG`P@RAq8~uC-R`2_|0m5s`e&C
z>|IErg2B@?9U#ZOM>?1uwQX#Ek^rr}dx`x(=tuH#@M$AJ<1xG?jWL@TSqlra7TQ<~
z>Qc1a?oU#Ti~J=o>0urkC%G8o8T#EYd(eI&onaP%TTF)QGx>GC6MWlt42NRO!`PWR
z-yNf5^8V@4;5^<p6E>0mN@RbXB^e4yA?kf1nF}p&utO>t>`_vq5L{#~#rTGQvNV{(
zd%q7gq`^hJZ!9IE-HBBWqH=Hrs`>(?4)6UpG^dGx#pe|BzVy-SUCZk6-Uq49bj7$#
zG5$%)&f$GO1wrc4$<zI}amvz^)<K$p{FY4+rIbuG$;&y~^9sPFtkTOb^&o+nn6J&m
zbJF`?&HRhhl_I@|nP{UTsav0Ytm#uSf}C%V4|nIA7RlK(&E*I5>Ku}z`75P@PZ5tu
zgGKJE*?N-SQSM6dmj<OzbY!`~BG*~D2==h^ThgG+ehS~8r+5{ePn8GcV|$4rhL47_
zKW!_tT)l_Nn!lwyq|5H%x8zVmspI6o91R^ktt2nwJCa}TUEW`v{b|$NEn}5}aOh1X
z`7WAMiv9Hf3a}SpPc$j1%h2V{_s95?uT`2lrORX2ukam_kGag!={#vr&u=*b$=K|_
z!j81R08K{M6SgE10vPD5lw6r2WiNK!?a$Y<jxRLyEHu)|WN2Pvf4iu|(B?gZwxLGy
zm3=6bFVb{A-zRnDsc(IWjW=K4Q^ab@MVOt@>CWthg_`W2s@$2<`XvonO9K(azMcYY
z%@?pWPqXMERKncNlRu?)A~Mv6N&Nf~;zPe8c3P>X(6)Bcob1!HP!qV&NLUQ3eV9tv
zHb|IKW-`eszCPFO%AI<-w+G{d$uXZz4w@RrH77-LT@3W-nHQ4+`nkwA4Rp^pE%sxI
zB>3}<@_fBN-z3jB`16zH`9^;cr{-gk_7rJt7eySHI*7LS=b{l+q11dzNt7z2)B{NQ
z7wFY3z>1#MCwkDOhw(`<c_B=w?ji1c;$A|jJW8?sYUPUkFaA0l#)=o(N-Q^FILm4g
zNLe7I5HlkW=5=5jN>valbQfA~OoW3>#|RpYB)i0tf*K{LkOo`pWjMwXv|eH<1~#D%
z<qhF!z3u(g(it<hrSWi>i4?KOQ>B9f#{EEaVQBjU;@Q_Jo|Vp2z<y~@=^HUoT$V=Y
z<AV6`H11InrH41@<h}1e38m0tM=K?ACbrC%S!{QjJcZwD@t_#Gvg01jI%FwNRwG<Y
zm_`YMx)In2yaCt%oECf!hJwPAq=Oa1_RsLN<LJx04>71N^q?Z*uw(uc+GIgA8#xli
zw1XogkuvFjikZR$$(<1mk^DJ|v;6xk9#UvrXzNgXLb5<4b+t(majHFf7T<)Y9gfQ5
zz3XUeK{+6u8IComX9hE1P}0?2nj#TL6xojhY(K8Bq_}4K9Y%kisT)hFZAp@hKzldL
zC{L~J3>a$Vg7JGu5w`L8?>G1#H2RxN{`txB&DeM4W`kT{^v}2W?@#eRnCfpbw=KD;
zyTHQ91*zy-vb@$LKa?ytr*s$0;P}Jc1qg%+%zM(J0*Cq=iGMIdsG=E*>^9hE5#Mo@
z{ANJadoJpEuK~Wub1~8VE$PBdE!Xn97wc;~I}QBqPn6>0m<8Fd@m@DrH2;bzc{DU7
zHa-!%v9OKpPU1N+ES?qn!~mwc1^b+r_A{0a$Yc1&0|>>DOT)aK$Z(%L6^DZBd!b@F
z)FWcL?<^z9H)97Bd}kR^@P#$vT+H1}#5xlhKBp0H#iY*iopVhFQP0w0IY*OQVX?Eu
zHUb~fxOp^|hsKh?o#)4?=T^jFY$&7)Q~AwTVBn?qc}#x^_W6+k+0J(pvJdl{E@8l7
zpaji8M?msXywUl7g7m(9=5fV%73K)vF+a(k$a`s;^P4x}*FKr|?j$^i_tD-5Cl{G_
zQFE!U(Nt>T*wRo>P==icq{|5qm#8dGYss{y^BoW9c<*Kmb4#(^rlh_=bC~!20KeJq
z@S7>Fo%s&mq0_yIdh7p$!Gpsb(ULzEWAZ%sIKJ>@brst223!m5H@oKB6T!}V{U~ZF
zv`=;|x6g6gCA(!@%WU~iQo6+;b;9!vlXf=r-=C-U)mGTYZg=ljQZKRm_h{W@T86RG
zj0mV91m>6)nHK5txR$B>?p2s)2Qbf0KzHxYAZcU`^?8loZjr)MTi)k8Rv7~!y^Q{y
zkiOJ^zYj*wKH2oLlKMwf<>bq;+GveN;~nTAzovUrrSY@t+)Mp>i*#WeznM-YQqUm3
z8m)mbL+9jP3`QTersF6_rZ42BUv&v}2PcQ94cG)%|G=1{5>QVgKMArna>|RO7OlV5
zGfyG~&s76<Gg0B1_5s1MSU|1>P6Z|podR4AoD57ScN4G!*a%z#Z18(6yR@o$BzIC$
zZwXHO3VW8zQi2AUcg9M{IM1Ri_l;nqTU7CEtz17Ii@z>HAYRNx?p&V9;97}gSB7Qs
zp!9J97M<NSz4ahzEeF}Mh^==xks9%w{3g!c31Xjg2vL>+3W$N={J+wbL_xxcdhL8i
zB5rR!kxucQrxG;AE5S&u)yfOTM|D8Bz8SP~@)y5Fv(m?U(t`K3!1&ZAT2dUekvROt
z$^H#Se<Pjd?EYc{cBndRn2r9%R8UsKFVptr@)w)^8&dpv7L;x5_F5i+)H(82iw9Ud
z()x^LD-w9Zve)7TmU|&+1AiFVHe{7T%j#NrNdf}@WXs+(P=ZxwwGOJZlf~jS3>)q&
zygvem^szxxnr=e;+nCkiWN!9vWl6qcsp(vo$#u2#9v1Njs34xGmCGs0x1)QiAGL6w
zWQ1?3Q7SB}pQBh$JS$gN^nsurZd0*uLYV_mtKAa(r;BXFEBM{L@^Or;2}cBw_njdn
z7nnl7g{>+{G-)S5wDhqFHxHzlrjGB3D|v)wX5RM;v`E%gHo}l->bc1vPza!u8_+CH
z4yjtRm11A5ydqKlgqp``<U+6j4e!NZg=^7ZVHb2rRBu3*dO|&7y`jEP7bE@AYyH8N
zG7vm)A=aPRo+2L)o(YA+=X<F~YCm-Myr*+bsO`yvY1D(%mw3u*QxY;8NM?nl5=suq
zybydMBC{Y-^*}~sxyIt9L+rc;cVjwtz<>kj`{!SzWwJj7KW#)b(f+y0Bz<&VJ}G_t
zH|c$|e4#Dh<QnIxGM$t@`Wt4PQBEiSXF?T<>I@Xk1qTo;4+Y;^*nrCJ!@jWl<!FHz
z-hU-3g`UvV()RCE^n%XuYx(_S$kD)OS1OKP&tMY2g(f!A$`V~@N^QH6`k2(IQwqy_
zv%A*Y<t~1|PATv8e3{hpVe4R+w0U{`4C(S1*BsoU+B4i&$^%lj?mTv`L)1UW|MPoE
zZ+HXl?XcKNP{PwbXAzN}4i2fz86*v&{1i-|32$-*VcEp?ttbOr=aY;OI=g%&Gai|=
z0@I)oMiC&DTzzH))0+m$Gsgv-M|r*@0m(v20vAVc31Mua-c=Y8>?!B$b5NQ}RNhD1
zB4Px#gJI9qDT{RoMf$Yv^P3+-v3x*!|D+Vk_k1~)-`q<4eXj4yFWcvI7bf4#x%B9l
zgQ9G#{+q?V;EP!CKAK||*LwIBTsjt(2ui*VemE5`fUuI`l}dHeC4=iezN0`#nmvd)
zj|gcC0+dzKrE#vZcy_E{cBE^ZHZ+Wbv$6_jRV<Bscm}%Rk>6D5Vz9OyO}g?hLZL^r
z`QUj-$GLYvC6{;v!HWwcP@vqSQ&wD%E*q2u7x~?FTdn;3W73xfzTh~&yKt+(?=CBY
zh=k5lrq1_FNx`IEP%840dS(41m@5cz+%Jp>$~_P25T{W4Fk^xkmbwzuM`)oyUz(4O
zJ*#hoKkUTGdFDaCUa!<)3qwGKiC&E1NQYfHxd%JF%aX1nw<u5cSK{QPAf~OrK`?f*
zB(|OcwnQR#Qdl_l=cjTWZYX}miF=%~_`K)h75rv$)5_v6JQsD^;6Z+>XK;?ZK(93F
zP#4il9?lUzX!H!;$a@oz<R76E4PE&qW5Rd_ujhShp$aNmJoa1X@!qp~xNWGcgGEzY
zaTNPL_<Fb^)S_X>T{NuFdaw@t-Am_AHg5dWFY{6}3UJU>?*jJFy~{ZW{z0AxHx1tP
ztT9~WTt<Q#!-<}?SJbUF2E}8ICDK8Z_x%Y54n5xP8O-IqKVkJZ^1l6%`l!5-_fCPb
z^1xpFa+*p^8_!@G@6Bd4X7awRNW|$-POL-sp&j+xP+FT$)NlW+53t00xFui;AHxV5
z25=PsOf6A(5uO%gKEQ}m;sM_K?_)6zC6)?hn}r6phq$<*TSAtLR3^6zDUek`<lx(I
zy|f`cjX)9ZpaOR)(mpmlmhj$BVBzpFOcKM0w$Es7?@fdNs9Qm2a__+!v^>lTvHdtU
zwDX~5982VDQZTf4BfM12Fh?A&c`>eAiE9u)n!V!iE{gF^Al}!AH+J7BA8jkMR7&rj
zl+=7&3iDew!yHPZSq{xSfGKO1yJ?<<#z*x>7}7cO6RaeG?=X&&Uy|NCDV@&u3|`qX
zSy>8)KfWc&b1{SW9YmwJY{E6Zxy?AneHbpuqM1VqUUwIpBXlp@9+~Pl^1d$U#k9v{
zq?I!?0T)0P@4Fo#q&gW)o{i(M{=LhfXq?`XD<+kB-!)X>loohKmeXe#!8mmaVs%t(
zf$9#_iS-wvAWrBm)K_v+Q0LjGuSDZpFuMGHL@+&wm}!9kQxHbMNFna&?m&OD$REK6
zn#XLkq#X_WGcR%X;08|55Xv+8{fTnd&0uujNG{+}RL9O_@Zu)Yhcw(Szh6I{-(N9}
zgVB$>KJo<~_^z^$+<O}2re#C+!@u-wwA?|>6!N|gPzw{kT*1u61?={Z>GZ^V*Pz$v
zLxm>`W~`tL%nL#}GeuA0V$yqoA(TVYVj*2Am_xscTpLI@fRgjcq!#>ndiNy7f$L0o
zxPQS)uBGuyWn$#S=zxJ6*8kNYEO{?Q6y(0XF{X4G&ifuDrg>nB#qaUC^B8vtar5BD
z3scJ-Qc$oXytsiDdxfP6kpUKLmULQBihDg5lh$9S7#~9np%fPPX7}=&KEOhvaAS;C
z-14qBfR$W<eW4s@UKB!YttUMkGl;{$+z>YCjTmOVWfOF$C3aZ1{JB=-DDVufeUF8d
z@*#TNS<bgz(2QM7USupxr1*XSXNLEKFxe$4+h*~=Tk|g-!tzR!JIUJc)0jUjOn^=n
zIYH4sBKJU{V)?Rv62;~IZ2u~~bUN2FIF{d{kTp8`a6M~U%5KX9=`zAj&&JGqFg2Z6
zBHC=N!%IeW1+p|EdtoQ;X3S)@5@zh?vi(zKM<U+(%8v2=QiJT6<S#YKjw$@^rBjrj
zX*z$YYe|&<HuDX6uvT^?pd?xOp;mHnc!?f^ma3Efs+R)OF-=lwUh+}_x{a`q-od7g
z;x!SnoiXAB`x=6F%{hpHy|9_KjVX&Uj^p{w^%!x_U<P`I1nUY`KBxW^m2kftcXrJu
z3;9wJUaKeZ6Q8M&F`YjTroCX&{3q@_E9a<Rl8N$kde09`xR}2NJ>ff6(#!8O7#sy-
zLLcHcA#@VIy3m{W<wAeP@7U0*P|%Lx8pEm&p8Q<fO&)=_0DbuMQeT6U>E>=#-I#ja
z+-!9n!&$16;Ux8LhDCKb!#4FchHqAj82*krkKr5DSq!JCw=kTc&S3Z!^%{mV)oBcW
zo4t_i<^**t%ipA4qG`fe)h`&Hsh(vxUHy<@gZehZSE#QuoT|Rc@Kx#|hObm#VEAhF
zj|``%zhn3s^*0PBs=r`(iuyRiMpa>Wn(AYCs`@a)Ce_XGM0Fj*lT;_e6V$sIo~$ls
zc)EHU!@OF=@LY8s!*kSG4C~cf7`{%O!LV7qhT-egX$+53Co-I@j%9ePdWqTp2K5Vu
zzonjK*rI;O@C@~BhR3U~GkmT3D#K&cLkuUVFEFfA|H$wx^>@I3Z<?zs&av5BT-$o7
zmD@}H<2iCE-I%G5=iv(hM?y~?eXN8?Ws-)*Ylz|sc%EXqPa)UQ!#?0rpGAZIwFdt~
z#!;G;gIHbipxTIr<vL3RTueEMQs2bNp}+@E?DRBz+6F&mH{t0q-|k;v@UKXYZWPJ>
z1x9%VC?=eG<rPMC3|32QUEWMC=F%6@^+X3Ndck5QHvo5#jsw9GIBE-SWHl9ni)fXc
za~Y*U!*i+2`m0;6mM7sXnIMl51Nb0g8_spfcinR!5)T?5_uySp=&i{91R>uz1rm33
z|Bl>mO~3+t(z1upE=zzA?xuinpR=vgcaGoIWjM<Fz60Mwe)}e11dntBqinUb1Ifu2
zIPP7j5&YR_P#15z6NpK>jFD66Fl`2(c4Zd1vB8Q5gGZy%#TmVHpo=ql=|C4}E?~Mi
zYXqi?vwe_{q(1mj5Ek_^1z@*E*v;kN!6e~k&Z`N`gmrMa96*IEBu{8bJ8Zpyy*hPh
zciAY;18pOtmBna<sDevus$GmEuC6Irf=1gk@#SIwFR(J3uU*?ao$uJ1Ojb~qegQ|k
z{$_3SNyk{VkFY=ab3N|Y&<*VX*@Aofx$94aElLo~EFQuh?dx*~*9NBZyS@5tkXk#h
zmE*miVSlQfw~2Ghct8DoEFQpADG9wc6t5y*9NIr3Ul{tg5&68(FGu9<p&#LJT#lHv
zvbG()!BACTt%jAY$v;N({-yZr$DQt9Y5<zyU#bVX7R^-7o%|fJ@jr=t5mdn!;7|cE
z6>ASq_v|xLyoTMFUe>`tEQ^jFFU6J&9<dLX`M>JIO!1l^CDLCy<f{{qkIv5+>o2=P
ze}>v<xT5p)b)lZf{En4B-WB=-l}ANy>k2&`;XmI;H6G`8uS~4%?81fhOVn3&GAX}%
zB`&dtX!L#nA_^J9fR-s?nfJ8}y~wLnk7*e?F;}Wbv<%%^R;v57Ocu-ho-$jt^|Z*y
zNOZp(BN-S;28r)jlE^X}DYLtDgi@<D1|8@L(z|@;yQZX<I#sG%As_90FQxNcL+iWn
zRonznl8!PtnXJwPz5~}A@A84u`p$Q8J<%5_osLrYC;lbGYn7^j<&2RWot60AE5;8u
z%SS}(xIKx9epAb6%D<v<C(1|pj$@i4*Ku5=ncqhWYdcSmm5)mA>RA1s4pC7pN|iL~
zh>kaCG`y`D8lk(0)^WQg>UNfyPEvR#n|8g3c_}Q!JM{N-tdEwF1w-x9nGZ9*5)+S8
zFVmi(4H)0C$Rxjncfb{a(+NZDZ-E1oW`s(I8SRSUTGFof4MDx9hvaNyb(T*VUdf};
zOv7n)8g0^WS~<}=mQNg#wje?o-hwqk8=*d(`KW5(^q8UAh8R&lMEs1MBZza@(7mG(
zjhIh-hqj7drl51VAu@ShU^#sx_j_XBy?lhRey-8D;T_sSweY4L&LvXQ9ii~M7bVCq
z)naTbhF4e-E$&#PO@yKtL7Stqw7g?T;<qA{&<?cZ!02ifjS({6p;i2f_Uh6Urbdmw
zG?gV*`%BF%QRgqUXd1@xlei?GyVS^Ux(pF5OUa932jtYhF^QUiAW>Upkf^ObNKDow
zhIYUSjAOHSJ*q_foAy5OFd`CozSVP=8u(4WMCtnN$kxq;y*52U*+<p;sZI-ra3TfU
z8D5m>Tm}557odT3A;Gm=x-bT3PUP5&@aIW0dBo=ft_>`IP`fOqkE&Ac>M~MTZho3;
z?5_?_yFf)3!cWsD2)F@)1oY7eL>Tu$4Aaqriv>@ym+`Lk*gf@MYdi8L9xchosV&<7
zm}W6bZTrxB``CvLF5_@bzb5mmujwzIhzVowza#O^L>BMtBecU3AcU7}K=NOt_bw!z
z=6yA=5M{<lgJXE_3go1HmR;b`@mq?KdqUa6d9c3)ab%s>I}SnW77=6x?=vV60;7V+
z2<IB;3fVhB2zpLykrBPGf9e$|3cICX6C(eU3}Jb|CdeDjt^wFJtE|78LY8o^bS4#}
zA$RlM??N8hphgj$`Hnz>985aS`{;Yq)-dVm%4To)waePCjhbw?>=i9js8u$4c=59N
zZHjPtFTH49i!MzUkL;bPv1lT+&@@(q!ZfeeT}%ZCD1rdFOCCV1V3jj*0ZH>}5A_uh
zQ0O{L)X4YRBjTed141P9g@s6?tBsoI9=G?Fk*dG^7E|3vVMnZGG|FU$elxl}1gU#x
zK^Bezdh|ew$e|5A)bSL3<pR4G!tTKYEUxvxe~R9#L}oflifKgju!td-V_(OPTnW3t
zjN=B2GD~omg<%G-0~3U<Ny>1oQBG$NKVnRh5!Puk?xf+Sb-E{7pZ5u<L@)Tn6X9w7
zq!zAO7|#IXG0?yrrYV6}ph$1)lwZ?6k*<~I4IujB+|xrhMB}U0FX<9STh6!*s+IO#
zt?_*H6s>w?pJg*tB$en>&sbA$Mb&XVq$Dp4O^d~&(&+@;0%{+e)Jk(I+<#R{#^_ov
z(&x_W^W{(WC!<HtQ_g$jIckY7`efz-@hrc4k{GD<9dRdy8nX{HT~R9==i}Ok-)&r=
zq;piDW*=x?4tqZZeZq)xVeO}$q3+W=Wi~SM0pJoc1zvqRFrLH~DWipPk+yohr9L9S
zAsr5@kAjAVW&O9QF8V2;l={owf&jByOJGZcZYB&n(ATdi=mzn!KWYIsMe@eT@EK_M
zK-b5HaR;*--n+TiX*$mnF;95kHq->cL1Wj3G;B!yQqMp=3>z7ZbMv9A+oR+48Kz}q
zytKlP#B=H*5HW&m$SSl~5;)&J1S+nb%5X}eFB8h}Qkl-WBRn=4ZQ8!*pla{nGzHlO
zHyJf%>~ODx78Y!~3}XH>4h(hk;J%pXGS>7?G`$oJvK&SaU-LQewi}zXT7c+8Q)QkR
zwvxNulOwB+R9K<XpHfiw;Cfe+t!WI<O#|Foc-pgCmspzGV4YZoELk_)yEM{~Qgts3
zt+hh>(7aI(43Q4RI<HdnN*h(ge<7Hl7yk6goF03(33>LixO4D2#GQt{H;_jGk9b5C
zkK<SqeIHz6$(ummKVZW7UF`Na3*%FWu_=bQ68EimvsntSAas67f(qdr@-XY{;t^bn
zW}zTc(%$B>7Sy6Q=*R@MV4827_qDga+WkOOWJDYZgGfyr6GdKE-3)OWzosvJ{agZF
z^Pp=Xj9m;p9r!pLCwSL9d}1*Ohq>t#94<Z^CxuZ8W$8P}VkW&1byFqnGwr=IU=r0r
zEsUaX<ZEvB{ZzF5;cesF6Pm+lokAU&)2YCY30T1HJ8(0yB%;y4No)mYUF1|#hcqiA
z&6pXBK`dnI&};x#N<>BV-0RW)$Ft{f{f5gP(c`#sGmb&-F5FSUgKOU_U>QJ!S*G<D
ziM^zQsYBo6uUsLWv0zeVf-4I%!;TMzU3WHROBWMdDe;uE;1g20TYjSze>?>j@kUq*
zbL)?_;!S2)*OC=_h03Jvfk?p%t(OPzdZy(%9G;oIwc<08;$OC2PRDU>{g0s^6u>*J
zBbbb|%ds$EZ??AgjtBySi(owIAnAc^p1z!i_RxBLHgzFZH78P)+)!ja)9NMDU^M7U
zAt4y<CrRlC;`KBAKs!B49rNhV9ThCGrfIDzrKKe97Q(DxeQ0JU2<5B5PT>d1k77#y
z<N4of0ngO_YEyE5^<%)#L|`-;@kGl4NcRDV7Nt}D;j$R-l>X`uK&LX|V?3Y{rt+w~
z;d1&Syk9Sm=7;k})5CE-<a6j#l%IpVouEm8fyw>VRlp9=)?C$J{V?FOl>X{w;C}^7
z6A<D6k^o}>r@zx*eKqhO#s2Ew0e%Dc1>g(7S-^*Yw*jvMUIiQiya0F@;0CM%I01J9
zmIH1B6anS|W&v&i%m7>im<E^#7z?<BHopLz1$+p28}K^dRlp&@3xGcYeh2ss;1__$
z0Sdqeco^UYtOGa!cLSCKZUgjWpe-u^eIuBN^jN?pwEH+f0r&vR>(|ydtgkmao0=M$
zFzxbY^;iE#U?=!TgY76A4(-Sf2M_Z9S!hJvufrd+`m3J=NC3;N{ne8JdcgVF7-PWO
zfL_1>KofYJfTe(WfSUl50iT2aW58bk-GDuS{|49!C<hb*ZUxxq_E%2_9Guf%y$kR(
z;1>Wt;32^MfF*!zzzo1-z!<<6+5Oe;0bT{{0Xz-(5#T|<YCstv50DP%Kp!tarw;(X
zht59-5N!g=x<K<F-w3D#H~=#M?SKkyCAWsF=L+%L!a2Dn&c)d{E0@7Fa}NOMiN`aW
z%lsNo1@iGYMbPO}vv0N&ExElRGNtZtyUY!>=5@|>4NVVl3)a-RoK0ruhQ=mmbMu;p
zdb6vc!Cd2XHjYwM*HC{S>HE!!)eZHosx|e^<|^~ORW*>a)`?TZ{~VvWwxP*fSM`9i
zDNcpPs-|XVbU{SqHQal@vl{>Bz+GDl_3;l7NbTm;4NWd?Q9XK8UsY$WYHoHmxu{RI
zRcq>;HKaCsTsSE_4DbW~8E_DA25`-C%p<@(fGBSi)9d{I=tEI<yoV07@gBO?i1)A!
zKTZMOcEo+y%f2`zxPgiLuv1Q)lB75^BC&Uhamw(@Cho&RpExDBzli&=SC?^0_&78o
zu{bME8GYCr?_qC9;}lGdLnBi1DD-Kg(5H_=zhV?ReUuvSp>Jg4Jy*pef_C*NboNn5
zoU&`;(1?U@9^*cUa^pVcxKxh2eiZr*qtL%K3f(daea0wsc6NwUc2gW0k=XS`oU)m5
zXhiz<DD<00p|fj}IAyoQp%E!#6goawjQa?2srV3V6uNa3I{T~CIA!c3<~a0OacD%E
zJqrESQRwXB=s0EcN6GP?Iq`^~(Z8#S_t+!Es`?tPwyLh#$*rkg*T{Y{<~P(lprr~{
zJFC|=yVpf>_@6mis_cPAE!8rc5n5&sRYH11HOfaTBCS=eT~xDyTeGgQq1lCyZcY8Y
z4Q?p11`0F|tKFDUxPT~y&93~K8t^q{ENH5_?~dA9N*32Nl{o9~bFHS#BC4G+l)sHt
zbTl=%8mb%WsI0W9Ix3{>j#8qOm6ZTd7w|Kz5o8wBHLNeGy4OiHku7d$ELpQ|jZ4eL
zT0zO}`1d(bL@O9-0wrZlRkgKistf9{=W=xo4UP9!Rj=jnpNKg0xWVnxy4>u(cM&s&
ztGbZ`WaNV>f^Uc6DH$^-Wnc>jZRwO=u%@2jAxjX|QT0GwLsd;gOGas4&G?ozYxPQ<
z-;2tI$}w@J4`||+H{HkBfgLUcW{|mZO?^$ndd}74c5?2TMuH)=C=*qS(vg-aIZ_v*
zL>v6tq}*^<fAs>;HUiUH*#t~1TYxEMcodjogkJ$uOz>M^iUIxrOnd%bVA|umfoV@a
z226YSd%(13{}q_l&gZ~1_b&m{+8bNZUrl?r0hspcWMJBxuL7pMcm^=-y#g@pwex^!
zZ!G|(z4SI<+B-{uX|Mb)Fzt=^1JhpkJz(1VHUQIJ_b@Q+Z9fF2z3ivJw0HdrFzr=;
z0H(bu08D$)tH8APoCKz|90V=`J_EcE_;0}ED=q+&576D+Url?`SYR{oL}1!;Qh;fX
znE_0DiU>@5NH#F-84H1Fk5~mvdqNd3?E!0m$>+O($;W$u$)~pglMinPCZGLtVDi!b
z3`{=oUxCRt{~nlp@jhVky@!Fx*ZvupeCvn6<VzP86wEQFExdjCO!KS^TZU-13gT?R
zDvsu_QRN@c|7RB1e{{}W)TR9%?SHA!dLu|fz6P)zAYk&-|6nu0S@fEb$0XVbFkuq+
z0vuR0+p)k0=HvgC6@UhC6arB171TcgI12~^Qd>FhR=`rg_W+Lqb^z!j!oz^$fR6y@
z0Hjd@H-^)5W4T0b9R9yq5@P-doROQzP2%7l3)i&ZWR+1<S2vU^sB6H+8Y?WUt1GH^
z;e;8ZEOfdYRrnuuLzH4?U8A$9psKDq>h+tyQAnGzcINwfQBg}(UHlR>)9hU2Xvw5K
z5XaiD*Nm3W{(I#P>|jpUP}Mscah#2HW|_0PWn`{s!%)7|i48u+OSzGy5krur|MC3S
zvw*#QsLwke<G5##uNX$t{}aa@9F`yA<~aI9@CHC8U;$tSU^QR^fSxws9|QgwunW))
z_zU1PfJ0l;0cn6tKptQj;9fvIU;}{t2_abjPqnj>V~(TL+0?S8+F6Vcz0OIuVFkEN
zYHFy9(D8`|SJ33FaycV}mFN{$=&W<bDEN<+v_wk_ZmX)Vy3g4Jjs%UOiAMftLaD2&
z$rTe(s<j<ybW5a#q84Yp3*3)I^6)XvmE0+`Mj9?^h-k(g)WM?_xSN{5j@Y}J9L<;n
z&`PSBT}9gUZ8GI=Yp8M8IZ4dzRqG&%%OdI>aG`Zojg8KlWzJ@Ior_yc)QF&BXH_Ho
zc>>}5I{Igi$5?tnlM~jNK4ww#%7*o`Go#INv-PDT+TEfrt83OOa&44m6=h1Hkrh>S
z2yK5zIaJef^glUAgZ#o3`Hn?4D|7f@qwjeCS7AxfvfGPFhGatQf1Ss~aTJdxh<96m
zo%MXy-?DDazHx5l-0#i(bgpP`wg1%qYddGgo(-OVnss7!OZHE)r_PyYFSP$CXHjlA
zmlN>6KT#%F|HXRL`dyo3`>AchtSe__&ANW}ujlTZ8<_k0+!J%(pF7EZtv%ho)PAS^
zetVPMW1l&%a$ZVKcFtot$8$nCDY<v#mghF)Zp{5v?t$Ewb3e}I^57RB_j=(Lp<b9I
zP8Y8eSBTBxKKyse>#et1AF=-2y4`x*D%-L%-^{enYMFJ<Z2JGGTN6kby<iZGf=Ngg
zQiN2&ELemzAzcuJOd(6K3wc7JP%M-P4xvma7b=8Gp+;CO)CrA(OV}W66g+}gXcM*y
z?ZP(U3E@d$yYP(gtgu7aDeMyV2>XP9a8Nibydv}p{lanKE#Z{#fe;kV2m`|B!Uf?g
zffMzjK{SdcF<DFzQ$@3A5!1wUQ4ll5EYU9JiG^aZSRy*aGO=8&5G%zRakW?{Hi|BB
zgSb)jh+eTx+$y$<+r%ftC&lgJGvc%24soZrOWXqs1jK{lVeu8QSL_#$i*Jdi#1F)v
zct#u$KNl~EUx}PmZ#7trR+BZ^nqp123f4?(mep>}vld#5ttD26wai*>t*};FYpkoS
zb=F3!%euk3(dw~!t!>t=)^_VQ>l4-|Vc%!0&suj_cUpH@_gME?1J;Aq!`4@<z1DtM
z{w?b%>j&1L^^A4E`nmOj^(!l9)7uO-qs?SXwx!roZDyOrmS#)03ARjImd$R<vlZHk
zZ6!8`t;|+#tFTqtYHX`*b+$&E%eKL`(dMyvZEd!#wszY#+Y`1YZQE_n*q*iRu<f+%
zvhA_$vjuDiZHH~I*m`aKw&S+9Y^Q7=*n+k*HqR{YthQNOXSL7THtUI5PtMvti_0<O
zm~v8b%sFW}LQYmrUQTh2Bd0v4GG}#8W6p*gPflA-d(IO%+jE}H*_pE^Cy;YErx!Ev
zR8BBwAm>63mutv1<)-ACbJKE#+^pQZ+~QmZW@u&Z>fFZM4Y{7&w%qpICvvyvKAXEU
dcTa90_i%1+?(y7Hxxw6l+zYvwga3~_{{!qe%CZ0e

literal 18944
zcmeHu4|r5XmTz^slQbl78%Q(?N~=MlK<Ix7-T4Cn(jknAbO=d^0wE?HJ2C&Zb1#4V
zj3(SfY3{Vc%s4wb>Khr{dFtcs;;c(hS?vIm1Vtw*!!Rq)i7UF@cGiiC5H-tvzjJSQ
z6A))+=Y8LP?|aYYJ9SP~ovJ!@>eQ)IbwlYLyP1|TrUS?_V+VohSD>VSIvGRt^tmrh
zXD>{7<A#Hpk~eNx=V|OPwtL&|_SUu->uOtD+j!$$ZlhOdH8!>y3)hqzTiWW~nbW3C
zO^<Y4Ej>SU-N%1;JPN;Gobvcw<bS_-W(3c8e1?)YDEaF?e(&*2<lld?;qf%!oP{$U
zpQGT^2)-(UXDN7XW1WZkj?Tp8WUNFJ&uqK;Dxzg0EbfLRO%h`ZQ8Gs@-H-)r02C;B
zgF?qKmY`%WV%CKMQXYPBtU#kQqIT3k!7AE+8)N^1_M=6Nxu|+GV<X`H#;={Rc3O}>
z^UFX#1(SJ@IW;+d8J)?yxA7<o+=_(cqPa%o2BrLrkSfz#U(44rwre_y3IN1w0!;c9
zpe9pgW1C4<7XWj+R3IfA$n<u2>rkc4b#sJo1@NR_0rlr~H@AUtCdt$eAVn7fCjAN+
zyR7A;%J0a(N&^+rs4VE^)RF>b*m&glaV4K33kF$8Mn!NR)<Ha~R2`=u>NkcGr!c1E
zBKf|{@`=fl>t!KL7AAH17)(k$nnI&R#!Hi&RR0*pT<dCLo*UC=G8%jhN1R5LQyuVf
z`SPy)hJ59fRZ^$k`mXhyeXhXOY_bII+;}9M;8%PA_lj<*OHMtG>54~ny#fAODv{pt
z&w1Q`XV5=qeeOG3j~8|2EoH(9sWiFw7$5J~E%j+6r=iA|wrRfxeMP3OAjnfDmFg>Z
zX{xNU^;}OtNT}H)eYo*Ro=HgV+OFAlkTwQaIKE5AmHX##Jpq0*_euaF48=q!;a<`D
zgb7#wN4iOpp^%Rk2ZqDbz&xxniv!PU#~i}MRs+Udg)WsIg})Cc-&tb`DC43+sz~mA
zo8;zvagh5?pQ&cQMyXWveNcZrW5LgjjP1eBHCTV`b52N3eWfI%Kye1o18_@z|HS*U
zT!sa41w*QedjrDE8Y>1Vov^+Ud=kxRnoWh)KxKn3p~~MojutL|FEw-xDmk*q;K%B6
zL)HCUpHf`oPwuh?#6!v$tI!|!NWl8Wrr_#GpO@)Zawd!8TJE9U=uJ-VEuO^;5O;4H
zWS3KoP|V&rAjNT6NU#Pr9!_RWk$-Zk9km!Z=#sODM^4Q^!9jAn#1}10SGf|QXW9nQ
zV%J~58|!OgCNmrWoB(7%!sr}eAKjx1VFMR+4g2&gV;r-dtE_yLtV2%KVJPWT@4H;j
zY2-b!hGU-7PG%^VQyEo_^_~;%4Qu_YnZI}JKcL@WJthGIhB<ADPPZvq*`#UGHfb*Q
z674EE+SOt?wHS218O~N{>6Q7$i_GO~E{@6nFs$o6$KOUHRLZGoXag(AQ(H^p-LjE7
z&^58}4gTH}Bv+FLd<O6V=~a{hWIb24rw~{kj<)T6mrum(sIp2<r8?L_jWn>y`o^8X
z0vIS67nBJ7aebx9Twg_UIoG$*ko$V)1~S$LNl2?|kUCTDId&D-SEz|w)D6w?(~40k
za1B0Q6BpKlZt&fwi6aKxHyCs=2Hgs-@3q|5@B7D^O_yzN8o#W(((jyraV&(CKqjEx
z0N48i3}}Iu>As-DVsH;VhkQ|km?s>>$}u5GUdTgLRdSYUtTvkFQ13CW=LzsC>k0lf
z8+h$%;haMGQ`QLE{6!jVe?GPBXg>G|I(vnB?0J_f9B>`fqIf~SYi)4HRb&Cluz*!H
z<d;ZcV&??o9ytQmo_bk^KiaJdw{?ah81==3(a>F}^X!2Ls^-Z<QtL@Yir1tv%wO4m
znyuHv3iR;OWDG9P(uj-R2iLE-=%&arVhc`okZ50C$@K}zZ+-F-24q#zYy5O5hU?R<
zS*{(<ebf7ev@r#4NBaD&PhKPrK50_jxg#1rkvmX0SJn=5eTSvj`a=fokksEFG}LJO
zH=Q58!g`6L>n_=BumXSS(K4%C<u47C`Ahc$UI6R^90VLv-Q3!E7~RH0l7NFD1LnCv
z8W2Y`NrS?T4Zf9AxdU2pgzF!PbCp+B1#gA|aVk>9t5^>vmF~kyu}u6ZPJEMby>Fw;
z8ffq>hx<J$2K277%F5tp7i1ZHO0(s0{#6<no9au;W~=5dcD}&)wc<xQr4v6ok%Xh-
zfWERR$L}0+$-=?lKPQrqFH~9s<rq8;#Z4Km;7`#t7C|YQ)bE#Y+^SXVXI#%eKu+-^
zz0$W?>3ct<<N9t-?hon2_c?#^P9JoEnSW1One20pNh=LL=h+6Szo9>XedPQ~@$^Lo
zzjLf9+0`)U9A^o^Im*z`1j;83eSc)=ri7^ET1YMnhhlvwg1-l!p$L9y>w=iz0SMls
z2yTGj!hI2iKuBjyNNHn0k#pdpoTMC#9FucKkXJ^c6-#J<53?Mk%T9QH(~PKmbqS=|
zKt!`7Hfc6LD&WclI;f<<8pT2V{2EoWihmME^=im5=$wG4j1+^P8gHm!2-nj^CH3j-
zFNr^@BJqdzLig8@l5H)LD#pdHw0z>O#8r8j!jcy$=w9$z|NGi^K7dp!d==wKulq_T
z#IJPThr5<BAr*TT=U$voU$aR$qLlp|-J+O-y5Uv-DvlOj+%IT|KtRt`1-h2zyhyg~
za~|@Q4mEHmouibTrQ|dvXN37(_iJ+aYoh(ef`hI!RXx^YXekcFS+PLFe&=ZUpz}C-
zM3;do|I_J2VidtZ9`QMhHRv3ovLgS+6IOY_d#b(?;BtrHIMr}1c~`<topn`_DC@i*
z^vYb17wtqjo)ddO>`E9Y%s;{Ma(I0YJai?B{LZ5;zw-oqR?u~hcHmG0%wDQE4&RAA
z%VEvMBXO{c3%-qk@RSB$VZ~`E^mx}&#?O+R!v#f<T^!eQJIb)>!_(1bs@OT4$o0}H
zgNy6^BM5j7I=<f|^042l5x>%Vwf+_3;ss#w6ZpFl=V`9bIhr(t(?~eo|Gt4J=O;-+
z{uOb)B!9aGgMc-tzr4xVWlcV#COY43x<Aq8>}74vQJVzcZF;}!;y5It_;F0MaivW~
zOti0(hJ3dr*W9TXP$ca8B@P{ODbXdTL;Fta8(8_E6sZb6lNyWuBl}}cd8PGOBq)E|
zdd|0T+*f+mS32e^9rcw4X%z>sQqsm`@oNpYgT~_yaOC85((k0teVr3xP{(h!9utFc
zT<>G3hOPTL$HlKRxE;HQyKjw-JJ8=hqVEss#UrPZ`g4y68U9rnKDd788LYqF#T{6c
z;PP!e6QrB1RH2uIGq8YNL*Y9xhfpDU5x-91b~r%nN=)Z=I+OC^xgEDs`TJb|`*FFy
z=XT6d$BK)MMFVlY@zlndv}?^2?m(acX9U+5STN>Kv4gKz9CvJ8!5!$b%|-Z=-fIN%
zRg8)kQoPH#z7@&Rkm`NKFXO!?Ojtc+a>u+k`E`C66Xq7s4lfuZ=d*FV_Z-(t*BI;D
zp-0Hll)^#hC^3e1An{cM$$VyWec!vN5lA^8=*7c&*kSlUv{8^6g<Z({D$c^Hr%}Tw
z*N-vSp!2N4vIw-VVhlca7O_l63$?FM3w8u@gU&I9QD;47eHTZ$Vlap*r&t5M$9x?3
zlYms3f)Qr<u7OiZLPv=TOBjwpDosPpRZ{0!pF^pXFR7fPR*qe<(x_IBUa>M=tqfkV
zG6R*fd^3~*-@atPg{X=1ndxkXnM<<fdS>9SV}{=V(m_81%yjr^C{cfLQR2^Gt+F2w
zk3b)vbN3g}ohw;-3(howvIY=EdZN;ZG7x3#{#S-G0GnaNkTfjy&%-Io5CkP*cj){7
zRi8Ax%W2qIG{3un+^J0M(tMT1O_u~=(aT8G-<u};`#I&(MiL|)VJcmce9kj+YC1)#
z<Gr$Qg9|_PB1L(w=hqk}!Wp?vy#q@^crZqSI6uc#9;dP7O!GO%{mx<RJ>0$oBMxI(
zID=yap#yG}gU%5$nR3YM9H!)yuXAL;`I%Nu&BM@Gn7O!k6iLotjV~d3geezK#GQ%<
zid<nn#8D{Nnlw0FFx0RMcZ!0G9mGq{Q6Dbkin&Fitq*3X9l&tuFvn3C9F7#J`sp4`
z##`Vd6_uutzv!Pg@wF@`In&Cy-cPaPrG9Zl3!gNu74&p~{Vyt0UDyxa0$s(u+G*$>
zWL-Fe9tw)GoIi{Zh<oT~sKaIXta@1{RK7Oo9#aBJTq}C+MSW$H>_NK%+~W{!d!VU+
zXB@%1oVtz{W=y;wbG;9tSk;0!9*3s_2r^&FqN`LBlTQYBd@9Sn-m@40@y?AZBPd-{
zt9)`(jW{Gn^zjbv=ZZ`JQ$x!CL>)<E>a9-Askb+X!tckHo=cK8G3m%-$`j5atW#z1
zVKscha&CvoOBHESf6`%oj>@{W3{%Te_!?q-W!*AqjK5ChX<}7iGAm5WV@wO_Ap!E-
z6SxZJI-VRzi)sVUEedaHlvkLIn`jAiGI`1)cvn)k_rRu_h!)<66h#lVNecSaWmPa7
z>l>uM;G>b6%lDU2sz||YH4bJ&Z&3)Q&vJb@&=4SEahYG&6^RkC!*x5z{6|0)?$Aqx
zJFx%8{L3{BzC`S#7oiHA0OSsw!3G>b;vG7OE*PYW5w7ob+<gZN&2imq2Lql8Ucxxv
z6pW36!|SV+LO$1bHDWsHFh-4xPXj*~8~8yC{Gb8d(%36B=v*CM8CLu%mwV^~Y%@9i
zC+Qh5u0mI36}`^QP%c3!WV1(69Ua7a4D%E79?V03+#~(8HU19O=og)a-j1WIk@!_M
z-h3Jcb!H0sl&INPXif<IGsGLvnd3q)sDvi;KU6{+`h`m9LUjIvCqA@WB@#jpsYGJv
zewCOS5>!GTYF3FUp*odF3f-X+$)Pfpm=-EliRqzbD#3-aRl*Qjq!Kei=_)ZZG+QNR
zg=VTmN@$8oq=uMETopPGy+gvQL!YQbTIfTSxF$r;JE*!g^o~l*4!x!lb3*+pab4)3
zN?afM2bGu``lU)3Lr<#24a(_{er^m&YROH?>5r21@O?<<g|{HRIoytPez*x~Mz|j7
zE#XZ_Zw;?Ux*)t3>B4Xc(naASq?zFYq>IBjNKIiIQgb*HsU@6&)Ed4KsVzJQX;%0u
zq}gEu(k0=kNbO-AQU^Ui!1(<uvDk53&lyO^^(A5-z$U)M*d^zP7{JTLI8)3`xK138
z-#Q(kQpzpNFi?oAYB-mWCiF0RLnZf67YHycj4)`z*Ahc~cordDIGK<(98V~&K~8Lt
z$o%nq5D`K(e6e$+h;|)}pMTIm=BaElA0qoN(7#lHSH?5G!WjuTgn*{fQNqud339sh
zS$G<CPP+})M%DK5?iwASJGQgBv9r4Iv^Ao1j_oCWS;$WjzjPvwMLS1nTIUqWiC8#|
z>pP`x5iwNA&sZ&VV*7J_cxmYdUpN^#4+VHs<SMTWo*9*8@+ovM;W1rtDT;IX7A=3n
zr9?cCI%x`SpT+4GyBWrgOawu@htiqhSM!+RS-?|(p90=O**m~*0FDA)1{^?HKCl6>
z25=)_6lICP7l5w;wgHL&Um(8#_*LMCfolQx0h$0EfL_3Qz`vmWKY+u48*XNXKLDo!
ze+s+^SPPf}_z?Nu131v<f#(Cy27G|_PGARM8Q?a66~LpM;Bml@0Jx1B{wKf!_&MqW
zfYX5A0^S4+0;r7Yh^8{CBc4g_pWX|_(UeKSgEIvogH$m`DosbAMVD(M-Gunrv6Du*
zjVrNDF&@*DbLsG7y~l+4m3VC{U+XGUzK2u=m*e`1$CB8y(X|ooG8``y{(u`%RyhJJ
zwE@ENcY<163C3eV)f5C(@e*!b6vV4f87K7Wn2||9etfTiwN3sWGY@AfdHh$uP$ZZf
zTmB!-cYS1R>9YCKcvZnNb+p)gZ;fzYVZKU(zihr|=miZ{eR00@<RJzbpIIzi58ow~
z8hYOrQo6tF!gllGONyZH{*qzrEeoPchU+fw2BkQKQ>0JD0a-dM4kOCi`UkJR`+__d
zFE+o8hB%0IJ&uU_x)7#d0WXQomG@B?gh5;ux8*h%$S(MiS-3cI2k?k6p0{-=?v4`+
zl)GaP=oJXU!Un(XpA;g|Z~KCX+$9~;cTM%{EI#cmOVHKUm+>Z?i^tKLO}qMmb_dXQ
zKcEjV5&`8N^XKj?YCVfwccNDv?WFI2Fl&SL?aHbK$1L6i)22Jk>kGbC-@kHCZcS~F
za2n`1u|IA_gXmyFIQQh1#K?EK21!?rPgXUXz)|*%uWQPENqJmLw!XV&TZx40rope9
z``CiR(irYhZ(Wd5#&*T!XoPF=4nA|&3Qf*(jWAt29EZX1E$)mp5RRW65Qj9qf$j1B
zO`350{nP#T%eh~79#DK8meHxN@$1H-5C4iiU-BLXgTNOx1D-I>6<7I6hkX?RpKuDV
zVqDMTIPs;ge4Qu!cjzMTS-9cArD_2y^?2(u<L-16(P!jaqtrRfy;8VDQ#83)7?nCt
z;H9Z(SBXjHUU_S0>2JiZ?&BUB!Mbt>c9fWu#ZLzsOw2`D=qkiegNb=WCV`Zkr=-&1
zg04JszR!6|NG=*oTuOCcLb}1kl|+6*f|d>wi=aV$J{8g{^%dF{P#pzggNe(C{MD7&
zR#4sFDs0P%l!&bqlPEOHc{g*t51?=`v5=}7Cs*Akcm@-lRJ<0&Yj>8OmQw>!4GBrR
zoWIG-<aK#D!tz1q32;C}=uBsV#xAl=N8v7=DZ+Uxa#HCD6znXVc6xb{uk?iYrO`W}
zo@R<?{R9!H;#r+11`6X(<5lpqt7)lc3<C!rQ|=1%UV0tA_^uYFNyR$x%O!k3{L;?9
zEEVVww(f->>PzAfu9>G@!AJ0wQ~mmax7ML9J3}+)(ZR$bF#5FNEtfF=?oTtXMvvvL
z;PWBsQcthbm~0_LQ_HJAj+Apfx6*@4lC;X;(@Lw7eQONT8oh6o-nS-M9T^LN6)k`n
zh=VEOkrbF_E(~=C-LEETV}z`Ro;S#H0*D=I26f%5NY|wkxDu<k<={&ZuHFB!m>G^N
zVusR8oRPo>0W#oYz|AQ003HCaDSzgtq58NfTHQDK;u8|TS@@qQ(bK_|x(!Ne((KJE
z$FiP?N05j^>uq2$pNd#@wV-d(1Ybf)wP%Ws1%fXVseI+?9!-ahG+iBh8pkSZA-*ZD
z`i)!m8q4q^GHni}scDp6mqKZlfzteBqz&IswJT`aLIqu?S5Ul8LGze`7ERz~<%u7}
zn~;;7Y;U@Pb$c^_@jAKJM)}^;6S6!Q-wsv{E)#pGa_>Uq2IGxLN#Mcwbfp%1E8Y~L
znsn>$39!K~8}e8(rskz-^l{%;5<iZ7{|J+&=^}a0oFb^_I6mAQqtAOy`XIH6C}EDO
zgrDP3Atk`~{Z}jD43zMnn>vK_?WEbOGy4q2e(XrDGJhfN^CO|_G1X{{R^~5B*DV;D
z9XLOH(~yM76%Q}DL*A)UfAu30^Xbyb&@p!w4pq_<3|?4v!l<gHF}x$RgW9_umb7;r
z5`2@7w+0F}9T9J4!L14SZvTM;ihTkmHK<EB<bd8y=7ng1^juaZb|y0%W?b(r@N0Vt
zsEYvia4Iszdns4H2j5MYRhC>jym`M|f}*f4_b@*l&!n%7anC2gHH?K5Bd-Wzz6%U-
z{IsUIL55YU4(&isau&%ar#3@WY0QUjE9bbLpV2(BNajezDW8z++o%`O{d?XGj$Hl=
ze7&XFIkf!8vQ_1(qURne^l9ajYQItz^-DSG3@?20NvU+)QJRd`1;OBO>iK=rr@qo;
zjEkpt=~VbhdLGh4bv<ZT9T`N?o}x!(jy`1~j?M|LH$d|bJfscvDMaWWfuJ=F*ZWIQ
zlk_8<|2Fk#t>=myN{>x(HT)DP=L4uEoaGsX1fCHjgYl#|6tbY6)~6b3{jujXRi8o<
z{C7ODRI5T&V~uqrkeI&#Z5ThtLpb;mTB8|14N)?^g~+K?EXUI-!Xyx~9>d?4P%HuA
zh4|o;SRb$=7$lE`2$a6uD}SnD@a&}B_!EqYhO}a5tnd0ZPSC4SzJYeEa{|w>$&P&L
zo9j7&wz=bY?UUmK`<`^Pg&5PLVhk%C(2_q7zDQ~C0c?m^#iNrdo`P6Pg(z!;Ow9FG
zG$|($A5;Za=mIp4jx;60AP?hxA3|t_+oGdf1Ge+0W(RJfIq<e<iv^K-8M1|E<L)78
zu+N+$Wv(Cv2i4U_BzF*>4L(OJ%p1my-6{w10?VX<;9<yd1fOaK<4G5&kdMgo4q=t#
zc?XsB1ts0Dq+Lj%b3}CIQgNPk2!D659CzsI1Tm0ieOudKg=fmyP^{FRoO{7LMJm>7
z-^~5eJ9UK^$jE)i8?*+naIu?#>M_VcUhwRPo;};KqwDuTF6L4{`6{<Ovvb_~Ys3U&
z^?Rwx=MF|5v^>Zeg7+a+gTHl<YY~;X)S9)JjB?!bIZ{D-e{k;kVf?*8Wd2g=SiNr=
zxLGybf0VO&RASa+-FBF40Pkv2KPfK4PTx^3ZxE9o<GxsW2j1u%dLG7%W1o~`4RkwP
zPCT9`zmx=PZg7;P;YkjELXuAogz;Ky;7DbYuE{8;J^{T}f13wvN?WgZK=N`;DV|}n
z=0S9Lsl&iW1^NRmGJiSsY3eWR#=&zfPM&JfJrQ+VC+XvZ>Zm}D_?;ur>>1o_^->mj
zBKf2%_!&CK?vciQou~0hK|ZN?5?L4lMPBI=3mOb|f&GZoc^acpBwJ0cm@M1{^^>`t
zKUH0<oPE)2yXZd4ME5wWta|nKj|yIX1yhl82l;8e1N@Zp!+Yrz4LA6mXAz@qfJhS7
z9}hUr2|0B$vSuRItAuhXPpv1W(lKl4DE^AbifD8w_cub~i)+w#*wFhXE=&E>W+3?L
z#|NGvtU3BW|CUcVt!p+ZC$!>3W{UZ=+nInZ2pxLRD;x&-kjko8wxQ-#O2SD}0vtk|
zJS-0Aa?g7|t=V)0^<7j?$(8Dl%k#dE-sE|^k$MWD!XSNItX8hbs@2Q%*U(HVOgH$N
z(+z&Wf)Si#kqt0`4FJ2Bg>lIl-N4G%pU9rTRr#WEs^(m#F2lvY3ibTng28F>!Rs)T
zcr<MzcKRcVT#qX0Q%d@blI~Md9x2K7-S4m0z~<GA-40j^SO~ZlpaZl6==Vf1W6uB%
z0Coc21dIT-0U7`<Kmou6xDjv^kOJ6t8)KUQ#eht}F2MDG>449^$Jl!S`rQg_2NVEq
z2iyVh0NMff0(Jua7Vs3{C?E~+8Du*JI1KoEz|(+70S^NX0xti}wlc#EyJ{;VE0}@K
zoio7Mz@xy#e-;?-fw7fp5N!a)*~8`l<7{Rb!0^1x1e^ez2TbR939ue`J@6FZdSC}|
zGw>2%9(XG7HsB=S9^ho)?*o&6e-wB+@YBHfn#5iJCV>tC<Etba0-gyx3_J_?G;j)V
z5Ey@F!N!2E0v-px8W?{wZ=fg=lQiIul$a6tT3{0}{>+T!0nY(00j7<%0r-00cHou3
zJTOiLwhh=0+yk5gyc-w~TkH{FBk&WzHvm5ad?WBd;G2Mt0;dBX2c8Ff8u(`5G2r>Y
z<G>lf%*hP503`$83Y-SK0N4n;5I6&vPD>kbCU5~TIiX_U#lR)NCg2Ug_=v<jz!qR0
z*b2N8*alqNTF)A4n>*Z~8|zxyffSs%qOE>=lwRp^*WJ@0w8ZlGPbyJ*-S+k<y#)qC
zeQe2ATSw?v>u8=@M`)#WW5eqDZPZ`uU2Ov7X@nGw?U@(bwPzL<Q9W=6zr4QQtI$Q>
z+Pl{@G$?d&y|={OdN=O@8}Y5KS8=QmWu=imT;4Xmt*)(^_{zO?vHsSrDOcLATUSDu
zW~1VZqek*Y&23vtYVUG4NAksO?In#ZjeL|pGAi|vc{~1J38ahl6&o?qcAdAjp`o#E
zWpiyu2bl0bf>;~4+XP-!2Ff~wyH-b3#Q3^)g3RT0_eAmSv@lc_QyAJ%9?EjHd3l8{
zYHU^TWJM8=t9E;HTWx(zPfA&bN8w%Dp|&k||4nQRh#%{-e7o9bh4*fSAK1l1cIu<5
zv9-Q!D`>Ak=D~#ec7jV}q<mCHqN73(eYspz79D#7t746;6<fKHZDDTaWjwPo3(I63
zY&(E{SK`TLwo7=v*^3$Vv|FhC2GCdP<suI~I?!VT@x!J6^*`zd!3X(Q1kqRgQP58n
z!x0?KKb@_P-v%rKqUEP1@jbhQ84dxceYF1gq<Sj<2>yQqqO9oe942HefIpm6)<tIr
z$_`B`n~L+M3uRaO{l9v4o@6V%?poem)Y$B<Vh^*G&21g-VtCSKH*1Pp<>pIjJ9wwp
zOZ)ih`0`8gd#HZR7Pq&#w!Ph5zt-I$H1lkcrqI2mvCh4^ZDm_4?}cxAEi#64i@TMt
zV(cbrw^HzWk%a@RbHiJ7$FFPdSl+Dszc7(#uvFGIW5e}O4g;&X9h58by4~zY+SMIZ
zZCkT#(Jojg^;_CjFElIDxxKapQ)0I{*WT_dv05_go8jZ!>I}=>UXn2~QT#1SMAk?-
z&cKMwkplGdF)MU8yLoq%B_(c6ySue~Wod0|?cHuKIIdDl)UJ^~7gx^Ldihuv%L^-)
zyH-af`6RxvqrUNOcv@{jW5+g?WM@&@(Oz5UW?@jZ&8={V^$C0%ytLcPa^q_1ynIc)
z`!3;bj9KGpYrBWBpJ{5SxT4jgtXsWvTb;X|Z)|I2kEu25+}@VPR;+SVRi)*XE7zLM
zCRHaL;9A+<zP_%VhZ*n~CqAyGwx#3l8uvCj2u{Q|kiuD~wx*?)mWW1UpTyNPwl?x$
zZ()DDNY}Vov$h6I_pp<?8lhF8W<&0aEuX-6Sd6w-rTdw>nh5m+lD64h+giipAV%*E
zZ8fb}#14=crnMI9w>b_%(e!H6$$D)yb!{yzn5zhTD2yn^<#l(!xY$mVMdsY*ErOj3
zUg$ur%hNbp>u`L#+LYee)v(*i`8-{j;P!5JxxEc--j>?dI`>MP=%k&DN%p(WgY8pK
zNAy`LE#Kb3yIa;Zwz!vf(3T>K&CsG|U1QxnN(b2pRWdb&Slqi%uQV@dyvtkb-M$hk
zQa%1f4;1~stFPc3C!czC1WqBgwxMh{fV`m*fguHxCO`qe1=tMe0#MMkADH-_nyK;*
zgTH`+Mg)wT5hPN8N4zcsYQ$eaff|Ce<LLhs;NJk6QpELuTtGQs6QB{m14O`&08axB
z0Nw$74w!X2W(&vzd=GF3zysI@pc%z6Ez_}hmcSD6-E|6^%92<zo5rT&KTR3f3^tR^
zVks<@UBz$;7dFD#@QTr@q~fiZN<+u4TKr$+NVeGB-0t>5rFGFzqT`Yp@OHRYySCUU
zW+D%y_M$e6R%U-|rK`5?9ycFpM2;Xru65UKiIC-P#D8k9a9^ryu}P?s$FhaZ%}zMW
z?H6Ymn@)`9N;A5wGAeg$Qr}V^o7a`<BU6i2DYJ{^lnGvvb8fpRwKC^eE#)q)ji`av
z{=46QwFc;k>-lS5EsTzfut|x-qWSOe|4$mwFnT)xbX_`Y^2s<yu27DTlFHp+^Jc^X
zbQoRs%UiasrP&A<-GSI6f4(`>G~ei^Gq$ny?)>=`>xvfH=NmhC1Sz$2_~*~x?(Ues
zZ0WSAdAKjSTkdM!ZbS#I9r^PGZ);9RoyXl$+p(ynvCiAp(bm8(!a<)?+tHG_#XR4L
z1G%xm-N9E*9t~X?jd{4Hb?~bZJVbiC@z3;Ty-{h0mL2Xo!Q04hkK|F}b^nckQQY+|
zZ{rr6=Xbk1VwIDto!iiqLaq|`7I(9;nbQ3EwH>Qlx3t~k_Rcp7jmzsO(9NH(yim+H
zE{^q+xA@yf$y<DhOnHlAlSA{o#ZkQ>bJ<#4F^lv45me|+=S}yTe`x;i<_qRuSzfXP
zEWftAX9-#UXt`j~SvhN}b++|ZtI3*cEw+|eUDkEhChLRNpIP@<N30)ON3G-5X|`0`
zLR+?No$XHBUA88h*Y<$zLEFMCYu37~yR%xd_GJAs>)*3j_N?sE?B8W?b&NR@bBc3*
znUkB>nBSgnT$a8pW7)!Gre)`sF(clIAk%cy)u#C-yJ@NEN2Zre@0hMNKWE-=?l-?>
z{@8q-<tB^Sl5hFYl44zK&9pt9eJDHKo?%~TH`#4=yFJfdU@x>6+e_>&`#Sr2`v&`F
zd%fLbZ??DFdHXi|efBPUkA0{8`}W=TN9>Q<pRhk=f7<?xeV={5{RR6$`yqS4e$+l>
zKW-nkpRk{@pSF+K&)9?ZQTv$vtbN=*VP_7VL+?m-7#t~%G{+o=(UI=Ra4d9~95#pD
zk>@CIR5|W<{F`G{PHWEZa?H7Zm%A@Fm^+#~mU}jLJooDSy8L_df06%ee(%zKOD`;a
zY#Anu4Mu;AoNmf6Ei{=-Hq1TGRA4GJ6`S5P{nivT8O=AF7n&_*yLqYEX)ZCBo9{5!
znmy(=^H%c%=7-EbHa}tBgEf5K{IdCV^SkD-`K)=KWdSs`1iD&j`JScBvfff-X|S|d
zc*}j39?SPFKeaqz`GsYl<$&dw<xR`GmYb}LtQPAMYpJ!`dare-^>OPV>)X~-*0A+c
zYm)71o6&Zw&1AFNJhpb5V7nKq+-rNu_B-3hwm;gwuuaLDo^@^3Em`KQ;;h@Vc4R%7
z^<35~SsB@PWIvnzLiS79f$V|o<JmVaS+FF3$(>8umIzB`+0*Tdv1Sge)SdQPtd0*W
z@*K4PrhU4@?8tYNI4T@>IezGP%(2gL&@te6-SLql>`2H-&Y6*OL(bA1U(Ulh|1Ia~
zoab`(=N!m6ltXv;C!o$V(Ab!1+{Da!v%#EZHkvccCg`rfTx@ok*PAy(bM5AB<}UM2
z^KSE_=BLchz`hQe1Lh&~u=$jE#2hq_na9n{qPG|<X%?d;!(y`7Ed`chiwk<(Z1Gsy
zE!!+zmYtT}mPaj5S)Q@%w;aUY8L|vpPFdz;8?)=PJ=srXKa;&L`)Kx1c2Ie9gJ|FV
LzSF?}6&m>8CyZoM

diff --git a/AutoTunnel/x86/WinDivert32.sys b/AutoTunnel/x86/WinDivert32.sys
new file mode 100644
index 0000000000000000000000000000000000000000..28acf69f789b392845ffccb5b211359c239296e0
GIT binary patch
literal 46544
zcmeFa30zahw>W+i0tN^K1r+y)sHliHggp?}04htA%?%MD3W$Iq5nNCpL=D%tRjpbV
ztV^w0tF|icpcdRkYZZ4?)TF@{D@9Z^|1&oUgsRoo_ul9Ceg99dJ@?L>nK^T2=FFKn
zXC^da>{84K!!R0vMuTBx@I{Y5`TqM?H6&a1K5U8oXnL_v872H;pP1CN99Fg{Yl<jo
z8Y?*|Gc!xfnj~b2B$=$VOjdAIG;3N`iqP4@!puQOdi^|(-OXMJBlJ)``R0gQWPJRH
zU*TIl`O=81<oDi)`{eiRh#K;Hf&7k2OHM^)^_&X$7#2=3!FtstjMd|6F)GEJVybP_
zAT4%#Fnp~51Sn3?hN&240%1L%6l@Owbk4csWG)E7f2bUKk>A!2LSjAz7?y_uOQAZ*
z+WMqmSoKJVm10;i;A;gK)}uA?GXjvm_HVK|i-mb&NDuaa7vjqkz_5OZvM?;wS(K6_
zP68e~0s?4aodA3Q3?6?B3v<?H!?MjFAsYbt28#qRc>FQ!%&^E|F$gus1YQLIbO1!x
z;9+6dLuXNrC>d~MpDcv{%0C*w;PJ<>KxdIKBMUN4FouLu0F-Y6fWhMr`3$1}2LIbV
zKxkr#dd}H0nuvl0G%zdZ0R*4UJb2bvDb;A;TTyFeUXgH;hFw4pnOmCAz{JL!a(}h)
zCMzhG8XufCLnEOJG`80S6fEH+U7J~-n~sSs^?5Y5)npbOy-f|%DVVHWY$8w&bHlJr
zjjd5{6m8Z<I{;-HD7LAkEpCP47}PE+XBKaOZb-)j%2%!!iZ7Bvd{as`1(TLL3N&sg
zoAL^zZQ9ZvcMRd`+T*@OI0vZ6pzKP7OKFcQB<Z!sO#_^+y12HW9|TX4-KXo3dVJG%
zD9HIq&Tol}Pj^!As}c7<urZ7<Qsg))@~gMPBj?u=K{PqPPI{VAhBWkKIlnm_gWUQy
z^#RI6L`x#);sm8Dls>DiMmtLNVTQFRM$i<oWg1%y`i(H+!Whc}K=%<pG(cY|BFf~F
z3mRKGB&K6=%Do&6lk-obuKWR#rNV2NLb?t@a(<0MdWQ^D134h7qsXTN4KE`}79pvT
zR+ba|Y64T_*P~_tMv;GqY|ojk+B&59XE1SJ1^<pfBe|d?pf*|goIwhHJsHo^*FL9<
zhJQ`Uuck@)HCEF6Ycvrd%|DIhcSEIoA(z@tOAp0|p!h5ly6vK8S<7jSB51sv|5tv2
z*&sqvP4H{<oXYuUAhuP?Lj7UDs3~GhSpif@c4~l~YArjv)TXUj_2aN>D2zk9`9j3f
z35)T0AW`*<IE@<v<V|DiFM)ArP(;G0G-~^>kav<Cibjb^mC4T#)Uq(4m6%p~KARdM
zp@?V{)3tQeornXCtyJTbi7gt<UulmVso*!m7|=Cth+mEE=ou6k^A;GLAw)!TQ-F!F
z*q8`lsBO}%(m_(vDe2fqjqL>_QxVOwa!JoBe#=@6E7wR`45+vQ71WA&Vx|od>BPO9
zLnU6tYi8gA<#}h2!Pfpc&Cs~9+Pa6F+c$w{B9bMi6Oj(`Fd7kQB@ctJjXaD|5@zKR
zNiTRn!NaVGI24sWq*wfEM7`>ArQjje<;p^V6%omhKA=^osO1l+F6Rm!&|J<fBy%^N
zq>GIU&U&ipO(&^hpi%{Rb$Y>EI!44fN(NW_N-KY8gb2}fgd9mKK%n4(m5z!d)TSO-
z@vHIsS&hn3UG1_0L1RRaMG`ESXyq5*zN37gqY_nD-f1+3+Ln&R#S{4qB9|uaNrZ-T
z&cbjQLAyp8jua|N%&=+-A%`f0q3+l=L~+_75-6v>)@UHI4#q29$-*%#aYDjLMmud?
z9~Mm{FhDDrjNz20+bQyEUhEtVil;`wuMtFR<$}{Bm$b+w%^<~4t2F<PB~#V`l!=1h
zC{XYl1aZ228ryJ4=T<TonM0~HzmXv}E3*LcP`yEe%5NyhqnZ#6OxYud9y;+gXgDv>
zOTR!YoetG2^2=WA^an)*GjkJ?3pxK95>N%dOwURczl;UhHMYSppOC)V1TliIG`@HH
znMT^&gSnsp5X=JwrCmUt9b`-4Lxj-Kq9M{~G>Qnu$aFhBF^#Pl_*M7TWf=K^4B3zY
zx}TShX(S-5+F8Pax?z?O{AN%Ba(c9Z=ojYzK}MMsG+J#+wp~`9Z`oEMni`1{#+`*V
z^HpaG)(zMj2{07^GcuwW85vPO07g_&J~-w2!GpP^T-*$Ut6T_g!&M+3R$q2W7`@;X
zC6~r2SG&DCi`MUjVRZ2T=D{$t!|%|-!aXN4mR3;Jlz_?dFf+A9NmvIcFyr#OvkSvI
zz)JtuHND;;nsYmzXeL4#@`Pr2LY+LJQJ&BsPiT=R)XVuwX|qiZlv5F~my7dCuo2H7
z+*lxW(dm@vbenk1by&%`r<ld5kX~ZNJaA6>fLU^@;sLebQG-0frr?b~Qx*<slL>!n
zNpr~^=D|~3zLF{P1YE&GX2EM?W|0$wxe-d{g1!)dzAqVVigeP*c#W+CRHfPu121iM
zWEL5r^tS39$?EG+^(xpVmsq7c7CdYigQ|T!5u^`rUO=|!0tBFbT1i96HRi#SMinFn
z2LMa(>q<tOkd>*2G7ktS%me48Door-sv0b|7$#1Tsyc|Hq$*R%00rY0v@I^NqeR#k
za;Mdu=~Una)aDW9fm31P5mKeG*j=hL7x$4W2TFzu(kX&;I>~K=+DE}yi72UmgsGwa
zURPe5TCeV<i)*{KMQzzGy%Ay{uaIc#2t9+Q$?rzcjMzF(c@@955Xce{tU`V*+GH>f
zmQO9WGpc}n2lD`k^&L)=w3f-a&Cv|56#IvXIbq^KVPaO8xO1485yq5Bfsz-$Ud`f^
zd+}S;UD2mO-3fgf)#jXX*;O^{6}|Y)%$4P8BakID_aagCr~-eAw3*9Xu#*aN*g^KL
zC+vzKuN8AexoQpI2)>nS8TqBF<m8v3DkQ%>R5Qu1ooYIK^%ba6$OzQ=hn4{~`ZTDa
zp@_M==u@x04$=Z`gJ!8*Ng@#Qr>GpYVN&LlB^Q_nD^#|vD4JT0N*(k!sZg3oYbmPN
zFhg50#_D<qLrIfEz0rK?TcJKmR^m@rUD0Jc;BTt>NgIZYX6mmX1L4nLo>6_T#S;Ej
z>gUV@ROW%<6yU9*7M3lVd4*~zBr^{LQkVyaQ%OAR$kk^i6M-~U45%nbGErq{^K?)p
zBU&OlF^fTrwITv-n3tHBndjAO2$3Bzs|PWbMFcwNa59452;HE<$?6+bFJavQl<JN4
z3!<+|1p1(-)iv-^-5~J|s@vMH`X0e=nM`1+%VfMobxQkHR|1}ZhTD^cTcFPv6-t^)
zp-t9CEmUQOQHJVU!>GAxtzpzmMHog+RdWoZbk#I%6nfQC71$cKQn|N=JE;cgi-a*?
zd4P@ujRX2-aK&K0jhapH>s4%$-Fj8aTh!)yRR^*}JsMP1J&997Ua69<rgF-Oh&p1J
z4flDDvGj~aJzxfD4zUPH9qdoIuSCD*{tgQ?_onDU?h_)C&OMV`)4lv<4H0n%)eNe_
zdzjdHnAm=pxbrZv*)T}}Op5gt>cMDjXKt)e+mnF}6)>F;W?hBaiVUo*P<J2$D=LTz
zu$xTLBs%C%Rd>(^Xom`6GEe4Kh`R-#xA|mgel5n7^@PnHr+h*pEHph}viPeTxiHnf
z>_)-10PF(z5#R#AO@R9V&j1<$o&dZ7FzrskYylhr*Z@HQQ2-MGG63=b3IP@atOEEB
z-~_-KfGYsE0Dc3Y_Ml)E0JZ=<0UQB_0Js780t5m?0K@`}1rP#=0i*!S0X6~b0XPA0
z3E&pM6M#Pe7|<pgfF1x2064%=;Qcg!f&E4B8PSJOKgGpEA2Ex!ApMtbM<mb>6={2q
zS-cwp(u#K|eZkid)@ntCt6hmn$(e!&Oz#LQ$(WKzig$#KWF+%IIS9B^iHUu}#6!cx
z1H#0;!^GBMl6dZ1dUvGp#1YJcAyoAUFBE@SqkaYf^<zj?H*m_~gLLCfZD>Wg`ZCH4
zTSFU-#7YpY3<bdi5@s-NuvJJnX#?DZw2m}W76R$&hp@IkFxWNLGvd=bbFPkg`JAJX
z=Qqpq8)1jSy}^{3fJ*Z%Kuwaqfr+0^NyQi#rnGO+Xwafu#VoD^bab3oehYK{j}YXX
zMH}>rspXxGPL|jeya9Dx4(NhBiZOG+0SGY<W>c95uNS^91gdlBg|AUB&h0dr`;s|-
z6{K@xTbNRXHY4q08K>zpra++JO%Jhs!JD4qo}8;*0yCy83Xom`*k*>1flf@BF9ete
zewM!W$_->5SdQDH?cGWn_(=0iC~8M|Gu8Hmc_yHaF?ClI=nVlY6abXE0~ugq%mptX
z0}<Oi^{k!3wPOi=VI-wQKq;|=K`wttGds7?axxJ{oh*-}!j}eL8WCn9kE9b}X7We|
z5oRfmv?9Vf$s=vhlG5C7UWBySKHp#3+;iSwX>*tSUNC<bErB|u&1Q4?(&o<0C4~?x
zF>!d#pr}LP`v-%n_LG)Blr|gXra}A#!$>_8zKsl;dVsXK|C|_Uv+LY0(q^x@X0Te$
z;}`UAP+LKUCWeXH1ipVVj2D`OG7nznMzk=CB0+C455An*WQR=o;lH7AZ3OwTjMGTK
zxU(&VEdY2FCX9oqattJc&QC<<nPM1L!=hmK0O|mm0G<J802qCsyTK!eTypSGU{eY{
zMk>|F#Dr>WM5V$9!U&82Mdn5OSKXtXdrBtMr8kVVwrpX&59DogQ$)uR&xu>eC|+3u
zt&s1pgSXx~-U}6rJ1Z0@MQhTQ6;r^L=mr8!gp8KUE<ge}ui|0hG^$i&kJtGh6nl{8
zf{-Cv1elHmq{k!wDDp@sssX7bxm7N^)=C+a`e2e?I$bV14QSFDx$t5q5#*_m)GP8Y
zKxxj^t?54Cq#32)7YO7l&p@^+e%(pfy31pg%EusXL=c_KT>!bkowJk(V#xU`6ggm4
zZQr^zbv5v{RUuPCLGb@<Rqlf#3dvE$F@!-yP|jmk&|K+hyRAf!6`~?*hD0LBMlNeX
z70Ub}+1MWytXCWhh6rTR>__d|s<ls$L+Kbxn*g<;*2rb95Z89enkpF%5!lvZa@lAI
z$ybhtx5jn_c+EIXaf*lwBL&JX_ArmZklTg2ay{y(xM*cbABZ$_-_02k7l-;FT3M&Z
z*aC)Z7$8sSkonfp$^{T6-6<l3tWqaNE1e+3t;}bFHw5`v#-M~sbqGNYzE%)GA`GQK
zJ78i9trQ$bQlLHsBVScKA9;Kz0NNx@c_LV36F3*gDQ$ZhxMlQyxE|54FSez@gaE0F
z0#{6(oZq0U$q&gJQ+5&FiqIZ$pc~ajuw(PWn8js)BXGh}PL~JJh!6*E4LB&~bed=E
z711CvCt@20U+G>$oKtrg9MRDI6j8%X^qIq$XUvWAgnh#8AlN_LmI_-i*=>m(5gM$B
zXaP%JXG$&=llJ9sO_T!>;xsVSNfA+}Z42b4gSS8#4YNqe_ydVdE9<d!!2MrYFOGy!
zR5QUbLr~<Pv1syanw&kMmEgGc-a@C6Agee|lLIAQE~%GG8sw5jF!3dp#jx_6AdPkp
z=vb|fuGR8I{vjj*%tdcepYZFO{K5YKx{)D|P$Dl;TwFRO4wMdZ5rJI@IS7eT*2FBf
z0%C-}jUo)p#g@WXYS78d1ss^l$P>C!1=3k9k8PA)WfngH%IU^qh}SQ+!seJ<XlY`0
z7?>V3$S%!q0Tb^vqIMFtYP1sV&K;b$u;FLQ9zX&|!)a1?h5a&Bmq?~mp_HZ&4ycS4
zFjr@Ela|*DU~4EXw}DS1`Y4C=fC^4Cpl7zz#3RUM-sojD?EX=XIOSScGr@XuInk*U
zE0^XsW8iB8omvH=Ce3fa#HJbvNE7n5Xe5ow-;~g(szmU)(Xse=t>*_^f7{8PY2a2#
zI-EeRGxY)Jt}TGny5d?OV*})NL%wijIglorWtut5h<rLJvDXa6RS|JbY^4>K6QpjO
z0wPcn8nKXXPK1s|{U0hoUggjju<o?^3i8b<VlQYRk>5;2377|}w^N9d5~~U&6`X0(
zT87b8>4QgV%PUGUYFF`)Dt%C8e$u=`9x70qGzD3CN+g6W^5b*Pa-T~~2wUXDC-}9}
zS}<O~U6{`Rf!CmV;#0r2MSamM>8{D4zr5GIX{7XtT3Xp9Zlp${9HqS86Bg!<K$0S1
zj?|(K0*Yu>+iP+dP(+7Zh4QJiLMa1PM22J<=At}^Xlv%2HLqaGkjVja2D-3SVv(Or
zB>{Z<y%Le{3fr${iG>%RF1CQ3mTCgXhZmorejX=C_f#4^1<DOba08L3@om6z14)(h
zU6slwpff{o5CkSi6RMn!R@5q0FEX2})(!_posB%iNn?wAAdt}pOnY$IXe6#^lSg9J
zOo$1PAE&G<DRcxM=bR1bThaHGk;c54;5+rL&;}fJfe?nYwpNRB=v!glT*9|o7(yrb
zJ>(%)1fL}ju_5@L@(??M?;{Uk5qy7nhy&Qu^0^GcUqBuQG|EF9Ir{aLORle$;4#(;
zhROx{P7`ETINJ`L?9J$?02#3&%t)oD8DU4fMu;$)R<*D}xiAj|g=@spFug9Lg9{nR
zRR)FY)Uiw>?m)a$Mm<Bui2nrGbodzV%cb=;;OJ~ti-;g6ZYa)NKp>qm!h!po2-2!o
zelt?9&4a7EKPOItdgV8FzeGIe=K9P_o@2}n^~@blggP0KrE^V*PzQf*sN;;WpuStR
zwSiu(*S1qxUT>gF|4_u%le!d~o9L*dP`eBir$JvRB6LNF7fJ#OsRtm+&;v&D5j1&M
z`DmIZ)B$*>Ag!&ZzWkL&19RT+{Ac9I=(u>!?dWKtAzCxT2?+wJ1qj%sH*?=;jSukE
zXq7+<2!&I0d^Gq}NfmIc8#*n?H;GpjqV5TCgcXjMYbOs7fW@huh(tw2ZSRWa-rQ6A
z=@_k>c`Z#9RB>0$46B!5k48&t)zb1Vg6Q~B%5gwd-P>~lU1A=M;(jR3)XcDfyd=UN
z5ZqI9jO7z>bw{)gJpeI<sjSs+%GqkvO#PCgU0*p@N5K=PTmXv|2)#9|&~j@z$R-25
ztmIbeIq@)K;^R@KNsx(qQfxjdor<E-5RE5;awBDkHqC4lnbQ+uL<BuP-54^;DN4uI
zk|wBRS27u_9~6URQ-~*ODWd|)SI<##D>>yo&$mq+Xn5d=(=@oMlCQzUgTwUx>Z8!r
zUimg+26+l7=hs6z#Vg-VoJCk{0d=Py@0HIGchqIcMr)lei<P)D!ggdH;A<c+B)#Kn
z<l(Y<Q~;9f^hxL#vNee;1xbVjI*CMObxF}Kw>=X;AfN-lXGp}zV8^t#5$PuG%Q>d+
zPI)J2M32-KV9TbW`K)~Y2+}IYp;gDmaIUqTxzsa28VygS(lMe&x3l;|t0oBjWFU0}
zQ??s)Tb0pCpsy-`mm;VKK_@!Ot>l3;%?Jk~z-eHRlRN@W1a+ze2A&8*(^$ZQeGrZN
zT4XZ#b@%6L`rsQde_z84&heRN2{U-MXKn{&4fra+pV6Qk0K0(JO%6=VM&PE66;wS_
z))!cT`e9cllfV>J&q7Lx4wVz8dPVgQ*%+y3qZHQdPqBe445%5gF&o$*a$r}dYdl92
z9}lN~+LMA^u)S-Ij7G->u#D$~Y1^jLI9${+Nd&=bB>}^uEp7!GwKal@Yxs0&B~6-7
zr-+WEqH;>?A=FPE>ME;j(E$&*e89BRbEE$4FY8`2xr+c^+q9k7sx>=lVX2+tG`YbB
zhZ=KW4TUTOY;Mqrv8*Yd20Qi+%55Ns$jgLk)Y^QylV~R-Vr^@129(!Ioc3IlsMei_
zHY@nGaJthh0K3B=zxEUf_KD0z$k|II*b%3O40Py(i7li`TQOa`TUEn>vhMuJpsWDu
z;#QJn-Jon48;Wsjv@Q&0aWq<`PYtmLB(vBFB2uLhvl#7VrAiw3@s%{DY%j_K8~<!N
zbAcLV$)i!23(&^0WHjylJ(#4c*TH%;f*ltoM!<$lx0;qg{<awM2f)4#c9F^mv|k{1
z7K>39WQ9PPw$YHpD;6MnQcp}0UPT%=u%iP~@`LC&cOk#Kwgv^i1-h;tKq*ip)G24e
zSs&=>5=fWS!}dxesf$;3dINhEev4|5Avd6H?;+E*h1@bSAxV1*OT;p?<D(rN=u`rZ
zaBGz3Um$(1W*|hBaxb_>wH>TLJ9X7%ctLj|OItwWUScjd2#CVhc5`657VU&E!fl4H
zh*9`jDMj1<l@J@H6y1d-mTW%KKW!brBu!Rrr!r+_uyvCsj#hmQUl=(za^xa`XEavD
zML-FiqL@N!$TPQKICZ2Gu;X+k5*ps`T&64)=r9k27;(-Ht`K{LfngyY*g8%?1zA4O
zjRq3cdSqvV5uv!6PK5e{Wf<y6ZUa<ih%ab<HjNmq+o8+(cJ15KNP3g);LyPcISn(>
ziHf9zs5FLYp^^Tqk=<r4$b-=nnS+;01Hv{HBJx~Z^&KjBNm@})oRU_<7%&&0GfL>l
zS5DwMU@i!PSTwp~0H(XfjgGFp%wU3DAL=QO_mSuNt1=LQN@;n6u9i;PS{nRNX=Ab$
zM^z}v9*iK35P;)PTH9=Xk|}FI4TFdgxTz#`F6@NwA<RwUj}LWgN1!1+f#eocA`K$)
zM1edvMx_R=+NObs2nT7speewP5>3=Fi#w2KYb;oTksGoZTufCI6BdXQ?6D#my*!z+
zI>0F+YDNmsnhLiRklCR&(YPU#L-~D2NJQ6Mj)I8mdc1X4dsH_MzXl3KPz*5w_U;!r
zR|AQPz9-GA<gs-UBYA$E^a0iUGI(!LM9C>Hm>ofhgR`jPSHbTXml^~Y3FF~Jj0gf-
zs-BRd`3FbR;MLLD@1zMH4tiM;p{oz}xv;4NgHvn|ma37s2fV339rOt-{k;l6b4%>v
zQpW>jwKrJDUi=!-<G9oa6dwe8K;)Z%({Fj~1+V-b;vvXv>;cB4{va>EdtB;N#1*nM
zb&G@m>Q@~`dXkTPzMOJTxa_l{9B#m9B-g;$)ky5nz72Vo0b>P{tsDT02JFx*(ZLN=
z*8;}q&uU}v083orQWt%IJ}|>9j)OYd7;*qkRY9m)NuyVOoy3nTX%TzFeH@MC3}_(W
zP+RRCtzR2WC<z_3JPUMFyfO!NX&}$V)i9F@caBC~;gzps%7#NU9?Y-en;>ei#bFkE
zq73MKi4l)XS!Ft;fc1q0#*R#?jZde<3t-B&8eGsC8$gl<S1p>$tp-;uX>f%yKxv$2
z5D|7@Tfl(zJ=3>ZdX{Q**8Ch1d#7(T8Hi&@A2w)FHhrs0_;k|NVvx3$6=`eLleX3w
z($>0QevY)ZSja^T)>iBu5KOSP<oUJj1hbPOVvklZm0ocA3Vw<S1}0ahznEO|*xJvt
zx%RZ#T!f^S`%-MIymcRu4?$97*?!O<IT7_J4gnaCYec1fs0<{;7`SU4OX%H?k0q=#
z%B`ehL~KI1%bFy+IGR*6e^SqUP>|{*9SOdJG^__jI??VOEO4N=$%86Z`#l6)ooc(6
z#DI;^2X_#Exlx7oz>?wdin&(NUVdUfqBmhA?;y{kX(H`f_c%>K3@bQDt5oKKWdIw`
zQ_46HMzkes?{yR(8<*Hx=&v`Y3hU8zgEmh#7&+Rt6K>Pc(e)iG9lJN=380?J<@sg0
zJx_yt0v(J&Fw0LUK{uhTIOy#vlTx6k)#369cJc`hRUwYZ4wp}GstUp3HZ7+73i>k@
zD*#-Gr##L_KG%QYgb4WrfqX)Yvfp(yEk?^XkUDBY*un|naG&P*9U!_B9{C2On&lH{
ziV!QgKTVD)LVA$jg$d`u+Bgp`bcGMD2puob*zSRe%{>LTaF~m%VTKh}q0KI+CIdXW
z&hw6cz99cRO;n!lni#JjJ;~7m<$Yio=9VHPSP-p6g76%bA4862t-`93O@tum4XjFr
z9M8}P;4a96jk2y%bh#7V1=<CCr_(v*V-)#|z!A?c1KY8RzY8WWR>j}59TdaDgdeN;
zi&%h==dYIMuaomjb?s3E&kuv0(IS9dt-e+o2oYJw9G;eWis<KbT*1Epd=CJ=O<_F%
z*5{-10w{Pv5S^}xR>qnmLm0Ya4!z0*$(Nc(galWa)IpGYN^H?e9_`PGkg)f02M|H-
z3$aO@(gE&RYb2*Nl5)NFM!O4im5_8=Pwar4*18K?<X#%|C76Ch05}@0h%>}6a4<<9
zP)34w%XZRagMSAcQ;zAFay?uFN`SN8wzc-Xl3<>rqN5B;j#8!=7S!7D?MlWnG$Kc`
z<`2|MQT8(|{yxWlDUBJ{ola3cefeRoQDcX}&<oI&7|nDafwrB>gP+VVFwDNtFuVQ)
z3f%xPoVRqaRnpDI$Yq}7PL7f8D3^spaP;wRp|G&$?|QK{eb8jNEC%7=E)E3aAUJtz
zItzpgj!?+F&7knm-MOuhJRUIV_Hc<#HUUC#k4`R|hyt?J@D@ylJF!2)6oXr3y`;z1
z0m>xTTw*OfRtiC?$gIj3-LXcO@D(x~70_-9(y>&eE;RdH0jJrIQk1LUqSI!y>oY$o
zw?$e+V%5i()F#FV3skhXqP2bqMV{U9GZQHoI%pznk^4b0)9$!ZkLig#4~kiK$7^&L
z#caFd&H7Yd@-}pp-En%7j)E`pgGd2mr^6`n9FOlx(55P8Ivzi&56^NuenB6e?Rfl-
zE==fXIv%fY#b{|d9&gcMKo1=20Zm0ZY^QW93xb$b;Rqj!LMDKZKp{iv0x;P3qfx6O
zqc+fT&3-hXRWb*7XQR_%-F8U{H}pvRYtb*zpQ)?C@2lC5Na-`ofv%IwRsaUJNM^^^
zf<d6#0a?>KwN7;w&`3AZ>_?gO#TbB7kWwOOpWvXYFuzNCd;`>@ia>;EW7DbQ$QzI#
zQ^!((=!>13(6!+Sa#;by6f%T^rqa+yOQnj8*rA4!4XcvTAu-GgmJ%5QLMhfLWCfw-
zA<&+cb`X-Uw?Xgyh?;zTHhQlV!@EkB0q=cKLSyR++@@M}MxA2VI)6ZG?`Z1y^Ows=
z0y0EEAzKP>U{J>=Dyi!%ZEbL069^Cuu+x9ZT+|53>8=yt#P9-G3h@Hvw;=6O1-gg>
zC!Y+m9{I6aWJMgSgSWm<6f&$`HK;Un2dZ1XA4RlXAzyzD!j-a{@TSPuSHq`Dri6D2
zj`{@g$bx>;_COWc0CXCvU4*ovaTw-~f}F@Y`ub5GO*RA01r~h?S+sTQ(~4n0Q;~&|
z&WKhHLYEMcnZGC#GNvMfC7qGpMcJtp9|w3O-#)+(67O^?q%wFAQ^*jGb6apc9)4*N
zT}eg@DrLTarBuoS&_}*M7(Vj#Ver=2+JQpZjNHZOmg6vJDk5AANr)~3(VY(wg$$tt
zKoEU_AUaF|N(<p5U%v?68rvR-68hZ*qND-qEfxKmBAQ$Zha-Eff%}5F2qpyv4r=m;
z7Ge-#Ew&i2M9&luT&2-vw1Jm3&50#?A}6Twk4rj4Fwqm~9_0f)f<ut1M_H{$*aHn<
zKzTxs=m<0rVz&;FZ=tJtAXKf^N3MYop(^u@l`AhoWw59cmE^Jt`zBacb-z;KTA<%z
zNRT^I1!G~bVvdwYw16IQ+Xd+wH<SyEht!vlM`L>$x<%{ax}fP-(;CtAJ7W;uWe_gY
zhY3yG@jXB*PPrOM3^`fjQo~^{qU;3hPcXQ=yD0{+aC3v<yFLhRK^dbBaJBLX3`^?|
za+KdeOy3l8y@kCdU8a#(f`JvUw1d+J722eLS3ttxluzD_Dk`Hx*BnQoIJxgc_)Oj$
z3GXUn0lZTIG`2^9-BjdsJc4+IB~gj4UBVhAj8+x^J#s8<l>Jc?P(|Ovx=(htsj@q8
z1nxkeO{jQ5o)advB|=@H8OEDYd#XZRQESxQn*3>0vCSqQ*d}crjS`Ge@Fz$EAL6*g
z)+@(ktCZ1P3`<aT1KMp{nz-XNz+60W=>+=1`Q7ClA1TjC;zES5bY51u+Z{-Pj)VG5
zQ_Eph)>NyFmF2)UG{#a|>BN00I<Gb^15qwVx8V(c=(GuyJ%nh(y%gVS_==sm6{10K
z<ga()>Ih%Z69#pFA);ipGp@H0Jfwu;#FaAi;a2Aih>IUwk!}-4-q1RMW-8GTLUcgA
zq^XvNwn(dNA|<~k>ZAc=Ostn52<I7u=NN<w48p|*;e`g_MF!zugYXK2@KS?twm~?<
zAe?FtPB92iGzgD32#+=h#~6eK2H|jnaF{{Z#~_Rwgk257o)Av<9-o_*nUXd`C=w50
zJG(mLLqy5rb7tnWp`DYl@t7a{8;`|fX;>x}4DT735EEfyjEy;Ct{~jw0V@P-8kP*-
zzsm`k|Ia>UMHqGqU=;v*I!iIk8Q?I$27nTPbb#Ri=)vd1k1qj61M~nu&ni&y4KfV7
z2XGW%IY1u3SO8A|7Jwx{3*>tUPzSV{0Xjk086X581t1UL48U#x^fVU23-~ev=nvoy
z;13`Gm<aF=ARQnN;8)0d4&VU527na+`bYm;U@9O40FFrj5!%#`jXw*U3?rWb@_?j*
z1u`Opa4wbwv8fPugme_n#ggEi0+?Yydj{r?4I~MFjBX+pVn8>f9gWC#b?E7RiqB-=
zAOrqoVG`i*zsl*y`3!1D_j5V@7(Eu21N=<_K9jJS|FBO{PkfAiA{I^34{xRac^rR?
z-aj3G*Z<-1N16ydALsL*j=z@EkI_xU{;T7!<@96p{yXEZ@6*5Qhkr8uh~tm*`>FY_
zoo|!Kd6)T~2KX4=_VYiAoU?5-KCS^iMvn!n)2HVD-*bw3_2d2US2_4xjz7-t=jee?
zbNn&-@5{mGa{TxG@M(R3_7QC(`OnsaVeM#qTpB(;UY{cmf5+*^`?bA3_*_muM(^|V
z!QXNE_v7`x9DE+fALsX<>Vr?|S;PIn=g8`(^z1*^2cM^B+snb{a{Tdr{qN|5HjY0=
z|9v_5T#o-<zW%8`&~yB8ehuZ}(=z)%u|N3mEc=w)wwHs?<@96i{_p4meV?Kc`xyQA
z<>2!;773>(CTC@$zpj&*1N05US_#qq)PMpJWM3dK(g6*=2#j@r@_bG{RNe#tm4&k(
zvOJtbVL#=ZG~LUL4qkbGZV$)2XZQaMJk@bVVAQZ9cyVlA#uS{An&{l;sl{+b*qNSD
z{rF#`*p58#<d-wS>vE3R+j^->9{G>2r#~kA56vHauPSkVU5=^6)5I^9hAvKd`O<yB
z)+HmbX|Ru(jD>@RG6}32WZBGwdeIY%d6Tx22^>E<f_GdScf<lPF8mACeYvm;A4Bed
zdx0h5`N@3mmk$I=$bxc*KVUTRzfgV@@GzR>g$sWiNK3;T{;*Lg&}ifT{ra^0w&4+-
z`1fcTrla<9Ax|*LXB^b3{4etP`SjnfcNFZ)QU7GZA7u(l{M0xYmj6_{P`Y8;49jZq
z`nr*qq#Wx0pY7N7{Av5wkcal^dS2#Y1(-jaN1eEmb>?E9xx-42bO{{4aQx`=F04O$
zta%#pWzYT;{@P{dc5fWttGL81U^9EAd5ryri&J<0usOwTQP{FBFCvR<1|&ON7_|LC
z<b%i`g>QTIJ8!kcE^O88s;=I{4)&HhxffquG%7kc`qz!|$3kQF1ukAtUwrNLny*j~
zeAwHRmYE|?%E%ZW9~?Yld>Y5oeSCacCV1_^CB<=Z&Q6&`_T7KN%LbUh;asg5F_Wzw
zQ-osy4(T5o9j<yj1<M9t0h}2Jzw`xQ0etFlfZz5x0*y0c!IcbP2T(Q!!T?qPpL+Ii
zAup6K9}T}U2CxDsiw7Kl6~L#SNl^cGC|?E#E29DE0NZ0B41gi{#PciEuY~e@VknpZ
z00Y<_4dnqa1fO_HQTxHMyJr-X2fzTfkA(677=lkc)lfba%11u&KeD&$iC`AwXMnyz
zCD94S9{3f^B8b?D-lv6p)t~i{C*Oxq72tZNaVsR<HkAv&8I6(W9h<iU9Z3hGf(*Q@
z-i(ey&;f;@u#Nh{A`Dvx&b1#4+Hg&PLyN{~1Kcg}`&j|5*#Kt=e#BtF)fwQj0fz(b
zL(l);eU?%5X~JnaLNNwDGk#t`2K+(1B(YGCm6Z{nCQgk>ngS!k&kGR=+u>dsMNErG
z$_~#;o+?ZcBux?KL}v?=(<aXhN=i-@V%P{oH8~p=^p4bFS*UbGN(L5zu+y?;2(fEW
zK2VaDkpk$DEKy`uCL)r8s)ZYv!?N^zpi=KTB!YUICdt6=04K4Mw3Hx`5O@UtuJI^w
zMyOC6CluwRWo2S5WKQtLW9y7Y2xHQcrv_z7GR4?k>Ih+=WJ*w~FnKCJ57skrR?bvW
zW`?sc52%dAMhHg<GlWSw!eN=w;-uuMBPBwKFeN%WEfX~m!y+I@K=O1+n&@LW;vff<
z63r9{MU%5c(~>fig=F1A5f&B@?wpd5f#oA^gR-(`#%87^!(XP17K_p{r@#dXEHWi6
z2lY{;P#h?kJXt6r`=RuGe0W-pm`vM9L1jh>#i%D*iv`19TZ9IP#F!abHXvmNV&ntq
z-;?Rkb*PB8POPW4j7|bt3z7A8|8QC>Kas)1qMf71L}OSNEF?F38b5PNTBa~4BP&OU
zqtgw9ixDMd<|HMHVWfhxrcFx|LrM&p5-ph&o-|V^3WiY-3j=445YB|OaeplpC<LN7
zCP(<3VVUVdl2%w!W=e)ISePRgWkIn~?I;GMqyVMqWQib<qAZCxHd6$2a>PQBuA;Gj
zttVhomI#<*l6YOIcC0y&DIsYYK%`v)><<uc?Zy)I5%AE*pp2F)h9P|tHH|E-t8tW$
zODHQP@!A%{xa4Murj8OO3t@>5$eEd$3^|J5&k-%mOwlD58KlB&%S{sLQ>KzB`q|bx
z<^h>0tzjMi%gCHs8HXt%6t@llNSqjrayOJiH}X;0LKvxq2KB<IYez~uc_IJg-0Z2z
z8JS{dI4(nf$}>J?vTh>BW=?`bHDs5x;Q~oahreKgGLmv~U~Ov4r!A|+#|MXm2anRq
z<%e|pzqtRGJpg+us2=VQ6}0C<yWao-c@J+&gFhAvnI|sAusg_b{mXO52ze;tz%ERL
zHy?CCG@O)0!Jm>%gl{CAhDDJjj?sR9*Jep0ly>g|zezwBUSTgvBkgKr7waD%s1L3s
zfHfili!~FQqB~m?0_9Bdd=A<|=E31a7stE+T){eocEGzMlnny!{WP$ok|6&~;3f%T
zu>6qeNwE5&6TkuRWx+N^1bNdTH5uwdo&d1*Dbs+4)?Xt8dr%1YWRjO`$dd;7Gs%20
za6wlHG~V}3u)y9%ylc;%S)gBIp@+i3)@DH&G5pI0n%>w@_$LAy)8Rc6aAG*4MyHQc
z0G~^?J*AZjN<(F*0q+SwXB@OO4dTgA0`(H2&4!k{L9JuSk(mVeS<pfu#65w23akNR
zfJQ9z;WX&6aImLcpnN3M6$rRwGBts0+i=X*pbz4Jh6p%rYrFO|odx~`31HEADhkge
zxzP7VFgAju<%3xQEi`u8Q`b!LWTS0V^!fGug<6^ew9sgXV4NtxsSx@Eorj>2&4x78
zyHm*iz&?OuVc!Bjfl%V_#+n7K$Dz;I*brR^{gGwl6G8k&>FPjzi)z-(1Bz*->F@Z~
z_McX|QlO8JbhWkkL;fr@dgz8id)Yz!IKdnND+Bn+f-%(6`s;}3Z#M)(ez?&BJc?R5
zZksh2<^Z(NUI2N4GNE_Sxvim0o6`264F5j=*LwgIzAFXpXW)E12G7N1_zHY8z8n7m
zKaQWmYw=(4M*JO4XLn-vVE1R^Y;SfjJCZ$yox;v%A7?*eH?gf<!d!A)s$7~~Sey}@
zOimtWE@u&EGv_F$l5>G`i=*be;`DNLa2@WN;+pQd*!4@-^{xuHFWk<!U2=Qo_S((e
zJ=lGMdy4z_?iKEr+<$Zb)7{d;#$%|5n@6z6aF0X}p~pNAna5I(6&|ZS)_G)m-uC?6
zbEemyUSD{>^QH1kcxF6HUMF5>UN>GZo;|NWZxGL!=fZR6dGmO@Kwb!MI4_bniWkQl
z%bUQP#GA}Z=VkIlycxV%yt%w0-h5sOZ!vE<ZxwGXZv*dZ-ZtJ2-frGL-T~fW-f`YZ
zUM24w?-K7S?>g@m?;h_V?+Nc$9!x!~9LD`3ehqJC+ql@d^l)LhIJh{vIJuO#>~J~m
zV#kT+)Nxp@dt6Vu-gh;1>*lt^ZKc~zx6^LFxV5<PpvBYNQ#}?yd%pKL>v7A2>KWlV
z##8Ls;MwE}e}}`%%)7hyIPWCyOm8Eu6}J!9otwl}a5r)Haj$cg+~2riKJLC@zGHmF
zzDs<!K`&VHY@qed(7JDVhj`C;xSzjYvR@|r*k!g~q2CvN+x))s`@!$9U%B6Nw4lNQ
zXa{4?#96p2?hPX^#%JLL_<VdZz6IX_qy7YsV5hNj+3VTo*~TtCUHU`IHn_ZY>CJKB
zc)}Rp<~-nxgtlF9t#y6w>f{#XHrg%8ZL8aHx2tY7ZZ7Vg?osZK-QT#+^eFMT?D31o
zLl2r~hUaY0LeB%9M?Ft^p7E^qyyr>t>hI;{72`F@Yr0pF*BY;_UXI@W-cs-N-j}@J
zcvHAzxf8jWTrqbkcNLf6%l1w1C49g2J?wkK_rC8_-)Fu}zAe5qXnSWKi|5F5h4BvI
z33#J<DZFgn9Nt10)wR4Wyj{FEJc?fjzs`R4evW>8zY%_8{1W{{etCW+eoOtn_q*j+
z=l7dmGwK(AxcCVl7TzBpjC<g|xCoz%KgOwSd$u2&&mPB4VowISzr%jO?(Z_##nUC)
zCDmmnjQLkCyIhXBTynYXV#*oF8OrhH4ClmgCP7cl<}BbSU^eXHG;uK34z3oi)~;P#
zd%D`Y4scC!&2gROy1;dj>vGpsWN$ujed_wcwXd6_8}8=s7Vb8|Ez50&8{xLw?XX)V
z^zA*jU)`GAsP2~T-Q4@TySVe*hr7qQPjb(6pXEN^eYyJv_Z{vB+)u(hf@J_hemqy+
zc-}f*Eic&bs2?^Fd`E!u#82a}IFkRL0vgW1?LZD3aVH!HY4F5-@QHW|o{DGS*&r8r
z_#C_xq+&b13*UqPh?n6<K|bnmC0>s=fNp5UTW}WJf$hk40`1_+_GJ68CxUiJWoNLn
z*<yAcdk(vly@mZF`wa9OR9>Lv%LHoejXU5&piaR4`}{xZ0rLMzL8W4N(a2LKri12(
z&3|b@=|C+l8u=rj_E0GlwmEKUVm#Q=h}z8<!^2I?2Afc5lp+r*g;vS~Y3X8sVdADn
z6s(l?HMIc4`xum?**viFut+RjCN14GG`I5VSWZ*VfqhGhtbW3aXlw8yqry@nDuqgA
zc3#-v)o()b;xrqt4o^7dxJ4^d6l18qa3#r(Q7p~Gni?CekI*3!!|sCHnm|eiYs=`Q
z3^6M_X{wMFlqR0Z?uGY231-%|F{wgUY&3sV%&6Gt7?#d(XZOK-qjYm?yHv3_+k5EH
z+}vDeNe+1HMUot`b8^-+c2B%J%3@?~6B`pb1d#|y6Xl49L`_0I54=|w3$`2Eg~NtP
z1kYHAdVvP<Vtcyc9QUz!VX>Z7;5#&s-5u|W$kDAkg_4dl5i0`RLaE>}5sKJWxFt&L
zVBG=Q0j{eQb~oG(Va%*M21P|g1xK-h0$AZ`;I9#;um|CeTF(0D(xSrxhOk*NY14!(
z@B>T(m)R6nblQ|mp$IRc*c<jJ#TYXxqA+3bDQ46n3jFd!<$M2z2mNd>&wZn!1E<+P
z-+S7GHg&_>BC#MSzq0g5@5oow>HYWq9#kV;6xQ;T`Q@y&>UH<FZMNk02)2_f&fD50
z?cFfDEf0^3k9@ayP|Per!!J!2mOWiF^TxfID{idfyt9-Zw?C2G*=h4#$L`<z?)>%3
ztIto+te*OY@!$4N6;{j}vnH+Fp3Rt)`OSDCrO%$^)An`)etXh#74r>s-d;98E`fH(
zx=X*z9`}QpwigfH-Woq6Fbhj9T66VL#k~e%MSOTYeW`t)OZJ0TGXkFkez9Wp7r(zX
zx#@Rw+*dI^ti8XbUk{!2)6N1FzV_bpEq<{PW~Qzsl7Uy#zWb6XIMIC0lnT;I*<9F&
z7d|INqGw;49p1UX=GL<mvCTRgpPhHte0yx1V+7%Iwg&GB-QLrZ)|qCrc<K<&)JD!X
zU;JRbc5AKK%T8|T3&}C;$)r#;G@23Bq#S3U?A9nw#WB1yiuFS=25x3ThdE_z+`)*B
z2O@lL8W#ugDRnF5%xCLFGFg<-UL=QpND!SN8}6p3N1@OL;sfx0`Z!LR-&IF0D>)~-
zJv~FgfT;$8LBS4l9Q^$k&AB~#;|~*8@B6cy{Z8FGQ_y5qTlb{!yZ#HlzW?@zTa7s{
zur~v{%e&k1ZciQc#o*Jsyb5plOo?CX<zDMZU;D@_>MObFyxBh`%^M?k>1UR{yBn|J
z>jB#joGM%JvNJ6#z;}F2{l*9un|4#U>Dk4!4$+-`@48dX7OMRpo8abUok!gH{b;PI
zrjpmmdBzWSE(QMnYDWBngJ#D5t4FU*nBMt|>5GJgzh=FVzkHMP-H%UC++3Ws!#t|r
zi?Rp5+?A|OEo|OVex=~#>C;~Fil(z0GH!@p-TbmS>f~CpixZYKcU9GH-FUiTd7mdk
zX7)R4|LRnOcX9l8-klqhS6KB-sIJ6|jNgHRdZJZM9kE8@+w*yMSN(Bk;?UpSQqK-D
z>@#zuo|gTuO>++zR#E{u>!$gr=l~W!PYf<aVG1iQDI*R3k3HbgV+Da9o1E`x-UkJc
zs>uV^W)7*DkZN+lA?o77ar1KX0@d_RuW*d5J9u)~98VVywl&_-#9XK7eW(;8QrRN?
zYJj9#n~Xs2;~c$mWLnz@L}@d?^~j16O-ag3n?-VD&?TU;Ey;;M>&P&62d+HWOz1<T
z2^o4~sA{DB7-kW0Qjj7_OPL~Mcfzd@(v)Ee8kQ9>0~9;k9%mt(8KWyWwIwMtglQS9
z7-4d1W>!Yll$oqynaR%jJVt+$=aWkD7aPxoMaQ?6%sB0uNa<+(`{C3-7x(^o{Ka(1
zfpy}m4So9NG!0o~@~+dGw8j{(XIJ{|b9gj??mGHVRK_K{A4=(u=2$K=s`OWvQm0LQ
zb)z|D_mbY~H@7aXr7u}Ad3dM&Z&L^E%f4ANN$hxK;_8Pxl6U+#>fN)e)4!dh{3AVh
zrEtOTD+uc%_kyl+pYJQ}&4<ni?KI_p?V?!UGdc3ac{9Jve8A4k7Vda+N>H}V(%i!K
ziBimbYg;m7UiPz<BZj$`^x@~Wgnn)BW0Kd`gQJ|eyYbG(2RzRAXFOl11*;xhow$C)
zyY*A9u!jyGH)WVLb5#^poRhV;?$Or!?#y{V6r8Jm^2AN66pJXe&{KEXsm1$CUa%Od
zbK7V&<3@W7^4%G7M>@<vEe@Q(=LY(&$<l0|^KL|)OX|B_g8S{&Vuymis6}fS(VqR<
z=|m%t2h)l3!zlBc13{sIGNoDJAt)b<<_CLpt_gz_)O~CUm107{2jc_v`i@HJ+!N`$
z99YtGgvk<-5Uu4|DOu<<G)NGQ$09ntX_0t1KD;!nG-Q6Tfx6Y^O-|D0CKq0qbox2h
zHs#QaLklcSxS#-10~gNMvj7~=f=#qQAIGT%RghZ?VCTPHg&22erAV2t-?orS-H>bC
z3AL{ytsmaEw2!_3-Kf+Sw`O#VjUF;0ATl~2dWde;|3#aTE5P7)h1dR==n`%+-zVbj
zyfp)c478bYAuZdesO$tcde@Ki@Eq?u^yZmQ*L5EG&dc0+>_huU8|G7-LY!6>^*MZ#
z`co;_e)1g82!|Nup?4EjiqdzL&a@vh)OybCrhNk*@(b#Z^X$$tSJnS~^XutPB-LZK
zFY^oviJ50JcSiM|TK8Z7T-MTZ@&1jj<3=8w+JA_2;j%!U3H|51oUVH>O?oBX;MwKX
z7oD@8UwU?Y#VP;%dEdJozp!E1th)HeKOMgE$o}BbZ7EYHmG>C#=w^B*&#XCP$nv!B
zW0!B~`*ss=SyJ<|9c!K&M}#kq``NYs20PxZOSNNue-sx%T;87W{7+jm6Kr+b595Bu
zi%jfc1u)aD09MnkiPY5HG?Pbni~SNG@E;g<83Qc<G6QY*KfBLEat-Rv$lBgu0SJOU
zYTD#9I3Gr;KR_Z*%@V<mmsI+$Y!}=>>3c!6P3iv!E>xe|oR+*j7S!N-CbsvBF(nOS
zf4uX>l@#0ICB<8ZobTUU%lF)Ti1JgEHGNDqJLcTQrAeE4PJcw$j=%QXsdW1<!>*VF
zxtgvydl^5yG5BrVy5BB5l^!a*c;=RQk4|Bltgq`&OU|2SUmp4R2(fX;u{@LfmDiIB
zn{Gu{?OOi>cDUEI<NlLO*GPT&cO!%=X%|{vSB;zX(3#;I>lW`8CYS$lC~oTrLH8c_
zRxdsF!uig^Z=XxP+Rpph_-4TV-*dm~Qa<+2&9@^qUOByYwsik*Rx1WOi*_IXedWM)
zqbB|2G|m2He()@-#N;p1B5vmITe~-M|CkdR*_&g#>K_c=_Q=Uec{B5NVnmm`^U-=e
zJQwuvtaf_%$oF%pzOT1E_bFcd-EW?&>u<WaTr<$aA5_!G#Aw}~Qs(2GP@LSJ(s2{m
zmr~&`=YLQe^H4?>4fZ2A$Akt!?7yaR!%_L(G(H}L2bB7i`p)NmQsuUj@>U@yHSKi0
zRs%&V#FJq)(Cwu`(GG1T{4qrfN4zn}#3R-A=jv1glN6@BQ4#di<jDGiopZA~D!V77
zN8bE{$k-d_=uechPp=8<>)ULpEco*GX)N>J)~Dyc>EdepU~$aLlVw<rZLQ<YTZdm4
z#hiSpK5@#u8sGSMQ;!w*f1jgla?1O9*X91{wwr9(*V(SCk3~nFE|zXSy=uH~&AaQb
zVl-2}nAXf2Jk{xI`kc71LKnMznY)%&+^)OlMa+L(W#>O;%l%cMhxg6f+Z@l76^K18
zy+=>#^={OoC%dCf=f7L>)$O>r3mx{zD`?N7%`>uc>-Y7pZyM(xG?CeTr(MjCR<y;<
zma6m8y|eysjZBXTS4jt{_Tc?`T$;4lQZ0Kj@ZH|wkN(*0v+U3CO~=o4u^fLSFyc|S
zlI0h9thskplD)t77LVT$b8>~pzNEVyI**yRs-Sc2n*CQZ_nhr(V!P`~-$o8`Nzza;
z|7Xnu=hsW4-i5q6ay#nC!FN|I2GgEjy|Pl~RN`DFi~HkL@u*EI&R(_P%%(jXADtq+
z7i@SM`}5D!T)W^FsrKf-9D0`HCOY-(8;^^Rf_C#Sx}I=6w_wt<pe^6OKF>biXLM4?
zgaehcw)Ki0w7q%!$ll&#t(cDGbz(wXN!!spqQ9e=i~RQbK@+E^pIQ~!`B3tSq?J<^
zjc`7)CsL}4U_V|w!2VC4{<DLZ{d{d~!_RXXJ&)V0U1Le?9rtS;!R)v`H?XM3c<*bs
zb}k&Mh{t2tMgB6p$iI+Eq2Ptz{3n_L)DIXhZEl^?Y}jA7Id&LqWTJL$b-kDxu^9%*
zG;pW1Wi}_b^lfolyl-1U8XL@G`)`Nk9@w#0?ND#pKkR`+%vam~oM^akf*XQX1i%08
ze(J?t&70)M*YEc``~`PShbQ}o`@2zoVXnTc@$k%g)tUNJAB9wQAZk(Mc;&gRf+x;p
zcE5-YUhQk;m{xx%dr$N^lf`#8ZO^&<E_daU#@jm&m!7gaWKn7JaD3qPU4D0dp?uR>
z%FN$8C1k}Fmg|tG+~i*@Idj8*wK!%cW|<y1yy2N-ZQ7F8U;bWYKYGHN@{2R+FQ4pW
zCB>O64;c1cosa75&~rx9ecZb=|In#=S?<KJZ6nWXZr%Q-^39O68|S8Fglv4)uX4=w
zsh0l3OgtAYacBr&&+ilW*!uFHK2^(pKCotv#f;5`M?*$lTX6bNO?jVVk4{B>*(3D$
z4?nC~)p6ac_0;Cqn~He;coEgFt@ljWMN}M6PNZCY`=9Fldf#hjAXy3Ey3+d<L5|E@
zBONFpMy)BvY$o{3JaIPLgYE9(;o>>=Juy1j!N1>5_Qoxd7~wsAet3_CtXbVZAV%`Z
ze%J9!PviVH&L#?dE|xX%mHo34M_*iU<-q0}ZX@xpjQUz{=cl{O$cwI8y}vq3P~Fft
z_jtLphwHigGS&T>s}ZxPKTTL@G)!c3aO$ps85^@U_(zmZWiq>*4S7oOc;sa{%X)D3
zq!*WX#xr|GvUfZC<c*4pFU}1ce`Hkk5{-N9neGMA3BC)y{&n1hv$QR%bBO3~On1C_
zH@nw>2YJ#fE2h~UbP9;xbY{wqA6|!=3}2rR>p|Ff`oW);A3pQTW&MK>E$I@&kw^6F
zGH$!`!tt_iJi~$p{xn*;)BJe%@d=csi_^c~g?mSSANrs|`AY5c#ngqCeZM{Yg1vpi
z{y6h#OOKDki@2}arYDWUF5;^2qAv2*zDC~NF0%kN1H_87ze)2-XhfsJOvJ~x6$TG4
zvW!0J;bo)lN2ZysERA*ciut;3xt`9)Y20<DKgGmVcZmpn{hfSq#5yCJ#?;H%r9}+K
zf1N7eJ^$CK@~=~cviV=93OddB*QxTaQ{`W$%HJOH{bTR{zfP5ZohpVN;h|dRA*kGc
zohtu2RsO@BDrVR4BD3oMTTYes7Ex*8k`H)RI+~d2ZrYf3rLp1S3+10XTZXpUb*417
zJ&jd8_eReJ&*$6CUHtvBjUB_!e{<>jm~YE1XHTEX+WK_T4;~+|m=}}}Fl+2+ZP~%)
z87*_2#WL3#ZZ`L=XUDpj69SFb*)g*xvxXG<Jq|Z@e3mA;%^hl?{BcBIi#R)@xkBTy
z{SFVb=^lN_V(t3d7P<HQr)0+@6o+;3IRER9wqIE6%KxeUhRy3gMTOj!`^jdpCGrf#
zn@PDlzje*2mpatnn3P?=W$fYQV@Ljxy=`Y|ob+iSWn0*2OM;%=uy*&vozz3yb`V?X
ztO}-AoaU+G^2SjoSJsa^PxP&}E?n`uXzQ&<c2kcfgwxhrj;~qj_RG1xd+t5#C-!x{
zRo!dxsl6Q^^rN}d&L}#R+SS=@P;dE>aOR&&%+5_;#rCVdc%$p=<^=CoC8K87&DvB%
zpNbdJr?eWrMn+&Y)8hdb-P*gzYNiJR${&uy-?y6K8jXp$eo(Eza4yu)3S02PS1`Cb
zy8GB@px?KdL$b&CH82)-e!@J}%y1vP^V#EySNmr5I9W-_J2SDyCW~r|J+k;d`FiE5
zwKfe?i>_Q<JZ{g-EBEY}aE{;VFyXk2EiGKMrBIF+&i`LKf^xzKf%6`Yp!ynIHF9xt
z|KMe#(jr<ZoSdzL%U#8~)3eAu3zl4PaC6^RbN1y4uh?8eStPGd{9nD@^&isZpS;R&
z>8SW%c0tsH7k;aEIG?}PiPG0C&D{RzleeZBj&;_Zb{#o9<nb?e?SIQT;M9C|%k-zi
z`sMBHcW|jy=~qN<|GWOb25f%2@S<p&oGXa$F{_`0J$0nN+msS^n#E(UoMB#Ht)$3C
z{V~`^zBZD!<*5H|uWfhzskPpccfR?tE5<#KbeMCdY;@Oi<+qNHwqE<B$I~kn+=hfD
z!{~iBRKGZW{o3TH@gn!xr;2`FO<(c-&fqA!Dw|uK_x5tJ?BrR#-)Ba>M1Zkq9lJiO
z)ZCAJM=u<}j+!pcG-6~AD2z>C8?=1OyxVX6e(KUI;K(KAH}e*)eD!u-bJ9XN#?zQn
zZomCy|CYLC9sl9|uKW|rZhVt5Hgt0E?4{QhFBJtW>2k9DMTY-l_q$-Sk*E8DJ%8R$
z{El<yRP^Z4M^9QyX0v+6oIC6%@H<@6IMp<{d|U!?UD7S*7@-M$ZhL2B=e}KCo@6eM
zxKimnw%5Wyo3o<FH|T<r^gmPl<90hdO8U|^u)!&8xAcjd4>9iKlHH3hxQ=qIee>?z
z+r18{SGIKQYi06w-${o7RX0?_do1zeU4EvP%*<Gv__EId!IOTQE>2$2DdWWLA9gRO
zNi`C&s3+&%TJb{E!6#lB>+saLwCCwUO3{eke$4fpuNtB*tiLWRynO!Y+u^F^WiKs6
zIYU&rud<dn&f@htMxTF2(W_(P%W+2*%&6QD9+Ol(<@OiFx7Z7emOtJ2NOgH^+?mwc
zQNvb@2mktX@UKrJw-`JAWBuz^A5xqKe%I2%)p)nol?uG<7VXxezwxufvVjja$V_Fh
zd*E=}6o+FQ_fh##U#F+OQu9|mzq$5^ljS$lUgLk=ZhX~m+pl#!mi`hFaqU=#E44<K
zSEf^*^sdFz*K}@rGcffBLlv((=jnJd?rufor5%0DrBPG9;yJtw?67myU1m<t%+j2|
z8OIyEe+!)}p_VNCQgL=@>~ED<W@Jfj3Op=h%3f6rW7oM&RX9Ce&^bP2?=GwSKD+mM
zR*ZVwv+>ffYMUz&S31u&R^Lo=$xF?6ckNL0{&jE5Bd)|zGbis~7(Cs5egBG>)jn(H
zmlFIDnZv`6xI1pB@`-ESK7#f7-8P4UjxB-t{f~~>Bs#K?A-grDD9+;W_3#nh7Sa2s
zMigdL-QC^0`-`8S6?+UVNNBX!R^`39XYh~gP5JI8e)isXo3qLB+%~iEV;sa^x_|X$
z<S&EvCb><&$nI0T<?X9koa8}XyT3J`d~5b)kAyE1@gj%Ot%HTO6%NAy#RnODe_Qdt
z?2NZ4gZnKLVU-TkuF%#TxQ5<)HFmZmb!FOd@=AJd!x1DG>BR>73%JmyyRS#LHj7Wn
zNrgL5;;c;ljY7D>JW7}{Eh{s{;0|^~TCylBCu_18t}2SMvqaiUf}Xg$c5gAXEgk-7
zN=jC44l5=#O_ahCz^~|MLYZmVS((C2C>_9p9gwU3f+Oz6_HcD&yQ90;o^VT0A8mgc
z`#;ApT+!7s?D9UtVeoTq_(?b1QUq?HeUs8M;8qSxAeoermXrD!7qKrM*<o~I72YyW
zw64qPXNqNOHXYb9s%UnK)8!?PW~ZAQZC$YNd~HR;>j!3<BiZYEd0psifj{o~Ah_Ot
z`M3S2mi;ni?ya{m*r`iyE+)%eIz(KlC{#T<8u2Lc$u{D=i^ZJ7ynM&EjJjc|aVkgG
zn@uM(dW<RD%v)D6aA0js0sSN=>%y0PuTOm7^j-YWB-fsC-*uylR&_WyB7TM4q$R6g
z3^1B-;hOo%Eh#egj(ayIZ>;HGf9qLU;N|agcl`Kp(A=B$!`BFj4D+TDe%0QV`A4G;
ztR^01tln1YwRQWw{_<M4glnOeX=W66H{ql`cdwa`S-&dKQ+@Eq1&1HU^&jj>x%8sr
zclx_7dtghmOM8p0AG*cXx<xlLGH$(#3So-=+J}*m!Nr%&JIeC<?El7Rd9%;r^XK>6
z3+^{J5O+oQPdd_u;Dfio<!H7AZjOf0+?o~<B^br-jN727v9*N@$A#_cG1$e`#lyp+
z-F2HY-s`>@eyZ;u{pKFJwR2#!C3N&AT#U%}rcJ}A;%TK*N`>>2b+=E@ZwaR9MV`D$
zm_0QuD?4W>T-9!q^?ok6PTC<v$~$~XiHC2i%%gAsypY^$FB%r=8xHqhBzO+qdLIVv
zzX(6c0o)$T`ET+d{>u$cgWECWE(31IBv991EkDOxBZ;k-2Ssq?U)|jFY<ka^63@w@
zTW7Kuto!}P-rJshVbYDq4*jOgI@Z<v#q?R7F7}<7bn#&57hjmYyzUcUSC)Fa_NygE
z6Nis=9z5?>)N-p`o4$}NDOR}orT)3hb3x_9`P*e(Z!aJ1-|LIDgJXJqeJDG`?Dd+B
z8?R2?da%Ou3cbW<NZ<nZWg4gRVfJ#?$feb;>w1ri-I!SX@Whr0lu;dfI>lVLalMa|
zVE?@=v%AvVsa59ewN?c)-qwBT>)4A)WpeH=$&VLw>RdT&z5m^kO8(@nDeoTa{PX9@
z`P{G0o~7MCJcqGmutm|7y_riM#y{`D|KrWWn@38U7G80RdK1S@ZRtfQ2R30v>xRAE
z6(yPbb!2V?X8GdW<}uGVNB$X}yScog_o=PL8{X2t!mZ;p;S0BS-1+vqUn@#dntFYG
zV_8VWA`3s0^rPm?Z<R*dH>=jJGOs=TquDI?Z>}z6Hm~jS^7b;j-c#;c4}U7@R(|w8
zZBBnj*LU7E=Nuot4EMhABKyGe;y0tQ-rYM@?C2BF<;A|}&O-(b+-f>)GRq}A`KL#N
zd|rBnq?E4xQgK9Gd*D$-w;kPAZkS|l=^-()=lfpl($C}A(&=;7t)zd~o4dTw^#5z`
z%HyG2`!{0=#}+9|7_x8k%uHiRSqCwZHQ9F=LKsU3BdMISB(kJtm_m^xlBLMLg(M_v
z2`O1C+1_WSlscXF{PFvp-+SKA=l74#+>d!4<DTcfuj{_<>w7(1j`dPf0BvaoYC5#!
z4Uc#c>~n498)9*C9Z`OG0G+bjRdand)L_&#<~Bl-MBoG>w-|z(zKWYLh6T%F6O`By
zFhs!^mOo(3nZE^N5CA|P+%%k$-=}P2Z*LGvzS$^UzMCk?=mLCoQUY)kXr_cC6v*~@
zCD1+(HbH--0%)KAr@>()<c~Ez5OR$V1g!A^M`Mefz)hott`iQjPk7QQMOQCb`?t03
zx}9n^cRzwg-rYN*p1HVeuecU1J(ov5>tLA9EkznXk9`uHEFv;6CGP#%+O`b2wI=pW
z=YXvG6HY?f!wiYA(xgk?lIzENV=pN+BD2f|0N-uX_kzRME&5R%{*z62d@~MJx7?Gt
z*N`p%^T-(1-NUz_)K!`DTQ)Y;igTyI5k`eugd8y!%d+tNa^2>$^hbp2CNA*t#6f%n
zt*UV%^m!A(61i?CNg5R}kudyhxVUrNu_JCZzRTF2u^CnwVdN{m2EHCqeb`FCGCXuH
z<!Y>;d#e4-hqDN_=2hhW3=8YS`J?+JgCqc4Bg$azeKNOYzkSYw@zu1vrK)`|PZ;R6
z|K>6zMDlqhEPQg##NIg82)_qKcr&?D?LU0#5xu5NB5T(@#{y$<l%Hz<R+8>g`O6{I
zq`sx6i4({A@~jw`b>V(?^(HdujQ;!4NZr&xKzJ+uDf^*Aaw0Fz)u!L&%5sS5t$jb%
zhF;FcP0(a|VyhCf10HVgJ8pC*hdrM9#c6pJqnkc`od!v<uY0ZLb5X}mGb*1mo9XsL
z`D|PBU_HcD<gxo9j&7Qu?D@$H&M~U9fEmB1%QEHCLfjQa3bC3UU3JDjE)wLky6QIL
zFC65Zqtr69_UihP`@d=XtObYpbE=q+95T$<fYw|PTCaiPB;(gI4=!rZS`V5&zn3-r
z66c)BI0vP*0jvP}ul7%)uMYf3g##x~fD)HFpt^xdpaUQIS15!AZR;>&mt)?3Se&=-
zaXB}fCs_{t`mwe_Xqg3=z?2Vidb}o;It8xz*~oPOplg+l{AnnzRXTtMbglk?)7>8q
zwZu(iT06RR?z<Ro)$=%wyB0X~1*Z=J`T&NYOVEkd`sNZn`bV6mfb=n6Z)bm}FGvYa
z7vN+8dQk1ivx6)kFN;7@kl1qLUj~7gQckeZ27y@R-*o}ZX#<7-<l4BOW=D$SG`YA&
z89o={K@_wYz{w~$7gi7wm*$Z=lS?*p{AU-;ue?-c&$2M&rc>S~sa}%JYK6~it&GyB
zu6@uM^{BRz`J7Hg<(cSZONQiIGO(eCiLP1F(B`NZtd_W{-!4R=`>x6L)jsZbkJl?b
z)cwwzU;cF0Q#Xa~brvdjCd@0k$|Hy2h-g7o>bd@GdVRG-?%#7QUZ-xm&#?oK&NHvM
z6?^MqNQ-jpK=553t1{`DhK^IaFbW)j*YsfFy!V{$qb=TD09s##GG5@=DrmeY07)SA
z^o+$t=&W<6hj(74_jxfNz!MnXEyY%Gl%uwe8S1*o3NuXXZC(x^JM@mRH`}DJK?)o6
zV#aP911%|VDjq4cjxe|!oXfBOQ9?UNh(1XlF<`Ips)V<8PFsEu<p-%Q9<#eIZJ`x>
zL9?fJ(rG|GE}%i8IS0)*f#7v*8{2QK$7C<9eSzLSIpswkvPUQ|{ETOwj_>nKZLgco
zZqiQ-QkGGz;crzrJ-3ea2fnMW2@`bJ+xF>hwotuK^pRt2y*ybqf`s(6&^jA^-&ow1
z@N9jml>s*qjzB3hfAO|l8UEN%o@uPiRh%d?lA&L*HMHU2(LElI6t)KWu9;al+ap!v
zhH7QUWqOvGB1OGRdzhoHjnv}2q>>O<2y1P3x#PN&^AUFn(@H(*G?&*|*x-@dL0sL=
zMo})V|Km^y@@Ff_A5@E3u(ao=oe;?X;ZBI}x77rMni=j4I1+Y8Aiz21%d<3`DXBc<
z%o-?|gF?>zaRZZ3yeYpu0w&9l6W+bRqjE&42nq54Cs!H$k?gy8$@=@j$WNppuVgn5
z<*#x`MbcgRM{kymp!&4;h{T7_<&Ysym*qPMLQ2V^u4>PAdT~#LRC=|yf2dk!Eho`n
zp$$zRtiy1YpEN|xrwYdnt(cP2V}m-<1j3>r`R8KZ_~W9ul+P0wyA!WRuQS5fyzA$$
z)gOML@&0tacTW+q4Ci1t=Rl}4dRu?~hH(<hCurbk`E--VT{*^}qN%p@{TJ8T33E0%
zMa}ZJObR0}AJlW!I?-fypwEq^CH?Ru2kbM0dbGkdDcOmb<Kx83R0oRr)n**uF=>%9
zdzUhT2$2M?ZKrLivaumMq#1*X^=z$mS+wX!xyQH8JT}a7#EEBWZ#z7(z6>*B02toT
zsXiq}a)SB?r`ESGgR=X=i2{$oe~?Ky!9pBPfj`-O*}F-^0(V~`sii?nu{a2EyTB3h
z_0mxmOf<jRfUz`{kA9<~UTUj*#`;|-<h(+dqHSY?soNlRzB!kRa}|W%(x8dfl#ZJd
zob$;$E{Y)e0{}%iBnl*eTfjdM0ij+X;7dvPVgP^VZ=tT_Dq+epl}7!bCY)T;OKAys
zX=0Cof&vt6q6O75G1#M^u7Q$8ptTXQXmzAEoV;YFFy5Wt885jqT$WN94mEM{4Zu3N
z5F%OIKp_Z}LTN3&kaQ*oM!Xb-n?p9=vK0O2pT*4qu*@EgfFtEmC^9!keQE9{H-XT<
z<*N__Ywsw1%KytgHT<GWfxhj(D7Me#XQ>F>8nXxbc7^lO;^%PeMGu@Qd-pXas>oBz
z??T-$GIn(}V-Al3?y0y+Tg`Bph||Ia)%kdn_#ZQJ#)dio7KH$sZPxxwl&L0jkAA5l
zLy^WnV%{@9z+5acON*uB&7uyz?V*T0;;_B;++m$)M3ex|;YflV-n6hi@xX=Z+Uqu*
z4xC;R^}I{b5#>V;E85lK{31s<e0hap3NX%R4IK+@Rs#k1&6xY=RmN!Os~L5&U8Yw#
z629nKMU#vUd*6Xs^%_fSF3gz=mSTd>JU5_EC^^G`nh4r?dos0c?>G!ymc8)8xspU(
z4P{IWYFnwOYC_xCZof=TcTiY=gNVKcdusIG647ojWjO{OKd%`Qs?Ar2bhA9=Y4-mV
zaTEQ-0eAv<Px3>_fdcp>0Dl3%$9<#Fax?%Q5A53@q#!5X2o?AvTp40?VPHY3AGtaf
z=Ir9?;C~cHVdQGxPKN-y1rSjFO<`+xVA>2B7|D-HI}Qf>kt6xYabYf$05o!(n;ew?
zr+I|JVz<0LW5hCAKb)e9_o3OBkwp~pE}FXDx(I*JPB)sn_SxK%2Pk?}=i1~xv^YK!
zRN0VoMfBxT#XApEa|UUnNHoXteUo#o3-%l_0j+9k>gg}6cdT14+3rB4h#bP;-fOTo
z7Ca2E51&&wVX3-vF7>!xf-zNrBHNBd*m1l|Uv9C-tA@uPnuDplF#uXbcyIeVnrq2%
z7LpYutF$A>t|IirSIr7wYb9f`$Z|)!w0?87$=S!LuJPyA-5tXR>hyj~5F1r`%cJMx
zlo2B2S#vonbMNQy6UpxJLDxN>j9gygUs3G6xKMwMDLI-{d4=~Dt;WgH;)rx%MQE|;
znDg6@3lGDbEJWFY<&?|=GJS5)$FQB<UgnU!wI!{WRVOW?uA?ox<Nb+~Gb74Aj6*iK
z6k!I3=eG?7yenr%sD{SjTS$p}KDy`xO?=APfAiy@Z<vFJcVI5QC7Ur%sr+qyOK;>|
z-!}e*(o@s|5zBmMrA(FXSUqoKF-r|T?WfG}Iz{%)`C+6ShvZ@v%v4<HV`HAdbBWTz
z-2UV{*&3Nm?L6xG!_iApX<1ucfv$2K0yE?kvX~kJ<7*HquqeLu0=@T=p-&I-NuAkC
z?4Wsd=O9qE+WK05ndPC)!O08(9z|G1`(Zk{_bdcM)bsa@;yb&G!cYPXWzXgNyX@iy
zac6WnK)~q({Q=dRl%bopY8lhoLo!Dx=yUU@yXHSUrITY`<jK(-a0Qe+YBy!8VN>(J
z68!%Xr;1*O8Kw}l8E?B%i^c5jl59GWf=XkS89+AEw6j8betTa&(kQ1(>gwow;n!8J
zb?UOs81>?c^mWJdkqAikyn=)l1~ph(=CvFh|8C?a`<&uT;3KPcHO^@zJ-#PW!2&D4
zQ-8{>NQ*m8Q}gmzXCBr3^{N)30o>E4r=ukB`Meg!j)QMkTkB}f9?;)XM0hH2C4~CX
zo;D{eWBeJ;#2VR)L>XGiQiX24VtCA}2VM!t{?O@GM5uMO>`3YDXToQNq(qL7zRGHs
z<9TM*w12AzDW_?1f1~ju_=Wh-uJTk%M1a?gEg$QQv7DX4UiFI(F0mK9m|z<Vt$aGf
zDiz;|*}y42u%~uxl1Eq?bUJq0w@g-fTx_+YXLT&?b<h4$fA|$_{SWmAki3D^4dfVK
z^#=u60RF$FKm5tHe^&T^Q5DSa(=er&3skSJmB~5G`by>B;BrkO&|*#$J<=ZNn6gsa
zyKv5*E}w|^771aIdy;jwY(`#ssj)7QHMlf%&~$W_P0VgDbAaq;?#@j1oHMo<DT|~=
zyTI@@v`8r=H7em^0i@x&RCH9~@1GJx8alkP<R317D&3Oit%7}5GMnyj#57-iqJQrB
znB#TjM$cBwG%?|M^tmZn9Wno|N3YYL#bj_DOq_^-K4z6oqA{6Q8|Hn1wLT!!qsJ)$
z)9Q{~B~=dzDK|~2Dqd4Xd~T!1lnPd)^A;r(CfbayA17|_EJb}7NofA)^LBMDre@d$
zb-0CO%a;5)Te!e&UZs7IbpA%~GzV#v7)cWds;+jFCHg4wzjt|%Dar(@df#jMXt=1F
z-j?r|MfF{LP!ju5EEnz-b2=75z*htK2PAwsfG_=9i1%NufecJdC~F{uygW*Fw<c0s
zRuhHRf`1QA_>r$eO}zbmom{}=EpqA>6bzAZ^4NSIgCR%|I;ugY@k&7Wo7qkgP(lJo
z1<P*-l)fGSvorU7UuS}4cQ8;LWcqpmvaZSm{(wL@h9RIz39cEz*SyVN-oUK1kNgJt
zO{YWP5?~17M$s*0;Ywfv7|5s5Y=3D_+<3i(_=BXdk=q21>JnD5eB8Tx=iFP5V!Mw)
z#QsIjZr^8C7owbYo;F4|PHv-7Z3<yeB#9O9(vLdPNT+mO;I|MNRXMhe^g1Rt0uqPF
zq_q=Ebgp?A#4$LKc}O~`_@(>VymOP4m8Wp|`F<uz$*eQds(D;~2f4&}YW6OBYAwX|
zlsKI1=Er2hEmy3f_Z_HC?9|}D+IqlU&6hajZudBCPr6-Xg~`Mc*MW)~Py7}F_vNRW
z*(`pt3z+W73h7}w8EHx{d?ksmC42hrl44#&+b#!K1l3Z&@3umx^n|rNE^*z&Og>Te
zjR}xHv+8tM_^dI__L-m_y9c_plhNgq^S~~@2~iKXOV~xw*Ru!?y;;i8OZ?B0hA&ds
zFKEqXDJ+s2@oybGKih8X<gy9=B7$?!OXhJF&4KkF=1om}N9D#7?@;470~v|{{OBe@
z1a$S_p8)uF0N)DW3u(9gYV-o2hX@}*3i~H^7HCFtmMLf~b&Y(_tF6V<vUYPP<0}S-
z&4U$GCP2Z5iv1+@9);Y9dwps?X!TZ+rQ9Vn>-24mbo}C-vWxCUiV2rBpXARYs7gB%
zL`0%?TVPzYrYs<Pxv%m}ezLK1?CFw~nuqt_By!#GO6A;+3(gBq-BI;6=C1IwxaQHe
z=xbG<buqmatv>wBwr#)Pw_XQp*|(yw)JRl`e6rOPX{DP_Md`EnRLfO`N_H8qH?Ibm
z?mJ;vWC{D{Y}68Fwja$DjOjFgmRVaXncWyISv)n0-vebCQR-_mmVKHLsK<WPtIX4k
z-QtQA{e{O9(}Jho#2cuwE)}qhl-k&vE|ovKu}bTgpwQ+FjUQgoKKdjt9r<BA?YS~Z
NvSgTb5zEp>^)D8X@aF&k

literal 0
HcmV?d00001


From 95ca05cb512eee076b6905b8daff6df098133766 Mon Sep 17 00:00:00 2001
From: force <force@force-net.com>
Date: Thu, 11 Apr 2019 01:34:14 +0300
Subject: [PATCH 15/15] fixes for new WinDivert (offloading) + some handle
 manual cleanup

---
 AutoTunnel/BaseSender.cs                | 10 +++++-
 AutoTunnel/ClientSender.cs              | 24 ++++++++-----
 AutoTunnel/Encryption/DecryptHelper.cs  | 35 +++++++++++-------
 AutoTunnel/Encryption/EncryptHelper.cs  | 30 +++++++++-------
 AutoTunnel/Encryption/PasswordHelper.cs | 24 ++++++++-----
 AutoTunnel/Listener.cs                  |  8 +++--
 AutoTunnel/ReplySender.cs               | 14 ++++++--
 AutoTunnel/WinDivert.cs                 | 47 ++++++++++++++++++++++++-
 8 files changed, 140 insertions(+), 52 deletions(-)

diff --git a/AutoTunnel/BaseSender.cs b/AutoTunnel/BaseSender.cs
index d92366c..d948639 100644
--- a/AutoTunnel/BaseSender.cs
+++ b/AutoTunnel/BaseSender.cs
@@ -22,7 +22,7 @@ public abstract class BaseSender : IDisposable
 
 		public TunnelSession Session { get; set; }
 
-		protected int? ClampMss;
+		protected readonly int? ClampMss;
 
 		protected BaseSender(TunnelSession session, IPAddress watchAddr, TunnelStorage storage, int? clampMss)
 		{
@@ -113,10 +113,18 @@ private void StartInternal()
 						// len = 1200;
 						packet[20 + 22] = (byte)(len >> 8);
 						packet[20 + 23] = (byte)(len & 0xFF);
+						addr.DisablePseudoChecksums();
 						WinDivert.WinDivertHelperCalcChecksums(packet, packetLen, ref addr, 0);
 					}
 				}
 
+				// if checksums are offloaded we need to recalculate it manually before send
+				if (addr.HasPseudoChecksum)
+				{
+					addr.DisablePseudoChecksums();
+					WinDivert.WinDivertHelperCalcChecksums(packet, packetLen, ref addr, 0);
+				}
+
 				// Console.WriteLine("> " + packetLen + " " + addr.IfIdx + " " + addr.SubIfIdx + " " + addr.Direction);
 				try
 				{
diff --git a/AutoTunnel/ClientSender.cs b/AutoTunnel/ClientSender.cs
index 26c786b..75fc9f1 100644
--- a/AutoTunnel/ClientSender.cs
+++ b/AutoTunnel/ClientSender.cs
@@ -99,14 +99,16 @@ private void InitInternal()
 		{
 			if (Interlocked.CompareExchange(ref _isIniting, 1, 0) == 1)
 				return;
+			DecryptHelper decryptHelper = null;
+			EncryptHelper encryptHelper = null;
 			try
 			{
 				_initingEvent.Reset();
 
 				var cs = new ClientHandshake();
 				var sendingPacketLen = cs.GetPacketForSending();
-				_encryptHelper = new EncryptHelper(_serverKey);
-				var decryptHelper = new DecryptHelper(_serverKey);
+				encryptHelper = new EncryptHelper(_serverKey);
+				decryptHelper = new DecryptHelper(_serverKey);
 
 				var proxyEP = !string.IsNullOrEmpty(_config.ProxyHost) ? EndpointHelper.ParseEndPoint(_config.ProxyHost, 12018) : null;
 				var connectEP = proxyEP == null ? EndpointHelper.ParseEndPoint(_config.ConnectHost, 12017) : null;
@@ -128,10 +130,9 @@ private void InitInternal()
 				else
 					LogHelper.Log.WriteLine("Initializing connection to " + connectEP);
 
-				var lenToSend = _encryptHelper.Encrypt(cs.SendingPacket, sendingPacketLen);
-				var packetToSend = _encryptHelper.InnerBuf;
-				var initBuf = new byte[lenToSend + 4];
-				Buffer.BlockCopy(packetToSend, 0, initBuf, 4, lenToSend);
+				var packetToSend = encryptHelper.Encrypt(cs.SendingPacket, sendingPacketLen);
+				var initBuf = new byte[packetToSend.Count + 4];
+				Buffer.BlockCopy(packetToSend.Array, 0, initBuf, 4, packetToSend.Count);
 				initBuf[0] = (byte)StateFlags.Connecting;
 				initBuf[1] = 1; // version
 				var recLength = 0;
@@ -200,6 +201,9 @@ private void InitInternal()
 				}
 
 				var sessionKey = cs.GetPacketFromServer(decryptHelper.InnerBuf, decLen);
+				// previous encrypt helper
+				if (_encryptHelper != null)
+					_encryptHelper.Dispose();
 				_encryptHelper = new EncryptHelper(sessionKey);
 				var session = Storage.GetSession(destEP);
 				session.Decryptor = new DecryptHelper(sessionKey);
@@ -215,12 +219,15 @@ private void InitInternal()
 			{
 				Interlocked.Exchange(ref _isIniting, 0);
 				Storage.DecrementEstablishing();
+				if (decryptHelper != null) decryptHelper.Dispose();
+				if (encryptHelper != null) encryptHelper.Dispose();
 			}
 		}
 
 		private void DropInit()
 		{
 			_isInited = false;
+			_initingEvent.Reset();
 			if (_config.KeepAlive)
 				Init();
 		}
@@ -268,10 +275,9 @@ protected override void Send(byte[] packet, int packetLen)
 
 			if (_isInited)
 			{
-				var lenToSend = _encryptHelper.Encrypt(packet, packetLen);
-				var packetToSend = _encryptHelper.InnerBuf;
+				var packetToSend = _encryptHelper.Encrypt(packet, packetLen);
 				Session.UpdateReceiveActivity();
-				_socket.Send(packetToSend, lenToSend, SocketFlags.None);
+				_socket.Send(packetToSend.Array, packetToSend.Count, SocketFlags.None);
 			}
 		}
 
diff --git a/AutoTunnel/Encryption/DecryptHelper.cs b/AutoTunnel/Encryption/DecryptHelper.cs
index db200b5..d1cb0e5 100644
--- a/AutoTunnel/Encryption/DecryptHelper.cs
+++ b/AutoTunnel/Encryption/DecryptHelper.cs
@@ -1,8 +1,9 @@
-using System.Security.Cryptography;
+using System;
+using System.Security.Cryptography;
 
 namespace Force.AutoTunnel.Encryption
 {
-	public class DecryptHelper
+	public class DecryptHelper : IDisposable
 	{
 		private readonly byte[] _innerBuf = new byte[65536];
 
@@ -20,7 +21,8 @@ public byte[] InnerBuf
 
 		public DecryptHelper(byte[] key)
 		{
-			var aes = Aes.Create();
+			Aes aes;
+			aes = Aes.Create();
 			aes.Key = key;
 			aes.IV = new byte[16];
 			aes.Mode = CipherMode.CBC;
@@ -34,16 +36,23 @@ public int Decrypt(byte[] data, int offset)
 			var hb = _headerBuf;
 			// strange situation, decryptor cannot be used multiple times, problem with resetting cbc data, or my fault...
 			// but encrypting is work with extracted encryptor
-			var decryptor = _aes.CreateDecryptor();
-			decryptor.TransformBlock(data, offset, 16, hb, 0);
-			var len = hb[0] | (hb[1] << 8) | (hb[2] << 16) | (hb[3] << 24);
-			if (len > data.Length) return -1;
-			if (hb[4] != 1 || hb[5] != 0 || hb[6] != 'A' || hb[7] != 'T') return -1;
-			var len16 = (len + 15) & ~15;
-			if (len < 0 || len > _innerBuf.Length) return -1;
-			decryptor.TransformBlock(data, offset + 16, len16, _innerBuf, 0);
-			// decryptor.TransformFinalBlock(new byte[0], 0, 0);
-			return len;
+			using (var decryptor = _aes.CreateDecryptor())
+			{
+				decryptor.TransformBlock(data, offset, 16, hb, 0);
+				var len = hb[0] | (hb[1] << 8) | (hb[2] << 16) | (hb[3] << 24);
+				if (len > data.Length) return -1;
+				if (hb[4] != 1 || hb[5] != 0 || hb[6] != 'A' || hb[7] != 'T') return -1;
+				var len16 = (len + 15) & ~15;
+				if (len < 0 || len > _innerBuf.Length) return -1;
+				decryptor.TransformBlock(data, offset + 16, len16, _innerBuf, 0);
+				// decryptor.TransformFinalBlock(new byte[0], 0, 0);
+				return len;
+			}
+		}
+
+		public void Dispose()
+		{
+			_aes.Dispose();
 		}
 	}
 }
diff --git a/AutoTunnel/Encryption/EncryptHelper.cs b/AutoTunnel/Encryption/EncryptHelper.cs
index adedfe1..f6d46f7 100644
--- a/AutoTunnel/Encryption/EncryptHelper.cs
+++ b/AutoTunnel/Encryption/EncryptHelper.cs
@@ -1,8 +1,9 @@
-using System.Security.Cryptography;
+using System;
+using System.Security.Cryptography;
 
 namespace Force.AutoTunnel.Encryption
 {
-	public class EncryptHelper
+	public class EncryptHelper : IDisposable
 	{
 		private readonly RandomNumberGenerator _random = RandomNumberGenerator.Create();
 
@@ -12,25 +13,21 @@ public class EncryptHelper
 
 		private readonly ICryptoTransform _encryptor;
 
-		public byte[] InnerBuf
-		{
-			get
-			{
-				return _innerBuf;
-			}
-		}
+		private readonly Aes _aes;
 
 		public EncryptHelper(byte[] key)
 		{
-			var aes = Aes.Create();
+			Aes aes;
+			aes = Aes.Create();
 			aes.Key = key;
 			aes.IV = new byte[16];
 			aes.Mode = CipherMode.CBC;
 			aes.Padding = PaddingMode.None;
+			_aes = aes;
 			_encryptor = aes.CreateEncryptor();
 		}
 
-		public int Encrypt(byte[] data, int len)
+		public ArraySegment<byte> Encrypt(byte[] data, int len)
 		{
 			var hb = _headerBuf;
 			_random.GetBytes(hb);
@@ -45,11 +42,18 @@ public int Encrypt(byte[] data, int len)
 
 			_encryptor.TransformBlock(hb, 0, 16, _innerBuf, 0);
 			var tl = 0;
-			if (len > 0) 
+			if (len > 0)
 				tl = _encryptor.TransformBlock(data, 0, (len + 15) & ~15, _innerBuf, 16);
 
 			_encryptor.TransformFinalBlock(new byte[0], 0, 0);
-			return tl + 16;
+			return new ArraySegment<byte>(_innerBuf, 0, tl + 16);
+		}
+
+		public void Dispose()
+		{
+			// _encryptor.Dispose();
+			_aes.Dispose();
+			_random.Dispose();
 		}
 	}
 }
diff --git a/AutoTunnel/Encryption/PasswordHelper.cs b/AutoTunnel/Encryption/PasswordHelper.cs
index 0162962..d150ae0 100644
--- a/AutoTunnel/Encryption/PasswordHelper.cs
+++ b/AutoTunnel/Encryption/PasswordHelper.cs
@@ -14,23 +14,29 @@ public static byte[] GenerateKey(string password)
 
 		public static Tuple<string, string> CreateRsa()
 		{
-			var rsa = RSA.Create();
-			rsa.KeySize = 2048;
-			return new Tuple<string, string>(rsa.ToXmlString(false), rsa.ToXmlString(true));
+			using (var rsa = RSA.Create())
+			{
+				rsa.KeySize = 2048;
+				return new Tuple<string, string>(rsa.ToXmlString(false), rsa.ToXmlString(true));
+			}
 		}
 
 		public static byte[] Encrypt(string publicRsaKey, byte[] data)
 		{
-			var rsa = new RSACryptoServiceProvider();
-			rsa.FromXmlString(publicRsaKey);
-			return rsa.Encrypt(data, false);
+			using (var rsa = new RSACryptoServiceProvider())
+			{
+				rsa.FromXmlString(publicRsaKey);
+				return rsa.Encrypt(data, false);
+			}
 		}
 
 		public static byte[] Decrypt(string privateRsaKey, byte[] data)
 		{
-			var rsa = new RSACryptoServiceProvider();
-			rsa.FromXmlString(privateRsaKey);
-			return rsa.Decrypt(data, false);
+			using (var rsa = new RSACryptoServiceProvider())
+			{
+				rsa.FromXmlString(privateRsaKey);
+				return rsa.Decrypt(data, false);
+			}
 		}
 	}
 }
diff --git a/AutoTunnel/Listener.cs b/AutoTunnel/Listener.cs
index 8dcef2e..150f738 100644
--- a/AutoTunnel/Listener.cs
+++ b/AutoTunnel/Listener.cs
@@ -122,15 +122,17 @@ private void StartInternal()
 								if (selectedRemoteClient != null)
 									newSession.ClampMss = selectedRemoteClient.ClampMss;
 								
-								var outLen = encryptHelper.Encrypt(outPacket, outPacket.Length);
-								var initBuf = new byte[outLen + 4];
-								Buffer.BlockCopy(encryptHelper.InnerBuf, 0, initBuf, 4, outLen);
+								var outEncryptesPacket = encryptHelper.Encrypt(outPacket, outPacket.Length);
+								var initBuf = new byte[outEncryptesPacket.Count + 4];
+								Buffer.BlockCopy(outEncryptesPacket.Array, 0, initBuf, 4, outEncryptesPacket.Count);
 								initBuf[0] = (byte)StateFlags.ConnectAnswer;
 								initBuf[1] = 1; // version
 
 								s.SendTo(initBuf, initBuf.Length, SocketFlags.None, ep);
 								var descr = selectedRemoteClient != null ? (!string.IsNullOrEmpty(selectedRemoteClient.Description) ? " as " + selectedRemoteClient.BinaryKey : string.Empty) : string.Empty;
 								LogHelper.Log.WriteLine("Established connection from " + ep + descr);
+								encryptHelper.Dispose();
+								decryptHelper.Dispose();
 								continue;
 							}
 
diff --git a/AutoTunnel/ReplySender.cs b/AutoTunnel/ReplySender.cs
index d2ea9c7..2d34ad2 100644
--- a/AutoTunnel/ReplySender.cs
+++ b/AutoTunnel/ReplySender.cs
@@ -1,4 +1,5 @@
-using System.Net;
+using System;
+using System.Net;
 using System.Net.Sockets;
 
 using Force.AutoTunnel.Encryption;
@@ -23,8 +24,15 @@ public ReplySender(TunnelSession session, IPAddress watchAddr, Socket socket, Tu
 		protected override void Send(byte[] packet, int packetLen)
 		{
 			Session.UpdateSendActivity();
-			var len = _encryptHelper.Encrypt(packet, packetLen);
-			_socket.SendTo(_encryptHelper.InnerBuf, len, SocketFlags.None, Session.RemoteEP);
+			var p = _encryptHelper.Encrypt(packet, packetLen);
+			_socket.SendTo(p.Array, p.Count, SocketFlags.None, Session.RemoteEP);
+		}
+
+		public override void Dispose()
+		{
+			base.Dispose();
+			if (_encryptHelper != null)
+				_encryptHelper.Dispose();
 		}
 	}
 }
diff --git a/AutoTunnel/WinDivert.cs b/AutoTunnel/WinDivert.cs
index bd6f78c..698530e 100644
--- a/AutoTunnel/WinDivert.cs
+++ b/AutoTunnel/WinDivert.cs
@@ -16,9 +16,54 @@ public static class WinDivert
 		[StructLayout(LayoutKind.Sequential)]
 		public struct WinDivertAddress
 		{
+			public ulong Timestamp;
 			public uint IfIdx;                       /* Packet's interface index. */
 			public uint SubIfIdx;                    /* Packet's sub-interface index. */
-			public byte Direction;                   /* Packet's direction. */
+			public uint Flags;
+			/*public byte Direction;                   /* Packet's direction. #1#
+			public byte Loopback;
+			public byte Impostor;
+			public byte PseudoIPChecksum;
+			public byte PseudoTCPChecksum;
+			public byte PseudoUDPChecksum;
+			public byte Reserved;*/
+
+			public uint Direction
+			{
+				get
+				{
+					return Flags & 1;
+				}
+			}
+
+			public uint Loopback
+			{
+				get
+				{
+					return Flags & 2;
+				}
+			}
+
+			public uint Impostor
+			{
+				get
+				{
+					return Flags & 4;
+				}
+			}
+
+			public bool HasPseudoChecksum
+			{
+				get
+				{
+					return (Flags & (8 | 16 | 32)) != 0;
+				}
+			}
+
+			public void DisablePseudoChecksums()
+			{
+				Flags &= 255 - (8 + 16 + 32);
+			}
 		}
 
 		[StructLayout(LayoutKind.Explicit)]