From 433830aaaad452cd1b1503c95de4624bacd5d95c Mon Sep 17 00:00:00 2001 From: hashsploit Date: Sun, 12 Sep 2021 03:27:08 -0700 Subject: [PATCH] Initial commit --- .gitignore | 7 + Dockerfile | 118 ++ LICENSE | 21 + README.md | 51 + certs/nas.nintendowifi.net.pem | 23 + configs/apache/extra/httpd-autoindex.conf | 93 + configs/apache/extra/httpd-default.conf | 91 + configs/apache/extra/httpd-ssl.conf | 288 +++ configs/apache/extra/httpd-vhosts.conf | 39 + configs/apache/httpd.conf | 521 +++++ configs/apache/magic | 385 ++++ configs/apache/mime.types | 1856 +++++++++++++++++ .../vhosts/conntest.nintendowifi.net.conf | 29 + configs/apache/vhosts/home.disney.go.com.conf | 40 + .../apache/vhosts/nas.nintendowifi.net.conf | 36 + configs/bind/db.0 | 13 + configs/bind/db.127 | 14 + configs/bind/db.255 | 13 + configs/bind/db.empty | 15 + configs/bind/db.local | 15 + configs/bind/db.root | 91 + configs/bind/dgamer.db | 12 + configs/bind/named.conf | 12 + configs/bind/named.conf.default-zones | 29 + configs/bind/named.conf.local | 12 + configs/bind/named.conf.options | 31 + configs/bind/zones.rfc1918 | 21 + dgamer-logo.png | Bin 0 -> 37250 bytes entrypoint.sh | 26 + .../public/index.html | 16 + sites/home.disney.go.com/public/index.html | 138 ++ sites/nas.nintendowifi.net/public/index.html | 16 + zones.txt | 4 + 33 files changed, 4076 insertions(+) create mode 100644 .gitignore create mode 100644 Dockerfile create mode 100644 LICENSE create mode 100644 README.md create mode 100644 certs/nas.nintendowifi.net.pem create mode 100644 configs/apache/extra/httpd-autoindex.conf create mode 100644 configs/apache/extra/httpd-default.conf create mode 100644 configs/apache/extra/httpd-ssl.conf create mode 100644 configs/apache/extra/httpd-vhosts.conf create mode 100644 configs/apache/httpd.conf create mode 100644 configs/apache/magic create mode 100644 configs/apache/mime.types create mode 100644 configs/apache/vhosts/conntest.nintendowifi.net.conf create mode 100644 configs/apache/vhosts/home.disney.go.com.conf create mode 100644 configs/apache/vhosts/nas.nintendowifi.net.conf create mode 100644 configs/bind/db.0 create mode 100644 configs/bind/db.127 create mode 100644 configs/bind/db.255 create mode 100644 configs/bind/db.empty create mode 100644 configs/bind/db.local create mode 100644 configs/bind/db.root create mode 100644 configs/bind/dgamer.db create mode 100644 configs/bind/named.conf create mode 100644 configs/bind/named.conf.default-zones create mode 100644 configs/bind/named.conf.local create mode 100644 configs/bind/named.conf.options create mode 100644 configs/bind/zones.rfc1918 create mode 100644 dgamer-logo.png create mode 100755 entrypoint.sh create mode 100644 sites/conntest.nintendowifi.net/public/index.html create mode 100644 sites/home.disney.go.com/public/index.html create mode 100644 sites/nas.nintendowifi.net/public/index.html create mode 100644 zones.txt diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..109bbe7 --- /dev/null +++ b/.gitignore @@ -0,0 +1,7 @@ +# Ignore temporary files +temp/ +tmp/ +*.lck +*.tmp +*.pid +*.swp diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..4b94564 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,118 @@ +FROM debian:bullseye-slim +LABEL name="nintendo-dgamer" +LABEL description="nintendo-dgamer is a replacement DGamer (DS/DSi) server" +LABEL maintainer="hashsploit " + +#RUN apt-get update \ +# && apt-get install -y \ +# libssl-dev ssl-cert php7.0 libapache2-mod-php7.0 \ +# wget unzip php7.0-mcrypt libmcrypt-dev bind9 bind9utils dnsutils \ +# && apt-get clean \ +# && rm -rf /var/lib/apt/lists/* + +# Install dependencies +RUN echo "Updating packages ..." \ + && apt-get update -y >/dev/null 2>&1 \ + && echo "Installing dependencies ..." \ + && apt-get install -y \ + curl \ + build-essential \ + make \ + libz-dev \ + libbz2-dev \ + libreadline-dev \ + libexpat1-dev \ + zlib1g-dev >/dev/null 2>&1 + +# Remove bloat +RUN rm -rf /var/lib/apt/lists/* /var/cache/apt/* \ + && apt-get autoremove --purge -y \ + && apt-get clean -y \ + && rm -rf /usr/share/man \ + && rm -rf /usr/share/locale \ + && rm -rf /usr/share/doc \ + && mkdir -p /etc/initramfs-tools/conf.d/ \ + && echo "COMPRESS=xz" | tee /etc/initramfs-tools/conf.d/compress >/dev/null 2>&1 + +# Compile OpenSSL from source (enable support for SSLv3) +ADD https://openssl.org/source/openssl-1.0.2k.tar.gz /tmp +RUN cd /tmp \ + && tar -xzf openssl*.tar.gz \ + && cd openssl*/ \ + && ./config --prefix=/usr --openssldir=/usr/lib/ssl enable-ssl2 enable-ssl3 no-shared \ + && make depend \ + && make \ + && make install + +# Compile PCRE +ADD https://ftp.pcre.org/pub/pcre/pcre-8.45.tar.bz2 /tmp +RUN cd /tmp \ + && tar -xjf pcre*.tar.bz2 \ + && rm pcre*.tar.bz2 \ + && cd pcre*/ \ + && ./configure --prefix=/usr \ + --docdir=/usr/share/doc/pcre-8.45 \ + --enable-unicode-properties \ + --enable-pcre16 \ + --enable-pcre32 \ + --enable-pcregrep-libz \ + --enable-pcregrep-libbz2 \ + --enable-pcretest-libreadline \ + --disable-static \ + && make \ + && make install + +# Compile apache2 from source (use custom OpenSSL version) +ADD https://downloads.apache.org/httpd/httpd-2.4.48.tar.gz /tmp +RUN cd /tmp \ + && tar -xzf httpd*.tar.gz \ + && rm httpd*.tar.gz \ + && mv httpd*/ httpd/ +ADD https://dlcdn.apache.org/apr/apr-1.7.0.tar.gz /tmp +ADD https://dlcdn.apache.org/apr/apr-util-1.6.1.tar.gz /tmp +RUN cd /tmp \ + && tar -xzf apr-util*.tar.gz \ + && rm apr-util*.tar.gz \ + && mv apr-util*/ /tmp/httpd/srclib/apr-util \ + && tar -xzf apr*.tar.gz \ + && rm apr*.tar.gz \ + && mv apr*/ /tmp/httpd/srclib/apr \ + && cd /tmp/httpd/ \ + && ./configure \ + --prefix=/usr/local/apache \ + --with-included-apr \ + --enable-ssl \ + --with-ssl=/usr/lib/ssl \ + --enable-ssl-staticlib-deps \ + --enable-mods-static=ssl \ + --enable-modules=all \ + -enable-so \ + && make \ + && make install \ + && mkdir -p /etc/php/7.0/mods-available/ + +RUN mkdir -p /usr/local/apache/certs \ + && echo "Generating keys for default host ..." \ + && openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 \ + -subj "/C=US/ST=California/L=San Jose/O=None/CN=localhost" \ + -keyout /usr/local/apache/certs/server.key -out /usr/local/apache/certs/server.crt \ + && echo "Generating keys for nas.nintendowifi.net ..." \ + && openssl req -new -newkey rsa:1024 -days 3650 -nodes -x509 \ + -subj "/C=US/ST=California/L=San Jose/O=nintendo-nas/CN=nas.nintendowifi.net" \ + -keyout /usr/local/apache/certs/nas.nintendowifi.net.key -out /usr/local/apache/certs/nas.nintendowifi.net.crt \ + && echo "Generating keys for home.disney.go.com ..." \ + && openssl req -new -newkey rsa:1024 -days 3650 -nodes -x509 \ + -subj "/C=US/ST=California/L=San Jose/O=Disney Interactive Studios/CN=home.disney.go.com" \ + -keyout /usr/local/apache/certs/home.disney.go.com.key -out /usr/local/apache/certs/home.disney.go.com.crt + +COPY ./sites/ /var/www/ +COPY ./certs/ /usr/local/apache/certs/ +COPY ./configs/apache/ /usr/local/apache/conf/ +COPY ./entrypoint.sh /srv/ + +RUN chmod +x /srv/entrypoint.sh + +# HTTP, HTTPS, DNS, DNS +EXPOSE 80/tcp 443/tcp 53/tcp 53/udp + +CMD ["/srv/entrypoint.sh"] diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..ce3fe40 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2021 hashsploit + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..93fc284 --- /dev/null +++ b/README.md @@ -0,0 +1,51 @@ +![DGamer Logo](dgamer-logo.png) + +This project builds a Docker image that replaces the web servers for Nintendo Wifi and DGamer: + +- conntest.nintendowifi.net (HTTP/80) +- nas.nintendowifi.net (HTTPS/443) +- home.disney.go.com (HTTPS/443) + +This image does not include a DNS server, it is recommended to use [this DNS server](https://github.com/samuelcolvin/dnserver) with the following command: +``` +docker run --rm -p 53:53/udp -v $(pwd)/zones.txt:/zones/zones.txt samuelcolvin/dnserver +``` + +### Docker + +Build: +``` +docker build --rm --tag dgamer . +``` + +Run (production): +``` +docker run -d --name dgamer \ + -p 80:80 \ + -p 443:443 \ + -v "$(pwd)/configs/apache/:/usr/local/apache/conf/" \ + -v "$(pwd)/sites/:/var/www" \ + dgamer +``` + +Run (for testing): +``` +docker run --name dgamer \ + --rm -it \ + -p 80:80 \ + -p 443:443 \ + -v "$(pwd)/configs/apache/:/usr/local/apache/conf/" \ + -v "$(pwd)/sites/:/var/www" \ + dgamer +``` + +Start: +``` +docker start dgamer +``` + +Stop: +``` +docker stop dgamer +``` + diff --git a/certs/nas.nintendowifi.net.pem b/certs/nas.nintendowifi.net.pem new file mode 100644 index 0000000..b823645 --- /dev/null +++ b/certs/nas.nintendowifi.net.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID6zCCA1SgAwIBAgIBVzANBgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMCVVMx +EzARBgNVBAgTCldhc2hpbmd0b24xIDAeBgNVBAoTF05pbnRlbmRvIG9mIEFtZXJp +Y2EgSW5jMQwwCgYDVQQLEwNOT0ExFDASBgNVBAMTC05pbnRlbmRvIENBMSIwIAYJ +KoZIhvcNAQkBFhNjYUBub2EubmludGVuZG8uY29tMB4XDTE1MDExNTIxMzQzMFoX +DTI1MDExNTIxMzQzMFowgZYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5n +dG9uMRAwDgYDVQQHDAdSZWRtb25kMSEwHwYDVQQKDBhOaW50ZW5kbyBvZiBBbWVy +aWNhIEluYy4xHjAcBgNVBAsMFU5pbnRlbmRvIFdpZmkgTmV0d29yazEdMBsGA1UE +AwwUbmFzLm5pbnRlbmRvd2lmaS5uZXQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ +AoGBAL+ug7yfXcAqzDjQ2kjLCNbWvsE+my6cq04vg6RQc5vswvGFfppdF2jnvrq0 +q0woMGNoFvyhr2bHY8s9lX7x3JYoYik4xryP1KAQql8ruprZUX3WCSM0zu7TQu7I +9T0HTjwESF1ZczYnKmtudHbcFkUSYptF4rGGh58xi7DOHF/LAgMBAAGjggFPMIIB +SzAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBD +ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUBAmCJYGGsD8da7274vvTLVyxpjAwgbkGA1Ud +IwSBsTCBroAUe1dTPzGsd3Hx/UrmD0Ow1VVBn9KhgZKkgY8wgYwxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMSAwHgYDVQQKExdOaW50ZW5kbyBvZiBB +bWVyaWNhIEluYzEMMAoGA1UECxMDTk9BMRQwEgYDVQQDEwtOaW50ZW5kbyBDQTEi +MCAGCSqGSIb3DQEJARYTY2FAbm9hLm5pbnRlbmRvLmNvbYIBADA1BgNVHR8ELjAs +MCqgKKAmhiRodHRwOi8vY3JsLm5pbnRlbmRvLmNvbS9uaW50ZW5kby5jcmwwDQYJ +KoZIhvcNAQEFBQADgYEAKMUiZuxyzBvuL1v9c8JvldrgmO8zADMPzD3CuysjmB8B +sYhkn1wlGGoimtGB3vFHwFjRBI70x5dI4YFXOV3UdoKwP6qzLkcSj3j6bzBnHd1v +Jb1KNEWVQaczRttgvwqMi8QZodWZSw/Iu/cfA7e0OYX0q00v7rF7b64qwnkIles= +-----END CERTIFICATE----- diff --git a/configs/apache/extra/httpd-autoindex.conf b/configs/apache/extra/httpd-autoindex.conf new file mode 100644 index 0000000..2fa99f0 --- /dev/null +++ b/configs/apache/extra/httpd-autoindex.conf @@ -0,0 +1,93 @@ +# +# Directives controlling the display of server-generated directory listings. +# +# Required modules: mod_authz_core, mod_authz_host, +# mod_autoindex, mod_alias +# +# To see the listing of a directory, the Options directive for the +# directory must include "Indexes", and the directory must not contain +# a file matching those listed in the DirectoryIndex directive. +# + +# +# IndexOptions: Controls the appearance of server-generated directory +# listings. +# +IndexOptions FancyIndexing HTMLTable VersionSort + +# We include the /icons/ alias for FancyIndexed directory listings. If +# you do not use FancyIndexing, you may comment this out. +# +Alias /icons/ "/usr/local/apache/icons/" + + + Options Indexes MultiViews + AllowOverride None + Require all granted + + +# +# AddIcon* directives tell the server which icon to show for different +# files or filename extensions. These are only displayed for +# FancyIndexed directories. +# +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip + +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* + +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +AddIcon /icons/bomb.gif core + +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ + +# +# DefaultIcon is which icon to show for files which do not have an icon +# explicitly set. +# +DefaultIcon /icons/unknown.gif + +# +# AddDescription allows you to place a short description after a file in +# server-generated indexes. These are only displayed for FancyIndexed +# directories. +# Format: AddDescription "description" filename +# +#AddDescription "GZIP compressed document" .gz +#AddDescription "tar archive" .tar +#AddDescription "GZIP compressed tar archive" .tgz + +# +# ReadmeName is the name of the README file the server will look for by +# default, and append to directory listings. +# +# HeaderName is the name of a file which should be prepended to +# directory indexes. +ReadmeName README.html +HeaderName HEADER.html + +# +# IndexIgnore is a set of filenames which directory indexing should ignore +# and not include in the listing. Shell-style wildcarding is permitted. +# +IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t + diff --git a/configs/apache/extra/httpd-default.conf b/configs/apache/extra/httpd-default.conf new file mode 100644 index 0000000..68009c8 --- /dev/null +++ b/configs/apache/extra/httpd-default.conf @@ -0,0 +1,91 @@ +# +# This configuration file reflects default settings for Apache HTTP Server. +# +# You may change these, but chances are that you may not need to. +# + +# +# Timeout: The number of seconds before receives and sends time out. +# +Timeout 60 + +# +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +# +KeepAlive On + +# +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +# +MaxKeepAliveRequests 100 + +# +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +# +KeepAliveTimeout 5 + +# +# UseCanonicalName: Determines how Apache constructs self-referencing +# URLs and the SERVER_NAME and SERVER_PORT variables. +# When set "Off", Apache will use the Hostname and Port supplied +# by the client. When set "On", Apache will use the value of the +# ServerName directive. +# +UseCanonicalName Off + +# +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +# +AccessFileName .htaccess + +# +# ServerTokens +# This directive configures what you return as the Server HTTP response +# Header. The default is 'Full' which sends information about the OS-Type +# and compiled in modules. +# Set to one of: Full | OS | Minor | Minimal | Major | Prod +# where Full conveys the most information, and Prod the least. +# +ServerTokens Prod + +# +# Optionally add a line containing the server version and virtual host +# name to server-generated pages (internal error documents, FTP directory +# listings, mod_status and mod_info output etc., but not CGI generated +# documents or custom error documents). +# Set to "EMail" to also include a mailto: link to the ServerAdmin. +# Set to one of: On | Off | EMail +# +ServerSignature Off + +# +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +# +HostnameLookups Off + +# +# Set a timeout for how long the client may take to send the request header +# and body. +# The default for the headers is header=20-40,MinRate=500, which means wait +# for the first byte of headers for 20 seconds. If some data arrives, +# increase the timeout corresponding to a data rate of 500 bytes/s, but not +# above 40 seconds. +# The default for the request body is body=20,MinRate=500, which is the same +# but has no upper limit for the timeout. +# To disable, set to header=0 body=0 +# + + RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500 + + diff --git a/configs/apache/extra/httpd-ssl.conf b/configs/apache/extra/httpd-ssl.conf new file mode 100644 index 0000000..5679148 --- /dev/null +++ b/configs/apache/extra/httpd-ssl.conf @@ -0,0 +1,288 @@ +# +# This is the Apache server configuration file providing SSL support. +# It contains the configuration directives to instruct the server how to +# serve pages over an https connection. For detailed information about these +# directives see +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Required modules: mod_log_config, mod_setenvif, mod_ssl, +# socache_shmcb_module (for default value of SSLSessionCache) + +# +# Pseudo Random Number Generator (PRNG): +# Configure one or more sources to seed the PRNG of the SSL library. +# The seed data should be of good random quality. +# WARNING! On some platforms /dev/random blocks if not enough entropy +# is available. This means you then cannot use the /dev/random device +# because it would lead to very long connection times (as long as +# it requires to make more entropy available). But usually those +# platforms additionally provide a /dev/urandom device which doesn't +# block. So, if available, use this one instead. Read the mod_ssl User +# Manual for more details. +# +#SSLRandomSeed startup file:/dev/random 512 +#SSLRandomSeed startup file:/dev/urandom 512 +#SSLRandomSeed connect file:/dev/random 512 +#SSLRandomSeed connect file:/dev/urandom 512 + + +# +# When we also provide SSL we have to listen to the +# standard HTTP port (see above) and to the HTTPS port +# +Listen 443 + +## +## SSL Global Context +## +## All SSL configuration in this context applies both to +## the main server and all SSL-enabled virtual hosts. +## + +# SSL Cipher Suite: +# List the ciphers that the client is permitted to negotiate, +# and that httpd will negotiate as the client of a proxied server. +# See the OpenSSL documentation for a complete list of ciphers, and +# ensure these follow appropriate best practices for this deployment. +# httpd 2.2.30, 2.4.13 and later force-disable aNULL, eNULL and EXP ciphers, +# while OpenSSL disabled these by default in 0.9.8zf/1.0.0r/1.0.1m/1.0.2a. +SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES +SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES + +# By the end of 2016, only TLSv1.2 ciphers should remain in use. +# Older ciphers should be disallowed as soon as possible, while the +# kRSA ciphers do not offer forward secrecy. These changes inhibit +# older clients (such as IE6 SP2 or IE8 on Windows XP, or other legacy +# non-browser tooling) from successfully connecting. +# +# To restrict mod_ssl to use only TLSv1.2 ciphers, and disable +# those protocols which do not support forward secrecy, replace +# the SSLCipherSuite and SSLProxyCipherSuite directives above with +# the following two directives, as soon as practical. +# SSLCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA +# SSLProxyCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA + +# User agents such as web browsers are not configured for the user's +# own preference of either security or performance, therefore this +# must be the prerogative of the web server administrator who manages +# cpu load versus confidentiality, so enforce the server's cipher order. +SSLHonorCipherOrder on + +# SSL Protocol support: +# List the protocol versions which clients are allowed to connect with. +SSLProtocol all +SSLv3 +SSLProxyProtocol all +SSLv3 + +# Pass Phrase Dialog: +# Configure the pass phrase gathering process. +# The filtering dialog program (`builtin' is an internal +# terminal dialog) has to provide the pass phrase on stdout. +SSLPassPhraseDialog builtin + +# Inter-Process Session Cache: +# Configure the SSL Session Cache: First the mechanism +# to use and second the expiring timeout (in seconds). +#SSLSessionCache "dbm:/usr/local/apache/logs/ssl_scache" +SSLSessionCache "shmcb:/usr/local/apache/logs/ssl_scache(512000)" +SSLSessionCacheTimeout 300 + +# OCSP Stapling (requires OpenSSL 0.9.8h or later) +# +# This feature is disabled by default and requires at least +# the two directives SSLUseStapling and SSLStaplingCache. +# Refer to the documentation on OCSP Stapling in the SSL/TLS +# How-To for more information. +# +# Enable stapling for all SSL-enabled servers: +#SSLUseStapling On + +# Define a relatively small cache for OCSP Stapling using +# the same mechanism that is used for the SSL session cache +# above. If stapling is used with more than a few certificates, +# the size may need to be increased. (AH01929 will be logged.) +#SSLStaplingCache "shmcb:/usr/local/apache/logs/ssl_stapling(32768)" + +# Seconds before valid OCSP responses are expired from the cache +#SSLStaplingStandardCacheTimeout 3600 + +# Seconds before invalid OCSP responses are expired from the cache +#SSLStaplingErrorCacheTimeout 600 + +## +## SSL Virtual Host Context +## + + + +# General setup for the virtual host +DocumentRoot "/usr/local/apache/htdocs" +ServerName www.example.com:443 +ServerAdmin you@example.com +ErrorLog "/usr/local/apache/logs/error_log" +TransferLog "/usr/local/apache/logs/access_log" + +# SSL Engine Switch: +# Enable/Disable SSL for this virtual host. +SSLEngine on + +# Server Certificate: +# Point SSLCertificateFile at a PEM encoded certificate. If +# the certificate is encrypted, then you will be prompted for a +# pass phrase. Note that a kill -HUP will prompt again. Keep +# in mind that if you have both an RSA and a DSA certificate you +# can configure both in parallel (to also allow the use of DSA +# ciphers, etc.) +# Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt) +# require an ECC certificate which can also be configured in +# parallel. +SSLCertificateFile "/usr/local/apache/certs/server.crt" +#SSLCertificateFile "/usr/local/apache/conf/server-dsa.crt" +#SSLCertificateFile "/usr/local/apache/conf/server-ecc.crt" + +# Server Private Key: +# If the key is not combined with the certificate, use this +# directive to point at the key file. Keep in mind that if +# you've both a RSA and a DSA private key you can configure +# both in parallel (to also allow the use of DSA ciphers, etc.) +# ECC keys, when in use, can also be configured in parallel +SSLCertificateKeyFile "/usr/local/apache/certs/server.key" +#SSLCertificateKeyFile "/usr/local/apache/conf/server-dsa.key" +#SSLCertificateKeyFile "/usr/local/apache/conf/server-ecc.key" + +# Server Certificate Chain: +# Point SSLCertificateChainFile at a file containing the +# concatenation of PEM encoded CA certificates which form the +# certificate chain for the server certificate. Alternatively +# the referenced file can be the same as SSLCertificateFile +# when the CA certificates are directly appended to the server +# certificate for convenience. +#SSLCertificateChainFile "/usr/local/apache/conf/server-ca.crt" + +# Certificate Authority (CA): +# Set the CA certificate verification path where to find CA +# certificates for client authentication or alternatively one +# huge file containing all of them (file must be PEM encoded) +# Note: Inside SSLCACertificatePath you need hash symlinks +# to point to the certificate files. Use the provided +# Makefile to update the hash symlinks after changes. +#SSLCACertificatePath "/usr/local/apache/conf/ssl.crt" +#SSLCACertificateFile "/usr/local/apache/conf/ssl.crt/ca-bundle.crt" + +# Certificate Revocation Lists (CRL): +# Set the CA revocation path where to find CA CRLs for client +# authentication or alternatively one huge file containing all +# of them (file must be PEM encoded). +# The CRL checking mode needs to be configured explicitly +# through SSLCARevocationCheck (defaults to "none" otherwise). +# Note: Inside SSLCARevocationPath you need hash symlinks +# to point to the certificate files. Use the provided +# Makefile to update the hash symlinks after changes. +#SSLCARevocationPath "/usr/local/apache/conf/ssl.crl" +#SSLCARevocationFile "/usr/local/apache/conf/ssl.crl/ca-bundle.crl" +#SSLCARevocationCheck chain + +# Client Authentication (Type): +# Client certificate verification type and depth. Types are +# none, optional, require and optional_no_ca. Depth is a +# number which specifies how deeply to verify the certificate +# issuer chain before deciding the certificate is not valid. +#SSLVerifyClient require +#SSLVerifyDepth 10 + +# TLS-SRP mutual authentication: +# Enable TLS-SRP and set the path to the OpenSSL SRP verifier +# file (containing login information for SRP user accounts). +# Requires OpenSSL 1.0.1 or newer. See the mod_ssl FAQ for +# detailed instructions on creating this file. Example: +# "openssl srp -srpvfile /usr/local/apache/conf/passwd.srpv -add username" +#SSLSRPVerifierFile "/usr/local/apache/conf/passwd.srpv" + +# Access Control: +# With SSLRequire you can do per-directory access control based +# on arbitrary complex boolean expressions containing server +# variable checks and other lookup directives. The syntax is a +# mixture between C and Perl. See the mod_ssl documentation +# for more details. +# +#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ +# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ +# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ +# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ +# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ +# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ +# + +# SSL Engine Options: +# Set various options for the SSL engine. +# o FakeBasicAuth: +# Translate the client X.509 into a Basic Authorisation. This means that +# the standard Auth/DBMAuth methods can be used for access control. The +# user name is the `one line' version of the client's X.509 certificate. +# Note that no password is obtained from the user. Every entry in the user +# file needs this password: `xxj31ZMTZzkVA'. +# o ExportCertData: +# This exports two additional environment variables: SSL_CLIENT_CERT and +# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the +# server (always existing) and the client (only existing when client +# authentication is used). This can be used to import the certificates +# into CGI scripts. +# o StdEnvVars: +# This exports the standard SSL/TLS related `SSL_*' environment variables. +# Per default this exportation is switched off for performance reasons, +# because the extraction step is an expensive operation and is usually +# useless for serving static content. So one usually enables the +# exportation for CGI and SSI requests only. +# o StrictRequire: +# This denies access when "SSLRequireSSL" or "SSLRequire" applied even +# under a "Satisfy any" situation, i.e. when it applies access is denied +# and no other module can change it. +# o OptRenegotiate: +# This enables optimized SSL connection renegotiation handling when SSL +# directives are used in per-directory context. +#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire + + SSLOptions +StdEnvVars + + + SSLOptions +StdEnvVars + + +# SSL Protocol Adjustments: +# The safe and default but still SSL/TLS standard compliant shutdown +# approach is that mod_ssl sends the close notify alert but doesn't wait for +# the close notify alert from client. When you need a different shutdown +# approach you can use one of the following variables: +# o ssl-unclean-shutdown: +# This forces an unclean shutdown when the connection is closed, i.e. no +# SSL close notify alert is sent or allowed to be received. This violates +# the SSL/TLS standard but is needed for some brain-dead browsers. Use +# this when you receive I/O errors because of the standard approach where +# mod_ssl sends the close notify alert. +# o ssl-accurate-shutdown: +# This forces an accurate shutdown when the connection is closed, i.e. a +# SSL close notify alert is send and mod_ssl waits for the close notify +# alert of the client. This is 100% SSL/TLS standard compliant, but in +# practice often causes hanging connections with brain-dead browsers. Use +# this only for browsers where you know that their SSL implementation +# works correctly. +# Notice: Most problems of broken clients are also related to the HTTP +# keep-alive facility, so you usually additionally want to disable +# keep-alive for those clients, too. Use variable "nokeepalive" for this. +# Similarly, one has to force some clients to use HTTP/1.0 to workaround +# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and +# "force-response-1.0" for this. +BrowserMatch "MSIE [2-5]" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + +# Per-Server Logging: +# The home of a custom SSL log file. Use this when you want a +# compact non-error SSL logfile on a virtual host basis. +CustomLog "/usr/local/apache/logs/ssl_request_log" \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + + diff --git a/configs/apache/extra/httpd-vhosts.conf b/configs/apache/extra/httpd-vhosts.conf new file mode 100644 index 0000000..e757429 --- /dev/null +++ b/configs/apache/extra/httpd-vhosts.conf @@ -0,0 +1,39 @@ +# Virtual Hosts +# +# Required modules: mod_log_config + +# If you want to maintain multiple domains/hostnames on your +# machine you can setup VirtualHost containers for them. Most configurations +# use only name-based virtual hosts so the server doesn't need to worry about +# IP addresses. This is indicated by the asterisks in the directives below. +# +# Please see the documentation at +# +# for further details before you try to setup virtual hosts. +# +# You may use the command line option '-S' to verify your virtual host +# configuration. + +# +# VirtualHost example: +# Almost any Apache directive may go into a VirtualHost container. +# The first VirtualHost section is used for all requests that do not +# match a ServerName or ServerAlias in any block. +# + + ServerAdmin webmaster@dummy-host.example.com + DocumentRoot "/usr/local/apache/docs/dummy-host.example.com" + ServerName dummy-host.example.com + ServerAlias www.dummy-host.example.com + ErrorLog "logs/dummy-host.example.com-error_log" + CustomLog "logs/dummy-host.example.com-access_log" common + + + + ServerAdmin webmaster@dummy-host2.example.com + DocumentRoot "/usr/local/apache/docs/dummy-host2.example.com" + ServerName dummy-host2.example.com + ErrorLog "logs/dummy-host2.example.com-error_log" + CustomLog "logs/dummy-host2.example.com-access_log" common + + diff --git a/configs/apache/httpd.conf b/configs/apache/httpd.conf new file mode 100644 index 0000000..a7d7939 --- /dev/null +++ b/configs/apache/httpd.conf @@ -0,0 +1,521 @@ +# +# This is the main Apache HTTP server configuration file. It contains the +# configuration directives that give the server its instructions. +# See for detailed information. +# In particular, see +# +# for a discussion of each configuration directive. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "logs/access_log" +# with ServerRoot set to "/usr/local/apache2" will be interpreted by the +# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log" +# will be interpreted as '/logs/access_log'. + +# +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# Do not add a slash at the end of the directory path. If you point +# ServerRoot at a non-local disk, be sure to specify a local disk on the +# Mutex directive, if file-based mutexes are used. If you wish to share the +# same ServerRoot for multiple httpd daemons, you will need to change at +# least PidFile. +# +ServerRoot "/usr/local/apache" + +# +# Mutex: Allows you to set the mutex mechanism and mutex file directory +# for individual mutexes, or change the global defaults +# +# Uncomment and change the directory if mutexes are file-based and the default +# mutex file directory is not on a local disk or is not appropriate for some +# other reason. +# +# Mutex default:logs + +# +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 80 + +# +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# have to place corresponding `LoadModule' lines at this location so the +# directives contained in it are actually available _before_ they are used. +# Statically compiled modules (those listed by `httpd -l') do not need +# to be loaded here. +# +# Example: +# LoadModule foo_module modules/mod_foo.so +# +LoadModule authn_file_module modules/mod_authn_file.so +#LoadModule authn_dbm_module modules/mod_authn_dbm.so +#LoadModule authn_anon_module modules/mod_authn_anon.so +#LoadModule authn_dbd_module modules/mod_authn_dbd.so +#LoadModule authn_socache_module modules/mod_authn_socache.so +LoadModule authn_core_module modules/mod_authn_core.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_user_module modules/mod_authz_user.so +#LoadModule authz_dbm_module modules/mod_authz_dbm.so +#LoadModule authz_owner_module modules/mod_authz_owner.so +#LoadModule authz_dbd_module modules/mod_authz_dbd.so +LoadModule authz_core_module modules/mod_authz_core.so +LoadModule access_compat_module modules/mod_access_compat.so +LoadModule auth_basic_module modules/mod_auth_basic.so +#LoadModule auth_form_module modules/mod_auth_form.so +#LoadModule auth_digest_module modules/mod_auth_digest.so +#LoadModule allowmethods_module modules/mod_allowmethods.so +#LoadModule file_cache_module modules/mod_file_cache.so +#LoadModule cache_module modules/mod_cache.so +#LoadModule cache_disk_module modules/mod_cache_disk.so +#LoadModule cache_socache_module modules/mod_cache_socache.so +LoadModule socache_shmcb_module modules/mod_socache_shmcb.so +#LoadModule socache_dbm_module modules/mod_socache_dbm.so +#LoadModule socache_memcache_module modules/mod_socache_memcache.so +#LoadModule socache_redis_module modules/mod_socache_redis.so +#LoadModule watchdog_module modules/mod_watchdog.so +#LoadModule macro_module modules/mod_macro.so +#LoadModule dbd_module modules/mod_dbd.so +#LoadModule dumpio_module modules/mod_dumpio.so +#LoadModule echo_module modules/mod_echo.so +#LoadModule buffer_module modules/mod_buffer.so +#LoadModule data_module modules/mod_data.so +#LoadModule ratelimit_module modules/mod_ratelimit.so +LoadModule reqtimeout_module modules/mod_reqtimeout.so +#LoadModule ext_filter_module modules/mod_ext_filter.so +#LoadModule request_module modules/mod_request.so +#LoadModule include_module modules/mod_include.so +LoadModule filter_module modules/mod_filter.so +#LoadModule reflector_module modules/mod_reflector.so +#LoadModule substitute_module modules/mod_substitute.so +#LoadModule sed_module modules/mod_sed.so +#LoadModule charset_lite_module modules/mod_charset_lite.so +#LoadModule deflate_module modules/mod_deflate.so +LoadModule mime_module modules/mod_mime.so +LoadModule log_config_module modules/mod_log_config.so +#LoadModule log_debug_module modules/mod_log_debug.so +#LoadModule log_forensic_module modules/mod_log_forensic.so +LoadModule logio_module modules/mod_logio.so +LoadModule env_module modules/mod_env.so +#LoadModule mime_magic_module modules/mod_mime_magic.so +#LoadModule expires_module modules/mod_expires.so +LoadModule headers_module modules/mod_headers.so +#LoadModule usertrack_module modules/mod_usertrack.so +#LoadModule unique_id_module modules/mod_unique_id.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule version_module modules/mod_version.so +#LoadModule remoteip_module modules/mod_remoteip.so +#LoadModule proxy_module modules/mod_proxy.so +#LoadModule proxy_connect_module modules/mod_proxy_connect.so +#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so +#LoadModule proxy_http_module modules/mod_proxy_http.so +#LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so +#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so +#LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so +#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so +#LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so +#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so +#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so +#LoadModule proxy_express_module modules/mod_proxy_express.so +#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so +#LoadModule session_module modules/mod_session.so +#LoadModule session_cookie_module modules/mod_session_cookie.so +#LoadModule session_dbd_module modules/mod_session_dbd.so +#LoadModule slotmem_shm_module modules/mod_slotmem_shm.so +#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so +#LoadModule dialup_module modules/mod_dialup.so +#LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so +#LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so +#LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so +#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so +LoadModule unixd_module modules/mod_unixd.so +#LoadModule heartbeat_module modules/mod_heartbeat.so +#LoadModule heartmonitor_module modules/mod_heartmonitor.so +#LoadModule dav_module modules/mod_dav.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +#LoadModule asis_module modules/mod_asis.so +#LoadModule info_module modules/mod_info.so +#LoadModule cgid_module modules/mod_cgid.so +#LoadModule dav_fs_module modules/mod_dav_fs.so +#LoadModule dav_lock_module modules/mod_dav_lock.so +#LoadModule vhost_alias_module modules/mod_vhost_alias.so +#LoadModule negotiation_module modules/mod_negotiation.so +LoadModule dir_module modules/mod_dir.so +#LoadModule actions_module modules/mod_actions.so +#LoadModule speling_module modules/mod_speling.so +#LoadModule userdir_module modules/mod_userdir.so +LoadModule alias_module modules/mod_alias.so +#LoadModule rewrite_module modules/mod_rewrite.so + + +# +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +# +User daemon +Group daemon + + + +# 'Main' server configuration +# +# The directives in this section set up the values used by the 'main' +# server, which responds to any requests that aren't handled by a +# definition. These values also provide defaults for +# any containers you may define later in the file. +# +# All of these directives may appear inside containers, +# in which case these default settings will be overridden for the +# virtual host being defined. +# + +# +# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@your-domain.com +# +ServerAdmin you@example.com + +# +# ServerName gives the name and port that the server uses to identify itself. +# This can often be determined automatically, but we recommend you specify +# it explicitly to prevent problems during startup. +# +# If your host doesn't have a registered DNS name, enter its IP address here. +# +ServerName localhost:80 + +# +# Deny access to the entirety of your server's filesystem. You must +# explicitly permit access to web content directories in other +# blocks below. +# + + AllowOverride none + Require all denied + + +# +# Note that from this point forward you must specifically allow +# particular features to be enabled - so if something's not working as +# you might expect, make sure that you have specifically enabled it +# below. +# + +# +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# +DocumentRoot "/usr/local/apache/htdocs" + + # + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.4/mod/core.html#options + # for more information. + # + Options Indexes FollowSymLinks + + # + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # AllowOverride FileInfo AuthConfig Limit + # + AllowOverride None + + # + # Controls who can get stuff from this server. + # + Require all granted + + +# +# DirectoryIndex: sets the file that Apache will serve if a directory +# is requested. +# + + DirectoryIndex index.html + + +# +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. +# + + Require all denied + + +# +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +# +ErrorLog "logs/error_log" + +# +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +# +LogLevel debug + + + # + # The following directives define some format nicknames for use with + # a CustomLog directive (see below). + # + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%h %l %u %t \"%r\" %>s %b" common + + + # You need to enable mod_logio.c to use %I and %O + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio + + + # + # The location and format of the access logfile (Common Logfile Format). + # If you do not define any access logfiles within a + # container, they will be logged here. Contrariwise, if you *do* + # define per- access logfiles, transactions will be + # logged therein and *not* in this file. + # + CustomLog "logs/access_log" combinedio + + # + # If you prefer a logfile with access, agent, and referer information + # (Combined Logfile Format) you can use the following directive. + # + #CustomLog "logs/access_log" combined + + + + # + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + # + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the target directory are treated as applications and + # run by the server when requested rather than as documents sent to the + # client. The same rules about trailing "/" apply to ScriptAlias + # directives as to Alias. + # + ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/" + + + + + # + # ScriptSock: On threaded servers, designate the path to the UNIX + # socket used to communicate with the CGI daemon of mod_cgid. + # + #Scriptsock cgisock + + +# +# "/usr/local/apache/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. +# + + AllowOverride None + Options None + Require all granted + + + + # + # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied + # backend servers which have lingering "httpoxy" defects. + # 'Proxy' request header is undefined by the IETF, not listed by IANA + # + RequestHeader unset Proxy early + + + + # + # TypesConfig points to the file containing the list of mappings from + # filename extension to MIME-type. + # + TypesConfig conf/mime.types + + # + # AddType allows you to add to or override the MIME configuration + # file specified in TypesConfig for specific file types. + # + #AddType application/x-gzip .tgz + # + # AddEncoding allows you to have certain browsers uncompress + # information on the fly. Note: Not all browsers support this. + # + #AddEncoding x-compress .Z + #AddEncoding x-gzip .gz .tgz + # + # If the AddEncoding directives above are commented-out, then you + # probably should define those extensions to indicate media types: + # + AddType application/x-compress .Z + AddType application/x-gzip .gz .tgz + + # + # AddHandler allows you to map certain file extensions to "handlers": + # actions unrelated to filetype. These can be either built into the server + # or added with the Action directive (see below) + # + # To use CGI scripts outside of ScriptAliased directories: + # (You will also need to add "ExecCGI" to the "Options" directive.) + # + #AddHandler cgi-script .cgi + + # For type maps (negotiated resources): + #AddHandler type-map var + + # + # Filters allow you to process content before it is sent to the client. + # + # To parse .shtml files for server-side includes (SSI): + # (You will also need to add "Includes" to the "Options" directive.) + # + #AddType text/html .shtml + #AddOutputFilter INCLUDES .shtml + + +# +# The mod_mime_magic module allows the server to use various hints from the +# contents of the file itself to determine its type. The MIMEMagicFile +# directive tells the module where the hint definitions are located. +# +#MIMEMagicFile conf/magic + +# +# Customizable error responses come in three flavors: +# 1) plain text 2) local redirects 3) external redirects +# +# Some examples: +ErrorDocument 500 '{"message":"Internal Server Error","code":500}' +ErrorDocument 404 '{"message":"Not Found","code":404}' +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html +# + +# +# MaxRanges: Maximum number of Ranges in a request before +# returning the entire resource, or one of the special +# values 'default', 'none' or 'unlimited'. +# Default setting is to accept 200 Ranges. +#MaxRanges unlimited + +# +# EnableMMAP and EnableSendfile: On systems that support it, +# memory-mapping or the sendfile syscall may be used to deliver +# files. This usually improves server performance, but must +# be turned off when serving from networked-mounted +# filesystems or if support for these functions is otherwise +# broken on your system. +# Defaults: EnableMMAP On, EnableSendfile Off +# +#EnableMMAP off +#EnableSendfile on + +# Supplemental configuration +# +# The configuration files in the conf/extra/ directory can be +# included to add extra features or to modify the default configuration of +# the server, or you may simply copy their contents here and change as +# necessary. + +# Server-pool management (MPM specific) +#Include conf/extra/httpd-mpm.conf + +# Multi-language error messages +#Include conf/extra/httpd-multilang-errordoc.conf + +# Fancy directory listings +Include conf/extra/httpd-autoindex.conf + +# Language settings +#Include conf/extra/httpd-languages.conf + +# User home directories +#Include conf/extra/httpd-userdir.conf + +# Real-time info on requests and configuration +#Include conf/extra/httpd-info.conf + +# Virtual hosts +#Include conf/extra/httpd-vhosts.conf +Include conf/vhosts/*.conf + +# Local access to the Apache HTTP Server Manual +#Include conf/extra/httpd-manual.conf + +# Distributed authoring and versioning (WebDAV) +#Include conf/extra/httpd-dav.conf + +# Various default settings +Include conf/extra/httpd-default.conf + +# Configure mod_proxy_html to understand HTML4/XHTML1 + +Include conf/extra/proxy-html.conf + + +# Secure (SSL/TLS) connections +Include conf/extra/httpd-ssl.conf +# +# Note: The following must must be present to support +# starting without SSL on platforms with no /dev/random equivalent +# but a statically compiled-in mod_ssl. +# + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + + + diff --git a/configs/apache/magic b/configs/apache/magic new file mode 100644 index 0000000..bc891d9 --- /dev/null +++ b/configs/apache/magic @@ -0,0 +1,385 @@ +# Magic data for mod_mime_magic Apache module (originally for file(1) command) +# The module is described in /manual/mod/mod_mime_magic.html +# +# The format is 4-5 columns: +# Column #1: byte number to begin checking from, ">" indicates continuation +# Column #2: type of data to match +# Column #3: contents of data to match +# Column #4: MIME type of result +# Column #5: MIME encoding of result (optional) + +#------------------------------------------------------------------------------ +# Localstuff: file(1) magic for locally observed files +# Add any locally observed files here. + +#------------------------------------------------------------------------------ +# end local stuff +#------------------------------------------------------------------------------ + +#------------------------------------------------------------------------------ +# Java + +0 short 0xcafe +>2 short 0xbabe application/java + +#------------------------------------------------------------------------------ +# audio: file(1) magic for sound formats +# +# from Jan Nicolai Langfeldt , +# + +# Sun/NeXT audio data +0 string .snd +>12 belong 1 audio/basic +>12 belong 2 audio/basic +>12 belong 3 audio/basic +>12 belong 4 audio/basic +>12 belong 5 audio/basic +>12 belong 6 audio/basic +>12 belong 7 audio/basic + +>12 belong 23 audio/x-adpcm + +# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format +# that uses little-endian encoding and has a different magic number +# (0x0064732E in little-endian encoding). +0 lelong 0x0064732E +>12 lelong 1 audio/x-dec-basic +>12 lelong 2 audio/x-dec-basic +>12 lelong 3 audio/x-dec-basic +>12 lelong 4 audio/x-dec-basic +>12 lelong 5 audio/x-dec-basic +>12 lelong 6 audio/x-dec-basic +>12 lelong 7 audio/x-dec-basic +# compressed (G.721 ADPCM) +>12 lelong 23 audio/x-dec-adpcm + +# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM" +# AIFF audio data +8 string AIFF audio/x-aiff +# AIFF-C audio data +8 string AIFC audio/x-aiff +# IFF/8SVX audio data +8 string 8SVX audio/x-aiff + +# Creative Labs AUDIO stuff +# Standard MIDI data +0 string MThd audio/unknown +#>9 byte >0 (format %d) +#>11 byte >1 using %d channels +# Creative Music (CMF) data +0 string CTMF audio/unknown +# SoundBlaster instrument data +0 string SBI audio/unknown +# Creative Labs voice data +0 string Creative\ Voice\ File audio/unknown +## is this next line right? it came this way... +#>19 byte 0x1A +#>23 byte >0 - version %d +#>22 byte >0 \b.%d + +# [GRR 950115: is this also Creative Labs? Guessing that first line +# should be string instead of unknown-endian long...] +#0 long 0x4e54524b MultiTrack sound data +#0 string NTRK MultiTrack sound data +#>4 long x - version %ld + +# Microsoft WAVE format (*.wav) +# [GRR 950115: probably all of the shorts and longs should be leshort/lelong] +# Microsoft RIFF +0 string RIFF +# - WAVE format +>8 string WAVE audio/x-wav +# MPEG audio. +0 beshort&0xfff0 0xfff0 audio/mpeg +# C64 SID Music files, from Linus Walleij +0 string PSID audio/prs.sid + +#------------------------------------------------------------------------------ +# c-lang: file(1) magic for C programs or various scripts +# + +# XPM icons (Greg Roelofs, newt@uchicago.edu) +# ideally should go into "images", but entries below would tag XPM as C source +0 string /*\ XPM image/x-xbm 7bit + +# this first will upset you if you're a PL/1 shop... (are there any left?) +# in which case rm it; ascmagic will catch real C programs +# C or REXX program text +0 string /* text/plain +# C++ program text +0 string // text/plain + +#------------------------------------------------------------------------------ +# compress: file(1) magic for pure-compression formats (no archives) +# +# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc. +# +# Formats for various forms of compressed data +# Formats for "compress" proper have been moved into "compress.c", +# because it tries to uncompress it to figure out what's inside. + +# standard unix compress +0 string \037\235 application/octet-stream x-compress + +# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver) +0 string \037\213 application/octet-stream x-gzip + +# According to gzip.h, this is the correct byte order for packed data. +0 string \037\036 application/octet-stream +# +# This magic number is byte-order-independent. +# +0 short 017437 application/octet-stream + +# XXX - why *two* entries for "compacted data", one of which is +# byte-order independent, and one of which is byte-order dependent? +# +# compacted data +0 short 0x1fff application/octet-stream +0 string \377\037 application/octet-stream +# huf output +0 short 0145405 application/octet-stream + +# Squeeze and Crunch... +# These numbers were gleaned from the Unix versions of the programs to +# handle these formats. Note that I can only uncrunch, not crunch, and +# I didn't have a crunched file handy, so the crunch number is untested. +# Keith Waclena +#0 leshort 0x76FF squeezed data (CP/M, DOS) +#0 leshort 0x76FE crunched data (CP/M, DOS) + +# Freeze +#0 string \037\237 Frozen file 2.1 +#0 string \037\236 Frozen file 1.0 (or gzip 0.5) + +# lzh? +#0 string \037\240 LZH compressed data + +#------------------------------------------------------------------------------ +# frame: file(1) magic for FrameMaker files +# +# This stuff came on a FrameMaker demo tape, most of which is +# copyright, but this file is "published" as witness the following: +# +0 string \ +# and Anna Shergold +# +0 string \ +0 string \14 byte 12 (OS/2 1.x format) +#>14 byte 64 (OS/2 2.x format) +#>14 byte 40 (Windows 3.x format) +#0 string IC icon +#0 string PI pointer +#0 string CI color icon +#0 string CP color pointer +#0 string BA bitmap array + +0 string \x89PNG image/png +0 string FWS application/x-shockwave-flash +0 string CWS application/x-shockwave-flash + +#------------------------------------------------------------------------------ +# lisp: file(1) magic for lisp programs +# +# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com) +0 string ;; text/plain 8bit +# Emacs 18 - this is always correct, but not very magical. +0 string \012( application/x-elc +# Emacs 19 +0 string ;ELC\023\000\000\000 application/x-elc + +#------------------------------------------------------------------------------ +# mail.news: file(1) magic for mail and news +# +# There are tests to ascmagic.c to cope with mail and news. +0 string Relay-Version: message/rfc822 7bit +0 string #!\ rnews message/rfc822 7bit +0 string N#!\ rnews message/rfc822 7bit +0 string Forward\ to message/rfc822 7bit +0 string Pipe\ to message/rfc822 7bit +0 string Return-Path: message/rfc822 7bit +0 string Path: message/news 8bit +0 string Xref: message/news 8bit +0 string From: message/rfc822 7bit +0 string Article message/news 8bit +#------------------------------------------------------------------------------ +# msword: file(1) magic for MS Word files +# +# Contributor claims: +# Reversed-engineered MS Word magic numbers +# + +0 string \376\067\0\043 application/msword +0 string \333\245-\0\0\0 application/msword + +# disable this one because it applies also to other +# Office/OLE documents for which msword is not correct. See PR#2608. +#0 string \320\317\021\340\241\261 application/msword + + + +#------------------------------------------------------------------------------ +# printer: file(1) magic for printer-formatted files +# + +# PostScript +0 string %! application/postscript +0 string \004%! application/postscript + +# Acrobat +# (due to clamen@cs.cmu.edu) +0 string %PDF- application/pdf + +#------------------------------------------------------------------------------ +# sc: file(1) magic for "sc" spreadsheet +# +38 string Spreadsheet application/x-sc + +#------------------------------------------------------------------------------ +# tex: file(1) magic for TeX files +# +# XXX - needs byte-endian stuff (big-endian and little-endian DVI?) +# +# From + +# Although we may know the offset of certain text fields in TeX DVI +# and font files, we can't use them reliably because they are not +# zero terminated. [but we do anyway, christos] +0 string \367\002 application/x-dvi +#0 string \367\203 TeX generic font data +#0 string \367\131 TeX packed font data +#0 string \367\312 TeX virtual font data +#0 string This\ is\ TeX, TeX transcript text +#0 string This\ is\ METAFONT, METAFONT transcript text + +# There is no way to detect TeX Font Metric (*.tfm) files without +# breaking them apart and reading the data. The following patterns +# match most *.tfm files generated by METAFONT or afm2tfm. +#2 string \000\021 TeX font metric data +#2 string \000\022 TeX font metric data +#>34 string >\0 (%s) + +# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com) +#0 string \\input\ texinfo Texinfo source text +#0 string This\ is\ Info\ file GNU Info text + +# correct TeX magic for Linux (and maybe more) +# from Peter Tobias (tobias@server.et-inf.fho-emden.de) +# +0 leshort 0x02f7 application/x-dvi + +# RTF - Rich Text Format +0 string {\\rtf application/rtf + +#------------------------------------------------------------------------------ +# animation: file(1) magic for animation/movie formats +# +# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8) +# MPEG file +0 string \000\000\001\263 video/mpeg +# +# The contributor claims: +# I couldn't find a real magic number for these, however, this +# -appears- to work. Note that it might catch other files, too, +# so BE CAREFUL! +# +# Note that title and author appear in the two 20-byte chunks +# at decimal offsets 2 and 22, respectively, but they are XOR'ed with +# 255 (hex FF)! DL format SUCKS BIG ROCKS. +# +# DL file version 1 , medium format (160x100, 4 images/screen) +0 byte 1 video/unknown +0 byte 2 video/unknown +# Quicktime video, from Linus Walleij +# from Apple quicktime file format documentation. +4 string moov video/quicktime +4 string mdat video/quicktime + diff --git a/configs/apache/mime.types b/configs/apache/mime.types new file mode 100644 index 0000000..e53c5c2 --- /dev/null +++ b/configs/apache/mime.types @@ -0,0 +1,1856 @@ +# This file maps Internet media types to unique file extension(s). +# Although created for httpd, this file is used by many software systems +# and has been placed in the public domain for unlimited redisribution. +# +# The table below contains both registered and (common) unregistered types. +# A type that has no unique extension can be ignored -- they are listed +# here to guide configurations toward known types and to make it easier to +# identify "new" types. File extensions are also commonly used to indicate +# content languages and encodings, so choose them carefully. +# +# Internet media types should be registered as described in RFC 4288. +# The registry is at . +# +# MIME type (lowercased) Extensions +# ============================================ ========== +# application/1d-interleaved-parityfec +# application/3gpdash-qoe-report+xml +# application/3gpp-ims+xml +# application/a2l +# application/activemessage +# application/alto-costmap+json +# application/alto-costmapfilter+json +# application/alto-directory+json +# application/alto-endpointcost+json +# application/alto-endpointcostparams+json +# application/alto-endpointprop+json +# application/alto-endpointpropparams+json +# application/alto-error+json +# application/alto-networkmap+json +# application/alto-networkmapfilter+json +# application/aml +application/andrew-inset ez +# application/applefile +application/applixware aw +# application/atf +# application/atfx +application/atom+xml atom +application/atomcat+xml atomcat +# application/atomdeleted+xml +# application/atomicmail +application/atomsvc+xml atomsvc +# application/atxml +# application/auth-policy+xml +# application/bacnet-xdd+zip +# application/batch-smtp +# application/beep+xml +# application/calendar+json +# application/calendar+xml +# application/call-completion +# application/cals-1840 +# application/cbor +# application/ccmp+xml +application/ccxml+xml ccxml +# application/cdfx+xml +application/cdmi-capability cdmia +application/cdmi-container cdmic +application/cdmi-domain cdmid +application/cdmi-object cdmio +application/cdmi-queue cdmiq +# application/cdni +# application/cea +# application/cea-2018+xml +# application/cellml+xml +# application/cfw +# application/cms +# application/cnrp+xml +# application/coap-group+json +# application/commonground +# application/conference-info+xml +# application/cpl+xml +# application/csrattrs +# application/csta+xml +# application/cstadata+xml +# application/csvm+json +application/cu-seeme cu +# application/cybercash +# application/dash+xml +# application/dashdelta +application/davmount+xml davmount +# application/dca-rft +# application/dcd +# application/dec-dx +# application/dialog-info+xml +# application/dicom +# application/dii +# application/dit +# application/dns +application/docbook+xml dbk +# application/dskpp+xml +application/dssc+der dssc +application/dssc+xml xdssc +# application/dvcs +application/ecmascript ecma +# application/edi-consent +# application/edi-x12 +# application/edifact +# application/efi +# application/emergencycalldata.comment+xml +# application/emergencycalldata.deviceinfo+xml +# application/emergencycalldata.providerinfo+xml +# application/emergencycalldata.serviceinfo+xml +# application/emergencycalldata.subscriberinfo+xml +application/emma+xml emma +# application/emotionml+xml +# application/encaprtp +# application/epp+xml +application/epub+zip epub +# application/eshop +# application/example +application/exi exi +# application/fastinfoset +# application/fastsoap +# application/fdt+xml +# application/fits +application/font-tdpfr pfr +# application/framework-attributes+xml +# application/geo+json +application/gml+xml gml +application/gpx+xml gpx +application/gxf gxf +# application/gzip +# application/h224 +# application/held+xml +# application/http +application/hyperstudio stk +# application/ibe-key-request+xml +# application/ibe-pkg-reply+xml +# application/ibe-pp-data +# application/iges +# application/im-iscomposing+xml +# application/index +# application/index.cmd +# application/index.obj +# application/index.response +# application/index.vnd +application/inkml+xml ink inkml +# application/iotp +application/ipfix ipfix +# application/ipp +# application/isup +# application/its+xml +application/java-archive jar +application/java-serialized-object ser +application/java-vm class +application/javascript js +# application/jose +# application/jose+json +# application/jrd+json +application/json json +# application/json-patch+json +# application/json-seq +application/jsonml+json jsonml +# application/jwk+json +# application/jwk-set+json +# application/jwt +# application/kpml-request+xml +# application/kpml-response+xml +# application/ld+json +# application/lgr+xml +# application/link-format +# application/load-control+xml +application/lost+xml lostxml +# application/lostsync+xml +# application/lxf +application/mac-binhex40 hqx +application/mac-compactpro cpt +# application/macwriteii +application/mads+xml mads +application/marc mrc +application/marcxml+xml mrcx +application/mathematica ma nb mb +application/mathml+xml mathml +# application/mathml-content+xml +# application/mathml-presentation+xml +# application/mbms-associated-procedure-description+xml +# application/mbms-deregister+xml +# application/mbms-envelope+xml +# application/mbms-msk+xml +# application/mbms-msk-response+xml +# application/mbms-protection-description+xml +# application/mbms-reception-report+xml +# application/mbms-register+xml +# application/mbms-register-response+xml +# application/mbms-schedule+xml +# application/mbms-user-service-description+xml +application/mbox mbox +# application/media-policy-dataset+xml +# application/media_control+xml +application/mediaservercontrol+xml mscml +# application/merge-patch+json +application/metalink+xml metalink +application/metalink4+xml meta4 +application/mets+xml mets +# application/mf4 +# application/mikey +application/mods+xml mods +# application/moss-keys +# application/moss-signature +# application/mosskey-data +# application/mosskey-request +application/mp21 m21 mp21 +application/mp4 mp4s +# application/mpeg4-generic +# application/mpeg4-iod +# application/mpeg4-iod-xmt +# application/mrb-consumer+xml +# application/mrb-publish+xml +# application/msc-ivr+xml +# application/msc-mixer+xml +application/msword doc dot +application/mxf mxf +# application/nasdata +# application/news-checkgroups +# application/news-groupinfo +# application/news-transmission +# application/nlsml+xml +# application/nss +# application/ocsp-request +# application/ocsp-response +application/octet-stream bin dms lrf mar so dist distz pkg bpk dump elc deploy +application/oda oda +# application/odx +application/oebps-package+xml opf +application/ogg ogx +application/omdoc+xml omdoc +application/onenote onetoc onetoc2 onetmp onepkg +application/oxps oxps +# application/p2p-overlay+xml +# application/parityfec +application/patch-ops-error+xml xer +application/pdf pdf +# application/pdx +application/pgp-encrypted pgp +# application/pgp-keys +application/pgp-signature asc sig +application/pics-rules prf +# application/pidf+xml +# application/pidf-diff+xml +application/pkcs10 p10 +# application/pkcs12 +application/pkcs7-mime p7m p7c +application/pkcs7-signature p7s +application/pkcs8 p8 +application/pkix-attr-cert ac +application/pkix-cert cer +application/pkix-crl crl +application/pkix-pkipath pkipath +application/pkixcmp pki +application/pls+xml pls +# application/poc-settings+xml +application/postscript ai eps ps +# application/ppsp-tracker+json +# application/problem+json +# application/problem+xml +# application/provenance+xml +# application/prs.alvestrand.titrax-sheet +application/prs.cww cww +# application/prs.hpub+zip +# application/prs.nprend +# application/prs.plucker +# application/prs.rdf-xml-crypt +# application/prs.xsf+xml +application/pskc+xml pskcxml +# application/qsig +# application/raptorfec +# application/rdap+json +application/rdf+xml rdf +application/reginfo+xml rif +application/relax-ng-compact-syntax rnc +# application/remote-printing +# application/reputon+json +application/resource-lists+xml rl +application/resource-lists-diff+xml rld +# application/rfc+xml +# application/riscos +# application/rlmi+xml +application/rls-services+xml rs +application/rpki-ghostbusters gbr +application/rpki-manifest mft +application/rpki-roa roa +# application/rpki-updown +application/rsd+xml rsd +application/rss+xml rss +application/rtf rtf +# application/rtploopback +# application/rtx +# application/samlassertion+xml +# application/samlmetadata+xml +application/sbml+xml sbml +# application/scaip+xml +# application/scim+json +application/scvp-cv-request scq +application/scvp-cv-response scs +application/scvp-vp-request spq +application/scvp-vp-response spp +application/sdp sdp +# application/sep+xml +# application/sep-exi +# application/session-info +# application/set-payment +application/set-payment-initiation setpay +# application/set-registration +application/set-registration-initiation setreg +# application/sgml +# application/sgml-open-catalog +application/shf+xml shf +# application/sieve +# application/simple-filter+xml +# application/simple-message-summary +# application/simplesymbolcontainer +# application/slate +# application/smil +application/smil+xml smi smil +# application/smpte336m +# application/soap+fastinfoset +# application/soap+xml +application/sparql-query rq +application/sparql-results+xml srx +# application/spirits-event+xml +# application/sql +application/srgs gram +application/srgs+xml grxml +application/sru+xml sru +application/ssdl+xml ssdl +application/ssml+xml ssml +# application/tamp-apex-update +# application/tamp-apex-update-confirm +# application/tamp-community-update +# application/tamp-community-update-confirm +# application/tamp-error +# application/tamp-sequence-adjust +# application/tamp-sequence-adjust-confirm +# application/tamp-status-query +# application/tamp-status-response +# application/tamp-update +# application/tamp-update-confirm +application/tei+xml tei teicorpus +application/thraud+xml tfi +# application/timestamp-query +# application/timestamp-reply +application/timestamped-data tsd +# application/ttml+xml +# application/tve-trigger +# application/ulpfec +# application/urc-grpsheet+xml +# application/urc-ressheet+xml +# application/urc-targetdesc+xml +# application/urc-uisocketdesc+xml +# application/vcard+json +# application/vcard+xml +# application/vemmi +# application/vividence.scriptfile +# application/vnd.3gpp-prose+xml +# application/vnd.3gpp-prose-pc3ch+xml +# application/vnd.3gpp.access-transfer-events+xml +# application/vnd.3gpp.bsf+xml +# application/vnd.3gpp.mid-call+xml +application/vnd.3gpp.pic-bw-large plb +application/vnd.3gpp.pic-bw-small psb +application/vnd.3gpp.pic-bw-var pvb +# application/vnd.3gpp.sms +# application/vnd.3gpp.sms+xml +# application/vnd.3gpp.srvcc-ext+xml +# application/vnd.3gpp.srvcc-info+xml +# application/vnd.3gpp.state-and-event-info+xml +# application/vnd.3gpp.ussd+xml +# application/vnd.3gpp2.bcmcsinfo+xml +# application/vnd.3gpp2.sms +application/vnd.3gpp2.tcap tcap +# application/vnd.3lightssoftware.imagescal +application/vnd.3m.post-it-notes pwn +application/vnd.accpac.simply.aso aso +application/vnd.accpac.simply.imp imp +application/vnd.acucobol acu +application/vnd.acucorp atc acutc +application/vnd.adobe.air-application-installer-package+zip air +# application/vnd.adobe.flash.movie +application/vnd.adobe.formscentral.fcdt fcdt +application/vnd.adobe.fxp fxp fxpl +# application/vnd.adobe.partial-upload +application/vnd.adobe.xdp+xml xdp +application/vnd.adobe.xfdf xfdf +# application/vnd.aether.imp +# application/vnd.ah-barcode +application/vnd.ahead.space ahead +application/vnd.airzip.filesecure.azf azf +application/vnd.airzip.filesecure.azs azs +application/vnd.amazon.ebook azw +# application/vnd.amazon.mobi8-ebook +application/vnd.americandynamics.acc acc +application/vnd.amiga.ami ami +# application/vnd.amundsen.maze+xml +application/vnd.android.package-archive apk +# application/vnd.anki +application/vnd.anser-web-certificate-issue-initiation cii +application/vnd.anser-web-funds-transfer-initiation fti +application/vnd.antix.game-component atx +# application/vnd.apache.thrift.binary +# application/vnd.apache.thrift.compact +# application/vnd.apache.thrift.json +# application/vnd.api+json +application/vnd.apple.installer+xml mpkg +application/vnd.apple.mpegurl m3u8 +# application/vnd.arastra.swi +application/vnd.aristanetworks.swi swi +# application/vnd.artsquare +application/vnd.astraea-software.iota iota +application/vnd.audiograph aep +# application/vnd.autopackage +# application/vnd.avistar+xml +# application/vnd.balsamiq.bmml+xml +# application/vnd.balsamiq.bmpr +# application/vnd.bekitzur-stech+json +# application/vnd.biopax.rdf+xml +application/vnd.blueice.multipass mpm +# application/vnd.bluetooth.ep.oob +# application/vnd.bluetooth.le.oob +application/vnd.bmi bmi +application/vnd.businessobjects rep +# application/vnd.cab-jscript +# application/vnd.canon-cpdl +# application/vnd.canon-lips +# application/vnd.cendio.thinlinc.clientconf +# application/vnd.century-systems.tcp_stream +application/vnd.chemdraw+xml cdxml +# application/vnd.chess-pgn +application/vnd.chipnuts.karaoke-mmd mmd +application/vnd.cinderella cdy +# application/vnd.cirpack.isdn-ext +# application/vnd.citationstyles.style+xml +application/vnd.claymore cla +application/vnd.cloanto.rp9 rp9 +application/vnd.clonk.c4group c4g c4d c4f c4p c4u +application/vnd.cluetrust.cartomobile-config c11amc +application/vnd.cluetrust.cartomobile-config-pkg c11amz +# application/vnd.coffeescript +# application/vnd.collection+json +# application/vnd.collection.doc+json +# application/vnd.collection.next+json +# application/vnd.comicbook+zip +# application/vnd.commerce-battelle +application/vnd.commonspace csp +application/vnd.contact.cmsg cdbcmsg +# application/vnd.coreos.ignition+json +application/vnd.cosmocaller cmc +application/vnd.crick.clicker clkx +application/vnd.crick.clicker.keyboard clkk +application/vnd.crick.clicker.palette clkp +application/vnd.crick.clicker.template clkt +application/vnd.crick.clicker.wordbank clkw +application/vnd.criticaltools.wbs+xml wbs +application/vnd.ctc-posml pml +# application/vnd.ctct.ws+xml +# application/vnd.cups-pdf +# application/vnd.cups-postscript +application/vnd.cups-ppd ppd +# application/vnd.cups-raster +# application/vnd.cups-raw +# application/vnd.curl +application/vnd.curl.car car +application/vnd.curl.pcurl pcurl +# application/vnd.cyan.dean.root+xml +# application/vnd.cybank +application/vnd.dart dart +application/vnd.data-vision.rdz rdz +# application/vnd.debian.binary-package +application/vnd.dece.data uvf uvvf uvd uvvd +application/vnd.dece.ttml+xml uvt uvvt +application/vnd.dece.unspecified uvx uvvx +application/vnd.dece.zip uvz uvvz +application/vnd.denovo.fcselayout-link fe_launch +# application/vnd.desmume.movie +# application/vnd.dir-bi.plate-dl-nosuffix +# application/vnd.dm.delegation+xml +application/vnd.dna dna +# application/vnd.document+json +application/vnd.dolby.mlp mlp +# application/vnd.dolby.mobile.1 +# application/vnd.dolby.mobile.2 +# application/vnd.doremir.scorecloud-binary-document +application/vnd.dpgraph dpg +application/vnd.dreamfactory dfac +# application/vnd.drive+json +application/vnd.ds-keypoint kpxx +# application/vnd.dtg.local +# application/vnd.dtg.local.flash +# application/vnd.dtg.local.html +application/vnd.dvb.ait ait +# application/vnd.dvb.dvbj +# application/vnd.dvb.esgcontainer +# application/vnd.dvb.ipdcdftnotifaccess +# application/vnd.dvb.ipdcesgaccess +# application/vnd.dvb.ipdcesgaccess2 +# application/vnd.dvb.ipdcesgpdd +# application/vnd.dvb.ipdcroaming +# application/vnd.dvb.iptv.alfec-base +# application/vnd.dvb.iptv.alfec-enhancement +# application/vnd.dvb.notif-aggregate-root+xml +# application/vnd.dvb.notif-container+xml +# application/vnd.dvb.notif-generic+xml +# application/vnd.dvb.notif-ia-msglist+xml +# application/vnd.dvb.notif-ia-registration-request+xml +# application/vnd.dvb.notif-ia-registration-response+xml +# application/vnd.dvb.notif-init+xml +# application/vnd.dvb.pfr +application/vnd.dvb.service svc +# application/vnd.dxr +application/vnd.dynageo geo +# application/vnd.dzr +# application/vnd.easykaraoke.cdgdownload +# application/vnd.ecdis-update +application/vnd.ecowin.chart mag +# application/vnd.ecowin.filerequest +# application/vnd.ecowin.fileupdate +# application/vnd.ecowin.series +# application/vnd.ecowin.seriesrequest +# application/vnd.ecowin.seriesupdate +# application/vnd.emclient.accessrequest+xml +application/vnd.enliven nml +# application/vnd.enphase.envoy +# application/vnd.eprints.data+xml +application/vnd.epson.esf esf +application/vnd.epson.msf msf +application/vnd.epson.quickanime qam +application/vnd.epson.salt slt +application/vnd.epson.ssf ssf +# application/vnd.ericsson.quickcall +application/vnd.eszigno3+xml es3 et3 +# application/vnd.etsi.aoc+xml +# application/vnd.etsi.asic-e+zip +# application/vnd.etsi.asic-s+zip +# application/vnd.etsi.cug+xml +# application/vnd.etsi.iptvcommand+xml +# application/vnd.etsi.iptvdiscovery+xml +# application/vnd.etsi.iptvprofile+xml +# application/vnd.etsi.iptvsad-bc+xml +# application/vnd.etsi.iptvsad-cod+xml +# application/vnd.etsi.iptvsad-npvr+xml +# application/vnd.etsi.iptvservice+xml +# application/vnd.etsi.iptvsync+xml +# application/vnd.etsi.iptvueprofile+xml +# application/vnd.etsi.mcid+xml +# application/vnd.etsi.mheg5 +# application/vnd.etsi.overload-control-policy-dataset+xml +# application/vnd.etsi.pstn+xml +# application/vnd.etsi.sci+xml +# application/vnd.etsi.simservs+xml +# application/vnd.etsi.timestamp-token +# application/vnd.etsi.tsl+xml +# application/vnd.etsi.tsl.der +# application/vnd.eudora.data +application/vnd.ezpix-album ez2 +application/vnd.ezpix-package ez3 +# application/vnd.f-secure.mobile +# application/vnd.fastcopy-disk-image +application/vnd.fdf fdf +application/vnd.fdsn.mseed mseed +application/vnd.fdsn.seed seed dataless +# application/vnd.ffsns +# application/vnd.filmit.zfc +# application/vnd.fints +# application/vnd.firemonkeys.cloudcell +application/vnd.flographit gph +application/vnd.fluxtime.clip ftc +# application/vnd.font-fontforge-sfd +application/vnd.framemaker fm frame maker book +application/vnd.frogans.fnc fnc +application/vnd.frogans.ltf ltf +application/vnd.fsc.weblaunch fsc +application/vnd.fujitsu.oasys oas +application/vnd.fujitsu.oasys2 oa2 +application/vnd.fujitsu.oasys3 oa3 +application/vnd.fujitsu.oasysgp fg5 +application/vnd.fujitsu.oasysprs bh2 +# application/vnd.fujixerox.art-ex +# application/vnd.fujixerox.art4 +application/vnd.fujixerox.ddd ddd +application/vnd.fujixerox.docuworks xdw +application/vnd.fujixerox.docuworks.binder xbd +# application/vnd.fujixerox.docuworks.container +# application/vnd.fujixerox.hbpl +# application/vnd.fut-misnet +application/vnd.fuzzysheet fzs +application/vnd.genomatix.tuxedo txd +# application/vnd.geo+json +# application/vnd.geocube+xml +application/vnd.geogebra.file ggb +application/vnd.geogebra.tool ggt +application/vnd.geometry-explorer gex gre +application/vnd.geonext gxt +application/vnd.geoplan g2w +application/vnd.geospace g3w +# application/vnd.gerber +# application/vnd.globalplatform.card-content-mgt +# application/vnd.globalplatform.card-content-mgt-response +application/vnd.gmx gmx +application/vnd.google-earth.kml+xml kml +application/vnd.google-earth.kmz kmz +# application/vnd.gov.sk.e-form+xml +# application/vnd.gov.sk.e-form+zip +# application/vnd.gov.sk.xmldatacontainer+xml +application/vnd.grafeq gqf gqs +# application/vnd.gridmp +application/vnd.groove-account gac +application/vnd.groove-help ghf +application/vnd.groove-identity-message gim +application/vnd.groove-injector grv +application/vnd.groove-tool-message gtm +application/vnd.groove-tool-template tpl +application/vnd.groove-vcard vcg +# application/vnd.hal+json +application/vnd.hal+xml hal +application/vnd.handheld-entertainment+xml zmm +application/vnd.hbci hbci +# application/vnd.hcl-bireports +# application/vnd.hdt +# application/vnd.heroku+json +application/vnd.hhe.lesson-player les +application/vnd.hp-hpgl hpgl +application/vnd.hp-hpid hpid +application/vnd.hp-hps hps +application/vnd.hp-jlyt jlt +application/vnd.hp-pcl pcl +application/vnd.hp-pclxl pclxl +# application/vnd.httphone +application/vnd.hydrostatix.sof-data sfd-hdstx +# application/vnd.hyperdrive+json +# application/vnd.hzn-3d-crossword +# application/vnd.ibm.afplinedata +# application/vnd.ibm.electronic-media +application/vnd.ibm.minipay mpy +application/vnd.ibm.modcap afp listafp list3820 +application/vnd.ibm.rights-management irm +application/vnd.ibm.secure-container sc +application/vnd.iccprofile icc icm +# application/vnd.ieee.1905 +application/vnd.igloader igl +application/vnd.immervision-ivp ivp +application/vnd.immervision-ivu ivu +# application/vnd.ims.imsccv1p1 +# application/vnd.ims.imsccv1p2 +# application/vnd.ims.imsccv1p3 +# application/vnd.ims.lis.v2.result+json +# application/vnd.ims.lti.v2.toolconsumerprofile+json +# application/vnd.ims.lti.v2.toolproxy+json +# application/vnd.ims.lti.v2.toolproxy.id+json +# application/vnd.ims.lti.v2.toolsettings+json +# application/vnd.ims.lti.v2.toolsettings.simple+json +# application/vnd.informedcontrol.rms+xml +# application/vnd.informix-visionary +# application/vnd.infotech.project +# application/vnd.infotech.project+xml +# application/vnd.innopath.wamp.notification +application/vnd.insors.igm igm +application/vnd.intercon.formnet xpw xpx +application/vnd.intergeo i2g +# application/vnd.intertrust.digibox +# application/vnd.intertrust.nncp +application/vnd.intu.qbo qbo +application/vnd.intu.qfx qfx +# application/vnd.iptc.g2.catalogitem+xml +# application/vnd.iptc.g2.conceptitem+xml +# application/vnd.iptc.g2.knowledgeitem+xml +# application/vnd.iptc.g2.newsitem+xml +# application/vnd.iptc.g2.newsmessage+xml +# application/vnd.iptc.g2.packageitem+xml +# application/vnd.iptc.g2.planningitem+xml +application/vnd.ipunplugged.rcprofile rcprofile +application/vnd.irepository.package+xml irp +application/vnd.is-xpr xpr +application/vnd.isac.fcs fcs +application/vnd.jam jam +# application/vnd.japannet-directory-service +# application/vnd.japannet-jpnstore-wakeup +# application/vnd.japannet-payment-wakeup +# application/vnd.japannet-registration +# application/vnd.japannet-registration-wakeup +# application/vnd.japannet-setstore-wakeup +# application/vnd.japannet-verification +# application/vnd.japannet-verification-wakeup +application/vnd.jcp.javame.midlet-rms rms +application/vnd.jisp jisp +application/vnd.joost.joda-archive joda +# application/vnd.jsk.isdn-ngn +application/vnd.kahootz ktz ktr +application/vnd.kde.karbon karbon +application/vnd.kde.kchart chrt +application/vnd.kde.kformula kfo +application/vnd.kde.kivio flw +application/vnd.kde.kontour kon +application/vnd.kde.kpresenter kpr kpt +application/vnd.kde.kspread ksp +application/vnd.kde.kword kwd kwt +application/vnd.kenameaapp htke +application/vnd.kidspiration kia +application/vnd.kinar kne knp +application/vnd.koan skp skd skt skm +application/vnd.kodak-descriptor sse +application/vnd.las.las+xml lasxml +# application/vnd.liberty-request+xml +application/vnd.llamagraphics.life-balance.desktop lbd +application/vnd.llamagraphics.life-balance.exchange+xml lbe +application/vnd.lotus-1-2-3 123 +application/vnd.lotus-approach apr +application/vnd.lotus-freelance pre +application/vnd.lotus-notes nsf +application/vnd.lotus-organizer org +application/vnd.lotus-screencam scm +application/vnd.lotus-wordpro lwp +application/vnd.macports.portpkg portpkg +# application/vnd.mapbox-vector-tile +# application/vnd.marlin.drm.actiontoken+xml +# application/vnd.marlin.drm.conftoken+xml +# application/vnd.marlin.drm.license+xml +# application/vnd.marlin.drm.mdcf +# application/vnd.mason+json +# application/vnd.maxmind.maxmind-db +application/vnd.mcd mcd +application/vnd.medcalcdata mc1 +application/vnd.mediastation.cdkey cdkey +# application/vnd.meridian-slingshot +application/vnd.mfer mwf +application/vnd.mfmp mfm +# application/vnd.micro+json +application/vnd.micrografx.flo flo +application/vnd.micrografx.igx igx +# application/vnd.microsoft.portable-executable +# application/vnd.miele+json +application/vnd.mif mif +# application/vnd.minisoft-hp3000-save +# application/vnd.mitsubishi.misty-guard.trustweb +application/vnd.mobius.daf daf +application/vnd.mobius.dis dis +application/vnd.mobius.mbk mbk +application/vnd.mobius.mqy mqy +application/vnd.mobius.msl msl +application/vnd.mobius.plc plc +application/vnd.mobius.txf txf +application/vnd.mophun.application mpn +application/vnd.mophun.certificate mpc +# application/vnd.motorola.flexsuite +# application/vnd.motorola.flexsuite.adsi +# application/vnd.motorola.flexsuite.fis +# application/vnd.motorola.flexsuite.gotap +# application/vnd.motorola.flexsuite.kmr +# application/vnd.motorola.flexsuite.ttc +# application/vnd.motorola.flexsuite.wem +# application/vnd.motorola.iprm +application/vnd.mozilla.xul+xml xul +# application/vnd.ms-3mfdocument +application/vnd.ms-artgalry cil +# application/vnd.ms-asf +application/vnd.ms-cab-compressed cab +# application/vnd.ms-color.iccprofile +application/vnd.ms-excel xls xlm xla xlc xlt xlw +application/vnd.ms-excel.addin.macroenabled.12 xlam +application/vnd.ms-excel.sheet.binary.macroenabled.12 xlsb +application/vnd.ms-excel.sheet.macroenabled.12 xlsm +application/vnd.ms-excel.template.macroenabled.12 xltm +application/vnd.ms-fontobject eot +application/vnd.ms-htmlhelp chm +application/vnd.ms-ims ims +application/vnd.ms-lrm lrm +# application/vnd.ms-office.activex+xml +application/vnd.ms-officetheme thmx +# application/vnd.ms-opentype +# application/vnd.ms-package.obfuscated-opentype +application/vnd.ms-pki.seccat cat +application/vnd.ms-pki.stl stl +# application/vnd.ms-playready.initiator+xml +application/vnd.ms-powerpoint ppt pps pot +application/vnd.ms-powerpoint.addin.macroenabled.12 ppam +application/vnd.ms-powerpoint.presentation.macroenabled.12 pptm +application/vnd.ms-powerpoint.slide.macroenabled.12 sldm +application/vnd.ms-powerpoint.slideshow.macroenabled.12 ppsm +application/vnd.ms-powerpoint.template.macroenabled.12 potm +# application/vnd.ms-printdevicecapabilities+xml +# application/vnd.ms-printing.printticket+xml +# application/vnd.ms-printschematicket+xml +application/vnd.ms-project mpp mpt +# application/vnd.ms-tnef +# application/vnd.ms-windows.devicepairing +# application/vnd.ms-windows.nwprinting.oob +# application/vnd.ms-windows.printerpairing +# application/vnd.ms-windows.wsd.oob +# application/vnd.ms-wmdrm.lic-chlg-req +# application/vnd.ms-wmdrm.lic-resp +# application/vnd.ms-wmdrm.meter-chlg-req +# application/vnd.ms-wmdrm.meter-resp +application/vnd.ms-word.document.macroenabled.12 docm +application/vnd.ms-word.template.macroenabled.12 dotm +application/vnd.ms-works wps wks wcm wdb +application/vnd.ms-wpl wpl +application/vnd.ms-xpsdocument xps +# application/vnd.msa-disk-image +application/vnd.mseq mseq +# application/vnd.msign +# application/vnd.multiad.creator +# application/vnd.multiad.creator.cif +# application/vnd.music-niff +application/vnd.musician mus +application/vnd.muvee.style msty +application/vnd.mynfc taglet +# application/vnd.ncd.control +# application/vnd.ncd.reference +# application/vnd.nervana +# application/vnd.netfpx +application/vnd.neurolanguage.nlu nlu +# application/vnd.nintendo.nitro.rom +# application/vnd.nintendo.snes.rom +application/vnd.nitf ntf nitf +application/vnd.noblenet-directory nnd +application/vnd.noblenet-sealer nns +application/vnd.noblenet-web nnw +# application/vnd.nokia.catalogs +# application/vnd.nokia.conml+wbxml +# application/vnd.nokia.conml+xml +# application/vnd.nokia.iptv.config+xml +# application/vnd.nokia.isds-radio-presets +# application/vnd.nokia.landmark+wbxml +# application/vnd.nokia.landmark+xml +# application/vnd.nokia.landmarkcollection+xml +# application/vnd.nokia.n-gage.ac+xml +application/vnd.nokia.n-gage.data ngdat +application/vnd.nokia.n-gage.symbian.install n-gage +# application/vnd.nokia.ncd +# application/vnd.nokia.pcd+wbxml +# application/vnd.nokia.pcd+xml +application/vnd.nokia.radio-preset rpst +application/vnd.nokia.radio-presets rpss +application/vnd.novadigm.edm edm +application/vnd.novadigm.edx edx +application/vnd.novadigm.ext ext +# application/vnd.ntt-local.content-share +# application/vnd.ntt-local.file-transfer +# application/vnd.ntt-local.ogw_remote-access +# application/vnd.ntt-local.sip-ta_remote +# application/vnd.ntt-local.sip-ta_tcp_stream +application/vnd.oasis.opendocument.chart odc +application/vnd.oasis.opendocument.chart-template otc +application/vnd.oasis.opendocument.database odb +application/vnd.oasis.opendocument.formula odf +application/vnd.oasis.opendocument.formula-template odft +application/vnd.oasis.opendocument.graphics odg +application/vnd.oasis.opendocument.graphics-template otg +application/vnd.oasis.opendocument.image odi +application/vnd.oasis.opendocument.image-template oti +application/vnd.oasis.opendocument.presentation odp +application/vnd.oasis.opendocument.presentation-template otp +application/vnd.oasis.opendocument.spreadsheet ods +application/vnd.oasis.opendocument.spreadsheet-template ots +application/vnd.oasis.opendocument.text odt +application/vnd.oasis.opendocument.text-master odm +application/vnd.oasis.opendocument.text-template ott +application/vnd.oasis.opendocument.text-web oth +# application/vnd.obn +# application/vnd.oftn.l10n+json +# application/vnd.oipf.contentaccessdownload+xml +# application/vnd.oipf.contentaccessstreaming+xml +# application/vnd.oipf.cspg-hexbinary +# application/vnd.oipf.dae.svg+xml +# application/vnd.oipf.dae.xhtml+xml +# application/vnd.oipf.mippvcontrolmessage+xml +# application/vnd.oipf.pae.gem +# application/vnd.oipf.spdiscovery+xml +# application/vnd.oipf.spdlist+xml +# application/vnd.oipf.ueprofile+xml +# application/vnd.oipf.userprofile+xml +application/vnd.olpc-sugar xo +# application/vnd.oma-scws-config +# application/vnd.oma-scws-http-request +# application/vnd.oma-scws-http-response +# application/vnd.oma.bcast.associated-procedure-parameter+xml +# application/vnd.oma.bcast.drm-trigger+xml +# application/vnd.oma.bcast.imd+xml +# application/vnd.oma.bcast.ltkm +# application/vnd.oma.bcast.notification+xml +# application/vnd.oma.bcast.provisioningtrigger +# application/vnd.oma.bcast.sgboot +# application/vnd.oma.bcast.sgdd+xml +# application/vnd.oma.bcast.sgdu +# application/vnd.oma.bcast.simple-symbol-container +# application/vnd.oma.bcast.smartcard-trigger+xml +# application/vnd.oma.bcast.sprov+xml +# application/vnd.oma.bcast.stkm +# application/vnd.oma.cab-address-book+xml +# application/vnd.oma.cab-feature-handler+xml +# application/vnd.oma.cab-pcc+xml +# application/vnd.oma.cab-subs-invite+xml +# application/vnd.oma.cab-user-prefs+xml +# application/vnd.oma.dcd +# application/vnd.oma.dcdc +application/vnd.oma.dd2+xml dd2 +# application/vnd.oma.drm.risd+xml +# application/vnd.oma.group-usage-list+xml +# application/vnd.oma.lwm2m+json +# application/vnd.oma.lwm2m+tlv +# application/vnd.oma.pal+xml +# application/vnd.oma.poc.detailed-progress-report+xml +# application/vnd.oma.poc.final-report+xml +# application/vnd.oma.poc.groups+xml +# application/vnd.oma.poc.invocation-descriptor+xml +# application/vnd.oma.poc.optimized-progress-report+xml +# application/vnd.oma.push +# application/vnd.oma.scidm.messages+xml +# application/vnd.oma.xcap-directory+xml +# application/vnd.omads-email+xml +# application/vnd.omads-file+xml +# application/vnd.omads-folder+xml +# application/vnd.omaloc-supl-init +# application/vnd.onepager +# application/vnd.openblox.game+xml +# application/vnd.openblox.game-binary +# application/vnd.openeye.oeb +application/vnd.openofficeorg.extension oxt +# application/vnd.openxmlformats-officedocument.custom-properties+xml +# application/vnd.openxmlformats-officedocument.customxmlproperties+xml +# application/vnd.openxmlformats-officedocument.drawing+xml +# application/vnd.openxmlformats-officedocument.drawingml.chart+xml +# application/vnd.openxmlformats-officedocument.drawingml.chartshapes+xml +# application/vnd.openxmlformats-officedocument.drawingml.diagramcolors+xml +# application/vnd.openxmlformats-officedocument.drawingml.diagramdata+xml +# application/vnd.openxmlformats-officedocument.drawingml.diagramlayout+xml +# application/vnd.openxmlformats-officedocument.drawingml.diagramstyle+xml +# application/vnd.openxmlformats-officedocument.extended-properties+xml +# application/vnd.openxmlformats-officedocument.presentationml.commentauthors+xml +# application/vnd.openxmlformats-officedocument.presentationml.comments+xml +# application/vnd.openxmlformats-officedocument.presentationml.handoutmaster+xml +# application/vnd.openxmlformats-officedocument.presentationml.notesmaster+xml +# application/vnd.openxmlformats-officedocument.presentationml.notesslide+xml +application/vnd.openxmlformats-officedocument.presentationml.presentation pptx +# application/vnd.openxmlformats-officedocument.presentationml.presentation.main+xml +# application/vnd.openxmlformats-officedocument.presentationml.presprops+xml +application/vnd.openxmlformats-officedocument.presentationml.slide sldx +# application/vnd.openxmlformats-officedocument.presentationml.slide+xml +# application/vnd.openxmlformats-officedocument.presentationml.slidelayout+xml +# application/vnd.openxmlformats-officedocument.presentationml.slidemaster+xml +application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx +# application/vnd.openxmlformats-officedocument.presentationml.slideshow.main+xml +# application/vnd.openxmlformats-officedocument.presentationml.slideupdateinfo+xml +# application/vnd.openxmlformats-officedocument.presentationml.tablestyles+xml +# application/vnd.openxmlformats-officedocument.presentationml.tags+xml +application/vnd.openxmlformats-officedocument.presentationml.template potx +# application/vnd.openxmlformats-officedocument.presentationml.template.main+xml +# application/vnd.openxmlformats-officedocument.presentationml.viewprops+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.calcchain+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.chartsheet+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.comments+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.connections+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.dialogsheet+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.externallink+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.pivotcachedefinition+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.pivotcacherecords+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.pivottable+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.querytable+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.revisionheaders+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.revisionlog+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.sharedstrings+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx +# application/vnd.openxmlformats-officedocument.spreadsheetml.sheet.main+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.sheetmetadata+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.styles+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.table+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.tablesinglecells+xml +application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx +# application/vnd.openxmlformats-officedocument.spreadsheetml.template.main+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.usernames+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.volatiledependencies+xml +# application/vnd.openxmlformats-officedocument.spreadsheetml.worksheet+xml +# application/vnd.openxmlformats-officedocument.theme+xml +# application/vnd.openxmlformats-officedocument.themeoverride+xml +# application/vnd.openxmlformats-officedocument.vmldrawing +# application/vnd.openxmlformats-officedocument.wordprocessingml.comments+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.document docx +# application/vnd.openxmlformats-officedocument.wordprocessingml.document.glossary+xml +# application/vnd.openxmlformats-officedocument.wordprocessingml.document.main+xml +# application/vnd.openxmlformats-officedocument.wordprocessingml.endnotes+xml +# application/vnd.openxmlformats-officedocument.wordprocessingml.fonttable+xml +# application/vnd.openxmlformats-officedocument.wordprocessingml.footer+xml +# application/vnd.openxmlformats-officedocument.wordprocessingml.footnotes+xml +# application/vnd.openxmlformats-officedocument.wordprocessingml.numbering+xml +# application/vnd.openxmlformats-officedocument.wordprocessingml.settings+xml +# application/vnd.openxmlformats-officedocument.wordprocessingml.styles+xml +application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx +# application/vnd.openxmlformats-officedocument.wordprocessingml.template.main+xml +# application/vnd.openxmlformats-officedocument.wordprocessingml.websettings+xml +# application/vnd.openxmlformats-package.core-properties+xml +# application/vnd.openxmlformats-package.digital-signature-xmlsignature+xml +# application/vnd.openxmlformats-package.relationships+xml +# application/vnd.oracle.resource+json +# application/vnd.orange.indata +# application/vnd.osa.netdeploy +application/vnd.osgeo.mapguide.package mgp +# application/vnd.osgi.bundle +application/vnd.osgi.dp dp +application/vnd.osgi.subsystem esa +# application/vnd.otps.ct-kip+xml +# application/vnd.oxli.countgraph +# application/vnd.pagerduty+json +application/vnd.palm pdb pqa oprc +# application/vnd.panoply +# application/vnd.paos.xml +application/vnd.pawaafile paw +# application/vnd.pcos +application/vnd.pg.format str +application/vnd.pg.osasli ei6 +# application/vnd.piaccess.application-licence +application/vnd.picsel efif +application/vnd.pmi.widget wg +# application/vnd.poc.group-advertisement+xml +application/vnd.pocketlearn plf +application/vnd.powerbuilder6 pbd +# application/vnd.powerbuilder6-s +# application/vnd.powerbuilder7 +# application/vnd.powerbuilder7-s +# application/vnd.powerbuilder75 +# application/vnd.powerbuilder75-s +# application/vnd.preminet +application/vnd.previewsystems.box box +application/vnd.proteus.magazine mgz +application/vnd.publishare-delta-tree qps +application/vnd.pvi.ptid1 ptid +# application/vnd.pwg-multiplexed +# application/vnd.pwg-xhtml-print+xml +# application/vnd.qualcomm.brew-app-res +# application/vnd.quarantainenet +application/vnd.quark.quarkxpress qxd qxt qwd qwt qxl qxb +# application/vnd.quobject-quoxdocument +# application/vnd.radisys.moml+xml +# application/vnd.radisys.msml+xml +# application/vnd.radisys.msml-audit+xml +# application/vnd.radisys.msml-audit-conf+xml +# application/vnd.radisys.msml-audit-conn+xml +# application/vnd.radisys.msml-audit-dialog+xml +# application/vnd.radisys.msml-audit-stream+xml +# application/vnd.radisys.msml-conf+xml +# application/vnd.radisys.msml-dialog+xml +# application/vnd.radisys.msml-dialog-base+xml +# application/vnd.radisys.msml-dialog-fax-detect+xml +# application/vnd.radisys.msml-dialog-fax-sendrecv+xml +# application/vnd.radisys.msml-dialog-group+xml +# application/vnd.radisys.msml-dialog-speech+xml +# application/vnd.radisys.msml-dialog-transform+xml +# application/vnd.rainstor.data +# application/vnd.rapid +# application/vnd.rar +application/vnd.realvnc.bed bed +application/vnd.recordare.musicxml mxl +application/vnd.recordare.musicxml+xml musicxml +# application/vnd.renlearn.rlprint +application/vnd.rig.cryptonote cryptonote +application/vnd.rim.cod cod +application/vnd.rn-realmedia rm +application/vnd.rn-realmedia-vbr rmvb +application/vnd.route66.link66+xml link66 +# application/vnd.rs-274x +# application/vnd.ruckus.download +# application/vnd.s3sms +application/vnd.sailingtracker.track st +# application/vnd.sbm.cid +# application/vnd.sbm.mid2 +# application/vnd.scribus +# application/vnd.sealed.3df +# application/vnd.sealed.csf +# application/vnd.sealed.doc +# application/vnd.sealed.eml +# application/vnd.sealed.mht +# application/vnd.sealed.net +# application/vnd.sealed.ppt +# application/vnd.sealed.tiff +# application/vnd.sealed.xls +# application/vnd.sealedmedia.softseal.html +# application/vnd.sealedmedia.softseal.pdf +application/vnd.seemail see +application/vnd.sema sema +application/vnd.semd semd +application/vnd.semf semf +application/vnd.shana.informed.formdata ifm +application/vnd.shana.informed.formtemplate itp +application/vnd.shana.informed.interchange iif +application/vnd.shana.informed.package ipk +application/vnd.simtech-mindmapper twd twds +# application/vnd.siren+json +application/vnd.smaf mmf +# application/vnd.smart.notebook +application/vnd.smart.teacher teacher +# application/vnd.software602.filler.form+xml +# application/vnd.software602.filler.form-xml-zip +application/vnd.solent.sdkm+xml sdkm sdkd +application/vnd.spotfire.dxp dxp +application/vnd.spotfire.sfs sfs +# application/vnd.sss-cod +# application/vnd.sss-dtf +# application/vnd.sss-ntf +application/vnd.stardivision.calc sdc +application/vnd.stardivision.draw sda +application/vnd.stardivision.impress sdd +application/vnd.stardivision.math smf +application/vnd.stardivision.writer sdw vor +application/vnd.stardivision.writer-global sgl +application/vnd.stepmania.package smzip +application/vnd.stepmania.stepchart sm +# application/vnd.street-stream +# application/vnd.sun.wadl+xml +application/vnd.sun.xml.calc sxc +application/vnd.sun.xml.calc.template stc +application/vnd.sun.xml.draw sxd +application/vnd.sun.xml.draw.template std +application/vnd.sun.xml.impress sxi +application/vnd.sun.xml.impress.template sti +application/vnd.sun.xml.math sxm +application/vnd.sun.xml.writer sxw +application/vnd.sun.xml.writer.global sxg +application/vnd.sun.xml.writer.template stw +application/vnd.sus-calendar sus susp +application/vnd.svd svd +# application/vnd.swiftview-ics +application/vnd.symbian.install sis sisx +application/vnd.syncml+xml xsm +application/vnd.syncml.dm+wbxml bdm +application/vnd.syncml.dm+xml xdm +# application/vnd.syncml.dm.notification +# application/vnd.syncml.dmddf+wbxml +# application/vnd.syncml.dmddf+xml +# application/vnd.syncml.dmtnds+wbxml +# application/vnd.syncml.dmtnds+xml +# application/vnd.syncml.ds.notification +application/vnd.tao.intent-module-archive tao +application/vnd.tcpdump.pcap pcap cap dmp +# application/vnd.tmd.mediaflex.api+xml +# application/vnd.tml +application/vnd.tmobile-livetv tmo +application/vnd.trid.tpt tpt +application/vnd.triscape.mxs mxs +application/vnd.trueapp tra +# application/vnd.truedoc +# application/vnd.ubisoft.webplayer +application/vnd.ufdl ufd ufdl +application/vnd.uiq.theme utz +application/vnd.umajin umj +application/vnd.unity unityweb +application/vnd.uoml+xml uoml +# application/vnd.uplanet.alert +# application/vnd.uplanet.alert-wbxml +# application/vnd.uplanet.bearer-choice +# application/vnd.uplanet.bearer-choice-wbxml +# application/vnd.uplanet.cacheop +# application/vnd.uplanet.cacheop-wbxml +# application/vnd.uplanet.channel +# application/vnd.uplanet.channel-wbxml +# application/vnd.uplanet.list +# application/vnd.uplanet.list-wbxml +# application/vnd.uplanet.listcmd +# application/vnd.uplanet.listcmd-wbxml +# application/vnd.uplanet.signal +# application/vnd.uri-map +# application/vnd.valve.source.material +application/vnd.vcx vcx +# application/vnd.vd-study +# application/vnd.vectorworks +# application/vnd.vel+json +# application/vnd.verimatrix.vcas +# application/vnd.vidsoft.vidconference +application/vnd.visio vsd vst vss vsw +application/vnd.visionary vis +# application/vnd.vividence.scriptfile +application/vnd.vsf vsf +# application/vnd.wap.sic +# application/vnd.wap.slc +application/vnd.wap.wbxml wbxml +application/vnd.wap.wmlc wmlc +application/vnd.wap.wmlscriptc wmlsc +application/vnd.webturbo wtb +# application/vnd.wfa.p2p +# application/vnd.wfa.wsc +# application/vnd.windows.devicepairing +# application/vnd.wmc +# application/vnd.wmf.bootstrap +# application/vnd.wolfram.mathematica +# application/vnd.wolfram.mathematica.package +application/vnd.wolfram.player nbp +application/vnd.wordperfect wpd +application/vnd.wqd wqd +# application/vnd.wrq-hp3000-labelled +application/vnd.wt.stf stf +# application/vnd.wv.csp+wbxml +# application/vnd.wv.csp+xml +# application/vnd.wv.ssp+xml +# application/vnd.xacml+json +application/vnd.xara xar +application/vnd.xfdl xfdl +# application/vnd.xfdl.webform +# application/vnd.xmi+xml +# application/vnd.xmpie.cpkg +# application/vnd.xmpie.dpkg +# application/vnd.xmpie.plan +# application/vnd.xmpie.ppkg +# application/vnd.xmpie.xlim +application/vnd.yamaha.hv-dic hvd +application/vnd.yamaha.hv-script hvs +application/vnd.yamaha.hv-voice hvp +application/vnd.yamaha.openscoreformat osf +application/vnd.yamaha.openscoreformat.osfpvg+xml osfpvg +# application/vnd.yamaha.remote-setup +application/vnd.yamaha.smaf-audio saf +application/vnd.yamaha.smaf-phrase spf +# application/vnd.yamaha.through-ngn +# application/vnd.yamaha.tunnel-udpencap +# application/vnd.yaoweme +application/vnd.yellowriver-custom-menu cmp +application/vnd.zul zir zirz +application/vnd.zzazz.deck+xml zaz +application/voicexml+xml vxml +# application/vq-rtcpxr +# application/watcherinfo+xml +# application/whoispp-query +# application/whoispp-response +application/widget wgt +application/winhlp hlp +# application/wita +# application/wordperfect5.1 +application/wsdl+xml wsdl +application/wspolicy+xml wspolicy +application/x-7z-compressed 7z +application/x-abiword abw +application/x-ace-compressed ace +# application/x-amf +application/x-apple-diskimage dmg +application/x-authorware-bin aab x32 u32 vox +application/x-authorware-map aam +application/x-authorware-seg aas +application/x-bcpio bcpio +application/x-bittorrent torrent +application/x-blorb blb blorb +application/x-bzip bz +application/x-bzip2 bz2 boz +application/x-cbr cbr cba cbt cbz cb7 +application/x-cdlink vcd +application/x-cfs-compressed cfs +application/x-chat chat +application/x-chess-pgn pgn +# application/x-compress +application/x-conference nsc +application/x-cpio cpio +application/x-csh csh +application/x-debian-package deb udeb +application/x-dgc-compressed dgc +application/x-director dir dcr dxr cst cct cxt w3d fgd swa +application/x-doom wad +application/x-dtbncx+xml ncx +application/x-dtbook+xml dtb +application/x-dtbresource+xml res +application/x-dvi dvi +application/x-envoy evy +application/x-eva eva +application/x-font-bdf bdf +# application/x-font-dos +# application/x-font-framemaker +application/x-font-ghostscript gsf +# application/x-font-libgrx +application/x-font-linux-psf psf +application/x-font-pcf pcf +application/x-font-snf snf +# application/x-font-speedo +# application/x-font-sunos-news +application/x-font-type1 pfa pfb pfm afm +# application/x-font-vfont +application/x-freearc arc +application/x-futuresplash spl +application/x-gca-compressed gca +application/x-glulx ulx +application/x-gnumeric gnumeric +application/x-gramps-xml gramps +application/x-gtar gtar +# application/x-gzip +application/x-hdf hdf +application/x-install-instructions install +application/x-iso9660-image iso +application/x-java-jnlp-file jnlp +application/x-latex latex +application/x-lzh-compressed lzh lha +application/x-mie mie +application/x-mobipocket-ebook prc mobi +application/x-ms-application application +application/x-ms-shortcut lnk +application/x-ms-wmd wmd +application/x-ms-wmz wmz +application/x-ms-xbap xbap +application/x-msaccess mdb +application/x-msbinder obd +application/x-mscardfile crd +application/x-msclip clp +application/x-msdownload exe dll com bat msi +application/x-msmediaview mvb m13 m14 +application/x-msmetafile wmf wmz emf emz +application/x-msmoney mny +application/x-mspublisher pub +application/x-msschedule scd +application/x-msterminal trm +application/x-mswrite wri +application/x-netcdf nc cdf +application/x-nzb nzb +application/x-pkcs12 p12 pfx +application/x-pkcs7-certificates p7b spc +application/x-pkcs7-certreqresp p7r +application/x-rar-compressed rar +application/x-research-info-systems ris +application/x-sh sh +application/x-shar shar +application/x-shockwave-flash swf +application/x-silverlight-app xap +application/x-sql sql +application/x-stuffit sit +application/x-stuffitx sitx +application/x-subrip srt +application/x-sv4cpio sv4cpio +application/x-sv4crc sv4crc +application/x-t3vm-image t3 +application/x-tads gam +application/x-tar tar +application/x-tcl tcl +application/x-tex tex +application/x-tex-tfm tfm +application/x-texinfo texinfo texi +application/x-tgif obj +application/x-ustar ustar +application/x-wais-source src +# application/x-www-form-urlencoded +application/x-x509-ca-cert der crt +application/x-xfig fig +application/x-xliff+xml xlf +application/x-xpinstall xpi +application/x-xz xz +application/x-zmachine z1 z2 z3 z4 z5 z6 z7 z8 +# application/x400-bp +# application/xacml+xml +application/xaml+xml xaml +# application/xcap-att+xml +# application/xcap-caps+xml +application/xcap-diff+xml xdf +# application/xcap-el+xml +# application/xcap-error+xml +# application/xcap-ns+xml +# application/xcon-conference-info+xml +# application/xcon-conference-info-diff+xml +application/xenc+xml xenc +application/xhtml+xml xhtml xht +# application/xhtml-voice+xml +application/xml xml xsl +application/xml-dtd dtd +# application/xml-external-parsed-entity +# application/xml-patch+xml +# application/xmpp+xml +application/xop+xml xop +application/xproc+xml xpl +application/xslt+xml xslt +application/xspf+xml xspf +application/xv+xml mxml xhvml xvml xvm +application/yang yang +application/yin+xml yin +application/zip zip +# application/zlib +# audio/1d-interleaved-parityfec +# audio/32kadpcm +# audio/3gpp +# audio/3gpp2 +# audio/ac3 +audio/adpcm adp +# audio/amr +# audio/amr-wb +# audio/amr-wb+ +# audio/aptx +# audio/asc +# audio/atrac-advanced-lossless +# audio/atrac-x +# audio/atrac3 +audio/basic au snd +# audio/bv16 +# audio/bv32 +# audio/clearmode +# audio/cn +# audio/dat12 +# audio/dls +# audio/dsr-es201108 +# audio/dsr-es202050 +# audio/dsr-es202211 +# audio/dsr-es202212 +# audio/dv +# audio/dvi4 +# audio/eac3 +# audio/encaprtp +# audio/evrc +# audio/evrc-qcp +# audio/evrc0 +# audio/evrc1 +# audio/evrcb +# audio/evrcb0 +# audio/evrcb1 +# audio/evrcnw +# audio/evrcnw0 +# audio/evrcnw1 +# audio/evrcwb +# audio/evrcwb0 +# audio/evrcwb1 +# audio/evs +# audio/example +# audio/fwdred +# audio/g711-0 +# audio/g719 +# audio/g722 +# audio/g7221 +# audio/g723 +# audio/g726-16 +# audio/g726-24 +# audio/g726-32 +# audio/g726-40 +# audio/g728 +# audio/g729 +# audio/g7291 +# audio/g729d +# audio/g729e +# audio/gsm +# audio/gsm-efr +# audio/gsm-hr-08 +# audio/ilbc +# audio/ip-mr_v2.5 +# audio/isac +# audio/l16 +# audio/l20 +# audio/l24 +# audio/l8 +# audio/lpc +audio/midi mid midi kar rmi +# audio/mobile-xmf +audio/mp4 m4a mp4a +# audio/mp4a-latm +# audio/mpa +# audio/mpa-robust +audio/mpeg mpga mp2 mp2a mp3 m2a m3a +# audio/mpeg4-generic +# audio/musepack +audio/ogg oga ogg spx +# audio/opus +# audio/parityfec +# audio/pcma +# audio/pcma-wb +# audio/pcmu +# audio/pcmu-wb +# audio/prs.sid +# audio/qcelp +# audio/raptorfec +# audio/red +# audio/rtp-enc-aescm128 +# audio/rtp-midi +# audio/rtploopback +# audio/rtx +audio/s3m s3m +audio/silk sil +# audio/smv +# audio/smv-qcp +# audio/smv0 +# audio/sp-midi +# audio/speex +# audio/t140c +# audio/t38 +# audio/telephone-event +# audio/tone +# audio/uemclip +# audio/ulpfec +# audio/vdvi +# audio/vmr-wb +# audio/vnd.3gpp.iufp +# audio/vnd.4sb +# audio/vnd.audiokoz +# audio/vnd.celp +# audio/vnd.cisco.nse +# audio/vnd.cmles.radio-events +# audio/vnd.cns.anp1 +# audio/vnd.cns.inf1 +audio/vnd.dece.audio uva uvva +audio/vnd.digital-winds eol +# audio/vnd.dlna.adts +# audio/vnd.dolby.heaac.1 +# audio/vnd.dolby.heaac.2 +# audio/vnd.dolby.mlp +# audio/vnd.dolby.mps +# audio/vnd.dolby.pl2 +# audio/vnd.dolby.pl2x +# audio/vnd.dolby.pl2z +# audio/vnd.dolby.pulse.1 +audio/vnd.dra dra +audio/vnd.dts dts +audio/vnd.dts.hd dtshd +# audio/vnd.dvb.file +# audio/vnd.everad.plj +# audio/vnd.hns.audio +audio/vnd.lucent.voice lvp +audio/vnd.ms-playready.media.pya pya +# audio/vnd.nokia.mobile-xmf +# audio/vnd.nortel.vbk +audio/vnd.nuera.ecelp4800 ecelp4800 +audio/vnd.nuera.ecelp7470 ecelp7470 +audio/vnd.nuera.ecelp9600 ecelp9600 +# audio/vnd.octel.sbc +# audio/vnd.qcelp +# audio/vnd.rhetorex.32kadpcm +audio/vnd.rip rip +# audio/vnd.sealedmedia.softseal.mpeg +# audio/vnd.vmx.cvsd +# audio/vorbis +# audio/vorbis-config +audio/webm weba +audio/x-aac aac +audio/x-aiff aif aiff aifc +audio/x-caf caf +audio/x-flac flac +audio/x-matroska mka +audio/x-mpegurl m3u +audio/x-ms-wax wax +audio/x-ms-wma wma +audio/x-pn-realaudio ram ra +audio/x-pn-realaudio-plugin rmp +# audio/x-tta +audio/x-wav wav +audio/xm xm +chemical/x-cdx cdx +chemical/x-cif cif +chemical/x-cmdf cmdf +chemical/x-cml cml +chemical/x-csml csml +# chemical/x-pdb +chemical/x-xyz xyz +font/collection ttc +font/otf otf +# font/sfnt +font/ttf ttf +font/woff woff +font/woff2 woff2 +image/bmp bmp +image/cgm cgm +# image/dicom-rle +# image/emf +# image/example +# image/fits +image/g3fax g3 +image/gif gif +image/ief ief +# image/jls +# image/jp2 +image/jpeg jpeg jpg jpe +# image/jpm +# image/jpx +image/ktx ktx +# image/naplps +image/png png +image/prs.btif btif +# image/prs.pti +# image/pwg-raster +image/sgi sgi +image/svg+xml svg svgz +# image/t38 +image/tiff tiff tif +# image/tiff-fx +image/vnd.adobe.photoshop psd +# image/vnd.airzip.accelerator.azv +# image/vnd.cns.inf2 +image/vnd.dece.graphic uvi uvvi uvg uvvg +image/vnd.djvu djvu djv +image/vnd.dvb.subtitle sub +image/vnd.dwg dwg +image/vnd.dxf dxf +image/vnd.fastbidsheet fbs +image/vnd.fpx fpx +image/vnd.fst fst +image/vnd.fujixerox.edmics-mmr mmr +image/vnd.fujixerox.edmics-rlc rlc +# image/vnd.globalgraphics.pgb +# image/vnd.microsoft.icon +# image/vnd.mix +# image/vnd.mozilla.apng +image/vnd.ms-modi mdi +image/vnd.ms-photo wdp +image/vnd.net-fpx npx +# image/vnd.radiance +# image/vnd.sealed.png +# image/vnd.sealedmedia.softseal.gif +# image/vnd.sealedmedia.softseal.jpg +# image/vnd.svf +# image/vnd.tencent.tap +# image/vnd.valve.source.texture +image/vnd.wap.wbmp wbmp +image/vnd.xiff xif +# image/vnd.zbrush.pcx +image/webp webp +# image/wmf +image/x-3ds 3ds +image/x-cmu-raster ras +image/x-cmx cmx +image/x-freehand fh fhc fh4 fh5 fh7 +image/x-icon ico +image/x-mrsid-image sid +image/x-pcx pcx +image/x-pict pic pct +image/x-portable-anymap pnm +image/x-portable-bitmap pbm +image/x-portable-graymap pgm +image/x-portable-pixmap ppm +image/x-rgb rgb +image/x-tga tga +image/x-xbitmap xbm +image/x-xpixmap xpm +image/x-xwindowdump xwd +# message/cpim +# message/delivery-status +# message/disposition-notification +# message/example +# message/external-body +# message/feedback-report +# message/global +# message/global-delivery-status +# message/global-disposition-notification +# message/global-headers +# message/http +# message/imdn+xml +# message/news +# message/partial +message/rfc822 eml mime +# message/s-http +# message/sip +# message/sipfrag +# message/tracking-status +# message/vnd.si.simp +# message/vnd.wfa.wsc +# model/example +# model/gltf+json +model/iges igs iges +model/mesh msh mesh silo +model/vnd.collada+xml dae +model/vnd.dwf dwf +# model/vnd.flatland.3dml +model/vnd.gdl gdl +# model/vnd.gs-gdl +# model/vnd.gs.gdl +model/vnd.gtw gtw +# model/vnd.moml+xml +model/vnd.mts mts +# model/vnd.opengex +# model/vnd.parasolid.transmit.binary +# model/vnd.parasolid.transmit.text +# model/vnd.rosette.annotated-data-model +# model/vnd.valve.source.compiled-map +model/vnd.vtu vtu +model/vrml wrl vrml +model/x3d+binary x3db x3dbz +# model/x3d+fastinfoset +model/x3d+vrml x3dv x3dvz +model/x3d+xml x3d x3dz +# model/x3d-vrml +# multipart/alternative +# multipart/appledouble +# multipart/byteranges +# multipart/digest +# multipart/encrypted +# multipart/example +# multipart/form-data +# multipart/header-set +# multipart/mixed +# multipart/parallel +# multipart/related +# multipart/report +# multipart/signed +# multipart/voice-message +# multipart/x-mixed-replace +# text/1d-interleaved-parityfec +text/cache-manifest appcache +text/calendar ics ifb +text/css css +text/csv csv +# text/csv-schema +# text/directory +# text/dns +# text/ecmascript +# text/encaprtp +# text/enriched +# text/example +# text/fwdred +# text/grammar-ref-list +text/html html htm +# text/javascript +# text/jcr-cnd +# text/markdown +# text/mizar +text/n3 n3 +# text/parameters +# text/parityfec +text/plain txt text conf def list log in +# text/provenance-notation +# text/prs.fallenstein.rst +text/prs.lines.tag dsc +# text/prs.prop.logic +# text/raptorfec +# text/red +# text/rfc822-headers +text/richtext rtx +# text/rtf +# text/rtp-enc-aescm128 +# text/rtploopback +# text/rtx +text/sgml sgml sgm +# text/t140 +text/tab-separated-values tsv +text/troff t tr roff man me ms +text/turtle ttl +# text/ulpfec +text/uri-list uri uris urls +text/vcard vcard +# text/vnd.a +# text/vnd.abc +text/vnd.curl curl +text/vnd.curl.dcurl dcurl +text/vnd.curl.mcurl mcurl +text/vnd.curl.scurl scurl +# text/vnd.debian.copyright +# text/vnd.dmclientscript +text/vnd.dvb.subtitle sub +# text/vnd.esmertec.theme-descriptor +text/vnd.fly fly +text/vnd.fmi.flexstor flx +text/vnd.graphviz gv +text/vnd.in3d.3dml 3dml +text/vnd.in3d.spot spot +# text/vnd.iptc.newsml +# text/vnd.iptc.nitf +# text/vnd.latex-z +# text/vnd.motorola.reflex +# text/vnd.ms-mediapackage +# text/vnd.net2phone.commcenter.command +# text/vnd.radisys.msml-basic-layout +# text/vnd.si.uricatalogue +text/vnd.sun.j2me.app-descriptor jad +# text/vnd.trolltech.linguist +# text/vnd.wap.si +# text/vnd.wap.sl +text/vnd.wap.wml wml +text/vnd.wap.wmlscript wmls +text/x-asm s asm +text/x-c c cc cxx cpp h hh dic +text/x-fortran f for f77 f90 +text/x-java-source java +text/x-nfo nfo +text/x-opml opml +text/x-pascal p pas +text/x-setext etx +text/x-sfv sfv +text/x-uuencode uu +text/x-vcalendar vcs +text/x-vcard vcf +# text/xml +# text/xml-external-parsed-entity +# video/1d-interleaved-parityfec +video/3gpp 3gp +# video/3gpp-tt +video/3gpp2 3g2 +# video/bmpeg +# video/bt656 +# video/celb +# video/dv +# video/encaprtp +# video/example +video/h261 h261 +video/h263 h263 +# video/h263-1998 +# video/h263-2000 +video/h264 h264 +# video/h264-rcdo +# video/h264-svc +# video/h265 +# video/iso.segment +video/jpeg jpgv +# video/jpeg2000 +video/jpm jpm jpgm +video/mj2 mj2 mjp2 +# video/mp1s +# video/mp2p +# video/mp2t +video/mp4 mp4 mp4v mpg4 +# video/mp4v-es +video/mpeg mpeg mpg mpe m1v m2v +# video/mpeg4-generic +# video/mpv +# video/nv +video/ogg ogv +# video/parityfec +# video/pointer +video/quicktime qt mov +# video/raptorfec +# video/raw +# video/rtp-enc-aescm128 +# video/rtploopback +# video/rtx +# video/smpte292m +# video/ulpfec +# video/vc1 +# video/vnd.cctv +video/vnd.dece.hd uvh uvvh +video/vnd.dece.mobile uvm uvvm +# video/vnd.dece.mp4 +video/vnd.dece.pd uvp uvvp +video/vnd.dece.sd uvs uvvs +video/vnd.dece.video uvv uvvv +# video/vnd.directv.mpeg +# video/vnd.directv.mpeg-tts +# video/vnd.dlna.mpeg-tts +video/vnd.dvb.file dvb +video/vnd.fvt fvt +# video/vnd.hns.video +# video/vnd.iptvforum.1dparityfec-1010 +# video/vnd.iptvforum.1dparityfec-2005 +# video/vnd.iptvforum.2dparityfec-1010 +# video/vnd.iptvforum.2dparityfec-2005 +# video/vnd.iptvforum.ttsavc +# video/vnd.iptvforum.ttsmpeg2 +# video/vnd.motorola.video +# video/vnd.motorola.videop +video/vnd.mpegurl mxu m4u +video/vnd.ms-playready.media.pyv pyv +# video/vnd.nokia.interleaved-multimedia +# video/vnd.nokia.videovoip +# video/vnd.objectvideo +# video/vnd.radgamettools.bink +# video/vnd.radgamettools.smacker +# video/vnd.sealed.mpeg1 +# video/vnd.sealed.mpeg4 +# video/vnd.sealed.swf +# video/vnd.sealedmedia.softseal.mov +video/vnd.uvvu.mp4 uvu uvvu +video/vnd.vivo viv +# video/vp8 +video/webm webm +video/x-f4v f4v +video/x-fli fli +video/x-flv flv +video/x-m4v m4v +video/x-matroska mkv mk3d mks +video/x-mng mng +video/x-ms-asf asf asx +video/x-ms-vob vob +video/x-ms-wm wm +video/x-ms-wmv wmv +video/x-ms-wmx wmx +video/x-ms-wvx wvx +video/x-msvideo avi +video/x-sgi-movie movie +video/x-smv smv +x-conference/x-cooltalk ice + diff --git a/configs/apache/vhosts/conntest.nintendowifi.net.conf b/configs/apache/vhosts/conntest.nintendowifi.net.conf new file mode 100644 index 0000000..18a046a --- /dev/null +++ b/configs/apache/vhosts/conntest.nintendowifi.net.conf @@ -0,0 +1,29 @@ + + + ServerName conntest.nintendowifi.net + ServerAlias conntest.nintendowifi.net + ServerAdmin webmaster@localhost + DocumentRoot /var/www/conntest.nintendowifi.net/public + + + AllowOverride None + + + + Options -Indexes + Require all granted + + + # Possible values include: debug, info, notice, warn, error, crit, + # alert, emerg. + LogLevel info + + BrowserMatch "MSIE [2-6]" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + + # MSIE 7 and newer should be able to use keepalive + BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown + + + diff --git a/configs/apache/vhosts/home.disney.go.com.conf b/configs/apache/vhosts/home.disney.go.com.conf new file mode 100644 index 0000000..59457bc --- /dev/null +++ b/configs/apache/vhosts/home.disney.go.com.conf @@ -0,0 +1,40 @@ + + + + SSLEngine on + SSLCipherSuite ALL + SSLCertificateFile /usr/local/apache/certs/home.disney.go.com.crt + SSLCertificateKeyFile /usr/local/apache/certs/home.disney.go.com.key + SSLProtocol +all +SSLv3 + + ServerName home.disney.go.com + ServerAdmin webmaster@localhost + DocumentRoot /var/www/home.disney.go.com/public + + + AllowOverride None + + + + Options Indexes FollowSymLinks MultiViews + AllowOverride All + Require all granted + + + # Possible values include: debug, info, notice, warn, error, crit, + # alert, emerg. + LogLevel debug + + BrowserMatch "MSIE [2-6]" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + + # MSIE 7 and newer should be able to use keepalive + BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown force-response-1.0 + + BrowserMatch ".*" downgrade-1.0 force-response-1.0 + BrowserMatch "~" downgrade-1.0 force-response-1.0 + + + + diff --git a/configs/apache/vhosts/nas.nintendowifi.net.conf b/configs/apache/vhosts/nas.nintendowifi.net.conf new file mode 100644 index 0000000..c40b15e --- /dev/null +++ b/configs/apache/vhosts/nas.nintendowifi.net.conf @@ -0,0 +1,36 @@ + + + + SSLEngine on + SSLCipherSuite ALL + SSLCertificateFile /usr/local/apache/certs/nas.nintendowifi.net.crt + SSLCertificateKeyFile /usr/local/apache/certs/nas.nintendowifi.net.key + SSLProtocol +all +SSLv3 + ServerName nas.nintendowifi.net + ServerAlias nas.nintendowifi.net + ServerAdmin webmaster@localhost + DocumentRoot /var/www/nas.nintendowifi.net/public + + + AllowOverride None + + + + Options Indexes FollowSymLinks MultiViews + AllowOverride All + Require all granted + + + # Possible values include: debug, info, notice, warn, error, crit, + # alert, emerg. + LogLevel info + + BrowserMatch "MSIE [2-6]" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + # MSIE 7 and newer should be able to use keepalive + BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown + + + + diff --git a/configs/bind/db.0 b/configs/bind/db.0 new file mode 100644 index 0000000..4b8d8e3 --- /dev/null +++ b/configs/bind/db.0 @@ -0,0 +1,13 @@ +; +; BIND reverse data file for broadcast zone +; +$TTL 604800 +@ IN SOA localhost. root.localhost. ( + 1 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ) ; Negative Cache TTL +; +@ IN NS localhost. + diff --git a/configs/bind/db.127 b/configs/bind/db.127 new file mode 100644 index 0000000..8893b56 --- /dev/null +++ b/configs/bind/db.127 @@ -0,0 +1,14 @@ +; +; BIND reverse data file for local loopback interface +; +$TTL 604800 +@ IN SOA localhost. root.localhost. ( + 1 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ) ; Negative Cache TTL +; +@ IN NS localhost. +1.0.0 IN PTR localhost. + diff --git a/configs/bind/db.255 b/configs/bind/db.255 new file mode 100644 index 0000000..4b8d8e3 --- /dev/null +++ b/configs/bind/db.255 @@ -0,0 +1,13 @@ +; +; BIND reverse data file for broadcast zone +; +$TTL 604800 +@ IN SOA localhost. root.localhost. ( + 1 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ) ; Negative Cache TTL +; +@ IN NS localhost. + diff --git a/configs/bind/db.empty b/configs/bind/db.empty new file mode 100644 index 0000000..dad3910 --- /dev/null +++ b/configs/bind/db.empty @@ -0,0 +1,15 @@ +; BIND reverse data file for empty rfc1918 zone +; +; DO NOT EDIT THIS FILE - it is used for multiple zones. +; Instead, copy it, edit named.conf, and use that copy. +; +$TTL 86400 +@ IN SOA localhost. root.localhost. ( + 1 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 86400 ) ; Negative Cache TTL +; +@ IN NS localhost. + diff --git a/configs/bind/db.local b/configs/bind/db.local new file mode 100644 index 0000000..12c8ec5 --- /dev/null +++ b/configs/bind/db.local @@ -0,0 +1,15 @@ +; +; BIND data file for local loopback interface +; +$TTL 604800 +@ IN SOA localhost. root.localhost. ( + 2 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ) ; Negative Cache TTL +; +@ IN NS localhost. +@ IN A 127.0.0.1 +@ IN AAAA ::1 + diff --git a/configs/bind/db.root b/configs/bind/db.root new file mode 100644 index 0000000..7e5c16f --- /dev/null +++ b/configs/bind/db.root @@ -0,0 +1,91 @@ +; This file holds the information on root name servers needed to +; initialize cache of Internet domain name servers +; (e.g. reference this file in the "cache . " +; configuration file of BIND domain name servers). +; +; This file is made available by InterNIC +; under anonymous FTP as +; file /domain/named.cache +; on server FTP.INTERNIC.NET +; -OR- RS.INTERNIC.NET +; +; last update: February 17, 2016 +; related version of root zone: 2016021701 +; +; formerly NS.INTERNIC.NET +; +. 3600000 NS A.ROOT-SERVERS.NET. +A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 +; +; FORMERLY NS1.ISI.EDU +; +. 3600000 NS B.ROOT-SERVERS.NET. +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b +; +; FORMERLY C.PSI.NET +; +. 3600000 NS C.ROOT-SERVERS.NET. +C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c +; +; FORMERLY TERP.UMD.EDU +; +. 3600000 NS D.ROOT-SERVERS.NET. +D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d +; +; FORMERLY NS.NASA.GOV +; +. 3600000 NS E.ROOT-SERVERS.NET. +E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 +; +; FORMERLY NS.ISC.ORG +; +. 3600000 NS F.ROOT-SERVERS.NET. +F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f +; +; FORMERLY NS.NIC.DDN.MIL +; +. 3600000 NS G.ROOT-SERVERS.NET. +G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 +; +; FORMERLY AOS.ARL.ARMY.MIL +; +. 3600000 NS H.ROOT-SERVERS.NET. +H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53 +; +; FORMERLY NIC.NORDU.NET +; +. 3600000 NS I.ROOT-SERVERS.NET. +I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 +; +; OPERATED BY VERISIGN, INC. +; +. 3600000 NS J.ROOT-SERVERS.NET. +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 +; +; OPERATED BY RIPE NCC +; +. 3600000 NS K.ROOT-SERVERS.NET. +K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 +; +; OPERATED BY ICANN +; +. 3600000 NS L.ROOT-SERVERS.NET. +L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 +L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 +; +; OPERATED BY WIDE +; +. 3600000 NS M.ROOT-SERVERS.NET. +M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 +; End of file + diff --git a/configs/bind/dgamer.db b/configs/bind/dgamer.db new file mode 100644 index 0000000..c49fc93 --- /dev/null +++ b/configs/bind/dgamer.db @@ -0,0 +1,12 @@ +$TTL 60 +@ IN SOA localhost. root.localhost. ( + 2015112501 ; serial + 1h ; refresh + 30m ; retry + 1w ; expiry + 30m) ; minimum + IN NS localhost. + +conntest.nintendowifi.net A HOST_IP +nas.nintendowifi.net A HOST_IP +home.disney.go.com A HOST_IP diff --git a/configs/bind/named.conf b/configs/bind/named.conf new file mode 100644 index 0000000..ed6ece8 --- /dev/null +++ b/configs/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/configs/bind/named.conf.default-zones b/configs/bind/named.conf.default-zones new file mode 100644 index 0000000..1608bf9 --- /dev/null +++ b/configs/bind/named.conf.default-zones @@ -0,0 +1,29 @@ +// prime the server with knowledge of the root servers +zone "." { + type hint; + file "/etc/bind/db.root"; +}; + +// be authoritative for the localhost forward and reverse zones, and for +// broadcast zones as per RFC 1912 + +zone "localhost" { + type master; + file "/etc/bind/db.local"; +}; + +zone "127.in-addr.arpa" { + type master; + file "/etc/bind/db.127"; +}; + +zone "0.in-addr.arpa" { + type master; + file "/etc/bind/db.0"; +}; + +zone "255.in-addr.arpa" { + type master; + file "/etc/bind/db.255"; +}; + diff --git a/configs/bind/named.conf.local b/configs/bind/named.conf.local new file mode 100644 index 0000000..b373f29 --- /dev/null +++ b/configs/bind/named.conf.local @@ -0,0 +1,12 @@ +// +// Do any local configuration here +// + +// Consider adding the 1918 zones here, if they are not used in your +// organization +//include "/etc/bind/zones.rfc1918"; + +zone "dgamer" { + type master; + file "/etc/bind/dgamer.db"; +}; diff --git a/configs/bind/named.conf.options b/configs/bind/named.conf.options new file mode 100644 index 0000000..aaa22fa --- /dev/null +++ b/configs/bind/named.conf.options @@ -0,0 +1,31 @@ + +options { + directory "/var/cache/bind"; + + // If there is a firewall between you and nameservers you want + // to talk to, you may need to fix the firewall to allow multiple + // ports to talk. See http://www.kb.cert.org/vuls/id/800113 + + // If your ISP provided one or more IP addresses for stable + // nameservers, you probably want to use them as forwarders. + // Uncomment the following block, and insert the addresses replacing + // the all-0's placeholder. + + // forwarders { + // 0.0.0.0; + // }; + + //======================================================================== + // If BIND logs error messages about the root key being expired, + // you will need to update your keys. See https://www.isc.org/bind-keys + //======================================================================== + dnssec-validation no; + + allow-query { any; }; + auth-nxdomain no; # conform to RFC1035 + //listen-on-v6 { any; }; + response-policy { zone "dgamer"; }; +}; + +acl recurseallow { 127.0.0.1; 192.168.0.0/24; 172.16.0.0/16; 10.0.0.0/8; }; + diff --git a/configs/bind/zones.rfc1918 b/configs/bind/zones.rfc1918 new file mode 100644 index 0000000..fc08364 --- /dev/null +++ b/configs/bind/zones.rfc1918 @@ -0,0 +1,21 @@ +zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; + +zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; + +zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; + diff --git a/dgamer-logo.png b/dgamer-logo.png new file mode 100644 index 0000000000000000000000000000000000000000..c3aadf6a1df2259cfe4569038efa1c6e969a6d5e GIT binary patch literal 37250 zcmV*IKxe;+P)EX>4Tx04R}tkv&MmKp2MKwn|kh4lN?$5TQC*5EXIMDionYs1;guFuC*(nlvOS zE{=k0!NH%!s)LKOt`4q(Aov5~=H{g6A|-y86k5c1$8itueecWNcYwcMW~$jS4yc-C zq!Mu_Vdh$kxtDMM~H<&8_R9XiiS!&MI2RBjq?2& zmle)ioYiubHSft^7|LlY%Uq{5gaj6`1Q7ycR8c}17Gkt(q?kz2dECQ4==eo)$>b`5 zkz)ZBsE`~#_#gc4t(l*kaFarDp!3DHKSqGyF3_mi_V=-EH%@@SGjOG~{FOQ|^GSNG zrA3c`zHQ**x~0i`z~v4w@T5zIy{D4^000SaNLh0L z01FcU01FcV0GgZ_00007bV*G`2jvL~79ktt6b`2V03ZNKL_t(|+U&h|yk%8+|NmZV z?RL(&ZF*-01O^6B1f&Rp(iE|wAu8%uQNIZWOTI}I(=1Vws4*(W*kbGkqY@jShzK?i zlqL)?Lz&9VFmva&Q+8S9_s80&-MQ1$e1BifUA#6kbMGl@uf5i1JX zN66uv#Th?7LP&&?o!?F$A0Y&@ZMMy}|5+{A-wTuj>Do~2|8!E|kR|9Sq>#PH!|w}} z2x&b?s_s2m*MD~ohjRw$zzKnKt^>MKsuFZ(!F9IHw%K+7z$?3EFT#S87AL?8TSBlZ z!B=)5S-7@E_xmzDl8!+trf(`1X&rfyQjKE}kfkjGrI1P?WYA{^&$ih%+h$wGsGEsu zX#YsKwxR3L5{#6XE*=B0V^@ZE$Ytk!zYkP{rvR+qb+D)sau>|6bl_B!JD15)l(Qsp z*c}+D_6oeSRKskWZL`4ZW&(uvzpc&*qJ$}+uHnvmH}l;aZsxvw*VAkkjEzrVe{ZqF zqVpC}q)<_aloBaJ7B5=FDW{*pnWsF3V-6i+FoXoqX|o4>We@nyw%In@X4`&%xBaI@ z5=a<#aNW&!@R=`O%`LyY7vmJ7fM&Bnk|e*kz$>w+z>?=V7J&*QR2b7rb5tBLe|U%s z&pDmfUh+cLteQiFBas$?^)!r_1>V^<+h*H7fVZt;kgf~7g^=vl@a_+OmaD&g13Sm+ zUcq2AOXm)-=Ezknm^V_oPe(=*f7$2`AMZhtu z598vCF65lkPh!c!K?bUA)x%7%{<}Xw&VV&g08YX7U79=YxsR*Abqznb=_k|%=W@@z z>v;FZM`*QL{OM~hA`}Yc99_b9w#~NLHrsljQM*!nimV%3UO9Y8ysS?Ugsyb{*n)U z@{4TUInLnl0OSqcamDMo^u^~;F@}f&f~X8W?)~#;+iaU{|HFW{Fve32(&7M#q(JiN z|G0+te&n-^HYEdtgS_bcr*ZLf&n0v@L8!>BrPa!bgxtHu`#TQ4LJEYCJ|V(7q*4?` zL9JFr2+3F@XZ_YOuKd`)v*qzovQ~p9tX#mCKm8$|xMGL|15)jC1ZIJEw#~Nxfxv4_ z;j927B&O8ljyBJMVpjFd1U;NR{)S{!{`f*tlUMLqkK@R8!zUs7{*jz7gzqn{u$m1Fuw) zIEpbwQxqC#p?8h(q$eKDIcGnO@BQE=2Ief_dpF$7?Js&RXCA)-$86r(Y@2PfZ7;wp zN`x>1uD|hTv@*fKV9fdFo`V#Q(cPms88VgTq^%qkR{g&*H?JN3eVfg5kWh0~5-K|DLhX4`E0f5CkEf6B)Ux-PE; zBzXq+Klm`!>L5v2VbRjXY}&k;IIbY2q$mt=rAj{TrDamd1H9qi%@&3spgTOTa}L{) zK3k$VAU6ethGUL9mRo*#FNJYD^zcTsg;37Y3A1gs&9-U4>!d=I;3$D@kBzZw#|~_f zuw>;b8qES!ghi1x3zU%9LXa00>8#gT9q?}RyVn}63|$mB=Lo{E?{`jsX-pxMLMY4P zB}+g(fOVG58#keIkjZaDi0>|GnFfCE;lrTY3rVw@kboXnOko#;JFd z4`zIR)9*dd=igSw$o<^^-uk=0ejMoQ4)*=O&gcHNQ|euhv~&8$9sGPhxZm&1(hk}` zl+J>H&D$O$N^0zGG#MNoLL)G_WnyBIO0|Nsg3-}2!XQMH)wuRKZThGN$+Y5L`;el| zJPG$$-cHU;X*gMC)Ex-u?;SLPK#>*&);TIlp|$BBz(A3u1w%tM!XQG)5P_kY<)k?b zC;YcHD`w`8md;{@ENeWA z8DQIX{%>4?)0RL5U@bxf<+%3Ld=@>>(-{}vNB_C9XVqBfRo%EAD_x2`e(c&~EF8*~ z%1>@rk1FS**b@fZ{qU*d;s6-NQaRJE^Wpri>dInGPPErhe}DI80e8otXK_QP zen_{XpgTwlZu;x&3_F+Yf4=1y^?tM{Gi05!$WEV1kd~qcd}%xI{!pWh5?*!3hZ zwKvLk(Jv!q-@FyBf1Emduj|?7L|MN^*zSB6{xxln&TrDLQ%ZMldh2k9o9Iqw1pCYk~m@gybT4$Sqhzz7fqB9IGvN{1=d=B;XCF81W^Lc|6Sr017I;F zz7@tHghGWO&N);Vfw52!T)msNZhxns8l*vu*9l4g|EVMGYcEArXPVqOdrOwFsvXLJ*Xbp&d~5om736 zw3?ygPIOmt7bXw99z}cccmST+Vs;pWkOZOf5GO)EM;zcZvIMd|i&MCATx@r-btb%> zwvc4s{j`BWcD9=CO7&jguNRbQTf$u+6zt77Zo9(H8Lt%D%h*{V5#`1uaOJaWga5Qm zNT{9-qVLQ4YODMvHmIGp;Yeru#P zinO383gS4%7MZtq6pTH#kx=q~ka9tfoyaX8}`!hwB!f7pm`j6af;6!I5eRg3?No3Wq{E zi*dGVK?qR-sw>yAz?Es^(-)={5?2nUkgnfing$paa3y#-=MY%GaD+hh0#grgyY>PT zV4U;M9f6YyB|r(~=RmLZT3VzC-DBBG97&%EyVAuKGgOoEmZ0gIV|_0ZZBPT{bWgXXpYzs~7P7+$i4y`- zzQ<5njzaf%2d>jM>3TPtvdZ=WPFjoTGb-BSqJ-y{ zo!RM{cjX{-lm{-jzA^2r5w{=i8h?V0pnbKyWYOL9oaoGVr0l#?2oSdIg}9D2+o4U7 zoj|*6uY=M8H$Ce|9+1Urtp^(^vDT928OmA;ZO98v7$vmw3{$j-q-McLl_L*Z$(q$i zvSh)07B3tjR1gJzAmwxeq<3LD$O;&nFzg)N#rRa6ox8@_wqqxcZrn^W%^BY{hE)nF z0}vjRixL2wkR5}>l<6OZvnXd#)@S4CKH!xzTD<$pyz@Y6XLP-s^c=Uf8fUzdUzh@6 zG};sx^V_g0{={%7m-GNvf65&jbwPJmtC4ACOujB535`Skp0x+D4Y2pQ_{G7y%O*)KkM`qeY{YVI5>zQ>(9A?wt1sodlt<2#WGnoe26YSVgPX z$@{e^%f20GS*&2X(eA7x%QE6>4H+mhU0_-*j8i0W%w%&Coldb}Zk1D>{6wCA&gl%- zBC286YZb0M6319#rDm|leOy}VZ)YftbcS9 zkByGen4Cg}6;v|lCy|08FECh$6h?cCQwE?^NUrmqUA+tjIu0CoW&Z>2&Cs*uLr^L} zh@57t)%if_EO~x#ME*=JsO>ED(zJNX9>?6Mv;?HwYj8n!tfF>MrSu$}KpTTo0ZJ*d()wu?aM#+0`PprE zamPLP@z~>|L`jvMqq`~cjKONc(uMOleAP;hJNigYKIsIWuwsZyj(KVi|H7Hjg@x~f5q7Z`IfK`I^8+LQoJ@<0wy=z(b&<3_{-^J+II8miaE6vf? z5=Q~Gq{5;F^H{oU2`8U)0w*1JG{>)ANaP?c!B`tZq7+zzu^J`geHu*`jXEg0mLzda~=e(L+S$O46amP92mDN_jIV_G!C*SQ_l&= zogt26q%CMRQ*OWe0Roe;dO^fDzxWB3jT{UMIs@<`JhyA}&i9L`g3p_ST~lz)^*3?N zcW>Z<^&1$ir%Yv<%FrC|j!H+7wvfV+L;-o)BE+y{(LxSixrD!b!)rNV^$H@O$XbMz z3LCeL@zKwHmG9i}BR1@K97{lwB)B}~#A8?U);IhSXFug=lr@C=$%!`QPOQrQ8)H#n zg%&WG!RBq_eCyilx$gTn^3aB@ z{Q2u%!^#B#5}0Z>s8ws+xo#uxzw+O?`IcW&&mB$%)T&jAR-L0(E#>k{U&70u|BQ~6 z>8%tE6jA|geyd9=xu|8^BO{`ht_Zr(~#t)Yz}Yt}jZutPcfsVDN+Z+JBeYM`}4 zSci%vTXr?M>YLZ`o$vpI2R3b^RalI*C@B#_lIJ->2%;!L34;`lBUi5A+%rz$q6^O9 z=qJo423pM~Vd76b32jy~Iw6^bmQ!rlKFK$(xq*AvJ;Lq3yp!>%I)#PhKM*B?w8-iJ5w z=`UQx`bRgh{-H-e1ylz{D2(TVRTz`zx)bmXl^{)1tS$%w#Xu7Alr@L(+-IK6`RAO) zydmi~S_jJbaqAwjHM6Dby(o*e4kbgTa`@C2zs2YO^IL4%z7wG&_4*Xa&>-`MYMgW0 zN&L~v|A5nuT241oBzSnV#n--b17G{*_gTB{VX{`nyafxWH|st?s07Ow%;U04FX7_n zoXe6Sg)})zMF$4FU%PoNue;)1q_WE3@CZj9wvr@@aaK^YrWg(lFMa-bJm=geGa&tY zCZ=FwDy5#~j7>JlwV{<4WJOM(0tB`bs2CXs%MtCGQ}H1A#4t?*{J!D<6R zMCQ6~o&m<|@aV=(+@={I`<2^VesB~2@PQ9AHr1q+ z6-3n`oRGA#0-*w&6og@j$uq3g9WLBChp-0aG(%GJ);Cs-=@Uc&RhN)J8wlFex0l9S;2f4NcK}ZlNoY7cY5J-h}nlw#uMw0}B)yo!g#h<>8 zbIv*j0sP{gM|sctKFp8qSjWKJC5SM>3Lk?mvKF>E&Wd?8{_Hg`;Z-lWkVN?TCtZef zj$D8i3G26y^M$Wp!^c1U6|AZf#+j-xW z|H{UlQ`B=oZFq#V&^}NsB}xSpx-h53*RpQY4hj^3QV122Bvpix7=!m*1AlT#mNrqskxoq# zhXIEyU&=YBJ((;1_zzh&zvk~f&xxXF8t}S4A*b9!eh96?5D7~Zgp6tU(a-PW%is9{ zS6}-BPytRzq?Bd<5{%YZ=TJ(53{gtrtm|w}nKl^X>#<6!$(vI=>BuK=`D#leYO_z{VYb;tgmw9vM5QZVTF~PBiE#)0=ekF@z_|`Sw z<<>jbv1=k@cOxUUim6tCl_5w~>U>Qp1G7FrARKWVQme#NqmX3_Mp(9Z0Y@BmD9abm zXVucVR6=jQI|qdZ75dH>g%5qip$EeP*tRRod2e;nF`pu8iG7?1S-A~~|er**% zcLzUkovRf6WiO`#uNICl2&j*b@z`TK7@KMmx|E|9#(d-RA7#bdknjLOb`K7@q#8WI zZ!sdkNx1vbQ9k~~tNHX7zs}&iMOY+BwML#7G#V}9O43Pd7D99aVbkS16uB>5*_z@{ zUi&I8dC3d-=*K?C$3F8VhL;_IOR6+m6R0pG&Ao(XBo5iVbrVlN`B?ttAK%6iOA^9T z>ejzW*^+yA-9U~|r{!%motu49M2%!j~ggncTs&_oRLM8~q z(sC3iXDKFkGjA~AiobXhYt|gaJKpmiet6^0Saig3j5TtQf~ZoXJ~c@kM+{dY9^bHz zQ;$E2kG}WqtT|+e1c$Sk=f_1z3&po@x`Wre{t5<07Ga1GK?0&o9XA?le9&1>jdAHK zF5yj=zl^VZEmF&^T>@c3AZPkiPo zzVhwwvt@Ua!Fh|xb%6|nj^^JM8f^@r5(FwBFLI(VLI^=&EZSMG43fedds)Vu;UOk> z??e@KE;#E{{^Czw%Lzv>LK;YdX$p!y;?%2d9D)|`<2%-K*`L3iZM$;@7aT$((;zg~ zX|mi1WYa{c#j(9KJiRYTm0e6l@5)joYY7gr+kyxD3 zRN|23%a^lj*Djj5VX9RSRAP+QWynDy9E2Eb(IN>9@A=C&@tO-yMmRHrH_-|2&}`O8 zs>4iZ`1t4kiz`3*d77p|G%)0?K{3sxb*iLz>>gF`rjMI62CEB(h6k8Ge-0ZrZb4f- zck5K=Iki7u=l)<);R^ohjj!cTUw$@KEY7B6g+|3g?9%Yk*ZnQOSo;VvNU-e~v?~vE z6{ahXbB0P3vUKqhcJACsE6+TD*tX(CbOTrWaMq>kJ`WFbn#iSm8Nl^7 z-N`@y%cr>KfrkldBZ#1a5ka3tgj;{Pmf^We$#YF*XqfS4({t3Ky8(-i z06=0pfk{~^JX{wx1t_I3#t?=vCTo(8?c|ulm+_X@y^0r{e;R`dOi_RcXyqA|YK%l9 z%Fne%k%@?0!5jYSBV2#;ZKO^i!wU6gN~Ic;6*(XYqX6kVwKY%)S$W6`9)9>?tdJNH zc*Ccy>cJo#NZH*mDpAbj#25pC<-C)Q=CdDpCj)9`;8kyb+uPpJj&N!rxo^WRzJ2}8 zSSm;rqqW}+3=*vi0wEE$LY6reEnCWxmGfzs0Uq46lZnjH(x6M{+DmZ+xB%~v`b!&u zwh|*EL^z0*2?YVUg$<8A&ic*U`1xIHx#7n@sIA7->^$z4EHsbZboLkTPPxR~*Br9j^bNp7KVg2#7HkXws!hB)#TnrQ1O zU8xz6k~C{Ecg`T^KkWn`_z}}B-nQbSAdCmt)iiwM-@eR8Kl>GOs;J5^ll2xVRD0gH z=#}E_Dd_LLj024z)0W%_nwdt0C9g01{mW9cR_ZhmQqpMVESNXMGtWGUiu3?#ouH5r z4{aIei~n^UqmwBzhCCqbeodL=*`i#7%&1lC#x28T#nO`4OtdC~J zq^%Z(*6i9nhBbbo22q5u1|b3@3iTVFGVG7d49E?9{f66l$NN6Qu4X}22x`?Dd7k_1 zz+Y1@+_qwZAS5qxChB#x^;8fTv~6dpS=vmlaE>4dXigQ}ap&E%a)_iu2ECp{JDow% zvX;WZC%*JweBhH`q>wfL=nUcj03ZNKL_t)dYD@@J1}Ye%J;yc;oVrr&eM{Cv0F_EY zyF0ds`kVP*FFeO*k@jWrb+Z!(Dz&y?jsp0}UF-SF_k5VU);>x! zG?!MP85kZUZ!|E*VU6;eN=H}f6Bv|IrEa{3#Bg-A&Q5}`WUVG~C7}`pXk(}sIn|*# z+_P>2|9Iu65Gv%77oLMKPzmS+OubC33#vPI>}12{O+M>2P#EXuTrc%wt*3;-FhFZV zV`_@HTHUKB3=jo=gH0+4%`~TxX{tkWsJC{r>9HNGoVV=2GS~KefL{BC3&;y7v_qoF zs};t!P9Q@`r8?kg1_Rc%Ri$2{WSv7=*E13O2^k@L3UQhjXln`L$Y(AEF;Z5@og%Cx zJf5a(yW>G_y7dkYU%rrMpLHtFIQ?V}SzIGhibxG$O@qK{l+zrxAmNa+j^Ig0AI4X{ zc|AAYdMBGk$DlUc*}+`7%eC*>%rFMibAKAm21T0DXf{c+3}-dS5M+QhKD(}6INkh) zwSk-fLdhM!+RBGM@p(3nH5r<}7?b7*AyH+If0I+54UQy^a8h6`gh@;oMPyk?nO-$FDppGtLvEGx)zgLY7< zCKSeRolf>DW&4r9cGjHqsnM>Rite1FS#J>6hKN?6!!znt|0NbHRi8BVL6l0SU>>i&$#X|%^K&#cl;E*CfNwiDH@Z+K|oO$bYaM~>F{#KwH+0ISs`iV1rzlKqhsSdzH`*ec8o=a3KhqwAV4UI zPzOhvh82=ZZHPvzV6xsK3RE|X%vrFWDsaH9zuLkF zKk)_XMZnPfrRa8hX%&5!)a&+g3Epfd4b7ZjRYw+*24ulMlL0IygUbrtx z@xCeh?1lW2w9te}g~@t@ojXVUdz^P}LkSZTQ)L;{{f9-R@+XpL<2gm64S@>0>`zFd zFv4g;AHVVp7#*9S(QK4_s3FTUvO+V}$SI5$e77%cP0!`Z%m3Y!roO?Uoux3^r!tEW12l6( zAtEx7kg6&THN<~@@2C9f+ds%(z5h$xx_&1`R3%jjxz-HN8AhS02*;C;SipPUaw%_p z!=)^$DjwhT5Q*^ClCQB4AZ37({(}&f5vwc4xf*gCAqZXi8igp}gD^xXg_H`Z1WKuW zB(O+-2~j3&%wQSzQd#AoE2R*nOv#mA2tZiMrK~YzS%x)TI!q8y7)a9;om;XjJLuetPS!KH7U*+qA0*Q zM=LK#YJnXF-5kolR-E7?KD~D zv)F`+iIb4LXp*OO^0ZDI$9_R6Nwrc1sVMaHtnR%87i7`VncA}UL9Puhta?|+76_+3 zw=D#@PzVtc3@%}ZF8I%z?&g|X@8-GZoW{$Ze;!9H89-$|%S8dAFwBb;FTdb;j$XBb zuU&T|U;M`P3@v>^nS$&kTa9`HZ8W;j-g?OMX~!Fho>bz!b8EfP+k@d-t+OR4Nq%_FHxPhkSr~Tl_bp#u~JOdCm0$Y#^t6HWt|R^?Mc&DB}~cA#=s1<3)-8y|Gn$u z-%JVU&UsF^C=9tSJRPGoQi(n((lyt8pCAAHE{2yL#`we(QfA0D$o3SV@x@1Mp99+Y zm)6sOc;;G|w!Mi=+YE(trR7rEY~?~jlys0bWi17T^syPV)=1?o>-}y<(=132<~|sk zBnguf6U0e^bDBI&snlu*#s4;%O;5c=2~tTWCnu>?YpBH2L85KhTIW5Mpj*k!%h#qq zVAFZ_&UrP9H5R2JqGXUe?thR69@)t7Q7chJN|?lb7HLhVO z-fB`5hI#Ym(P*`3PEJxC8Y0UJsm{-5h7p+!0o;T*~rA3s|yf5u;;c>>i)u z(M^xBar-VN(}K$I2tz}IeItyNTt)_D*H0UOx z$Z2Icfr>mB35mh)LauZ(J#`c#2Nsfvg8#VYN8I$2+qn3`vw8VN=P?|@u!K-5oGyq6 zIBm^57R`SFixH@OdQW(!S_X@Cuko~D=_P@8NyTup4X%z6E-@KOHjTWKI z7^qZ9TTMb0(M+2R3=WbNc{lUVsUGQ&r!SO*ywT{?A(ak95P6qe1_&8+5>uuZAaQ;6 z!VKK7wL~%?iK{puH<~04Kx?cF*u1OBm#_W~Dy}j*HcoADkY=-q3_Xzg2)9Mpa)C%y z)){c608k^HB}>!3l9ORl#fh#f*%ttE0Ya4Sp|##ZF0-OM`1(?r?EqNVn=ByP8&fyn zXb;#MP~~_TC^F)}F{c)?c;O(cPJJTIId*K{!N!f7m})g4j5`$EelsbBLL2R~v`{1i zLs)IFX$zrK7K{wBYWXr2FPx7Mf(@It@bIG>Xyq1UrNhy>zBo&Fey5Eo3ZoH3v}{3G z8Q_OMy`7VeUP+uJ(~My|f*dpz*a78*rHSR0}+ zKGG7ZkWLvx(N=>f>dl-$CVb{gU*{R8{&i=$N^F_HqdFi7<=ha{3$FV^ZH=)d{a~j_ zF=a=d*p}%@XE8-iHI!(RGp|W38_j3 zGQqOpkT<;I860xR3jX@t|IFCV29=RTC>4=wO%ON=t#Phj0zFOp(Z3_Qo+3O4SbDOz z)EwYtIKVH~ZRe_MZ)RX*9)(b(c?MFDV^Cp0VY>QSA25=rKw*j&0|N;=cWfmI1*=yq zWA&;-Sh8>~SjWb#+gbPMRDxE4Zu=CfIzWO%>x?K;xH84lIgKJ92>b?`6Jo3;2%u<961gVT z2v#f^=7?3Rm^U=YWTVd3?Yp`AfrrrHAj#0YQfkzsRvV@Mr;g4&#gR0jr`oSZ~SU!6`$uTXJTB7%TwSRqYwl#qnU z2>0Co2tt?!tjYp4+c$Hk*BvM!U`^A_OE^vq4ZaIq$R+c-ae2nz`Xm-ufOcIO9bA_a!gjq}7W7MW{4`fd}g6opm^e zuli@+{I?(Amb)H6R^}2{s-$^F5Jt31!A=iKbQg8E;I$tR-v_VXhMh-b#Z0PJ&t)c2>?L?<9YM~{jhi^}q$l#Si(kO=o^d8~5*Q5p!YnL2`dEvv zUwac@_}Vwv^7wYN3K^U;pL#Rx2C`=i1^B48FDK|Hy>PZ;9a{t%$K!R)O}E|Uv$qnt zR}LD7uR3R-H9pSJ!UZ%YcMy?t`Uyw#s+YWoQ%-miBLj+RSx#`g4!7R9me2p!ce(bu z>!CKxoCV96m`q8Ms;}8wRuG-8ah}P=@9Jz_e~$kF9?~kT!xR~TlC&BVyy~SdTQdZ5ymG3^$L>H*%ax$Swd=>ZHSWnb!N``^}ynUH9|QM>7p-A-Vp ztVy6exT(<-1zT-XIYo6nrW5NX3hTzNJ zxs}`QdXUR6eKD_i!KuWAr886K*Ujc+41P5$EbmvYIAp3U;%5Y^FNIAUO6K=8b$ ztzq@b#hh{ck^KFKKgHN%8&Q=xL`emm7f2E8SO438fZDB z)|O=&d(}7X!wVorAPgM4YJ|&P_6MxJXDu6d)v=~UVFW?c^~59!7s#@PheN1<>%M;@ zZ+h)3SUErTsol;$*S5USIbRvLQ@p%Wms;+{la0vo1|r?fU@Up+3CHrB^Pj;p&pDI% z!``xOpYfti3uk;SYoU^IZOoiNBlo7`-BZxs{{d2ngNlgv26uWdZ*lksugYR7a|dG9 z9CiqS^EY|vKJ@N4asHXdlZcd%gFO#!Zwve2lNug)=uy^h*igFf z?9(DL?R@bfr8%*Sr$6;6y!DNjaoiybsG1foYXKT5HPU71w1G4^LjfFf_y})#;~#PA z@oQ*~j}ir{M+I>3{dWkO7H+xiE+(d?I@wrz1pUg(lvSgwwS-b5^E$78@{xV**W=nfKRc;X>*dCiNT!{wL0l-T7AgvwW8bKUQ;?zegV$ILBlHHekK zrBj^uw3B)A>Lmzcz-m+wBBde@1B4P-ouiCn^`Ucl`qQ3DYiep*;C8w|Mo@`ju$oW_ zvb0H}EEk>sbVd>nwx;l|aG^COPl@9Yn>CSn!Sl{~5=$1&^;&Z*N_kqR*Kldi)lMd$ zG1TiVnhmcJ)48_b|HKpBYEcz%?inZY$q&4nFMRCny!M4>vSa{a3rQ)%m99WqLmUPKQPjoC zy?9QtKQpCECm;n;9PdSrwC8oOuj?u&ROfdJL8v58IAj@zEUF=GLFgP$ST={@S`5aZ zdj1Q9Ki4fx5`r)QqdRUsfHs;&)})Yjw@t5Ob}FXE@eo< z!YcgTTQ1{_6OJIVO``IQx9N*P3gK~b-X^r3tZwFT2PQK`l>$98hzGfw0G{P86W2arxo5g1>8 z*aN6U1py;-=J@Zjmf;Bg&t)&+oYPOjW_5JhAdp^JpbPCmYyYM|pXJp*Irq=gJL?FQ zWT+By?inW&1FmRq)^uGV>NcaU(~J!^fD&%(@LV|I^Z>Ydxp`l38I z)d`|0r-}3wm%r){c+VAY;Y&Ui@Ma-YG)ZA-_6|N3a@#^OPG^D1k4#8B#uLZ zG6>S<(Ot(iwJ7Jg>z7~rJkTkktc@JUF`@GA<*(I=+j`0$$hZQbtocEYe_TF8#NcBNi>P|icwJn1w;`M!2u~lX9lLvso%28 zTI>F?_P3om=gfe5pZk06Z}aSj2hKU)viI7b^(pUi&(?<#VN721_!p~qMPWm9-ZL+y z?fl%rDMcc{X-yk2QemVbQ;JMQB&tMHgtSn!Wk3q7T)Uj5%T`jaRtdupXKkN@_<`{% zstt4R0}s)0J?e<=bONoNlT5fGNt%C4&Uxlpr|`-bT+Xp;tLPj8=L(A`SNN*2U~pfo zn$e=8(IDm@26egTeP6D?n|G)D9p_sQ^P0bhv5-)RbUoas6%ywJOINP-1XUH1qYw&) zM#kXrSq~v|5^Zf^Z79gBEq-5iOK{a0_qg1{!tj|v?le}{x#zJ-UjIjb#y|bddpUab z5V_0A(4Lc&fER3Q*_dz}N`gA{5})?o6C;Zn>Cp7Shjy8Uj_IXtC< z2HZLK^^t8)GSkXPLPHpruvt2%WCv~6{8EQgXcf_JOtWJBa#k#>7Zd|qSpO6Wf`DB3 z26|XruT`s-Gc+M=1g6L&jnM4c zH^rX)3F}8Atm(MKC{K*g9)>8%k#sa07UYbpu~?FqUNJMX`z z4yaxiJ9Iyw*v^wt6(UdFfIBzH|8f~|G1MsfJkt5T%(7)m34l;(4^BpTvGF|j6J9A% zg>j+|0u7de@%4G}|doKoG`Qn=N`H zg%l*yGaPyRMvggbsrN%G?1POHNY~NhmCVIONC$zEv<#em`bjJquCrq*U3}Pckh{6{ z!AD6lOJXyWQ$%9!_Z);OCP@qOgl9hEY^tIEOj>)mlU9m3-oJCOuMTAeOKNcLnWu8| zPq$D~qi7u>WsGwMgE%N8?3X#REJsSk*yz|`#wJX`0e(w!MzUXjBZ-eBigXFkhu(=z8F1@2a~M)$+z8 z))RKGrCwm&i$1QL<4|0XyYFh|5Bgme%mF>xV)yJHvi0{@opdM0GD~*XXL8VM9Pl?MV%0qQj7$6JXgl_X* z1|Y+(D2@s>DF#s~6q#XRZzzdyr9+^ ztb2bJt*PthbRCz zBW0+SG$u>B_j$gOSBnVgG+8@EIw;3sH)E1mzupG^u>*3Tr6{CcsbaDWDI9_IRf1RX zGKZ9zNiBGI+cp}l1ffB7t?TU^WQfHIiy`;A5?Cs=Dk2C7%N1l8`t??>VS@+}RS8N} z!g8IsR3$1`(UI3?2uo#j7!g(L5Cr7X79Ym-Rk8+a98M~nu%xEN$WV>h=}D3#V?K=< zWAmP#vXEW+e0N6EnGa<->(;DdxEiA<&=8#qryRQQTI&c16vak&UHellI6sg)r3Crl zWv3JZrDSjDRD4h?dO{`Mt8N&=-qX=%=u{L%g@#E#Mcf@=kkbit1thcI=WVeKz^OS^lW7QDx+107F-Pb7EJYf8?oyeH~1DrB@DXP+LCwI@1ait z7L1jm$5|doz=}SaR^3x7)s5yt2rngA1Tvw#;#B8E1t_g?!ta7e;hk}dY)dTxd43((_2JJxP2~vkl&t_`vlSl*@_B6?RQb^O-MS%MZ3}qh-BSwGskpEhil{!t*aZ3(_Xa zb%qnNH+U=_3@Jrd>BvcO$QxNNQ2W9yNxb)$lycGL{M@Z`e0=<=C2L}k!*1~d%t5N8 zJ*3wWT{H_c8cnRRg(k$I?Lt~AMuvwMB%Jimg9oy^K2k}oR`VEhS!}Kg;4}Y^9fz1z zAM6_0gATamz{b>neI$58&0+(0&OPPys*pxuW@e@Ir)-H(Rda8$BEI=HPorr_?cKcPYobV2>6azGgpF}H{6S&m#oRS1B6mcnLcsyY3 zXr1v|ShyNE(yUFb8uN-5Ucp)Co)MqM{K8~C!6OfGLQ#-a9gbwfz~`dAceqKN81eA z_BiJbj?*sCCI0XacakLC7KL962hXgMBK+xvCySF*13T%?)k z@Y#hx>A=H_`u`vZ`pPMJz(pT~YDgp+9cYrYMI=GECgd&ZWyQ+zAx=N;bT+JA#k#`} zHO{5q@~ft^Dln``NmE zKf5O;iR+^Tr5cTf#cD~ZRAzQ|3N$oQLsTE*dq2LDuYBu9-uxRE_(`Y$X<95FF7cZ$ zel~Z175L;)EJj9QsP3IrAR3~fZiTR zi#_<~@GcD{>9d142x)g{j#98tr7k_xySr{|9||T2^dV@^sv^TM1m%dCnHj{=s82$w z%j8+SdJw+1){$_uuG3?&{w191q9FPfCM?82WU*o30-5aso6@2`ANaivslojc1KI_K ze|g@8Qpt`G0S9V?EOL2q&Q}zH4sgzrWf`$Lv;l@dchN>(n?Vi?-z+_NSBG8Je}sWr zw5X4COqN?})iUk0O|vz{amSy@l9d&t0GG=mYww#=30Ytf+yQ~!o6Fjwzpm(?r*&An zZjPhQ(+a!`^$mNyM=|iVWg#ioouazlbREDMH}E>b8uIomGMS}X(VTV4ah$U0Xr6KA zX&k+_P8ld`NGLex#Y1haMG1*D1}PmHSwJvkx4`NRr99fe3OHhk;)o?jaM4*u&`jal z8}HyN-@bucwmgW<1yUB81*^xU zebE*$!0gOS@q7qG7vK2Q7FNAp2Pq1Q`N99zV>5I1?AeFjFkY-DH;`fYOS|xEg#vc& z+UdoDR1ZaaaA@B`Vn)Ag2k%#wQ`2+*c>2deIMuF3$RXU~p`jsP(sx*HQWS`r#h7=X zT?(1?y4M8}W}sB>Tc?Ua??ErZ?-mVk#z>Tb{ZCHdY=g5l9mT~LpXDnlYY@VVNpb=`~Sd47B_mc?t%|14x#n_8{L__9@;aQp^d z{-Vn`aqWr%28+du~FFOct~OJT91fb4X7bPj|w z1U4shO`d)ExxDg)mvZKDD~SP}j57oXGIkzsF>np~`Ww&Wyht%)fA+TDKL(hO3l=fSD}yn9D#c z+L}o743k?P-?oD^hfo)gvAGXKpFEv#t^oJGd%YAc0ceC8YgnFa?zk`h3zX> zeG{l&iwmWxj)K|Ze0XDWTCEn3ZhwN*`s`H}7sJkDQ!k2)qnPbufax~ed;eB)TM!gn zZzEVdMTQPw&{yR~-u9;~zk3J9A+BrZ30`$_v=*0OEiGbK6E4fs&fMAa!|$ znxCC`N{HzI{pU?2e(k;YgWny=eCoVH%0gT_>;8W$ioQvf5ZYPZ_PUqw=9g_I=v&Hp zAZP+@0WAl+_oQSwOeG2J*-2zN!9{1C2sQz0h;%@P;NQRXL$1F5X4Y)jNEn1H8LBcm zTxZ3qRg8}evwBQ29QBx4CQnfatSAvU7zHjkb`2kW?>l+*AN)7=XBHWUxUyq5OVDAA zQ4$eq?tbuo9@*38ge5V#F$n8$Qn2B$RaA$n?4NXmMUT?TP6!Z1PpZP~)NZ5`hv@uT z*y$7j=eWbi7%gjNCk;Xc-3e=NZQ6n1U8z(-hKeosJ;p6ReSpnp9qCOgB_v5s9P3`) zU`oGY~D{K`1}YXX1_CFB=qrAB(89`j;o7a7hH^1>UtQm>OIvE!oAxh{l>8wo=QXxe^+hhn8@aWF{ z{PeDSNS!278k>1kN}8sqAUfbaI0gYDwi}@btKrA}g;^N!(GnAY< z>}TxBTZ@mYgM#&%^BD2bk*U#0`dpJfwZd0W7nl5xScjxP=&)dH@ z1A*9f%|hisR{m>gH5?ds#Q{57H<1wdx*o93Q+cgRsVK|qe&e~k;boh>F`a>l$u z@+3do@(cD(H`u;&2fOx7vS(id>lCdlCu>e{`Y|gx;n<^CI~0?d88VyEBIMCs)7-q} z5n5Yzk~>f)K}$c9iXvQ+v1|V%|MtbJdHWk* zijaaVPburLyVg`+7HUk6aRwcfnFapyzrM|$sU|8a(QK!LVTj36&vty8iKrD%jsG$b z)&DO%`jz6WIP?{&lqPkK6usbOh&Z2G3+T|m>`i0NJ0^hy;QLg#^E&TM3 z``9}%%WRT+v&2B4!T_x+ptNWBSc{0N3=hRPAd~@_6F3FAif9;(tBrt;kT%DV(NvZ^ zOPJa-!@YZ_`P%KjV7O9Y{j#N;aO7I9eCcyJepMA^G88!#N}PTAiG1ej?-7?{ECwSq zN@#K+2(+d#yPxe(?j<{M9c5LxjTp;Vpjf?R8CxFOk3k}}#@f8MBNjtO@89;+%`Rn; zbe(eYNqpm`+p)TZ3c^LR6CH&}1i5oucgyWuf9r!>c*YR~8d{B6!Z^Z8g%m!U@+~b# zE*!b=O@YsS{d#_U*8{kq)_oujdGbA{#IBY#M<21CtvCFPP#;_;q1|p%iDFuVGtBowhY&!l}Zn^sbqz>oRdFTXO&%_f58S>*T_jApScW}i8 zCo>cTVA6tdH>U#X3%H%v6+oWkNEP5@OeP?AFfjx7KJW-Xy>koo;SrWD9p}uGHZoqX zkQtC7LlM(jQ=@R09uR$57DsdkYqtbzT^m z4B-qbmyEM)1it=_AMn0UexAK)h=}Tx>#K;-w9*7ef(SG-tpp_%T0)>gDzzaj&`wjz z3S#9|ijV>s#Uv=CE@6eim;`k0Q3`km3tb*%(&XIszz%+K|HJ(3_FMVqzj_}htr#J5 zDLGK9Rf%HFOxhxhN?n+UEX1mXP|P;lrI?$edz-E9LJ$^)IYg@^&^IK1{V*rIn|E^{_V_R!VXd z21y27^TYf3=vAMm?E>Psf=xYhN4a7x9Aez+6y?XjD=69rsy!8u&@A7AYTMmx{!v>yX2lxE-5G@tnF z7uk5k22Na8Cvy@_;bbEuPUOD2w*|>+pj9Iws34`J1b9x?}+ zu~g%bb51#qS3LhRUUd1{D5txW?L(w7VP&s}>=izK{fx(fo)Fe`86Hs-fmELHC4E3b zsDioHbP?AciM7!A_DupO1(MsW* zps7E_&;og$dvg-4$R*^`!&RJ?I4ynFuCy0` zeoCpX92_nH#~phV$81=SOIr)F*E*EoP;1()Ho8ez# zjbkRU7y?oxlP$;fx7^G7KloAh&Kfco&`JzJ6!atk7x^BdPj;j8J%sZm)WsK^!;;}T zdD`wnqs)KQYBkzvM%y?_L*snsx|{j%$FAb*-@lcaqD_)yFq=ABPLL|W-W)#l^&j)b zcmD;q{o*0Q@(@8(VtQfK#B2Rw|^xiI9<{hw+m;9^l;{_*-uJ**0vTaY29y6)q57TSa)Y zQ{w~%fk9%3Xc5ttk~_A~@{j+1EwA{!ckq@!{V?CZ<3XC?2#lEccXRyvkQpj^-?7+q3#E7${1}!ig5N3dyn@i$g~-BG63FOj8der=5N>Z+zj! ztXaDPBVfwHbwAz4m#_T+sfv6tB0VPAIe{oB$E8TIe0-R&yYWiGFs2FYpPoWR0ZF0U zW<+PS){&$DM^f=TpQ*3AKu3F z{@q-7&MExnOJB_JNR?VCz^H&}2S5JV1AP5k*YTyVe}}0=FuGzrGtC4iB+c0d{J{fC*EDTENDi6N+lRF1S(TS}%WX5ALty@JNFq+jXwXGm*kqOtBVRc>Y=Z;I=!MnVq3hANQ70a}W*viAU1T zC|5_healwf{bzs8D_`_1UhtgDSUM`ma|n=V9d!qR86MNWd*38a?wa5~zxr*q{Ne$& z-1{IIit6&U$e@A|+GFWMfff5tCVHVTq2am{(u7GJrUwndi7%^69T#!{J9C$=hCiAyt?1&tJWs z9Zx(=G`a$VWV+Gzlj_)0T}>fJH9Ry@kPsybjX`_xhwuSXD9^{2P9l*wrEpgIcC`vf znp23#asK(I@%GnW&QY=d$d4rO-5=h|C%*7)w(f4Sbp4U+**{4pd*Yhj{WRyWwaYnT z-BQACgWvZ;_p}W6J@FVO(nzf_*e>Cy8))Uz%XB2pn_U{u7`yD!&3x9)Jb7A&3dwB5SN4ev! zyLt5S?M%%iRBJ<&MwcVf3}YQ>Yqn4T@GXmGo>Lkgp**^rJMVj#-TRx2tt^wYTLe1t zrr(7Ky6o$7cf_ge0{3iQb5v)0$>*+xMzUjahFud=zHuZBM zI|lcZGhT@!H7Svb*mUf2PTzDa+xFfqjm9jY_6uQpW}4BFVG?Ob zOv>)roZVATlBSQ6<^~azP*E8X#6*=c&Ss=(Mx|6@x-mnwR-)ZV(1lI6LLF4e$`p%O z;l=1%8JvH{CXQaWf_op^(-*{j4^W97Haw1F8nd&MtKMN`_uhR(QABlY874JYE6_rb zn2ebu1tBO6jS~t|61rrlfl*5R<`}eYI?;cKAxvsFN&%DW}%`wj3 z9aCtC$ig&}KDT2hLOeste1OnD4+L}pTSq_G%E)iUG>)p~`jIl+b{RbKV{OFSmfBtS~rWMse(Z@r7$ z#6+bLT*2n>{UYsg&4of6MGGQ7q)fvNoZctQ5u_RKd*|;nQi}<7fI`rkZ6lo|kRcSF zS(!0Nsl5E36qMqCcC+Do@;buE2&+rz@(`t=QA(8>I#4K=Bl46y%ZTHcsi_G{r4ZpP z*5)V`c=i4{Ao~ukSV}<rGeUnhh|5N?avr`|3y`y;iSv zwU&00qJT7WIH!<7$*W{7c=Hr8ER!KoaX7%j>gwc*&TOOuptap_ zu2hGDtGXGMUr!x+tLXy&jT7i7rd6eE`n;gv>k7 zze1r=G9Zdd-l1IxR6+9<4k`j({o-fw%+pU~cJC92JnMc(YaJ%Hq-l;ZIYNg;?-r~y z1!<~HxmrQQ5%I`4vRtP@K+{PG%T$KP2%`#0YT_U!5FVSYr37Pe#-NoV&>E~Iu$EXT zA|y6V85^#$bi7V#9XbdIbkN=4f*{5S?^5AVIH|D&;DRmzOGtqVA{-jikE8B*v{^S0 zXuIBR&VbFj*VW&*1HIi2X#!xu2eZD@DS=b{V!yt`@5%rPF94j2kftj0?H}FE-~7-2 z;-Q^6=bdsGfAgnr;kD1(%!e0`c)w+j^NzkvJ-`q#g@i z_2TE^l3A3HjE^s++0Jn?pxsKl(uY>`58O;QL+!}t8R^fi7IGg9OzM!CMw3#xM3$s9 z8VyS263#g=RG>@9q zfmvZYO>lyaO=Dq4WqOqFxsBt3Wu6)DUeTk<7Jg@0QUqhy4H}&XTsRo6)%&ur4C%N9 z001BWNkl7 zUb6&c+O!)pq)9@#S|u|M6@+LVVe;H(n{zfVS6KZRA<3l1h~kuTV30pR9CE$PTMP`# z0zw@S3Po8;)~{Z{XuX1#!Yk!j?~tsd_o(YsUp;+jIk4iaF(gS+C3*7}RL2HQ!G%l2& z6;3PA604NI$pWHs%*>wcjL9}{z4Apo>)d0>nll7K5r{I0@eZq3U-u&(*g1hLmHad| zQV<9aLn$^PCp%nl(bcDYI&dC|ca10q@b)*nfM=X~40+Zfa}ZZYnQj|K#+Kk|1q)}+ zBbFnLVRov8C8U`+O2b3wQpCbSHHX%h%%sm?JpMSK+0MQDK$d#hPLrcOAQgjeb9k-g zj8Ys>DV4g~!3s!osFXrXnvk_y2brUJ*pbLnYL#-aP7C*k&ZM+MrR-iL>B#^BN>S9c zr<#A`=~>A5VRFv$rK1Sfp<^F{2$2qmf}mR=2~#*ui)h~ApUGQP%Q5vz$$uZ=v%q4a zLZls`bzE@j2L9l;UPdh1R6-Binw*(MMiDBC38Ii72tas@f^<)9&^fo|F?WL&Ma9v! zFge?z6e(sWcJtEbKZoIJNTbz6YSo3j#es$_E4 zUsW-uDLlt))Ex?z>A?P#70j`+=(Duw`|p06^ZwH+g$+uyRhb*_eu(#f?4P*dXHU?~ z;mDOSA9~A6_~f7e2^XJq1m)H)hG|fhh92x*d3IRwpex}s$~^TuS*21h$QK>Ro0#Wx zSS7I9msy_LnxkBbb}7le?Hs>qgg<}l8+g@ar%}UEj}>G&jaG(JF*j{_gfD&P23%=~ z%E$;Jl!!{jic8sXL8SztJNt-}P0;SM_q}7-y)DY%>9e|+ND7zZGfHl77T?RI;t?`yO zUddQ3ByG;1rOyqPo6tQ@JyA()lp0Q+js7q~L7D z2nvxFM^*^ecHAnYvkcX$#Yn;}di^?oR|=sP$7tz23<0bue8GxVj;AL3wUo4))JqY= z)e^SIE)}9^<2lGvMAjq*e(UAW=G8C0g2=YX8k39+RWK%_IWxo5>feeX&TBSr33Y5#b=Cbo=qJny*jI2hug(edo5YRJUI%wdP-F}x4f-ndvm&=9cn(CcO7i|aa&qacs5CSa) ztt=%NU%?%FXZfRl{5L*#(|zQ{5aO~Em-2~syp&JA_jh^8`6p5%AxphOX+lUd_e(!4 zil~@0w5&LWKxKk>lk=A}2Bpf@F%CndDU$oyI@C z?=3vO>&bVN)eCDz`uOs26i?b4HQjdv1x*_nKxZhoq+4Ffl!L4mg)|c zi?*muEtWuf3!)=e*ZI(U-odeJmy*ry!6mcQDrHQT6s;KBJ*9BnvxAECmhJPLE~hqB zp*_8i6=QXtaq39~II?z&KuL7alhebx0Zg&Aj%v9A)@w9`9RYlx62*WcDK?I0Z$6!m zeBh56DO-}+y#z8Rj097&GXp+-o#C6a?vNiqXL5$hB}CRlWNpf&h;pe!qtPS^OMcj4 zyz8)1s(>RpNE@tKwuI$N>SV_EQ89j~vVQdnVl4;{g2$H5k|%A1N!WPQhC*Y&6%att z+u#bXXH)pk3F}99M;&$;CTpV<#HFy01u2nIBV~ZIpp_;N-u`OCy47gWnYbT(ojB`k>QA&GcLS|4%wD6>>nTg#rCU$V~d8hEc zcl{xwHIEq3T^ATjYT?Mk*0OwjgrwahP@=23>w%!ATXpHc&q&(S`#AcD^#e^3S8Vj# zpV-4pJ7@oNi#>a1m~Q6G=7OdZw5(*uWWx)7$%P#%^nqcZUy!9>t;xAR@1@zonL$y_ zfviQ4q-};qMwo2Qpmde}7(VprFYw^jP5j==pU3)Pfd(!=eIpm1coelzqXlHf3(;8N z7pcwK$gGKN&mh7YD%4&ft#GOkQX+*zOWS4EIA@S9C(;Vx46ZpvIy=n~YgcgUNvCts z*{5>BaVx0-I)h38CeJBX#z+wC%;CeI{W3p#U^~-JlPT$0Yo!>a1SU;=PXiEEBCPBU zB82enFHZ}MI>tA;v78@rGg8!&w)QIEpN((;^)T;qvp3WAdGE z;xGU16U?;sb{z%jFb7o&k?bZD3zlMSZR1Z!M(5ak(o#k#dQ z&BipEoMVnStozQgU>$}6)~{O55$o2n<-sQ@S8I#H%hKiy%g0AJeEr%&6|d-BcZ3E- z&vn*`E?5=?oP6T(SZkP?nqX{fX|LaF1){LCq-c-KOiyywS;tc^huvV%`(6ug=^=39 z#v}Nz8*U*_n;z>f9mW|Xf-Lj$ohHk0X$~gi_+ySFQXq3rb`l+779sn<>Av-`tP=8$ z-+vwTkx@SW&!1!O?#C#PEF}&l=FrV4=3ishbu)hn7-K1yVzkm^Sw`BNL8J|ybJ5wn z?_Gb$n&lzdbQXSw@B+Um31cH6#~*Vf58iM)E={@;va-`6C~UnV3GK8^CDNR6(h0p@ zZGnEc`A0wDyWhWoJMOuM@g++*{^(G`)u+0WsT{b+(>!K=QWt&pl1WGPf}F4p4}S`gJ@W?Kyc5fiBr=n~Va!hhWI3*PkC zSMlw8ce6Y5*>5#e1TIJ9ZDOS`NlHlx+U<YdL%4 z7@zr@_jBQC$DnPSG-+WnKjFvb2xkW7+QJ=p_WxYFoRVwt+b@3}Z+OK;R7A$?zI_bW zYm~|n)6>%jkXeKn)bEJn*gFRlpS|-vx~?F(BM?wl@VXbB$N%`yyIEP6R6>PG^IxhI z6&SS5sVl?lUjAJE_$|N9P(_opXIZjrC9P&QfUC85aeHTSmW_{b*@c@6ZocdF=Wz@V z$6R{h=AtCEi@d)@3CAp@#x!9V z&a*NkS(c!1JoEf>sh0g`6t*+Oam;;&d;WC(IRCse*>KoOtZ8Cxf>I8ICoVbXzq@mS zw4JbW`4TSLd>%G;NUa9S@(vQfsQ@Pfgixe;li?WN`uZ30*YAH98`m$Tv2Q!LjK<95 z(~i8Zm@la?@LrEf5k(PMma%W&KAN+$43{I``udmg$&dUAN3N<6S};lG#lEfaiBEys z4J4d*?%BjqK$f(8wbXZiJF|;4%`jQQ$tN7grV}>~WV=?tsb`$di(mROR6YZQI-F`QZ?8@2l;1m30%Y8huV?RPKJY3gvjRIt!`j}Osz@+t>Mt;$VLa3a+ zuD6)?>gCpYB!URYb3-m2dT5Bu8E$`aAAj)Q|AF6r(dE2&^Es@m`yQCKAWRRgF%)Wk z>v8LdVGEtD7UmR?|^R;w^JHq211%E~3CMt}szAV?7!WGvNxRkfP<#%}FYo1F9*tLBdr8p#MwrJXnQl(sEXvMt#0R2|m z&1&;3BMJtyU%#^p^2`uO@0M}#IVbY3pZYsK@()*W^R0K1JIIT|%MbnBz|g|=1-TyC z!GAC9a+J$>!>eD;yWaEy65!@rPvcAfbsc-3e4Nqo*(j=@@v0Xz(Taa2bvr{u1zGew8c=ja)?8$U-zd|jZ@utRb;>NWccjP)A zed0-M)<#Q(6as@mONr6~@|@JRIOT**oOa@2XnY%|n}zp3-_Cb_5r#l|LtBO7g_oSc zX{T)B6QBN9uD<5GWUfu%%3a~5?z-$R;1|G%`#!csC`Fzn2rNOMY0XSf2?H*^U^B0I z`SZA7(<)*GCe1)Nw3bMp>J}BA&n`pYic8Mt-@fow?s;^lm$I}$FXj~jIkVFfgk+q3 z`iYE=bXdDRRlia!IQE!zB<+ky5v`Z#?^%eEh1<^OK+dg8LqQl1ymg>JTa}A%!5z za^f%|&oc5f!{%*do-$GnxODT`T=}vWa>hwsE47isV^3@cCn-f`(smQ6RDscV-TUsG zLupN8W{Q<-4o3$RUUT7`2d8&sbXPhQ$^uS4d>Nno%Xe}6maY8NC;x?e9)6rgtBsWb zxzI=*62)cG+>+YVGn>+sND8F0G-sx$mSZ-oUd{*K`%X?db}b=L0zUB8-yyI$SN;3f zNMQ75v3}-pbl>jk3O%->X#@6HAwct}?vi&94U~`N}u1 z_fn=hCXgC!Q}UT9nzK{9@Hv<9_TPVPS3g@QQRv$Ck}ucSK6A)|_3DutB?%kHLjLNH zf14LycqU)F=6ihe`rFyLf08seRE99Wf=29$>)Du^By!E zb?eu0+Ar4wHNZ0FI_HLWPCEn%=^2sEYQVUcs-NTQIXvqhlL&idAe zfZRExib#QWaZVce!OtJ#OW(bbJ05zHsZ0^n$7#6`WLiK-)I3ZTiR`#A6xtR20=iEJ zPBy4o)DwQNq6aGq97GC^TR+Y}{P(wT-=kC9_>(*N$zAty+t0QzF*{4rPAG?($=y2{ zsSmMw`4UF!E4lQU=W@ZBr*iVKD=8_z02+x!Mv^V}Zp8^nW*kxnD5c2f3`p`UBM3u+ zKvJ)k=>j?qp{VTiyd|)tthw;)jchvY!`$-I`?>zco7i&qecbcVBQ$1bNYWXs6NFlm zHrkk^MO+S9yLts1&pwIgJnIrJdd4P(Lhm?Y(iTbX7%!Lk%RhM&M;(0x-}=stY=3MA z`zKo{CE0lVQJi|x3wYk8=dodRoxr*72I2ZGXsls4mTW%j1pecH{ym@h!q>U^M?WRY z9meG3X_K>0+sJEQ`aCW@a}#3~pE*T3=zEsjAU<@SPQF4i9>X8M=}L|{`WU|Sjcd7Q z>%$BWX+oh9c22HP#VI!FiiD za@vU}@T!+j@Pk|LM>vukpKcH;dG<2c5;l-xP;qNkgioFE7Y;+Qbh)JMx~ zI{p+kpMMr79=(BM){jvVUi3U|rvy=O;2=X5AyRq=V`n?`8p|c;oWl6%2%r1vx47}g zKc|scS~D$5N^69VZYe?Y5yB&wq!6vmN~{Nh;uLH*MvWZ+{409$X!AvLz;cSrcyCI)_C?)Klr=<{j8v? zD4!KURs*xZbP5wGeC>O;@soQVX3Ikl)35?cHFDuW{>}<)p3ec8%YjJZM9*|nIVfe8 z$*p&BOq_D<=l_xA^_~^c0L|9Txi+>ar{x?eyFQuD{%p8IcWmc5Mu(t1-gy6X&eUv^ zJ^OYuH8n-8T%%qcV#(+T^;$@zU_^U&-?TYRsZ;?Sa_1wHJpanyXDW@zRD{sp7!>Oe zF82n30@B=~w7?~^{MJjJ!(YGiO3Ix|W1d-$IPj}<2cJ$Vay%?Y2$*Q)Y}>w*N4D)? z=k7i1*}V^AEwx&e@zD_uTfK@6>(((c6cb5^g5rHmLae-J!SqavusTF86cba1$vu0~ zI>O3;a;?Hp4XWCgo>|gDhjDix=;loDg%W;)HZa?8Jh5XZ);ZR$T1mMC(i(1dlxSIFr*;?ApB>sg)15I$-tc)r^ggv3m7tmW&N?%n|FTmwdI_ z8B+?A_*PRN$->RSmv`Ef7J+kq5ZEDHBuEmkdGvY>;Bo_q16 z5S|t+z)6Xfav-p(LXX$VIW68rv7-zBteIt=aTLVJa-D6Hv+PJ=wS+)qWJ)p#eENS~ zL&GSJ+jtBc)~;nd7Q|Bc-r<}^N9Qv+AT4hGjDe{ZJiL7ucR%znx8HTo|8DQxgDk1) zJN`M3?!I^4%k1o9mR(qZ4KDJEYlwhK)FdQDNTe#Id1$JvLd`#FX_*+Sq>NIeq>^Z* z%EVVBN*)TGKn;a>px}xaE^kda( z&(P2?I5fbKb_XY7zJAkp*neo2!L@5i+bNkzk;W29-OChGkhNQ=tj)UBt9pAyK-!hd3qJhG1jSq_B5E*01bHS-2ip}S4!dQP#t?`*cr`1A4 zpmh?MeX{47Rlv3j&Lvhc#mUGdwpnOG*TBlX!5F zRy#+p8o@~G8`gzGYHxWitntIVkoQ%^>`^$`qcP#h1q+W!aVBDltXGEqPm|M1J4DSP zkTF(zdZ{I7qlO-Qt$fxd3+X;1$g*h~jb?ek<9aAlzTejYgN*?I+747R;qLo(a`Sh- z=QWelj+dEn!EG4RQ>$(?8nm+xl9cn$+0yOGaPzw=_gcer7vh4B>u|xT)^EN2j>@A; zQh9I&;vJvY**)5n0QPIpw zLsD|^6MvG6(7L=(XP4qE-S-13!i23tvA5EaQl7=x(C{CG!u>WRusHEfF>Zm5UgreJ zF4NNqjlm(i4=vs##Dr(jKU@{#9slq7z}NL2qV`;&^1$6}CROT4fFV(Wj+RwfqUu|l zZr4Z;3>VDI@U>)4{k-SA1yPDii6ZrI83M_G(w^QMda8X_tbcwQu@~d9HV76Wkj_>3 zXogrya5+*ytiZUO$a#}lr2-$Kx=4z7GT!1q%9fNkSGv4UfIQ4 zLl$0<8)PN}D~THeJa^;}-@4}^Hm%*pY8BA|?%UJisTRx*ttKBF<49^acpybQ{~YF# zr%SscA-lb-&RT@TJ5}JYGDheo`S6HWCyE-R)*%v2CcW|*iT6*lLZAvYtNHkf#m$wX z%q9H+gFl58LXaCnnufZ_61#W7cYzEHuA+lrDu)LjdXoSB?(OXO`OlbXwOGA+HD_6Fy-_A_H}mepF+pO zbn@J1e+o~|=uhCSBTL(yxqgC;>nG+tC_I+jmvSV#hrO=y#ESU~W##8{qSth>n7FQ# zF}0x=(_6ons`K-lfQrI+vbQEzE*^r#&o-8xlz59M+cSv4;8a+o6MolYtxwg3D3!5# zc9Tcdyy*6Yce`9X$XH?fD$#1`llK_za)3{GH$hDeZ;k>wp4g9*kt za_2m`!Fs@yq4uS;!ezOqHb)8C8btV6hqo;9>Qxqs>_u2#?~@W?7iI{F;7wPQ1Ox&Z z`AL&!8SQokqtQ}lU|<9!bP((_@XcGcbKUj-z=6ZFIIS2M9%SbJCy8(WDL3472WOl* z$$Q@ZHqO|%jx#q7`cJ77to5t9pg6U!h;{@Ziek-E2Xa30H=pLlTW(`uXe}m9QIXd& za6bSGTz05874&S@eHiew_B+NQ{hipeV@@9`P#p$J1T(c9!^`v3=tz7u`Y6{q45T%1j57 zUeUexLX>8kU0-WibYz#3r=t4KuJU|TY5PtDHAlGtKM=t0&?r=aw+g$xlg$XQQuSz< z*sy&qZQkwCPqQlr^K);V0B15(oFJW~ljX?95C_^v`1X#Ss2x8iNg@tS&5(?3Aj>3K zC-py{Bp59@Qe-XC8)$YjUg6V$jsY2aitO|eh_qMTk^+-vp8b{il~75)6$|Y2pj9D{ zf|U{{Y#1{?1*Gxsk-Jd3AX+jY`4uuI1#Z3br+nn&*P{ncAzn2EN|8H9Jm?7vPwqX) z&ZqY9!yn(nE6>=(CEL#Dbr)~r!gIGWG8~bI?Ti*hR^@ZaP6p2%=s6p5WdHyVPDw;T zRPe3a?%+#b`5F)XVmE{1>v1MRI)@M@B!jMR%i0CIfmpG5<5~vd6|j=57UcW80V)}p znDYqRKDS)i?G+UZKla`1f9a(%D`Yru>ix5o%mfRvv7M){+f`Sr0w_XpaADn7J16Ox z-@H`z0plDR11CJ@h$K~$onuY8?L61m3-T_2Z}A+JyQT$1n@TgxN@KzNyWz#hOqZAG zERj$oS|KG^9eFP`C3_ySsyrG<+#=R63nsf2kNSf5B*Q_L7#P6X23A;7=TM_VbX5g z^I4p$USv!r?0j3MMMpLH^ryc_Cr`rmSwdb^Y<*^}BIO-7oZ-Hmd$@n+E>NM~u!9%ju@#9OYsyju)7O18TgKB+m+s_6T^I_lr-PoU%?fI8>1ilc8rRP|J` zl3c3gq+dtPeR_8S>S#R>A&d9VnOMU6i9m;S3ts=6>sadblx?MUk(n?1-hTbL$*+SI3bQ{QF5YpU`x5dV)9FlYrv1To39SOadS03t1FyaWEe$p@D}R5Rt4Z+ zj_IXvA=~i{{M&!DgQs`zBOVx?cW6sZ2C1+@l?!6-ERQ_1pGTkB&u!no7lFmJT10VF ziaVzcRMbSpqbQ~P(lCcT)OC4PQ9`Gk(Vm_mi6q*lT=eRTIB(18XlxHr;>C#<&{R^q z_*Z4AV(3E!`)8%=+bYn87nNz=txN05<|WsT!l9Rj;6uUh&_ zcp~OfzmV~qMO`dfzjkz0h?E1AL^-)6*+$VN*J6DS0s9WkGLu_eEQk=y-+tfSB3e;Y zI3;7JOkk|_BGkEIWc*ap)OhD$=NN4^{b8fQi$n{Hn3uv?c$Rtg+(_I&*%sMshxfhf zoxa7#IFyp}Z|h#D`zKy(;I}X6LLis?d*lj_(a8q+a!Ge(v9S@y`TWVFl^UwCe*HSM zZjh%L(s)TWC;PhKdw}=YYA|z7h5Nql9yBcQ_gCQieyb2#uNJtD#ZIqF{)P}`KPXaG zL|2xVQssCdacgW)vtMjYlHHAmfL13Eq-BIv5mRl0lp3@z6?CjaSVL}dFS@S#m`P>- zaOen-0%J2qlZbu0p5^^lzm@aPoFI0fgrbf*>R5j09=ff7^%D~`6->8hX(Gsk!&IC^ z3lW_{Ce7O8>o+NDy?w1a-oW^)eH3fd0wjWTIhS#uch~)D`f!f^0sA#J&7!ITF*J1 zH(vZ|T8H>Nw_%xB7)e8@T+kOBf%FnSEv_LpEo?St1Ic4c0#zgtiDpZ#KEiSK%Ag|0)6U zgnnOxmcc4WqohVji4y)LWT3E0?;>0h^_2{~RDz+QC=b_;6^u&ei#6nV#$~_0mG@o! zb`skrCPUhSx*OWdf-0L8!QNZ+g1D#p_KKhvHSO+uMBuy$WT(?;7_&R9Rn zr#}8yy#AtB5e56Cxr;^}b<}Z8!0Yv6EmFYbno&OV?yKR^huQO!pD=Qy#h?>(S}AF6 zk#R&uij}!HkPNL;FX@+1b6!rWu)&u|E0IPZjX>qXpV$YnFck<=-c}^kd0plS-t*B2 zmjOsB{8M};9XE(|L=$+|TQBEtulXPsY+gs};PYq)v1;NnO`@7O8=;e7Tr@x?Vhq|- zpG)w~dK@QYU-yAUk{J*>!3jyM610T&)bk8Aa(@4}F5;Gd|11~3@^ps7zDNXH`(m;1 z3yz}SJMNcj3dxt*_4gWZ&VQXtebq5v=>F|%qF{Uw-uT)Jxbmtixaqt9$5f-i=+;*; z7B|VIrrqk`Tm~xgJ-;VKjj!)BI_X=dq-VHUhqu{ro_rCh2&W~j+&iTfyeLso7N#Nz zS#|F%A76W{6S>>i{+7!xX6spJal?(b@U@$7W zgI|mgnQ=~Hkv8w*Qxr3u!hKKd;p)G*hKKhaLY#gU<6E|p4Gv=(O-!O`<>^Vfs#VxD z(gT*Tlu~@2oDh_sl<)J6tba(2Ec#|m3A(~cgfqm(GL|~_Y`>L_W{T}!{UVdY%OMTV zpLa;$Pznz{v4@+#^F40A>mD9|Y8Nx@oKy(n!6uPTXlE%}$K8d6uA@j%%5cs*?iyop zWC)jG(-y0ThdKY1XY$8aUBRW>&SmW>i5Cj8j!1P$8dVSn5Oq@XG6&xJ2EPEn>lKiU z6R4y?8+c&nem-#B-*M+XJ5Z;e#ptH9P$Q#6VAPhj7yOEbKl64?OlHx8Hd;_uTg&hmOqf-1B>x zo$Zk3rYqd+yim4urN$C@-l5rSFfua2;6TLYjqAAV(${jywhMX1X=_SH2W4}zv`x|& z>SApTyfyIFu`!@n;&--XJ}## zR>mhS@Va2@OxYn|$udiB9Z_SHRi~fI>}Zo#Tu8)$GcKq^706iV!rBsecW=LyjdqId zU;P4;gU1fMCKLm#v);Z4OD?6a<l0 zNV0D28pbD9v2o)j)~_C8VpMf~$3$1QPYG8Z-idi6YU-$gw~pfgUYj}RZ9ak?rRxs3 z6EK?^;%34T;Af9L&$s^Pc5c1%``q{V6SRy7r{O2z%@Gw@LT7!wS6JwDAZ~(a!r&-l zZ@7eXbclSQfm50+OG_zCNtZx!B7oO9hY?y=DrEyr3p;{UyH;BRXKC7 zT&k-%fwK-3D8eSk*Lfp>k_B1Wma=zP-6Og!YMNRNymhQt=;CC)5bw36=9vf<0|*b?bIM5#UK67Ygj+FijRHrpNP|xp{B-3 zjff&rHTQw-?`gGVEqEnrBE<)keeY*VSw4+GDuOYkw~VnaNaqNFl)<#y_m82pL}^JH z9H3=YXwY>9c&eJ^b<|PEN&)Yj^{vMpuB**}Bx)pHSf#QKij%y*DC%3#hZp8G}51Zb2Imy^+W*U;V%rFw94RVmefpVDCbGlL#DaX;QBP!((>&ns( z6awLeb&4+Ug_K=mPN5>-k~XLIAbY@Ei>@(D+4)e(lo2n!@M9e(GU|->B>}vP;z5{@ zx(X04(@22dyX;pP9QqjV`RFHk>b7q)vh8BxQ#Zh%q$4$15DxaTn&Ftyt!(r7d>LoS zbQ8UkNQg!5iI_X>oSSD7)@WNt9Vc+P3qm)dLVK;gewjl7Ylbv${1u`7nC6MVuG%m>Qf$I*qVi$zD6VV%(jD?#)WwpZdPnQAfSccu7UOJnyO(g%LT>=TdEn4V@JvnWHL7k70OgtPVF)=@_tHSjJ!EIQF-wuQ`7-t?NY z`Okm6o-Gr@bbfRftp^`u+~f@ADT#B~%rKBNK&i48UPm2u)KLTPGQv480HcK>kQ(;Dh%PADL$IlrhjTi}PQAZ8D%L80l z86_z|DpZts4Pply#x!5~%(cAr((_=){XBig-DJ<~MYcLLge0m_w~jjMm?v~S1WQVH z=P=L;qRDtH_`)YY%-E{+eD2Ht#Z%T{5AUP7wn3}afx)C6!#e7yqXym;+b%e;HYHIp z*M0cUh+@sZeEnurr-Mr+NwWssI_jvSE;X!hSd>zbwHXFJ@qs_#FW>#AjEWZRnZrb? z9-%twsH4t!mtSdEfW=jcf;&sB71ri7rRKfwxPoCieC?axz~%-?jlOl%QAZ!HIOl2` ztz(E%j3($9J7>HHuZWpxTkihxk2(L`b67VvSVM0eb<|Mjn*RSb*+v%>Zmi`l?LBpAiepe5bBrm m`cKxCz5e|5{CzRT@BaZg*UUX-iZL7j0000> /etc/hosts +echo "127.0.0.1 nas.nintendowifi.net" >> /etc/hosts +echo "127.0.0.1 home.disney.go.com" >> /etc/hosts + +#sed -i "s/HOST_IP/${HOST_IP}/g" /etc/bind/dgamer.db + +#/etc/init.d/bind9 start +#/usr/sbin/named -u bind -c /etc/bind/named.conf -g & + +/usr/local/apache/bin/httpd -k stop +exec /usr/local/apache/bin/httpd -D FOREGROUND + diff --git a/sites/conntest.nintendowifi.net/public/index.html b/sites/conntest.nintendowifi.net/public/index.html new file mode 100644 index 0000000..083c294 --- /dev/null +++ b/sites/conntest.nintendowifi.net/public/index.html @@ -0,0 +1,16 @@ + + + + Nintendo WiFi Connection Test + + + + This is a test html page. + + + diff --git a/sites/home.disney.go.com/public/index.html b/sites/home.disney.go.com/public/index.html new file mode 100644 index 0000000..59eeae3 --- /dev/null +++ b/sites/home.disney.go.com/public/index.html @@ -0,0 +1,138 @@ + + + + +Experience the magic with the latest Browser and Flash plug-in + + + + + + + + + + +
+ +
+ +
+ + + + +
+ +

+ + + + + + + + + + +
+ + The page you were attempting to view requires that you upgrade the software listed.

+ Click the button to the right or read about the new browser standards and what upgrading can do for you. +
Quick Links: + Corporate Info
+ Disney Careers + 		+ Disney Legends
+ Disney Archives + 		+ Disney Shopping
+ Disney Insider +
+
+ +
+ +
+ +
+ +
+ + + + + + + + + + diff --git a/sites/nas.nintendowifi.net/public/index.html b/sites/nas.nintendowifi.net/public/index.html new file mode 100644 index 0000000..079cd04 --- /dev/null +++ b/sites/nas.nintendowifi.net/public/index.html @@ -0,0 +1,16 @@ + + + + Nintendo WiFi NAS + + + + NAS page. + + + diff --git a/zones.txt b/zones.txt new file mode 100644 index 0000000..563fd21 --- /dev/null +++ b/zones.txt @@ -0,0 +1,4 @@ +conntest.nintendowifi.net A 192.168.2.3 +nas.nintendowifi.net A 192.168.2.3 +home.disney.go.com A 192.168.2.3 +