[ previous ] [ next ] [ threads ]
 
 From:  "Alex M" <radiussupport at lrcommunications dot net>
 To:  "'Jonathan De Graeve'" <Jonathan dot De dot Graeve at imelda dot be>
 Cc:  "Mono Dev List" <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall-dev] Central Dynamic Configuration for Captive Portal RADIUS
 Date:  Fri, 7 Apr 2006 16:44:10 -0400
Are you running RADIUS PHP package for FreeBSD or you using something else?
Because if the package is installed I'm thinking to add Radius servers
diagnostic tool...






-----Original Message-----
From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be] 
Sent: Friday, March 31, 2006 2:59 AM
To: Alex M
Subject: RE: [m0n0wall-dev] Central Dynamic Configuration for Captive Portal
RADIUS

ATM=> at the moment

My situation is: 2 freeradius servers with each server having its own
mysql-server. The first server is replicating to the second server.

In case the first one dies, we always have the second one.

Your situation will have the same problem, if your main mysql goes down,
you have no good way to send the accounting data to another mysql server
and automatically resync with the main mysql server again after its
repaired. (mysql currently doesn't support 2-way replication)

J.

-- 
Jonathan De Graeve
Network/System Engineer
Imelda vzw
Informatica Dienst
+32 15/50.52.98
jonathan dot de dot graeve at imelda dot be

---------
Always read the manual for the correct way to do things because the
number of incorrect ways to do things is almost infinite
---------
> -----Oorspronkelijk bericht-----
> Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> Verzonden: vrijdag 31 maart 2006 0:11
> Aan: Jonathan De Graeve
> Onderwerp: RE: [m0n0wall-dev] Central Dynamic Configuration for
Captive
> Portal RADIUS
> 
> "round-robin" - what is that?
> 
> I think you should just give users the option if they want to support
> accounting on other servers' rather then just turn it off. Im my setup
> everything is in sink, we currently are running 3 servers (freeradius
> only)
> that send data to central MySQL server in separate location... MySQL
> server
> that is self replicable to a secondary server (in case we overgrow
> ourselves
> we just add mysql clusters and still keep mysql as a single server
with
> combination with multiple radius servers. In such situation everything
is
> synchronized and we have central accounting solution.
> 
> Also what do you mean by ATM here?
> 
> 
> 
> 
> -----Original Message-----
> From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
> Sent: Thursday, March 30, 2006 4:34 PM
> To: Alex M
> Cc: Mono Dev List
> Subject: RE: [m0n0wall-dev] Central Dynamic Configuration for Captive
> Portal
> RADIUS
> 
> > -----Oorspronkelijk bericht-----
> > Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> > Verzonden: donderdag 30 maart 2006 23:28
> > Aan: Jonathan De Graeve
> > CC: Mono Dev List
> > Onderwerp: RE: [m0n0wall-dev] Central Dynamic Configuration for
> Captive
> > Portal RADIUS
> >
> > Ok, but what if 1st acc server is down?
> Then you're out of luck ;)
> 
> > Why is it limited to only first
> > server?
> Because in my own current setup replication in both-ways still doesn't
> exist and my radius system could become out of sync by this reason
> 
> The code is ready to support all of them but ATM nobody needed it.
> 
> Possible solution
> 
> Standard behaviour: round-robin
> Advanced behaviour: only first-one is used
> 
> Nobody actually ever asked to change it, so if there are systems ready
> for this I will implement it
> 
> J.
> 
> 
> >
> >
> > -----Original Message-----
> > From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
> > Sent: Thursday, March 30, 2006 4:20 PM
> > To: Alex M
> > Cc: Mono Dev List
> > Subject: RE: [m0n0wall-dev] Central Dynamic Configuration for
Captive
> > Portal
> > RADIUS
> >
> >
> > > -----Oorspronkelijk bericht-----
> > > Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> > > Verzonden: donderdag 30 maart 2006 23:14
> > > Aan: Jonathan De Graeve
> > > CC: Mono Dev List
> > > Onderwerp: RE: [m0n0wall-dev] Central Dynamic Configuration for
> > Captive
> > > Portal RADIUS
> > >
> > > I've been looking vor variable names for CP and I found that you
are
> > using
> > > array:
> > >
> > > $radiusservers[0]['ipaddr'],
> > > $radiusservers[0]['port'],
> > > $radiusservers[0]['key']);
> > > $radiusservers[0]['acctport'],
> > >
> > > But, I looked through all the document and I only was that it
> requests
> > > only
> > > 1st line of the array, why? Isn't CP supposed to go through at
lest
> 2
> > > servers if fist one is not avalible? Or you are using some
different
> > > methid
> > > of getting the second line?
> > >
> >
> > As I said before, only the first radius server is used for
ACCOUNTING.
> > Authentication is a different story (try the first one, go to the
next
> > one until we get an answer or time-out)
> >
> > J.
> >
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
> > > Sent: Thursday, March 30, 2006 1:51 PM
> > > To: Alex M
> > > Cc: m0n0wall dash dev at lists dot m0n0 dot ch
> > > Subject: RE: [m0n0wall-dev] Central Dynamic Configuration for
> Captive
> > > Portal
> > > RADIUS
> > >
> > > I don't know what you are up to  but it seems you are making it
more
> > > complicating then it actually is
> > >
> > > Something like this:
> > > 1) Setup a webserver with dynamic page generating radius test file
> > based
> > > on http request GET (nas_id = $macaddress)
> > > 2) m0n0wall will use PHP to fetch his radius config file after
each
> > > boot.
> > > The URL to get the config from is stored in the config. In the
> request
> > > will be the macaddress to identify the nas
> > > 3) system up & running
> > > 4) possible cron script to redownload config lets say every
> 30minutes
> > >
> > > Don't know if this will satisfy all of your wishes and you also
have
> > to
> > > take care of security. A compromised config repository can be
pretty
> a
> > > PITA
> > >
> > > J.
> > >
> > >
> > >
> > > > -----Oorspronkelijk bericht-----
> > > > Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> > > > Verzonden: donderdag 30 maart 2006 20:39
> > > > Aan: Jonathan De Graeve
> > > > Onderwerp: RE: [m0n0wall-dev] Central Dynamic Configuration for
> > > Captive
> > > > Portal RADIUS
> > > >
> > > > Ok, that will be a bit more of text then, any way let me do the
> > > program to
> > > > work with regular php web pages first, then I will convert it to
> the
> > > > command
> > > > line functionality (don't want to install interpreter on my
> laptop)
> > > >
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
> > > > Sent: Thursday, March 30, 2006 12:30 PM
> > > > To: Alex M
> > > > Cc: m0n0wall dash dev at lists dot m0n0 dot ch
> > > > Subject: RE: [m0n0wall-dev] Central Dynamic Configuration for
> > Captive
> > > > Portal
> > > > RADIUS
> > > >
> > > > It doesn't have a browser so it will be in PHP
> > > >
> > > > J.
> > > >
> > > > > -----Oorspronkelijk bericht-----
> > > > > Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> > > > > Verzonden: donderdag 30 maart 2006 18:44
> > > > > Aan: Jonathan De Graeve
> > > > > CC: Mono Dev List
> > > > > Onderwerp: RE: [m0n0wall-dev] Central Dynamic Configuration
for
> > > > Captive
> > > > > Portal RADIUS
> > > > >
> > > > > Host name's are to variable... MAC would be better.. but them
I
> > will
> > > > get
> > > > > back to PHP generation.... if Captive portal requests the file
> > does
> > > it
> > > > use
> > > > > webbrowser or PHP command line?
> > > > >
> > > > >
> > > > >
> > > > > -----Original Message-----
> > > > > From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
> > > > > Sent: Thursday, March 30, 2006 11:00 AM
> > > > > To: Alex M
> > > > > Subject: RE: [m0n0wall-dev] Central Dynamic Configuration for
> > > Captive
> > > > > Portal
> > > > > RADIUS
> > > > >
> > > > > It isn't
> > > > >
> > > > > You can easily write a script on your webserver that dependant
> on
> > > your
> > > > > request (for example nas also sents hostname) generates the
> config
> > > > file
> > > > >
> > > > > Should still be easy
> > > > >
> > > > > J.
> > > > >
> > > > > --
> > > > > Jonathan De Graeve
> > > > > Network/System Engineer
> > > > > Imelda vzw
> > > > > Informatica Dienst
> > > > > +32 15/50.52.98
> > > > > jonathan dot de dot graeve at imelda dot be
> > > > >
> > > > > ---------
> > > > > Always read the manual for the correct way to do things
because
> > the
> > > > > number of incorrect ways to do things is almost infinite
> > > > > ---------
> > > > >
> > > > > > -----Oorspronkelijk bericht-----
> > > > > > Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> > > > > > Verzonden: donderdag 30 maart 2006 17:22
> > > > > > Aan: Jonathan De Graeve
> > > > > > CC: Mono Dev List
> > > > > > Onderwerp: RE: [m0n0wall-dev] Central Dynamic Configuration
> for
> > > > > Captive
> > > > > > Portal RADIUS
> > > > > >
> > > > > > That would be to easy :-P but let me keep the what you have
> now,
> > > > > except
> > > > > > there will be small problem with Shared Secret, since its
NAS
> > > > specific
> > > > > > attribute, while Radius IPs age common attribute. Obviously
> > Shared
> > > > > Secret
> > > > > > should be the same for all servers in this case. Well let me
> > write
> > > > > > something
> > > > > > and see what will happen.
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: Jonathan De Graeve
[mailto:Jonathan dot De dot Graeve at imelda dot be]
> > > > > > Sent: Thursday, March 30, 2006 10:05 AM
> > > > > > To: Alex M
> > > > > > Cc: Mono Dev List
> > > > > > Subject: RE: [m0n0wall-dev] Central Dynamic Configuration
for
> > > > Captive
> > > > > > Portal
> > > > > > RADIUS
> > > > > >
> > > > > > Leave it easy:
> > > > > >
> > > > > > Use a normal textfile:
> > > > > > $ cat /var/db/captiveportal_radius.db
> > > > > > serverip,authenticationport,accountingport,sharedsecret
> > > > > > serverip2,authenticationport,accountingport,sharedsecret
> > > > > > serverip3,authenticationport,accountingport,sharedsecret
> > > > > >
> > > > > > Just downloading the file and storing under /var/db should
be
> > > enough
> > > > > :)
> > > > > >
> > > > > > J.
> > > > > >
> > > > > > --
> > > > > > Jonathan De Graeve
> > > > > > Network/System Engineer
> > > > > > Imelda vzw
> > > > > > Informatica Dienst
> > > > > > +32 15/50.52.98
> > > > > > jonathan dot de dot graeve at imelda dot be
> > > > > >
> > > > > > ---------
> > > > > > Always read the manual for the correct way to do things
> because
> > > the
> > > > > > number of incorrect ways to do things is almost infinite
> > > > > > ---------
> > > > > >
> > > > > > > -----Oorspronkelijk bericht-----
> > > > > > > Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> > > > > > > Verzonden: donderdag 30 maart 2006 16:55
> > > > > > > Aan: Jonathan De Graeve
> > > > > > > CC: Mono Dev List
> > > > > > > Onderwerp: RE: [m0n0wall-dev] Central Dynamic
Configuration
> > for
> > > > > > Captive
> > > > > > > Portal RADIUS
> > > > > > >
> > > > > > > Well the script should be easy to do... at this moment im
> > > playing
> > > > > > around
> > > > > > > with different methods to obtain the configs from the file
> > that
> > > is
> > > > > > stored
> > > > > > > on
> > > > > > > external web server...
> > > > > > >
> > > > > > > First I thought to use PHP to generate XML content from
the
> > > > database
> > > > > > and
> > > > > > > then read that "xml" ... but then I thought that if mono
> will
> > > > > request
> > > > > > that
> > > > > > > make not thought the web browser, then php will not be
> > > interpreted
> > > > > so
> > > > > > I'll
> > > > > > > get bunch of errors...
> > > > > > >
> > > > > > > So now I'm thinking to use php command line to request
> remote
> > > file
> > > > > or
> > > > > > > build
> > > > > > > an actual xml file on the server that will be updated if
> > server
> > > > > status
> > > > > > are
> > > > > > > changed... Which one is better?
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Jonathan De Graeve
> [mailto:Jonathan dot De dot Graeve at imelda dot be]
> > > > > > > Sent: Thursday, March 30, 2006 9:24 AM
> > > > > > > To: Alex M
> > > > > > > Cc: Mono Dev List
> > > > > > > Subject: RE: [m0n0wall-dev] Central Dynamic Configuration
> for
> > > > > Captive
> > > > > > > Portal
> > > > > > > RADIUS
> > > > > > >
> > > > > > > Currently CP is freezed until after the weekend.
> > > > > > >
> > > > > > > What do you have in mind with the 'script'?
> > > > > > >
> > > > > > > J.
> > > > > > >
> > > > > > > --
> > > > > > > Jonathan De Graeve
> > > > > > > Network/System Engineer
> > > > > > > Imelda vzw
> > > > > > > Informatica Dienst
> > > > > > > +32 15/50.52.98
> > > > > > > jonathan dot de dot graeve at imelda dot be
> > > > > > >
> > > > > > > ---------
> > > > > > > Always read the manual for the correct way to do things
> > because
> > > > the
> > > > > > > number of incorrect ways to do things is almost infinite
> > > > > > > ---------
> > > > > > >
> > > > > > > > -----Oorspronkelijk bericht-----
> > > > > > > > Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> > > > > > > > Verzonden: donderdag 30 maart 2006 16:19
> > > > > > > > Aan: Jonathan De Graeve
> > > > > > > > CC: Mono Dev List
> > > > > > > > Onderwerp: RE: [m0n0wall-dev] Central Dynamic
> Configuration
> > > for
> > > > > > > Captive
> > > > > > > > Portal RADIUS
> > > > > > > >
> > > > > > > > Well I'm not forcing anything, I can create major part
of
> > the
> > > > > > script,
> > > > > > > but
> > > > > > > > I
> > > > > > > > will need a little bit of help on integrating it to
Mono.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Jonathan De Graeve
> > [mailto:Jonathan dot De dot Graeve at imelda dot be]
> > > > > > > > Sent: Thursday, March 30, 2006 3:06 AM
> > > > > > > > To: Alex M; Steven McCoy
> > > > > > > > Cc: Mono Dev List
> > > > > > > > Subject: RE: [m0n0wall-dev] Central Dynamic
Configuration
> > for
> > > > > > Captive
> > > > > > > > Portal
> > > > > > > > RADIUS
> > > > > > > >
> > > > > > > > > -----Oorspronkelijk bericht-----
> > > > > > > > > Van: Alex M
[mailto:radiussupport at lrcommunications dot net]
> > > > > > > > > Verzonden: donderdag 30 maart 2006 3:03
> > > > > > > > > Aan: 'Steven McCoy'
> > > > > > > > > CC: Mono Dev List
> > > > > > > > > Onderwerp: RE: [m0n0wall-dev] Central Dynamic
> > Configuration
> > > > for
> > > > > > > > Captive
> > > > > > > > > Portal RADIUS
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > > a) DNS is not yet supported
> > > > > > > > what do you mean with that?
> > > > > > > >
> > > > > > > > > b) Current config supports only 2 servers
> > > > > > > > Actually, it supports up to 10servers, but only 2 are
> > > > configurable
> > > > > > > from
> > > > > > > > within the gui
> > > > > > > >
> > > > > > > > Downloading the radius configuration file from a website
> > > should
> > > > be
> > > > > > > > relative easy to implement
> > > > > > > >
> > > > > > > > > c) DNS are good but you are limited only to
controlling
> > > where
> > > > > > would
> > > > > > > > and
> > > > > > > > > IP,
> > > > > > > > > you can not add configuration such as groups for
> different
> > > > > > locatios
> > > > > > > > and
> > > > > > > > > group switching id the server is not responding,
> basically
> > > > with
> > > > > > DNS
> > > > > > > > all
> > > > > > > > > the
> > > > > > > > > work will be manually. And in case of my idea it will
be
> > > > > > > automatically
> > > > > > > > > self
> > > > > > > > > existing.
> > > > > > > > I don't understand the idea of groups quite good, what
do
> > you
> > > > mean
> > > > > > > with
> > > > > > > > that?
> > > > > > > >
> > > > > > > > > If you even can add command on radius servers to
> > > automatically
> > > > > > > > > populate config file when the servr is up, and if
server
> > is
> > > > not
> > > > > > > > > responding,
> > > > > > > > > delete it from the list and notify admins
> > > > > > > > I think you're asking too much ;)
> > > > > > > >
> > > > > > > > Dynamically download the config: OK, but setting orders
on
> > > which
> > > > > one
> > > > > > > is
> > > > > > > > the fastest to respond is also not a good idea. You
should
> > > > prefer
> > > > > > the
> > > > > > > > one with the least packet drops. It also makes things a
> lot
> > > > > > > complicader.
> > > > > > > > Also for accounting, only the first radiusserver is used
> > atm.
> > > > > > > >
> > > > > > > > PS Don't try to force things, if you want something
please
> > ask
> > > > and
> > > > > > > > always remember that currently nobody gets payed todo
> this.
> > > > > > > >
> > > > > > > >
> > > > > > > > J.
> > > > > > > >
> > > > > > > > --
> > > > > > > > Jonathan De Graeve
> > > > > > > > Network/System Engineer
> > > > > > > > Imelda vzw
> > > > > > > > Informatica Dienst
> > > > > > > > +32 15/50.52.98
> > > > > > > > jonathan dot de dot graeve at imelda dot be
> > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > -----Original Message-----
> > > > > > > > > From: Steven McCoy [mailto:fnjordy at gmail dot com]
> > > > > > > > > Sent: Wednesday, March 29, 2006 7:52 PM
> > > > > > > > > To: Alex M
> > > > > > > > > Cc: Mono Dev List
> > > > > > > > > Subject: Re: [m0n0wall-dev] Central Dynamic
> Configuration
> > > for
> > > > > > > Captive
> > > > > > > > > Portal
> > > > > > > > > RADIUS
> > > > > > > > >
> > > > > > > > > Whats wrong with using DNS for this?
> > > > > > > > >
> > > > > > > > > --
> > > > > > > > > Steve-o
> > > > > > > > >
> > > > > > > > > On 29/03/06, Alex M
<radiussupport at lrcommunications dot net>
> > > > wrote:
> > > > > > > > > >
> > > > > > > > > > Hi, I'm trying to create a system where I will be
able
> > to
> > > > > mange
> > > > > > > > hotspots
> > > > > > > > > > more dynamically and from central location. I want
to
> > > begin
> > > > by
> > > > > > > > creating
> > > > > > > > > > "algorithm" where the list of Radius servers for
> captive
> > > > > portal
> > > > > > > > could be
> > > > > > > > > > obtained automatically from the central WEB server
or
> > > > > secondary
> > > > > > > > backup
> > > > > > > > > > server.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > The reason for this is faster and easy management,
> > quality
> > > > of
> > > > > > > > service
> > > > > > > > > > configuration and scalability. Here is how it works:
> At
> > > > > startup
> > > > > > > NAS
> > > > > > > > > (M0n0)
> > > > > > > > > > connects to preset DNS URL and read config file that
> has
> > a
> > > > > list
> > > > > > of
> > > > > > > > > Radius
> > > > > > > > > > servers (and maybe other configuration) [also beside
> > this
> > > > > > dynamic
> > > > > > > > > function
> > > > > > > > > > nas should have static info on 2 radius servers,
just
> in
> > > > case,
> > > > > > but
> > > > > > > > those
> > > > > > > > > 2
> > > > > > > > > > will be added et the end of the list, if connection
is
> > ok]
> > > > so
> > > > > > > about
> > > > > > > > the
> > > > > > > > > > list. the list obtained from server will contain all
> > > > available
> > > > > > > > Radiuses,
> > > > > > > > > > now
> > > > > > > > > > when the list is obtained nas will ping all nases
and
> > once
> > > > > with
> > > > > > > the
> > > > > > > > low
> > > > > > > > > > pings will be placed in the beginning of the list. .
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Also, there should be implementations of groups so
> that
> > we
> > > > can
> > > > > > > > assign
> > > > > > > > > > nases
> > > > > > > > > > to proper Radiuses and change the groups during
> > > maintenance.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Do I make myself clear on what I want?  Do you want
to
> > > > > implement
> > > > > > > my
> > > > > > > > > Idea?
> > > > > > > > > >
> > > > > > > > > > Does any one want to work with me on this?
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Regards,
> > > > > > > > > >
> > > > > > > > > > Oleksandr
> > > > > > > > > >
> > > > > > > > > > LRC
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > >
> > > > >
> > >
> ---------------------------------------------------------------------
> > > > > > > > > To unsubscribe, e-mail:
> > > m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> > > > > > > > > For additional commands, e-mail:
> > > > m0n0wall dash dev dash help at lists dot m0n0 dot ch
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > >
> > > >
> >
---------------------------------------------------------------------
> > > > > > > > To unsubscribe, e-mail:
> > m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> > > > > > > > For additional commands, e-mail:
> > > m0n0wall dash dev dash help at lists dot m0n0 dot ch
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > > >
> > > >
> >
---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> > > > For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch
> > > >
> > > >
> > >
> > >
> > >
> >
> >
> >
> 
> 
>