From c8563768b83241c7c8e1d666e57fffeeab729103 Mon Sep 17 00:00:00 2001
From: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
Date: Thu, 17 Feb 2022 16:23:43 +0100
Subject: [PATCH 1/3] Increase pcn-router ARP table dimension

The pcn-router ARP table dimension was not sufficient to handle a number of
client pods greater than 32 in the Polykube network provider use case. Update
the dimension of the ARP table to a reasonably high value.

Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
---
 src/services/pcn-router/src/Router_dp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/services/pcn-router/src/Router_dp.c b/src/services/pcn-router/src/Router_dp.c
index 150ce5834..68f5e5c9e 100644
--- a/src/services/pcn-router/src/Router_dp.c
+++ b/src/services/pcn-router/src/Router_dp.c
@@ -30,7 +30,7 @@
 #define CHECK_MAC_DST
 #define ROUTING_TABLE_DIM 256
 #define ROUTER_PORT_N 32
-#define ARP_TABLE_DIM 32
+#define ARP_TABLE_DIM 1024
 #define MAX_SECONDARY_ADDRESSES 5 // also defined in Ports.h
 #define TYPE_NOLOCALINTERFACE 0  // used to compare the 'type' field in the rt_v
 #define TYPE_LOCALINTERFACE 1

From bf98773b5190cd0965fdb87d23676f7799e1924c Mon Sep 17 00:00:00 2001
From: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
Date: Tue, 21 Jun 2022 14:35:28 +0200
Subject: [PATCH 2/3] Add MULTI port mode to pcn-loadbalancer-rp

Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
---
 .../pcn-loadbalancer-rp/loadbalancer-rp.md    |  15 +-
 .../pcn-loadbalancer-rp/datamodel/lbrp.yang   |  18 +-
 src/services/pcn-loadbalancer-rp/src/Lbrp.cpp | 263 +++++++++++++-----
 src/services/pcn-loadbalancer-rp/src/Lbrp.h   |  30 +-
 .../pcn-loadbalancer-rp/src/Lbrp_dp.c         | 260 ++++++++++++-----
 .../pcn-loadbalancer-rp/src/Ports.cpp         |  15 +-
 src/services/pcn-loadbalancer-rp/src/Ports.h  |   6 +
 .../pcn-loadbalancer-rp/src/Service.cpp       |   7 +-
 .../pcn-loadbalancer-rp/src/SrcIpRewrite.cpp  |  10 +-
 .../pcn-loadbalancer-rp/src/api/LbrpApi.cpp   |  85 ++++++
 .../pcn-loadbalancer-rp/src/api/LbrpApi.h     |   4 +
 .../src/api/LbrpApiImpl.cpp                   |  74 +++++
 .../pcn-loadbalancer-rp/src/api/LbrpApiImpl.h |   4 +
 .../src/interface/LbrpInterface.h             |  11 +-
 .../src/interface/PortsInterface.h            |   6 +
 .../src/serializer/LbrpJsonObject.cpp         |  47 ++++
 .../src/serializer/LbrpJsonObject.h           |  20 +-
 .../src/serializer/PortsJsonObject.cpp        |  26 ++
 .../src/serializer/PortsJsonObject.h          |   9 +
 .../pcn-loadbalancer-rp/test/helpers.bash     |  40 +++
 .../pcn-loadbalancer-rp/test/test_multi.sh    |  43 +++
 .../pcn-loadbalancer-rp/test/test_single.sh   |  40 +++
 .../pcn-loadbalancer-rp/test/test_weight.sh   |  60 ----
 23 files changed, 879 insertions(+), 214 deletions(-)
 create mode 100644 src/services/pcn-loadbalancer-rp/test/helpers.bash
 create mode 100755 src/services/pcn-loadbalancer-rp/test/test_multi.sh
 create mode 100755 src/services/pcn-loadbalancer-rp/test/test_single.sh
 delete mode 100755 src/services/pcn-loadbalancer-rp/test/test_weight.sh

diff --git a/Documentation/services/pcn-loadbalancer-rp/loadbalancer-rp.md b/Documentation/services/pcn-loadbalancer-rp/loadbalancer-rp.md
index 40d3efdb6..5fe4cc4ab 100644
--- a/Documentation/services/pcn-loadbalancer-rp/loadbalancer-rp.md
+++ b/Documentation/services/pcn-loadbalancer-rp/loadbalancer-rp.md
@@ -2,15 +2,17 @@
 
 
 This service implements a ``Reverse Proxy Load Balancer``.
-According to the algorithm, incoming IP packets are delivered to the real servers by replacing their IP destination address with the one of the real server, chosen by the load balancing logic. Hence, IP address rewriting is performed in both directions, for traffic coming from the Internet and the reverse.
-Packet are hashed to determine which is the correct backend; the hashing function guarantees that all packets belonging to the same TCP/UDP session will always be terminated to the same backend server.
+According to the algorithm, incoming IP packets are delivered to the real servers by replacing their IP destination address with the one of the real server, chosen by the load balancing logic. Hence, IP address rewriting is performed in both directions, for traffic coming from the Internet and the reverse. Packet are hashed to determine which is the correct backend; the hashing function guarantees that all packets belonging to the same TCP/UDP session will always be terminated to the same backend server.
 
-Unknown packets (e.g., ARP; IPv6) are simply forwarded as they are.
+This service supports two different port types (FRONTEND and BACKEND) and two different port modes (SINGLE and MULTI). Depending on the port mode, the cube can have one or more FRONTEND ports: in SINGLE port mode (which is the default one), only a single FRONTEND port is supported, whereas multiple FRONTEND ports are supported in MULTI port mode. The MULTI port mode is specifically designed in order to allow the service to work properly as part of our Kubernetes networking solution (please see [polykube](https://github.com/polycube-network/polykube) to get more information about it). Regardless the port mode, only a BACKEND port is supported.
 
+If a packet coming from a FRONTEND port is directed to a service, DNAT is performed on it; the corresponding reverse natting operation is performed for packets coming from backends and on the way back to clients. ARP packets are forwarded as they are (in MULTI port mode, if the packet is an ARP request from the BACKEND port, it is forwarded to the right FRONTEND port). Unknown packets (e.g., IPv6) are simply forwarded as they are (in MULTI port mode, if the packet comes from the BACKEND port, it is flooded to all the FRONTEND ports).
 
 ## Features
 
 
+- Support for different port modes (SINGLE and MULTI)
+- Support for multiple frontend ports (in MULTI port mode)
 - Support for multiple virtual services (with multiple ``vip:protocol:port`` tuples)
 - Support for ICMP Echo Request, hence enabling to ``ping`` virtual servers
 - Session affinity: a TCP session is always terminated to the same backend server even in case the number of backend servers changes at run-time (e.g., a new backend is added)
@@ -21,8 +23,11 @@ Unknown packets (e.g., ARP; IPv6) are simply forwarded as they are.
 
 ## Limitations
 
+- In SINGLE port mode, only two ports are supported (a FRONTEND and a BACKEND port)
+- In MULTI port mode, multiple FRONTEND port are supported but only a single BACKEND port can exists
+- In MULTI port mode, an IPv4 address must be configured on FRONTEND port creation in order to allow packets to flow back to the frontend clients
+- In MULTI port mode, the supported topology is the one leveraged in the [polykube](https://github.com/polycube-network/polykube) Kubernetes networking solution
 
-- Supports only two interfaces
 
 ## How to use
 
@@ -38,7 +43,7 @@ Each backend supports a ``weight`` that determines how incoming sessions are dis
 
 A set of ``virtual services``, which are specified by a Virtual IP address, protocol and a port (``vip:protocol:port``), are mapped to a given set of ``backend services``, actually running on multiple real servers.
 
-Hence, this service exports two network interfaces:
+Hence, in SINGLE port mode, this service exports two network interfaces:
 - Frontend port: connects the LB to the clients that connect to the virtual service, likely running on the public Internet
 - Backend port: connects the LB to to backend servers
 
diff --git a/src/services/pcn-loadbalancer-rp/datamodel/lbrp.yang b/src/services/pcn-loadbalancer-rp/datamodel/lbrp.yang
index 84022e62f..dedfa106a 100644
--- a/src/services/pcn-loadbalancer-rp/datamodel/lbrp.yang
+++ b/src/services/pcn-loadbalancer-rp/datamodel/lbrp.yang
@@ -26,11 +26,25 @@ module lbrp {
         mandatory true;
         description "Type of the LB port (e.g. FRONTEND or BACKEND)";
       }
+      leaf ip {
+        type inet:ipv4-address;
+        description "IP address of the client interface (only for FRONTEND port)";
+        polycube-base:cli-example "10.10.1.1";
+      }
+    }
+  }
+
+  leaf port_mode {
+    type enumeration {
+      enum SINGLE;
+      enum MULTI;
     }
+    default SINGLE;
+    description "LB mode of operation. 'SINGLE' is optimized for working with a single FRONTEND port. 'MULTI' allows to manage multiple FRONTEND port";
   }
 
   container src-ip-rewrite {
-    description "If configured, when a client request arrives to the LB, the source IP addrress is replaced with another IP address from the 'new' range";
+    description "If configured, when a client request arrives to the LB, the source IP address is replaced with another IP address from the 'new' range";
 
     leaf ip-range {
         type inet:ipv4-prefix;
@@ -51,7 +65,7 @@ module lbrp {
     leaf name {
       type string;
       description "Service name related to the backend server of the pool is connected to";
-      polycube-base:cli-example "Service-nigx";
+      polycube-base:cli-example "Service-nginx";
     }
 
     leaf vip {
diff --git a/src/services/pcn-loadbalancer-rp/src/Lbrp.cpp b/src/services/pcn-loadbalancer-rp/src/Lbrp.cpp
index 8ad71db9c..46fff87bb 100644
--- a/src/services/pcn-loadbalancer-rp/src/Lbrp.cpp
+++ b/src/services/pcn-loadbalancer-rp/src/Lbrp.cpp
@@ -23,18 +23,26 @@
 #include <tins/tins.h>
 
 using namespace Tins;
+using namespace polycube::service;
+
+const std::string Lbrp::EBPF_IP_TO_FRONTEND_PORT_MAP = "ip_to_frontend_port";
 
 Lbrp::Lbrp(const std::string name, const LbrpJsonObject &conf)
-    : Cube(conf.getBase(), {lbrp_code}, {}) {
+    : Cube(conf.getBase(), {Lbrp::buildLbrpCode(lbrp_code, conf.getPortMode())},
+           {}), lbrp_code_{Lbrp::buildLbrpCode(lbrp_code, conf.getPortMode())},
+      port_mode_{conf.getPortMode()} {
   logger()->set_pattern("[%Y-%m-%d %H:%M:%S.%e] [Lbrp] [%n] [%l] %v");
-  logger()->info("Creating Lbrp instance");
+  logger()->info("Creating Lbrp instance in {0} port mode",
+                 LbrpJsonObject::LbrpPortModeEnum_to_string(port_mode_));
 
   addServiceList(conf.getService());
   addSrcIpRewrite(conf.getSrcIpRewrite());
   addPortsList(conf.getPorts());
 }
 
-Lbrp::~Lbrp() {}
+Lbrp::~Lbrp() {
+  logger()->info("Destroying Lbrp instance");
+}
 
 void Lbrp::update(const LbrpJsonObject &conf) {
   // This method updates all the object/parameter in Lbrp object specified in
@@ -83,68 +91,114 @@ LbrpJsonObject Lbrp::toJsonObject() {
   return conf;
 }
 
-void Lbrp::packet_in(Ports &port, polycube::service::PacketInMetadata &md,
-                     const std::vector<uint8_t> &packet) {
-  EthernetII eth(&packet[0], packet.size());
-
-  auto b_port = getBackendPort();
-  if (!b_port)
-    return;
-
-  // send the original packet
-  logger()->debug("Sending original ARP reply to backend port: {}",
-                  b_port->name());
-  b_port->send_packet_out(eth);
-
-  // send a second packet for the virtual src IPs
-  ARP &arp = eth.rfind_pdu<ARP>();
+std::string Lbrp::buildLbrpCode(std::string const &lbrp_code,
+                                LbrpPortModeEnum port_mode) {
+  if (port_mode == LbrpPortModeEnum::SINGLE) {
+    return "#define SINGLE_PORT_MODE 1\n" + lbrp_code;
+  }
+  return "#define SINGLE_PORT_MODE 0\n" + lbrp_code;
+}
 
-  uint32_t ip = uint32_t(arp.sender_ip_addr());
-  ip &= htonl(src_ip_rewrite_->mask);
-  ip |= htonl(src_ip_rewrite_->net);
+void Lbrp::flood_packet(Ports &port, PacketInMetadata &md,
+                           const std::vector<uint8_t> &packet) {
+  EthernetII p(&packet[0], packet.size());
 
-  IPv4Address addr(ip);
-  arp.sender_ip_addr(addr);
+  for (auto &it: get_ports()) {
+    if (it->name() == port.name()) {
+      continue;
+    }
+    it->send_packet_out(p);
+    logger()->trace("Sent pkt to port {0} as result of flooding", it->name());
+  }
+}
 
-  logger()->debug("Sending modified ARP reply to backend port: {}",
-                  b_port->name());
-  b_port->send_packet_out(eth);
+void Lbrp::packet_in(Ports &port, polycube::service::PacketInMetadata &md,
+                        const std::vector<uint8_t> &packet) {
+  try {
+    switch (static_cast<SlowPathReason>(md.reason)) {
+      case SlowPathReason::ARP_REPLY: {
+        logger()->debug("Received pkt in slowpath - reason: ARP_REPLY");
+        EthernetII eth(&packet[0], packet.size());
+
+        auto b_port = getBackendPort();
+        if (!b_port)
+          return;
+
+        // send the original packet
+        logger()->debug("Sending original ARP reply to backend port: {}",
+                        b_port->name());
+        b_port->send_packet_out(eth);
+
+        // send a second packet for the virtual src IPs
+        ARP &arp = eth.rfind_pdu<ARP>();
+
+        uint32_t ip = uint32_t(arp.sender_ip_addr());
+        ip &= htonl(src_ip_rewrite_->mask);
+        ip |= htonl(src_ip_rewrite_->net);
+
+        IPv4Address addr(ip);
+        arp.sender_ip_addr(addr);
+
+        logger()->debug("Sending modified ARP reply to backend port: {}",
+                        b_port->name());
+        b_port->send_packet_out(eth);
+        break;
+      }
+      case SlowPathReason::FLOODING: {
+        logger()->debug("Received pkt in slowpath - reason: FLOODING");
+        flood_packet(port, md, packet);
+        break;
+      }
+      default: {
+        logger()->error("Not valid reason {0} received", md.reason);
+      }
+    }
+  } catch (const std::exception &e) {
+    logger()->error("Exception during slowpath packet processing: '{0}'",
+                    e.what());
+  }
 }
 
 void Lbrp::reloadCodeWithNewPorts() {
   uint16_t frontend_port = 0;
   uint16_t backend_port = 1;
 
-  for (auto &it : get_ports()) {
-    switch (it->getType()) {
-    case PortsTypeEnum::FRONTEND:
+  for (auto &it: get_ports()) {
+    if (it->getType() == PortsTypeEnum::FRONTEND) {
       frontend_port = it->index();
-      break;
-    case PortsTypeEnum::BACKEND:
-      backend_port = it->index();
-      break;
-    }
+    } else backend_port = it->index();
   }
 
-  logger()->debug("Reloading code with frontend port: {0} and backend port {1}",
+  logger()->debug("Reloading code with FRONTEND port {0} and BACKEND port {1}",
                   frontend_port, backend_port);
   std::string frontend_port_str("#define FRONTEND_PORT " +
                                 std::to_string(frontend_port));
   std::string backend_port_str("#define BACKEND_PORT " +
                                std::to_string(backend_port));
 
-  reload(frontend_port_str + "\n" + backend_port_str + "\n" + lbrp_code);
+  reload(frontend_port_str + "\n" + backend_port_str + "\n" + lbrp_code_);
 
   logger()->trace("New lbrp code loaded");
 }
 
-std::shared_ptr<Ports> Lbrp::getFrontendPort() {
-  for (auto &it : get_ports()) {
+void Lbrp::reloadCodeWithNewBackendPort(uint16_t backend_port_index) {
+  logger()->debug("Reloading code with BACKEND port {0}", backend_port_index);
+  std::string backend_port_str("#define BACKEND_PORT " +
+                               std::to_string(backend_port_index));
+
+  reload(backend_port_str + "\n" + lbrp_code_);
+
+  logger()->trace("New lbrp code loaded");
+}
+
+std::vector<std::shared_ptr<Ports>> Lbrp::getFrontendPorts() {
+  std::vector<std::shared_ptr<Ports>> frontend_ports;
+  for (auto &it: get_ports()) {
     if (it->getType() == PortsTypeEnum::FRONTEND) {
-      return it;
+      frontend_ports.push_back(it);
     }
   }
-  return nullptr;
+  return frontend_ports;
 }
 
 std::shared_ptr<Ports> Lbrp::getBackendPort() {
@@ -164,41 +218,89 @@ std::vector<std::shared_ptr<Ports>> Lbrp::getPortsList() {
   return get_ports();
 }
 
-void Lbrp::addPorts(const std::string &name, const PortsJsonObject &conf) {
+void Lbrp::addPortsInSinglePortMode(const std::string &name,
+                                    const PortsJsonObject &conf) {
+  PortsTypeEnum type = conf.getType();
+  auto ip_is_set = conf.ipIsSet();
   if (get_ports().size() == 2) {
-    logger()->warn("Reached maximum number of ports");
     throw std::runtime_error("Reached maximum number of ports");
   }
 
-  try {
-    switch (conf.getType()) {
-    case PortsTypeEnum::FRONTEND:
-      if (getFrontendPort() != nullptr) {
-        logger()->warn("There is already a FRONTEND port");
-        throw std::runtime_error("There is already a FRONTEND port");
-      }
-      break;
-    case PortsTypeEnum::BACKEND:
-      if (getBackendPort() != nullptr) {
-        logger()->warn("There is already a BACKEND port");
-        throw std::runtime_error("There is already a BACKEND port");
-      }
-      break;
+  if (type == PortsTypeEnum::FRONTEND) {
+    if (getFrontendPorts().size() == 1) {
+      throw std::runtime_error("There is already a FRONTEND port. Only a "
+                               "FRONTEND port is allowed in SINGLE port mode");
     }
-  } catch (std::runtime_error &e) {
-    logger()->warn("Error when adding the port {0}", name);
-    logger()->warn("Error message: {0}", e.what());
-    throw;
+    if (ip_is_set) {
+      throw std::runtime_error("The ip address in not allow in SINGLE port "
+                               "mode for a FRONTEND port");
+    }
+  } else {
+    if (getBackendPort() != nullptr) throw std::runtime_error("There is "
+                               "already a BACKEND port");
+    if (ip_is_set) throw std::runtime_error("The ip address in not allowed "
+                               "in BACKEND port");
   }
-
   add_port<PortsJsonObject>(name, conf);
+  if (get_ports().size() == 2) reloadCodeWithNewPorts();
+}
 
-  if (get_ports().size() == 2) {
-    logger()->info("Reloading code because of the new port");
-    reloadCodeWithNewPorts();
+void Lbrp::addPortsInMultiPortMode(const std::string &name,
+                                   const PortsJsonObject &conf) {
+  PortsTypeEnum type = conf.getType();
+  auto ip_is_set = conf.ipIsSet();
+
+  if (type == PortsTypeEnum::FRONTEND) {
+    if (!ip_is_set) {
+      throw std::runtime_error("The IP address is mandatory in MULTI port "
+                               "mode for a FRONTEND port");
+    }
+    auto ip = conf.getIp();
+    auto found = frontend_ip_set_.find(ip) != frontend_ip_set_.end();
+    if (found) {
+      throw std::runtime_error("A FRONTEND port with the provided IP "
+                               "address (" + ip + ") already exist");
+    }
+    if (!frontend_ip_set_.insert(ip).second) {
+      throw std::runtime_error("Failed to set the IP address for the new "
+                               "FRONTEND port");
+    }
+    try {
+      auto created_port = add_port<PortsJsonObject>(name, conf);
+      auto ip_to_frontend_port_table = get_hash_table<uint32_t, uint16_t>(
+          EBPF_IP_TO_FRONTEND_PORT_MAP);
+      ip_to_frontend_port_table.set(
+          utils::ip_string_to_nbo_uint(created_port->getIp()),
+          created_port->index()
+      );
+    } catch (std::exception &ex) {
+      frontend_ip_set_.erase(ip);
+      throw;
+    }
+  } else {
+    if (getBackendPort() != nullptr) {
+      throw std::runtime_error("There is already a BACKEND port");
+    }
+    if (ip_is_set) {
+      throw std::runtime_error("The ip address in not allowed in BACKEND port");
+    }
+    auto created_port = add_port<PortsJsonObject>(name, conf);
+    reloadCodeWithNewBackendPort(created_port->index());
   }
+}
 
-  logger()->info("New port created with name {0}", name);
+void Lbrp::addPorts(const std::string &name, const PortsJsonObject &conf) {
+  try {
+    if (port_mode_ == LbrpPortModeEnum::SINGLE) {
+      addPortsInSinglePortMode(name, conf);
+    }
+    else addPortsInMultiPortMode(name, conf);
+  } catch (std::runtime_error &ex) {
+    logger()->warn("Failed to add port {0}: {1}", name, ex.what());
+    throw;
+  }
+
+  logger()->info("Created new Port with name {0}", name);
 }
 
 void Lbrp::addPortsList(const std::vector<PortsJsonObject> &conf) {
@@ -215,7 +317,27 @@ void Lbrp::replacePorts(const std::string &name, const PortsJsonObject &conf) {
 }
 
 void Lbrp::delPorts(const std::string &name) {
-  remove_port(name);
+  try {
+    auto port = get_port(name);
+    if (this->port_mode_ == LbrpPortModeEnum::MULTI &&
+        port->getType() == PortsTypeEnum::FRONTEND) {
+      auto ip = port->getIp();
+
+      auto ip_to_frontend_port_table = get_hash_table<uint32_t, uint16_t>(
+          EBPF_IP_TO_FRONTEND_PORT_MAP);
+      ip_to_frontend_port_table.remove(utils::ip_string_to_nbo_uint(ip));
+
+      if (this->frontend_ip_set_.erase(ip) == 0) {
+        throw std::runtime_error(
+            "Failed to delete the port IP address for the new FRONTEND port");
+      }
+    }
+    remove_port(name);
+  } catch (std::exception &ex) {
+    logger()->error("Failed to delete port {0}: {1}", name, ex.what());
+    throw;
+  }
+  logger()->info("Deleted Lbrp port");
 }
 
 void Lbrp::delPortsList() {
@@ -225,6 +347,15 @@ void Lbrp::delPortsList() {
   }
 }
 
+LbrpPortModeEnum Lbrp::getPortMode() {
+  return port_mode_;
+}
+
+void Lbrp::setPortMode(const LbrpPortModeEnum &value) {
+  logger()->warn("Port mode cannot be changed at runtime");
+  throw std::runtime_error("Port mode cannot be changed at runtime");
+}
+
 std::shared_ptr<SrcIpRewrite> Lbrp::getSrcIpRewrite() {
   return src_ip_rewrite_;
 }
diff --git a/src/services/pcn-loadbalancer-rp/src/Lbrp.h b/src/services/pcn-loadbalancer-rp/src/Lbrp.h
index f6d375bec..a5bf267e6 100644
--- a/src/services/pcn-loadbalancer-rp/src/Lbrp.h
+++ b/src/services/pcn-loadbalancer-rp/src/Lbrp.h
@@ -28,18 +28,26 @@
 #include "Service.h"
 #include "SrcIpRewrite.h"
 #include "hash_tuple.h"
+#include <set>
+#include <mutex>
 
 using namespace io::swagger::server::model;
 using polycube::service::CubeType;
 
+enum class SlowPathReason { ARP_REPLY = 0, FLOODING = 1 };
+
 class Lbrp : public polycube::service::Cube<Ports>, public LbrpInterface {
   friend class Ports;
   friend class Service;
   friend class SrcIpRewrite;
 
  public:
+  static std::string buildLbrpCode(std::string const& lbrp_code, LbrpPortModeEnum port_mode);
   Lbrp(const std::string name, const LbrpJsonObject &conf);
   virtual ~Lbrp();
+
+  void flood_packet(Ports &port, polycube::service::PacketInMetadata &md,
+                    const std::vector<uint8_t> &packet);
   void packet_in(Ports &port, polycube::service::PacketInMetadata &md,
                  const std::vector<uint8_t> &packet) override;
 
@@ -65,7 +73,8 @@ class Lbrp : public polycube::service::Cube<Ports>, public LbrpInterface {
   void delServiceList() override;
 
   /// <summary>
-  ///
+  /// If configured, when a client request arrives to the LB, the source IP
+  /// address is replaced with another IP address from the 'new' range
   /// </summary>
   std::shared_ptr<SrcIpRewrite> getSrcIpRewrite() override;
   void addSrcIpRewrite(const SrcIpRewriteJsonObject &value) override;
@@ -77,6 +86,10 @@ class Lbrp : public polycube::service::Cube<Ports>, public LbrpInterface {
   /// </summary>
   std::shared_ptr<Ports> getPorts(const std::string &name) override;
   std::vector<std::shared_ptr<Ports>> getPortsList() override;
+  void addPortsInSinglePortMode(const std::string &name,
+                                const PortsJsonObject &conf);
+  void addPortsInMultiPortMode(const std::string &name,
+                               const PortsJsonObject &conf);
   void addPorts(const std::string &name, const PortsJsonObject &conf) override;
   void addPortsList(const std::vector<PortsJsonObject> &conf) override;
   void replacePorts(const std::string &name,
@@ -84,11 +97,24 @@ class Lbrp : public polycube::service::Cube<Ports>, public LbrpInterface {
   void delPorts(const std::string &name) override;
   void delPortsList() override;
 
+  /// <summary>
+  /// LB mode of operation.
+  /// 'SINGLE' is optimized for working with a single FRONTEND port.
+  /// 'MULTI' allows to manage multiple FRONTEND port.
+  /// </summary>
+  LbrpPortModeEnum getPortMode() override;
+  void setPortMode(const LbrpPortModeEnum &value) override;
+
   void reloadCodeWithNewPorts();
-  std::shared_ptr<Ports> getFrontendPort();
+  void reloadCodeWithNewBackendPort(uint16_t backend_port_index);
+  std::vector<std::shared_ptr<Ports>> getFrontendPorts();
   std::shared_ptr<Ports> getBackendPort();
 
  private:
+  static const std::string EBPF_IP_TO_FRONTEND_PORT_MAP;
+  std::set<std::string> frontend_ip_set_;
   std::unordered_map<Service::ServiceKey, Service> service_map_;
   std::shared_ptr<SrcIpRewrite> src_ip_rewrite_;
+  LbrpPortModeEnum port_mode_;
+  std::string lbrp_code_;
 };
diff --git a/src/services/pcn-loadbalancer-rp/src/Lbrp_dp.c b/src/services/pcn-loadbalancer-rp/src/Lbrp_dp.c
index 17ab76e8d..b37353cd5 100644
--- a/src/services/pcn-loadbalancer-rp/src/Lbrp_dp.c
+++ b/src/services/pcn-loadbalancer-rp/src/Lbrp_dp.c
@@ -49,6 +49,7 @@
 
 #define MAX_SERVICES 1024
 #define MAX_SESSIONS 65536
+#define MAX_FRONTENDS 1024
 
 #define IP_CSUM_OFFSET (sizeof(struct eth_hdr) + offsetof(struct iphdr, check))
 #define TCP_CSUM_OFFSET                            \
@@ -62,14 +63,21 @@
    offsetof(struct icmphdr, checksum))
 #define IS_PSEUDO 0x10
 
+#ifndef SINGLE_PORT_MODE
+#define SINGLE_PORT_MODE 0
+#endif
+
 #ifndef BACKEND_PORT
-#define BACKEND_PORT 1
+#define BACKEND_PORT 0
 #endif
 
 #ifndef FRONTEND_PORT
-#define FRONTEND_PORT 0
+#define FRONTEND_PORT 1
 #endif
 
+#define REASON_ARP_REPLY 0x0
+#define REASON_FLOODING  0x1
+
 struct eth_hdr {
   __be64 dst : 48;
   __be64 src : 48;
@@ -185,6 +193,8 @@ BPF_F_TABLE("lpm_trie", struct src_ip_r_key, struct src_ip_r_value,
 
 BPF_TABLE("hash", struct backend, struct vip, backend_to_service, MAX_SERVICES);
 
+BPF_TABLE("hash", __be32, u16, ip_to_frontend_port, MAX_FRONTENDS);
+
 /*
  * This function is used to get the backend ip after the LoadBalancing.
  * For each packet that handled by the load balancer, we save the hash of
@@ -213,8 +223,6 @@ static inline struct backend *get_bck_ip(struct CTXTYPE *ctx, __be32 ip_src,
   // select the backend id
   __u32 id = check % pool_size + 1;
 
-  pcn_log(ctx, LOG_TRACE, "Selected backend with id: %d", id);
-
   struct vip v_key = {};
 
   v_key.ip = ip_dst;
@@ -222,18 +230,27 @@ static inline struct backend *get_bck_ip(struct CTXTYPE *ctx, __be32 ip_src,
   v_key.proto = proto;
   v_key.index = id;
 
-  pcn_log(ctx, LOG_TRACE,
-          "Backend lookup ip: %I, port: %P, proto: 0x%04x, index: %d", ip_dst,
-          port_dst, proto, id);
+  pcn_log(
+      ctx, LOG_TRACE,
+      "Selected backend index for the service - (ip: %I, port: %P, proto: 0x%04x) (index: %d)",
+      ip_dst, port_dst, proto, id
+  );
 
   // Now, from the backend ID, let's get the actual backend server (IP/port)
   struct backend *bck_value = services.lookup(&v_key);
   if (!bck_value) {
+    pcn_log(
+        ctx, LOG_ERR,
+        "Failed to retrieve backend for the service - (ip: %I, port: %P, proto: 0x%04x) (index: %d)",
+        ip_dst, port_dst, proto, id
+    );
     return 0;
   }
 
-  pcn_log(ctx, LOG_TRACE, "Found backend with ip: %I and port: %P",
-          bck_value->ip, bck_value->port);
+  pcn_log(ctx, LOG_TRACE,
+          "Retrieved backend for the given index - (index: %d) (be_ip: %I, be_port: %P)",
+          id, bck_value->ip, bck_value->port
+  );
 
   // check if src ip rewrite applies for this packet, if yes,  do not create a
   // new entry in the session table
@@ -281,6 +298,25 @@ static inline void checksum(struct CTXTYPE *ctx, __u16 old_port, __u16 new_port,
   }
 }
 
+static inline int send_to_frontend(struct CTXTYPE *ctx, struct pkt_metadata *md, __be32 ip_daddr) {
+  if (SINGLE_PORT_MODE) {
+    pcn_log(ctx, LOG_TRACE, "Sent pkt to the FRONTEND port - (out_port: %d)",
+            FRONTEND_PORT);
+    return pcn_pkt_redirect(ctx, md, FRONTEND_PORT);
+  }
+  u16 *fe_port = ip_to_frontend_port.lookup(&ip_daddr);
+  if (!fe_port) {
+    pcn_log(ctx, LOG_ERR, "Failed FRONTEND port lookup - (ip_dst: %I)", ip_daddr);
+    return pcn_pkt_drop(ctx, md);
+  }
+  pcn_log(
+      ctx, LOG_TRACE,
+      "Sent pkt to the FRONTEND port associated with the destination - (ip_dst: %I) (out_port: %d)",
+      ip_daddr, *fe_port
+  );
+  return pcn_pkt_redirect(ctx, md, *fe_port);
+}
+
 static __always_inline int handle_rx(struct CTXTYPE *ctx,
                                      struct pkt_metadata *md) {
   __u16 source = 0;
@@ -293,8 +329,12 @@ static __always_inline int handle_rx(struct CTXTYPE *ctx,
 
   struct eth_hdr *eth = data;
 
-  if (data + sizeof(*eth) > data_end)
-    goto DROP;
+  if (data + sizeof(*eth) > data_end) {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped Ethernet pkt - (in_port: %d) (reason: inconsistent_size)",
+            md->in_port);
+    return RX_DROP;
+  }
 
   switch (eth->proto) {
   case htons(ETH_P_IP):
@@ -307,8 +347,12 @@ static __always_inline int handle_rx(struct CTXTYPE *ctx,
 
 IP:;
   struct iphdr *ip = data + sizeof(struct eth_hdr);
-  if (data + sizeof(struct eth_hdr) + sizeof(struct iphdr) > data_end)
-    goto DROP;
+  if (data + sizeof(struct eth_hdr) + sizeof(struct iphdr) > data_end) {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped IP pkt - (in_port: %d) (reason: inconsistent_size)",
+            md->in_port);
+    return RX_DROP;
+  }
 
   struct udphdr *udp = data + sizeof(struct eth_hdr) + sizeof(struct iphdr);
   struct tcphdr *tcp = data + sizeof(struct eth_hdr) + sizeof(struct iphdr);
@@ -327,32 +371,48 @@ IP:;
   case IPPROTO_TCP:
     goto TCP;
   default:
-    goto DROP;
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped IP pkt - (in_port: %d) (reason: unsupported_type) (ip_proto: %d)",
+            md->in_port, ip->protocol);
+    return RX_DROP;
   }
 
 ICMP:
-  if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*icmp) > data_end)
+  if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*icmp) > data_end) {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped ICMP pkt - (in_port: %d) (reason: inconsistent_size)",
+            md->in_port);
     return RX_DROP;
+  }
 
   // Only manage ICMP Request and Reply
-  if (!((icmp->type == ICMP_ECHO) || (icmp->type == ICMP_ECHOREPLY)))
-    goto DROP;
+  if (!((icmp->type == ICMP_ECHO) || (icmp->type == ICMP_ECHOREPLY))) {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped ICMP pkt - (in_port: %d) (reason: unsupported_type) (icmp_type: %d)",
+            md->in_port, icmp->type);
+    return RX_DROP;
+  }
 
   source = icmp->un.echo.id;
   dest = 0x0;
   ip_proto = htons(IPPROTO_ICMP);
 
-  pcn_log(ctx, LOG_DEBUG, "received ICMP %I --> %I", ip->saddr, ip->daddr);
+  pcn_log(ctx, LOG_DEBUG, "Received ICMP pkt - (ip_src: %I, ip_dst: %I)",
+          ip->saddr, ip->daddr);
 
   l4csum_offset = ICMP_CSUM_OFFSET;
   goto LB;
 
 UDP:
-  if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*udp) > data_end)
+  if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*udp) > data_end) {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped UDP pkt - (in_port: %d) (reason: inconsistent_size)",
+            md->in_port);
     return RX_DROP;
+  }
 
-  pcn_log(ctx, LOG_TRACE, "received UDP: %I:%P --> %I:%P", ip->saddr,
-          udp->source, ip->daddr, udp->dest);
+  pcn_log(ctx, LOG_TRACE, "Received UDP pkt - (src: %I:%P, dst: %I:%P)",
+          ip->saddr, udp->source, ip->daddr, udp->dest);
 
   source = udp->source;
   dest = udp->dest;
@@ -362,11 +422,15 @@ IP:;
   goto LB;
 
 TCP:
-  if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*tcp) > data_end)
+  if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*tcp) > data_end) {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped TCP pkt - (in_port: %d) (reason: inconsistent_size)",
+            md->in_port);
     return RX_DROP;
+  }
 
-  pcn_log(ctx, LOG_TRACE, "received TCP: %I:%P --> %I:%P", ip->saddr,
-          tcp->source, ip->daddr, tcp->dest);
+  pcn_log(ctx, LOG_TRACE, "Received TCP pkt - (src: %I:%P, dst: %I:%P)",
+          ip->saddr, tcp->source, ip->daddr, tcp->dest);
 
   source = tcp->source;
   dest = tcp->dest;
@@ -381,11 +445,12 @@ LB:;
   __u32 new_port = dest;
 
   // Currently, the "backend port" is the one connected to the backends
-  // So, this packet is coming from the fronted and is returning back to the
+  // So, this packet is coming from a frontend and is returning to the
   // originating Pod.
 
-  if (md->in_port == FRONTEND_PORT) {
-    pcn_log(ctx, LOG_TRACE, "Packet arrived in the frontend port");
+  if (md->in_port != BACKEND_PORT) {
+    pcn_log(ctx, LOG_TRACE,
+            "Received pkt is from a FRONTEND port - (in_port %d)", md->in_port);
 
     struct vip v_key = {};
 
@@ -403,7 +468,8 @@ LB:;
     // packet as is.
     if (!backend_value) {
       pcn_log(ctx, LOG_TRACE,
-              "Service lookup failed. Redirected as is to backend port");
+              "Failed service lookup: redirected as is to BACKEND port - (out_port: %d)",
+              BACKEND_PORT);
       return pcn_pkt_redirect(ctx, md, BACKEND_PORT);
     }
 
@@ -412,7 +478,10 @@ LB:;
                                            dest, ip_proto, backend_value->port);
 
     if (!bck_value) {
-      goto DROP;
+      pcn_log(ctx, LOG_TRACE,
+              "Dropped pkt from FRONTEND port - (in_port: %d) (reason: failed_bck_lookup)",
+              md->in_port);
+      return RX_DROP;
     }
 
     ip->daddr = bck_value->ip;
@@ -424,11 +493,11 @@ LB:;
       ip->saddr &= bpf_htonl(v->mask);
       ip->saddr |= bpf_htonl(v->net);
       new_sip = ip->saddr;
-      pcn_log(ctx, LOG_TRACE, "src ip rewritten to %I", ip->saddr);
     }
 
-    pcn_log(ctx, LOG_TRACE, "redirected to %I:%P --> %I:%P", ip->saddr, source,
-            bck_value->ip, bck_value->port);
+    pcn_log(ctx, LOG_TRACE,
+            "Pkt DNATted and redirected to BACKEND port - (src: %I:%P, new_dst: %I:%P)",
+            ip->saddr, source, bck_value->ip, bck_value->port);
 
     // We are using l4csum_offset here, since it is equivalent of the protocol
     if (l4csum_offset == TCP_CSUM_OFFSET) {
@@ -440,7 +509,8 @@ LB:;
       checksum(ctx, old_port, bck_value->port, old_ip, bck_value->ip, old_sip,
                new_sip, UDP_CSUM_OFFSET);
     } else {
-      pcn_log(ctx, LOG_TRACE, "translated existing ICMP session as %I --> %I",
+      pcn_log(ctx, LOG_TRACE,
+              "Translated existing ICMP session - (old_ip: %I, new_ip: %I)",
               new_ip, ip->daddr);
       pcn_l3_csum_replace(ctx, IP_CSUM_OFFSET, old_ip, bck_value->ip, 4);
     }
@@ -455,7 +525,9 @@ LB:;
             *     SESSION TABLE
             */
 
-    pcn_log(ctx, LOG_TRACE, "Packet comes from backend port: %I", ip->daddr);
+    pcn_log(ctx, LOG_TRACE,
+            "Received pkt is from the BACKEND port - (in_port %d)",
+            md->in_port);
 
     __u32 dst_ip_ = ip->daddr;
 
@@ -469,8 +541,10 @@ LB:;
 
       struct vip *vip_v = backend_to_service.lookup(&key);
       if (!vip_v) {
-        pcn_log(ctx, LOG_ERR, "Reverse backend lookup failed");
-        goto DROP;
+        pcn_log(ctx, LOG_TRACE,
+                "Dropped pkt from BACKEND port - (in_port: %d) (reason: failed_rev_bck_lookup)",
+                md->in_port);
+        return RX_DROP;
       }
 
       old_ip = ip->daddr;
@@ -482,10 +556,9 @@ LB:;
       new_sip = vip_v->ip;
       new_ip = ip->daddr;
       new_port = vip_v->port;
-      pcn_log(
-          ctx, LOG_TRACE,
-          "srcIpRewrite found. translate ip src %I dst %I --> src %I dst %I",
-          old_sip, old_ip, new_sip, new_ip);
+      pcn_log(ctx, LOG_TRACE,
+              "Found SrcIpRewrite: translation - (src: %I, dst: %I) (new_src: %I, new_dst: %I)",
+              old_sip, old_ip, new_sip, new_ip);
     } else {
       struct sessions sessions_key = {};
       sessions_key.ip_src = ip->daddr;
@@ -502,7 +575,8 @@ LB:;
       __u32 check = jhash((const void *)&sessions_key, sizeof(struct sessions),
                           JHASH_INITVAL);
 
-      pcn_log(ctx, LOG_TRACE, "Check in session table %lu", check);
+      pcn_log(ctx, LOG_TRACE, "Check in session table - (session_id: %lu)",
+              check);
 
       // Let's check if the this session is present in the session table
       struct vip *rev_proxy = hash_session.lookup(&check);
@@ -511,8 +585,9 @@ LB:;
       // LB,
       //    we have to  translate IP addresses back to their original value
       if (!rev_proxy) {
-        pcn_log(ctx, LOG_TRACE, "redirected as is to frontend port");
-        return pcn_pkt_redirect(ctx, md, FRONTEND_PORT);
+        pcn_log(ctx, LOG_TRACE,
+                "Failed session lookup: trying to redirect to a proper FRONTEND port");
+        return send_to_frontend(ctx, md, ip->daddr);
       }
 
       old_ip = ip->saddr;
@@ -521,41 +596,74 @@ LB:;
       new_port = rev_proxy->port;
     }
 
+    u16 fe_port;
+    if (SINGLE_PORT_MODE)
+      fe_port = FRONTEND_PORT;
+    else {
+      __be32 fe_ip = ip->daddr;
+      u16 *fe_port_ptr = ip_to_frontend_port.lookup(&fe_ip);
+      if (!fe_port_ptr) {
+        pcn_log(ctx, LOG_ERR,
+                "Dropped packet from BACKEND port - (in_port: %d) (reason: failed_frontend_port_lookup",
+                md->in_port);
+        return RX_DROP;
+      }
+
+      fe_port = *fe_port_ptr;
+    }
+
+    pcn_log(
+        ctx, LOG_TRACE,
+        "Found FRONTEND port for pkt destination - (dst_ip: %I) (out_port: %d)",
+        ip->daddr, fe_port);
+
     if (l4csum_offset == TCP_CSUM_OFFSET) {
       old_port = tcp->source;
       tcp->source = new_port;
       pcn_log(ctx, LOG_TRACE,
-              "translated existing TCP session as %I:%P --> %I:%P", new_ip,
-              tcp->source, ip->daddr, dest);
+              "Translated existing TCP session - (new_src: %I:%P, dst: %I:%P)",
+              new_ip, tcp->source, ip->daddr, dest);
       checksum(ctx, old_port, new_port, old_ip, new_ip, old_sip, new_sip,
                TCP_CSUM_OFFSET);
     } else if (l4csum_offset == UDP_CSUM_OFFSET) {
       old_port = udp->source;
       udp->source = new_port;
       pcn_log(ctx, LOG_TRACE,
-              "translated existing UDP session as %I:%P --> %I:%P", new_ip,
-              new_port, ip->daddr, dest);
+              "Translated existing UDP session - (new_src: %I:%P, dst: %I:%P)",
+              new_ip, new_port, ip->daddr, dest);
       checksum(ctx, old_port, new_port, old_ip, new_ip, old_sip, new_sip,
                UDP_CSUM_OFFSET);
     } else {
-      pcn_log(ctx, LOG_TRACE, "translated existing ICMP session as %I --> %I",
+      pcn_log(ctx, LOG_TRACE,
+              "Translated existing ICMP session - (new_ip_src: %I, ip_dst: %I)",
               new_ip, ip->daddr);
       pcn_l3_csum_replace(ctx, IP_CSUM_OFFSET, old_ip, new_ip, 4);
     }
-
-    return pcn_pkt_redirect(ctx, md, FRONTEND_PORT);
+    pcn_log(ctx, LOG_TRACE, "Redirected pkt to FRONTEND port - (out_port: %d)",
+            fe_port);
+    return pcn_pkt_redirect(ctx, md, fe_port);
   }
 
 ARP:;
   struct arp_hdr *arp = data + sizeof(*eth);
-  if (data + sizeof(*eth) + sizeof(*arp) > data_end)
-    goto DROP;
+  if (data + sizeof(*eth) + sizeof(*arp) > data_end) {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped ARP pkt - (in_port: %d) (reason: inconsistent_size)",
+            md->in_port);
+    return RX_DROP;
+  }
 
   // if the packet comes from the backend port, check if this
   // is an ARP request for one of the virtual src IPs, if yes, change
   // it and send to the frontend port
   if (md->in_port == BACKEND_PORT) {
+    pcn_log(ctx, LOG_TRACE,
+            "Received ARP pkt from BACKEND port - (in_port: %d)", md->in_port);
     if (arp->ar_op == bpf_htons(ARPOP_REQUEST)) {
+      pcn_log(
+          ctx, LOG_TRACE,
+          "Received ARP pkt is an ARP request - (in_port: %d) (arp_opcode: %d)",
+          md->in_port, bpf_htons(arp->ar_op));
       struct src_ip_r_key k = {32, arp->ar_tip};
       struct src_ip_r_value *v = src_ip_rewrite.lookup(&k);
       if (v && v->sense == FROM_BACKEND) {
@@ -563,34 +671,52 @@ ARP:;
         arp->ar_tip |= bpf_htonl(v->net);
       }
     }
-    return pcn_pkt_redirect(ctx, md, FRONTEND_PORT);
-  } else if (md->in_port == FRONTEND_PORT) {
+    return send_to_frontend(ctx, md, arp->ar_tip);
+  } else {
+    pcn_log(ctx, LOG_TRACE,
+            "Received ARP pkt from FRONTEND port - (in_port: %d)", md->in_port);
     if (arp->ar_op == bpf_htons(ARPOP_REPLY)) {
+      pcn_log(
+          ctx, LOG_TRACE,
+          "Received ARP pkt is an ARP reply - (in_port: %d) (arp_opcode: %d)",
+          md->in_port, arp->ar_op);
       struct src_ip_r_key k = {32, arp->ar_sip};
       struct src_ip_r_value *v = src_ip_rewrite.lookup(&k);
       if (v && v->sense == FROM_FRONTEND) {
-        // send to the slowpath, it'll send to copies of this
+        // send to the slowpath, it'll send two copies of this
         // - the original one
         // - one for the virtual IPs
-        pcn_pkt_controller(ctx, md, 0);
+        pcn_log(ctx, LOG_TRACE,
+                "Sent received ARP reply to slowpath - (in_port: %d)",
+                md->in_port);
+        pcn_pkt_controller(ctx, md, REASON_ARP_REPLY);
         return RX_DROP;
       }
     }
+    pcn_log(ctx, LOG_TRACE,
+            "Redirected ARP pkt to BACKEND port - (in_port: %d) (out_port: %d)",
+            md->in_port, BACKEND_PORT);
     return pcn_pkt_redirect(ctx, md, BACKEND_PORT);
-  } else {
-    goto DROP;
   }
 
 NOIP:
-  pcn_log(ctx, LOG_TRACE, "received a non-ip packet (in_port %d) (proto 0x%x)",
-          md->in_port, bpf_htons(eth->proto));
-
-  if (md->in_port == BACKEND_PORT)
-    return pcn_pkt_redirect(ctx, md, FRONTEND_PORT);
-  else if (md->in_port == FRONTEND_PORT)
+  if (md->in_port == BACKEND_PORT) {
+    if (SINGLE_PORT_MODE) {
+      pcn_log(ctx, LOG_TRACE,
+              "Received non-ip pkt from BACKEND port: redirected to FRONTEND port - (in_port: %d) (proto: 0x%x) (out_port: %d)",
+              md->in_port, bpf_htons(eth->proto), FRONTEND_PORT);
+      return pcn_pkt_redirect(ctx, md, FRONTEND_PORT);
+    }
+    pcn_log(ctx, LOG_TRACE,
+            "Received non-ip pkt from BACKEND port: sent to slowpath - (in_port: %d) (proto: 0x%x)",
+            md->in_port, bpf_htons(eth->proto));
+    return pcn_pkt_controller(ctx, md, REASON_FLOODING);
+  } else {
+    pcn_log(ctx, LOG_TRACE,
+            "Received non-ip pkt from FRONTEND port: redirected to BACKEND port - (in_port: %d) (proto: 0x%x) (out_port: %d)",
+            md->in_port, bpf_htons(eth->proto), BACKEND_PORT);
     return pcn_pkt_redirect(ctx, md, BACKEND_PORT);
+  }
 
-DROP:
-  pcn_log(ctx, LOG_TRACE, "DROP packet (port = %d)", md->in_port);
   return RX_DROP;
-}
+}
\ No newline at end of file
diff --git a/src/services/pcn-loadbalancer-rp/src/Ports.cpp b/src/services/pcn-loadbalancer-rp/src/Ports.cpp
index 0ec1b5079..912e66e01 100644
--- a/src/services/pcn-loadbalancer-rp/src/Ports.cpp
+++ b/src/services/pcn-loadbalancer-rp/src/Ports.cpp
@@ -25,7 +25,11 @@ Ports::Ports(polycube::service::Cube<Ports> &parent,
     : Port(port), parent_(static_cast<Lbrp &>(parent)) {
   logger()->info("Creating Ports instance");
 
-  port_type_ = conf.getType();
+  auto type = conf.getType();
+  auto ipIsSet = conf.ipIsSet();
+
+  port_type_ = type;
+  if (ipIsSet) ip_ = conf.getIp();
 }
 
 Ports::~Ports() {}
@@ -46,6 +50,7 @@ PortsJsonObject Ports::toJsonObject() {
   conf.setBase(Port::to_json());
 
   conf.setType(getType());
+  conf.setIp(getIp());
 
   return conf;
 }
@@ -60,6 +65,14 @@ void Ports::setType(const PortsTypeEnum &value) {
   throw std::runtime_error("Error: Port type cannot be changed at runtime.");
 }
 
+std::string Ports::getIp() {
+  return ip_;
+}
+
+void Ports::setIp(const std::string &value) {
+  ip_ = value;
+}
+
 std::shared_ptr<spdlog::logger> Ports::logger() {
   return parent_.logger();
 }
diff --git a/src/services/pcn-loadbalancer-rp/src/Ports.h b/src/services/pcn-loadbalancer-rp/src/Ports.h
index 5edaf8509..7e26f8eac 100644
--- a/src/services/pcn-loadbalancer-rp/src/Ports.h
+++ b/src/services/pcn-loadbalancer-rp/src/Ports.h
@@ -45,7 +45,13 @@ class Ports : public polycube::service::Port, public PortsInterface {
   PortsTypeEnum getType() override;
   void setType(const PortsTypeEnum &value) override;
 
+  /// <summary>
+  /// IP address of the client interface (only for FRONTEND port)
+  /// </summary>
+  std::string getIp() override;
+  void setIp(const std::string &value) override;
  private:
   Lbrp &parent_;
   PortsTypeEnum port_type_;
+  std::string ip_;
 };
diff --git a/src/services/pcn-loadbalancer-rp/src/Service.cpp b/src/services/pcn-loadbalancer-rp/src/Service.cpp
index a78d4ff41..07c929bb4 100644
--- a/src/services/pcn-loadbalancer-rp/src/Service.cpp
+++ b/src/services/pcn-loadbalancer-rp/src/Service.cpp
@@ -525,13 +525,12 @@ void Service::delBackend(const std::string &ip) {
   service_backends_.erase(ip);
   removeBackendFromServiceMatrix(ip);
 
-  if (service_backends_.size() != 0)
-    updateConsistentHashMap();
-
-  if (service_backends_.size() == 0) {
+  if (service_backends_.empty()) {
     // If there are no backends let's remove all entries from the eBPF map
     backend_matrix_.clear();
     removeServiceFromKernelMap();
+  } else {
+    updateConsistentHashMap();
   }
 }
 
diff --git a/src/services/pcn-loadbalancer-rp/src/SrcIpRewrite.cpp b/src/services/pcn-loadbalancer-rp/src/SrcIpRewrite.cpp
index a4067012e..9a8c9dfd5 100644
--- a/src/services/pcn-loadbalancer-rp/src/SrcIpRewrite.cpp
+++ b/src/services/pcn-loadbalancer-rp/src/SrcIpRewrite.cpp
@@ -28,7 +28,7 @@ enum {
 
 SrcIpRewrite::SrcIpRewrite(Lbrp &parent, const SrcIpRewriteJsonObject &conf)
     : parent_(parent) {
-  logger()->info("[Constructor]Creating SrcIpRewrite instance");
+  logger()->info("[Constructor] Creating SrcIpRewrite instance");
 
   if (conf.newIpRangeIsSet()) {
     setNewIpRange(conf.getNewIpRange());
@@ -48,12 +48,12 @@ void SrcIpRewrite::update(const SrcIpRewriteJsonObject &conf) {
   setIpRange(conf.getIpRange());
   setNewIpRange(conf.getNewIpRange());
 
-  std::string old_ip_net = ip_range.substr(0, ip_range.find("/"));
+  std::string old_ip_net = ip_range.substr(0, ip_range.find('/'));
   std::string old_mask_len =
-      ip_range.substr(ip_range.find("/") + 1, std::string::npos);
-  std::string new_ip_net = new_ip_range.substr(0, new_ip_range.find("/"));
+      ip_range.substr(ip_range.find('/') + 1, std::string::npos);
+  std::string new_ip_net = new_ip_range.substr(0, new_ip_range.find('/'));
   std::string new_mask_len =
-      new_ip_range.substr(new_ip_range.find("/") + 1, std::string::npos);
+      new_ip_range.substr(new_ip_range.find('/') + 1, std::string::npos);
 
   // TODO: change datamodel to fix it
   if (old_mask_len != new_mask_len) {
diff --git a/src/services/pcn-loadbalancer-rp/src/api/LbrpApi.cpp b/src/services/pcn-loadbalancer-rp/src/api/LbrpApi.cpp
index 5e98a6a6f..0083fdbb3 100644
--- a/src/services/pcn-loadbalancer-rp/src/api/LbrpApi.cpp
+++ b/src/services/pcn-loadbalancer-rp/src/api/LbrpApi.cpp
@@ -525,6 +525,23 @@ Response read_lbrp_list_by_id_handler(
   }
 }
 
+Response read_lbrp_port_mode_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+
+    auto x = read_lbrp_port_mode_by_id(unique_name);
+    nlohmann::json response_body;
+    response_body = LbrpJsonObject::LbrpPortModeEnum_to_string(x);
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
 Response read_lbrp_ports_by_id_handler(
   const char *name, const Key *keys,
   size_t num_keys ) {
@@ -550,6 +567,31 @@ Response read_lbrp_ports_by_id_handler(
   }
 }
 
+Response read_lbrp_ports_ip_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+
+    auto x = read_lbrp_ports_ip_by_id(unique_name, unique_portsName);
+    nlohmann::json response_body;
+    response_body = x;
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
 Response read_lbrp_ports_list_by_id_handler(
   const char *name, const Key *keys,
   size_t num_keys ) {
@@ -1299,6 +1341,23 @@ Response update_lbrp_list_by_id_handler(
   }
 }
 
+Response update_lbrp_port_mode_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    LbrpPortModeEnum unique_value_ = LbrpJsonObject::string_to_LbrpPortModeEnum(request_body);
+    update_lbrp_port_mode_by_id(unique_name, unique_value_);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
 Response update_lbrp_ports_by_id_handler(
   const char *name, const Key *keys,
   size_t num_keys ,
@@ -1327,6 +1386,32 @@ Response update_lbrp_ports_by_id_handler(
   }
 }
 
+Response update_lbrp_ports_ip_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // The conversion is done automatically by the json library
+    std::string unique_value = request_body;
+    update_lbrp_ports_ip_by_id(unique_name, unique_portsName, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
 Response update_lbrp_ports_list_by_id_handler(
   const char *name, const Key *keys,
   size_t num_keys ,
diff --git a/src/services/pcn-loadbalancer-rp/src/api/LbrpApi.h b/src/services/pcn-loadbalancer-rp/src/api/LbrpApi.h
index 3c9c6e515..966ff649d 100644
--- a/src/services/pcn-loadbalancer-rp/src/api/LbrpApi.h
+++ b/src/services/pcn-loadbalancer-rp/src/api/LbrpApi.h
@@ -55,7 +55,9 @@ Response delete_lbrp_service_list_by_id_handler(const char *name, const Key *key
 Response delete_lbrp_src_ip_rewrite_by_id_handler(const char *name, const Key *keys, size_t num_keys);
 Response read_lbrp_by_id_handler(const char *name, const Key *keys, size_t num_keys);
 Response read_lbrp_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_lbrp_port_mode_by_id_handler(const char *name, const Key *keys, size_t num_keys);
 Response read_lbrp_ports_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_lbrp_ports_ip_by_id_handler(const char *name, const Key *keys, size_t num_keys);
 Response read_lbrp_ports_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
 Response read_lbrp_ports_type_by_id_handler(const char *name, const Key *keys, size_t num_keys);
 Response read_lbrp_service_backend_by_id_handler(const char *name, const Key *keys, size_t num_keys);
@@ -79,7 +81,9 @@ Response replace_lbrp_service_list_by_id_handler(const char *name, const Key *ke
 Response replace_lbrp_src_ip_rewrite_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
 Response update_lbrp_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
 Response update_lbrp_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_lbrp_port_mode_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
 Response update_lbrp_ports_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_lbrp_ports_ip_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
 Response update_lbrp_ports_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
 Response update_lbrp_ports_type_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
 Response update_lbrp_service_backend_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
diff --git a/src/services/pcn-loadbalancer-rp/src/api/LbrpApiImpl.cpp b/src/services/pcn-loadbalancer-rp/src/api/LbrpApiImpl.cpp
index b3b5b3cff..2ce03ef36 100644
--- a/src/services/pcn-loadbalancer-rp/src/api/LbrpApiImpl.cpp
+++ b/src/services/pcn-loadbalancer-rp/src/api/LbrpApiImpl.cpp
@@ -371,6 +371,23 @@ read_lbrp_by_id(const std::string &name) {
 
 }
 
+/**
+* @brief   Read port_mode by ID
+*
+* Read operation of resource: port_mode*
+*
+* @param[in] name ID of name
+*
+* Responses:
+* LbrpPortModeEnum
+*/
+LbrpPortModeEnum
+read_lbrp_port_mode_by_id(const std::string &name) {
+  auto lbrp = get_cube(name);
+  return lbrp->getPortMode();
+
+}
+
 /**
 * @brief   Read ports by ID
 *
@@ -389,6 +406,25 @@ read_lbrp_ports_by_id(const std::string &name, const std::string &portsName) {
 
 }
 
+/**
+* @brief   Read ip by ID
+*
+* Read operation of resource: ip*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+*
+* Responses:
+* std::string
+*/
+std::string
+read_lbrp_ports_ip_by_id(const std::string &name, const std::string &portsName) {
+  auto lbrp = get_cube(name);
+  auto ports = lbrp->getPorts(portsName);
+  return ports->getIp();
+
+}
+
 /**
 * @brief   Read ports by ID
 *
@@ -825,6 +861,24 @@ update_lbrp_list_by_id(const std::vector<LbrpJsonObject> &value) {
   throw std::runtime_error("Method not supported");
 }
 
+/**
+* @brief   Update port_mode by ID
+*
+* Update operation of resource: port_mode*
+*
+* @param[in] name ID of name
+* @param[in] value lbrp mode of operation. 'MULTI' allows to manage multiple FRONTEND port. 'SINGLE' is optimized for working with a single FRONTEND port
+*
+* Responses:
+*
+*/
+void
+update_lbrp_port_mode_by_id(const std::string &name, const LbrpPortModeEnum &value) {
+  auto lbrp = get_cube(name);
+
+  return lbrp->setPortMode(value);
+}
+
 /**
 * @brief   Update ports by ID
 *
@@ -845,6 +899,26 @@ update_lbrp_ports_by_id(const std::string &name, const std::string &portsName, c
   ports->update(value);
 }
 
+/**
+* @brief   Update ip by ID
+*
+* Update operation of resource: ip*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+* @param[in] value IP address of the client interface (only for FRONTEND port)
+*
+* Responses:
+*
+*/
+void
+update_lbrp_ports_ip_by_id(const std::string &name, const std::string &portsName, const std::string &value) {
+  auto lbrp = get_cube(name);
+  auto ports = lbrp->getPorts(portsName);
+
+  return ports->setIp(value);
+}
+
 /**
 * @brief   Update ports by ID
 *
diff --git a/src/services/pcn-loadbalancer-rp/src/api/LbrpApiImpl.h b/src/services/pcn-loadbalancer-rp/src/api/LbrpApiImpl.h
index 6bcedfd32..f0dde2329 100644
--- a/src/services/pcn-loadbalancer-rp/src/api/LbrpApiImpl.h
+++ b/src/services/pcn-loadbalancer-rp/src/api/LbrpApiImpl.h
@@ -59,7 +59,9 @@ namespace LbrpApiImpl {
   void delete_lbrp_src_ip_rewrite_by_id(const std::string &name);
   LbrpJsonObject read_lbrp_by_id(const std::string &name);
   std::vector<LbrpJsonObject> read_lbrp_list_by_id();
+  LbrpPortModeEnum read_lbrp_port_mode_by_id(const std::string &name);
   PortsJsonObject read_lbrp_ports_by_id(const std::string &name, const std::string &portsName);
+  std::string read_lbrp_ports_ip_by_id(const std::string &name, const std::string &portsName);
   std::vector<PortsJsonObject> read_lbrp_ports_list_by_id(const std::string &name);
   PortsTypeEnum read_lbrp_ports_type_by_id(const std::string &name, const std::string &portsName);
   ServiceBackendJsonObject read_lbrp_service_backend_by_id(const std::string &name, const std::string &vip, const uint16_t &vport, const ServiceProtoEnum &proto, const std::string &ip);
@@ -83,7 +85,9 @@ namespace LbrpApiImpl {
   void replace_lbrp_src_ip_rewrite_by_id(const std::string &name, const SrcIpRewriteJsonObject &value);
   void update_lbrp_by_id(const std::string &name, const LbrpJsonObject &value);
   void update_lbrp_list_by_id(const std::vector<LbrpJsonObject> &value);
+  void update_lbrp_port_mode_by_id(const std::string &name, const LbrpPortModeEnum &value);
   void update_lbrp_ports_by_id(const std::string &name, const std::string &portsName, const PortsJsonObject &value);
+  void update_lbrp_ports_ip_by_id(const std::string &name, const std::string &portsName, const std::string &value);
   void update_lbrp_ports_list_by_id(const std::string &name, const std::vector<PortsJsonObject> &value);
   void update_lbrp_ports_type_by_id(const std::string &name, const std::string &portsName, const PortsTypeEnum &value);
   void update_lbrp_service_backend_by_id(const std::string &name, const std::string &vip, const uint16_t &vport, const ServiceProtoEnum &proto, const std::string &ip, const ServiceBackendJsonObject &value);
diff --git a/src/services/pcn-loadbalancer-rp/src/interface/LbrpInterface.h b/src/services/pcn-loadbalancer-rp/src/interface/LbrpInterface.h
index efefc1284..f394d7dc4 100644
--- a/src/services/pcn-loadbalancer-rp/src/interface/LbrpInterface.h
+++ b/src/services/pcn-loadbalancer-rp/src/interface/LbrpInterface.h
@@ -46,7 +46,16 @@ class LbrpInterface {
   virtual void delPortsList() = 0;
 
   /// <summary>
-  ///
+  /// LB mode of operation.
+  /// 'SINGLE' is optimized for working with a single FRONTEND port.
+  /// 'MULTI' allows to manage multiple FRONTEND port.
+  /// </summary>
+  virtual LbrpPortModeEnum getPortMode() = 0;
+  virtual void setPortMode(const LbrpPortModeEnum &value) = 0;
+
+  /// <summary>
+  /// If configured, when a client request arrives to the LB, the source IP
+  /// address is replaced with another IP address from the 'new' range
   /// </summary>
   virtual std::shared_ptr<SrcIpRewrite> getSrcIpRewrite() = 0;
   virtual void addSrcIpRewrite(const SrcIpRewriteJsonObject &value) = 0;
diff --git a/src/services/pcn-loadbalancer-rp/src/interface/PortsInterface.h b/src/services/pcn-loadbalancer-rp/src/interface/PortsInterface.h
index 66f754640..71eb63889 100644
--- a/src/services/pcn-loadbalancer-rp/src/interface/PortsInterface.h
+++ b/src/services/pcn-loadbalancer-rp/src/interface/PortsInterface.h
@@ -36,5 +36,11 @@ class PortsInterface {
   /// </summary>
   virtual PortsTypeEnum getType() = 0;
   virtual void setType(const PortsTypeEnum &value) = 0;
+
+  /// <summary>
+  /// IP address of the client interface (only for FRONTEND port)
+  /// </summary>
+  virtual std::string getIp() = 0;
+  virtual void setIp(const std::string &value) = 0;
 };
 
diff --git a/src/services/pcn-loadbalancer-rp/src/serializer/LbrpJsonObject.cpp b/src/services/pcn-loadbalancer-rp/src/serializer/LbrpJsonObject.cpp
index 7e42064bc..68190cf06 100644
--- a/src/services/pcn-loadbalancer-rp/src/serializer/LbrpJsonObject.cpp
+++ b/src/services/pcn-loadbalancer-rp/src/serializer/LbrpJsonObject.cpp
@@ -25,6 +25,8 @@ namespace model {
 LbrpJsonObject::LbrpJsonObject() {
   m_nameIsSet = false;
   m_portsIsSet = false;
+  m_portMode = LbrpPortModeEnum::SINGLE;
+  m_portModeIsSet = true;
   m_srcIpRewriteIsSet = false;
   m_serviceIsSet = false;
 }
@@ -33,6 +35,7 @@ LbrpJsonObject::LbrpJsonObject(const nlohmann::json &val) :
   JsonObjectBase(val) {
   m_nameIsSet = false;
   m_portsIsSet = false;
+  m_portModeIsSet = false;
   m_srcIpRewriteIsSet = false;
   m_serviceIsSet = false;
 
@@ -50,6 +53,10 @@ LbrpJsonObject::LbrpJsonObject(const nlohmann::json &val) :
     m_portsIsSet = true;
   }
 
+  if (val.count("port_mode")) {
+    setPortMode(string_to_LbrpPortModeEnum(val.at("port_mode").get<std::string>()));
+  }
+
   if (val.count("src-ip-rewrite")) {
     if (!val["src-ip-rewrite"].is_null()) {
       SrcIpRewriteJsonObject newItem { val["src-ip-rewrite"] };
@@ -88,6 +95,10 @@ nlohmann::json LbrpJsonObject::toJson() const {
     }
   }
 
+  if (m_portModeIsSet) {
+    val["port_mode"] = LbrpPortModeEnum_to_string(m_portMode);
+  }
+
   if (m_srcIpRewriteIsSet) {
     val["src-ip-rewrite"] = JsonObjectBase::toJson(m_srcIpRewrite);
   }
@@ -139,6 +150,42 @@ void LbrpJsonObject::unsetPorts() {
   m_portsIsSet = false;
 }
 
+
+LbrpPortModeEnum LbrpJsonObject::getPortMode() const {
+  return m_portMode;
+}
+
+void LbrpJsonObject::setPortMode(LbrpPortModeEnum value) {
+  m_portMode = value;
+  m_portModeIsSet = true;
+}
+
+bool LbrpJsonObject::portModeIsSet() const {
+  return m_portModeIsSet;
+}
+
+void LbrpJsonObject::unsetPortMode() {
+  m_portModeIsSet = false;
+}
+
+std::string LbrpJsonObject::LbrpPortModeEnum_to_string(const LbrpPortModeEnum &value){
+  switch(value) {
+  case LbrpPortModeEnum::SINGLE:
+    return std::string("single");
+  case LbrpPortModeEnum::MULTI:
+    return std::string("multi");
+  default:
+    throw std::runtime_error("Bad Lbrp portMode");
+  }
+}
+
+LbrpPortModeEnum LbrpJsonObject::string_to_LbrpPortModeEnum(const std::string &str){
+  if (JsonObjectBase::iequals("single", str))
+    return LbrpPortModeEnum::SINGLE;
+  if (JsonObjectBase::iequals("multi", str))
+    return LbrpPortModeEnum::MULTI;
+  throw std::runtime_error("Lbrp portMode is invalid");
+}
 SrcIpRewriteJsonObject LbrpJsonObject::getSrcIpRewrite() const {
   return m_srcIpRewrite;
 }
diff --git a/src/services/pcn-loadbalancer-rp/src/serializer/LbrpJsonObject.h b/src/services/pcn-loadbalancer-rp/src/serializer/LbrpJsonObject.h
index 0a281978a..e6a22593f 100644
--- a/src/services/pcn-loadbalancer-rp/src/serializer/LbrpJsonObject.h
+++ b/src/services/pcn-loadbalancer-rp/src/serializer/LbrpJsonObject.h
@@ -34,6 +34,9 @@ namespace swagger {
 namespace server {
 namespace model {
 
+enum class LbrpPortModeEnum {
+  SINGLE, MULTI
+};
 
 /// <summary>
 ///
@@ -62,7 +65,20 @@ class  LbrpJsonObject : public JsonObjectBase {
   void unsetPorts();
 
   /// <summary>
-  ///
+  /// LB mode of operation.
+  /// 'SINGLE' is optimized for working with a single FRONTEND port.
+  /// 'MULTI' allows to manage multiple FRONTEND port.
+  /// </summary>
+  LbrpPortModeEnum getPortMode() const;
+  void setPortMode(LbrpPortModeEnum value);
+  bool portModeIsSet() const;
+  void unsetPortMode();
+  static std::string LbrpPortModeEnum_to_string(const LbrpPortModeEnum &value);
+  static LbrpPortModeEnum string_to_LbrpPortModeEnum(const std::string &str);
+
+  /// <summary>
+  /// If configured, when a client request arrives to the LB, the source IP
+  /// address is replaced with another IP address from the 'new' range
   /// </summary>
   SrcIpRewriteJsonObject getSrcIpRewrite() const;
   void setSrcIpRewrite(SrcIpRewriteJsonObject value);
@@ -82,6 +98,8 @@ class  LbrpJsonObject : public JsonObjectBase {
   bool m_nameIsSet;
   std::vector<PortsJsonObject> m_ports;
   bool m_portsIsSet;
+  LbrpPortModeEnum m_portMode;
+  bool m_portModeIsSet;
   SrcIpRewriteJsonObject m_srcIpRewrite;
   bool m_srcIpRewriteIsSet;
   std::vector<ServiceJsonObject> m_service;
diff --git a/src/services/pcn-loadbalancer-rp/src/serializer/PortsJsonObject.cpp b/src/services/pcn-loadbalancer-rp/src/serializer/PortsJsonObject.cpp
index c3f3cef0e..ddf7065ff 100644
--- a/src/services/pcn-loadbalancer-rp/src/serializer/PortsJsonObject.cpp
+++ b/src/services/pcn-loadbalancer-rp/src/serializer/PortsJsonObject.cpp
@@ -25,12 +25,14 @@ namespace model {
 PortsJsonObject::PortsJsonObject() {
   m_nameIsSet = false;
   m_typeIsSet = false;
+  m_ipIsSet = false;
 }
 
 PortsJsonObject::PortsJsonObject(const nlohmann::json &val) :
   JsonObjectBase(val) {
   m_nameIsSet = false;
   m_typeIsSet = false;
+  m_ipIsSet = false;
 
 
   if (val.count("name")) {
@@ -40,6 +42,10 @@ PortsJsonObject::PortsJsonObject(const nlohmann::json &val) :
   if (val.count("type")) {
     setType(string_to_PortsTypeEnum(val.at("type").get<std::string>()));
   }
+
+  if (val.count("ip")) {
+    setIp(val.at("ip").get<std::string>());
+  }
 }
 
 nlohmann::json PortsJsonObject::toJson() const {
@@ -56,6 +62,10 @@ nlohmann::json PortsJsonObject::toJson() const {
     val["type"] = PortsTypeEnum_to_string(m_type);
   }
 
+  if (m_ipIsSet) {
+    val["ip"] = m_ip;
+  }
+
   return val;
 }
 
@@ -107,6 +117,22 @@ PortsTypeEnum PortsJsonObject::string_to_PortsTypeEnum(const std::string &str){
     return PortsTypeEnum::BACKEND;
   throw std::runtime_error("Ports type is invalid");
 }
+std::string PortsJsonObject::getIp() const {
+  return m_ip;
+}
+
+void PortsJsonObject::setIp(std::string value) {
+  m_ip = value;
+  m_ipIsSet = true;
+}
+
+bool PortsJsonObject::ipIsSet() const {
+  return m_ipIsSet;
+}
+
+void PortsJsonObject::unsetIp() {
+  m_ipIsSet = false;
+}
 
 }
 }
diff --git a/src/services/pcn-loadbalancer-rp/src/serializer/PortsJsonObject.h b/src/services/pcn-loadbalancer-rp/src/serializer/PortsJsonObject.h
index 7bba54c50..f6325bad7 100644
--- a/src/services/pcn-loadbalancer-rp/src/serializer/PortsJsonObject.h
+++ b/src/services/pcn-loadbalancer-rp/src/serializer/PortsJsonObject.h
@@ -60,11 +60,20 @@ class  PortsJsonObject : public JsonObjectBase {
   static std::string PortsTypeEnum_to_string(const PortsTypeEnum &value);
   static PortsTypeEnum string_to_PortsTypeEnum(const std::string &str);
 
+  /// <summary>
+  /// IP address of the client interface (only for FRONTEND port)
+  /// </summary>
+  std::string getIp() const;
+  void setIp(std::string value);
+  bool ipIsSet() const;
+  void unsetIp();
 private:
   std::string m_name;
   bool m_nameIsSet;
   PortsTypeEnum m_type;
   bool m_typeIsSet;
+  std::string m_ip;
+  bool m_ipIsSet;
 };
 
 }
diff --git a/src/services/pcn-loadbalancer-rp/test/helpers.bash b/src/services/pcn-loadbalancer-rp/test/helpers.bash
new file mode 100644
index 000000000..886cc3071
--- /dev/null
+++ b/src/services/pcn-loadbalancer-rp/test/helpers.bash
@@ -0,0 +1,40 @@
+function create_veth {
+    # Create new namespace
+    sudo ip netns add ns${i}
+    # Add new veth interface
+    sudo ip link add veth${i} type veth peer name veth${i}_ netns ns${i}
+    # Enable veth on both root and newly created namespace
+    sudo ip netns exec ns${i} ip link set dev veth${i}_ up
+    sudo ip link set dev veth${i} up
+}
+
+function test_weight {
+  # Test service and service backends creation and deletion. Test also different backend weights
+  polycubectl lbrp lb0 service add 10.0.0.1 80 TCP name=my-service
+  polycubectl lbrp lb0 service 10.0.0.1 80 TCP backend add 192.178.1.11 name=backend1 port=80 weight=20
+  polycubectl lbrp lb0 service 10.0.0.1 80 TCP backend add 192.178.1.12 name=backend2 port=80 weight=30
+  polycubectl lbrp lb0 service 10.0.0.1 80 TCP backend add 192.178.1.13 name=backend3 port=80 weight=20
+  polycubectl lbrp lb0 service 10.0.0.1 80 TCP backend show
+  polycubectl lbrp lb0 service 10.0.0.1 80 TCP show
+  polycubectl lbrp lb0 show
+  polycubectl lbrp lb0 service 10.0.0.1 80 TCP backend del 192.178.1.11
+  polycubectl lbrp lb0 service 10.0.0.1 80 TCP backend del 192.178.1.13
+  polycubectl lbrp lb0 service 10.0.0.1 80 TCP backend del 192.178.1.12
+  polycubectl lbrp lb0 service 10.0.0.1 80 TCP backend show
+  polycubectl lbrp lb0 service 10.0.0.1 80 TCP show
+  polycubectl lbrp lb0 service del 10.0.0.1 80 TCP
+  polycubectl lbrp lb0 show
+}
+
+function test_service_reachability {
+  polycubectl lb0 service add 10.0.0.1 80 ALL name=my-service
+  polycubectl lb0 service 10.0.0.1 80 tcp backend add 192.178.1.2 port=80 weight=20 name=backend-tcp
+  polycubectl lb0 service 10.0.0.1 80 udp backend add 192.178.1.2 port=80 weight=20 name=backend-udp
+  polycubectl lb0 service 10.0.0.1 0 icmp backend add 192.178.1.2 port=0 weight=20 name=backend-icmp
+
+  sudo ip netns exec ns1 ping 10.0.0.1 -c 2 -w 2
+
+  polycubectl lbrp lb0 service del 10.0.0.1 80 TCP
+
+  polycubectl lbrp lb0 show
+}
\ No newline at end of file
diff --git a/src/services/pcn-loadbalancer-rp/test/test_multi.sh b/src/services/pcn-loadbalancer-rp/test/test_multi.sh
new file mode 100755
index 000000000..4881dcfbd
--- /dev/null
+++ b/src/services/pcn-loadbalancer-rp/test/test_multi.sh
@@ -0,0 +1,43 @@
+#!/bin/bash
+
+# include helper.bash file: used to provide some common function across testing scripts
+source "${BASH_SOURCE%/*}/helpers.bash"
+
+function cleanup {
+  set +e
+  polycubectl lbrp del lb0
+  for i in `seq 1 3`; do
+          sudo ip link del veth${i}
+          sudo ip netns del ns${i}
+  done
+}
+trap cleanup EXIT
+
+set -x
+set -e
+
+polycubectl lbrp add lb0 port_mode=MULTI loglevel=TRACE
+
+for i in `seq 1 3`; do
+  create_veth ${i}
+
+  if [[ "$i" -eq 3 ]]; then
+    sudo ip netns exec ns${i} ip addr add 192.178.1.254/24 dev veth${i}_
+    polycubectl lb0 ports add to_ns${i} type=BACKEND peer=veth${i}
+  else
+    sudo ip netns exec ns${i} ip addr add 192.178.1.${i}/32 dev veth${i}_ peer 192.178.1.254/32
+    sudo ip netns exec ns${i} ip route add default via 192.178.1.254
+    polycubectl lb0 ports add to_ns${i} type=FRONTEND peer=veth${i} ip=192.178.1.${i}
+  fi
+done
+
+
+# Test basic connectivity
+sudo ip netns exec ns1 ping 192.178.1.254 -c 2 -w 2
+sudo ip netns exec ns2 ping 192.178.1.254 -c 2 -w 2
+sudo ip netns exec ns3 ping 192.178.1.1 -c 2 -w 2
+sudo ip netns exec ns3 ping 192.178.1.2 -c 2 -w 2
+
+test_weight
+
+test_service_reachability
diff --git a/src/services/pcn-loadbalancer-rp/test/test_single.sh b/src/services/pcn-loadbalancer-rp/test/test_single.sh
new file mode 100755
index 000000000..3dc5e944a
--- /dev/null
+++ b/src/services/pcn-loadbalancer-rp/test/test_single.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+# include helper.bash file: used to provide some common function across testing scripts
+source "${BASH_SOURCE%/*}/helpers.bash"
+
+function cleanup {
+  set +e
+  polycubectl lbrp del lb0
+  for i in `seq 1 2`; do
+          sudo ip link del veth${i}
+          sudo ip netns del ns${i}
+  done
+}
+trap cleanup EXIT
+
+set -x
+set -e
+
+polycubectl lbrp add lb0 port_mode=SINGLE loglevel=TRACE
+
+for i in `seq 1 2`; do
+  create_veth ${i}
+  sudo ip netns exec ns${i} ip addr add 192.178.1.${i}/24 dev veth${i}_
+  if [[ "$i" -eq 2 ]]; then
+    polycubectl lb0 ports add to_ns${i} type=BACKEND peer=veth${i}
+  else
+    polycubectl lb0 ports add to_ns${i} type=FRONTEND peer=veth${i}
+  fi
+done
+
+# Add client default route in order to test connectivity
+sudo ip netns exec ns1 ip route add default via 192.178.1.2
+
+# Test basic connectivity
+sudo ip netns exec ns1 ping 192.178.1.2 -c 2 -w 2
+sudo ip netns exec ns2 ping 192.178.1.1 -c 2 -w 2
+
+test_weight
+
+test_service_reachability
diff --git a/src/services/pcn-loadbalancer-rp/test/test_weight.sh b/src/services/pcn-loadbalancer-rp/test/test_weight.sh
deleted file mode 100755
index f8a3a58d2..000000000
--- a/src/services/pcn-loadbalancer-rp/test/test_weight.sh
+++ /dev/null
@@ -1,60 +0,0 @@
-echo "		#####Test#####		"
-
-polycubectl lbrp add lb1 loglevel=TRACE
-polycubectl lbrp lb1 service add 192.168.0.1 80 TCP name=service_1
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend add 10.0.0.1 name=backend1 port=80 weight=20
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend add 10.0.0.2 name=backend2 port=80 weight=30
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend add 10.0.0.3 name=backend3 port=80 weight=20
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend add 10.0.0.4 name=backend4 port=80
-
-sleep 10
-
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend add 10.0.0.5 name=backend5 port=80 weight=100
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend add 10.0.0.6 name=backend6 port=80 weight=40
-
-sleep 10
-
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend add 10.0.0.7 name=backend7 port=80
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend add 10.0.0.8 name=backend8 port=80 weight=20
-
-sleep 10
-
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend del 10.0.0.2
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend del 10.0.0.5
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend del 10.0.0.1
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend del 10.0.0.3
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend del 10.0.0.4
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend del 10.0.0.6
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend del 10.0.0.8
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend del 10.0.0.7
-
-
-sleep 10
-
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend show
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP show
-
-
-
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend add 10.0.0.3 name=backend3 port=80 weight=20
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend add 10.0.0.4 name=backend4 port=80
-
-sleep 10
-
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend add 10.0.0.5 name=backend5 port=80 weight=60
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend add 10.0.0.6 name=backend6 port=80 weight=40
-
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP backend show
-polycubectl lbrp lb1 service 192.168.0.1 80 TCP show
-
-sleep 5
-
-polycubectl lbrp lb1 service del 192.168.0.1 80 TCP
-
-polycubectl lbrp lb1 show
-
-
-
-
-
-

From 76616a02e20c0e080f6f32b88dbb5a38f371b446 Mon Sep 17 00:00:00 2001
From: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
Date: Tue, 21 Jun 2022 13:55:34 +0200
Subject: [PATCH 3/3] Add pcn-k8sdispatcher service

Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
---
 AUTHORS                                       |    1 +
 .../services/pcn-k8sdispatcher/egress.png     |  Bin 0 -> 54042 bytes
 .../services/pcn-k8sdispatcher/ingress.png    |  Bin 0 -> 63865 bytes
 .../pcn-k8sdispatcher/k8sdispatcher.md        |   40 +
 scripts/install.sh                            |    6 +-
 src/services/CMakeLists.txt                   |    1 +
 .../pcn-k8sdispatcher/.swagger-codegen-ignore |   13 +
 src/services/pcn-k8sdispatcher/CMakeLists.txt |    5 +
 .../datamodel/k8sdispatcher.yang              |  173 +++
 .../pcn-k8sdispatcher/src/CMakeLists.txt      |   50 +
 .../pcn-k8sdispatcher/src/HashTuple.h         |   42 +
 .../src/K8sdispatcher-lib.cpp                 |   21 +
 .../pcn-k8sdispatcher/src/K8sdispatcher.cpp   |  497 +++++++
 .../pcn-k8sdispatcher/src/K8sdispatcher.h     |  139 ++
 .../pcn-k8sdispatcher/src/K8sdispatcher_dp.c  |  521 +++++++
 .../pcn-k8sdispatcher/src/NodeportRule.cpp    |   99 ++
 .../pcn-k8sdispatcher/src/NodeportRule.h      |   59 +
 src/services/pcn-k8sdispatcher/src/Ports.cpp  |   57 +
 src/services/pcn-k8sdispatcher/src/Ports.h    |   45 +
 .../pcn-k8sdispatcher/src/SessionRule.cpp     |  106 ++
 .../pcn-k8sdispatcher/src/SessionRule.h       |  111 ++
 src/services/pcn-k8sdispatcher/src/Utils.cpp  |  129 ++
 src/services/pcn-k8sdispatcher/src/Utils.h    |   48 +
 .../src/api/K8sdispatcherApi.cpp              | 1271 +++++++++++++++++
 .../src/api/K8sdispatcherApi.h                |   86 ++
 .../src/api/K8sdispatcherApiImpl.cpp          |  855 +++++++++++
 .../src/api/K8sdispatcherApiImpl.h            |   90 ++
 .../src/base/K8sdispatcherBase.cpp            |  171 +++
 .../src/base/K8sdispatcherBase.h              |   91 ++
 .../src/base/NodeportRuleBase.cpp             |   42 +
 .../src/base/NodeportRuleBase.h               |   65 +
 .../pcn-k8sdispatcher/src/base/PortsBase.cpp  |   41 +
 .../pcn-k8sdispatcher/src/base/PortsBase.h    |   59 +
 .../src/base/SessionRuleBase.cpp              |   45 +
 .../src/base/SessionRuleBase.h                |   94 ++
 .../src/serializer/JsonObjectBase.cpp         |   69 +
 .../src/serializer/JsonObjectBase.h           |   55 +
 .../serializer/K8sdispatcherJsonObject.cpp    |  239 ++++
 .../src/serializer/K8sdispatcherJsonObject.h  |  108 ++
 .../src/serializer/NodeportRuleJsonObject.cpp |  186 +++
 .../src/serializer/NodeportRuleJsonObject.h   |   96 ++
 .../src/serializer/PortsJsonObject.cpp        |  136 ++
 .../src/serializer/PortsJsonObject.h          |   79 +
 .../src/serializer/SessionRuleJsonObject.cpp  |  375 +++++
 .../src/serializer/SessionRuleJsonObject.h    |  162 +++
 src/services/pcn-k8sdispatcher/test/test.sh   |   24 +
 46 files changed, 6600 insertions(+), 2 deletions(-)
 create mode 100644 Documentation/services/pcn-k8sdispatcher/egress.png
 create mode 100644 Documentation/services/pcn-k8sdispatcher/ingress.png
 create mode 100644 Documentation/services/pcn-k8sdispatcher/k8sdispatcher.md
 create mode 100644 src/services/pcn-k8sdispatcher/.swagger-codegen-ignore
 create mode 100644 src/services/pcn-k8sdispatcher/CMakeLists.txt
 create mode 100644 src/services/pcn-k8sdispatcher/datamodel/k8sdispatcher.yang
 create mode 100644 src/services/pcn-k8sdispatcher/src/CMakeLists.txt
 create mode 100644 src/services/pcn-k8sdispatcher/src/HashTuple.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/K8sdispatcher-lib.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/K8sdispatcher.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/K8sdispatcher.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/K8sdispatcher_dp.c
 create mode 100644 src/services/pcn-k8sdispatcher/src/NodeportRule.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/NodeportRule.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/Ports.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/Ports.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/SessionRule.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/SessionRule.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/Utils.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/Utils.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/PortsBase.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/PortsBase.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.h
 create mode 100755 src/services/pcn-k8sdispatcher/test/test.sh

diff --git a/AUTHORS b/AUTHORS
index dd5f4889b..b5b9ad058 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -10,6 +10,7 @@ off on commits in the Polycube repository:
   Gianluca Scopelliti                     gianlu.1033@gmail.com
   Giuseppe Ognibebe                       ognibenegiuseppe8@gmail.com
   Jianwen Pi                              jianwpi@gmail.com
+  Leonardo Di Giovanna                    leonardodigiovanna1@gmail.com
   Matteo Bertrone                         m.bertrone@gmail.com
   Mauricio Vásquez Bernal                 mauriciovasquezbernal@gmail.com
   Nico Caprioli                           nico.caprioli@gmail.com
diff --git a/Documentation/services/pcn-k8sdispatcher/egress.png b/Documentation/services/pcn-k8sdispatcher/egress.png
new file mode 100644
index 0000000000000000000000000000000000000000..761c89309528c10a7a097637b45026192f1621bd
GIT binary patch
literal 54042
zcmd?Rhd<Tt`v)FTRw<bYNy>I?%E&s_G0)*3>(~y*cI=r^W`&4kZ?Z>rREna^Y?2Yl
zj?CYE(EIc0{rP?Wf#2`(NFC?(dfoSZUDxy4*Q*B_Y6|B_E|Z)(b?TgwqMX*LQ>Wpl
zPT{Q*odMt6U!T=Db?WS_tGuo&#>3La&f*lSfb8)nR(^=JgNrMxfE+77Kg!XO$J_>G
z<&46(@Yq|pg0H}JjDxw2rHzI8@jd(yetvF<FgL##f=`fDKw3Z;{3Rs71HRTjz8_^}
zVSloq5Dx?_z^2Q`$9{ax!WCt8ypFBDmA(u{z|Pf8K?v%lkA^83>m1*MwQzQ^aj-wW
zjZcgR!UImh&nh4f4t;Vuu&B++c|3KHUb1e^f?5`4uClV4(q_(rR>$kuqc9f7i)er&
zaq}H7!lz?zYUZXSD6auQDcagAtD#NZJ!Sd5w1tr7`ugVD2umdgQzdymRegP3C`Jw=
zEMjiwsfE^8msW*Y%iCEfIU{Y&ZL#)FvaI|vHbQzHNPaB~bz4?`sEh{GQPx2prD}!p
zvPaut_)M`nf*Rlg*acy0Z|3Y|CJ%=Q%4wi%wY}7>H5?ptl;C1!5G55`4{d}rQdZwd
zPty_H4^_2PfGU}(o4E)>giOukZA67#lyx0dP<ra7XeU__F@%+>mI}sRLkp!VDhE-~
z)w6`!;f{mRg2DwcD2O~t&_Tvk4uVj3R7a|+E2zo3>X_==$Rj*Ol^ngaEnF-VAf^J=
z_VREWK2;>xQG;JeM4umKWi5u)b=MPdRkYLh5Ytd}wbDaFO<ir=J>k;eE(;eoK~H5{
zxQ8hk1yxqD7V>lz6qHeN*0dHD(s#G_uvXGU+Q^A&>LK({2ssZVT3XW@siY&UBkzt;
z7qbx3a8Lx0lCc3lD0>|teIa*!tiFJoijJF|l^&m>gS@sQQb64j3sb`)`BarfJ+-w&
zL_NI3Aks4K?slf~rqYUh;LLj3@&b<5e0tja{6hA87B<qF5H(L3dn<EgT?;uq5kQZO
ztsB-%2B|J>iINu*ki(+oH5BA^1QZ||rq-s?R*LR=`tF)~ih9ys{O%663Ra@BM|{__
zw|7Gb33*9l&@N_Z0YNJvQxR(`TUif17#d}&qhjfdl6K}3a?<Csb%v|yYGYj7V4_Oa
zx-R^-&N5(EVLn$O1vw#pH$FZKVOOZ7mYK4kstunWxMYWLaaGfCvv4rga#a`BQ*gDj
zv2|D0b8=R6K>*HrfgiZFsilabhJ~g+6fUX=)3Stn=xVBXSSov23t(Y(a(pf>t|Iob
zNPdU_pSv7NNl*i+>7<P^bu>3Ox3}RF@RIcuFvam!+QHgN(Ogqe)lt++P1nKRPDcp`
z4y-0Z7c1bU?JVQ!=!kIClR?0wh2ba^QrHqI3qfisD_UuY$}2m|Xox!7XrdKev@C4-
zvF?^O7%PaCIzP<Gnhy<*X|LgeRuI(Iwr~*Bb%F7DnhMw}>0nj)<P{VIt+l~Enn*om
zFI9}FwFW{ND<G(>0MWCCqSY;(6_vEiv}E+G5bi()0ZLrVOy#sK1Z3d?E*kna0-jhA
zKByMh!NWrYCCKOIY9;2Ni51{?wG=bex0U7BM%u^=IXij@^4aKFih8NrqMbFYgy8C?
zf(Q)-1XkHf1TL!WCBUyJ@9YSbHg!|B6LD4c((qK)7LhSmN4Ozj`f8qvFaeB)nGM{-
zP0!O)OkGV$)z$_MR|dOkxr)kq2?&BuZmKd~S{6dqNEaQbhdjbV%gRd2MNS)m6jhM(
z64TPN5z@4=b_bMt=!iNiIyks!I4f#eDG2Mp(GK?dK;dO{mAq^;Jhjx2%0O|P^|3H%
zX?`<DMSBea4>?PHB}*AcPbeC$r*8*!wo+3T6w<ZvbkN|}))KQo3TaqE_!Q8djsW>e
zit3s`?_?CfkEb0}T3AfXR$W6#*+orV(+(I4866EMznG=9BJTXEW*A!qdr>iEesh$$
zm7SOlTwhxQ=4xhRE~D<@35N)a37bQdO?5ogZD68iu9kB0LS8Unv7y3B7Em#W9G^BE
zY2yqvcf(5a>6&WU@yS`^cF?hMg{axPTdF%@t=xoMJhf$z0y6w|qILrIif)d&p8QBB
zKD0DcK*>f{M;EN-Y3e3x;i9K5rY56iZ{en4W3C5>nL!~sC|xIvlQdKf;wk3hXp2^c
zK~&{sVAeQ+V+4gotRUu2;G=`KrL&q03>bVFYaKC9EI-yp&(p>QYU8Hmr67+|mNi3~
z^I5tH3SpgG#59~Oz<pSEX)l;FTnp=|0`U+O1YfFP!PibuhzR%xjgYrNy1OYkDya!6
zhzeSm%WDg(o9dyx<jizk#pE3<1^Laat?l(RaL`3t*f?3D6;u@+rO}$^rgG-aqUuh1
z=I$DNVn{38!~8l9>ZTAICx{xKw33d9jFO$KIYvRB4}}3w3qv(!Ol@qugdLoO0V!tA
z&ia5o0$4O3MA+FLd;|Wt=z5~;)B&Y9dtu3M?(T`PgsQ@11aQ|C5DLOrJyk`d08Chi
z-@;2<Rseh}$A>_`#lQ!st{&J1>JI#%9B_r;;~#H$<Ql>6CoWw;J_ezG@zklSr<CNR
z5gtZA#)u8H`<u?LFl9#K-y|S=aVEqvJNw+A{gWZ_L<@`9q-;|prl*cMCr&o}oPLsi
zM*P$MrP-=iISCd|$I9QIp{IP)dhgn`Aeh2r%iTj&S`LzDsMLzB-%DHH4PzU(^cU-^
zQ`TM1jg%NMOiJUCXawL>rkx^WyL0prL$P9(h>oRE&-v%8qpNAe5ZJ2pf9^Z_ax&ml
zTij{uhT#8R0bFULO#Sz|=ZPRNv4FQKC)@nl5iCmg|HDO}Q_c^TFiHOY7He6!va?t+
zUAOpR-F!1z|JNHD<H-I(B$Mb(Ha4Q0&m8f4dVBfozCdyp_FrF8x8CwwZrmF7VX7ZH
z@9*!w{rh*-Z+#;mx$PG~63f3N?y4Oz{tVSaNPj;3ChVE$YAN*<?;mCNBO^D4pC~0h
zz9l@+n2~|c+q}nrov7Hbo_g-N_lq_+_ZzUyA48We-GH@3iHy%X{%&}PPq`w27s@`d
z=u(|{Bw#Y0tEh#_UbVJoVlL0@m3)0A&}j69D_4GOH0ryYCWhxebM8R7Ndc-pH~ag4
zND?X(s<HWXC6qnvy9YBN+av%++&#yJ$YZojvIh<X=QlKnM_v)5F!tS~>Jndv8F);E
zY|m%LtW1S5eNAy6f3@+wm(Op{V<{DB>`P^p;zrHrw~cC8>)>SL;Ar)nO9^`uLBqn#
zENwd*!P|77PQdccPw&0e_UYAjruOUvqv5aJ=Y?)*0kRMFm;Kv&)uoF2QL`VOekr#g
z<)V%lIG=xadKKJj+lw!P84mtAR&V<XwlE<GQ&Mc$|24AOMlLl89+KbvwN!Pnw5W*7
zZmf>#W{NAtbDuS(XD(f0+wD>Zft!nivN>1A-6woKzCBV9@2}!Yz^8;H0&-v7itNum
z)+EKmTR&^3AvQf(ZIEwU7Gp8Nk&?bUCZn}Z`uFRA5Uvgih2~#mf!@ifme}|tJA7zq
zZf?C;I{Ps>myni@dAQbzMRNCt03eR(;UgB}TfV!$-t7HeuQIuo&Uy3Z+<hrhA|lZu
zzp&8!jt*sRaV3+-8tx1ExoGLR&k9Wa(1NCe9a{`{Ji)c6_}e26%{H0N6ti7Yhdx}o
zrFTfZDAu0)AN)RTn{%*P;y(o-&{F5Nc!7y2re@qrg%lY<&E50De|M>d4>K(2v-*Z+
zz9&1vvc<-4uR<P=q*6NoRZwgyo_Zo#RA46N4ysCjb-i0^`pI4USJ4c&&%-9_f!H(+
z4Slb|lr$baylz|aZHwjFwUwC!;|yepk^Umu*7hO|O)eo7vDKile<QW-E!X*gwKZp-
zgWq%diI2`PMQ>DKmxhJtbCT@uFyDOlmV9g6yF|FW5;G#qy{A-*7QcSA!}{~&t9yKw
zA83D!H_{*e?)I-_8nF|`q`)mLbEwbEjBD}I4ecE4E?0eG4-0N7ENRlGe_$*AqHcl1
zb!k|e)RGL&=$EG_PDsYl0<riMZC1sOGmI_ng!)OdH+u)o5jo$Z{bO&c5437czw7&y
zE~{x^P{iC}tzKh4c7ck@?UOwgfTc~KTl`+KLz5o;%;WD)6pB1`^VbZ#m#T*Q#E5ki
zcJy2%T<6bFI;&}EQM9(Tkw0tl-NhCkH1DlN2=Cjsg`V^Ho}Ew$VU<>rc?fI2z3~uo
zBV7ghIt$Zd^i+~942F!W>p(QUm4&{!PQ+u}^bFPEekfWtL+Pj-fa+kEG=d$Q-%rMA
z*^tdIW-(J^?h|j4glx|v)CR7+x7IRC+?kU)Bqru|{x&yf8<>-oB}a<*$iT0~I@ol0
zu&evhnbn+g)uHM48HU@~K4=+WyzH`DmJmE@?)~MGPTpn%QdqgYN)BfSTmNZt@w5<j
zy=g(~PggP57Zp*;Ilta-$kRQI74CeLlvEIPM~T+%=j6M%gKj>RtN=O!+MExcBJ55d
zd7SOIJ1QvUfwS+E*oZGhvG7q`Grykm5~7Vn<`&03cGEx_IK2rBaBDj!V%?mOoLpEO
zby)}<_e)@CpO=sCBE_(I(&Qt*fl=>FeG<6)xMwc)+PKg9$J4$X%jrq{7U9%6S%&;o
z>d@HBi#_%34j30Qz3Kk#=j=~;*fKG^4J-Keb>DB0(Lzq$eD0A^O|5d?rXskUSvJ&U
zvL*1!)3tmlX*(`LgPSdonOiF35025D7SZxqIPKvh*53-kPPISEJ1Z|<8QND9Hh=hu
znMI{M*|_%+dwyl4frXWoZL+9h>Eo?COG6cBC;WDcu}uV=PtiA7L@C~V^P-dIU}F>g
z+N~zFztJWR&R>4<Z8#NY<vEsbzIqg2X1h`%hAOOVF^|~&d(IEB$qq=r7kr(ql7J3W
z3xfA1{OV}DPSzm^eY$qDp1kA6<?=@%c5-Fr?<w|xKhcN8Rhd#0UH|aCO0|K9oRl>E
z6yYcU^o)+t__Grw^};DBGwM#zTVP_UzB_?qTryvO(3Ns~dTYXe5bByl3g^eD<Hr-+
z&~vzM8~aU?f9-l$B$?8e#{uz=A7?E2++2L2zcZ9x?7$9F8Ul8ruzFm@=%@Ffp?i8k
zf$~U)q0AJW)w4kDLLHmibR7fVDK4{GzppEnoe<F0(aBlr6Y<)x#@q`ZH1bxhk15)J
zJVtCWoC;%&ll9}S-+lig44$jz=9{}3O_>(JPDq;r8!EP=JVs4<KqU41feC(AHEc($
zY&Bs*%J${lm%q!&M{xeHMH`<C{^IdB-;-d&=-O3!rFWqe{5||W+m4umaiKwj%tis_
z@#)w1j+kM<0$6idVLar7HQM;)FO;w?vFw=l@88z~g&>D@t`~%t^W(x6GA>{kCcDh~
zj|{^<!BaN~kUYDdv%>%R1{YbKp*Bh6cbqF*_!ICPMOy)LKncXHx*z|&#A#9pjIMTF
z*X^&Eti=UT^Sr|9{ohLj0*;W4dKTUK6S*B-o)iNfyL+g@{O=`Nz!GPEitD5t6L=iz
zQLa1#9%}A~9{*oUn3#YiPP;P}9)}W?jtO^W4xGi;-lka7d^zuTaImsvyM1=$_KL04
zZ;4F-so%{~{ycN<O7{2mE=)2xPHvIkQh4#m<)8uCYkPLHsm)OJt1phuS_5F4X0jSU
zByeO=xAE5xmzf)OK61&)6WT`QmmC(Vo@=(>j+*sr&UPU`_-!omA}{Y%BB|xnfJ-|)
z(?f2+d><LG$j!Q^QCY`MwNlk&{A}z>mxFqSS^NEJ!}-@kx7RwIFfqin)2&Ksqag`e
zKpvme15nCRwol}a%_1bS1-`8Q+B<o6fj$R|nA~BcQ>-`1Kt0pd1mLLwjP<EM9P&D5
z;hhS6mvNQ$v&l4h5ULl+pQ0J!Yp41i(0+CZvbQL|io2-`7u#mG+nz}C29?Lxl-)9~
z#R^5mPrR_D4<)VVB$!^WtTRFKIg)|9OjHF#*hzH!ItjfEuC9D3aM~7iFKa@f!_J9p
zJ_{b%8D9>fUZKVbb(9yN)6eY5iPRv^T8e6xU*$GSg>8E<DC8g#>t;4!KWD9Kb3>?d
z0+vZ2u;2C*6*I?h31lJp;Ippg^P~nb2dQGZ*X=<hyF1$X92f*P6CxmKS=URPN+<3D
zIr&HgI=#NsshvpDTRfTadzbIqhcLdZZi%}1_dz(ZiQ+URlCk6@rb$GYEch#+_M?#(
zX>zR+3*Hu6slMW#8@15V7LEWRP%;46kXPIiZZ{kR?wEA=D|{_vDEWRlhXkvbm=v0P
z$TvX9J;{A^*%<I;|1DSGF-lED13wHpw7b{qq{*K3Rmibl-Y2pb_pY33&_w|`iQwc^
zF)@TbmQ#x+A-{36YDoU!0$6*^7P9w)j<#?2{IB!4t!06T=rWRZm5y%?Xu>CN5~h^;
z;RhdtRQ2jdJ@U1j+NtQ-z;LN#g0ucBR5h^-d~nDZnfj|p#?CI!{^O`k@vA%+rZ-hq
z(VvQ8)HqnR&;edrZFq2>pgRlyd&zjPari{95R6LK)~VeyW-3X*UgZBoKuN;cshY=!
z;Pxd13hg>^({b~Ao53gi@gTsBfL%cBsKW;e9Gd`YLNC=i{N8*ww8b1P2JN=-!$wN@
z3%^(p>T@(If`H>E1AT8ATDB89KFwqv{<Lu&_1zB19uXL(<W0){bGbt!*)O+o7$IW@
z_UyjBDeDP*cSuI-f1vFOw+W~tqFLY^uraq+1_ndx)V}ncJ-Gcv*#HKvUg5<t3jCU=
zH~EvMq?IW?H6KEiaaX|IzGnJ)#O%}>+@a_HWR5#eBgIIe<e&sBs@_AAXUXZFlJ*c6
zV51#4x#gl}b=Zk1#t$sxH3;3?H@<cQ+WaV=!4o^`{$0kPXWxsaGN1+=pKa0)aDI!v
zg5X57Qv^^ce|D@+$sl0mhr+h~1c`eQYA*-=Pu3jz{4}NP^C`AXeEcYXqqD;4)%(Fx
zcN}T7IBRoZ?6oq^h=9E|s1)z|;Ds+V$+}iX_wF5(nzhEOd|J-J+Yx?}tqJaN)Bq1i
ziyA?X6$(<(^6tlaS?<AEs+{5P10NXBNfWO*Q)MUY_uV*S36GwDf+y%Cj8smZ$ZuJZ
zpG$wed{a*TJ8jNEURze7QOnDlMyUTwqb94Zc1=<byX!*peW-Hy&vMD9zDTG~BWxhV
zNoNbVl$R5UtS6R+>?Y*LQ~xxsNu+OE-?E#>e3FG|ZfADrx@icI{sg5-;@U?)tHKi`
zC{WSXm5OlO6HfQ_-p~21=U-#C(30SUU3l|@;RuBnfOC@*DSLcuYVdps&+v+pR!?3T
zYwN4DHI`q##M4((#ubGF@I4^c^R27=CqjBkc&1zGQZ@E2urve3PX{nqap!$o(Zy}Q
z|I^Y;=Hz;(3val~K^JIpstY0ULi29V9`y`n71&V&TP6%pP_fB2B74k8$H11Tb+1;&
zUtvusj=^X>kpr6Co2iTcw@p3gqAu_I8Y?F^FTx+6a5tje!RwMl%<cC76E=fV{S1DO
ze%FQN4~aBK!EdL29RGhas*WiwYu%}>$rF-i{SQwq<sA4OtiTWFmM2!4{rvpCRCR~X
zZ*v5Po~e5=N&T~u+e&ID#pCp?x2`e)#sLLk%{n6a3C%n1zuhue>3r)q2aDCX?gM_d
zd<GH3w$F)JePEM?+_sK~g{LnLem1uC^lkign7ntHh-^c_!{gx#{@txX({9F*z#YN9
z!ZN>rF{88f++?-_Tl4z7)HtY4Dgx>F2;(3RR+MBbouAJ4u$>lnRkWr};cqRQ5urcu
z9V8bO&Z)Rq(0L1JgXC3U15T%WxN)KxNtbHfriSv!hJzIuCRk^z)qjjn#c0l1pzf61
zWoRTUIWnrwKtu_#YoRA_nI_u!K=e94mm#w_c5NWDvX=2CgA02Ox!32rh3~w8a!BGL
z)=Y+O%afQ&ZgN-ZAZ(S_IHaq6v0k#EYDZhU>Pt<b#JKO(nyQ2qaop+aKpgfR`titH
zfnUejA%|^B+mki&qBojQvLp_-{0{OdnWSn-FETGR=Ia-c;?x8<<ZyEQV`CYBPb+>1
zLxg?1cCE)7nundmBmd=pe(t#kp*N260Z8CrJuPZVwNA*`C-lnNo!aP~-sG))N}&=S
zAerLu$`{%7D}1Mv0(Vc+C6mOjE`KU*0XJ6q2ZR#0cdqVn>owDC3M&}vp~8%RPpm8$
zPLx^UWZ+Q++$PeUoKxW#%b$>w58RjAa$oX(O%&~J@GmfG%y(}Ky|(wzVz6fFSier=
z^eb(Z;vfC8PxR(kV5tTPw(gdt{e(^!KxqhLir1o%Fexs0`lN#wnqM8h>T~kMdqVUg
z+G+M4vuLqZ(F^Xeica#=YA;Dyc2)bT431FJq6y@uFyp~+%%_&u_=h8V{vO*OnH7H&
zbz{F<WMg&ryi7j7i-8q&<N*0u0>b(4#*|B(aEgXlyl#Q9Xm{G;O7E-2#ay)QVyOk3
zswq)xHX~_W7<bpkMU%vy_NUn=z$RmdII4*d$kSXCAN5^M?HDtN%69h&oWA8Mly#9)
z^?&MKl-8OpI`9w|#&DUKUM}wEi|>d-ezz>m!QO0IMLB<SHo{qlmQ27a#u=-rlVdH@
zY;O$K@R{`!U0M9P3D5Rkbo4Pd7RPq_H!uYX9q}p>lr))0k2!UUP@gjK;4Q<pSGzyz
zf!oI&_T*w}`QJ+`sL;zvUvXk?Ndp_4SrXMrKJprDX*DeYH|wr$BuWsGy7=w)l}IH_
zkDaZ4MKLbDY*~7QS{}eEXF67gKM`upou|c=G_aU<c8QD>^nBOSX6<1QVeNd};<Gw(
zUR-T<(gsLFed|<b?y(!DRh(>#;#}F@J$zl3awYj^jk~%;*SyEM8;0vef%+c{aEfYe
z1aPi?<`2#>6du-ZFx%-X46m>BR^QRq)Vw$Rm|)L+v>U?_a}%d@D*z<y4oh?cAecMy
zwQukfx^JD=B%UEUch1g@yLmz*xP+;U`BU@eVCBxN_#>QxoW&(K0bSQlya<%$%U#Xj
zPD{79O1W~?1?(d=LywM4ca8Sk`gI&rp*Tk(!&?S2y(40HDLuBrkP!DxiTQ1j!_0vf
zwHIo$78N5KJ?dzxgS0bn<ktcnnZ`CeJ~`Mr{-r|++Ga}sv;lP?DYp_k<8!UH>aTnJ
z{eG_N5P)SrfGpmkNzx+X#LCr?81M@aw_hK=K;i6|Rz9-0()reR8(JKDEW$`2Ldzf8
z)qj%y%sW#}47HY6q^kt`UYeHwgjST5!y$p;tzVzYgt@|Tbo+rvcJwNaC<4FQ5RUKs
zA{4I>W>|gTr%&&`T-2_bYh|LC>a99rDST7}{qH)t!L^kVq<zbPukER3uj?VtqF&ZC
zEj`{{yMg0L11PX{-1QFK#F35*Of=G#E6p^J$e3<M4q=leJqsKgF#ts9WSZ{(Z<p=^
zX9>%xXHi4R^?c@c&YDMlm%D)@J_na+yKR*_onXk9;7JKr%a;#V`YL0jEet4HNs5Vv
zYiQPUb4*uS2z)tSY2g?-50d$80nvy*v8<BG(hdcg`b6;9?!B_*#Oqht=1XS#`_lFq
zId4@KzI|NuVt(ZIFih3zF79cZ*TDNno2cIn={$Hum%Q5c1RbYO5xBC#GLe~quj#%1
znT1t1q<}|J^}MZ%X9Liyv;YyD7cna-Rr>>Zs=T~P7S)hEZQF27KiIW}%)3&<-;ny@
z_pfp8Y*k$KwxkITBlNK0)Z@lcTZ|KR%BAiTJZv}Id0S-gp{q;Q(3AqrU3T7^fSTr&
z)I_+GP0GXg=U-QRaRvB0c<LY=^sGCpD|vkAmQF%yp3e4d8?lv$7zJ%Rg@k_LO6!{o
zBv_Q1B?pvT8&2p6Hv6Aa_B?AT+U+7#bu=<Oji~BnFv)E^`@|<!HHE4iYZr~+(eeUy
zX@~OBF&^J%TAgu>5(Lz)>K!XL2sf?<o}=%q{K)F;ewvk!LoOt^*7%*JY~^s)H9d>`
zH)sj%lAn)$^2Q!Tt&Um%`bu|<PO1@*h&$3Kp`Jd)zPfWW=a@NqP6y@`!AP}zy`Wd`
zMj=>V6DEfwEP<V1AWN}mRkMi2?T=FqD%#s(XH}4tEz}7_-jUhG3H5t>0gZ2n*gv$F
zE>b}J^$R+eyXkRe(lG?s7EVe}a@=!3R?;}YF`HSQmw6m(Qt{f`kW(hy{Z;kHaJoxc
zkN9$82m52FfFOMCf|J(lrWPMtWF{)zrt(u}pj+N6c_!XT$*AOlj<x)!rp81mA*y?4
zZ+Q6n>PZ7<Ap*>$PiE?n^2u&DO0mAgp}7vNKlfju!z8IPf`TGh;P6cBK}CjaJ(}zN
zLU>c--NROsX~D-rAP<kc4hYQ}H#I!5x93T|*%kI-=XX&mLdx7|mj^43XP3VbCTJtB
zDr2<%1I6_q<uVdL9WSn6U|Le~@d$~N0{B$%*sS~uRcKYdj{f?Lh0KovNz?xU;$2KG
zBjar7mdWoAv8|ziUD3GeN5)&*6F#50@GdbvVra-SPX#7Z{HB4o?Hm_Rkbe`^bk8kj
zPKh_CB-%K@Q<lKd^Q)+rGaTbTQ0iYuOm!mW9)3_4WSAKHH2kw{KLW~#yK@xi>x`wz
z`1514pO(;4&@WG$ZB%#nB4xU8f(GhZ%h}w<p(S)|xKHq4oY^C<?+%9%A8udE9dvmE
zpcu#kG+_1n2@+`yOxoV^V_Y7Lj@?m;B++DMKI8C+w7{W)Ss$bIsHnWpwCZ^Qa!ZkB
zH0~(XbS%ZSHi`a$1qn&vqa0|)0EW$hNb?aHS(uxJ-c#y=osGyl)tB>??~@8!J5&t+
zueJwL6TDUHdeuWkSo(&wmC-C6Ns5o>9dS`BF$OirYI0DCz=gk*jt>A1RcJjgoopzH
zFF^AROtzfha1oyOK$)0*oNz>#(-NjA|29$W2AVEe1_Y3}y!FxoSL`vDK0yO#I7uPG
z0%wJm%rxi{`ra0L?xf?RLUah0Mk0R0;d~w@_<=b2i2^LmT%hMYF)Q;d|BJ;9_AfNb
z`T3f+5A{B$8wx!!caxtOpY=>H8>%a*uBJAu$I9E=^UQXq#_*ZFwN@Q%_Lri#bg9g$
zo3UY|M}=10qjV^#>zBt%Kw5(Pg~H<yw~75>MKJ}-4ZF87cMCPqn#n4`VY@ei8H-=!
z-H98{%1}@)CDAr~m~<saA)hNV3O|B|7pkv+SxtOZZf~uVcV&IO4KyW+2=hSo+N|>l
zHxU_`-L#?SEy8EGxT-4#d6GdGaA;`SC?pNf`t&E6#<kx_m*nWk-kSRu4Km_?Ozknk
z?=62{`+7DD8g>1-V=M8y&d#>8Og;fBJTD1wjkn<{TRw+z@lnu$G&1nk`B;Pt7nby@
zkK-h=n-BRoX(}q#H4+ko^+}C|7xT}P{iOx)ev_9Ui9qY^lv#W98!DthAm~8gkJY)!
zHdgel{+R`^v*SA0o+b|t37M*y@M~+_8jk?2M%zQb^^YQE14ViZ`~Bx$>E;jts*$AT
zxK@pyq(uj1wDqcui!Oiw>Xwn>k@2H+jB07M_)RM!boPLFH7|T=J}G&PM~yU?dP&ak
z70-wFus8GR=mJ*q7}9r_^W)+ue~iAow7<L64jP5UA?Y7Jz%XM7G@7HJu#nIC(^b3S
zN@8Q5Rl>J1OeKW8V(u*gc#6u(triJ}q1{r4SDFuYI2pa>nZ@^3+87<^IZa?7iZuI0
zZwmr;U{P;e(5<Q?%Is5d=M1{mH%qb5xs&SeZ6B2LG?y4#51atgl+cWBmeJ10;k9U5
zuR51h&})sP7f~yO*6ORUWx}W<2nDRVUcY{DsmkO!o|15}C}^xcOid*(><_nk?s=v+
zSG|3yW+Gb5Wi}0=x)^sDpMQ^k_|3h4n<_OTpDj3D58{5u*txjZc^9ZCzP=vw$mhWq
zrqAfVLG_+Pg<EGa-^(qgFI$(|x%Q5>c0BcC5>is9Zi%fst?^f6L&;vP&2%QS?yj_v
z_cK*oz(i>q8m0&rFN4nTtExexh|ie{g{u57Rc@pTwF5JM#bsLi#NG*$Qc~*JGNZ>r
z*FrB)z32Ugfo^ONT3G1kE%XZD523R-n0dbR3a!0g<89hDEi!7{Nn844@%noRjZsUM
zQmo@!I;$(+oM)d}eFg2kek@)bci)81y6V!Pvw>T`w#Q;|jZe>`C@cv0J3M8_Pb#XP
zGFra87t^iFI8|LM_r(k(NZpqj?p`%<;FBR)=lfAd@FDfd!dSczY6<jyVkCaiGI~tn
znOj&eOGp^nR_*BzXsISb@JbqgUB>?Sk{%_eR61OWIt?0FuEC+988Vod?*HL&F=gV*
ztK^p|oG(0nMv%<f6pvgL%p?k?Tn@q{QwiM2x@HEunTZ%#*|g(<QPI#$Z%@aB!A@Th
zbI$q|Gy&SX>LW6S)mjOL2hY70*q0=<_jfjXg;Te`#j00+Wcw!0Na-jCNW3U?l-U8B
zX)SH?y8}P+;|FQgU0TFj*3X^a{x)<$@9!@Do)x0W$<m=0vF{tu^aaXv|Ni}!%|YWB
z1x8P~-73{$?__aLew`xS^e7E5C}%6Z2%7E+1_saO=-*tX#RVh}$KEO**_419k|IOn
zpsDZ4rQZIf!|CcFY&>>b123F?8~ao&MwZL|<Fhjjjn6Ctee{S2wh!rcmh-q&1*O8p
zjTbKoPq!EMvsLANWbJ$MQQQY{r?~lnRx)Bkkyt0afK)5C&4)7RV@|+tPznAp(QbF#
zMyb_I%jk)&jQprul|wsIrj!>G?rdh$Q1yslug^R3T6od?M0ZAGCdW1L7R7!m5F!NX
z0C!!5{~-4$w80f8{@Y!L@Vd;vdm8STI9=RZFQ!cxAlCcNZVtQw3>Rc%beY4Cy!;)e
zz>v;0K6~`}y-Qy;sYWzYW%R<Q2xTI$881v|X3cX<H#CH(;?9DyoCi?-Hg{(F;~>n7
zxJchHSaTt}o=W;6+J$)2LbOGwx4MpTF=k@6M#@xR$2@Loed33gP;b7oOi;k;X&FeZ
z10*_PUBSjeqG`gio#imUr}!MbrNY<BZ>OF?yqKz~`^5Sg6O8Tti9W5Ez6TZZ%-+xG
zjPjHvnFn!THj8k?u}d=}`5%?<2^9>@zqQ$T=%0)xuir|v;#h@0PY4NOAu^94ZhIGT
z4^?=kX-Gff(xuZEM#jne3-qjV6Q=47w!&KHmPy)(8TOrer>WlYzHqlOe)+=^o&3|f
zN=d%FLo31xD-8l!o_Zl%T0al+&+JqomE&{VBmQso|Nfk}AqrJ6niF38^0kSwzqW|t
zxxV;Dil|fmX(K7SrSefEzjyIsCaA-mP7kAAdGGRJHRDkub5Ft(;%(9k)VqnyLFi5K
zHE2wW%t0CSSrh<7C0;ae9w&<iCO^Ji;WE@bb=Tn94?gOe>YOSR$E{Iv7lqJ_Lpteg
z%Ls-=zv4G>$+C`zq}m=|Kkk3|W#^4Sk4fE#Lk$$Cd(2dzxqO;0BlFh<9LS_=vQF9Y
z7PMt@VmuDagj_e~_<pTnYwP`QyM}MJcQv{VyOB4V$`)THBh{W*Vq%~U5A-L8!h)Hc
zvBRs|^t-D)x&DR|9;s&6_BA$4Dbf9ty$?8GLTY6y_kXp8NCcH;)}FT&7LIISC|2W+
zAL{8QPnjK*q<p8vn6OC}B;UW9EA=CBul!u<o?ZfKKWMde4CV3b9=fl8aC)cWUe%*Y
zy~8Thc>V6!@K%%v`Iozq4_kdky)gLHF!lay7&QowL~#wZ2Il2sOx~dQ%R(6?JP`_I
zuP5P6-FIFQY;G8HqZO{vDr|3FCT~ACM}W#qT0`2FC~S4%4YPepN1;2rZe_jRo&Nbo
zdz*VAx*vY+VRJ5{gTLWD74I|XKwA?X!tuQVD5;Qx1nv34o!`3?{gcn^136rOn{_l}
zJhrvzpKD|)PnXz-In)fVPA_A*-?`miYa@*9BqzwsQIwLT%kM9gi7GEXC_7_ZU=y(@
zGE#+A5{;d1Weij(hO1aqZ>-C<_0`cmDlo*;-*<`o*l$H>V?UQyWo>L%p2-JO3gF-=
zRFGCmsh(Ay;dth=CAo+0cL=vobYiv}sWy8Xi~uQgR_A)V3{dTMU|g=$OvfKNDU)k|
zhmBdbozc~JZyXjPd}``{O<kvQ^m{&N6m_Ma#S@WF4QukgMj;VRD#``3I5ZaGH!5gl
zq#~2_V8c&%Mty(%X8d$-s%=%;Mns)@SM)7cx_a_nd*WAF(##$QndnIG7ZjQ(KeVzD
z(e;NPk-ck@$rl49IZUE-7OS7bL36p}mVhFu5tEPq_RfnghP^5qU*t2!;8LtVA9bGB
z#D-jmPS}%$KCP$R`wcdUk0;qs{76-?xX<NaT10r^v5ENYTV%_AcOy7+6PSqL$?@-%
zI`n0ha(h`E$KMCi^5;@?4l+uT%>6ujz35YTny)vXKbqqVIn2@BsX+?Vn*JJG`@sA^
zL2)0}^%hg{(^+?T>eU8kW6^`g7f@1G=MS_LL6M8+Q)k`FNeG(v#F9)6uY|ld>ub%H
zJx@$FCGuqQL*FT?E7zt<plEZi@ww*yug%7NdEWzft0tMZ5}d!W!8=oQ4mIv&+ZI%5
z7H2Xn;Rilv$J=gy5LmkuWP+(gduvME%8t*-z7^HHGjCCi$jw112TeSiO83xL9jxc9
zM>Xn1Ch_R)X;GT@m8|Fao^6e*^!!k9ZcaRfI=l>7+4k;tyl%PvAtYNnBL}*)XC)to
z?bm(WPvz^au()SlE=r=2#tQ1hPlC5yj*<{a_MNV3<;cWRIw|{NXudp#=OW|JGHmq?
z*w_pF_b%v!I*U}q^g!<AoPCL`0ci=J-YFEvuK_I#LOJ@a8=|}-W$EGG`t!?%kMlA7
z3qs%aOoaBiX>abUW^=f`i)+CXxGa+l>#SdWW`dF9V9sGq9NY4tvTSx+@yck<|AZ~p
zcc@fRjrG<JX?i=Y>-LdpNRtRbk9bYS9umwz$9GFVMW18cTFT*a&Y8Sh-8v}r`0d>)
zn;7SJl<$hWE0MOf3y(xIHtr;%FW1iIL)>z6+Yl@!*_Zjas{fN>%$8Zj69V6U7MCeL
zIL;JPDR9*pZZiR$Vs@yf9mPUshWPja7+<WYKQrmC_h@)tt%D(Z7*WZ~6!lsUZT|g}
z5L~sb?{@69zPS238-8hIi!MKg^CBaE{3tAF-#GjN*(o=<V!PTdBb4nBmJ~h+FQ(ej
zQDrL9y2r;Ss|@)adI6KXPFGSWud(njfDcI+wbfMkhN`!NynHcFrZ;*nLnEJmfNtxs
zY9KGdD`ubsjZTkaM=e;pJ^siSturem(0R8A-V2E@k{Jm@C#BkjI%Omcu=TPm!);s4
zIli8yM>`GmHRt^H#3b&(he|3bFUsp|EL*+0R<&*{S8F@&GP^2us_5UtE@>Eix(a8$
z+qcQx9w_Bid31Mb#Z=>kRBGfregD&QLY(nIZwz^hJ6eE<n2;jto2Y)`g1hon$>-GR
z7|7~y9ooPZomSn2{;DGU!2s13%Oc|xGyGnCz_NHqH*;y*y{T^2m+A=*67_vo?2)K;
z3a@R7UsuI+&`)Vm%_wtKk1~=99mb~KF&FpHsb8e`sy@>DA?jzf3-Jn!3cAXtWOIh4
z9g;{Kx%>08`S0#{_Ci=~vn7$th}QWto6($lG;WyXtC+YSqYuvU%G!?xw2rhPrh6H6
z4G0c>INxTw$>?|~j~rZBu>(b!Y>?0K%zXQJ6z;Up9~CER^Tk%w@8im3C52ycBVZkB
z`u1%sXmdrV-?!}Ax#yI@OnxQ(*mubu`=4`vzu%-_G_TC<EW_hK^iSCc%@jLzE?=mU
zvm544ul@PsDkiufD}(WH%QuSp6N$=V)prkpu;7dm5?$&lp*p)19{4$n8Yw!4+Z#kW
zw%O)|ZhAN4uP_B94SOy5!pj+L@`s}vSE=e03Qv51`+6+*Ohsrx@n>(sf=6P9QZ>+$
zTcz~rpIZ@`p4Ok$`lx=iKKp=(WGu)jSOchbr2(CmlxKvvf>&CA5q_Z#4Jyv-yS=<d
z@UVf5?+_W}XC<3w7<`!rZ}`Rq+rv@G{ipt+Q_(8-oH~DyY})5#IuNBNh;@F}Yq3Wr
zBfhaT<Xq{N>>)%N{*YjKaZ9CCl*9uUnzQ`iiaRPpjIytcsaq(*nK|4=G$=A<5Q=T~
zu24zyOJT*`a?()0pYTj*Hk#o3`-@=wA<t-}t3EBu=|lUwV)HQu>e8VLjUr6AjO_Uk
zVPl=bEgw!?YFi2Nn}SUp@#8{AgF#wasXnRZqHvr@aGs)zZ+cu6l%G|-nl9l2D{oIq
z-uTVUP3o#JF>;docm65VfP|BoCy@s*fgU$xaliBKabWL<Z+3Ie<a;>&m#-A4n6h~!
zL?t7DhJ@e;H&hWNY2PS}N1BuCg*vClN|GoG2)(lZPDi7~ijb#v62C~V;;q$4cc=)_
z-cqDU*@z#PU5ffuV$gMyyZSALd;UV{>5=A_NjyeepGu6Se85bvk%6qv(m!ojSyC|C
zozI>4Qs?!jl=+Mf7xMzVwS|hH73kYX#&`C-Q4Eilzqre}4c#!TR_WFn$+5~?>P^0V
zevG?>+mJSUT;y)Kxc*4Nz5|O&a-(as*ZZH1$SRz%AFf_mOEU4Vs;b-5L{`v~U%6RG
zL)IA)8f&`WSH0v0eDQuBV)^yg^k4c@@8Z%KPy0QgE2uwTz||J#v>Po1Dw}bqqyn~S
z1*ssrN%;dCzg~{v^O;$<h0-s{?pL}iYY*ZZ&*UBEM&oaqj!VaAd$=Xm?RH>kUDYmF
z?z>Cr_`>he_m>zqN?nPNLfC$#MxfoAwHohlOOeZ6t$hDD4O741INRJ&n)@N_Fet<}
zM}NKj^<vkQ)zd*Yr9#fvkbX4Bb6g6Q2~N>ah7>oxDe!Z4?*76=zlv|OkKkHf=AE$d
zL3(J;`C_;W2+mr6iAugQrf=M7J}0Crc*DRurq66azLh+WhGcj2)z}`{*vuZ6fc+L9
zjIL%`7x=h4#4D%o$GrMX@L}UQyMosaZk!cg($$Qp?#7w4R-KZ@y{+f0@%r;<GI)1`
zaa1(5)P{uEg=YOl$BFg$ZBuyLi@-3o_1JuG^-;#qPOme}2Is<kH_W(ycDz9FZcF$C
z=Y1D!KHIMr9D63@YIP%%5rP+=u_jB|JKv$##!r5Cfjp_2jYV5T!YFVJnOUZOPD?NJ
zi8U{IQ<2rx@y<vM-YYNOWWzfcrub)te7fWKc9$ONuUCAi9eW3{7;Q592#Ua=?2@O8
zDRpbPn5J`PTcns7waXapdd9D++w#EN#0Hq?Q_&@=``*S;^LyL_Ojh|9i)xw*UiAxb
zo)2c%ON}ec`M94xplkSv<$`b(b$+r}YJAblTY@m(TN3zl`JY&~@-#gclbX-w+k{}B
zN#(;hbH9J4%|Z8ju2rP2{}6@8^R}Nu?@ak0AYC*Py%a)ncT0#tKfI=GfeFp`dxm3a
zoT1;lCab8mC$!~8I<SV!iCbNMqm5rgpgDhKkeeK*7(=N*nb>YH5Y<uZ+nxjz6U-@`
z8D{(M@>+yfeg6BH*;YiVJsz!-=55Tze71U_lfH8Rb@Uo`F#R~}DZ0JzOeZ{izvXcm
ziq=mP!l(_O@9C$k%RzDQbdVo*hQGc^Z~NK7x$XX^!mW_$x02Gd;`R8v{yM#OiH|45
zH^=$+w!;{DwTZkmLeih2dm|ozA6bz!Yx^YQ-sETvw@$`Oq5SdbUGKkyMWF>q1egNf
z$ggzQm>THcG|$dWe3>uVD;&x`jTQPwlfVE6ndntqK~n#%WsyESa_!6YJ_UI(M;bE&
z=PVn)a-}y9*YADiWIc7$o#d0Sll7=!iBr;qZE9f@Q=jWCvCHm6dnU5nJjwcg8i|i-
zh^-1s`$t#b`P(IKti8I8FB}bfPuXG?Ch}ueM62~-U3;v<a(nGu!7yb`);VLT8;h+A
zm38mq<SH2bva|2Am1p=%ky7W=tU-fCBIj2jO`u5OwEOTc#y`98cd3G1Yf52UZS;Yu
zxR;F!YT+yV^y(|wi^E<yKghStWM3HGjdiVrxb@RXdn~?kY&bOJ=1IjmCN5+K4UxKs
zO+{@Ac}z{;+hR=^+cf`{|NZmmz&w9><(F5G&6XByqMI!nk7w-_rUILQ9B~fLi`sVb
zF>xlK{SnmnZMLnDedH%glxZTry@J3W-39Hq?f_DPffu~5RyI_>G)mF#Ml0b51sOOZ
zmuux+P|D-XteNW576gh>1e-|d?-;7M^XK5@tFkwRK9(rYWXfl@J;W-NR%`zbwm7T4
zULm(V#VN$!M_ZXSBa&DAp<7%UV|dVv#`wk-w)U+vX`5~Lp1YeV!kE%`JLi_%@9DuM
z?0TbFLC%?_EnQF>uOiVj{9NN+=`OBY6w(QNi-B6f$T_+k*Gx-k;B9UbY~y`9uRYN)
zw-!%GoBZ@%(l5TeNO*b&fdV+Hu(QWrwFYqYsfRh(Civ|Y`8<YgbC$5}5oPkCr;le3
zb8<caHPtdKz;+ZOY;)@(+2#G5_AiR0>8{G3Q|4H3Dom2m%^EOpYqpv|E&Di|n=21^
z`U<m9j6^IvN^c!qtMZQuXcQ5X8KG!gC2YPiFI-IgS4SX7FX;{TigZA##amxN+MLJ{
z_aZSuwlr|+*X=F+f43s)cYf84m%M~f<qRk^dN|ZlXE>Ao7*_1{KcGs-*!Ue}Ib&o=
z=o%k$znjT!mVo20MqJ)}RNU1(-m^C_&o|}gfi`F3krX0Y>T4O#l^XmSn63S8$a8y#
zRiQO5Rm<DcN0bN2yAaQC+QE0B<THCkNdCjGGGD4O?UBU!?`V6K2IoRTJk`KapI5k7
zn}b12LQe^hw`t<}o$`#E=nIKSd3G<Glf)!KC0OFE=|Xk6({mc4ze)p}J|ViN4GFjP
zayV;LNX-(R*>5_4(WrUu7V@i&Z+r_If?Cm8pyBC8-=Rs7DV%>la)bL+^}s&9g~k2x
z<QPc_mWRdId6oNc*)VY*+)3UpIRkb7#b65>mu%o1t9+kiC+kx?DmCKk>CdHe$bEb;
zEsbYIU?<Ei$67d;avazQ<lSzw*|7bsXF1Af4!}K8HVblb+?+rPp-wSRD;re-2Pm3%
z`Ewu$S0tovxd*OBRE+eW_x(*&!ropH<N8XQCi!sY^V?;?tr`%N?7#iV0gR_%c>^zy
zT?Fu&t|&|9Fd{C4CoxWNm&w!%F$G_uH`4DE68vR*sor{OOseAn@4ux9Ebz%W6oAF@
z(7kG=!((YRm(IgSTtyuX@u<DsP`%yq_1gB_T|S=TOXWTAhU(`<iN`bU%XaU{;9VqZ
zV451t-RzxOW0N999<>-P?A{g#y<v+{mGMPT8nUGkZ^u8mmhmq9V4q7jOE}>^(Ojj5
z<mHc~E5N&{pZUjXit@j)YKb6luGThv9sF_I$rjh-Btd%A()34bf7VVbr_g+(1B#}g
zSC4DB_f~mOTZ#jpIK8Q77De|5#w`%A3Mt`#Ooc9J_z@7~*L+!9ITv_&Gh<pp$JH8H
zEQ3I9EHNz6FIjS?fB^&Nq)%odU`Ucyf)or{7%&5HAlcR!e_r^j)ysicg;d?qO{bFH
z{bhR4hah82G{Ir+1<j<@(?!+II+nILqaH3W;_8T#$Y^Uva-D|BY>+tYLx;4YGlks~
z51R3(HEU-AAAU6~#Z;Ic7iqqo(>7%wV{7T=KaCwu)wcX2mH>*$vlp07XA(vJh4MIb
z#dC!VCnzVY=fPXg&F*=CuSN_Q$}SmW^Z_!X=|>IFDar}R02<Ty9G@_xUlGo`Z&;Il
zg_RHVP~Ry^L|Ey)xWL9KyD{#w@trQvu1eNe#-Nn*XNUK8?J23w$lX(5vidl73Sa@w
znT!J$=IiHmj75cNP*IqEda|uig*gWKgA<Sw?P@I7H|CSU?Qdf5;(>oMXQDvhA^~hm
zRv3S$<4IRnMjMxm{8kSsIMo#P&T!!T#GpO$_QniIH4MCwh{K3&XUi~d&#8+*Z7oN`
z?)~Gdt~~uJU_$YCjr#NTVtzk?zd?@m)M!x!A%%TV|5P;@{MOY9(A#bC1u%6^<z6mo
z{%fe>3f|}DvzL|sw~r@z9f)KaEBp^ck3-}{)&D8Y^WVMHSS|4%cU#_Hm$w2@tKS&z
z;@5kFBjUWpAE_QG{UuV+%YS{JIC*t?0L+y1QC6%tUaA>rQ!T{xMGZjF0s<Pa(rD+z
zFwWOseR1y<)Jk;y6$wgS{qJ&BY&aNcd3RR77=FnX4SH|?1@dC}E3VL^st4WHga7C}
z&h{`-{2Skn%2)rclr0!FB;t30Q35f}`In1yf8K7PAzC^8j_`g%NIHQf&%3tQMOT8a
z-+X2HKm;+?m|o8Orru=4^3Aake@|cV`j$q(qW`%)vj4mXL$9$yw_+Gr7VA>#DvxL9
z^q{m|*M}w}p8KS-djjn0HIC;{JYRxsntMB<^_i5R?CyDM&w-b<2g2-$N+R@3Kb{*=
z@gKynDJVsPtdGBk)b{%nM|?c!_VawswIV3*S8>1eHAupMnOZ%t?Fdx4LH~eCIe_Vo
z4;kAj&_Dn^erNYgW<*Hv!#9?_GKg|7!$H%kkDetz$&!578j!&JkB^9O_eY`%SeXyN
z3s);>oF{VIDs{d^dei~oKxh-l=cODX@<>)*ZCwWg3t>&i0}GcQEcjnE_A6R9d-wIq
z1z<2vTN^nOgJ!uaK_M6}6ukkIwSCkh{^h?0CR{|Sl@|Yo_YDB=tN0+lQB(lssDF8*
zw3bJN{FXDOSS;fLMXZJ`-!hTvUu_?s>ue^XI1lim^E@K)A2#3uaJEkwcjU7fZ0M59
zj;2KVns=<%8xjZpsUt~O>(fv%&fe?2eAfrxBj_UNeMWv#`8fFKU(28apJC!@^JV(U
z?-qczKYX&a?XGX}V2ZA0AY0W-xqsq4NJ-%}PPxEpT<=Q0v%bqBaqY!{2?oq_2$QUw
z&Wkb;ADjChV@^odo|OZ|@St!-O%A!EIR!ck0kxZ@IX`iXy^Yv>d9y7}vWpA6_vILi
zv&00QBS}VoH4yVPW@Z%rGUbyqRTi6UpM(Kxsy=omcUdN`<&2vc;?6<}&hpV540xR-
zHs}5z`}V^L+P7|{{B6nIHqAoVCP}~&FJ(RpYypoFd0Pd{@)%qP(xs7J6PDzKV4csy
zg5)0mnFV<Af-QiX=i)Egh;|A5U(_sF5T>>lDlL09`HUsxoOkftNq}8Xsr%U|(iZ3K
z>*)>**+-lq6M#4@!~b6l`~HZrPN+3ta_aMo?{s*_RPU1xG@s{sgntWoT$q(34Rt$Y
zMg}$xMjJmF1L*H0SIDiC+I`W@S=viDieRq4-jAvts=N?iWE57Vi*Xq*tUnv{Z1?Va
z3bs#0N3Ox-AJ=f4R^t(l-aMKd%YRgWn;ctDCDF#S_lSuddx4$rRPaz0qt1VncR=%W
zYo_(*BK!EzJPy6~<oy457!cuu($&SI<TiJvg;x@n+#2dw{#D>=y-ZHBorlX`Za@DU
zaA}2qne^zGtAzhOCzoMMuS-kVpb5+<y?3^oo9Uk!y9NZ{fYC5t(Gwd&4vr;7_+mb;
z68ti02gx+HLo>JYPw4VaXECF-Z4`p}RJmrC`1Ht#jQ=s}D@uXnQhOIf#ywcTJLvaN
zZJ`Xh0#&ZxwZL@4`I4p`4xX3aC{im?ne1t~xH>x~Hk_#%k=d7#GanMh^m03#L@xg$
zt5+6*nUW4o){U_5dfHFq@k&4?Z*7O?mMP(%@Ww~ys@xJ6H5FC%K<inPxvrG?FJ&y?
z?P|?}g8}cugMG=x)=+rMC4Ae#1QU;)8$ZUGiiGnOL8f$209B0|HfRk$zf_=o|7g%m
zDtzWabt#O*1NUk%e61^?^H1+=p6g+Jd<d8g>C59qQxsg6Bh2S@gy+Ddq0rE-Dij#R
z3?Sk%)(a?mDwb!%bg!fKdN7s##YzX>S#{MnlYzu?pcNW@4fK^q+yA)kmRv#^Sy>c(
zIon1YjM%t;YTgw*Pp^(gP6G6)tz5+2>|MZl5b(dhCxrS;35mwZcxT~L(jS0qSGIuC
z8^m+X9OJ4C&CXFv2`9dEW4n?VtbyxayajK#@LM)375~F2qckVi@JubqL$(V?h0t_@
z+NY1x>lX9kfzZ^A%ULN`#PH}+k_2ria#WMwYO<#;`U>OzJA{BTLU3o<Zb{iMGWhJg
zLUj<nB>PqPUQbU?srBb;1ZU6gX5rBvPrSUPoU~Ma`=dtI_9Mh1+RvPmZ88?$VE$+9
zSQivmY=lIe5`pvkApsf9<U{x*+s{tbnEZOlV|5QV)0e0fkjzfkd>5Q~BFqkt&<7g8
zdv^2b3rktt)$K^!vsmz-kkHj1>UxuG2Oo84K75Hhg3e>2V1S%4DysX#$uW%VuRwE$
zF#kPD67?E-T>0h0k-@iHTsA-kfBREv;5nG2{r4zp=G`%)<{m9MO1;m`sf0rU^;gBY
z()tJ2<c@kmxa#pJOo`WKE3OSP!-yP@2j*1kzq5oVx?#)I|6OMfZ`+y*!8I8_@Lc7M
zo{`2grpzlTajzW$FERA4$^hHNfKQq*W42d$W&2HgCP#H<XE@Q{^MKMv^MGuQ4+DbP
zt(p*zWAUMsj=x@7CGvw=#x6=o`q5;dkdpw&mrB)Dzsm;D=gbT(SvTK28ZQ#eB;7Io
zwtYW=xIRD?0MW;wWr#Okva5ZT9?>#12kb@~LpK`U!i7&S{KO_%<=f9Q%BG0>B*aes
zy>`NKpxyph`-y(h0DN<S@%sV4-qFh=yflu#RI(F9V)`?|YolF~TfkYCf)+vy5$N`_
zs7A>Zk7$fv$hanP!MXz^g8fG^hoUx!rxmz#*>KHzhYPqBL@EQ_((c?PeCGR;E@zmd
zYaIwWm+-HVL8l$RuJM0O?)+Ht09h}1*^xwaH@oLylx4QB(J?J^Ow9NicccP~LOkCk
zKE3zw+x0J8t2<Pq9gqK-WQB8<e6=|e3-jcU1Z5YtQmUpKlRsR#Av3n>WFsng<o{A=
z^1d{TeCS_Vjj2zxI>K~bK!q{KxnVn<k@jOkeD?56*V!l40;?8PAmYB4u*>8+w>R=H
zP*HyC`fA|4oOBsD1S*DMZD8F%)&=b9nfmH$4fHsYd<mZIYvrqR>yZ!|a2}s%_+WAj
zTww*1gIXi$%VFHd!!xaIQHxr*@IeVzE}|-^yDB91p%#O}RYpm!$m68^Iy>Ov@sT3G
zEEWk6HXv}3x*%1?kxlnPB77@7p)PyMDi<})<q!R+%?p?M+S*1}7`b?tkUC(*Z{-}G
zRWo8Il;W<9FrHPaH+b_*;-Vcnq4@Q`3X`73q4a;DKCDuY3rEc$DNaC}LSGr!!P|>R
z3v6v&R7nfS|5s24uc@+`{wt^xihl&gYVP3OJ6dA$qt&MG30@VLt_UZC5d7~68>$=l
zK90l5V=sjB-yJ*Hgo9tr?;2Q~yCiuVz!>ccI6yPP%b!$FmgEZ05o_P%0;g{s+Y%aO
zF+5B0vOe%JEmek$%&==CyL$D|g<{|<bo9_=`s)3K-dXI)@1bB=b(R_j+?Q@&ZdCyE
zjS9e?ZoW6EXPYz)#1&3}R|ka?dKtv^(`~5N|C(}p)7Ua{H13*;L(CXbVEifm|HIx}
zMrHM``@)K(NJ^KqgoHHG-5@P3@X##{(uhbm(nxoAiU`t3H%K=~H=O&ywf0{A_Za)U
z<NbWTI25LH-f?yOuDz%Cy!=jY;Wyyr(7(&pa?Iiz2{6lQ@yI@0;5q5QtSQJis=tIr
zI0PTY-_w3}>|#GndbD@tAYXfoJaLBs&0A5Q1mr{Jm-Gl^-BM*5OQDmn;p5y{F1VI6
zMW0`iVdERVa;;)~0R=}8lz|!W%(vXUz2*kCz#j%8bdPn+@csz*S5HCIM+?L2rS`uX
z3zj(pp?&JIv`_|8&L~sN0Wtw9m2N1$!7HVo{HM-!+5pKgn!FR-qrOb!(NW+I6m9%0
zA&{wP$gr_FYWn$E2WYL&B2bcDd;OOFz1*L*Or+w~#KZI>{_PsBVJ<E@yo(nUgUcAD
z#^zJ<Rn3D&N|~Kwzh6Nmy(u^iJ-QhcJcS(Zc*OfFa+Q*(Ai(<Ve{aj1Cmlgs4@i>y
zFY{;=RN9~S9@8_3iAG}ITxmoU*C?Z*9krb~TtEgZhp>L@-qVat?;F;~L>l+23R1v@
zd$01JLLaBaa$GrF=r5llwE(^s+B*IKkX%&6-xAwa`0ZlF`;er>M|b`%DjiM^OY%*l
zu`pl6cofykknLHNU%KTbns-AH8@vagH#Az`@FEO`5#tY~NOAtA2E+`|CW4uzn;mM&
zX@sp9zqAw~*lH$BoFx8(0RkxkbSET=(BWiXKria)NSPTmpkU}l9kjRQC<?;1T;)G8
zqZ3{Ix7;TSsYRZ&3{*=}p)7n+{iZl~Ym9Gr#$t#4q_DVHY@$RbGASwe;%MEl@AFH|
zxzqiH@bBM6cL4AQQ}Zz<JQ~RkyQ8rf%`XP%%8%om%1E$GgYW56MXSn{5$*})>(_6J
zKm40bS|bSat_TV=)p9-*+{YHh3qW}n$^@)}ip#-Lhop>5`={rrfqI@7Vp<4?pak0D
zVS)Yn02I~;=FuZQMfNzUho$!{sm>V|oB0(3_Fk8qgZ?=Gzw?@(%RaP>W&Pa<VZ%P}
zGd`Z@?3VJsmp-G;#>T(?dJWwYTPwPjsrVmR#>$Uv89n&8Pdnn{Ck<{yDS6+1%>7DK
zV=EWQ1IEc3jhBYPbS#|?EEcRf!zFOYIB$0*%j=ec=zjx*t8}ee>%h>^j%QxiK4oRh
z*QYZ!b)XEi-1Ek5cL4y>7z0=-83roLH!?KJu)wk{gsTAHLgoT#EJlwds<elBnm*Ou
zivX>e4mZVLrvK8yEi|CQ{jVZ;h%Zh#lEhO)`YLkM1>L^1#GtlEPXot7yo(~GrKH+G
zNi`J23JL<HiPzKDH##ntos*N%&_Lh^kMa$eg1-S$*W2s!1I^!2_6Se#ytA?>wVkGn
z&aaOK54KBNm%e-?`3BIVWNjXQR)cbI&IkQ=S%!Q0YP9vkFO;?M>+}f~UTO<c;~7FB
z@g=Y=9<#VdPqm0YWRETWtKTS*<0B$3K-I$Iv`#*4TwGk7ritz_XzNR0eQCEO%77;&
z7$rv^#<Rx-z<k=xtCtc?QlYq6b^xx)a3GnRMwRJJ+<(<T8)HKSwT8|lqdia|P(gil
z@pfC5?w<wtc}zi|2sIt_FM&89FdXSr?&D11!bI~s1qE~rl-M{pOR4UAKK}IF0Z;IK
zS9{|*w~qmAR{^N5sA5-hbab4qY5@pY2ms%OK|GwK__oE@OTP`Fuj!s%N}p&M8~=-5
z1c)t@HesQTRqtfTe@mf}>PVD#vR@TKQ~y|=V(t>EqFf6U)KR#4?_a8w>U#Wi+F)5a
z{)Wu-b~sClYdM4!6-MBwkJWCc{D*ntgC3kMKruO|7Ti#Hr>2u}tuROQ(hTp1P-DW(
zo4O(hi%a&8^g_didqV!7${Sg4%{;<-q&e}gG~R}8OD*=K_GdTnf!|*rp^?(lBX4eQ
zYR0ZkRK%Ho^G9;ot)3_|{DEpkDeXHJfI?_{xtUAB#)gG$P8op!*GC5xHkA!!I#6{9
z6*gx_ZQ}`oe+xb~q2NhazQ5z~?AW6c&>W|o-ODh6TbC}juaOiI=1k`v01mE-VbqA;
zacXrxKR0!FUKym<1+0!fDezy2&V&dLfFuJ{BWDj6F<Qpg|1o>|Zr+zU!sGn24F7kU
z76)OSR8hk`%zxG4yPQTc)@>Oq5DtL?Z7EL6**ZlniIaZL1yXWy7=Y5nN8-AIu{*($
zgaR<J?(vH-3N|)O8BF;==R#m`@JJ)B1__)4Q0Fp67Id0QN*OoYQF8hazRbdLvL5l5
zhbAXbv?1Mrxi|`HYWTTE=ZSf-iQ{uXNVd~vxnG)^v<q#P5B3`OmwM<+M{hN%&0|kz
z;`Kba=e_Q3C~)Z4yD!AKA-E$JCH3%)&imuHS~MdWt4wj)9$nKa+}AfZIv(3<3xiOT
zzF=$=bf{kbqv}5!r~N41TN#Fq=-*a7ZzVD)`ghoJ0wGN-=3J=W)XJ;?Zn~AaEIz*H
zdWv%uhMqdnKmaY0YsJfchT7S8>8~UJfYY85OhA*b5R86|X6p+c9}f9Pan-RES{ncu
z&iR+_VZnzSpFV6Wr**!>09se3w2*<jqqI8**T{<Hf@`?(Zy%6#Jom@vf8MXPdYCsH
z#u|r)rf6LFU%hTodM<Oad+xPN^drKm_hB2LjK0HNr9RXGfL}zwRAGuO{t|oE(v4Ww
zBzOgC<U5x-g0<{5g4ekSb0DzhM{E7l$juaY*Vk5zvSWD@O5cC{u-K+If_3kXqMAni
zB8P@#gvr}8>Sf=26G2MB^O?kr4Mlm+@=<#XkE5&2<MW8W4Ke=FcN}9+|J}NzRVw$@
zcQZdV52hD1O*g&%I;SrU6E1rYJ(SO&RbyI8PeViVQ&))eW07JEZ8ZpY6r9?-*3N|B
zv!cp|M_)>vM=3tTmwL5bR9SWQty`upDS&ngA}$^RVNK{1+4I<|UpLqq&Hvcl%hn3u
z^5os`l6R&r09K&+IvZ{dgl++J(SV+WIk)X%&EJ~!@3KWeEo8#zI)IlO&%x>q?p$3c
zZQOgc>&fEwoaw38awsQ&E({^Gt`j;kO(vkV;K6<I#ycZ}JQ?8NO_x$_bdyo=0hKzo
zH&dw2WJPQmPQq7})?Jc~2@hId#H<|TrjKvV7M2Hi_P;9#++?LZw|a_}u=cz$vFC!N
zUtv79Cq}?k$NyN*$cT!u`B-UJS6?5cbS+}R<~??Yj`Q4yogGUChaL;+M3Rb!5l!u-
zEiEJ_X&yBk{qF#N+;rC}z~3XiAs15Bts(i<nT-m(Nq|W9?e25AbPENuy$}ht@hT}L
zHxh?TyVnEP*MdwSS@fSN(NY5qfPC{S8!Buq^EE(I)Ch-1B+~}auVXDMy@kk(O}~YA
zm5_MTJWdmE@Jd=P&6{p7x2J=vsYbhK;zkv8n;3kgVPasz0aT<CvMwes!GvsgD;g2k
zYh-*(VSvMzz1w%O94=sf#(f;Yw0lSgi$u%vj@l=~Vxpw~9?8(OROWmsn5l~NCmt81
zs`$Wkw`;U=kU#ipzf})exq>zf78OYp^GWtRCS?}Gq5Gkd-ITt=#?LR)!9O~FwIMwF
z4&Vbz6C@`i-%_4LU3J$(K?r>#wV52JYpjwus1(1A0@%E&bZU#{=~|moIBq067Nuj*
z_+tP}u<1ZmQ2zrOlQh%1J+hw}S&dbhja2o!QzG`dscdee62CG%dDH6Ij1vY*0G7ra
zAU!4H7d_L}(ekgPko$&>4@dyc98TV><GqfoFEnw{1K#6bp<$|_AQ%$tzYPdpO<ZV7
z%|#x{iwtAhE&dbZ<H8)a5flKf?$AAS+lW%Odn2GI+njf$w*@vdH_cNMz^s`cmwMgE
zT$P6eUGLg>`T1i`S?0Wy?e;M87l-jL>W;eV6~N3%<RNH}u|y{$lij1IVEz~;D>b*;
z!jeH=svcqHgV{hSIP0<;YK5wd$qb=OuTn&v;-%o`)*w8Iio`RM7<oYRP;6XZDlqyh
z83os2IFZssNXQc_tnH?wfss90Ar(~oi%o#(h~u>K9!VKf6T&7R=6bYdcGlP3&CLws
zu;6iKmMPc&f%awWE9sk+x{I}>$cTvax#eef=O1gngu}9P-vdm-mb2?ii+4ee<%Ct1
zRb<R6XJxh)OWN-vDmr}aS4!#l|MdT}Z*f8p;F^R5<v7h+e?UWz<&=f=m#1N;LFVNE
zK?5|_0~+Sllry3f%{iA#<0r20@grh^+X2Kko|DmSZH<{jiPdeYuuPW8{LJGxlEatk
zB)XdS@I&)K1g$ZPhr-^N17|CUwwkrc3ai+kS!qsyI%#nm%Dk?Pu#j=KxqbzhIM`2j
z03lS9D>8z7KmF=z;m-4C%(roH$ixsV$-PFi5o)XGj{vQdAy2X_Qjuj!>i16(;gqH`
zdGXb(YY{ZF!PdJQ8>=1&ScG<YdHM7)50Wy=H^;L%XA6P2O%E0V>bC5Ih}Us(apRz(
zNbc22^ZU?`A^hDmasITMkLuNOh<nJC@n@<naznXl*jT8PF|y~EW?Z_ul0$?6EU9{9
zEf4B_q`>+3@xGLg$ln?8Et_|VmgUkfKy#7zCE-+_0X>Kk7rutZ`cUkDL7TYOps}gd
zA%DuZL=B1}%NJ>$m-!rt!*#~e;%^ATH7bqG_MM~C$xfn~rYl-<4k9q{kXTuCia<3z
z(=p3q3VkuB;b=ulB#C}vx%QZAZE**P&IEmFQwCgZXYmk~He0Q}_%g?Ss6~J#P&Li*
zvSWn&@3{uJmY-O`%KL`-(<VrBfzClItI01PW!IxCvaB#qQTafdSp~dw&UrUYObi(z
zqzmg6H$*el9~=LZIWHte5=PygLb-O%iO^|p*7escxU?Leo-Tuh7LV$*-cddz<>4RT
z&8}$abzL$2hGE>D3|@#S(3simFhdh99Kk<KO1G0|EUZK+Jm<@2V!NQLN7#n<THx5&
z)X<P{E&IdL0R8l0O?~W}266Utnva=`K3gXQwaK_4tn!G08mfHrw+--m)-~=iLkc$x
zMt>aRGRfU*Tnv(5LziW?AZU5>hfq<BbVA>g#ck?>3)bv9E^G5cut=hk1Sh#{(|U92
zV-FEQ)Yzv~zR2=CY~f7srT(}hIswpnt?c2Zurk1jv#YRRQjF|--d>nk%?(6`iL}RP
z&lGEMGURowAp>GZm(-#1@7mB@Ci4;Zjj)VmOk(L8nr3$Fq0Kb~KS?LT%z#X1T$lQz
zyXwXH3*sk4ij1ptzhXg(2eKh029}pQE0iUwTE89MN(3>XVzO>PQvBx%)e6vznXf+v
z&}v*AL&1hK^+WgFqu6DR)(36uKSw#*Vtyl-p*)FPu;^zKFq@F$oXe6sve5RUrtoL+
zr5+4x{1<_qJlWqq`m0j>^R`ibSO7c)Kh_?qvJhQnQyRVxvK!luG1bS*+4dVI75!7K
zD?a(ZV#G&Yh1&<x6;O9y25PXoW=VH7kR~iWSMCGto?(9S(YEAFRk1p=(1Kel2~H&0
zia2SQAlZxPukWC^w}8W+>$)t$F}#&cU=brch>$~vRIUAtKb5YFOgS|kO!fHH>tXN6
z%O=~+tyEKV6Djg7CM2-CihJsn&bSmiACL|XJV=V~syJl35tBj^r6OX?>@fu)uQFlL
zk=}(SnM&qGMv|6CVNjdZ!b;*-M`Hk}`&n;cUI;4+l3WF~G^h|iF=pAK%;Yt2F#Q}w
z>-mG&IT?qSDzE2~9!ZxarL34jd6<)>f+o`q)7U5_E`(0{^VVGBnf`SJiFA&dv}u$a
zCnPAlN@tqpi?nzfCG)#SkK?Z~*5zp4KKWDIP;fbuavv*U6VIM`BNLFn)<$H9Kg@~O
zyNA+#HnUS_pvmp#jPyO|*mg9}Cm+;~DJp%5ip3@R&!CEFdxjy1rF+-I&SK}R1XsVO
zjkEemRma8$VF(4rTN!zqRE}?Vyz7Mres-iH>C}`0YJQq!CBw)v<h!^y@5%(GaiaTR
z3@nO98kJD7U8Vn;TTwkT)q3|O0}>}@&WcQ{e=;!kw#u}+<ee&r8)4D#+sv&#M@7&G
z360BiGx}+0XiT&5nl*-e?|Q|W;QM@J4f0*`TUZRm7ZLHKmG=h`q|_EMln$Wj2>^qh
zna>jFz-WyW4<&&z+oNo&P_4|~zyw*x7_$T`6lEo*sZd3jWLf$cM-|KvqiKU>L@nj7
z>=xsu6w!yQNWO=+FY_gqL7ibwNAXbq$pU^&0L<OOysNj2B9&Dg<$4ySkoIdq^_M1!
z4*eG6?8xx2xH^@-=^4m$crOheJgUfHfBQ8sD43f(qr^9ZTr%bfO#JUN_w%bgX8ES4
z)(U6NsUH#QM(n>iZ>gQAtLDlp!HT!OoN#lC-(xJ+9i(SmY_`PtE$?qxt1rN`Ww+a1
zT|APbY84qTemWj+<TMqyVAXkD?KIuOzO#6=J*mS~T9z<>r*NRVclUmtoWfxE&R^5%
zTPk~zQ8XRL!TOlf1x4#josF6Xui2zsWx?rY|H<y$T}j16XK95!TK=ZwSC7)tvKieM
z@(!zCj<zN@z4G<fQLg4tXYw0%%f;A}UYUg67*4XdUlppNR?rcC)^Tx><1uVa9Iw&9
zzVci%Z@jCHbs8+B@5_CWQd?v$GEiigR9mz(et6YWU7{z@U;4$_e<O}{YqD)dy|!VV
z@1u=peGj31LVE>y-K>MARpW79qEiCyr-q9Q$2T4>A|5l<BC0dXhaIPF&anWbD7DDd
z>^X{OlC@)R+@!~ZV_7>IqWX9CnFV@2CfIKQf?v8+a=0SbB-px2U*q2Kt(}dj>ruV1
zNi}^EhzAMm3e>biC+z`IuinFNco7sznB38;>KpU}vMkT2)a%s~_14~OOOZvO`wTv3
ztRW%!l(?k2tNnA5LJ`Rtvs89NlWqE|XI<@=^&wXG!@1bg=i#C|m5%IJgA;|8Y4q_i
z(fRu(MRu?T<G$77OCcYe;+@qtwD*gCdgT_Ecej?*_&MiU8<9Mpy7U!eL}57Xi&4l?
zi*emV@12<bxKMmJJYJx+OJHoWP}#TV#do5S`To~(bbjnS(et~8PJ+>?uN+gRk0jn{
zrqut8%-)vIH@dl1>%G|#AZeTSnlZ0Y^g}7y?^>|>T}e;Wc6pi1mGJLcfPEd5qJVh2
zvrd22@p4t{(r`Ldo;2B;^=Y@7Gqtgu58=Jq#~XP%g)={*)!pAP*2INQ2*|`CF@|ng
zzjd@oys2?1W;pvjQ+5k~dP0m+R9|Z&*T_&+KR@_rqRIYo=$b-p4M{u!f1cm&&wS5c
zIeAD(56L3<VCq{`j0Ki17rJm0$crP8jisU~bV3@7M}zzxz_CL`t#eKAu?V?EvXJ}f
zlu0nF&*PA&!r5S1)dvn9Vu;>f`=;oLKe;(yM>$gVG{W%(hUSeD-W8cF=N8o%TEE%K
zV4q0SoDoY6ly{sn(SevB>>Gc4^2T!CYg_DD(?;*C1Oc}}RksFmbL#{~<Pln-QM1I0
z%6I{-*a+G3+Z09}%e0%a=?2%Eu)6dxkG&griG7pu;xLH{l5>eUe_Oe8vselazs7N=
z$kcPS8n<G{Mvtjyo_o>x2n%n_=Js{h0%w~dLyO|hoVWLot!|^LIrjBJi*nRMJ&$yQ
zcRnUqSoV(Ve&0QXujxZZWPfGkGv_(pVDPlo1%rIx1$%z2kB67SBa59Il!U~U$euHV
z3FpWXk5WzblG9HzThmA>g)_9ZjMZnnJD8DuvUd8sr{-5qs{MKr=tc$a<>!%+vkHz*
zPb@#HXJv@7qFJ(&k-|#j_-O0V+3RrOPAaX<Dr^Vuhgb0oPjf9q7eoe0V890{+2%8t
z*_n3;Jy;TLLwxLPtB$kzF*$bGvn0JndsP=gm&a4+3P<2$Uz%u1k(yxEn^avf7McX>
zRwBxmgKA+a*A$4bTbOULldaIp`>kwt?Zu^D;)3#i?9>4#ljGpdO7^bDQuc1>g+VOw
z`JlkOUF3_D(7?e?U93QHf1`oG0Nuo7jpnDgF}Xtr`1$XUN#x$^eJ@Natq^Id6j`<@
zwwbBEF@&p!V8eQ_IQrHGc)45HS)2q8t63Fr9jdgR!j~wFFLVc&Tv&aJxUA_<E6{AL
z#GRs;pUNK4QmbTCe_^*7QuUmv*y6{&##|&V;zpVM)A+}&d-<yzmVG_`5ISY;)NQSa
zu-WW}IWF@LGWk#5%F=x)Qcn>WH1AKfo(nV67b(?Ica)YxMD!UJA)Sct8P+N{egQk4
z(y?5mE|%1#A{JS=vafg$AmVP`A@MdkCAF5jkh5kr$y)cijh@S(GJtTBR(I1%Y54TG
zOIVfZ7puvlrp1Wi7hKhgg#_9G!Xc-lf$jIdQf3Z5$z7Lqca0t|jB8pjMTz+_->iuR
z1YWXn)&E`{@nAWrC5)eDeO5%FESget>%}tml|nhq9THTjH=}*tDv2)|?eG<K{Y8bB
zp4tRPUGpWw>3~-;PvNobeuGor-gXyOD9yb6v)HM2o8q*F^W`G;8r!L9a0E}a(;I@H
z*+8CpYFfFU>Ig)sw^=b=PMF_ZH?tRC7Tz3gHncC9UkG`RK4;`meG2nI9C{4Gg9<mu
zKEk9CQ2xX=P!IZPQbMTbPaEJCs1zhi+~mP7k*<5w)R+B5sA#^vrNwcwE@*e!y*z$P
zt-9&K2ZfwKx_-~PFZAT)W`mAqo)f9sy(wQZUVp>e=T)q5sM%%G-Ju&vsZw`z-&txn
zO_h*-<-S5$gU!;<grAVe?G-9>w9Gqd?4<`$<~>|aGt=BEF8va}c2>u^u-rt075Rl<
z7m}B%{?_2~QK<Gb1!OBp52TSfixpTtY3??;vb%5H#O^g|h}kWc<XiEP*Zyq3c4vYs
zk4Yp~{xHX|dG&3naQ^P2H-zDC_*Xn0G+cDJ;Oa|Ks9tIf4c<(X6N?%E{FG&-gN*ri
zvF?%in6c^FoGqg9#Cc}%JqffKikXb1+vJMc@LIWR@QhYgsm=j;yHm)!lXG`?2{0Rr
zy05g(ZY*424MIJ5tg4B(RJ$@O=Em2VD$GIez9a$7>xU2B_h(d{zSe9P%n`fZD7m*0
za{g=oOCh7_$`(_rKgL<e#SB~NDj(Gr?sXZpdNI@r4Zd)ub;_D{J?+pvp}SD@HmJne
z9<b`bO((tV(Bvi*k3>{L*d8n3Vr;A_HGek$W+BJbemPlFiY+C9u7^Wv0T<2~Wr>Vb
zqqh~W>2%s6tcvJe7um%=F9J(P0`*=_#%qaDt&(?4EUFopG25N-8x@bZchl969#y3x
zjN7jE%v9%@7fuva54Px8H8*!5e;_xI$-IiBZBg!}A7%cPHBB;gh$xXsH(yz(t+MrW
zzp;DxI#9TIGge37Dm{^L)v8S5HA#@nNBU9f9GN3OSw(`IC5rJ_@!Wz%G+nb}cfA`u
zGY6&Jz?PSH9J<)8oYXP(<V15#hX?!#<~ynjnXlm>kp?&_VmrIoho5&;Mf%|4qsWyD
z*3@ZU%1@Radnhi39lwpL9$vVWrBEhUzMI*Gin#(&FPnFB=a@Q9>AA!!?m3T9w0HQF
z-A}Fz+W-#av(a0TkHLEh1z3vFEu~nK6x^nhMxlrpLwJm1t5FLe6gRfldgtkkhPeyk
zP0sO0ht4B8a&wj11u{wO7IBStTOiu)kZ<>q*y(d4b6uP>v2?*8be@CO9(VdRn*ifV
zwmDh+WR1ndKuOb~G!Jl2X7K<<P&L5nZ@AU<I8jyq5P@u2FUYC5Trm$4B0uJ`JLcqL
zd;|`@KkXg4uEY9VUKdfTS#4eekmeiB1GU3?Khvufm4N_YLvIYe1qfoD0+5&bV9x}?
zI|1-lk-NrwzKzWbTxmF<YS@YTe9A|WJ0tdpS}PW(fA=g@Gwyq`eF|hlQl!ND`tGdV
zUuL(S)v~`&gCon!eS2)I@v&gBDWc>8F3MIH8kUoWAD2)>s>>3RL>$fHT%DbvGZQ8(
z08|ef2PrUTfiV#0x8id@t>W2l8iA%CctA307lf`V06frK+zXARF3DEU8=?#86O9)M
zOIIOwW2)-){IoCH`D6_{L&^be(M)8%mQC{*W8)5sL{wejr$I828LQg4XDiVL5D=QI
zY}{+;jbz>%fllV=W#X6zkt|{#-`D*qJQLs;jG=*1LIHjjM-YapUnf<L=tUrL`5J&q
zyd`NeDbu@7cSf#ERq)FGo(QDm8uw9@cgFRVt>g;FYYIL&H<|@%x$jpj@C+0f>bb)a
z)TK#T5yR+z&7N+mS2Ma~Ys`}%B%IAnsj0z4k7y}{{Ymi(GHHYoC9JaMhsJL^l%21f
zI}MPHcJ^w>FCUrtyt&u~Q%%Z$Jo5rwvB%0Y00oM8anXb=h&Mv1c1%qx`}#$ktk4So
z<woX7!As};`8ga0O^5>DNeqSZAn#F#2Z#!-u1|m~U(L`waJG?4<{GM*bJ7B+Gw)m>
zyCAbzMG?mJEi(Ufccu}DLpsL6>=e(-P3wVc-c;G<tG&ifqaU|ZjDdPHHC9&BRc4(;
z-)8?M$HMOAn9jQq-3H6*lMSA3@$eKA84hzR3qp<;_3WnKhD6^!8YI-P*<<6eT%dMp
zbtbcEZYVfc(TF1T(9`IWu$e9EC4dc-l-r%I-p$Jls{ltZdE@g&=oQHJai1kDsFi4&
zfiWBvn<Ke1;CCAtuVySOLn(;fd*!A$y$jE|1e?b=n10vGunR^}Fg-Io|Gmgq@qLz5
zIhtDToqvxFuYk+%Ujh-d8EVHj0JbYepz&=R46d1<tk7X#I^We!C5Qeu*fSF_8OI5v
zfT$>y9fUPW;aExSLG+}CB8gmi^TfML#VrKpLUa;amsDs_Un$y4+jx#C4Wf5jHjKk@
zz{{%}R*{H~NC~6cBiZgcVwvQ`zT?wIT;wtHJsu0;-5yy=%&~_gCx>@$kZ)0Bjrj2=
zdvWwo9jB>|o1~Z)x09`@2r`kVy(fxAikaf|RlEaik(e84Ceo)GuUOzP3}wmXB528l
zMcaoXY1f1vlluR#N$&T3BAgRQy<5MYI-VhhEb*OGU9?rr-9+!HSPs{nBLMlD1c}*A
zN%DM8(Phz`;k%3=+3X)Q5elM0i*T6dM9<mxGU1$z)AlU~f(U9%+sD^BX6$zq^>ATa
zh0}}r2(CH$6UVhTBlE(>jcUbRx8BUH1bH8Olpt<hC6J>#X)F`{%t^A|%1~y@5CVMJ
zOu;Pb$0c(Dkc;Bm#U2K*C~%?@as9*&@-}__*~bZRU;UA?!0owV&!9oKN*ce%PP78Q
z#y+OC<ZP4c(d<Q@WfvCQi&u_YD+7{|VG<OH->DWNXr)unw#ItJ#;#cvlJgD1pGM{v
z*UnE%azk3!BuA-}EXi47+nB<;RNzVB4kF9wn@9~(2f6uPndhX;cvZx*n_BiJf;f&G
zq6#^Tqp?EeR`A-)+@t9kT8Y}c?+K<GqCh6eFa~`P1QME6Ia4CM<|Bz)S9bfH-4EhZ
zkk6V1$s%oOBGG)1V<<Uqci(Sb??R;92Jl<XiUeI9=|X<9__+Y1?fXgFRHjN=M^rwo
za?T`<mgQo>3Q(q?&cM0|2(!5chs`ML1Yv4Y`7H8zz>Os=&mf;zRkF5)0#NymU&q%-
z96To1z?$XSNcWp<{WK6+a}M$fnj-s%-#{kPx>&2$>GNx<2-m0OGHTZuZ&)-!?C#mm
zU`Od;XP4tLGBcH<#zR<mloazDc!e5GE3KJB>VEp4el6s%bYX(Uu9a37;jNP=@wK%r
z>s9$K5|_q87!fT@G)-H)@IHY5C^z=K?iwkWBG59FIOiOq=_BPS#=?|VV#IC6ixN)u
z=4LQZ35H0dGeuM+v%ziOXgdV4HGmz*i|0Oo&kF0pz@Vbr?uZi~Wa|&-R{VnYO``r3
z%z0@X-pJarI}NVlr$Y(Dd-=_Lyl7K8*`7ayRXGI7EbBM?a(@ErkN%G=zmwya8k0vd
zqR6sm@t^lGsMq5r&?#<$y~#LCeMvd3SC^~780@QB?bn>z>XZ|1lxKK>hp6(G<!$vW
zM9K_D3T!Oi77O`dw`O_7IG2zxDfC^BhpmlY#%pu(2Y)#>jYR*<?Vf$I!Pz}e-1;4d
z?KDVbv{WxEl3f;p{<~+MBT-=Pm5ttDfGhT;CR-s!LU#P2aQ428>zTC09<T<cnff^d
z5Lci|;9}}y##z*MC$7gg0%k*4{<ONu$O2k>OXB=PYjyRfFx+InR9$>Ut4~UJ2=Dz{
zDN(-XyusH-n^)wINER0<EimS<5t;b@Y<IEye!G#0ryHDWnhN163?PV8c)cD;w@>nf
zoh$+yMi*%ozE!Ta!ANGOW&73SB7*<b;YLvz?U#>WeWsPt?+c=;F&6~oT800t58Jo-
zuoYNd>bH;C{A4leOjaBkO}|14hcoJLS`>R_TXWXQ!vz0Q*6g#j6CXVav-jIu+S@eJ
zAPijYUlOp;eC{nD7x&nSNMQRk$&068!}+vu%9d+=l&fYh2HpSELCjci$CyM}e`z_B
zIS(51>`)*%%=YzY`*kbSq#LvA*O2euN2kZ5xZ(-kN3NjWzKZ0N-K(Y*-V$wjJn32k
z$sDg4ZzL3!1D-rQGOlKG{m4$4N7CetuH7d$$5<Q!obHGgv|f35FXE``U;B~9pS@u3
znc{k1O3|&)aXFYp3Pp(-min%)uR)K$yX9Ixo56A^+jgv2tE_y~?kmQdnm&SoB;%Q?
zLVdI+dvAAV#*xnb*_$l^0S)53<kM4xrL@2nlV1P{>p#kF?&e<E6`TDaWBw1}sT&zI
zZah|qoS8@ZT5SzG{<E>1Mai+Gio|w>R%Tui@4M}omhjm)^=V%!i&*$(_!7}S?~|Tw
z(heAKT(-y8T0kLz2@gv&TR%;+G(sVmsW2wVS3+k0r_e$?(X8fT`e5&eVhOaRuP`DO
z5g_w6vhfEGMgNfbuN-5RY(VDGFOOw6$(T(yRJJ)?D#pxbrsFuxbls4DhA5N2wwQmR
zb-T>gczbv{ewNH3OivEvpadlIQJHMF<^v8PWtvwo^*zm9Dnqp|1Rkw599$%Pa6_Vl
zS=VKs66a+diQ}{|DkS7Y+G1lbeS(qq$}4p&k#A0(r{=>PUztb1!my#fkl-c%3m*Jy
zN6B&DR*6LYTZ}H%J+Yj_*5_iIFDF8odMMc?v&ot5Po=jPbuO>=&Z%nB%Rwx{^F}%)
z9KQ4cfZWu|ycj9|6QlT2DppB=y&<Yc>j;~*FXMqAV*&yu!&CJAY+nCj#F^lXQ$Xmr
zjuiw&N*L$wmkcBda{9_0vkKITp|2c#;IrCG{K<S<=Q+pw*9bFTq62N=^FEwnY+n7e
zw)%xbt${onXDTcvcz=#`->9(-0>N#g+bgBDiN8H2v@gz;D2P)lU01z5l2lcl6Tzw@
z)@q(E{K+}D6~|!bEJj?@%4mW*OQQPCKWm@<;c*};tw!)hr^NfI`=k8y_%-l&GkV9X
zj=aDA!+Ku(BH<W`25UZ;qHke5P(gMxqg7f$G6lTnyKwL0X3;Ni5GBWhK2&ugVg9+7
z2q)IydSHudJjs?22@+f&%$Y21&zVkCE4EU7Dkey0kyO~9WTBd)P#Nr2Ro><?tvb%e
zX6+3K8}0X+zomIpb%a%3Tr|d?w}~?&?0*3?<3c|iLigx@Fky{;d(UTa${(|D7ljKs
zofC;`Y@QOXr34pfNtne)V);M8Vem+MDCtJY1Xg(nllhAF<-ho4#@4H$-unF~My(M>
zbeMnGOiF!Q;|xC~x5ncbs{;T}TTPFZA;3GAomy=pVv$8)KHPLik}OA$D8fcI3w=uY
z=ar<p#yIvsN><`Yhl?Zn*gaz?W4(HBVy`y(J4mI9qfnPmxRB|$Qg2Vw66Q#eS${0a
zr!7+*CkvHd563*-0Au_ADljS#dH-oXFg%Cd>Ps~q!|ktaM5wA&4zrF_*1LRn3|<#L
zpQ=6{1lamRQ)jX4pEdT(HWPJ1*&0t%FBBcdFF?N9)9<-faZRz6YxEk1rmJV1=07;_
zVpFAA6!qceRhN}(Hp80=HM5@<zoh@Lbiw!jUZV|gJ@Mrya~ou~d#ce^-&t9$Tr1UT
z8tkGs9!9JN6%M4CR2wVQj)Yn1JEK{qt=68@p}%<sj!;VUe>=j*4?jYqq{SbdH}@Nt
z<0pMPfh@Z``5?;+<v)tjI??sr?J4H{;W?asb3_WV2v(TkGj5SQR2EUeia4^@ZZA~+
zupbp2>c1`;^#M$pg7%K&SPXYfn95iIwzr1rAyyodGi5=sv(AKVY2O8EiYObstAsFn
z)3HZh4eQU~$Rap5ceZ*MvOnP=Q^Ut|R)ASHF7oewQ!rnK){l=+sLB*h9MRpmW)+yj
z?n`O@7w45<HA{}_Uu_>Q|CaGQP^a<Gd*7G&Dg(k$!1HX^@sFoQC-CpZk;0sXBwOR6
zC0i1**;u#QjIwyMzUYhj2j?ZIJcWT17QAc`{8}(0KuW3+{aO^`j{+3UrUue$$jD;)
zp?LaVZl9D31>4wKe>L4m?vxnc^yDx8U6>|{M9u#%RENn88^@?+#dj%RF=V(tg~@bc
zW0m<^Teh+7+XuCOc}^UCJh-a0@~|TW6wim+-jp4CFrSh=u8b%W(~qz2bom#{#peG@
zMa3iDGn|QQmif0cdMo{>OmHREbC?OPzGjR%<|xfenE#>oXy>X;*Qh=LB`syGB_*#}
zp%yihBefnV2#wvuF2k#gPXJ%HC$Y9O6bELRU-PZW>BYcWQQjhUzNwX3v)kr_|DpI?
zGAy$zkrHX47B*_o2X9F68%c{~(mz)WXU19iS*C<At>d*DprDYinVH7Z^*7J8H2gYi
ziV`FWVCMh9aTvd+%-!@QfL7VzAxb`x8uzWlO_Vx7zt<{3wd$_Kv=gC&+mO)&^e%Lt
zwlmr47C-8L^Blfsp-cE!B4=;h9an!zYg6+HU#{E%{J5krDI6eZ%y0t`!lK6+CU`FS
zhn$6``(La9v(DsY3<)-jtHiI_Lh6}76XWSa<6=w4Wop-bff>|)GTrXPNfSB^4R|5k
z2lbR6P_p6rpJYQO{B~_8cD%ju_-yV##!|?zR8s8bvO{lfsbjp0o^i<a%8jG1(V-S7
zypA+KaV!`!AZFqN|2KO!5Bk;RR?Qu{JGlhIZAsN)O*rB~$Cmf?6pB{O+hqanMgz_p
zDoCOwzY9kZ$)Kv4l28MtH=-!^E45jWtHiy^>$!@<%54YK!&Ny-BTQ=luS{ZOLH5|T
zYwR7bl4|vXGp=IYUDb_0>9ZSM%B`}ScK3SQwXW^%bP7_BXUD{k2d^nD7N=y2DeeDI
zWM4VzXf$BIbezm?L?1lZJ$&vtMiQ<m4%7Kr&xJgr`LcXI=YZk_?%sf78xR?AgUHDt
z#vp=Iq^eLP`<w$|fKAGyf`tAdMfR1pbKw%gXCbPlIKrgdFdjCa4Qf%7%q=vlYgFav
zNQ4SFY)VuU`1={RhC1QT%$|3B5bP!cfrfWlY86k#$4C7Iu`u2=I$3>)XJAp)-=I4S
zW+{mcZWU)jg^`Ibt|6IsE%<K^>|+|3`yWa#_ko#ThmTOEC=rm?fymx*OtAif=@{q<
zkB?6&(~?6hK3ON{=#bspo!I%Gf8R)JO@5adD%9e16_AP76e+Fy&arDg`N)sw%~g#f
z9a~NdC9JP6V7=E)!bj*Z!h(p`7!RQl;>Y+Cm~&imJkMb}J*vJA>>Q=^YbdtUD-BH-
zxt-jdsQ=T{TvIGcrp{(U_JILcq4(B%tQj4=juZh_H0RxeQkGV_WzB>Qi=7_vUqgzl
zyR)~^#YIAfTH{64V+nly1x$%H&S<7KxkPgr6}h<w9|U!wW-xv7mMkJ7$i}IIw;Vn;
zId~Oq$3QYpKwF3Sq{XBl^u1?TikqnNw!3`NFL@PK;P8-=dZayaxh#NwJN+wSpe#1t
zFJVWfWlb8$Sn2(OfHAXxU?IRp2vSb|f-hh|D2)z{rG%=%F0tnR0U2Q9Rl>@KBR>RB
z1O<ZF3r5?(`fHYw3sGeckQyX~^$iB+WqT$LJ_yb$P&PL2NmpImMyJ^{_$Q*z3+U1@
znfVxD{k_p?$iWxHV0qF+y6e`S%AHU_e~8Ek2&`?6u>XE{q%5i#ETqet8HBlJ_aChg
z1w112^|<bS7lF`SVC=j{rCLr@U>l3SUt}G07tS_ptk7M6C4TDh{&V#V(D!!%^X2Nr
z!;$6t^^lW;FNl^MamR#M@DHiz-T&|xIbfLC=Al0DIQsn|Jo<l!Kt=ce4gs*k|NRh*
z^1!%*Nu=k=ZviTN`G`DE|NG@v2Hz1IH!^~EK&ws}7?aE#Pj;+xPoC(A4*<PCoP?DV
zy60vxKyUak*#1Av#|n&42sx?>R12Z8t|Ft}xEk{@I;}d}FU4=l$q|)Di2!-7(MqoV
zyA}W{QqTbHuRj!ZB)jJ?7$|=|;MNm)Lc%+FdA4t3WMmYkB9u`8vR`-C>jK3#3oRD}
z;x|By09FyCf=Z`u!t})tP`bwltPxB0TFA8sRQT4szc@VH94*qYZ@xn?N=^I-<upOW
zl>or)*5{iu_k3eO3Yh6h%n?^73g_%wbsfjpV0nyK0_L~gI-VD+u0%pQ_aeey5FKjn
ze`7R7z5j2cP%)A2e?BiQmMv|2#AbBA7#y$@lZSCY$%BVfpgW0u;8r5CR16*YZUv??
z2T89!&S?Q69>@%4=o!uv0sREF@{0^C!`DDCNDmZh?|?KyEp$@!ug8C03?u+7kN~o;
zhgt8x-XlW#oTWoY!d#d%2(d_~kt3*gJdq*<?8~21U`ZyvCA{u|>4h*U3JiBNEiHcc
zn^E-NOtN9q4b}6e6r}axr?(Q0pe8wQuW6hCmPJAkLT6ueoP}<S*i|Quo)PH1!XMOF
z!Y;E%^$2_}O9cF$Sol&K@jDsmGF@aKIZV_Q&0fR!i~9H{P+^V=^os-HrajmK6+Svl
zP?t13`6nR5C~I|sabPsSk7Kd5-QFP5^eeES%fTKi;rDxlUlvfEDaJo2)<evKexFa=
zO&GE0qjyLlEO`*3<X&dowr1suE(`REUjbz?OqMnHL68WBr3CX64LR7tQi(->lzTVy
z(l^o36Qn;z@Z*B>j(SLz&Z->cBMArryW46a<Ab0YxGGm$)l%I#wPH<GRBbS(!m4q%
zrc%qgzQbwGaiZwK$us_6-j8;m*#i4PKF-B6FwfmewLry=i3Zz@&+WJ@fz@O>n5pIS
z&;))dpmBV@r2UW31Z)GOS>KeUM1NAOm`n>ci0o`*R)(qBp*epnU-?JPv^hN?n`s0H
zy?Rc`H$u_|JH%%_uXddlKj2Oi+B6*?^o8+Xn$CcU-@736U4YK9X{lwI%iBwI9Z+nv
z!|!o9X_lL!_T}J0>E*7*%axXIf*Zl$K44)UM$*~<WEoIenzY+`cWbQ-rfpk1f`3v5
zl0382a*2>oLe2rV%3=Iu@a=iV*6VjXi~dh5_L7(&A~`sW+NL1?@ouFM6i8zeFvT<J
zI1GsaUU}CD63y>6shJmI?NIvEOv%MW)A8P+B{YD9&2Fr^F0I~_FC4Pv?_X`FYe_cK
zpzp<|Karh&ses-lPutR8A*W{colFw5zHg<SCp|~PG)RIK>$Q4XpMy-|v|%{k8d2<W
zXJ}>f=`_8Ccd*qUI4%vpbS6MS=rrJlZ_{M?ZjMKsRw5<hYz9E<A@PCB#cKR+ga~T4
z+sHTJ98#fb^RXVcn{qw$gdQY*4-Ie<J_b!Hhf#cBF7_2P;yj;d()U@vDF*P+G>C-%
z6#S*QA+;i%15$0~p!~j~m$9*rvE_V8nnD@m^QuwsSs;9MfovpBllo3zNIT@oGJtI;
zE-LEtyt_Hec!dy5c82eljsQdp$i<K=OLdJ#QOOhu`N5xpug%<^*0xT8q~h|hLd(S(
zAqeWH=(w)NI?dYssF$N!P4~LH<#@LuDYBU6x|VPXBJa~Le-K48_uGKk6lLN3mtC&N
zOaL(hBoDW>N7q0HT$!HN%@|k<LVIOhKgSFucH(5$C>W|vw1^LcfsSn(96ZJ>$bIaB
z_M)0N1})7(wc=!n2nUduaqUFqKYzPU{C(yMwCzo%-CdjDCd>e8o^t^!tPD=%JM5wm
zUjPL1e)zU_(g694IKu_c^45B~D*uY#o-*Z;$YaLF{g%cf@i;eNl${WdUeo&uzFgtQ
zPdLoP*yx8Qmzq`d?EBeI!H|naS>OA#Xc@>1)@6TbENQ)UOM2y4U{y0^>;xuK%m^V6
zL+&mHy^`gr;jUV)_Us3R2f#iVK@CIdl^31PLamKnu8c{4q7k%{W-L#!{q`W-YZBDQ
z?Y8s|Zl=)?n2n(afDB3PELp7de&?PPIbo!^?!nckoAZg*Tch<fua+b<d>np`gUEc9
zn&&B2GPP)2*iR#AEuYXH|GEW<xjJqG)@~T?lTqaqKDgF+UAOL%=2J}*t@C!0XYM=Y
zUS%fOk?XRp%1`PC9T?r@fuZ*n2#wWU<Sc3qmJ^VbsIT(Jpb+Px_@0mknlz_X)pd+O
z&J?(NpcAhOsJBl11Fzeov;f@SJ_sab99Gj@<OkChrQGjgcKTF`CNLgBTW=acR-D);
zqg3LV$EfG^frQ0mnZ9thlxPkqN0aDiiO$SwrcFgR_35nrpvHU6@5oF|Z%vZz0tmw^
z^^+S3xNOrsezzfve-S~D$oXw*&=lB%@x`x*YWo=sB0rws6EOATzjND**<C8kUKi~2
zWDzJZ9WME@qB)XB6uSf-!IkhHq1JAop)w`RY&h#vu<iSkG4(LS8_?~!7lO^SrPJVG
zXXdx@MiQ542XK4oNM!_V7feIYI&^l;)n;y*(w1A-D9Dv<W$>*h+lN&WPWm1!|KQPa
zJM4bm$WO}3wPIVRFZ0>vRWo5LZaD|}ToV{Z94>G>`O0~3XMk3J(6k&vm$EBmGNZKn
z$cZLZmO-ng593$mz^h(p;(k4EXEZ<BenTiMS0T+BbkRAx`||n79(a{`mmP9WVRp!B
zF$K(;9J%M2KzWe_@Zz09jsf!PGC9%g-!!QX!%|^Hix^;pkmUtx#xF7=XtLU>YDj#K
znF;noz>xJ^Lv=6mpug;H&5U(e)%m<!23G_DD*E#)PjZ$I&ktji<?ZZ$iTPX@t}J(B
zG2vygb>?^yd7dxsQNf@wLLNUl`{jq$&~n|SUU8eix%|807w34`(Dm_%f>@64nR_Wd
zl1~u^O{a`e1`L*LOokw|DQQHJUcJOYF$+NE{1iJd+prl>T9h?NZOVEYOD>I??+RKU
zEx~hk3yU_A@NQuN*3U8hl>=$q=ycE$$Q$nFoEKu%IVlen91v2Z)3_$zAnXDSWV?b^
z5huUjX(Ra}LE6M`sdZZ-hyP;bX>L*it|E5@8pwsdnu+eI(f0%AtXO{zgVh%;EIP@-
zOy2OZ9R*Xh)zhQ)2@7wToc&s#9VEz;w2O<*>=kS5Noh$7RMq+b$Mf((7?Yr4u_pVB
z!-!mHs~O%i)Wax_CC*`#-|v<35&inxOoyee1L83aqmdHGs~?tb0P=rx>!C!<49Qxc
zGXK;y3K|?YCDB7~C6{FY4W9jiqd0xdLL#Co7#OJU(&)6ir6g*~pCCPc2TaQi^0zMJ
zH=W36^CBTx<jQcj3~Fb>>4=C}!Lp!m=&PAn42+I1>Luu;PT{9Ef2M^JyZ#;lZwOE6
zGZ_~a4*4np0=_>CpNvEM9peDK18zey?lq)=!~iydT<f9mDrc(11Pcyo9%$T}5o@uH
zh?K7b)@{AS$mZNRLkN{}z9srmkWD!xXz=#-td$4mlYKB7cWWYm8W5p#r<)Ns>QK4z
z4)vAoz)640$VEW*gKh0ou^Z41z46`*Rtqi7{b>RVk#8-BK-RfO03;c|F*OE2jaqu3
z(s=8ZMy{7IWFcM5i7qd>ABiR+1te9fc(yNp#Q6HzfcHAUBu4w-jYvXQy5shEfAfoo
zPG9}DuRocmlSQOOb6mQ=+RMm@<!po_s#vy#PO^*SFt>;<+@D<Q{+AE|$j%upOYGQw
z76}fFk7)WE2%X}?#~Dfym>Jj`6b^KoUfsj#pHw1oBv<?@v$BqaC`pBrQ!)aDUSKTq
z(sl&6)PpgpEhTAOb{Q1PS+f|9XIh~C#Y9vQZ{*oCa>--<l=;wwV+RPGlkUMn=yT<)
zlIY#97nwlh@KGfkTA}5~CQR0-Tt)2k#Rx2jLd<(&Xa`<O1t6SaYJIP#YyBh(r^IKf
zBuqLCHNa-l!eoVXCF6e;#VmAfc4~<a@NQCNU0j?QztC-(#P;~58zW1u96^sNWawb#
zBF&xVFz>ov-`@X8lM%8NND*dxvj7Z=5{m)<$QcE;Crh6h5|*Akyx4c)zX>2)vt=<U
z7tJ9rHmo|2Abp(x35wyXfTLDO-APt!TCtyB2mNV<BJp|Hn+De*@ph>q5+grFHVhq(
z({7KS$FCujPlF8o+&aHvCYtV^^5&%jB*+vMF7W*if&{qZ?u!WrH%?tyC~pyB-OahM
zbgU<Ltj;p6N86tINZj+A-2mqpf0^E97Z%m;Zp#Pmtq&00CDmXdL2Lq%`4Kee3?hjB
zcu=#=ek77MgmvYSuXo$p4%Wx;gWr(|gJe3xGSG=*CPgpv@Q}KsSy;qM1XkcGL^}j;
zJ4Ynl5I6l+Zdn=g-_=La4(t8?br>ahN%pboV1Nbn?EULN-zEGQinVMCEf%p?@Jwi;
zOJ6^XK6%2B&z#&rewPxD6aulNdz*i&i@ls(p;A87)E*4g>pEr*cSTP-9)mXTH3vqf
zV=PzFOPH5Sa729l_zH+f7~}%|p~uEuSOU*s#J>j_Ac_j7dYo$H+TS0~<2k9tXGCTj
zItA5Hu7YAJJK}WBgiPG!90s7Ahju*{DZ!u^U2-oagM|U|I7DeG)uD!AjGs9d94xoc
zUYSe?T>dLy?CGq1(DNowmF<{e6(DYX-RjyAaV6ZZbMyEi*=r)eKrE!nmT>i_Dz?71
zRaP_OuIHehPb8gLR@9XlUOOWArL1_4WF>{U2o;Sa!8)wu=8;UMG7|I5@J9FW@6Q73
zUnC6|EuWgeliFszk4WuWG+k?NGt;br1noz__$lU0<IMNXH@i1hK4Q})rwI{CMCSS*
zw$D;Fp^`7jm&r$W>tZA+G64@@k#06|X@7MPRlv1<8xnblkj%I7%z+H@F~*EYNVN86
zYjVDH?l!n(y2lwuWR6^6T<W3@JxnsGz=+wGY6_J!@?#-W<`rQVAp(rNWRh=*#+6%P
zwRuWLoM7;Nn7o|W)6C(Nwua4(H$fUQNJl=H;F*i}E^Sl$I2rglZKA+g`h1n40f+Yx
zf8v2nSdJPq>^IUg@T#5IMBpa+Fn4)SZ;wL#L=__7m<1W;+K6L;X9KO@e~%}I2gM6P
zb?EAEFZ3g>9>37i!vL}h860)R1DWv0578s+Vu?VMnYoKEdrazK2!j<#NAqYRs|4wj
zcWD>qCs|+#*g}Gk0`j~~o=9=QPWIuMXHy+AdlZc)k-Bv&{KGS)9mqZ*z$5EHq~@c9
zy@k4TS!DnJT)Njt9s}GDdM1@x_~JXW+hSZwHLDA@1A6_`i#1oJF$*{QVj!f6h@z|6
z?^b(a#Xp?_a}Do|$8l$J2-s5!>e9{fDX-wBuEC$&a~|K2o?~U*Iiz%kh41C6<|}o8
z32FMkrKs3%y_=uw!0y1o25#lNdA~5J9*|h8$lVW)+xe8CRa=eeEb*Oi(X+iv(G>s>
zqCc`w1eKdI-df~H2Y=$HWj0O}9E@V5JLB{!KMf<yZLi*~L8Wp3yR*mRz_6Vg`$4sT
zVXd7!UvF>X>|<qAHF>}UEx-g3b^Fv$vfZv~_=kBfKM3YSV*utnYW^3U(fQ<0G?YZZ
z&MLAv#G)Cv!0WF7Y{xX{T3cb%J0pz0dxy^*mJM3C1?Y>&s70Nnvp>lew<?3jlp+=S
zl@Vbve7d6YL7Qav0QWkPJJ49gK*t1d9)_?E*t#D>?PIN-8^S4IDUBWyPI)NI5j)Q=
zO7BELy_%c;%i~Q$lN86e#tTm{jIZW-+WTRSIS1wKncC9+WbTn1*#rZCaZ+9lxDp5u
z<Nc<iutrzUsR|>;#|~3Q@%7~ZRX`?Q{vGh<8t%MqP9{nOl=iR7B|-^|aJ6lH`cwI4
zpe2Lu04c#Ln4zZ31vADxwC`wGhN&7DmRjIiW|3izmPq23!*~WlRcozvIGu+T-YZbq
ze>3d91TR#d(f>%i1FV8t;B$2LJA<0UT43f)fk4$;FiJ4A+Hz{x8kp*bC$qNgC?%~G
z6&0kn{1CS1_!A*-hegOlNa@~%^KDF57orfbnKl!DSF5sFm?zb$`a$B}x4HGq^Sn(g
z#=3ErBOX-}S|ORD>jn0b%n0l<k6qB+UA5nGRnjyFtts{RxDSZrbkBA88u*RQji75B
zT1IC-R0djn=YeZ<c^LSnz|Qb_6YxJLha{fuTB3(KbX=Zn&wwh_ty_f^D^M&rFmSO9
zdiU2kAYJGtHa}NE>8YJ4`ph>?T841GLo4|%QQpOO8RTb*lQPAMh**z(B%^3`S6;qA
zN0dbR4sUP*@FnWfA_c<in${96EW!PaH@iD;PgUkpsPKQ80+EFKINqnH&tLgf4~Y{_
z0gK4uWNWN4GwfAQ821{UNenXtk8GG`Bgt+ajAHalM*;PA7<7o8v-S4HcFUdkk+gwN
z#T!6e4O-SX1*+wip4b2@w7Sy|^;H+Bc{SvGhKOw_;yu8BWf?z!snBD<7mIhO+w4|<
zBA5>Kz=6w~cLSWq@iKi86K^ub_K#?_(E4S4aW4SvV1LHy0jOcX`wa98zh=?-?P;Wq
zj9LzlND5^w$^KBz`HkVkp<M(bTW|Z2jv8EDmp1N&pMIbeFr^tBxqO<}e|bv4D_xPq
zxUoe=CWlX0vL~SRk6>!SmB}eXNmdlDHSqdb%U>_UX}v>4Cd1WRW+6ImYZ+P649Yl7
zazSm~(wZ%Bk4iZ`GrF)&BUm9^ladra=EYV^O7glq9;k-pP{K;XLy!M(kqMv>TwScE
z^)`Em1~B8{5%K!qy=-!+0`MlUGPz6!lHak2JrlJxjd&dRD3W*@JZZyf+*g*H>edrU
z`-BvOn!rC;630-)mlPjBIehT|->m@^xJDoxa#HFwMVp(vbP2rjtDSlGeMfQDIM{4W
ziUp$*Fl{x1FiBh*+2rB5D;-PqjCEsu{G%t#C}`A72*0G*&{#gK5C8CuN9cM6PgH>&
zK)p;5pfgHPAqFLSd3P|dMaSu($!jvP4dbrv?&oPcZ~X!z_`G#~&w$9nUa|w{!uv`J
zWv<mg@e33lpQGRxh+T5vigdCN8keJKFRjK3Vz0Ojhsy*!zthasmAhY#YuRwK1cv&&
zj%)~=Ya6Ntm`6MwA%@UMhonr7?dJ;%6FJE9_rP163VJQY{|vjHsk?tD>w};mdLU&2
z`I2ZN;r#b=@g4&4m>AU7MXK+GTwb^DaZ$*3eGJg><fnDrcUQYY_0D}ZP}8m;K@L12
ztSHMJm05#B07qwcc&CC)8Bg;GduTo8MbLBQ{PC_cXkB;UoIldj*=HGIcu<RO1K$t~
z1oc@x|0UJ&e_H$QK&t-#f602A7uOcoMMlcZ9v2ta$Zpu{mP8rJrtCeglyF13l!h`A
zLS>W4O`=HlDw&DI?|J)tKi~Q9um8H&J?nMOc|9M`$9UNo_b}oa@0!wL_!FNy)SMSl
z;L36dIib&Bi;R|pIL3|>HUF$#W0g2a#Sw3=pV+~D7j;&^h_CISf`QUMo%!Q9rbJ@;
zA&ntQ)s`!r{-tai&lq!M*e$WXne$oTR7X^z4CBUeuLvw5$%N37aa2?zS|>~Wn}rWv
z#tPr_++w4D=iMgShU?D>@)o5REI>^VvpMbPAD@bJ<DGIqE3}77^t5EN8iire3bc1n
zCo*nkn61hXj@YX!Y=XdARi7vPob=5uaZxx~Tu#yk2eYCqT?j@bs<#x4PeJN75{U<{
znX%8TRRWV((DN>=Bn5-)Lhf*Db>#K`>e#j<o*})^#U)|3JsqZs;>{);MGZ!MNpbJ#
zJ)H*fu!+0XRoZ!!Ucs9XjFH5Jg^u)nR`VzNY+8dO>Lurimm?t==nx?WzpX5HC@<w`
z`Y{ErlPtwofbPm-raT(t!;&#n#%n*U7YFVp9>Ko8<3t|Et;ebks7k~ovMbCK<)vhr
z&0IGln8%#Ho-k1YLHo83j_Vb6wR)xt`juH}#^#p7m<1Z9DSF;H-<ztWjkenV)v1Fm
zBYDSRaO_Fcd6SJ2JM5GC4FNu}yI<o<<l5Pd1Sd9xJRhFNMxu1*FIX>e5Tpu4#q%#e
zAQ^b*Lt#4A{Np+w(Tdm)d8pZ<K1xZ4Xp(H3V7O9+)}ht3<!DGVXD<>!y6^*DjzRD?
zc`^8Hcvb2ep(4Mi%NBR_^)nf0^Gl~;#JZ6mvX#dpE_-h5QX{d}lHsQ2>T2Hvr4JuH
z*rH3Kt>SXHR$_@yY3;M^6P1mG$g|~L?hl1kfH#M5{)`OlOJ{G}(#Oe6KAs*Yu2QoN
z;o78z>H?gZ$Zfl-2mL-e1=qXtBHkOO^OuU-*ebP&@`n!<w~!r-UD8@i&x-3lbUT=a
zv7Iio)w2G5zu4%RZHf^Fg*tBA5{o4~NNmRL6J}3{Flx_T((coQTLk$W6KwtLMo)QE
zYC5x9uHUE?F^QQD?TD><Y6K(8Biv^{ffB2ZS${apZe7K5%yFKPcDr59z0*iVztImJ
z;P1Oz+Jv?_uqXau5boCdNE)<p8HT?#=5$7G_%hp_8nw9O4iP7YSQq}=lI++N$y0Yk
zZHO-FkYzP?0M9H8g*a{ZO|w!5QM&7aH}a2rf2!;hT58N8=AjJ;n`<$z>||3eWhwAF
z@E;PjkWPcGjP4JU=gY~vw){=jQT@m7Bf9va?}OytY~G1+6{Ff^iPB;dz~I05BDd?o
zD0I6z^*p!NRqT`V-CfAJG?WVQbxM<?*3Dka6>5obXvt4^F%O_qjDFeCly{_$<A-7*
zrv$lYdcCmEah^o=D;M+>=-s9qWeJr4Zk_NwZ-!s(J^0J}WQ!o|6u1Hjs4$x7)gz2_
zk<C{5F1F6ncWdt1dxz18Z7s-?IVbcn0m98%A5!8l&Co#UQ7KuJ-2g5nAu9FRD;i)k
z#JR1o@F(p~AM@ieK~P+tP0TIirmnC|Bx{Q?SW$ld?9j(BT}*(i8l`z~2pU`q2=bgB
ziuC~B>0~UDJ!{m+|KqcB-A#B3BOM5vDAmUmF#)6m3M4DhSpi`TMLfFxyL}C!ixKMn
zM_<XUdKfR^?CA68;@qC|%i)8kkJe{4(47CHhti@Zh}(=-ziz_i?9XPm`S5RLjDq2z
zqUIOG%sc|;%(8+}&%zLp7+2bzL`FqhW>QC&*gx~DT=E(H*ydyrHPsPrGCcIy;iJ=|
zGfiPv?xv}3Ws7+`?%}#e^;Bl{q?~&8Pn~msZ??tX+)!iV``CkZ@i@&*ojhGwB<?+W
zqh=yOpp1Cz<@=m{^A8qxhD;YOAM2knhm|GO+Q4)4fux@<q!p$WdAplfhn^hqEV}a1
z&-Gy4%SGrx25iw=tKVKysmnm0oN5_^sJkay43XbqnxxnQMmhw1i9ymiPM){ZfQ69=
zcGH>}V){_$%k-lC8Gko_(CXsDC(0)6{RJxhPWF@;$pH$E{goRqr?!mM!vySN2V&TZ
zFmw3@U)v7GmsZ``^UUj&8gVTB!6YuVc$y)O9<DEARyjqfU$=A@IF6sWFL&F|z0IFl
z_M8;Tg6`J{yGYj{bl>NeD<<_ihi@jC>GsxbrMwBMcZmxxl2d5b%~!iz_Tt$d^j2#r
z9)v3&NyePs@Q!+2D$juLk$Cy_9dwjpo~V7G0!0bqOS&gwG}#2HV-;hN8@4ZZ<e1^y
zrDofsKch<BWslr6n?O1=1eO<2=ia1r=sV({M|nfb^K#(XPk!2~<bLsHu-W)yAA9x}
zE|Xn0czCv!Yu=mBY^{qgeUz{nO&l)PJ$U-pxwYx;W%L!|HA+z7C#m*qDIfOfwA2Nr
z4`g;8AF<p4D2gXCFuHZ)SN9_Ypfz0`4l!-`?Lj(b-mk<Q$1}Z$oQK;)^b>~RDf%uL
zQTbDrz_O`fq9U>IThBOlhl_du1JIEg&q!;IW$3><4rG`Lk6jpq&W)zh;u+gB<#(aa
zN|Ye`CU+ror32K&c<49}@M}l>3gb|X+zD(g_DBl`cBRC`Q@aZpeC`AA%q{EOc@N|Q
zcS;alOw{o7o8J}9)U49;u+1@>d0=tNM<y@j_U_$G?Zsn*;xRe*&nhSfeSK8jR|VOV
z?N?r>?g5Rl<fE(nR>B5<Ovz{X>Fz_-b#u*CtV(B~nCwlnvx-3mMJEg#fo+*pP^&}o
zW+OkN3VSyRMne90CWpFqZinIfR(A!v*97uJvUE$%fOYQZeyFs7w8F`Ou|dk@4w(Ga
z^>T{aijIXJ57(|KwavA7g`bSOq6#T|=}J`Eot!4W#x06kf9acq2zj)<UFTK06qI>l
zJ(ibXpBTL+5cva^V^8puY1X{}1^D7D*XNar0Tn!xLVE<tmLw4Yb@NQQ%ql*m9@8dQ
z_b7IQ1uX{`=g1Fj0fifkifL>@XG*+6Oq0t9m-KpQS*$|<6Al9f=>~21Kq1|<peiLD
zvRG*0vsfmp7m9tVt?38U+Fqm%Xn<Ysd&-fDrxZ}cM;ZUueApqA6tQ$Qr-;?|V_fGT
zd9Cj$#8C|@kKj4Ip)OpyuGB-Jqxe4BMxI6Qazz?K4+4Gf#|;H)E)g5VQ9wwxDqXaF
zC8wQ3+mF4FlDvTUw-(@=!f(h!a}*P9@&{U0Ei#(*tM7*7f;)E0OVfgsT7%h8ZJ;C)
zQE(og>>CQodvEvrOPIG>J-Dv=(*oxyoJ3^GT?)sttgrzVpgy_Tmef6<(1^=sWu9Qa
zbJ75&cl0viP@tq8vtwJvUJRAIFGB$=atrK;1~BSkd<?q<45y$4_mg@$x|f!`2gz+h
zF93#qgS-0Kp`hW{^S%WaYyIoMo)fZ`e||LhOK9f^%?`CUzc-3e`O;`z4Vsuz=bHJN
zy(A}z#+ky}MSXLC+<K=nde*jI9ge7H&5tcS^`S>J?FSt0Wsl!KyM%3aw7=h60xmR^
zhWbQV^Pis%TP=~0@}}OZ8+E)Ru^NXs#K4v!Odao;gH*-6hQgNk+VCH}SC(J11e4fF
zbS--7x38W{+1HPf!)Gx$FLoR3L#`@kA!iG(oW$C<ZJ`9kz0n&MWg!Pp&kF`=aCAot
z&C&(c$OJ62sMtXdhP)BLuvLd`7UW{hR;yk&qI6vo4osc(0H*x1S852G@mO@Doa{<8
zqN6Bpa)wG)R9151wevd(Srbw=rfm2g(A9N0JlgaJtxxbSL4_JvekjEI^*rgid4OlH
z+{$!^;^{tHSJf%#G*6NiA7;HAQK*Q=o{psFipJwpctQhRePU6BFNXRm`f2Z4RZpV+
z$)epi5RUBO6LS7CAkm1ut7ANaKE4crb%6xNz#$t8t+Pgg{&Bz67W%R{aLC9X4NDcv
zFS5jvxYrFb?-rqK=Yx|z!p!lVTvaV@1MF`AmaQo>!|ZGU*`Un58+o~NVB?)Wn_4)n
z5JG;#9e5z^j=aR!tn;kqr2tyhni!+09ZI~3w4(Vp(#*sKcs?K0Z7pxt^m0wVG-uIp
zGo=n%ip1-;EvC{&Ai8qVhb?@WvpvwGtoqJE7qZGo7~AW|*rB}eJ8*spq!E-+m7{CK
zt?T`GuJdQXqAxa?9BVeQ&}urT!aR1a;Nol-l?j3z%U<S2l^ie%U5372fOPKD(+M5K
zw#DWi+{2V{9A6t+HOc-Asjj{PhTJ95TLeMBd~mae>9V3CLOl5t3(Zyoo`T|LF8;2(
za8!rj?oBVyZk$6P(Hgz&DjaE@XJBrt2J7n3%yg^>OG~RG)X3;iL7$E{U2iy99))(l
zLVyjhc9mLx3F6ekD<|XIe5c>8Q(pm6S3?t;I&T6p7lC2^_A`IG?Rt4&B-h$$hmL1i
z^ACO$qqAVWfReRcSQhO(QkLBKYF**&wy?bqiN=W6{E(n{)ZKS%4L9d$8sc+gcQ%<$
ztyJ}=Y7ZRd4@)1EOQK`ti!#TL$;RnkP;N*m@-!`z{PN09!d_jgfF)1QCBXTnjuJ6?
z-m4@`6*0wRxx)Nwl0n~v)9Ur|_6Y5;1kq;x+zzyZt<y~_nYATSul;fVj$l=gBtNrl
zo4MtYAr<U*crkG^TUWuOgV{4UNppM2<oG3Zf&2`!(nW_I?Xir14^o7Fn$_#yI7uN7
zQ*q5AGu;%Fe3a-WD|JFJi+GY}=KZ8`R`q!l&rvn#c?~_BHELsWrz^ikYTqg_vqkBK
zAhv}J$8~fNrez@sIA+4(q?0mvF-dO4z&(Fj>*BiHdW5&&90Bsg68Q}C=h?tdir`H<
zOgQWuva5Mjd#*HY`!L#uWRab5U?RmgDqmQZE~>#8?q0{8LW{;<tTa5WEQA?xDtEID
z#KAu8$pLfF#%!MKa=FO&QLp4-b8HI6fV{i=48bCCgN+&!*aO@aBRO_2j%GW3U0${L
z-BoaYZeeA2>GE2l<NHX2lh-b-^z+{F4H4366DAM7+l03?HnvY^e|N2N;Ci=@O&Ok1
zqa$n}G`X*(gQwWl?;CP}v&gcf$RA5sTUII2z+S=Kg@YK5wVmP+Z)HywI^3QaO37mE
zE2nKv=2zyVybUocU4=OAJZg*C3@1&nm=iCiU6J0IT2mt!3SP?_wj`7nU*LLc$`E%j
z8gpGrns>rqG)z}qxX}Y!9=5gYWL_qRs!X($k}%KbV;4<h@eJLyrL9fd!_h}8wcRu{
zN}g(u6?DCi5|mv0)iEMMHn;3sP2bR*#VH-WX|_5#T<LMUa!Q8Edll#dw46{f|3aFk
z>6;w0(pKh2s&h1}>jf5N6g>}l6V}|Y-{T8i;2p!_QwEXN{;!TTZv&l#)afyJAkKat
zpZLLe{h+XO(2DZqjPyT1vH!jL7KHNuxcbN7XUC&*JrrrrcmkW|gB<X&F5x`hh4eHw
z?pzaSxP6|pJiO+NLj2`~b=k(<yO+C!P$#kmCsMMc`c$_|U%X!!frT$=I0E9vUQck3
zXW!0Ci9E)hhZeYo)bTlqR=6@~WmGDdTV0L!#*{rhyJt6ShF9eBKM+hT8ZO3qmUY>`
z^6F`*l+8N!G})JQS#R`d=ilpV7G&NJQX5Mv%8N*qCUq+_kohIy%e8yGnPzSg9-^WM
z*|llonbu$HYZ)TNy3Acu66zbEw78<B(9S2V89KeJkFcCi=4V$(TWd?^d}EsPyI(g#
z?hCeavK!f-wL_=7!a^m*%zIqZM=)YjfF12jbw)HX#VaqnJn&X2+6IB_Lebp6___9y
zBTkCY09QAce_19^;jBsMKX~UP)Lo*Lt1rBk%Xvv(SM&^G8z&;;%(8o8csLZ|SMTYn
zjx1sE(kES9UAhh{oWuow2)1OuFPVo%$6dnyC@FgPWRLIt83lul6n8xY*GvCCuE?&D
z9-r>PTk;;GcIZF}Pd6{ssWV0uph75on`1Vi+A@N4IDargRn&}|Zr@O)<Mev!4R&Je
zFb4x23rBLHxP7PQ_0sK9ejX#yFkuZUyJ*r{wIigTFd8qN8zVJ$Dx**Ja!u;j5OPj@
zV;?ZvXd0hC*eT8{qWFLA=KTmZA;|}_{(B4o(bVEjRA((d(Z&69)^w5ISyt0-I@?33
z`^MZi7Hl-n<q|DYir*`hJ+kv!eRuc0tLW3+{9az9pKi>&iMB{)R>p$SC}un82+2<?
zT7Ryi$>w2Zpeg5V_WU5sDJ$8(a%kx9o5fCAA%2V7%#JNrEQVcHIEzm%T^4iTK>TRc
zsh3o=OJ5DB4+_Jq(MLGf9ja`7R85ZM+#Vm}&y?K541A=NW;voO6??~f6LT#g#}qrU
zrBp@Ncpr!+`PXa>>x)076V!7|e3d5@c%-4zVq&e|VAZ;}KV(57|AaEtLLgEdrG9`<
z@5z+do110?b^30M@Eyf>-$@I1RDK25dX~A1+AM7NDB~HkjR!N*=mLvfu2DPOFvc_9
z<NW1cn3{88<H$*R{{Xis(2&?pRb3sn-%zhTK6EF~Tzg>Q8&`vRt%%My****6&0(wk
zLa8C+PpaXZ;r&Qe&hqI|q}Lj$*`uhEPgR-l#LP!>n3T`yStB{EOOpE%g&V*3**_9=
z+?e8SBv&5pG)i5s<{t|I*%hMfq#1h;0f#8GaITO#_S!RwKkr90Deah7IPaxBmOIHu
z)0e}I<<HqBP0eV1U{Yh}>f?2DwVcnQ+v!kbNG=vf+w2l!7_pa8CevZpOY{~Q%lRwQ
zH!-!lO6_Jq9QTIE8{eFzzl7}$iJoZW@Df5;l8@qMQXvkI=ZDAwA>_LJ1>5CVW^t4C
zsnC>DPmK`vJFyJE%hMW>a@^quN8EkTrxB<6v|J;k$gdr7d1fC@i(GvM9rEOg9ad@T
z5oEC|3l=G9u8(9mbRv+!$p}yFWQvU*zbYu%Si>2Qo@A4Ml^3HeQu;Yq=`3_)o3oTV
z&OoqSpyxA5Ijn8mg(#$Ai<FUk^6<_1LMfBGo$%O(-BhZ#-7;%GwJw?+r*%N0*~lx9
zXovl!C}Puld(N1`w(7@`Zx~t}KNeXP?20u}6%&0=2i-vanX7CX3*%!3NXD4Bb%Jzl
z7fmg6Nh?pstT^@g`d>=<VObZa`0gvMyvHSYT)qW9P%BpoD|_*94&V}wGB~ykM@3Uw
zm}*^UrS?M8u9j@n;Qy>;TTC!^733pu3D>%E@S=Y?#b-;TLQX04ajmiTS8j%e0m8Fm
zA3nulqJV&0^J{aM6|NEI&+dx7Azb&tlo!}dmeykzSVllV+Rt4{jx4;~L=p(dxRn+y
zsnQ*p6YS#6L!BpLNyew3=}EET4_S@MPgzUgPU1e`tXdBmSut8O?zZ;i>E6Frk^uVr
z!63&a+5_E@fzwnR2I`tv>DzypHKenDKmGA^NP;H7sF>7kyZq)fn;t5h2JcwiX*Mny
z2`!`2mx=beKcOu|`2;}??H|1K1&xZ$*)-T@AL2nQ2Q-UZVhYNn=F&il>&fsT8o{6i
zEulN(?nmXup|Lb8V6}Og5w>9JmaEhm0g~Q+=s8(1#IZ$}5TttYfhX;`p?cCGk?Jg2
zZT|P5jm1CNjA)FM+uCobdNZjlcO|}$?!}MfV-hfDrVFc<at!ausH88+NQU?2jp!Zk
z`(e$fZ8tNbmlpo!=<~Y8nkSG9Gc@+Zx#`mb+w#f2Zt)8X+Wld#sIH301PHq(9X~E&
zxyFD@H}g*x*-|_NnLXlc_RZX&`_;%E)tGgebbPedq)<`+qaaLDi^5iqigf)kb)@c%
zv>Ba=yEqx8vD{vQuoAH^hYrV1X})mo(qY(xEKS0V51zc!%~em|*Xg08DSO~zd<Rke
zFC5;PR&u49-B2*p9X-wW5w)B$YkQuuWyecz3|_DDYzBC(K<di5(Z{w)Fkdj(roN|a
zNEPRW6hS!Aq!^Y_B5<Zk3zc3%2=ga$sp&<S|9?VjsKI)AG^{^;Ua3%He|P;m0ElNG
z8|D*#2gxU9M~)o1JU(^!iuLh^;2+DEo^?L_MTxd?7`Xatg8nz8q5J&R<O2Cup<_~{
zs4aEnM81+dvqWUsZy9HqTR#97`S><%-aKko)wa^d0<gIj;HyKWd%WnCyN2lje=ZM9
zfI`h1G-FSX$eT{p1~DL?4^ABz!(Tr^w6eH4n|tAeZu>kmA1YyyhA&X8TmUGV7w*5>
z)Z`ify5fex>(9JDexgu1B_<~yp1NXXs(FXPyB&3`dsq5p6q-jBZ1z=Ap|ubUGUF8$
zQfOQ{QF<Tfy&wo3wFi(o#v4*h8E%c)TOPy+8Ib9{O>bTTbzUWRmj7E`X)Rv#-|KuM
znpMxjm1#G@yihx`;XC9oFB=W>1ZrJXx%g>tp$xirb^YW8cI&V2)I^Ok0>fB8$7}2T
zXuG%lXHI9|Uq_U7g`x`mBOEq=CkXo8Y8pnd({4{XGKGDiaZwGt_PEow70A`L)PCN#
zDAN83ysO<k^V>dMSt7MSqn`1}7hb0<ncxG<7IfSK4i|SpackIvjnYB@L(^hVw|K5<
z0oP}a$UT6Jb!t%nV1_E3H12t3LdKCL?kexJHd5e@0YfyEsHGQFBl8q-Foi46bv|(5
z^%=@Y9=m#|lx=lVhIxS(*e{1nGyj)JI-2$jbf@LY+S@Hk78j)r_MZyPE>?|iaz^j8
zcUSa-rDV6)U`LQoGP(5~P;iy;^}{0|$G!yP6GTF^LISn#&Fes^%FadfHHw(^Yi$t~
zU3qnxM?p<@Ueqw{DfDLs_=d6g#dscPTzwhJoe~cI>6F988D|<`DcwV&MdBdg{Yw27
z?=R4&s;|9(h1;GBH#V*ahIcZ(;k3}4aCZL1tU$wBz7s#V16gf0jb@m#C-t-ZTLCl^
z%Rmi>*H4JggShG`Aj*D%Ym$nrd>5nanLK5_k7fk&Wj8&LePrr0AHtffP^d_9pMOL9
zm!k}olYD_4z++zoz4Ej7BG3T2cj)Tws@En1&&#_mK(Zb1eqWaU-g~|fu7IdW-X}n_
zPKzRV#_*Oi^8*wuL2^H|X}|f<<7u5fK{Bug^l!%MWdlW(+3tPN{{3yLqkZpd?_?i#
zzZY4{twB>h<>RIPJNsC=?9X+Iq+y~x;uU>BqL#4YxwP-l!4uy<f}pFH-9GV-Iu7%S
z{l1dIX0Kwuszv^j`zXz<doOoqWGjlPu;(EJ%Wq{2WQ{{lTwZQ=A@MYK^`_cyr-rYJ
z?W7Y!kead|LRRF2c6+y`FV@f8T%POJ_8zI45w2yO>e!NtP%1GG`3|ZwNAt3}X@uyB
zR#l*7n=-^WbX(tdHU6Q?Yfa6C#=JczJ0!<!fR<roeD9}<XO{>TaT^%Xe!guG&5uXY
zsdY>lw@xv>&eyrxEUJVs|9M-IBXXA_#<iZc{ljr*y&I|O(JNxr{E_>IT!6f1pWv3>
zWuT)zLw8;<xlA_;7|V&q`u{deG65FKRJ92$%r23eH&RXR7Kw;~Hvcjo$2^Bm!nj`y
z!R{L8vD-qrDjwB-D+4GD@oh;amLRnuI>H%cn|2>zu7^9sDqdnqA(k)JO(ayjd~cyM
zwqO~Rp~x{d`x&tzGDk$kP^2)THXAySgq@o=;qt1Wr}>&b)Nxf^#LkRE4jDY=GJ@ya
zBrA~I^=#LVk?rF!?+`E+266Nt#KbXrg%w<CC{N{m>{w53vVEVlyTTz@Fl#j3BXPWu
zd3|#EC29STbzMlP#6{+I)?^XiLu|qe^dZb%<=Uy^GS=cDl@bk`<NJFb-!hQ_UN`Tq
znerUEquYFjGa=6wW6i?X?~BzBS+&6XSwH?q)&n8$&PGumqqVafo*rH^H2H^=ZEIdM
zeeFPbB(EbrdgDZ)M2S&N(w|v2g{%kT!%8|O_O7h{>z^schVP%B2gk9*T3is}qWUxR
z@U(1hp_Brb(g)Hu4NJ6Kvu)ok`BnoTzuB*tSeXge3D0@-OSeqFPsL9}Y`QlXtb%>0
z!#XXj%GgSbNdEwy$4g^kc6&mH`8pC9?pO?5B{h1i|5Cg(s+zk=l@}v9AtrW6wpsU!
z-_JYx-QQka+KxMV`)zN68GBP})b%glpHH+VzF?+ha4df=*ArR(BY9Sq24?P3f|T{a
zm5ps^U6Yi)!Q1p08OV7}AH<zA3S8cgLhL#UI+!A=43RVzqId>hvHgyu0qaQa&%%Z`
z1;d#6rjrygDxi%C!>80Rq1^$Jwr@*W3wIT52?%K=89@}%g%cF{x2t@~uGYdKV*J!D
zuh)^r;;fz5Lb@{7k0-JJZZV|+x#8nqDjhO*FGFtp>9R#D96#HG+_H`hz7_iQ!whYY
zFWN@e#yH=?lAWQ|RNONZx0L!s`ZwI_8WOBK)YceoT?Kk3ymX$B2)fNqW<%YMJ_<;j
zu}5I0_@^5=r(ABr?~owa^b>lS8XO%FB09q=<o%~S^C!EIMH7N%Ic49jOIiO;s%2k5
z+g!WZcW&0COekVSH*p*=YOHi0U;hyhuC2On7E^?4dMH19il8@HEM(Q-&U?$ArtmFu
zlQLEMRy*-N)Id^*tE;3o<^gIU2sB=gU#P?;42VU>AYb8&2);s}aiu6)8ikqu)Ew=#
zDGyN_;2IV@rx!YZrk-Y(J@@x=MaU-c5@ru@Pw&1*y(GOStm)PCSvak-MN#}H29JIf
ztkYt}lg$TK&c`T{3V4Y4KUKNfdG5Zr#Mj~9gul%8a?d?M*_1oSAoCt%?Y+xI$6<J#
zr3YGv>H8Ksl!;oZAN}TCIsJOG!sebII7p`&X-ISAw$N+y;&s1<0d5Gb+(4BFL8jrZ
zVxwl}WnW63Sy-B+2CMMi_oAiAUfJ*idFc1i_qq9aoBQJHbQ%2lcRb5*7u(#7FQ}_4
z+=vt*=dgf|P=QrjZbLx%+W9k@eWkyaIN;4{FnZim#L|R;Cc|tZvUMrZGn40H->~2C
z&CADlSwJrB0~2USV>pS+uOq>ou90{>#fXt-dy(XVslZ81`KB28%}S4WlBV00nbB%X
zyf)<HA^x7uBv(tmltJbW6T>o~(UDJFD|o$`g?J3$i76k7b7MstV*iBLMdRJmk}a(y
zV{<vk93s)Yhf^~B5X4*>GSzBvb^}9sjE`QR+M^TrOi3~nMTIrv5O^5T1lucmRlw9e
zLrX&(mVHSTkG3f#6)Js1i69bkO{~XuZGAU%+UReyh+uRGg@z__R^n)5qA@x@wgP?h
zc1}Yeo^dSpyI!upVe)z2xoW?kz@yKbb{w9hu|wyZ2NqV|U+x^AKVI@jHSwv)ZUIhb
zI(d?p80+q6{mEZjm*_70y?u7V(Y@(wR_{4?7e76B3FEgJNBbt;czl~1K1a+$m~ZIR
zGL63b+*>~A0Hx{R7G|A?TGt4bg=d_MQJ9^{uc5;+N%=PlO2D1HOYs{S6rtQA5_1$@
zW+M#gV-4eClUQldyN+v+o8>DccECDei-QceEVUt{uvBV!7c$bV>y{|Zfmm}c31*8b
z{f6=(q;1+OnoOy=><|&R@ervy6Xk8H`c=4z>0%{W-oI$@9?F^5)mk&O{?!Z9<Uptt
zr$AC$6C=M%o=-dE!0&{Yo|iUWXOgCN3oR!_sL-Y-MP2uQwQbjjnRvJQLq<%CMJwh#
zbBn<_nxG_*tmq~^RT*X~ah(?=#vrnw=~LZ=eXQ!jL}-0&7;n>;PnIk`sH<mTEeQg3
zY}5Thqea!A>{UOxNwXHacDsil0@#RsTikH84RQNcPqV9zzaUvhOscv4YDP6;*Uz;U
z<cDuhln%u16g&zAzCO#BQrcJLsme~}C~O^Bbi>IVtMuX-+2HB$jJKNke&LL>^bt1Q
zbVmwyTz~1Eh3G<(%#YrJ|HanJ=HEata8O5!*$6&pe-Xcxnnc@?Fi1}p7#tEorAb?G
z;2n>!g{M1)Qhu8WaYlRcZ-X<le@BQu*o(vb0*hE4`cS5l&RT=<8&S3bclP9f=dI7h
z^B&`P&nDQ26lVJ$rFpQZIRAIo`i`Z#jF-P17ugmz(3*__n8&jL?pg#34YhGu$$_R*
zb`JpO-CXSR`cjVqct@)h`P>#%0J)S;^om130KmoOosQ%HV5wh4us1vfo2`y9WlN+1
zK#EhgeuJQ<1+DOdYhNEM`Jqu${C$xh9#{iX%#Fjc!=E67oxHiJM?iAQmB>@-<F!Zo
za@8;UvpJu=$t%NB|9-~YDQkb}qNRJg+faX=iK;(a{#9zqURt9xbe1#vX;0*%zBzlk
zp1Yl2JZ@PquaEGE57)b+$I~M-nq=k2|K!?Vb-VG~`ZN98(+o6xz?avJO;kA_qi+U}
zA;+?S;Vjg$LBVK)Qee>{DqQf=(j25K2?wH|HrsYA?pll3tZpsM*fe9yhKv*+1r%B2
zS-I$;7AeXJ-7=KjUTKCKl89eQ6}Q=TeBNdI*9Bkvlp$`j)Ed8-Iju`5-*@9URWJLf
z*7AoQ%AO%E+sxlv>v_jIB^>oTOeW7M0OdAJ^G}XCH4FlE|JR3h<aytTt<x@%&o&p{
zcfzu8?l28K1LQI096G~Av92xM3*TB^{<%$|>^JA`L4Pn+zHW7o60y3#>xhj25z%2W
zJUEt@%eE<;X%q-mDZaqpIv!+-HuQNJoPXcjynt086PqZW)JPz~pMQRLNB`pTXnk$J
z_V2o@D!yMvBMo!DgCo%I&+^k&*5wh3#x=5by-(xCrY0Eq5>9iQfsK(Vu^XnjvCH6S
zt&aM$Qx7Xkfh{iL&y%K~`KF<ofZ)CXnydyF_6Yd#rgt9L+{;)hDq2qr0&fLhE{hJ(
z&&!1}MP`s;_A$M4cXz|2hc@<eo&OZ|mVne0f8Ei6xRh%c-WhG@xlHi8EqHE>etjLA
zPM(?HO%#qAt_2@qVu18*;g>As-&p!fw(5UQL11HW14T?#3ss8)g}7i;YPe;_@ChVU
zOBKwN6|a0AKCTT2V%9QU+yo)*F8x2abDV(KW`>d;uL}gNQ6v$^oEmt4|9$C!hWFHO
zz)C(8%Pwd<K2Kl@w8Co(J_9_O@R^|?-NK{T9yj(j_3sF`oZmI6Llo08J{~jQg_NBJ
zOIXd`pWmPVjaD|ljl5rOTsJqu$X$}$qd-2s!^~Z@JdUnYoteRgqC=+1l`&?ZNN~<L
z{~c6H%QIgjY!*6Nx+rF^j7Av%?v$kpjZ9DmtKXsKss?e<AfX)Gn!W6-4D1VnS@(dM
z{4le+UJU`G0(6xy`pQr*dqzB|n`8{1zmxa~fZ(Ml#9cP+U#~VhtD)L_DQXz84+r=R
z6x9R#%06)5Jfe#CC|VehCVx#56l0YEP^6g1*`dOor#_h^>H~7)%YXJDIC9zN!>j0n
zw<{wjlO+UeDM*`iGjs*L0&dd^qq4f3yx(nK!j_I2xqI<m>X@;3m!IbSE(p6WMMn*f
zCzepI113#nF#5L+=$okQ{6o$*pM&`ZMl+13DlSqlcpSvjKS2{i@ws|{-Lwjpiz5@%
zefaig(c$0DG$_5aRTkk?pv`MtO+4CC-Z|4U%>3;Y1m#Zp$SBi)_6I?;h6eQnqX*N&
z(M10zHHSqk?HJ-R%-G#xc$-#Qm}YK$0pU^K`WB4(fjilLR8)-jjIp}5>I(5zyKoXj
zde(l5&DC*Zwo5eA3|A)i0PA_al8_hZ;pV!cq@c|rD@qV+Oj%`#sSH_lH#&bl>nY3%
zAf$Ou?95b~6yJQwr2ASwC78X{f+kI;2G&!ryTZ}#9<hV3P#XG7@l^(e6siR+4t7)O
z#w|6&+u9O<@Rq$Ar?X8RYoyroT10yU^MolFKEV0p&b0`=oQSnwaNnuw3tE(!YkXIV
z&8cK{7EIcamvD9jaoZ`omjcF};GzDH062JkC7Dh5weSJA?JoSzWg#$XSD93$GJlqM
z#nIfNgNlVZzE6KVyIbzUpyXU!jM*P}KPiW8oZoVUqO9le*RLi#c`;NmOzCN{CzMCp
z&Z_t{u6CH;>nEyJYaXFa6bOsl+uiQt<EiC7RnPWW+e=HYSb?44P@Xy@G#^U7@AM)_
ztpdD=H6SOfPh#!32#ZZFjj8?!-v>caS8@?I2&2jA@$7JmRgVSB6R{U50&mjqbSv}~
z){?~M0kCXc#(j*B+#~GsNr8^sXYN@P5sps87l>L82LaW0SV~f6KTVRS@D%w6$_87v
za*T|7-fF2ov`be=GKOld(T}nc>P&w}nAU6JkL)0vXlW_DbNiO~3ufu_&<}zrLI<=#
zitt>GGidvJcE@n)wQ1g{=LXlM<^JBOAm7dUQ5SRO&JhtC$_3<x3y2MVs)c8`_INz$
zCxUCu=DoiXVXar~FplLY7nmbC6_U*ex>UMr0t=tv-BCa>1dJqs=sx$V;c@J2niIJ9
zBBM*6{u)a>xty9wf^4J-0~C~f2jia0Dhq1{{g%6gjZCuLK1va|UKgNTB!hk6MXT43
zWvBLsijmp=NLqbslq)2iAcDa=!;j#6U?AFz@Z3D*D;VYXP|2iqf(jeE=n45|pa-xc
za$m7`cw?2g`{D*x>?hsY6c<%ySth{fXRh-nut46!aJ#xPAwM!?p)}V~NITuSIZMjg
z5ZJZ2G)3nusm7<+R#=cK4YN1fT}Kz-pj1vRia1qoarzn>WJ)FLiqBN$w?UGp(UhTW
zK8TXOtq~lwFra!1rBq`Jtk($~w#+ZW?engp4aK-o%@Wnh*QL3)aZjh-R=-N8gxn&%
zWi_Jn*oFalF!~)qip;6{Fjjs=Ky4grp!(*zg~E+XGAW9f4Aod{>x=Gfset||0na#;
zQq%=nF-BRjtNME24|%_-d6if`*~nv{fO4)hP*#;N6l01_G+G6r#TBs(!+c@-aw)p#
zMEOE9|DVY<*b=uWc?MS8b+)3TdFU&&9J5c7w^ypMUQxXlL9276JiW2evhm<S;WiMk
zw>b?E8PhRmW+<8_^SRC+y3*m7LHP9IvNh5B&yvgjVzbFl8qbnneConYZ$j;>4m(4C
zZca(`yM`0^ISXD9yM|sR{PNIS>`GYaM%FTR@~2N4QFL+Z*USjbCm5A4-y?)2DZaDN
zm8lWrez6ZVPNn}~h#so<?+fc>bmIz##VU1UXvn0hMEt6WQJL!a!I9UuCb+~JvSldO
zCy6mG3C&K@MO+lIj-!`rwhB2AYv`<Q#m}tyA$zxl7wdihXPmz{2UaPWfm6yKp~QOZ
za;-N656H-3bZO>Y_IGkcPmlz&FNIJP!1v$hNZAP5B}>@wdNI#JHp|yp(-hIR)Iov|
zkXKJ%6-c7I;)(BDT=mOVo_6FKdVc5iBinPhA#+@?d>@Oy#m!oo(ZHxysteOwgMhaZ
zQaaRi1Qcj>TdWM?ZC-{TXj9(pXB`&wBJo2r<;}5pfkc5h$4ZuA&JsJ4P&UExvHi2n
z1oN|;6|nGRZvE?ecN|A;9CHki*UcS;uBMgp*bbb|T(7Lx=Pv3tj(a>mZ=_W0jeK?Q
z!OM3rJ{;vasF5y0QxZd&i3N;|eHmzI`Bi&AzX<jX4oU`aKoQWJtIZ&Df2Xs9%@rQ6
zFIpXJtzGqpAAFfuy^GP0nBud>$(`Y~WR%ZJ=-fu*kR6;Q(F3ht^@A=oEF3<)ka?c7
z-y=u9jaLK5Go9A)a^a0^I;$6ObwUNRo$CnImrCk%#2Rd$9Z+7kcxFC}`0++Dt74OD
z3|1(9R;=DM%7u7>;lg!)mc_pF&hc2(qX6ND>uUG%Al&->_DHr=6)VbCwF#n!=K@t4
z__JdxNQ@7Jb<s@G_qldBB@V@-o>~!2)3rF?2wIQO2%b|F@E>Bog1*gfoly8w)W-H;
zT-KfI!DClW^V~ptU+d7UWFu8@innt6f4PBNmaBzZj2BXXIjC>MV<fw6&qkN~e>A#Q
z!^SG}J6>L{msIq1EM4o>x2vg1Twcke9(u-;#n759UQU}mi31`j9{c=Pq<-DI_NWHu
zRZmNPQIlm;k0K>g5z9QNlusVs5fLtk;U{JL{cB;H5WV^cg=Q<|!pknC+^?l90dU%D
z%jYk}>jB*ad0M_%05Ir7gOyZ75X_(^j;Un3L!@m>&R!y3MIVYoa+3wiKk<yCtdJeo
zaD+vkX?QB9#|B0j<F8FOTXsDdM*+NGqij(R#R~^O>mjU^%AtqpcowH@YV%eAVq+S0
z%QH+E0Dk;)@n)Gcjr2c&3{0q<TW=nNWS7zx!TF)>a15sfH6p76DQIW;i`T4P@fix*
zp~QCbQ_xQJ4SO5}?JQS=V=;jawspSNnu(p77HG5wuJ0a9J*A+Xq1zuCtVICrMEozb
zbK{V6m_0)s(-Em7j}Ft6!~ya$dGYw!4s1}I>HlZi%`InXaT)>^BYT4|`m;;cK0r8>
z9YLjsItoOdmk9Zwo@*qWjX3*%D#OLMAiM@eLxxz)JQI~`5NG3t#n4K&)IGGfk){bL
zhZITp+nvABJWSEO>|M!bXSLG`k(8_<P<EhbfIR&ha1;l!@N&QJ_fCoa=STng9zy_H
zRGQ-*zv2J<0YkJO1qW9A8NBfCZTx$Kk{ocj2GsVg|Nh|b9^gNSV{nJGJS(zK|JP3c
z>w5z|7ziB3oA<vR(%)}e;vp2M?x)Q|@SOgSLoUWq2Kb-zEdS?#Au%nF@nh75<Nxyq
z7zQNe&Osk|?DoG8n1PZ4H1Wye@&7qTG{s&iR(u@HssD5T6L7%Nj=#%4{MR}BYj>7n
maE>W7H3|RwfKiSNyTZ*O&tp`(iu|eIpRs{CwnEP}=KlfKDI0zO

literal 0
HcmV?d00001

diff --git a/Documentation/services/pcn-k8sdispatcher/ingress.png b/Documentation/services/pcn-k8sdispatcher/ingress.png
new file mode 100644
index 0000000000000000000000000000000000000000..59aa9b2732a9ac2887626ae72c7c08ccc89e15ee
GIT binary patch
literal 63865
zcmdqJc{r49_%|LA$y#>Vl0wojj5XU}EMuLqmVMtD#-1hn7L_%!Bx~6tvZRoZtq5gH
zM2PG=?=^Uqp6~Db*Y7yqKi=m!dW?JS`@F8}JU{1t-Xb;B5M(5bB&SZDB2!Y7(>itP
zH0snT{BYtk;EILGd8$*Vi0`?}>$y96S=l;Rp5lbUk3Vq=Kx~}d+&Q6goB{%-E-ri)
zwx-q?Q%5&GCrfv534HJ9Y+-9<YiV(Oj{rnK;5r0$T|gAgFUSd%5fTOe6BOkWg+dID
z?>Du!bUGm@#0LQcxb*n>xsSiIbT_p=rUSEZHrBMoIJ-gQ>^ybcg=B^0?T+v9u*A68
zIy)WT#xKeT;RCx6;DpM9O`q%z5VbwokGGDl4;+gT)Uq^phr=~x%rS!2$8?-b9W9TE
zXn-wU=RYPQtb?(zfGG(oXozC0keW``Dl(h`vbv7^PNG6SSSNL1eGLm$a7D}67Nw%4
zB;e&>=7bRyF@q!I1Yv42x+r&ukB6JBC<-MA#hP&nD3~L?`1M7=6Hptth@}>|;$`K7
zl9TbY*E84GRl>@e8n`%{slxSyWIfS#cIuYON}g&i{K9ZmCnUn&L(tyV*<RZMA|mSM
zuIdPP(}!!K)Gc6UN}kFp!kU)KHa?=RUK+Z>YBE*=Sa~%VT3#3FEU2QW4i?e|+*J^S
z>si=33;BSLvM_lw4XA*RwFO#9!POG2psV4eFDN4FBn)?R6_n=}67*IULO2LJDyzvT
zItam#ZjLaR5Jn3vr=YIsu3+zJ0f^`c$oZIhYj}8pBO!DIwB*4xDEJJ1$O%|tt(~Ff
znqE+}oR_`^xT<2H;3H_Jss>k7@Nt03d#H=LDk!=rXv*uz2|L+f<dqy{^gXS-WNhr*
zT=gyCBKmHM-d=JRn$9Y!-WsA%q^OO707?$xVvdG;sw13qv~^TeFgi#%0l2Id25dpW
z%v>1-ez*znYiW8qdC7Unc=!mbdTClK%E8^O(GY7rU2|ClJ56PNhz3RlF5qox=D_bP
zqiA3ttA{{XntLlk;hs7$QJ5wItLdUAYvv)NBJ9F1;4Nos?dS!!)I(dFc{(e4X(4T`
zWz@Y55bic8ABcw=O3w_U%rC4Ug4OiW67)tWxx<iFXh%;45m^H_ei>&|FIPJU1$|Rj
zRemJQQcKeUrK=;P;c4rn=892tK|5&jTcK<KgKTWo6ipp%Q9cej2AV<$A$J8hK#i=9
zx(LJpAt>l*fv_>fTB8K?up%-@ZCxJ&TUYQk)I!C@-3O~-39(k!QS-La0P3k=ujDMJ
zq5yHU^%8bNYAZsmgiQGnwz`gLNC8hZ6*YZ%n6?s%-vR{_byu);@bH0qDr&;jm0XZ^
zKEkqs5HopMA(*F*y)ME7>1oQZjN`7Tx2FX{UC7o=)yvx24xu9FX78<LAgBViV5ebj
zt?DMDC5X}$k=HSBly^n=pwMtpEps>)rYSE1cfp}gOO9VyKt<62u3{zQq-SA`g(=vI
zxQn_wK;30D9rbXilu>bW_VTn-H*oS+0>46F!j_JjXjvy2OARk|Yd0H&kUYPLq9xo7
zVrgrqWsCHNI=Oh+yNjX)Ox*>+8nTYs`Z{t*2LS<H97D~N&=`IUznTILe&#~<$_|d|
z7?>rX4As<@Q?YV_!4Ya!c3$>^9`>eKd0Py^%fdz7%vDZN&0awVt|_b{=cHus3fFSc
z#CqEbD#1iCD1?PR%o*lwk5z-1TIlPU!m(~XP!CyUelvYV1&lQmDJ&>t;O1?uA|&G=
z>SO^`2CJD_V+Fkg)zqN!UPu{TCvz<uAzgJjQ+ow{RUKIubt^A~o36FBt0+dxS`nsd
zuA}7TqN5`#tEZ{0<B4N0;0MB;-^~+czz>Cc=z2k9y|le;bycu{wz|8p1{$rUtE^_D
zE~94!K`7YhxByB*dd_f!jgpP6gP=atOWPWN&jHS_3{%xcnBy#u10010wDsYRGCp$3
z&U!A2GW=K+3>?Z!!A)Ju&c)45#KX!NDR0WJt77e}rzYesprfQ9s;na<kMtIF&~R}_
zLa_P@5Ue)B+70R|j4{;_h6%u&Trt9q{CeO&9UV0Qa2Y*S1XSNf6Rsj`qhYUs!MLiL
z1FI|RZK0tltO&94HrEo+^n`c|K-D$m`4!YP;67F|_R0c+SQ|YR2TLy(b0wsXshO&U
zf|8w!g{+N*lDwO#uBLz)L|9o_Q6J?bVy1$EnfoZ{s+!sfIXHL-=x92*U}P{zWkqkO
zi<63-Glt(nR8huG6YDHuhStQuofQOCgpjWC_R5-i_Hr;CQw5Bbu#YoJ2(2V<4s~(V
z71glT_J+6sE~!D>VGw<s@sw4uHuts?wy<=xv69unYUrXo`JJIydm&+YB~^2MjEgqd
zqPY^rUBpuviS`me3pv68W)VnrGd*EhZLFe@o|UPpgQKgHy@R<j#?f3Ku87uFc2#gj
zpk!PSXiJoff|9eY7F56yET$!6=i!V&X$hfR%)H#ywA@wo^vvuW6g^}Ov~=_!I9&k@
zhuAy1swxZWA;1$}?kGDgm@v}7KnE@a7Zi2G+9;_D*b7=Ab)7xje1zq#1R*$`KnTI*
z6tEg@I+m6?z(xzA5vCd%Lf{Jnn6Qnytcs?iqOiK7x*%9V*A$B}cXL)3auJksl{0fe
zXv<r>!IXrcPHNy=5jSBN3_J%u;(#Qq>*Fq{<gF!R0kJ>6>WIXBr-Wl8!T>-{7HTQr
z2?bUKTyOyYkje--+)sX6evF5p9B|p-m%qIBkqZaEpM)Mz`CD_B&z(BOc1lT32JL0E
zFnabjdSH_1H|w+0&0;)R@n=GHZd`Zt)=3)f)G7Xu+xq-=S;9`T&ZWGR8q=ieLQaEJ
z+s~aJDt=9OW;pg3*+yTFlAX*Ve&0w+div0f&y=qK()qa7(|_~O`w;mfW7^kANUEoH
zW=k;YTs@aG9*IUEK6Tb9!lRE_s`!$mD94q_aPB|9;ld|H`BDDo_96Brh$RuDbN0#8
zCxn_Ht=9jdiTfDH44(JMTBiMDwLl!vGye}0&0-H~X^|TVINbM|x{na-pUX)Tv+ll#
zOoRRU?Yy(KHSyw;TJx`$<M;F{t=J)u-o?f{hx?neUtiv^v$OkhTfy9%gOQPOVrFLW
zhp+c(LavF&fMa8#iwi<W;<7<Y-!Pq9A2e>OTWWk3b9cb5b<j8<Hk{R;zOb+`Me@$8
z(VXv!DPPJ=Pv;?1?~eQLb}jCBa{xMqI66XO3)he7+-}k~?Jz5EGJzC4;jqpd^WSxJ
z7;oG!*tvpCImHlG?KEoVDNdiakoP_If5<Yhj^G|C3PYP;R765V!P3&k8t|Mq&UYe+
z2x9(@G}l{zZGZf5pLNW8hPmb4yU9KTYwK)ZPGTyXx3Qukakb;uFn;rQChz0fz4n&d
z%B{K>Ei5cddNOW`%%r>h{s8TnsOaQFb?k0@b>?@Sl-v8=OaVzndd+5sCkUvoSDF{A
zQRlJvF7W%U^&y7J&BH(DD?PmOt+GcFZfVKsvpyHfsgg7?;?|=bwfj9zimf?0y)P;{
z8kKbO9;1-*S#t#6s_*u6aw5$CV0&hExHA8vv3|*(ecL_e#MFYPPcJ)+)KE2tk-;4u
zug55GtgNmkzFv6(;O-)T7sf5gdZIXFXD>44(em9UW{|Zgi?6&XF!7!tbG1jx*!$%i
z;77~HT$Mx@m!6xOSv56V1rRJ)k%N<yFxkk5yK!ss9A`Z5t!iW~5dFCBnCZ@sH0R#p
zTf&_2WEVv=&e|OAF9q;>Ea>@dj(XNi+&!nZQ;7;K+}ZKTt$!0tWIo%Qt?av0^PPO*
zOVzm^$z9&Nckd=l2f)(E4i7e8CvJEyjWO#Q->Ld&JnS?az|bP*KI<ZaY`65~K-_Bq
zP$}3OJJ{b%-2M3RW5O%{?P<CgCSmd(sY8h{3RZHy)la=r#11@!5^{m29q==EyG|^{
z3x$axNR`v5*uqHd1<VDa+Mv6n5&|)|u>;!5W$`ivU{&S5bF{oo{e`GF64W)_l9o}=
z@#4LD<JbN*+dtA0Q`3If_h!i`pYooJyh_Q)7_~X(OR=&!#c3VeExGG3y{W!dsrFcm
zd9c`AILqcBkQ5<685SP?y-Ro;-H}wOwBoZqpv%70+0pU#mUBaHy>XT2k`Vy`0hd&A
zkXHB8_MXm(%hq!xb&F#4%kP+Krju?Z^t@*fXArbxeN>vC>2I(dLmEnoD)z?TW+2g+
zP{fIo;@{$&T8Je@cO{duVN#6-OAHeka$dc9)m-<fU7wi&a_{z!tJWotPOBi1F%?fs
zM6=!tJbU&marnu=Gu>;Qc$Qm?5R*WGYnPK-u|Ge`7w%X{i6`lXJ>d|}ikC`$Q+j82
zBV39n_!|+cU)Be`b~1L0uhSJ040#r14?DM~J`9&9@9n<^a*v3KLGN%2SK5qiYb?@o
z2{*(;4ZD)pA|oQCjf_~D6T%KeO;Fqu+(4T%1kO7UofvT%{I)Re?Zx<XeNh+^yEwv-
zd>a$FLawo@GrrQm&JY6hwa#<t9fNgx_6T36|6E~y!f@dQLxJb-Q<)jur|MK!1_y7u
z#jY$r++TRVqPEuEe?Rkn=iZdBD#rGSpL$VN)~VH*9^JPIelJz{`s~NZe!t(fVB)L)
zEz7x=n2^AgnYj6$?aFxUgQdvp1}_R)7hSE2XeijEWbsHYasux_bobcf0Q2}ctngY%
zjcn?#`<;VRKgd=du$!$+wO=Jg36Hv8=oXvjmDrwo*fBGms)E`038bl&MAEqSQ6=T3
zFU;@Goy5$}X*bLn#ct}yv(}~cD;=({@<~vkp`j5`QCe@&ZeOR7pFgBR6HQ*&4e(5-
z7cDF-G|On7;jE<!^~-<eeVSyO@3Z&JW1?-Nq39cp#M}PEU#jdAV+9|TuC2MZ!W)_1
zL2|PLD2LD_UJ<976T(Re(qxVurcJE0eRD#(;VS^!M8j>1_;@Cb5zp~EkhHE2zJRW}
zZDvtumG`REZQoy2Uf)9L5>8zbexg@y7FzK^%_)tqIV%0<{cp;AHxdF8nc(j|OVrk&
zwY%fxgN1L=^75e-Q|f0fGCZ&-c;J|<Lb>_tYrcb=>yK1xo-{>4XKD6;gZ8VLTuZl@
zYtu6K8kn5xHM!v|r0MbTSq{qV!q2zno|QuU_q;4qpZZZCyDQo;{)hXXxfhLa@Kyr?
z!1Aykq#ui5LI&UQEJ`5ZeJ|U~{e!RL2YCd9wKO$;QU$pX&N^;k&-hApfsl6JsR}94
zPR`Qx`9anUst1)u911ZSu+aEUV)c#6Y5+EG(F>fxxAgT>&o4|pPe|u{2vx;A^Q`@;
zfWcG<bY8YDpSl+!;8o?`oj{5b5)$eNV~{%BtE{+FPpZ2jDT=ykIK}BHmVj-~eTebk
z6%iQ<R>)8VVTFVyFgq6zp^iA43nCH`88#>srN8mHJ||;D!fbi66>;6oO;(5(hp50o
z5(v`!S8wI_BR$UY#Pc3<^7E?~s6!hWl`M2z?FoA@Be#4^s*R97@1n59*%OtIqmE}1
zd~fNG@pY}`RcAq76OJY(C0%>JQK5;u<HeOGNNyFCx$mE0Q5>a7%1VT(3CEu?Oz~L=
z($=wM$mow~r-_4rK2O4oeu(&w%hL8hdkvWQtCNo<auRp_CI%KMj{XenL|0BO_dWtR
z{Hzf3EBB9>OF|a#i6bm1_OC$hIR5(owe3I>{DG>(l-0%4HZ$Yol8ueO*KK!LC)~CM
zC090Edi<si_qW})8Mf_NSy{KXcbE_Mb0j&I?q_aSKId3s{yZZ|<I~1-Bs2uroajB?
z&=ak{7Sww9D5z?@3*qIJ^|AEbyVtJ<*XHxaZGLX5uMg)09O%B$*49DR*hwxn`aLM&
z9R>zk`ZeIv4)d*zm}4R)FPl~~k<CP}rGnKS%P#Qc6bmo*JZmYwnLp7OfV7`4-jl!q
z<|Q!%SsVH|QR|o=61OIX<MJnS9`_V7<!$Ji+Vr3=8ww3nx(<oqWD)@Iv#j|S3nxT^
z<XLkk9vZ61r3e(|RR#nIg=GrUnD3}-7OUyV0Xxt{1!RO+^SW_tcct_3)dPNW!G3w4
z<>#LZEj;ZlL_ap~8q<iWP}3g14i4cA4&lS3xe<PRhzWuqLZ+*el?&5zVTJp&BV+cA
zi@!DtF8DNE!tt%f2=HzF-SeOmzKI5HFG+<Q?kx*E$<a<vJ#RYKeePpTTIP=oT38DH
z*tI6ebc1<M2I}~%YFrTK=F?l3Jaaoti)cCc(u3~bVg2zQ7wz|k01#aXi;R7G45ET-
zkeSitExU0$s=T|}&$gtEt}nitJv%b6$v!Y=A&*mli&Q2l7`eF36Gpo8#2<8vIE=og
z)zq{LD-;{Kvy2?^9u5}MwtNY;-T)Nfr=#33>oL*;FA!KYLTSer15^eeiLZ^r3iWHg
zf3&!|7ATL~j!OgB&U~ys2yk&Imv+Oqb&h*m9X#J#p7RQd%Gvqw#xXf&FrAJGiAUm<
z4{r9nC+@3yY=}h)rN4aLjDoD+D>CJg>WS)0{?J+`x#{YTqh$lsLis{-i^9pa`)R!P
zitlfgy95`R&IQ(zo9}kF^+rGJ|HW&c16W~#qy5;WKK6v+)<K2N_nLabVNc-UYy+>n
zn;cqeIx|~}>0<wP1aR9sx0SZC7Bc3obgkDcMG@9azt#L-*}`%QO8Pqa0I&rs9a6Zw
zpYg7XZsdCiOWBc)D4_#PZ{W8-L8Oh^#Qg#IeeDD8FE4f7QZvcgb@^Jd#yEs#TF(HX
zk8uM4JpSHo^cMhlAV1e{mDf#<19aV4_sTki(hu$O-6O}bSrsUTty#*D;)#S_;Zu~p
zVi48NY_`yHwNef#Br5eG7v6Y<8ttxt;qLJOx-opV?dy?<0`Yxlw_XpPF?C+2yM$yw
z&;JOz1CwxHU#&T)|Em4$A&n+ZthkVo>gJfrv7mYjn@(SIZfSf}il#taAmV*jbu)Y(
zoj3~2@fyy$zNE4YI3cb^sp!8hHZ^cScmMue7xGt6)wlch$&-&*;E#Jx)8agE(>l<k
z5@9Q{6Z745HYQ-&;9|koBD)l^_^*M8QeP_FOy6fe>W56g-QvL5*Sn1j+aI5{Nr`YV
z!28rn@gYhG*`8XMFb{Pd7<c+M`~R&R@h|pxsD&Khav@QjdmCRM)9+|z1G-h`Jd&z#
z=PW~kbE=7qDV&_MvT5kUHP?b=1XbRb!p~j%W~t--OvVbYD~XD9u3p1=p9x$r!QoSX
zV)3(3L4BPi(uF-e#1y*x$X||4FJww5S1O%)3wi3~@knM>0g9bDIu3B#16W9Bb6HZk
zqq(>n4Ir-`QurcG=ZW*?{Qu6Ik=4oEg5SHUqmXsPX{(V6l4NY1j+>DK<bPz88WT_P
zIg&SIuuW<qp@lC$^z4O`{R|$Qc+i4(kr~IlN5JEKY=M;DKVdwUP=U9WKB<X!pt=9~
zt-&WfsfQXbE1%;uC=i#ddc0jef)DsL1Kiq3oaEsvmqLOrPWy3@=?CeZb99+~##Lha
zR5(x~fP=i)_r2kS_G6Nf16k*OqWz#=jrF(vl2myDVGXh8F6{jL-(XYoYul)da7kMj
zY55g$SncT|vp20aix-Vkpa~yftOuDY&zvCs2SJ#WCkrEdgZ;8xLu%p3f{z4t_sp8u
zzCf3E`5UlbPh2!HQ&Ty3yq%zjB&2t$iTq?&0e;Udd9lu58$xp6K<LsJz(F6;Ux7V1
zwi^=?K?BA&qshi!lNuXK<!TtS8gE4$uC6=oJd2B?AWur8qB0E5Vhfnj_KSLesj%xi
zeEw~gdYI5((*Fr_qw-gaI=|NOPUE&mlYL7IK}A)ON9rV!da9W^lj3Ce$!GoQe4#9c
z;`Ex2{Sq^TVLXS25yqzv4jLhhr_qUp#l>ye@TBHnwsyL1yQk8M@n9;D>Zi<FRff-T
z9<(VEuzJhk1W@%FCd1Z0y`0-tXX!r)isy#fZ!Xc+Z%@R{UL4jw*Ja5BqMjSLQ0K0U
z72Qb$bp7l|!`gW?(Slq-l(o{Z`1#P?JN%1Lq$B;iPQK9-caDI{2P~4i7OmomX55o5
zMF*sN`uk4b<W_I!h+=Y8+qLKS9kS2(B3B)aPyJg9i0B5hmq*$$BiRW3hjxXo6f=aB
zSQqU2qwUx2?dCN7A*8Ho-A=!*?_I=!W&oT7onv+6rNFN})OveA1^rfb1zyBCeTjej
zu*BG(uh}||RW5@4!^20d)wnZj;7-qWa(b>ns^}ZCkJ*{nvooM@EE}Dd-$ZB4-g71q
zS==Ecw19eZgonnSgrEgCdZDdEbhjys{adg1>lqNN{qniWQtO(HcoBXSe)T@U3F_Rj
zpiU7|2RUy#yz74%{_Ta=I{BPqWaF!jGnpNq$~N9OUIdX%AU?}=z^1<D=65)20#*cG
zYNr|TJ9A;MSF+>gjJi<NL!Xz<H{QlEz_8-oUvNh9Kb5yxeUmM>nQVRwR#{nm?WG@$
z>1TNBzu#P2_=s44rOyu76jTk+T%{e8nSbo^XK!aUX0y=UbZXje5G(ld2~Kp!<x?$%
znZsdW(dW*NqcuQ4VOe@{3FjHXlCydf^M;3SFEB02I_P4nRZ6)k-%NeF(E0A*R$I{m
zBOzCoFpyqDEY~hhC%{Qu9yC2<Vtt$JJD7C`G1w@jZ9E=0DsKO~>jTNvs`S<)Ie^Ge
znc4a?NDOhm_C9TzkhkVwdvZ!4XTCeLV@x|daq~{_CvlI#r&LV9;d_+=!?}6yrmx!Z
z10uPBtp>rJRv|ev+j%Je&lwcdQ+PRiD!{3?4ZDdi;R=%zI$&EbS1K{b0tuWsw>R^0
zli%|@y}QTCF3OUVOoZbFEA7a(dJn?n91h(t*g%fj_E+2;gd+LizbU!rd?*gVx^(ZN
zXjN`Tt$g|R3C%Cm3P76`r~tf+pqPsT?1)bq(vCrC8H-_A8{w1}7q)g$ulKbgDXz{m
zSu7NI2<x%pZpsJok!b7#!V`h7UDq(>Zq}~Madqk;4j1z=G3H=t@Hkr{=@|i^{%wWZ
z_#!O`1vZJx{7+61Mj$y_POg5(PfE<Q+_~1cJzL@S&`(-q-83iJ`Xg0bcF<da!y)PM
z1E&bTT!xsBHf)tooR+J0zLix}RPm%y@XQi&FIRPax%mj`+5qV&MA)wrq<fV$t*@#h
zypWuC@9y0i?O?5@`xfBF`+L)I|7I~?Ix8-EoHzrxE1XrSe6p|4gvv!xE~9%TA~Pes
zI#^5Ndt?mFWA8%G?i;Lo`$yo|MGKVg1w`2a)FA=0HJVNnO71O_Nxb~Y?k?7~`Ly^N
z->H(HlC<rot$a;x3|+<%-Z%$>59c=V6We2S1G3&lwN<rsVfg^vsj|t_Q4IN<8Jf5m
zFukrr05oXrDhMcE^IOIptq_P`L~<K?gZ!8IbqM`Eay0DLY5!5pdrK|8T1N%&S&(EZ
z$K`ZLo`?fY&BZkycZ=2ovFR3r7}#k8H6+0~H~0B|RO{z59^8iJfB*}vyB?j;e?{Z9
zw5z*3nM5tuw!?LYSE4uK>kY+L!#k{>9W#gdaZmia((Mw}WbRDbma)<msLnA-nmkck
zH}0ui%Nv4YPd?7=%)Ku&#EAsZCnH%)8(<+Li`_C)C_i(n=L#;ovq?MEjQ(1`WqZu_
zqZ@G_qkza+3I21@1H^j6LGNyzZ1#jMSZ0~wc!|I7Hwg#&#cWf5lBwau0~X7|;pnfA
z$3g?~;QtMxHu`MlwtPB{TrGyeSh=|nJ_{T)v+M!p3@L7iBaSzvfiPL$@w=RF`G%1;
za;`vxfG&kf!{~17&q#WH5rxMJWk+2H9)O`j((btvF8G`us;HvQL3unWgHcZZ`W_e<
z`1+M~)un}a2Ij8=rt%7&Yx5Vf^Ghmk;P?d$LiiCU!104%=Paht<_>dwdo^|BmU((j
zHWIE3+S<f7+TlGR(o{vS*!d-Ey4IJEB8?0#VB8~f-oj46C4tT=`Vw}T>Iuw=Pr-6m
zPf+27e|3BQb5eGBE7ApL*&p>zkTbj9HaCWOam+8iV3K0@_<|G&1977G?Gx0$J*=0K
z8XYzy(w`<a^y{1PZGv$L=#?v283pCLqtm|?a5w(fT!f$FHB1aws;ro}z#RLC{Bio{
zFIi7c+q{>GkhhJbm(t>;nZm6gZ4PkC$OM7?6`3YAy;GH^7sk>R;mfxCIDctjtJXw6
zqw5N+@O^NfL8PTyo$18DMvqtF^jjYsV+8?|m-YWb)dW}2FL9oPF3yT`K_3;Vo{*jy
zJg3haL79ebiRP`kU9Ub+hbWkzw>XO8FH!>wM;ZU}BzsxA6mP5%ewqKm`t(Le9wp6O
zm^4Z=JEW+wK{lS-s>tjK{`%Wae{fVW@Z865SrsbBxCV~yvU<<k4(xWBT<cp}Tf6yR
zYKQg4O8lgR-Zj>Wq_jQC?mpYR@i<k30!x&h{a)Y%5{xwO^&Um{d+S45+TNH&ZPXai
zM^U_eVE%4|J5up+Z|nCjZD)WK$8hd?^n1_P(M|)CNuC>J#!bE8)oZ?_$xJh|O!9`%
ziXb7`#MS4L0_nZwt&NHxu$Cv#7w<Na%H$LElQ-%7tQDg+9QpQ(bU8eeSQ8KL%l&eL
z*6si+cL&{Y8ivunQuTQX($8vFhqZuYRDfg*7_V0+;`9-hs!HpqRaL;p<Lc%$tj?#Y
z(8qctP2s)N)@Hx$pw$Ou*9a+cQjDS42vjHsHLgHmoK^W=P}y_z^n?(;_5kd1BxRMW
z8$VC0zGf`dPHNXO_cgfUeTLJ!Y4P0EDB&}86Bl_)y|sokfstkbD(BnpMRBbD(x>qY
zS1ZdQP&%@5*8<_6n~>Xwlb5!Br1J9@o)geIF9;EExC9iH4m{Nmb9wiqXu5?m`B@}^
ze3VF-IcwAJK077ECnHbP8y`R!{qa1%|5Lq=_eTyj8aUM3q#q_v%)Q-NhY@s$>tyd}
zQ6Ob`Z3yuNf1{d(E~^V^=&3h0#VrD^vrA3S*2OvUKfAR87zSOyq44Jk3T<wi?A{}>
zbc<Y&%@WiK;R=@deiI|RdYx7-LX~GyKFNS@EPrm4qyKDZ#Zl6Yz&#xK*TZPG*IDFB
zW>@Aqe<iB2^CSd)tI2*|pdqV0Zp8kc8mi5&8N|r!2m=A@Z#i&S^@}vsk;f8pAqkrL
zsjpYd$C^~2H*`sLO)NC<4;VhB!!a`-;6gO?eke}6!J_?CDK9V6p`aBe5plt-)WvGK
zVnwYQew0ZUp+D4=a3)Y}j-d|3OEqxdteNMYKRjNoS0QL%e)WEO5~01`<)WO)FJ8h@
z{?Dadf*A0oIrY*rBB+ARiH~Yld|;b(LtYn7B*`3f{gw*9nB`Rx`_rxDcP_~h5)`1y
zh5OB_q8=Z9m>nu1zb5c1$C!2hqRsP{-=3A0A~qLC?>~MV+Zs)0{x;;SGM&A>JrxsE
zG(4RA8?F@@LB+B58N1Qe41_4*7dRwwY`D~do~PTzq*k1h`c()|RdV1n74*3p!q`w!
zBwI7|^og}>7P0ndJU#1kh2rNqvG|?IHxOD{=W!i?y`A~e-^<Hy9tqheoEoUI*IgKE
zU^+NBaO6#7%@4#`tb5zbPDiU`1)>OxiX0Wse@%BDxgFC%?rK9y;c2(cyU>C!X=zE!
zEnsdEa6zEeWA2^F4T=2DU{=a!DM}KnAE5Ws(xTNRw+TSsgKTGgKK%Nv>WS@{%(l}M
z5)*HVtv{{tfQVx7zUAv9TLDT`|Hl7vnZ74kR)8y&-|B~ylzu`6?z4+_XXYJcOxhoC
zDypfyBNHA81U)B4>&!ba(0>bT@ZG#5B0~TA@Iai!f6LTi^p*DZuJ~fj>D8Gs5rvVz
zW&wKWW^{!K&1>a;*Un_1@b&Z69w%h>q>Da;8u)!#01;tD+CAZu(pEZ0nY%X2l|1V=
z!dDoDn8if%HIgRFq&52R1gBVAp1hEYVdYLTSi#f<`XPAO+3|?TFE%v=onAiJUAkt<
zb^W@kw=)kvKNS{>rH47tdn}GbIyY{gd3Z%t>u&Pif~xRnNKK8%ZO>6GuDkI2tMhBq
zcQFiJpm#SiCJd8K15)^MQMmfi5gOgu%3M)Y?;_!z&yL*2Wamz1fKN$q$<O?Au(YA4
zmnanMIg=vc0YpY!3~*11MQD#iaO8!nJYA3|&$H9K58Ex?)_bo)uybfm`u4!f!o?!{
zYoG2XClgf;$Iu!3QB_*^yerVmDYNOjln`n8c%>BcGb{bqq&%K4u;>e#-)|mSIcYp1
zg6jR-LBQGm?SP1szZVw~>;2aW@eEWv_)Z9#?g{Z|4UNEX79V1P+wJq9;q-QH;MuLq
zyKA4+TcxbdOfx?V3p-<}KW>?97zX-|G~e6e=+Z1O$w*224G<F!&%CQU@g|P6?{5^K
zWc!o9UQ3fjbG?p#$<Q|{j7D>17de+wT12H5r4&eezI=aeo)uzp3g-C5z29RN^X}(>
zu5s%N+fOc_X~Z&(>653+cAM$$;0wf@TPI_JalK9&%#sQIJ?6XQoy#Hqs|EyY-@|xM
zO2jV8f7+b<Jqf9aVSIniRtWXfw+wcEJ&9|5l}yi?KUY!b(emmAwm-be!NGBwo10s?
zbh>o94voq~z5(Y7-QV532GtbMa~yAErn~Ke2b#(noYieJ|7CHI4#|gG526bhPMoIG
zwBcTg4gqN^k!d@>`C@|HQ?=PAiB|TFkFSRoPEMMoyS`(H?>q(i>(4I!-UY(|+_wrk
zi~Fbf0zm8fIYv$U@L)f&>#F48o|`3<WLwmTx(wGnU=bQS$tp!co95QH71cWL3h|yF
z&~#n<So^1yb0534=~)W8SGTIn+sLPH7A-aIlC!h3(~G%t{rHfYv-joFm~Wco9kI{F
zxAH$|$jixb$;=n#XUL+_3A^I0v^F5$SAN+1PT|<S=aV=L8$|VSi)-pJae2&MV2`>{
z?K`I-`r2?(W4H|dFJ~RHI&TsQTrC3Nz`Nh2jQ<FPS=#?KeC*W@Kc;i>C->7_%9Z5*
zju?kj*oPcRW{tt>hvpwxj?_Bv+>tp`9u196i`E=wCy)L1jqiD^yuDHrBHf%?%i>+r
z!IkNlBFdc1q(?o~;F)4jrm-VDk88E!Jc^AH8`d92YxUy^JB)n&3d@g<{HK<9fB5S6
zz$?ruf>ja0?IlNEC{PSvMR(fN%!k&`{E6nL?1y5B6|`OF2xyq4;RiCj$|@~e_szJu
zZh)v{73lpVR#}e|=XHLlrjYo1OLm<$9=n;_*=5V2o@L8hqBlant#KKzrQQxI)`wNS
znq2V_L+ngMehqe6_db}V{uzCmlWfZmanq{N_RZMaGs%MitF3rm!UGY5hp6!TJ?Ogn
zMjc&~%1Bk76_Xb_lewa!5Svrhg0~#oD6~NO2>gtT#&M!Z{hK$)QA(FhDWu>pcmKwg
ztlvDvZid2d)1AKi*JL!DCUy&(Nk*6PGcHS-P5d=p!<EFG`ggV=*J<6ihYwQ3KL!Rk
zmbN_)Ft~jy^=59g<13DqD>TcORIX<Zk~R2-d_j@m3JW8=APoG0XR>}I=80PTZ9=Sa
z#16*S5*0y$J)kqX30m9T%WVNaLQFP;&ZO^4i_W#mC6H=m=7v8}_mm<v)(8#ocU&I{
z(yg?lp;0cF`+AKa)$CzZ3Kt%(uFx9;RNE>nitM=4Cq(!l-`aHgm7m@dGt+3n+UIi|
z&1ipHjsrc~Fy>k^y_NffaU%|a+$}^)dxKHSH*}hJW_X&?_(+=e>Vhd5r-IjB+Cfmf
z`RAx!lQ-m08;b9+@R`pQG4j?36T^S#P71r7zCz&??ptaXUbE4-#oiXyrla#c?Xha;
z6}errZ?kM`G*B`B#-{3<Fyx(vAHP2~qxSa{v)GdfCVsUmEPSw+jtlRgc)45uX}`rG
zk+s@-@Vjmwi!rN6e_p`aTHAtnaBt4D%#@#YE!I-{@|kum58f)gc=4h1mbI}2r^Jr?
zsxJPR@aw_v_jT=mBV;~RH2)~Cu{5Hw8nKc#vzBrg)sEBb(Ka2=R!F{iy29l312cM(
z6_?Foemw#4zFcg%3y4v@0T{b0EtHP+?sSm13Wi^Z<6PL5h#s<!Z%I?dw5WuofQ|ui
zCgZi|D(Y?5zRI)ZkFV!?;k=K(Rzr~6+g8iuAE(V|6}xx(`y(SOIo_gW^f^fJBq32W
zkux`M-}}0A#%#wW`22(FXiT^fV^)G|Uk=TCD$~i`eA&KTQmOjQVwx(mkF!ayiLyR^
zjDRlQKqzT{=MM0{jDFruq_5JP=+SPn`jbLu&-o>p@t#2(>*3aXL)n@*smIGg!&7B5
ztu9*;(i=aLu^qnFx*6B3TKo&!5<l_8okKA<`<2-%(O-&@+!~}<C#F`Rnx4r;O>PNT
z4x6s(>4oG9K6rCOkXUawl*W_yIcB?(?HYuduIWJ~g<JmROITSt?KulhV4d~>lQzCC
zs~wq#-ur(V)1vj~xsU<2E6UyU#w8z8KGcr}3i7K|?4io1T$F^yeEK6ylL;rXr-i&0
zgAGV8WX~42#a!CD$ed?Ew0Hr}VcHs77P->#SuRTkS>n#39YwM{yjx1v@^Lr#J~#fC
z)2Ram-cWpjmi089Am>&E`tK!YTZUczy}mUYEL^h_`Ps7>v6*$RVM^<@H^($@Jgc8P
zy+h-{)s9B(4++!J@zaWF7G7Tjp>iKE?JGs`*I-pCzPgn7Eg5VW54-r3264>kD1A>x
zh-1pP0y6H;NP)?Fou?uCe*SOjs=}N5N6ng}w9URp9b9s_1AAs$Yc?5z8OS)RulYxi
z3_25uAjvBRtv9;{8Y!hCJ1R!~Pq9E_q4%mRIxuBLW7&=y+0N-bBQdl#eWyTAU{k%^
zqQqPG)wnS+d{fVO+VJUktH3Kt{#A564}R4pVrFqDjhi#W)Z`1OxnC<%Q!lz<XHJ-D
zN3FQ&Dpb~`YuoIV!tLE?rsZ#&I-H6^J(nNP&0M|o5Gq6W_-D9(z$zVHF|%0MuF1d*
zR*|l5NA%+rb8$9d=*2t@ej!f2TEUgzrRQEg!GxjHZ8ugQzES4eXWFr#`F!WoTH|LE
z{@smkY7V2Xx5Irio=INJdlH(KUOvax!RL4VqE&gz(u;CS9!Z)29m_xC{!HTauT6~H
z(xCeR(jq)uK~);Bl=^)~;ky*>y5FBN#1c|LVL&10)<rNUl;Ah0Xw<dDDimJWF!{KM
zZ?b`_c8_n@Bv`NG>f8Q#s*Z(E<x5DR<i0(Y#B@_{bUlarls5ag&`zxpxAl9@pqeW6
zQzgG>vUn*HI#1nDaeP!LHqaBtyL!I7y`?qsV9Q_qW+Sy}@irr$RsR?@)LtNKRN|$w
z_sh=vF!@Lm*kqKnrP8EjK;yhNm#jweQ-NFxL^slr(sb?$RbE(xKJPa9qk4ry4$5mR
z#P1$m$I_S2mO=);EecrDz1_Hkq^X4>g_^Z>IqHXEGR{6}V8G=g3rW_AxbcBDTv}Lo
zoEDazFDR;J=f=_<)o{W^1jEAXstz5=P+d?t%-L~)a=E2<=l0574c@zgsVStYTgn5b
zn+YZND8Cg@m78}YY(C?oTtbZUjpcl~0t=2`(j3KFW>uJmkU9#8G^}J%y^Q8`;VvC8
zY1Wxn3OJbB`I19A{ZX_wWbrE1qn#+om1LR@`ws&_dKnjEJmtLw`b9oo(XS@eV0EsX
zd^YYF|7I?_Hak8Ixo4O@%-K^dCV=ds?c8Ib>)d-}oo(SemS%@eI-M64D<&|uZJ(Oi
z7FsBUz0=V_c^ppgUJySFrDv9!`A|$DbuB-T9E8;Fkcb8RqlEE=+8+T$j|gv7v8i2e
zD4y4nD@T!>^zdbm()j?VQ*T@3T7jsU8S<X0t=8$TJkBlk{CrJDxx0Rkqgd+$`EUXm
z$JDL@Q_C6ZT(joLH)dhVi<h~q^ERS9U#e}a{$R#SL$K>PNR(q`K8d1MZt~W07$HMS
zhnRbGQ)QSSIa<RK%|PhUE1#n|eK1$%_7C-`M!JbGKc3Z8P%UpJeq+5EmysGpYigfA
z6nIHu2*GRmJba`{cJT~X@+wxHPj_cTf;NLO@6nz8=;(<w>vt_r`Q9rk*^D;#r~~!q
z!;L$fy>{-{_o|=Qd&NU>;Zx-V(*<1hOrp>>{B_eNRV6pVDc1jqrGLfpW@HyT3zGxo
zlFIf(`#NoTLyZh?r?|iU+7E%Ln;1k>TR0;`>w|Q=ep)8zAb*c#^xMf%6rX&sB-s9|
zX?kN?=2D8qua~A{V&^{l55Ks)h?bI~)ecK8e9}1YOEmF<yixi6{mxwhxzt-NCH~zu
z4@WL@Z0~p|Ml4@oS6vX{@*qv;wffjd2X(ye7&~SdQk#z;jATB)pQy1}HNv=`$Y?1H
z_qOFk3f&_5BZ@2J!9{UcP!bquKk5_VkrZ(LH+jp;+(?#h-@HE+bDxw{zz=(GEy!D5
zq@rb40}~dSoP2i30Yohl^u>u@wrawpj1vsd5+fMNLJ1vE8SmwZ%6XhaUgIhIHA4bQ
zPKkzGV>D6J>>X?#sNVMVks&q-FLUwf4|(!S17>osr7a(lh(-&puS*%LeN-|Yj)mc}
zHLiAe{d=v>87zE>CEKwkl@$nPfd(YNy7xAZ3af!_XQ${QDpTbCiogcO>6Eu6KRy=^
zPJnynyuEW@cO-DY>{EoO^R0x<hhE;b((<9_i*`0hWb!~ldPP|Rg6jn&gV?<`CW-Jk
z_J4%m{;9GIV<^e1SzadpsQ>vRtY*`9f<5IZQ?B>Tqc7i?v@giT*|Rdq;WdCV&QHtB
z!xSW5g-yNL@a5$;)|am~V`Eo{KYcdbTQFA3aB}?;%A{d4PpUEqy(L_;M@?8S*Hq>y
ze2H=638tsP=%cx#$7<BIk|x|#XxBSm?`I5o^?P_Go7`F0p!j&osi`S8ks55c-p*FU
zX-@<1<;nmV+c$TiDAn%+_0gk|EUQv2-Pq;L$6h&6;b*Fwq2_lJ3^%pZf0KXS2+bCe
z8l$kjccU$1FYobh1K-f-0QB^>)(?2Bh@*pk^vmmv%pu`KRn0@K1A66!<SUs5#^p@e
zdzF;sw&UOCo%6S&4$fRE38wI;nz3tGSu#LJLtl7BHt5_-Ni`5`IQRT>o*{#`cb;^C
z-h+`OsTV6BjJ&L${WWwks~{a#7)(U*)<$qHPkkX`AAjt3cYmQfA05$fH}mj|Zwh+x
z6h2YK-5>!Sw-Rd5NHqQ!VS27eO)utZNa5iHCI`|B)(Ty8L_eMOx}(0flnzSTwXCSO
zio2>5C02JfM;(fa638Ix&nLK*;nCgH34+rUX9h_o=Kt{T_RJF$wy1csLh&3l=|tT@
zt@uYx`2gsEXM#Y;kJ{jT@2Zo(Bg69Rt2^IbtA}N{)6Nd9NU$TBzvd;q?O)6_72$ZN
zo7%85=y5Gc6*Bp1>_D%qQAgCiW1esENB&QC>y(d+zxk22o(n^u!zc}4u*@%#8pzU<
zYS$T&$%Sms4O|HvTP*i4s1W4&`dsS86N9scU8Zxbar3?HQ#ltu@21ttTy(k>>+JC*
zVJ^<_$JOM;n>Tsr2iHj`!--BG9u%@rSm}HZOd%BC5W}R7e=i+0`2smD7P382)iV!q
zl_#5G21D%Ec${163In<%I#Y|jW){g#e<4nYR^s{eUTgZ)*u2m7_na4$d-LHwx5X<f
zt|Px3@b;vB+}PS5_6g(uMb6Qj;L&#PI%o}t1l}Ig)zcfA^URC*@%TS!;2_%z>bzIj
zjn;eC%?Y^ytkDdQKZ$Kkn(+s(kG<3xktm&WNqMkz)iT=B&9_xtM|XWKT)sZqeIs}}
ze(5$dQ{DkooIp3Cm$S1hsvg@pe!8VXmZ>CN$92TxSC?s#k)K-ix8&PQeCO9Y?Q8V>
zw|Yv85ut??a$Y`bw5M5WYnfsDdT~GP?Gh@)Bb%cv4GAq(gH*#RK*aZZkEm+v_4F7&
zlm_j7ifo&xoa;K(cSKaqDKA?ckl9wk+bsRRFpE`#q1Skv*vY?KiWie&ItO*@qht#A
zc_=c9p3w#A!P2lly&G2Ca$^?jDw#N<C>xeD^7f27v#vjwnBTnj>PljE5v|_+i!pt=
zM3YM8A$;<@+2R67`Ow{o`4|nq#vGRYeBmzQ;yW!7AXPAFdCT*BdvZ3G;!$(L-iSAa
z?nHhA>;o<PtSeR6BMKHtkJC{}Nnldg-CXXgz*T}AS&M>Bt<G||gF^O9=j$5cMsF)5
za_(+S0>Mqs0s9>=j69nC<HKLF0wWBhL+l#bj&Q9xK8L@{oiB5!9Y-+0DPbN))s>LS
zEfGlV6-Q@QM8a1WeY!gL#&(n)_Slj>wLkL?Z&I%w{QhdKBj+vp&~5)d_gfv6!SnzF
zh-2(@0SMx_YYEC$XY)q)-gQ7OcX<8SH$eK;{wPT0u1y<nf19w-d`SC#^DSdSbvtLI
zPlMmTLI|RjF#0sBH7{FSIit?}J=l4<c_*mngDLyd<ixoC*@pzfEn9Ww4y0LR0=Z|1
z12>XPq=z;01F`0qb;sTd+OL(49pXw?&!K|(NSl1)n3k8TeQrz5&q4-t2`Y6DZ_qC}
zRZR}`+#5^2y;yS9I^$lw!52ouZr<xJp-5Gh5%Sd~^0z|j=t)#LsYbFcR_JYX*K8_f
z1Zb?p(~rN(VRN_5{-lOeToZ=87vdfcqJ*GR*J|B#7XMatl9_vl8ujNhPwMYnq@<h(
z(Yl!vk@Pk}0<PRGsrmpaZFa>bi&%LnI?LSwgmzNyRGoWva*_rxNqVJ00-jrm>iXC<
z0Vz}jMI#Lq-X){5;a4-%vG)Yp`gz)Tkb6m3^coTvQLz~RY+Dc^Jc|}FFEX#W;s4e8
z(>Mca(xKqEt_0EyTodve0|o7^Z|;C~`45Y9*qRgU`k#YFx=U!F#PdzyYKTclF!Ia1
zpP~tLN_!9(1KQ`N_Y3Zw&sHV^kXCk@`rY3k)8UOW-skgZydeHNG=h0+N`bs@Gl|*X
zTG`{!v)sa|)GK+;pd4jX<>guQHAG;FMmWRebQE@6Pt#x^qOSG)+e^#c+91D=6JKr5
zNafzn7^HK9mzNe$6<+#KJhn1OI)wNHPq^NfMzJ;Uri|N=m=D5{RZkH8=>or*ON`O0
zR{wNq91!Bp{B3Eb=*R&Uh}3BR=y&{@`Z#dCBo{)%I~M2j%QWZwlZsWx4&)~()^nQG
zg0C?KxfSf8=?xEV#dpF3d^xwi>+;WYyc9beUrc(b5GS}ZF<dS~?_zZ7OJroj;ht7p
z`!)M`?8Me)^1@k^<Xy+E%N!+iMC%>Qr<eRUN{6`{Lb>6tc)X&!5KrYxT36jQH-k(a
zoj}VK!_?4B176EUzQ+eq0d5kk7G*q+z54IY;zv*GVeyyewi2nEHR8kToMYcS7>;yu
zreMk{0hOCqW8KeVO*>K_@q${8h9NjT7E@XT!F7{Rp5H(>i7S>m4IL8ZqkTB6PeZ`N
zL#g>7{HVF<F&iCu9u;0+uZCk8y!&t6VP_jp<l*KHdc*daYxzlFG_JS}I-(1*f}uQ;
z&U_Cxo|s*y<&<lU{@$I`Gaoi~lfJ*fW-V@>2QVFxiPOWjBoNr(CK1rIN0mCcf+7-P
zD)GZejp;Twe>4mJFJ0@(Name?%4~rL6mg#qvT7TNaPyWP+GOCz1It=aNZ`RwPt^)d
zO}zM@#zS8?e(`x?9<ji%y<okBq=;n>dHNaoASqC$d$G#}rcRGNWgrx6V}$qLX83|N
z{fNXxmRk*fbW&Kps=+?o0lQwT^n76j=B)|6rH-b0x{<YsnTh9uitLykXnC4`|6zvq
zh=7}Wi5PNa5pN|VvOj$v6SS|YcLkPA%#YFMVvS8Y+JnX4dypo6AA7Z<g)YhC*O$Iv
zd?%Ve)7tZVIeo>yOsAcw3rZBc${B86z%Rd)!*u?8@aPb|PB9_S$m=m5&)#*(sd@3$
z59eHddw^@s0r(Q7hyNInD9~mMJmng7{l*eySyb>niqyVx!^gy$xCU>C=UQ5WyB?@;
zo65eVX-egO*;i=>N?8oxyxkfW3?-C$4U(+ww)$mZ@=wH+LwJl{(f+AiCA%HnqQJ^_
zZ0Fe}0y~=|I1iHa+m}Fb^1Kf1oZO#PFg4y(dGEV{*;{P9qE;UsKZxi*YbcSe<PdxY
zutreCCIFWDH%?@w8?R|=Y6dkmN&9Ft<@{NH^me~BT!Z=x{Jvo=Cd<!TP~%PN8WWen
z-oM<D0OJ0~s)E4+P##r0AAaCp+i*VjK1djPHDcETyJ!M@f+HSCto@?7i!6s5BdHJB
z!qr2+0}}U`UOgiS<MwQ?1g}vvaRanrNI1@E>YIG+0mae|J~>pu`8utY6&Ji{`LmkK
zlOpBQtFN*>DbAQuu=1-4#hEIjnz3l}e~f!7a6OE4{}cBS5>ASaFt9jF%xC54=LJE!
zt1eb?OdQOD5r7xLfBG&lsy|af_m9_pd2$rYo?={~Fw-=+^e&FtG?|X@_GQ5TOL{a>
zmML0zsoJ2dUUDIxNgb`N9hu|jl@vFhpkHC|M-S2UjNJ82^ZDf)e0QBQ7%n_~#m2$;
z#<0tz!3dDb9era3;>@A)X`pzZ!ar%ACHy~dUo-Y<wtWBJP5iNFfirHyxozZ0-Hf>4
z0nhR;B1aQF%tv!9|MJ7BeFfjgUe(&0d5GV3-~&Shl%V$uhFONX$jsKqa6{UoRJeHe
zXdg!;ZczTKFy^2|MO2<QaL%V#i>_D)H0p7aG?A18%=<fX1!(?f*-d>%(75zBG}s8H
z>a@V?K)*LP^N9%Eub27Uk$mu}!h|eZ4x2!%U4QZXpJ0buE?bd^fL82uLDue~bqXf)
zrhOi6AR1gDkfY7!{uAww?CP!xe*U9-p3!@`ItU+R0gG_lagKwMZZHY;+w9NQnGtW_
ztCHPg+kOJ?&!a8sn$ny=#S^m(HOQJ1&S~gh22&0hr>yh(E3H&Bt{#o7fN2EK^V4MH
zh7}T%t=B8Os*|Uo0Yfh;M<92dbwZ-E>Tb2{aJ!@fKjFbj0z&Y6%(uWuBQf4~2^zd<
zy0=#o%Fjx?L^HJE29nf@bA8lBq-T~|Z5C@=pM(^6x!xYcly`YAv5-FU<C4$?%J0_p
z1AW~*MJ$mr0MPMz0SF@~D46mqj^=l+%4%y%M+|MNhwwP>!Ox_rF7zf7<y4*TY(e%n
zJ@eiw?}%f6R*4%ZAQz;l4gLE?&jsKKD|%u*f8P3YZsX}vH%njL9|J@oN=DSZxUqJH
zGex0R0)JWg<9rB=8xv~HSeu(#@iCfx*Kq#0L>l{tjrY6El_d)J+C?_}?F{s<hXYNc
zdcX^7-2V!3mCM&k`DLYuKJEN%-``U&$uk6RFHUi@68krC;JQH=J%a(RutFXFWjN56
zd=g;gpX*!$?+f0nigchOl#pe+md|J|U$EoqiHkqaruWTK{i=9I1!lPDfS8cPEm1MJ
z;hE}Z^kZ^(>Yx_1l5pR~7rX)e#p#_m2nZ<7gG*U&Oi+UCWtR5b3i%6irjA*ljzCUK
z+$&d?s1PM3a#q|zq0Iw(Ne+v6ExD6w`Kg<&EVl$GFDA4|%u)bZ`2B+cAVr6(I1neb
z&KdoCh>eS?NMeuV=bFLuzh(jch^WF}CUxaVe+8AfFF&T0GObcpp7xo5`93h32Bv&d
zV}v!p=v7Q^t>WWkLb%^W-aMPQPyE!ZA)IY7wW#y=#j>N@s^Z9=oD4wCW(d&djePGm
z0P*?Nv+q4~9VTxxY_nbh?+b!<!5<}%g&XgcJa_)B6>?V-JIuHyQh{b?i1HQN(ln#(
z6SlxybCWqv6dpE15HgY}x_)-0i#xm18_Ed^z#q!O2bSdJ2`_=l@g3h#Hq^yeOc!Vh
z{F(GP2+?4yL5pD|a)2KxO7&146nEypnF^h|8P{)=-9dy_tQvc;Kax#+GqIy~i&r@!
zimuJ{I^Eaw&BbqFY%@DX6=z6ZfIvQXlqmQgPX>?_hevq(>TzW&wFoyyw3<n*J;{Zi
zZ)}$8G?a}iU+G=3dUD37c)U6Eu~Qp9mIFs6+u{#<M^bR<Xw0Ik<F2~9pq-dI#^CWE
zBTU5h^;{FVI5WrW^)J0XAc_DR=)a)&I5Rdhwbmvg7T(Z)z;OAGPHg}DDf=gZ;UvFb
zTe65jifw3{(bwX)r~oV72)9_-dYGB2k(tMXTbqTr(sQof&LDl?PO#fQ)mw|G%_lK$
z`1D`}>K+@)Gx&SXsUAcrC!A=yMku+zh9YH^yx1eLO1cQ9N}8cZ?`A($dieVtlk>zQ
z`;uj4CXYw>b|fH2yOxGN8gaZ*F4qHQ9M}J=A3BwV&!h2KZUF1M40nHf<}bDPDh`xc
z;H70@DRGdzpP3m4-s8^B&c@^9<SZyIUN@lgNXK9Nuj3#f*c%{yrVZwT{?VG^%vKD-
zSnn#~2zY6An$Np!-ZBL<63+?TDbG3Fi@}O2DyX{;NwqD_erg16;S0O{Kt9dOD;i<c
z0i&Uce@;YE-ZoK?_C8CSf7PsIg8mW!)>WX`9~ZyBIq?G%1NbsBGG!5NwvS3dK*+ql
zX%ySsjcSU;XHan~w}Z1UzAEGZNrJ1nik=YR3miNimy1>B;$$rjqCcbSWhQU%k(rW)
zsgEC2YW@8AGey8MN;j=+^|&Fa3Jjd%y)*}*lN=~;@SI?enyXI7JS!nSuJPWR5IBPT
zS^d?i`H6h=y{|~y$(BgHI*;qZsE_X>0B<d_hLGS@b+4e97}Dv{!r@A5bMUV8<&$Y`
z8-*-yD5sQ^)I|{&>0xAHW22EbMM@gCtrfi}H1~0~nF{FQm=iuX%P#|e*8u#%0n(tL
zAcB7$-lia!4(O~&eP9*#t0oL%b(}6V%@b}tsT-8S$Bk8UW!d66<vsoR4aL|4$=&C-
zpx~Oo;*Z=No)1fB27Z_;OC@M~b>><ccl$6mxUq{JL@h_<w%^KlEaY>E&E0Ca%4%=b
zDR8EZ-{4HXdqX}XUZG%^QRrRX;@hKX#wfy=cNaG6ib%e3djFlWvo6pmEC6o{hD>cx
z(%ovRX)v-%tFB2ZR>q66VccZojA=+bXDVD{1~mVV#w8?aW2vZ$7hlB<k#QgA0`JoY
z$=;c~)*0`lI2oJjKR;omY^PM0#{ymss;NK&Ws~{Oh^^tHKYW!(ax?CI7?N2-X_kwf
z(fDIry+cDbo-Y~x`tumq2$D)VnxE?H|Bk$;pc<~G_UzIh@u3Q#_fg5ZNfTcHDY}yT
zAf3ARNnlRT&E^DJ#AC<2KypHu6VKb4!a5Ba%Db5IrxcTv@O)z!(_8Xs+_+;!?I`58
z-L7?g`WWo!)taU*{Coa|?ry94HwhQcyR6k(r&L5g76yxSpC4+>ksZE$sg4q)o9rDX
zE;@Zz`P$56LV&L_vM8LMyi+uGQ`XS<>d`xf6W?%z)_yORdsEwJHucS9m_||1f@F&}
zXz#Ar<;c{68!vTXp#>Vk1dpOfIMM64sGT20bAe`-_MDC~Xq7fyAh@`%_4Di<6DF=+
z9Xv#)Z&+b<)GE+`z~(<a$wj`NKKzqP`c1f5nU~I!oYv)|*Bc&DyR50?UJ>t7@NGEe
z%b=7jK~|s-P7&{m-8kv!&uNczJo;nM=wnCS*3q#24keC)<o{vsFT<+twmwi;LIvp(
z5RmSYkd#mw7Tq1vg0yrgNJ@8imr8d^NH<7{bV@h8bHTlzz1jOZ?{%H;=i}|on*TXR
z%@MybCiWzf71k|1_A9ABUuAm{+)I%J+6f^|s~FuY|4x5k6M%M>3T8q{F=|>hWx<Sl
zx5WNq|JhtG`iGSkj2&xH$uvbM*t~}U=s4&LJsU}ym1A@tuGuo**6|c|t%Z2FYk2CF
z*%7o3Lj^XEd|@qC(m|tJgJwbNmMFBVA&;d%V~x-Mpm?Vp^8XtVIontU{C?mGkwKSP
zR1ge;4dFila9~1*%6Qo4bWr~&0zsaD6E{;K31<v1J#~sO^&6`Xc05a26Joppufy9i
zr2dxuK^vp*U^~0F#Brqg8tZaLoZ(+sE!T3*()Z$#|H1UmWc8Ut<(^Bod5Af>-wH!2
z%WLx?q5BSgj+THZXi~0y3Jr}Sjg4BUd7ucy_1aRg4@~z(AOBYL2dlj@b?IKtxpT}*
z-K|i6*rH!WyO4M1uA<HsgS14Vl>dw0tG++yEI0s83L2a-VEJ96)@wAe*@o~l*QbJb
z+YLsnNy)_nZR*VvLgs}vyMY%Sxq$%o6xn=CgwwNvIpr&8mW3eyNGNe<V%hJ%F~3T&
zvxd2VBJN0B=h+JLJX^^+ciTBUH!Rb|w*DsQ@tP<CILZHD_~6=X+W(Ez$)Tg78|=<(
zUWBr^S_Vp$l6Ux0IbNIacU0lzV2FpU#Sl+P@r~Zx*AEEvWgN~*^r$HyzYoY$9xKy=
z!ZBoUpi-+y(AG+m7I7!|l5id7G-)FD!y1jPkD9+MX!sGNLh%0qcT`pSMnf$tS2UEe
zvda7*43GtC1WdtxySz~%&4Tg$+i+&)*|sY2y(@9s(Vq`UnLRC3%Cs}e6l?DUfB1^L
z6;&ba=s)tJfkfxR{!b80ulg>Rx*ry)0B7poT@#t9a9_9&fyVPgZ9zWT!{gRpcND4L
z4$$|c9sGD}?IBaXsmG(~y%Zd=FP^P0(Rmlp`2<PRxlq9e%8j7}?6s5>1S~_Xv}q*t
zOuv-y1t2hJ7<Xq1^EPCoSwOvwf!jG&p`!myi11lk+w2f>Y0=2P+bMD;WoGfVd{^zA
zm%F}?VE+Z`2L$H*z$ELFB(*yWCyV>AUg=&{`#HyENoVuD1ia(RPe;(rK(`_x4#W6_
z>wE?TDmJ52ARs0AFX*itrj<j^|3GhVTUWk87f^oBRG8_dct?~ZR%FollfwMpRo7bL
z*l6dOys3W`SJkLcuZWypnjrJN51u3e?RZdu<H^yVuxGdx{Omt|pR_Z*utCiDFhbbB
zhY4PiT*RLh58=-`>{BGNe;{nQyNX9U7#r)1$8pDF6BC)PCp%sJ{XZ5vf>`uh;j=9(
zDk}WHeCbFR^7{*5*KgbXF`kbYbAbKb+8){U$G={CS0daVzCt81HQVbm{65k~6#741
z8a>QQ&z?2r<fz<-x%N4<5TWQax^YKDL|BijoBRf2s+8y8z|^ZRm}#{iwgYGD9NXsS
z=ZU1>CS(6Kz2%Yp>Lk~bB*8l#g+6^~PZRcv4~c$axeXHsNi$2rkMFRA>Fi!8vb#}F
z)KC$~*3kdz0J5~QvKT4L-|})o>yyXTx&F@>Mkg@iX|EX$ZBm}jD&6b)Ayhm)Nsr}1
z@9e3I8{H&zDbD?bbOox*cJ;k{+2OQw?%})t_sH%6+)_-A1}U0Y1pbp5J4uqw(fr8$
zgLpO*ThX7inQd=gDMLA$GR+KHVX5yd^WuRB3=zV;{*v5J&%Yv3W8KS(Ab-_B58D-|
zq@Y*;kZwFKYmzz78+S_N?CfmXU1>@xs*I8nR4~P=tv{J}4-8P!8_trD{2P(lu%45M
zj*IIDaL%Z@?ngKt7u%e@aV&7MulC>@Xwx*IeAoc+!jXzQYg9sv_CaR%f9=4aYwT2$
zG0fK}#(UjUuM^+Gr#P?RLz1}U&$Kg#@_Je0AymDIoM?)<GRhyrk;QFC0!L&8h@73B
z!Q33Dy$)O!*JF#|XD^=wJ!O0o&!wk+t;|Fe^<BH3CQbErGh@D2!&P^iX-q{smdS-x
z=N`jjGs5+lR`g?yoYZ>bCcgy0wYQOq5{Trn(+i*p+Xn2#)Atjjqco)XV0aN4-yynT
zb;N|W<E$?j*i^N4xSpFDh{BB0!>fXVg3|M?@h4Lqa@Cv*{f|&$=Ii>8o_Z~hAx*a)
zK`F9pj>+8}&L=>$mAC^BZ8*4x(5>Ah=QT|A3XS7Kylps$v=vqM4`20{=!SuNq&Jcy
zEoSM*WRj%gexwX0!J**lIQ^Diz}2?L;Bnk3+JdF2lAABn|Fr+k8RZ!}!fwM!iaT6;
z9Zebxlmg~yL7=lH<R9@65`p=Gkkvo%qqSFyz5Pe}Tzi|=OIC{l&XIe@Yi#qR{E6lh
zMd&=PrS8b^@Nn;_DD3R+{fT|;0$RnKh2pBYR_GA0cpChoN~`%0B&O;IAQsBQWb^)i
zB>m(6st%*Nv@_+AqTegPW~b@60Hiq>xCUU~CW1_GguEY$Y@2t*h~2X+(wV9hV(TvX
zF1Eh+a4Q4AxhhBM>E*#dbRW&qs*}86=`FnrkuI{W?&$3<K)jXw`PMn+0%<g8N(=BC
z|Jv@Sv5BMEMXOvA@vdKV;->Yk-I!mHu8Z!AohBx9*`f-)mBgoY1w^(I59U%V+6z<1
z^hXaoqun!F$7NX-W15JsWF+U(McwLW13Pt!UrQ)wYHyo1b`Mmot5$xF2~t0@ezCLR
zc-c}7#pbp8Rm4@5IH3MstjHc7!*~%?naWYwo6f;&|NZ~k;$m0q+tOg>I5Vdd;v#Z*
zKWxd(WuEWU?V@91egu})pg)Pbr<Cz2QjTnDh{NVMEt?Vs28QII3mC+Oj)Sv27zTQN
zoo;Um&5^3%VTI*X@*3J;x6~o^UDBQ}21^2ko|k)mwp@;yC0$+OhigMZ+(A2Co6t#f
zpl2ntr$;iop>G1rcJqhMhB}-7@r59IzVZ5e6N*YnEz>yTK65VCvc(<Id|&erOv~zN
zLR$W2diGeVzj3K9e}Dhz>Of$yza$N3nHze`Rlvp*r+X#9{_-dh1b*g}?;?^jaH<xK
zoK$uC^d+w^wk`vfPr0ksbuD&~6<zlUtkbe!a?o{?>@-H2^yW`n19@?$o7(AkW*(oF
zetrwU&=fK>R^jE`kZneb=Ee*vzvJ{qF5Z%SlpFCv01uu>wdHz61$kMe<nsvuxPJde
z{^V}K2>@ryDHVE)YLZvlE=wAzLb%y3TOJeBur>Bq6QU@xE_Ht~+o?b3Z|mch2Y3YS
z9xu{Ry)f?=TJ=o~j<A+Gj~M2Qqw0L$|Ek=!R^QL_C5MY=JKySI1yj-XwfMPt!L-H`
z-Ui8<KLwX?McGoZJPljpPuHNn<(P(<M+hv_y~d6_9$lxzwy3SS$Mfne)-sBEHYRbk
zo@Os~&Q+6#Lw+$KHBXCu$*X{Esfx~M>F>_3^vQ=p`>xNY+sLoS>gBXtVu*)3kY|xu
z6denG{sBYFKGD-f$&FR1BCvK);jqYe4zwm0SY3khbeb;I0#u5Mrd&{&crC+BdtUsS
zFLOKFAD{WqGr;vMX9;<<M7u5uu0iPLa@R^qzlSa)+dm{kWv(=eZIWK4NbUmy-+n|o
z<WcC8y<IKYCd06B-ni$k0Hmii_4qTb>c%&VCr;sl`-cogTCr$SN(>g^RLZV%ggK~D
z>=}w#XaKAc0II6<2643|u>!;Iky>lCFRjbUVF*M{6Dn&TDSNJj^e<k=Qo;Y(x4Yci
zY<yIIBS610XT(+CJ23G$?o~C>PD26F;`GI$A0feWP4!#Q3qL3G0Te`m=PtMJGE(BZ
zEf$jwKz!8i#3n)-Pv5HJeelPx%r7)ATbLu6Ik2F-zA&8BpO6gqd$UW!*I(moya6T=
zn%bj3e?E#DsT#OHSKM(CO2G2B^??>&CME#TnB|zy?^_R16AK5M(w$5id6;yZFUGU9
zoVs!fC?S<{Hs%QhB3M#u*sk^XHJ4`Leg61r#{C^~Os|Z+kun2l?Hdg9Dr}2Feq|ew
znv^`<;96y?_1eRu(H7pjeu+2GR$?1EH7@n%_t};HWLGEWB#TsJUE6W7ehO{3y^fw5
z>wWYc0I``d6z#|B?lVkaRzF^j)eSj3Jp3an{LlQ!gVm*yWYB<?wI2_F23kFiZ77^H
zZ1P~DToq>hc&V<ZQhYIx?YQpaBK7a0>Iw{K&tg3V47<>?UvaxqqhWc1;gA@3c>cfJ
z{OF(eNs%wtB}>IHyq1^8D5>9<T%KTE>z3+2d<AtpYC!jy${gG_7<ReOR`V_&`BQ1b
zaRO@{)x}{OngE#F`Mep7e=Ks7IhJ;TPDE2xJaew;m2Fg|i@ogrL$-9Ptg8BF`dz7V
z&lA-5JPAVA9tZN+X#A%ntZZ!2gS4UXT>B9O54zbdpAit)bW_IC{A7Smu<O+V!zE+G
z{*Zktcx5p=AX3WHbqxGSJ7Y<qn~1lHN7OH@B$#rH4O`HO9|z^H>w1~%0+`ed>$|_B
zc_bDCmFcpQ9X9&r&Cb`S6IhGxm@N7fLJFZJ9$Zoko)?C$d?iw)K5oS8s{orsY4Z)4
z`_m|Ii|nP;6Tdd4bD~EO;`h+j1q<BQ=4;t7dAQsg8DjKdii3j&anI=H>dteWb_+5d
zA=G`x&NUaai=(4?=R?~3Sak34`v&Uh%oF@;r{xyCrJ%vM@+=L+kDWS<zO(?|!H;vb
z<NlfW98%Ie&Y+ptrgR}kY{-Zxl-7iHeda(^+j;&wV#h<RI{j&=zhldc1AZWqUiXyW
zKRNiigccVNQA1-Ispb6IuV6-@(FpF@Lw7L!v?tch*}g^KdJk<`1>fm*Na%|hw}U>X
zi|wlDPZdUa;osH1x$iGn;^!H9MYQ|@(;`bT>ka>!0!+vC)k4ds=rB^DE-)W7I+@$^
ze4RQw=`HhFw)S&h5}`oQK<J$T9Dl~o`C#-aO(!K-ms1km6qV4nviQv0GR|c^JNEBd
zW+)wij|7s#`5_Cl;`My^NkV!-<|+G}j>!>^h}$;H_HQ*ibY|;b4}B>O73)@)9>p)p
zpOLBBl@{@s!An=)q`A4ddm@DKb9#RMj83DPKYD_Mr1&uj*~T_!?P9m7(+3eN3cnDb
z>_B&6R&YFnYDlJAmHBv)dd~_UE5gqc`DHbL6_7XU1f5#Z)=;R84uEq{wYxU%&sNy=
zbBiJNej6BeovF5wOtT$ZhFa+5f^hvBY_5R&Z4K`$%uyBLOjHe;&tRNP^>~rvbt&IS
zHOmvoxv_A<yAK?9{sVh_ZQwhJijjh8;AXS;7H5sj*k{QY>jq0-=rfD+6)zvWYRYD*
zPd<f>?o<K-rJ)0~!-0j@{-(lP&BgNtYez(*je(i&LGNhE70RUUjF&iuVLxxfdVSWa
zKwifUV`)qNG^tQjQhdaOdq!_`#*PMy^Jt8bM<=R(65lgQj#agz)SPTT%j9@TA_F<&
zwFJ(Czql<2p+>*`aoE&t-u8r1b5vWe;@pec9XWg*K;-`(nloF@Phe{DnV6UmdcQzY
zIytG<HUG{-SM)P2cOB_`wt3@HtUEqC@HQV(Lb}y6JD<Bk&b}t$aBr87kO&3LSmba+
zx^0({zaXRUCo`xwUZx@|G6JZg<a=~dp*RNB{$@g6Hp*X2Kcm^`_MINqFvxvo!Y6rO
zw_VvLQpEx3_9Bgi?cwi{dY^(pOkCRQ(jAXC6-o}5hD-zC+xUxy3t?<r`=0v|meSJF
z%En(ysu!PRL-2){DNQ_T9X4}(h|ZkB1XR=T?>74`AW(~D{r>G6>c9iO{Vwtz3q=5B
zO6cL}Iqu#J;oT7gV^<Y^WXI|hSgetMN~ph1ZD8{bEvUUdWxg;ZO$>v_%1nP`j>9ne
z@Mc(n;XMv+xeC1q10J?%MfGbrIT+GvL2WO|v_O9;#>F?9I1G~VK^oSo2thxxd?*Zc
zsV;6(2p$WGcR`F-`drzXF3!sJ_U9T_JqDH=&ic4dW`L~|6hlwOP{bsSTubz)5i7{<
zRX@k%tsk4wKEYO;+ef~j^kzb^m{Rc$VEd4fMXIH|rbs5~j<m8lE)TK%HTIFuGi0QL
zxYA=PSR%8jbVc<m2kO`G*W!&On3T%f#Mi_r*a3-ArwMs<M*(@Yo00@O9^)Z3o|f~f
z>>|o=S~&%<fpN9F4|(@vJX6glZ02^|raoePFF*^(4{5@(Dc@-jojDff+lY!;??$CX
zCpD1Vk&>_EF$|<P=#lp#LwL=_&4(9ZUcHxjjF9C2TD4<zq(E|^nyCQ3=hc96{>Q{d
zDV)P~4Y_ryuaA)inKLj7Z6E0`{dG!BXls%1f)A!%*zxPhRA&fBm)J`b@Z`_(`ot~)
zb1~6$ovk>Om5}I9iy?x!ZNnbWS`Q}u@_eK`?$&vJ*1TgHVL-L+I;`4h?tw)G8El0J
zE2&<6D6hzji&*=DfD^DIUY_&zr2vK+8O5CYi8iB*a8?(-y$J{*^=W<k18Kj$&JY~l
z1u?8cxZmZa8>5o&q<9pB4)Mc#vW=w~-hiI&)8xe7Rp0_o&_;$($(J;`Uu+!m0zUn&
z1(EJyDP@CfhCZ1Vp|r5Nii%3Cfn=b4SB+Z;)ev=nK|mZPaaTjc2O4Pwd~z}}`}VK7
zT~S$NfwQd>Llmsk@?HD;wzE~733Zz(20a8i`l%Fy0fKXlJdlJMq|_}lVWW(5s$8J}
zW!<(7nw;zFd1FTZ745e|HPeX{;iO{h+4L9(qkZytHwV@b6*D^l9wy;k`h=@sqJwDb
zh+{up(S`6LamJi1VhnBt>D@}1e9N&T%UVetRo5JzgZ1tZ&Zsq;t@vkd2PeuGS{RB%
zClC>_2OWifFtV=+*^8fGzO?ht4|%g@>Y78*@VC~k^<^xYW7RI2T{+r*!k$31i)lhm
zWB3<(`sOg0-;zow!p5SmsILeR!@O>=tWSiNhY$jq*R=9lY_33OcX1|d2%jRRzD>DE
z(9`vUSz%Lu_x;zJ#}ix$!g|8J;<ajGER@7+luyVFMCjHfuqE2%Rf_===cR<jjvb)!
zoJKXbWM)wHT7ll@%-*`U17Y6{B#&Js3g+4auxzHya@P@(5Qs1oBP5-cqg6K=^pg{_
z4!YG?IWb(5HC4f%3Q7c~3a1+)(}t1K+7DAO%C-jzXAnwf2$NOU20}pC?l9Tpd6WK*
zH;`7sF{*2^E1djjm(oGDJ?gZY(?GHx2Ae73n{zKqr_(ZV`Yp%k-|Od649cWcmONCS
zsw>mC!#6+ANtfp9>K*3^%BP8Lq#nx0R))Mu5Q1204?Z?Y#m>l-lcljSRD4}=Im30R
zNZC1{VCLTT$j4wEB|K~`=CZ2m6X))i7H*;GkxME*mE0g!_NsDH<?PC_LYfiTQU0t#
zF`u^=bH>`|Gx#iHkwgmOe@qR`=e<>stM}Hjhj?+*PA|jNv@_h7l3z~li+q<ciDD}^
zOr6TyxXcgE(j#(+bbqUjlU9B84Pi!r6w_lWkK<oh0HTXzXJ;R#x|D+qqQ`~O6giEW
zX|Fdld*X&+gYl#NaSHZzA@;7dl(+oFyyb6KSL3rYL56i5pchCIXat<^lbB*i3?%u3
zo6a{1{Yt_=qJNv0P&jMn=iZf87|fEOtOX;GwY6RczOlzv{N^V~#uDLi0#s|$op-jP
zAD9%r^{mKpx$s3KvK(P_|6;N?6tyd+WTwIh68ZMDJtTeVEDk-ixu&nl-^eBS(@1DW
z35fV~IjfVwQnHduA1ih9vtq=Oy)aCTLU?7yDi&b4J^57#*C#AWq?4aKAg!Bp39})R
zM#+SQ(lzzD%Ni*Wie1tPg=<U<llI29xCnP^vQ|PnOxGoo{;ad^`jW<T^W>G)$xl=m
zZ@`bI_f+g0XB8pNKiRf87Z44Zr-M3b&P=7Hh3qn%(WJH+a@uV;lW;=>WX(dwx!On1
z1W-HPId+<2lwS*cF=tlHlktu`tUA~!ejS0SOjbe`)#akQofzRRs$lp!;m_clYiVV^
zxfe%6>BekwpN6=E%_Ht63E@CCg92(^9+iVlym-t#)pMo#N?FwT<ji3V-m0B~GYS1K
zilbW0atChOeU35Ha1N={aFiWfbBYIC+wF1<ehf;|RrD;BA`Hiu+$!3cbn=!Ka<t*3
z)z)!zYw71ax<_U!Pc>8m7g}K<1CnC>!6i*&FTY=ve}NYVov%9{d0X!(rf?}}Jt7P~
zfZ&1fL%cs0_n=Babuw_3YBLfMsHUVSVMP?Kh0Bsara=QDVZR8*NRPt)0kZ_gFwkf}
zk_;vE`yB^XhfBH!;WG0d{%)iv;0>a!5&aR<ATTTpkr0LquVmTRZbfcP3g?N}Ci~Nv
z0ka%XCNT=}$;#>rco1$cia|oQL@2^8JSt8ht|s9lvBC(eknsWYH5OF}EOx6<pqamE
z1fRTu*PG)+iBXA+SFL&9<07z|uw=MiBgtYEe7lkKiOs^QeHM>7FK#HG;X-C?lo}(9
zBLYDo=D$R^{6;LPKrg~BF@z%VHLB((p@@<MHUyp=NsjAgH%>LeYZ;M2SJ8jnZmf!z
zwmWb4*ZkqZx+Fxx+h;(D-8hVHbsJrgHC&eth9rB4GP^WOA-m39^_jNh7b$|`3^_;o
z7K%5Ug|Ny;GRjwpg$j>|3?#`o9j|+G6yYwY;r~QhX^cKEbg{UsZm6%mWp*u=qHSuF
zQIm5piZmV1ht?(XOvTxN{8%u`ts7roZC?`Zy}WA`#Syck20PQaMBH@ZSi#82N@&n4
zb2EF4w`hgKYh?B2Tb8GZ1sjgJbo9G=Cda;*>b1nhB9F@qWvFt3t>*1}MPVrxbm8kM
zbCy0;xY5M0u90c+a7;;&(|VAp2y;o$#ks}Brb<PLW(X=w$tFxv8&y*B$&hhi?u9i4
z#jS57(PBLNCLraLkg4`Y_4%eGq}$<}r&RkFf7-J_X0lcA>VQB7QobSe@}!89IQ&m_
z7D_UCpO0Iy5p<t`2hW2dyTTNXH)TRa>lDF3jX{pV%NpX38o<$g)GFi?w<V7`M7an_
zxYRzkjS|Ie8UM=e(#bARqqDL?^Mwh6O~N6n9HQD0HAy*!C(<mTk-n9Qsn1{*6oQ~B
z=9S24H6AW;mW=S4+Y_>79VHq|gDaJJF=6-lJE`}3M2ktK!0wH~+37MoWvw^vlZT7(
z2=;J@r#@biya9Y_{%bkUUU|$5YPpp-lb7)SZhI}!ya**zQU{rt2PTTGQr@Op>g36k
zNvebTTzw&nuzvtvL>EFL3p_;+^a2s`Wf3Nnkj&WXwpChV`+>PCX5%=^);HihULOHp
zOHp<;Vs1!_QK725T_i3?RuB}~9uNY58R#{gi>|BV57O%@OoaaWpDs?v4!Q6#5tN`>
zXdj!H+a8sL(*yH8f{J?Gz_t<xd@n2Q2YqRM#>oeX^K{{HL$qlyZr(H)rU9>G)<KqK
z3~8<27v4uu{woi!L_l6Kulck{6wkxtFYvH|UgynZ8RqSScuNIjIJ6SxfAFAI-3YPz
zB7Jx^;3rI_!pcne_(Y9>L|tS#$JD%CIaR)sg3s$fg|76<h^L*#$S@c(3NPL~aqLo8
zkMN*zU0!ly`p)4v!PgO`&L>p|k=C2udR3&O3h$~wr-6wnZAt%y9L5R@ftLAGaW(pc
zPRd84gI|R*U&9|Ds)c&h5z`fOzSV%hZoBRoma1A2bSPPMpPlmOJCP?IPX<$4&zLc1
zW-Y5th6)Uwws4an#>IJUC(f?n?hCkG=wBGya15Y_jZ$+@Mty;=mu{X#i=L|ty^8eW
zM5wOYq0OoPjRSXXKe6{HZf!#71?$+(oRqR}U93`e-OltxM{!qm`X*cQQc7Z{@Pce4
zS$L*ow26SbVZLq64|&VK?X=31idh@Qb%Tpa4vyTv3KsMTLh2g7{p5{>1dsZm=r)z3
z7IM6NBQv2O5;<C>B>2vcxj;r`6{77T$~Aoc==Z^;%BwwNxD6#Udk*DyzTvc`OmO_W
z4S})AjwH<$D`(3KG%Ss7XSM^5b0VSo`ue9JMs{HsCJm1pA6H2Z#9ixya?@xCXQ|{5
zBafwGd>@};v#jisj*ojB+p&{fB*@&P@Lvjg&Mus{v-^WaVQN+R<$e{<_mbqiucd)i
zO(FU$!px!fiSEcF`uxJKN~G{0Z8W9Y$YJ_8$OAJFcgKIoM1nhk@Y?l!dkhS{m?-n4
znPD?RFz4SzY3Y594O8-RfcX=st!W3vATieu9wgV1<`~LGCP`EJ^1wFKKq<^n`*Fsh
zUL@C2^1FIp=`5p(@#h7BlM`-p?7Z)AeIz+Nzec0urW;;86%a=pA1dVhz^>mhYO0mi
zKjWh34!7e}Fc-BsTqycAAyswn!%otGtB}p(Lp`l`<Bm<=!)XKacip#lYIEbhtu+xi
z5?KwIB~EV%3YZk|vQXxGIqDiIK7Qbrrb480vCEubb5Ov;SW9TIF;Mz4!_xp=G=(sb
z8A-!t6U)KL$|UI6ag|*_V%BxdQNCKw6fZ+rZmUl=Vb5=dXG>MStiSke!hEvq#Gev+
z%QXT5pWHd~_Cw{PFkYUVvuKqHqL@mW@Pb0(B9T73y*!221?_t{rt<Nhagk9v1XkM@
zzJw;&TsOST(TRQjGGrCvjGg;EdCz&5fmUag3C2_R9VTgnX)s{{z27AWKjNVeH}F4}
zm_FYAb@aP_-=xXo>afB#ucRFAG3weu>73hvbn-J!<6b;>y)tPcKil$o=~RBA4@VE9
z$ophbm!b=NZT+{sVBoAl$>}#pmyEtOG%?AntW-HU0g1GAIv-oFV#2gv%8_j@V8&Cy
zz;ML(<SgV%Fbc?>1}yL}=IfH++~A;G@N+&5RiUUh8>3z@hDcaUY_l!OsHnznbur!~
zW$5u$pymF&s+Ns!-OrxGlR7B7A-jtuC_tf}CRbAS>NMt{kF2hca#7+RxnF3u8q4BM
zMaMmJvUtJo%B7Nf-H=1Z(|LsQ1E22WQO|{RwY~l}DGTLA<Z(fHjTN~0>^}RnmK>8M
zANtXCr4;rXY;2#goW^5n4~s<(YsMzy=L|p5{CiMWaKuHFC<J*~xVhw*x>~hh|FW@M
zxA3qHcg~Ur0=d!-$o<9i{r9*OdD;3O<6e&(os(GsQt?n_ttqBS;i$g4AD_i;=DZSB
z9*G*#eX|$P2tw8CPJ%%2OG9Aw*n%IVo_tP6J@vkHFAlKA^gaY{`<Q*DpsdHj#5}AK
zCnI@;^2~?ZZe{HtA38(`lJW{al>eN@<7!j)4?s7z{Of@vfI8O*?oD_p6;zseRRW@y
z3!`9wsN3YvE(=a-E4TS0dbwpHFk)a1-k7MqI{sB59`QY4>4faF$K@Yl;;;PKc<S2P
zM9`Oq7+aTK6@vmcG0)`b<lE3OSV?$gGc($fhGUHx>oydZ%l`0uP@2)wr8bakUoKEC
zEVGzmW#qYPD6hW_O)^4dZZ$=-XKPEu^(z-AadEzxsf<!?;<+=ptiN#4!bggVt*s4>
zSaB|P;*)9+F2|NHo^~tywU4%Ja1f>{2TVWG8!M-Q5E6x4C_kA+j(#&C525UM_<J^q
z-)Zx^ad5)ya}1ZAaZ|0AWXOM>PAtZIayroFEcxYLe|?tfHuCXI5`H$neejL)p+O9t
z%TUb&5mhq}BHrXIi=WBQe9g1d`}<2;O$zXQ1*!(WDZt}C)pJqdu{B2iyPBWy;l0~j
z;`mDslenhRml(8|(axY`X>U&}AV56tcJPJ&mt=+jnTD_$_p}fipAVRT_LSJ;lvGCG
z%AV0_$z(XI>r>WfvfF;Q*p)U2E8l>!jHRFQ+Z1*)%z}b~zpY5jrY!%wGjuR`T`@YU
zL^QVHc03NosRb&^^5KBmu^-vH(#CT-rkW*8#vG7@cEFY-Q?_*~DF=0JnO_V7y9_zt
z1*<3ATa#a_q<nNmMISwR@`Qxr)b2J$P`7ue-gF9*`DJT7F<wDJ?~2P|!6YO-&tBfq
zq5dAV|JjUoLMnFt>GnVyi-jP9j11b42qEFv5uurfr@I)AhupgTFd+`C?)*?N(#kj?
zRgP#fW}p^jWv%&1gI=fh0HF@XAVz!ycJo{6O4Wlpo%XPeKeDA9dgr<u+L(&0erV6b
z-1Up6IV2<wC!S_CehH>!Y>tx;P)kQ$`VwH=L9Kh1FyN{ij#h7T1tk7Kgt)Y!Aq7+2
z7OR$Z%foX|vLa#odhjC7xns!q<fQ-UsT20or;E&<XF(ww$oQ<nNT@Y8;FYnF*yr1h
zL>*DW^)fu`6bx!*3xjyzQKr#w%CFMx(5g{+nk{<`KQ;9#0t=-){rUyS1Mt~fg12Zw
z%0X%*oEoDXI(UuP^YZKUd<>)J3;k9frj96kGBa<57eehb&^MSms5+De24Dj7Q}E;W
zpLlvM#ADVHh%Rpzwq?cF{q0T>RiY}ea#9NU)>Ki_K3bFedGV<3?V(4`%oh~E8IfHH
zo`ksC)AASfwkGU4zvhCGR*9H$L}~Pom!##L%rvo5E+>A27h-Btgj0AbOC&R;49$#~
zJ4T7#l9#PbizhkCqHq+j3pQEM8BvrJJrH{2^H#ZE(9qbPQRm8bhbkF6^@PeHm^c9k
z;hpsGIK?@|MX<0bbROCHZp1Jy7S<>5QkeawdVoQ(Zj(;#a(4=q1fu<x$;OT&UjQwJ
z0c(zM0yG8^&(H_|{Z&ZefyiI3gsnbI78(P|3<>CHKLrJaa&#;k%AwMy6(<#iT~S*%
zwFmvY(09uiF)7DnGi<OG`EG=A<2K@fZ-L<RIEA*Q&TKTs5+{!9Ew$vcR(S`=Go||3
zzUO^*t{@N69~QAT!iWi@5T3>&Nz+i^qX5ETU*ciq1l@*VG5Q=~(#?8n?E<%zgtn1O
z%(ox^HU=Vd`^5BKPZUI*ty32aFYj_}TuG;3D$3SR`3Hnn#ELqW+dKSFYO2<AJF^VB
zNoE-v^_l$ia1D1TPk59hnDDt(N(atD%wK2X1*GQY^@|IQNOwVCyy`<_BqB`*LAPmz
zSGZ}|R<;W$lA>Y6!Xis=OmSJwz0#(6<MSEYIP5rA;7VdQb-K!GUfvT}p*{d7A$I%Q
zqVH!N<WEmeKXQ=?(pL)227eb?TtcI={(xm82=^HcBqdX1<5@+-#t2<g3}vHFtLbm^
z2Z9Qy9Xe)Y86fG)6-Y~ceI*a!hUpHDJ-vV%2=3)G8<{>5iQ}L~lm3dBC#8_lgQfxK
z_JsSDlXe!r)kbou(lW2IH?yenLgX9N?g{1R(`=L@H<H=C?wQ95$)$A5WBCn=aJecO
zWktomV6ivn-n|jABq&j)^~p9L7+Xjz4B<M+=M1NvT0Po*=>FHzjNn^zoMzqf1;V6&
zN#|O`S_quSRkNkb6ZwvZ2!(W=!!_}EoE#mxIm?^}3kP#nT4v_~r+|ojiUb@M%~-Op
z(no$jcV5DHb#r+DB9JDT0IYO&@Klrb<?m$2xgi5#;qeY!-J(o(GA8hxT;2)StjlI`
zE!vc;efhitwjwCnbf9^j3TacyK9RGSt5**_0;qkxrLJ(M09thjSrP?~&H8Y5Eo-Vj
z<&+TRx(nH7rrI^K<VxxedWs0jhn)QaH*Qys0sRuwi@>+=<*Io2yXbrW8x4&FV=`sf
zj`snR4yu=}he1;h;bx(^Y^G+8k?b9wIfxyiq2^PjpPfZXuO?ZC^<*KH?13fiN>S6q
zN2A1<75>wjqZ#DV%rnn3r4nu~OP*<my~$8j_^1UiYdj>_x_Nn_Q9L(#juY8KSQ(%G
z{yhrkIvIT-oYy?}E0yz4$k<WWFVCgx>^c8@l4W0$_W?hAH_~+S@tn5X=EZU^r6E&2
zf%@|&j8A)eg^x$=rAh@nIZ_5(J&#LjR#tZ3Ned5t;hf9s2=Ye@kmUQ@3|A{$%Pvt7
zsj#H*jE|NU(Q(Gc?<wIh#WZ>LkVu|5-7K@m9uiS<1bZ#G`t8i@X}w4@WXQxY<s*7r
zh@>)k6IZA?Bz*ZX+!RXqxVhD1MPrrtrY<PW+!f5Mk2c2q{lO4}ek0Ggt@sEQ5q8Pn
zDEOsWS;D`_jTVfWqGsqX%CjQUqikbsE^GdAxp{6~?(HgL*~DbOvCTj|SxFJ8HyQK&
zkyvbxy~FldCj*gewwGzuI0QxrMTY|4BmQ+B=+K8c^qJyzglrhr&}>$GcOui|V#yzE
zyujFJ!fAQc80z0Y=x>HRQ=-Tt!*M^yV`ue4#Dgu^vUGDM6-EB?x};z*HX`edpG6LJ
z^J>Go_7dkK+v2k?^xPP@cj1<nmt~IBtV4bL${S5oYG}O6Sa2MZrmd7eGBzdN%m`c1
z8tI>h>@YLc;|s@P@xr%O^A$>C{DA8x@5g_wwcf#OT|P*uz4Ky%I<-4B?WbXkjz3Fh
z#}x@HTdD;YT;>W#^F03a1zw9RO>*JKa|U61MU>}FRwPXP6E|p~9|A%}m{tzv$U^qv
z*lNZvn*)+Q{)E4+qA-zjcA@~uBmAC*(~qup&vWIqLn<YO5sujrdp88b5FZ&p`{(N7
z(8be{Gxg+pNB^KV^j+Vp#x%+wcXY#Fr4J1OAsL@JGB2Bt;BiKST2f-@_$WI&HEXLL
zf;|!{=6~kZjt}G}i=@2<T;E*`NRHbTt9NUbk15{mDrMiN<qEh9pZb=qpOeXHPJArd
z(w;1<L4N5zGMLl<S&tkBK%mqE{x1_-Eev5Fd2?lC^w)WpIfeb^RrPr9F1f}U$k>&*
z2GR~(w1+(h3?LP?MK8tZ`lae8!RGiolJ83%M2S{wXh?@3h$t~hP@8D6=gA90K`xbL
zWRSX#>PE?NF2Mu_M%kdgu?oI=+(jznL_OZ?juUf^P=BAJZ%0_~XXO(}(pM}>l-~v7
zBG1rsWWE|9A;U^<r2Y9%qfd-?fZD9S?@a6^b21cFGwueT(smwow_5Jb=GDRuPvZ&s
zfeag_T3sW;$jVYWEeDK)grw5fvzOj^i?BY*(QnshAi)HQixYOsOG-~n<j|+5r~N;|
zgC6#GeVhK=UWkad@jYZs$pm6MvDY8m@~%is@Ao&i-k$DHjN~ZC?S`AuUQdamy^6OU
zY+XDl(=(>}mYWl);)T9&z%NK>`O(a_IKCN?y~X;Da&6ix@i2gLCPjM8#*{BCKRj0{
zrT@rBi^GT*VEi)j1GfZ8Ry}g%;u}ac*+Z#SBOYg5<^x<<x4DZT>OKLql9vY;{!d*}
z?hbjt&ypnuoN)he!uDMFz(9iVY}BjS+RR5dh=6XX{QMPupH4msI=o!`iNs=HifpUw
z+ZdJgSI53pvq%O=N}=l@&oPjcPSx^JyMH9*z&D+*X46UN%d#Fn<$tKwlm&D(-q+3V
zC&=i8h^Q-Ve+wcLKuEXXUp6)P47fHq6t7eLs4(V<9VCIfQ&VK?2+q&e6MJ)I0qzNj
z&G+?78DW5wHMvtmL&>-CjWFlf+V_kf!7IOea}L7MkQWc;9uLCVi<eY9aB%aI{dJe0
zczBneNZ5vf{W*bc07hZK=Tc-gT6v-!b}_wrO>!^jYG)!qbQ1%IWO|s1U|ozalJF-k
z;ErsNIs2BUjzqhya`mIK_p<C{<Rp!@cBbmIACZt=@X>?E5FefPAcwp&01QZ+<n}Or
zHj$9Z9W`PTc()R5?@C>lc4wlMXn7Ydy!oa^Sabst0Y_|lj@7g2#YH!LQNa-Wf9sW2
z1v4E_pjj+T4SG@>d+Ldd;3DO7Qjns-2;OQpxMRRmyXrQr+rVnXg89Ey%NVHEvw+!*
z%BMC3)$O1rrWVbH9*-~Y^9ELovU!yc*IyoJRWMnfO|NkCEzzi~YW0HZLLBvJbe;*q
zS6UP{x8w8552Kd^DrLdw>%*|SGRs!vOW?%P2sZhPQfAy%OqtQTcCLIu#Cp9baWL@d
zUEd{thHna}pMng@e!VR6`jB=ffdR$iuMFN5n?WxuWu7M(V1dDP!Z?YV@EL(f=qkz~
z*>-F!?=1o~-S<|S$(vW*7tUr>*;X_TaGXOnrS5b=*Ja?#SD*_7LI>jy$jYqM`Hh#C
zT4KT<xf<9$=$m0vtcWJ^a@U3V=lUG5@6mw`0lR`(wM~_dd)H^O#$ASXr=V_YuN*&r
znAqD1?sJ6;Z7!d3R%<9hIL=Zkr=WQB`~j{Bp@PmMO&d}wt?-Z82dvuliLsH*zu`~o
zR|8)JKA1?5&*Bb=zmwYDC23p>n~6Op<PIqbK`a`&_rftehmQZgufiZEuw!HXsvVTK
zmlcmaCnarCuz0g25R$qtVMJUKz<5Z=)%TX(Eyz$yczcgZf0q{2yT~2WP}*jEU6=Q5
z3ZfSsDqZ%g!oNqZ)1g?&sNWAIXYlZ=*rmA>|L#>!a!v~JL_+?o&>t{x3(Cx8%1);`
zO(3|I7n4mlSd(S>*pbnB1t>xC(Kk_fPY|2!BK}XE^n3$_zu@<^g<g3s69@?L?|w0P
zo=0w5{IFmZ&UNnAhzFGr|08Eun9z%=s`samoGt6d#W82P?;H#5eRZNBKy(TK#MgoS
z`92h+6@Q3e`2QoZ+AqO{mobtvMMV|XV9NY-btUuVOO(EVYl3t{MtTuzeV81RY;uzy
z53pQ)a?X%oz~MR~S5hBOB%HYmBk{@J9nLuwZ#c6qgtJ{771R1ZbxAb)x}xJ^pr!nE
zbhQ6nl-Z?xk&%%J`=Xd-L8Y9Vs&}=4`w|^N#k%<6$5`&p{(tRD@t=J?B@L@8MV+9R
zKib=YMswKJYo<YJbH4GQYe2Ds@-s3*XF-y8SFiuK9WB!uO5nv<NmQv1o0hzks{JBb
zCvmsI95^?Jy1I~)=vhL}vj2oh;N*+LwYC<)rQO#f>zjaY>Ya$?N(jI!a?tz#;}u1C
z{emAaVQwwwb~X)^7SsmSJ1VRDuKCjV@GDQKJJjSl`Rd@023shzX@Je$L4Ta}WRe4$
z9r~=TU%XiYmiy;Hc*6^{%3$_MtjOg0pVdDtj2`RFt9m_TV+-edIa}?`jfqGI)o-om
zq8JMrY=P{ZELbqNx%K$^^^c5zY`*DEw1`eg_ch6--cywq`7XnbRU+Op>>OV**S{&z
zTnIGjgihzfocDu?XR$&gn759fy8YN~iXzeY0>e9FQPePB$g^rE@3qKBI)$O!(7o@4
zC8G6oOt&}FSb80;#P1)!nlU8O9s@<P3&0ZrYD6<k*a^8irSX0aQYBaq_w!;l#ey;{
zFMr{9^v$i?H)WwiB<uLT>K#UOdPti_eoqn_!4@3p>Xo`JyZ|X6S}NBt?8t(~cdtm(
zjLtiY@oES2Ef2^r{!r_dhgKp9IHC={1uBhw?#S!$lvMI{`c0S{^He##6n#kgrCK_f
z{9DnB-QTVKk*m?hP(DoYEeRak6rY7Mb7QUEEtzCuSwIi$Sw5A}Tk$kF@8x$-Y<||i
zf~Ta0UQ(f70~lsQ$1~v6SgElTf6#yZAqx8xx;YWT<;TXr!S%-Cei(bVl9uTE5CUK{
zxQ$=ai>JB5P6Zts*u3Z0P#hUdn!G?zxOYRLb0exj&0>sQyb(%F1z6TwJgvC6cw!_c
zZsR4-{9IRTq1Bn4{ab`lkSLPc&Ygxjeso8rjB{t7>^{-aV<>8Pv1DR~7aog<h&hv5
z4&ot$_l|)UfN0ulgc=6(#Y>n#TE)6t*FUGW6?uP5Ka?UYZ5NJ+(DBdB`u7M&XW$ae
zx(ocbGHr~-)d#@$z5#decc+gZ!X7LLEsy*Q3xF8b91c$d()x6FOIB+B@8vXqGBKJJ
z2p&k$70$$z|MbGP`aqtcDtNJvV!;TAh%5e!I<Pqs7)}H^NDa(DY}NkqhSWLXuZerg
zr10$ija1tA=agbW9=ZTFH7_}Ifl$n}xP2O#KRkbaj&Y3>cGtt(#;m^W`$>7aO?edt
zG^YOZFe|3@CqU%)&3}q11VLfb2o_sW=h0U2&YA7eQ}tshSn#haWPqJDm#^Q6d%=sR
zkprRyl{{|LV%*?LkcR$$CaCW#qF0{;5B>m|LXgFX#6lLeBesy*>>D%K2j&ZAU>y54
z2{b_IR1kdNsWzNjjmD@Adm{7~U^>fcLr}95H)7ZWL_BdXgC4<2Xzf8&cGyrCx+y&!
zaH_-!&hlXBpF^qp=#IJ^&|g%G15V(2@7dmdDeOT<ly?~)H@0p`N>+CxbjQv0K#e&|
ztxWNue=Y}6w@3NAY%bq9WC8t!bvQUa6YQVm+b@xT!@=ph+R`*?@kvCwgDP8?mowCG
z>dX(aLjODs)KZ=;{2a>&$((}zVu1`CO&k8lPXNUdZ-yT3QS0%NoLh}c1l0u@lnVz?
z>eM%;8$tgZ&}Qgmb8Mjqk=Xa!Ux<LC)gc7OMnb>j4GxFwv)!G3YI{T>eJpZIeBb~z
zIJ*n|gdPRZCgYtKvuY4ei1F<&g22%L(wO;HVBo;v@DYAR3hga#NF;0pL8;X%1*mgy
z{y7GE6hIr1i3hqRPaO#RsGxhp1xMQ@d!Zu({n8_FI9BvZYQM#wW0CArxKL`v#RBTA
z9HB7Y3KW#_F#jLp{~sCu!6fes0q0^tVM%KQr4&fY!gJ}A6snf~I9wmu1C^2Apbx^%
z1Yz!0t0?r|0BNDJe<BSP6YpK1?dqnqlNKE99UY_;6z~@(yJFz^g`t_5V9-Ls&d#o8
zO2r-x<*9hHI{0OO#G=Ek%)SCL`zQXyr9CN$5InE`7yvpolmh$#ytl34WG)E2vaWOT
zlK?7hx8h*X^B=<a^(8t!K4RUhN7n|(qqJTBG8jp(xfN7cKJ>J>MNHB=5eAY`YE@fq
zF_a+!9(%6@`9~%5otc_AZo8Zg<JWd~iziVEvMhs|ofuS_eqe#$q}2Q(=gCkEmaO>_
zK?KAp%xfK?Y$0r2>&++VInp$t#z2b@Gr1NN2VQ{0rD!(8nm_^sx&R-BUQ2ok!rsa4
zAyL6!uKfKZr6L}vtD^E$rAW>D?_cZKo#l?Z-L6nKe-v6d!C<6-ZkTi-CNARDdk#zl
zVOUE`OK&dA{`gz<WZ*I+u|U05tOkmO%D6?p9-W9)%NWY$zJ(YEA{1&EDezfRshXf4
z5f2dIX+Zk?fy1lZSy%A+29r)+a8NCB@THQy#j)Fcu>;~~2H3s&36A@%9*G+UvkV#L
zDdD%^LQ@*VFhMV%Q%~eN?WP;31zE;iKh#HpZM=kK;97ddtaEETMWJ*`;OhJiW#iAf
zFf0<7pXgocDWNZ!V;8Do4~0O6?dPPl5R}9uazIEP2Ig|hhGGEIjwks+7?xrX<zBQB
z_4!^3;LZCx`cRPq(}O8Ch`b5d`Yoi?lonC#OY{9)H~Q1#E9_DHPxo=Ah0>wNfEHn1
z^U!bd#@fD_qXK-kY~4zQhYf{-F11n{kcfBR3mX~Gp%cyW`AloHN8=iFd0A5yJR)Nw
zr~B(=^W&CSn1G5@Ht>CAsNk%dr-3mMUQ>v-w|77uO5#sBI|$wMVsa?QLuD1Robm^6
zMJdS~e+vqW`Np}|mWM*+_c8?7u=$!OtbGo!gcX+Y4Fx(L{5Ra~j>Q?b@|>J>?ypv*
z)I|T8K!R!5@#BOZ09+L^z<@d!*ONB`OZo5=cHvM0^x1=;dojk@89`D;)P4T?{qgbD
zc6j#1kcRyOsTD(m9;ax!uG@Qy0!-Hcm!nuO%;gubizer&15%i`2)D49?;p}R7({Vm
z<qW9Xk<6SK89}0gG$YZx%%DXu7=QM{KbA#_>j`uZYKh>t6<1=L?t)-5j|aIa5Y^(E
zLk0>QYyui61w}q$%5x;1n7pkb*TKo}lG8BHo|b)SVNJXn+KmC#84~Cf_AqUP+vo)9
zA9RK~Mhd2(--dI6!j`l0BTO0Rr-Fk@s_*1q-sVQK=qPDl$^ErUxn%(YAe+z&J9JMn
zz(d)&B`xu0Uih58{<aMVkuvJ+3`)`=-cQwo@5G()EjoPTtVN#0^#8Q~Eu$j|)kz9#
zc0d9xV(7IONPBzfB9Pp7%%wT)G^b!DPjK{FdLf3g(wxce?EX;J6^VlLnm^BM;0LO(
zY==Ae0P_XWebF`Mx!@tdR@U+=E3joqP7JVls|c}TM!8k#@6g++(8M&>44glH{3UxZ
zJTi5ek>*3H{>gxd&(_N6vH^KzFWM~Ej=ZF$0p=3sT!h^~xgV5Kb}qeJ8lFeq3V~ND
zREpXBY<cFO+i?Fu=nda1Lt>?yTrzla7e*~&4h<P|*0^4nzr)B4R6@o_FA*LCl`CO&
zN2c;S9|tIa(F<!-6L&z3@e@)LLD&XLX!?<XG6Pz!{K7+Dz&Pib!Tq11-STK=X1z74
zidD-2Kh%?WK?_J2$@AGbJ{CyC?G4|Ycu$mvJki=v?nRnbWJdG1Y;*=6j&UTV*87+J
z!TihkUyk|wv$qRt_XWA<A3?T;2cKqo0`+}5qHaAewWzy17MS$_;_eR0s5k_~=JF~K
zDP(2bMGByFz&7nkZu?X_2kN#pcLHC<ZR-K56(5ua2l$LsFscY!r$rjLv6GsxN)$90
zM&D~}>pXSd{kJ6FBvG5(T3{x?QrlbSC6KlR2J^2htVqX~E`{(r$dwWp#YX;0Tf10f
z%s-u_OF6tCD$Dvt3poh~szx9iVbBAz5y9|;U?bH}#hY&sAotSwH`0S`Y)|e*b<cN_
zXK!6P2k2!BO%GClA43)q5?;eTC%KoY`S#caxrpgrfXP=zH86E+34!i(7(xBsf9)S+
z8vZjCYerQ*s6i!ygG*9WKq$3pY%nv4{SIID9n^+5qX2qA-ED7h0=gGh{puHwy%~Se
zy|DQq6UFXR_{3dO*w^>0v%U94P!5&yS?Pl-vS(lEOwdJ9PrxXLKCf5~aQwJPz&Y-#
zH-!)gphJ6qx*7BysCRdWW4FWQpBe$-i?S9OPeM_>NE$S&Cf@OXNb{&FQG+I^5G~k&
zo$x!tpp-oW;!x-ueEf*jd%E_iVLt2Xzmt8i_<rejXaz;W5Hpw`!IHuybh*!oaJ*LS
z@g<W!0b-th1Uq5Qvx7)MZ@}^kQ?~~gT{`8sL3Rg22??K9gu(a*`U$_7XtL_E2P5By
z!`a??mG&-F-|heh>_DfbN9HOXEF$0<Yj^PYzjC0SaS^(`r1x?*3XD@wL)eT4n0Omq
zzJ>a|KNB;<y}rY9SkQGCI;_11<qkTgbp9g07sb8mA3keO3}*x?VUyM7KcXK^Z+a`r
zW?+iviVCjJh5y;ZcQWtoR26cmfV}^+$2hqdY8=0|{Z&QiSfgSz@{bi!2xh3uR(5|_
zBqk=Zm=2O`&DP;c#WHn_<|{f_fv$CNY3UBo@3jYBDtilBqTUC$Y69;6+e3n0ri%(B
zFm_PWJxXT28Ite;W6Y1ZtM4~HZc$#z_&+E^ab-z`Y9!9bJJ|pqAPhVokJC2dMSxfI
zs*i<s^E0M}2wXcs-{1o?y}Xh9*{EUe!hl4fv&Vp~H-E`Z^etgWj92xKYRM)e6^0_h
zOt-rSU3{WqTU50C5mmGF*6Sgd>)wKqJR_U!ShB(%9{f6<R}M*zbIy3&wiJ~XQy)Qx
zI5y~M+wBembSD8!d*r?H;#vrZo~K)Pyjo~;tI=6pbmU`A(Pvu$-Q$T582Ra7?p*`a
z#hK`8l@|Cp(utpSulHk}*3$i~hb5@ft>zm~R}!s2r?oGDjXd!Lc%HA8zc{Yuo6h>I
zpijzGM3=cUr)MGXgU%z3u%q31-J5HGkv0+zDhvU!BQWB(0Svg7;3)K7{nv$34?{R4
z2YWx~H2AfcHEt{X8F=UIcy~S&G~F!#XxEs5DQE<DnO8D4rh>Lgf>sEF)&68B0H3k`
z$yjCjn{q<Owwn^nIBR=|tK|iV^H|s8jB=;(;yv)}`BYvD@=7#gL(R$WN6+*r0gY7l
zpITP%{I71SyGxeOtHaVoGal>x`;vOTyOj)MH=BBWNDUoYHo(clqahZLiG}sm`u7_s
zG75<tLtLSJ(FaRLP+y-EU}pZV3f$lytPXVUdYtewsDFcx-taOyQ&f0NIo$!pC_^2}
zRrNhd%t5GyL>F(qfZsnJ(;x2DJ~fmjr^8aVK|FdL&L{{xFftjOd^}bXt$+e(y6}k{
zx|mEIm{=B+1>T5*_Bo>4P;OT>T``WAX#b+j1u;&+$5@Vr&Vq^x<=mrW_v5MR%l)4$
zMm^X^?hl*F7GTN2T>zYuH$f8-4?3_X9w0hJ3tDO;ef#F9-?qX!dMGWVsg<PK`F3@j
z6g?}0nkD-o9vhu}syq%>pIv*q>uQQC6Z8o_HE#O=E<P|>t{Q{~)}T{`Xk`gHp#t>E
z6_vo!P>uo)7+pD<0W1uQj`K3kCc_gANmwcpJqZ>{?&gStI+r7JqLP?{r%RgAAUJC1
z9ww094`2ppov5h1PY`4accpw?XK^T|kSTOJ169o4f_>Y~PE#}STC|{U{)Bzf8}9K7
zFa)E1?*{=5Gjk_ET-bna%;%DvVHeq+W-To(d=8GI^FgJ)Edn=ZvQ_7MqkX{;=Rk@J
zQt!5VB^U$H{eyxUf$;6sCoc}-H#)2=n4a}quoKM1ZM5s8=ex5N)Hh@P^L!es-zrRQ
zUcjHo`nRrAe_q%ZshIq$kM+KR9hOrY+xv7)ul-A5^AA^p7w4mL$W58ge(h_x5N2Mk
zb2*g4o@&37Cv0MRFS0{`;<S+csGJApXqc__ufhlR6puQLKQ~H#{Wr6j7-BUf<we*n
zz7OM4qC=AK;bzu*n0K}%A<$xd^`8*l!_^FYHsdwto_QnYF%VMjfo3wCn~V7ydkRUP
zu@EBOzmchz@L+I7o^rS#2XJOq5!DnRP;kWgYm&3()g(JqLgKBqwzj=c&&xJ?QuD$9
z+HTK~&`>eZ0UZ$;TI57IFWe2M%#l<(Eu59?Fs`2PJqxD`?ld!$f0#hCv~Gu|0Y)WZ
z$>!HsOE7qQ)X~Aett2<j7Kzx33T6cBe)+l1a(AB~!}`y|->2IVJVmp^Yacutw$n1>
z0z(j5qfM%EWr-#@@j6eCL?w&}K3tb-&s-if^{JKh@9fKMnuz}S#@1GLEg)TOXUTVr
zU6HYKcHAJsUC>mQ@>OVyOFE#KAZF}$(8puunviiq1M`cNr=u?`fBR&iXAzAsmAqHe
z@x!q?>@EN9biOW;uJ&T?Gr;J+okJ=a_)hOiE_ISwvGyRQx4S)Rj}C`j5VTVj6cr&0
zoVK8mn0W#4V*~$!YGYUw=7xf#cEKgz<=?jRqyqU&(e(jXtA?W(CQ<zuW+u4N<fO`n
zP!b<)PN3}<2f0~0vY%B_($Y!@P>6;;-?mYegSdwt9t;R{(&i?8biX)W*RmATZ1UiP
z0xdH&h+1jRCb1Qt>wew}1Bm(iuHLBM?_EibI$jC3z<lMzMqCoMAEG3y(_KRH1dc0p
z&N|2*9+EWu3G!cVw#-{t+&{{lD-kx*nsp#X7P^d82tlr_HKH+Hi_!6qCYQt^4KH8`
z1k8UppNt<)mQs_;ixENGYj9o5piZRIWutfX>CBuMyK7RE1oN6CBp^T4{W$)*^#HWG
z3qv5t9!G_`zZ)-hMm%Ggc_`})XKNjJ-caf`1`fLXZFziTLi>NhCP6!}_os8y{3X$^
zy4}V?Deu6^2&!CfDK%Hnu6;Tb>XF51EXk9`9#Ev^x?Q1GVIJL&6T|lODYH(I;#ihM
zmI!JC^c7JS(6jGeEZkZvc@Qby3mAfOMrC@i(s!Qpm^=OzFR$harQc>>GOy|{ax_L-
zBf6XaAA4^dRRy=b3kxD{Kx)(7t<n<G-L+{2q$Ct6K|)Gu(=8w=-5}ivY{CFUK)R7m
z>HgOCeb4W_o_oGKzVZEc$GHFOF+^B<#hi1^IoI>d>D5J~w>tYpKpr~c4lDufAU{4M
zDCF`jCL_|u+br(2KjVH9m+6}s2lm<fikPW6TSm@({2n*}-wHf}k@p^op7FuCuP2wR
z0Rrh;u2ybIk@j`WYC_JrqLMF!UNM_clKu9zqE2T2Jx)$sfM-TLD{lz`2Ydakd}Dnb
zYy!>P_0`Vx%k)}pbZApR4JG5r?DZ8%-Lz|p8cQ^GIgi|n7iH<$)jr_hg{dT!>T#$=
z^k;oQy_eN^HTicL2P_S905-@y<9%+2=<XJ7n-G1;G;|??7CVi0_ka8z_GgXsk|C^z
zKb2RGI)|TJ*k}><Q<A=EM4ub?5isk99aa?1^^-(((;LaUGTu}BzIf#-&sQeMp>o}l
zRl8O3vT-uKq(_=lAhYR;G0?7~z(K?vMo4`we>3#+B-aZI!TYI?{LA$a3so1ochB>U
za{I@lNeKc-bkM9nXKZ}SK~;*ytUGxXQ}3Xkbk&s8anHLeaw=l0qtM)<h=qG30bBe`
znn+FTK4}<BZT?<h5Ze5Zy&)IO5p)*l8~ad?>z%rH+4}yJeZhG&A-F2Mp;0P#k}7?f
zB=1GCa{{(r8dc;~NPF<v6yW*QHUYv@h7ckqTzn~NBwAZZ@zKRJCw+7bVfeJ{J^eio
zhPQ1$GGQEPiu>n%>YWbfmJjZTJV2X$TWj{I*p=$AQ8kxM%)yB9>gWYQ+3QTvpI_VM
z1(hb2@Kr<n-E?y3rELlmux^`;%^e+M0;&kO2~&KTy5e*4r$J$pdH|^9cHPu(IsJ9A
z7$qK_@H{gfcN&xi`3UT$xmO;t?e2jP7CqY1%~p6p0*BuErGnFa|D4tk+E_v%d=YwA
z#zuPjC+ow7!V}-qlAw}Iw`W4;V!dTmLdN1=FCk&hVGuyLbtOSz3Eui7NS~gw-oHKF
zbU2Xnyl`p}FARs92~{;96GDw|TuGxC5VT3s1Q3#%Iy!+VFB&l_KWO7DIP>?}gSw_;
zjV{H+0<paJ_KE$NQ1go)ygqTb$5-CC&i?r2pzKK(r}z7|@%1rb`8-C>M`-aCpoj4Y
z>R}MYi*K`$pXT2zu$<~{0)M69>E19*eT}Ca6tzOoal3%}3C{-EYF!grSGRn)zKeIo
z<HrjHi9`S46dz8Lu%)fA4<<BQet_U&cVO*2Fw?Mw^pg|5=~5z`E<y}4<p<CIG#DIv
zm8s)1b~WcG##(OENlT=ts0iusAC;ZIc>n%ns2E$n2u-U2sxQAWuqWwte5IQ@CQf>r
zeZnDc!i3SRNOLXhDO0N0#AsHa5qtvGBU{PE^Rd?|2@3PE_k{~q>qRY5+l3;j*+}hl
z#*|^imggf6raa+^Z`ZF9#?IYJl&Y}0DcI>P^w?e{7PKhvjCvEW?+wueE)15i*3fY1
zWA*8YTX)!qL%Lu-;Zh%z=u%6*pIP9JJafh&fkj!$noV#r?B*(+eu3Epk+5=)<t)2@
z?$a^Eb7jh-);Yc~o@OwAT$xFH98qQZqx|_;IbvlpgMUNRz{}h}x+RZVi1Wb#Yo2#5
zVh2kJO}S|C(fSpj2do!NBpi>LO_n`<9Y+zo?vc4uLu6QAmPQ@;%$qn8OIv%>r7LSP
zkB31<JA#zl|1pqPCblV>Yc@wU5S}s9BmJns5F|((7@+3<Jt8{CU!Pc>(J>5?*=YTO
zWvS4MP^uOU!%w1dH|g^jbyN}ld?7&!+YSJze1*rUi68P&5R<Q0?B1#SD}c%s)Vd>$
zmdGb$`MU2Nzwp=lG#5;Vs)!7}5Hm{)i`9)>pAdR4Fun)Q_oddY$+~A0GAf_yd0Hte
zR#-jR@wqU@m9;-<c5BOIK<=_Z=)zN{d6{Yz(Ey;mL-k#1=KVL7*+x{OrCcPg^b*(m
z8Q0d1Ec6QWevzLgkx1*NrL*GlR`MQ7=kRT%?|faZrwwo&({q4mU!7INd;{UfZ&)z@
zpn68)$By3^xfUpQ?V0sEF$+S{e@0IZ7Ko-r%Bu1T({_8i`W2yv+g>w~8ca`Gjq!uE
zYwTI<w3slzOw5gOFm|vAi9zD1i#ttbo<~7k)b=+D+XnNC3f@BHe$8KYG>o_%7ZX#R
zLXjj>Z?0S;iz&|<Rr!~?MZK`MP<Gs+)exEDtNJ1wopocjdRqMC5O%YpfY8`OW}cBj
zbbJ!%dp41=qGPeZVAR>NaA~c_c<56afnJ}PftAm$4**n`%|4A$g$;e*h2jq41a#6U
za!(`yOY0KjUib@g^G>Sb4Q-3Uz33zl6QbgRXV%hkPUqB|HhKm0B;|JYQsYB=a1G54
z0wRj>d>5^Ep$?*y#o6$^qSdZ0rCsXM8(rte$L(v$bfhsx5w8e$u;Nd=<|9c#h+yzI
ztQ6~PZZl2_uup6&e(pb|bmLLO8eiIAADr5+<@`JHe8#EXUU`~)wW|(y{wp1(99kH8
z_b07z$OFZgoA~<B8a(`j*x0P0Y2oxlS{rM6iKWe3_%QnBtKDGn)$JU3;1mO3go;AP
z@iiB%zn9CT0RCrXz7qSS(7Q3l4jCCg?J9!z4Cf6p)ggk>@Gv+V{&Od%hOr490&XT}
zyg{ZxT0oYKyLrrrJs3mJB2FO5KyNi#W+c2a4oH`5&RP-bCxVE~1D3V;DAA*&GBdYo
z=Gre)vJ#)Y*~v_@G}0JgPSYR~FMu5^`NW>Ftc3#ZHEYNi(coBv;=7C`cdVNsl%Z~M
zkkoSWuK4m^=f@mS{rbB!RZhR2d{OWh-Rm_IH0oQkAu@>3ZYrB-cs2TDh^0?Z4WpQo
zI!rqJ?8>%S$^Cr1<ehZFIbg-7pDBwn>xUJR%-D34(>zz_AlL(p@hpMZ7c71Fs*c(P
zaUbkO#8I=+gV$E0AzU`GLCkB`Euc7oU34pB;5Iscw*yf!MF~49GrJ#CAD!7_B3SH?
zlXicv$j0MBXMXX+>C{M6vF7(EQ5P+e`NT@0?{g$@bO-OspSvm20ID2-w4Cl+n-!gn
zyWPXF)6;!v;Ha7P1d83{<8?EAb^?AaHZ0G(#nZLJdd>CRva4d}oEYorQ+iL^Mxtws
z!KWZfh$E;-O^PiDknv;GDRTx6P}0mZ2Bsm)op_l{O3zGT6Ao~k46#p{k>v}l;WDon
z>6ff4#TB%6kOym`jEK#)o2*sM{~3}Lt1X3ZO~9fytVyAGNWcv?LJQUMIu>4E_70xw
zxY)fmES{V(MrRX24*~rkuM3KomEM`WGGiANHInb4^lYMBRA^iPHTI(L#43Z8xA9Fm
z*xmvw@m1Xo{)8w)flw_=LyJrU5r3g3*h^i}-$$1R)S0E>ODivad8;iUtd)Miu~g>C
z))~D@N?dT>7}_vXZiB@cfuZM{<$qxTeBd1}D*@6+H@xc4ceQ3{miQNa*lSd@X2pCM
zi8YHRPJCQz=bjVIJH&5p-_7$_-<hJRlh3ml7^ZR3fh+O{C#|!RT9~}u9B_gc`f$SA
zAv(F+xpt~<KQEcn)|m^fw?U1G2L~`4=ZA^i^gJR8veV=hr$bMt&QlaF6t=S0OOs+_
z_jc~BXJ;w*)jJrEnk={^ERPQQNdrb<86w{NI)3rhDLem8eXAs?V2#rFSW8l)Zi3P)
zZOZWGqK#K3m7%RfS4?VQ<5t?Tav|F3<ysev(;o!x71iG`)%mF}EI_c>op+FjH6x9D
z8Zd%_!-ekA(I70_B6HSUo{OK44;%zLDc*{U7gU^#Yti}6Xv;wJ!_p^qvkFj4pzrBv
z=9p}k1R2)SJ+}uvW55|h+fR=s?QvyYm%PWznPON!ID^ud!TnF5_%2h9JvQ7-W>TPT
z1)n@xCLew%vfSEB_wSLnSY=K^;0`jbIp6#tSn@Ftw!3ur9H&D>+)Os!7#J8HKJi@f
z%+4{|!eqs~R^tPVw|Fcv^m-KD5;jM-7(u(@ItY;`FOT+q6C=*c?0e4RVh8~~tV2E^
ze-YuzHbEC7NG7kvM0JZb=gpiVOIi*tLwvlX3129iiN;EjE@(ON#~TDIk-@8)X>Wr7
z;fHKmB!>Dq^aS6Z8dJYN8b&L=6m+F5dC@8Uw5Om0_kEFrpOPMoW-edUILfl<#E&mH
z>D{gaRk}y9CXtY!hmX0Mvyn>3Ds)iOU^FPeF+sTT*Za_ui>2Fi)C91`r3QAd`%+uq
z18W+4Wk0P8>cF#(V+yC)nacHZzbd|uTx6-sKkaMl&O6qaE<4ID)gH`9M`%|=D`J;f
zVsdGw^aESiZJGApo{kn>Ej{Nj^{DP0mS+!jDGD`C6NTmKuyfzF@gA5Vk4PMOT<)3E
z@)42eX}*h9lW3b*#5$%YyOgTBx8d4Sc&xP9j(QMgjVMZ$Bo(^Y^=d6EgBhzMMMCPM
zlbKTZTWwLr>^R(s{B)0^GBFmK4%q+&3=MqE%6tW}Z(+TsYwA8lfe{zR{aVqYO7a9S
zo*)Rucol<<6+J5>m4+5(69J6AHYf9qOeW)qD#GtVB~+?cKbGgXmmzBP=Dv&tTrj#I
zme2^#k>wVdOo<|51#mEiy%aUWB7rp#r?0n|0X05{3LSs78?&D%TBssEgK}?Wftfky
zU0q#k>mEEo+5;P7ITFEeUbYL`(U6K5>vuAPIjEWOummr?jt|ZR@0qQX6-Q)}%QvrM
z_W-A0?E30_XM>)&(nJ*zB~!_mtB$FoaG<ssQ{>kn_nOg%gqS{^ah-K7h8~ltgY}JW
z0IWyaGgm3=fUWk6pq#*855^pLf8xu#n6z`h%{&+nu3j0~!cR`1px~lqlEGpLQBruh
z!0uu^1PI6*1zqLDBXa~bdh%k3>)qpoM%p*p)hYRC9S==v=Ui)Wt*uNqG|xBm6$i$9
z<6qB-*E8cdYD&5prKK?jat2Y-WZ`0^pShjSWY6TBx`e9;p(#ld92jR+=@8zP-NKFI
zW<1nb-m!g`K{?UnWJt&yfzv}$WZkWI>t4MAMuvyZ)Ixkp(Sdh$I;ia8@;;QXPup`6
z6SwFXVWldlE_-ajIa-pxrC-orw_f;e)?SBvg*>63?H20;?<wy#!U|H}Hgq37s~3t*
z#^XuF&l8r%@_$V7yNr3U=ZgNt5aZC~2e98Q^9tl6jf6b}WIPn(6~*e6_il!0e@e!P
zMP*rY*Ge83TzWDKIvZ?!UxoI?Rtw56{j>&T&cN68uRzU$-te46MeSlhalQroT4aqq
zI9!8ehQpEmXZuh8I#5XAQWu&FeTZ<y$G*NgZmWSq=NT4$?)Y3cMFxbx<D9D*-wbK0
zd}>}=sT5F@34&9702fMxhj`2s3or#H@8D`e2z`24CvTY^X3r=Y3nlJ5$#G+A1@SBk
z+FBS*91-^~6(-WPiQ^CC<~b4$m#F6%J2c-xxD_=CQCKa%%03Q}fSxnDXnd~ulFnAR
z%(9;df5#OEPmHf5i4inIz&in#t_`Xf7aC4a-L>*BdEq4}D19cWdvyQ#*yEsgtv1%M
z0d;l0asPt~_6YBZkoS%H9kbdx;zIGdpZ$FbLA@Wh7&C}g(FJE)lonHCCvL*`w}cYF
z4u5v76B{&kF9(r1&kzMSzj1DnqE35od6Y~>FKu&))+Oc_L+<m@2S#ZxhBwLUy5b$0
z9}zXzuVq2BIncjcjc4}9V-9tE*G$a@rF}ks8PHjK6I+`^SblV{ZSzC35Vuvi@THuJ
zqRqjh`!<{r_nVIkzOVY|qJB^KzS;&WOdZmp5!Wy?II;+VY`FDS!q>A{7Vz>~v0k!t
zl{X!d=CqRj595;kx=Y5#<mn8-vm`GNIHRGXD2K9DHOSE`#D*>x$XGo%w~n#`Pe1N&
zSv;%m`~8!xd#AZmt8_!?ng0DZszoP?jQ6`fv3s{98~gz<{QK&{`v}tGB6F`p*>EMQ
zHAny;#fez;5EJ>D%I#G)0ecr4e%5-~!h`-0`#I{$9h{LB!w4#BSAA1Fd#yj9kHy+L
z$n+G{0r?_E5be<@qg3!^hSnq}_0WRCX9xLYn{M@)x>WK>XP%adZt(UG0Lol|u6O1s
zaXtk_9`Jg}XhJABA$qq@YM*p;*05@=gphsL)+`wF4}`xcYF|9YMs%(4EZ9O`;Ygtp
zBj2D+R|a3s0zk(v>{pTN4^bz@OXc1|H9eJwy+5HbWwky`oq9#=XaU{jLD4aK(Atbg
zrlef@SP-uh{dn(}?`Ar9%qaqkFIg9w*y07#6O$hB!)Dgdo+^+X{z1jRMX!|R*&~OF
zA}c{80{t6K5EB}oQ-&Ld!^)g`7oZ(Yk#7sM3Lj;`pCeIpZyEn2f4oh-8Nm#iHvL(^
zVj#fcH=qoFQo3CJ^^mI1$(iW<DW_UIWe+X#;g)55H6_;h9t*j+pgbcA0YQaV6~(30
zRj|Ey^Dsi!aDY#!NVY#Np22iX;iD~b70cWc8^|Zk?s|#-sJPC|>}kP^5mMz#XF|EW
zi=pyVogE0MVe#-q|4i3POI40r8W|EvFvwB;X&C%@xFfDfS+|4O1gPQg)05^KDh<J0
zI-4{lK;O|N3BeP=dxks4-KIkm<TsqW<<v75e8`Jgd@3XzGI~OUqPx!vc+)c!p(+0E
zN#Oj0{VE?`1B8KPc+{yAe^3=i_HHVhp7oxgGIUM|Cgw<yaV*x}FDWVm-q56J$5rRR
zDe`oWzHT7zY!Jx)t7^_ZUg~ez^BlUhvnDY&krBMuVQOl`lYFTnx{&Sfu#sDP-{*R>
zjbiWfZPleU6x2Un`&|fcq?jU+k9YWQ|3U?CL7WnniC3!N`$(^U{j|Mf^-Av3Ki_Fx
z8rdF|L+&P%hKL(e4*qQE+$oS#lHxM{9J&4Lm^Y)SC+iTqg*;K9h5+&hCc$hE1wbIZ
zZlp<jgoB0mXjEoPAi+lA`M($5l#K-V{K4aHm}J^vL6L@_{SVB?EKoRFfLRz3?I_e6
z1LnL^RKWvg%;6bTdmaD=<sQpr^iWj9$jZtJCyUOmmj!?gD(1eaK=mWOEFR5Vg%3F`
zLn6t`D}3w&kM;F}>nl+KY$H-f=w?iEyH&W=$D>vfu^rEW$X93SV7MJG39P$FI0|X-
z9&#ttqbmRH#A#E-p$E9Mkn|2M8a9aMosuoJ<S`?t@BV{G;*Y+}C5k_{-^wC&(UOdm
zqVb2-eeu7g2n#7iM?YAfjgpv7q>Au$F=yUa3}Jr&-KF~va+b8R;7dK^VjKT+vA;L2
zPTt@j!6NtgWakGTs9?BnX$k3(*R0uJ=o%KPI3&C@C-S|48hBB5!X)6N_uE0fhgXrG
zAmvUo`%hGaW~Wo?4JN$5Xd`7UBDcOQTcNYw+E7Uu@I)fAr~xV=wD`^6533c%#{G%U
zINOs?YLP(qzKK9k4M!s;GgSLv&D`vn%{wLxZ9N8HSQvu3Y4vngl@&4TmiSQnti^V2
z_AOrVn}7%CUo2MUH^5=uq%EfVJta=L@hh7eVjWNAZ}*Fy8__6iU`-0<$zqIc8Om4|
zEcX9Z#)oaVbV*Tcr*!Gw!~{SG5RRfDk-lc1WuLS(KUT`35plx<4^S<ees#%d|0@UU
zl)Gs_#mYoEtmvEGzY7!H$BlZB7M02cAMj+M-GdGxAw{Lntdk6o8@5Q+`Z!|#d64GY
zayG<4gF8e`5s3$T$`$fJ-&ew7&AXbI>SL@>auSbmh~tAV$ZfAI%bpJfb4x_|_uNuB
zM~&Z9?b`hl+rBypk#>5F=TsJfFz}a(iNy<`@_baW-NGz#6cr>L&}KvyTy6e_>mt(j
z`Il!xZ!XS~2kSS#a!u7Y<3zO$x~(3U&yYoM=TlwngDQ6O%iIqxxbBhK*-6Y?>E6{b
z7d_NvxG&0ZhtpF2)y8;v*rOOnX`-WRCbh{4ou+4{RL7Tnk&4-!ADkv)f`@g7YfU?Y
zRVRK-?BtP>-+8=W<&f%X1}WN@++Dw|dNNSPuwru%i}i<wX9usi8PftoNRnBp+zAXJ
zS<t(ifbbH^W-jt6v6wrx?}5_)^13_Ej3fMj)P8pK_NP5bYim>-?P~g#3@zd!(W+eh
z#ka$2ZJwZ-2JFqxwKYvc89TkKd-vHPEJyY<JI5UBd!I({>2tMunHW5`zza&nd(-`N
z?o#B?r-&$_ZvOLaTTojwYUGgKTe$Wy)3QvG5F#F)Kk#cZP*cVlFX)mMjn1~WVPMkn
z*x5CpF#OBtGGZ>3?tO40{`m{fO6o9^Q)3PCwbabdN{D#kCtnL>N;JBd%(9Y+Z5e&+
zBf;e$uvTer58y1n9+)2Oy!x%yY)G|!u)*qnzRqQ{eE)T2K7K+7dmu;Sd2e|B3aut>
z2zpCx3t3xZo1DC@8qCamqeBc1x!K=Vhi?CRc$1s^u)KkrlwXjr&9fRu{i;~>4Zp5z
zwXt?gDQBx)*CzoTs&@;?$#f?JmtGnU71%vSChlXyR567^FN(W;j$cwqI>FhJCj<9w
zai)D{1u33heh#{qAz;2_#DB8Y>rirPP6$%hZ%m3df^hG2HIfZlYfUqo=waZS2h}tR
zBNB+7061pJXEONLa0Z5FLE{~M%}4@6`4h{0bYM4lAbi1lG{0}QSme!?;uZf7ND@7f
zjYN_bukrJqBEANxg!`i<GSc1H35L~z6I+S0bE)m7`YnK{U}yI$De3HBUOzRKIvfLc
zbZs?;Pw___Vbj|m4@BQ)yDO^*X<=ON%|3n1*M^R(0!P@{w$>FZ4EuA|$!A?v72qPD
zn66U{B92|jqqqNqBjMIeB05m!r3fZ%@_l7&8wtHiq}{<4{C(l4A}9UGGX786UP9tT
zF95^;xFAh4e6@bCo*lVR$k!%c7KNa>A1d*TV|Rx$WiRq<Hn{20?lOyNL6P_rniV2m
zCRaHB)F>Sm=0v2r&dx*hp68UhRSZ)gl_oM-eZ+k53>_hVn@$*2P=6Y|>AO?U0Y=A4
z6k>h2$9q&aOZ##v<<AU>n=|W?9V(K+0Qj=+M}ahXL_`Xpv;S5fPNu;xU%rgs%ZT{*
zk}mupwfuvF8%41-)>f^VyO);#{WS822vc6xa6_eYc?jYpBbY&vsMUdQyxgT{-9zNp
z@y;=;5JO&LrI2jyGF8Eav5JdJU!~83x#fgIYu&6ebLDW14iLd}y_A4lRVr>Z8BVlX
zeWmErb-i)qbxWU%mtY(=)WVH+&PNAsbJbPCcS}fUVZP>`6x15&$9z=+tOwG5T`J2z
z3Y3XHh|tUrSTNZ)t1yy%<(+jzO-7eTX$}t;R@B+2C}W2hJL(F0pT=oWm6C(Xs7+xL
zM3KB^pOZylR9G50$Jjq^J!rjW*J;38q@nNXHvH*B@TND>huGc(0W&SSpOzIwBxW5%
zZ2H2SL*`c&@;{JPi2p){qX~GwT?vwZL-2s-xbmeYaSnC$_ciq=A8WEIQELV2SXo@E
ztTp%ETzJylAg2D{tAof%EETT3^{V5*FmIjAqJTJd=cd(W()F9mXuC;mln`ERI*f6K
z!-L5P;V$)e@lrdaM6uP4G*l$vAJ}Dga_zRx^T2@!lVnB@%PBfGOD4#f489L<f;6vN
zEz%L84)lvP)^8GBtlJ_INz8s%jKlO|Q)E}^A$9<lKCWQm`A7g;-o@v%)Np*HiOIYJ
zSSfd`d`K<-O{R3><v-YY)wNpi&5-G3nP-j~R;pjo<3_?zh~9Zvf3lH(U&i6%zMb@9
zyZUqXlo=nF?yV7PjfAhc8RgVrI`}V`!iP__cZ&B5UGGPXh$nu~wSU1WL09PW@NM<=
zMUU;yTR540Xkl&~1NUJEWa_en%K7@NWjC%WPpuCknLA<s6CUYq(f9YojQHzfo+jy_
z{t%XS5&)PX|8Fkrc!u2gf6zGBriEl!imksr+CR^<e;$4RBW>_PdMtI;m#pi<H0H;L
zPfEL&$9S38{B+X#T^fH~83q*1i^B$)*k&{gM}n>sYS<kKQB$Bw<vZ5hx11-BEsTnf
zluBD0TBho9CbrnL7C3kbHQArkfFf2#p+-c9&W0*3I=)ig%vLfkdgPayL@wu-oD9)b
z{gIpbZ6q-Huz*9`t?KFmOfO_`HE1OpLAEv7ne54bduGWI$)ciUd&u_}n@A|$=eKtr
zh4jwHY2*$5D1UHl8(J75ssGY0XQnNlk|w<Qx@MI(Ge^OnfoOm(uaTVAPAhlDGk!(@
zvajtJl5thglF@S8aBs9UqG+m~>TpYvbvlRd^j@M&fhdelN#@pkN~~`4?h6KLEw;ds
z*=H2_-!B>~<z>bjj)z}z<mH)A`gIX7e2}Ih7uo!=GjuA#mPh|jn2FM6Wz5G{NVih!
zzq*y;QL+CdvxfVgd>(yonG3mp_v1my%cZZRa~!;aWg$q;liA9*YHHvb9m3%x(STMA
zgwz0E3))gy3B||XO4%P*$Q1Y|qxCO#xW^Fo&e|<M+QS`zzcKuJTVbJ*>qZlnoI%U?
zhyiQ5rHfL|8J7X5@U8z;VYf$#|AA5qHF(LV=pH6vcW(jgAKlFk0EPw44JMBLKg3A<
zUg*SsTc~qp#6O&R@Un>wf$1=fiAZPuNoU=48#wr4e31^M*?Y&VEuFS2-lQopZXX?3
zKYI<)N_C`HNLi3wVq_9v<NWIzVTx}fBU91X6g}P_K=rBhFoE0Dz;@moSh?ae4`uWD
z#k^wn7u>!$`%S&oXVUL}qM!c&O8Q}ElT_9HlMQ}geDLv+f<$D{;(q$Z$40Q_B^wV7
zw;7PPobL+K08{3s{mEX1D&wL_eg5)<<31vQL#yJYF|&J&?;{`puK--?h#M?}=Am!r
zqbOt;B?g#)V2Gcde<7`duU<@R`iG(ckheO`!kS8EBl#X6;QxkO2XE&w781Zg-4RtJ
zMGYgm?mQk0p}yzrz=8CeyPp9`F!XZ3!d(gGH-|eD-bSKFo@v(9p>1U;<<j1IUG*On
z@H;2`^O84!X5le6@uY&W=6i)QM}E8BlE_W|s@cd=VG3ho=FrrkAkJpLX452s`mQk6
z{7XsOF^NLRdEW)o?9Ya;Aen3Kd7Fd39e@wZ3f@x4cuxLzWE=UN_fIhVb-Mj-9LJw}
zqEZ>-n+Q0}J4_XuKk&c?2R&J)y+X$0r1pP}vLNzDQt4n8qWVVyNe~yV7c0RDW-_bn
z(A-CeHbo4}OS%<7i{g(_T~k9QVm61}llTmj2*Bhm`*-q=JmGAVcn5UNM*pAqm;Sek
zV1BHY<G3p&UL7;wDgM&-hU%w#+(Z(of;u3p<c|Sv2S7Pkfg(}f^~NDZQLhA$q3=go
z`KFg`h4;%!Wm5s^_}^7Y3cqG^U#SCs>H7GC_&~JT=Zuyw4Kcof$bn2(Zbh#>s?~Y2
z5T3?r0|Bt+@4gjW8(&-h)Q$h3dLy}^x<}M@EGXj4v`mA~Mg*2kb<Z5ud#>h&Bh~(R
z3}e%@{6+kSeyF^-*SG%)h|+me@TI3WA?#|)q(2hvt}>uAerdd)i9G-~Pn&`66_z>e
z=}FIpiEArwR_t(me3P8qoBr;F@VT|d6A*KWab0e6R^=uAB2jmuW}LG^15`=gVDzz<
ze{xt>s&M~6{)^QGqen}~gRgfM)klKO6I$da6+cFS%~<d0$Br%}A`+liraEhKk;i6-
zYR80%d4*@Vg9;-$jv@Hc=F!DC)2fP?0yF553V;|lx1X+z_>5G}P0<N8RBsiq265LH
zzN&UTRwIqSW@n()VeBb==V+U*_p*3~9rZbMlJ`yhy=a%3#g!xHSb%aK6Ud{l^0DTj
z4)3Ktz(`61tjwp!cw5d1f5o!&IyI);MZYqjI&{W@J%zclI;$MWVm-PA3d2c*SDy71
z#TV`^|6-<ArX#KNSGXQXlb-m3p~QUq>9FZ4UaQi*NKOpST(THG-rD)V{RbXVspLb9
zuPjgidwlu9ulK<Sj;2UvL9B1QOnG^^ytQ=!+g7$F<J_OA)lDxnwm-q6{9(s&zR02z
z0+d3x50DI6+ztyp@cxs|0GO^T`jssEP-O1<?Sy&_veLWuy2+#F{o5=5DgM8tCNkXz
z2YJMibYmJJ-W&N++(f==EAfgSF~Kp{yh*gq&i^kA?a_6v4MCm9NW$4)5e}<*a=W*}
z$KTtG;fk|P2jrF-_0tQ$8W2H>+rTdi`yaIbe76I)gT`7}upumt{l2EJH-3bY40cEF
ze82pM5^hgJvI4L;T<wALo@U^%bw;J$!Z@J<JlM<r+|+2S|1B#UOLR{Q$|Vl2g+5Sc
zXiOArP8kkRXBZTC)A29fYoZhU2iMPEe#L?D$sO<)NQ>Bv#MnQ4JkA05cPU^KTnK3G
ze{+4qfDnR0O<BoCz!)!dAORFiC~P4!yVqN37#F#)%O3R(+Gp$!vt`+HHbbN=l;4vp
zx#k8wSA7e&sSN*Ib~i-(t&9Z?<M*t1BY5;X6`6qKZx@~!#sfP(D~%f>$1}4HEAAPi
z&y0EZn~u|0Qjbrs`n|*kjy+pv*M_bijSk<jRJ<SUAM1<8_>BQ|`&bm!Mj%^Cf}5Xx
ztfc__EYjDcYzuPQh{j0kCjzOTUHK5HlNM-JRK&5<%oHt%()O6Zgf^H31w$cI9&KvJ
z6Ycv8xj<htTkQ%@P4F`+@C%dpzg#dBBv9S)9NGrVsfvZMy0mrlX55u&9Z|g-m|G=q
z)KQ_)5>a6EV@S?)I3`NhaKV$~Ebz03;1_BcmNuZ#zG%N_=e#p|gmqnrLko+_n)lyI
zETCODslN83Oh-<R8sDL92VbFyj0iQfP_unomWkHS75svoeD5d|Eeghx<i|^~D3_A;
zyM!<uBlneieh3T=ll4FnV@OrsgGUPtE^f$gVblonJ@+E>@OG`nV9k^Byw%*w%^ITc
zFDwAqk!Y|Z<Uz=<v;_+)?-pJWR_@X+<Jf3s<XQq>NcHR1%M;{K!i;m?vvjPpZy8a#
zv}3<4WHQo%-KYUuC4o8u7Go0O((m#%wD7Us4|l~Uy%;Ayg_p2acaf8Qsqpc#Ra&F<
zo+4NbV`7)2q6F9p+ndN?i@-u!$v09r?h?To%1ZWQKSmSmesSp~`8KaCfeKxX2J;Wj
zeEldEjS!}IKMZ-a3L#hDl{o|Tniq&VkZYv%3&*IRwQ8;>N_uBjgc`O<$ix+noO-v8
z^H=0|G_ruHi}H%c;DD(MKbuzoe?pF&0nY!=8C*Dxpo8UOX#0cN@&6DSHDJ$kGBQ|U
z@}py!OWcU&%<N1=iXa`z@i~s<X)Pnz{Mg6Dx0z7DwiIE59fKC2ga5NFaW1RUR{7aj
z*{_T$t>zoQ$_wfP|1uDKjoekJwLI7xDmoMOWWdS#IpX*nTEGSNoTK?f%?OM@2u4u4
z_sTU+N5!%(M@<2U<n9;#D3_PS$Yo6c39<*$0%OihQgU~pOhIFpc>*AlrhxY|pJX11
z@o=+38Wa>55Z)-M7!W%T0385Wo>vdb5z#Mb{}wStAYub9rRydC5-~K4ub@$?Dd@X{
zTQwl&2|Cv+=>wSMVnZQI#%mtH4-sw0f5`ZI>PbXE`>Le+267Z6xDytN1er0k<3Hvo
z#&ysIQ$hm?verR2O&sU1-135(6`dU@w<$F=+0`B)HOCt$-u|PZqJ9N#osooBGf;*2
zkATZU1vokncp3pO=Ig<=Oz>6(@&FVvL3N{JBh>vZMW}`fQ^Q>xCDainhl4@+V1HaO
zL67`hCDkM@y3MxhtC3p^Uy;kQPy)*u3M?I~CWH|^a>(cKGo{rKDIMnEzf=5^6!{xp
zg~7%eSgo)O(Sofrr=ko5dL%suUiQPS@|o3ANs$ddDSj`rHy#K;9@eAxHf(w9)njTp
zsGU-CNF@Xfj~)pg4#PTA!M5J*bWKGb3F9{=F!FuB)1xH_5Qs<6+wo8oTdHwJ4O!Hj
zoI1r!C9w43>WTiEw_sQyPYsoX#g%+smM1z#UrEN+_!%>&pONZ-Pd&$xv?^DV8FWI}
zPqGQ=ZnP;29^=RPKjM8|%N@02d|getbYAsOc)3%6A*`%%$p{?cKDjxjy)#pyh?c-c
zIri*(ABt9e{;RkwiGAQ3H4pO~bKKs7Fn?G416maDq2Y)+vl1_Gqf6U8=qQ>SMIbqx
zWVDbiuNnnNa<yM5!LC?-GYV_oXWr^ypnRV!n(Nh6xpRSJgAeUg-(#Vl*b>}2>F-4?
zR6eRQFLt@uhO*g7pn{J~P<?-Z&HhGc;jcSebmpipc*r=*U@#S%o8Sa(ZW6J~d8xVI
z{4ewN1(PojMA>ovOyO%*BqHtEo8+6K(jB%jObDCs1?FKwq6@<<12%Kx&t1t&`i{<+
z2|n1>KAxxkLeKoaOa4Fil;tE<j6jP(Q*g<J`P^?g_?}+c4vL{t9)S|+yP&LW;f5HE
z=jI0oKuHJ&z*=DuK+~G1+HsRVnY%4cdIT7HF|EXg*6%A8LOB2oyxuhL${y%y#jnpC
z!ANq#yiU2tNbj?V<%UnpDFL7zL*?4Z97>{hEkK^Ly<U~3!Sn%)qjUG<TCag5ZiWj0
z9>*wu{gY#|wJyURD20g8e^Ht6H%WjcmevvFeUQ!Nb#}nzvOZk#5f$seg6gS`3Rr})
zX=%+5Or$kD0VC4r8dxScY?Rgo0SX(-CZImeS9IcpElR710*f*a2v6Q8V?AOIc$S}<
z6%C5ecpVJxZdMI+4<MO<^WUU#vD?n4cjV3t!9T5_7NRJyQAKvM(8CFU?e7#lo*Ig>
zah=LP7NW|wy-GVZu@uREEpP<<A)v=g4Q2gB{3u(-ScUX{l4F;kK>!}HfkliPK?KX{
z<m{E}7-;3@@y1iPYZx?GBGT124O|^02hD4H^+65UtX;rx;S<^a%4-U0u7;Xn;tqQq
zPm>^lu>qjT7iVi-OwzhVI=piF)vV}|c<&D^?ygc^XQYX=a$gNCG>}W2x_zj^RL6+J
z%7p5F;-qTR8Yzp4_iekzpB+jXFio&f3wm^+i|~QM(_Vy(@V8mqL4bKD>hXLRwY2qY
zeg4txnXcPV$_%0RQB_9Z0QlsV*@}m$h0xG3ZUYwS9l#^7FCc=!vj<);^X}npHLRp#
zm3vNaWC>Vb9*$<%xbJ|gqGHPFOV@7GG2oUml<y_aUMvgD8|`@L9T?K(^$RYBJAnR|
zLAbByZkhrhplX+Pll!lBwJyRe%Z>ny`P<?rk|!G`*W||6XQMsWfG_o9@62uFNeEZV
z`F2yMS=c?|*1ZUO1eYwiaqWQDw(~qFTMXeSt=4+Y>1<8B4Ek1$27=nNVe>#(BTORz
zG+gCzFz7XX7qrOc_Sige-fmdw&ZyD_d^R;?YsF4brG#SCeo&SqVzl+=+eaOsLpO;x
zkkVk#(?qm+$7=^GKh4$f@t3IAOALb#6|I+Mua4?izZxEnl+S*W9P?`HPFHFRE!5WS
zaAX9PCzwB3I%;?^XHFlJRZO!eKEZQs1K*CIxIz+S_n2Gi3+3+&l6DrGT&}xGNBT<f
zU99W1{btB6TKxbezF8r7uz(e>UvU|C>^&zZJKR^&1mco9He5gh$>8F$M)o7m_FE(}
zl6#457rFCfX~3o64UGU`CRxAQc65pWz+-jDbCFW<+VPwX>#zlX6}98DpE5i3jd$cl
z`ZSzvIh0mXrDY!59-g(f6sL}J4Rj{^hNMb6;nQa&ALIm=qNVA>kc{0uQ8;G+$x0iZ
z07ON^E&@SFEzoRlay~KI;W>Lg<CX>(s!j7T^3)+0$s{YES}%Tb_O#&&&iOh3Q3wXj
zhUm&B0aJ_!*(caxF+v~+2+PB}pv|VH1h+SWSZW)Vai)Es^usd`&${$%eU!70cC*#Q
zTs_yMOPifzUNDvs+^S2Jf(2p(-?q>1jBUp;ezR}#0UgZE;WWlkfGF1EAcTNW<H)Gc
z<?Wulp2sqQU-vw$9@bKp-8+~VZGA8^#}KRg$gbw(tQ;7pRiO@Z|5bLVh64^pjNg+a
zpQ}^z>&NGSqhsHD1>C7fYJwNLYrzP};|<`e+yPr{djUqqdjvW-TT)V(m5O~Wk8^ir
z$n(D1&*;&Rh}HWBnr6MP*sS~_w=)A(zKg#S!V<YRw99(0?c&#9RWP1Z^@0}%RCE(?
z+4fez{z-*pTmxke_X4iiy-MlKc~L1DF~ANq1)MV+Bx)^N9?y8^^~%G=^W=xr5@)m4
z*%1p#wc}4yDgdXbXH>{Pi1eO5iB;ajVVBGK$eG>oCHX6*OZGf1L+qYdO5kQJy+xp4
z`}(?y-{>`_7ec+P^$h3%$Vp0|4<?8T;r{99O%(gjpv4%CI~RKY0c~`s-0C#&U<s}r
z{QI%RcCrU=Q%655YhVUM9s*v={lyD{bg0y?`gRtWiCtSCv2V%i=EMP~bj-ov;9Ol5
z$JX^yd#`5)#Pg?xeaoYtL>gT4O}(2*qM(=b@w+o~Y(+#cMg(ZsAi5CWtD=xZWwxH_
zj}tmmi1dFg8bRyTs7_!Je`u)C(as0X71;-zdMyxSz^OUOjZ5m9f8OKvQ}{rAL20UF
z%{=P+6L^NCw^)371L`|*9yY6}xO~@Z^EUnev<)xHFl3AEQ<Le6XMuqwu>Xwz$n8;R
zkUV<3ES#oe9qdTP+H%@JOb}p}r;w-lELygQ1qgo3hItN|97NH+<FWkw1r5!-<K}*!
zy*F=ka=EU`o`KYKKiE4rV@Ql{j@*t#`s-F0cOaJ};TDkiL1noDn)C)k?!cbl-3AZt
zK=}~u9k<ZXZuk2#nhXQO;KHRE;At<5NuoFH&Hy@i0y<q<(8yHtf9~xaSi?2#Ilb4x
zz2}CXZm^SVJE|w{V}M*Jr6;==N1m1eMo$bQIB#S$c$n<#I&1aOHG|R5dqQ;HWJ=qa
zR}Jc)HSZ`%8_n)jTv{7y7Q8PUXobc}_+}YghhZ~xA}no}TlU%VVY;u=QygPuheO$7
zDWgl?49sD44h<JL-e2AA#En|16javc(@JVv<}b%^bHZ~xG{e*kwn8r_ocDtx``W(b
z8+d^rq<fvJ!)|L#mj&_K1iCoZdUaUd!_@}F_MTb<BQ8tYOD$=D2z%1MV$Ik#CqnjG
zztfOgmX&cO2QQnEhz*UH4DXa|V-G-vg+t5eH)hM4w#i59ja6zko+VqpU7Ord5#MUH
z_g5=1@6tBIT5$MIAN_?{`a<Nk@hLQKFFuYFG)vE<85RJYKu%=UjtV9DTlp|vH2@c-
zv6WFB>$KADVCilDM9a+KErKhF`>q*WX2EZ1!Dd}9eTp-OQ_nw6jVrQC-I1hpyg5KB
zXyUw_Y}JiMIP4}xh~!T1y(a8{BW}CZkHyss^}wWA4ZLh$8q0r-Iq}`OAvRhtKe%v~
z`l;h4!ktm-ryyrwPbjZp0Q5%~+nE#^vaUnqG=1J~kqeLd%xs|*CMOj&ZNDe}XLx~G
z28%ScROD!idtN=xd}OMpR3_9`UXZq<AjT?G3}2lw-fh5hhM@Csx0SA2kV1zeZ<WF{
zi0iEXRVzUt5r!<OIsV(;Q=Se2G8O|00Eiu6RXG(%Cfdt0C2*?+x6^=0qW6TCcu$(v
zY-nM;Zs!L^dD>vrplGy8as1nAB@axLo^QXliJdQeK=gu><jEL<P=K5g{XWi{(JJd>
z56<xjR}-PJOKaYPvrhTU4A%iwUV(K;+}Tk=`D-Rh;56+mQxD(?tV|)Cbwd#77ZmM*
z1yc2tjtG3sRlL^jo7~NJ8I!HGtwMK2&~U6G4Ed$LD}=Ut;=f=leuB#qAGLGGkb%2v
zz@26Rom*C}QEfTob}>?Y=w3z(;j#Bj;XkzaD$QC8g~18CVL5U=U%FBYwnpyqpMjRN
z<gEv}oU-avD;)||SKF`J9_GoFlfWRlGI$0!Ldt<-me1V?Y<4BWxlMR5ot{SSm{Pxh
z+V%<wc5sqm?bwU}tC4+X1B|D$Ez)>C!taSA^rL)0)@qGGG5^uQF8jNviI#=Zx;#wf
z(0~2O+1K{%+tQzlmt<&fHCf%s`60(QTqmW%Pk<8f<4yGx1m(qdJE%4CKWUB<G*z(A
zF@>*Mp}nSY^K2}R2W|xrX;$*WmmxpzYi&Z&J79cQ%u_cxvDI(dxK+Ao$*Wv{=%J>7
zEi4Q!XmAE+xC{44n(#2k7=`+G!1-oOXqHFIb{R*X>8?hjCRRU{C3@C*L3&%=5@TcT
zok#;yWLo|^5%-@V49@euT*3Jm@98Y>y{84fg`QPqv0V8+=pH~fEI^k+^jfe!Rr*W&
zwzK~26)t^LwlS}A1ffmy9*?7UuxKbR>;Z^O&&+Rz7G62jjH*C#c7GZYGkw@Wtj2M#
zFVbAQm5liLvf?1Vi+6+`)53c%WP~4wN<zy%CUTqEhTW@$2T}@^gp<yT5YDqf_!rJj
zg}Mka>?PoPWM)$oA%(huEM)4%Qo*I6?9e*n)Z{ERtlRncE&(NY8IkqEz%4hwI8*oj
z6({J8$?cRqct5=S$fbj4PPPF3HQp<?GeMFM+l?D<jVd*-U*ounuj5gD{D!a4zP-1)
ze<R#k>~ISZOrkvRt;A38+j8v9!Eaj(*HkKIlKByCdXMSJbMtR<te%`J(I%<};fa5r
zj7{>xgElK7><O;qFY(QKLpbCe2(dYF+3Xb!HHWd;Dp~f@?dql<P`_AKP6<~>TrlWb
zBR&vVsnbLtw2M395I^hKUyc<O&>za<!43u*-T=4FWhpP96Oohub2-a8l|h=Y{XGSD
zpgtn*a46&IWe#Vhgr-Rj>(Q8A=ce;Y!<bhF_qf+nkV5!MJiPW&Mxtp40{bGs_IE;H
zss2-R8b%bhadH>&qr0I@0r=t!=CHwn-qyJ{Slt>D2trx>Pg=k-w>s&+lOYbc<)oij
zq9xmTE}is*fqSHAmvQg16qBl!y$J5cAQPo@Oo`5Xu7%$X-_16WIt`Vpr@!4O1euOV
z>hP3Tdh-1zam1z}OS+pGp+o14Q}wy22|>@S59);1HJNAN0mS<F=cvrz$q1wYsS*h|
z#Glcd1Ts)C1JXpKvhCo$qi9iyAU6vgu7Z5<;Fh(fwfX?LT-?+cRNz#u&5|=K(wSG3
z(f>;Vh|NO3i8b2=aL&9OQgu|wA?v;w_^L>ggX4E}(7OX1deXC5IOV4IDoH!WomAk?
zI4l`+p@12k%Kj^}fmAOQ+*>G${>GDnEB?W7a)$g=CnZ5(2(6SRAA;67`W1M%x*Xhr
zzO>rWT;f`--;otTDiBa*ghta-Q|~@Zbtmgao%fx(vP2lBcl%ZFC*a3$k9(8Pt5iky
zWj*E<<Cwd+I|2gmb9%dmh9i;|?x5ZR{U-VPljgCDS46_wsDXLpa(eYOTRD@WiPM${
zU(D{D1|<u1_v;GYx`^R3rGwk1`;2(=B|Ef+0<Plly*rEigs{$f+er5(Xij4m5Ell~
z`yHl$EgjVn%!mU)m0E_VXB%S}Gl?jsDt4s!XU=Exu7pm6u;IwUumaKWC{w#Bx=-&0
zDD!fUlmMe(tFv06qbVBzvm2bbi6cn+bl1Gq;Uj|_D|L;if{bKGxaW2Q3#Ryb18qrx
zyjDtTHdpP$sL;b8E@=mPU7?4!>X0Emu?OYRTmNa?b8^9}c7oOJ?eTm!TG-AW%|*db
zLzY?5g(0$$%7-$dkTeBye)x}wX<RdrPB-kXVXm@w=G3Hqj~|d}EovpF<p&M3(k)V3
zW%j!DG_a7*+dwe1vKi`G=M>&68b0KfwS9?37>L!-PRkh0@(dFFmrRt67JZ{L*ndZ)
zQ=%H7ChpeTI~>f#NV#{hKY$CEfZ=o@!;W;D<-M&vZF?Pq;`D{BBW-GpE+=%|Z;f2X
zlg0;zS8tw=97sV|h5QJQ&TWSBA~rvXW<1GwNEx3*{#4G(_>IB3*sZ3FTtAirx-M<0
zuz8K|40Fsw=lsbD9dRu*fugnaATLOx!}u*?8k7Z^@k{aOxY+d-2Q8NUcnI~3-7OEE
z?>`B3PT`xW10`&NKupi&(O#%7e^0EV;FNMj#~m&U;Wf}zTpuc7roNm8g?0Qk_8r3a
zi$rc@4Y-z%l(Q}VY$uxk%(y~l=nEy`D5;Q267%vPbRjW%sk!L`c>eQS_CB6>Qo1?R
z874VUL#qniE)xxH3-u{m4U$ZXg>pZ`4MS7eyq99+&E7Ck7jf&6tL)O^V@n!IQ)?{f
zfI_3VM4!%-oEW6mM)l1jNU=2;ZESyV?lA4a@R#Mi6sQ%PaFSH&WYl+`L_e!8z8+iK
zaS(8wwaL)&%rGmm<=B4RL=Sd^s4Q}(BxxNoRM4u}M5A+I{5l@;(){?)EHuShWF+9+
z=>-%;N`VK%#dX%}SYL#4zDt$IN?FLnfFlng%6#w+b)FE-UWWizvKAyO<o)DMejy#X
zs>-s;&+M8d{GO%M90refKrG|{Xn$QQWpJsiJD`Ev1U`45!$Nn)D4D>Ukgw&Nivdvt
z*dNCytNMjGf?Qw)Eip;9dMli=asj~v?Go04^OH!2lCUBE>Z7i%iPxdN;mti|gF8R`
zH$ODv&Icqd+~pa6;f~FX7OZ<oZwpc+<Ap?ekGYAH#1Fnnn?E%|6IgM^*WOwecRhPH
z95MZB!fIqDKdERU^x<q7r2f;(z~XFyS1`BAY#cAx0EYFksJv~kv;@#_;9;b40s-+{
zRDEEKDTBRW1LE8$j9aWYYGb?+7NP-0qoHgFh?SvDsqKOzOcZox>q>Fzull}wH|BY8
zhJa@T59uK?GziOhWRsh)pzM~m%ZDr&!2s-`U1-aYf;M7YUxuEVPsBF7$r>)yKl1<z
zD_st_4Hlnh<Z5s?%})<gGT__12)9*)Vm#s*d@*aP`(E7?^cJyIGzOWxL*=$x%<AHN
zFiqr&%cH}v;4(az!?MbK`cRi#WId<B6oq>4rn9KDtIsax$7x3fHOFjuMYRk4bsQj%
zY&8F?FBv3@cnuWt2Z{V%Y_=M!%+E_|5MjqS0nrPxd~3k$5neFaqsosxFaV-T5s;Q}
z)`7os<=@*?qcwW~{O_10sZ{^m8jn(H^sFcf&*n#|mlluVL5AF2ot(`Kd<YWf1?CJ5
z2~vlaEc{>H5kBCyvQ=|C(6R_{%i5;1dd^np$AU933ACR^mg#+JV6Pv_doQ<wid!85
z?&8#<O3@WF7wzbVhmR<hgY~eMA$3`r12H@_kO!DO0zj}!zA9#$z`@LmO$snu47hdP
zcexf#gY5lUdU6J-H|oUYZuxuO)pQ8~R};=WWc2P9RA8)f4<sd!Da6q9bSV`hpUXo{
z$cRUtZCH9;aYzsU?wh$ZsXLm`H$DU}Mz?DW*#k};b;EW=5%^ZVk;3Z*$shu<38)+i
zW9wJP|J*xXo`wG-XxExC&#*6qhoF$h17s{ZL8P&0AlM&;kFKb|G$YZkPIotjKLCHD
zBbmMb%Y4nk?3h87_X_ARi9evtz%6T}&~Joq+bj5P#7A4j<@(%YnIN=~=iuV`5nAJ^
z6BRS5h-7x(gURO%^OQ9v%WVCD`32!k^>k}LNexyeQi6<+M8my)+8%e-6Gyr`pf!Ft
z2l=&eDGbxa?nE?Pz85b)y`4}|sVNGPFQA=wwP3Qm&YM4-6TzYL?K94PE^Ei25?)dY
zFEo1`aG<%I^@DdrMFrnmZhd>g8^fowYD7V$<{d$XatuBb=aY6aCh`s06K2zQZX1HL
za=)-+eZTecg!P2Bu{HVWL3aovEa)8MUNXSn9eyz+HuWyS=7;Vb;cF=_ekEQh$AfKE
zZn~bO4E?7fE;W7{o`Db=q-c@AKp`+kk#EX^O64hLwokJfCcMhGy03oG1B3mFJr9E0
z>FL`OL}AxIrs4F)&?PmBt@3nayKM>~P#hv3)WVebn1@-Ewu*wz@<R0&r2jF$XT;u*
z2cPBcHt%-qJs$x12Vz;GMS8S|J5D0a3x<6N@B;K^i71?i6VqVl!Su_aAhV*8R6JHT
zo{o)RYZ(jrfL)CkR{!Ur0ZjC$AIM^(qRC>QlmRHQ@&4arWr)lO-g|<yVo!7n8!Qju
z5zu$$wMa252t&n;RgXrX#e@~SA=m(~P~UhHx~X%1Kak00Ax~BHB_?)oZjwiX+c)0B
zYZa%ObJH^_mlA&#<T@Gh@a|ijE-t^@bbu36-*I%FQc&UE*X7@X2xOPhP~(UQGs0;d
z(TvY^%SQ-g8EHR5<Qce81vZC2GXz9Mcj=lH?Z(d0Nz=~x8Gw|k8Or|C!of#<Y&vpW
zLR-~C9iVF(e%!N)7ld{BfPdi(gWnyCq7b<Ml#i14sfx(Mz+EZ9y^m1tAo(!Dwd$vr
zKl0^RY;KLRYGpfbO$>w7bNdcKL|MU~i{YdoUVDYXJO7Enas4&^Zf?j*aAy~#AhUOC
zZ8}8#-X~hbY=Gl#V8_r0xl*G(A}J<_{QQ@98n-&0fX0;vW1QSSEeaM~$mj1^^iCi%
zNQojQN&#<oU)E{5xTVKxu>^X%+xE7Rfb{waB3kH2cZ{>B7HOPisLOI#I!idA;Ibm^
zn%%s_GaYpc{U0qUj?31^(_d$gb>k%3HbK(kdjbjBp#pXL)tlhXBXLw7a#7{g#ObJ+
zaC9HbuHm_4&n`Op=ndwfUS3&26q8?Y!t{bYMBJt}BEb1Za=s}tDR`ZtA$a2ko|dAF
zq&Bjco!OmJ43<<pX`*!s;PCbl$&lTyI2HM@OzF0KgTF>+mBLZ_DMyDYp5cY(xMgC5
zS-DOU&71K2k^r4=oIA3wW8T#gaLd-RbvOu4AsyJHA8%3P;T5`vGC{qm52<a-TxYp&
z%<3zmURIvhj2b`OHf6l~(Ogo=&Q^M_qW6Ed1_c$(!Zg0(YTkZ9h93%aU!eRFz4|h`
zSy}i5kyatnBOt7)ddHFSyi!p_L79CfYZ=oZLJ*>As*pYtOBWj5w2)^G?)->EYnD7b
zf9=o}Tx|THitLY!UbXuwbT`7BZw-hZKfbG`nEG(M-f)C~PW8o$dwNX+c4?{V_813W
zwlR7bzD9XP1#620bexNU%=?ims`OM!xSajondNb|Kz6%{0XM(fvaur^0yLiw3UdpF
zujJE}M2a4bvF7zM2hhGZmK!Wcmg=T6y8`j#Q+~Z&2TdPKzgxuc_b#&1g7ZZ5FQdm!
z0SR0z=rZQ2u6JfsNrkSLltzGq@=lq3np<AMxZmv}Ysw;HP`b<9TCLcFKIfvZ6d1{d
z(zyM#dnjA2bs}4Kg1^HZ#eao6qpEpEsG%T<_pv=?*k&5DS+dWztfX<hh<g%LJQ5|k
zrIX$5&Wfhzc+%iz!oe*oNOLHJXOjAA9pu5#*Qx}0yG{c~Kni*(+ij3_Owe_6toBgG
z>71x{WZU@>%gWFr5YyPZPfR+1d-qFu+~4oA5@jhW0%oDR0^etTP`_PP!4F|nD1J0+
z7{V5-?2sN}NS5<0cYd0FGcZFl(O-tZEmy%$4HeR_J2(+|>iDDZ0XO<eIfQ~yCWd=n
zHTy{3QB{V@st%JokR{SVVgi&Mqj_uWv8G>j3xta43X#hh#nUVGy8VT(Ks-A0p*nw_
zE^|83gyZj*IKRgNWU&&_k5N#h=jEFvYFyN8MPce<rxq$0%1XKmSN8u;d*}WR^|r@x
zsm;g{!;D;OF7C61R1A_CGt6iR8RZh1+Q_9s;b<#rw8xCQF4GMSh8edmNEx&>q!PxZ
zDYrz3h|(r;c6*KeoU`*h=TB&UT+jFW`L6F;>-((vyx*_qvmQ)v*&T^dZj5}O1#aJG
ziLo2wqTGauvYXVp+J>pazN$H<Tfby}IU7YSpf}|=g%-fZY^dl8)ho-SK%BC|WD!ix
zfTV-#4X_FQoJd0bF0-8w(gX`q|MGK`Zn*KmGbxACuw%hqdvqM<+QGQ_V#d3zrLn#7
z;feDO1uq|y?+&Jajj!{$GB_`cQEQ4Y^zDDPnEmIk6?OCLC6LB3+5T}!T5F3w<+Z@%
z;Zzpl?1>1m^LcMXx856p;z?65u&Pra>tu|dC#AaFVE}8v@nBbR)h8hTgOMsUC@zk`
z-`L>J9*IXyrRgX;0+oxTt=L)P57v?h<JpZz(lbnOjbB4Fd4uF>zwUK6{W}#$5{K_H
za9<nWgQH=so8|&QhCR#(VumF^wob;m%CD<{sn-OTO(y^AA}+@ArSEk8qlu+zrgDqu
zLukH|hA~F5D7IL*mdmg7HtTt|h~e^SIFsBW8vjA)Osh2_W8`wEY**X7F=UHPI9;Rn
zDlkc^(u^dx`y}%~9@Hdz<bHMFTnT({-St`;|MIrqO29#`$IC9~Ynvu&HTcS=bUaf)
zu9-d!+4vlJSucY>aL?%KAfFT$pE!>xuR-ala2i00r5h%3;Cw^E|5NWNj+?sum^P6N
zs@LrZ^ctlYdF|Jf+uGJ0S$)Yh5??KsJNC^t+kr0iX6!IimuNE{sJLr+R?X8n)HC6R
z*q{&hiiv_<UnsBabov;j1Etws=tY=`F7ESFKMJ0q=7ppGG}8y%x3zCZ36|YCO?8v}
z5?ad$_<Z1ZU%8{sm6m^|67aK8e|8w??a^5m6v4};G7LkuNA7HPRNI-_5m7S$&VnwS
zt`ut*fP;Z^f_5zd0WZ5eUU4Uo%5VDP^-bl$68B0Nb3C78$Bcem9voMTnyAX*Ne-4}
z@<7E(eMBXx^wINpB)9hf%Zg6-Li-u;UG5+Va-8CNs9xRc(@R7%VkBbS<0tyLTK478
zJ$>Q#4%ieuYbW7_SYP~Yxw)g%gd2ax&hUzIG?JjX<0&RV3E15%Hm6(W5DJYsDFuyW
zSnfZ*<MQ1G$U}z}?F^zBb_+MP06rK-PzkA0=w+a6mRax)c+zR)EH&AnP^{Po!!6$3
zqTUZSnJuMNFT9}&oQv;2=~rFi3=}mN55&Uu0xU1C5LnP2af=x1e^1xn+3i1(Tok-8
z&E%rFSK;LGlo0U0lA|p!uk>!G)P^EGUH}W)P86-NX|oNP7~kkUf(vjpSHjub(<5a5
z5IJs6^()i8v>(+EW(1u}%o~EE-CRqgr+jm5)iJ3Z)4(d-!qgT7rbK|^i783rN3K6E
zY+ssbI8zXaOd9&QW4rQR&0~THE%Zo!I6wprN(|O`ge}x5DfVr@ah2SAAP^cT{nC0a
zN}#h4Kw(hZw2EH1S1xs{RcWTv_<-B0*aoJ}$>hv0`V|BFq9-srKf<Q#4~R~H%?dT~
zT-Ys<=#*9WVZdC;C*p^ZHh74JV8>za@E5bvP%B4Ik1SssP+r)r7!d}63Tvsad*K28
z!8em6mg>eGy}|jJ>BFOqDugfEz-kwRdNu0)`u!V@snN=U>8e@Vt25b+OAgVmI6bPr
z>XVgob?-w{U7LaHL6^LjUOSA&46Dl4b7tb1O1s*QWKJ12Nv5NP*TV)XPc<zqCJ%r`
zGR!`fF5a$o&tarivz=VQ%8cB5mebo}PW6$=_oP(Ss<Lp^U92q+48TF^*c?YIV8A*E
z2vw{mFaEg=Rt8fbWpq0Zo&2o>M;QP>fEgiUc>0gB18e3TXzNWhk*8yC*2r9u!>Tx-
ze@-v3kL56%YoNZV!fuI<#-&{8bfrL1WU@ktN@oiNEW~ApaQ0@}dR%o2ibXK10`n*%
zICwbI`F3IOf?=dPMWK&xId~YP!a8?h8xALcFJ?{Sy!#U+lITMp+<B&u9TH=lWsXR*
zJV$t>B3v|V!}M6RL6E^pQQHW>do_lCbD+ECX{T$9VuP>q9stQwn!ME;9-xmD23`wS
zC2FObHc0kqy>k!csU}>@CBlBx;4PH;x<ahMHBlKGB!Z|?w#rX$Sl$dEKHM(5HyCGD
znQ4ANXXfGEi?rRM4}0Ghur;cw5rQX5$Fs?ShFUFBAW>gSpDxToW^e}XVXh9kP<m8@
zixNx*F9zoDqQ&@P1cRiE%aRos$1-P+_E;#JxQ?Wko{Bx9gy>$hPbd|9dMfgn175JB
z+c|y6G38Bq_+ilJB3mRUIm5nDfd^-ZCqSLf6k4Gl1v+d2c5>6B{WX?;crB<OT_qZ5
zm%vw)nvqa|=i!kqtXX0krR@ILRrIT6Ca11dyIpO(NW;vjX?AbrlE=#vRvR8ITj`E2
z83AH|oAu0ZksP{k(IU}Fn$+{b2kv}KpBo}y2?`;P8aKgMgOlE%GIbE;(?hRfiHROq
z_sE)f_Wal8QxMI!0+^f;Noc3GX`H3x#xSGH9E^%hQL+Zby-&1$7W1X7#kd5~zDx~m
zk^41`x*e_Q3+N$c_q*6ulHc#xlA}$q5mdajblNR^mOJ7C#7FqZ(?5urL85C7v*v<%
z)gIHfRKL{bLbe9CC$e;{{*a#ef5lj7){v5ni(Tzz%TG5S3`uMmRiCiix1Ji62qVy!
zAY@^_1<*k1!nVYgLUv!bIvJ8T@4<JjHEGzo8eR)^va1za@=12J6~p`(+aTo-Ux40x
z3==oXn`rF}g>9|}?zjI7xg#UI*F;Oi&16H1>H6i#|AWuv0bI9ktb-}ln0(>=^)nn#
zRl`oXD4kIMczZ&o+FB&B*#D`d16Hd$@PnTF0SvCNoj({!2^K1KEyY=ys$+VnImO7O
z54(>IXxgNW4a0k58cc!!cpAC9TnVu86?A=t%XM`FU^;V)pzD$ZC;wmjQ|R9Wt^^8}
z@YsLD=1jn;Qct|OQT_d;I<9E|O4Zu6%lNxX0U&+>v~uKUDp!Yy1hnetm&GIhL<M){
zaX>5lKy1<K5Esw@Sbf~SM?%A|bYSHHaNRsM|6QYX`05Z^0C2~iKJESerOL$ypp^&;
zG_DRY3K-<4ALqKhiwfv#BCt`79?Y(w*#8WMfg_-K({giHkB^ZPXcZ;J^sWwpmHs9>
W@%XqWM(pn*1%70r3!xkzaP}`2yj)uV

literal 0
HcmV?d00001

diff --git a/Documentation/services/pcn-k8sdispatcher/k8sdispatcher.md b/Documentation/services/pcn-k8sdispatcher/k8sdispatcher.md
new file mode 100644
index 000000000..2e8f50af1
--- /dev/null
+++ b/Documentation/services/pcn-k8sdispatcher/k8sdispatcher.md
@@ -0,0 +1,40 @@
+# K8dispatcher
+
+The ``pcn-k8sdispatcher`` service is specifically designed as part of our Kubernetes networking solution (please see [polykube](https://github.com/polycube-network/polykube) to get more information about it). The service provides an eBPF implementation of a custom NAT: it performs different actions depending on the type and on the direction of the traffic.
+
+For Egress Traffic, the following flow chart can be used to explain the functioning of the service:
+
+![K8sdispatcher egress flow chart](egress.png)
+
+The Egress Traffic is the traffic generated by Pods and directed to the external world.
+This traffic can be generated by an internal Pod that wants to contact the external world or as a response to an
+external world request. For this traffic, the service maintains an egress session table containing information
+about the active egress sessions. The first time a Pod wants to contact the external world, no active egress session
+will be present in the table: in this scenario, the service performs SNAT, replacing the address of the Pod
+with the address of the node, and creates entries in the ingress and egress session table accordingly.
+If the outgoing traffic is generated as a response to an external request, it can only be originated as a response to
+a request made to a NodePort Service. For traffic related to NodePort Services with a CLUSTER ExternalTrafficPolicy,
+if an egress session table hit happens, the destination IP address and port are replaced accordingly to the session data.
+The traffic related to NodePort Services with a LOCAL ExternalTrafficPolicy is forwarded as it is to the next cube.
+
+For Ingress Traffic, the following flow chart can be used to explain the functioning of the service:
+
+![K8sdispatcher ingress flow chart](ingress.png)
+
+The Ingress Traffic can be differentiated in traffic directed to the host (either directly or because it needs VxLAN
+processing) and traffic directed to Pods. The traffic directed to Pods can be the traffic generated by an external host
+trying to contact a NodePort service or the return traffic generated by an external host providing a response to an
+internal Pod request. The service uses an ingress session table containing all the active ingress sessions. 
+If a session table hit happens, the service apply NAT according to the session data. If no session table entry is
+associated with the incoming packet, the service tries to determine if a NodePort rule matches the packet
+characteristics. In case of no NodePort rule matching, the packet is sent to the Linux stack for further processing.
+In case of NodePort rule matching, different actions are applied according to the ExternalTrafficPolicy of the
+Kubernetes NodePort Service associated to the rule. If the policy is LOCAL, the traffic is allowed to reach only
+backend Pods located on the current node: in this case the packet can proceed towards the Pod without modifications.
+In case the policy is CLUSTER, the packet can also reach backend Pods located on other nodes: since later in
+the chain the packet will be processed by a load balancer and the return packet will have to transit through
+the same load balancer, SNAT is applied by replacing the source IP address with a specific reserved address belonging
+to the Pod CIDR of the node on which the k8sdispatcher is deployed. In this way the two nodes (the one that
+receives the request and the one running the selected backend Pod) will exchange the packets of the flow over
+the VxLAN interconnect. In this latter case, corresponding session entries are stored into the ingress and egress
+sessions tables.
\ No newline at end of file
diff --git a/scripts/install.sh b/scripts/install.sh
index d3ade0dce..5275260f7 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -125,7 +125,8 @@ if [ "$MODE" == "pcn-iptables" ]; then
     -DENABLE_SERVICE_SIMPLEFORWARDER=OFF \
     -DENABLE_SERVICE_TRANSPARENTHELLOWORLD=OFF \
     -DENABLE_SERVICE_SYNFLOOD=OFF \
-    -DENABLE_SERVICE_PACKETCAPTURE=OFF
+    -DENABLE_SERVICE_PACKETCAPTURE=OFF \
+    -DENABLE_SERVICE_K8SDISPATCHER=OFF
 elif [ "$MODE" == "pcn-k8s" ]; then
   cmake .. -DENABLE_SERVICE_BRIDGE=OFF \
     -DENABLE_SERVICE_DDOSMITIGATOR=ON \
@@ -143,7 +144,8 @@ elif [ "$MODE" == "pcn-k8s" ]; then
     -DENABLE_SERVICE_SIMPLEFORWARDER=OFF \
     -DENABLE_SERVICE_TRANSPARENTHELLOWORLD=OFF \
     -DENABLE_SERVICE_SYNFLOOD=OFF \
-    -DENABLE_SERVICE_PACKETCAPTURE=ON
+    -DENABLE_SERVICE_PACKETCAPTURE=ON \
+    -DENABLE_SERVICE_K8SDISPATCHER=OFF
 else
   cmake .. -DENABLE_PCN_IPTABLES=ON
 fi
diff --git a/src/services/CMakeLists.txt b/src/services/CMakeLists.txt
index 55ca7e4ef..5f450cd5c 100644
--- a/src/services/CMakeLists.txt
+++ b/src/services/CMakeLists.txt
@@ -37,6 +37,7 @@ add_service(transparenthelloworld pcn-transparent-helloworld)
 add_service(synflood pcn-synflood)
 add_service(packetcapture pcn-packetcapture)
 add_service(dynmon pcn-dynmon)
+add_service(k8sdispatcher pcn-k8sdispatcher)
 
 # save string to create code that load the services
 SET_PROPERTY(GLOBAL PROPERTY LOAD_SERVICES_ ${LOAD_SERVICES})
diff --git a/src/services/pcn-k8sdispatcher/.swagger-codegen-ignore b/src/services/pcn-k8sdispatcher/.swagger-codegen-ignore
new file mode 100644
index 000000000..1bc8b75ce
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/.swagger-codegen-ignore
@@ -0,0 +1,13 @@
+# Swagger Codegen Ignore
+# Generated by swagger-codegen https://github.com/swagger-api/swagger-codegen
+
+# Use this file to prevent files from being overwritten by the generator.
+
+.swagger-codegen-ignore
+
+src/*.cpp
+src/*.h
+
+!src/*Interface.h
+!src/*JsonObject.h
+!src/*JsonObject.cpp
diff --git a/src/services/pcn-k8sdispatcher/CMakeLists.txt b/src/services/pcn-k8sdispatcher/CMakeLists.txt
new file mode 100644
index 000000000..9857094f7
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/CMakeLists.txt
@@ -0,0 +1,5 @@
+cmake_minimum_required (VERSION 3.2)
+
+set (CMAKE_CXX_STANDARD 11)
+
+add_subdirectory(src)
diff --git a/src/services/pcn-k8sdispatcher/datamodel/k8sdispatcher.yang b/src/services/pcn-k8sdispatcher/datamodel/k8sdispatcher.yang
new file mode 100644
index 000000000..ae36d590d
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/datamodel/k8sdispatcher.yang
@@ -0,0 +1,173 @@
+module k8sdispatcher {
+  yang-version 1.1;
+  namespace "http://polycube.network/k8sdispatcher";
+  prefix "k8sdispatcher";
+
+  import polycube-base { prefix "polycube-base"; }
+  import polycube-standard-base { prefix "polycube-standard-base"; }
+
+  import ietf-inet-types { prefix "inet"; }
+
+  organization "Polycube open source project";
+  description "YANG data model for the Polycube K8s Dispatcher";
+
+  polycube-base:service-description "K8s Dispatcher Service";
+  polycube-base:service-version "2.0.0";
+  polycube-base:service-name "k8sdispatcher";
+  polycube-base:service-min-kernel-version "4.14.0";
+
+  typedef l4-proto {
+    type enumeration {
+      enum "TCP" {
+        value 6;
+        description "The TCP protocol type";
+      }
+      enum "UDP" {
+        value 17;
+        description "The UDP protocol type";
+      }
+      enum "ICMP" {
+        value 1;
+        description "The ICMP protocol type";
+      }
+    }
+    description "L4 protocol";
+  }
+
+  uses "polycube-standard-base:standard-base-yang-module" {
+    augment ports {
+      leaf type {
+        type enumeration {
+          enum BACKEND { description "Port connected to the internal CNI topology"; }
+          enum FRONTEND { description "Port connected to the node NIC"; }
+        }
+        description "Type of the K8s Dispatcher cube port (e.g. BACKEND or FRONTEND)";
+        mandatory true;
+        polycube-base:init-only-config;
+      }
+      leaf ip {
+        type inet:ipv4-address;
+        description "IP address of the node interface (only for FRONTEND port)";
+        polycube-base:cli-example "10.10.1.1";
+        polycube-base:init-only-config;
+      }
+    }
+  }
+
+    leaf internal-src-ip {
+      type inet:ipv4-address;
+      description "Internal source IP address used for natting incoming packets directed to Kubernetes Services with a CLUSTER external traffic policy";
+      mandatory true;
+      polycube-base:cli-example "10.10.1.1";
+      polycube-base:init-only-config;
+    }
+
+    leaf nodeport-range {
+      type string;
+      description "Port range used for NodePort Services";
+      default "30000-32767";
+      polycube-base:cli-example "30000-32767";
+    }
+
+    list session-rule {
+      key "direction src-ip dst-ip src-port dst-port proto";
+      description "Session entry related to a specific traffic direction";
+      config false;
+
+      leaf direction {
+        type enumeration {
+          enum INGRESS {
+            description "Direction of traffic going from the internal topology to the external world";
+          }
+          enum EGRESS {
+            description "Direction of traffic going from the external world to the internal CNI topology";
+          }
+        }
+        description "Session entry direction (e.g. INGRESS or EGRESS)";
+      }
+      leaf src-ip {
+        type inet:ipv4-address;
+        description "Session entry source IP address";
+      }
+      leaf dst-ip {
+        type inet:ipv4-address;
+        description "Session entry destination IP address";
+      }
+      leaf src-port {
+        type inet:port-number;
+        description "Session entry source L4 port number";
+      }
+      leaf dst-port {
+        type inet:port-number;
+        description "Session entry destination L4 port number";
+      }
+      leaf proto {
+        type l4-proto;
+        description "Session entry L4 protocol";
+        polycube-base:cli-example "TCP, UDP, ICMP";
+      }
+
+      leaf new-ip {
+        type inet:ipv4-address;
+        description "Translated IP address";
+        config false;
+      }
+      leaf new-port {
+        type inet:port-number;
+        description "Translated L4 port number";
+        config false;
+      }
+      leaf operation {
+        type enumeration {
+          enum XLATE_SRC { description "The source IP and port are replaced"; }
+          enum XLATE_DST { description "The destination IP and port are replaced"; }
+        }
+        description "Operation applied on the original packet";
+        config false;
+      }
+      leaf originating-rule {
+        type enumeration {
+          enum POD_TO_EXT {
+            description "Traffic related to communication between a Pod and the external world";
+          }
+          enum NODEPORT_CLUSTER {
+            description "Traffic related to communication involving a NodePort Service with having a CLUSTER external traffic policy";
+          }
+        }
+        description "Rule originating the session entry";
+        config false;
+      }
+    }
+
+    list nodeport-rule {
+      key "nodeport-port proto";
+      description "NodePort rule associated with a Kubernetes NodePort Service";
+
+      leaf nodeport-port {
+        type inet:port-number;
+        description "NodePort rule nodeport port number";
+        polycube-base:cli-example "30500";
+      }
+      leaf proto {
+        type l4-proto;
+        description "NodePort rule L4 protocol";
+        polycube-base:cli-example "TCP, UDP, ICMP";
+      }
+
+      leaf external-traffic-policy {
+        type enumeration {
+          enum LOCAL { description "Incoming traffic is allowed to be served only by local backends"; }
+          enum CLUSTER { description "Incoming traffic is allowed to be served by any backend of the cluster"; }
+        }
+        default CLUSTER;
+        description "The external traffic policy of the Kubernetes NodePort Service";
+      }
+      leaf rule-name {
+        type string;
+        description "An optional name for the NodePort rule";
+        polycube-base:cli-example "my-nodeport-rule";
+        polycube-base:init-only-config;
+      }
+    }
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/CMakeLists.txt b/src/services/pcn-k8sdispatcher/src/CMakeLists.txt
new file mode 100644
index 000000000..7acb5ccfb
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/CMakeLists.txt
@@ -0,0 +1,50 @@
+include(${PROJECT_SOURCE_DIR}/cmake/LoadFileAsVariable.cmake)
+
+aux_source_directory(serializer SERIALIZER_SOURCES)
+aux_source_directory(api API_SOURCES)
+aux_source_directory(base BASE_SOURCES)
+
+include_directories(serializer)
+
+if (NOT DEFINED POLYCUBE_STANDALONE_SERVICE OR POLYCUBE_STANDALONE_SERVICE)
+  find_package(PkgConfig REQUIRED)
+  pkg_check_modules(POLYCUBE libpolycube)
+  include_directories(${POLYCUBE_INCLUDE_DIRS})
+endif (NOT DEFINED POLYCUBE_STANDALONE_SERVICE OR POLYCUBE_STANDALONE_SERVICE)
+
+# Needed to load files as variables
+include_directories(${CMAKE_CURRENT_BINARY_DIR})
+
+add_library(pcn-k8sdispatcher SHARED
+    ${SERIALIZER_SOURCES}
+    ${API_SOURCES}
+    ${BASE_SOURCES}
+    K8sdispatcher.cpp
+    NodeportRule.cpp
+    Ports.cpp
+    SessionRule.cpp
+    K8sdispatcher-lib.cpp
+    Utils.cpp)
+
+# load ebpf datapath code a variable
+load_file_as_variable(pcn-k8sdispatcher
+    K8sdispatcher_dp.c
+    k8sdispatcher_code)
+
+# load datamodel in a variable
+load_file_as_variable(pcn-k8sdispatcher
+    ../datamodel/k8sdispatcher.yang
+    k8sdispatcher_datamodel)
+
+target_link_libraries(pcn-k8sdispatcher ${POLYCUBE_LIBRARIES})
+
+# Specify shared library install directory
+
+set(CMAKE_INSTALL_LIBDIR /usr/lib)
+
+install(
+    TARGETS
+    pcn-k8sdispatcher
+    DESTINATION
+    "${CMAKE_INSTALL_LIBDIR}"
+)
diff --git a/src/services/pcn-k8sdispatcher/src/HashTuple.h b/src/services/pcn-k8sdispatcher/src/HashTuple.h
new file mode 100644
index 000000000..e72cb2897
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/HashTuple.h
@@ -0,0 +1,42 @@
+#include <tuple>
+// function has to live in the std namespace
+// so that it is picked up by argument-dependent name lookup (ADL).
+namespace std {
+namespace {
+// Code from boost
+// Reciprocal of the golden ratio helps spread entropy
+//     and handles duplicates.
+// See Mike Seymour in magic-numbers-in-boosthash-combine:
+//     https://stackoverflow.com/questions/4948780
+
+template <class T>
+inline void hash_combine(std::size_t &seed, T const &v) {
+  seed ^= hash<T>()(v) + 0x9e3779b9 + (seed << 6) + (seed >> 2);
+}
+
+// Recursive template code derived from Matthieu M.
+template <class Tuple, size_t Index = std::tuple_size<Tuple>::value - 1>
+struct HashValueImpl {
+  static void apply(size_t &seed, Tuple const &tuple) {
+    HashValueImpl<Tuple, Index - 1>::apply(seed, tuple);
+    hash_combine(seed, get<Index>(tuple));
+  }
+};
+
+template <class Tuple>
+struct HashValueImpl<Tuple, 0> {
+  static void apply(size_t &seed, Tuple const &tuple) {
+    hash_combine(seed, get<0>(tuple));
+  }
+};
+}
+
+template <typename... TT>
+struct hash<std::tuple<TT...>> {
+  size_t operator()(std::tuple<TT...> const &tt) const {
+    size_t seed = 0;
+    HashValueImpl<std::tuple<TT...>>::apply(seed, tt);
+    return seed;
+  }
+};
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/K8sdispatcher-lib.cpp b/src/services/pcn-k8sdispatcher/src/K8sdispatcher-lib.cpp
new file mode 100644
index 000000000..8c9bc73b6
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/K8sdispatcher-lib.cpp
@@ -0,0 +1,21 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+#include "api/K8sdispatcherApiImpl.h"
+#include "../datamodel/k8sdispatcher.h" // generated from datamodel
+
+#define SERVICE_PYANG_GIT ""
+#define SERVICE_SWAGGER_CODEGEN_GIT "GIT_REPO_ID"
+
+#include <polycube/services/shared_library.h>
+
+extern "C" const char *data_model() {
+  return k8sdispatcher_datamodel.c_str();
+}
diff --git a/src/services/pcn-k8sdispatcher/src/K8sdispatcher.cpp b/src/services/pcn-k8sdispatcher/src/K8sdispatcher.cpp
new file mode 100644
index 000000000..3bd8c588b
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/K8sdispatcher.cpp
@@ -0,0 +1,497 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "K8sdispatcher.h"
+
+#include <tins/ethernetII.h>
+#include <tins/tins.h>
+
+#include "K8sdispatcher_dp.h"
+#include "Utils.h"
+
+using namespace Tins;
+namespace poly_utils = polycube::service::utils;
+
+const std::string K8sdispatcher::EBPF_EGRESS_SESSION_TABLE =
+    "egress_session_table";
+const std::string K8sdispatcher::EBPF_INGRESS_SESSION_TABLE =
+    "ingress_session_table";
+const std::string K8sdispatcher::EBPF_NPR_TABLE_MAP = "npr_table";
+
+K8sdispatcher::K8sdispatcher(const std::string name,
+                             const K8sdispatcherJsonObject &conf)
+    : Cube(conf.getBase(), {k8sdispatcher_code}, {}),
+      K8sdispatcherBase(name),
+      internalSrcIp_{conf.getInternalSrcIp()},
+      internalSrcIpNboInt_{poly_utils::ip_string_to_nbo_uint(internalSrcIp_)},
+      nodeportRange_{"30000-32767"},
+      nodeportRangeTuple_{30000, 32767},
+      nodeIpNboInt_{0} {
+  logger()->set_pattern("[%Y-%m-%d %H:%M:%S.%e] [K8sDispatcher] [%n] [%l] %v");
+  logger()->info("Creating K8sDispatcher instance");
+
+  if (conf.nodeportRangeIsSet()) {
+    this->setNodeportRange(conf.getNodeportRange());
+  }
+  this->addNodeportRuleList(conf.getNodeportRule());
+  this->addPortsList(conf.getPorts());
+
+  logger()->trace("Created K8sDispatcher instance");
+}
+
+K8sdispatcher::~K8sdispatcher() {
+  logger()->info("Destroying K8sDispatcher instance");
+}
+
+void K8sdispatcher::packet_in(Ports &port,
+                              polycube::service::PacketInMetadata &md,
+                              const std::vector<uint8_t> &packet) {
+  try {
+    switch (static_cast<SlowPathReason>(md.reason)) {
+    case SlowPathReason::ARP_REPLY: {
+      EthernetII pkt(&packet[0], packet.size());
+      auto backendPort = this->getBackendPort();
+      if (backendPort != nullptr) {
+        backendPort->send_packet_out(pkt);
+      }
+      break;
+    }
+    default: {
+      logger()->error("Not valid slow path reason {} received", md.reason);
+    }
+    }
+  } catch (const std::exception &e) {
+    logger()->error("Exception during slow path packet processing: {}",
+                    e.what());
+  }
+}
+
+std::shared_ptr<Ports> K8sdispatcher::getPorts(const std::string &name) {
+  return this->get_port(name);
+}
+
+std::vector<std::shared_ptr<Ports>> K8sdispatcher::getPortsList() {
+  return this->get_ports();
+}
+
+void K8sdispatcher::addPorts(const std::string &name,
+                             const PortsJsonObject &conf) {
+  try {
+    PortsTypeEnum type = conf.getType();
+
+    // consistency check
+    if (get_ports().size() == 2) {
+      throw std::runtime_error("Reached maximum number of ports");
+    }
+    if (type == PortsTypeEnum::FRONTEND) {
+      if (this->getFrontendPort() != nullptr) {
+        throw std::runtime_error("There is already a FRONTEND port");
+      }
+    } else {
+      if (this->getBackendPort() != nullptr) {
+        throw std::runtime_error("There is already a BACKEND port");
+      }
+    }
+
+    add_port<PortsJsonObject>(name, conf);
+
+    // save node IP if port_type == FRONTEND
+    if (type == PortsTypeEnum::FRONTEND) {
+      this->nodeIpNboInt_ = poly_utils::ip_string_to_nbo_uint(conf.getIp());
+    }
+    // reload service dataplane if the configuration is complete
+    if (get_ports().size() == 2) {
+      this->reloadConfig();
+    }
+  } catch (std::runtime_error &ex) {
+    logger()->error("Failed to add port {0}: {1}", name, ex.what());
+    throw std::runtime_error("Failed to add port");
+  }
+}
+
+void K8sdispatcher::addPortsList(const std::vector<PortsJsonObject> &conf) {
+  for (auto &i : conf) {
+    std::string name_ = i.getName();
+    this->addPorts(name_, i);
+  }
+}
+
+void K8sdispatcher::replacePorts(const std::string &name,
+                                 const PortsJsonObject &conf) {
+  logger()->error("K8sdispatcher::delPorts: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+void K8sdispatcher::delPorts(const std::string &name) {
+  logger()->error("K8sdispatcher::delPorts: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+void K8sdispatcher::delPortsList() {
+  logger()->error("K8sdispatcher::delPorts: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+std::string K8sdispatcher::getInternalSrcIp() {
+  return this->internalSrcIp_;
+}
+
+std::string K8sdispatcher::getNodeportRange() {
+  return this->nodeportRange_;
+}
+
+void K8sdispatcher::setNodeportRange(const std::string &value) {
+  // Return immediately if the provided NodePort port range is the same of the
+  // already configured one
+  if (this->nodeportRange_ == value) {
+    return;
+  }
+
+  // Parsing lower and upper port numbers
+  uint16_t low;
+  uint16_t high;
+  int res = std::sscanf(value.c_str(), "%hu-%hu", &low, &high);
+  if (res != 2) {
+    logger()->error("Failed to parse {} NodePort port range", value);
+    throw std::runtime_error("Failed to parse NodePort port range");
+  }
+
+  if (low >= high) {
+    logger()->error("Invalid {} NodePort port range", value);
+    throw std::runtime_error("Invalid NodePort port range");
+  }
+
+  try {
+    auto npr_table = get_hash_table<struct nt_k, struct nt_v>(
+        K8sdispatcher::EBPF_NPR_TABLE_MAP);
+
+    for (auto const &rule : this->getNodeportRuleList()) {
+      uint16_t port = rule->getNodeportPort();
+      if (port < low || port > high) {
+        L4ProtoEnum proto = rule->getProto();
+        nt_k npr_key{.port = htons(port),
+                     .proto = utils::L4ProtoEnum_to_int(proto)};
+        npr_table.remove(npr_key);
+
+        if (this->nodePortRuleMap_.erase(NodeportKey(port, proto)) != 1) {
+          std::runtime_error{"Failed to delete NodePort rule from user map"};
+        }
+      }
+    }
+  } catch (std::runtime_error &ex) {
+    logger()->error("Failed to flush out-of-range NodePort rules: {}",
+                    ex.what());
+    throw std::runtime_error("Failed to flush out-of-range NodePort rules");
+  }
+
+  this->nodeportRangeTuple_ = std::make_pair(low, high);
+  this->nodeportRange_ = value;
+}
+
+std::shared_ptr<SessionRule> K8sdispatcher::getSessionRule(
+    const SessionRuleDirectionEnum &direction, const std::string &srcIp,
+    const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort,
+    const L4ProtoEnum &proto) {
+  try {
+    auto table = get_hash_table<st_k, st_v>(
+        direction == SessionRuleDirectionEnum::EGRESS
+            ? K8sdispatcher::EBPF_EGRESS_SESSION_TABLE
+            : K8sdispatcher::EBPF_INGRESS_SESSION_TABLE);
+    st_k map_key{.src_ip = poly_utils::ip_string_to_nbo_uint(srcIp),
+                 .dst_ip = poly_utils::ip_string_to_nbo_uint(dstIp),
+                 .src_port = htons(srcPort),
+                 .dst_port = htons(dstPort),
+                 .proto = utils::L4ProtoEnum_to_int(proto)};
+
+    st_v value = table.get(map_key);
+
+    std::string newIp = poly_utils::nbo_uint_to_ip_string(value.new_ip);
+    uint16_t newPort = ntohs(value.new_port);
+    SessionRuleOperationEnum operation =
+        utils::int_to_SessionRuleOperationEnum(value.operation);
+    SessionRuleOriginatingRuleEnum originatingRule =
+        utils::int_to_SessionRuleOriginatingRuleEnum(value.originating_rule);
+
+    return std::make_shared<SessionRule>(*this, direction, srcIp, dstIp,
+                                         srcPort, dstPort, proto, newIp,
+                                         newPort, operation, originatingRule);
+  } catch (std::exception &ex) {
+    logger()->error("Failed to get session rule: {}", ex.what());
+    throw std::runtime_error("Failed to get session rule");
+  }
+}
+
+std::vector<std::shared_ptr<SessionRule>> K8sdispatcher::getSessionRuleList() {
+  std::vector<std::shared_ptr<SessionRule>> rules;
+  std::vector<std::string> tableNames{
+      K8sdispatcher::EBPF_EGRESS_SESSION_TABLE,
+      K8sdispatcher::EBPF_INGRESS_SESSION_TABLE};
+  try {
+    for (auto &tableName : tableNames) {
+      auto table = get_hash_table<struct st_k, struct st_v>(tableName);
+      auto direction = tableName == K8sdispatcher::EBPF_INGRESS_SESSION_TABLE
+                           ? SessionRuleDirectionEnum::INGRESS
+                           : SessionRuleDirectionEnum::EGRESS;
+      for (auto &entry : table.get_all()) {
+        auto key = entry.first;
+        auto value = entry.second;
+
+        auto rule = std::make_shared<SessionRule>(
+            *this, direction, poly_utils::nbo_uint_to_ip_string(key.src_ip),
+            poly_utils::nbo_uint_to_ip_string(key.dst_ip), ntohs(key.src_port),
+            ntohs(key.dst_port), utils::int_to_L4ProtoEnum(key.proto),
+            poly_utils::nbo_uint_to_ip_string(value.new_ip),
+            ntohs(value.new_port),
+            utils::int_to_SessionRuleOperationEnum(value.operation),
+            utils::int_to_SessionRuleOriginatingRuleEnum(
+                value.originating_rule));
+
+        rules.push_back(rule);
+      }
+    }
+  } catch (std::exception &ex) {
+    logger()->error("Failed to get session rules list: {0}", ex.what());
+    throw std::runtime_error("Failed to get session rules list");
+  }
+  return rules;
+}
+
+void K8sdispatcher::addSessionRule(
+    const SessionRuleDirectionEnum &direction, const std::string &srcIp,
+    const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort,
+    const L4ProtoEnum &proto, const SessionRuleJsonObject &conf) {
+  logger()->error("K8sdispatcher::addSessionRule: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+void K8sdispatcher::addSessionRuleList(
+    const std::vector<SessionRuleJsonObject> &conf) {
+  logger()->error("K8sdispatcher::addSessionRuleList: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+void K8sdispatcher::replaceSessionRule(
+    const SessionRuleDirectionEnum &direction, const std::string &srcIp,
+    const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort,
+    const L4ProtoEnum &proto, const SessionRuleJsonObject &conf) {
+  logger()->error("K8sdispatcher::replaceSessionRule: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+void K8sdispatcher::delSessionRule(const SessionRuleDirectionEnum &direction,
+                                   const std::string &srcIp,
+                                   const std::string &dstIp,
+                                   const uint16_t &srcPort,
+                                   const uint16_t &dstPort,
+                                   const L4ProtoEnum &proto) {
+  logger()->error("K8sdispatcher::delSessionRule: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+void K8sdispatcher::delSessionRuleList() {
+  logger()->error("K8sdispatcher::delSessionRuleList: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+std::shared_ptr<NodeportRule> K8sdispatcher::getNodeportRule(
+    const uint16_t &nodeportPort, const L4ProtoEnum &proto) {
+  NodeportKey key = NodeportKey(nodeportPort, proto);
+  auto it = nodePortRuleMap_.find(key);
+  if (it == nodePortRuleMap_.end()) {
+    logger()->info("No NodePort rule associated with key ({0}, {1})",
+                   nodeportPort,
+                   NodeportRuleJsonObject::L4ProtoEnum_to_string(proto));
+    std::runtime_error{"No NodePort rule associated with the provided key"};
+  }
+  return it->second;
+}
+
+std::vector<std::shared_ptr<NodeportRule>>
+K8sdispatcher::getNodeportRuleList() {
+  std::vector<std::shared_ptr<NodeportRule>> rules;
+  for (auto &entry : nodePortRuleMap_) {
+    rules.push_back(entry.second);
+  }
+  return rules;
+}
+
+void K8sdispatcher::addNodeportRule(const uint16_t &nodeportPort,
+                                    const L4ProtoEnum &proto,
+                                    const NodeportRuleJsonObject &conf) {
+  logger()->trace("Received a request to add a NodePort rule");
+  NodeportKey key = NodeportKey(nodeportPort, proto);
+
+  if (nodeportPort < this->nodeportRangeTuple_.first ||
+      nodeportPort > this->nodeportRangeTuple_.second) {
+    logger()->error(
+        "The NodePort rule port is not contained in the valid range");
+    throw std::runtime_error(
+        "The NodePort rule port is not contained in the valid range");
+  }
+
+  if (this->nodePortRuleMap_.count(key)) {
+    logger()->error("The NodePort rule already exists");
+    throw std::runtime_error("The NodePort rule already exists");
+  }
+
+  auto rule = std::make_shared<NodeportRule>(*this, conf);
+  if (!nodePortRuleMap_.insert(std::make_pair(key, rule)).second) {
+    logger()->error("Failed to add the NodePort rule");
+    throw std::runtime_error("Failed to add the NodePort rule");
+  }
+
+  try {
+    logger()->trace("Retrieving NodePort rules kernel map");
+    auto npr_table =
+        get_hash_table<nt_k, nt_v>(K8sdispatcher::EBPF_NPR_TABLE_MAP);
+    logger()->trace("Retrieved NodePort rules kernel map");
+    nt_k npr_key{
+        .port = htons(nodeportPort),
+        .proto = utils::L4ProtoEnum_to_int(proto),
+    };
+    nt_v npr_value{.external_traffic_policy =
+                       utils::NodeportRuleExternalTrafficPolicyEnum_to_int(
+                           conf.getExternalTrafficPolicy())};
+
+    logger()->trace("Storing NodePort rule in NodePort rules kernel map");
+    npr_table.set(npr_key, npr_value);
+    logger()->trace("Stored NodePort rule in NodePort rules kernel map");
+  } catch (std::exception &ex) {
+    logger()->warn("Failed to store NodePort rule in kernel map: {}",
+                   ex.what());
+    if (this->nodePortRuleMap_.erase(key) != 1) {
+      logger()->error("Broken user space NodePort rule map");
+    };
+    throw std::runtime_error("Failed to store NodePort rule in kernel map");
+  }
+  logger()->info("Added NodePort rule");
+}
+
+void K8sdispatcher::addNodeportRuleList(
+    const std::vector<NodeportRuleJsonObject> &conf) {
+  for (auto &i : conf) {
+    this->addNodeportRule(i.getNodeportPort(), i.getProto(), i);
+  }
+}
+
+void K8sdispatcher::updateNodeportRuleList(
+    const std::vector<NodeportRuleJsonObject> &conf) {
+  logger()->trace("Received request for NodePort rules updating");
+  try {
+    for (auto &i : conf) {
+      auto nodeportRule = getNodeportRule(i.getNodeportPort(), i.getProto());
+      nodeportRule->update(i);
+    }
+  } catch (std::exception &ex) {
+    logger()->error("Failed update NodePort rule: {}", ex.what());
+    throw std::runtime_error("Failed to update NodePort rule");
+  }
+  logger()->info("Updated NodePort rules");
+}
+
+void K8sdispatcher::replaceNodeportRule(const uint16_t &nodeportPort,
+                                        const L4ProtoEnum &proto,
+                                        const NodeportRuleJsonObject &conf) {
+  this->delNodeportRule(nodeportPort, proto);
+  this->addNodeportRule(nodeportPort, proto, conf);
+}
+
+void K8sdispatcher::replaceNodeportRuleList(
+    const std::vector<NodeportRuleJsonObject> &conf) {
+  this->delNodeportRuleList();
+  this->addNodeportRuleList(conf);
+}
+
+void K8sdispatcher::delNodeportRule(const uint16_t &nodeportPort,
+                                    const L4ProtoEnum &proto) {
+  logger()->trace("Received a request to delete a NodePort rule");
+  NodeportKey key = NodeportKey(nodeportPort, proto);
+
+  if (!this->nodePortRuleMap_.count(key)) {
+    logger()->info("No NodePort rule associated with key ({0}, {1})",
+                   nodeportPort,
+                   NodeportRuleJsonObject::L4ProtoEnum_to_string(proto));
+    std::runtime_error{"No NodePort rule associated with the provided key"};
+  }
+
+  try {
+    logger()->trace("Retrieving NodePort rules kernel map");
+    auto npr_table =
+        get_hash_table<nt_k, nt_v>(K8sdispatcher::EBPF_NPR_TABLE_MAP);
+    logger()->trace("Retrieved NodePort rules kernel map");
+    nt_k npr_key{.port = htons(nodeportPort),
+                 .proto = utils::L4ProtoEnum_to_int(proto)};
+
+    npr_table.remove(npr_key);
+
+    if (this->nodePortRuleMap_.erase(key) == 0) {
+      std::runtime_error{"No NodePort rule associated with the provided key"};
+    }
+  } catch (std::exception &ex) {
+    logger()->error("Failed to delete NodePort rule: {}", ex.what());
+    throw std::runtime_error("Failed to delete NodePort rule");
+  }
+  logger()->info("Deleted NodePort rule");
+}
+
+void K8sdispatcher::delNodeportRuleList() {
+  for (auto &it : nodePortRuleMap_) {
+    NodeportKey key = it.first;
+    this->delNodeportRule(std::get<0>(key), std::get<1>(key));
+  }
+}
+
+void K8sdispatcher::reloadConfig() {
+  std::string flags;
+
+  uint16_t frontend = 0;
+  uint16_t backend = 0;
+  for (auto &it : get_ports()) {
+    if (it->getType() == PortsTypeEnum::FRONTEND)
+      frontend = it->index();
+    else
+      backend = it->index();
+  }
+  flags += "#define FRONTEND_PORT " + std::to_string(frontend) + "\n";
+  flags += "#define BACKEND_PORT " + std::to_string(backend) + "\n";
+  flags += "#define NODE_IP " + std::to_string(this->nodeIpNboInt_) + "\n";
+  flags +=
+      "#define INTERNAL_SRC_IP " + std::to_string(this->internalSrcIpNboInt_);
+
+  logger()->trace("Reloading code with the following flags:\n{}", flags);
+
+  reload(flags + '\n' + k8sdispatcher_code);
+
+  logger()->trace("Reloaded K8sDispatcher code");
+}
+
+std::shared_ptr<Ports> K8sdispatcher::getFrontendPort() {
+  for (auto &it : get_ports()) {
+    if (it->getType() == PortsTypeEnum::FRONTEND) {
+      return it;
+    }
+  }
+  return nullptr;
+}
+
+std::shared_ptr<Ports> K8sdispatcher::getBackendPort() {
+  for (auto &it : get_ports()) {
+    if (it->getType() == PortsTypeEnum::BACKEND) {
+      return it;
+    }
+  }
+  return nullptr;
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/K8sdispatcher.h b/src/services/pcn-k8sdispatcher/src/K8sdispatcher.h
new file mode 100644
index 000000000..462776a3d
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/K8sdispatcher.h
@@ -0,0 +1,139 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include "base/K8sdispatcherBase.h"
+#include "SessionRule.h"
+#include "NodeportRule.h"
+#include "Ports.h"
+#include "HashTuple.h"
+
+/* definitions copied from datapath */
+struct nt_k {
+  uint16_t port;
+  uint8_t proto;
+} __attribute__((packed));
+struct nt_v {
+  uint16_t external_traffic_policy;
+} __attribute__((packed));
+
+enum class SlowPathReason { ARP_REPLY = 0 };
+
+using namespace polycube::service::model;
+
+class K8sdispatcher : public K8sdispatcherBase {
+ public:
+  K8sdispatcher(const std::string name, const K8sdispatcherJsonObject &conf);
+  virtual ~K8sdispatcher();
+
+  void packet_in(Ports &port, polycube::service::PacketInMetadata &md,
+                 const std::vector<uint8_t> &packet) override;
+
+  /// <summary>
+  /// Entry of the ports table
+  /// </summary>
+  std::shared_ptr<Ports> getPorts(const std::string &name) override;
+  std::vector<std::shared_ptr<Ports>> getPortsList() override;
+  void addPorts(const std::string &name, const PortsJsonObject &conf) override;
+  void addPortsList(const std::vector<PortsJsonObject> &conf) override;
+  void replacePorts(const std::string &name,
+                    const PortsJsonObject &conf) override;
+  void delPorts(const std::string &name) override;
+  void delPortsList() override;
+
+  /// <summary>
+  /// Internal source IP address used for natting incoming packets directed to
+  /// Kubernetes Services with a CLUSTER external traffic policy
+  /// </summary>
+  std::string getInternalSrcIp() override;
+
+  /// <summary>
+  /// Port range used for NodePort Services
+  /// </summary>
+  std::string getNodeportRange() override;
+  void setNodeportRange(const std::string &value) override;
+
+  /// <summary>
+  /// Session entry related to a specific traffic direction
+  /// </summary>
+  std::shared_ptr<SessionRule> getSessionRule(
+      const SessionRuleDirectionEnum &direction, const std::string &srcIp,
+      const std::string &dstIp, const uint16_t &srcPort,
+      const uint16_t &dstPort, const L4ProtoEnum &proto) override;
+  std::vector<std::shared_ptr<SessionRule>> getSessionRuleList() override;
+  void addSessionRule(const SessionRuleDirectionEnum &direction,
+                      const std::string &srcIp, const std::string &dstIp,
+                      const uint16_t &srcPort, const uint16_t &dstPort,
+                      const L4ProtoEnum &proto,
+                      const SessionRuleJsonObject &conf) override;
+  void addSessionRuleList(
+      const std::vector<SessionRuleJsonObject> &conf) override;
+  void replaceSessionRule(const SessionRuleDirectionEnum &direction,
+                          const std::string &srcIp, const std::string &dstIp,
+                          const uint16_t &srcPort, const uint16_t &dstPort,
+                          const L4ProtoEnum &proto,
+                          const SessionRuleJsonObject &conf) override;
+  void delSessionRule(const SessionRuleDirectionEnum &direction,
+                      const std::string &srcIp, const std::string &dstIp,
+                      const uint16_t &srcPort, const uint16_t &dstPort,
+                      const L4ProtoEnum &proto) override;
+  void delSessionRuleList() override;
+
+  /// <summary>
+  /// NodePort rule associated with a Kubernetes NodePort Service
+  /// </summary>
+  std::shared_ptr<NodeportRule> getNodeportRule(
+      const uint16_t &nodeportPort, const L4ProtoEnum &proto) override;
+  std::vector<std::shared_ptr<NodeportRule>> getNodeportRuleList() override;
+  void addNodeportRule(const uint16_t &nodeportPort, const L4ProtoEnum &proto,
+                       const NodeportRuleJsonObject &conf) override;
+  void addNodeportRuleList(
+      const std::vector<NodeportRuleJsonObject> &conf) override;
+  void updateNodeportRuleList(
+      const std::vector<NodeportRuleJsonObject> &conf) override;
+  void replaceNodeportRule(const uint16_t &nodeportPort,
+                           const L4ProtoEnum &proto,
+                           const NodeportRuleJsonObject &conf) override;
+  virtual void replaceNodeportRuleList(
+      const std::vector<NodeportRuleJsonObject> &conf) override;
+  void delNodeportRule(const uint16_t &nodeportPort,
+                       const L4ProtoEnum &proto) override;
+  void delNodeportRuleList() override;
+
+  static const std::string EBPF_EGRESS_SESSION_TABLE;
+  static const std::string EBPF_INGRESS_SESSION_TABLE;
+  static const std::string EBPF_NPR_TABLE_MAP;
+
+  typedef std::tuple<uint16_t, L4ProtoEnum> NodeportKey;
+
+ private:
+  std::string internalSrcIp_;
+  uint32_t internalSrcIpNboInt_;
+  std::string nodeportRange_;
+  std::pair<uint16_t, uint16_t> nodeportRangeTuple_;
+
+  uint32_t nodeIpNboInt_;
+
+  std::unordered_map<NodeportKey, std::shared_ptr<NodeportRule>>
+      nodePortRuleMap_;
+
+  void reloadConfig();
+
+  std::shared_ptr<Ports> getFrontendPort();
+
+  std::shared_ptr<Ports> getBackendPort();
+};
diff --git a/src/services/pcn-k8sdispatcher/src/K8sdispatcher_dp.c b/src/services/pcn-k8sdispatcher/src/K8sdispatcher_dp.c
new file mode 100644
index 000000000..dc0569e8a
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/K8sdispatcher_dp.c
@@ -0,0 +1,521 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <uapi/linux/bpf.h>
+#include <uapi/linux/filter.h>
+#include <uapi/linux/icmp.h>
+#include <uapi/linux/if_arp.h>
+#include <uapi/linux/if_ether.h>
+#include <uapi/linux/if_packet.h>
+#include <uapi/linux/in.h>
+#include <uapi/linux/ip.h>
+#include <uapi/linux/pkt_cls.h>
+#include <uapi/linux/tcp.h>
+#include <uapi/linux/udp.h>
+
+#ifndef FRONTEND_PORT
+#define FRONTEND_PORT 0
+#endif
+
+#ifndef BACKEND_PORT
+#define BACKEND_PORT 0
+#endif
+
+#ifndef NODE_IP
+#define NODE_IP 0
+#endif
+
+#ifndef INTERNAL_SRC_IP
+#define INTERNAL_SRC_IP 0
+#endif
+
+#define SESSION_MAP_DIM 32768
+
+enum OPERATION_TYPE { OP_XLATE_SRC = 0, OP_XLATE_DST = 1 };
+
+enum ORIGINATING_RULE_TYPE { RULE_POD_TO_EXT = 0, RULE_NODEPORT_CLUSTER = 1 };
+
+enum EXTERNAL_TRAFFIC_POLICY_TYPE { ETP_LOCAL = 0, ETP_CLUSTER = 1 };
+
+enum SLOWPATH_REASON { REASON_ARP_REPLY = 0 };
+
+#define IP_CSUM_OFFSET (sizeof(struct eth_hdr) + offsetof(struct iphdr, check))
+#define UDP_CSUM_OFFSET                            \
+  (sizeof(struct eth_hdr) + sizeof(struct iphdr) + \
+   offsetof(struct udphdr, check))
+#define TCP_CSUM_OFFSET                            \
+  (sizeof(struct eth_hdr) + sizeof(struct iphdr) + \
+   offsetof(struct tcphdr, check))
+#define ICMP_CSUM_OFFSET                           \
+  (sizeof(struct eth_hdr) + sizeof(struct iphdr) + \
+   offsetof(struct icmphdr, checksum))
+#define IS_PSEUDO 0x10
+
+struct eth_hdr {
+  __be64 dst : 48;
+  __be64 src : 48;
+  __be16 proto;
+} __attribute__((packed));
+
+struct arp_hdr {
+  __be16 ar_hrd;        /* format of hardware address	*/
+  __be16 ar_pro;        /* format of protocol address	*/
+  unsigned char ar_hln; /* length of hardware address	*/
+  unsigned char ar_pln; /* length of protocol address	*/
+  __be16 ar_op;         /* ARP opcode (command)		*/
+  __be64 ar_sha : 48;   /* sender hardware address	*/
+  __be32 ar_sip;        /* sender IP address		*/
+  __be64 ar_tha : 48;   /* target hardware address	*/
+  __be32 ar_tip;        /* target IP address		*/
+} __attribute__((packed));
+
+// Session table
+struct st_k {
+  uint32_t src_ip;
+  uint32_t dst_ip;
+  uint16_t src_port;
+  uint16_t dst_port;
+  uint8_t proto;
+} __attribute__((packed));
+struct st_v {
+  uint32_t new_ip;
+  uint16_t new_port;
+  uint8_t operation;
+  uint8_t originating_rule;
+} __attribute__((packed));
+BPF_TABLE("lru_hash", struct st_k, struct st_v, egress_session_table,
+          SESSION_MAP_DIM);
+BPF_TABLE("lru_hash", struct st_k, struct st_v, ingress_session_table,
+          SESSION_MAP_DIM);
+
+// NodePort rules table
+struct nt_k {
+  uint16_t port;
+  uint8_t proto;
+} __attribute__((packed));
+;
+struct nt_v {
+  uint16_t external_traffic_policy;
+} __attribute__((packed));
+;
+
+BPF_F_TABLE("hash", struct nt_k, struct nt_v, npr_table, 1024,
+            BPF_F_NO_PREALLOC);
+
+// Port numbers
+struct free_port_entry {
+  uint16_t free_port;
+  struct bpf_spin_lock lock;
+};
+
+BPF_TABLE("array", uint32_t, struct free_port_entry, free_port_map, 1);
+
+static inline __be16 get_free_port() {
+  uint32_t key = 0;
+  uint16_t free_port = 0;
+  struct free_port_entry *entry = free_port_map.lookup(&key);
+  if (!entry) {  // never happen for array
+    return 0;
+  }
+  bpf_spin_lock(&entry->lock);
+  if (entry->free_port < 1024 || entry->free_port == 65535) {
+    entry->free_port = 1024;
+  }
+  free_port = entry->free_port;
+  entry->free_port++;
+  bpf_spin_unlock(&entry->lock);
+  return bpf_htons(free_port);
+}
+
+static int handle_rx(struct CTXTYPE *ctx, struct pkt_metadata *md) {
+  // Disable data plane if initialization has not been completed yet
+  if (FRONTEND_PORT == BACKEND_PORT) {
+    return RX_DROP;
+  }
+  // NAT processing happens in 4 steps:
+  // 1) packet parsing
+  // 2) session table lookup
+  // 3) rule lookup
+  // 4) packet modification
+
+  // 1) Parse packet
+  void *data = (void *)(long)ctx->data;
+  void *data_end = (void *)(long)ctx->data_end;
+
+  struct eth_hdr *eth = data;
+  if ((void *)(eth + 1) > data_end) {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped Ethernet pkt - (in_port: %d) (reason: inconsistent_size)",
+            md->in_port);
+    return RX_DROP;
+  }
+
+  switch (eth->proto) {
+  case htons(ETH_P_IP):
+    goto IP;  // ipv4 packet
+  case htons(ETH_P_ARP): {
+    goto ARP;  // ARP packet
+  }
+  default:
+    if (md->in_port == BACKEND_PORT) {
+      pcn_log(ctx, LOG_TRACE,
+              "Received unsupported pkt from BACKEND port: sent to stack - "
+              "(in_port: %d) (proto: 0x%x)",
+              md->in_port, bpf_htons(eth->proto));
+    } else {
+      pcn_log(ctx, LOG_TRACE,
+              "Received unsupported pkt from FRONTEND port: sent to stack - "
+              "(in_port: %d) (proto: 0x%x)",
+              md->in_port, bpf_htons(eth->proto));
+    }
+    return RX_OK;
+  }
+
+IP:;
+  struct iphdr *ip = (void *)(eth + 1);
+  if ((void *)(ip + 1) > data_end) {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped IP pkt - (in_port: %d) (reason: inconsistent_size)",
+            md->in_port);
+    return RX_DROP;
+  }
+
+  // check if ip dest is for this host
+  if (md->in_port == FRONTEND_PORT && ip->daddr != NODE_IP) {
+    pcn_log(ctx, LOG_TRACE,
+            "Pkt coming from FRONTEND port is not for host: sent to stack - "
+            "(in_port: %d) (dst_ip: %I)",
+            md->in_port, ip->daddr);
+    return RX_OK;
+  }
+
+  // Extract L3 packet data
+  uint32_t src_ip = ip->saddr;
+  uint32_t dst_ip = ip->daddr;
+  uint8_t proto = ip->protocol;
+
+  // Extract L4 segment data
+  uint16_t src_port = 0, dst_port = 0;
+  // The following pointers are used to update a TCP port, a UDP port or the
+  // ICMP echo id in the same way regardless the l4 protocol; same for the
+  // checksum offset
+  uint16_t *src_port_ptr = NULL, *dst_port_ptr = NULL;
+  int l4_csum_offset = 0;
+
+  switch (ip->protocol) {
+  case IPPROTO_TCP: {
+    struct tcphdr *tcp = (void *)(ip + 1);
+    if ((void *)(tcp + 1) > data_end) {
+      pcn_log(ctx, LOG_TRACE,
+              "Dropped TCP pkt - (in_port: %d) (reason: inconsistent_size)",
+              md->in_port);
+      return RX_DROP;
+    }
+
+    src_port = tcp->source;
+    dst_port = tcp->dest;
+    src_port_ptr = &tcp->source;
+    dst_port_ptr = &tcp->dest;
+    l4_csum_offset = TCP_CSUM_OFFSET;
+    break;
+  }
+  case IPPROTO_UDP: {
+    struct udphdr *udp = (void *)(ip + 1);
+    if ((void *)(udp + 1) > data_end) {
+      pcn_log(ctx, LOG_TRACE,
+              "Dropped UDP pkt - (in_port: %d) (reason: inconsistent_size)",
+              md->in_port);
+      return RX_DROP;
+    }
+
+    src_port = udp->source;
+    dst_port = udp->dest;
+    src_port_ptr = &udp->source;
+    dst_port_ptr = &udp->dest;
+    l4_csum_offset = UDP_CSUM_OFFSET;
+    break;
+  }
+  case IPPROTO_ICMP: {
+    struct icmphdr *icmp = (void *)(ip + 1);
+    if ((void *)(icmp + 1) > data_end) {
+      pcn_log(ctx, LOG_TRACE,
+              "Dropped ICMP pkt - (in_port: %d) (reason: inconsistent_size)",
+              md->in_port);
+      return RX_DROP;
+    }
+
+    // Consider the ICMP ID as a "port" number for easier handling
+    src_port = icmp->un.echo.id;
+    dst_port = icmp->un.echo.id;
+    src_port_ptr = &icmp->un.echo.id;
+    dst_port_ptr = &icmp->un.echo.id;
+    l4_csum_offset = ICMP_CSUM_OFFSET;
+    break;
+  }
+  default: {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped IP pkt - (in_port: %d) (reason: unsupported_type) "
+            "(ip_proto: %d)",
+            md->in_port, ip->protocol);
+    return RX_DROP;
+  }
+  }
+
+  // 2) Packet parsed, start session table lookup
+  // NAT data
+  uint32_t new_ip = 0;
+  uint16_t new_port = 0;
+  uint8_t operation = 0;
+  struct st_k session_key = {.src_ip = src_ip,
+                             .dst_ip = dst_ip,
+                             .src_port = src_port,
+                             .dst_port = dst_port,
+                             .proto = proto};
+  struct st_v *session_entry = (md->in_port == BACKEND_PORT)
+                                   ? egress_session_table.lookup(&session_key)
+                                   : ingress_session_table.lookup(&session_key);
+  if (session_entry) {
+    // Extract NAT data
+    new_ip = session_entry->new_ip;
+    new_port = session_entry->new_port;
+    operation = session_entry->operation;
+    goto APPLY_NAT;
+  }
+
+  uint8_t originating_rule = 0;
+
+  // 3) Session table miss, start rule lookup
+  if (md->in_port == BACKEND_PORT) {  // inside -> outside
+    // Check egress rules
+
+    // Rule: RESP_NP_LOCAL
+    // Response for a NodePort Svc with externalTrafficPolicy=LOCAL => FORWARD
+    if (src_ip == NODE_IP) {
+      pcn_log(ctx, LOG_TRACE,
+              "Matched egress rule RESP_NP_LOCAL: redirected pkt as is to "
+              "FRONTEND port - (src: %I:%P, dst: %I:%P)",
+              src_ip, src_port, dst_ip, dst_port);
+      return pcn_pkt_redirect(ctx, md, FRONTEND_PORT);
+    }
+
+    // Rule: POD_TO_EXT
+    // A Pod want to reach the external world => SNAT
+    new_ip = NODE_IP;
+    new_port = get_free_port();
+    operation = OP_XLATE_SRC;
+    originating_rule = RULE_POD_TO_EXT;
+    pcn_log(ctx, LOG_TRACE,
+            "Matched egress rule POD_TO_EXT: chosen SNAT - (src: %I:%P, dst: "
+            "%I:%P)",
+            src_ip, src_port, dst_ip, dst_port);
+  } else {  // outside -> inside
+    // Check ingress rules
+
+    struct nt_k npr_key = {.port = dst_port, .proto = proto};
+    struct nt_v *npr_value = npr_table.lookup(&npr_key);
+
+    // Incoming packet doesn't match any NodePort rule => stack
+    if (npr_value == NULL) {
+      pcn_log(ctx, LOG_TRACE,
+              "No ingress rule match: sent to stack - (src: %I:%P, dst: %I:%P)",
+              src_ip, src_port, dst_ip, dst_port);
+      return RX_OK;
+    }
+
+    // Rule: REQ_NP_LOCAL
+    // Request for a NodePort Svc with externalTrafficPolicy=LOCAL => FORWARD
+    if (npr_value->external_traffic_policy == ETP_LOCAL) {
+      pcn_log(ctx, LOG_TRACE,
+              "Matched ingress rule REQ_NP_LOCAL: redirected pkt as is to "
+              "BACKEND port - (src: %I:%P, dst: %I:%P)",
+              src_ip, src_port, dst_ip, dst_port);
+      return pcn_pkt_redirect(ctx, md, BACKEND_PORT);
+    }
+
+    // Rule: REQ_NP_CLUSTER
+    // Request for a NodePort Svc with externalTrafficPolicy=CLUSTER => SNAT
+    new_ip = INTERNAL_SRC_IP;
+    new_port = get_free_port();
+    operation = OP_XLATE_SRC;
+    originating_rule = RULE_NODEPORT_CLUSTER;
+
+    pcn_log(
+        ctx, LOG_TRACE,
+        "Matched egress rule REQ_NP_CLUSTER: chosen SNAT - (src: %I:%P, dst: "
+        "%I:%P)",
+        src_ip, src_port, dst_ip, dst_port);
+  }
+
+  // No session table exist for the packet but a rule matched, so both sessions
+  // tables must be updated. In the following, the forward table is intended
+  // to be the table that handles the sessions in the same direction of the
+  // actual packet; similarly, the reverse table is intended to be
+  // the table that handles the sessions in the opposite direction of the
+  // actual packet. Example:
+  // packet coming from the BACKEND port
+  // - forward table = egress session table
+  // - reverse table = ingress session table
+
+  // Regardless the type of NAT, the forward table key always match the original
+  // packet quintuple data. Moreover, the forward table value always stores
+  // the new ip, the new port and the same kind of operation that will be
+  // applied on the actual packet. The originating rule is determined during
+  // the rules scan
+  struct st_k forward_key = {.src_ip = src_ip,
+                             .dst_ip = dst_ip,
+                             .src_port = src_port,
+                             .dst_port = dst_port,
+                             .proto = proto};
+  struct st_v forward_value = {.new_ip = new_ip,
+                               .new_port = new_port,
+                               .operation = operation,
+                               .originating_rule = originating_rule};
+
+  // The reverse table key and value depend on the kind of operation that will
+  // be applied on the actual packet
+  struct st_k reverse_key = {0, 0, 0, 0, 0};
+  struct st_v reverse_value = {0, 0};
+
+  if (operation == OP_XLATE_SRC) {
+    reverse_key.src_ip = dst_ip;
+    reverse_key.dst_ip = new_ip;
+    // During the NAT operation, the ICMP ID will be replaced with the value
+    // of "new port": this means that for the reverse traffic, the session will
+    // be identified by a packet having both "source port" and "destination port"
+    // equal to "new port"
+    reverse_key.src_port = (proto == IPPROTO_ICMP) ? new_port : dst_port;
+    reverse_key.dst_port = new_port;
+
+    reverse_value.new_ip = src_ip;
+    reverse_value.new_port = src_port;
+    reverse_value.operation = OP_XLATE_DST;
+  } else {
+    reverse_key.src_ip = new_ip;
+    reverse_key.dst_ip = src_ip;
+    reverse_key.src_port = new_port;
+    // During the NAT operation, the ICMP ID will be replaced with the value
+    // of "new port": this means that for the reverse traffic, the session will
+    // be identified by a packet having both "source port" and "destination port"
+    // equal to "new port"
+    reverse_key.dst_port = (proto == IPPROTO_ICMP) ? new_port : src_port;
+
+    reverse_value.new_ip = dst_ip;
+    reverse_value.new_port = dst_port;
+    reverse_value.operation = OP_XLATE_SRC;
+  }
+  // The protocol type in the reverse table key and the originating rule type
+  // in the reverse table value do not depend on the operation applied on the
+  // actual packet
+  reverse_key.proto = proto;
+  reverse_value.originating_rule = originating_rule;
+
+  if (md->in_port == BACKEND_PORT) {
+    egress_session_table.update(&forward_key, &forward_value);
+    ingress_session_table.update(&reverse_key, &reverse_value);
+  } else {
+    ingress_session_table.update(&forward_key, &forward_value);
+    egress_session_table.update(&reverse_key, &reverse_value);
+  }
+
+  pcn_log(ctx, LOG_TRACE, "Created new session - (src: %I:%P, dst: %I:%P)",
+          src_ip, src_port, dst_ip, dst_port);
+
+APPLY_NAT:;
+  // Save old values in order to update checksums after the NAT is applied
+  uint32_t old_ip;
+  uint16_t old_port;
+  if (operation == OP_XLATE_SRC) {
+    old_ip = src_ip;
+    old_port = src_port;
+    ip->saddr = new_ip;
+    *src_port_ptr = new_port;
+    pcn_log(ctx, LOG_TRACE, "Applied SNAT - (src: %I:%P, new_src: %I:%P)",
+            old_ip, old_port, new_ip, new_port);
+  } else {
+    old_ip = dst_ip;
+    old_port = dst_port;
+    ip->daddr = new_ip;
+    *dst_port_ptr = new_port;
+    pcn_log(ctx, LOG_TRACE, "Applied DNAT - (dst: %I:%P, new_dst: %I:%P)",
+            old_ip, old_port, new_ip, new_port);
+  }
+
+  // Update checksums
+  if (proto != IPPROTO_ICMP) {  // only for UDP and TCP
+    pcn_l4_csum_replace(ctx, l4_csum_offset, old_ip, new_ip, IS_PSEUDO | 4);
+  }
+  pcn_l4_csum_replace(ctx, l4_csum_offset, old_port, new_port, 2);
+  pcn_l3_csum_replace(ctx, IP_CSUM_OFFSET, old_ip, new_ip, 4);
+
+  // Session tables have been updated (if needed)
+  // The packet has been modified (if needed)
+  // Nothing more to do, forward the packet
+  return pcn_pkt_redirect(
+      ctx, md, md->in_port == BACKEND_PORT ? FRONTEND_PORT : BACKEND_PORT);
+
+ARP:;
+  struct arp_hdr *arp = (void *)(eth + 1);
+  if ((void *)(arp + 1) > data_end) {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped ARP pkt - (in_port: %d) (reason: inconsistent_size)",
+            md->in_port);
+    return RX_DROP;
+  }
+
+  if (md->in_port == BACKEND_PORT) {  // inside -> outside
+    // If a packet coming from the backend port
+    // - is an ARP request => it is sent to the frontend port
+    // - otherwise it is dropped
+    if (arp->ar_op == bpf_htons(ARPOP_REQUEST)) {
+      pcn_log(ctx, LOG_TRACE,
+              "Received ARP request pkt from BACKEND port: redirected to "
+              "FRONTEND port - (in_port: %d) (out_port: %d)",
+              md->in_port, FRONTEND_PORT);
+      return pcn_pkt_redirect(ctx, md, FRONTEND_PORT);
+    }
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped non-request ARP pkt coming from BACKEND port - (in_port: "
+            "%d) (arp_opcode: %d)",
+            md->in_port, bpf_htons(arp->ar_op));
+  } else {  // outside -> inside
+    // If a packet coming from the frontend port
+    // - is an ARP request => it is sent to the stack
+    // - is an ARP reply => a copy is sent to the slowpath and the original one
+    // to the stack
+    // - otherwise it is dropped
+    if (arp->ar_op == bpf_ntohs(ARPOP_REQUEST)) {
+      pcn_log(ctx, LOG_TRACE,
+              "Received ARP request pkt from FRONTEND port: sent to the stack "
+              "- (in_port: %d)",
+              md->in_port);
+      return RX_OK;
+    } else if (arp->ar_op == bpf_htons(ARPOP_REPLY)) {
+      pcn_log(ctx, LOG_TRACE,
+              "Received ARP reply pkt from FRONTEND port: sent a copy to "
+              "slow path and a copy to the stack - (in_port: %d)",
+              md->in_port);
+      // a copy is sent to the backend port through the slowpath and a copy is
+      // sent to the stack
+      pcn_pkt_controller(ctx, md, REASON_ARP_REPLY);
+      return RX_OK;
+    }
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped non-reply ARP pkt coming from FRONTEND port - (in_port: "
+            "%d) (arp_opcode: %d)",
+            md->in_port, bpf_htons(arp->ar_op));
+  }
+  return RX_DROP;
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/NodeportRule.cpp b/src/services/pcn-k8sdispatcher/src/NodeportRule.cpp
new file mode 100644
index 000000000..c0e7eaa99
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/NodeportRule.cpp
@@ -0,0 +1,99 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "NodeportRule.h"
+
+#include "K8sdispatcher.h"
+#include "Utils.h"
+
+NodeportRule::NodeportRule(K8sdispatcher &parent,
+                           const NodeportRuleJsonObject &conf)
+    : NodeportRuleBase(parent),
+      parent_{parent},
+      nodeportPort_{conf.nodeportPortIsSet()
+                        ? conf.getNodeportPort()
+                        : throw std::runtime_error{"NodePort rule port"
+                                                   "must be provided"}},
+      proto_{
+          conf.protoIsSet()
+              ? conf.getProto()
+              : throw std::
+                    runtime_error{"NodePort rule protocol must be provided"}},
+      externalTrafficPolicy_{
+          conf.externalTrafficPolicyIsSet()
+              ? conf.getExternalTrafficPolicy()
+              : NodeportRuleExternalTrafficPolicyEnum::CLUSTER},
+      ruleName_{conf.getRuleName()} {
+  logger()->info("Creating NodeportRule instance");
+  if (this->proto_ == L4ProtoEnum::ICMP) {
+    throw std::runtime_error{"NodePort rule protocol cannot be ICMP"};
+  }
+}
+
+NodeportRule::~NodeportRule() {
+  logger()->info("Destroying NodeportRule instance");
+}
+
+uint16_t NodeportRule::getNodeportPort() {
+  return this->nodeportPort_;
+}
+
+L4ProtoEnum NodeportRule::getProto() {
+  return this->proto_;
+}
+
+NodeportRuleExternalTrafficPolicyEnum NodeportRule::getExternalTrafficPolicy() {
+  return this->externalTrafficPolicy_;
+}
+
+void NodeportRule::setExternalTrafficPolicy(
+    const NodeportRuleExternalTrafficPolicyEnum &value) {
+  logger()->trace(
+      "Received a request to update NodePort rule external traffic policy");
+  try {
+    logger()->trace("Retrieving NodePort rules kernel map");
+    auto npr_table = this->parent_.get_hash_table<struct nt_k, struct nt_v>(
+        K8sdispatcher::EBPF_NPR_TABLE_MAP);
+    logger()->trace("Retrieved NodePort rules kernel map");
+
+    struct nt_k npr_key {
+      .port = htons(this->nodeportPort_),
+      .proto = utils::L4ProtoEnum_to_int(this->proto_),
+    };
+    struct nt_v npr_value {
+      .external_traffic_policy =
+          utils::NodeportRuleExternalTrafficPolicyEnum_to_int(value)
+    };
+
+    logger()->trace(
+        "Updating NodePort rule external traffic policy in NodePort rules "
+        "kernel map");
+    npr_table.set(npr_key, npr_value);
+    this->externalTrafficPolicy_ = value;
+    logger()->trace(
+        "Updated NodePort rule external traffic policy in NodePort rules "
+        "kernel map");
+  } catch (std::exception &ex) {
+    logger()->error("Failed to update NodePort rule in kernel map: {}",
+                    ex.what());
+    throw std::runtime_error("Failed to update NodePort rule in kernel map");
+  }
+  logger()->trace("Updated NodePort rule external traffic policy");
+}
+
+std::string NodeportRule::getRuleName() {
+  return this->ruleName_;
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/NodeportRule.h b/src/services/pcn-k8sdispatcher/src/NodeportRule.h
new file mode 100644
index 000000000..4233c213a
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/NodeportRule.h
@@ -0,0 +1,59 @@
+/*
+* Copyright 2022 The Polycube Authors
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+ */
+
+#pragma once
+
+#include "../base/NodeportRuleBase.h"
+
+class K8sdispatcher;
+
+using namespace polycube::service::model;
+
+class NodeportRule : public NodeportRuleBase {
+ public:
+  NodeportRule(K8sdispatcher &parent, const NodeportRuleJsonObject &conf);
+  virtual ~NodeportRule();
+
+  /// <summary>
+  /// NodePort rule nodeport port number
+  /// </summary>
+  uint16_t getNodeportPort() override;
+
+  /// <summary>
+  /// NodePort rule L4 protocol
+  /// </summary>
+  L4ProtoEnum getProto() override;
+
+  /// <summary>
+  /// The external traffic policy of the Kubernetes NodePort Service
+  /// </summary>
+  NodeportRuleExternalTrafficPolicyEnum getExternalTrafficPolicy() override;
+  void setExternalTrafficPolicy(const NodeportRuleExternalTrafficPolicyEnum &value) override;
+
+  /// <summary>
+  /// An optional name for the NodePort rule
+  /// </summary>
+  std::string getRuleName() override;
+
+ private:
+  K8sdispatcher& parent_;
+
+  uint16_t nodeportPort_;
+  L4ProtoEnum proto_;
+
+  NodeportRuleExternalTrafficPolicyEnum externalTrafficPolicy_;
+  std::string ruleName_;
+};
diff --git a/src/services/pcn-k8sdispatcher/src/Ports.cpp b/src/services/pcn-k8sdispatcher/src/Ports.cpp
new file mode 100644
index 000000000..6d7e402f9
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/Ports.cpp
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "Ports.h"
+#include "K8sdispatcher.h"
+#include "Utils.h"
+
+
+Ports::Ports(polycube::service::Cube<Ports> &parent,
+             std::shared_ptr<polycube::service::PortIface> port,
+             const PortsJsonObject &conf)
+    : PortsBase(parent, port), type_{conf.getType()} {
+  logger()->info("Creating Ports instance");
+  auto ipIsSet = conf.ipIsSet();
+  if (this->type_ == PortsTypeEnum::FRONTEND) {
+    if (!ipIsSet) {
+      throw std::runtime_error(
+          "The IP address is mandatory for a FRONTEND port");
+    }
+
+    auto ip = conf.getIp();
+    if (!utils::is_valid_ipv4_str(ip)) {
+      throw std::runtime_error{"Invalid IPv4 address"};
+    }
+    this->ip_ = ip;
+  } else {
+    if (ipIsSet) {
+      throw std::runtime_error(
+          "The IP address in not allowed for a BACKEND port");
+    }
+  }
+}
+
+Ports::~Ports() {
+  logger()->info("Destroying Ports instance");
+}
+
+PortsTypeEnum Ports::getType() {
+  return this->type_;
+}
+
+std::string Ports::getIp() {
+  return this->ip_;
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/Ports.h b/src/services/pcn-k8sdispatcher/src/Ports.h
new file mode 100644
index 000000000..5383a7cd2
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/Ports.h
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include "../base/PortsBase.h"
+
+class K8sdispatcher;
+
+using namespace polycube::service::model;
+
+class Ports : public PortsBase {
+ public:
+  Ports(polycube::service::Cube<Ports> &parent,
+        std::shared_ptr<polycube::service::PortIface> port,
+        const PortsJsonObject &conf);
+  virtual ~Ports();
+
+  /// <summary>
+  /// Type of the K8s Dispatcher cube port (e.g. BACKEND or FRONTEND)
+  /// </summary>
+  PortsTypeEnum getType() override;
+
+  /// <summary>
+  /// IP address of the node interface (only for FRONTEND port)
+  /// </summary>
+  std::string getIp() override;
+
+ private:
+  PortsTypeEnum type_;
+  std::string ip_;
+};
diff --git a/src/services/pcn-k8sdispatcher/src/SessionRule.cpp b/src/services/pcn-k8sdispatcher/src/SessionRule.cpp
new file mode 100644
index 000000000..4d011a5ec
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/SessionRule.cpp
@@ -0,0 +1,106 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "SessionRule.h"
+#include "K8sdispatcher.h"
+#include "Utils.h"
+
+SessionRule::SessionRule(K8sdispatcher &parent,
+                         const SessionRuleJsonObject &conf)
+    : SessionRule{parent,
+                  conf.getDirection(),
+                  conf.getSrcIp(),
+                  conf.getDstIp(),
+                  conf.getSrcPort(),
+                  conf.getDstPort(),
+                  conf.getProto(),
+                  conf.getNewIp(),
+                  conf.getNewPort(),
+                  conf.getOperation(),
+                  conf.getOriginatingRule()} {}
+
+SessionRule::SessionRule(K8sdispatcher &parent,
+                         SessionRuleDirectionEnum direction, std::string srcIp,
+                         std::string dstIp, uint16_t srcPort, uint16_t dstPort,
+                         L4ProtoEnum proto, std::string newIp, uint16_t newPort,
+                         SessionRuleOperationEnum operation,
+                         SessionRuleOriginatingRuleEnum originatingRule)
+    : SessionRuleBase(parent),
+      direction_{direction},
+      srcIp_{srcIp},
+      dstIp_{dstIp},
+      srcPort_{srcPort},
+      dstPort_{dstPort},
+      proto_{proto},
+      newIp_{newIp},
+      newPort_{newPort},
+      operation_{operation},
+      originatingRule_{originatingRule} {
+  logger()->info("Creating SessionRule instance");
+  if (!utils::is_valid_ipv4_str(srcIp)) {
+    throw std::runtime_error{"Invalid source IPv4 address"};
+  }
+  if (!utils::is_valid_ipv4_str(dstIp)) {
+    throw std::runtime_error{"Invalid destination IPv4 address"};
+  }
+  if (!utils::is_valid_ipv4_str(newIp)) {
+    throw std::runtime_error{"Invalid new IPv4 address"};
+  }
+}
+
+SessionRule::~SessionRule() {
+  logger()->info("Destroying SessionRule instance");
+}
+
+SessionRuleDirectionEnum SessionRule::getDirection() {
+  return this->direction_;
+}
+
+std::string SessionRule::getSrcIp() {
+  return this->srcIp_;
+}
+
+std::string SessionRule::getDstIp() {
+  return this->dstIp_;
+}
+
+uint16_t SessionRule::getSrcPort() {
+  return this->srcPort_;
+}
+
+uint16_t SessionRule::getDstPort() {
+  return this->dstPort_;
+}
+
+L4ProtoEnum SessionRule::getProto() {
+  return this->proto_;
+}
+
+std::string SessionRule::getNewIp() {
+  return this->newIp_;
+}
+
+uint16_t SessionRule::getNewPort() {
+  return this->newPort_;
+}
+
+SessionRuleOperationEnum SessionRule::getOperation() {
+  return this->operation_;
+}
+
+SessionRuleOriginatingRuleEnum SessionRule::getOriginatingRule() {
+  return this->originatingRule_;
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/SessionRule.h b/src/services/pcn-k8sdispatcher/src/SessionRule.h
new file mode 100644
index 000000000..f25b44fed
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/SessionRule.h
@@ -0,0 +1,111 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include "../base/SessionRuleBase.h"
+
+struct st_k {
+  uint32_t src_ip;
+  uint32_t dst_ip;
+  uint16_t src_port;
+  uint16_t dst_port;
+  uint8_t proto;
+} __attribute__((packed));
+struct st_v {
+  uint32_t new_ip;
+  uint16_t new_port;
+  uint8_t operation;
+  uint8_t originating_rule;
+} __attribute__((packed));
+
+class K8sdispatcher;
+
+using namespace polycube::service::model;
+
+class SessionRule : public SessionRuleBase {
+ public:
+  SessionRule(K8sdispatcher &parent, const SessionRuleJsonObject &conf);
+  SessionRule(K8sdispatcher &parent, SessionRuleDirectionEnum direction,
+              std::string srcIp, std::string dstIp, uint16_t srcPort,
+              uint16_t dstPort, L4ProtoEnum proto, std::string newIp,
+              uint16_t newPort, SessionRuleOperationEnum operation,
+              SessionRuleOriginatingRuleEnum originatingRule);
+  virtual ~SessionRule();
+
+  /// <summary>
+  /// Session entry direction (e.g. INGRESS or EGRESS)
+  /// </summary>
+  SessionRuleDirectionEnum getDirection() override;
+
+  /// <summary>
+  /// Session entry source IP address
+  /// </summary>
+  std::string getSrcIp() override;
+
+  /// <summary>
+  /// Session entry destination IP address
+  /// </summary>
+  std::string getDstIp() override;
+
+  /// <summary>
+  /// Session entry source L4 port number
+  /// </summary>
+  uint16_t getSrcPort() override;
+
+  /// <summary>
+  /// Session entry destination L4 port number
+  /// </summary>
+  uint16_t getDstPort() override;
+
+  /// <summary>
+  /// Session entry L4 protocol
+  /// </summary>
+  L4ProtoEnum getProto() override;
+
+  /// <summary>
+  /// Translated IP address
+  /// </summary>
+  std::string getNewIp() override;
+
+  /// <summary>
+  /// Translated L4 port number
+  /// </summary>
+  uint16_t getNewPort() override;
+
+  /// <summary>
+  /// Operation applied on the original packet
+  /// </summary>
+  SessionRuleOperationEnum getOperation() override;
+
+  /// <summary>
+  /// Rule originating the session entry
+  /// </summary>
+  SessionRuleOriginatingRuleEnum getOriginatingRule() override;
+
+ private:
+  SessionRuleDirectionEnum direction_;
+  std::string srcIp_;
+  std::string dstIp_;
+  uint16_t srcPort_;
+  uint16_t dstPort_;
+  L4ProtoEnum proto_;
+
+  std::string newIp_;
+  uint16_t newPort_;
+  SessionRuleOperationEnum operation_;
+  SessionRuleOriginatingRuleEnum originatingRule_;
+};
diff --git a/src/services/pcn-k8sdispatcher/src/Utils.cpp b/src/services/pcn-k8sdispatcher/src/Utils.cpp
new file mode 100644
index 000000000..ad0ef2a60
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/Utils.cpp
@@ -0,0 +1,129 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "Utils.h"
+
+#include "base/K8sdispatcherBase.h"
+
+uint8_t utils::L4ProtoEnum_to_int(L4ProtoEnum proto) {
+  switch (proto) {
+  case L4ProtoEnum::TCP:
+    return 6;
+  case L4ProtoEnum::UDP:
+    return 17;
+  case L4ProtoEnum::ICMP:
+    return 1;
+  default:
+    throw std::runtime_error("Bad proto");
+  }
+}
+
+L4ProtoEnum utils::int_to_L4ProtoEnum(uint8_t proto) {
+  switch (proto) {
+  case 6:
+    return L4ProtoEnum::TCP;
+  case 17:
+    return L4ProtoEnum::UDP;
+  case 1:
+    return L4ProtoEnum::ICMP;
+  default:
+    throw std::runtime_error("Bad proto number");
+  }
+}
+
+uint8_t utils::SessionRuleOperationEnum_to_int(
+    SessionRuleOperationEnum operation) {
+  switch (operation) {
+  case SessionRuleOperationEnum::XLATE_SRC:
+    return 0;
+  case SessionRuleOperationEnum::XLATE_DST:
+    return 1;
+  default:
+    throw std::runtime_error("Bad operation");
+  }
+}
+
+SessionRuleOperationEnum utils::int_to_SessionRuleOperationEnum(
+    const uint8_t operation) {
+  switch (operation) {
+  case 0:
+    return SessionRuleOperationEnum::XLATE_SRC;
+  case 1:
+    return SessionRuleOperationEnum::XLATE_DST;
+  default:
+    throw std::runtime_error("Bad operation number");
+  }
+}
+
+uint8_t utils::SessionRuleOriginatingRuleEnum_to_int(
+    SessionRuleOriginatingRuleEnum originatingRule) {
+  switch (originatingRule) {
+  case SessionRuleOriginatingRuleEnum::POD_TO_EXT:
+    return 0;
+  case SessionRuleOriginatingRuleEnum::NODEPORT_CLUSTER:
+    return 1;
+  default:
+    throw std::runtime_error("Bad originating rule");
+  }
+}
+
+SessionRuleOriginatingRuleEnum utils::int_to_SessionRuleOriginatingRuleEnum(
+    const uint8_t originatingRule) {
+  switch (originatingRule) {
+  case 0:
+    return SessionRuleOriginatingRuleEnum::POD_TO_EXT;
+  case 1:
+    return SessionRuleOriginatingRuleEnum::NODEPORT_CLUSTER;
+  default:
+    throw std::runtime_error("Bad originating rule number");
+  }
+}
+
+uint8_t utils::NodeportRuleExternalTrafficPolicyEnum_to_int(
+    NodeportRuleExternalTrafficPolicyEnum externalTrafficPolicy) {
+  switch (externalTrafficPolicy) {
+  case NodeportRuleExternalTrafficPolicyEnum::LOCAL:
+    return 0;
+  case NodeportRuleExternalTrafficPolicyEnum::CLUSTER:
+    return 1;
+  default:
+    throw std::runtime_error("Bad external traffic policy");
+  }
+}
+
+NodeportRuleExternalTrafficPolicyEnum
+utils::int_to_NodeportRuleExternalTrafficPolicyEnum(
+    const uint8_t externalTrafficPolicy) {
+  switch (externalTrafficPolicy) {
+  case 0:
+    return NodeportRuleExternalTrafficPolicyEnum::LOCAL;
+  case 1:
+    return NodeportRuleExternalTrafficPolicyEnum::CLUSTER;
+  default:
+    throw std::runtime_error("Bad external traffic policy number");
+  }
+}
+
+bool utils::is_valid_ipv4_str(std::string const &ip) {
+  try {
+    // if the provided IPv4 address is not valid, the following call
+    // will throw and exception
+    polycube::service::utils::ip_string_to_nbo_uint(ip);
+    return true;
+  } catch (...) {
+    return false;
+  }
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/Utils.h b/src/services/pcn-k8sdispatcher/src/Utils.h
new file mode 100644
index 000000000..7fc180cc0
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/Utils.h
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef POLYCUBE_UTILS_H
+#define POLYCUBE_UTILS_H
+
+#include "base/NodeportRuleBase.h"
+#include "base/SessionRuleBase.h"
+
+namespace utils {
+// conversion functions
+uint8_t L4ProtoEnum_to_int(L4ProtoEnum proto);
+L4ProtoEnum int_to_L4ProtoEnum(const uint8_t proto);
+
+uint8_t SessionRuleOperationEnum_to_int(SessionRuleOperationEnum operation);
+SessionRuleOperationEnum int_to_SessionRuleOperationEnum(
+    const uint8_t operation);
+
+uint8_t SessionRuleOriginatingRuleEnum_to_int(
+    SessionRuleOriginatingRuleEnum originatingRule);
+SessionRuleOriginatingRuleEnum int_to_SessionRuleOriginatingRuleEnum(
+    const uint8_t originatingRule);
+
+uint8_t NodeportRuleExternalTrafficPolicyEnum_to_int(
+    NodeportRuleExternalTrafficPolicyEnum externalTrafficPolicy);
+NodeportRuleExternalTrafficPolicyEnum
+int_to_NodeportRuleExternalTrafficPolicyEnum(
+    const uint8_t externalTrafficPolicy);
+
+// helper functions
+bool is_valid_ipv4_str(std::string const &ip);
+
+}  // namespace utils
+
+#endif  // POLYCUBE_UTILS_H
diff --git a/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.cpp b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.cpp
new file mode 100644
index 000000000..be5e216c4
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.cpp
@@ -0,0 +1,1271 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+#include "K8sdispatcherApi.h"
+#include "K8sdispatcherApiImpl.h"
+
+using namespace polycube::service::model;
+using namespace polycube::service::api::K8sdispatcherApiImpl;
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+Response create_k8sdispatcher_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    K8sdispatcherJsonObject unique_value { request_body };
+
+    unique_value.setName(unique_name);
+    create_k8sdispatcher_by_id(unique_name, unique_value);
+    return { kCreated, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response create_k8sdispatcher_nodeport_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    NodeportRuleJsonObject unique_value { request_body };
+
+    unique_value.setNodeportPort(unique_nodeportPort);
+    unique_value.setProto(unique_proto_);
+    create_k8sdispatcher_nodeport_rule_by_id(unique_name, unique_nodeportPort, unique_proto_, unique_value);
+    return { kCreated, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response create_k8sdispatcher_nodeport_rule_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  // Getting the body param
+  std::vector<NodeportRuleJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<NodeportRuleJsonObject> unique_value;
+    for (auto &j : request_body) {
+      NodeportRuleJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    create_k8sdispatcher_nodeport_rule_list_by_id(unique_name, unique_value);
+    return { kCreated, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response create_k8sdispatcher_ports_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    PortsJsonObject unique_value { request_body };
+
+    unique_value.setName(unique_portsName);
+    create_k8sdispatcher_ports_by_id(unique_name, unique_portsName, unique_value);
+    return { kCreated, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response create_k8sdispatcher_ports_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  // Getting the body param
+  std::vector<PortsJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<PortsJsonObject> unique_value;
+    for (auto &j : request_body) {
+      PortsJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    create_k8sdispatcher_ports_list_by_id(unique_name, unique_value);
+    return { kCreated, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response delete_k8sdispatcher_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    delete_k8sdispatcher_by_id(unique_name);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response delete_k8sdispatcher_nodeport_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+    delete_k8sdispatcher_nodeport_rule_by_id(unique_name, unique_nodeportPort, unique_proto_);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response delete_k8sdispatcher_nodeport_rule_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    delete_k8sdispatcher_nodeport_rule_list_by_id(unique_name);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response delete_k8sdispatcher_ports_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+    delete_k8sdispatcher_ports_by_id(unique_name, unique_portsName);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response delete_k8sdispatcher_ports_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    delete_k8sdispatcher_ports_list_by_id(unique_name);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+
+    auto x = read_k8sdispatcher_by_id(unique_name);
+    nlohmann::json response_body;
+    response_body = x.toJson();
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_internal_src_ip_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+
+    auto x = read_k8sdispatcher_internal_src_ip_by_id(unique_name);
+    nlohmann::json response_body;
+    response_body = x;
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+
+
+  try {
+
+    auto x = read_k8sdispatcher_list_by_id();
+    nlohmann::json response_body;
+    for (auto &i : x) {
+      response_body += i.toJson();
+    }
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_nodeport_range_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+
+    auto x = read_k8sdispatcher_nodeport_range_by_id(unique_name);
+    nlohmann::json response_body;
+    response_body = x;
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_nodeport_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_nodeport_rule_by_id(unique_name, unique_nodeportPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = x.toJson();
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id(unique_name, unique_nodeportPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = NodeportRuleJsonObject::NodeportRuleExternalTrafficPolicyEnum_to_string(x);
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_nodeport_rule_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+
+    auto x = read_k8sdispatcher_nodeport_rule_list_by_id(unique_name);
+    nlohmann::json response_body;
+    for (auto &i : x) {
+      response_body += i.toJson();
+    }
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_nodeport_rule_rule_name_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_nodeport_rule_rule_name_by_id(unique_name, unique_nodeportPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = x;
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_ports_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+
+    auto x = read_k8sdispatcher_ports_by_id(unique_name, unique_portsName);
+    nlohmann::json response_body;
+    response_body = x.toJson();
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_ports_ip_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+
+    auto x = read_k8sdispatcher_ports_ip_by_id(unique_name, unique_portsName);
+    nlohmann::json response_body;
+    response_body = x;
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_ports_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+
+    auto x = read_k8sdispatcher_ports_list_by_id(unique_name);
+    nlohmann::json response_body;
+    for (auto &i : x) {
+      response_body += i.toJson();
+    }
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_ports_type_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+
+    auto x = read_k8sdispatcher_ports_type_by_id(unique_name, unique_portsName);
+    nlohmann::json response_body;
+    response_body = PortsJsonObject::PortsTypeEnum_to_string(x);
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_session_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_direction;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "direction")) {
+      unique_direction = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_direction_ = SessionRuleJsonObject::string_to_SessionRuleDirectionEnum(unique_direction);
+
+  std::string unique_srcIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-ip")) {
+      unique_srcIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  std::string unique_dstIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-ip")) {
+      unique_dstIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  uint16_t unique_srcPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-port")) {
+      unique_srcPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  uint16_t unique_dstPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-port")) {
+      unique_dstPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = SessionRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_session_rule_by_id(unique_name, unique_direction_, unique_srcIp, unique_dstIp, unique_srcPort, unique_dstPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = x.toJson();
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_session_rule_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+
+    auto x = read_k8sdispatcher_session_rule_list_by_id(unique_name);
+    nlohmann::json response_body;
+    for (auto &i : x) {
+      response_body += i.toJson();
+    }
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_session_rule_new_ip_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_direction;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "direction")) {
+      unique_direction = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_direction_ = SessionRuleJsonObject::string_to_SessionRuleDirectionEnum(unique_direction);
+
+  std::string unique_srcIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-ip")) {
+      unique_srcIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  std::string unique_dstIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-ip")) {
+      unique_dstIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  uint16_t unique_srcPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-port")) {
+      unique_srcPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  uint16_t unique_dstPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-port")) {
+      unique_dstPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = SessionRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_session_rule_new_ip_by_id(unique_name, unique_direction_, unique_srcIp, unique_dstIp, unique_srcPort, unique_dstPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = x;
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_session_rule_new_port_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_direction;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "direction")) {
+      unique_direction = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_direction_ = SessionRuleJsonObject::string_to_SessionRuleDirectionEnum(unique_direction);
+
+  std::string unique_srcIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-ip")) {
+      unique_srcIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  std::string unique_dstIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-ip")) {
+      unique_dstIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  uint16_t unique_srcPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-port")) {
+      unique_srcPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  uint16_t unique_dstPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-port")) {
+      unique_dstPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = SessionRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_session_rule_new_port_by_id(unique_name, unique_direction_, unique_srcIp, unique_dstIp, unique_srcPort, unique_dstPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = x;
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_session_rule_operation_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_direction;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "direction")) {
+      unique_direction = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_direction_ = SessionRuleJsonObject::string_to_SessionRuleDirectionEnum(unique_direction);
+
+  std::string unique_srcIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-ip")) {
+      unique_srcIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  std::string unique_dstIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-ip")) {
+      unique_dstIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  uint16_t unique_srcPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-port")) {
+      unique_srcPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  uint16_t unique_dstPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-port")) {
+      unique_dstPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = SessionRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_session_rule_operation_by_id(unique_name, unique_direction_, unique_srcIp, unique_dstIp, unique_srcPort, unique_dstPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = SessionRuleJsonObject::SessionRuleOperationEnum_to_string(x);
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_session_rule_originating_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_direction;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "direction")) {
+      unique_direction = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_direction_ = SessionRuleJsonObject::string_to_SessionRuleDirectionEnum(unique_direction);
+
+  std::string unique_srcIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-ip")) {
+      unique_srcIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  std::string unique_dstIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-ip")) {
+      unique_dstIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  uint16_t unique_srcPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-port")) {
+      unique_srcPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  uint16_t unique_dstPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-port")) {
+      unique_dstPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = SessionRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_session_rule_originating_rule_by_id(unique_name, unique_direction_, unique_srcIp, unique_dstIp, unique_srcPort, unique_dstPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = SessionRuleJsonObject::SessionRuleOriginatingRuleEnum_to_string(x);
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response replace_k8sdispatcher_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    K8sdispatcherJsonObject unique_value { request_body };
+
+    unique_value.setName(unique_name);
+    replace_k8sdispatcher_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response replace_k8sdispatcher_nodeport_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    NodeportRuleJsonObject unique_value { request_body };
+
+    unique_value.setNodeportPort(unique_nodeportPort);
+    unique_value.setProto(unique_proto_);
+    replace_k8sdispatcher_nodeport_rule_by_id(unique_name, unique_nodeportPort, unique_proto_, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response replace_k8sdispatcher_nodeport_rule_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  // Getting the body param
+  std::vector<NodeportRuleJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<NodeportRuleJsonObject> unique_value;
+    for (auto &j : request_body) {
+      NodeportRuleJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    replace_k8sdispatcher_nodeport_rule_list_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response replace_k8sdispatcher_ports_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    PortsJsonObject unique_value { request_body };
+
+    unique_value.setName(unique_portsName);
+    replace_k8sdispatcher_ports_by_id(unique_name, unique_portsName, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response replace_k8sdispatcher_ports_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  // Getting the body param
+  std::vector<PortsJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<PortsJsonObject> unique_value;
+    for (auto &j : request_body) {
+      PortsJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    replace_k8sdispatcher_ports_list_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    K8sdispatcherJsonObject unique_value { request_body };
+
+    unique_value.setName(unique_name);
+    update_k8sdispatcher_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+
+  // Getting the body param
+  std::vector<K8sdispatcherJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<K8sdispatcherJsonObject> unique_value;
+    for (auto &j : request_body) {
+      K8sdispatcherJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    update_k8sdispatcher_list_by_id(unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_nodeport_range_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // The conversion is done automatically by the json library
+    std::string unique_value = request_body;
+    update_k8sdispatcher_nodeport_range_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_nodeport_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    NodeportRuleJsonObject unique_value { request_body };
+
+    unique_value.setNodeportPort(unique_nodeportPort);
+    unique_value.setProto(unique_proto_);
+    update_k8sdispatcher_nodeport_rule_by_id(unique_name, unique_nodeportPort, unique_proto_, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    NodeportRuleExternalTrafficPolicyEnum unique_value_ = NodeportRuleJsonObject::string_to_NodeportRuleExternalTrafficPolicyEnum(request_body);
+    update_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id(unique_name, unique_nodeportPort, unique_proto_, unique_value_);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_nodeport_rule_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  // Getting the body param
+  std::vector<NodeportRuleJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<NodeportRuleJsonObject> unique_value;
+    for (auto &j : request_body) {
+      NodeportRuleJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    update_k8sdispatcher_nodeport_rule_list_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_ports_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    PortsJsonObject unique_value { request_body };
+
+    unique_value.setName(unique_portsName);
+    update_k8sdispatcher_ports_by_id(unique_name, unique_portsName, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_ports_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  // Getting the body param
+  std::vector<PortsJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<PortsJsonObject> unique_value;
+    for (auto &j : request_body) {
+      PortsJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    update_k8sdispatcher_ports_list_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+
+Response k8sdispatcher_list_by_id_help(
+  const char *name, const Key *keys, size_t num_keys) {
+
+  nlohmann::json val = read_k8sdispatcher_list_by_id_get_list();
+
+  return { kOk, ::strdup(val.dump().c_str()) };
+}
+
+Response k8sdispatcher_nodeport_rule_list_by_id_help(
+  const char *name, const Key *keys, size_t num_keys) {
+  // Getting the path params
+  std::string unique_name { name };
+  nlohmann::json val = read_k8sdispatcher_nodeport_rule_list_by_id_get_list(unique_name);
+
+  return { kOk, ::strdup(val.dump().c_str()) };
+}
+
+Response k8sdispatcher_ports_list_by_id_help(
+  const char *name, const Key *keys, size_t num_keys) {
+  // Getting the path params
+  std::string unique_name { name };
+  nlohmann::json val = read_k8sdispatcher_ports_list_by_id_get_list(unique_name);
+
+  return { kOk, ::strdup(val.dump().c_str()) };
+}
+
+Response k8sdispatcher_session_rule_list_by_id_help(
+  const char *name, const Key *keys, size_t num_keys) {
+  // Getting the path params
+  std::string unique_name { name };
+  nlohmann::json val = read_k8sdispatcher_session_rule_list_by_id_get_list(unique_name);
+
+  return { kOk, ::strdup(val.dump().c_str()) };
+}
+
+#ifdef __cplusplus
+}
+#endif
+
diff --git a/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.h b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.h
new file mode 100644
index 000000000..90287533f
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.h
@@ -0,0 +1,86 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* K8sdispatcherApi.h
+*
+*/
+
+#pragma once
+
+#define POLYCUBE_SERVICE_NAME "k8sdispatcher"
+
+
+#include "polycube/services/response.h"
+#include "polycube/services/shared_lib_elements.h"
+
+#include "K8sdispatcherJsonObject.h"
+#include "NodeportRuleJsonObject.h"
+#include "PortsJsonObject.h"
+#include "SessionRuleJsonObject.h"
+#include <vector>
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+Response create_k8sdispatcher_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response create_k8sdispatcher_nodeport_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response create_k8sdispatcher_nodeport_rule_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response create_k8sdispatcher_ports_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response create_k8sdispatcher_ports_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response delete_k8sdispatcher_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response delete_k8sdispatcher_nodeport_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response delete_k8sdispatcher_nodeport_rule_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response delete_k8sdispatcher_ports_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response delete_k8sdispatcher_ports_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_internal_src_ip_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_nodeport_range_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_nodeport_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_nodeport_rule_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_nodeport_rule_rule_name_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_ports_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_ports_ip_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_ports_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_ports_type_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_session_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_session_rule_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_session_rule_new_ip_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_session_rule_new_port_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_session_rule_operation_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_session_rule_originating_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response replace_k8sdispatcher_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response replace_k8sdispatcher_nodeport_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response replace_k8sdispatcher_nodeport_rule_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response replace_k8sdispatcher_ports_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response replace_k8sdispatcher_ports_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_nodeport_range_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_nodeport_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_nodeport_rule_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_ports_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_ports_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+
+Response k8sdispatcher_list_by_id_help(const char *name, const Key *keys, size_t num_keys);
+Response k8sdispatcher_nodeport_rule_list_by_id_help(const char *name, const Key *keys, size_t num_keys);
+Response k8sdispatcher_ports_list_by_id_help(const char *name, const Key *keys, size_t num_keys);
+Response k8sdispatcher_session_rule_list_by_id_help(const char *name, const Key *keys, size_t num_keys);
+
+
+#ifdef __cplusplus
+}
+#endif
+
diff --git a/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.cpp b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.cpp
new file mode 100644
index 000000000..a4bf15212
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.cpp
@@ -0,0 +1,855 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+#include "K8sdispatcherApiImpl.h"
+
+namespace polycube {
+namespace service {
+namespace api {
+
+using namespace polycube::service::model;
+
+namespace K8sdispatcherApiImpl {
+namespace {
+std::unordered_map<std::string, std::shared_ptr<K8sdispatcher>> cubes;
+std::mutex cubes_mutex;
+
+std::shared_ptr<K8sdispatcher> get_cube(const std::string &name) {
+  std::lock_guard<std::mutex> guard(cubes_mutex);
+  auto iter = cubes.find(name);
+  if (iter == cubes.end()) {
+    throw std::runtime_error("Cube " + name + " does not exist");
+  }
+
+  return iter->second;
+}
+
+}
+
+void create_k8sdispatcher_by_id(const std::string &name, const K8sdispatcherJsonObject &jsonObject) {
+  {
+    // check if name is valid before creating it
+    std::lock_guard<std::mutex> guard(cubes_mutex);
+    if (cubes.count(name) != 0) {
+      throw std::runtime_error("There is already a cube with name " + name);
+    }
+  }
+  auto ptr = std::make_shared<K8sdispatcher>(name, jsonObject);
+  std::unordered_map<std::string, std::shared_ptr<K8sdispatcher>>::iterator iter;
+  bool inserted;
+
+  std::lock_guard<std::mutex> guard(cubes_mutex);
+  std::tie(iter, inserted) = cubes.emplace(name, std::move(ptr));
+
+  if (!inserted) {
+    throw std::runtime_error("There is already a cube with name " + name);
+  }
+}
+
+void replace_k8sdispatcher_by_id(const std::string &name, const K8sdispatcherJsonObject &bridge){
+  throw std::runtime_error("Method not supported!");
+}
+
+void delete_k8sdispatcher_by_id(const std::string &name) {
+  std::lock_guard<std::mutex> guard(cubes_mutex);
+  if (cubes.count(name) == 0) {
+    throw std::runtime_error("Cube " + name + " does not exist");
+  }
+  cubes.erase(name);
+}
+
+std::vector<K8sdispatcherJsonObject> read_k8sdispatcher_list_by_id() {
+  std::vector<K8sdispatcherJsonObject> jsonObject_vect;
+  for(auto &i : cubes) {
+    auto m = get_cube(i.first);
+    jsonObject_vect.push_back(m->toJsonObject());
+  }
+  return jsonObject_vect;
+}
+
+std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_list_by_id_get_list() {
+  std::vector<nlohmann::fifo_map<std::string, std::string>> r;
+  for (auto &x : cubes) {
+    nlohmann::fifo_map<std::string, std::string> m;
+    m["name"] = x.first;
+    r.push_back(std::move(m));
+  }
+  return r;
+}
+
+/**
+* @brief   Create nodeport-rule by ID
+*
+* Create operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+* @param[in] value nodeport-rulebody object
+*
+* Responses:
+*
+*/
+void
+create_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->addNodeportRule(nodeportPort, proto, value);
+}
+
+/**
+* @brief   Create nodeport-rule by ID
+*
+* Create operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] value nodeport-rulebody object
+*
+* Responses:
+*
+*/
+void
+create_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name, const std::vector<NodeportRuleJsonObject> &value) {
+  auto k8sdispatcher = get_cube(name);
+  k8sdispatcher->addNodeportRuleList(value);
+}
+
+/**
+* @brief   Create ports by ID
+*
+* Create operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+* @param[in] value portsbody object
+*
+* Responses:
+*
+*/
+void
+create_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName, const PortsJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->addPorts(portsName, value);
+}
+
+/**
+* @brief   Create ports by ID
+*
+* Create operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] value portsbody object
+*
+* Responses:
+*
+*/
+void
+create_k8sdispatcher_ports_list_by_id(const std::string &name, const std::vector<PortsJsonObject> &value) {
+  auto k8sdispatcher = get_cube(name);
+  k8sdispatcher->addPortsList(value);
+}
+
+/**
+* @brief   Delete nodeport-rule by ID
+*
+* Delete operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+*
+* Responses:
+*
+*/
+void
+delete_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->delNodeportRule(nodeportPort, proto);
+}
+
+/**
+* @brief   Delete nodeport-rule by ID
+*
+* Delete operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+*
+* Responses:
+*
+*/
+void
+delete_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  k8sdispatcher->delNodeportRuleList();
+}
+
+/**
+* @brief   Delete ports by ID
+*
+* Delete operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+*
+* Responses:
+*
+*/
+void
+delete_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->delPorts(portsName);
+}
+
+/**
+* @brief   Delete ports by ID
+*
+* Delete operation of resource: ports*
+*
+* @param[in] name ID of name
+*
+* Responses:
+*
+*/
+void
+delete_k8sdispatcher_ports_list_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  k8sdispatcher->delPortsList();
+}
+
+/**
+* @brief   Read k8sdispatcher by ID
+*
+* Read operation of resource: k8sdispatcher*
+*
+* @param[in] name ID of name
+*
+* Responses:
+* K8sdispatcherJsonObject
+*/
+K8sdispatcherJsonObject
+read_k8sdispatcher_by_id(const std::string &name) {
+  return get_cube(name)->toJsonObject();
+
+}
+
+/**
+* @brief   Read internal-src-ip by ID
+*
+* Read operation of resource: internal-src-ip*
+*
+* @param[in] name ID of name
+*
+* Responses:
+* std::string
+*/
+std::string
+read_k8sdispatcher_internal_src_ip_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->getInternalSrcIp();
+
+}
+
+/**
+* @brief   Read nodeport-range by ID
+*
+* Read operation of resource: nodeport-range*
+*
+* @param[in] name ID of name
+*
+* Responses:
+* std::string
+*/
+std::string
+read_k8sdispatcher_nodeport_range_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->getNodeportRange();
+
+}
+
+/**
+* @brief   Read nodeport-rule by ID
+*
+* Read operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* NodeportRuleJsonObject
+*/
+NodeportRuleJsonObject
+read_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->getNodeportRule(nodeportPort, proto)->toJsonObject();
+
+}
+
+/**
+* @brief   Read external-traffic-policy by ID
+*
+* Read operation of resource: external-traffic-policy*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* NodeportRuleExternalTrafficPolicyEnum
+*/
+NodeportRuleExternalTrafficPolicyEnum
+read_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  auto nodeportRule = k8sdispatcher->getNodeportRule(nodeportPort, proto);
+  return nodeportRule->getExternalTrafficPolicy();
+
+}
+
+/**
+* @brief   Read nodeport-rule by ID
+*
+* Read operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+*
+* Responses:
+* std::vector<NodeportRuleJsonObject>
+*/
+std::vector<NodeportRuleJsonObject>
+read_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  auto &&nodeportRule = k8sdispatcher->getNodeportRuleList();
+  std::vector<NodeportRuleJsonObject> m;
+  for(auto &i : nodeportRule)
+    m.push_back(i->toJsonObject());
+  return m;
+}
+
+/**
+* @brief   Read rule-name by ID
+*
+* Read operation of resource: rule-name*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* std::string
+*/
+std::string
+read_k8sdispatcher_nodeport_rule_rule_name_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  auto nodeportRule = k8sdispatcher->getNodeportRule(nodeportPort, proto);
+  return nodeportRule->getRuleName();
+
+}
+
+/**
+* @brief   Read ports by ID
+*
+* Read operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+*
+* Responses:
+* PortsJsonObject
+*/
+PortsJsonObject
+read_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->getPorts(portsName)->toJsonObject();
+
+}
+
+/**
+* @brief   Read ip by ID
+*
+* Read operation of resource: ip*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+*
+* Responses:
+* std::string
+*/
+std::string
+read_k8sdispatcher_ports_ip_by_id(const std::string &name, const std::string &portsName) {
+  auto k8sdispatcher = get_cube(name);
+  auto ports = k8sdispatcher->getPorts(portsName);
+  return ports->getIp();
+
+}
+
+/**
+* @brief   Read ports by ID
+*
+* Read operation of resource: ports*
+*
+* @param[in] name ID of name
+*
+* Responses:
+* std::vector<PortsJsonObject>
+*/
+std::vector<PortsJsonObject>
+read_k8sdispatcher_ports_list_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  auto &&ports = k8sdispatcher->getPortsList();
+  std::vector<PortsJsonObject> m;
+  for(auto &i : ports)
+    m.push_back(i->toJsonObject());
+  return m;
+}
+
+/**
+* @brief   Read type by ID
+*
+* Read operation of resource: type*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+*
+* Responses:
+* PortsTypeEnum
+*/
+PortsTypeEnum
+read_k8sdispatcher_ports_type_by_id(const std::string &name, const std::string &portsName) {
+  auto k8sdispatcher = get_cube(name);
+  auto ports = k8sdispatcher->getPorts(portsName);
+  return ports->getType();
+
+}
+
+/**
+* @brief   Read session-rule by ID
+*
+* Read operation of resource: session-rule*
+*
+* @param[in] name ID of name
+* @param[in] direction ID of direction
+* @param[in] srcIp ID of src-ip
+* @param[in] dstIp ID of dst-ip
+* @param[in] srcPort ID of src-port
+* @param[in] dstPort ID of dst-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* SessionRuleJsonObject
+*/
+SessionRuleJsonObject
+read_k8sdispatcher_session_rule_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->getSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto)->toJsonObject();
+
+}
+
+/**
+* @brief   Read session-rule by ID
+*
+* Read operation of resource: session-rule*
+*
+* @param[in] name ID of name
+*
+* Responses:
+* std::vector<SessionRuleJsonObject>
+*/
+std::vector<SessionRuleJsonObject>
+read_k8sdispatcher_session_rule_list_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  auto &&sessionRule = k8sdispatcher->getSessionRuleList();
+  std::vector<SessionRuleJsonObject> m;
+  for(auto &i : sessionRule)
+    m.push_back(i->toJsonObject());
+  return m;
+}
+
+/**
+* @brief   Read new-ip by ID
+*
+* Read operation of resource: new-ip*
+*
+* @param[in] name ID of name
+* @param[in] direction ID of direction
+* @param[in] srcIp ID of src-ip
+* @param[in] dstIp ID of dst-ip
+* @param[in] srcPort ID of src-port
+* @param[in] dstPort ID of dst-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* std::string
+*/
+std::string
+read_k8sdispatcher_session_rule_new_ip_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  auto sessionRule = k8sdispatcher->getSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto);
+  return sessionRule->getNewIp();
+
+}
+
+/**
+* @brief   Read new-port by ID
+*
+* Read operation of resource: new-port*
+*
+* @param[in] name ID of name
+* @param[in] direction ID of direction
+* @param[in] srcIp ID of src-ip
+* @param[in] dstIp ID of dst-ip
+* @param[in] srcPort ID of src-port
+* @param[in] dstPort ID of dst-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* uint16_t
+*/
+uint16_t
+read_k8sdispatcher_session_rule_new_port_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  auto sessionRule = k8sdispatcher->getSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto);
+  return sessionRule->getNewPort();
+
+}
+
+/**
+* @brief   Read operation by ID
+*
+* Read operation of resource: operation*
+*
+* @param[in] name ID of name
+* @param[in] direction ID of direction
+* @param[in] srcIp ID of src-ip
+* @param[in] dstIp ID of dst-ip
+* @param[in] srcPort ID of src-port
+* @param[in] dstPort ID of dst-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* SessionRuleOperationEnum
+*/
+SessionRuleOperationEnum
+read_k8sdispatcher_session_rule_operation_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  auto sessionRule = k8sdispatcher->getSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto);
+  return sessionRule->getOperation();
+
+}
+
+/**
+* @brief   Read originating-rule by ID
+*
+* Read operation of resource: originating-rule*
+*
+* @param[in] name ID of name
+* @param[in] direction ID of direction
+* @param[in] srcIp ID of src-ip
+* @param[in] dstIp ID of dst-ip
+* @param[in] srcPort ID of src-port
+* @param[in] dstPort ID of dst-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* SessionRuleOriginatingRuleEnum
+*/
+SessionRuleOriginatingRuleEnum
+read_k8sdispatcher_session_rule_originating_rule_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  auto sessionRule = k8sdispatcher->getSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto);
+  return sessionRule->getOriginatingRule();
+
+}
+
+/**
+* @brief   Replace nodeport-rule by ID
+*
+* Replace operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+* @param[in] value nodeport-rulebody object
+*
+* Responses:
+*
+*/
+void
+replace_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->replaceNodeportRule(nodeportPort, proto, value);
+}
+
+/**
+* @brief   Replace nodeport-rule by ID
+*
+* Replace operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] value nodeport-rulebody object
+*
+* Responses:
+*
+*/
+void
+replace_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name, const std::vector<NodeportRuleJsonObject> &value) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->replaceNodeportRuleList(value);
+}
+
+/**
+* @brief   Replace ports by ID
+*
+* Replace operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+* @param[in] value portsbody object
+*
+* Responses:
+*
+*/
+void
+replace_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName, const PortsJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->replacePorts(portsName, value);
+}
+
+/**
+* @brief   Replace ports by ID
+*
+* Replace operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] value portsbody object
+*
+* Responses:
+*
+*/
+void
+replace_k8sdispatcher_ports_list_by_id(const std::string &name, const std::vector<PortsJsonObject> &value) {
+  throw std::runtime_error("Method not supported");
+}
+
+/**
+* @brief   Update k8sdispatcher by ID
+*
+* Update operation of resource: k8sdispatcher*
+*
+* @param[in] name ID of name
+* @param[in] value k8sdispatcherbody object
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_by_id(const std::string &name, const K8sdispatcherJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->update(value);
+}
+
+/**
+* @brief   Update k8sdispatcher by ID
+*
+* Update operation of resource: k8sdispatcher*
+*
+* @param[in] value k8sdispatcherbody object
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_list_by_id(const std::vector<K8sdispatcherJsonObject> &value) {
+  throw std::runtime_error("Method not supported");
+}
+
+/**
+* @brief   Update nodeport-range by ID
+*
+* Update operation of resource: nodeport-range*
+*
+* @param[in] name ID of name
+* @param[in] value Port range used for NodePort Services
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_nodeport_range_by_id(const std::string &name, const std::string &value) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->setNodeportRange(value);
+}
+
+/**
+* @brief   Update nodeport-rule by ID
+*
+* Update operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+* @param[in] value nodeport-rulebody object
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+  auto nodeportRule = k8sdispatcher->getNodeportRule(nodeportPort, proto);
+
+  return nodeportRule->update(value);
+}
+
+/**
+* @brief   Update external-traffic-policy by ID
+*
+* Update operation of resource: external-traffic-policy*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+* @param[in] value The external traffic policy of the Kubernetes NodePort Service
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleExternalTrafficPolicyEnum &value) {
+  auto k8sdispatcher = get_cube(name);
+  auto nodeportRule = k8sdispatcher->getNodeportRule(nodeportPort, proto);
+
+  return nodeportRule->setExternalTrafficPolicy(value);
+}
+
+/**
+* @brief   Update nodeport-rule by ID
+*
+* Update operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] value nodeport-rulebody object
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name, const std::vector<NodeportRuleJsonObject> &value) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->updateNodeportRuleList(value);
+}
+
+/**
+* @brief   Update ports by ID
+*
+* Update operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+* @param[in] value portsbody object
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName, const PortsJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+  auto ports = k8sdispatcher->getPorts(portsName);
+
+  return ports->update(value);
+}
+
+/**
+* @brief   Update ports by ID
+*
+* Update operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] value portsbody object
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_ports_list_by_id(const std::string &name, const std::vector<PortsJsonObject> &value) {
+  throw std::runtime_error("Method not supported");
+}
+
+
+
+/*
+ * help related
+ */
+
+std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_nodeport_rule_list_by_id_get_list(const std::string &name) {
+  std::vector<nlohmann::fifo_map<std::string, std::string>> r;
+  auto &&k8sdispatcher = get_cube(name);
+
+  auto &&nodeportRule = k8sdispatcher->getNodeportRuleList();
+  for(auto &i : nodeportRule) {
+    nlohmann::fifo_map<std::string, std::string> keys;
+
+    keys["nodeportPort"] = std::to_string(i->getNodeportPort());
+    keys["proto"] = NodeportRuleJsonObject::L4ProtoEnum_to_string(i->getProto());
+
+    r.push_back(keys);
+  }
+  return r;
+}
+
+std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_ports_list_by_id_get_list(const std::string &name) {
+  std::vector<nlohmann::fifo_map<std::string, std::string>> r;
+  auto &&k8sdispatcher = get_cube(name);
+
+  auto &&ports = k8sdispatcher->getPortsList();
+  for(auto &i : ports) {
+    nlohmann::fifo_map<std::string, std::string> keys;
+
+    keys["name"] = i->getName();
+
+    r.push_back(keys);
+  }
+  return r;
+}
+
+std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_session_rule_list_by_id_get_list(const std::string &name) {
+  std::vector<nlohmann::fifo_map<std::string, std::string>> r;
+  auto &&k8sdispatcher = get_cube(name);
+
+  auto &&sessionRule = k8sdispatcher->getSessionRuleList();
+  for(auto &i : sessionRule) {
+    nlohmann::fifo_map<std::string, std::string> keys;
+
+    keys["direction"] = SessionRuleJsonObject::SessionRuleDirectionEnum_to_string(i->getDirection());
+    keys["srcIp"] = i->getSrcIp();
+    keys["dstIp"] = i->getDstIp();
+    keys["srcPort"] = std::to_string(i->getSrcPort());
+    keys["dstPort"] = std::to_string(i->getDstPort());
+    keys["proto"] = SessionRuleJsonObject::L4ProtoEnum_to_string(i->getProto());
+
+    r.push_back(keys);
+  }
+  return r;
+}
+
+
+}
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.h b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.h
new file mode 100644
index 000000000..15333cfc5
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.h
@@ -0,0 +1,90 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* K8sdispatcherApiImpl.h
+*
+*
+*/
+
+#pragma once
+
+
+#include <memory>
+#include <map>
+#include <mutex>
+#include "../K8sdispatcher.h"
+
+#include "K8sdispatcherJsonObject.h"
+#include "NodeportRuleJsonObject.h"
+#include "PortsJsonObject.h"
+#include "SessionRuleJsonObject.h"
+#include <vector>
+
+namespace polycube {
+namespace service {
+namespace api {
+
+using namespace polycube::service::model;
+
+namespace K8sdispatcherApiImpl {
+  void create_k8sdispatcher_by_id(const std::string &name, const K8sdispatcherJsonObject &value);
+  void create_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &value);
+  void create_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name, const std::vector<NodeportRuleJsonObject> &value);
+  void create_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName, const PortsJsonObject &value);
+  void create_k8sdispatcher_ports_list_by_id(const std::string &name, const std::vector<PortsJsonObject> &value);
+  void delete_k8sdispatcher_by_id(const std::string &name);
+  void delete_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto);
+  void delete_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name);
+  void delete_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName);
+  void delete_k8sdispatcher_ports_list_by_id(const std::string &name);
+  K8sdispatcherJsonObject read_k8sdispatcher_by_id(const std::string &name);
+  std::string read_k8sdispatcher_internal_src_ip_by_id(const std::string &name);
+  std::vector<K8sdispatcherJsonObject> read_k8sdispatcher_list_by_id();
+  std::string read_k8sdispatcher_nodeport_range_by_id(const std::string &name);
+  NodeportRuleJsonObject read_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto);
+  NodeportRuleExternalTrafficPolicyEnum read_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto);
+  std::vector<NodeportRuleJsonObject> read_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name);
+  std::string read_k8sdispatcher_nodeport_rule_rule_name_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto);
+  PortsJsonObject read_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName);
+  std::string read_k8sdispatcher_ports_ip_by_id(const std::string &name, const std::string &portsName);
+  std::vector<PortsJsonObject> read_k8sdispatcher_ports_list_by_id(const std::string &name);
+  PortsTypeEnum read_k8sdispatcher_ports_type_by_id(const std::string &name, const std::string &portsName);
+  SessionRuleJsonObject read_k8sdispatcher_session_rule_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto);
+  std::vector<SessionRuleJsonObject> read_k8sdispatcher_session_rule_list_by_id(const std::string &name);
+  std::string read_k8sdispatcher_session_rule_new_ip_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto);
+  uint16_t read_k8sdispatcher_session_rule_new_port_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto);
+  SessionRuleOperationEnum read_k8sdispatcher_session_rule_operation_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto);
+  SessionRuleOriginatingRuleEnum read_k8sdispatcher_session_rule_originating_rule_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto);
+  void replace_k8sdispatcher_by_id(const std::string &name, const K8sdispatcherJsonObject &value);
+  void replace_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &value);
+  void replace_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name, const std::vector<NodeportRuleJsonObject> &value);
+  void replace_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName, const PortsJsonObject &value);
+  void replace_k8sdispatcher_ports_list_by_id(const std::string &name, const std::vector<PortsJsonObject> &value);
+  void update_k8sdispatcher_by_id(const std::string &name, const K8sdispatcherJsonObject &value);
+  void update_k8sdispatcher_list_by_id(const std::vector<K8sdispatcherJsonObject> &value);
+  void update_k8sdispatcher_nodeport_range_by_id(const std::string &name, const std::string &value);
+  void update_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &value);
+  void update_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleExternalTrafficPolicyEnum &value);
+  void update_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name, const std::vector<NodeportRuleJsonObject> &value);
+  void update_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName, const PortsJsonObject &value);
+  void update_k8sdispatcher_ports_list_by_id(const std::string &name, const std::vector<PortsJsonObject> &value);
+
+  /* help related */
+  std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_list_by_id_get_list();
+  std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_nodeport_rule_list_by_id_get_list(const std::string &name);
+  std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_ports_list_by_id_get_list(const std::string &name);
+  std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_session_rule_list_by_id_get_list(const std::string &name);
+
+}
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.cpp b/src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.cpp
new file mode 100644
index 000000000..8eb540dbe
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.cpp
@@ -0,0 +1,171 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+#include "K8sdispatcherBase.h"
+
+K8sdispatcherBase::K8sdispatcherBase(const std::string name) {
+  logger()->set_pattern("[%Y-%m-%d %H:%M:%S.%e] [K8sdispatcher] [%n] [%l] %v");
+}
+
+
+
+K8sdispatcherBase::~K8sdispatcherBase() {}
+
+void K8sdispatcherBase::update(const K8sdispatcherJsonObject &conf) {
+  set_conf(conf.getBase());
+
+  if (conf.portsIsSet()) {
+    for (auto &i : conf.getPorts()) {
+      auto name = i.getName();
+      auto m = getPorts(name);
+      m->update(i);
+    }
+  }
+  if (conf.nodeportRangeIsSet()) {
+    setNodeportRange(conf.getNodeportRange());
+  }
+  if (conf.sessionRuleIsSet()) {
+    for (auto &i : conf.getSessionRule()) {
+      auto direction = i.getDirection();
+      auto srcIp = i.getSrcIp();
+      auto dstIp = i.getDstIp();
+      auto srcPort = i.getSrcPort();
+      auto dstPort = i.getDstPort();
+      auto proto = i.getProto();
+      auto m = getSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto);
+      m->update(i);
+    }
+  }
+  if (conf.nodeportRuleIsSet()) {
+    for (auto &i : conf.getNodeportRule()) {
+      auto nodeportPort = i.getNodeportPort();
+      auto proto = i.getProto();
+      auto m = getNodeportRule(nodeportPort, proto);
+      m->update(i);
+    }
+  }
+}
+
+K8sdispatcherJsonObject K8sdispatcherBase::toJsonObject() {
+  K8sdispatcherJsonObject conf;
+  conf.setBase(to_json());
+
+  conf.setName(getName());
+  for (auto &i : getPortsList()) {
+    conf.addPorts(i->toJsonObject());
+  }
+  conf.setInternalSrcIp(getInternalSrcIp());
+  conf.setNodeportRange(getNodeportRange());
+  for(auto &i : getSessionRuleList()) {
+    conf.addSessionRule(i->toJsonObject());
+  }
+  for(auto &i : getNodeportRuleList()) {
+    conf.addNodeportRule(i->toJsonObject());
+  }
+
+  return conf;
+}
+void K8sdispatcherBase::addPortsList(const std::vector<PortsJsonObject> &conf) {
+  for (auto &i : conf) {
+    std::string name_ = i.getName();
+    addPorts(name_, i);
+  }
+}
+
+void K8sdispatcherBase::replacePorts(const std::string &name, const PortsJsonObject &conf) {
+  delPorts(name);
+  std::string name_ = conf.getName();
+  addPorts(name_, conf);
+}
+
+void K8sdispatcherBase::delPortsList() {
+  auto elements = getPortsList();
+  for (auto &i : elements) {
+    std::string name_ = i->getName();
+    delPorts(name_);
+  }
+}
+
+void K8sdispatcherBase::addPorts(const std::string &name, const PortsJsonObject &conf) {
+  add_port<PortsJsonObject>(name, conf);
+}
+
+void K8sdispatcherBase::delPorts(const std::string &name) {
+  remove_port(name);
+}
+
+std::shared_ptr<Ports> K8sdispatcherBase::getPorts(const std::string &name) {
+  return get_port(name);
+}
+
+std::vector<std::shared_ptr<Ports>> K8sdispatcherBase::getPortsList() {
+  return get_ports();
+}
+void K8sdispatcherBase::addSessionRuleList(const std::vector<SessionRuleJsonObject> &conf) {
+  for (auto &i : conf) {
+    SessionRuleDirectionEnum direction_ = i.getDirection();
+    std::string srcIp_ = i.getSrcIp();
+    std::string dstIp_ = i.getDstIp();
+    uint16_t srcPort_ = i.getSrcPort();
+    uint16_t dstPort_ = i.getDstPort();
+    L4ProtoEnum proto_ = i.getProto();
+    addSessionRule(direction_, srcIp_, dstIp_, srcPort_, dstPort_, proto_, i);
+  }
+}
+
+void K8sdispatcherBase::replaceSessionRule(const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto, const SessionRuleJsonObject &conf) {
+  delSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto);
+  SessionRuleDirectionEnum direction_ = conf.getDirection();
+  std::string srcIp_ = conf.getSrcIp();
+  std::string dstIp_ = conf.getDstIp();
+  uint16_t srcPort_ = conf.getSrcPort();
+  uint16_t dstPort_ = conf.getDstPort();
+  L4ProtoEnum proto_ = conf.getProto();
+  addSessionRule(direction_, srcIp_, dstIp_, srcPort_, dstPort_, proto_, conf);
+}
+
+void K8sdispatcherBase::delSessionRuleList() {
+  auto elements = getSessionRuleList();
+  for (auto &i : elements) {
+    SessionRuleDirectionEnum direction_ = i->getDirection();
+    std::string srcIp_ = i->getSrcIp();
+    std::string dstIp_ = i->getDstIp();
+    uint16_t srcPort_ = i->getSrcPort();
+    uint16_t dstPort_ = i->getDstPort();
+    L4ProtoEnum proto_ = i->getProto();
+    delSessionRule(direction_, srcIp_, dstIp_, srcPort_, dstPort_, proto_);
+  }
+}
+void K8sdispatcherBase::addNodeportRuleList(const std::vector<NodeportRuleJsonObject> &conf) {
+  for (auto &i : conf) {
+    uint16_t nodeportPort_ = i.getNodeportPort();
+    L4ProtoEnum proto_ = i.getProto();
+    addNodeportRule(nodeportPort_, proto_, i);
+  }
+}
+
+void K8sdispatcherBase::replaceNodeportRule(const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &conf) {
+  delNodeportRule(nodeportPort, proto);
+  uint16_t nodeportPort_ = conf.getNodeportPort();
+  L4ProtoEnum proto_ = conf.getProto();
+  addNodeportRule(nodeportPort_, proto_, conf);
+}
+
+void K8sdispatcherBase::delNodeportRuleList() {
+  auto elements = getNodeportRuleList();
+  for (auto &i : elements) {
+    uint16_t nodeportPort_ = i->getNodeportPort();
+    L4ProtoEnum proto_ = i->getProto();
+    delNodeportRule(nodeportPort_, proto_);
+  }
+}
+
+
diff --git a/src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.h b/src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.h
new file mode 100644
index 000000000..375b025e1
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.h
@@ -0,0 +1,91 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* K8sdispatcherBase.h
+*
+*
+*/
+
+#pragma once
+
+#include "../serializer/K8sdispatcherJsonObject.h"
+
+#include "../NodeportRule.h"
+#include "../Ports.h"
+#include "../SessionRule.h"
+
+#include "polycube/services/cube.h"
+#include "polycube/services/port.h"
+
+
+
+#include "polycube/services/utils.h"
+#include "polycube/services/fifo_map.hpp"
+
+#include <spdlog/spdlog.h>
+
+using namespace polycube::service::model;
+
+
+class K8sdispatcherBase: public virtual polycube::service::Cube<Ports> {
+ public:
+  K8sdispatcherBase(const std::string name);
+
+  virtual ~K8sdispatcherBase();
+  virtual void update(const K8sdispatcherJsonObject &conf);
+  virtual K8sdispatcherJsonObject toJsonObject();
+
+  /// <summary>
+  /// Entry of the ports table
+  /// </summary>
+  virtual std::shared_ptr<Ports> getPorts(const std::string &name);
+  virtual std::vector<std::shared_ptr<Ports>> getPortsList();
+  virtual void addPorts(const std::string &name, const PortsJsonObject &conf);
+  virtual void addPortsList(const std::vector<PortsJsonObject> &conf);
+  virtual void replacePorts(const std::string &name, const PortsJsonObject &conf);
+  virtual void delPorts(const std::string &name);
+  virtual void delPortsList();
+
+  /// <summary>
+  /// Internal source IP address used for natting incoming packets directed to Kubernetes Services with a CLUSTER external traffic policy
+  /// </summary>
+  virtual std::string getInternalSrcIp() = 0;
+
+  /// <summary>
+  /// Port range used for NodePort Services
+  /// </summary>
+  virtual std::string getNodeportRange() = 0;
+  virtual void setNodeportRange(const std::string &value) = 0;
+
+  /// <summary>
+  /// Session entry related to a specific traffic direction
+  /// </summary>
+  virtual std::shared_ptr<SessionRule> getSessionRule(const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto) = 0;
+  virtual std::vector<std::shared_ptr<SessionRule>> getSessionRuleList() = 0;
+  virtual void addSessionRule(const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto, const SessionRuleJsonObject &conf) = 0;
+  virtual void addSessionRuleList(const std::vector<SessionRuleJsonObject> &conf);
+  virtual void replaceSessionRule(const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto, const SessionRuleJsonObject &conf);
+  virtual void delSessionRule(const SessionRuleDirectionEnum &direction,const std::string &srcIp,const std::string &dstIp,const uint16_t &srcPort,const uint16_t &dstPort,const L4ProtoEnum &proto) = 0;
+  virtual void delSessionRuleList();
+
+  /// <summary>
+  /// NodePort rule associated with a Kubernetes NodePort Service
+  /// </summary>
+  virtual std::shared_ptr<NodeportRule> getNodeportRule(const uint16_t &nodeportPort, const L4ProtoEnum &proto) = 0;
+  virtual std::vector<std::shared_ptr<NodeportRule>> getNodeportRuleList() = 0;
+  virtual void addNodeportRule(const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &conf) = 0;
+  virtual void addNodeportRuleList(const std::vector<NodeportRuleJsonObject> &conf);
+  virtual void updateNodeportRuleList(const std::vector<NodeportRuleJsonObject> &conf) = 0;
+  virtual void replaceNodeportRule(const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &conf);
+  virtual void replaceNodeportRuleList(const std::vector<NodeportRuleJsonObject> &conf) = 0;
+  virtual void delNodeportRule(const uint16_t &nodeportPort,const L4ProtoEnum &proto) = 0;
+  virtual void delNodeportRuleList();
+};
diff --git a/src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.cpp b/src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.cpp
new file mode 100644
index 000000000..97be76fea
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.cpp
@@ -0,0 +1,42 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+#include "NodeportRuleBase.h"
+#include "../K8sdispatcher.h"
+
+
+NodeportRuleBase::NodeportRuleBase(K8sdispatcher &parent)
+    : parent_(parent) {}
+
+NodeportRuleBase::~NodeportRuleBase() {}
+
+void NodeportRuleBase::update(const NodeportRuleJsonObject &conf) {
+
+  if (conf.externalTrafficPolicyIsSet()) {
+    setExternalTrafficPolicy(conf.getExternalTrafficPolicy());
+  }
+}
+
+NodeportRuleJsonObject NodeportRuleBase::toJsonObject() {
+  NodeportRuleJsonObject conf;
+
+  conf.setNodeportPort(getNodeportPort());
+  conf.setProto(getProto());
+  conf.setExternalTrafficPolicy(getExternalTrafficPolicy());
+  conf.setRuleName(getRuleName());
+
+  return conf;
+}
+
+std::shared_ptr<spdlog::logger> NodeportRuleBase::logger() {
+  return parent_.logger();
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.h b/src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.h
new file mode 100644
index 000000000..e819bf274
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.h
@@ -0,0 +1,65 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* NodeportRuleBase.h
+*
+*
+*/
+
+#pragma once
+
+#include "../serializer/NodeportRuleJsonObject.h"
+
+
+
+
+
+
+#include <spdlog/spdlog.h>
+
+using namespace polycube::service::model;
+
+class K8sdispatcher;
+
+class NodeportRuleBase {
+ public:
+  
+  NodeportRuleBase(K8sdispatcher &parent);
+  
+  virtual ~NodeportRuleBase();
+  virtual void update(const NodeportRuleJsonObject &conf);
+  virtual NodeportRuleJsonObject toJsonObject();
+
+  /// <summary>
+  /// NodePort rule nodeport port number
+  /// </summary>
+  virtual uint16_t getNodeportPort() = 0;
+
+  /// <summary>
+  /// NodePort rule L4 protocol
+  /// </summary>
+  virtual L4ProtoEnum getProto() = 0;
+
+  /// <summary>
+  /// The external traffic policy of the Kubernetes NodePort Service
+  /// </summary>
+  virtual NodeportRuleExternalTrafficPolicyEnum getExternalTrafficPolicy() = 0;
+  virtual void setExternalTrafficPolicy(const NodeportRuleExternalTrafficPolicyEnum &value) = 0;
+
+  /// <summary>
+  /// An optional name for the NodePort rule
+  /// </summary>
+  virtual std::string getRuleName() = 0;
+
+  std::shared_ptr<spdlog::logger> logger();
+ protected:
+  K8sdispatcher &parent_;
+};
diff --git a/src/services/pcn-k8sdispatcher/src/base/PortsBase.cpp b/src/services/pcn-k8sdispatcher/src/base/PortsBase.cpp
new file mode 100644
index 000000000..d55efb130
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/PortsBase.cpp
@@ -0,0 +1,41 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+#include "PortsBase.h"
+#include "../K8sdispatcher.h"
+
+PortsBase::PortsBase(polycube::service::Cube<Ports> &parent,
+    std::shared_ptr<polycube::service::PortIface> port)
+    : Port(port), parent_(dynamic_cast<K8sdispatcher &>(parent)) {}
+
+
+PortsBase::~PortsBase() {}
+
+void PortsBase::update(const PortsJsonObject &conf) {
+  set_conf(conf.getBase());
+
+}
+
+PortsJsonObject PortsBase::toJsonObject() {
+  PortsJsonObject conf;
+  conf.setBase(to_json());
+
+  conf.setName(getName());
+  conf.setType(getType());
+  conf.setIp(getIp());
+
+  return conf;
+}
+
+std::shared_ptr<spdlog::logger> PortsBase::logger() {
+  return parent_.logger();
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/base/PortsBase.h b/src/services/pcn-k8sdispatcher/src/base/PortsBase.h
new file mode 100644
index 000000000..33cf3163a
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/PortsBase.h
@@ -0,0 +1,59 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* PortsBase.h
+*
+*
+*/
+
+#pragma once
+
+#include "../serializer/PortsJsonObject.h"
+
+
+
+
+#include "polycube/services/cube.h"
+#include "polycube/services/port.h"
+
+#include "polycube/services/utils.h"
+#include "polycube/services/fifo_map.hpp"
+
+#include <spdlog/spdlog.h>
+
+using namespace polycube::service::model;
+
+class K8sdispatcher;
+class Ports;
+
+class PortsBase: public polycube::service::Port {
+ public:
+  PortsBase(polycube::service::Cube<Ports> &parent,
+      std::shared_ptr<polycube::service::PortIface> port);
+  
+  virtual ~PortsBase();
+  virtual void update(const PortsJsonObject &conf);
+  virtual PortsJsonObject toJsonObject();
+
+  /// <summary>
+  /// Type of the K8s Dispatcher cube port (e.g. BACKEND or FRONTEND)
+  /// </summary>
+  virtual PortsTypeEnum getType() = 0;
+
+  /// <summary>
+  /// IP address of the node interface (only for FRONTEND port)
+  /// </summary>
+  virtual std::string getIp() = 0;
+
+  std::shared_ptr<spdlog::logger> logger();
+ protected:
+  K8sdispatcher &parent_;
+};
diff --git a/src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.cpp b/src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.cpp
new file mode 100644
index 000000000..2b5a8a3f4
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.cpp
@@ -0,0 +1,45 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+#include "SessionRuleBase.h"
+#include "../K8sdispatcher.h"
+
+
+SessionRuleBase::SessionRuleBase(K8sdispatcher &parent)
+    : parent_(parent) {}
+
+SessionRuleBase::~SessionRuleBase() {}
+
+void SessionRuleBase::update(const SessionRuleJsonObject &conf) {
+
+}
+
+SessionRuleJsonObject SessionRuleBase::toJsonObject() {
+  SessionRuleJsonObject conf;
+
+  conf.setDirection(getDirection());
+  conf.setSrcIp(getSrcIp());
+  conf.setDstIp(getDstIp());
+  conf.setSrcPort(getSrcPort());
+  conf.setDstPort(getDstPort());
+  conf.setProto(getProto());
+  conf.setNewIp(getNewIp());
+  conf.setNewPort(getNewPort());
+  conf.setOperation(getOperation());
+  conf.setOriginatingRule(getOriginatingRule());
+
+  return conf;
+}
+
+std::shared_ptr<spdlog::logger> SessionRuleBase::logger() {
+  return parent_.logger();
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.h b/src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.h
new file mode 100644
index 000000000..90e2ab09a
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.h
@@ -0,0 +1,94 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* SessionRuleBase.h
+*
+*
+*/
+
+#pragma once
+
+#include "../serializer/SessionRuleJsonObject.h"
+
+
+
+
+
+
+#include <spdlog/spdlog.h>
+
+using namespace polycube::service::model;
+
+class K8sdispatcher;
+
+class SessionRuleBase {
+ public:
+  
+  SessionRuleBase(K8sdispatcher &parent);
+  
+  virtual ~SessionRuleBase();
+  virtual void update(const SessionRuleJsonObject &conf);
+  virtual SessionRuleJsonObject toJsonObject();
+
+  /// <summary>
+  /// Session entry direction (e.g. INGRESS or EGRESS)
+  /// </summary>
+  virtual SessionRuleDirectionEnum getDirection() = 0;
+
+  /// <summary>
+  /// Session entry source IP address
+  /// </summary>
+  virtual std::string getSrcIp() = 0;
+
+  /// <summary>
+  /// Session entry destination IP address
+  /// </summary>
+  virtual std::string getDstIp() = 0;
+
+  /// <summary>
+  /// Session entry source L4 port number
+  /// </summary>
+  virtual uint16_t getSrcPort() = 0;
+
+  /// <summary>
+  /// Session entry destination L4 port number
+  /// </summary>
+  virtual uint16_t getDstPort() = 0;
+
+  /// <summary>
+  /// Session entry L4 protocol
+  /// </summary>
+  virtual L4ProtoEnum getProto() = 0;
+
+  /// <summary>
+  /// Translated IP address
+  /// </summary>
+  virtual std::string getNewIp() = 0;
+
+  /// <summary>
+  /// Translated L4 port number
+  /// </summary>
+  virtual uint16_t getNewPort() = 0;
+
+  /// <summary>
+  /// Operation applied on the original packet
+  /// </summary>
+  virtual SessionRuleOperationEnum getOperation() = 0;
+
+  /// <summary>
+  /// Rule originating the session entry
+  /// </summary>
+  virtual SessionRuleOriginatingRuleEnum getOriginatingRule() = 0;
+
+  std::shared_ptr<spdlog::logger> logger();
+ protected:
+  K8sdispatcher &parent_;
+};
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.cpp b/src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.cpp
new file mode 100644
index 000000000..2296417c0
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.cpp
@@ -0,0 +1,69 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+#include "JsonObjectBase.h"
+
+namespace polycube {
+namespace service {
+namespace model {
+
+JsonObjectBase::JsonObjectBase(const nlohmann::json &base) : base_(base) {}
+
+bool JsonObjectBase::iequals(const std::string &a, const std::string &b) {
+  if(a.size() != b.size())
+    return false;
+  for (unsigned int i = 0; i < a.size(); i++){
+    if(tolower(a[i]) != tolower(b[i]))
+      return false;
+  }
+  return true;
+}
+
+std::string JsonObjectBase::toJson(const std::string& value) {
+  return value;
+}
+
+std::string JsonObjectBase::toJson(const std::time_t& value) {
+  char buf[sizeof "2011-10-08T07:07:09Z"];
+  strftime(buf, sizeof buf, "%FT%TZ", gmtime(&value));
+  return buf;
+}
+
+int32_t JsonObjectBase::toJson(int32_t value) {
+  return value;
+}
+
+int64_t JsonObjectBase::toJson(int64_t value) {
+  return value;
+}
+
+double JsonObjectBase::toJson(double value) {
+  return value;
+}
+
+bool JsonObjectBase::toJson(bool value) {
+  return value;
+}
+
+nlohmann::json JsonObjectBase::toJson(const JsonObjectBase &content) {
+  return content.toJson();
+}
+
+const nlohmann::json &JsonObjectBase::getBase() const {
+  return base_;
+}
+
+void JsonObjectBase::setBase(const nlohmann::json &base) {
+  base_ = base;
+}
+
+}
+}
+}
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.h b/src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.h
new file mode 100644
index 000000000..bda8934b9
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.h
@@ -0,0 +1,55 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* JsonObjectBase.h
+*
+* This is the base class for all model classes
+*/
+
+#pragma once
+
+
+#include "polycube/services/json.hpp"
+#include "polycube/services/fifo_map.hpp"
+#include <ctime>
+#include <string>
+
+namespace polycube {
+namespace service {
+namespace model {
+
+class  JsonObjectBase {
+ public:
+  JsonObjectBase() = default;
+  JsonObjectBase(const nlohmann::json &base);
+  virtual ~JsonObjectBase() = default;
+
+  virtual nlohmann::json toJson() const = 0;
+
+  static bool iequals(const std::string &a, const std::string &b);
+  static std::string toJson(const std::string& value);
+  static std::string toJson(const std::time_t& value);
+  static int32_t toJson(int32_t value);
+  static int64_t toJson(int64_t value);
+  static double toJson(double value);
+  static bool toJson(bool value);
+  static nlohmann::json toJson(const JsonObjectBase &content);
+
+  const nlohmann::json &getBase() const;
+  void setBase(const nlohmann::json &base);
+
+ private:
+  nlohmann::json base_;
+};
+
+}
+}
+}
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.cpp b/src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.cpp
new file mode 100644
index 000000000..9ce528e74
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.cpp
@@ -0,0 +1,239 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+
+#include "K8sdispatcherJsonObject.h"
+#include <regex>
+
+namespace polycube {
+namespace service {
+namespace model {
+
+K8sdispatcherJsonObject::K8sdispatcherJsonObject() {
+  m_nameIsSet = false;
+  m_portsIsSet = false;
+  m_internalSrcIpIsSet = false;
+  m_nodeportRange = "30000-32767";
+  m_nodeportRangeIsSet = true;
+  m_sessionRuleIsSet = false;
+  m_nodeportRuleIsSet = false;
+}
+
+K8sdispatcherJsonObject::K8sdispatcherJsonObject(const nlohmann::json &val) :
+  JsonObjectBase(val) {
+  m_nameIsSet = false;
+  m_portsIsSet = false;
+  m_internalSrcIpIsSet = false;
+  m_nodeportRangeIsSet = false;
+  m_sessionRuleIsSet = false;
+  m_nodeportRuleIsSet = false;
+
+
+  if (val.count("name")) {
+    setName(val.at("name").get<std::string>());
+  }
+
+  if (val.count("ports")) {
+    for (auto& item : val["ports"]) {
+      PortsJsonObject newItem{ item };
+      m_ports.push_back(newItem);
+    }
+
+    m_portsIsSet = true;
+  }
+
+  if (val.count("internal-src-ip")) {
+    setInternalSrcIp(val.at("internal-src-ip").get<std::string>());
+  }
+
+  if (val.count("nodeport-range")) {
+    setNodeportRange(val.at("nodeport-range").get<std::string>());
+  }
+
+  if (val.count("session-rule")) {
+    for (auto& item : val["session-rule"]) {
+      SessionRuleJsonObject newItem{ item };
+      m_sessionRule.push_back(newItem);
+    }
+
+    m_sessionRuleIsSet = true;
+  }
+
+  if (val.count("nodeport-rule")) {
+    for (auto& item : val["nodeport-rule"]) {
+      NodeportRuleJsonObject newItem{ item };
+      m_nodeportRule.push_back(newItem);
+    }
+
+    m_nodeportRuleIsSet = true;
+  }
+}
+
+nlohmann::json K8sdispatcherJsonObject::toJson() const {
+  nlohmann::json val = nlohmann::json::object();
+  if (!getBase().is_null()) {
+    val.update(getBase());
+  }
+
+  if (m_nameIsSet) {
+    val["name"] = m_name;
+  }
+
+  {
+    nlohmann::json jsonArray;
+    for (auto& item : m_ports) {
+      jsonArray.push_back(JsonObjectBase::toJson(item));
+    }
+
+    if (jsonArray.size() > 0) {
+      val["ports"] = jsonArray;
+    }
+  }
+
+  if (m_internalSrcIpIsSet) {
+    val["internal-src-ip"] = m_internalSrcIp;
+  }
+
+  if (m_nodeportRangeIsSet) {
+    val["nodeport-range"] = m_nodeportRange;
+  }
+
+  {
+    nlohmann::json jsonArray;
+    for (auto& item : m_sessionRule) {
+      jsonArray.push_back(JsonObjectBase::toJson(item));
+    }
+
+    if (jsonArray.size() > 0) {
+      val["session-rule"] = jsonArray;
+    }
+  }
+
+  {
+    nlohmann::json jsonArray;
+    for (auto& item : m_nodeportRule) {
+      jsonArray.push_back(JsonObjectBase::toJson(item));
+    }
+
+    if (jsonArray.size() > 0) {
+      val["nodeport-rule"] = jsonArray;
+    }
+  }
+
+  return val;
+}
+
+std::string K8sdispatcherJsonObject::getName() const {
+  return m_name;
+}
+
+void K8sdispatcherJsonObject::setName(std::string value) {
+  m_name = value;
+  m_nameIsSet = true;
+}
+
+bool K8sdispatcherJsonObject::nameIsSet() const {
+  return m_nameIsSet;
+}
+
+
+
+const std::vector<PortsJsonObject>& K8sdispatcherJsonObject::getPorts() const{
+  return m_ports;
+}
+
+void K8sdispatcherJsonObject::addPorts(PortsJsonObject value) {
+  m_ports.push_back(value);
+  m_portsIsSet = true;
+}
+
+
+bool K8sdispatcherJsonObject::portsIsSet() const {
+  return m_portsIsSet;
+}
+
+void K8sdispatcherJsonObject::unsetPorts() {
+  m_portsIsSet = false;
+}
+
+std::string K8sdispatcherJsonObject::getInternalSrcIp() const {
+  return m_internalSrcIp;
+}
+
+void K8sdispatcherJsonObject::setInternalSrcIp(std::string value) {
+  m_internalSrcIp = value;
+  m_internalSrcIpIsSet = true;
+}
+
+bool K8sdispatcherJsonObject::internalSrcIpIsSet() const {
+  return m_internalSrcIpIsSet;
+}
+
+
+
+std::string K8sdispatcherJsonObject::getNodeportRange() const {
+  return m_nodeportRange;
+}
+
+void K8sdispatcherJsonObject::setNodeportRange(std::string value) {
+  m_nodeportRange = value;
+  m_nodeportRangeIsSet = true;
+}
+
+bool K8sdispatcherJsonObject::nodeportRangeIsSet() const {
+  return m_nodeportRangeIsSet;
+}
+
+void K8sdispatcherJsonObject::unsetNodeportRange() {
+  m_nodeportRangeIsSet = false;
+}
+
+const std::vector<SessionRuleJsonObject>& K8sdispatcherJsonObject::getSessionRule() const{
+  return m_sessionRule;
+}
+
+void K8sdispatcherJsonObject::addSessionRule(SessionRuleJsonObject value) {
+  m_sessionRule.push_back(value);
+  m_sessionRuleIsSet = true;
+}
+
+
+bool K8sdispatcherJsonObject::sessionRuleIsSet() const {
+  return m_sessionRuleIsSet;
+}
+
+void K8sdispatcherJsonObject::unsetSessionRule() {
+  m_sessionRuleIsSet = false;
+}
+
+const std::vector<NodeportRuleJsonObject>& K8sdispatcherJsonObject::getNodeportRule() const{
+  return m_nodeportRule;
+}
+
+void K8sdispatcherJsonObject::addNodeportRule(NodeportRuleJsonObject value) {
+  m_nodeportRule.push_back(value);
+  m_nodeportRuleIsSet = true;
+}
+
+
+bool K8sdispatcherJsonObject::nodeportRuleIsSet() const {
+  return m_nodeportRuleIsSet;
+}
+
+void K8sdispatcherJsonObject::unsetNodeportRule() {
+  m_nodeportRuleIsSet = false;
+}
+
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.h b/src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.h
new file mode 100644
index 000000000..d0f80cef9
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.h
@@ -0,0 +1,108 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* K8sdispatcherJsonObject.h
+*
+*
+*/
+
+#pragma once
+
+
+#include "JsonObjectBase.h"
+
+#include "SessionRuleJsonObject.h"
+#include "NodeportRuleJsonObject.h"
+#include "PortsJsonObject.h"
+#include <vector>
+#include "polycube/services/cube.h"
+
+namespace polycube {
+namespace service {
+namespace model {
+
+
+/// <summary>
+///
+/// </summary>
+class  K8sdispatcherJsonObject : public JsonObjectBase {
+public:
+  K8sdispatcherJsonObject();
+  K8sdispatcherJsonObject(const nlohmann::json &json);
+  ~K8sdispatcherJsonObject() final = default;
+  nlohmann::json toJson() const final;
+
+
+  /// <summary>
+  /// Name of the k8sdispatcher service
+  /// </summary>
+  std::string getName() const;
+  void setName(std::string value);
+  bool nameIsSet() const;
+
+  /// <summary>
+  /// Entry of the ports table
+  /// </summary>
+  const std::vector<PortsJsonObject>& getPorts() const;
+  void addPorts(PortsJsonObject value);
+  bool portsIsSet() const;
+  void unsetPorts();
+
+  /// <summary>
+  /// Internal source IP address used for natting incoming packets directed to Kubernetes Services with a CLUSTER external traffic policy
+  /// </summary>
+  std::string getInternalSrcIp() const;
+  void setInternalSrcIp(std::string value);
+  bool internalSrcIpIsSet() const;
+
+  /// <summary>
+  /// Port range used for NodePort Services
+  /// </summary>
+  std::string getNodeportRange() const;
+  void setNodeportRange(std::string value);
+  bool nodeportRangeIsSet() const;
+  void unsetNodeportRange();
+
+  /// <summary>
+  /// Session entry related to a specific traffic direction
+  /// </summary>
+  const std::vector<SessionRuleJsonObject>& getSessionRule() const;
+  void addSessionRule(SessionRuleJsonObject value);
+  bool sessionRuleIsSet() const;
+  void unsetSessionRule();
+
+  /// <summary>
+  /// NodePort rule associated with a Kubernetes NodePort Service
+  /// </summary>
+  const std::vector<NodeportRuleJsonObject>& getNodeportRule() const;
+  void addNodeportRule(NodeportRuleJsonObject value);
+  bool nodeportRuleIsSet() const;
+  void unsetNodeportRule();
+
+private:
+  std::string m_name;
+  bool m_nameIsSet;
+  std::vector<PortsJsonObject> m_ports;
+  bool m_portsIsSet;
+  std::string m_internalSrcIp;
+  bool m_internalSrcIpIsSet;
+  std::string m_nodeportRange;
+  bool m_nodeportRangeIsSet;
+  std::vector<SessionRuleJsonObject> m_sessionRule;
+  bool m_sessionRuleIsSet;
+  std::vector<NodeportRuleJsonObject> m_nodeportRule;
+  bool m_nodeportRuleIsSet;
+};
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.cpp b/src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.cpp
new file mode 100644
index 000000000..43894f2dd
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.cpp
@@ -0,0 +1,186 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+
+#include "NodeportRuleJsonObject.h"
+#include <regex>
+
+namespace polycube {
+namespace service {
+namespace model {
+
+NodeportRuleJsonObject::NodeportRuleJsonObject() {
+  m_nodeportPortIsSet = false;
+  m_protoIsSet = false;
+  m_externalTrafficPolicy = NodeportRuleExternalTrafficPolicyEnum::CLUSTER;
+  m_externalTrafficPolicyIsSet = true;
+  m_ruleNameIsSet = false;
+}
+
+NodeportRuleJsonObject::NodeportRuleJsonObject(const nlohmann::json &val) :
+  JsonObjectBase(val) {
+  m_nodeportPortIsSet = false;
+  m_protoIsSet = false;
+  m_externalTrafficPolicyIsSet = false;
+  m_ruleNameIsSet = false;
+
+
+  if (val.count("nodeport-port")) {
+    setNodeportPort(val.at("nodeport-port").get<uint16_t>());
+  }
+
+  if (val.count("proto")) {
+    setProto(string_to_L4ProtoEnum(val.at("proto").get<std::string>()));
+  }
+
+  if (val.count("external-traffic-policy")) {
+    setExternalTrafficPolicy(string_to_NodeportRuleExternalTrafficPolicyEnum(val.at("external-traffic-policy").get<std::string>()));
+  }
+
+  if (val.count("rule-name")) {
+    setRuleName(val.at("rule-name").get<std::string>());
+  }
+}
+
+nlohmann::json NodeportRuleJsonObject::toJson() const {
+  nlohmann::json val = nlohmann::json::object();
+  if (!getBase().is_null()) {
+    val.update(getBase());
+  }
+
+  if (m_nodeportPortIsSet) {
+    val["nodeport-port"] = m_nodeportPort;
+  }
+
+  if (m_protoIsSet) {
+    val["proto"] = L4ProtoEnum_to_string(m_proto);
+  }
+
+  if (m_externalTrafficPolicyIsSet) {
+    val["external-traffic-policy"] = NodeportRuleExternalTrafficPolicyEnum_to_string(m_externalTrafficPolicy);
+  }
+
+  if (m_ruleNameIsSet) {
+    val["rule-name"] = m_ruleName;
+  }
+
+  return val;
+}
+
+uint16_t NodeportRuleJsonObject::getNodeportPort() const {
+  return m_nodeportPort;
+}
+
+void NodeportRuleJsonObject::setNodeportPort(uint16_t value) {
+  m_nodeportPort = value;
+  m_nodeportPortIsSet = true;
+}
+
+bool NodeportRuleJsonObject::nodeportPortIsSet() const {
+  return m_nodeportPortIsSet;
+}
+
+
+
+L4ProtoEnum NodeportRuleJsonObject::getProto() const {
+  return m_proto;
+}
+
+void NodeportRuleJsonObject::setProto(L4ProtoEnum value) {
+  m_proto = value;
+  m_protoIsSet = true;
+}
+
+bool NodeportRuleJsonObject::protoIsSet() const {
+  return m_protoIsSet;
+}
+
+
+
+std::string NodeportRuleJsonObject::L4ProtoEnum_to_string(const L4ProtoEnum &value){
+  switch(value) {
+    case L4ProtoEnum::TCP:
+      return std::string("tcp");
+    case L4ProtoEnum::UDP:
+      return std::string("udp");
+    case L4ProtoEnum::ICMP:
+      return std::string("icmp");
+    default:
+      throw std::runtime_error("Bad NodeportRule proto");
+  }
+}
+
+L4ProtoEnum NodeportRuleJsonObject::string_to_L4ProtoEnum(const std::string &str){
+  if (JsonObjectBase::iequals("tcp", str))
+    return L4ProtoEnum::TCP;
+  if (JsonObjectBase::iequals("udp", str))
+    return L4ProtoEnum::UDP;
+  if (JsonObjectBase::iequals("icmp", str))
+    return L4ProtoEnum::ICMP;
+  throw std::runtime_error("NodeportRule proto is invalid");
+}
+NodeportRuleExternalTrafficPolicyEnum NodeportRuleJsonObject::getExternalTrafficPolicy() const {
+  return m_externalTrafficPolicy;
+}
+
+void NodeportRuleJsonObject::setExternalTrafficPolicy(NodeportRuleExternalTrafficPolicyEnum value) {
+  m_externalTrafficPolicy = value;
+  m_externalTrafficPolicyIsSet = true;
+}
+
+bool NodeportRuleJsonObject::externalTrafficPolicyIsSet() const {
+  return m_externalTrafficPolicyIsSet;
+}
+
+void NodeportRuleJsonObject::unsetExternalTrafficPolicy() {
+  m_externalTrafficPolicyIsSet = false;
+}
+
+std::string NodeportRuleJsonObject::NodeportRuleExternalTrafficPolicyEnum_to_string(const NodeportRuleExternalTrafficPolicyEnum &value){
+  switch(value) {
+    case NodeportRuleExternalTrafficPolicyEnum::LOCAL:
+      return std::string("local");
+    case NodeportRuleExternalTrafficPolicyEnum::CLUSTER:
+      return std::string("cluster");
+    default:
+      throw std::runtime_error("Bad NodeportRule externalTrafficPolicy");
+  }
+}
+
+NodeportRuleExternalTrafficPolicyEnum NodeportRuleJsonObject::string_to_NodeportRuleExternalTrafficPolicyEnum(const std::string &str){
+  if (JsonObjectBase::iequals("local", str))
+    return NodeportRuleExternalTrafficPolicyEnum::LOCAL;
+  if (JsonObjectBase::iequals("cluster", str))
+    return NodeportRuleExternalTrafficPolicyEnum::CLUSTER;
+  throw std::runtime_error("NodeportRule externalTrafficPolicy is invalid");
+}
+std::string NodeportRuleJsonObject::getRuleName() const {
+  return m_ruleName;
+}
+
+void NodeportRuleJsonObject::setRuleName(std::string value) {
+  m_ruleName = value;
+  m_ruleNameIsSet = true;
+}
+
+bool NodeportRuleJsonObject::ruleNameIsSet() const {
+  return m_ruleNameIsSet;
+}
+
+void NodeportRuleJsonObject::unsetRuleName() {
+  m_ruleNameIsSet = false;
+}
+
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.h b/src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.h
new file mode 100644
index 000000000..9f3838c2d
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.h
@@ -0,0 +1,96 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* NodeportRuleJsonObject.h
+*
+*
+*/
+
+#pragma once
+
+
+#include "JsonObjectBase.h"
+
+
+namespace polycube {
+namespace service {
+namespace model {
+
+#ifndef L4PROTOENUM
+#define L4PROTOENUM
+enum class L4ProtoEnum {
+  TCP, UDP, ICMP
+};
+#endif
+enum class NodeportRuleExternalTrafficPolicyEnum {
+  LOCAL, CLUSTER
+};
+
+/// <summary>
+///
+/// </summary>
+class  NodeportRuleJsonObject : public JsonObjectBase {
+public:
+  NodeportRuleJsonObject();
+  NodeportRuleJsonObject(const nlohmann::json &json);
+  ~NodeportRuleJsonObject() final = default;
+  nlohmann::json toJson() const final;
+
+
+  /// <summary>
+  /// NodePort rule nodeport port number
+  /// </summary>
+  uint16_t getNodeportPort() const;
+  void setNodeportPort(uint16_t value);
+  bool nodeportPortIsSet() const;
+
+  /// <summary>
+  /// NodePort rule L4 protocol
+  /// </summary>
+  L4ProtoEnum getProto() const;
+  void setProto(L4ProtoEnum value);
+  bool protoIsSet() const;
+  static std::string L4ProtoEnum_to_string(const L4ProtoEnum &value);
+  static L4ProtoEnum string_to_L4ProtoEnum(const std::string &str);
+
+  /// <summary>
+  /// The external traffic policy of the Kubernetes NodePort Service
+  /// </summary>
+  NodeportRuleExternalTrafficPolicyEnum getExternalTrafficPolicy() const;
+  void setExternalTrafficPolicy(NodeportRuleExternalTrafficPolicyEnum value);
+  bool externalTrafficPolicyIsSet() const;
+  void unsetExternalTrafficPolicy();
+  static std::string NodeportRuleExternalTrafficPolicyEnum_to_string(const NodeportRuleExternalTrafficPolicyEnum &value);
+  static NodeportRuleExternalTrafficPolicyEnum string_to_NodeportRuleExternalTrafficPolicyEnum(const std::string &str);
+
+  /// <summary>
+  /// An optional name for the NodePort rule
+  /// </summary>
+  std::string getRuleName() const;
+  void setRuleName(std::string value);
+  bool ruleNameIsSet() const;
+  void unsetRuleName();
+
+private:
+  uint16_t m_nodeportPort;
+  bool m_nodeportPortIsSet;
+  L4ProtoEnum m_proto;
+  bool m_protoIsSet;
+  NodeportRuleExternalTrafficPolicyEnum m_externalTrafficPolicy;
+  bool m_externalTrafficPolicyIsSet;
+  std::string m_ruleName;
+  bool m_ruleNameIsSet;
+};
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.cpp b/src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.cpp
new file mode 100644
index 000000000..e9bd6a543
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.cpp
@@ -0,0 +1,136 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+
+#include "PortsJsonObject.h"
+#include <regex>
+
+namespace polycube {
+namespace service {
+namespace model {
+
+PortsJsonObject::PortsJsonObject() {
+  m_nameIsSet = false;
+  m_typeIsSet = false;
+  m_ipIsSet = false;
+}
+
+PortsJsonObject::PortsJsonObject(const nlohmann::json &val) :
+  JsonObjectBase(val) {
+  m_nameIsSet = false;
+  m_typeIsSet = false;
+  m_ipIsSet = false;
+
+
+  if (val.count("name")) {
+    setName(val.at("name").get<std::string>());
+  }
+
+  if (val.count("type")) {
+    setType(string_to_PortsTypeEnum(val.at("type").get<std::string>()));
+  }
+
+  if (val.count("ip")) {
+    setIp(val.at("ip").get<std::string>());
+  }
+}
+
+nlohmann::json PortsJsonObject::toJson() const {
+  nlohmann::json val = nlohmann::json::object();
+  if (!getBase().is_null()) {
+    val.update(getBase());
+  }
+
+  if (m_nameIsSet) {
+    val["name"] = m_name;
+  }
+
+  if (m_typeIsSet) {
+    val["type"] = PortsTypeEnum_to_string(m_type);
+  }
+
+  if (m_ipIsSet) {
+    val["ip"] = m_ip;
+  }
+
+  return val;
+}
+
+std::string PortsJsonObject::getName() const {
+  return m_name;
+}
+
+void PortsJsonObject::setName(std::string value) {
+  m_name = value;
+  m_nameIsSet = true;
+}
+
+bool PortsJsonObject::nameIsSet() const {
+  return m_nameIsSet;
+}
+
+
+
+PortsTypeEnum PortsJsonObject::getType() const {
+  return m_type;
+}
+
+void PortsJsonObject::setType(PortsTypeEnum value) {
+  m_type = value;
+  m_typeIsSet = true;
+}
+
+bool PortsJsonObject::typeIsSet() const {
+  return m_typeIsSet;
+}
+
+
+
+std::string PortsJsonObject::PortsTypeEnum_to_string(const PortsTypeEnum &value){
+  switch(value) {
+    case PortsTypeEnum::BACKEND:
+      return std::string("backend");
+    case PortsTypeEnum::FRONTEND:
+      return std::string("frontend");
+    default:
+      throw std::runtime_error("Bad Ports type");
+  }
+}
+
+PortsTypeEnum PortsJsonObject::string_to_PortsTypeEnum(const std::string &str){
+  if (JsonObjectBase::iequals("backend", str))
+    return PortsTypeEnum::BACKEND;
+  if (JsonObjectBase::iequals("frontend", str))
+    return PortsTypeEnum::FRONTEND;
+  throw std::runtime_error("Ports type is invalid");
+}
+std::string PortsJsonObject::getIp() const {
+  return m_ip;
+}
+
+void PortsJsonObject::setIp(std::string value) {
+  m_ip = value;
+  m_ipIsSet = true;
+}
+
+bool PortsJsonObject::ipIsSet() const {
+  return m_ipIsSet;
+}
+
+void PortsJsonObject::unsetIp() {
+  m_ipIsSet = false;
+}
+
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.h b/src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.h
new file mode 100644
index 000000000..f15b2aab1
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.h
@@ -0,0 +1,79 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* PortsJsonObject.h
+*
+*
+*/
+
+#pragma once
+
+
+#include "JsonObjectBase.h"
+
+#include <vector>
+
+namespace polycube {
+namespace service {
+namespace model {
+
+enum class PortsTypeEnum {
+  BACKEND, FRONTEND
+};
+
+/// <summary>
+///
+/// </summary>
+class  PortsJsonObject : public JsonObjectBase {
+public:
+  PortsJsonObject();
+  PortsJsonObject(const nlohmann::json &json);
+  ~PortsJsonObject() final = default;
+  nlohmann::json toJson() const final;
+
+
+  /// <summary>
+  /// Port Name
+  /// </summary>
+  std::string getName() const;
+  void setName(std::string value);
+  bool nameIsSet() const;
+
+  /// <summary>
+  /// Type of the K8s Dispatcher cube port (e.g. BACKEND or FRONTEND)
+  /// </summary>
+  PortsTypeEnum getType() const;
+  void setType(PortsTypeEnum value);
+  bool typeIsSet() const;
+  static std::string PortsTypeEnum_to_string(const PortsTypeEnum &value);
+  static PortsTypeEnum string_to_PortsTypeEnum(const std::string &str);
+
+  /// <summary>
+  /// IP address of the node interface (only for FRONTEND port)
+  /// </summary>
+  std::string getIp() const;
+  void setIp(std::string value);
+  bool ipIsSet() const;
+  void unsetIp();
+
+private:
+  std::string m_name;
+  bool m_nameIsSet;
+  PortsTypeEnum m_type;
+  bool m_typeIsSet;
+  std::string m_ip;
+  bool m_ipIsSet;
+};
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.cpp b/src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.cpp
new file mode 100644
index 000000000..225afbc0c
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.cpp
@@ -0,0 +1,375 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+
+#include "SessionRuleJsonObject.h"
+#include <regex>
+
+namespace polycube {
+namespace service {
+namespace model {
+
+SessionRuleJsonObject::SessionRuleJsonObject() {
+  m_directionIsSet = false;
+  m_srcIpIsSet = false;
+  m_dstIpIsSet = false;
+  m_srcPortIsSet = false;
+  m_dstPortIsSet = false;
+  m_protoIsSet = false;
+  m_newIpIsSet = false;
+  m_newPortIsSet = false;
+  m_operationIsSet = false;
+  m_originatingRuleIsSet = false;
+}
+
+SessionRuleJsonObject::SessionRuleJsonObject(const nlohmann::json &val) :
+  JsonObjectBase(val) {
+  m_directionIsSet = false;
+  m_srcIpIsSet = false;
+  m_dstIpIsSet = false;
+  m_srcPortIsSet = false;
+  m_dstPortIsSet = false;
+  m_protoIsSet = false;
+  m_newIpIsSet = false;
+  m_newPortIsSet = false;
+  m_operationIsSet = false;
+  m_originatingRuleIsSet = false;
+
+
+  if (val.count("direction")) {
+    setDirection(string_to_SessionRuleDirectionEnum(val.at("direction").get<std::string>()));
+  }
+
+  if (val.count("src-ip")) {
+    setSrcIp(val.at("src-ip").get<std::string>());
+  }
+
+  if (val.count("dst-ip")) {
+    setDstIp(val.at("dst-ip").get<std::string>());
+  }
+
+  if (val.count("src-port")) {
+    setSrcPort(val.at("src-port").get<uint16_t>());
+  }
+
+  if (val.count("dst-port")) {
+    setDstPort(val.at("dst-port").get<uint16_t>());
+  }
+
+  if (val.count("proto")) {
+    setProto(string_to_L4ProtoEnum(val.at("proto").get<std::string>()));
+  }
+
+  if (val.count("new-ip")) {
+    setNewIp(val.at("new-ip").get<std::string>());
+  }
+
+  if (val.count("new-port")) {
+    setNewPort(val.at("new-port").get<uint16_t>());
+  }
+
+  if (val.count("operation")) {
+    setOperation(string_to_SessionRuleOperationEnum(val.at("operation").get<std::string>()));
+  }
+
+  if (val.count("originating-rule")) {
+    setOriginatingRule(string_to_SessionRuleOriginatingRuleEnum(val.at("originating-rule").get<std::string>()));
+  }
+}
+
+nlohmann::json SessionRuleJsonObject::toJson() const {
+  nlohmann::json val = nlohmann::json::object();
+  if (!getBase().is_null()) {
+    val.update(getBase());
+  }
+
+  if (m_directionIsSet) {
+    val["direction"] = SessionRuleDirectionEnum_to_string(m_direction);
+  }
+
+  if (m_srcIpIsSet) {
+    val["src-ip"] = m_srcIp;
+  }
+
+  if (m_dstIpIsSet) {
+    val["dst-ip"] = m_dstIp;
+  }
+
+  if (m_srcPortIsSet) {
+    val["src-port"] = m_srcPort;
+  }
+
+  if (m_dstPortIsSet) {
+    val["dst-port"] = m_dstPort;
+  }
+
+  if (m_protoIsSet) {
+    val["proto"] = L4ProtoEnum_to_string(m_proto);
+  }
+
+  if (m_newIpIsSet) {
+    val["new-ip"] = m_newIp;
+  }
+
+  if (m_newPortIsSet) {
+    val["new-port"] = m_newPort;
+  }
+
+  if (m_operationIsSet) {
+    val["operation"] = SessionRuleOperationEnum_to_string(m_operation);
+  }
+
+  if (m_originatingRuleIsSet) {
+    val["originating-rule"] = SessionRuleOriginatingRuleEnum_to_string(m_originatingRule);
+  }
+
+  return val;
+}
+
+SessionRuleDirectionEnum SessionRuleJsonObject::getDirection() const {
+  return m_direction;
+}
+
+void SessionRuleJsonObject::setDirection(SessionRuleDirectionEnum value) {
+  m_direction = value;
+  m_directionIsSet = true;
+}
+
+bool SessionRuleJsonObject::directionIsSet() const {
+  return m_directionIsSet;
+}
+
+
+
+std::string SessionRuleJsonObject::SessionRuleDirectionEnum_to_string(const SessionRuleDirectionEnum &value){
+  switch(value) {
+    case SessionRuleDirectionEnum::INGRESS:
+      return std::string("ingress");
+    case SessionRuleDirectionEnum::EGRESS:
+      return std::string("egress");
+    default:
+      throw std::runtime_error("Bad SessionRule direction");
+  }
+}
+
+SessionRuleDirectionEnum SessionRuleJsonObject::string_to_SessionRuleDirectionEnum(const std::string &str){
+  if (JsonObjectBase::iequals("ingress", str))
+    return SessionRuleDirectionEnum::INGRESS;
+  if (JsonObjectBase::iequals("egress", str))
+    return SessionRuleDirectionEnum::EGRESS;
+  throw std::runtime_error("SessionRule direction is invalid");
+}
+std::string SessionRuleJsonObject::getSrcIp() const {
+  return m_srcIp;
+}
+
+void SessionRuleJsonObject::setSrcIp(std::string value) {
+  m_srcIp = value;
+  m_srcIpIsSet = true;
+}
+
+bool SessionRuleJsonObject::srcIpIsSet() const {
+  return m_srcIpIsSet;
+}
+
+
+
+std::string SessionRuleJsonObject::getDstIp() const {
+  return m_dstIp;
+}
+
+void SessionRuleJsonObject::setDstIp(std::string value) {
+  m_dstIp = value;
+  m_dstIpIsSet = true;
+}
+
+bool SessionRuleJsonObject::dstIpIsSet() const {
+  return m_dstIpIsSet;
+}
+
+
+
+uint16_t SessionRuleJsonObject::getSrcPort() const {
+  return m_srcPort;
+}
+
+void SessionRuleJsonObject::setSrcPort(uint16_t value) {
+  m_srcPort = value;
+  m_srcPortIsSet = true;
+}
+
+bool SessionRuleJsonObject::srcPortIsSet() const {
+  return m_srcPortIsSet;
+}
+
+
+
+uint16_t SessionRuleJsonObject::getDstPort() const {
+  return m_dstPort;
+}
+
+void SessionRuleJsonObject::setDstPort(uint16_t value) {
+  m_dstPort = value;
+  m_dstPortIsSet = true;
+}
+
+bool SessionRuleJsonObject::dstPortIsSet() const {
+  return m_dstPortIsSet;
+}
+
+
+
+L4ProtoEnum SessionRuleJsonObject::getProto() const {
+  return m_proto;
+}
+
+void SessionRuleJsonObject::setProto(L4ProtoEnum value) {
+  m_proto = value;
+  m_protoIsSet = true;
+}
+
+bool SessionRuleJsonObject::protoIsSet() const {
+  return m_protoIsSet;
+}
+
+
+
+std::string SessionRuleJsonObject::L4ProtoEnum_to_string(const L4ProtoEnum &value){
+  switch(value) {
+    case L4ProtoEnum::TCP:
+      return std::string("tcp");
+    case L4ProtoEnum::UDP:
+      return std::string("udp");
+    case L4ProtoEnum::ICMP:
+      return std::string("icmp");
+    default:
+      throw std::runtime_error("Bad SessionRule proto");
+  }
+}
+
+L4ProtoEnum SessionRuleJsonObject::string_to_L4ProtoEnum(const std::string &str){
+  if (JsonObjectBase::iequals("tcp", str))
+    return L4ProtoEnum::TCP;
+  if (JsonObjectBase::iequals("udp", str))
+    return L4ProtoEnum::UDP;
+  if (JsonObjectBase::iequals("icmp", str))
+    return L4ProtoEnum::ICMP;
+  throw std::runtime_error("SessionRule proto is invalid");
+}
+std::string SessionRuleJsonObject::getNewIp() const {
+  return m_newIp;
+}
+
+void SessionRuleJsonObject::setNewIp(std::string value) {
+  m_newIp = value;
+  m_newIpIsSet = true;
+}
+
+bool SessionRuleJsonObject::newIpIsSet() const {
+  return m_newIpIsSet;
+}
+
+void SessionRuleJsonObject::unsetNewIp() {
+  m_newIpIsSet = false;
+}
+
+uint16_t SessionRuleJsonObject::getNewPort() const {
+  return m_newPort;
+}
+
+void SessionRuleJsonObject::setNewPort(uint16_t value) {
+  m_newPort = value;
+  m_newPortIsSet = true;
+}
+
+bool SessionRuleJsonObject::newPortIsSet() const {
+  return m_newPortIsSet;
+}
+
+void SessionRuleJsonObject::unsetNewPort() {
+  m_newPortIsSet = false;
+}
+
+SessionRuleOperationEnum SessionRuleJsonObject::getOperation() const {
+  return m_operation;
+}
+
+void SessionRuleJsonObject::setOperation(SessionRuleOperationEnum value) {
+  m_operation = value;
+  m_operationIsSet = true;
+}
+
+bool SessionRuleJsonObject::operationIsSet() const {
+  return m_operationIsSet;
+}
+
+void SessionRuleJsonObject::unsetOperation() {
+  m_operationIsSet = false;
+}
+
+std::string SessionRuleJsonObject::SessionRuleOperationEnum_to_string(const SessionRuleOperationEnum &value){
+  switch(value) {
+    case SessionRuleOperationEnum::XLATE_SRC:
+      return std::string("xlate_src");
+    case SessionRuleOperationEnum::XLATE_DST:
+      return std::string("xlate_dst");
+    default:
+      throw std::runtime_error("Bad SessionRule operation");
+  }
+}
+
+SessionRuleOperationEnum SessionRuleJsonObject::string_to_SessionRuleOperationEnum(const std::string &str){
+  if (JsonObjectBase::iequals("xlate_src", str))
+    return SessionRuleOperationEnum::XLATE_SRC;
+  if (JsonObjectBase::iequals("xlate_dst", str))
+    return SessionRuleOperationEnum::XLATE_DST;
+  throw std::runtime_error("SessionRule operation is invalid");
+}
+SessionRuleOriginatingRuleEnum SessionRuleJsonObject::getOriginatingRule() const {
+  return m_originatingRule;
+}
+
+void SessionRuleJsonObject::setOriginatingRule(SessionRuleOriginatingRuleEnum value) {
+  m_originatingRule = value;
+  m_originatingRuleIsSet = true;
+}
+
+bool SessionRuleJsonObject::originatingRuleIsSet() const {
+  return m_originatingRuleIsSet;
+}
+
+void SessionRuleJsonObject::unsetOriginatingRule() {
+  m_originatingRuleIsSet = false;
+}
+
+std::string SessionRuleJsonObject::SessionRuleOriginatingRuleEnum_to_string(const SessionRuleOriginatingRuleEnum &value){
+  switch(value) {
+    case SessionRuleOriginatingRuleEnum::POD_TO_EXT:
+      return std::string("pod_to_ext");
+    case SessionRuleOriginatingRuleEnum::NODEPORT_CLUSTER:
+      return std::string("nodeport_cluster");
+    default:
+      throw std::runtime_error("Bad SessionRule originatingRule");
+  }
+}
+
+SessionRuleOriginatingRuleEnum SessionRuleJsonObject::string_to_SessionRuleOriginatingRuleEnum(const std::string &str){
+  if (JsonObjectBase::iequals("pod_to_ext", str))
+    return SessionRuleOriginatingRuleEnum::POD_TO_EXT;
+  if (JsonObjectBase::iequals("nodeport_cluster", str))
+    return SessionRuleOriginatingRuleEnum::NODEPORT_CLUSTER;
+  throw std::runtime_error("SessionRule originatingRule is invalid");
+}
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.h b/src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.h
new file mode 100644
index 000000000..3452f2591
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.h
@@ -0,0 +1,162 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* SessionRuleJsonObject.h
+*
+*
+*/
+
+#pragma once
+
+
+#include "JsonObjectBase.h"
+
+
+namespace polycube {
+namespace service {
+namespace model {
+
+enum class SessionRuleDirectionEnum {
+  INGRESS, EGRESS
+};
+#ifndef L4PROTOENUM
+#define L4PROTOENUM
+enum class L4ProtoEnum {
+  TCP, UDP, ICMP
+};
+#endif
+enum class SessionRuleOperationEnum {
+  XLATE_SRC, XLATE_DST
+};
+enum class SessionRuleOriginatingRuleEnum {
+  POD_TO_EXT, NODEPORT_CLUSTER
+};
+
+/// <summary>
+///
+/// </summary>
+class  SessionRuleJsonObject : public JsonObjectBase {
+public:
+  SessionRuleJsonObject();
+  SessionRuleJsonObject(const nlohmann::json &json);
+  ~SessionRuleJsonObject() final = default;
+  nlohmann::json toJson() const final;
+
+
+  /// <summary>
+  /// Session entry direction (e.g. INGRESS or EGRESS)
+  /// </summary>
+  SessionRuleDirectionEnum getDirection() const;
+  void setDirection(SessionRuleDirectionEnum value);
+  bool directionIsSet() const;
+  static std::string SessionRuleDirectionEnum_to_string(const SessionRuleDirectionEnum &value);
+  static SessionRuleDirectionEnum string_to_SessionRuleDirectionEnum(const std::string &str);
+
+  /// <summary>
+  /// Session entry source IP address
+  /// </summary>
+  std::string getSrcIp() const;
+  void setSrcIp(std::string value);
+  bool srcIpIsSet() const;
+
+  /// <summary>
+  /// Session entry destination IP address
+  /// </summary>
+  std::string getDstIp() const;
+  void setDstIp(std::string value);
+  bool dstIpIsSet() const;
+
+  /// <summary>
+  /// Session entry source L4 port number
+  /// </summary>
+  uint16_t getSrcPort() const;
+  void setSrcPort(uint16_t value);
+  bool srcPortIsSet() const;
+
+  /// <summary>
+  /// Session entry destination L4 port number
+  /// </summary>
+  uint16_t getDstPort() const;
+  void setDstPort(uint16_t value);
+  bool dstPortIsSet() const;
+
+  /// <summary>
+  /// Session entry L4 protocol
+  /// </summary>
+  L4ProtoEnum getProto() const;
+  void setProto(L4ProtoEnum value);
+  bool protoIsSet() const;
+  static std::string L4ProtoEnum_to_string(const L4ProtoEnum &value);
+  static L4ProtoEnum string_to_L4ProtoEnum(const std::string &str);
+
+  /// <summary>
+  /// Translated IP address
+  /// </summary>
+  std::string getNewIp() const;
+  void setNewIp(std::string value);
+  bool newIpIsSet() const;
+  void unsetNewIp();
+
+  /// <summary>
+  /// Translated L4 port number
+  /// </summary>
+  uint16_t getNewPort() const;
+  void setNewPort(uint16_t value);
+  bool newPortIsSet() const;
+  void unsetNewPort();
+
+  /// <summary>
+  /// Operation applied on the original packet
+  /// </summary>
+  SessionRuleOperationEnum getOperation() const;
+  void setOperation(SessionRuleOperationEnum value);
+  bool operationIsSet() const;
+  void unsetOperation();
+  static std::string SessionRuleOperationEnum_to_string(const SessionRuleOperationEnum &value);
+  static SessionRuleOperationEnum string_to_SessionRuleOperationEnum(const std::string &str);
+
+  /// <summary>
+  /// Rule originating the session entry
+  /// </summary>
+  SessionRuleOriginatingRuleEnum getOriginatingRule() const;
+  void setOriginatingRule(SessionRuleOriginatingRuleEnum value);
+  bool originatingRuleIsSet() const;
+  void unsetOriginatingRule();
+  static std::string SessionRuleOriginatingRuleEnum_to_string(const SessionRuleOriginatingRuleEnum &value);
+  static SessionRuleOriginatingRuleEnum string_to_SessionRuleOriginatingRuleEnum(const std::string &str);
+
+private:
+  SessionRuleDirectionEnum m_direction;
+  bool m_directionIsSet;
+  std::string m_srcIp;
+  bool m_srcIpIsSet;
+  std::string m_dstIp;
+  bool m_dstIpIsSet;
+  uint16_t m_srcPort;
+  bool m_srcPortIsSet;
+  uint16_t m_dstPort;
+  bool m_dstPortIsSet;
+  L4ProtoEnum m_proto;
+  bool m_protoIsSet;
+  std::string m_newIp;
+  bool m_newIpIsSet;
+  uint16_t m_newPort;
+  bool m_newPortIsSet;
+  SessionRuleOperationEnum m_operation;
+  bool m_operationIsSet;
+  SessionRuleOriginatingRuleEnum m_originatingRule;
+  bool m_originatingRuleIsSet;
+};
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/test/test.sh b/src/services/pcn-k8sdispatcher/test/test.sh
new file mode 100755
index 000000000..be221f807
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/test/test.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+function cleanup {
+  set +e
+  polycubectl k8sdispatcher del k0
+}
+trap cleanup EXIT
+
+set -x
+set -e
+
+polycubectl k8sdispatcher add k0 internal-src-ip=3.3.1.1 loglevel=TRACE
+polycubectl k0 show
+polycubectl k0 ports show
+polycubectl k0 nodeport-rule show
+polycubectl k0 session-rule show
+polycubectl k0 ports add to_frontend type=FRONTEND ip=10.10.10.10
+polycubectl k0 show ports to_frontend
+polycubectl k0 ports add to_backend type=BACKEND
+polycubectl k0 show ports to_backend
+polycubectl k0 nodeport-rule add 32000 TCP external-traffic-policy=LOCAL rule-name=my-rule
+polycubectl k0 show nodeport-rule 32000 TCP
+polycubectl k0 set nodeport-range=32000-32500
+polycubectl k0 show nodeport-range