From 76616a02e20c0e080f6f32b88dbb5a38f371b446 Mon Sep 17 00:00:00 2001
From: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
Date: Tue, 21 Jun 2022 13:55:34 +0200
Subject: [PATCH] Add pcn-k8sdispatcher service

Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
---
 AUTHORS                                       |    1 +
 .../services/pcn-k8sdispatcher/egress.png     |  Bin 0 -> 54042 bytes
 .../services/pcn-k8sdispatcher/ingress.png    |  Bin 0 -> 63865 bytes
 .../pcn-k8sdispatcher/k8sdispatcher.md        |   40 +
 scripts/install.sh                            |    6 +-
 src/services/CMakeLists.txt                   |    1 +
 .../pcn-k8sdispatcher/.swagger-codegen-ignore |   13 +
 src/services/pcn-k8sdispatcher/CMakeLists.txt |    5 +
 .../datamodel/k8sdispatcher.yang              |  173 +++
 .../pcn-k8sdispatcher/src/CMakeLists.txt      |   50 +
 .../pcn-k8sdispatcher/src/HashTuple.h         |   42 +
 .../src/K8sdispatcher-lib.cpp                 |   21 +
 .../pcn-k8sdispatcher/src/K8sdispatcher.cpp   |  497 +++++++
 .../pcn-k8sdispatcher/src/K8sdispatcher.h     |  139 ++
 .../pcn-k8sdispatcher/src/K8sdispatcher_dp.c  |  521 +++++++
 .../pcn-k8sdispatcher/src/NodeportRule.cpp    |   99 ++
 .../pcn-k8sdispatcher/src/NodeportRule.h      |   59 +
 src/services/pcn-k8sdispatcher/src/Ports.cpp  |   57 +
 src/services/pcn-k8sdispatcher/src/Ports.h    |   45 +
 .../pcn-k8sdispatcher/src/SessionRule.cpp     |  106 ++
 .../pcn-k8sdispatcher/src/SessionRule.h       |  111 ++
 src/services/pcn-k8sdispatcher/src/Utils.cpp  |  129 ++
 src/services/pcn-k8sdispatcher/src/Utils.h    |   48 +
 .../src/api/K8sdispatcherApi.cpp              | 1271 +++++++++++++++++
 .../src/api/K8sdispatcherApi.h                |   86 ++
 .../src/api/K8sdispatcherApiImpl.cpp          |  855 +++++++++++
 .../src/api/K8sdispatcherApiImpl.h            |   90 ++
 .../src/base/K8sdispatcherBase.cpp            |  171 +++
 .../src/base/K8sdispatcherBase.h              |   91 ++
 .../src/base/NodeportRuleBase.cpp             |   42 +
 .../src/base/NodeportRuleBase.h               |   65 +
 .../pcn-k8sdispatcher/src/base/PortsBase.cpp  |   41 +
 .../pcn-k8sdispatcher/src/base/PortsBase.h    |   59 +
 .../src/base/SessionRuleBase.cpp              |   45 +
 .../src/base/SessionRuleBase.h                |   94 ++
 .../src/serializer/JsonObjectBase.cpp         |   69 +
 .../src/serializer/JsonObjectBase.h           |   55 +
 .../serializer/K8sdispatcherJsonObject.cpp    |  239 ++++
 .../src/serializer/K8sdispatcherJsonObject.h  |  108 ++
 .../src/serializer/NodeportRuleJsonObject.cpp |  186 +++
 .../src/serializer/NodeportRuleJsonObject.h   |   96 ++
 .../src/serializer/PortsJsonObject.cpp        |  136 ++
 .../src/serializer/PortsJsonObject.h          |   79 +
 .../src/serializer/SessionRuleJsonObject.cpp  |  375 +++++
 .../src/serializer/SessionRuleJsonObject.h    |  162 +++
 src/services/pcn-k8sdispatcher/test/test.sh   |   24 +
 46 files changed, 6600 insertions(+), 2 deletions(-)
 create mode 100644 Documentation/services/pcn-k8sdispatcher/egress.png
 create mode 100644 Documentation/services/pcn-k8sdispatcher/ingress.png
 create mode 100644 Documentation/services/pcn-k8sdispatcher/k8sdispatcher.md
 create mode 100644 src/services/pcn-k8sdispatcher/.swagger-codegen-ignore
 create mode 100644 src/services/pcn-k8sdispatcher/CMakeLists.txt
 create mode 100644 src/services/pcn-k8sdispatcher/datamodel/k8sdispatcher.yang
 create mode 100644 src/services/pcn-k8sdispatcher/src/CMakeLists.txt
 create mode 100644 src/services/pcn-k8sdispatcher/src/HashTuple.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/K8sdispatcher-lib.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/K8sdispatcher.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/K8sdispatcher.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/K8sdispatcher_dp.c
 create mode 100644 src/services/pcn-k8sdispatcher/src/NodeportRule.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/NodeportRule.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/Ports.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/Ports.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/SessionRule.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/SessionRule.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/Utils.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/Utils.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/PortsBase.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/PortsBase.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.h
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.cpp
 create mode 100644 src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.h
 create mode 100755 src/services/pcn-k8sdispatcher/test/test.sh

diff --git a/AUTHORS b/AUTHORS
index dd5f4889b..b5b9ad058 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -10,6 +10,7 @@ off on commits in the Polycube repository:
   Gianluca Scopelliti                     gianlu.1033@gmail.com
   Giuseppe Ognibebe                       ognibenegiuseppe8@gmail.com
   Jianwen Pi                              jianwpi@gmail.com
+  Leonardo Di Giovanna                    leonardodigiovanna1@gmail.com
   Matteo Bertrone                         m.bertrone@gmail.com
   Mauricio Vásquez Bernal                 mauriciovasquezbernal@gmail.com
   Nico Caprioli                           nico.caprioli@gmail.com
diff --git a/Documentation/services/pcn-k8sdispatcher/egress.png b/Documentation/services/pcn-k8sdispatcher/egress.png
new file mode 100644
index 0000000000000000000000000000000000000000..761c89309528c10a7a097637b45026192f1621bd
GIT binary patch
literal 54042
zcmd?Rhd<Tt`v)FTRw<bYNy>I?%E&s_G0)*3>(~y*cI=r^W`&4kZ?Z>rREna^Y?2Yl
zj?CYE(EIc0{rP?Wf#2`(NFC?(dfoSZUDxy4*Q*B_Y6|B_E|Z)(b?TgwqMX*LQ>Wpl
zPT{Q*odMt6U!T=Db?WS_tGuo&#>3La&f*lSfb8)nR(^=JgNrMxfE+77Kg!XO$J_>G
z<&46(@Yq|pg0H}JjDxw2rHzI8@jd(yetvF<FgL##f=`fDKw3Z;{3Rs71HRTjz8_^}
zVSloq5Dx?_z^2Q`$9{ax!WCt8ypFBDmA(u{z|Pf8K?v%lkA^83>m1*MwQzQ^aj-wW
zjZcgR!UImh&nh4f4t;Vuu&B++c|3KHUb1e^f?5`4uClV4(q_(rR>$kuqc9f7i)er&
zaq}H7!lz?zYUZXSD6auQDcagAtD#NZJ!Sd5w1tr7`ugVD2umdgQzdymRegP3C`Jw=
zEMjiwsfE^8msW*Y%iCEfIU{Y&ZL#)FvaI|vHbQzHNPaB~bz4?`sEh{GQPx2prD}!p
zvPaut_)M`nf*Rlg*acy0Z|3Y|CJ%=Q%4wi%wY}7>H5?ptl;C1!5G55`4{d}rQdZwd
zPty_H4^_2PfGU}(o4E)>giOukZA67#lyx0dP<ra7XeU__F@%+>mI}sRLkp!VDhE-~
z)w6`!;f{mRg2DwcD2O~t&_Tvk4uVj3R7a|+E2zo3>X_==$Rj*Ol^ngaEnF-VAf^J=
z_VREWK2;>xQG;JeM4umKWi5u)b=MPdRkYLh5Ytd}wbDaFO<ir=J>k;eE(;eoK~H5{
zxQ8hk1yxqD7V>lz6qHeN*0dHD(s#G_uvXGU+Q^A&>LK({2ssZVT3XW@siY&UBkzt;
z7qbx3a8Lx0lCc3lD0>|teIa*!tiFJoijJF|l^&m>gS@sQQb64j3sb`)`BarfJ+-w&
zL_NI3Aks4K?slf~rqYUh;LLj3@&b<5e0tja{6hA87B<qF5H(L3dn<EgT?;uq5kQZO
ztsB-%2B|J>iINu*ki(+oH5BA^1QZ||rq-s?R*LR=`tF)~ih9ys{O%663Ra@BM|{__
zw|7Gb33*9l&@N_Z0YNJvQxR(`TUif17#d}&qhjfdl6K}3a?<Csb%v|yYGYj7V4_Oa
zx-R^-&N5(EVLn$O1vw#pH$FZKVOOZ7mYK4kstunWxMYWLaaGfCvv4rga#a`BQ*gDj
zv2|D0b8=R6K>*HrfgiZFsilabhJ~g+6fUX=)3Stn=xVBXSSov23t(Y(a(pf>t|Iob
zNPdU_pSv7NNl*i+>7<P^bu>3Ox3}RF@RIcuFvam!+QHgN(Ogqe)lt++P1nKRPDcp`
z4y-0Z7c1bU?JVQ!=!kIClR?0wh2ba^QrHqI3qfisD_UuY$}2m|Xox!7XrdKev@C4-
zvF?^O7%PaCIzP<Gnhy<*X|LgeRuI(Iwr~*Bb%F7DnhMw}>0nj)<P{VIt+l~Enn*om
zFI9}FwFW{ND<G(>0MWCCqSY;(6_vEiv}E+G5bi()0ZLrVOy#sK1Z3d?E*kna0-jhA
zKByMh!NWrYCCKOIY9;2Ni51{?wG=bex0U7BM%u^=IXij@^4aKFih8NrqMbFYgy8C?
zf(Q)-1XkHf1TL!WCBUyJ@9YSbHg!|B6LD4c((qK)7LhSmN4Ozj`f8qvFaeB)nGM{-
zP0!O)OkGV$)z$_MR|dOkxr)kq2?&BuZmKd~S{6dqNEaQbhdjbV%gRd2MNS)m6jhM(
z64TPN5z@4=b_bMt=!iNiIyks!I4f#eDG2Mp(GK?dK;dO{mAq^;Jhjx2%0O|P^|3H%
zX?`<DMSBea4>?PHB}*AcPbeC$r*8*!wo+3T6w<ZvbkN|}))KQo3TaqE_!Q8djsW>e
zit3s`?_?CfkEb0}T3AfXR$W6#*+orV(+(I4866EMznG=9BJTXEW*A!qdr>iEesh$$
zm7SOlTwhxQ=4xhRE~D<@35N)a37bQdO?5ogZD68iu9kB0LS8Unv7y3B7Em#W9G^BE
zY2yqvcf(5a>6&WU@yS`^cF?hMg{axPTdF%@t=xoMJhf$z0y6w|qILrIif)d&p8QBB
zKD0DcK*>f{M;EN-Y3e3x;i9K5rY56iZ{en4W3C5>nL!~sC|xIvlQdKf;wk3hXp2^c
zK~&{sVAeQ+V+4gotRUu2;G=`KrL&q03>bVFYaKC9EI-yp&(p>QYU8Hmr67+|mNi3~
z^I5tH3SpgG#59~Oz<pSEX)l;FTnp=|0`U+O1YfFP!PibuhzR%xjgYrNy1OYkDya!6
zhzeSm%WDg(o9dyx<jizk#pE3<1^Laat?l(RaL`3t*f?3D6;u@+rO}$^rgG-aqUuh1
z=I$DNVn{38!~8l9>ZTAICx{xKw33d9jFO$KIYvRB4}}3w3qv(!Ol@qugdLoO0V!tA
z&ia5o0$4O3MA+FLd;|Wt=z5~;)B&Y9dtu3M?(T`PgsQ@11aQ|C5DLOrJyk`d08Chi
z-@;2<Rseh}$A>_`#lQ!st{&J1>JI#%9B_r;;~#H$<Ql>6CoWw;J_ezG@zklSr<CNR
z5gtZA#)u8H`<u?LFl9#K-y|S=aVEqvJNw+A{gWZ_L<@`9q-;|prl*cMCr&o}oPLsi
zM*P$MrP-=iISCd|$I9QIp{IP)dhgn`Aeh2r%iTj&S`LzDsMLzB-%DHH4PzU(^cU-^
zQ`TM1jg%NMOiJUCXawL>rkx^WyL0prL$P9(h>oRE&-v%8qpNAe5ZJ2pf9^Z_ax&ml
zTij{uhT#8R0bFULO#Sz|=ZPRNv4FQKC)@nl5iCmg|HDO}Q_c^TFiHOY7He6!va?t+
zUAOpR-F!1z|JNHD<H-I(B$Mb(Ha4Q0&m8f4dVBfozCdyp_FrF8x8CwwZrmF7VX7ZH
z@9*!w{rh*-Z+#;mx$PG~63f3N?y4Oz{tVSaNPj;3ChVE$YAN*<?;mCNBO^D4pC~0h
zz9l@+n2~|c+q}nrov7Hbo_g-N_lq_+_ZzUyA48We-GH@3iHy%X{%&}PPq`w27s@`d
z=u(|{Bw#Y0tEh#_UbVJoVlL0@m3)0A&}j69D_4GOH0ryYCWhxebM8R7Ndc-pH~ag4
zND?X(s<HWXC6qnvy9YBN+av%++&#yJ$YZojvIh<X=QlKnM_v)5F!tS~>Jndv8F);E
zY|m%LtW1S5eNAy6f3@+wm(Op{V<{DB>`P^p;zrHrw~cC8>)>SL;Ar)nO9^`uLBqn#
zENwd*!P|77PQdccPw&0e_UYAjruOUvqv5aJ=Y?)*0kRMFm;Kv&)uoF2QL`VOekr#g
z<)V%lIG=xadKKJj+lw!P84mtAR&V<XwlE<GQ&Mc$|24AOMlLl89+KbvwN!Pnw5W*7
zZmf>#W{NAtbDuS(XD(f0+wD>Zft!nivN>1A-6woKzCBV9@2}!Yz^8;H0&-v7itNum
z)+EKmTR&^3AvQf(ZIEwU7Gp8Nk&?bUCZn}Z`uFRA5Uvgih2~#mf!@ifme}|tJA7zq
zZf?C;I{Ps>myni@dAQbzMRNCt03eR(;UgB}TfV!$-t7HeuQIuo&Uy3Z+<hrhA|lZu
zzp&8!jt*sRaV3+-8tx1ExoGLR&k9Wa(1NCe9a{`{Ji)c6_}e26%{H0N6ti7Yhdx}o
zrFTfZDAu0)AN)RTn{%*P;y(o-&{F5Nc!7y2re@qrg%lY<&E50De|M>d4>K(2v-*Z+
zz9&1vvc<-4uR<P=q*6NoRZwgyo_Zo#RA46N4ysCjb-i0^`pI4USJ4c&&%-9_f!H(+
z4Slb|lr$baylz|aZHwjFwUwC!;|yepk^Umu*7hO|O)eo7vDKile<QW-E!X*gwKZp-
zgWq%diI2`PMQ>DKmxhJtbCT@uFyDOlmV9g6yF|FW5;G#qy{A-*7QcSA!}{~&t9yKw
zA83D!H_{*e?)I-_8nF|`q`)mLbEwbEjBD}I4ecE4E?0eG4-0N7ENRlGe_$*AqHcl1
zb!k|e)RGL&=$EG_PDsYl0<riMZC1sOGmI_ng!)OdH+u)o5jo$Z{bO&c5437czw7&y
zE~{x^P{iC}tzKh4c7ck@?UOwgfTc~KTl`+KLz5o;%;WD)6pB1`^VbZ#m#T*Q#E5ki
zcJy2%T<6bFI;&}EQM9(Tkw0tl-NhCkH1DlN2=Cjsg`V^Ho}Ew$VU<>rc?fI2z3~uo
zBV7ghIt$Zd^i+~942F!W>p(QUm4&{!PQ+u}^bFPEekfWtL+Pj-fa+kEG=d$Q-%rMA
z*^tdIW-(J^?h|j4glx|v)CR7+x7IRC+?kU)Bqru|{x&yf8<>-oB}a<*$iT0~I@ol0
zu&evhnbn+g)uHM48HU@~K4=+WyzH`DmJmE@?)~MGPTpn%QdqgYN)BfSTmNZt@w5<j
zy=g(~PggP57Zp*;Ilta-$kRQI74CeLlvEIPM~T+%=j6M%gKj>RtN=O!+MExcBJ55d
zd7SOIJ1QvUfwS+E*oZGhvG7q`Grykm5~7Vn<`&03cGEx_IK2rBaBDj!V%?mOoLpEO
zby)}<_e)@CpO=sCBE_(I(&Qt*fl=>FeG<6)xMwc)+PKg9$J4$X%jrq{7U9%6S%&;o
z>d@HBi#_%34j30Qz3Kk#=j=~;*fKG^4J-Keb>DB0(Lzq$eD0A^O|5d?rXskUSvJ&U
zvL*1!)3tmlX*(`LgPSdonOiF35025D7SZxqIPKvh*53-kPPISEJ1Z|<8QND9Hh=hu
znMI{M*|_%+dwyl4frXWoZL+9h>Eo?COG6cBC;WDcu}uV=PtiA7L@C~V^P-dIU}F>g
z+N~zFztJWR&R>4<Z8#NY<vEsbzIqg2X1h`%hAOOVF^|~&d(IEB$qq=r7kr(ql7J3W
z3xfA1{OV}DPSzm^eY$qDp1kA6<?=@%c5-Fr?<w|xKhcN8Rhd#0UH|aCO0|K9oRl>E
z6yYcU^o)+t__Grw^};DBGwM#zTVP_UzB_?qTryvO(3Ns~dTYXe5bByl3g^eD<Hr-+
z&~vzM8~aU?f9-l$B$?8e#{uz=A7?E2++2L2zcZ9x?7$9F8Ul8ruzFm@=%@Ffp?i8k
zf$~U)q0AJW)w4kDLLHmibR7fVDK4{GzppEnoe<F0(aBlr6Y<)x#@q`ZH1bxhk15)J
zJVtCWoC;%&ll9}S-+lig44$jz=9{}3O_>(JPDq;r8!EP=JVs4<KqU41feC(AHEc($
zY&Bs*%J${lm%q!&M{xeHMH`<C{^IdB-;-d&=-O3!rFWqe{5||W+m4umaiKwj%tis_
z@#)w1j+kM<0$6idVLar7HQM;)FO;w?vFw=l@88z~g&>D@t`~%t^W(x6GA>{kCcDh~
zj|{^<!BaN~kUYDdv%>%R1{YbKp*Bh6cbqF*_!ICPMOy)LKncXHx*z|&#A#9pjIMTF
z*X^&Eti=UT^Sr|9{ohLj0*;W4dKTUK6S*B-o)iNfyL+g@{O=`Nz!GPEitD5t6L=iz
zQLa1#9%}A~9{*oUn3#YiPP;P}9)}W?jtO^W4xGi;-lka7d^zuTaImsvyM1=$_KL04
zZ;4F-so%{~{ycN<O7{2mE=)2xPHvIkQh4#m<)8uCYkPLHsm)OJt1phuS_5F4X0jSU
zByeO=xAE5xmzf)OK61&)6WT`QmmC(Vo@=(>j+*sr&UPU`_-!omA}{Y%BB|xnfJ-|)
z(?f2+d><LG$j!Q^QCY`MwNlk&{A}z>mxFqSS^NEJ!}-@kx7RwIFfqin)2&Ksqag`e
zKpvme15nCRwol}a%_1bS1-`8Q+B<o6fj$R|nA~BcQ>-`1Kt0pd1mLLwjP<EM9P&D5
z;hhS6mvNQ$v&l4h5ULl+pQ0J!Yp41i(0+CZvbQL|io2-`7u#mG+nz}C29?Lxl-)9~
z#R^5mPrR_D4<)VVB$!^WtTRFKIg)|9OjHF#*hzH!ItjfEuC9D3aM~7iFKa@f!_J9p
zJ_{b%8D9>fUZKVbb(9yN)6eY5iPRv^T8e6xU*$GSg>8E<DC8g#>t;4!KWD9Kb3>?d
z0+vZ2u;2C*6*I?h31lJp;Ippg^P~nb2dQGZ*X=<hyF1$X92f*P6CxmKS=URPN+<3D
zIr&HgI=#NsshvpDTRfTadzbIqhcLdZZi%}1_dz(ZiQ+URlCk6@rb$GYEch#+_M?#(
zX>zR+3*Hu6slMW#8@15V7LEWRP%;46kXPIiZZ{kR?wEA=D|{_vDEWRlhXkvbm=v0P
z$TvX9J;{A^*%<I;|1DSGF-lED13wHpw7b{qq{*K3Rmibl-Y2pb_pY33&_w|`iQwc^
zF)@TbmQ#x+A-{36YDoU!0$6*^7P9w)j<#?2{IB!4t!06T=rWRZm5y%?Xu>CN5~h^;
z;RhdtRQ2jdJ@U1j+NtQ-z;LN#g0ucBR5h^-d~nDZnfj|p#?CI!{^O`k@vA%+rZ-hq
z(VvQ8)HqnR&;edrZFq2>pgRlyd&zjPari{95R6LK)~VeyW-3X*UgZBoKuN;cshY=!
z;Pxd13hg>^({b~Ao53gi@gTsBfL%cBsKW;e9Gd`YLNC=i{N8*ww8b1P2JN=-!$wN@
z3%^(p>T@(If`H>E1AT8ATDB89KFwqv{<Lu&_1zB19uXL(<W0){bGbt!*)O+o7$IW@
z_UyjBDeDP*cSuI-f1vFOw+W~tqFLY^uraq+1_ndx)V}ncJ-Gcv*#HKvUg5<t3jCU=
zH~EvMq?IW?H6KEiaaX|IzGnJ)#O%}>+@a_HWR5#eBgIIe<e&sBs@_AAXUXZFlJ*c6
zV51#4x#gl}b=Zk1#t$sxH3;3?H@<cQ+WaV=!4o^`{$0kPXWxsaGN1+=pKa0)aDI!v
zg5X57Qv^^ce|D@+$sl0mhr+h~1c`eQYA*-=Pu3jz{4}NP^C`AXeEcYXqqD;4)%(Fx
zcN}T7IBRoZ?6oq^h=9E|s1)z|;Ds+V$+}iX_wF5(nzhEOd|J-J+Yx?}tqJaN)Bq1i
ziyA?X6$(<(^6tlaS?<AEs+{5P10NXBNfWO*Q)MUY_uV*S36GwDf+y%Cj8smZ$ZuJZ
zpG$wed{a*TJ8jNEURze7QOnDlMyUTwqb94Zc1=<byX!*peW-Hy&vMD9zDTG~BWxhV
zNoNbVl$R5UtS6R+>?Y*LQ~xxsNu+OE-?E#>e3FG|ZfADrx@icI{sg5-;@U?)tHKi`
zC{WSXm5OlO6HfQ_-p~21=U-#C(30SUU3l|@;RuBnfOC@*DSLcuYVdps&+v+pR!?3T
zYwN4DHI`q##M4((#ubGF@I4^c^R27=CqjBkc&1zGQZ@E2urve3PX{nqap!$o(Zy}Q
z|I^Y;=Hz;(3val~K^JIpstY0ULi29V9`y`n71&V&TP6%pP_fB2B74k8$H11Tb+1;&
zUtvusj=^X>kpr6Co2iTcw@p3gqAu_I8Y?F^FTx+6a5tje!RwMl%<cC76E=fV{S1DO
ze%FQN4~aBK!EdL29RGhas*WiwYu%}>$rF-i{SQwq<sA4OtiTWFmM2!4{rvpCRCR~X
zZ*v5Po~e5=N&T~u+e&ID#pCp?x2`e)#sLLk%{n6a3C%n1zuhue>3r)q2aDCX?gM_d
zd<GH3w$F)JePEM?+_sK~g{LnLem1uC^lkign7ntHh-^c_!{gx#{@txX({9F*z#YN9
z!ZN>rF{88f++?-_Tl4z7)HtY4Dgx>F2;(3RR+MBbouAJ4u$>lnRkWr};cqRQ5urcu
z9V8bO&Z)Rq(0L1JgXC3U15T%WxN)KxNtbHfriSv!hJzIuCRk^z)qjjn#c0l1pzf61
zWoRTUIWnrwKtu_#YoRA_nI_u!K=e94mm#w_c5NWDvX=2CgA02Ox!32rh3~w8a!BGL
z)=Y+O%afQ&ZgN-ZAZ(S_IHaq6v0k#EYDZhU>Pt<b#JKO(nyQ2qaop+aKpgfR`titH
zfnUejA%|^B+mki&qBojQvLp_-{0{OdnWSn-FETGR=Ia-c;?x8<<ZyEQV`CYBPb+>1
zLxg?1cCE)7nundmBmd=pe(t#kp*N260Z8CrJuPZVwNA*`C-lnNo!aP~-sG))N}&=S
zAerLu$`{%7D}1Mv0(Vc+C6mOjE`KU*0XJ6q2ZR#0cdqVn>owDC3M&}vp~8%RPpm8$
zPLx^UWZ+Q++$PeUoKxW#%b$>w58RjAa$oX(O%&~J@GmfG%y(}Ky|(wzVz6fFSier=
z^eb(Z;vfC8PxR(kV5tTPw(gdt{e(^!KxqhLir1o%Fexs0`lN#wnqM8h>T~kMdqVUg
z+G+M4vuLqZ(F^Xeica#=YA;Dyc2)bT431FJq6y@uFyp~+%%_&u_=h8V{vO*OnH7H&
zbz{F<WMg&ryi7j7i-8q&<N*0u0>b(4#*|B(aEgXlyl#Q9Xm{G;O7E-2#ay)QVyOk3
zswq)xHX~_W7<bpkMU%vy_NUn=z$RmdII4*d$kSXCAN5^M?HDtN%69h&oWA8Mly#9)
z^?&MKl-8OpI`9w|#&DUKUM}wEi|>d-ezz>m!QO0IMLB<SHo{qlmQ27a#u=-rlVdH@
zY;O$K@R{`!U0M9P3D5Rkbo4Pd7RPq_H!uYX9q}p>lr))0k2!UUP@gjK;4Q<pSGzyz
zf!oI&_T*w}`QJ+`sL;zvUvXk?Ndp_4SrXMrKJprDX*DeYH|wr$BuWsGy7=w)l}IH_
zkDaZ4MKLbDY*~7QS{}eEXF67gKM`upou|c=G_aU<c8QD>^nBOSX6<1QVeNd};<Gw(
zUR-T<(gsLFed|<b?y(!DRh(>#;#}F@J$zl3awYj^jk~%;*SyEM8;0vef%+c{aEfYe
z1aPi?<`2#>6du-ZFx%-X46m>BR^QRq)Vw$Rm|)L+v>U?_a}%d@D*z<y4oh?cAecMy
zwQukfx^JD=B%UEUch1g@yLmz*xP+;U`BU@eVCBxN_#>QxoW&(K0bSQlya<%$%U#Xj
zPD{79O1W~?1?(d=LywM4ca8Sk`gI&rp*Tk(!&?S2y(40HDLuBrkP!DxiTQ1j!_0vf
zwHIo$78N5KJ?dzxgS0bn<ktcnnZ`CeJ~`Mr{-r|++Ga}sv;lP?DYp_k<8!UH>aTnJ
z{eG_N5P)SrfGpmkNzx+X#LCr?81M@aw_hK=K;i6|Rz9-0()reR8(JKDEW$`2Ldzf8
z)qj%y%sW#}47HY6q^kt`UYeHwgjST5!y$p;tzVzYgt@|Tbo+rvcJwNaC<4FQ5RUKs
zA{4I>W>|gTr%&&`T-2_bYh|LC>a99rDST7}{qH)t!L^kVq<zbPukER3uj?VtqF&ZC
zEj`{{yMg0L11PX{-1QFK#F35*Of=G#E6p^J$e3<M4q=leJqsKgF#ts9WSZ{(Z<p=^
zX9>%xXHi4R^?c@c&YDMlm%D)@J_na+yKR*_onXk9;7JKr%a;#V`YL0jEet4HNs5Vv
zYiQPUb4*uS2z)tSY2g?-50d$80nvy*v8<BG(hdcg`b6;9?!B_*#Oqht=1XS#`_lFq
zId4@KzI|NuVt(ZIFih3zF79cZ*TDNno2cIn={$Hum%Q5c1RbYO5xBC#GLe~quj#%1
znT1t1q<}|J^}MZ%X9Liyv;YyD7cna-Rr>>Zs=T~P7S)hEZQF27KiIW}%)3&<-;ny@
z_pfp8Y*k$KwxkITBlNK0)Z@lcTZ|KR%BAiTJZv}Id0S-gp{q;Q(3AqrU3T7^fSTr&
z)I_+GP0GXg=U-QRaRvB0c<LY=^sGCpD|vkAmQF%yp3e4d8?lv$7zJ%Rg@k_LO6!{o
zBv_Q1B?pvT8&2p6Hv6Aa_B?AT+U+7#bu=<Oji~BnFv)E^`@|<!HHE4iYZr~+(eeUy
zX@~OBF&^J%TAgu>5(Lz)>K!XL2sf?<o}=%q{K)F;ewvk!LoOt^*7%*JY~^s)H9d>`
zH)sj%lAn)$^2Q!Tt&Um%`bu|<PO1@*h&$3Kp`Jd)zPfWW=a@NqP6y@`!AP}zy`Wd`
zMj=>V6DEfwEP<V1AWN}mRkMi2?T=FqD%#s(XH}4tEz}7_-jUhG3H5t>0gZ2n*gv$F
zE>b}J^$R+eyXkRe(lG?s7EVe}a@=!3R?;}YF`HSQmw6m(Qt{f`kW(hy{Z;kHaJoxc
zkN9$82m52FfFOMCf|J(lrWPMtWF{)zrt(u}pj+N6c_!XT$*AOlj<x)!rp81mA*y?4
zZ+Q6n>PZ7<Ap*>$PiE?n^2u&DO0mAgp}7vNKlfju!z8IPf`TGh;P6cBK}CjaJ(}zN
zLU>c--NROsX~D-rAP<kc4hYQ}H#I!5x93T|*%kI-=XX&mLdx7|mj^43XP3VbCTJtB
zDr2<%1I6_q<uVdL9WSn6U|Le~@d$~N0{B$%*sS~uRcKYdj{f?Lh0KovNz?xU;$2KG
zBjar7mdWoAv8|ziUD3GeN5)&*6F#50@GdbvVra-SPX#7Z{HB4o?Hm_Rkbe`^bk8kj
zPKh_CB-%K@Q<lKd^Q)+rGaTbTQ0iYuOm!mW9)3_4WSAKHH2kw{KLW~#yK@xi>x`wz
z`1514pO(;4&@WG$ZB%#nB4xU8f(GhZ%h}w<p(S)|xKHq4oY^C<?+%9%A8udE9dvmE
zpcu#kG+_1n2@+`yOxoV^V_Y7Lj@?m;B++DMKI8C+w7{W)Ss$bIsHnWpwCZ^Qa!ZkB
zH0~(XbS%ZSHi`a$1qn&vqa0|)0EW$hNb?aHS(uxJ-c#y=osGyl)tB>??~@8!J5&t+
zueJwL6TDUHdeuWkSo(&wmC-C6Ns5o>9dS`BF$OirYI0DCz=gk*jt>A1RcJjgoopzH
zFF^AROtzfha1oyOK$)0*oNz>#(-NjA|29$W2AVEe1_Y3}y!FxoSL`vDK0yO#I7uPG
z0%wJm%rxi{`ra0L?xf?RLUah0Mk0R0;d~w@_<=b2i2^LmT%hMYF)Q;d|BJ;9_AfNb
z`T3f+5A{B$8wx!!caxtOpY=>H8>%a*uBJAu$I9E=^UQXq#_*ZFwN@Q%_Lri#bg9g$
zo3UY|M}=10qjV^#>zBt%Kw5(Pg~H<yw~75>MKJ}-4ZF87cMCPqn#n4`VY@ei8H-=!
z-H98{%1}@)CDAr~m~<saA)hNV3O|B|7pkv+SxtOZZf~uVcV&IO4KyW+2=hSo+N|>l
zHxU_`-L#?SEy8EGxT-4#d6GdGaA;`SC?pNf`t&E6#<kx_m*nWk-kSRu4Km_?Ozknk
z?=62{`+7DD8g>1-V=M8y&d#>8Og;fBJTD1wjkn<{TRw+z@lnu$G&1nk`B;Pt7nby@
zkK-h=n-BRoX(}q#H4+ko^+}C|7xT}P{iOx)ev_9Ui9qY^lv#W98!DthAm~8gkJY)!
zHdgel{+R`^v*SA0o+b|t37M*y@M~+_8jk?2M%zQb^^YQE14ViZ`~Bx$>E;jts*$AT
zxK@pyq(uj1wDqcui!Oiw>Xwn>k@2H+jB07M_)RM!boPLFH7|T=J}G&PM~yU?dP&ak
z70-wFus8GR=mJ*q7}9r_^W)+ue~iAow7<L64jP5UA?Y7Jz%XM7G@7HJu#nIC(^b3S
zN@8Q5Rl>J1OeKW8V(u*gc#6u(triJ}q1{r4SDFuYI2pa>nZ@^3+87<^IZa?7iZuI0
zZwmr;U{P;e(5<Q?%Is5d=M1{mH%qb5xs&SeZ6B2LG?y4#51atgl+cWBmeJ10;k9U5
zuR51h&})sP7f~yO*6ORUWx}W<2nDRVUcY{DsmkO!o|15}C}^xcOid*(><_nk?s=v+
zSG|3yW+Gb5Wi}0=x)^sDpMQ^k_|3h4n<_OTpDj3D58{5u*txjZc^9ZCzP=vw$mhWq
zrqAfVLG_+Pg<EGa-^(qgFI$(|x%Q5>c0BcC5>is9Zi%fst?^f6L&;vP&2%QS?yj_v
z_cK*oz(i>q8m0&rFN4nTtExexh|ie{g{u57Rc@pTwF5JM#bsLi#NG*$Qc~*JGNZ>r
z*FrB)z32Ugfo^ONT3G1kE%XZD523R-n0dbR3a!0g<89hDEi!7{Nn844@%noRjZsUM
zQmo@!I;$(+oM)d}eFg2kek@)bci)81y6V!Pvw>T`w#Q;|jZe>`C@cv0J3M8_Pb#XP
zGFra87t^iFI8|LM_r(k(NZpqj?p`%<;FBR)=lfAd@FDfd!dSczY6<jyVkCaiGI~tn
znOj&eOGp^nR_*BzXsISb@JbqgUB>?Sk{%_eR61OWIt?0FuEC+988Vod?*HL&F=gV*
ztK^p|oG(0nMv%<f6pvgL%p?k?Tn@q{QwiM2x@HEunTZ%#*|g(<QPI#$Z%@aB!A@Th
zbI$q|Gy&SX>LW6S)mjOL2hY70*q0=<_jfjXg;Te`#j00+Wcw!0Na-jCNW3U?l-U8B
zX)SH?y8}P+;|FQgU0TFj*3X^a{x)<$@9!@Do)x0W$<m=0vF{tu^aaXv|Ni}!%|YWB
z1x8P~-73{$?__aLew`xS^e7E5C}%6Z2%7E+1_saO=-*tX#RVh}$KEO**_419k|IOn
zpsDZ4rQZIf!|CcFY&>>b123F?8~ao&MwZL|<Fhjjjn6Ctee{S2wh!rcmh-q&1*O8p
zjTbKoPq!EMvsLANWbJ$MQQQY{r?~lnRx)Bkkyt0afK)5C&4)7RV@|+tPznAp(QbF#
zMyb_I%jk)&jQprul|wsIrj!>G?rdh$Q1yslug^R3T6od?M0ZAGCdW1L7R7!m5F!NX
z0C!!5{~-4$w80f8{@Y!L@Vd;vdm8STI9=RZFQ!cxAlCcNZVtQw3>Rc%beY4Cy!;)e
zz>v;0K6~`}y-Qy;sYWzYW%R<Q2xTI$881v|X3cX<H#CH(;?9DyoCi?-Hg{(F;~>n7
zxJchHSaTt}o=W;6+J$)2LbOGwx4MpTF=k@6M#@xR$2@Loed33gP;b7oOi;k;X&FeZ
z10*_PUBSjeqG`gio#imUr}!MbrNY<BZ>OF?yqKz~`^5Sg6O8Tti9W5Ez6TZZ%-+xG
zjPjHvnFn!THj8k?u}d=}`5%?<2^9>@zqQ$T=%0)xuir|v;#h@0PY4NOAu^94ZhIGT
z4^?=kX-Gff(xuZEM#jne3-qjV6Q=47w!&KHmPy)(8TOrer>WlYzHqlOe)+=^o&3|f
zN=d%FLo31xD-8l!o_Zl%T0al+&+JqomE&{VBmQso|Nfk}AqrJ6niF38^0kSwzqW|t
zxxV;Dil|fmX(K7SrSefEzjyIsCaA-mP7kAAdGGRJHRDkub5Ft(;%(9k)VqnyLFi5K
zHE2wW%t0CSSrh<7C0;ae9w&<iCO^Ji;WE@bb=Tn94?gOe>YOSR$E{Iv7lqJ_Lpteg
z%Ls-=zv4G>$+C`zq}m=|Kkk3|W#^4Sk4fE#Lk$$Cd(2dzxqO;0BlFh<9LS_=vQF9Y
z7PMt@VmuDagj_e~_<pTnYwP`QyM}MJcQv{VyOB4V$`)THBh{W*Vq%~U5A-L8!h)Hc
zvBRs|^t-D)x&DR|9;s&6_BA$4Dbf9ty$?8GLTY6y_kXp8NCcH;)}FT&7LIISC|2W+
zAL{8QPnjK*q<p8vn6OC}B;UW9EA=CBul!u<o?ZfKKWMde4CV3b9=fl8aC)cWUe%*Y
zy~8Thc>V6!@K%%v`Iozq4_kdky)gLHF!lay7&QowL~#wZ2Il2sOx~dQ%R(6?JP`_I
zuP5P6-FIFQY;G8HqZO{vDr|3FCT~ACM}W#qT0`2FC~S4%4YPepN1;2rZe_jRo&Nbo
zdz*VAx*vY+VRJ5{gTLWD74I|XKwA?X!tuQVD5;Qx1nv34o!`3?{gcn^136rOn{_l}
zJhrvzpKD|)PnXz-In)fVPA_A*-?`miYa@*9BqzwsQIwLT%kM9gi7GEXC_7_ZU=y(@
zGE#+A5{;d1Weij(hO1aqZ>-C<_0`cmDlo*;-*<`o*l$H>V?UQyWo>L%p2-JO3gF-=
zRFGCmsh(Ay;dth=CAo+0cL=vobYiv}sWy8Xi~uQgR_A)V3{dTMU|g=$OvfKNDU)k|
zhmBdbozc~JZyXjPd}``{O<kvQ^m{&N6m_Ma#S@WF4QukgMj;VRD#``3I5ZaGH!5gl
zq#~2_V8c&%Mty(%X8d$-s%=%;Mns)@SM)7cx_a_nd*WAF(##$QndnIG7ZjQ(KeVzD
z(e;NPk-ck@$rl49IZUE-7OS7bL36p}mVhFu5tEPq_RfnghP^5qU*t2!;8LtVA9bGB
z#D-jmPS}%$KCP$R`wcdUk0;qs{76-?xX<NaT10r^v5ENYTV%_AcOy7+6PSqL$?@-%
zI`n0ha(h`E$KMCi^5;@?4l+uT%>6ujz35YTny)vXKbqqVIn2@BsX+?Vn*JJG`@sA^
zL2)0}^%hg{(^+?T>eU8kW6^`g7f@1G=MS_LL6M8+Q)k`FNeG(v#F9)6uY|ld>ub%H
zJx@$FCGuqQL*FT?E7zt<plEZi@ww*yug%7NdEWzft0tMZ5}d!W!8=oQ4mIv&+ZI%5
z7H2Xn;Rilv$J=gy5LmkuWP+(gduvME%8t*-z7^HHGjCCi$jw112TeSiO83xL9jxc9
zM>Xn1Ch_R)X;GT@m8|Fao^6e*^!!k9ZcaRfI=l>7+4k;tyl%PvAtYNnBL}*)XC)to
z?bm(WPvz^au()SlE=r=2#tQ1hPlC5yj*<{a_MNV3<;cWRIw|{NXudp#=OW|JGHmq?
z*w_pF_b%v!I*U}q^g!<AoPCL`0ci=J-YFEvuK_I#LOJ@a8=|}-W$EGG`t!?%kMlA7
z3qs%aOoaBiX>abUW^=f`i)+CXxGa+l>#SdWW`dF9V9sGq9NY4tvTSx+@yck<|AZ~p
zcc@fRjrG<JX?i=Y>-LdpNRtRbk9bYS9umwz$9GFVMW18cTFT*a&Y8Sh-8v}r`0d>)
zn;7SJl<$hWE0MOf3y(xIHtr;%FW1iIL)>z6+Yl@!*_Zjas{fN>%$8Zj69V6U7MCeL
zIL;JPDR9*pZZiR$Vs@yf9mPUshWPja7+<WYKQrmC_h@)tt%D(Z7*WZ~6!lsUZT|g}
z5L~sb?{@69zPS238-8hIi!MKg^CBaE{3tAF-#GjN*(o=<V!PTdBb4nBmJ~h+FQ(ej
zQDrL9y2r;Ss|@)adI6KXPFGSWud(njfDcI+wbfMkhN`!NynHcFrZ;*nLnEJmfNtxs
zY9KGdD`ubsjZTkaM=e;pJ^siSturem(0R8A-V2E@k{Jm@C#BkjI%Omcu=TPm!);s4
zIli8yM>`GmHRt^H#3b&(he|3bFUsp|EL*+0R<&*{S8F@&GP^2us_5UtE@>Eix(a8$
z+qcQx9w_Bid31Mb#Z=>kRBGfregD&QLY(nIZwz^hJ6eE<n2;jto2Y)`g1hon$>-GR
z7|7~y9ooPZomSn2{;DGU!2s13%Oc|xGyGnCz_NHqH*;y*y{T^2m+A=*67_vo?2)K;
z3a@R7UsuI+&`)Vm%_wtKk1~=99mb~KF&FpHsb8e`sy@>DA?jzf3-Jn!3cAXtWOIh4
z9g;{Kx%>08`S0#{_Ci=~vn7$th}QWto6($lG;WyXtC+YSqYuvU%G!?xw2rhPrh6H6
z4G0c>INxTw$>?|~j~rZBu>(b!Y>?0K%zXQJ6z;Up9~CER^Tk%w@8im3C52ycBVZkB
z`u1%sXmdrV-?!}Ax#yI@OnxQ(*mubu`=4`vzu%-_G_TC<EW_hK^iSCc%@jLzE?=mU
zvm544ul@PsDkiufD}(WH%QuSp6N$=V)prkpu;7dm5?$&lp*p)19{4$n8Yw!4+Z#kW
zw%O)|ZhAN4uP_B94SOy5!pj+L@`s}vSE=e03Qv51`+6+*Ohsrx@n>(sf=6P9QZ>+$
zTcz~rpIZ@`p4Ok$`lx=iKKp=(WGu)jSOchbr2(CmlxKvvf>&CA5q_Z#4Jyv-yS=<d
z@UVf5?+_W}XC<3w7<`!rZ}`Rq+rv@G{ipt+Q_(8-oH~DyY})5#IuNBNh;@F}Yq3Wr
zBfhaT<Xq{N>>)%N{*YjKaZ9CCl*9uUnzQ`iiaRPpjIytcsaq(*nK|4=G$=A<5Q=T~
zu24zyOJT*`a?()0pYTj*Hk#o3`-@=wA<t-}t3EBu=|lUwV)HQu>e8VLjUr6AjO_Uk
zVPl=bEgw!?YFi2Nn}SUp@#8{AgF#wasXnRZqHvr@aGs)zZ+cu6l%G|-nl9l2D{oIq
z-uTVUP3o#JF>;docm65VfP|BoCy@s*fgU$xaliBKabWL<Z+3Ie<a;>&m#-A4n6h~!
zL?t7DhJ@e;H&hWNY2PS}N1BuCg*vClN|GoG2)(lZPDi7~ijb#v62C~V;;q$4cc=)_
z-cqDU*@z#PU5ffuV$gMyyZSALd;UV{>5=A_NjyeepGu6Se85bvk%6qv(m!ojSyC|C
zozI>4Qs?!jl=+Mf7xMzVwS|hH73kYX#&`C-Q4Eilzqre}4c#!TR_WFn$+5~?>P^0V
zevG?>+mJSUT;y)Kxc*4Nz5|O&a-(as*ZZH1$SRz%AFf_mOEU4Vs;b-5L{`v~U%6RG
zL)IA)8f&`WSH0v0eDQuBV)^yg^k4c@@8Z%KPy0QgE2uwTz||J#v>Po1Dw}bqqyn~S
z1*ssrN%;dCzg~{v^O;$<h0-s{?pL}iYY*ZZ&*UBEM&oaqj!VaAd$=Xm?RH>kUDYmF
z?z>Cr_`>he_m>zqN?nPNLfC$#MxfoAwHohlOOeZ6t$hDD4O741INRJ&n)@N_Fet<}
zM}NKj^<vkQ)zd*Yr9#fvkbX4Bb6g6Q2~N>ah7>oxDe!Z4?*76=zlv|OkKkHf=AE$d
zL3(J;`C_;W2+mr6iAugQrf=M7J}0Crc*DRurq66azLh+WhGcj2)z}`{*vuZ6fc+L9
zjIL%`7x=h4#4D%o$GrMX@L}UQyMosaZk!cg($$Qp?#7w4R-KZ@y{+f0@%r;<GI)1`
zaa1(5)P{uEg=YOl$BFg$ZBuyLi@-3o_1JuG^-;#qPOme}2Is<kH_W(ycDz9FZcF$C
z=Y1D!KHIMr9D63@YIP%%5rP+=u_jB|JKv$##!r5Cfjp_2jYV5T!YFVJnOUZOPD?NJ
zi8U{IQ<2rx@y<vM-YYNOWWzfcrub)te7fWKc9$ONuUCAi9eW3{7;Q592#Ua=?2@O8
zDRpbPn5J`PTcns7waXapdd9D++w#EN#0Hq?Q_&@=``*S;^LyL_Ojh|9i)xw*UiAxb
zo)2c%ON}ec`M94xplkSv<$`b(b$+r}YJAblTY@m(TN3zl`JY&~@-#gclbX-w+k{}B
zN#(;hbH9J4%|Z8ju2rP2{}6@8^R}Nu?@ak0AYC*Py%a)ncT0#tKfI=GfeFp`dxm3a
zoT1;lCab8mC$!~8I<SV!iCbNMqm5rgpgDhKkeeK*7(=N*nb>YH5Y<uZ+nxjz6U-@`
z8D{(M@>+yfeg6BH*;YiVJsz!-=55Tze71U_lfH8Rb@Uo`F#R~}DZ0JzOeZ{izvXcm
ziq=mP!l(_O@9C$k%RzDQbdVo*hQGc^Z~NK7x$XX^!mW_$x02Gd;`R8v{yM#OiH|45
zH^=$+w!;{DwTZkmLeih2dm|ozA6bz!Yx^YQ-sETvw@$`Oq5SdbUGKkyMWF>q1egNf
z$ggzQm>THcG|$dWe3>uVD;&x`jTQPwlfVE6ndntqK~n#%WsyESa_!6YJ_UI(M;bE&
z=PVn)a-}y9*YADiWIc7$o#d0Sll7=!iBr;qZE9f@Q=jWCvCHm6dnU5nJjwcg8i|i-
zh^-1s`$t#b`P(IKti8I8FB}bfPuXG?Ch}ueM62~-U3;v<a(nGu!7yb`);VLT8;h+A
zm38mq<SH2bva|2Am1p=%ky7W=tU-fCBIj2jO`u5OwEOTc#y`98cd3G1Yf52UZS;Yu
zxR;F!YT+yV^y(|wi^E<yKghStWM3HGjdiVrxb@RXdn~?kY&bOJ=1IjmCN5+K4UxKs
zO+{@Ac}z{;+hR=^+cf`{|NZmmz&w9><(F5G&6XByqMI!nk7w-_rUILQ9B~fLi`sVb
zF>xlK{SnmnZMLnDedH%glxZTry@J3W-39Hq?f_DPffu~5RyI_>G)mF#Ml0b51sOOZ
zmuux+P|D-XteNW576gh>1e-|d?-;7M^XK5@tFkwRK9(rYWXfl@J;W-NR%`zbwm7T4
zULm(V#VN$!M_ZXSBa&DAp<7%UV|dVv#`wk-w)U+vX`5~Lp1YeV!kE%`JLi_%@9DuM
z?0TbFLC%?_EnQF>uOiVj{9NN+=`OBY6w(QNi-B6f$T_+k*Gx-k;B9UbY~y`9uRYN)
zw-!%GoBZ@%(l5TeNO*b&fdV+Hu(QWrwFYqYsfRh(Civ|Y`8<YgbC$5}5oPkCr;le3
zb8<caHPtdKz;+ZOY;)@(+2#G5_AiR0>8{G3Q|4H3Dom2m%^EOpYqpv|E&Di|n=21^
z`U<m9j6^IvN^c!qtMZQuXcQ5X8KG!gC2YPiFI-IgS4SX7FX;{TigZA##amxN+MLJ{
z_aZSuwlr|+*X=F+f43s)cYf84m%M~f<qRk^dN|ZlXE>Ao7*_1{KcGs-*!Ue}Ib&o=
z=o%k$znjT!mVo20MqJ)}RNU1(-m^C_&o|}gfi`F3krX0Y>T4O#l^XmSn63S8$a8y#
zRiQO5Rm<DcN0bN2yAaQC+QE0B<THCkNdCjGGGD4O?UBU!?`V6K2IoRTJk`KapI5k7
zn}b12LQe^hw`t<}o$`#E=nIKSd3G<Glf)!KC0OFE=|Xk6({mc4ze)p}J|ViN4GFjP
zayV;LNX-(R*>5_4(WrUu7V@i&Z+r_If?Cm8pyBC8-=Rs7DV%>la)bL+^}s&9g~k2x
z<QPc_mWRdId6oNc*)VY*+)3UpIRkb7#b65>mu%o1t9+kiC+kx?DmCKk>CdHe$bEb;
zEsbYIU?<Ei$67d;avazQ<lSzw*|7bsXF1Af4!}K8HVblb+?+rPp-wSRD;re-2Pm3%
z`Ewu$S0tovxd*OBRE+eW_x(*&!ropH<N8XQCi!sY^V?;?tr`%N?7#iV0gR_%c>^zy
zT?Fu&t|&|9Fd{C4CoxWNm&w!%F$G_uH`4DE68vR*sor{OOseAn@4ux9Ebz%W6oAF@
z(7kG=!((YRm(IgSTtyuX@u<DsP`%yq_1gB_T|S=TOXWTAhU(`<iN`bU%XaU{;9VqZ
zV451t-RzxOW0N999<>-P?A{g#y<v+{mGMPT8nUGkZ^u8mmhmq9V4q7jOE}>^(Ojj5
z<mHc~E5N&{pZUjXit@j)YKb6luGThv9sF_I$rjh-Btd%A()34bf7VVbr_g+(1B#}g
zSC4DB_f~mOTZ#jpIK8Q77De|5#w`%A3Mt`#Ooc9J_z@7~*L+!9ITv_&Gh<pp$JH8H
zEQ3I9EHNz6FIjS?fB^&Nq)%odU`Ucyf)or{7%&5HAlcR!e_r^j)ysicg;d?qO{bFH
z{bhR4hah82G{Ir+1<j<@(?!+II+nILqaH3W;_8T#$Y^Uva-D|BY>+tYLx;4YGlks~
z51R3(HEU-AAAU6~#Z;Ic7iqqo(>7%wV{7T=KaCwu)wcX2mH>*$vlp07XA(vJh4MIb
z#dC!VCnzVY=fPXg&F*=CuSN_Q$}SmW^Z_!X=|>IFDar}R02<Ty9G@_xUlGo`Z&;Il
zg_RHVP~Ry^L|Ey)xWL9KyD{#w@trQvu1eNe#-Nn*XNUK8?J23w$lX(5vidl73Sa@w
znT!J$=IiHmj75cNP*IqEda|uig*gWKgA<Sw?P@I7H|CSU?Qdf5;(>oMXQDvhA^~hm
zRv3S$<4IRnMjMxm{8kSsIMo#P&T!!T#GpO$_QniIH4MCwh{K3&XUi~d&#8+*Z7oN`
z?)~Gdt~~uJU_$YCjr#NTVtzk?zd?@m)M!x!A%%TV|5P;@{MOY9(A#bC1u%6^<z6mo
z{%fe>3f|}DvzL|sw~r@z9f)KaEBp^ck3-}{)&D8Y^WVMHSS|4%cU#_Hm$w2@tKS&z
z;@5kFBjUWpAE_QG{UuV+%YS{JIC*t?0L+y1QC6%tUaA>rQ!T{xMGZjF0s<Pa(rD+z
zFwWOseR1y<)Jk;y6$wgS{qJ&BY&aNcd3RR77=FnX4SH|?1@dC}E3VL^st4WHga7C}
z&h{`-{2Skn%2)rclr0!FB;t30Q35f}`In1yf8K7PAzC^8j_`g%NIHQf&%3tQMOT8a
z-+X2HKm;+?m|o8Orru=4^3Aake@|cV`j$q(qW`%)vj4mXL$9$yw_+Gr7VA>#DvxL9
z^q{m|*M}w}p8KS-djjn0HIC;{JYRxsntMB<^_i5R?CyDM&w-b<2g2-$N+R@3Kb{*=
z@gKynDJVsPtdGBk)b{%nM|?c!_VawswIV3*S8>1eHAupMnOZ%t?Fdx4LH~eCIe_Vo
z4;kAj&_Dn^erNYgW<*Hv!#9?_GKg|7!$H%kkDetz$&!578j!&JkB^9O_eY`%SeXyN
z3s);>oF{VIDs{d^dei~oKxh-l=cODX@<>)*ZCwWg3t>&i0}GcQEcjnE_A6R9d-wIq
z1z<2vTN^nOgJ!uaK_M6}6ukkIwSCkh{^h?0CR{|Sl@|Yo_YDB=tN0+lQB(lssDF8*
zw3bJN{FXDOSS;fLMXZJ`-!hTvUu_?s>ue^XI1lim^E@K)A2#3uaJEkwcjU7fZ0M59
zj;2KVns=<%8xjZpsUt~O>(fv%&fe?2eAfrxBj_UNeMWv#`8fFKU(28apJC!@^JV(U
z?-qczKYX&a?XGX}V2ZA0AY0W-xqsq4NJ-%}PPxEpT<=Q0v%bqBaqY!{2?oq_2$QUw
z&Wkb;ADjChV@^odo|OZ|@St!-O%A!EIR!ck0kxZ@IX`iXy^Yv>d9y7}vWpA6_vILi
zv&00QBS}VoH4yVPW@Z%rGUbyqRTi6UpM(Kxsy=omcUdN`<&2vc;?6<}&hpV540xR-
zHs}5z`}V^L+P7|{{B6nIHqAoVCP}~&FJ(RpYypoFd0Pd{@)%qP(xs7J6PDzKV4csy
zg5)0mnFV<Af-QiX=i)Egh;|A5U(_sF5T>>lDlL09`HUsxoOkftNq}8Xsr%U|(iZ3K
z>*)>**+-lq6M#4@!~b6l`~HZrPN+3ta_aMo?{s*_RPU1xG@s{sgntWoT$q(34Rt$Y
zMg}$xMjJmF1L*H0SIDiC+I`W@S=viDieRq4-jAvts=N?iWE57Vi*Xq*tUnv{Z1?Va
z3bs#0N3Ox-AJ=f4R^t(l-aMKd%YRgWn;ctDCDF#S_lSuddx4$rRPaz0qt1VncR=%W
zYo_(*BK!EzJPy6~<oy457!cuu($&SI<TiJvg;x@n+#2dw{#D>=y-ZHBorlX`Za@DU
zaA}2qne^zGtAzhOCzoMMuS-kVpb5+<y?3^oo9Uk!y9NZ{fYC5t(Gwd&4vr;7_+mb;
z68ti02gx+HLo>JYPw4VaXECF-Z4`p}RJmrC`1Ht#jQ=s}D@uXnQhOIf#ywcTJLvaN
zZJ`Xh0#&ZxwZL@4`I4p`4xX3aC{im?ne1t~xH>x~Hk_#%k=d7#GanMh^m03#L@xg$
zt5+6*nUW4o){U_5dfHFq@k&4?Z*7O?mMP(%@Ww~ys@xJ6H5FC%K<inPxvrG?FJ&y?
z?P|?}g8}cugMG=x)=+rMC4Ae#1QU;)8$ZUGiiGnOL8f$209B0|HfRk$zf_=o|7g%m
zDtzWabt#O*1NUk%e61^?^H1+=p6g+Jd<d8g>C59qQxsg6Bh2S@gy+Ddq0rE-Dij#R
z3?Sk%)(a?mDwb!%bg!fKdN7s##YzX>S#{MnlYzu?pcNW@4fK^q+yA)kmRv#^Sy>c(
zIon1YjM%t;YTgw*Pp^(gP6G6)tz5+2>|MZl5b(dhCxrS;35mwZcxT~L(jS0qSGIuC
z8^m+X9OJ4C&CXFv2`9dEW4n?VtbyxayajK#@LM)375~F2qckVi@JubqL$(V?h0t_@
z+NY1x>lX9kfzZ^A%ULN`#PH}+k_2ria#WMwYO<#;`U>OzJA{BTLU3o<Zb{iMGWhJg
zLUj<nB>PqPUQbU?srBb;1ZU6gX5rBvPrSUPoU~Ma`=dtI_9Mh1+RvPmZ88?$VE$+9
zSQivmY=lIe5`pvkApsf9<U{x*+s{tbnEZOlV|5QV)0e0fkjzfkd>5Q~BFqkt&<7g8
zdv^2b3rktt)$K^!vsmz-kkHj1>UxuG2Oo84K75Hhg3e>2V1S%4DysX#$uW%VuRwE$
zF#kPD67?E-T>0h0k-@iHTsA-kfBREv;5nG2{r4zp=G`%)<{m9MO1;m`sf0rU^;gBY
z()tJ2<c@kmxa#pJOo`WKE3OSP!-yP@2j*1kzq5oVx?#)I|6OMfZ`+y*!8I8_@Lc7M
zo{`2grpzlTajzW$FERA4$^hHNfKQq*W42d$W&2HgCP#H<XE@Q{^MKMv^MGuQ4+DbP
zt(p*zWAUMsj=x@7CGvw=#x6=o`q5;dkdpw&mrB)Dzsm;D=gbT(SvTK28ZQ#eB;7Io
zwtYW=xIRD?0MW;wWr#Okva5ZT9?>#12kb@~LpK`U!i7&S{KO_%<=f9Q%BG0>B*aes
zy>`NKpxyph`-y(h0DN<S@%sV4-qFh=yflu#RI(F9V)`?|YolF~TfkYCf)+vy5$N`_
zs7A>Zk7$fv$hanP!MXz^g8fG^hoUx!rxmz#*>KHzhYPqBL@EQ_((c?PeCGR;E@zmd
zYaIwWm+-HVL8l$RuJM0O?)+Ht09h}1*^xwaH@oLylx4QB(J?J^Ow9NicccP~LOkCk
zKE3zw+x0J8t2<Pq9gqK-WQB8<e6=|e3-jcU1Z5YtQmUpKlRsR#Av3n>WFsng<o{A=
z^1d{TeCS_Vjj2zxI>K~bK!q{KxnVn<k@jOkeD?56*V!l40;?8PAmYB4u*>8+w>R=H
zP*HyC`fA|4oOBsD1S*DMZD8F%)&=b9nfmH$4fHsYd<mZIYvrqR>yZ!|a2}s%_+WAj
zTww*1gIXi$%VFHd!!xaIQHxr*@IeVzE}|-^yDB91p%#O}RYpm!$m68^Iy>Ov@sT3G
zEEWk6HXv}3x*%1?kxlnPB77@7p)PyMDi<})<q!R+%?p?M+S*1}7`b?tkUC(*Z{-}G
zRWo8Il;W<9FrHPaH+b_*;-Vcnq4@Q`3X`73q4a;DKCDuY3rEc$DNaC}LSGr!!P|>R
z3v6v&R7nfS|5s24uc@+`{wt^xihl&gYVP3OJ6dA$qt&MG30@VLt_UZC5d7~68>$=l
zK90l5V=sjB-yJ*Hgo9tr?;2Q~yCiuVz!>ccI6yPP%b!$FmgEZ05o_P%0;g{s+Y%aO
zF+5B0vOe%JEmek$%&==CyL$D|g<{|<bo9_=`s)3K-dXI)@1bB=b(R_j+?Q@&ZdCyE
zjS9e?ZoW6EXPYz)#1&3}R|ka?dKtv^(`~5N|C(}p)7Ua{H13*;L(CXbVEifm|HIx}
zMrHM``@)K(NJ^KqgoHHG-5@P3@X##{(uhbm(nxoAiU`t3H%K=~H=O&ywf0{A_Za)U
z<NbWTI25LH-f?yOuDz%Cy!=jY;Wyyr(7(&pa?Iiz2{6lQ@yI@0;5q5QtSQJis=tIr
zI0PTY-_w3}>|#GndbD@tAYXfoJaLBs&0A5Q1mr{Jm-Gl^-BM*5OQDmn;p5y{F1VI6
zMW0`iVdERVa;;)~0R=}8lz|!W%(vXUz2*kCz#j%8bdPn+@csz*S5HCIM+?L2rS`uX
z3zj(pp?&JIv`_|8&L~sN0Wtw9m2N1$!7HVo{HM-!+5pKgn!FR-qrOb!(NW+I6m9%0
zA&{wP$gr_FYWn$E2WYL&B2bcDd;OOFz1*L*Or+w~#KZI>{_PsBVJ<E@yo(nUgUcAD
z#^zJ<Rn3D&N|~Kwzh6Nmy(u^iJ-QhcJcS(Zc*OfFa+Q*(Ai(<Ve{aj1Cmlgs4@i>y
zFY{;=RN9~S9@8_3iAG}ITxmoU*C?Z*9krb~TtEgZhp>L@-qVat?;F;~L>l+23R1v@
zd$01JLLaBaa$GrF=r5llwE(^s+B*IKkX%&6-xAwa`0ZlF`;er>M|b`%DjiM^OY%*l
zu`pl6cofykknLHNU%KTbns-AH8@vagH#Az`@FEO`5#tY~NOAtA2E+`|CW4uzn;mM&
zX@sp9zqAw~*lH$BoFx8(0RkxkbSET=(BWiXKria)NSPTmpkU}l9kjRQC<?;1T;)G8
zqZ3{Ix7;TSsYRZ&3{*=}p)7n+{iZl~Ym9Gr#$t#4q_DVHY@$RbGASwe;%MEl@AFH|
zxzqiH@bBM6cL4AQQ}Zz<JQ~RkyQ8rf%`XP%%8%om%1E$GgYW56MXSn{5$*})>(_6J
zKm40bS|bSat_TV=)p9-*+{YHh3qW}n$^@)}ip#-Lhop>5`={rrfqI@7Vp<4?pak0D
zVS)Yn02I~;=FuZQMfNzUho$!{sm>V|oB0(3_Fk8qgZ?=Gzw?@(%RaP>W&Pa<VZ%P}
zGd`Z@?3VJsmp-G;#>T(?dJWwYTPwPjsrVmR#>$Uv89n&8Pdnn{Ck<{yDS6+1%>7DK
zV=EWQ1IEc3jhBYPbS#|?EEcRf!zFOYIB$0*%j=ec=zjx*t8}ee>%h>^j%QxiK4oRh
z*QYZ!b)XEi-1Ek5cL4y>7z0=-83roLH!?KJu)wk{gsTAHLgoT#EJlwds<elBnm*Ou
zivX>e4mZVLrvK8yEi|CQ{jVZ;h%Zh#lEhO)`YLkM1>L^1#GtlEPXot7yo(~GrKH+G
zNi`J23JL<HiPzKDH##ntos*N%&_Lh^kMa$eg1-S$*W2s!1I^!2_6Se#ytA?>wVkGn
z&aaOK54KBNm%e-?`3BIVWNjXQR)cbI&IkQ=S%!Q0YP9vkFO;?M>+}f~UTO<c;~7FB
z@g=Y=9<#VdPqm0YWRETWtKTS*<0B$3K-I$Iv`#*4TwGk7ritz_XzNR0eQCEO%77;&
z7$rv^#<Rx-z<k=xtCtc?QlYq6b^xx)a3GnRMwRJJ+<(<T8)HKSwT8|lqdia|P(gil
z@pfC5?w<wtc}zi|2sIt_FM&89FdXSr?&D11!bI~s1qE~rl-M{pOR4UAKK}IF0Z;IK
zS9{|*w~qmAR{^N5sA5-hbab4qY5@pY2ms%OK|GwK__oE@OTP`Fuj!s%N}p&M8~=-5
z1c)t@HesQTRqtfTe@mf}>PVD#vR@TKQ~y|=V(t>EqFf6U)KR#4?_a8w>U#Wi+F)5a
z{)Wu-b~sClYdM4!6-MBwkJWCc{D*ntgC3kMKruO|7Ti#Hr>2u}tuROQ(hTp1P-DW(
zo4O(hi%a&8^g_didqV!7${Sg4%{;<-q&e}gG~R}8OD*=K_GdTnf!|*rp^?(lBX4eQ
zYR0ZkRK%Ho^G9;ot)3_|{DEpkDeXHJfI?_{xtUAB#)gG$P8op!*GC5xHkA!!I#6{9
z6*gx_ZQ}`oe+xb~q2NhazQ5z~?AW6c&>W|o-ODh6TbC}juaOiI=1k`v01mE-VbqA;
zacXrxKR0!FUKym<1+0!fDezy2&V&dLfFuJ{BWDj6F<Qpg|1o>|Zr+zU!sGn24F7kU
z76)OSR8hk`%zxG4yPQTc)@>Oq5DtL?Z7EL6**ZlniIaZL1yXWy7=Y5nN8-AIu{*($
zgaR<J?(vH-3N|)O8BF;==R#m`@JJ)B1__)4Q0Fp67Id0QN*OoYQF8hazRbdLvL5l5
zhbAXbv?1Mrxi|`HYWTTE=ZSf-iQ{uXNVd~vxnG)^v<q#P5B3`OmwM<+M{hN%&0|kz
z;`Kba=e_Q3C~)Z4yD!AKA-E$JCH3%)&imuHS~MdWt4wj)9$nKa+}AfZIv(3<3xiOT
zzF=$=bf{kbqv}5!r~N41TN#Fq=-*a7ZzVD)`ghoJ0wGN-=3J=W)XJ;?Zn~AaEIz*H
zdWv%uhMqdnKmaY0YsJfchT7S8>8~UJfYY85OhA*b5R86|X6p+c9}f9Pan-RES{ncu
z&iR+_VZnzSpFV6Wr**!>09se3w2*<jqqI8**T{<Hf@`?(Zy%6#Jom@vf8MXPdYCsH
z#u|r)rf6LFU%hTodM<Oad+xPN^drKm_hB2LjK0HNr9RXGfL}zwRAGuO{t|oE(v4Ww
zBzOgC<U5x-g0<{5g4ekSb0DzhM{E7l$juaY*Vk5zvSWD@O5cC{u-K+If_3kXqMAni
zB8P@#gvr}8>Sf=26G2MB^O?kr4Mlm+@=<#XkE5&2<MW8W4Ke=FcN}9+|J}NzRVw$@
zcQZdV52hD1O*g&%I;SrU6E1rYJ(SO&RbyI8PeViVQ&))eW07JEZ8ZpY6r9?-*3N|B
zv!cp|M_)>vM=3tTmwL5bR9SWQty`upDS&ngA}$^RVNK{1+4I<|UpLqq&Hvcl%hn3u
z^5os`l6R&r09K&+IvZ{dgl++J(SV+WIk)X%&EJ~!@3KWeEo8#zI)IlO&%x>q?p$3c
zZQOgc>&fEwoaw38awsQ&E({^Gt`j;kO(vkV;K6<I#ycZ}JQ?8NO_x$_bdyo=0hKzo
zH&dw2WJPQmPQq7})?Jc~2@hId#H<|TrjKvV7M2Hi_P;9#++?LZw|a_}u=cz$vFC!N
zUtv79Cq}?k$NyN*$cT!u`B-UJS6?5cbS+}R<~??Yj`Q4yogGUChaL;+M3Rb!5l!u-
zEiEJ_X&yBk{qF#N+;rC}z~3XiAs15Bts(i<nT-m(Nq|W9?e25AbPENuy$}ht@hT}L
zHxh?TyVnEP*MdwSS@fSN(NY5qfPC{S8!Buq^EE(I)Ch-1B+~}auVXDMy@kk(O}~YA
zm5_MTJWdmE@Jd=P&6{p7x2J=vsYbhK;zkv8n;3kgVPasz0aT<CvMwes!GvsgD;g2k
zYh-*(VSvMzz1w%O94=sf#(f;Yw0lSgi$u%vj@l=~Vxpw~9?8(OROWmsn5l~NCmt81
zs`$Wkw`;U=kU#ipzf})exq>zf78OYp^GWtRCS?}Gq5Gkd-ITt=#?LR)!9O~FwIMwF
z4&Vbz6C@`i-%_4LU3J$(K?r>#wV52JYpjwus1(1A0@%E&bZU#{=~|moIBq067Nuj*
z_+tP}u<1ZmQ2zrOlQh%1J+hw}S&dbhja2o!QzG`dscdee62CG%dDH6Ij1vY*0G7ra
zAU!4H7d_L}(ekgPko$&>4@dyc98TV><GqfoFEnw{1K#6bp<$|_AQ%$tzYPdpO<ZV7
z%|#x{iwtAhE&dbZ<H8)a5flKf?$AAS+lW%Odn2GI+njf$w*@vdH_cNMz^s`cmwMgE
zT$P6eUGLg>`T1i`S?0Wy?e;M87l-jL>W;eV6~N3%<RNH}u|y{$lij1IVEz~;D>b*;
z!jeH=svcqHgV{hSIP0<;YK5wd$qb=OuTn&v;-%o`)*w8Iio`RM7<oYRP;6XZDlqyh
z83os2IFZssNXQc_tnH?wfss90Ar(~oi%o#(h~u>K9!VKf6T&7R=6bYdcGlP3&CLws
zu;6iKmMPc&f%awWE9sk+x{I}>$cTvax#eef=O1gngu}9P-vdm-mb2?ii+4ee<%Ct1
zRb<R6XJxh)OWN-vDmr}aS4!#l|MdT}Z*f8p;F^R5<v7h+e?UWz<&=f=m#1N;LFVNE
zK?5|_0~+Sllry3f%{iA#<0r20@grh^+X2Kko|DmSZH<{jiPdeYuuPW8{LJGxlEatk
zB)XdS@I&)K1g$ZPhr-^N17|CUwwkrc3ai+kS!qsyI%#nm%Dk?Pu#j=KxqbzhIM`2j
z03lS9D>8z7KmF=z;m-4C%(roH$ixsV$-PFi5o)XGj{vQdAy2X_Qjuj!>i16(;gqH`
zdGXb(YY{ZF!PdJQ8>=1&ScG<YdHM7)50Wy=H^;L%XA6P2O%E0V>bC5Ih}Us(apRz(
zNbc22^ZU?`A^hDmasITMkLuNOh<nJC@n@<naznXl*jT8PF|y~EW?Z_ul0$?6EU9{9
zEf4B_q`>+3@xGLg$ln?8Et_|VmgUkfKy#7zCE-+_0X>Kk7rutZ`cUkDL7TYOps}gd
zA%DuZL=B1}%NJ>$m-!rt!*#~e;%^ATH7bqG_MM~C$xfn~rYl-<4k9q{kXTuCia<3z
z(=p3q3VkuB;b=ulB#C}vx%QZAZE**P&IEmFQwCgZXYmk~He0Q}_%g?Ss6~J#P&Li*
zvSWn&@3{uJmY-O`%KL`-(<VrBfzClItI01PW!IxCvaB#qQTafdSp~dw&UrUYObi(z
zqzmg6H$*el9~=LZIWHte5=PygLb-O%iO^|p*7escxU?Leo-Tuh7LV$*-cddz<>4RT
z&8}$abzL$2hGE>D3|@#S(3simFhdh99Kk<KO1G0|EUZK+Jm<@2V!NQLN7#n<THx5&
z)X<P{E&IdL0R8l0O?~W}266Utnva=`K3gXQwaK_4tn!G08mfHrw+--m)-~=iLkc$x
zMt>aRGRfU*Tnv(5LziW?AZU5>hfq<BbVA>g#ck?>3)bv9E^G5cut=hk1Sh#{(|U92
zV-FEQ)Yzv~zR2=CY~f7srT(}hIswpnt?c2Zurk1jv#YRRQjF|--d>nk%?(6`iL}RP
z&lGEMGURowAp>GZm(-#1@7mB@Ci4;Zjj)VmOk(L8nr3$Fq0Kb~KS?LT%z#X1T$lQz
zyXwXH3*sk4ij1ptzhXg(2eKh029}pQE0iUwTE89MN(3>XVzO>PQvBx%)e6vznXf+v
z&}v*AL&1hK^+WgFqu6DR)(36uKSw#*Vtyl-p*)FPu;^zKFq@F$oXe6sve5RUrtoL+
zr5+4x{1<_qJlWqq`m0j>^R`ibSO7c)Kh_?qvJhQnQyRVxvK!luG1bS*+4dVI75!7K
zD?a(ZV#G&Yh1&<x6;O9y25PXoW=VH7kR~iWSMCGto?(9S(YEAFRk1p=(1Kel2~H&0
zia2SQAlZxPukWC^w}8W+>$)t$F}#&cU=brch>$~vRIUAtKb5YFOgS|kO!fHH>tXN6
z%O=~+tyEKV6Djg7CM2-CihJsn&bSmiACL|XJV=V~syJl35tBj^r6OX?>@fu)uQFlL
zk=}(SnM&qGMv|6CVNjdZ!b;*-M`Hk}`&n;cUI;4+l3WF~G^h|iF=pAK%;Yt2F#Q}w
z>-mG&IT?qSDzE2~9!ZxarL34jd6<)>f+o`q)7U5_E`(0{^VVGBnf`SJiFA&dv}u$a
zCnPAlN@tqpi?nzfCG)#SkK?Z~*5zp4KKWDIP;fbuavv*U6VIM`BNLFn)<$H9Kg@~O
zyNA+#HnUS_pvmp#jPyO|*mg9}Cm+;~DJp%5ip3@R&!CEFdxjy1rF+-I&SK}R1XsVO
zjkEemRma8$VF(4rTN!zqRE}?Vyz7Mres-iH>C}`0YJQq!CBw)v<h!^y@5%(GaiaTR
z3@nO98kJD7U8Vn;TTwkT)q3|O0}>}@&WcQ{e=;!kw#u}+<ee&r8)4D#+sv&#M@7&G
z360BiGx}+0XiT&5nl*-e?|Q|W;QM@J4f0*`TUZRm7ZLHKmG=h`q|_EMln$Wj2>^qh
zna>jFz-WyW4<&&z+oNo&P_4|~zyw*x7_$T`6lEo*sZd3jWLf$cM-|KvqiKU>L@nj7
z>=xsu6w!yQNWO=+FY_gqL7ibwNAXbq$pU^&0L<OOysNj2B9&Dg<$4ySkoIdq^_M1!
z4*eG6?8xx2xH^@-=^4m$crOheJgUfHfBQ8sD43f(qr^9ZTr%bfO#JUN_w%bgX8ES4
z)(U6NsUH#QM(n>iZ>gQAtLDlp!HT!OoN#lC-(xJ+9i(SmY_`PtE$?qxt1rN`Ww+a1
zT|APbY84qTemWj+<TMqyVAXkD?KIuOzO#6=J*mS~T9z<>r*NRVclUmtoWfxE&R^5%
zTPk~zQ8XRL!TOlf1x4#josF6Xui2zsWx?rY|H<y$T}j16XK95!TK=ZwSC7)tvKieM
z@(!zCj<zN@z4G<fQLg4tXYw0%%f;A}UYUg67*4XdUlppNR?rcC)^Tx><1uVa9Iw&9
zzVci%Z@jCHbs8+B@5_CWQd?v$GEiigR9mz(et6YWU7{z@U;4$_e<O}{YqD)dy|!VV
z@1u=peGj31LVE>y-K>MARpW79qEiCyr-q9Q$2T4>A|5l<BC0dXhaIPF&anWbD7DDd
z>^X{OlC@)R+@!~ZV_7>IqWX9CnFV@2CfIKQf?v8+a=0SbB-px2U*q2Kt(}dj>ruV1
zNi}^EhzAMm3e>biC+z`IuinFNco7sznB38;>KpU}vMkT2)a%s~_14~OOOZvO`wTv3
ztRW%!l(?k2tNnA5LJ`Rtvs89NlWqE|XI<@=^&wXG!@1bg=i#C|m5%IJgA;|8Y4q_i
z(fRu(MRu?T<G$77OCcYe;+@qtwD*gCdgT_Ecej?*_&MiU8<9Mpy7U!eL}57Xi&4l?
zi*emV@12<bxKMmJJYJx+OJHoWP}#TV#do5S`To~(bbjnS(et~8PJ+>?uN+gRk0jn{
zrqut8%-)vIH@dl1>%G|#AZeTSnlZ0Y^g}7y?^>|>T}e;Wc6pi1mGJLcfPEd5qJVh2
zvrd22@p4t{(r`Ldo;2B;^=Y@7Gqtgu58=Jq#~XP%g)={*)!pAP*2INQ2*|`CF@|ng
zzjd@oys2?1W;pvjQ+5k~dP0m+R9|Z&*T_&+KR@_rqRIYo=$b-p4M{u!f1cm&&wS5c
zIeAD(56L3<VCq{`j0Ki17rJm0$crP8jisU~bV3@7M}zzxz_CL`t#eKAu?V?EvXJ}f
zlu0nF&*PA&!r5S1)dvn9Vu;>f`=;oLKe;(yM>$gVG{W%(hUSeD-W8cF=N8o%TEE%K
zV4q0SoDoY6ly{sn(SevB>>Gc4^2T!CYg_DD(?;*C1Oc}}RksFmbL#{~<Pln-QM1I0
z%6I{-*a+G3+Z09}%e0%a=?2%Eu)6dxkG&griG7pu;xLH{l5>eUe_Oe8vselazs7N=
z$kcPS8n<G{Mvtjyo_o>x2n%n_=Js{h0%w~dLyO|hoVWLot!|^LIrjBJi*nRMJ&$yQ
zcRnUqSoV(Ve&0QXujxZZWPfGkGv_(pVDPlo1%rIx1$%z2kB67SBa59Il!U~U$euHV
z3FpWXk5WzblG9HzThmA>g)_9ZjMZnnJD8DuvUd8sr{-5qs{MKr=tc$a<>!%+vkHz*
zPb@#HXJv@7qFJ(&k-|#j_-O0V+3RrOPAaX<Dr^Vuhgb0oPjf9q7eoe0V890{+2%8t
z*_n3;Jy;TLLwxLPtB$kzF*$bGvn0JndsP=gm&a4+3P<2$Uz%u1k(yxEn^avf7McX>
zRwBxmgKA+a*A$4bTbOULldaIp`>kwt?Zu^D;)3#i?9>4#ljGpdO7^bDQuc1>g+VOw
z`JlkOUF3_D(7?e?U93QHf1`oG0Nuo7jpnDgF}Xtr`1$XUN#x$^eJ@Natq^Id6j`<@
zwwbBEF@&p!V8eQ_IQrHGc)45HS)2q8t63Fr9jdgR!j~wFFLVc&Tv&aJxUA_<E6{AL
z#GRs;pUNK4QmbTCe_^*7QuUmv*y6{&##|&V;zpVM)A+}&d-<yzmVG_`5ISY;)NQSa
zu-WW}IWF@LGWk#5%F=x)Qcn>WH1AKfo(nV67b(?Ica)YxMD!UJA)Sct8P+N{egQk4
z(y?5mE|%1#A{JS=vafg$AmVP`A@MdkCAF5jkh5kr$y)cijh@S(GJtTBR(I1%Y54TG
zOIVfZ7puvlrp1Wi7hKhgg#_9G!Xc-lf$jIdQf3Z5$z7Lqca0t|jB8pjMTz+_->iuR
z1YWXn)&E`{@nAWrC5)eDeO5%FESget>%}tml|nhq9THTjH=}*tDv2)|?eG<K{Y8bB
zp4tRPUGpWw>3~-;PvNobeuGor-gXyOD9yb6v)HM2o8q*F^W`G;8r!L9a0E}a(;I@H
z*+8CpYFfFU>Ig)sw^=b=PMF_ZH?tRC7Tz3gHncC9UkG`RK4;`meG2nI9C{4Gg9<mu
zKEk9CQ2xX=P!IZPQbMTbPaEJCs1zhi+~mP7k*<5w)R+B5sA#^vrNwcwE@*e!y*z$P
zt-9&K2ZfwKx_-~PFZAT)W`mAqo)f9sy(wQZUVp>e=T)q5sM%%G-Ju&vsZw`z-&txn
zO_h*-<-S5$gU!;<grAVe?G-9>w9Gqd?4<`$<~>|aGt=BEF8va}c2>u^u-rt075Rl<
z7m}B%{?_2~QK<Gb1!OBp52TSfixpTtY3??;vb%5H#O^g|h}kWc<XiEP*Zyq3c4vYs
zk4Yp~{xHX|dG&3naQ^P2H-zDC_*Xn0G+cDJ;Oa|Ks9tIf4c<(X6N?%E{FG&-gN*ri
zvF?%in6c^FoGqg9#Cc}%JqffKikXb1+vJMc@LIWR@QhYgsm=j;yHm)!lXG`?2{0Rr
zy05g(ZY*424MIJ5tg4B(RJ$@O=Em2VD$GIez9a$7>xU2B_h(d{zSe9P%n`fZD7m*0
za{g=oOCh7_$`(_rKgL<e#SB~NDj(Gr?sXZpdNI@r4Zd)ub;_D{J?+pvp}SD@HmJne
z9<b`bO((tV(Bvi*k3>{L*d8n3Vr;A_HGek$W+BJbemPlFiY+C9u7^Wv0T<2~Wr>Vb
zqqh~W>2%s6tcvJe7um%=F9J(P0`*=_#%qaDt&(?4EUFopG25N-8x@bZchl969#y3x
zjN7jE%v9%@7fuva54Px8H8*!5e;_xI$-IiBZBg!}A7%cPHBB;gh$xXsH(yz(t+MrW
zzp;DxI#9TIGge37Dm{^L)v8S5HA#@nNBU9f9GN3OSw(`IC5rJ_@!Wz%G+nb}cfA`u
zGY6&Jz?PSH9J<)8oYXP(<V15#hX?!#<~ynjnXlm>kp?&_VmrIoho5&;Mf%|4qsWyD
z*3@ZU%1@Radnhi39lwpL9$vVWrBEhUzMI*Gin#(&FPnFB=a@Q9>AA!!?m3T9w0HQF
z-A}Fz+W-#av(a0TkHLEh1z3vFEu~nK6x^nhMxlrpLwJm1t5FLe6gRfldgtkkhPeyk
zP0sO0ht4B8a&wj11u{wO7IBStTOiu)kZ<>q*y(d4b6uP>v2?*8be@CO9(VdRn*ifV
zwmDh+WR1ndKuOb~G!Jl2X7K<<P&L5nZ@AU<I8jyq5P@u2FUYC5Trm$4B0uJ`JLcqL
zd;|`@KkXg4uEY9VUKdfTS#4eekmeiB1GU3?Khvufm4N_YLvIYe1qfoD0+5&bV9x}?
zI|1-lk-NrwzKzWbTxmF<YS@YTe9A|WJ0tdpS}PW(fA=g@Gwyq`eF|hlQl!ND`tGdV
zUuL(S)v~`&gCon!eS2)I@v&gBDWc>8F3MIH8kUoWAD2)>s>>3RL>$fHT%DbvGZQ8(
z08|ef2PrUTfiV#0x8id@t>W2l8iA%CctA307lf`V06frK+zXARF3DEU8=?#86O9)M
zOIIOwW2)-){IoCH`D6_{L&^be(M)8%mQC{*W8)5sL{wejr$I828LQg4XDiVL5D=QI
zY}{+;jbz>%fllV=W#X6zkt|{#-`D*qJQLs;jG=*1LIHjjM-YapUnf<L=tUrL`5J&q
zyd`NeDbu@7cSf#ERq)FGo(QDm8uw9@cgFRVt>g;FYYIL&H<|@%x$jpj@C+0f>bb)a
z)TK#T5yR+z&7N+mS2Ma~Ys`}%B%IAnsj0z4k7y}{{Ymi(GHHYoC9JaMhsJL^l%21f
zI}MPHcJ^w>FCUrtyt&u~Q%%Z$Jo5rwvB%0Y00oM8anXb=h&Mv1c1%qx`}#$ktk4So
z<woX7!As};`8ga0O^5>DNeqSZAn#F#2Z#!-u1|m~U(L`waJG?4<{GM*bJ7B+Gw)m>
zyCAbzMG?mJEi(Ufccu}DLpsL6>=e(-P3wVc-c;G<tG&ifqaU|ZjDdPHHC9&BRc4(;
z-)8?M$HMOAn9jQq-3H6*lMSA3@$eKA84hzR3qp<;_3WnKhD6^!8YI-P*<<6eT%dMp
zbtbcEZYVfc(TF1T(9`IWu$e9EC4dc-l-r%I-p$Jls{ltZdE@g&=oQHJai1kDsFi4&
zfiWBvn<Ke1;CCAtuVySOLn(;fd*!A$y$jE|1e?b=n10vGunR^}Fg-Io|Gmgq@qLz5
zIhtDToqvxFuYk+%Ujh-d8EVHj0JbYepz&=R46d1<tk7X#I^We!C5Qeu*fSF_8OI5v
zfT$>y9fUPW;aExSLG+}CB8gmi^TfML#VrKpLUa;amsDs_Un$y4+jx#C4Wf5jHjKk@
zz{{%}R*{H~NC~6cBiZgcVwvQ`zT?wIT;wtHJsu0;-5yy=%&~_gCx>@$kZ)0Bjrj2=
zdvWwo9jB>|o1~Z)x09`@2r`kVy(fxAikaf|RlEaik(e84Ceo)GuUOzP3}wmXB528l
zMcaoXY1f1vlluR#N$&T3BAgRQy<5MYI-VhhEb*OGU9?rr-9+!HSPs{nBLMlD1c}*A
zN%DM8(Phz`;k%3=+3X)Q5elM0i*T6dM9<mxGU1$z)AlU~f(U9%+sD^BX6$zq^>ATa
zh0}}r2(CH$6UVhTBlE(>jcUbRx8BUH1bH8Olpt<hC6J>#X)F`{%t^A|%1~y@5CVMJ
zOu;Pb$0c(Dkc;Bm#U2K*C~%?@as9*&@-}__*~bZRU;UA?!0owV&!9oKN*ce%PP78Q
z#y+OC<ZP4c(d<Q@WfvCQi&u_YD+7{|VG<OH->DWNXr)unw#ItJ#;#cvlJgD1pGM{v
z*UnE%azk3!BuA-}EXi47+nB<;RNzVB4kF9wn@9~(2f6uPndhX;cvZx*n_BiJf;f&G
zq6#^Tqp?EeR`A-)+@t9kT8Y}c?+K<GqCh6eFa~`P1QME6Ia4CM<|Bz)S9bfH-4EhZ
zkk6V1$s%oOBGG)1V<<Uqci(Sb??R;92Jl<XiUeI9=|X<9__+Y1?fXgFRHjN=M^rwo
za?T`<mgQo>3Q(q?&cM0|2(!5chs`ML1Yv4Y`7H8zz>Os=&mf;zRkF5)0#NymU&q%-
z96To1z?$XSNcWp<{WK6+a}M$fnj-s%-#{kPx>&2$>GNx<2-m0OGHTZuZ&)-!?C#mm
zU`Od;XP4tLGBcH<#zR<mloazDc!e5GE3KJB>VEp4el6s%bYX(Uu9a37;jNP=@wK%r
z>s9$K5|_q87!fT@G)-H)@IHY5C^z=K?iwkWBG59FIOiOq=_BPS#=?|VV#IC6ixN)u
z=4LQZ35H0dGeuM+v%ziOXgdV4HGmz*i|0Oo&kF0pz@Vbr?uZi~Wa|&-R{VnYO``r3
z%z0@X-pJarI}NVlr$Y(Dd-=_Lyl7K8*`7ayRXGI7EbBM?a(@ErkN%G=zmwya8k0vd
zqR6sm@t^lGsMq5r&?#<$y~#LCeMvd3SC^~780@QB?bn>z>XZ|1lxKK>hp6(G<!$vW
zM9K_D3T!Oi77O`dw`O_7IG2zxDfC^BhpmlY#%pu(2Y)#>jYR*<?Vf$I!Pz}e-1;4d
z?KDVbv{WxEl3f;p{<~+MBT-=Pm5ttDfGhT;CR-s!LU#P2aQ428>zTC09<T<cnff^d
z5Lci|;9}}y##z*MC$7gg0%k*4{<ONu$O2k>OXB=PYjyRfFx+InR9$>Ut4~UJ2=Dz{
zDN(-XyusH-n^)wINER0<EimS<5t;b@Y<IEye!G#0ryHDWnhN163?PV8c)cD;w@>nf
zoh$+yMi*%ozE!Ta!ANGOW&73SB7*<b;YLvz?U#>WeWsPt?+c=;F&6~oT800t58Jo-
zuoYNd>bH;C{A4leOjaBkO}|14hcoJLS`>R_TXWXQ!vz0Q*6g#j6CXVav-jIu+S@eJ
zAPijYUlOp;eC{nD7x&nSNMQRk$&068!}+vu%9d+=l&fYh2HpSELCjci$CyM}e`z_B
zIS(51>`)*%%=YzY`*kbSq#LvA*O2euN2kZ5xZ(-kN3NjWzKZ0N-K(Y*-V$wjJn32k
z$sDg4ZzL3!1D-rQGOlKG{m4$4N7CetuH7d$$5<Q!obHGgv|f35FXE``U;B~9pS@u3
znc{k1O3|&)aXFYp3Pp(-min%)uR)K$yX9Ixo56A^+jgv2tE_y~?kmQdnm&SoB;%Q?
zLVdI+dvAAV#*xnb*_$l^0S)53<kM4xrL@2nlV1P{>p#kF?&e<E6`TDaWBw1}sT&zI
zZah|qoS8@ZT5SzG{<E>1Mai+Gio|w>R%Tui@4M}omhjm)^=V%!i&*$(_!7}S?~|Tw
z(heAKT(-y8T0kLz2@gv&TR%;+G(sVmsW2wVS3+k0r_e$?(X8fT`e5&eVhOaRuP`DO
z5g_w6vhfEGMgNfbuN-5RY(VDGFOOw6$(T(yRJJ)?D#pxbrsFuxbls4DhA5N2wwQmR
zb-T>gczbv{ewNH3OivEvpadlIQJHMF<^v8PWtvwo^*zm9Dnqp|1Rkw599$%Pa6_Vl
zS=VKs66a+diQ}{|DkS7Y+G1lbeS(qq$}4p&k#A0(r{=>PUztb1!my#fkl-c%3m*Jy
zN6B&DR*6LYTZ}H%J+Yj_*5_iIFDF8odMMc?v&ot5Po=jPbuO>=&Z%nB%Rwx{^F}%)
z9KQ4cfZWu|ycj9|6QlT2DppB=y&<Yc>j;~*FXMqAV*&yu!&CJAY+nCj#F^lXQ$Xmr
zjuiw&N*L$wmkcBda{9_0vkKITp|2c#;IrCG{K<S<=Q+pw*9bFTq62N=^FEwnY+n7e
zw)%xbt${onXDTcvcz=#`->9(-0>N#g+bgBDiN8H2v@gz;D2P)lU01z5l2lcl6Tzw@
z)@q(E{K+}D6~|!bEJj?@%4mW*OQQPCKWm@<;c*};tw!)hr^NfI`=k8y_%-l&GkV9X
zj=aDA!+Ku(BH<W`25UZ;qHke5P(gMxqg7f$G6lTnyKwL0X3;Ni5GBWhK2&ugVg9+7
z2q)IydSHudJjs?22@+f&%$Y21&zVkCE4EU7Dkey0kyO~9WTBd)P#Nr2Ro><?tvb%e
zX6+3K8}0X+zomIpb%a%3Tr|d?w}~?&?0*3?<3c|iLigx@Fky{;d(UTa${(|D7ljKs
zofC;`Y@QOXr34pfNtne)V);M8Vem+MDCtJY1Xg(nllhAF<-ho4#@4H$-unF~My(M>
zbeMnGOiF!Q;|xC~x5ncbs{;T}TTPFZA;3GAomy=pVv$8)KHPLik}OA$D8fcI3w=uY
z=ar<p#yIvsN><`Yhl?Zn*gaz?W4(HBVy`y(J4mI9qfnPmxRB|$Qg2Vw66Q#eS${0a
zr!7+*CkvHd563*-0Au_ADljS#dH-oXFg%Cd>Ps~q!|ktaM5wA&4zrF_*1LRn3|<#L
zpQ=6{1lamRQ)jX4pEdT(HWPJ1*&0t%FBBcdFF?N9)9<-faZRz6YxEk1rmJV1=07;_
zVpFAA6!qceRhN}(Hp80=HM5@<zoh@Lbiw!jUZV|gJ@Mrya~ou~d#ce^-&t9$Tr1UT
z8tkGs9!9JN6%M4CR2wVQj)Yn1JEK{qt=68@p}%<sj!;VUe>=j*4?jYqq{SbdH}@Nt
z<0pMPfh@Z``5?;+<v)tjI??sr?J4H{;W?asb3_WV2v(TkGj5SQR2EUeia4^@ZZA~+
zupbp2>c1`;^#M$pg7%K&SPXYfn95iIwzr1rAyyodGi5=sv(AKVY2O8EiYObstAsFn
z)3HZh4eQU~$Rap5ceZ*MvOnP=Q^Ut|R)ASHF7oewQ!rnK){l=+sLB*h9MRpmW)+yj
z?n`O@7w45<HA{}_Uu_>Q|CaGQP^a<Gd*7G&Dg(k$!1HX^@sFoQC-CpZk;0sXBwOR6
zC0i1**;u#QjIwyMzUYhj2j?ZIJcWT17QAc`{8}(0KuW3+{aO^`j{+3UrUue$$jD;)
zp?LaVZl9D31>4wKe>L4m?vxnc^yDx8U6>|{M9u#%RENn88^@?+#dj%RF=V(tg~@bc
zW0m<^Teh+7+XuCOc}^UCJh-a0@~|TW6wim+-jp4CFrSh=u8b%W(~qz2bom#{#peG@
zMa3iDGn|QQmif0cdMo{>OmHREbC?OPzGjR%<|xfenE#>oXy>X;*Qh=LB`syGB_*#}
zp%yihBefnV2#wvuF2k#gPXJ%HC$Y9O6bELRU-PZW>BYcWQQjhUzNwX3v)kr_|DpI?
zGAy$zkrHX47B*_o2X9F68%c{~(mz)WXU19iS*C<At>d*DprDYinVH7Z^*7J8H2gYi
ziV`FWVCMh9aTvd+%-!@QfL7VzAxb`x8uzWlO_Vx7zt<{3wd$_Kv=gC&+mO)&^e%Lt
zwlmr47C-8L^Blfsp-cE!B4=;h9an!zYg6+HU#{E%{J5krDI6eZ%y0t`!lK6+CU`FS
zhn$6``(La9v(DsY3<)-jtHiI_Lh6}76XWSa<6=w4Wop-bff>|)GTrXPNfSB^4R|5k
z2lbR6P_p6rpJYQO{B~_8cD%ju_-yV##!|?zR8s8bvO{lfsbjp0o^i<a%8jG1(V-S7
zypA+KaV!`!AZFqN|2KO!5Bk;RR?Qu{JGlhIZAsN)O*rB~$Cmf?6pB{O+hqanMgz_p
zDoCOwzY9kZ$)Kv4l28MtH=-!^E45jWtHiy^>$!@<%54YK!&Ny-BTQ=luS{ZOLH5|T
zYwR7bl4|vXGp=IYUDb_0>9ZSM%B`}ScK3SQwXW^%bP7_BXUD{k2d^nD7N=y2DeeDI
zWM4VzXf$BIbezm?L?1lZJ$&vtMiQ<m4%7Kr&xJgr`LcXI=YZk_?%sf78xR?AgUHDt
z#vp=Iq^eLP`<w$|fKAGyf`tAdMfR1pbKw%gXCbPlIKrgdFdjCa4Qf%7%q=vlYgFav
zNQ4SFY)VuU`1={RhC1QT%$|3B5bP!cfrfWlY86k#$4C7Iu`u2=I$3>)XJAp)-=I4S
zW+{mcZWU)jg^`Ibt|6IsE%<K^>|+|3`yWa#_ko#ThmTOEC=rm?fymx*OtAif=@{q<
zkB?6&(~?6hK3ON{=#bspo!I%Gf8R)JO@5adD%9e16_AP76e+Fy&arDg`N)sw%~g#f
z9a~NdC9JP6V7=E)!bj*Z!h(p`7!RQl;>Y+Cm~&imJkMb}J*vJA>>Q=^YbdtUD-BH-
zxt-jdsQ=T{TvIGcrp{(U_JILcq4(B%tQj4=juZh_H0RxeQkGV_WzB>Qi=7_vUqgzl
zyR)~^#YIAfTH{64V+nly1x$%H&S<7KxkPgr6}h<w9|U!wW-xv7mMkJ7$i}IIw;Vn;
zId~Oq$3QYpKwF3Sq{XBl^u1?TikqnNw!3`NFL@PK;P8-=dZayaxh#NwJN+wSpe#1t
zFJVWfWlb8$Sn2(OfHAXxU?IRp2vSb|f-hh|D2)z{rG%=%F0tnR0U2Q9Rl>@KBR>RB
z1O<ZF3r5?(`fHYw3sGeckQyX~^$iB+WqT$LJ_yb$P&PL2NmpImMyJ^{_$Q*z3+U1@
znfVxD{k_p?$iWxHV0qF+y6e`S%AHU_e~8Ek2&`?6u>XE{q%5i#ETqet8HBlJ_aChg
z1w112^|<bS7lF`SVC=j{rCLr@U>l3SUt}G07tS_ptk7M6C4TDh{&V#V(D!!%^X2Nr
z!;$6t^^lW;FNl^MamR#M@DHiz-T&|xIbfLC=Al0DIQsn|Jo<l!Kt=ce4gs*k|NRh*
z^1!%*Nu=k=ZviTN`G`DE|NG@v2Hz1IH!^~EK&ws}7?aE#Pj;+xPoC(A4*<PCoP?DV
zy60vxKyUak*#1Av#|n&42sx?>R12Z8t|Ft}xEk{@I;}d}FU4=l$q|)Di2!-7(MqoV
zyA}W{QqTbHuRj!ZB)jJ?7$|=|;MNm)Lc%+FdA4t3WMmYkB9u`8vR`-C>jK3#3oRD}
z;x|By09FyCf=Z`u!t})tP`bwltPxB0TFA8sRQT4szc@VH94*qYZ@xn?N=^I-<upOW
zl>or)*5{iu_k3eO3Yh6h%n?^73g_%wbsfjpV0nyK0_L~gI-VD+u0%pQ_aeey5FKjn
ze`7R7z5j2cP%)A2e?BiQmMv|2#AbBA7#y$@lZSCY$%BVfpgW0u;8r5CR16*YZUv??
z2T89!&S?Q69>@%4=o!uv0sREF@{0^C!`DDCNDmZh?|?KyEp$@!ug8C03?u+7kN~o;
zhgt8x-XlW#oTWoY!d#d%2(d_~kt3*gJdq*<?8~21U`ZyvCA{u|>4h*U3JiBNEiHcc
zn^E-NOtN9q4b}6e6r}axr?(Q0pe8wQuW6hCmPJAkLT6ueoP}<S*i|Quo)PH1!XMOF
z!Y;E%^$2_}O9cF$Sol&K@jDsmGF@aKIZV_Q&0fR!i~9H{P+^V=^os-HrajmK6+Svl
zP?t13`6nR5C~I|sabPsSk7Kd5-QFP5^eeES%fTKi;rDxlUlvfEDaJo2)<evKexFa=
zO&GE0qjyLlEO`*3<X&dowr1suE(`REUjbz?OqMnHL68WBr3CX64LR7tQi(->lzTVy
z(l^o36Qn;z@Z*B>j(SLz&Z->cBMArryW46a<Ab0YxGGm$)l%I#wPH<GRBbS(!m4q%
zrc%qgzQbwGaiZwK$us_6-j8;m*#i4PKF-B6FwfmewLry=i3Zz@&+WJ@fz@O>n5pIS
z&;))dpmBV@r2UW31Z)GOS>KeUM1NAOm`n>ci0o`*R)(qBp*epnU-?JPv^hN?n`s0H
zy?Rc`H$u_|JH%%_uXddlKj2Oi+B6*?^o8+Xn$CcU-@736U4YK9X{lwI%iBwI9Z+nv
z!|!o9X_lL!_T}J0>E*7*%axXIf*Zl$K44)UM$*~<WEoIenzY+`cWbQ-rfpk1f`3v5
zl0382a*2>oLe2rV%3=Iu@a=iV*6VjXi~dh5_L7(&A~`sW+NL1?@ouFM6i8zeFvT<J
zI1GsaUU}CD63y>6shJmI?NIvEOv%MW)A8P+B{YD9&2Fr^F0I~_FC4Pv?_X`FYe_cK
zpzp<|Karh&ses-lPutR8A*W{colFw5zHg<SCp|~PG)RIK>$Q4XpMy-|v|%{k8d2<W
zXJ}>f=`_8Ccd*qUI4%vpbS6MS=rrJlZ_{M?ZjMKsRw5<hYz9E<A@PCB#cKR+ga~T4
z+sHTJ98#fb^RXVcn{qw$gdQY*4-Ie<J_b!Hhf#cBF7_2P;yj;d()U@vDF*P+G>C-%
z6#S*QA+;i%15$0~p!~j~m$9*rvE_V8nnD@m^QuwsSs;9MfovpBllo3zNIT@oGJtI;
zE-LEtyt_Hec!dy5c82eljsQdp$i<K=OLdJ#QOOhu`N5xpug%<^*0xT8q~h|hLd(S(
zAqeWH=(w)NI?dYssF$N!P4~LH<#@LuDYBU6x|VPXBJa~Le-K48_uGKk6lLN3mtC&N
zOaL(hBoDW>N7q0HT$!HN%@|k<LVIOhKgSFucH(5$C>W|vw1^LcfsSn(96ZJ>$bIaB
z_M)0N1})7(wc=!n2nUduaqUFqKYzPU{C(yMwCzo%-CdjDCd>e8o^t^!tPD=%JM5wm
zUjPL1e)zU_(g694IKu_c^45B~D*uY#o-*Z;$YaLF{g%cf@i;eNl${WdUeo&uzFgtQ
zPdLoP*yx8Qmzq`d?EBeI!H|naS>OA#Xc@>1)@6TbENQ)UOM2y4U{y0^>;xuK%m^V6
zL+&mHy^`gr;jUV)_Us3R2f#iVK@CIdl^31PLamKnu8c{4q7k%{W-L#!{q`W-YZBDQ
z?Y8s|Zl=)?n2n(afDB3PELp7de&?PPIbo!^?!nckoAZg*Tch<fua+b<d>np`gUEc9
zn&&B2GPP)2*iR#AEuYXH|GEW<xjJqG)@~T?lTqaqKDgF+UAOL%=2J}*t@C!0XYM=Y
zUS%fOk?XRp%1`PC9T?r@fuZ*n2#wWU<Sc3qmJ^VbsIT(Jpb+Px_@0mknlz_X)pd+O
z&J?(NpcAhOsJBl11Fzeov;f@SJ_sab99Gj@<OkChrQGjgcKTF`CNLgBTW=acR-D);
zqg3LV$EfG^frQ0mnZ9thlxPkqN0aDiiO$SwrcFgR_35nrpvHU6@5oF|Z%vZz0tmw^
z^^+S3xNOrsezzfve-S~D$oXw*&=lB%@x`x*YWo=sB0rws6EOATzjND**<C8kUKi~2
zWDzJZ9WME@qB)XB6uSf-!IkhHq1JAop)w`RY&h#vu<iSkG4(LS8_?~!7lO^SrPJVG
zXXdx@MiQ542XK4oNM!_V7feIYI&^l;)n;y*(w1A-D9Dv<W$>*h+lN&WPWm1!|KQPa
zJM4bm$WO}3wPIVRFZ0>vRWo5LZaD|}ToV{Z94>G>`O0~3XMk3J(6k&vm$EBmGNZKn
z$cZLZmO-ng593$mz^h(p;(k4EXEZ<BenTiMS0T+BbkRAx`||n79(a{`mmP9WVRp!B
zF$K(;9J%M2KzWe_@Zz09jsf!PGC9%g-!!QX!%|^Hix^;pkmUtx#xF7=XtLU>YDj#K
znF;noz>xJ^Lv=6mpug;H&5U(e)%m<!23G_DD*E#)PjZ$I&ktji<?ZZ$iTPX@t}J(B
zG2vygb>?^yd7dxsQNf@wLLNUl`{jq$&~n|SUU8eix%|807w34`(Dm_%f>@64nR_Wd
zl1~u^O{a`e1`L*LOokw|DQQHJUcJOYF$+NE{1iJd+prl>T9h?NZOVEYOD>I??+RKU
zEx~hk3yU_A@NQuN*3U8hl>=$q=ycE$$Q$nFoEKu%IVlen91v2Z)3_$zAnXDSWV?b^
z5huUjX(Ra}LE6M`sdZZ-hyP;bX>L*it|E5@8pwsdnu+eI(f0%AtXO{zgVh%;EIP@-
zOy2OZ9R*Xh)zhQ)2@7wToc&s#9VEz;w2O<*>=kS5Noh$7RMq+b$Mf((7?Yr4u_pVB
z!-!mHs~O%i)Wax_CC*`#-|v<35&inxOoyee1L83aqmdHGs~?tb0P=rx>!C!<49Qxc
zGXK;y3K|?YCDB7~C6{FY4W9jiqd0xdLL#Co7#OJU(&)6ir6g*~pCCPc2TaQi^0zMJ
zH=W36^CBTx<jQcj3~Fb>>4=C}!Lp!m=&PAn42+I1>Luu;PT{9Ef2M^JyZ#;lZwOE6
zGZ_~a4*4np0=_>CpNvEM9peDK18zey?lq)=!~iydT<f9mDrc(11Pcyo9%$T}5o@uH
zh?K7b)@{AS$mZNRLkN{}z9srmkWD!xXz=#-td$4mlYKB7cWWYm8W5p#r<)Ns>QK4z
z4)vAoz)640$VEW*gKh0ou^Z41z46`*Rtqi7{b>RVk#8-BK-RfO03;c|F*OE2jaqu3
z(s=8ZMy{7IWFcM5i7qd>ABiR+1te9fc(yNp#Q6HzfcHAUBu4w-jYvXQy5shEfAfoo
zPG9}DuRocmlSQOOb6mQ=+RMm@<!po_s#vy#PO^*SFt>;<+@D<Q{+AE|$j%upOYGQw
z76}fFk7)WE2%X}?#~Dfym>Jj`6b^KoUfsj#pHw1oBv<?@v$BqaC`pBrQ!)aDUSKTq
z(sl&6)PpgpEhTAOb{Q1PS+f|9XIh~C#Y9vQZ{*oCa>--<l=;wwV+RPGlkUMn=yT<)
zlIY#97nwlh@KGfkTA}5~CQR0-Tt)2k#Rx2jLd<(&Xa`<O1t6SaYJIP#YyBh(r^IKf
zBuqLCHNa-l!eoVXCF6e;#VmAfc4~<a@NQCNU0j?QztC-(#P;~58zW1u96^sNWawb#
zBF&xVFz>ov-`@X8lM%8NND*dxvj7Z=5{m)<$QcE;Crh6h5|*Akyx4c)zX>2)vt=<U
z7tJ9rHmo|2Abp(x35wyXfTLDO-APt!TCtyB2mNV<BJp|Hn+De*@ph>q5+grFHVhq(
z({7KS$FCujPlF8o+&aHvCYtV^^5&%jB*+vMF7W*if&{qZ?u!WrH%?tyC~pyB-OahM
zbgU<Ltj;p6N86tINZj+A-2mqpf0^E97Z%m;Zp#Pmtq&00CDmXdL2Lq%`4Kee3?hjB
zcu=#=ek77MgmvYSuXo$p4%Wx;gWr(|gJe3xGSG=*CPgpv@Q}KsSy;qM1XkcGL^}j;
zJ4Ynl5I6l+Zdn=g-_=La4(t8?br>ahN%pboV1Nbn?EULN-zEGQinVMCEf%p?@Jwi;
zOJ6^XK6%2B&z#&rewPxD6aulNdz*i&i@ls(p;A87)E*4g>pEr*cSTP-9)mXTH3vqf
zV=PzFOPH5Sa729l_zH+f7~}%|p~uEuSOU*s#J>j_Ac_j7dYo$H+TS0~<2k9tXGCTj
zItA5Hu7YAJJK}WBgiPG!90s7Ahju*{DZ!u^U2-oagM|U|I7DeG)uD!AjGs9d94xoc
zUYSe?T>dLy?CGq1(DNowmF<{e6(DYX-RjyAaV6ZZbMyEi*=r)eKrE!nmT>i_Dz?71
zRaP_OuIHehPb8gLR@9XlUOOWArL1_4WF>{U2o;Sa!8)wu=8;UMG7|I5@J9FW@6Q73
zUnC6|EuWgeliFszk4WuWG+k?NGt;br1noz__$lU0<IMNXH@i1hK4Q})rwI{CMCSS*
zw$D;Fp^`7jm&r$W>tZA+G64@@k#06|X@7MPRlv1<8xnblkj%I7%z+H@F~*EYNVN86
zYjVDH?l!n(y2lwuWR6^6T<W3@JxnsGz=+wGY6_J!@?#-W<`rQVAp(rNWRh=*#+6%P
zwRuWLoM7;Nn7o|W)6C(Nwua4(H$fUQNJl=H;F*i}E^Sl$I2rglZKA+g`h1n40f+Yx
zf8v2nSdJPq>^IUg@T#5IMBpa+Fn4)SZ;wL#L=__7m<1W;+K6L;X9KO@e~%}I2gM6P
zb?EAEFZ3g>9>37i!vL}h860)R1DWv0578s+Vu?VMnYoKEdrazK2!j<#NAqYRs|4wj
zcWD>qCs|+#*g}Gk0`j~~o=9=QPWIuMXHy+AdlZc)k-Bv&{KGS)9mqZ*z$5EHq~@c9
zy@k4TS!DnJT)Njt9s}GDdM1@x_~JXW+hSZwHLDA@1A6_`i#1oJF$*{QVj!f6h@z|6
z?^b(a#Xp?_a}Do|$8l$J2-s5!>e9{fDX-wBuEC$&a~|K2o?~U*Iiz%kh41C6<|}o8
z32FMkrKs3%y_=uw!0y1o25#lNdA~5J9*|h8$lVW)+xe8CRa=eeEb*Oi(X+iv(G>s>
zqCc`w1eKdI-df~H2Y=$HWj0O}9E@V5JLB{!KMf<yZLi*~L8Wp3yR*mRz_6Vg`$4sT
zVXd7!UvF>X>|<qAHF>}UEx-g3b^Fv$vfZv~_=kBfKM3YSV*utnYW^3U(fQ<0G?YZZ
z&MLAv#G)Cv!0WF7Y{xX{T3cb%J0pz0dxy^*mJM3C1?Y>&s70Nnvp>lew<?3jlp+=S
zl@Vbve7d6YL7Qav0QWkPJJ49gK*t1d9)_?E*t#D>?PIN-8^S4IDUBWyPI)NI5j)Q=
zO7BELy_%c;%i~Q$lN86e#tTm{jIZW-+WTRSIS1wKncC9+WbTn1*#rZCaZ+9lxDp5u
z<Nc<iutrzUsR|>;#|~3Q@%7~ZRX`?Q{vGh<8t%MqP9{nOl=iR7B|-^|aJ6lH`cwI4
zpe2Lu04c#Ln4zZ31vADxwC`wGhN&7DmRjIiW|3izmPq23!*~WlRcozvIGu+T-YZbq
ze>3d91TR#d(f>%i1FV8t;B$2LJA<0UT43f)fk4$;FiJ4A+Hz{x8kp*bC$qNgC?%~G
z6&0kn{1CS1_!A*-hegOlNa@~%^KDF57orfbnKl!DSF5sFm?zb$`a$B}x4HGq^Sn(g
z#=3ErBOX-}S|ORD>jn0b%n0l<k6qB+UA5nGRnjyFtts{RxDSZrbkBA88u*RQji75B
zT1IC-R0djn=YeZ<c^LSnz|Qb_6YxJLha{fuTB3(KbX=Zn&wwh_ty_f^D^M&rFmSO9
zdiU2kAYJGtHa}NE>8YJ4`ph>?T841GLo4|%QQpOO8RTb*lQPAMh**z(B%^3`S6;qA
zN0dbR4sUP*@FnWfA_c<in${96EW!PaH@iD;PgUkpsPKQ80+EFKINqnH&tLgf4~Y{_
z0gK4uWNWN4GwfAQ821{UNenXtk8GG`Bgt+ajAHalM*;PA7<7o8v-S4HcFUdkk+gwN
z#T!6e4O-SX1*+wip4b2@w7Sy|^;H+Bc{SvGhKOw_;yu8BWf?z!snBD<7mIhO+w4|<
zBA5>Kz=6w~cLSWq@iKi86K^ub_K#?_(E4S4aW4SvV1LHy0jOcX`wa98zh=?-?P;Wq
zj9LzlND5^w$^KBz`HkVkp<M(bTW|Z2jv8EDmp1N&pMIbeFr^tBxqO<}e|bv4D_xPq
zxUoe=CWlX0vL~SRk6>!SmB}eXNmdlDHSqdb%U>_UX}v>4Cd1WRW+6ImYZ+P649Yl7
zazSm~(wZ%Bk4iZ`GrF)&BUm9^ladra=EYV^O7glq9;k-pP{K;XLy!M(kqMv>TwScE
z^)`Em1~B8{5%K!qy=-!+0`MlUGPz6!lHak2JrlJxjd&dRD3W*@JZZyf+*g*H>edrU
z`-BvOn!rC;630-)mlPjBIehT|->m@^xJDoxa#HFwMVp(vbP2rjtDSlGeMfQDIM{4W
ziUp$*Fl{x1FiBh*+2rB5D;-PqjCEsu{G%t#C}`A72*0G*&{#gK5C8CuN9cM6PgH>&
zK)p;5pfgHPAqFLSd3P|dMaSu($!jvP4dbrv?&oPcZ~X!z_`G#~&w$9nUa|w{!uv`J
zWv<mg@e33lpQGRxh+T5vigdCN8keJKFRjK3Vz0Ojhsy*!zthasmAhY#YuRwK1cv&&
zj%)~=Ya6Ntm`6MwA%@UMhonr7?dJ;%6FJE9_rP163VJQY{|vjHsk?tD>w};mdLU&2
z`I2ZN;r#b=@g4&4m>AU7MXK+GTwb^DaZ$*3eGJg><fnDrcUQYY_0D}ZP}8m;K@L12
ztSHMJm05#B07qwcc&CC)8Bg;GduTo8MbLBQ{PC_cXkB;UoIldj*=HGIcu<RO1K$t~
z1oc@x|0UJ&e_H$QK&t-#f602A7uOcoMMlcZ9v2ta$Zpu{mP8rJrtCeglyF13l!h`A
zLS>W4O`=HlDw&DI?|J)tKi~Q9um8H&J?nMOc|9M`$9UNo_b}oa@0!wL_!FNy)SMSl
z;L36dIib&Bi;R|pIL3|>HUF$#W0g2a#Sw3=pV+~D7j;&^h_CISf`QUMo%!Q9rbJ@;
zA&ntQ)s`!r{-tai&lq!M*e$WXne$oTR7X^z4CBUeuLvw5$%N37aa2?zS|>~Wn}rWv
z#tPr_++w4D=iMgShU?D>@)o5REI>^VvpMbPAD@bJ<DGIqE3}77^t5EN8iire3bc1n
zCo*nkn61hXj@YX!Y=XdARi7vPob=5uaZxx~Tu#yk2eYCqT?j@bs<#x4PeJN75{U<{
znX%8TRRWV((DN>=Bn5-)Lhf*Db>#K`>e#j<o*})^#U)|3JsqZs;>{);MGZ!MNpbJ#
zJ)H*fu!+0XRoZ!!Ucs9XjFH5Jg^u)nR`VzNY+8dO>Lurimm?t==nx?WzpX5HC@<w`
z`Y{ErlPtwofbPm-raT(t!;&#n#%n*U7YFVp9>Ko8<3t|Et;ebks7k~ovMbCK<)vhr
z&0IGln8%#Ho-k1YLHo83j_Vb6wR)xt`juH}#^#p7m<1Z9DSF;H-<ztWjkenV)v1Fm
zBYDSRaO_Fcd6SJ2JM5GC4FNu}yI<o<<l5Pd1Sd9xJRhFNMxu1*FIX>e5Tpu4#q%#e
zAQ^b*Lt#4A{Np+w(Tdm)d8pZ<K1xZ4Xp(H3V7O9+)}ht3<!DGVXD<>!y6^*DjzRD?
zc`^8Hcvb2ep(4Mi%NBR_^)nf0^Gl~;#JZ6mvX#dpE_-h5QX{d}lHsQ2>T2Hvr4JuH
z*rH3Kt>SXHR$_@yY3;M^6P1mG$g|~L?hl1kfH#M5{)`OlOJ{G}(#Oe6KAs*Yu2QoN
z;o78z>H?gZ$Zfl-2mL-e1=qXtBHkOO^OuU-*ebP&@`n!<w~!r-UD8@i&x-3lbUT=a
zv7Iio)w2G5zu4%RZHf^Fg*tBA5{o4~NNmRL6J}3{Flx_T((coQTLk$W6KwtLMo)QE
zYC5x9uHUE?F^QQD?TD><Y6K(8Biv^{ffB2ZS${apZe7K5%yFKPcDr59z0*iVztImJ
z;P1Oz+Jv?_uqXau5boCdNE)<p8HT?#=5$7G_%hp_8nw9O4iP7YSQq}=lI++N$y0Yk
zZHO-FkYzP?0M9H8g*a{ZO|w!5QM&7aH}a2rf2!;hT58N8=AjJ;n`<$z>||3eWhwAF
z@E;PjkWPcGjP4JU=gY~vw){=jQT@m7Bf9va?}OytY~G1+6{Ff^iPB;dz~I05BDd?o
zD0I6z^*p!NRqT`V-CfAJG?WVQbxM<?*3Dka6>5obXvt4^F%O_qjDFeCly{_$<A-7*
zrv$lYdcCmEah^o=D;M+>=-s9qWeJr4Zk_NwZ-!s(J^0J}WQ!o|6u1Hjs4$x7)gz2_
zk<C{5F1F6ncWdt1dxz18Z7s-?IVbcn0m98%A5!8l&Co#UQ7KuJ-2g5nAu9FRD;i)k
z#JR1o@F(p~AM@ieK~P+tP0TIirmnC|Bx{Q?SW$ld?9j(BT}*(i8l`z~2pU`q2=bgB
ziuC~B>0~UDJ!{m+|KqcB-A#B3BOM5vDAmUmF#)6m3M4DhSpi`TMLfFxyL}C!ixKMn
zM_<XUdKfR^?CA68;@qC|%i)8kkJe{4(47CHhti@Zh}(=-ziz_i?9XPm`S5RLjDq2z
zqUIOG%sc|;%(8+}&%zLp7+2bzL`FqhW>QC&*gx~DT=E(H*ydyrHPsPrGCcIy;iJ=|
zGfiPv?xv}3Ws7+`?%}#e^;Bl{q?~&8Pn~msZ??tX+)!iV``CkZ@i@&*ojhGwB<?+W
zqh=yOpp1Cz<@=m{^A8qxhD;YOAM2knhm|GO+Q4)4fux@<q!p$WdAplfhn^hqEV}a1
z&-Gy4%SGrx25iw=tKVKysmnm0oN5_^sJkay43XbqnxxnQMmhw1i9ymiPM){ZfQ69=
zcGH>}V){_$%k-lC8Gko_(CXsDC(0)6{RJxhPWF@;$pH$E{goRqr?!mM!vySN2V&TZ
zFmw3@U)v7GmsZ``^UUj&8gVTB!6YuVc$y)O9<DEARyjqfU$=A@IF6sWFL&F|z0IFl
z_M8;Tg6`J{yGYj{bl>NeD<<_ihi@jC>GsxbrMwBMcZmxxl2d5b%~!iz_Tt$d^j2#r
z9)v3&NyePs@Q!+2D$juLk$Cy_9dwjpo~V7G0!0bqOS&gwG}#2HV-;hN8@4ZZ<e1^y
zrDofsKch<BWslr6n?O1=1eO<2=ia1r=sV({M|nfb^K#(XPk!2~<bLsHu-W)yAA9x}
zE|Xn0czCv!Yu=mBY^{qgeUz{nO&l)PJ$U-pxwYx;W%L!|HA+z7C#m*qDIfOfwA2Nr
z4`g;8AF<p4D2gXCFuHZ)SN9_Ypfz0`4l!-`?Lj(b-mk<Q$1}Z$oQK;)^b>~RDf%uL
zQTbDrz_O`fq9U>IThBOlhl_du1JIEg&q!;IW$3><4rG`Lk6jpq&W)zh;u+gB<#(aa
zN|Ye`CU+ror32K&c<49}@M}l>3gb|X+zD(g_DBl`cBRC`Q@aZpeC`AA%q{EOc@N|Q
zcS;alOw{o7o8J}9)U49;u+1@>d0=tNM<y@j_U_$G?Zsn*;xRe*&nhSfeSK8jR|VOV
z?N?r>?g5Rl<fE(nR>B5<Ovz{X>Fz_-b#u*CtV(B~nCwlnvx-3mMJEg#fo+*pP^&}o
zW+OkN3VSyRMne90CWpFqZinIfR(A!v*97uJvUE$%fOYQZeyFs7w8F`Ou|dk@4w(Ga
z^>T{aijIXJ57(|KwavA7g`bSOq6#T|=}J`Eot!4W#x06kf9acq2zj)<UFTK06qI>l
zJ(ibXpBTL+5cva^V^8puY1X{}1^D7D*XNar0Tn!xLVE<tmLw4Yb@NQQ%ql*m9@8dQ
z_b7IQ1uX{`=g1Fj0fifkifL>@XG*+6Oq0t9m-KpQS*$|<6Al9f=>~21Kq1|<peiLD
zvRG*0vsfmp7m9tVt?38U+Fqm%Xn<Ysd&-fDrxZ}cM;ZUueApqA6tQ$Qr-;?|V_fGT
zd9Cj$#8C|@kKj4Ip)OpyuGB-Jqxe4BMxI6Qazz?K4+4Gf#|;H)E)g5VQ9wwxDqXaF
zC8wQ3+mF4FlDvTUw-(@=!f(h!a}*P9@&{U0Ei#(*tM7*7f;)E0OVfgsT7%h8ZJ;C)
zQE(og>>CQodvEvrOPIG>J-Dv=(*oxyoJ3^GT?)sttgrzVpgy_Tmef6<(1^=sWu9Qa
zbJ75&cl0viP@tq8vtwJvUJRAIFGB$=atrK;1~BSkd<?q<45y$4_mg@$x|f!`2gz+h
zF93#qgS-0Kp`hW{^S%WaYyIoMo)fZ`e||LhOK9f^%?`CUzc-3e`O;`z4Vsuz=bHJN
zy(A}z#+ky}MSXLC+<K=nde*jI9ge7H&5tcS^`S>J?FSt0Wsl!KyM%3aw7=h60xmR^
zhWbQV^Pis%TP=~0@}}OZ8+E)Ru^NXs#K4v!Odao;gH*-6hQgNk+VCH}SC(J11e4fF
zbS--7x38W{+1HPf!)Gx$FLoR3L#`@kA!iG(oW$C<ZJ`9kz0n&MWg!Pp&kF`=aCAot
z&C&(c$OJ62sMtXdhP)BLuvLd`7UW{hR;yk&qI6vo4osc(0H*x1S852G@mO@Doa{<8
zqN6Bpa)wG)R9151wevd(Srbw=rfm2g(A9N0JlgaJtxxbSL4_JvekjEI^*rgid4OlH
z+{$!^;^{tHSJf%#G*6NiA7;HAQK*Q=o{psFipJwpctQhRePU6BFNXRm`f2Z4RZpV+
z$)epi5RUBO6LS7CAkm1ut7ANaKE4crb%6xNz#$t8t+Pgg{&Bz67W%R{aLC9X4NDcv
zFS5jvxYrFb?-rqK=Yx|z!p!lVTvaV@1MF`AmaQo>!|ZGU*`Un58+o~NVB?)Wn_4)n
z5JG;#9e5z^j=aR!tn;kqr2tyhni!+09ZI~3w4(Vp(#*sKcs?K0Z7pxt^m0wVG-uIp
zGo=n%ip1-;EvC{&Ai8qVhb?@WvpvwGtoqJE7qZGo7~AW|*rB}eJ8*spq!E-+m7{CK
zt?T`GuJdQXqAxa?9BVeQ&}urT!aR1a;Nol-l?j3z%U<S2l^ie%U5372fOPKD(+M5K
zw#DWi+{2V{9A6t+HOc-Asjj{PhTJ95TLeMBd~mae>9V3CLOl5t3(Zyoo`T|LF8;2(
za8!rj?oBVyZk$6P(Hgz&DjaE@XJBrt2J7n3%yg^>OG~RG)X3;iL7$E{U2iy99))(l
zLVyjhc9mLx3F6ekD<|XIe5c>8Q(pm6S3?t;I&T6p7lC2^_A`IG?Rt4&B-h$$hmL1i
z^ACO$qqAVWfReRcSQhO(QkLBKYF**&wy?bqiN=W6{E(n{)ZKS%4L9d$8sc+gcQ%<$
ztyJ}=Y7ZRd4@)1EOQK`ti!#TL$;RnkP;N*m@-!`z{PN09!d_jgfF)1QCBXTnjuJ6?
z-m4@`6*0wRxx)Nwl0n~v)9Ur|_6Y5;1kq;x+zzyZt<y~_nYATSul;fVj$l=gBtNrl
zo4MtYAr<U*crkG^TUWuOgV{4UNppM2<oG3Zf&2`!(nW_I?Xir14^o7Fn$_#yI7uN7
zQ*q5AGu;%Fe3a-WD|JFJi+GY}=KZ8`R`q!l&rvn#c?~_BHELsWrz^ikYTqg_vqkBK
zAhv}J$8~fNrez@sIA+4(q?0mvF-dO4z&(Fj>*BiHdW5&&90Bsg68Q}C=h?tdir`H<
zOgQWuva5Mjd#*HY`!L#uWRab5U?RmgDqmQZE~>#8?q0{8LW{;<tTa5WEQA?xDtEID
z#KAu8$pLfF#%!MKa=FO&QLp4-b8HI6fV{i=48bCCgN+&!*aO@aBRO_2j%GW3U0${L
z-BoaYZeeA2>GE2l<NHX2lh-b-^z+{F4H4366DAM7+l03?HnvY^e|N2N;Ci=@O&Ok1
zqa$n}G`X*(gQwWl?;CP}v&gcf$RA5sTUII2z+S=Kg@YK5wVmP+Z)HywI^3QaO37mE
zE2nKv=2zyVybUocU4=OAJZg*C3@1&nm=iCiU6J0IT2mt!3SP?_wj`7nU*LLc$`E%j
z8gpGrns>rqG)z}qxX}Y!9=5gYWL_qRs!X($k}%KbV;4<h@eJLyrL9fd!_h}8wcRu{
zN}g(u6?DCi5|mv0)iEMMHn;3sP2bR*#VH-WX|_5#T<LMUa!Q8Edll#dw46{f|3aFk
z>6;w0(pKh2s&h1}>jf5N6g>}l6V}|Y-{T8i;2p!_QwEXN{;!TTZv&l#)afyJAkKat
zpZLLe{h+XO(2DZqjPyT1vH!jL7KHNuxcbN7XUC&*JrrrrcmkW|gB<X&F5x`hh4eHw
z?pzaSxP6|pJiO+NLj2`~b=k(<yO+C!P$#kmCsMMc`c$_|U%X!!frT$=I0E9vUQck3
zXW!0Ci9E)hhZeYo)bTlqR=6@~WmGDdTV0L!#*{rhyJt6ShF9eBKM+hT8ZO3qmUY>`
z^6F`*l+8N!G})JQS#R`d=ilpV7G&NJQX5Mv%8N*qCUq+_kohIy%e8yGnPzSg9-^WM
z*|llonbu$HYZ)TNy3Acu66zbEw78<B(9S2V89KeJkFcCi=4V$(TWd?^d}EsPyI(g#
z?hCeavK!f-wL_=7!a^m*%zIqZM=)YjfF12jbw)HX#VaqnJn&X2+6IB_Lebp6___9y
zBTkCY09QAce_19^;jBsMKX~UP)Lo*Lt1rBk%Xvv(SM&^G8z&;;%(8o8csLZ|SMTYn
zjx1sE(kES9UAhh{oWuow2)1OuFPVo%$6dnyC@FgPWRLIt83lul6n8xY*GvCCuE?&D
z9-r>PTk;;GcIZF}Pd6{ssWV0uph75on`1Vi+A@N4IDargRn&}|Zr@O)<Mev!4R&Je
zFb4x23rBLHxP7PQ_0sK9ejX#yFkuZUyJ*r{wIigTFd8qN8zVJ$Dx**Ja!u;j5OPj@
zV;?ZvXd0hC*eT8{qWFLA=KTmZA;|}_{(B4o(bVEjRA((d(Z&69)^w5ISyt0-I@?33
z`^MZi7Hl-n<q|DYir*`hJ+kv!eRuc0tLW3+{9az9pKi>&iMB{)R>p$SC}un82+2<?
zT7Ryi$>w2Zpeg5V_WU5sDJ$8(a%kx9o5fCAA%2V7%#JNrEQVcHIEzm%T^4iTK>TRc
zsh3o=OJ5DB4+_Jq(MLGf9ja`7R85ZM+#Vm}&y?K541A=NW;voO6??~f6LT#g#}qrU
zrBp@Ncpr!+`PXa>>x)076V!7|e3d5@c%-4zVq&e|VAZ;}KV(57|AaEtLLgEdrG9`<
z@5z+do110?b^30M@Eyf>-$@I1RDK25dX~A1+AM7NDB~HkjR!N*=mLvfu2DPOFvc_9
z<NW1cn3{88<H$*R{{Xis(2&?pRb3sn-%zhTK6EF~Tzg>Q8&`vRt%%My****6&0(wk
zLa8C+PpaXZ;r&Qe&hqI|q}Lj$*`uhEPgR-l#LP!>n3T`yStB{EOOpE%g&V*3**_9=
z+?e8SBv&5pG)i5s<{t|I*%hMfq#1h;0f#8GaITO#_S!RwKkr90Deah7IPaxBmOIHu
z)0e}I<<HqBP0eV1U{Yh}>f?2DwVcnQ+v!kbNG=vf+w2l!7_pa8CevZpOY{~Q%lRwQ
zH!-!lO6_Jq9QTIE8{eFzzl7}$iJoZW@Df5;l8@qMQXvkI=ZDAwA>_LJ1>5CVW^t4C
zsnC>DPmK`vJFyJE%hMW>a@^quN8EkTrxB<6v|J;k$gdr7d1fC@i(GvM9rEOg9ad@T
z5oEC|3l=G9u8(9mbRv+!$p}yFWQvU*zbYu%Si>2Qo@A4Ml^3HeQu;Yq=`3_)o3oTV
z&OoqSpyxA5Ijn8mg(#$Ai<FUk^6<_1LMfBGo$%O(-BhZ#-7;%GwJw?+r*%N0*~lx9
zXovl!C}Puld(N1`w(7@`Zx~t}KNeXP?20u}6%&0=2i-vanX7CX3*%!3NXD4Bb%Jzl
z7fmg6Nh?pstT^@g`d>=<VObZa`0gvMyvHSYT)qW9P%BpoD|_*94&V}wGB~ykM@3Uw
zm}*^UrS?M8u9j@n;Qy>;TTC!^733pu3D>%E@S=Y?#b-;TLQX04ajmiTS8j%e0m8Fm
zA3nulqJV&0^J{aM6|NEI&+dx7Azb&tlo!}dmeykzSVllV+Rt4{jx4;~L=p(dxRn+y
zsnQ*p6YS#6L!BpLNyew3=}EET4_S@MPgzUgPU1e`tXdBmSut8O?zZ;i>E6Frk^uVr
z!63&a+5_E@fzwnR2I`tv>DzypHKenDKmGA^NP;H7sF>7kyZq)fn;t5h2JcwiX*Mny
z2`!`2mx=beKcOu|`2;}??H|1K1&xZ$*)-T@AL2nQ2Q-UZVhYNn=F&il>&fsT8o{6i
zEulN(?nmXup|Lb8V6}Og5w>9JmaEhm0g~Q+=s8(1#IZ$}5TttYfhX;`p?cCGk?Jg2
zZT|P5jm1CNjA)FM+uCobdNZjlcO|}$?!}MfV-hfDrVFc<at!ausH88+NQU?2jp!Zk
z`(e$fZ8tNbmlpo!=<~Y8nkSG9Gc@+Zx#`mb+w#f2Zt)8X+Wld#sIH301PHq(9X~E&
zxyFD@H}g*x*-|_NnLXlc_RZX&`_;%E)tGgebbPedq)<`+qaaLDi^5iqigf)kb)@c%
zv>Ba=yEqx8vD{vQuoAH^hYrV1X})mo(qY(xEKS0V51zc!%~em|*Xg08DSO~zd<Rke
zFC5;PR&u49-B2*p9X-wW5w)B$YkQuuWyecz3|_DDYzBC(K<di5(Z{w)Fkdj(roN|a
zNEPRW6hS!Aq!^Y_B5<Zk3zc3%2=ga$sp&<S|9?VjsKI)AG^{^;Ua3%He|P;m0ElNG
z8|D*#2gxU9M~)o1JU(^!iuLh^;2+DEo^?L_MTxd?7`Xatg8nz8q5J&R<O2Cup<_~{
zs4aEnM81+dvqWUsZy9HqTR#97`S><%-aKko)wa^d0<gIj;HyKWd%WnCyN2lje=ZM9
zfI`h1G-FSX$eT{p1~DL?4^ABz!(Tr^w6eH4n|tAeZu>kmA1YyyhA&X8TmUGV7w*5>
z)Z`ify5fex>(9JDexgu1B_<~yp1NXXs(FXPyB&3`dsq5p6q-jBZ1z=Ap|ubUGUF8$
zQfOQ{QF<Tfy&wo3wFi(o#v4*h8E%c)TOPy+8Ib9{O>bTTbzUWRmj7E`X)Rv#-|KuM
znpMxjm1#G@yihx`;XC9oFB=W>1ZrJXx%g>tp$xirb^YW8cI&V2)I^Ok0>fB8$7}2T
zXuG%lXHI9|Uq_U7g`x`mBOEq=CkXo8Y8pnd({4{XGKGDiaZwGt_PEow70A`L)PCN#
zDAN83ysO<k^V>dMSt7MSqn`1}7hb0<ncxG<7IfSK4i|SpackIvjnYB@L(^hVw|K5<
z0oP}a$UT6Jb!t%nV1_E3H12t3LdKCL?kexJHd5e@0YfyEsHGQFBl8q-Foi46bv|(5
z^%=@Y9=m#|lx=lVhIxS(*e{1nGyj)JI-2$jbf@LY+S@Hk78j)r_MZyPE>?|iaz^j8
zcUSa-rDV6)U`LQoGP(5~P;iy;^}{0|$G!yP6GTF^LISn#&Fes^%FadfHHw(^Yi$t~
zU3qnxM?p<@Ueqw{DfDLs_=d6g#dscPTzwhJoe~cI>6F988D|<`DcwV&MdBdg{Yw27
z?=R4&s;|9(h1;GBH#V*ahIcZ(;k3}4aCZL1tU$wBz7s#V16gf0jb@m#C-t-ZTLCl^
z%Rmi>*H4JggShG`Aj*D%Ym$nrd>5nanLK5_k7fk&Wj8&LePrr0AHtffP^d_9pMOL9
zm!k}olYD_4z++zoz4Ej7BG3T2cj)Tws@En1&&#_mK(Zb1eqWaU-g~|fu7IdW-X}n_
zPKzRV#_*Oi^8*wuL2^H|X}|f<<7u5fK{Bug^l!%MWdlW(+3tPN{{3yLqkZpd?_?i#
zzZY4{twB>h<>RIPJNsC=?9X+Iq+y~x;uU>BqL#4YxwP-l!4uy<f}pFH-9GV-Iu7%S
z{l1dIX0Kwuszv^j`zXz<doOoqWGjlPu;(EJ%Wq{2WQ{{lTwZQ=A@MYK^`_cyr-rYJ
z?W7Y!kead|LRRF2c6+y`FV@f8T%POJ_8zI45w2yO>e!NtP%1GG`3|ZwNAt3}X@uyB
zR#l*7n=-^WbX(tdHU6Q?Yfa6C#=JczJ0!<!fR<roeD9}<XO{>TaT^%Xe!guG&5uXY
zsdY>lw@xv>&eyrxEUJVs|9M-IBXXA_#<iZc{ljr*y&I|O(JNxr{E_>IT!6f1pWv3>
zWuT)zLw8;<xlA_;7|V&q`u{deG65FKRJ92$%r23eH&RXR7Kw;~Hvcjo$2^Bm!nj`y
z!R{L8vD-qrDjwB-D+4GD@oh;amLRnuI>H%cn|2>zu7^9sDqdnqA(k)JO(ayjd~cyM
zwqO~Rp~x{d`x&tzGDk$kP^2)THXAySgq@o=;qt1Wr}>&b)Nxf^#LkRE4jDY=GJ@ya
zBrA~I^=#LVk?rF!?+`E+266Nt#KbXrg%w<CC{N{m>{w53vVEVlyTTz@Fl#j3BXPWu
zd3|#EC29STbzMlP#6{+I)?^XiLu|qe^dZb%<=Uy^GS=cDl@bk`<NJFb-!hQ_UN`Tq
znerUEquYFjGa=6wW6i?X?~BzBS+&6XSwH?q)&n8$&PGumqqVafo*rH^H2H^=ZEIdM
zeeFPbB(EbrdgDZ)M2S&N(w|v2g{%kT!%8|O_O7h{>z^schVP%B2gk9*T3is}qWUxR
z@U(1hp_Brb(g)Hu4NJ6Kvu)ok`BnoTzuB*tSeXge3D0@-OSeqFPsL9}Y`QlXtb%>0
z!#XXj%GgSbNdEwy$4g^kc6&mH`8pC9?pO?5B{h1i|5Cg(s+zk=l@}v9AtrW6wpsU!
z-_JYx-QQka+KxMV`)zN68GBP})b%glpHH+VzF?+ha4df=*ArR(BY9Sq24?P3f|T{a
zm5ps^U6Yi)!Q1p08OV7}AH<zA3S8cgLhL#UI+!A=43RVzqId>hvHgyu0qaQa&%%Z`
z1;d#6rjrygDxi%C!>80Rq1^$Jwr@*W3wIT52?%K=89@}%g%cF{x2t@~uGYdKV*J!D
zuh)^r;;fz5Lb@{7k0-JJZZV|+x#8nqDjhO*FGFtp>9R#D96#HG+_H`hz7_iQ!whYY
zFWN@e#yH=?lAWQ|RNONZx0L!s`ZwI_8WOBK)YceoT?Kk3ymX$B2)fNqW<%YMJ_<;j
zu}5I0_@^5=r(ABr?~owa^b>lS8XO%FB09q=<o%~S^C!EIMH7N%Ic49jOIiO;s%2k5
z+g!WZcW&0COekVSH*p*=YOHi0U;hyhuC2On7E^?4dMH19il8@HEM(Q-&U?$ArtmFu
zlQLEMRy*-N)Id^*tE;3o<^gIU2sB=gU#P?;42VU>AYb8&2);s}aiu6)8ikqu)Ew=#
zDGyN_;2IV@rx!YZrk-Y(J@@x=MaU-c5@ru@Pw&1*y(GOStm)PCSvak-MN#}H29JIf
ztkYt}lg$TK&c`T{3V4Y4KUKNfdG5Zr#Mj~9gul%8a?d?M*_1oSAoCt%?Y+xI$6<J#
zr3YGv>H8Ksl!;oZAN}TCIsJOG!sebII7p`&X-ISAw$N+y;&s1<0d5Gb+(4BFL8jrZ
zVxwl}WnW63Sy-B+2CMMi_oAiAUfJ*idFc1i_qq9aoBQJHbQ%2lcRb5*7u(#7FQ}_4
z+=vt*=dgf|P=QrjZbLx%+W9k@eWkyaIN;4{FnZim#L|R;Cc|tZvUMrZGn40H->~2C
z&CADlSwJrB0~2USV>pS+uOq>ou90{>#fXt-dy(XVslZ81`KB28%}S4WlBV00nbB%X
zyf)<HA^x7uBv(tmltJbW6T>o~(UDJFD|o$`g?J3$i76k7b7MstV*iBLMdRJmk}a(y
zV{<vk93s)Yhf^~B5X4*>GSzBvb^}9sjE`QR+M^TrOi3~nMTIrv5O^5T1lucmRlw9e
zLrX&(mVHSTkG3f#6)Js1i69bkO{~XuZGAU%+UReyh+uRGg@z__R^n)5qA@x@wgP?h
zc1}Yeo^dSpyI!upVe)z2xoW?kz@yKbb{w9hu|wyZ2NqV|U+x^AKVI@jHSwv)ZUIhb
zI(d?p80+q6{mEZjm*_70y?u7V(Y@(wR_{4?7e76B3FEgJNBbt;czl~1K1a+$m~ZIR
zGL63b+*>~A0Hx{R7G|A?TGt4bg=d_MQJ9^{uc5;+N%=PlO2D1HOYs{S6rtQA5_1$@
zW+M#gV-4eClUQldyN+v+o8>DccECDei-QceEVUt{uvBV!7c$bV>y{|Zfmm}c31*8b
z{f6=(q;1+OnoOy=><|&R@ervy6Xk8H`c=4z>0%{W-oI$@9?F^5)mk&O{?!Z9<Uptt
zr$AC$6C=M%o=-dE!0&{Yo|iUWXOgCN3oR!_sL-Y-MP2uQwQbjjnRvJQLq<%CMJwh#
zbBn<_nxG_*tmq~^RT*X~ah(?=#vrnw=~LZ=eXQ!jL}-0&7;n>;PnIk`sH<mTEeQg3
zY}5Thqea!A>{UOxNwXHacDsil0@#RsTikH84RQNcPqV9zzaUvhOscv4YDP6;*Uz;U
z<cDuhln%u16g&zAzCO#BQrcJLsme~}C~O^Bbi>IVtMuX-+2HB$jJKNke&LL>^bt1Q
zbVmwyTz~1Eh3G<(%#YrJ|HanJ=HEata8O5!*$6&pe-Xcxnnc@?Fi1}p7#tEorAb?G
z;2n>!g{M1)Qhu8WaYlRcZ-X<le@BQu*o(vb0*hE4`cS5l&RT=<8&S3bclP9f=dI7h
z^B&`P&nDQ26lVJ$rFpQZIRAIo`i`Z#jF-P17ugmz(3*__n8&jL?pg#34YhGu$$_R*
zb`JpO-CXSR`cjVqct@)h`P>#%0J)S;^om130KmoOosQ%HV5wh4us1vfo2`y9WlN+1
zK#EhgeuJQ<1+DOdYhNEM`Jqu${C$xh9#{iX%#Fjc!=E67oxHiJM?iAQmB>@-<F!Zo
za@8;UvpJu=$t%NB|9-~YDQkb}qNRJg+faX=iK;(a{#9zqURt9xbe1#vX;0*%zBzlk
zp1Yl2JZ@PquaEGE57)b+$I~M-nq=k2|K!?Vb-VG~`ZN98(+o6xz?avJO;kA_qi+U}
zA;+?S;Vjg$LBVK)Qee>{DqQf=(j25K2?wH|HrsYA?pll3tZpsM*fe9yhKv*+1r%B2
zS-I$;7AeXJ-7=KjUTKCKl89eQ6}Q=TeBNdI*9Bkvlp$`j)Ed8-Iju`5-*@9URWJLf
z*7AoQ%AO%E+sxlv>v_jIB^>oTOeW7M0OdAJ^G}XCH4FlE|JR3h<aytTt<x@%&o&p{
zcfzu8?l28K1LQI096G~Av92xM3*TB^{<%$|>^JA`L4Pn+zHW7o60y3#>xhj25z%2W
zJUEt@%eE<;X%q-mDZaqpIv!+-HuQNJoPXcjynt086PqZW)JPz~pMQRLNB`pTXnk$J
z_V2o@D!yMvBMo!DgCo%I&+^k&*5wh3#x=5by-(xCrY0Eq5>9iQfsK(Vu^XnjvCH6S
zt&aM$Qx7Xkfh{iL&y%K~`KF<ofZ)CXnydyF_6Yd#rgt9L+{;)hDq2qr0&fLhE{hJ(
z&&!1}MP`s;_A$M4cXz|2hc@<eo&OZ|mVne0f8Ei6xRh%c-WhG@xlHi8EqHE>etjLA
zPM(?HO%#qAt_2@qVu18*;g>As-&p!fw(5UQL11HW14T?#3ss8)g}7i;YPe;_@ChVU
zOBKwN6|a0AKCTT2V%9QU+yo)*F8x2abDV(KW`>d;uL}gNQ6v$^oEmt4|9$C!hWFHO
zz)C(8%Pwd<K2Kl@w8Co(J_9_O@R^|?-NK{T9yj(j_3sF`oZmI6Llo08J{~jQg_NBJ
zOIXd`pWmPVjaD|ljl5rOTsJqu$X$}$qd-2s!^~Z@JdUnYoteRgqC=+1l`&?ZNN~<L
z{~c6H%QIgjY!*6Nx+rF^j7Av%?v$kpjZ9DmtKXsKss?e<AfX)Gn!W6-4D1VnS@(dM
z{4le+UJU`G0(6xy`pQr*dqzB|n`8{1zmxa~fZ(Ml#9cP+U#~VhtD)L_DQXz84+r=R
z6x9R#%06)5Jfe#CC|VehCVx#56l0YEP^6g1*`dOor#_h^>H~7)%YXJDIC9zN!>j0n
zw<{wjlO+UeDM*`iGjs*L0&dd^qq4f3yx(nK!j_I2xqI<m>X@;3m!IbSE(p6WMMn*f
zCzepI113#nF#5L+=$okQ{6o$*pM&`ZMl+13DlSqlcpSvjKS2{i@ws|{-Lwjpiz5@%
zefaig(c$0DG$_5aRTkk?pv`MtO+4CC-Z|4U%>3;Y1m#Zp$SBi)_6I?;h6eQnqX*N&
z(M10zHHSqk?HJ-R%-G#xc$-#Qm}YK$0pU^K`WB4(fjilLR8)-jjIp}5>I(5zyKoXj
zde(l5&DC*Zwo5eA3|A)i0PA_al8_hZ;pV!cq@c|rD@qV+Oj%`#sSH_lH#&bl>nY3%
zAf$Ou?95b~6yJQwr2ASwC78X{f+kI;2G&!ryTZ}#9<hV3P#XG7@l^(e6siR+4t7)O
z#w|6&+u9O<@Rq$Ar?X8RYoyroT10yU^MolFKEV0p&b0`=oQSnwaNnuw3tE(!YkXIV
z&8cK{7EIcamvD9jaoZ`omjcF};GzDH062JkC7Dh5weSJA?JoSzWg#$XSD93$GJlqM
z#nIfNgNlVZzE6KVyIbzUpyXU!jM*P}KPiW8oZoVUqO9le*RLi#c`;NmOzCN{CzMCp
z&Z_t{u6CH;>nEyJYaXFa6bOsl+uiQt<EiC7RnPWW+e=HYSb?44P@Xy@G#^U7@AM)_
ztpdD=H6SOfPh#!32#ZZFjj8?!-v>caS8@?I2&2jA@$7JmRgVSB6R{U50&mjqbSv}~
z){?~M0kCXc#(j*B+#~GsNr8^sXYN@P5sps87l>L82LaW0SV~f6KTVRS@D%w6$_87v
za*T|7-fF2ov`be=GKOld(T}nc>P&w}nAU6JkL)0vXlW_DbNiO~3ufu_&<}zrLI<=#
zitt>GGidvJcE@n)wQ1g{=LXlM<^JBOAm7dUQ5SRO&JhtC$_3<x3y2MVs)c8`_INz$
zCxUCu=DoiXVXar~FplLY7nmbC6_U*ex>UMr0t=tv-BCa>1dJqs=sx$V;c@J2niIJ9
zBBM*6{u)a>xty9wf^4J-0~C~f2jia0Dhq1{{g%6gjZCuLK1va|UKgNTB!hk6MXT43
zWvBLsijmp=NLqbslq)2iAcDa=!;j#6U?AFz@Z3D*D;VYXP|2iqf(jeE=n45|pa-xc
za$m7`cw?2g`{D*x>?hsY6c<%ySth{fXRh-nut46!aJ#xPAwM!?p)}V~NITuSIZMjg
z5ZJZ2G)3nusm7<+R#=cK4YN1fT}Kz-pj1vRia1qoarzn>WJ)FLiqBN$w?UGp(UhTW
zK8TXOtq~lwFra!1rBq`Jtk($~w#+ZW?engp4aK-o%@Wnh*QL3)aZjh-R=-N8gxn&%
zWi_Jn*oFalF!~)qip;6{Fjjs=Ky4grp!(*zg~E+XGAW9f4Aod{>x=Gfset||0na#;
zQq%=nF-BRjtNME24|%_-d6if`*~nv{fO4)hP*#;N6l01_G+G6r#TBs(!+c@-aw)p#
zMEOE9|DVY<*b=uWc?MS8b+)3TdFU&&9J5c7w^ypMUQxXlL9276JiW2evhm<S;WiMk
zw>b?E8PhRmW+<8_^SRC+y3*m7LHP9IvNh5B&yvgjVzbFl8qbnneConYZ$j;>4m(4C
zZca(`yM`0^ISXD9yM|sR{PNIS>`GYaM%FTR@~2N4QFL+Z*USjbCm5A4-y?)2DZaDN
zm8lWrez6ZVPNn}~h#so<?+fc>bmIz##VU1UXvn0hMEt6WQJL!a!I9UuCb+~JvSldO
zCy6mG3C&K@MO+lIj-!`rwhB2AYv`<Q#m}tyA$zxl7wdihXPmz{2UaPWfm6yKp~QOZ
za;-N656H-3bZO>Y_IGkcPmlz&FNIJP!1v$hNZAP5B}>@wdNI#JHp|yp(-hIR)Iov|
zkXKJ%6-c7I;)(BDT=mOVo_6FKdVc5iBinPhA#+@?d>@Oy#m!oo(ZHxysteOwgMhaZ
zQaaRi1Qcj>TdWM?ZC-{TXj9(pXB`&wBJo2r<;}5pfkc5h$4ZuA&JsJ4P&UExvHi2n
z1oN|;6|nGRZvE?ecN|A;9CHki*UcS;uBMgp*bbb|T(7Lx=Pv3tj(a>mZ=_W0jeK?Q
z!OM3rJ{;vasF5y0QxZd&i3N;|eHmzI`Bi&AzX<jX4oU`aKoQWJtIZ&Df2Xs9%@rQ6
zFIpXJtzGqpAAFfuy^GP0nBud>$(`Y~WR%ZJ=-fu*kR6;Q(F3ht^@A=oEF3<)ka?c7
z-y=u9jaLK5Go9A)a^a0^I;$6ObwUNRo$CnImrCk%#2Rd$9Z+7kcxFC}`0++Dt74OD
z3|1(9R;=DM%7u7>;lg!)mc_pF&hc2(qX6ND>uUG%Al&->_DHr=6)VbCwF#n!=K@t4
z__JdxNQ@7Jb<s@G_qldBB@V@-o>~!2)3rF?2wIQO2%b|F@E>Bog1*gfoly8w)W-H;
zT-KfI!DClW^V~ptU+d7UWFu8@innt6f4PBNmaBzZj2BXXIjC>MV<fw6&qkN~e>A#Q
z!^SG}J6>L{msIq1EM4o>x2vg1Twcke9(u-;#n759UQU}mi31`j9{c=Pq<-DI_NWHu
zRZmNPQIlm;k0K>g5z9QNlusVs5fLtk;U{JL{cB;H5WV^cg=Q<|!pknC+^?l90dU%D
z%jYk}>jB*ad0M_%05Ir7gOyZ75X_(^j;Un3L!@m>&R!y3MIVYoa+3wiKk<yCtdJeo
zaD+vkX?QB9#|B0j<F8FOTXsDdM*+NGqij(R#R~^O>mjU^%AtqpcowH@YV%eAVq+S0
z%QH+E0Dk;)@n)Gcjr2c&3{0q<TW=nNWS7zx!TF)>a15sfH6p76DQIW;i`T4P@fix*
zp~QCbQ_xQJ4SO5}?JQS=V=;jawspSNnu(p77HG5wuJ0a9J*A+Xq1zuCtVICrMEozb
zbK{V6m_0)s(-Em7j}Ft6!~ya$dGYw!4s1}I>HlZi%`InXaT)>^BYT4|`m;;cK0r8>
z9YLjsItoOdmk9Zwo@*qWjX3*%D#OLMAiM@eLxxz)JQI~`5NG3t#n4K&)IGGfk){bL
zhZITp+nvABJWSEO>|M!bXSLG`k(8_<P<EhbfIR&ha1;l!@N&QJ_fCoa=STng9zy_H
zRGQ-*zv2J<0YkJO1qW9A8NBfCZTx$Kk{ocj2GsVg|Nh|b9^gNSV{nJGJS(zK|JP3c
z>w5z|7ziB3oA<vR(%)}e;vp2M?x)Q|@SOgSLoUWq2Kb-zEdS?#Au%nF@nh75<Nxyq
z7zQNe&Osk|?DoG8n1PZ4H1Wye@&7qTG{s&iR(u@HssD5T6L7%Nj=#%4{MR}BYj>7n
maE>W7H3|RwfKiSNyTZ*O&tp`(iu|eIpRs{CwnEP}=KlfKDI0zO

literal 0
HcmV?d00001

diff --git a/Documentation/services/pcn-k8sdispatcher/ingress.png b/Documentation/services/pcn-k8sdispatcher/ingress.png
new file mode 100644
index 0000000000000000000000000000000000000000..59aa9b2732a9ac2887626ae72c7c08ccc89e15ee
GIT binary patch
literal 63865
zcmdqJc{r49_%|LA$y#>Vl0wojj5XU}EMuLqmVMtD#-1hn7L_%!Bx~6tvZRoZtq5gH
zM2PG=?=^Uqp6~Db*Y7yqKi=m!dW?JS`@F8}JU{1t-Xb;B5M(5bB&SZDB2!Y7(>itP
zH0snT{BYtk;EILGd8$*Vi0`?}>$y96S=l;Rp5lbUk3Vq=Kx~}d+&Q6goB{%-E-ri)
zwx-q?Q%5&GCrfv534HJ9Y+-9<YiV(Oj{rnK;5r0$T|gAgFUSd%5fTOe6BOkWg+dID
z?>Du!bUGm@#0LQcxb*n>xsSiIbT_p=rUSEZHrBMoIJ-gQ>^ybcg=B^0?T+v9u*A68
zIy)WT#xKeT;RCx6;DpM9O`q%z5VbwokGGDl4;+gT)Uq^phr=~x%rS!2$8?-b9W9TE
zXn-wU=RYPQtb?(zfGG(oXozC0keW``Dl(h`vbv7^PNG6SSSNL1eGLm$a7D}67Nw%4
zB;e&>=7bRyF@q!I1Yv42x+r&ukB6JBC<-MA#hP&nD3~L?`1M7=6Hptth@}>|;$`K7
zl9TbY*E84GRl>@e8n`%{slxSyWIfS#cIuYON}g&i{K9ZmCnUn&L(tyV*<RZMA|mSM
zuIdPP(}!!K)Gc6UN}kFp!kU)KHa?=RUK+Z>YBE*=Sa~%VT3#3FEU2QW4i?e|+*J^S
z>si=33;BSLvM_lw4XA*RwFO#9!POG2psV4eFDN4FBn)?R6_n=}67*IULO2LJDyzvT
zItam#ZjLaR5Jn3vr=YIsu3+zJ0f^`c$oZIhYj}8pBO!DIwB*4xDEJJ1$O%|tt(~Ff
znqE+}oR_`^xT<2H;3H_Jss>k7@Nt03d#H=LDk!=rXv*uz2|L+f<dqy{^gXS-WNhr*
zT=gyCBKmHM-d=JRn$9Y!-WsA%q^OO707?$xVvdG;sw13qv~^TeFgi#%0l2Id25dpW
z%v>1-ez*znYiW8qdC7Unc=!mbdTClK%E8^O(GY7rU2|ClJ56PNhz3RlF5qox=D_bP
zqiA3ttA{{XntLlk;hs7$QJ5wItLdUAYvv)NBJ9F1;4Nos?dS!!)I(dFc{(e4X(4T`
zWz@Y55bic8ABcw=O3w_U%rC4Ug4OiW67)tWxx<iFXh%;45m^H_ei>&|FIPJU1$|Rj
zRemJQQcKeUrK=;P;c4rn=892tK|5&jTcK<KgKTWo6ipp%Q9cej2AV<$A$J8hK#i=9
zx(LJpAt>l*fv_>fTB8K?up%-@ZCxJ&TUYQk)I!C@-3O~-39(k!QS-La0P3k=ujDMJ
zq5yHU^%8bNYAZsmgiQGnwz`gLNC8hZ6*YZ%n6?s%-vR{_byu);@bH0qDr&;jm0XZ^
zKEkqs5HopMA(*F*y)ME7>1oQZjN`7Tx2FX{UC7o=)yvx24xu9FX78<LAgBViV5ebj
zt?DMDC5X}$k=HSBly^n=pwMtpEps>)rYSE1cfp}gOO9VyKt<62u3{zQq-SA`g(=vI
zxQn_wK;30D9rbXilu>bW_VTn-H*oS+0>46F!j_JjXjvy2OARk|Yd0H&kUYPLq9xo7
zVrgrqWsCHNI=Oh+yNjX)Ox*>+8nTYs`Z{t*2LS<H97D~N&=`IUznTILe&#~<$_|d|
z7?>rX4As<@Q?YV_!4Ya!c3$>^9`>eKd0Py^%fdz7%vDZN&0awVt|_b{=cHus3fFSc
z#CqEbD#1iCD1?PR%o*lwk5z-1TIlPU!m(~XP!CyUelvYV1&lQmDJ&>t;O1?uA|&G=
z>SO^`2CJD_V+Fkg)zqN!UPu{TCvz<uAzgJjQ+ow{RUKIubt^A~o36FBt0+dxS`nsd
zuA}7TqN5`#tEZ{0<B4N0;0MB;-^~+czz>Cc=z2k9y|le;bycu{wz|8p1{$rUtE^_D
zE~94!K`7YhxByB*dd_f!jgpP6gP=atOWPWN&jHS_3{%xcnBy#u10010wDsYRGCp$3
z&U!A2GW=K+3>?Z!!A)Ju&c)45#KX!NDR0WJt77e}rzYesprfQ9s;na<kMtIF&~R}_
zLa_P@5Ue)B+70R|j4{;_h6%u&Trt9q{CeO&9UV0Qa2Y*S1XSNf6Rsj`qhYUs!MLiL
z1FI|RZK0tltO&94HrEo+^n`c|K-D$m`4!YP;67F|_R0c+SQ|YR2TLy(b0wsXshO&U
zf|8w!g{+N*lDwO#uBLz)L|9o_Q6J?bVy1$EnfoZ{s+!sfIXHL-=x92*U}P{zWkqkO
zi<63-Glt(nR8huG6YDHuhStQuofQOCgpjWC_R5-i_Hr;CQw5Bbu#YoJ2(2V<4s~(V
z71glT_J+6sE~!D>VGw<s@sw4uHuts?wy<=xv69unYUrXo`JJIydm&+YB~^2MjEgqd
zqPY^rUBpuviS`me3pv68W)VnrGd*EhZLFe@o|UPpgQKgHy@R<j#?f3Ku87uFc2#gj
zpk!PSXiJoff|9eY7F56yET$!6=i!V&X$hfR%)H#ywA@wo^vvuW6g^}Ov~=_!I9&k@
zhuAy1swxZWA;1$}?kGDgm@v}7KnE@a7Zi2G+9;_D*b7=Ab)7xje1zq#1R*$`KnTI*
z6tEg@I+m6?z(xzA5vCd%Lf{Jnn6Qnytcs?iqOiK7x*%9V*A$B}cXL)3auJksl{0fe
zXv<r>!IXrcPHNy=5jSBN3_J%u;(#Qq>*Fq{<gF!R0kJ>6>WIXBr-Wl8!T>-{7HTQr
z2?bUKTyOyYkje--+)sX6evF5p9B|p-m%qIBkqZaEpM)Mz`CD_B&z(BOc1lT32JL0E
zFnabjdSH_1H|w+0&0;)R@n=GHZd`Zt)=3)f)G7Xu+xq-=S;9`T&ZWGR8q=ieLQaEJ
z+s~aJDt=9OW;pg3*+yTFlAX*Ve&0w+div0f&y=qK()qa7(|_~O`w;mfW7^kANUEoH
zW=k;YTs@aG9*IUEK6Tb9!lRE_s`!$mD94q_aPB|9;ld|H`BDDo_96Brh$RuDbN0#8
zCxn_Ht=9jdiTfDH44(JMTBiMDwLl!vGye}0&0-H~X^|TVINbM|x{na-pUX)Tv+ll#
zOoRRU?Yy(KHSyw;TJx`$<M;F{t=J)u-o?f{hx?neUtiv^v$OkhTfy9%gOQPOVrFLW
zhp+c(LavF&fMa8#iwi<W;<7<Y-!Pq9A2e>OTWWk3b9cb5b<j8<Hk{R;zOb+`Me@$8
z(VXv!DPPJ=Pv;?1?~eQLb}jCBa{xMqI66XO3)he7+-}k~?Jz5EGJzC4;jqpd^WSxJ
z7;oG!*tvpCImHlG?KEoVDNdiakoP_If5<Yhj^G|C3PYP;R765V!P3&k8t|Mq&UYe+
z2x9(@G}l{zZGZf5pLNW8hPmb4yU9KTYwK)ZPGTyXx3Qukakb;uFn;rQChz0fz4n&d
z%B{K>Ei5cddNOW`%%r>h{s8TnsOaQFb?k0@b>?@Sl-v8=OaVzndd+5sCkUvoSDF{A
zQRlJvF7W%U^&y7J&BH(DD?PmOt+GcFZfVKsvpyHfsgg7?;?|=bwfj9zimf?0y)P;{
z8kKbO9;1-*S#t#6s_*u6aw5$CV0&hExHA8vv3|*(ecL_e#MFYPPcJ)+)KE2tk-;4u
zug55GtgNmkzFv6(;O-)T7sf5gdZIXFXD>44(em9UW{|Zgi?6&XF!7!tbG1jx*!$%i
z;77~HT$Mx@m!6xOSv56V1rRJ)k%N<yFxkk5yK!ss9A`Z5t!iW~5dFCBnCZ@sH0R#p
zTf&_2WEVv=&e|OAF9q;>Ea>@dj(XNi+&!nZQ;7;K+}ZKTt$!0tWIo%Qt?av0^PPO*
zOVzm^$z9&Nckd=l2f)(E4i7e8CvJEyjWO#Q->Ld&JnS?az|bP*KI<ZaY`65~K-_Bq
zP$}3OJJ{b%-2M3RW5O%{?P<CgCSmd(sY8h{3RZHy)la=r#11@!5^{m29q==EyG|^{
z3x$axNR`v5*uqHd1<VDa+Mv6n5&|)|u>;!5W$`ivU{&S5bF{oo{e`GF64W)_l9o}=
z@#4LD<JbN*+dtA0Q`3If_h!i`pYooJyh_Q)7_~X(OR=&!#c3VeExGG3y{W!dsrFcm
zd9c`AILqcBkQ5<685SP?y-Ro;-H}wOwBoZqpv%70+0pU#mUBaHy>XT2k`Vy`0hd&A
zkXHB8_MXm(%hq!xb&F#4%kP+Krju?Z^t@*fXArbxeN>vC>2I(dLmEnoD)z?TW+2g+
zP{fIo;@{$&T8Je@cO{duVN#6-OAHeka$dc9)m-<fU7wi&a_{z!tJWotPOBi1F%?fs
zM6=!tJbU&marnu=Gu>;Qc$Qm?5R*WGYnPK-u|Ge`7w%X{i6`lXJ>d|}ikC`$Q+j82
zBV39n_!|+cU)Be`b~1L0uhSJ040#r14?DM~J`9&9@9n<^a*v3KLGN%2SK5qiYb?@o
z2{*(;4ZD)pA|oQCjf_~D6T%KeO;Fqu+(4T%1kO7UofvT%{I)Re?Zx<XeNh+^yEwv-
zd>a$FLawo@GrrQm&JY6hwa#<t9fNgx_6T36|6E~y!f@dQLxJb-Q<)jur|MK!1_y7u
z#jY$r++TRVqPEuEe?Rkn=iZdBD#rGSpL$VN)~VH*9^JPIelJz{`s~NZe!t(fVB)L)
zEz7x=n2^AgnYj6$?aFxUgQdvp1}_R)7hSE2XeijEWbsHYasux_bobcf0Q2}ctngY%
zjcn?#`<;VRKgd=du$!$+wO=Jg36Hv8=oXvjmDrwo*fBGms)E`038bl&MAEqSQ6=T3
zFU;@Goy5$}X*bLn#ct}yv(}~cD;=({@<~vkp`j5`QCe@&ZeOR7pFgBR6HQ*&4e(5-
z7cDF-G|On7;jE<!^~-<eeVSyO@3Z&JW1?-Nq39cp#M}PEU#jdAV+9|TuC2MZ!W)_1
zL2|PLD2LD_UJ<976T(Re(qxVurcJE0eRD#(;VS^!M8j>1_;@Cb5zp~EkhHE2zJRW}
zZDvtumG`REZQoy2Uf)9L5>8zbexg@y7FzK^%_)tqIV%0<{cp;AHxdF8nc(j|OVrk&
zwY%fxgN1L=^75e-Q|f0fGCZ&-c;J|<Lb>_tYrcb=>yK1xo-{>4XKD6;gZ8VLTuZl@
zYtu6K8kn5xHM!v|r0MbTSq{qV!q2zno|QuU_q;4qpZZZCyDQo;{)hXXxfhLa@Kyr?
z!1Aykq#ui5LI&UQEJ`5ZeJ|U~{e!RL2YCd9wKO$;QU$pX&N^;k&-hApfsl6JsR}94
zPR`Qx`9anUst1)u911ZSu+aEUV)c#6Y5+EG(F>fxxAgT>&o4|pPe|u{2vx;A^Q`@;
zfWcG<bY8YDpSl+!;8o?`oj{5b5)$eNV~{%BtE{+FPpZ2jDT=ykIK}BHmVj-~eTebk
z6%iQ<R>)8VVTFVyFgq6zp^iA43nCH`88#>srN8mHJ||;D!fbi66>;6oO;(5(hp50o
z5(v`!S8wI_BR$UY#Pc3<^7E?~s6!hWl`M2z?FoA@Be#4^s*R97@1n59*%OtIqmE}1
zd~fNG@pY}`RcAq76OJY(C0%>JQK5;u<HeOGNNyFCx$mE0Q5>a7%1VT(3CEu?Oz~L=
z($=wM$mow~r-_4rK2O4oeu(&w%hL8hdkvWQtCNo<auRp_CI%KMj{XenL|0BO_dWtR
z{Hzf3EBB9>OF|a#i6bm1_OC$hIR5(owe3I>{DG>(l-0%4HZ$Yol8ueO*KK!LC)~CM
zC090Edi<si_qW})8Mf_NSy{KXcbE_Mb0j&I?q_aSKId3s{yZZ|<I~1-Bs2uroajB?
z&=ak{7Sww9D5z?@3*qIJ^|AEbyVtJ<*XHxaZGLX5uMg)09O%B$*49DR*hwxn`aLM&
z9R>zk`ZeIv4)d*zm}4R)FPl~~k<CP}rGnKS%P#Qc6bmo*JZmYwnLp7OfV7`4-jl!q
z<|Q!%SsVH|QR|o=61OIX<MJnS9`_V7<!$Ji+Vr3=8ww3nx(<oqWD)@Iv#j|S3nxT^
z<XLkk9vZ61r3e(|RR#nIg=GrUnD3}-7OUyV0Xxt{1!RO+^SW_tcct_3)dPNW!G3w4
z<>#LZEj;ZlL_ap~8q<iWP}3g14i4cA4&lS3xe<PRhzWuqLZ+*el?&5zVTJp&BV+cA
zi@!DtF8DNE!tt%f2=HzF-SeOmzKI5HFG+<Q?kx*E$<a<vJ#RYKeePpTTIP=oT38DH
z*tI6ebc1<M2I}~%YFrTK=F?l3Jaaoti)cCc(u3~bVg2zQ7wz|k01#aXi;R7G45ET-
zkeSitExU0$s=T|}&$gtEt}nitJv%b6$v!Y=A&*mli&Q2l7`eF36Gpo8#2<8vIE=og
z)zq{LD-;{Kvy2?^9u5}MwtNY;-T)Nfr=#33>oL*;FA!KYLTSer15^eeiLZ^r3iWHg
zf3&!|7ATL~j!OgB&U~ys2yk&Imv+Oqb&h*m9X#J#p7RQd%Gvqw#xXf&FrAJGiAUm<
z4{r9nC+@3yY=}h)rN4aLjDoD+D>CJg>WS)0{?J+`x#{YTqh$lsLis{-i^9pa`)R!P
zitlfgy95`R&IQ(zo9}kF^+rGJ|HW&c16W~#qy5;WKK6v+)<K2N_nLabVNc-UYy+>n
zn;cqeIx|~}>0<wP1aR9sx0SZC7Bc3obgkDcMG@9azt#L-*}`%QO8Pqa0I&rs9a6Zw
zpYg7XZsdCiOWBc)D4_#PZ{W8-L8Oh^#Qg#IeeDD8FE4f7QZvcgb@^Jd#yEs#TF(HX
zk8uM4JpSHo^cMhlAV1e{mDf#<19aV4_sTki(hu$O-6O}bSrsUTty#*D;)#S_;Zu~p
zVi48NY_`yHwNef#Br5eG7v6Y<8ttxt;qLJOx-opV?dy?<0`Yxlw_XpPF?C+2yM$yw
z&;JOz1CwxHU#&T)|Em4$A&n+ZthkVo>gJfrv7mYjn@(SIZfSf}il#taAmV*jbu)Y(
zoj3~2@fyy$zNE4YI3cb^sp!8hHZ^cScmMue7xGt6)wlch$&-&*;E#Jx)8agE(>l<k
z5@9Q{6Z745HYQ-&;9|koBD)l^_^*M8QeP_FOy6fe>W56g-QvL5*Sn1j+aI5{Nr`YV
z!28rn@gYhG*`8XMFb{Pd7<c+M`~R&R@h|pxsD&Khav@QjdmCRM)9+|z1G-h`Jd&z#
z=PW~kbE=7qDV&_MvT5kUHP?b=1XbRb!p~j%W~t--OvVbYD~XD9u3p1=p9x$r!QoSX
zV)3(3L4BPi(uF-e#1y*x$X||4FJww5S1O%)3wi3~@knM>0g9bDIu3B#16W9Bb6HZk
zqq(>n4Ir-`QurcG=ZW*?{Qu6Ik=4oEg5SHUqmXsPX{(V6l4NY1j+>DK<bPz88WT_P
zIg&SIuuW<qp@lC$^z4O`{R|$Qc+i4(kr~IlN5JEKY=M;DKVdwUP=U9WKB<X!pt=9~
zt-&WfsfQXbE1%;uC=i#ddc0jef)DsL1Kiq3oaEsvmqLOrPWy3@=?CeZb99+~##Lha
zR5(x~fP=i)_r2kS_G6Nf16k*OqWz#=jrF(vl2myDVGXh8F6{jL-(XYoYul)da7kMj
zY55g$SncT|vp20aix-Vkpa~yftOuDY&zvCs2SJ#WCkrEdgZ;8xLu%p3f{z4t_sp8u
zzCf3E`5UlbPh2!HQ&Ty3yq%zjB&2t$iTq?&0e;Udd9lu58$xp6K<LsJz(F6;Ux7V1
zwi^=?K?BA&qshi!lNuXK<!TtS8gE4$uC6=oJd2B?AWur8qB0E5Vhfnj_KSLesj%xi
zeEw~gdYI5((*Fr_qw-gaI=|NOPUE&mlYL7IK}A)ON9rV!da9W^lj3Ce$!GoQe4#9c
z;`Ex2{Sq^TVLXS25yqzv4jLhhr_qUp#l>ye@TBHnwsyL1yQk8M@n9;D>Zi<FRff-T
z9<(VEuzJhk1W@%FCd1Z0y`0-tXX!r)isy#fZ!Xc+Z%@R{UL4jw*Ja5BqMjSLQ0K0U
z72Qb$bp7l|!`gW?(Slq-l(o{Z`1#P?JN%1Lq$B;iPQK9-caDI{2P~4i7OmomX55o5
zMF*sN`uk4b<W_I!h+=Y8+qLKS9kS2(B3B)aPyJg9i0B5hmq*$$BiRW3hjxXo6f=aB
zSQqU2qwUx2?dCN7A*8Ho-A=!*?_I=!W&oT7onv+6rNFN})OveA1^rfb1zyBCeTjej
zu*BG(uh}||RW5@4!^20d)wnZj;7-qWa(b>ns^}ZCkJ*{nvooM@EE}Dd-$ZB4-g71q
zS==Ecw19eZgonnSgrEgCdZDdEbhjys{adg1>lqNN{qniWQtO(HcoBXSe)T@U3F_Rj
zpiU7|2RUy#yz74%{_Ta=I{BPqWaF!jGnpNq$~N9OUIdX%AU?}=z^1<D=65)20#*cG
zYNr|TJ9A;MSF+>gjJi<NL!Xz<H{QlEz_8-oUvNh9Kb5yxeUmM>nQVRwR#{nm?WG@$
z>1TNBzu#P2_=s44rOyu76jTk+T%{e8nSbo^XK!aUX0y=UbZXje5G(ld2~Kp!<x?$%
znZsdW(dW*NqcuQ4VOe@{3FjHXlCydf^M;3SFEB02I_P4nRZ6)k-%NeF(E0A*R$I{m
zBOzCoFpyqDEY~hhC%{Qu9yC2<Vtt$JJD7C`G1w@jZ9E=0DsKO~>jTNvs`S<)Ie^Ge
znc4a?NDOhm_C9TzkhkVwdvZ!4XTCeLV@x|daq~{_CvlI#r&LV9;d_+=!?}6yrmx!Z
z10uPBtp>rJRv|ev+j%Je&lwcdQ+PRiD!{3?4ZDdi;R=%zI$&EbS1K{b0tuWsw>R^0
zli%|@y}QTCF3OUVOoZbFEA7a(dJn?n91h(t*g%fj_E+2;gd+LizbU!rd?*gVx^(ZN
zXjN`Tt$g|R3C%Cm3P76`r~tf+pqPsT?1)bq(vCrC8H-_A8{w1}7q)g$ulKbgDXz{m
zSu7NI2<x%pZpsJok!b7#!V`h7UDq(>Zq}~Madqk;4j1z=G3H=t@Hkr{=@|i^{%wWZ
z_#!O`1vZJx{7+61Mj$y_POg5(PfE<Q+_~1cJzL@S&`(-q-83iJ`Xg0bcF<da!y)PM
z1E&bTT!xsBHf)tooR+J0zLix}RPm%y@XQi&FIRPax%mj`+5qV&MA)wrq<fV$t*@#h
zypWuC@9y0i?O?5@`xfBF`+L)I|7I~?Ix8-EoHzrxE1XrSe6p|4gvv!xE~9%TA~Pes
zI#^5Ndt?mFWA8%G?i;Lo`$yo|MGKVg1w`2a)FA=0HJVNnO71O_Nxb~Y?k?7~`Ly^N
z->H(HlC<rot$a;x3|+<%-Z%$>59c=V6We2S1G3&lwN<rsVfg^vsj|t_Q4IN<8Jf5m
zFukrr05oXrDhMcE^IOIptq_P`L~<K?gZ!8IbqM`Eay0DLY5!5pdrK|8T1N%&S&(EZ
z$K`ZLo`?fY&BZkycZ=2ovFR3r7}#k8H6+0~H~0B|RO{z59^8iJfB*}vyB?j;e?{Z9
zw5z*3nM5tuw!?LYSE4uK>kY+L!#k{>9W#gdaZmia((Mw}WbRDbma)<msLnA-nmkck
zH}0ui%Nv4YPd?7=%)Ku&#EAsZCnH%)8(<+Li`_C)C_i(n=L#;ovq?MEjQ(1`WqZu_
zqZ@G_qkza+3I21@1H^j6LGNyzZ1#jMSZ0~wc!|I7Hwg#&#cWf5lBwau0~X7|;pnfA
z$3g?~;QtMxHu`MlwtPB{TrGyeSh=|nJ_{T)v+M!p3@L7iBaSzvfiPL$@w=RF`G%1;
za;`vxfG&kf!{~17&q#WH5rxMJWk+2H9)O`j((btvF8G`us;HvQL3unWgHcZZ`W_e<
z`1+M~)un}a2Ij8=rt%7&Yx5Vf^Ghmk;P?d$LiiCU!104%=Paht<_>dwdo^|BmU((j
zHWIE3+S<f7+TlGR(o{vS*!d-Ey4IJEB8?0#VB8~f-oj46C4tT=`Vw}T>Iuw=Pr-6m
zPf+27e|3BQb5eGBE7ApL*&p>zkTbj9HaCWOam+8iV3K0@_<|G&1977G?Gx0$J*=0K
z8XYzy(w`<a^y{1PZGv$L=#?v283pCLqtm|?a5w(fT!f$FHB1aws;ro}z#RLC{Bio{
zFIi7c+q{>GkhhJbm(t>;nZm6gZ4PkC$OM7?6`3YAy;GH^7sk>R;mfxCIDctjtJXw6
zqw5N+@O^NfL8PTyo$18DMvqtF^jjYsV+8?|m-YWb)dW}2FL9oPF3yT`K_3;Vo{*jy
zJg3haL79ebiRP`kU9Ub+hbWkzw>XO8FH!>wM;ZU}BzsxA6mP5%ewqKm`t(Le9wp6O
zm^4Z=JEW+wK{lS-s>tjK{`%Wae{fVW@Z865SrsbBxCV~yvU<<k4(xWBT<cp}Tf6yR
zYKQg4O8lgR-Zj>Wq_jQC?mpYR@i<k30!x&h{a)Y%5{xwO^&Um{d+S45+TNH&ZPXai
zM^U_eVE%4|J5up+Z|nCjZD)WK$8hd?^n1_P(M|)CNuC>J#!bE8)oZ?_$xJh|O!9`%
ziXb7`#MS4L0_nZwt&NHxu$Cv#7w<Na%H$LElQ-%7tQDg+9QpQ(bU8eeSQ8KL%l&eL
z*6si+cL&{Y8ivunQuTQX($8vFhqZuYRDfg*7_V0+;`9-hs!HpqRaL;p<Lc%$tj?#Y
z(8qctP2s)N)@Hx$pw$Ou*9a+cQjDS42vjHsHLgHmoK^W=P}y_z^n?(;_5kd1BxRMW
z8$VC0zGf`dPHNXO_cgfUeTLJ!Y4P0EDB&}86Bl_)y|sokfstkbD(BnpMRBbD(x>qY
zS1ZdQP&%@5*8<_6n~>Xwlb5!Br1J9@o)geIF9;EExC9iH4m{Nmb9wiqXu5?m`B@}^
ze3VF-IcwAJK077ECnHbP8y`R!{qa1%|5Lq=_eTyj8aUM3q#q_v%)Q-NhY@s$>tyd}
zQ6Ob`Z3yuNf1{d(E~^V^=&3h0#VrD^vrA3S*2OvUKfAR87zSOyq44Jk3T<wi?A{}>
zbc<Y&%@WiK;R=@deiI|RdYx7-LX~GyKFNS@EPrm4qyKDZ#Zl6Yz&#xK*TZPG*IDFB
zW>@Aqe<iB2^CSd)tI2*|pdqV0Zp8kc8mi5&8N|r!2m=A@Z#i&S^@}vsk;f8pAqkrL
zsjpYd$C^~2H*`sLO)NC<4;VhB!!a`-;6gO?eke}6!J_?CDK9V6p`aBe5plt-)WvGK
zVnwYQew0ZUp+D4=a3)Y}j-d|3OEqxdteNMYKRjNoS0QL%e)WEO5~01`<)WO)FJ8h@
z{?Dadf*A0oIrY*rBB+ARiH~Yld|;b(LtYn7B*`3f{gw*9nB`Rx`_rxDcP_~h5)`1y
zh5OB_q8=Z9m>nu1zb5c1$C!2hqRsP{-=3A0A~qLC?>~MV+Zs)0{x;;SGM&A>JrxsE
zG(4RA8?F@@LB+B58N1Qe41_4*7dRwwY`D~do~PTzq*k1h`c()|RdV1n74*3p!q`w!
zBwI7|^og}>7P0ndJU#1kh2rNqvG|?IHxOD{=W!i?y`A~e-^<Hy9tqheoEoUI*IgKE
zU^+NBaO6#7%@4#`tb5zbPDiU`1)>OxiX0Wse@%BDxgFC%?rK9y;c2(cyU>C!X=zE!
zEnsdEa6zEeWA2^F4T=2DU{=a!DM}KnAE5Ws(xTNRw+TSsgKTGgKK%Nv>WS@{%(l}M
z5)*HVtv{{tfQVx7zUAv9TLDT`|Hl7vnZ74kR)8y&-|B~ylzu`6?z4+_XXYJcOxhoC
zDypfyBNHA81U)B4>&!ba(0>bT@ZG#5B0~TA@Iai!f6LTi^p*DZuJ~fj>D8Gs5rvVz
zW&wKWW^{!K&1>a;*Un_1@b&Z69w%h>q>Da;8u)!#01;tD+CAZu(pEZ0nY%X2l|1V=
z!dDoDn8if%HIgRFq&52R1gBVAp1hEYVdYLTSi#f<`XPAO+3|?TFE%v=onAiJUAkt<
zb^W@kw=)kvKNS{>rH47tdn}GbIyY{gd3Z%t>u&Pif~xRnNKK8%ZO>6GuDkI2tMhBq
zcQFiJpm#SiCJd8K15)^MQMmfi5gOgu%3M)Y?;_!z&yL*2Wamz1fKN$q$<O?Au(YA4
zmnanMIg=vc0YpY!3~*11MQD#iaO8!nJYA3|&$H9K58Ex?)_bo)uybfm`u4!f!o?!{
zYoG2XClgf;$Iu!3QB_*^yerVmDYNOjln`n8c%>BcGb{bqq&%K4u;>e#-)|mSIcYp1
zg6jR-LBQGm?SP1szZVw~>;2aW@eEWv_)Z9#?g{Z|4UNEX79V1P+wJq9;q-QH;MuLq
zyKA4+TcxbdOfx?V3p-<}KW>?97zX-|G~e6e=+Z1O$w*224G<F!&%CQU@g|P6?{5^K
zWc!o9UQ3fjbG?p#$<Q|{j7D>17de+wT12H5r4&eezI=aeo)uzp3g-C5z29RN^X}(>
zu5s%N+fOc_X~Z&(>653+cAM$$;0wf@TPI_JalK9&%#sQIJ?6XQoy#Hqs|EyY-@|xM
zO2jV8f7+b<Jqf9aVSIniRtWXfw+wcEJ&9|5l}yi?KUY!b(emmAwm-be!NGBwo10s?
zbh>o94voq~z5(Y7-QV532GtbMa~yAErn~Ke2b#(noYieJ|7CHI4#|gG526bhPMoIG
zwBcTg4gqN^k!d@>`C@|HQ?=PAiB|TFkFSRoPEMMoyS`(H?>q(i>(4I!-UY(|+_wrk
zi~Fbf0zm8fIYv$U@L)f&>#F48o|`3<WLwmTx(wGnU=bQS$tp!co95QH71cWL3h|yF
z&~#n<So^1yb0534=~)W8SGTIn+sLPH7A-aIlC!h3(~G%t{rHfYv-joFm~Wco9kI{F
zxAH$|$jixb$;=n#XUL+_3A^I0v^F5$SAN+1PT|<S=aV=L8$|VSi)-pJae2&MV2`>{
z?K`I-`r2?(W4H|dFJ~RHI&TsQTrC3Nz`Nh2jQ<FPS=#?KeC*W@Kc;i>C->7_%9Z5*
zju?kj*oPcRW{tt>hvpwxj?_Bv+>tp`9u196i`E=wCy)L1jqiD^yuDHrBHf%?%i>+r
z!IkNlBFdc1q(?o~;F)4jrm-VDk88E!Jc^AH8`d92YxUy^JB)n&3d@g<{HK<9fB5S6
zz$?ruf>ja0?IlNEC{PSvMR(fN%!k&`{E6nL?1y5B6|`OF2xyq4;RiCj$|@~e_szJu
zZh)v{73lpVR#}e|=XHLlrjYo1OLm<$9=n;_*=5V2o@L8hqBlant#KKzrQQxI)`wNS
znq2V_L+ngMehqe6_db}V{uzCmlWfZmanq{N_RZMaGs%MitF3rm!UGY5hp6!TJ?Ogn
zMjc&~%1Bk76_Xb_lewa!5Svrhg0~#oD6~NO2>gtT#&M!Z{hK$)QA(FhDWu>pcmKwg
ztlvDvZid2d)1AKi*JL!DCUy&(Nk*6PGcHS-P5d=p!<EFG`ggV=*J<6ihYwQ3KL!Rk
zmbN_)Ft~jy^=59g<13DqD>TcORIX<Zk~R2-d_j@m3JW8=APoG0XR>}I=80PTZ9=Sa
z#16*S5*0y$J)kqX30m9T%WVNaLQFP;&ZO^4i_W#mC6H=m=7v8}_mm<v)(8#ocU&I{
z(yg?lp;0cF`+AKa)$CzZ3Kt%(uFx9;RNE>nitM=4Cq(!l-`aHgm7m@dGt+3n+UIi|
z&1ipHjsrc~Fy>k^y_NffaU%|a+$}^)dxKHSH*}hJW_X&?_(+=e>Vhd5r-IjB+Cfmf
z`RAx!lQ-m08;b9+@R`pQG4j?36T^S#P71r7zCz&??ptaXUbE4-#oiXyrla#c?Xha;
z6}errZ?kM`G*B`B#-{3<Fyx(vAHP2~qxSa{v)GdfCVsUmEPSw+jtlRgc)45uX}`rG
zk+s@-@Vjmwi!rN6e_p`aTHAtnaBt4D%#@#YE!I-{@|kum58f)gc=4h1mbI}2r^Jr?
zsxJPR@aw_v_jT=mBV;~RH2)~Cu{5Hw8nKc#vzBrg)sEBb(Ka2=R!F{iy29l312cM(
z6_?Foemw#4zFcg%3y4v@0T{b0EtHP+?sSm13Wi^Z<6PL5h#s<!Z%I?dw5WuofQ|ui
zCgZi|D(Y?5zRI)ZkFV!?;k=K(Rzr~6+g8iuAE(V|6}xx(`y(SOIo_gW^f^fJBq32W
zkux`M-}}0A#%#wW`22(FXiT^fV^)G|Uk=TCD$~i`eA&KTQmOjQVwx(mkF!ayiLyR^
zjDRlQKqzT{=MM0{jDFruq_5JP=+SPn`jbLu&-o>p@t#2(>*3aXL)n@*smIGg!&7B5
ztu9*;(i=aLu^qnFx*6B3TKo&!5<l_8okKA<`<2-%(O-&@+!~}<C#F`Rnx4r;O>PNT
z4x6s(>4oG9K6rCOkXUawl*W_yIcB?(?HYuduIWJ~g<JmROITSt?KulhV4d~>lQzCC
zs~wq#-ur(V)1vj~xsU<2E6UyU#w8z8KGcr}3i7K|?4io1T$F^yeEK6ylL;rXr-i&0
zgAGV8WX~42#a!CD$ed?Ew0Hr}VcHs77P->#SuRTkS>n#39YwM{yjx1v@^Lr#J~#fC
z)2Ram-cWpjmi089Am>&E`tK!YTZUczy}mUYEL^h_`Ps7>v6*$RVM^<@H^($@Jgc8P
zy+h-{)s9B(4++!J@zaWF7G7Tjp>iKE?JGs`*I-pCzPgn7Eg5VW54-r3264>kD1A>x
zh-1pP0y6H;NP)?Fou?uCe*SOjs=}N5N6ng}w9URp9b9s_1AAs$Yc?5z8OS)RulYxi
z3_25uAjvBRtv9;{8Y!hCJ1R!~Pq9E_q4%mRIxuBLW7&=y+0N-bBQdl#eWyTAU{k%^
zqQqPG)wnS+d{fVO+VJUktH3Kt{#A564}R4pVrFqDjhi#W)Z`1OxnC<%Q!lz<XHJ-D
zN3FQ&Dpb~`YuoIV!tLE?rsZ#&I-H6^J(nNP&0M|o5Gq6W_-D9(z$zVHF|%0MuF1d*
zR*|l5NA%+rb8$9d=*2t@ej!f2TEUgzrRQEg!GxjHZ8ugQzES4eXWFr#`F!WoTH|LE
z{@smkY7V2Xx5Irio=INJdlH(KUOvax!RL4VqE&gz(u;CS9!Z)29m_xC{!HTauT6~H
z(xCeR(jq)uK~);Bl=^)~;ky*>y5FBN#1c|LVL&10)<rNUl;Ah0Xw<dDDimJWF!{KM
zZ?b`_c8_n@Bv`NG>f8Q#s*Z(E<x5DR<i0(Y#B@_{bUlarls5ag&`zxpxAl9@pqeW6
zQzgG>vUn*HI#1nDaeP!LHqaBtyL!I7y`?qsV9Q_qW+Sy}@irr$RsR?@)LtNKRN|$w
z_sh=vF!@Lm*kqKnrP8EjK;yhNm#jweQ-NFxL^slr(sb?$RbE(xKJPa9qk4ry4$5mR
z#P1$m$I_S2mO=);EecrDz1_Hkq^X4>g_^Z>IqHXEGR{6}V8G=g3rW_AxbcBDTv}Lo
zoEDazFDR;J=f=_<)o{W^1jEAXstz5=P+d?t%-L~)a=E2<=l0574c@zgsVStYTgn5b
zn+YZND8Cg@m78}YY(C?oTtbZUjpcl~0t=2`(j3KFW>uJmkU9#8G^}J%y^Q8`;VvC8
zY1Wxn3OJbB`I19A{ZX_wWbrE1qn#+om1LR@`ws&_dKnjEJmtLw`b9oo(XS@eV0EsX
zd^YYF|7I?_Hak8Ixo4O@%-K^dCV=ds?c8Ib>)d-}oo(SemS%@eI-M64D<&|uZJ(Oi
z7FsBUz0=V_c^ppgUJySFrDv9!`A|$DbuB-T9E8;Fkcb8RqlEE=+8+T$j|gv7v8i2e
zD4y4nD@T!>^zdbm()j?VQ*T@3T7jsU8S<X0t=8$TJkBlk{CrJDxx0Rkqgd+$`EUXm
z$JDL@Q_C6ZT(joLH)dhVi<h~q^ERS9U#e}a{$R#SL$K>PNR(q`K8d1MZt~W07$HMS
zhnRbGQ)QSSIa<RK%|PhUE1#n|eK1$%_7C-`M!JbGKc3Z8P%UpJeq+5EmysGpYigfA
z6nIHu2*GRmJba`{cJT~X@+wxHPj_cTf;NLO@6nz8=;(<w>vt_r`Q9rk*^D;#r~~!q
z!;L$fy>{-{_o|=Qd&NU>;Zx-V(*<1hOrp>>{B_eNRV6pVDc1jqrGLfpW@HyT3zGxo
zlFIf(`#NoTLyZh?r?|iU+7E%Ln;1k>TR0;`>w|Q=ep)8zAb*c#^xMf%6rX&sB-s9|
zX?kN?=2D8qua~A{V&^{l55Ks)h?bI~)ecK8e9}1YOEmF<yixi6{mxwhxzt-NCH~zu
z4@WL@Z0~p|Ml4@oS6vX{@*qv;wffjd2X(ye7&~SdQk#z;jATB)pQy1}HNv=`$Y?1H
z_qOFk3f&_5BZ@2J!9{UcP!bquKk5_VkrZ(LH+jp;+(?#h-@HE+bDxw{zz=(GEy!D5
zq@rb40}~dSoP2i30Yohl^u>u@wrawpj1vsd5+fMNLJ1vE8SmwZ%6XhaUgIhIHA4bQ
zPKkzGV>D6J>>X?#sNVMVks&q-FLUwf4|(!S17>osr7a(lh(-&puS*%LeN-|Yj)mc}
zHLiAe{d=v>87zE>CEKwkl@$nPfd(YNy7xAZ3af!_XQ${QDpTbCiogcO>6Eu6KRy=^
zPJnynyuEW@cO-DY>{EoO^R0x<hhE;b((<9_i*`0hWb!~ldPP|Rg6jn&gV?<`CW-Jk
z_J4%m{;9GIV<^e1SzadpsQ>vRtY*`9f<5IZQ?B>Tqc7i?v@giT*|Rdq;WdCV&QHtB
z!xSW5g-yNL@a5$;)|am~V`Eo{KYcdbTQFA3aB}?;%A{d4PpUEqy(L_;M@?8S*Hq>y
ze2H=638tsP=%cx#$7<BIk|x|#XxBSm?`I5o^?P_Go7`F0p!j&osi`S8ks55c-p*FU
zX-@<1<;nmV+c$TiDAn%+_0gk|EUQv2-Pq;L$6h&6;b*Fwq2_lJ3^%pZf0KXS2+bCe
z8l$kjccU$1FYobh1K-f-0QB^>)(?2Bh@*pk^vmmv%pu`KRn0@K1A66!<SUs5#^p@e
zdzF;sw&UOCo%6S&4$fRE38wI;nz3tGSu#LJLtl7BHt5_-Ni`5`IQRT>o*{#`cb;^C
z-h+`OsTV6BjJ&L${WWwks~{a#7)(U*)<$qHPkkX`AAjt3cYmQfA05$fH}mj|Zwh+x
z6h2YK-5>!Sw-Rd5NHqQ!VS27eO)utZNa5iHCI`|B)(Ty8L_eMOx}(0flnzSTwXCSO
zio2>5C02JfM;(fa638Ix&nLK*;nCgH34+rUX9h_o=Kt{T_RJF$wy1csLh&3l=|tT@
zt@uYx`2gsEXM#Y;kJ{jT@2Zo(Bg69Rt2^IbtA}N{)6Nd9NU$TBzvd;q?O)6_72$ZN
zo7%85=y5Gc6*Bp1>_D%qQAgCiW1esENB&QC>y(d+zxk22o(n^u!zc}4u*@%#8pzU<
zYS$T&$%Sms4O|HvTP*i4s1W4&`dsS86N9scU8Zxbar3?HQ#ltu@21ttTy(k>>+JC*
zVJ^<_$JOM;n>Tsr2iHj`!--BG9u%@rSm}HZOd%BC5W}R7e=i+0`2smD7P382)iV!q
zl_#5G21D%Ec${163In<%I#Y|jW){g#e<4nYR^s{eUTgZ)*u2m7_na4$d-LHwx5X<f
zt|Px3@b;vB+}PS5_6g(uMb6Qj;L&#PI%o}t1l}Ig)zcfA^URC*@%TS!;2_%z>bzIj
zjn;eC%?Y^ytkDdQKZ$Kkn(+s(kG<3xktm&WNqMkz)iT=B&9_xtM|XWKT)sZqeIs}}
ze(5$dQ{DkooIp3Cm$S1hsvg@pe!8VXmZ>CN$92TxSC?s#k)K-ix8&PQeCO9Y?Q8V>
zw|Yv85ut??a$Y`bw5M5WYnfsDdT~GP?Gh@)Bb%cv4GAq(gH*#RK*aZZkEm+v_4F7&
zlm_j7ifo&xoa;K(cSKaqDKA?ckl9wk+bsRRFpE`#q1Skv*vY?KiWie&ItO*@qht#A
zc_=c9p3w#A!P2lly&G2Ca$^?jDw#N<C>xeD^7f27v#vjwnBTnj>PljE5v|_+i!pt=
zM3YM8A$;<@+2R67`Ow{o`4|nq#vGRYeBmzQ;yW!7AXPAFdCT*BdvZ3G;!$(L-iSAa
z?nHhA>;o<PtSeR6BMKHtkJC{}Nnldg-CXXgz*T}AS&M>Bt<G||gF^O9=j$5cMsF)5
za_(+S0>Mqs0s9>=j69nC<HKLF0wWBhL+l#bj&Q9xK8L@{oiB5!9Y-+0DPbN))s>LS
zEfGlV6-Q@QM8a1WeY!gL#&(n)_Slj>wLkL?Z&I%w{QhdKBj+vp&~5)d_gfv6!SnzF
zh-2(@0SMx_YYEC$XY)q)-gQ7OcX<8SH$eK;{wPT0u1y<nf19w-d`SC#^DSdSbvtLI
zPlMmTLI|RjF#0sBH7{FSIit?}J=l4<c_*mngDLyd<ixoC*@pzfEn9Ww4y0LR0=Z|1
z12>XPq=z;01F`0qb;sTd+OL(49pXw?&!K|(NSl1)n3k8TeQrz5&q4-t2`Y6DZ_qC}
zRZR}`+#5^2y;yS9I^$lw!52ouZr<xJp-5Gh5%Sd~^0z|j=t)#LsYbFcR_JYX*K8_f
z1Zb?p(~rN(VRN_5{-lOeToZ=87vdfcqJ*GR*J|B#7XMatl9_vl8ujNhPwMYnq@<h(
z(Yl!vk@Pk}0<PRGsrmpaZFa>bi&%LnI?LSwgmzNyRGoWva*_rxNqVJ00-jrm>iXC<
z0Vz}jMI#Lq-X){5;a4-%vG)Yp`gz)Tkb6m3^coTvQLz~RY+Dc^Jc|}FFEX#W;s4e8
z(>Mca(xKqEt_0EyTodve0|o7^Z|;C~`45Y9*qRgU`k#YFx=U!F#PdzyYKTclF!Ia1
zpP~tLN_!9(1KQ`N_Y3Zw&sHV^kXCk@`rY3k)8UOW-skgZydeHNG=h0+N`bs@Gl|*X
zTG`{!v)sa|)GK+;pd4jX<>guQHAG;FMmWRebQE@6Pt#x^qOSG)+e^#c+91D=6JKr5
zNafzn7^HK9mzNe$6<+#KJhn1OI)wNHPq^NfMzJ;Uri|N=m=D5{RZkH8=>or*ON`O0
zR{wNq91!Bp{B3Eb=*R&Uh}3BR=y&{@`Z#dCBo{)%I~M2j%QWZwlZsWx4&)~()^nQG
zg0C?KxfSf8=?xEV#dpF3d^xwi>+;WYyc9beUrc(b5GS}ZF<dS~?_zZ7OJroj;ht7p
z`!)M`?8Me)^1@k^<Xy+E%N!+iMC%>Qr<eRUN{6`{Lb>6tc)X&!5KrYxT36jQH-k(a
zoj}VK!_?4B176EUzQ+eq0d5kk7G*q+z54IY;zv*GVeyyewi2nEHR8kToMYcS7>;yu
zreMk{0hOCqW8KeVO*>K_@q${8h9NjT7E@XT!F7{Rp5H(>i7S>m4IL8ZqkTB6PeZ`N
zL#g>7{HVF<F&iCu9u;0+uZCk8y!&t6VP_jp<l*KHdc*daYxzlFG_JS}I-(1*f}uQ;
z&U_Cxo|s*y<&<lU{@$I`Gaoi~lfJ*fW-V@>2QVFxiPOWjBoNr(CK1rIN0mCcf+7-P
zD)GZejp;Twe>4mJFJ0@(Name?%4~rL6mg#qvT7TNaPyWP+GOCz1It=aNZ`RwPt^)d
zO}zM@#zS8?e(`x?9<ji%y<okBq=;n>dHNaoASqC$d$G#}rcRGNWgrx6V}$qLX83|N
z{fNXxmRk*fbW&Kps=+?o0lQwT^n76j=B)|6rH-b0x{<YsnTh9uitLykXnC4`|6zvq
zh=7}Wi5PNa5pN|VvOj$v6SS|YcLkPA%#YFMVvS8Y+JnX4dypo6AA7Z<g)YhC*O$Iv
zd?%Ve)7tZVIeo>yOsAcw3rZBc${B86z%Rd)!*u?8@aPb|PB9_S$m=m5&)#*(sd@3$
z59eHddw^@s0r(Q7hyNInD9~mMJmng7{l*eySyb>niqyVx!^gy$xCU>C=UQ5WyB?@;
zo65eVX-egO*;i=>N?8oxyxkfW3?-C$4U(+ww)$mZ@=wH+LwJl{(f+AiCA%HnqQJ^_
zZ0Fe}0y~=|I1iHa+m}Fb^1Kf1oZO#PFg4y(dGEV{*;{P9qE;UsKZxi*YbcSe<PdxY
zutreCCIFWDH%?@w8?R|=Y6dkmN&9Ft<@{NH^me~BT!Z=x{Jvo=Cd<!TP~%PN8WWen
z-oM<D0OJ0~s)E4+P##r0AAaCp+i*VjK1djPHDcETyJ!M@f+HSCto@?7i!6s5BdHJB
z!qr2+0}}U`UOgiS<MwQ?1g}vvaRanrNI1@E>YIG+0mae|J~>pu`8utY6&Ji{`LmkK
zlOpBQtFN*>DbAQuu=1-4#hEIjnz3l}e~f!7a6OE4{}cBS5>ASaFt9jF%xC54=LJE!
zt1eb?OdQOD5r7xLfBG&lsy|af_m9_pd2$rYo?={~Fw-=+^e&FtG?|X@_GQ5TOL{a>
zmML0zsoJ2dUUDIxNgb`N9hu|jl@vFhpkHC|M-S2UjNJ82^ZDf)e0QBQ7%n_~#m2$;
z#<0tz!3dDb9era3;>@A)X`pzZ!ar%ACHy~dUo-Y<wtWBJP5iNFfirHyxozZ0-Hf>4
z0nhR;B1aQF%tv!9|MJ7BeFfjgUe(&0d5GV3-~&Shl%V$uhFONX$jsKqa6{UoRJeHe
zXdg!;ZczTKFy^2|MO2<QaL%V#i>_D)H0p7aG?A18%=<fX1!(?f*-d>%(75zBG}s8H
z>a@V?K)*LP^N9%Eub27Uk$mu}!h|eZ4x2!%U4QZXpJ0buE?bd^fL82uLDue~bqXf)
zrhOi6AR1gDkfY7!{uAww?CP!xe*U9-p3!@`ItU+R0gG_lagKwMZZHY;+w9NQnGtW_
ztCHPg+kOJ?&!a8sn$ny=#S^m(HOQJ1&S~gh22&0hr>yh(E3H&Bt{#o7fN2EK^V4MH
zh7}T%t=B8Os*|Uo0Yfh;M<92dbwZ-E>Tb2{aJ!@fKjFbj0z&Y6%(uWuBQf4~2^zd<
zy0=#o%Fjx?L^HJE29nf@bA8lBq-T~|Z5C@=pM(^6x!xYcly`YAv5-FU<C4$?%J0_p
z1AW~*MJ$mr0MPMz0SF@~D46mqj^=l+%4%y%M+|MNhwwP>!Ox_rF7zf7<y4*TY(e%n
zJ@eiw?}%f6R*4%ZAQz;l4gLE?&jsKKD|%u*f8P3YZsX}vH%njL9|J@oN=DSZxUqJH
zGex0R0)JWg<9rB=8xv~HSeu(#@iCfx*Kq#0L>l{tjrY6El_d)J+C?_}?F{s<hXYNc
zdcX^7-2V!3mCM&k`DLYuKJEN%-``U&$uk6RFHUi@68krC;JQH=J%a(RutFXFWjN56
zd=g;gpX*!$?+f0nigchOl#pe+md|J|U$EoqiHkqaruWTK{i=9I1!lPDfS8cPEm1MJ
z;hE}Z^kZ^(>Yx_1l5pR~7rX)e#p#_m2nZ<7gG*U&Oi+UCWtR5b3i%6irjA*ljzCUK
z+$&d?s1PM3a#q|zq0Iw(Ne+v6ExD6w`Kg<&EVl$GFDA4|%u)bZ`2B+cAVr6(I1neb
z&KdoCh>eS?NMeuV=bFLuzh(jch^WF}CUxaVe+8AfFF&T0GObcpp7xo5`93h32Bv&d
zV}v!p=v7Q^t>WWkLb%^W-aMPQPyE!ZA)IY7wW#y=#j>N@s^Z9=oD4wCW(d&djePGm
z0P*?Nv+q4~9VTxxY_nbh?+b!<!5<}%g&XgcJa_)B6>?V-JIuHyQh{b?i1HQN(ln#(
z6SlxybCWqv6dpE15HgY}x_)-0i#xm18_Ed^z#q!O2bSdJ2`_=l@g3h#Hq^yeOc!Vh
z{F(GP2+?4yL5pD|a)2KxO7&146nEypnF^h|8P{)=-9dy_tQvc;Kax#+GqIy~i&r@!
zimuJ{I^Eaw&BbqFY%@DX6=z6ZfIvQXlqmQgPX>?_hevq(>TzW&wFoyyw3<n*J;{Zi
zZ)}$8G?a}iU+G=3dUD37c)U6Eu~Qp9mIFs6+u{#<M^bR<Xw0Ik<F2~9pq-dI#^CWE
zBTU5h^;{FVI5WrW^)J0XAc_DR=)a)&I5Rdhwbmvg7T(Z)z;OAGPHg}DDf=gZ;UvFb
zTe65jifw3{(bwX)r~oV72)9_-dYGB2k(tMXTbqTr(sQof&LDl?PO#fQ)mw|G%_lK$
z`1D`}>K+@)Gx&SXsUAcrC!A=yMku+zh9YH^yx1eLO1cQ9N}8cZ?`A($dieVtlk>zQ
z`;uj4CXYw>b|fH2yOxGN8gaZ*F4qHQ9M}J=A3BwV&!h2KZUF1M40nHf<}bDPDh`xc
z;H70@DRGdzpP3m4-s8^B&c@^9<SZyIUN@lgNXK9Nuj3#f*c%{yrVZwT{?VG^%vKD-
zSnn#~2zY6An$Np!-ZBL<63+?TDbG3Fi@}O2DyX{;NwqD_erg16;S0O{Kt9dOD;i<c
z0i&Uce@;YE-ZoK?_C8CSf7PsIg8mW!)>WX`9~ZyBIq?G%1NbsBGG!5NwvS3dK*+ql
zX%ySsjcSU;XHan~w}Z1UzAEGZNrJ1nik=YR3miNimy1>B;$$rjqCcbSWhQU%k(rW)
zsgEC2YW@8AGey8MN;j=+^|&Fa3Jjd%y)*}*lN=~;@SI?enyXI7JS!nSuJPWR5IBPT
zS^d?i`H6h=y{|~y$(BgHI*;qZsE_X>0B<d_hLGS@b+4e97}Dv{!r@A5bMUV8<&$Y`
z8-*-yD5sQ^)I|{&>0xAHW22EbMM@gCtrfi}H1~0~nF{FQm=iuX%P#|e*8u#%0n(tL
zAcB7$-lia!4(O~&eP9*#t0oL%b(}6V%@b}tsT-8S$Bk8UW!d66<vsoR4aL|4$=&C-
zpx~Oo;*Z=No)1fB27Z_;OC@M~b>><ccl$6mxUq{JL@h_<w%^KlEaY>E&E0Ca%4%=b
zDR8EZ-{4HXdqX}XUZG%^QRrRX;@hKX#wfy=cNaG6ib%e3djFlWvo6pmEC6o{hD>cx
z(%ovRX)v-%tFB2ZR>q66VccZojA=+bXDVD{1~mVV#w8?aW2vZ$7hlB<k#QgA0`JoY
z$=;c~)*0`lI2oJjKR;omY^PM0#{ymss;NK&Ws~{Oh^^tHKYW!(ax?CI7?N2-X_kwf
z(fDIry+cDbo-Y~x`tumq2$D)VnxE?H|Bk$;pc<~G_UzIh@u3Q#_fg5ZNfTcHDY}yT
zAf3ARNnlRT&E^DJ#AC<2KypHu6VKb4!a5Ba%Db5IrxcTv@O)z!(_8Xs+_+;!?I`58
z-L7?g`WWo!)taU*{Coa|?ry94HwhQcyR6k(r&L5g76yxSpC4+>ksZE$sg4q)o9rDX
zE;@Zz`P$56LV&L_vM8LMyi+uGQ`XS<>d`xf6W?%z)_yORdsEwJHucS9m_||1f@F&}
zXz#Ar<;c{68!vTXp#>Vk1dpOfIMM64sGT20bAe`-_MDC~Xq7fyAh@`%_4Di<6DF=+
z9Xv#)Z&+b<)GE+`z~(<a$wj`NKKzqP`c1f5nU~I!oYv)|*Bc&DyR50?UJ>t7@NGEe
z%b=7jK~|s-P7&{m-8kv!&uNczJo;nM=wnCS*3q#24keC)<o{vsFT<+twmwi;LIvp(
z5RmSYkd#mw7Tq1vg0yrgNJ@8imr8d^NH<7{bV@h8bHTlzz1jOZ?{%H;=i}|on*TXR
z%@MybCiWzf71k|1_A9ABUuAm{+)I%J+6f^|s~FuY|4x5k6M%M>3T8q{F=|>hWx<Sl
zx5WNq|JhtG`iGSkj2&xH$uvbM*t~}U=s4&LJsU}ym1A@tuGuo**6|c|t%Z2FYk2CF
z*%7o3Lj^XEd|@qC(m|tJgJwbNmMFBVA&;d%V~x-Mpm?Vp^8XtVIontU{C?mGkwKSP
zR1ge;4dFila9~1*%6Qo4bWr~&0zsaD6E{;K31<v1J#~sO^&6`Xc05a26Joppufy9i
zr2dxuK^vp*U^~0F#Brqg8tZaLoZ(+sE!T3*()Z$#|H1UmWc8Ut<(^Bod5Af>-wH!2
z%WLx?q5BSgj+THZXi~0y3Jr}Sjg4BUd7ucy_1aRg4@~z(AOBYL2dlj@b?IKtxpT}*
z-K|i6*rH!WyO4M1uA<HsgS14Vl>dw0tG++yEI0s83L2a-VEJ96)@wAe*@o~l*QbJb
z+YLsnNy)_nZR*VvLgs}vyMY%Sxq$%o6xn=CgwwNvIpr&8mW3eyNGNe<V%hJ%F~3T&
zvxd2VBJN0B=h+JLJX^^+ciTBUH!Rb|w*DsQ@tP<CILZHD_~6=X+W(Ez$)Tg78|=<(
zUWBr^S_Vp$l6Ux0IbNIacU0lzV2FpU#Sl+P@r~Zx*AEEvWgN~*^r$HyzYoY$9xKy=
z!ZBoUpi-+y(AG+m7I7!|l5id7G-)FD!y1jPkD9+MX!sGNLh%0qcT`pSMnf$tS2UEe
zvda7*43GtC1WdtxySz~%&4Tg$+i+&)*|sY2y(@9s(Vq`UnLRC3%Cs}e6l?DUfB1^L
z6;&ba=s)tJfkfxR{!b80ulg>Rx*ry)0B7poT@#t9a9_9&fyVPgZ9zWT!{gRpcND4L
z4$$|c9sGD}?IBaXsmG(~y%Zd=FP^P0(Rmlp`2<PRxlq9e%8j7}?6s5>1S~_Xv}q*t
zOuv-y1t2hJ7<Xq1^EPCoSwOvwf!jG&p`!myi11lk+w2f>Y0=2P+bMD;WoGfVd{^zA
zm%F}?VE+Z`2L$H*z$ELFB(*yWCyV>AUg=&{`#HyENoVuD1ia(RPe;(rK(`_x4#W6_
z>wE?TDmJ52ARs0AFX*itrj<j^|3GhVTUWk87f^oBRG8_dct?~ZR%FollfwMpRo7bL
z*l6dOys3W`SJkLcuZWypnjrJN51u3e?RZdu<H^yVuxGdx{Omt|pR_Z*utCiDFhbbB
zhY4PiT*RLh58=-`>{BGNe;{nQyNX9U7#r)1$8pDF6BC)PCp%sJ{XZ5vf>`uh;j=9(
zDk}WHeCbFR^7{*5*KgbXF`kbYbAbKb+8){U$G={CS0daVzCt81HQVbm{65k~6#741
z8a>QQ&z?2r<fz<-x%N4<5TWQax^YKDL|BijoBRf2s+8y8z|^ZRm}#{iwgYGD9NXsS
z=ZU1>CS(6Kz2%Yp>Lk~bB*8l#g+6^~PZRcv4~c$axeXHsNi$2rkMFRA>Fi!8vb#}F
z)KC$~*3kdz0J5~QvKT4L-|})o>yyXTx&F@>Mkg@iX|EX$ZBm}jD&6b)Ayhm)Nsr}1
z@9e3I8{H&zDbD?bbOox*cJ;k{+2OQw?%})t_sH%6+)_-A1}U0Y1pbp5J4uqw(fr8$
zgLpO*ThX7inQd=gDMLA$GR+KHVX5yd^WuRB3=zV;{*v5J&%Yv3W8KS(Ab-_B58D-|
zq@Y*;kZwFKYmzz78+S_N?CfmXU1>@xs*I8nR4~P=tv{J}4-8P!8_trD{2P(lu%45M
zj*IIDaL%Z@?ngKt7u%e@aV&7MulC>@Xwx*IeAoc+!jXzQYg9sv_CaR%f9=4aYwT2$
zG0fK}#(UjUuM^+Gr#P?RLz1}U&$Kg#@_Je0AymDIoM?)<GRhyrk;QFC0!L&8h@73B
z!Q33Dy$)O!*JF#|XD^=wJ!O0o&!wk+t;|Fe^<BH3CQbErGh@D2!&P^iX-q{smdS-x
z=N`jjGs5+lR`g?yoYZ>bCcgy0wYQOq5{Trn(+i*p+Xn2#)Atjjqco)XV0aN4-yynT
zb;N|W<E$?j*i^N4xSpFDh{BB0!>fXVg3|M?@h4Lqa@Cv*{f|&$=Ii>8o_Z~hAx*a)
zK`F9pj>+8}&L=>$mAC^BZ8*4x(5>Ah=QT|A3XS7Kylps$v=vqM4`20{=!SuNq&Jcy
zEoSM*WRj%gexwX0!J**lIQ^Diz}2?L;Bnk3+JdF2lAABn|Fr+k8RZ!}!fwM!iaT6;
z9Zebxlmg~yL7=lH<R9@65`p=Gkkvo%qqSFyz5Pe}Tzi|=OIC{l&XIe@Yi#qR{E6lh
zMd&=PrS8b^@Nn;_DD3R+{fT|;0$RnKh2pBYR_GA0cpChoN~`%0B&O;IAQsBQWb^)i
zB>m(6st%*Nv@_+AqTegPW~b@60Hiq>xCUU~CW1_GguEY$Y@2t*h~2X+(wV9hV(TvX
zF1Eh+a4Q4AxhhBM>E*#dbRW&qs*}86=`FnrkuI{W?&$3<K)jXw`PMn+0%<g8N(=BC
z|Jv@Sv5BMEMXOvA@vdKV;->Yk-I!mHu8Z!AohBx9*`f-)mBgoY1w^(I59U%V+6z<1
z^hXaoqun!F$7NX-W15JsWF+U(McwLW13Pt!UrQ)wYHyo1b`Mmot5$xF2~t0@ezCLR
zc-c}7#pbp8Rm4@5IH3MstjHc7!*~%?naWYwo6f;&|NZ~k;$m0q+tOg>I5Vdd;v#Z*
zKWxd(WuEWU?V@91egu})pg)Pbr<Cz2QjTnDh{NVMEt?Vs28QII3mC+Oj)Sv27zTQN
zoo;Um&5^3%VTI*X@*3J;x6~o^UDBQ}21^2ko|k)mwp@;yC0$+OhigMZ+(A2Co6t#f
zpl2ntr$;iop>G1rcJqhMhB}-7@r59IzVZ5e6N*YnEz>yTK65VCvc(<Id|&erOv~zN
zLR$W2diGeVzj3K9e}Dhz>Of$yza$N3nHze`Rlvp*r+X#9{_-dh1b*g}?;?^jaH<xK
zoK$uC^d+w^wk`vfPr0ksbuD&~6<zlUtkbe!a?o{?>@-H2^yW`n19@?$o7(AkW*(oF
zetrwU&=fK>R^jE`kZneb=Ee*vzvJ{qF5Z%SlpFCv01uu>wdHz61$kMe<nsvuxPJde
z{^V}K2>@ryDHVE)YLZvlE=wAzLb%y3TOJeBur>Bq6QU@xE_Ht~+o?b3Z|mch2Y3YS
z9xu{Ry)f?=TJ=o~j<A+Gj~M2Qqw0L$|Ek=!R^QL_C5MY=JKySI1yj-XwfMPt!L-H`
z-Ui8<KLwX?McGoZJPljpPuHNn<(P(<M+hv_y~d6_9$lxzwy3SS$Mfne)-sBEHYRbk
zo@Os~&Q+6#Lw+$KHBXCu$*X{Esfx~M>F>_3^vQ=p`>xNY+sLoS>gBXtVu*)3kY|xu
z6denG{sBYFKGD-f$&FR1BCvK);jqYe4zwm0SY3khbeb;I0#u5Mrd&{&crC+BdtUsS
zFLOKFAD{WqGr;vMX9;<<M7u5uu0iPLa@R^qzlSa)+dm{kWv(=eZIWK4NbUmy-+n|o
z<WcC8y<IKYCd06B-ni$k0Hmii_4qTb>c%&VCr;sl`-cogTCr$SN(>g^RLZV%ggK~D
z>=}w#XaKAc0II6<2643|u>!;Iky>lCFRjbUVF*M{6Dn&TDSNJj^e<k=Qo;Y(x4Yci
zY<yIIBS610XT(+CJ23G$?o~C>PD26F;`GI$A0feWP4!#Q3qL3G0Te`m=PtMJGE(BZ
zEf$jwKz!8i#3n)-Pv5HJeelPx%r7)ATbLu6Ik2F-zA&8BpO6gqd$UW!*I(moya6T=
zn%bj3e?E#DsT#OHSKM(CO2G2B^??>&CME#TnB|zy?^_R16AK5M(w$5id6;yZFUGU9
zoVs!fC?S<{Hs%QhB3M#u*sk^XHJ4`Leg61r#{C^~Os|Z+kun2l?Hdg9Dr}2Feq|ew
znv^`<;96y?_1eRu(H7pjeu+2GR$?1EH7@n%_t};HWLGEWB#TsJUE6W7ehO{3y^fw5
z>wWYc0I``d6z#|B?lVkaRzF^j)eSj3Jp3an{LlQ!gVm*yWYB<?wI2_F23kFiZ77^H
zZ1P~DToq>hc&V<ZQhYIx?YQpaBK7a0>Iw{K&tg3V47<>?UvaxqqhWc1;gA@3c>cfJ
z{OF(eNs%wtB}>IHyq1^8D5>9<T%KTE>z3+2d<AtpYC!jy${gG_7<ReOR`V_&`BQ1b
zaRO@{)x}{OngE#F`Mep7e=Ks7IhJ;TPDE2xJaew;m2Fg|i@ogrL$-9Ptg8BF`dz7V
z&lA-5JPAVA9tZN+X#A%ntZZ!2gS4UXT>B9O54zbdpAit)bW_IC{A7Smu<O+V!zE+G
z{*Zktcx5p=AX3WHbqxGSJ7Y<qn~1lHN7OH@B$#rH4O`HO9|z^H>w1~%0+`ed>$|_B
zc_bDCmFcpQ9X9&r&Cb`S6IhGxm@N7fLJFZJ9$Zoko)?C$d?iw)K5oS8s{orsY4Z)4
z`_m|Ii|nP;6Tdd4bD~EO;`h+j1q<BQ=4;t7dAQsg8DjKdii3j&anI=H>dteWb_+5d
zA=G`x&NUaai=(4?=R?~3Sak34`v&Uh%oF@;r{xyCrJ%vM@+=L+kDWS<zO(?|!H;vb
z<NlfW98%Ie&Y+ptrgR}kY{-Zxl-7iHeda(^+j;&wV#h<RI{j&=zhldc1AZWqUiXyW
zKRNiigccVNQA1-Ispb6IuV6-@(FpF@Lw7L!v?tch*}g^KdJk<`1>fm*Na%|hw}U>X
zi|wlDPZdUa;osH1x$iGn;^!H9MYQ|@(;`bT>ka>!0!+vC)k4ds=rB^DE-)W7I+@$^
ze4RQw=`HhFw)S&h5}`oQK<J$T9Dl~o`C#-aO(!K-ms1km6qV4nviQv0GR|c^JNEBd
zW+)wij|7s#`5_Cl;`My^NkV!-<|+G}j>!>^h}$;H_HQ*ibY|;b4}B>O73)@)9>p)p
zpOLBBl@{@s!An=)q`A4ddm@DKb9#RMj83DPKYD_Mr1&uj*~T_!?P9m7(+3eN3cnDb
z>_B&6R&YFnYDlJAmHBv)dd~_UE5gqc`DHbL6_7XU1f5#Z)=;R84uEq{wYxU%&sNy=
zbBiJNej6BeovF5wOtT$ZhFa+5f^hvBY_5R&Z4K`$%uyBLOjHe;&tRNP^>~rvbt&IS
zHOmvoxv_A<yAK?9{sVh_ZQwhJijjh8;AXS;7H5sj*k{QY>jq0-=rfD+6)zvWYRYD*
zPd<f>?o<K-rJ)0~!-0j@{-(lP&BgNtYez(*je(i&LGNhE70RUUjF&iuVLxxfdVSWa
zKwifUV`)qNG^tQjQhdaOdq!_`#*PMy^Jt8bM<=R(65lgQj#agz)SPTT%j9@TA_F<&
zwFJ(Czql<2p+>*`aoE&t-u8r1b5vWe;@pec9XWg*K;-`(nloF@Phe{DnV6UmdcQzY
zIytG<HUG{-SM)P2cOB_`wt3@HtUEqC@HQV(Lb}y6JD<Bk&b}t$aBr87kO&3LSmba+
zx^0({zaXRUCo`xwUZx@|G6JZg<a=~dp*RNB{$@g6Hp*X2Kcm^`_MINqFvxvo!Y6rO
zw_VvLQpEx3_9Bgi?cwi{dY^(pOkCRQ(jAXC6-o}5hD-zC+xUxy3t?<r`=0v|meSJF
z%En(ysu!PRL-2){DNQ_T9X4}(h|ZkB1XR=T?>74`AW(~D{r>G6>c9iO{Vwtz3q=5B
zO6cL}Iqu#J;oT7gV^<Y^WXI|hSgetMN~ph1ZD8{bEvUUdWxg;ZO$>v_%1nP`j>9ne
z@Mc(n;XMv+xeC1q10J?%MfGbrIT+GvL2WO|v_O9;#>F?9I1G~VK^oSo2thxxd?*Zc
zsV;6(2p$WGcR`F-`drzXF3!sJ_U9T_JqDH=&ic4dW`L~|6hlwOP{bsSTubz)5i7{<
zRX@k%tsk4wKEYO;+ef~j^kzb^m{Rc$VEd4fMXIH|rbs5~j<m8lE)TK%HTIFuGi0QL
zxYA=PSR%8jbVc<m2kO`G*W!&On3T%f#Mi_r*a3-ArwMs<M*(@Yo00@O9^)Z3o|f~f
z>>|o=S~&%<fpN9F4|(@vJX6glZ02^|raoePFF*^(4{5@(Dc@-jojDff+lY!;??$CX
zCpD1Vk&>_EF$|<P=#lp#LwL=_&4(9ZUcHxjjF9C2TD4<zq(E|^nyCQ3=hc96{>Q{d
zDV)P~4Y_ryuaA)inKLj7Z6E0`{dG!BXls%1f)A!%*zxPhRA&fBm)J`b@Z`_(`ot~)
zb1~6$ovk>Om5}I9iy?x!ZNnbWS`Q}u@_eK`?$&vJ*1TgHVL-L+I;`4h?tw)G8El0J
zE2&<6D6hzji&*=DfD^DIUY_&zr2vK+8O5CYi8iB*a8?(-y$J{*^=W<k18Kj$&JY~l
z1u?8cxZmZa8>5o&q<9pB4)Mc#vW=w~-hiI&)8xe7Rp0_o&_;$($(J;`Uu+!m0zUn&
z1(EJyDP@CfhCZ1Vp|r5Nii%3Cfn=b4SB+Z;)ev=nK|mZPaaTjc2O4Pwd~z}}`}VK7
zT~S$NfwQd>Llmsk@?HD;wzE~733Zz(20a8i`l%Fy0fKXlJdlJMq|_}lVWW(5s$8J}
zW!<(7nw;zFd1FTZ745e|HPeX{;iO{h+4L9(qkZytHwV@b6*D^l9wy;k`h=@sqJwDb
zh+{up(S`6LamJi1VhnBt>D@}1e9N&T%UVetRo5JzgZ1tZ&Zsq;t@vkd2PeuGS{RB%
zClC>_2OWifFtV=+*^8fGzO?ht4|%g@>Y78*@VC~k^<^xYW7RI2T{+r*!k$31i)lhm
zWB3<(`sOg0-;zow!p5SmsILeR!@O>=tWSiNhY$jq*R=9lY_33OcX1|d2%jRRzD>DE
z(9`vUSz%Lu_x;zJ#}ix$!g|8J;<ajGER@7+luyVFMCjHfuqE2%Rf_===cR<jjvb)!
zoJKXbWM)wHT7ll@%-*`U17Y6{B#&Js3g+4auxzHya@P@(5Qs1oBP5-cqg6K=^pg{_
z4!YG?IWb(5HC4f%3Q7c~3a1+)(}t1K+7DAO%C-jzXAnwf2$NOU20}pC?l9Tpd6WK*
zH;`7sF{*2^E1djjm(oGDJ?gZY(?GHx2Ae73n{zKqr_(ZV`Yp%k-|Od649cWcmONCS
zsw>mC!#6+ANtfp9>K*3^%BP8Lq#nx0R))Mu5Q1204?Z?Y#m>l-lcljSRD4}=Im30R
zNZC1{VCLTT$j4wEB|K~`=CZ2m6X))i7H*;GkxME*mE0g!_NsDH<?PC_LYfiTQU0t#
zF`u^=bH>`|Gx#iHkwgmOe@qR`=e<>stM}Hjhj?+*PA|jNv@_h7l3z~li+q<ciDD}^
zOr6TyxXcgE(j#(+bbqUjlU9B84Pi!r6w_lWkK<oh0HTXzXJ;R#x|D+qqQ`~O6giEW
zX|Fdld*X&+gYl#NaSHZzA@;7dl(+oFyyb6KSL3rYL56i5pchCIXat<^lbB*i3?%u3
zo6a{1{Yt_=qJNv0P&jMn=iZf87|fEOtOX;GwY6RczOlzv{N^V~#uDLi0#s|$op-jP
zAD9%r^{mKpx$s3KvK(P_|6;N?6tyd+WTwIh68ZMDJtTeVEDk-ixu&nl-^eBS(@1DW
z35fV~IjfVwQnHduA1ih9vtq=Oy)aCTLU?7yDi&b4J^57#*C#AWq?4aKAg!Bp39})R
zM#+SQ(lzzD%Ni*Wie1tPg=<U<llI29xCnP^vQ|PnOxGoo{;ad^`jW<T^W>G)$xl=m
zZ@`bI_f+g0XB8pNKiRf87Z44Zr-M3b&P=7Hh3qn%(WJH+a@uV;lW;=>WX(dwx!On1
z1W-HPId+<2lwS*cF=tlHlktu`tUA~!ejS0SOjbe`)#akQofzRRs$lp!;m_clYiVV^
zxfe%6>BekwpN6=E%_Ht63E@CCg92(^9+iVlym-t#)pMo#N?FwT<ji3V-m0B~GYS1K
zilbW0atChOeU35Ha1N={aFiWfbBYIC+wF1<ehf;|RrD;BA`Hiu+$!3cbn=!Ka<t*3
z)z)!zYw71ax<_U!Pc>8m7g}K<1CnC>!6i*&FTY=ve}NYVov%9{d0X!(rf?}}Jt7P~
zfZ&1fL%cs0_n=Babuw_3YBLfMsHUVSVMP?Kh0Bsara=QDVZR8*NRPt)0kZ_gFwkf}
zk_;vE`yB^XhfBH!;WG0d{%)iv;0>a!5&aR<ATTTpkr0LquVmTRZbfcP3g?N}Ci~Nv
z0ka%XCNT=}$;#>rco1$cia|oQL@2^8JSt8ht|s9lvBC(eknsWYH5OF}EOx6<pqamE
z1fRTu*PG)+iBXA+SFL&9<07z|uw=MiBgtYEe7lkKiOs^QeHM>7FK#HG;X-C?lo}(9
zBLYDo=D$R^{6;LPKrg~BF@z%VHLB((p@@<MHUyp=NsjAgH%>LeYZ;M2SJ8jnZmf!z
zwmWb4*ZkqZx+Fxx+h;(D-8hVHbsJrgHC&eth9rB4GP^WOA-m39^_jNh7b$|`3^_;o
z7K%5Ug|Ny;GRjwpg$j>|3?#`o9j|+G6yYwY;r~QhX^cKEbg{UsZm6%mWp*u=qHSuF
zQIm5piZmV1ht?(XOvTxN{8%u`ts7roZC?`Zy}WA`#Syck20PQaMBH@ZSi#82N@&n4
zb2EF4w`hgKYh?B2Tb8GZ1sjgJbo9G=Cda;*>b1nhB9F@qWvFt3t>*1}MPVrxbm8kM
zbCy0;xY5M0u90c+a7;;&(|VAp2y;o$#ks}Brb<PLW(X=w$tFxv8&y*B$&hhi?u9i4
z#jS57(PBLNCLraLkg4`Y_4%eGq}$<}r&RkFf7-J_X0lcA>VQB7QobSe@}!89IQ&m_
z7D_UCpO0Iy5p<t`2hW2dyTTNXH)TRa>lDF3jX{pV%NpX38o<$g)GFi?w<V7`M7an_
zxYRzkjS|Ie8UM=e(#bARqqDL?^Mwh6O~N6n9HQD0HAy*!C(<mTk-n9Qsn1{*6oQ~B
z=9S24H6AW;mW=S4+Y_>79VHq|gDaJJF=6-lJE`}3M2ktK!0wH~+37MoWvw^vlZT7(
z2=;J@r#@biya9Y_{%bkUUU|$5YPpp-lb7)SZhI}!ya**zQU{rt2PTTGQr@Op>g36k
zNvebTTzw&nuzvtvL>EFL3p_;+^a2s`Wf3Nnkj&WXwpChV`+>PCX5%=^);HihULOHp
zOHp<;Vs1!_QK725T_i3?RuB}~9uNY58R#{gi>|BV57O%@OoaaWpDs?v4!Q6#5tN`>
zXdj!H+a8sL(*yH8f{J?Gz_t<xd@n2Q2YqRM#>oeX^K{{HL$qlyZr(H)rU9>G)<KqK
z3~8<27v4uu{woi!L_l6Kulck{6wkxtFYvH|UgynZ8RqSScuNIjIJ6SxfAFAI-3YPz
zB7Jx^;3rI_!pcne_(Y9>L|tS#$JD%CIaR)sg3s$fg|76<h^L*#$S@c(3NPL~aqLo8
zkMN*zU0!ly`p)4v!PgO`&L>p|k=C2udR3&O3h$~wr-6wnZAt%y9L5R@ftLAGaW(pc
zPRd84gI|R*U&9|Ds)c&h5z`fOzSV%hZoBRoma1A2bSPPMpPlmOJCP?IPX<$4&zLc1
zW-Y5th6)Uwws4an#>IJUC(f?n?hCkG=wBGya15Y_jZ$+@Mty;=mu{X#i=L|ty^8eW
zM5wOYq0OoPjRSXXKe6{HZf!#71?$+(oRqR}U93`e-OltxM{!qm`X*cQQc7Z{@Pce4
zS$L*ow26SbVZLq64|&VK?X=31idh@Qb%Tpa4vyTv3KsMTLh2g7{p5{>1dsZm=r)z3
z7IM6NBQv2O5;<C>B>2vcxj;r`6{77T$~Aoc==Z^;%BwwNxD6#Udk*DyzTvc`OmO_W
z4S})AjwH<$D`(3KG%Ss7XSM^5b0VSo`ue9JMs{HsCJm1pA6H2Z#9ixya?@xCXQ|{5
zBafwGd>@};v#jisj*ojB+p&{fB*@&P@Lvjg&Mus{v-^WaVQN+R<$e{<_mbqiucd)i
zO(FU$!px!fiSEcF`uxJKN~G{0Z8W9Y$YJ_8$OAJFcgKIoM1nhk@Y?l!dkhS{m?-n4
znPD?RFz4SzY3Y594O8-RfcX=st!W3vATieu9wgV1<`~LGCP`EJ^1wFKKq<^n`*Fsh
zUL@C2^1FIp=`5p(@#h7BlM`-p?7Z)AeIz+Nzec0urW;;86%a=pA1dVhz^>mhYO0mi
zKjWh34!7e}Fc-BsTqycAAyswn!%otGtB}p(Lp`l`<Bm<=!)XKacip#lYIEbhtu+xi
z5?KwIB~EV%3YZk|vQXxGIqDiIK7Qbrrb480vCEubb5Ov;SW9TIF;Mz4!_xp=G=(sb
z8A-!t6U)KL$|UI6ag|*_V%BxdQNCKw6fZ+rZmUl=Vb5=dXG>MStiSke!hEvq#Gev+
z%QXT5pWHd~_Cw{PFkYUVvuKqHqL@mW@Pb0(B9T73y*!221?_t{rt<Nhagk9v1XkM@
zzJw;&TsOST(TRQjGGrCvjGg;EdCz&5fmUag3C2_R9VTgnX)s{{z27AWKjNVeH}F4}
zm_FYAb@aP_-=xXo>afB#ucRFAG3weu>73hvbn-J!<6b;>y)tPcKil$o=~RBA4@VE9
z$ophbm!b=NZT+{sVBoAl$>}#pmyEtOG%?AntW-HU0g1GAIv-oFV#2gv%8_j@V8&Cy
zz;ML(<SgV%Fbc?>1}yL}=IfH++~A;G@N+&5RiUUh8>3z@hDcaUY_l!OsHnznbur!~
zW$5u$pymF&s+Ns!-OrxGlR7B7A-jtuC_tf}CRbAS>NMt{kF2hca#7+RxnF3u8q4BM
zMaMmJvUtJo%B7Nf-H=1Z(|LsQ1E22WQO|{RwY~l}DGTLA<Z(fHjTN~0>^}RnmK>8M
zANtXCr4;rXY;2#goW^5n4~s<(YsMzy=L|p5{CiMWaKuHFC<J*~xVhw*x>~hh|FW@M
zxA3qHcg~Ur0=d!-$o<9i{r9*OdD;3O<6e&(os(GsQt?n_ttqBS;i$g4AD_i;=DZSB
z9*G*#eX|$P2tw8CPJ%%2OG9Aw*n%IVo_tP6J@vkHFAlKA^gaY{`<Q*DpsdHj#5}AK
zCnI@;^2~?ZZe{HtA38(`lJW{al>eN@<7!j)4?s7z{Of@vfI8O*?oD_p6;zseRRW@y
z3!`9wsN3YvE(=a-E4TS0dbwpHFk)a1-k7MqI{sB59`QY4>4faF$K@Yl;;;PKc<S2P
zM9`Oq7+aTK6@vmcG0)`b<lE3OSV?$gGc($fhGUHx>oydZ%l`0uP@2)wr8bakUoKEC
zEVGzmW#qYPD6hW_O)^4dZZ$=-XKPEu^(z-AadEzxsf<!?;<+=ptiN#4!bggVt*s4>
zSaB|P;*)9+F2|NHo^~tywU4%Ja1f>{2TVWG8!M-Q5E6x4C_kA+j(#&C525UM_<J^q
z-)Zx^ad5)ya}1ZAaZ|0AWXOM>PAtZIayroFEcxYLe|?tfHuCXI5`H$neejL)p+O9t
z%TUb&5mhq}BHrXIi=WBQe9g1d`}<2;O$zXQ1*!(WDZt}C)pJqdu{B2iyPBWy;l0~j
z;`mDslenhRml(8|(axY`X>U&}AV56tcJPJ&mt=+jnTD_$_p}fipAVRT_LSJ;lvGCG
z%AV0_$z(XI>r>WfvfF;Q*p)U2E8l>!jHRFQ+Z1*)%z}b~zpY5jrY!%wGjuR`T`@YU
zL^QVHc03NosRb&^^5KBmu^-vH(#CT-rkW*8#vG7@cEFY-Q?_*~DF=0JnO_V7y9_zt
z1*<3ATa#a_q<nNmMISwR@`Qxr)b2J$P`7ue-gF9*`DJT7F<wDJ?~2P|!6YO-&tBfq
zq5dAV|JjUoLMnFt>GnVyi-jP9j11b42qEFv5uurfr@I)AhupgTFd+`C?)*?N(#kj?
zRgP#fW}p^jWv%&1gI=fh0HF@XAVz!ycJo{6O4Wlpo%XPeKeDA9dgr<u+L(&0erV6b
z-1Up6IV2<wC!S_CehH>!Y>tx;P)kQ$`VwH=L9Kh1FyN{ij#h7T1tk7Kgt)Y!Aq7+2
z7OR$Z%foX|vLa#odhjC7xns!q<fQ-UsT20or;E&<XF(ww$oQ<nNT@Y8;FYnF*yr1h
zL>*DW^)fu`6bx!*3xjyzQKr#w%CFMx(5g{+nk{<`KQ;9#0t=-){rUyS1Mt~fg12Zw
z%0X%*oEoDXI(UuP^YZKUd<>)J3;k9frj96kGBa<57eehb&^MSms5+De24Dj7Q}E;W
zpLlvM#ADVHh%Rpzwq?cF{q0T>RiY}ea#9NU)>Ki_K3bFedGV<3?V(4`%oh~E8IfHH
zo`ksC)AASfwkGU4zvhCGR*9H$L}~Pom!##L%rvo5E+>A27h-Btgj0AbOC&R;49$#~
zJ4T7#l9#PbizhkCqHq+j3pQEM8BvrJJrH{2^H#ZE(9qbPQRm8bhbkF6^@PeHm^c9k
z;hpsGIK?@|MX<0bbROCHZp1Jy7S<>5QkeawdVoQ(Zj(;#a(4=q1fu<x$;OT&UjQwJ
z0c(zM0yG8^&(H_|{Z&ZefyiI3gsnbI78(P|3<>CHKLrJaa&#;k%AwMy6(<#iT~S*%
zwFmvY(09uiF)7DnGi<OG`EG=A<2K@fZ-L<RIEA*Q&TKTs5+{!9Ew$vcR(S`=Go||3
zzUO^*t{@N69~QAT!iWi@5T3>&Nz+i^qX5ETU*ciq1l@*VG5Q=~(#?8n?E<%zgtn1O
z%(ox^HU=Vd`^5BKPZUI*ty32aFYj_}TuG;3D$3SR`3Hnn#ELqW+dKSFYO2<AJF^VB
zNoE-v^_l$ia1D1TPk59hnDDt(N(atD%wK2X1*GQY^@|IQNOwVCyy`<_BqB`*LAPmz
zSGZ}|R<;W$lA>Y6!Xis=OmSJwz0#(6<MSEYIP5rA;7VdQb-K!GUfvT}p*{d7A$I%Q
zqVH!N<WEmeKXQ=?(pL)227eb?TtcI={(xm82=^HcBqdX1<5@+-#t2<g3}vHFtLbm^
z2Z9Qy9Xe)Y86fG)6-Y~ceI*a!hUpHDJ-vV%2=3)G8<{>5iQ}L~lm3dBC#8_lgQfxK
z_JsSDlXe!r)kbou(lW2IH?yenLgX9N?g{1R(`=L@H<H=C?wQ95$)$A5WBCn=aJecO
zWktomV6ivn-n|jABq&j)^~p9L7+Xjz4B<M+=M1NvT0Po*=>FHzjNn^zoMzqf1;V6&
zN#|O`S_quSRkNkb6ZwvZ2!(W=!!_}EoE#mxIm?^}3kP#nT4v_~r+|ojiUb@M%~-Op
z(no$jcV5DHb#r+DB9JDT0IYO&@Klrb<?m$2xgi5#;qeY!-J(o(GA8hxT;2)StjlI`
zE!vc;efhitwjwCnbf9^j3TacyK9RGSt5**_0;qkxrLJ(M09thjSrP?~&H8Y5Eo-Vj
z<&+TRx(nH7rrI^K<VxxedWs0jhn)QaH*Qys0sRuwi@>+=<*Io2yXbrW8x4&FV=`sf
zj`snR4yu=}he1;h;bx(^Y^G+8k?b9wIfxyiq2^PjpPfZXuO?ZC^<*KH?13fiN>S6q
zN2A1<75>wjqZ#DV%rnn3r4nu~OP*<my~$8j_^1UiYdj>_x_Nn_Q9L(#juY8KSQ(%G
z{yhrkIvIT-oYy?}E0yz4$k<WWFVCgx>^c8@l4W0$_W?hAH_~+S@tn5X=EZU^r6E&2
zf%@|&j8A)eg^x$=rAh@nIZ_5(J&#LjR#tZ3Ned5t;hf9s2=Ye@kmUQ@3|A{$%Pvt7
zsj#H*jE|NU(Q(Gc?<wIh#WZ>LkVu|5-7K@m9uiS<1bZ#G`t8i@X}w4@WXQxY<s*7r
zh@>)k6IZA?Bz*ZX+!RXqxVhD1MPrrtrY<PW+!f5Mk2c2q{lO4}ek0Ggt@sEQ5q8Pn
zDEOsWS;D`_jTVfWqGsqX%CjQUqikbsE^GdAxp{6~?(HgL*~DbOvCTj|SxFJ8HyQK&
zkyvbxy~FldCj*gewwGzuI0QxrMTY|4BmQ+B=+K8c^qJyzglrhr&}>$GcOui|V#yzE
zyujFJ!fAQc80z0Y=x>HRQ=-Tt!*M^yV`ue4#Dgu^vUGDM6-EB?x};z*HX`edpG6LJ
z^J>Go_7dkK+v2k?^xPP@cj1<nmt~IBtV4bL${S5oYG}O6Sa2MZrmd7eGBzdN%m`c1
z8tI>h>@YLc;|s@P@xr%O^A$>C{DA8x@5g_wwcf#OT|P*uz4Ky%I<-4B?WbXkjz3Fh
z#}x@HTdD;YT;>W#^F03a1zw9RO>*JKa|U61MU>}FRwPXP6E|p~9|A%}m{tzv$U^qv
z*lNZvn*)+Q{)E4+qA-zjcA@~uBmAC*(~qup&vWIqLn<YO5sujrdp88b5FZ&p`{(N7
z(8be{Gxg+pNB^KV^j+Vp#x%+wcXY#Fr4J1OAsL@JGB2Bt;BiKST2f-@_$WI&HEXLL
zf;|!{=6~kZjt}G}i=@2<T;E*`NRHbTt9NUbk15{mDrMiN<qEh9pZb=qpOeXHPJArd
z(w;1<L4N5zGMLl<S&tkBK%mqE{x1_-Eev5Fd2?lC^w)WpIfeb^RrPr9F1f}U$k>&*
z2GR~(w1+(h3?LP?MK8tZ`lae8!RGiolJ83%M2S{wXh?@3h$t~hP@8D6=gA90K`xbL
zWRSX#>PE?NF2Mu_M%kdgu?oI=+(jznL_OZ?juUf^P=BAJZ%0_~XXO(}(pM}>l-~v7
zBG1rsWWE|9A;U^<r2Y9%qfd-?fZD9S?@a6^b21cFGwueT(smwow_5Jb=GDRuPvZ&s
zfeag_T3sW;$jVYWEeDK)grw5fvzOj^i?BY*(QnshAi)HQixYOsOG-~n<j|+5r~N;|
zgC6#GeVhK=UWkad@jYZs$pm6MvDY8m@~%is@Ao&i-k$DHjN~ZC?S`AuUQdamy^6OU
zY+XDl(=(>}mYWl);)T9&z%NK>`O(a_IKCN?y~X;Da&6ix@i2gLCPjM8#*{BCKRj0{
zrT@rBi^GT*VEi)j1GfZ8Ry}g%;u}ac*+Z#SBOYg5<^x<<x4DZT>OKLql9vY;{!d*}
z?hbjt&ypnuoN)he!uDMFz(9iVY}BjS+RR5dh=6XX{QMPupH4msI=o!`iNs=HifpUw
z+ZdJgSI53pvq%O=N}=l@&oPjcPSx^JyMH9*z&D+*X46UN%d#Fn<$tKwlm&D(-q+3V
zC&=i8h^Q-Ve+wcLKuEXXUp6)P47fHq6t7eLs4(V<9VCIfQ&VK?2+q&e6MJ)I0qzNj
z&G+?78DW5wHMvtmL&>-CjWFlf+V_kf!7IOea}L7MkQWc;9uLCVi<eY9aB%aI{dJe0
zczBneNZ5vf{W*bc07hZK=Tc-gT6v-!b}_wrO>!^jYG)!qbQ1%IWO|s1U|ozalJF-k
z;ErsNIs2BUjzqhya`mIK_p<C{<Rp!@cBbmIACZt=@X>?E5FefPAcwp&01QZ+<n}Or
zHj$9Z9W`PTc()R5?@C>lc4wlMXn7Ydy!oa^Sabst0Y_|lj@7g2#YH!LQNa-Wf9sW2
z1v4E_pjj+T4SG@>d+Ldd;3DO7Qjns-2;OQpxMRRmyXrQr+rVnXg89Ey%NVHEvw+!*
z%BMC3)$O1rrWVbH9*-~Y^9ELovU!yc*IyoJRWMnfO|NkCEzzi~YW0HZLLBvJbe;*q
zS6UP{x8w8552Kd^DrLdw>%*|SGRs!vOW?%P2sZhPQfAy%OqtQTcCLIu#Cp9baWL@d
zUEd{thHna}pMng@e!VR6`jB=ffdR$iuMFN5n?WxuWu7M(V1dDP!Z?YV@EL(f=qkz~
z*>-F!?=1o~-S<|S$(vW*7tUr>*;X_TaGXOnrS5b=*Ja?#SD*_7LI>jy$jYqM`Hh#C
zT4KT<xf<9$=$m0vtcWJ^a@U3V=lUG5@6mw`0lR`(wM~_dd)H^O#$ASXr=V_YuN*&r
znAqD1?sJ6;Z7!d3R%<9hIL=Zkr=WQB`~j{Bp@PmMO&d}wt?-Z82dvuliLsH*zu`~o
zR|8)JKA1?5&*Bb=zmwYDC23p>n~6Op<PIqbK`a`&_rftehmQZgufiZEuw!HXsvVTK
zmlcmaCnarCuz0g25R$qtVMJUKz<5Z=)%TX(Eyz$yczcgZf0q{2yT~2WP}*jEU6=Q5
z3ZfSsDqZ%g!oNqZ)1g?&sNWAIXYlZ=*rmA>|L#>!a!v~JL_+?o&>t{x3(Cx8%1);`
zO(3|I7n4mlSd(S>*pbnB1t>xC(Kk_fPY|2!BK}XE^n3$_zu@<^g<g3s69@?L?|w0P
zo=0w5{IFmZ&UNnAhzFGr|08Eun9z%=s`samoGt6d#W82P?;H#5eRZNBKy(TK#MgoS
z`92h+6@Q3e`2QoZ+AqO{mobtvMMV|XV9NY-btUuVOO(EVYl3t{MtTuzeV81RY;uzy
z53pQ)a?X%oz~MR~S5hBOB%HYmBk{@J9nLuwZ#c6qgtJ{771R1ZbxAb)x}xJ^pr!nE
zbhQ6nl-Z?xk&%%J`=Xd-L8Y9Vs&}=4`w|^N#k%<6$5`&p{(tRD@t=J?B@L@8MV+9R
zKib=YMswKJYo<YJbH4GQYe2Ds@-s3*XF-y8SFiuK9WB!uO5nv<NmQv1o0hzks{JBb
zCvmsI95^?Jy1I~)=vhL}vj2oh;N*+LwYC<)rQO#f>zjaY>Ya$?N(jI!a?tz#;}u1C
z{emAaVQwwwb~X)^7SsmSJ1VRDuKCjV@GDQKJJjSl`Rd@023shzX@Je$L4Ta}WRe4$
z9r~=TU%XiYmiy;Hc*6^{%3$_MtjOg0pVdDtj2`RFt9m_TV+-edIa}?`jfqGI)o-om
zq8JMrY=P{ZELbqNx%K$^^^c5zY`*DEw1`eg_ch6--cywq`7XnbRU+Op>>OV**S{&z
zTnIGjgihzfocDu?XR$&gn759fy8YN~iXzeY0>e9FQPePB$g^rE@3qKBI)$O!(7o@4
zC8G6oOt&}FSb80;#P1)!nlU8O9s@<P3&0ZrYD6<k*a^8irSX0aQYBaq_w!;l#ey;{
zFMr{9^v$i?H)WwiB<uLT>K#UOdPti_eoqn_!4@3p>Xo`JyZ|X6S}NBt?8t(~cdtm(
zjLtiY@oES2Ef2^r{!r_dhgKp9IHC={1uBhw?#S!$lvMI{`c0S{^He##6n#kgrCK_f
z{9DnB-QTVKk*m?hP(DoYEeRak6rY7Mb7QUEEtzCuSwIi$Sw5A}Tk$kF@8x$-Y<||i
zf~Ta0UQ(f70~lsQ$1~v6SgElTf6#yZAqx8xx;YWT<;TXr!S%-Cei(bVl9uTE5CUK{
zxQ$=ai>JB5P6Zts*u3Z0P#hUdn!G?zxOYRLb0exj&0>sQyb(%F1z6TwJgvC6cw!_c
zZsR4-{9IRTq1Bn4{ab`lkSLPc&Ygxjeso8rjB{t7>^{-aV<>8Pv1DR~7aog<h&hv5
z4&ot$_l|)UfN0ulgc=6(#Y>n#TE)6t*FUGW6?uP5Ka?UYZ5NJ+(DBdB`u7M&XW$ae
zx(ocbGHr~-)d#@$z5#decc+gZ!X7LLEsy*Q3xF8b91c$d()x6FOIB+B@8vXqGBKJJ
z2p&k$70$$z|MbGP`aqtcDtNJvV!;TAh%5e!I<Pqs7)}H^NDa(DY}NkqhSWLXuZerg
zr10$ija1tA=agbW9=ZTFH7_}Ifl$n}xP2O#KRkbaj&Y3>cGtt(#;m^W`$>7aO?edt
zG^YOZFe|3@CqU%)&3}q11VLfb2o_sW=h0U2&YA7eQ}tshSn#haWPqJDm#^Q6d%=sR
zkprRyl{{|LV%*?LkcR$$CaCW#qF0{;5B>m|LXgFX#6lLeBesy*>>D%K2j&ZAU>y54
z2{b_IR1kdNsWzNjjmD@Adm{7~U^>fcLr}95H)7ZWL_BdXgC4<2Xzf8&cGyrCx+y&!
zaH_-!&hlXBpF^qp=#IJ^&|g%G15V(2@7dmdDeOT<ly?~)H@0p`N>+CxbjQv0K#e&|
ztxWNue=Y}6w@3NAY%bq9WC8t!bvQUa6YQVm+b@xT!@=ph+R`*?@kvCwgDP8?mowCG
z>dX(aLjODs)KZ=;{2a>&$((}zVu1`CO&k8lPXNUdZ-yT3QS0%NoLh}c1l0u@lnVz?
z>eM%;8$tgZ&}Qgmb8Mjqk=Xa!Ux<LC)gc7OMnb>j4GxFwv)!G3YI{T>eJpZIeBb~z
zIJ*n|gdPRZCgYtKvuY4ei1F<&g22%L(wO;HVBo;v@DYAR3hga#NF;0pL8;X%1*mgy
z{y7GE6hIr1i3hqRPaO#RsGxhp1xMQ@d!Zu({n8_FI9BvZYQM#wW0CArxKL`v#RBTA
z9HB7Y3KW#_F#jLp{~sCu!6fes0q0^tVM%KQr4&fY!gJ}A6snf~I9wmu1C^2Apbx^%
z1Yz!0t0?r|0BNDJe<BSP6YpK1?dqnqlNKE99UY_;6z~@(yJFz^g`t_5V9-Ls&d#o8
zO2r-x<*9hHI{0OO#G=Ek%)SCL`zQXyr9CN$5InE`7yvpolmh$#ytl34WG)E2vaWOT
zlK?7hx8h*X^B=<a^(8t!K4RUhN7n|(qqJTBG8jp(xfN7cKJ>J>MNHB=5eAY`YE@fq
zF_a+!9(%6@`9~%5otc_AZo8Zg<JWd~iziVEvMhs|ofuS_eqe#$q}2Q(=gCkEmaO>_
zK?KAp%xfK?Y$0r2>&++VInp$t#z2b@Gr1NN2VQ{0rD!(8nm_^sx&R-BUQ2ok!rsa4
zAyL6!uKfKZr6L}vtD^E$rAW>D?_cZKo#l?Z-L6nKe-v6d!C<6-ZkTi-CNARDdk#zl
zVOUE`OK&dA{`gz<WZ*I+u|U05tOkmO%D6?p9-W9)%NWY$zJ(YEA{1&EDezfRshXf4
z5f2dIX+Zk?fy1lZSy%A+29r)+a8NCB@THQy#j)Fcu>;~~2H3s&36A@%9*G+UvkV#L
zDdD%^LQ@*VFhMV%Q%~eN?WP;31zE;iKh#HpZM=kK;97ddtaEETMWJ*`;OhJiW#iAf
zFf0<7pXgocDWNZ!V;8Do4~0O6?dPPl5R}9uazIEP2Ig|hhGGEIjwks+7?xrX<zBQB
z_4!^3;LZCx`cRPq(}O8Ch`b5d`Yoi?lonC#OY{9)H~Q1#E9_DHPxo=Ah0>wNfEHn1
z^U!bd#@fD_qXK-kY~4zQhYf{-F11n{kcfBR3mX~Gp%cyW`AloHN8=iFd0A5yJR)Nw
zr~B(=^W&CSn1G5@Ht>CAsNk%dr-3mMUQ>v-w|77uO5#sBI|$wMVsa?QLuD1Robm^6
zMJdS~e+vqW`Np}|mWM*+_c8?7u=$!OtbGo!gcX+Y4Fx(L{5Ra~j>Q?b@|>J>?ypv*
z)I|T8K!R!5@#BOZ09+L^z<@d!*ONB`OZo5=cHvM0^x1=;dojk@89`D;)P4T?{qgbD
zc6j#1kcRyOsTD(m9;ax!uG@Qy0!-Hcm!nuO%;gubizer&15%i`2)D49?;p}R7({Vm
z<qW9Xk<6SK89}0gG$YZx%%DXu7=QM{KbA#_>j`uZYKh>t6<1=L?t)-5j|aIa5Y^(E
zLk0>QYyui61w}q$%5x;1n7pkb*TKo}lG8BHo|b)SVNJXn+KmC#84~Cf_AqUP+vo)9
zA9RK~Mhd2(--dI6!j`l0BTO0Rr-Fk@s_*1q-sVQK=qPDl$^ErUxn%(YAe+z&J9JMn
zz(d)&B`xu0Uih58{<aMVkuvJ+3`)`=-cQwo@5G()EjoPTtVN#0^#8Q~Eu$j|)kz9#
zc0d9xV(7IONPBzfB9Pp7%%wT)G^b!DPjK{FdLf3g(wxce?EX;J6^VlLnm^BM;0LO(
zY==Ae0P_XWebF`Mx!@tdR@U+=E3joqP7JVls|c}TM!8k#@6g++(8M&>44glH{3UxZ
zJTi5ek>*3H{>gxd&(_N6vH^KzFWM~Ej=ZF$0p=3sT!h^~xgV5Kb}qeJ8lFeq3V~ND
zREpXBY<cFO+i?Fu=nda1Lt>?yTrzla7e*~&4h<P|*0^4nzr)B4R6@o_FA*LCl`CO&
zN2c;S9|tIa(F<!-6L&z3@e@)LLD&XLX!?<XG6Pz!{K7+Dz&Pib!Tq11-STK=X1z74
zidD-2Kh%?WK?_J2$@AGbJ{CyC?G4|Ycu$mvJki=v?nRnbWJdG1Y;*=6j&UTV*87+J
z!TihkUyk|wv$qRt_XWA<A3?T;2cKqo0`+}5qHaAewWzy17MS$_;_eR0s5k_~=JF~K
zDP(2bMGByFz&7nkZu?X_2kN#pcLHC<ZR-K56(5ua2l$LsFscY!r$rjLv6GsxN)$90
zM&D~}>pXSd{kJ6FBvG5(T3{x?QrlbSC6KlR2J^2htVqX~E`{(r$dwWp#YX;0Tf10f
z%s-u_OF6tCD$Dvt3poh~szx9iVbBAz5y9|;U?bH}#hY&sAotSwH`0S`Y)|e*b<cN_
zXK!6P2k2!BO%GClA43)q5?;eTC%KoY`S#caxrpgrfXP=zH86E+34!i(7(xBsf9)S+
z8vZjCYerQ*s6i!ygG*9WKq$3pY%nv4{SIID9n^+5qX2qA-ED7h0=gGh{puHwy%~Se
zy|DQq6UFXR_{3dO*w^>0v%U94P!5&yS?Pl-vS(lEOwdJ9PrxXLKCf5~aQwJPz&Y-#
zH-!)gphJ6qx*7BysCRdWW4FWQpBe$-i?S9OPeM_>NE$S&Cf@OXNb{&FQG+I^5G~k&
zo$x!tpp-oW;!x-ueEf*jd%E_iVLt2Xzmt8i_<rejXaz;W5Hpw`!IHuybh*!oaJ*LS
z@g<W!0b-th1Uq5Qvx7)MZ@}^kQ?~~gT{`8sL3Rg22??K9gu(a*`U$_7XtL_E2P5By
z!`a??mG&-F-|heh>_DfbN9HOXEF$0<Yj^PYzjC0SaS^(`r1x?*3XD@wL)eT4n0Omq
zzJ>a|KNB;<y}rY9SkQGCI;_11<qkTgbp9g07sb8mA3keO3}*x?VUyM7KcXK^Z+a`r
zW?+iviVCjJh5y;ZcQWtoR26cmfV}^+$2hqdY8=0|{Z&QiSfgSz@{bi!2xh3uR(5|_
zBqk=Zm=2O`&DP;c#WHn_<|{f_fv$CNY3UBo@3jYBDtilBqTUC$Y69;6+e3n0ri%(B
zFm_PWJxXT28Ite;W6Y1ZtM4~HZc$#z_&+E^ab-z`Y9!9bJJ|pqAPhVokJC2dMSxfI
zs*i<s^E0M}2wXcs-{1o?y}Xh9*{EUe!hl4fv&Vp~H-E`Z^etgWj92xKYRM)e6^0_h
zOt-rSU3{WqTU50C5mmGF*6Sgd>)wKqJR_U!ShB(%9{f6<R}M*zbIy3&wiJ~XQy)Qx
zI5y~M+wBembSD8!d*r?H;#vrZo~K)Pyjo~;tI=6pbmU`A(Pvu$-Q$T582Ra7?p*`a
z#hK`8l@|Cp(utpSulHk}*3$i~hb5@ft>zm~R}!s2r?oGDjXd!Lc%HA8zc{Yuo6h>I
zpijzGM3=cUr)MGXgU%z3u%q31-J5HGkv0+zDhvU!BQWB(0Svg7;3)K7{nv$34?{R4
z2YWx~H2AfcHEt{X8F=UIcy~S&G~F!#XxEs5DQE<DnO8D4rh>Lgf>sEF)&68B0H3k`
z$yjCjn{q<Owwn^nIBR=|tK|iV^H|s8jB=;(;yv)}`BYvD@=7#gL(R$WN6+*r0gY7l
zpITP%{I71SyGxeOtHaVoGal>x`;vOTyOj)MH=BBWNDUoYHo(clqahZLiG}sm`u7_s
zG75<tLtLSJ(FaRLP+y-EU}pZV3f$lytPXVUdYtewsDFcx-taOyQ&f0NIo$!pC_^2}
zRrNhd%t5GyL>F(qfZsnJ(;x2DJ~fmjr^8aVK|FdL&L{{xFftjOd^}bXt$+e(y6}k{
zx|mEIm{=B+1>T5*_Bo>4P;OT>T``WAX#b+j1u;&+$5@Vr&Vq^x<=mrW_v5MR%l)4$
zMm^X^?hl*F7GTN2T>zYuH$f8-4?3_X9w0hJ3tDO;ef#F9-?qX!dMGWVsg<PK`F3@j
z6g?}0nkD-o9vhu}syq%>pIv*q>uQQC6Z8o_HE#O=E<P|>t{Q{~)}T{`Xk`gHp#t>E
z6_vo!P>uo)7+pD<0W1uQj`K3kCc_gANmwcpJqZ>{?&gStI+r7JqLP?{r%RgAAUJC1
z9ww094`2ppov5h1PY`4accpw?XK^T|kSTOJ169o4f_>Y~PE#}STC|{U{)Bzf8}9K7
zFa)E1?*{=5Gjk_ET-bna%;%DvVHeq+W-To(d=8GI^FgJ)Edn=ZvQ_7MqkX{;=Rk@J
zQt!5VB^U$H{eyxUf$;6sCoc}-H#)2=n4a}quoKM1ZM5s8=ex5N)Hh@P^L!es-zrRQ
zUcjHo`nRrAe_q%ZshIq$kM+KR9hOrY+xv7)ul-A5^AA^p7w4mL$W58ge(h_x5N2Mk
zb2*g4o@&37Cv0MRFS0{`;<S+csGJApXqc__ufhlR6puQLKQ~H#{Wr6j7-BUf<we*n
zz7OM4qC=AK;bzu*n0K}%A<$xd^`8*l!_^FYHsdwto_QnYF%VMjfo3wCn~V7ydkRUP
zu@EBOzmchz@L+I7o^rS#2XJOq5!DnRP;kWgYm&3()g(JqLgKBqwzj=c&&xJ?QuD$9
z+HTK~&`>eZ0UZ$;TI57IFWe2M%#l<(Eu59?Fs`2PJqxD`?ld!$f0#hCv~Gu|0Y)WZ
z$>!HsOE7qQ)X~Aett2<j7Kzx33T6cBe)+l1a(AB~!}`y|->2IVJVmp^Yacutw$n1>
z0z(j5qfM%EWr-#@@j6eCL?w&}K3tb-&s-if^{JKh@9fKMnuz}S#@1GLEg)TOXUTVr
zU6HYKcHAJsUC>mQ@>OVyOFE#KAZF}$(8puunviiq1M`cNr=u?`fBR&iXAzAsmAqHe
z@x!q?>@EN9biOW;uJ&T?Gr;J+okJ=a_)hOiE_ISwvGyRQx4S)Rj}C`j5VTVj6cr&0
zoVK8mn0W#4V*~$!YGYUw=7xf#cEKgz<=?jRqyqU&(e(jXtA?W(CQ<zuW+u4N<fO`n
zP!b<)PN3}<2f0~0vY%B_($Y!@P>6;;-?mYegSdwt9t;R{(&i?8biX)W*RmATZ1UiP
z0xdH&h+1jRCb1Qt>wew}1Bm(iuHLBM?_EibI$jC3z<lMzMqCoMAEG3y(_KRH1dc0p
z&N|2*9+EWu3G!cVw#-{t+&{{lD-kx*nsp#X7P^d82tlr_HKH+Hi_!6qCYQt^4KH8`
z1k8UppNt<)mQs_;ixENGYj9o5piZRIWutfX>CBuMyK7RE1oN6CBp^T4{W$)*^#HWG
z3qv5t9!G_`zZ)-hMm%Ggc_`})XKNjJ-caf`1`fLXZFziTLi>NhCP6!}_os8y{3X$^
zy4}V?Deu6^2&!CfDK%Hnu6;Tb>XF51EXk9`9#Ev^x?Q1GVIJL&6T|lODYH(I;#ihM
zmI!JC^c7JS(6jGeEZkZvc@Qby3mAfOMrC@i(s!Qpm^=OzFR$harQc>>GOy|{ax_L-
zBf6XaAA4^dRRy=b3kxD{Kx)(7t<n<G-L+{2q$Ct6K|)Gu(=8w=-5}ivY{CFUK)R7m
z>HgOCeb4W_o_oGKzVZEc$GHFOF+^B<#hi1^IoI>d>D5J~w>tYpKpr~c4lDufAU{4M
zDCF`jCL_|u+br(2KjVH9m+6}s2lm<fikPW6TSm@({2n*}-wHf}k@p^op7FuCuP2wR
z0Rrh;u2ybIk@j`WYC_JrqLMF!UNM_clKu9zqE2T2Jx)$sfM-TLD{lz`2Ydakd}Dnb
zYy!>P_0`Vx%k)}pbZApR4JG5r?DZ8%-Lz|p8cQ^GIgi|n7iH<$)jr_hg{dT!>T#$=
z^k;oQy_eN^HTicL2P_S905-@y<9%+2=<XJ7n-G1;G;|??7CVi0_ka8z_GgXsk|C^z
zKb2RGI)|TJ*k}><Q<A=EM4ub?5isk99aa?1^^-(((;LaUGTu}BzIf#-&sQeMp>o}l
zRl8O3vT-uKq(_=lAhYR;G0?7~z(K?vMo4`we>3#+B-aZI!TYI?{LA$a3so1ochB>U
za{I@lNeKc-bkM9nXKZ}SK~;*ytUGxXQ}3Xkbk&s8anHLeaw=l0qtM)<h=qG30bBe`
znn+FTK4}<BZT?<h5Ze5Zy&)IO5p)*l8~ad?>z%rH+4}yJeZhG&A-F2Mp;0P#k}7?f
zB=1GCa{{(r8dc;~NPF<v6yW*QHUYv@h7ckqTzn~NBwAZZ@zKRJCw+7bVfeJ{J^eio
zhPQ1$GGQEPiu>n%>YWbfmJjZTJV2X$TWj{I*p=$AQ8kxM%)yB9>gWYQ+3QTvpI_VM
z1(hb2@Kr<n-E?y3rELlmux^`;%^e+M0;&kO2~&KTy5e*4r$J$pdH|^9cHPu(IsJ9A
z7$qK_@H{gfcN&xi`3UT$xmO;t?e2jP7CqY1%~p6p0*BuErGnFa|D4tk+E_v%d=YwA
z#zuPjC+ow7!V}-qlAw}Iw`W4;V!dTmLdN1=FCk&hVGuyLbtOSz3Eui7NS~gw-oHKF
zbU2Xnyl`p}FARs92~{;96GDw|TuGxC5VT3s1Q3#%Iy!+VFB&l_KWO7DIP>?}gSw_;
zjV{H+0<paJ_KE$NQ1go)ygqTb$5-CC&i?r2pzKK(r}z7|@%1rb`8-C>M`-aCpoj4Y
z>R}MYi*K`$pXT2zu$<~{0)M69>E19*eT}Ca6tzOoal3%}3C{-EYF!grSGRn)zKeIo
z<HrjHi9`S46dz8Lu%)fA4<<BQet_U&cVO*2Fw?Mw^pg|5=~5z`E<y}4<p<CIG#DIv
zm8s)1b~WcG##(OENlT=ts0iusAC;ZIc>n%ns2E$n2u-U2sxQAWuqWwte5IQ@CQf>r
zeZnDc!i3SRNOLXhDO0N0#AsHa5qtvGBU{PE^Rd?|2@3PE_k{~q>qRY5+l3;j*+}hl
z#*|^imggf6raa+^Z`ZF9#?IYJl&Y}0DcI>P^w?e{7PKhvjCvEW?+wueE)15i*3fY1
zWA*8YTX)!qL%Lu-;Zh%z=u%6*pIP9JJafh&fkj!$noV#r?B*(+eu3Epk+5=)<t)2@
z?$a^Eb7jh-);Yc~o@OwAT$xFH98qQZqx|_;IbvlpgMUNRz{}h}x+RZVi1Wb#Yo2#5
zVh2kJO}S|C(fSpj2do!NBpi>LO_n`<9Y+zo?vc4uLu6QAmPQ@;%$qn8OIv%>r7LSP
zkB31<JA#zl|1pqPCblV>Yc@wU5S}s9BmJns5F|((7@+3<Jt8{CU!Pc>(J>5?*=YTO
zWvS4MP^uOU!%w1dH|g^jbyN}ld?7&!+YSJze1*rUi68P&5R<Q0?B1#SD}c%s)Vd>$
zmdGb$`MU2Nzwp=lG#5;Vs)!7}5Hm{)i`9)>pAdR4Fun)Q_oddY$+~A0GAf_yd0Hte
zR#-jR@wqU@m9;-<c5BOIK<=_Z=)zN{d6{Yz(Ey;mL-k#1=KVL7*+x{OrCcPg^b*(m
z8Q0d1Ec6QWevzLgkx1*NrL*GlR`MQ7=kRT%?|faZrwwo&({q4mU!7INd;{UfZ&)z@
zpn68)$By3^xfUpQ?V0sEF$+S{e@0IZ7Ko-r%Bu1T({_8i`W2yv+g>w~8ca`Gjq!uE
zYwTI<w3slzOw5gOFm|vAi9zD1i#ttbo<~7k)b=+D+XnNC3f@BHe$8KYG>o_%7ZX#R
zLXjj>Z?0S;iz&|<Rr!~?MZK`MP<Gs+)exEDtNJ1wopocjdRqMC5O%YpfY8`OW}cBj
zbbJ!%dp41=qGPeZVAR>NaA~c_c<56afnJ}PftAm$4**n`%|4A$g$;e*h2jq41a#6U
za!(`yOY0KjUib@g^G>Sb4Q-3Uz33zl6QbgRXV%hkPUqB|HhKm0B;|JYQsYB=a1G54
z0wRj>d>5^Ep$?*y#o6$^qSdZ0rCsXM8(rte$L(v$bfhsx5w8e$u;Nd=<|9c#h+yzI
ztQ6~PZZl2_uup6&e(pb|bmLLO8eiIAADr5+<@`JHe8#EXUU`~)wW|(y{wp1(99kH8
z_b07z$OFZgoA~<B8a(`j*x0P0Y2oxlS{rM6iKWe3_%QnBtKDGn)$JU3;1mO3go;AP
z@iiB%zn9CT0RCrXz7qSS(7Q3l4jCCg?J9!z4Cf6p)ggk>@Gv+V{&Od%hOr490&XT}
zyg{ZxT0oYKyLrrrJs3mJB2FO5KyNi#W+c2a4oH`5&RP-bCxVE~1D3V;DAA*&GBdYo
z=Gre)vJ#)Y*~v_@G}0JgPSYR~FMu5^`NW>Ftc3#ZHEYNi(coBv;=7C`cdVNsl%Z~M
zkkoSWuK4m^=f@mS{rbB!RZhR2d{OWh-Rm_IH0oQkAu@>3ZYrB-cs2TDh^0?Z4WpQo
zI!rqJ?8>%S$^Cr1<ehZFIbg-7pDBwn>xUJR%-D34(>zz_AlL(p@hpMZ7c71Fs*c(P
zaUbkO#8I=+gV$E0AzU`GLCkB`Euc7oU34pB;5Iscw*yf!MF~49GrJ#CAD!7_B3SH?
zlXicv$j0MBXMXX+>C{M6vF7(EQ5P+e`NT@0?{g$@bO-OspSvm20ID2-w4Cl+n-!gn
zyWPXF)6;!v;Ha7P1d83{<8?EAb^?AaHZ0G(#nZLJdd>CRva4d}oEYorQ+iL^Mxtws
z!KWZfh$E;-O^PiDknv;GDRTx6P}0mZ2Bsm)op_l{O3zGT6Ao~k46#p{k>v}l;WDon
z>6ff4#TB%6kOym`jEK#)o2*sM{~3}Lt1X3ZO~9fytVyAGNWcv?LJQUMIu>4E_70xw
zxY)fmES{V(MrRX24*~rkuM3KomEM`WGGiANHInb4^lYMBRA^iPHTI(L#43Z8xA9Fm
z*xmvw@m1Xo{)8w)flw_=LyJrU5r3g3*h^i}-$$1R)S0E>ODivad8;iUtd)Miu~g>C
z))~D@N?dT>7}_vXZiB@cfuZM{<$qxTeBd1}D*@6+H@xc4ceQ3{miQNa*lSd@X2pCM
zi8YHRPJCQz=bjVIJH&5p-_7$_-<hJRlh3ml7^ZR3fh+O{C#|!RT9~}u9B_gc`f$SA
zAv(F+xpt~<KQEcn)|m^fw?U1G2L~`4=ZA^i^gJR8veV=hr$bMt&QlaF6t=S0OOs+_
z_jc~BXJ;w*)jJrEnk={^ERPQQNdrb<86w{NI)3rhDLem8eXAs?V2#rFSW8l)Zi3P)
zZOZWGqK#K3m7%RfS4?VQ<5t?Tav|F3<ysev(;o!x71iG`)%mF}EI_c>op+FjH6x9D
z8Zd%_!-ekA(I70_B6HSUo{OK44;%zLDc*{U7gU^#Yti}6Xv;wJ!_p^qvkFj4pzrBv
z=9p}k1R2)SJ+}uvW55|h+fR=s?QvyYm%PWznPON!ID^ud!TnF5_%2h9JvQ7-W>TPT
z1)n@xCLew%vfSEB_wSLnSY=K^;0`jbIp6#tSn@Ftw!3ur9H&D>+)Os!7#J8HKJi@f
z%+4{|!eqs~R^tPVw|Fcv^m-KD5;jM-7(u(@ItY;`FOT+q6C=*c?0e4RVh8~~tV2E^
ze-YuzHbEC7NG7kvM0JZb=gpiVOIi*tLwvlX3129iiN;EjE@(ON#~TDIk-@8)X>Wr7
z;fHKmB!>Dq^aS6Z8dJYN8b&L=6m+F5dC@8Uw5Om0_kEFrpOPMoW-edUILfl<#E&mH
z>D{gaRk}y9CXtY!hmX0Mvyn>3Ds)iOU^FPeF+sTT*Za_ui>2Fi)C91`r3QAd`%+uq
z18W+4Wk0P8>cF#(V+yC)nacHZzbd|uTx6-sKkaMl&O6qaE<4ID)gH`9M`%|=D`J;f
zVsdGw^aESiZJGApo{kn>Ej{Nj^{DP0mS+!jDGD`C6NTmKuyfzF@gA5Vk4PMOT<)3E
z@)42eX}*h9lW3b*#5$%YyOgTBx8d4Sc&xP9j(QMgjVMZ$Bo(^Y^=d6EgBhzMMMCPM
zlbKTZTWwLr>^R(s{B)0^GBFmK4%q+&3=MqE%6tW}Z(+TsYwA8lfe{zR{aVqYO7a9S
zo*)Rucol<<6+J5>m4+5(69J6AHYf9qOeW)qD#GtVB~+?cKbGgXmmzBP=Dv&tTrj#I
zme2^#k>wVdOo<|51#mEiy%aUWB7rp#r?0n|0X05{3LSs78?&D%TBssEgK}?Wftfky
zU0q#k>mEEo+5;P7ITFEeUbYL`(U6K5>vuAPIjEWOummr?jt|ZR@0qQX6-Q)}%QvrM
z_W-A0?E30_XM>)&(nJ*zB~!_mtB$FoaG<ssQ{>kn_nOg%gqS{^ah-K7h8~ltgY}JW
z0IWyaGgm3=fUWk6pq#*855^pLf8xu#n6z`h%{&+nu3j0~!cR`1px~lqlEGpLQBruh
z!0uu^1PI6*1zqLDBXa~bdh%k3>)qpoM%p*p)hYRC9S==v=Ui)Wt*uNqG|xBm6$i$9
z<6qB-*E8cdYD&5prKK?jat2Y-WZ`0^pShjSWY6TBx`e9;p(#ld92jR+=@8zP-NKFI
zW<1nb-m!g`K{?UnWJt&yfzv}$WZkWI>t4MAMuvyZ)Ixkp(Sdh$I;ia8@;;QXPup`6
z6SwFXVWldlE_-ajIa-pxrC-orw_f;e)?SBvg*>63?H20;?<wy#!U|H}Hgq37s~3t*
z#^XuF&l8r%@_$V7yNr3U=ZgNt5aZC~2e98Q^9tl6jf6b}WIPn(6~*e6_il!0e@e!P
zMP*rY*Ge83TzWDKIvZ?!UxoI?Rtw56{j>&T&cN68uRzU$-te46MeSlhalQroT4aqq
zI9!8ehQpEmXZuh8I#5XAQWu&FeTZ<y$G*NgZmWSq=NT4$?)Y3cMFxbx<D9D*-wbK0
zd}>}=sT5F@34&9702fMxhj`2s3or#H@8D`e2z`24CvTY^X3r=Y3nlJ5$#G+A1@SBk
z+FBS*91-^~6(-WPiQ^CC<~b4$m#F6%J2c-xxD_=CQCKa%%03Q}fSxnDXnd~ulFnAR
z%(9;df5#OEPmHf5i4inIz&in#t_`Xf7aC4a-L>*BdEq4}D19cWdvyQ#*yEsgtv1%M
z0d;l0asPt~_6YBZkoS%H9kbdx;zIGdpZ$FbLA@Wh7&C}g(FJE)lonHCCvL*`w}cYF
z4u5v76B{&kF9(r1&kzMSzj1DnqE35od6Y~>FKu&))+Oc_L+<m@2S#ZxhBwLUy5b$0
z9}zXzuVq2BIncjcjc4}9V-9tE*G$a@rF}ks8PHjK6I+`^SblV{ZSzC35Vuvi@THuJ
zqRqjh`!<{r_nVIkzOVY|qJB^KzS;&WOdZmp5!Wy?II;+VY`FDS!q>A{7Vz>~v0k!t
zl{X!d=CqRj595;kx=Y5#<mn8-vm`GNIHRGXD2K9DHOSE`#D*>x$XGo%w~n#`Pe1N&
zSv;%m`~8!xd#AZmt8_!?ng0DZszoP?jQ6`fv3s{98~gz<{QK&{`v}tGB6F`p*>EMQ
zHAny;#fez;5EJ>D%I#G)0ecr4e%5-~!h`-0`#I{$9h{LB!w4#BSAA1Fd#yj9kHy+L
z$n+G{0r?_E5be<@qg3!^hSnq}_0WRCX9xLYn{M@)x>WK>XP%adZt(UG0Lol|u6O1s
zaXtk_9`Jg}XhJABA$qq@YM*p;*05@=gphsL)+`wF4}`xcYF|9YMs%(4EZ9O`;Ygtp
zBj2D+R|a3s0zk(v>{pTN4^bz@OXc1|H9eJwy+5HbWwky`oq9#=XaU{jLD4aK(Atbg
zrlef@SP-uh{dn(}?`Ar9%qaqkFIg9w*y07#6O$hB!)Dgdo+^+X{z1jRMX!|R*&~OF
zA}c{80{t6K5EB}oQ-&Ld!^)g`7oZ(Yk#7sM3Lj;`pCeIpZyEn2f4oh-8Nm#iHvL(^
zVj#fcH=qoFQo3CJ^^mI1$(iW<DW_UIWe+X#;g)55H6_;h9t*j+pgbcA0YQaV6~(30
zRj|Ey^Dsi!aDY#!NVY#Np22iX;iD~b70cWc8^|Zk?s|#-sJPC|>}kP^5mMz#XF|EW
zi=pyVogE0MVe#-q|4i3POI40r8W|EvFvwB;X&C%@xFfDfS+|4O1gPQg)05^KDh<J0
zI-4{lK;O|N3BeP=dxks4-KIkm<TsqW<<v75e8`Jgd@3XzGI~OUqPx!vc+)c!p(+0E
zN#Oj0{VE?`1B8KPc+{yAe^3=i_HHVhp7oxgGIUM|Cgw<yaV*x}FDWVm-q56J$5rRR
zDe`oWzHT7zY!Jx)t7^_ZUg~ez^BlUhvnDY&krBMuVQOl`lYFTnx{&Sfu#sDP-{*R>
zjbiWfZPleU6x2Un`&|fcq?jU+k9YWQ|3U?CL7WnniC3!N`$(^U{j|Mf^-Av3Ki_Fx
z8rdF|L+&P%hKL(e4*qQE+$oS#lHxM{9J&4Lm^Y)SC+iTqg*;K9h5+&hCc$hE1wbIZ
zZlp<jgoB0mXjEoPAi+lA`M($5l#K-V{K4aHm}J^vL6L@_{SVB?EKoRFfLRz3?I_e6
z1LnL^RKWvg%;6bTdmaD=<sQpr^iWj9$jZtJCyUOmmj!?gD(1eaK=mWOEFR5Vg%3F`
zLn6t`D}3w&kM;F}>nl+KY$H-f=w?iEyH&W=$D>vfu^rEW$X93SV7MJG39P$FI0|X-
z9&#ttqbmRH#A#E-p$E9Mkn|2M8a9aMosuoJ<S`?t@BV{G;*Y+}C5k_{-^wC&(UOdm
zqVb2-eeu7g2n#7iM?YAfjgpv7q>Au$F=yUa3}Jr&-KF~va+b8R;7dK^VjKT+vA;L2
zPTt@j!6NtgWakGTs9?BnX$k3(*R0uJ=o%KPI3&C@C-S|48hBB5!X)6N_uE0fhgXrG
zAmvUo`%hGaW~Wo?4JN$5Xd`7UBDcOQTcNYw+E7Uu@I)fAr~xV=wD`^6533c%#{G%U
zINOs?YLP(qzKK9k4M!s;GgSLv&D`vn%{wLxZ9N8HSQvu3Y4vngl@&4TmiSQnti^V2
z_AOrVn}7%CUo2MUH^5=uq%EfVJta=L@hh7eVjWNAZ}*Fy8__6iU`-0<$zqIc8Om4|
zEcX9Z#)oaVbV*Tcr*!Gw!~{SG5RRfDk-lc1WuLS(KUT`35plx<4^S<ees#%d|0@UU
zl)Gs_#mYoEtmvEGzY7!H$BlZB7M02cAMj+M-GdGxAw{Lntdk6o8@5Q+`Z!|#d64GY
zayG<4gF8e`5s3$T$`$fJ-&ew7&AXbI>SL@>auSbmh~tAV$ZfAI%bpJfb4x_|_uNuB
zM~&Z9?b`hl+rBypk#>5F=TsJfFz}a(iNy<`@_baW-NGz#6cr>L&}KvyTy6e_>mt(j
z`Il!xZ!XS~2kSS#a!u7Y<3zO$x~(3U&yYoM=TlwngDQ6O%iIqxxbBhK*-6Y?>E6{b
z7d_NvxG&0ZhtpF2)y8;v*rOOnX`-WRCbh{4ou+4{RL7Tnk&4-!ADkv)f`@g7YfU?Y
zRVRK-?BtP>-+8=W<&f%X1}WN@++Dw|dNNSPuwru%i}i<wX9usi8PftoNRnBp+zAXJ
zS<t(ifbbH^W-jt6v6wrx?}5_)^13_Ej3fMj)P8pK_NP5bYim>-?P~g#3@zd!(W+eh
z#ka$2ZJwZ-2JFqxwKYvc89TkKd-vHPEJyY<JI5UBd!I({>2tMunHW5`zza&nd(-`N
z?o#B?r-&$_ZvOLaTTojwYUGgKTe$Wy)3QvG5F#F)Kk#cZP*cVlFX)mMjn1~WVPMkn
z*x5CpF#OBtGGZ>3?tO40{`m{fO6o9^Q)3PCwbabdN{D#kCtnL>N;JBd%(9Y+Z5e&+
zBf;e$uvTer58y1n9+)2Oy!x%yY)G|!u)*qnzRqQ{eE)T2K7K+7dmu;Sd2e|B3aut>
z2zpCx3t3xZo1DC@8qCamqeBc1x!K=Vhi?CRc$1s^u)KkrlwXjr&9fRu{i;~>4Zp5z
zwXt?gDQBx)*CzoTs&@;?$#f?JmtGnU71%vSChlXyR567^FN(W;j$cwqI>FhJCj<9w
zai)D{1u33heh#{qAz;2_#DB8Y>rirPP6$%hZ%m3df^hG2HIfZlYfUqo=waZS2h}tR
zBNB+7061pJXEONLa0Z5FLE{~M%}4@6`4h{0bYM4lAbi1lG{0}QSme!?;uZf7ND@7f
zjYN_bukrJqBEANxg!`i<GSc1H35L~z6I+S0bE)m7`YnK{U}yI$De3HBUOzRKIvfLc
zbZs?;Pw___Vbj|m4@BQ)yDO^*X<=ON%|3n1*M^R(0!P@{w$>FZ4EuA|$!A?v72qPD
zn66U{B92|jqqqNqBjMIeB05m!r3fZ%@_l7&8wtHiq}{<4{C(l4A}9UGGX786UP9tT
zF95^;xFAh4e6@bCo*lVR$k!%c7KNa>A1d*TV|Rx$WiRq<Hn{20?lOyNL6P_rniV2m
zCRaHB)F>Sm=0v2r&dx*hp68UhRSZ)gl_oM-eZ+k53>_hVn@$*2P=6Y|>AO?U0Y=A4
z6k>h2$9q&aOZ##v<<AU>n=|W?9V(K+0Qj=+M}ahXL_`Xpv;S5fPNu;xU%rgs%ZT{*
zk}mupwfuvF8%41-)>f^VyO);#{WS822vc6xa6_eYc?jYpBbY&vsMUdQyxgT{-9zNp
z@y;=;5JO&LrI2jyGF8Eav5JdJU!~83x#fgIYu&6ebLDW14iLd}y_A4lRVr>Z8BVlX
zeWmErb-i)qbxWU%mtY(=)WVH+&PNAsbJbPCcS}fUVZP>`6x15&$9z=+tOwG5T`J2z
z3Y3XHh|tUrSTNZ)t1yy%<(+jzO-7eTX$}t;R@B+2C}W2hJL(F0pT=oWm6C(Xs7+xL
zM3KB^pOZylR9G50$Jjq^J!rjW*J;38q@nNXHvH*B@TND>huGc(0W&SSpOzIwBxW5%
zZ2H2SL*`c&@;{JPi2p){qX~GwT?vwZL-2s-xbmeYaSnC$_ciq=A8WEIQELV2SXo@E
ztTp%ETzJylAg2D{tAof%EETT3^{V5*FmIjAqJTJd=cd(W()F9mXuC;mln`ERI*f6K
z!-L5P;V$)e@lrdaM6uP4G*l$vAJ}Dga_zRx^T2@!lVnB@%PBfGOD4#f489L<f;6vN
zEz%L84)lvP)^8GBtlJ_INz8s%jKlO|Q)E}^A$9<lKCWQm`A7g;-o@v%)Np*HiOIYJ
zSSfd`d`K<-O{R3><v-YY)wNpi&5-G3nP-j~R;pjo<3_?zh~9Zvf3lH(U&i6%zMb@9
zyZUqXlo=nF?yV7PjfAhc8RgVrI`}V`!iP__cZ&B5UGGPXh$nu~wSU1WL09PW@NM<=
zMUU;yTR540Xkl&~1NUJEWa_en%K7@NWjC%WPpuCknLA<s6CUYq(f9YojQHzfo+jy_
z{t%XS5&)PX|8Fkrc!u2gf6zGBriEl!imksr+CR^<e;$4RBW>_PdMtI;m#pi<H0H;L
zPfEL&$9S38{B+X#T^fH~83q*1i^B$)*k&{gM}n>sYS<kKQB$Bw<vZ5hx11-BEsTnf
zluBD0TBho9CbrnL7C3kbHQArkfFf2#p+-c9&W0*3I=)ig%vLfkdgPayL@wu-oD9)b
z{gIpbZ6q-Huz*9`t?KFmOfO_`HE1OpLAEv7ne54bduGWI$)ciUd&u_}n@A|$=eKtr
zh4jwHY2*$5D1UHl8(J75ssGY0XQnNlk|w<Qx@MI(Ge^OnfoOm(uaTVAPAhlDGk!(@
zvajtJl5thglF@S8aBs9UqG+m~>TpYvbvlRd^j@M&fhdelN#@pkN~~`4?h6KLEw;ds
z*=H2_-!B>~<z>bjj)z}z<mH)A`gIX7e2}Ih7uo!=GjuA#mPh|jn2FM6Wz5G{NVih!
zzq*y;QL+CdvxfVgd>(yonG3mp_v1my%cZZRa~!;aWg$q;liA9*YHHvb9m3%x(STMA
zgwz0E3))gy3B||XO4%P*$Q1Y|qxCO#xW^Fo&e|<M+QS`zzcKuJTVbJ*>qZlnoI%U?
zhyiQ5rHfL|8J7X5@U8z;VYf$#|AA5qHF(LV=pH6vcW(jgAKlFk0EPw44JMBLKg3A<
zUg*SsTc~qp#6O&R@Un>wf$1=fiAZPuNoU=48#wr4e31^M*?Y&VEuFS2-lQopZXX?3
zKYI<)N_C`HNLi3wVq_9v<NWIzVTx}fBU91X6g}P_K=rBhFoE0Dz;@moSh?ae4`uWD
z#k^wn7u>!$`%S&oXVUL}qM!c&O8Q}ElT_9HlMQ}geDLv+f<$D{;(q$Z$40Q_B^wV7
zw;7PPobL+K08{3s{mEX1D&wL_eg5)<<31vQL#yJYF|&J&?;{`puK--?h#M?}=Am!r
zqbOt;B?g#)V2Gcde<7`duU<@R`iG(ckheO`!kS8EBl#X6;QxkO2XE&w781Zg-4RtJ
zMGYgm?mQk0p}yzrz=8CeyPp9`F!XZ3!d(gGH-|eD-bSKFo@v(9p>1U;<<j1IUG*On
z@H;2`^O84!X5le6@uY&W=6i)QM}E8BlE_W|s@cd=VG3ho=FrrkAkJpLX452s`mQk6
z{7XsOF^NLRdEW)o?9Ya;Aen3Kd7Fd39e@wZ3f@x4cuxLzWE=UN_fIhVb-Mj-9LJw}
zqEZ>-n+Q0}J4_XuKk&c?2R&J)y+X$0r1pP}vLNzDQt4n8qWVVyNe~yV7c0RDW-_bn
z(A-CeHbo4}OS%<7i{g(_T~k9QVm61}llTmj2*Bhm`*-q=JmGAVcn5UNM*pAqm;Sek
zV1BHY<G3p&UL7;wDgM&-hU%w#+(Z(of;u3p<c|Sv2S7Pkfg(}f^~NDZQLhA$q3=go
z`KFg`h4;%!Wm5s^_}^7Y3cqG^U#SCs>H7GC_&~JT=Zuyw4Kcof$bn2(Zbh#>s?~Y2
z5T3?r0|Bt+@4gjW8(&-h)Q$h3dLy}^x<}M@EGXj4v`mA~Mg*2kb<Z5ud#>h&Bh~(R
z3}e%@{6+kSeyF^-*SG%)h|+me@TI3WA?#|)q(2hvt}>uAerdd)i9G-~Pn&`66_z>e
z=}FIpiEArwR_t(me3P8qoBr;F@VT|d6A*KWab0e6R^=uAB2jmuW}LG^15`=gVDzz<
ze{xt>s&M~6{)^QGqen}~gRgfM)klKO6I$da6+cFS%~<d0$Br%}A`+liraEhKk;i6-
zYR80%d4*@Vg9;-$jv@Hc=F!DC)2fP?0yF553V;|lx1X+z_>5G}P0<N8RBsiq265LH
zzN&UTRwIqSW@n()VeBb==V+U*_p*3~9rZbMlJ`yhy=a%3#g!xHSb%aK6Ud{l^0DTj
z4)3Ktz(`61tjwp!cw5d1f5o!&IyI);MZYqjI&{W@J%zclI;$MWVm-PA3d2c*SDy71
z#TV`^|6-<ArX#KNSGXQXlb-m3p~QUq>9FZ4UaQi*NKOpST(THG-rD)V{RbXVspLb9
zuPjgidwlu9ulK<Sj;2UvL9B1QOnG^^ytQ=!+g7$F<J_OA)lDxnwm-q6{9(s&zR02z
z0+d3x50DI6+ztyp@cxs|0GO^T`jssEP-O1<?Sy&_veLWuy2+#F{o5=5DgM8tCNkXz
z2YJMibYmJJ-W&N++(f==EAfgSF~Kp{yh*gq&i^kA?a_6v4MCm9NW$4)5e}<*a=W*}
z$KTtG;fk|P2jrF-_0tQ$8W2H>+rTdi`yaIbe76I)gT`7}upumt{l2EJH-3bY40cEF
ze82pM5^hgJvI4L;T<wALo@U^%bw;J$!Z@J<JlM<r+|+2S|1B#UOLR{Q$|Vl2g+5Sc
zXiOArP8kkRXBZTC)A29fYoZhU2iMPEe#L?D$sO<)NQ>Bv#MnQ4JkA05cPU^KTnK3G
ze{+4qfDnR0O<BoCz!)!dAORFiC~P4!yVqN37#F#)%O3R(+Gp$!vt`+HHbbN=l;4vp
zx#k8wSA7e&sSN*Ib~i-(t&9Z?<M*t1BY5;X6`6qKZx@~!#sfP(D~%f>$1}4HEAAPi
z&y0EZn~u|0Qjbrs`n|*kjy+pv*M_bijSk<jRJ<SUAM1<8_>BQ|`&bm!Mj%^Cf}5Xx
ztfc__EYjDcYzuPQh{j0kCjzOTUHK5HlNM-JRK&5<%oHt%()O6Zgf^H31w$cI9&KvJ
z6Ycv8xj<htTkQ%@P4F`+@C%dpzg#dBBv9S)9NGrVsfvZMy0mrlX55u&9Z|g-m|G=q
z)KQ_)5>a6EV@S?)I3`NhaKV$~Ebz03;1_BcmNuZ#zG%N_=e#p|gmqnrLko+_n)lyI
zETCODslN83Oh-<R8sDL92VbFyj0iQfP_unomWkHS75svoeD5d|Eeghx<i|^~D3_A;
zyM!<uBlneieh3T=ll4FnV@OrsgGUPtE^f$gVblonJ@+E>@OG`nV9k^Byw%*w%^ITc
zFDwAqk!Y|Z<Uz=<v;_+)?-pJWR_@X+<Jf3s<XQq>NcHR1%M;{K!i;m?vvjPpZy8a#
zv}3<4WHQo%-KYUuC4o8u7Go0O((m#%wD7Us4|l~Uy%;Ayg_p2acaf8Qsqpc#Ra&F<
zo+4NbV`7)2q6F9p+ndN?i@-u!$v09r?h?To%1ZWQKSmSmesSp~`8KaCfeKxX2J;Wj
zeEldEjS!}IKMZ-a3L#hDl{o|Tniq&VkZYv%3&*IRwQ8;>N_uBjgc`O<$ix+noO-v8
z^H=0|G_ruHi}H%c;DD(MKbuzoe?pF&0nY!=8C*Dxpo8UOX#0cN@&6DSHDJ$kGBQ|U
z@}py!OWcU&%<N1=iXa`z@i~s<X)Pnz{Mg6Dx0z7DwiIE59fKC2ga5NFaW1RUR{7aj
z*{_T$t>zoQ$_wfP|1uDKjoekJwLI7xDmoMOWWdS#IpX*nTEGSNoTK?f%?OM@2u4u4
z_sTU+N5!%(M@<2U<n9;#D3_PS$Yo6c39<*$0%OihQgU~pOhIFpc>*AlrhxY|pJX11
z@o=+38Wa>55Z)-M7!W%T0385Wo>vdb5z#Mb{}wStAYub9rRydC5-~K4ub@$?Dd@X{
zTQwl&2|Cv+=>wSMVnZQI#%mtH4-sw0f5`ZI>PbXE`>Le+267Z6xDytN1er0k<3Hvo
z#&ysIQ$hm?verR2O&sU1-135(6`dU@w<$F=+0`B)HOCt$-u|PZqJ9N#osooBGf;*2
zkATZU1vokncp3pO=Ig<=Oz>6(@&FVvL3N{JBh>vZMW}`fQ^Q>xCDainhl4@+V1HaO
zL67`hCDkM@y3MxhtC3p^Uy;kQPy)*u3M?I~CWH|^a>(cKGo{rKDIMnEzf=5^6!{xp
zg~7%eSgo)O(Sofrr=ko5dL%suUiQPS@|o3ANs$ddDSj`rHy#K;9@eAxHf(w9)njTp
zsGU-CNF@Xfj~)pg4#PTA!M5J*bWKGb3F9{=F!FuB)1xH_5Qs<6+wo8oTdHwJ4O!Hj
zoI1r!C9w43>WTiEw_sQyPYsoX#g%+smM1z#UrEN+_!%>&pONZ-Pd&$xv?^DV8FWI}
zPqGQ=ZnP;29^=RPKjM8|%N@02d|getbYAsOc)3%6A*`%%$p{?cKDjxjy)#pyh?c-c
zIri*(ABt9e{;RkwiGAQ3H4pO~bKKs7Fn?G416maDq2Y)+vl1_Gqf6U8=qQ>SMIbqx
zWVDbiuNnnNa<yM5!LC?-GYV_oXWr^ypnRV!n(Nh6xpRSJgAeUg-(#Vl*b>}2>F-4?
zR6eRQFLt@uhO*g7pn{J~P<?-Z&HhGc;jcSebmpipc*r=*U@#S%o8Sa(ZW6J~d8xVI
z{4ewN1(PojMA>ovOyO%*BqHtEo8+6K(jB%jObDCs1?FKwq6@<<12%Kx&t1t&`i{<+
z2|n1>KAxxkLeKoaOa4Fil;tE<j6jP(Q*g<J`P^?g_?}+c4vL{t9)S|+yP&LW;f5HE
z=jI0oKuHJ&z*=DuK+~G1+HsRVnY%4cdIT7HF|EXg*6%A8LOB2oyxuhL${y%y#jnpC
z!ANq#yiU2tNbj?V<%UnpDFL7zL*?4Z97>{hEkK^Ly<U~3!Sn%)qjUG<TCag5ZiWj0
z9>*wu{gY#|wJyURD20g8e^Ht6H%WjcmevvFeUQ!Nb#}nzvOZk#5f$seg6gS`3Rr})
zX=%+5Or$kD0VC4r8dxScY?Rgo0SX(-CZImeS9IcpElR710*f*a2v6Q8V?AOIc$S}<
z6%C5ecpVJxZdMI+4<MO<^WUU#vD?n4cjV3t!9T5_7NRJyQAKvM(8CFU?e7#lo*Ig>
zah=LP7NW|wy-GVZu@uREEpP<<A)v=g4Q2gB{3u(-ScUX{l4F;kK>!}HfkliPK?KX{
z<m{E}7-;3@@y1iPYZx?GBGT124O|^02hD4H^+65UtX;rx;S<^a%4-U0u7;Xn;tqQq
zPm>^lu>qjT7iVi-OwzhVI=piF)vV}|c<&D^?ygc^XQYX=a$gNCG>}W2x_zj^RL6+J
z%7p5F;-qTR8Yzp4_iekzpB+jXFio&f3wm^+i|~QM(_Vy(@V8mqL4bKD>hXLRwY2qY
zeg4txnXcPV$_%0RQB_9Z0QlsV*@}m$h0xG3ZUYwS9l#^7FCc=!vj<);^X}npHLRp#
zm3vNaWC>Vb9*$<%xbJ|gqGHPFOV@7GG2oUml<y_aUMvgD8|`@L9T?K(^$RYBJAnR|
zLAbByZkhrhplX+Pll!lBwJyRe%Z>ny`P<?rk|!G`*W||6XQMsWfG_o9@62uFNeEZV
z`F2yMS=c?|*1ZUO1eYwiaqWQDw(~qFTMXeSt=4+Y>1<8B4Ek1$27=nNVe>#(BTORz
zG+gCzFz7XX7qrOc_Sige-fmdw&ZyD_d^R;?YsF4brG#SCeo&SqVzl+=+eaOsLpO;x
zkkVk#(?qm+$7=^GKh4$f@t3IAOALb#6|I+Mua4?izZxEnl+S*W9P?`HPFHFRE!5WS
zaAX9PCzwB3I%;?^XHFlJRZO!eKEZQs1K*CIxIz+S_n2Gi3+3+&l6DrGT&}xGNBT<f
zU99W1{btB6TKxbezF8r7uz(e>UvU|C>^&zZJKR^&1mco9He5gh$>8F$M)o7m_FE(}
zl6#457rFCfX~3o64UGU`CRxAQc65pWz+-jDbCFW<+VPwX>#zlX6}98DpE5i3jd$cl
z`ZSzvIh0mXrDY!59-g(f6sL}J4Rj{^hNMb6;nQa&ALIm=qNVA>kc{0uQ8;G+$x0iZ
z07ON^E&@SFEzoRlay~KI;W>Lg<CX>(s!j7T^3)+0$s{YES}%Tb_O#&&&iOh3Q3wXj
zhUm&B0aJ_!*(caxF+v~+2+PB}pv|VH1h+SWSZW)Vai)Es^usd`&${$%eU!70cC*#Q
zTs_yMOPifzUNDvs+^S2Jf(2p(-?q>1jBUp;ezR}#0UgZE;WWlkfGF1EAcTNW<H)Gc
z<?Wulp2sqQU-vw$9@bKp-8+~VZGA8^#}KRg$gbw(tQ;7pRiO@Z|5bLVh64^pjNg+a
zpQ}^z>&NGSqhsHD1>C7fYJwNLYrzP};|<`e+yPr{djUqqdjvW-TT)V(m5O~Wk8^ir
z$n(D1&*;&Rh}HWBnr6MP*sS~_w=)A(zKg#S!V<YRw99(0?c&#9RWP1Z^@0}%RCE(?
z+4fez{z-*pTmxke_X4iiy-MlKc~L1DF~ANq1)MV+Bx)^N9?y8^^~%G=^W=xr5@)m4
z*%1p#wc}4yDgdXbXH>{Pi1eO5iB;ajVVBGK$eG>oCHX6*OZGf1L+qYdO5kQJy+xp4
z`}(?y-{>`_7ec+P^$h3%$Vp0|4<?8T;r{99O%(gjpv4%CI~RKY0c~`s-0C#&U<s}r
z{QI%RcCrU=Q%655YhVUM9s*v={lyD{bg0y?`gRtWiCtSCv2V%i=EMP~bj-ov;9Ol5
z$JX^yd#`5)#Pg?xeaoYtL>gT4O}(2*qM(=b@w+o~Y(+#cMg(ZsAi5CWtD=xZWwxH_
zj}tmmi1dFg8bRyTs7_!Je`u)C(as0X71;-zdMyxSz^OUOjZ5m9f8OKvQ}{rAL20UF
z%{=P+6L^NCw^)371L`|*9yY6}xO~@Z^EUnev<)xHFl3AEQ<Le6XMuqwu>Xwz$n8;R
zkUV<3ES#oe9qdTP+H%@JOb}p}r;w-lELygQ1qgo3hItN|97NH+<FWkw1r5!-<K}*!
zy*F=ka=EU`o`KYKKiE4rV@Ql{j@*t#`s-F0cOaJ};TDkiL1noDn)C)k?!cbl-3AZt
zK=}~u9k<ZXZuk2#nhXQO;KHRE;At<5NuoFH&Hy@i0y<q<(8yHtf9~xaSi?2#Ilb4x
zz2}CXZm^SVJE|w{V}M*Jr6;==N1m1eMo$bQIB#S$c$n<#I&1aOHG|R5dqQ;HWJ=qa
zR}Jc)HSZ`%8_n)jTv{7y7Q8PUXobc}_+}YghhZ~xA}no}TlU%VVY;u=QygPuheO$7
zDWgl?49sD44h<JL-e2AA#En|16javc(@JVv<}b%^bHZ~xG{e*kwn8r_ocDtx``W(b
z8+d^rq<fvJ!)|L#mj&_K1iCoZdUaUd!_@}F_MTb<BQ8tYOD$=D2z%1MV$Ik#CqnjG
zztfOgmX&cO2QQnEhz*UH4DXa|V-G-vg+t5eH)hM4w#i59ja6zko+VqpU7Ord5#MUH
z_g5=1@6tBIT5$MIAN_?{`a<Nk@hLQKFFuYFG)vE<85RJYKu%=UjtV9DTlp|vH2@c-
zv6WFB>$KADVCilDM9a+KErKhF`>q*WX2EZ1!Dd}9eTp-OQ_nw6jVrQC-I1hpyg5KB
zXyUw_Y}JiMIP4}xh~!T1y(a8{BW}CZkHyss^}wWA4ZLh$8q0r-Iq}`OAvRhtKe%v~
z`l;h4!ktm-ryyrwPbjZp0Q5%~+nE#^vaUnqG=1J~kqeLd%xs|*CMOj&ZNDe}XLx~G
z28%ScROD!idtN=xd}OMpR3_9`UXZq<AjT?G3}2lw-fh5hhM@Csx0SA2kV1zeZ<WF{
zi0iEXRVzUt5r!<OIsV(;Q=Se2G8O|00Eiu6RXG(%Cfdt0C2*?+x6^=0qW6TCcu$(v
zY-nM;Zs!L^dD>vrplGy8as1nAB@axLo^QXliJdQeK=gu><jEL<P=K5g{XWi{(JJd>
z56<xjR}-PJOKaYPvrhTU4A%iwUV(K;+}Tk=`D-Rh;56+mQxD(?tV|)Cbwd#77ZmM*
z1yc2tjtG3sRlL^jo7~NJ8I!HGtwMK2&~U6G4Ed$LD}=Ut;=f=leuB#qAGLGGkb%2v
zz@26Rom*C}QEfTob}>?Y=w3z(;j#Bj;XkzaD$QC8g~18CVL5U=U%FBYwnpyqpMjRN
z<gEv}oU-avD;)||SKF`J9_GoFlfWRlGI$0!Ldt<-me1V?Y<4BWxlMR5ot{SSm{Pxh
z+V%<wc5sqm?bwU}tC4+X1B|D$Ez)>C!taSA^rL)0)@qGGG5^uQF8jNviI#=Zx;#wf
z(0~2O+1K{%+tQzlmt<&fHCf%s`60(QTqmW%Pk<8f<4yGx1m(qdJE%4CKWUB<G*z(A
zF@>*Mp}nSY^K2}R2W|xrX;$*WmmxpzYi&Z&J79cQ%u_cxvDI(dxK+Ao$*Wv{=%J>7
zEi4Q!XmAE+xC{44n(#2k7=`+G!1-oOXqHFIb{R*X>8?hjCRRU{C3@C*L3&%=5@TcT
zok#;yWLo|^5%-@V49@euT*3Jm@98Y>y{84fg`QPqv0V8+=pH~fEI^k+^jfe!Rr*W&
zwzK~26)t^LwlS}A1ffmy9*?7UuxKbR>;Z^O&&+Rz7G62jjH*C#c7GZYGkw@Wtj2M#
zFVbAQm5liLvf?1Vi+6+`)53c%WP~4wN<zy%CUTqEhTW@$2T}@^gp<yT5YDqf_!rJj
zg}Mka>?PoPWM)$oA%(huEM)4%Qo*I6?9e*n)Z{ERtlRncE&(NY8IkqEz%4hwI8*oj
z6({J8$?cRqct5=S$fbj4PPPF3HQp<?GeMFM+l?D<jVd*-U*ounuj5gD{D!a4zP-1)
ze<R#k>~ISZOrkvRt;A38+j8v9!Eaj(*HkKIlKByCdXMSJbMtR<te%`J(I%<};fa5r
zj7{>xgElK7><O;qFY(QKLpbCe2(dYF+3Xb!HHWd;Dp~f@?dql<P`_AKP6<~>TrlWb
zBR&vVsnbLtw2M395I^hKUyc<O&>za<!43u*-T=4FWhpP96Oohub2-a8l|h=Y{XGSD
zpgtn*a46&IWe#Vhgr-Rj>(Q8A=ce;Y!<bhF_qf+nkV5!MJiPW&Mxtp40{bGs_IE;H
zss2-R8b%bhadH>&qr0I@0r=t!=CHwn-qyJ{Slt>D2trx>Pg=k-w>s&+lOYbc<)oij
zq9xmTE}is*fqSHAmvQg16qBl!y$J5cAQPo@Oo`5Xu7%$X-_16WIt`Vpr@!4O1euOV
z>hP3Tdh-1zam1z}OS+pGp+o14Q}wy22|>@S59);1HJNAN0mS<F=cvrz$q1wYsS*h|
z#Glcd1Ts)C1JXpKvhCo$qi9iyAU6vgu7Z5<;Fh(fwfX?LT-?+cRNz#u&5|=K(wSG3
z(f>;Vh|NO3i8b2=aL&9OQgu|wA?v;w_^L>ggX4E}(7OX1deXC5IOV4IDoH!WomAk?
zI4l`+p@12k%Kj^}fmAOQ+*>G${>GDnEB?W7a)$g=CnZ5(2(6SRAA;67`W1M%x*Xhr
zzO>rWT;f`--;otTDiBa*ghta-Q|~@Zbtmgao%fx(vP2lBcl%ZFC*a3$k9(8Pt5iky
zWj*E<<Cwd+I|2gmb9%dmh9i;|?x5ZR{U-VPljgCDS46_wsDXLpa(eYOTRD@WiPM${
zU(D{D1|<u1_v;GYx`^R3rGwk1`;2(=B|Ef+0<Plly*rEigs{$f+er5(Xij4m5Ell~
z`yHl$EgjVn%!mU)m0E_VXB%S}Gl?jsDt4s!XU=Exu7pm6u;IwUumaKWC{w#Bx=-&0
zDD!fUlmMe(tFv06qbVBzvm2bbi6cn+bl1Gq;Uj|_D|L;if{bKGxaW2Q3#Ryb18qrx
zyjDtTHdpP$sL;b8E@=mPU7?4!>X0Emu?OYRTmNa?b8^9}c7oOJ?eTm!TG-AW%|*db
zLzY?5g(0$$%7-$dkTeBye)x}wX<RdrPB-kXVXm@w=G3Hqj~|d}EovpF<p&M3(k)V3
zW%j!DG_a7*+dwe1vKi`G=M>&68b0KfwS9?37>L!-PRkh0@(dFFmrRt67JZ{L*ndZ)
zQ=%H7ChpeTI~>f#NV#{hKY$CEfZ=o@!;W;D<-M&vZF?Pq;`D{BBW-GpE+=%|Z;f2X
zlg0;zS8tw=97sV|h5QJQ&TWSBA~rvXW<1GwNEx3*{#4G(_>IB3*sZ3FTtAirx-M<0
zuz8K|40Fsw=lsbD9dRu*fugnaATLOx!}u*?8k7Z^@k{aOxY+d-2Q8NUcnI~3-7OEE
z?>`B3PT`xW10`&NKupi&(O#%7e^0EV;FNMj#~m&U;Wf}zTpuc7roNm8g?0Qk_8r3a
zi$rc@4Y-z%l(Q}VY$uxk%(y~l=nEy`D5;Q267%vPbRjW%sk!L`c>eQS_CB6>Qo1?R
z874VUL#qniE)xxH3-u{m4U$ZXg>pZ`4MS7eyq99+&E7Ck7jf&6tL)O^V@n!IQ)?{f
zfI_3VM4!%-oEW6mM)l1jNU=2;ZESyV?lA4a@R#Mi6sQ%PaFSH&WYl+`L_e!8z8+iK
zaS(8wwaL)&%rGmm<=B4RL=Sd^s4Q}(BxxNoRM4u}M5A+I{5l@;(){?)EHuShWF+9+
z=>-%;N`VK%#dX%}SYL#4zDt$IN?FLnfFlng%6#w+b)FE-UWWizvKAyO<o)DMejy#X
zs>-s;&+M8d{GO%M90refKrG|{Xn$QQWpJsiJD`Ev1U`45!$Nn)D4D>Ukgw&Nivdvt
z*dNCytNMjGf?Qw)Eip;9dMli=asj~v?Go04^OH!2lCUBE>Z7i%iPxdN;mti|gF8R`
zH$ODv&Icqd+~pa6;f~FX7OZ<oZwpc+<Ap?ekGYAH#1Fnnn?E%|6IgM^*WOwecRhPH
z95MZB!fIqDKdERU^x<q7r2f;(z~XFyS1`BAY#cAx0EYFksJv~kv;@#_;9;b40s-+{
zRDEEKDTBRW1LE8$j9aWYYGb?+7NP-0qoHgFh?SvDsqKOzOcZox>q>Fzull}wH|BY8
zhJa@T59uK?GziOhWRsh)pzM~m%ZDr&!2s-`U1-aYf;M7YUxuEVPsBF7$r>)yKl1<z
zD_st_4Hlnh<Z5s?%})<gGT__12)9*)Vm#s*d@*aP`(E7?^cJyIGzOWxL*=$x%<AHN
zFiqr&%cH}v;4(az!?MbK`cRi#WId<B6oq>4rn9KDtIsax$7x3fHOFjuMYRk4bsQj%
zY&8F?FBv3@cnuWt2Z{V%Y_=M!%+E_|5MjqS0nrPxd~3k$5neFaqsosxFaV-T5s;Q}
z)`7os<=@*?qcwW~{O_10sZ{^m8jn(H^sFcf&*n#|mlluVL5AF2ot(`Kd<YWf1?CJ5
z2~vlaEc{>H5kBCyvQ=|C(6R_{%i5;1dd^np$AU933ACR^mg#+JV6Pv_doQ<wid!85
z?&8#<O3@WF7wzbVhmR<hgY~eMA$3`r12H@_kO!DO0zj}!zA9#$z`@LmO$snu47hdP
zcexf#gY5lUdU6J-H|oUYZuxuO)pQ8~R};=WWc2P9RA8)f4<sd!Da6q9bSV`hpUXo{
z$cRUtZCH9;aYzsU?wh$ZsXLm`H$DU}Mz?DW*#k};b;EW=5%^ZVk;3Z*$shu<38)+i
zW9wJP|J*xXo`wG-XxExC&#*6qhoF$h17s{ZL8P&0AlM&;kFKb|G$YZkPIotjKLCHD
zBbmMb%Y4nk?3h87_X_ARi9evtz%6T}&~Joq+bj5P#7A4j<@(%YnIN=~=iuV`5nAJ^
z6BRS5h-7x(gURO%^OQ9v%WVCD`32!k^>k}LNexyeQi6<+M8my)+8%e-6Gyr`pf!Ft
z2l=&eDGbxa?nE?Pz85b)y`4}|sVNGPFQA=wwP3Qm&YM4-6TzYL?K94PE^Ei25?)dY
zFEo1`aG<%I^@DdrMFrnmZhd>g8^fowYD7V$<{d$XatuBb=aY6aCh`s06K2zQZX1HL
za=)-+eZTecg!P2Bu{HVWL3aovEa)8MUNXSn9eyz+HuWyS=7;Vb;cF=_ekEQh$AfKE
zZn~bO4E?7fE;W7{o`Db=q-c@AKp`+kk#EX^O64hLwokJfCcMhGy03oG1B3mFJr9E0
z>FL`OL}AxIrs4F)&?PmBt@3nayKM>~P#hv3)WVebn1@-Ewu*wz@<R0&r2jF$XT;u*
z2cPBcHt%-qJs$x12Vz;GMS8S|J5D0a3x<6N@B;K^i71?i6VqVl!Su_aAhV*8R6JHT
zo{o)RYZ(jrfL)CkR{!Ur0ZjC$AIM^(qRC>QlmRHQ@&4arWr)lO-g|<yVo!7n8!Qju
z5zu$$wMa252t&n;RgXrX#e@~SA=m(~P~UhHx~X%1Kak00Ax~BHB_?)oZjwiX+c)0B
zYZa%ObJH^_mlA&#<T@Gh@a|ijE-t^@bbu36-*I%FQc&UE*X7@X2xOPhP~(UQGs0;d
z(TvY^%SQ-g8EHR5<Qce81vZC2GXz9Mcj=lH?Z(d0Nz=~x8Gw|k8Or|C!of#<Y&vpW
zLR-~C9iVF(e%!N)7ld{BfPdi(gWnyCq7b<Ml#i14sfx(Mz+EZ9y^m1tAo(!Dwd$vr
zKl0^RY;KLRYGpfbO$>w7bNdcKL|MU~i{YdoUVDYXJO7Enas4&^Zf?j*aAy~#AhUOC
zZ8}8#-X~hbY=Gl#V8_r0xl*G(A}J<_{QQ@98n-&0fX0;vW1QSSEeaM~$mj1^^iCi%
zNQojQN&#<oU)E{5xTVKxu>^X%+xE7Rfb{waB3kH2cZ{>B7HOPisLOI#I!idA;Ibm^
zn%%s_GaYpc{U0qUj?31^(_d$gb>k%3HbK(kdjbjBp#pXL)tlhXBXLw7a#7{g#ObJ+
zaC9HbuHm_4&n`Op=ndwfUS3&26q8?Y!t{bYMBJt}BEb1Za=s}tDR`ZtA$a2ko|dAF
zq&Bjco!OmJ43<<pX`*!s;PCbl$&lTyI2HM@OzF0KgTF>+mBLZ_DMyDYp5cY(xMgC5
zS-DOU&71K2k^r4=oIA3wW8T#gaLd-RbvOu4AsyJHA8%3P;T5`vGC{qm52<a-TxYp&
z%<3zmURIvhj2b`OHf6l~(Ogo=&Q^M_qW6Ed1_c$(!Zg0(YTkZ9h93%aU!eRFz4|h`
zSy}i5kyatnBOt7)ddHFSyi!p_L79CfYZ=oZLJ*>As*pYtOBWj5w2)^G?)->EYnD7b
zf9=o}Tx|THitLY!UbXuwbT`7BZw-hZKfbG`nEG(M-f)C~PW8o$dwNX+c4?{V_813W
zwlR7bzD9XP1#620bexNU%=?ims`OM!xSajondNb|Kz6%{0XM(fvaur^0yLiw3UdpF
zujJE}M2a4bvF7zM2hhGZmK!Wcmg=T6y8`j#Q+~Z&2TdPKzgxuc_b#&1g7ZZ5FQdm!
z0SR0z=rZQ2u6JfsNrkSLltzGq@=lq3np<AMxZmv}Ysw;HP`b<9TCLcFKIfvZ6d1{d
z(zyM#dnjA2bs}4Kg1^HZ#eao6qpEpEsG%T<_pv=?*k&5DS+dWztfX<hh<g%LJQ5|k
zrIX$5&Wfhzc+%iz!oe*oNOLHJXOjAA9pu5#*Qx}0yG{c~Kni*(+ij3_Owe_6toBgG
z>71x{WZU@>%gWFr5YyPZPfR+1d-qFu+~4oA5@jhW0%oDR0^etTP`_PP!4F|nD1J0+
z7{V5-?2sN}NS5<0cYd0FGcZFl(O-tZEmy%$4HeR_J2(+|>iDDZ0XO<eIfQ~yCWd=n
zHTy{3QB{V@st%JokR{SVVgi&Mqj_uWv8G>j3xta43X#hh#nUVGy8VT(Ks-A0p*nw_
zE^|83gyZj*IKRgNWU&&_k5N#h=jEFvYFyN8MPce<rxq$0%1XKmSN8u;d*}WR^|r@x
zsm;g{!;D;OF7C61R1A_CGt6iR8RZh1+Q_9s;b<#rw8xCQF4GMSh8edmNEx&>q!PxZ
zDYrz3h|(r;c6*KeoU`*h=TB&UT+jFW`L6F;>-((vyx*_qvmQ)v*&T^dZj5}O1#aJG
ziLo2wqTGauvYXVp+J>pazN$H<Tfby}IU7YSpf}|=g%-fZY^dl8)ho-SK%BC|WD!ix
zfTV-#4X_FQoJd0bF0-8w(gX`q|MGK`Zn*KmGbxACuw%hqdvqM<+QGQ_V#d3zrLn#7
z;feDO1uq|y?+&Jajj!{$GB_`cQEQ4Y^zDDPnEmIk6?OCLC6LB3+5T}!T5F3w<+Z@%
z;Zzpl?1>1m^LcMXx856p;z?65u&Pra>tu|dC#AaFVE}8v@nBbR)h8hTgOMsUC@zk`
z-`L>J9*IXyrRgX;0+oxTt=L)P57v?h<JpZz(lbnOjbB4Fd4uF>zwUK6{W}#$5{K_H
za9<nWgQH=so8|&QhCR#(VumF^wob;m%CD<{sn-OTO(y^AA}+@ArSEk8qlu+zrgDqu
zLukH|hA~F5D7IL*mdmg7HtTt|h~e^SIFsBW8vjA)Osh2_W8`wEY**X7F=UHPI9;Rn
zDlkc^(u^dx`y}%~9@Hdz<bHMFTnT({-St`;|MIrqO29#`$IC9~Ynvu&HTcS=bUaf)
zu9-d!+4vlJSucY>aL?%KAfFT$pE!>xuR-ala2i00r5h%3;Cw^E|5NWNj+?sum^P6N
zs@LrZ^ctlYdF|Jf+uGJ0S$)Yh5??KsJNC^t+kr0iX6!IimuNE{sJLr+R?X8n)HC6R
z*q{&hiiv_<UnsBabov;j1Etws=tY=`F7ESFKMJ0q=7ppGG}8y%x3zCZ36|YCO?8v}
z5?ad$_<Z1ZU%8{sm6m^|67aK8e|8w??a^5m6v4};G7LkuNA7HPRNI-_5m7S$&VnwS
zt`ut*fP;Z^f_5zd0WZ5eUU4Uo%5VDP^-bl$68B0Nb3C78$Bcem9voMTnyAX*Ne-4}
z@<7E(eMBXx^wINpB)9hf%Zg6-Li-u;UG5+Va-8CNs9xRc(@R7%VkBbS<0tyLTK478
zJ$>Q#4%ieuYbW7_SYP~Yxw)g%gd2ax&hUzIG?JjX<0&RV3E15%Hm6(W5DJYsDFuyW
zSnfZ*<MQ1G$U}z}?F^zBb_+MP06rK-PzkA0=w+a6mRax)c+zR)EH&AnP^{Po!!6$3
zqTUZSnJuMNFT9}&oQv;2=~rFi3=}mN55&Uu0xU1C5LnP2af=x1e^1xn+3i1(Tok-8
z&E%rFSK;LGlo0U0lA|p!uk>!G)P^EGUH}W)P86-NX|oNP7~kkUf(vjpSHjub(<5a5
z5IJs6^()i8v>(+EW(1u}%o~EE-CRqgr+jm5)iJ3Z)4(d-!qgT7rbK|^i783rN3K6E
zY+ssbI8zXaOd9&QW4rQR&0~THE%Zo!I6wprN(|O`ge}x5DfVr@ah2SAAP^cT{nC0a
zN}#h4Kw(hZw2EH1S1xs{RcWTv_<-B0*aoJ}$>hv0`V|BFq9-srKf<Q#4~R~H%?dT~
zT-Ys<=#*9WVZdC;C*p^ZHh74JV8>za@E5bvP%B4Ik1SssP+r)r7!d}63Tvsad*K28
z!8em6mg>eGy}|jJ>BFOqDugfEz-kwRdNu0)`u!V@snN=U>8e@Vt25b+OAgVmI6bPr
z>XVgob?-w{U7LaHL6^LjUOSA&46Dl4b7tb1O1s*QWKJ12Nv5NP*TV)XPc<zqCJ%r`
zGR!`fF5a$o&tarivz=VQ%8cB5mebo}PW6$=_oP(Ss<Lp^U92q+48TF^*c?YIV8A*E
z2vw{mFaEg=Rt8fbWpq0Zo&2o>M;QP>fEgiUc>0gB18e3TXzNWhk*8yC*2r9u!>Tx-
ze@-v3kL56%YoNZV!fuI<#-&{8bfrL1WU@ktN@oiNEW~ApaQ0@}dR%o2ibXK10`n*%
zICwbI`F3IOf?=dPMWK&xId~YP!a8?h8xALcFJ?{Sy!#U+lITMp+<B&u9TH=lWsXR*
zJV$t>B3v|V!}M6RL6E^pQQHW>do_lCbD+ECX{T$9VuP>q9stQwn!ME;9-xmD23`wS
zC2FObHc0kqy>k!csU}>@CBlBx;4PH;x<ahMHBlKGB!Z|?w#rX$Sl$dEKHM(5HyCGD
znQ4ANXXfGEi?rRM4}0Ghur;cw5rQX5$Fs?ShFUFBAW>gSpDxToW^e}XVXh9kP<m8@
zixNx*F9zoDqQ&@P1cRiE%aRos$1-P+_E;#JxQ?Wko{Bx9gy>$hPbd|9dMfgn175JB
z+c|y6G38Bq_+ilJB3mRUIm5nDfd^-ZCqSLf6k4Gl1v+d2c5>6B{WX?;crB<OT_qZ5
zm%vw)nvqa|=i!kqtXX0krR@ILRrIT6Ca11dyIpO(NW;vjX?AbrlE=#vRvR8ITj`E2
z83AH|oAu0ZksP{k(IU}Fn$+{b2kv}KpBo}y2?`;P8aKgMgOlE%GIbE;(?hRfiHROq
z_sE)f_Wal8QxMI!0+^f;Noc3GX`H3x#xSGH9E^%hQL+Zby-&1$7W1X7#kd5~zDx~m
zk^41`x*e_Q3+N$c_q*6ulHc#xlA}$q5mdajblNR^mOJ7C#7FqZ(?5urL85C7v*v<%
z)gIHfRKL{bLbe9CC$e;{{*a#ef5lj7){v5ni(Tzz%TG5S3`uMmRiCiix1Ji62qVy!
zAY@^_1<*k1!nVYgLUv!bIvJ8T@4<JjHEGzo8eR)^va1za@=12J6~p`(+aTo-Ux40x
z3==oXn`rF}g>9|}?zjI7xg#UI*F;Oi&16H1>H6i#|AWuv0bI9ktb-}ln0(>=^)nn#
zRl`oXD4kIMczZ&o+FB&B*#D`d16Hd$@PnTF0SvCNoj({!2^K1KEyY=ys$+VnImO7O
z54(>IXxgNW4a0k58cc!!cpAC9TnVu86?A=t%XM`FU^;V)pzD$ZC;wmjQ|R9Wt^^8}
z@YsLD=1jn;Qct|OQT_d;I<9E|O4Zu6%lNxX0U&+>v~uKUDp!Yy1hnetm&GIhL<M){
zaX>5lKy1<K5Esw@Sbf~SM?%A|bYSHHaNRsM|6QYX`05Z^0C2~iKJESerOL$ypp^&;
zG_DRY3K-<4ALqKhiwfv#BCt`79?Y(w*#8WMfg_-K({giHkB^ZPXcZ;J^sWwpmHs9>
W@%XqWM(pn*1%70r3!xkzaP}`2yj)uV

literal 0
HcmV?d00001

diff --git a/Documentation/services/pcn-k8sdispatcher/k8sdispatcher.md b/Documentation/services/pcn-k8sdispatcher/k8sdispatcher.md
new file mode 100644
index 000000000..2e8f50af1
--- /dev/null
+++ b/Documentation/services/pcn-k8sdispatcher/k8sdispatcher.md
@@ -0,0 +1,40 @@
+# K8dispatcher
+
+The ``pcn-k8sdispatcher`` service is specifically designed as part of our Kubernetes networking solution (please see [polykube](https://github.com/polycube-network/polykube) to get more information about it). The service provides an eBPF implementation of a custom NAT: it performs different actions depending on the type and on the direction of the traffic.
+
+For Egress Traffic, the following flow chart can be used to explain the functioning of the service:
+
+![K8sdispatcher egress flow chart](egress.png)
+
+The Egress Traffic is the traffic generated by Pods and directed to the external world.
+This traffic can be generated by an internal Pod that wants to contact the external world or as a response to an
+external world request. For this traffic, the service maintains an egress session table containing information
+about the active egress sessions. The first time a Pod wants to contact the external world, no active egress session
+will be present in the table: in this scenario, the service performs SNAT, replacing the address of the Pod
+with the address of the node, and creates entries in the ingress and egress session table accordingly.
+If the outgoing traffic is generated as a response to an external request, it can only be originated as a response to
+a request made to a NodePort Service. For traffic related to NodePort Services with a CLUSTER ExternalTrafficPolicy,
+if an egress session table hit happens, the destination IP address and port are replaced accordingly to the session data.
+The traffic related to NodePort Services with a LOCAL ExternalTrafficPolicy is forwarded as it is to the next cube.
+
+For Ingress Traffic, the following flow chart can be used to explain the functioning of the service:
+
+![K8sdispatcher ingress flow chart](ingress.png)
+
+The Ingress Traffic can be differentiated in traffic directed to the host (either directly or because it needs VxLAN
+processing) and traffic directed to Pods. The traffic directed to Pods can be the traffic generated by an external host
+trying to contact a NodePort service or the return traffic generated by an external host providing a response to an
+internal Pod request. The service uses an ingress session table containing all the active ingress sessions. 
+If a session table hit happens, the service apply NAT according to the session data. If no session table entry is
+associated with the incoming packet, the service tries to determine if a NodePort rule matches the packet
+characteristics. In case of no NodePort rule matching, the packet is sent to the Linux stack for further processing.
+In case of NodePort rule matching, different actions are applied according to the ExternalTrafficPolicy of the
+Kubernetes NodePort Service associated to the rule. If the policy is LOCAL, the traffic is allowed to reach only
+backend Pods located on the current node: in this case the packet can proceed towards the Pod without modifications.
+In case the policy is CLUSTER, the packet can also reach backend Pods located on other nodes: since later in
+the chain the packet will be processed by a load balancer and the return packet will have to transit through
+the same load balancer, SNAT is applied by replacing the source IP address with a specific reserved address belonging
+to the Pod CIDR of the node on which the k8sdispatcher is deployed. In this way the two nodes (the one that
+receives the request and the one running the selected backend Pod) will exchange the packets of the flow over
+the VxLAN interconnect. In this latter case, corresponding session entries are stored into the ingress and egress
+sessions tables.
\ No newline at end of file
diff --git a/scripts/install.sh b/scripts/install.sh
index d3ade0dce..5275260f7 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -125,7 +125,8 @@ if [ "$MODE" == "pcn-iptables" ]; then
     -DENABLE_SERVICE_SIMPLEFORWARDER=OFF \
     -DENABLE_SERVICE_TRANSPARENTHELLOWORLD=OFF \
     -DENABLE_SERVICE_SYNFLOOD=OFF \
-    -DENABLE_SERVICE_PACKETCAPTURE=OFF
+    -DENABLE_SERVICE_PACKETCAPTURE=OFF \
+    -DENABLE_SERVICE_K8SDISPATCHER=OFF
 elif [ "$MODE" == "pcn-k8s" ]; then
   cmake .. -DENABLE_SERVICE_BRIDGE=OFF \
     -DENABLE_SERVICE_DDOSMITIGATOR=ON \
@@ -143,7 +144,8 @@ elif [ "$MODE" == "pcn-k8s" ]; then
     -DENABLE_SERVICE_SIMPLEFORWARDER=OFF \
     -DENABLE_SERVICE_TRANSPARENTHELLOWORLD=OFF \
     -DENABLE_SERVICE_SYNFLOOD=OFF \
-    -DENABLE_SERVICE_PACKETCAPTURE=ON
+    -DENABLE_SERVICE_PACKETCAPTURE=ON \
+    -DENABLE_SERVICE_K8SDISPATCHER=OFF
 else
   cmake .. -DENABLE_PCN_IPTABLES=ON
 fi
diff --git a/src/services/CMakeLists.txt b/src/services/CMakeLists.txt
index 55ca7e4ef..5f450cd5c 100644
--- a/src/services/CMakeLists.txt
+++ b/src/services/CMakeLists.txt
@@ -37,6 +37,7 @@ add_service(transparenthelloworld pcn-transparent-helloworld)
 add_service(synflood pcn-synflood)
 add_service(packetcapture pcn-packetcapture)
 add_service(dynmon pcn-dynmon)
+add_service(k8sdispatcher pcn-k8sdispatcher)
 
 # save string to create code that load the services
 SET_PROPERTY(GLOBAL PROPERTY LOAD_SERVICES_ ${LOAD_SERVICES})
diff --git a/src/services/pcn-k8sdispatcher/.swagger-codegen-ignore b/src/services/pcn-k8sdispatcher/.swagger-codegen-ignore
new file mode 100644
index 000000000..1bc8b75ce
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/.swagger-codegen-ignore
@@ -0,0 +1,13 @@
+# Swagger Codegen Ignore
+# Generated by swagger-codegen https://github.com/swagger-api/swagger-codegen
+
+# Use this file to prevent files from being overwritten by the generator.
+
+.swagger-codegen-ignore
+
+src/*.cpp
+src/*.h
+
+!src/*Interface.h
+!src/*JsonObject.h
+!src/*JsonObject.cpp
diff --git a/src/services/pcn-k8sdispatcher/CMakeLists.txt b/src/services/pcn-k8sdispatcher/CMakeLists.txt
new file mode 100644
index 000000000..9857094f7
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/CMakeLists.txt
@@ -0,0 +1,5 @@
+cmake_minimum_required (VERSION 3.2)
+
+set (CMAKE_CXX_STANDARD 11)
+
+add_subdirectory(src)
diff --git a/src/services/pcn-k8sdispatcher/datamodel/k8sdispatcher.yang b/src/services/pcn-k8sdispatcher/datamodel/k8sdispatcher.yang
new file mode 100644
index 000000000..ae36d590d
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/datamodel/k8sdispatcher.yang
@@ -0,0 +1,173 @@
+module k8sdispatcher {
+  yang-version 1.1;
+  namespace "http://polycube.network/k8sdispatcher";
+  prefix "k8sdispatcher";
+
+  import polycube-base { prefix "polycube-base"; }
+  import polycube-standard-base { prefix "polycube-standard-base"; }
+
+  import ietf-inet-types { prefix "inet"; }
+
+  organization "Polycube open source project";
+  description "YANG data model for the Polycube K8s Dispatcher";
+
+  polycube-base:service-description "K8s Dispatcher Service";
+  polycube-base:service-version "2.0.0";
+  polycube-base:service-name "k8sdispatcher";
+  polycube-base:service-min-kernel-version "4.14.0";
+
+  typedef l4-proto {
+    type enumeration {
+      enum "TCP" {
+        value 6;
+        description "The TCP protocol type";
+      }
+      enum "UDP" {
+        value 17;
+        description "The UDP protocol type";
+      }
+      enum "ICMP" {
+        value 1;
+        description "The ICMP protocol type";
+      }
+    }
+    description "L4 protocol";
+  }
+
+  uses "polycube-standard-base:standard-base-yang-module" {
+    augment ports {
+      leaf type {
+        type enumeration {
+          enum BACKEND { description "Port connected to the internal CNI topology"; }
+          enum FRONTEND { description "Port connected to the node NIC"; }
+        }
+        description "Type of the K8s Dispatcher cube port (e.g. BACKEND or FRONTEND)";
+        mandatory true;
+        polycube-base:init-only-config;
+      }
+      leaf ip {
+        type inet:ipv4-address;
+        description "IP address of the node interface (only for FRONTEND port)";
+        polycube-base:cli-example "10.10.1.1";
+        polycube-base:init-only-config;
+      }
+    }
+  }
+
+    leaf internal-src-ip {
+      type inet:ipv4-address;
+      description "Internal source IP address used for natting incoming packets directed to Kubernetes Services with a CLUSTER external traffic policy";
+      mandatory true;
+      polycube-base:cli-example "10.10.1.1";
+      polycube-base:init-only-config;
+    }
+
+    leaf nodeport-range {
+      type string;
+      description "Port range used for NodePort Services";
+      default "30000-32767";
+      polycube-base:cli-example "30000-32767";
+    }
+
+    list session-rule {
+      key "direction src-ip dst-ip src-port dst-port proto";
+      description "Session entry related to a specific traffic direction";
+      config false;
+
+      leaf direction {
+        type enumeration {
+          enum INGRESS {
+            description "Direction of traffic going from the internal topology to the external world";
+          }
+          enum EGRESS {
+            description "Direction of traffic going from the external world to the internal CNI topology";
+          }
+        }
+        description "Session entry direction (e.g. INGRESS or EGRESS)";
+      }
+      leaf src-ip {
+        type inet:ipv4-address;
+        description "Session entry source IP address";
+      }
+      leaf dst-ip {
+        type inet:ipv4-address;
+        description "Session entry destination IP address";
+      }
+      leaf src-port {
+        type inet:port-number;
+        description "Session entry source L4 port number";
+      }
+      leaf dst-port {
+        type inet:port-number;
+        description "Session entry destination L4 port number";
+      }
+      leaf proto {
+        type l4-proto;
+        description "Session entry L4 protocol";
+        polycube-base:cli-example "TCP, UDP, ICMP";
+      }
+
+      leaf new-ip {
+        type inet:ipv4-address;
+        description "Translated IP address";
+        config false;
+      }
+      leaf new-port {
+        type inet:port-number;
+        description "Translated L4 port number";
+        config false;
+      }
+      leaf operation {
+        type enumeration {
+          enum XLATE_SRC { description "The source IP and port are replaced"; }
+          enum XLATE_DST { description "The destination IP and port are replaced"; }
+        }
+        description "Operation applied on the original packet";
+        config false;
+      }
+      leaf originating-rule {
+        type enumeration {
+          enum POD_TO_EXT {
+            description "Traffic related to communication between a Pod and the external world";
+          }
+          enum NODEPORT_CLUSTER {
+            description "Traffic related to communication involving a NodePort Service with having a CLUSTER external traffic policy";
+          }
+        }
+        description "Rule originating the session entry";
+        config false;
+      }
+    }
+
+    list nodeport-rule {
+      key "nodeport-port proto";
+      description "NodePort rule associated with a Kubernetes NodePort Service";
+
+      leaf nodeport-port {
+        type inet:port-number;
+        description "NodePort rule nodeport port number";
+        polycube-base:cli-example "30500";
+      }
+      leaf proto {
+        type l4-proto;
+        description "NodePort rule L4 protocol";
+        polycube-base:cli-example "TCP, UDP, ICMP";
+      }
+
+      leaf external-traffic-policy {
+        type enumeration {
+          enum LOCAL { description "Incoming traffic is allowed to be served only by local backends"; }
+          enum CLUSTER { description "Incoming traffic is allowed to be served by any backend of the cluster"; }
+        }
+        default CLUSTER;
+        description "The external traffic policy of the Kubernetes NodePort Service";
+      }
+      leaf rule-name {
+        type string;
+        description "An optional name for the NodePort rule";
+        polycube-base:cli-example "my-nodeport-rule";
+        polycube-base:init-only-config;
+      }
+    }
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/CMakeLists.txt b/src/services/pcn-k8sdispatcher/src/CMakeLists.txt
new file mode 100644
index 000000000..7acb5ccfb
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/CMakeLists.txt
@@ -0,0 +1,50 @@
+include(${PROJECT_SOURCE_DIR}/cmake/LoadFileAsVariable.cmake)
+
+aux_source_directory(serializer SERIALIZER_SOURCES)
+aux_source_directory(api API_SOURCES)
+aux_source_directory(base BASE_SOURCES)
+
+include_directories(serializer)
+
+if (NOT DEFINED POLYCUBE_STANDALONE_SERVICE OR POLYCUBE_STANDALONE_SERVICE)
+  find_package(PkgConfig REQUIRED)
+  pkg_check_modules(POLYCUBE libpolycube)
+  include_directories(${POLYCUBE_INCLUDE_DIRS})
+endif (NOT DEFINED POLYCUBE_STANDALONE_SERVICE OR POLYCUBE_STANDALONE_SERVICE)
+
+# Needed to load files as variables
+include_directories(${CMAKE_CURRENT_BINARY_DIR})
+
+add_library(pcn-k8sdispatcher SHARED
+    ${SERIALIZER_SOURCES}
+    ${API_SOURCES}
+    ${BASE_SOURCES}
+    K8sdispatcher.cpp
+    NodeportRule.cpp
+    Ports.cpp
+    SessionRule.cpp
+    K8sdispatcher-lib.cpp
+    Utils.cpp)
+
+# load ebpf datapath code a variable
+load_file_as_variable(pcn-k8sdispatcher
+    K8sdispatcher_dp.c
+    k8sdispatcher_code)
+
+# load datamodel in a variable
+load_file_as_variable(pcn-k8sdispatcher
+    ../datamodel/k8sdispatcher.yang
+    k8sdispatcher_datamodel)
+
+target_link_libraries(pcn-k8sdispatcher ${POLYCUBE_LIBRARIES})
+
+# Specify shared library install directory
+
+set(CMAKE_INSTALL_LIBDIR /usr/lib)
+
+install(
+    TARGETS
+    pcn-k8sdispatcher
+    DESTINATION
+    "${CMAKE_INSTALL_LIBDIR}"
+)
diff --git a/src/services/pcn-k8sdispatcher/src/HashTuple.h b/src/services/pcn-k8sdispatcher/src/HashTuple.h
new file mode 100644
index 000000000..e72cb2897
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/HashTuple.h
@@ -0,0 +1,42 @@
+#include <tuple>
+// function has to live in the std namespace
+// so that it is picked up by argument-dependent name lookup (ADL).
+namespace std {
+namespace {
+// Code from boost
+// Reciprocal of the golden ratio helps spread entropy
+//     and handles duplicates.
+// See Mike Seymour in magic-numbers-in-boosthash-combine:
+//     https://stackoverflow.com/questions/4948780
+
+template <class T>
+inline void hash_combine(std::size_t &seed, T const &v) {
+  seed ^= hash<T>()(v) + 0x9e3779b9 + (seed << 6) + (seed >> 2);
+}
+
+// Recursive template code derived from Matthieu M.
+template <class Tuple, size_t Index = std::tuple_size<Tuple>::value - 1>
+struct HashValueImpl {
+  static void apply(size_t &seed, Tuple const &tuple) {
+    HashValueImpl<Tuple, Index - 1>::apply(seed, tuple);
+    hash_combine(seed, get<Index>(tuple));
+  }
+};
+
+template <class Tuple>
+struct HashValueImpl<Tuple, 0> {
+  static void apply(size_t &seed, Tuple const &tuple) {
+    hash_combine(seed, get<0>(tuple));
+  }
+};
+}
+
+template <typename... TT>
+struct hash<std::tuple<TT...>> {
+  size_t operator()(std::tuple<TT...> const &tt) const {
+    size_t seed = 0;
+    HashValueImpl<std::tuple<TT...>>::apply(seed, tt);
+    return seed;
+  }
+};
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/K8sdispatcher-lib.cpp b/src/services/pcn-k8sdispatcher/src/K8sdispatcher-lib.cpp
new file mode 100644
index 000000000..8c9bc73b6
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/K8sdispatcher-lib.cpp
@@ -0,0 +1,21 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+#include "api/K8sdispatcherApiImpl.h"
+#include "../datamodel/k8sdispatcher.h" // generated from datamodel
+
+#define SERVICE_PYANG_GIT ""
+#define SERVICE_SWAGGER_CODEGEN_GIT "GIT_REPO_ID"
+
+#include <polycube/services/shared_library.h>
+
+extern "C" const char *data_model() {
+  return k8sdispatcher_datamodel.c_str();
+}
diff --git a/src/services/pcn-k8sdispatcher/src/K8sdispatcher.cpp b/src/services/pcn-k8sdispatcher/src/K8sdispatcher.cpp
new file mode 100644
index 000000000..3bd8c588b
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/K8sdispatcher.cpp
@@ -0,0 +1,497 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "K8sdispatcher.h"
+
+#include <tins/ethernetII.h>
+#include <tins/tins.h>
+
+#include "K8sdispatcher_dp.h"
+#include "Utils.h"
+
+using namespace Tins;
+namespace poly_utils = polycube::service::utils;
+
+const std::string K8sdispatcher::EBPF_EGRESS_SESSION_TABLE =
+    "egress_session_table";
+const std::string K8sdispatcher::EBPF_INGRESS_SESSION_TABLE =
+    "ingress_session_table";
+const std::string K8sdispatcher::EBPF_NPR_TABLE_MAP = "npr_table";
+
+K8sdispatcher::K8sdispatcher(const std::string name,
+                             const K8sdispatcherJsonObject &conf)
+    : Cube(conf.getBase(), {k8sdispatcher_code}, {}),
+      K8sdispatcherBase(name),
+      internalSrcIp_{conf.getInternalSrcIp()},
+      internalSrcIpNboInt_{poly_utils::ip_string_to_nbo_uint(internalSrcIp_)},
+      nodeportRange_{"30000-32767"},
+      nodeportRangeTuple_{30000, 32767},
+      nodeIpNboInt_{0} {
+  logger()->set_pattern("[%Y-%m-%d %H:%M:%S.%e] [K8sDispatcher] [%n] [%l] %v");
+  logger()->info("Creating K8sDispatcher instance");
+
+  if (conf.nodeportRangeIsSet()) {
+    this->setNodeportRange(conf.getNodeportRange());
+  }
+  this->addNodeportRuleList(conf.getNodeportRule());
+  this->addPortsList(conf.getPorts());
+
+  logger()->trace("Created K8sDispatcher instance");
+}
+
+K8sdispatcher::~K8sdispatcher() {
+  logger()->info("Destroying K8sDispatcher instance");
+}
+
+void K8sdispatcher::packet_in(Ports &port,
+                              polycube::service::PacketInMetadata &md,
+                              const std::vector<uint8_t> &packet) {
+  try {
+    switch (static_cast<SlowPathReason>(md.reason)) {
+    case SlowPathReason::ARP_REPLY: {
+      EthernetII pkt(&packet[0], packet.size());
+      auto backendPort = this->getBackendPort();
+      if (backendPort != nullptr) {
+        backendPort->send_packet_out(pkt);
+      }
+      break;
+    }
+    default: {
+      logger()->error("Not valid slow path reason {} received", md.reason);
+    }
+    }
+  } catch (const std::exception &e) {
+    logger()->error("Exception during slow path packet processing: {}",
+                    e.what());
+  }
+}
+
+std::shared_ptr<Ports> K8sdispatcher::getPorts(const std::string &name) {
+  return this->get_port(name);
+}
+
+std::vector<std::shared_ptr<Ports>> K8sdispatcher::getPortsList() {
+  return this->get_ports();
+}
+
+void K8sdispatcher::addPorts(const std::string &name,
+                             const PortsJsonObject &conf) {
+  try {
+    PortsTypeEnum type = conf.getType();
+
+    // consistency check
+    if (get_ports().size() == 2) {
+      throw std::runtime_error("Reached maximum number of ports");
+    }
+    if (type == PortsTypeEnum::FRONTEND) {
+      if (this->getFrontendPort() != nullptr) {
+        throw std::runtime_error("There is already a FRONTEND port");
+      }
+    } else {
+      if (this->getBackendPort() != nullptr) {
+        throw std::runtime_error("There is already a BACKEND port");
+      }
+    }
+
+    add_port<PortsJsonObject>(name, conf);
+
+    // save node IP if port_type == FRONTEND
+    if (type == PortsTypeEnum::FRONTEND) {
+      this->nodeIpNboInt_ = poly_utils::ip_string_to_nbo_uint(conf.getIp());
+    }
+    // reload service dataplane if the configuration is complete
+    if (get_ports().size() == 2) {
+      this->reloadConfig();
+    }
+  } catch (std::runtime_error &ex) {
+    logger()->error("Failed to add port {0}: {1}", name, ex.what());
+    throw std::runtime_error("Failed to add port");
+  }
+}
+
+void K8sdispatcher::addPortsList(const std::vector<PortsJsonObject> &conf) {
+  for (auto &i : conf) {
+    std::string name_ = i.getName();
+    this->addPorts(name_, i);
+  }
+}
+
+void K8sdispatcher::replacePorts(const std::string &name,
+                                 const PortsJsonObject &conf) {
+  logger()->error("K8sdispatcher::delPorts: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+void K8sdispatcher::delPorts(const std::string &name) {
+  logger()->error("K8sdispatcher::delPorts: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+void K8sdispatcher::delPortsList() {
+  logger()->error("K8sdispatcher::delPorts: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+std::string K8sdispatcher::getInternalSrcIp() {
+  return this->internalSrcIp_;
+}
+
+std::string K8sdispatcher::getNodeportRange() {
+  return this->nodeportRange_;
+}
+
+void K8sdispatcher::setNodeportRange(const std::string &value) {
+  // Return immediately if the provided NodePort port range is the same of the
+  // already configured one
+  if (this->nodeportRange_ == value) {
+    return;
+  }
+
+  // Parsing lower and upper port numbers
+  uint16_t low;
+  uint16_t high;
+  int res = std::sscanf(value.c_str(), "%hu-%hu", &low, &high);
+  if (res != 2) {
+    logger()->error("Failed to parse {} NodePort port range", value);
+    throw std::runtime_error("Failed to parse NodePort port range");
+  }
+
+  if (low >= high) {
+    logger()->error("Invalid {} NodePort port range", value);
+    throw std::runtime_error("Invalid NodePort port range");
+  }
+
+  try {
+    auto npr_table = get_hash_table<struct nt_k, struct nt_v>(
+        K8sdispatcher::EBPF_NPR_TABLE_MAP);
+
+    for (auto const &rule : this->getNodeportRuleList()) {
+      uint16_t port = rule->getNodeportPort();
+      if (port < low || port > high) {
+        L4ProtoEnum proto = rule->getProto();
+        nt_k npr_key{.port = htons(port),
+                     .proto = utils::L4ProtoEnum_to_int(proto)};
+        npr_table.remove(npr_key);
+
+        if (this->nodePortRuleMap_.erase(NodeportKey(port, proto)) != 1) {
+          std::runtime_error{"Failed to delete NodePort rule from user map"};
+        }
+      }
+    }
+  } catch (std::runtime_error &ex) {
+    logger()->error("Failed to flush out-of-range NodePort rules: {}",
+                    ex.what());
+    throw std::runtime_error("Failed to flush out-of-range NodePort rules");
+  }
+
+  this->nodeportRangeTuple_ = std::make_pair(low, high);
+  this->nodeportRange_ = value;
+}
+
+std::shared_ptr<SessionRule> K8sdispatcher::getSessionRule(
+    const SessionRuleDirectionEnum &direction, const std::string &srcIp,
+    const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort,
+    const L4ProtoEnum &proto) {
+  try {
+    auto table = get_hash_table<st_k, st_v>(
+        direction == SessionRuleDirectionEnum::EGRESS
+            ? K8sdispatcher::EBPF_EGRESS_SESSION_TABLE
+            : K8sdispatcher::EBPF_INGRESS_SESSION_TABLE);
+    st_k map_key{.src_ip = poly_utils::ip_string_to_nbo_uint(srcIp),
+                 .dst_ip = poly_utils::ip_string_to_nbo_uint(dstIp),
+                 .src_port = htons(srcPort),
+                 .dst_port = htons(dstPort),
+                 .proto = utils::L4ProtoEnum_to_int(proto)};
+
+    st_v value = table.get(map_key);
+
+    std::string newIp = poly_utils::nbo_uint_to_ip_string(value.new_ip);
+    uint16_t newPort = ntohs(value.new_port);
+    SessionRuleOperationEnum operation =
+        utils::int_to_SessionRuleOperationEnum(value.operation);
+    SessionRuleOriginatingRuleEnum originatingRule =
+        utils::int_to_SessionRuleOriginatingRuleEnum(value.originating_rule);
+
+    return std::make_shared<SessionRule>(*this, direction, srcIp, dstIp,
+                                         srcPort, dstPort, proto, newIp,
+                                         newPort, operation, originatingRule);
+  } catch (std::exception &ex) {
+    logger()->error("Failed to get session rule: {}", ex.what());
+    throw std::runtime_error("Failed to get session rule");
+  }
+}
+
+std::vector<std::shared_ptr<SessionRule>> K8sdispatcher::getSessionRuleList() {
+  std::vector<std::shared_ptr<SessionRule>> rules;
+  std::vector<std::string> tableNames{
+      K8sdispatcher::EBPF_EGRESS_SESSION_TABLE,
+      K8sdispatcher::EBPF_INGRESS_SESSION_TABLE};
+  try {
+    for (auto &tableName : tableNames) {
+      auto table = get_hash_table<struct st_k, struct st_v>(tableName);
+      auto direction = tableName == K8sdispatcher::EBPF_INGRESS_SESSION_TABLE
+                           ? SessionRuleDirectionEnum::INGRESS
+                           : SessionRuleDirectionEnum::EGRESS;
+      for (auto &entry : table.get_all()) {
+        auto key = entry.first;
+        auto value = entry.second;
+
+        auto rule = std::make_shared<SessionRule>(
+            *this, direction, poly_utils::nbo_uint_to_ip_string(key.src_ip),
+            poly_utils::nbo_uint_to_ip_string(key.dst_ip), ntohs(key.src_port),
+            ntohs(key.dst_port), utils::int_to_L4ProtoEnum(key.proto),
+            poly_utils::nbo_uint_to_ip_string(value.new_ip),
+            ntohs(value.new_port),
+            utils::int_to_SessionRuleOperationEnum(value.operation),
+            utils::int_to_SessionRuleOriginatingRuleEnum(
+                value.originating_rule));
+
+        rules.push_back(rule);
+      }
+    }
+  } catch (std::exception &ex) {
+    logger()->error("Failed to get session rules list: {0}", ex.what());
+    throw std::runtime_error("Failed to get session rules list");
+  }
+  return rules;
+}
+
+void K8sdispatcher::addSessionRule(
+    const SessionRuleDirectionEnum &direction, const std::string &srcIp,
+    const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort,
+    const L4ProtoEnum &proto, const SessionRuleJsonObject &conf) {
+  logger()->error("K8sdispatcher::addSessionRule: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+void K8sdispatcher::addSessionRuleList(
+    const std::vector<SessionRuleJsonObject> &conf) {
+  logger()->error("K8sdispatcher::addSessionRuleList: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+void K8sdispatcher::replaceSessionRule(
+    const SessionRuleDirectionEnum &direction, const std::string &srcIp,
+    const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort,
+    const L4ProtoEnum &proto, const SessionRuleJsonObject &conf) {
+  logger()->error("K8sdispatcher::replaceSessionRule: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+void K8sdispatcher::delSessionRule(const SessionRuleDirectionEnum &direction,
+                                   const std::string &srcIp,
+                                   const std::string &dstIp,
+                                   const uint16_t &srcPort,
+                                   const uint16_t &dstPort,
+                                   const L4ProtoEnum &proto) {
+  logger()->error("K8sdispatcher::delSessionRule: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+void K8sdispatcher::delSessionRuleList() {
+  logger()->error("K8sdispatcher::delSessionRuleList: Method not allowed");
+  throw std::runtime_error{"Method not allowed"};
+}
+
+std::shared_ptr<NodeportRule> K8sdispatcher::getNodeportRule(
+    const uint16_t &nodeportPort, const L4ProtoEnum &proto) {
+  NodeportKey key = NodeportKey(nodeportPort, proto);
+  auto it = nodePortRuleMap_.find(key);
+  if (it == nodePortRuleMap_.end()) {
+    logger()->info("No NodePort rule associated with key ({0}, {1})",
+                   nodeportPort,
+                   NodeportRuleJsonObject::L4ProtoEnum_to_string(proto));
+    std::runtime_error{"No NodePort rule associated with the provided key"};
+  }
+  return it->second;
+}
+
+std::vector<std::shared_ptr<NodeportRule>>
+K8sdispatcher::getNodeportRuleList() {
+  std::vector<std::shared_ptr<NodeportRule>> rules;
+  for (auto &entry : nodePortRuleMap_) {
+    rules.push_back(entry.second);
+  }
+  return rules;
+}
+
+void K8sdispatcher::addNodeportRule(const uint16_t &nodeportPort,
+                                    const L4ProtoEnum &proto,
+                                    const NodeportRuleJsonObject &conf) {
+  logger()->trace("Received a request to add a NodePort rule");
+  NodeportKey key = NodeportKey(nodeportPort, proto);
+
+  if (nodeportPort < this->nodeportRangeTuple_.first ||
+      nodeportPort > this->nodeportRangeTuple_.second) {
+    logger()->error(
+        "The NodePort rule port is not contained in the valid range");
+    throw std::runtime_error(
+        "The NodePort rule port is not contained in the valid range");
+  }
+
+  if (this->nodePortRuleMap_.count(key)) {
+    logger()->error("The NodePort rule already exists");
+    throw std::runtime_error("The NodePort rule already exists");
+  }
+
+  auto rule = std::make_shared<NodeportRule>(*this, conf);
+  if (!nodePortRuleMap_.insert(std::make_pair(key, rule)).second) {
+    logger()->error("Failed to add the NodePort rule");
+    throw std::runtime_error("Failed to add the NodePort rule");
+  }
+
+  try {
+    logger()->trace("Retrieving NodePort rules kernel map");
+    auto npr_table =
+        get_hash_table<nt_k, nt_v>(K8sdispatcher::EBPF_NPR_TABLE_MAP);
+    logger()->trace("Retrieved NodePort rules kernel map");
+    nt_k npr_key{
+        .port = htons(nodeportPort),
+        .proto = utils::L4ProtoEnum_to_int(proto),
+    };
+    nt_v npr_value{.external_traffic_policy =
+                       utils::NodeportRuleExternalTrafficPolicyEnum_to_int(
+                           conf.getExternalTrafficPolicy())};
+
+    logger()->trace("Storing NodePort rule in NodePort rules kernel map");
+    npr_table.set(npr_key, npr_value);
+    logger()->trace("Stored NodePort rule in NodePort rules kernel map");
+  } catch (std::exception &ex) {
+    logger()->warn("Failed to store NodePort rule in kernel map: {}",
+                   ex.what());
+    if (this->nodePortRuleMap_.erase(key) != 1) {
+      logger()->error("Broken user space NodePort rule map");
+    };
+    throw std::runtime_error("Failed to store NodePort rule in kernel map");
+  }
+  logger()->info("Added NodePort rule");
+}
+
+void K8sdispatcher::addNodeportRuleList(
+    const std::vector<NodeportRuleJsonObject> &conf) {
+  for (auto &i : conf) {
+    this->addNodeportRule(i.getNodeportPort(), i.getProto(), i);
+  }
+}
+
+void K8sdispatcher::updateNodeportRuleList(
+    const std::vector<NodeportRuleJsonObject> &conf) {
+  logger()->trace("Received request for NodePort rules updating");
+  try {
+    for (auto &i : conf) {
+      auto nodeportRule = getNodeportRule(i.getNodeportPort(), i.getProto());
+      nodeportRule->update(i);
+    }
+  } catch (std::exception &ex) {
+    logger()->error("Failed update NodePort rule: {}", ex.what());
+    throw std::runtime_error("Failed to update NodePort rule");
+  }
+  logger()->info("Updated NodePort rules");
+}
+
+void K8sdispatcher::replaceNodeportRule(const uint16_t &nodeportPort,
+                                        const L4ProtoEnum &proto,
+                                        const NodeportRuleJsonObject &conf) {
+  this->delNodeportRule(nodeportPort, proto);
+  this->addNodeportRule(nodeportPort, proto, conf);
+}
+
+void K8sdispatcher::replaceNodeportRuleList(
+    const std::vector<NodeportRuleJsonObject> &conf) {
+  this->delNodeportRuleList();
+  this->addNodeportRuleList(conf);
+}
+
+void K8sdispatcher::delNodeportRule(const uint16_t &nodeportPort,
+                                    const L4ProtoEnum &proto) {
+  logger()->trace("Received a request to delete a NodePort rule");
+  NodeportKey key = NodeportKey(nodeportPort, proto);
+
+  if (!this->nodePortRuleMap_.count(key)) {
+    logger()->info("No NodePort rule associated with key ({0}, {1})",
+                   nodeportPort,
+                   NodeportRuleJsonObject::L4ProtoEnum_to_string(proto));
+    std::runtime_error{"No NodePort rule associated with the provided key"};
+  }
+
+  try {
+    logger()->trace("Retrieving NodePort rules kernel map");
+    auto npr_table =
+        get_hash_table<nt_k, nt_v>(K8sdispatcher::EBPF_NPR_TABLE_MAP);
+    logger()->trace("Retrieved NodePort rules kernel map");
+    nt_k npr_key{.port = htons(nodeportPort),
+                 .proto = utils::L4ProtoEnum_to_int(proto)};
+
+    npr_table.remove(npr_key);
+
+    if (this->nodePortRuleMap_.erase(key) == 0) {
+      std::runtime_error{"No NodePort rule associated with the provided key"};
+    }
+  } catch (std::exception &ex) {
+    logger()->error("Failed to delete NodePort rule: {}", ex.what());
+    throw std::runtime_error("Failed to delete NodePort rule");
+  }
+  logger()->info("Deleted NodePort rule");
+}
+
+void K8sdispatcher::delNodeportRuleList() {
+  for (auto &it : nodePortRuleMap_) {
+    NodeportKey key = it.first;
+    this->delNodeportRule(std::get<0>(key), std::get<1>(key));
+  }
+}
+
+void K8sdispatcher::reloadConfig() {
+  std::string flags;
+
+  uint16_t frontend = 0;
+  uint16_t backend = 0;
+  for (auto &it : get_ports()) {
+    if (it->getType() == PortsTypeEnum::FRONTEND)
+      frontend = it->index();
+    else
+      backend = it->index();
+  }
+  flags += "#define FRONTEND_PORT " + std::to_string(frontend) + "\n";
+  flags += "#define BACKEND_PORT " + std::to_string(backend) + "\n";
+  flags += "#define NODE_IP " + std::to_string(this->nodeIpNboInt_) + "\n";
+  flags +=
+      "#define INTERNAL_SRC_IP " + std::to_string(this->internalSrcIpNboInt_);
+
+  logger()->trace("Reloading code with the following flags:\n{}", flags);
+
+  reload(flags + '\n' + k8sdispatcher_code);
+
+  logger()->trace("Reloaded K8sDispatcher code");
+}
+
+std::shared_ptr<Ports> K8sdispatcher::getFrontendPort() {
+  for (auto &it : get_ports()) {
+    if (it->getType() == PortsTypeEnum::FRONTEND) {
+      return it;
+    }
+  }
+  return nullptr;
+}
+
+std::shared_ptr<Ports> K8sdispatcher::getBackendPort() {
+  for (auto &it : get_ports()) {
+    if (it->getType() == PortsTypeEnum::BACKEND) {
+      return it;
+    }
+  }
+  return nullptr;
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/K8sdispatcher.h b/src/services/pcn-k8sdispatcher/src/K8sdispatcher.h
new file mode 100644
index 000000000..462776a3d
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/K8sdispatcher.h
@@ -0,0 +1,139 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include "base/K8sdispatcherBase.h"
+#include "SessionRule.h"
+#include "NodeportRule.h"
+#include "Ports.h"
+#include "HashTuple.h"
+
+/* definitions copied from datapath */
+struct nt_k {
+  uint16_t port;
+  uint8_t proto;
+} __attribute__((packed));
+struct nt_v {
+  uint16_t external_traffic_policy;
+} __attribute__((packed));
+
+enum class SlowPathReason { ARP_REPLY = 0 };
+
+using namespace polycube::service::model;
+
+class K8sdispatcher : public K8sdispatcherBase {
+ public:
+  K8sdispatcher(const std::string name, const K8sdispatcherJsonObject &conf);
+  virtual ~K8sdispatcher();
+
+  void packet_in(Ports &port, polycube::service::PacketInMetadata &md,
+                 const std::vector<uint8_t> &packet) override;
+
+  /// <summary>
+  /// Entry of the ports table
+  /// </summary>
+  std::shared_ptr<Ports> getPorts(const std::string &name) override;
+  std::vector<std::shared_ptr<Ports>> getPortsList() override;
+  void addPorts(const std::string &name, const PortsJsonObject &conf) override;
+  void addPortsList(const std::vector<PortsJsonObject> &conf) override;
+  void replacePorts(const std::string &name,
+                    const PortsJsonObject &conf) override;
+  void delPorts(const std::string &name) override;
+  void delPortsList() override;
+
+  /// <summary>
+  /// Internal source IP address used for natting incoming packets directed to
+  /// Kubernetes Services with a CLUSTER external traffic policy
+  /// </summary>
+  std::string getInternalSrcIp() override;
+
+  /// <summary>
+  /// Port range used for NodePort Services
+  /// </summary>
+  std::string getNodeportRange() override;
+  void setNodeportRange(const std::string &value) override;
+
+  /// <summary>
+  /// Session entry related to a specific traffic direction
+  /// </summary>
+  std::shared_ptr<SessionRule> getSessionRule(
+      const SessionRuleDirectionEnum &direction, const std::string &srcIp,
+      const std::string &dstIp, const uint16_t &srcPort,
+      const uint16_t &dstPort, const L4ProtoEnum &proto) override;
+  std::vector<std::shared_ptr<SessionRule>> getSessionRuleList() override;
+  void addSessionRule(const SessionRuleDirectionEnum &direction,
+                      const std::string &srcIp, const std::string &dstIp,
+                      const uint16_t &srcPort, const uint16_t &dstPort,
+                      const L4ProtoEnum &proto,
+                      const SessionRuleJsonObject &conf) override;
+  void addSessionRuleList(
+      const std::vector<SessionRuleJsonObject> &conf) override;
+  void replaceSessionRule(const SessionRuleDirectionEnum &direction,
+                          const std::string &srcIp, const std::string &dstIp,
+                          const uint16_t &srcPort, const uint16_t &dstPort,
+                          const L4ProtoEnum &proto,
+                          const SessionRuleJsonObject &conf) override;
+  void delSessionRule(const SessionRuleDirectionEnum &direction,
+                      const std::string &srcIp, const std::string &dstIp,
+                      const uint16_t &srcPort, const uint16_t &dstPort,
+                      const L4ProtoEnum &proto) override;
+  void delSessionRuleList() override;
+
+  /// <summary>
+  /// NodePort rule associated with a Kubernetes NodePort Service
+  /// </summary>
+  std::shared_ptr<NodeportRule> getNodeportRule(
+      const uint16_t &nodeportPort, const L4ProtoEnum &proto) override;
+  std::vector<std::shared_ptr<NodeportRule>> getNodeportRuleList() override;
+  void addNodeportRule(const uint16_t &nodeportPort, const L4ProtoEnum &proto,
+                       const NodeportRuleJsonObject &conf) override;
+  void addNodeportRuleList(
+      const std::vector<NodeportRuleJsonObject> &conf) override;
+  void updateNodeportRuleList(
+      const std::vector<NodeportRuleJsonObject> &conf) override;
+  void replaceNodeportRule(const uint16_t &nodeportPort,
+                           const L4ProtoEnum &proto,
+                           const NodeportRuleJsonObject &conf) override;
+  virtual void replaceNodeportRuleList(
+      const std::vector<NodeportRuleJsonObject> &conf) override;
+  void delNodeportRule(const uint16_t &nodeportPort,
+                       const L4ProtoEnum &proto) override;
+  void delNodeportRuleList() override;
+
+  static const std::string EBPF_EGRESS_SESSION_TABLE;
+  static const std::string EBPF_INGRESS_SESSION_TABLE;
+  static const std::string EBPF_NPR_TABLE_MAP;
+
+  typedef std::tuple<uint16_t, L4ProtoEnum> NodeportKey;
+
+ private:
+  std::string internalSrcIp_;
+  uint32_t internalSrcIpNboInt_;
+  std::string nodeportRange_;
+  std::pair<uint16_t, uint16_t> nodeportRangeTuple_;
+
+  uint32_t nodeIpNboInt_;
+
+  std::unordered_map<NodeportKey, std::shared_ptr<NodeportRule>>
+      nodePortRuleMap_;
+
+  void reloadConfig();
+
+  std::shared_ptr<Ports> getFrontendPort();
+
+  std::shared_ptr<Ports> getBackendPort();
+};
diff --git a/src/services/pcn-k8sdispatcher/src/K8sdispatcher_dp.c b/src/services/pcn-k8sdispatcher/src/K8sdispatcher_dp.c
new file mode 100644
index 000000000..dc0569e8a
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/K8sdispatcher_dp.c
@@ -0,0 +1,521 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <uapi/linux/bpf.h>
+#include <uapi/linux/filter.h>
+#include <uapi/linux/icmp.h>
+#include <uapi/linux/if_arp.h>
+#include <uapi/linux/if_ether.h>
+#include <uapi/linux/if_packet.h>
+#include <uapi/linux/in.h>
+#include <uapi/linux/ip.h>
+#include <uapi/linux/pkt_cls.h>
+#include <uapi/linux/tcp.h>
+#include <uapi/linux/udp.h>
+
+#ifndef FRONTEND_PORT
+#define FRONTEND_PORT 0
+#endif
+
+#ifndef BACKEND_PORT
+#define BACKEND_PORT 0
+#endif
+
+#ifndef NODE_IP
+#define NODE_IP 0
+#endif
+
+#ifndef INTERNAL_SRC_IP
+#define INTERNAL_SRC_IP 0
+#endif
+
+#define SESSION_MAP_DIM 32768
+
+enum OPERATION_TYPE { OP_XLATE_SRC = 0, OP_XLATE_DST = 1 };
+
+enum ORIGINATING_RULE_TYPE { RULE_POD_TO_EXT = 0, RULE_NODEPORT_CLUSTER = 1 };
+
+enum EXTERNAL_TRAFFIC_POLICY_TYPE { ETP_LOCAL = 0, ETP_CLUSTER = 1 };
+
+enum SLOWPATH_REASON { REASON_ARP_REPLY = 0 };
+
+#define IP_CSUM_OFFSET (sizeof(struct eth_hdr) + offsetof(struct iphdr, check))
+#define UDP_CSUM_OFFSET                            \
+  (sizeof(struct eth_hdr) + sizeof(struct iphdr) + \
+   offsetof(struct udphdr, check))
+#define TCP_CSUM_OFFSET                            \
+  (sizeof(struct eth_hdr) + sizeof(struct iphdr) + \
+   offsetof(struct tcphdr, check))
+#define ICMP_CSUM_OFFSET                           \
+  (sizeof(struct eth_hdr) + sizeof(struct iphdr) + \
+   offsetof(struct icmphdr, checksum))
+#define IS_PSEUDO 0x10
+
+struct eth_hdr {
+  __be64 dst : 48;
+  __be64 src : 48;
+  __be16 proto;
+} __attribute__((packed));
+
+struct arp_hdr {
+  __be16 ar_hrd;        /* format of hardware address	*/
+  __be16 ar_pro;        /* format of protocol address	*/
+  unsigned char ar_hln; /* length of hardware address	*/
+  unsigned char ar_pln; /* length of protocol address	*/
+  __be16 ar_op;         /* ARP opcode (command)		*/
+  __be64 ar_sha : 48;   /* sender hardware address	*/
+  __be32 ar_sip;        /* sender IP address		*/
+  __be64 ar_tha : 48;   /* target hardware address	*/
+  __be32 ar_tip;        /* target IP address		*/
+} __attribute__((packed));
+
+// Session table
+struct st_k {
+  uint32_t src_ip;
+  uint32_t dst_ip;
+  uint16_t src_port;
+  uint16_t dst_port;
+  uint8_t proto;
+} __attribute__((packed));
+struct st_v {
+  uint32_t new_ip;
+  uint16_t new_port;
+  uint8_t operation;
+  uint8_t originating_rule;
+} __attribute__((packed));
+BPF_TABLE("lru_hash", struct st_k, struct st_v, egress_session_table,
+          SESSION_MAP_DIM);
+BPF_TABLE("lru_hash", struct st_k, struct st_v, ingress_session_table,
+          SESSION_MAP_DIM);
+
+// NodePort rules table
+struct nt_k {
+  uint16_t port;
+  uint8_t proto;
+} __attribute__((packed));
+;
+struct nt_v {
+  uint16_t external_traffic_policy;
+} __attribute__((packed));
+;
+
+BPF_F_TABLE("hash", struct nt_k, struct nt_v, npr_table, 1024,
+            BPF_F_NO_PREALLOC);
+
+// Port numbers
+struct free_port_entry {
+  uint16_t free_port;
+  struct bpf_spin_lock lock;
+};
+
+BPF_TABLE("array", uint32_t, struct free_port_entry, free_port_map, 1);
+
+static inline __be16 get_free_port() {
+  uint32_t key = 0;
+  uint16_t free_port = 0;
+  struct free_port_entry *entry = free_port_map.lookup(&key);
+  if (!entry) {  // never happen for array
+    return 0;
+  }
+  bpf_spin_lock(&entry->lock);
+  if (entry->free_port < 1024 || entry->free_port == 65535) {
+    entry->free_port = 1024;
+  }
+  free_port = entry->free_port;
+  entry->free_port++;
+  bpf_spin_unlock(&entry->lock);
+  return bpf_htons(free_port);
+}
+
+static int handle_rx(struct CTXTYPE *ctx, struct pkt_metadata *md) {
+  // Disable data plane if initialization has not been completed yet
+  if (FRONTEND_PORT == BACKEND_PORT) {
+    return RX_DROP;
+  }
+  // NAT processing happens in 4 steps:
+  // 1) packet parsing
+  // 2) session table lookup
+  // 3) rule lookup
+  // 4) packet modification
+
+  // 1) Parse packet
+  void *data = (void *)(long)ctx->data;
+  void *data_end = (void *)(long)ctx->data_end;
+
+  struct eth_hdr *eth = data;
+  if ((void *)(eth + 1) > data_end) {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped Ethernet pkt - (in_port: %d) (reason: inconsistent_size)",
+            md->in_port);
+    return RX_DROP;
+  }
+
+  switch (eth->proto) {
+  case htons(ETH_P_IP):
+    goto IP;  // ipv4 packet
+  case htons(ETH_P_ARP): {
+    goto ARP;  // ARP packet
+  }
+  default:
+    if (md->in_port == BACKEND_PORT) {
+      pcn_log(ctx, LOG_TRACE,
+              "Received unsupported pkt from BACKEND port: sent to stack - "
+              "(in_port: %d) (proto: 0x%x)",
+              md->in_port, bpf_htons(eth->proto));
+    } else {
+      pcn_log(ctx, LOG_TRACE,
+              "Received unsupported pkt from FRONTEND port: sent to stack - "
+              "(in_port: %d) (proto: 0x%x)",
+              md->in_port, bpf_htons(eth->proto));
+    }
+    return RX_OK;
+  }
+
+IP:;
+  struct iphdr *ip = (void *)(eth + 1);
+  if ((void *)(ip + 1) > data_end) {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped IP pkt - (in_port: %d) (reason: inconsistent_size)",
+            md->in_port);
+    return RX_DROP;
+  }
+
+  // check if ip dest is for this host
+  if (md->in_port == FRONTEND_PORT && ip->daddr != NODE_IP) {
+    pcn_log(ctx, LOG_TRACE,
+            "Pkt coming from FRONTEND port is not for host: sent to stack - "
+            "(in_port: %d) (dst_ip: %I)",
+            md->in_port, ip->daddr);
+    return RX_OK;
+  }
+
+  // Extract L3 packet data
+  uint32_t src_ip = ip->saddr;
+  uint32_t dst_ip = ip->daddr;
+  uint8_t proto = ip->protocol;
+
+  // Extract L4 segment data
+  uint16_t src_port = 0, dst_port = 0;
+  // The following pointers are used to update a TCP port, a UDP port or the
+  // ICMP echo id in the same way regardless the l4 protocol; same for the
+  // checksum offset
+  uint16_t *src_port_ptr = NULL, *dst_port_ptr = NULL;
+  int l4_csum_offset = 0;
+
+  switch (ip->protocol) {
+  case IPPROTO_TCP: {
+    struct tcphdr *tcp = (void *)(ip + 1);
+    if ((void *)(tcp + 1) > data_end) {
+      pcn_log(ctx, LOG_TRACE,
+              "Dropped TCP pkt - (in_port: %d) (reason: inconsistent_size)",
+              md->in_port);
+      return RX_DROP;
+    }
+
+    src_port = tcp->source;
+    dst_port = tcp->dest;
+    src_port_ptr = &tcp->source;
+    dst_port_ptr = &tcp->dest;
+    l4_csum_offset = TCP_CSUM_OFFSET;
+    break;
+  }
+  case IPPROTO_UDP: {
+    struct udphdr *udp = (void *)(ip + 1);
+    if ((void *)(udp + 1) > data_end) {
+      pcn_log(ctx, LOG_TRACE,
+              "Dropped UDP pkt - (in_port: %d) (reason: inconsistent_size)",
+              md->in_port);
+      return RX_DROP;
+    }
+
+    src_port = udp->source;
+    dst_port = udp->dest;
+    src_port_ptr = &udp->source;
+    dst_port_ptr = &udp->dest;
+    l4_csum_offset = UDP_CSUM_OFFSET;
+    break;
+  }
+  case IPPROTO_ICMP: {
+    struct icmphdr *icmp = (void *)(ip + 1);
+    if ((void *)(icmp + 1) > data_end) {
+      pcn_log(ctx, LOG_TRACE,
+              "Dropped ICMP pkt - (in_port: %d) (reason: inconsistent_size)",
+              md->in_port);
+      return RX_DROP;
+    }
+
+    // Consider the ICMP ID as a "port" number for easier handling
+    src_port = icmp->un.echo.id;
+    dst_port = icmp->un.echo.id;
+    src_port_ptr = &icmp->un.echo.id;
+    dst_port_ptr = &icmp->un.echo.id;
+    l4_csum_offset = ICMP_CSUM_OFFSET;
+    break;
+  }
+  default: {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped IP pkt - (in_port: %d) (reason: unsupported_type) "
+            "(ip_proto: %d)",
+            md->in_port, ip->protocol);
+    return RX_DROP;
+  }
+  }
+
+  // 2) Packet parsed, start session table lookup
+  // NAT data
+  uint32_t new_ip = 0;
+  uint16_t new_port = 0;
+  uint8_t operation = 0;
+  struct st_k session_key = {.src_ip = src_ip,
+                             .dst_ip = dst_ip,
+                             .src_port = src_port,
+                             .dst_port = dst_port,
+                             .proto = proto};
+  struct st_v *session_entry = (md->in_port == BACKEND_PORT)
+                                   ? egress_session_table.lookup(&session_key)
+                                   : ingress_session_table.lookup(&session_key);
+  if (session_entry) {
+    // Extract NAT data
+    new_ip = session_entry->new_ip;
+    new_port = session_entry->new_port;
+    operation = session_entry->operation;
+    goto APPLY_NAT;
+  }
+
+  uint8_t originating_rule = 0;
+
+  // 3) Session table miss, start rule lookup
+  if (md->in_port == BACKEND_PORT) {  // inside -> outside
+    // Check egress rules
+
+    // Rule: RESP_NP_LOCAL
+    // Response for a NodePort Svc with externalTrafficPolicy=LOCAL => FORWARD
+    if (src_ip == NODE_IP) {
+      pcn_log(ctx, LOG_TRACE,
+              "Matched egress rule RESP_NP_LOCAL: redirected pkt as is to "
+              "FRONTEND port - (src: %I:%P, dst: %I:%P)",
+              src_ip, src_port, dst_ip, dst_port);
+      return pcn_pkt_redirect(ctx, md, FRONTEND_PORT);
+    }
+
+    // Rule: POD_TO_EXT
+    // A Pod want to reach the external world => SNAT
+    new_ip = NODE_IP;
+    new_port = get_free_port();
+    operation = OP_XLATE_SRC;
+    originating_rule = RULE_POD_TO_EXT;
+    pcn_log(ctx, LOG_TRACE,
+            "Matched egress rule POD_TO_EXT: chosen SNAT - (src: %I:%P, dst: "
+            "%I:%P)",
+            src_ip, src_port, dst_ip, dst_port);
+  } else {  // outside -> inside
+    // Check ingress rules
+
+    struct nt_k npr_key = {.port = dst_port, .proto = proto};
+    struct nt_v *npr_value = npr_table.lookup(&npr_key);
+
+    // Incoming packet doesn't match any NodePort rule => stack
+    if (npr_value == NULL) {
+      pcn_log(ctx, LOG_TRACE,
+              "No ingress rule match: sent to stack - (src: %I:%P, dst: %I:%P)",
+              src_ip, src_port, dst_ip, dst_port);
+      return RX_OK;
+    }
+
+    // Rule: REQ_NP_LOCAL
+    // Request for a NodePort Svc with externalTrafficPolicy=LOCAL => FORWARD
+    if (npr_value->external_traffic_policy == ETP_LOCAL) {
+      pcn_log(ctx, LOG_TRACE,
+              "Matched ingress rule REQ_NP_LOCAL: redirected pkt as is to "
+              "BACKEND port - (src: %I:%P, dst: %I:%P)",
+              src_ip, src_port, dst_ip, dst_port);
+      return pcn_pkt_redirect(ctx, md, BACKEND_PORT);
+    }
+
+    // Rule: REQ_NP_CLUSTER
+    // Request for a NodePort Svc with externalTrafficPolicy=CLUSTER => SNAT
+    new_ip = INTERNAL_SRC_IP;
+    new_port = get_free_port();
+    operation = OP_XLATE_SRC;
+    originating_rule = RULE_NODEPORT_CLUSTER;
+
+    pcn_log(
+        ctx, LOG_TRACE,
+        "Matched egress rule REQ_NP_CLUSTER: chosen SNAT - (src: %I:%P, dst: "
+        "%I:%P)",
+        src_ip, src_port, dst_ip, dst_port);
+  }
+
+  // No session table exist for the packet but a rule matched, so both sessions
+  // tables must be updated. In the following, the forward table is intended
+  // to be the table that handles the sessions in the same direction of the
+  // actual packet; similarly, the reverse table is intended to be
+  // the table that handles the sessions in the opposite direction of the
+  // actual packet. Example:
+  // packet coming from the BACKEND port
+  // - forward table = egress session table
+  // - reverse table = ingress session table
+
+  // Regardless the type of NAT, the forward table key always match the original
+  // packet quintuple data. Moreover, the forward table value always stores
+  // the new ip, the new port and the same kind of operation that will be
+  // applied on the actual packet. The originating rule is determined during
+  // the rules scan
+  struct st_k forward_key = {.src_ip = src_ip,
+                             .dst_ip = dst_ip,
+                             .src_port = src_port,
+                             .dst_port = dst_port,
+                             .proto = proto};
+  struct st_v forward_value = {.new_ip = new_ip,
+                               .new_port = new_port,
+                               .operation = operation,
+                               .originating_rule = originating_rule};
+
+  // The reverse table key and value depend on the kind of operation that will
+  // be applied on the actual packet
+  struct st_k reverse_key = {0, 0, 0, 0, 0};
+  struct st_v reverse_value = {0, 0};
+
+  if (operation == OP_XLATE_SRC) {
+    reverse_key.src_ip = dst_ip;
+    reverse_key.dst_ip = new_ip;
+    // During the NAT operation, the ICMP ID will be replaced with the value
+    // of "new port": this means that for the reverse traffic, the session will
+    // be identified by a packet having both "source port" and "destination port"
+    // equal to "new port"
+    reverse_key.src_port = (proto == IPPROTO_ICMP) ? new_port : dst_port;
+    reverse_key.dst_port = new_port;
+
+    reverse_value.new_ip = src_ip;
+    reverse_value.new_port = src_port;
+    reverse_value.operation = OP_XLATE_DST;
+  } else {
+    reverse_key.src_ip = new_ip;
+    reverse_key.dst_ip = src_ip;
+    reverse_key.src_port = new_port;
+    // During the NAT operation, the ICMP ID will be replaced with the value
+    // of "new port": this means that for the reverse traffic, the session will
+    // be identified by a packet having both "source port" and "destination port"
+    // equal to "new port"
+    reverse_key.dst_port = (proto == IPPROTO_ICMP) ? new_port : src_port;
+
+    reverse_value.new_ip = dst_ip;
+    reverse_value.new_port = dst_port;
+    reverse_value.operation = OP_XLATE_SRC;
+  }
+  // The protocol type in the reverse table key and the originating rule type
+  // in the reverse table value do not depend on the operation applied on the
+  // actual packet
+  reverse_key.proto = proto;
+  reverse_value.originating_rule = originating_rule;
+
+  if (md->in_port == BACKEND_PORT) {
+    egress_session_table.update(&forward_key, &forward_value);
+    ingress_session_table.update(&reverse_key, &reverse_value);
+  } else {
+    ingress_session_table.update(&forward_key, &forward_value);
+    egress_session_table.update(&reverse_key, &reverse_value);
+  }
+
+  pcn_log(ctx, LOG_TRACE, "Created new session - (src: %I:%P, dst: %I:%P)",
+          src_ip, src_port, dst_ip, dst_port);
+
+APPLY_NAT:;
+  // Save old values in order to update checksums after the NAT is applied
+  uint32_t old_ip;
+  uint16_t old_port;
+  if (operation == OP_XLATE_SRC) {
+    old_ip = src_ip;
+    old_port = src_port;
+    ip->saddr = new_ip;
+    *src_port_ptr = new_port;
+    pcn_log(ctx, LOG_TRACE, "Applied SNAT - (src: %I:%P, new_src: %I:%P)",
+            old_ip, old_port, new_ip, new_port);
+  } else {
+    old_ip = dst_ip;
+    old_port = dst_port;
+    ip->daddr = new_ip;
+    *dst_port_ptr = new_port;
+    pcn_log(ctx, LOG_TRACE, "Applied DNAT - (dst: %I:%P, new_dst: %I:%P)",
+            old_ip, old_port, new_ip, new_port);
+  }
+
+  // Update checksums
+  if (proto != IPPROTO_ICMP) {  // only for UDP and TCP
+    pcn_l4_csum_replace(ctx, l4_csum_offset, old_ip, new_ip, IS_PSEUDO | 4);
+  }
+  pcn_l4_csum_replace(ctx, l4_csum_offset, old_port, new_port, 2);
+  pcn_l3_csum_replace(ctx, IP_CSUM_OFFSET, old_ip, new_ip, 4);
+
+  // Session tables have been updated (if needed)
+  // The packet has been modified (if needed)
+  // Nothing more to do, forward the packet
+  return pcn_pkt_redirect(
+      ctx, md, md->in_port == BACKEND_PORT ? FRONTEND_PORT : BACKEND_PORT);
+
+ARP:;
+  struct arp_hdr *arp = (void *)(eth + 1);
+  if ((void *)(arp + 1) > data_end) {
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped ARP pkt - (in_port: %d) (reason: inconsistent_size)",
+            md->in_port);
+    return RX_DROP;
+  }
+
+  if (md->in_port == BACKEND_PORT) {  // inside -> outside
+    // If a packet coming from the backend port
+    // - is an ARP request => it is sent to the frontend port
+    // - otherwise it is dropped
+    if (arp->ar_op == bpf_htons(ARPOP_REQUEST)) {
+      pcn_log(ctx, LOG_TRACE,
+              "Received ARP request pkt from BACKEND port: redirected to "
+              "FRONTEND port - (in_port: %d) (out_port: %d)",
+              md->in_port, FRONTEND_PORT);
+      return pcn_pkt_redirect(ctx, md, FRONTEND_PORT);
+    }
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped non-request ARP pkt coming from BACKEND port - (in_port: "
+            "%d) (arp_opcode: %d)",
+            md->in_port, bpf_htons(arp->ar_op));
+  } else {  // outside -> inside
+    // If a packet coming from the frontend port
+    // - is an ARP request => it is sent to the stack
+    // - is an ARP reply => a copy is sent to the slowpath and the original one
+    // to the stack
+    // - otherwise it is dropped
+    if (arp->ar_op == bpf_ntohs(ARPOP_REQUEST)) {
+      pcn_log(ctx, LOG_TRACE,
+              "Received ARP request pkt from FRONTEND port: sent to the stack "
+              "- (in_port: %d)",
+              md->in_port);
+      return RX_OK;
+    } else if (arp->ar_op == bpf_htons(ARPOP_REPLY)) {
+      pcn_log(ctx, LOG_TRACE,
+              "Received ARP reply pkt from FRONTEND port: sent a copy to "
+              "slow path and a copy to the stack - (in_port: %d)",
+              md->in_port);
+      // a copy is sent to the backend port through the slowpath and a copy is
+      // sent to the stack
+      pcn_pkt_controller(ctx, md, REASON_ARP_REPLY);
+      return RX_OK;
+    }
+    pcn_log(ctx, LOG_TRACE,
+            "Dropped non-reply ARP pkt coming from FRONTEND port - (in_port: "
+            "%d) (arp_opcode: %d)",
+            md->in_port, bpf_htons(arp->ar_op));
+  }
+  return RX_DROP;
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/NodeportRule.cpp b/src/services/pcn-k8sdispatcher/src/NodeportRule.cpp
new file mode 100644
index 000000000..c0e7eaa99
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/NodeportRule.cpp
@@ -0,0 +1,99 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "NodeportRule.h"
+
+#include "K8sdispatcher.h"
+#include "Utils.h"
+
+NodeportRule::NodeportRule(K8sdispatcher &parent,
+                           const NodeportRuleJsonObject &conf)
+    : NodeportRuleBase(parent),
+      parent_{parent},
+      nodeportPort_{conf.nodeportPortIsSet()
+                        ? conf.getNodeportPort()
+                        : throw std::runtime_error{"NodePort rule port"
+                                                   "must be provided"}},
+      proto_{
+          conf.protoIsSet()
+              ? conf.getProto()
+              : throw std::
+                    runtime_error{"NodePort rule protocol must be provided"}},
+      externalTrafficPolicy_{
+          conf.externalTrafficPolicyIsSet()
+              ? conf.getExternalTrafficPolicy()
+              : NodeportRuleExternalTrafficPolicyEnum::CLUSTER},
+      ruleName_{conf.getRuleName()} {
+  logger()->info("Creating NodeportRule instance");
+  if (this->proto_ == L4ProtoEnum::ICMP) {
+    throw std::runtime_error{"NodePort rule protocol cannot be ICMP"};
+  }
+}
+
+NodeportRule::~NodeportRule() {
+  logger()->info("Destroying NodeportRule instance");
+}
+
+uint16_t NodeportRule::getNodeportPort() {
+  return this->nodeportPort_;
+}
+
+L4ProtoEnum NodeportRule::getProto() {
+  return this->proto_;
+}
+
+NodeportRuleExternalTrafficPolicyEnum NodeportRule::getExternalTrafficPolicy() {
+  return this->externalTrafficPolicy_;
+}
+
+void NodeportRule::setExternalTrafficPolicy(
+    const NodeportRuleExternalTrafficPolicyEnum &value) {
+  logger()->trace(
+      "Received a request to update NodePort rule external traffic policy");
+  try {
+    logger()->trace("Retrieving NodePort rules kernel map");
+    auto npr_table = this->parent_.get_hash_table<struct nt_k, struct nt_v>(
+        K8sdispatcher::EBPF_NPR_TABLE_MAP);
+    logger()->trace("Retrieved NodePort rules kernel map");
+
+    struct nt_k npr_key {
+      .port = htons(this->nodeportPort_),
+      .proto = utils::L4ProtoEnum_to_int(this->proto_),
+    };
+    struct nt_v npr_value {
+      .external_traffic_policy =
+          utils::NodeportRuleExternalTrafficPolicyEnum_to_int(value)
+    };
+
+    logger()->trace(
+        "Updating NodePort rule external traffic policy in NodePort rules "
+        "kernel map");
+    npr_table.set(npr_key, npr_value);
+    this->externalTrafficPolicy_ = value;
+    logger()->trace(
+        "Updated NodePort rule external traffic policy in NodePort rules "
+        "kernel map");
+  } catch (std::exception &ex) {
+    logger()->error("Failed to update NodePort rule in kernel map: {}",
+                    ex.what());
+    throw std::runtime_error("Failed to update NodePort rule in kernel map");
+  }
+  logger()->trace("Updated NodePort rule external traffic policy");
+}
+
+std::string NodeportRule::getRuleName() {
+  return this->ruleName_;
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/NodeportRule.h b/src/services/pcn-k8sdispatcher/src/NodeportRule.h
new file mode 100644
index 000000000..4233c213a
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/NodeportRule.h
@@ -0,0 +1,59 @@
+/*
+* Copyright 2022 The Polycube Authors
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+ */
+
+#pragma once
+
+#include "../base/NodeportRuleBase.h"
+
+class K8sdispatcher;
+
+using namespace polycube::service::model;
+
+class NodeportRule : public NodeportRuleBase {
+ public:
+  NodeportRule(K8sdispatcher &parent, const NodeportRuleJsonObject &conf);
+  virtual ~NodeportRule();
+
+  /// <summary>
+  /// NodePort rule nodeport port number
+  /// </summary>
+  uint16_t getNodeportPort() override;
+
+  /// <summary>
+  /// NodePort rule L4 protocol
+  /// </summary>
+  L4ProtoEnum getProto() override;
+
+  /// <summary>
+  /// The external traffic policy of the Kubernetes NodePort Service
+  /// </summary>
+  NodeportRuleExternalTrafficPolicyEnum getExternalTrafficPolicy() override;
+  void setExternalTrafficPolicy(const NodeportRuleExternalTrafficPolicyEnum &value) override;
+
+  /// <summary>
+  /// An optional name for the NodePort rule
+  /// </summary>
+  std::string getRuleName() override;
+
+ private:
+  K8sdispatcher& parent_;
+
+  uint16_t nodeportPort_;
+  L4ProtoEnum proto_;
+
+  NodeportRuleExternalTrafficPolicyEnum externalTrafficPolicy_;
+  std::string ruleName_;
+};
diff --git a/src/services/pcn-k8sdispatcher/src/Ports.cpp b/src/services/pcn-k8sdispatcher/src/Ports.cpp
new file mode 100644
index 000000000..6d7e402f9
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/Ports.cpp
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "Ports.h"
+#include "K8sdispatcher.h"
+#include "Utils.h"
+
+
+Ports::Ports(polycube::service::Cube<Ports> &parent,
+             std::shared_ptr<polycube::service::PortIface> port,
+             const PortsJsonObject &conf)
+    : PortsBase(parent, port), type_{conf.getType()} {
+  logger()->info("Creating Ports instance");
+  auto ipIsSet = conf.ipIsSet();
+  if (this->type_ == PortsTypeEnum::FRONTEND) {
+    if (!ipIsSet) {
+      throw std::runtime_error(
+          "The IP address is mandatory for a FRONTEND port");
+    }
+
+    auto ip = conf.getIp();
+    if (!utils::is_valid_ipv4_str(ip)) {
+      throw std::runtime_error{"Invalid IPv4 address"};
+    }
+    this->ip_ = ip;
+  } else {
+    if (ipIsSet) {
+      throw std::runtime_error(
+          "The IP address in not allowed for a BACKEND port");
+    }
+  }
+}
+
+Ports::~Ports() {
+  logger()->info("Destroying Ports instance");
+}
+
+PortsTypeEnum Ports::getType() {
+  return this->type_;
+}
+
+std::string Ports::getIp() {
+  return this->ip_;
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/Ports.h b/src/services/pcn-k8sdispatcher/src/Ports.h
new file mode 100644
index 000000000..5383a7cd2
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/Ports.h
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include "../base/PortsBase.h"
+
+class K8sdispatcher;
+
+using namespace polycube::service::model;
+
+class Ports : public PortsBase {
+ public:
+  Ports(polycube::service::Cube<Ports> &parent,
+        std::shared_ptr<polycube::service::PortIface> port,
+        const PortsJsonObject &conf);
+  virtual ~Ports();
+
+  /// <summary>
+  /// Type of the K8s Dispatcher cube port (e.g. BACKEND or FRONTEND)
+  /// </summary>
+  PortsTypeEnum getType() override;
+
+  /// <summary>
+  /// IP address of the node interface (only for FRONTEND port)
+  /// </summary>
+  std::string getIp() override;
+
+ private:
+  PortsTypeEnum type_;
+  std::string ip_;
+};
diff --git a/src/services/pcn-k8sdispatcher/src/SessionRule.cpp b/src/services/pcn-k8sdispatcher/src/SessionRule.cpp
new file mode 100644
index 000000000..4d011a5ec
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/SessionRule.cpp
@@ -0,0 +1,106 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "SessionRule.h"
+#include "K8sdispatcher.h"
+#include "Utils.h"
+
+SessionRule::SessionRule(K8sdispatcher &parent,
+                         const SessionRuleJsonObject &conf)
+    : SessionRule{parent,
+                  conf.getDirection(),
+                  conf.getSrcIp(),
+                  conf.getDstIp(),
+                  conf.getSrcPort(),
+                  conf.getDstPort(),
+                  conf.getProto(),
+                  conf.getNewIp(),
+                  conf.getNewPort(),
+                  conf.getOperation(),
+                  conf.getOriginatingRule()} {}
+
+SessionRule::SessionRule(K8sdispatcher &parent,
+                         SessionRuleDirectionEnum direction, std::string srcIp,
+                         std::string dstIp, uint16_t srcPort, uint16_t dstPort,
+                         L4ProtoEnum proto, std::string newIp, uint16_t newPort,
+                         SessionRuleOperationEnum operation,
+                         SessionRuleOriginatingRuleEnum originatingRule)
+    : SessionRuleBase(parent),
+      direction_{direction},
+      srcIp_{srcIp},
+      dstIp_{dstIp},
+      srcPort_{srcPort},
+      dstPort_{dstPort},
+      proto_{proto},
+      newIp_{newIp},
+      newPort_{newPort},
+      operation_{operation},
+      originatingRule_{originatingRule} {
+  logger()->info("Creating SessionRule instance");
+  if (!utils::is_valid_ipv4_str(srcIp)) {
+    throw std::runtime_error{"Invalid source IPv4 address"};
+  }
+  if (!utils::is_valid_ipv4_str(dstIp)) {
+    throw std::runtime_error{"Invalid destination IPv4 address"};
+  }
+  if (!utils::is_valid_ipv4_str(newIp)) {
+    throw std::runtime_error{"Invalid new IPv4 address"};
+  }
+}
+
+SessionRule::~SessionRule() {
+  logger()->info("Destroying SessionRule instance");
+}
+
+SessionRuleDirectionEnum SessionRule::getDirection() {
+  return this->direction_;
+}
+
+std::string SessionRule::getSrcIp() {
+  return this->srcIp_;
+}
+
+std::string SessionRule::getDstIp() {
+  return this->dstIp_;
+}
+
+uint16_t SessionRule::getSrcPort() {
+  return this->srcPort_;
+}
+
+uint16_t SessionRule::getDstPort() {
+  return this->dstPort_;
+}
+
+L4ProtoEnum SessionRule::getProto() {
+  return this->proto_;
+}
+
+std::string SessionRule::getNewIp() {
+  return this->newIp_;
+}
+
+uint16_t SessionRule::getNewPort() {
+  return this->newPort_;
+}
+
+SessionRuleOperationEnum SessionRule::getOperation() {
+  return this->operation_;
+}
+
+SessionRuleOriginatingRuleEnum SessionRule::getOriginatingRule() {
+  return this->originatingRule_;
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/SessionRule.h b/src/services/pcn-k8sdispatcher/src/SessionRule.h
new file mode 100644
index 000000000..f25b44fed
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/SessionRule.h
@@ -0,0 +1,111 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include "../base/SessionRuleBase.h"
+
+struct st_k {
+  uint32_t src_ip;
+  uint32_t dst_ip;
+  uint16_t src_port;
+  uint16_t dst_port;
+  uint8_t proto;
+} __attribute__((packed));
+struct st_v {
+  uint32_t new_ip;
+  uint16_t new_port;
+  uint8_t operation;
+  uint8_t originating_rule;
+} __attribute__((packed));
+
+class K8sdispatcher;
+
+using namespace polycube::service::model;
+
+class SessionRule : public SessionRuleBase {
+ public:
+  SessionRule(K8sdispatcher &parent, const SessionRuleJsonObject &conf);
+  SessionRule(K8sdispatcher &parent, SessionRuleDirectionEnum direction,
+              std::string srcIp, std::string dstIp, uint16_t srcPort,
+              uint16_t dstPort, L4ProtoEnum proto, std::string newIp,
+              uint16_t newPort, SessionRuleOperationEnum operation,
+              SessionRuleOriginatingRuleEnum originatingRule);
+  virtual ~SessionRule();
+
+  /// <summary>
+  /// Session entry direction (e.g. INGRESS or EGRESS)
+  /// </summary>
+  SessionRuleDirectionEnum getDirection() override;
+
+  /// <summary>
+  /// Session entry source IP address
+  /// </summary>
+  std::string getSrcIp() override;
+
+  /// <summary>
+  /// Session entry destination IP address
+  /// </summary>
+  std::string getDstIp() override;
+
+  /// <summary>
+  /// Session entry source L4 port number
+  /// </summary>
+  uint16_t getSrcPort() override;
+
+  /// <summary>
+  /// Session entry destination L4 port number
+  /// </summary>
+  uint16_t getDstPort() override;
+
+  /// <summary>
+  /// Session entry L4 protocol
+  /// </summary>
+  L4ProtoEnum getProto() override;
+
+  /// <summary>
+  /// Translated IP address
+  /// </summary>
+  std::string getNewIp() override;
+
+  /// <summary>
+  /// Translated L4 port number
+  /// </summary>
+  uint16_t getNewPort() override;
+
+  /// <summary>
+  /// Operation applied on the original packet
+  /// </summary>
+  SessionRuleOperationEnum getOperation() override;
+
+  /// <summary>
+  /// Rule originating the session entry
+  /// </summary>
+  SessionRuleOriginatingRuleEnum getOriginatingRule() override;
+
+ private:
+  SessionRuleDirectionEnum direction_;
+  std::string srcIp_;
+  std::string dstIp_;
+  uint16_t srcPort_;
+  uint16_t dstPort_;
+  L4ProtoEnum proto_;
+
+  std::string newIp_;
+  uint16_t newPort_;
+  SessionRuleOperationEnum operation_;
+  SessionRuleOriginatingRuleEnum originatingRule_;
+};
diff --git a/src/services/pcn-k8sdispatcher/src/Utils.cpp b/src/services/pcn-k8sdispatcher/src/Utils.cpp
new file mode 100644
index 000000000..ad0ef2a60
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/Utils.cpp
@@ -0,0 +1,129 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "Utils.h"
+
+#include "base/K8sdispatcherBase.h"
+
+uint8_t utils::L4ProtoEnum_to_int(L4ProtoEnum proto) {
+  switch (proto) {
+  case L4ProtoEnum::TCP:
+    return 6;
+  case L4ProtoEnum::UDP:
+    return 17;
+  case L4ProtoEnum::ICMP:
+    return 1;
+  default:
+    throw std::runtime_error("Bad proto");
+  }
+}
+
+L4ProtoEnum utils::int_to_L4ProtoEnum(uint8_t proto) {
+  switch (proto) {
+  case 6:
+    return L4ProtoEnum::TCP;
+  case 17:
+    return L4ProtoEnum::UDP;
+  case 1:
+    return L4ProtoEnum::ICMP;
+  default:
+    throw std::runtime_error("Bad proto number");
+  }
+}
+
+uint8_t utils::SessionRuleOperationEnum_to_int(
+    SessionRuleOperationEnum operation) {
+  switch (operation) {
+  case SessionRuleOperationEnum::XLATE_SRC:
+    return 0;
+  case SessionRuleOperationEnum::XLATE_DST:
+    return 1;
+  default:
+    throw std::runtime_error("Bad operation");
+  }
+}
+
+SessionRuleOperationEnum utils::int_to_SessionRuleOperationEnum(
+    const uint8_t operation) {
+  switch (operation) {
+  case 0:
+    return SessionRuleOperationEnum::XLATE_SRC;
+  case 1:
+    return SessionRuleOperationEnum::XLATE_DST;
+  default:
+    throw std::runtime_error("Bad operation number");
+  }
+}
+
+uint8_t utils::SessionRuleOriginatingRuleEnum_to_int(
+    SessionRuleOriginatingRuleEnum originatingRule) {
+  switch (originatingRule) {
+  case SessionRuleOriginatingRuleEnum::POD_TO_EXT:
+    return 0;
+  case SessionRuleOriginatingRuleEnum::NODEPORT_CLUSTER:
+    return 1;
+  default:
+    throw std::runtime_error("Bad originating rule");
+  }
+}
+
+SessionRuleOriginatingRuleEnum utils::int_to_SessionRuleOriginatingRuleEnum(
+    const uint8_t originatingRule) {
+  switch (originatingRule) {
+  case 0:
+    return SessionRuleOriginatingRuleEnum::POD_TO_EXT;
+  case 1:
+    return SessionRuleOriginatingRuleEnum::NODEPORT_CLUSTER;
+  default:
+    throw std::runtime_error("Bad originating rule number");
+  }
+}
+
+uint8_t utils::NodeportRuleExternalTrafficPolicyEnum_to_int(
+    NodeportRuleExternalTrafficPolicyEnum externalTrafficPolicy) {
+  switch (externalTrafficPolicy) {
+  case NodeportRuleExternalTrafficPolicyEnum::LOCAL:
+    return 0;
+  case NodeportRuleExternalTrafficPolicyEnum::CLUSTER:
+    return 1;
+  default:
+    throw std::runtime_error("Bad external traffic policy");
+  }
+}
+
+NodeportRuleExternalTrafficPolicyEnum
+utils::int_to_NodeportRuleExternalTrafficPolicyEnum(
+    const uint8_t externalTrafficPolicy) {
+  switch (externalTrafficPolicy) {
+  case 0:
+    return NodeportRuleExternalTrafficPolicyEnum::LOCAL;
+  case 1:
+    return NodeportRuleExternalTrafficPolicyEnum::CLUSTER;
+  default:
+    throw std::runtime_error("Bad external traffic policy number");
+  }
+}
+
+bool utils::is_valid_ipv4_str(std::string const &ip) {
+  try {
+    // if the provided IPv4 address is not valid, the following call
+    // will throw and exception
+    polycube::service::utils::ip_string_to_nbo_uint(ip);
+    return true;
+  } catch (...) {
+    return false;
+  }
+}
\ No newline at end of file
diff --git a/src/services/pcn-k8sdispatcher/src/Utils.h b/src/services/pcn-k8sdispatcher/src/Utils.h
new file mode 100644
index 000000000..7fc180cc0
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/Utils.h
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2022 The Polycube Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef POLYCUBE_UTILS_H
+#define POLYCUBE_UTILS_H
+
+#include "base/NodeportRuleBase.h"
+#include "base/SessionRuleBase.h"
+
+namespace utils {
+// conversion functions
+uint8_t L4ProtoEnum_to_int(L4ProtoEnum proto);
+L4ProtoEnum int_to_L4ProtoEnum(const uint8_t proto);
+
+uint8_t SessionRuleOperationEnum_to_int(SessionRuleOperationEnum operation);
+SessionRuleOperationEnum int_to_SessionRuleOperationEnum(
+    const uint8_t operation);
+
+uint8_t SessionRuleOriginatingRuleEnum_to_int(
+    SessionRuleOriginatingRuleEnum originatingRule);
+SessionRuleOriginatingRuleEnum int_to_SessionRuleOriginatingRuleEnum(
+    const uint8_t originatingRule);
+
+uint8_t NodeportRuleExternalTrafficPolicyEnum_to_int(
+    NodeportRuleExternalTrafficPolicyEnum externalTrafficPolicy);
+NodeportRuleExternalTrafficPolicyEnum
+int_to_NodeportRuleExternalTrafficPolicyEnum(
+    const uint8_t externalTrafficPolicy);
+
+// helper functions
+bool is_valid_ipv4_str(std::string const &ip);
+
+}  // namespace utils
+
+#endif  // POLYCUBE_UTILS_H
diff --git a/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.cpp b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.cpp
new file mode 100644
index 000000000..be5e216c4
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.cpp
@@ -0,0 +1,1271 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+#include "K8sdispatcherApi.h"
+#include "K8sdispatcherApiImpl.h"
+
+using namespace polycube::service::model;
+using namespace polycube::service::api::K8sdispatcherApiImpl;
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+Response create_k8sdispatcher_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    K8sdispatcherJsonObject unique_value { request_body };
+
+    unique_value.setName(unique_name);
+    create_k8sdispatcher_by_id(unique_name, unique_value);
+    return { kCreated, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response create_k8sdispatcher_nodeport_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    NodeportRuleJsonObject unique_value { request_body };
+
+    unique_value.setNodeportPort(unique_nodeportPort);
+    unique_value.setProto(unique_proto_);
+    create_k8sdispatcher_nodeport_rule_by_id(unique_name, unique_nodeportPort, unique_proto_, unique_value);
+    return { kCreated, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response create_k8sdispatcher_nodeport_rule_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  // Getting the body param
+  std::vector<NodeportRuleJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<NodeportRuleJsonObject> unique_value;
+    for (auto &j : request_body) {
+      NodeportRuleJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    create_k8sdispatcher_nodeport_rule_list_by_id(unique_name, unique_value);
+    return { kCreated, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response create_k8sdispatcher_ports_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    PortsJsonObject unique_value { request_body };
+
+    unique_value.setName(unique_portsName);
+    create_k8sdispatcher_ports_by_id(unique_name, unique_portsName, unique_value);
+    return { kCreated, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response create_k8sdispatcher_ports_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  // Getting the body param
+  std::vector<PortsJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<PortsJsonObject> unique_value;
+    for (auto &j : request_body) {
+      PortsJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    create_k8sdispatcher_ports_list_by_id(unique_name, unique_value);
+    return { kCreated, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response delete_k8sdispatcher_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    delete_k8sdispatcher_by_id(unique_name);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response delete_k8sdispatcher_nodeport_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+    delete_k8sdispatcher_nodeport_rule_by_id(unique_name, unique_nodeportPort, unique_proto_);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response delete_k8sdispatcher_nodeport_rule_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    delete_k8sdispatcher_nodeport_rule_list_by_id(unique_name);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response delete_k8sdispatcher_ports_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+    delete_k8sdispatcher_ports_by_id(unique_name, unique_portsName);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response delete_k8sdispatcher_ports_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    delete_k8sdispatcher_ports_list_by_id(unique_name);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+
+    auto x = read_k8sdispatcher_by_id(unique_name);
+    nlohmann::json response_body;
+    response_body = x.toJson();
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_internal_src_ip_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+
+    auto x = read_k8sdispatcher_internal_src_ip_by_id(unique_name);
+    nlohmann::json response_body;
+    response_body = x;
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+
+
+  try {
+
+    auto x = read_k8sdispatcher_list_by_id();
+    nlohmann::json response_body;
+    for (auto &i : x) {
+      response_body += i.toJson();
+    }
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_nodeport_range_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+
+    auto x = read_k8sdispatcher_nodeport_range_by_id(unique_name);
+    nlohmann::json response_body;
+    response_body = x;
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_nodeport_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_nodeport_rule_by_id(unique_name, unique_nodeportPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = x.toJson();
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id(unique_name, unique_nodeportPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = NodeportRuleJsonObject::NodeportRuleExternalTrafficPolicyEnum_to_string(x);
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_nodeport_rule_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+
+    auto x = read_k8sdispatcher_nodeport_rule_list_by_id(unique_name);
+    nlohmann::json response_body;
+    for (auto &i : x) {
+      response_body += i.toJson();
+    }
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_nodeport_rule_rule_name_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_nodeport_rule_rule_name_by_id(unique_name, unique_nodeportPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = x;
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_ports_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+
+    auto x = read_k8sdispatcher_ports_by_id(unique_name, unique_portsName);
+    nlohmann::json response_body;
+    response_body = x.toJson();
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_ports_ip_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+
+    auto x = read_k8sdispatcher_ports_ip_by_id(unique_name, unique_portsName);
+    nlohmann::json response_body;
+    response_body = x;
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_ports_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+
+    auto x = read_k8sdispatcher_ports_list_by_id(unique_name);
+    nlohmann::json response_body;
+    for (auto &i : x) {
+      response_body += i.toJson();
+    }
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_ports_type_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+
+    auto x = read_k8sdispatcher_ports_type_by_id(unique_name, unique_portsName);
+    nlohmann::json response_body;
+    response_body = PortsJsonObject::PortsTypeEnum_to_string(x);
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_session_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_direction;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "direction")) {
+      unique_direction = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_direction_ = SessionRuleJsonObject::string_to_SessionRuleDirectionEnum(unique_direction);
+
+  std::string unique_srcIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-ip")) {
+      unique_srcIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  std::string unique_dstIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-ip")) {
+      unique_dstIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  uint16_t unique_srcPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-port")) {
+      unique_srcPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  uint16_t unique_dstPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-port")) {
+      unique_dstPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = SessionRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_session_rule_by_id(unique_name, unique_direction_, unique_srcIp, unique_dstIp, unique_srcPort, unique_dstPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = x.toJson();
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_session_rule_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+
+    auto x = read_k8sdispatcher_session_rule_list_by_id(unique_name);
+    nlohmann::json response_body;
+    for (auto &i : x) {
+      response_body += i.toJson();
+    }
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_session_rule_new_ip_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_direction;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "direction")) {
+      unique_direction = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_direction_ = SessionRuleJsonObject::string_to_SessionRuleDirectionEnum(unique_direction);
+
+  std::string unique_srcIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-ip")) {
+      unique_srcIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  std::string unique_dstIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-ip")) {
+      unique_dstIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  uint16_t unique_srcPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-port")) {
+      unique_srcPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  uint16_t unique_dstPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-port")) {
+      unique_dstPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = SessionRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_session_rule_new_ip_by_id(unique_name, unique_direction_, unique_srcIp, unique_dstIp, unique_srcPort, unique_dstPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = x;
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_session_rule_new_port_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_direction;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "direction")) {
+      unique_direction = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_direction_ = SessionRuleJsonObject::string_to_SessionRuleDirectionEnum(unique_direction);
+
+  std::string unique_srcIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-ip")) {
+      unique_srcIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  std::string unique_dstIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-ip")) {
+      unique_dstIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  uint16_t unique_srcPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-port")) {
+      unique_srcPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  uint16_t unique_dstPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-port")) {
+      unique_dstPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = SessionRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_session_rule_new_port_by_id(unique_name, unique_direction_, unique_srcIp, unique_dstIp, unique_srcPort, unique_dstPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = x;
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_session_rule_operation_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_direction;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "direction")) {
+      unique_direction = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_direction_ = SessionRuleJsonObject::string_to_SessionRuleDirectionEnum(unique_direction);
+
+  std::string unique_srcIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-ip")) {
+      unique_srcIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  std::string unique_dstIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-ip")) {
+      unique_dstIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  uint16_t unique_srcPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-port")) {
+      unique_srcPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  uint16_t unique_dstPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-port")) {
+      unique_dstPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = SessionRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_session_rule_operation_by_id(unique_name, unique_direction_, unique_srcIp, unique_dstIp, unique_srcPort, unique_dstPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = SessionRuleJsonObject::SessionRuleOperationEnum_to_string(x);
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response read_k8sdispatcher_session_rule_originating_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_direction;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "direction")) {
+      unique_direction = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_direction_ = SessionRuleJsonObject::string_to_SessionRuleDirectionEnum(unique_direction);
+
+  std::string unique_srcIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-ip")) {
+      unique_srcIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  std::string unique_dstIp;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-ip")) {
+      unique_dstIp = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+  uint16_t unique_srcPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "src-port")) {
+      unique_srcPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  uint16_t unique_dstPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "dst-port")) {
+      unique_dstPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = SessionRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+
+    auto x = read_k8sdispatcher_session_rule_originating_rule_by_id(unique_name, unique_direction_, unique_srcIp, unique_dstIp, unique_srcPort, unique_dstPort, unique_proto_);
+    nlohmann::json response_body;
+    response_body = SessionRuleJsonObject::SessionRuleOriginatingRuleEnum_to_string(x);
+    return { kOk, ::strdup(response_body.dump().c_str()) };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response replace_k8sdispatcher_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    K8sdispatcherJsonObject unique_value { request_body };
+
+    unique_value.setName(unique_name);
+    replace_k8sdispatcher_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response replace_k8sdispatcher_nodeport_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    NodeportRuleJsonObject unique_value { request_body };
+
+    unique_value.setNodeportPort(unique_nodeportPort);
+    unique_value.setProto(unique_proto_);
+    replace_k8sdispatcher_nodeport_rule_by_id(unique_name, unique_nodeportPort, unique_proto_, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response replace_k8sdispatcher_nodeport_rule_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  // Getting the body param
+  std::vector<NodeportRuleJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<NodeportRuleJsonObject> unique_value;
+    for (auto &j : request_body) {
+      NodeportRuleJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    replace_k8sdispatcher_nodeport_rule_list_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response replace_k8sdispatcher_ports_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    PortsJsonObject unique_value { request_body };
+
+    unique_value.setName(unique_portsName);
+    replace_k8sdispatcher_ports_by_id(unique_name, unique_portsName, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response replace_k8sdispatcher_ports_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  // Getting the body param
+  std::vector<PortsJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<PortsJsonObject> unique_value;
+    for (auto &j : request_body) {
+      PortsJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    replace_k8sdispatcher_ports_list_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    K8sdispatcherJsonObject unique_value { request_body };
+
+    unique_value.setName(unique_name);
+    update_k8sdispatcher_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+
+  // Getting the body param
+  std::vector<K8sdispatcherJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<K8sdispatcherJsonObject> unique_value;
+    for (auto &j : request_body) {
+      K8sdispatcherJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    update_k8sdispatcher_list_by_id(unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_nodeport_range_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // The conversion is done automatically by the json library
+    std::string unique_value = request_body;
+    update_k8sdispatcher_nodeport_range_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_nodeport_rule_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    NodeportRuleJsonObject unique_value { request_body };
+
+    unique_value.setNodeportPort(unique_nodeportPort);
+    unique_value.setProto(unique_proto_);
+    update_k8sdispatcher_nodeport_rule_by_id(unique_name, unique_nodeportPort, unique_proto_, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  uint16_t unique_nodeportPort;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "nodeport-port")) {
+      unique_nodeportPort = keys[i].value.uint16;
+      break;
+    }
+  }
+
+  std::string unique_proto;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "proto")) {
+      unique_proto = std::string { keys[i].value.string };
+      break;
+    }
+  }
+  auto unique_proto_ = NodeportRuleJsonObject::string_to_L4ProtoEnum(unique_proto);
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    NodeportRuleExternalTrafficPolicyEnum unique_value_ = NodeportRuleJsonObject::string_to_NodeportRuleExternalTrafficPolicyEnum(request_body);
+    update_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id(unique_name, unique_nodeportPort, unique_proto_, unique_value_);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_nodeport_rule_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  // Getting the body param
+  std::vector<NodeportRuleJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<NodeportRuleJsonObject> unique_value;
+    for (auto &j : request_body) {
+      NodeportRuleJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    update_k8sdispatcher_nodeport_rule_list_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_ports_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  std::string unique_portsName;
+  for (size_t i = 0; i < num_keys; ++i) {
+    if (!strcmp(keys[i].name, "ports_name")) {
+      unique_portsName = std::string { keys[i].value.string };
+      break;
+    }
+  }
+
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    PortsJsonObject unique_value { request_body };
+
+    unique_value.setName(unique_portsName);
+    update_k8sdispatcher_ports_by_id(unique_name, unique_portsName, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+Response update_k8sdispatcher_ports_list_by_id_handler(
+  const char *name, const Key *keys,
+  size_t num_keys ,
+  const char *value) {
+  // Getting the path params
+  std::string unique_name { name };
+  // Getting the body param
+  std::vector<PortsJsonObject> unique_value;
+
+  try {
+    auto request_body = nlohmann::json::parse(std::string { value });
+    // Getting the body param
+    std::vector<PortsJsonObject> unique_value;
+    for (auto &j : request_body) {
+      PortsJsonObject a { j };
+      unique_value.push_back(a);
+    }
+    update_k8sdispatcher_ports_list_by_id(unique_name, unique_value);
+    return { kOk, nullptr };
+  } catch(const std::exception &e) {
+    return { kGenericError, ::strdup(e.what()) };
+  }
+}
+
+
+Response k8sdispatcher_list_by_id_help(
+  const char *name, const Key *keys, size_t num_keys) {
+
+  nlohmann::json val = read_k8sdispatcher_list_by_id_get_list();
+
+  return { kOk, ::strdup(val.dump().c_str()) };
+}
+
+Response k8sdispatcher_nodeport_rule_list_by_id_help(
+  const char *name, const Key *keys, size_t num_keys) {
+  // Getting the path params
+  std::string unique_name { name };
+  nlohmann::json val = read_k8sdispatcher_nodeport_rule_list_by_id_get_list(unique_name);
+
+  return { kOk, ::strdup(val.dump().c_str()) };
+}
+
+Response k8sdispatcher_ports_list_by_id_help(
+  const char *name, const Key *keys, size_t num_keys) {
+  // Getting the path params
+  std::string unique_name { name };
+  nlohmann::json val = read_k8sdispatcher_ports_list_by_id_get_list(unique_name);
+
+  return { kOk, ::strdup(val.dump().c_str()) };
+}
+
+Response k8sdispatcher_session_rule_list_by_id_help(
+  const char *name, const Key *keys, size_t num_keys) {
+  // Getting the path params
+  std::string unique_name { name };
+  nlohmann::json val = read_k8sdispatcher_session_rule_list_by_id_get_list(unique_name);
+
+  return { kOk, ::strdup(val.dump().c_str()) };
+}
+
+#ifdef __cplusplus
+}
+#endif
+
diff --git a/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.h b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.h
new file mode 100644
index 000000000..90287533f
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApi.h
@@ -0,0 +1,86 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* K8sdispatcherApi.h
+*
+*/
+
+#pragma once
+
+#define POLYCUBE_SERVICE_NAME "k8sdispatcher"
+
+
+#include "polycube/services/response.h"
+#include "polycube/services/shared_lib_elements.h"
+
+#include "K8sdispatcherJsonObject.h"
+#include "NodeportRuleJsonObject.h"
+#include "PortsJsonObject.h"
+#include "SessionRuleJsonObject.h"
+#include <vector>
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+Response create_k8sdispatcher_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response create_k8sdispatcher_nodeport_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response create_k8sdispatcher_nodeport_rule_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response create_k8sdispatcher_ports_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response create_k8sdispatcher_ports_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response delete_k8sdispatcher_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response delete_k8sdispatcher_nodeport_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response delete_k8sdispatcher_nodeport_rule_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response delete_k8sdispatcher_ports_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response delete_k8sdispatcher_ports_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_internal_src_ip_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_nodeport_range_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_nodeport_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_nodeport_rule_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_nodeport_rule_rule_name_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_ports_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_ports_ip_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_ports_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_ports_type_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_session_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_session_rule_list_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_session_rule_new_ip_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_session_rule_new_port_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_session_rule_operation_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response read_k8sdispatcher_session_rule_originating_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys);
+Response replace_k8sdispatcher_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response replace_k8sdispatcher_nodeport_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response replace_k8sdispatcher_nodeport_rule_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response replace_k8sdispatcher_ports_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response replace_k8sdispatcher_ports_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_nodeport_range_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_nodeport_rule_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_nodeport_rule_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_ports_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+Response update_k8sdispatcher_ports_list_by_id_handler(const char *name, const Key *keys, size_t num_keys, const char *value);
+
+Response k8sdispatcher_list_by_id_help(const char *name, const Key *keys, size_t num_keys);
+Response k8sdispatcher_nodeport_rule_list_by_id_help(const char *name, const Key *keys, size_t num_keys);
+Response k8sdispatcher_ports_list_by_id_help(const char *name, const Key *keys, size_t num_keys);
+Response k8sdispatcher_session_rule_list_by_id_help(const char *name, const Key *keys, size_t num_keys);
+
+
+#ifdef __cplusplus
+}
+#endif
+
diff --git a/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.cpp b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.cpp
new file mode 100644
index 000000000..a4bf15212
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.cpp
@@ -0,0 +1,855 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+#include "K8sdispatcherApiImpl.h"
+
+namespace polycube {
+namespace service {
+namespace api {
+
+using namespace polycube::service::model;
+
+namespace K8sdispatcherApiImpl {
+namespace {
+std::unordered_map<std::string, std::shared_ptr<K8sdispatcher>> cubes;
+std::mutex cubes_mutex;
+
+std::shared_ptr<K8sdispatcher> get_cube(const std::string &name) {
+  std::lock_guard<std::mutex> guard(cubes_mutex);
+  auto iter = cubes.find(name);
+  if (iter == cubes.end()) {
+    throw std::runtime_error("Cube " + name + " does not exist");
+  }
+
+  return iter->second;
+}
+
+}
+
+void create_k8sdispatcher_by_id(const std::string &name, const K8sdispatcherJsonObject &jsonObject) {
+  {
+    // check if name is valid before creating it
+    std::lock_guard<std::mutex> guard(cubes_mutex);
+    if (cubes.count(name) != 0) {
+      throw std::runtime_error("There is already a cube with name " + name);
+    }
+  }
+  auto ptr = std::make_shared<K8sdispatcher>(name, jsonObject);
+  std::unordered_map<std::string, std::shared_ptr<K8sdispatcher>>::iterator iter;
+  bool inserted;
+
+  std::lock_guard<std::mutex> guard(cubes_mutex);
+  std::tie(iter, inserted) = cubes.emplace(name, std::move(ptr));
+
+  if (!inserted) {
+    throw std::runtime_error("There is already a cube with name " + name);
+  }
+}
+
+void replace_k8sdispatcher_by_id(const std::string &name, const K8sdispatcherJsonObject &bridge){
+  throw std::runtime_error("Method not supported!");
+}
+
+void delete_k8sdispatcher_by_id(const std::string &name) {
+  std::lock_guard<std::mutex> guard(cubes_mutex);
+  if (cubes.count(name) == 0) {
+    throw std::runtime_error("Cube " + name + " does not exist");
+  }
+  cubes.erase(name);
+}
+
+std::vector<K8sdispatcherJsonObject> read_k8sdispatcher_list_by_id() {
+  std::vector<K8sdispatcherJsonObject> jsonObject_vect;
+  for(auto &i : cubes) {
+    auto m = get_cube(i.first);
+    jsonObject_vect.push_back(m->toJsonObject());
+  }
+  return jsonObject_vect;
+}
+
+std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_list_by_id_get_list() {
+  std::vector<nlohmann::fifo_map<std::string, std::string>> r;
+  for (auto &x : cubes) {
+    nlohmann::fifo_map<std::string, std::string> m;
+    m["name"] = x.first;
+    r.push_back(std::move(m));
+  }
+  return r;
+}
+
+/**
+* @brief   Create nodeport-rule by ID
+*
+* Create operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+* @param[in] value nodeport-rulebody object
+*
+* Responses:
+*
+*/
+void
+create_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->addNodeportRule(nodeportPort, proto, value);
+}
+
+/**
+* @brief   Create nodeport-rule by ID
+*
+* Create operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] value nodeport-rulebody object
+*
+* Responses:
+*
+*/
+void
+create_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name, const std::vector<NodeportRuleJsonObject> &value) {
+  auto k8sdispatcher = get_cube(name);
+  k8sdispatcher->addNodeportRuleList(value);
+}
+
+/**
+* @brief   Create ports by ID
+*
+* Create operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+* @param[in] value portsbody object
+*
+* Responses:
+*
+*/
+void
+create_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName, const PortsJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->addPorts(portsName, value);
+}
+
+/**
+* @brief   Create ports by ID
+*
+* Create operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] value portsbody object
+*
+* Responses:
+*
+*/
+void
+create_k8sdispatcher_ports_list_by_id(const std::string &name, const std::vector<PortsJsonObject> &value) {
+  auto k8sdispatcher = get_cube(name);
+  k8sdispatcher->addPortsList(value);
+}
+
+/**
+* @brief   Delete nodeport-rule by ID
+*
+* Delete operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+*
+* Responses:
+*
+*/
+void
+delete_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->delNodeportRule(nodeportPort, proto);
+}
+
+/**
+* @brief   Delete nodeport-rule by ID
+*
+* Delete operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+*
+* Responses:
+*
+*/
+void
+delete_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  k8sdispatcher->delNodeportRuleList();
+}
+
+/**
+* @brief   Delete ports by ID
+*
+* Delete operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+*
+* Responses:
+*
+*/
+void
+delete_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->delPorts(portsName);
+}
+
+/**
+* @brief   Delete ports by ID
+*
+* Delete operation of resource: ports*
+*
+* @param[in] name ID of name
+*
+* Responses:
+*
+*/
+void
+delete_k8sdispatcher_ports_list_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  k8sdispatcher->delPortsList();
+}
+
+/**
+* @brief   Read k8sdispatcher by ID
+*
+* Read operation of resource: k8sdispatcher*
+*
+* @param[in] name ID of name
+*
+* Responses:
+* K8sdispatcherJsonObject
+*/
+K8sdispatcherJsonObject
+read_k8sdispatcher_by_id(const std::string &name) {
+  return get_cube(name)->toJsonObject();
+
+}
+
+/**
+* @brief   Read internal-src-ip by ID
+*
+* Read operation of resource: internal-src-ip*
+*
+* @param[in] name ID of name
+*
+* Responses:
+* std::string
+*/
+std::string
+read_k8sdispatcher_internal_src_ip_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->getInternalSrcIp();
+
+}
+
+/**
+* @brief   Read nodeport-range by ID
+*
+* Read operation of resource: nodeport-range*
+*
+* @param[in] name ID of name
+*
+* Responses:
+* std::string
+*/
+std::string
+read_k8sdispatcher_nodeport_range_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->getNodeportRange();
+
+}
+
+/**
+* @brief   Read nodeport-rule by ID
+*
+* Read operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* NodeportRuleJsonObject
+*/
+NodeportRuleJsonObject
+read_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->getNodeportRule(nodeportPort, proto)->toJsonObject();
+
+}
+
+/**
+* @brief   Read external-traffic-policy by ID
+*
+* Read operation of resource: external-traffic-policy*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* NodeportRuleExternalTrafficPolicyEnum
+*/
+NodeportRuleExternalTrafficPolicyEnum
+read_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  auto nodeportRule = k8sdispatcher->getNodeportRule(nodeportPort, proto);
+  return nodeportRule->getExternalTrafficPolicy();
+
+}
+
+/**
+* @brief   Read nodeport-rule by ID
+*
+* Read operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+*
+* Responses:
+* std::vector<NodeportRuleJsonObject>
+*/
+std::vector<NodeportRuleJsonObject>
+read_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  auto &&nodeportRule = k8sdispatcher->getNodeportRuleList();
+  std::vector<NodeportRuleJsonObject> m;
+  for(auto &i : nodeportRule)
+    m.push_back(i->toJsonObject());
+  return m;
+}
+
+/**
+* @brief   Read rule-name by ID
+*
+* Read operation of resource: rule-name*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* std::string
+*/
+std::string
+read_k8sdispatcher_nodeport_rule_rule_name_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  auto nodeportRule = k8sdispatcher->getNodeportRule(nodeportPort, proto);
+  return nodeportRule->getRuleName();
+
+}
+
+/**
+* @brief   Read ports by ID
+*
+* Read operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+*
+* Responses:
+* PortsJsonObject
+*/
+PortsJsonObject
+read_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->getPorts(portsName)->toJsonObject();
+
+}
+
+/**
+* @brief   Read ip by ID
+*
+* Read operation of resource: ip*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+*
+* Responses:
+* std::string
+*/
+std::string
+read_k8sdispatcher_ports_ip_by_id(const std::string &name, const std::string &portsName) {
+  auto k8sdispatcher = get_cube(name);
+  auto ports = k8sdispatcher->getPorts(portsName);
+  return ports->getIp();
+
+}
+
+/**
+* @brief   Read ports by ID
+*
+* Read operation of resource: ports*
+*
+* @param[in] name ID of name
+*
+* Responses:
+* std::vector<PortsJsonObject>
+*/
+std::vector<PortsJsonObject>
+read_k8sdispatcher_ports_list_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  auto &&ports = k8sdispatcher->getPortsList();
+  std::vector<PortsJsonObject> m;
+  for(auto &i : ports)
+    m.push_back(i->toJsonObject());
+  return m;
+}
+
+/**
+* @brief   Read type by ID
+*
+* Read operation of resource: type*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+*
+* Responses:
+* PortsTypeEnum
+*/
+PortsTypeEnum
+read_k8sdispatcher_ports_type_by_id(const std::string &name, const std::string &portsName) {
+  auto k8sdispatcher = get_cube(name);
+  auto ports = k8sdispatcher->getPorts(portsName);
+  return ports->getType();
+
+}
+
+/**
+* @brief   Read session-rule by ID
+*
+* Read operation of resource: session-rule*
+*
+* @param[in] name ID of name
+* @param[in] direction ID of direction
+* @param[in] srcIp ID of src-ip
+* @param[in] dstIp ID of dst-ip
+* @param[in] srcPort ID of src-port
+* @param[in] dstPort ID of dst-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* SessionRuleJsonObject
+*/
+SessionRuleJsonObject
+read_k8sdispatcher_session_rule_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->getSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto)->toJsonObject();
+
+}
+
+/**
+* @brief   Read session-rule by ID
+*
+* Read operation of resource: session-rule*
+*
+* @param[in] name ID of name
+*
+* Responses:
+* std::vector<SessionRuleJsonObject>
+*/
+std::vector<SessionRuleJsonObject>
+read_k8sdispatcher_session_rule_list_by_id(const std::string &name) {
+  auto k8sdispatcher = get_cube(name);
+  auto &&sessionRule = k8sdispatcher->getSessionRuleList();
+  std::vector<SessionRuleJsonObject> m;
+  for(auto &i : sessionRule)
+    m.push_back(i->toJsonObject());
+  return m;
+}
+
+/**
+* @brief   Read new-ip by ID
+*
+* Read operation of resource: new-ip*
+*
+* @param[in] name ID of name
+* @param[in] direction ID of direction
+* @param[in] srcIp ID of src-ip
+* @param[in] dstIp ID of dst-ip
+* @param[in] srcPort ID of src-port
+* @param[in] dstPort ID of dst-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* std::string
+*/
+std::string
+read_k8sdispatcher_session_rule_new_ip_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  auto sessionRule = k8sdispatcher->getSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto);
+  return sessionRule->getNewIp();
+
+}
+
+/**
+* @brief   Read new-port by ID
+*
+* Read operation of resource: new-port*
+*
+* @param[in] name ID of name
+* @param[in] direction ID of direction
+* @param[in] srcIp ID of src-ip
+* @param[in] dstIp ID of dst-ip
+* @param[in] srcPort ID of src-port
+* @param[in] dstPort ID of dst-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* uint16_t
+*/
+uint16_t
+read_k8sdispatcher_session_rule_new_port_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  auto sessionRule = k8sdispatcher->getSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto);
+  return sessionRule->getNewPort();
+
+}
+
+/**
+* @brief   Read operation by ID
+*
+* Read operation of resource: operation*
+*
+* @param[in] name ID of name
+* @param[in] direction ID of direction
+* @param[in] srcIp ID of src-ip
+* @param[in] dstIp ID of dst-ip
+* @param[in] srcPort ID of src-port
+* @param[in] dstPort ID of dst-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* SessionRuleOperationEnum
+*/
+SessionRuleOperationEnum
+read_k8sdispatcher_session_rule_operation_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  auto sessionRule = k8sdispatcher->getSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto);
+  return sessionRule->getOperation();
+
+}
+
+/**
+* @brief   Read originating-rule by ID
+*
+* Read operation of resource: originating-rule*
+*
+* @param[in] name ID of name
+* @param[in] direction ID of direction
+* @param[in] srcIp ID of src-ip
+* @param[in] dstIp ID of dst-ip
+* @param[in] srcPort ID of src-port
+* @param[in] dstPort ID of dst-port
+* @param[in] proto ID of proto
+*
+* Responses:
+* SessionRuleOriginatingRuleEnum
+*/
+SessionRuleOriginatingRuleEnum
+read_k8sdispatcher_session_rule_originating_rule_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto) {
+  auto k8sdispatcher = get_cube(name);
+  auto sessionRule = k8sdispatcher->getSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto);
+  return sessionRule->getOriginatingRule();
+
+}
+
+/**
+* @brief   Replace nodeport-rule by ID
+*
+* Replace operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+* @param[in] value nodeport-rulebody object
+*
+* Responses:
+*
+*/
+void
+replace_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->replaceNodeportRule(nodeportPort, proto, value);
+}
+
+/**
+* @brief   Replace nodeport-rule by ID
+*
+* Replace operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] value nodeport-rulebody object
+*
+* Responses:
+*
+*/
+void
+replace_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name, const std::vector<NodeportRuleJsonObject> &value) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->replaceNodeportRuleList(value);
+}
+
+/**
+* @brief   Replace ports by ID
+*
+* Replace operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+* @param[in] value portsbody object
+*
+* Responses:
+*
+*/
+void
+replace_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName, const PortsJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->replacePorts(portsName, value);
+}
+
+/**
+* @brief   Replace ports by ID
+*
+* Replace operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] value portsbody object
+*
+* Responses:
+*
+*/
+void
+replace_k8sdispatcher_ports_list_by_id(const std::string &name, const std::vector<PortsJsonObject> &value) {
+  throw std::runtime_error("Method not supported");
+}
+
+/**
+* @brief   Update k8sdispatcher by ID
+*
+* Update operation of resource: k8sdispatcher*
+*
+* @param[in] name ID of name
+* @param[in] value k8sdispatcherbody object
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_by_id(const std::string &name, const K8sdispatcherJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->update(value);
+}
+
+/**
+* @brief   Update k8sdispatcher by ID
+*
+* Update operation of resource: k8sdispatcher*
+*
+* @param[in] value k8sdispatcherbody object
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_list_by_id(const std::vector<K8sdispatcherJsonObject> &value) {
+  throw std::runtime_error("Method not supported");
+}
+
+/**
+* @brief   Update nodeport-range by ID
+*
+* Update operation of resource: nodeport-range*
+*
+* @param[in] name ID of name
+* @param[in] value Port range used for NodePort Services
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_nodeport_range_by_id(const std::string &name, const std::string &value) {
+  auto k8sdispatcher = get_cube(name);
+
+  return k8sdispatcher->setNodeportRange(value);
+}
+
+/**
+* @brief   Update nodeport-rule by ID
+*
+* Update operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+* @param[in] value nodeport-rulebody object
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+  auto nodeportRule = k8sdispatcher->getNodeportRule(nodeportPort, proto);
+
+  return nodeportRule->update(value);
+}
+
+/**
+* @brief   Update external-traffic-policy by ID
+*
+* Update operation of resource: external-traffic-policy*
+*
+* @param[in] name ID of name
+* @param[in] nodeportPort ID of nodeport-port
+* @param[in] proto ID of proto
+* @param[in] value The external traffic policy of the Kubernetes NodePort Service
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleExternalTrafficPolicyEnum &value) {
+  auto k8sdispatcher = get_cube(name);
+  auto nodeportRule = k8sdispatcher->getNodeportRule(nodeportPort, proto);
+
+  return nodeportRule->setExternalTrafficPolicy(value);
+}
+
+/**
+* @brief   Update nodeport-rule by ID
+*
+* Update operation of resource: nodeport-rule*
+*
+* @param[in] name ID of name
+* @param[in] value nodeport-rulebody object
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name, const std::vector<NodeportRuleJsonObject> &value) {
+  auto k8sdispatcher = get_cube(name);
+  return k8sdispatcher->updateNodeportRuleList(value);
+}
+
+/**
+* @brief   Update ports by ID
+*
+* Update operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] portsName ID of ports_name
+* @param[in] value portsbody object
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName, const PortsJsonObject &value) {
+  auto k8sdispatcher = get_cube(name);
+  auto ports = k8sdispatcher->getPorts(portsName);
+
+  return ports->update(value);
+}
+
+/**
+* @brief   Update ports by ID
+*
+* Update operation of resource: ports*
+*
+* @param[in] name ID of name
+* @param[in] value portsbody object
+*
+* Responses:
+*
+*/
+void
+update_k8sdispatcher_ports_list_by_id(const std::string &name, const std::vector<PortsJsonObject> &value) {
+  throw std::runtime_error("Method not supported");
+}
+
+
+
+/*
+ * help related
+ */
+
+std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_nodeport_rule_list_by_id_get_list(const std::string &name) {
+  std::vector<nlohmann::fifo_map<std::string, std::string>> r;
+  auto &&k8sdispatcher = get_cube(name);
+
+  auto &&nodeportRule = k8sdispatcher->getNodeportRuleList();
+  for(auto &i : nodeportRule) {
+    nlohmann::fifo_map<std::string, std::string> keys;
+
+    keys["nodeportPort"] = std::to_string(i->getNodeportPort());
+    keys["proto"] = NodeportRuleJsonObject::L4ProtoEnum_to_string(i->getProto());
+
+    r.push_back(keys);
+  }
+  return r;
+}
+
+std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_ports_list_by_id_get_list(const std::string &name) {
+  std::vector<nlohmann::fifo_map<std::string, std::string>> r;
+  auto &&k8sdispatcher = get_cube(name);
+
+  auto &&ports = k8sdispatcher->getPortsList();
+  for(auto &i : ports) {
+    nlohmann::fifo_map<std::string, std::string> keys;
+
+    keys["name"] = i->getName();
+
+    r.push_back(keys);
+  }
+  return r;
+}
+
+std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_session_rule_list_by_id_get_list(const std::string &name) {
+  std::vector<nlohmann::fifo_map<std::string, std::string>> r;
+  auto &&k8sdispatcher = get_cube(name);
+
+  auto &&sessionRule = k8sdispatcher->getSessionRuleList();
+  for(auto &i : sessionRule) {
+    nlohmann::fifo_map<std::string, std::string> keys;
+
+    keys["direction"] = SessionRuleJsonObject::SessionRuleDirectionEnum_to_string(i->getDirection());
+    keys["srcIp"] = i->getSrcIp();
+    keys["dstIp"] = i->getDstIp();
+    keys["srcPort"] = std::to_string(i->getSrcPort());
+    keys["dstPort"] = std::to_string(i->getDstPort());
+    keys["proto"] = SessionRuleJsonObject::L4ProtoEnum_to_string(i->getProto());
+
+    r.push_back(keys);
+  }
+  return r;
+}
+
+
+}
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.h b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.h
new file mode 100644
index 000000000..15333cfc5
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/api/K8sdispatcherApiImpl.h
@@ -0,0 +1,90 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* K8sdispatcherApiImpl.h
+*
+*
+*/
+
+#pragma once
+
+
+#include <memory>
+#include <map>
+#include <mutex>
+#include "../K8sdispatcher.h"
+
+#include "K8sdispatcherJsonObject.h"
+#include "NodeportRuleJsonObject.h"
+#include "PortsJsonObject.h"
+#include "SessionRuleJsonObject.h"
+#include <vector>
+
+namespace polycube {
+namespace service {
+namespace api {
+
+using namespace polycube::service::model;
+
+namespace K8sdispatcherApiImpl {
+  void create_k8sdispatcher_by_id(const std::string &name, const K8sdispatcherJsonObject &value);
+  void create_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &value);
+  void create_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name, const std::vector<NodeportRuleJsonObject> &value);
+  void create_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName, const PortsJsonObject &value);
+  void create_k8sdispatcher_ports_list_by_id(const std::string &name, const std::vector<PortsJsonObject> &value);
+  void delete_k8sdispatcher_by_id(const std::string &name);
+  void delete_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto);
+  void delete_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name);
+  void delete_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName);
+  void delete_k8sdispatcher_ports_list_by_id(const std::string &name);
+  K8sdispatcherJsonObject read_k8sdispatcher_by_id(const std::string &name);
+  std::string read_k8sdispatcher_internal_src_ip_by_id(const std::string &name);
+  std::vector<K8sdispatcherJsonObject> read_k8sdispatcher_list_by_id();
+  std::string read_k8sdispatcher_nodeport_range_by_id(const std::string &name);
+  NodeportRuleJsonObject read_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto);
+  NodeportRuleExternalTrafficPolicyEnum read_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto);
+  std::vector<NodeportRuleJsonObject> read_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name);
+  std::string read_k8sdispatcher_nodeport_rule_rule_name_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto);
+  PortsJsonObject read_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName);
+  std::string read_k8sdispatcher_ports_ip_by_id(const std::string &name, const std::string &portsName);
+  std::vector<PortsJsonObject> read_k8sdispatcher_ports_list_by_id(const std::string &name);
+  PortsTypeEnum read_k8sdispatcher_ports_type_by_id(const std::string &name, const std::string &portsName);
+  SessionRuleJsonObject read_k8sdispatcher_session_rule_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto);
+  std::vector<SessionRuleJsonObject> read_k8sdispatcher_session_rule_list_by_id(const std::string &name);
+  std::string read_k8sdispatcher_session_rule_new_ip_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto);
+  uint16_t read_k8sdispatcher_session_rule_new_port_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto);
+  SessionRuleOperationEnum read_k8sdispatcher_session_rule_operation_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto);
+  SessionRuleOriginatingRuleEnum read_k8sdispatcher_session_rule_originating_rule_by_id(const std::string &name, const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto);
+  void replace_k8sdispatcher_by_id(const std::string &name, const K8sdispatcherJsonObject &value);
+  void replace_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &value);
+  void replace_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name, const std::vector<NodeportRuleJsonObject> &value);
+  void replace_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName, const PortsJsonObject &value);
+  void replace_k8sdispatcher_ports_list_by_id(const std::string &name, const std::vector<PortsJsonObject> &value);
+  void update_k8sdispatcher_by_id(const std::string &name, const K8sdispatcherJsonObject &value);
+  void update_k8sdispatcher_list_by_id(const std::vector<K8sdispatcherJsonObject> &value);
+  void update_k8sdispatcher_nodeport_range_by_id(const std::string &name, const std::string &value);
+  void update_k8sdispatcher_nodeport_rule_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &value);
+  void update_k8sdispatcher_nodeport_rule_external_traffic_policy_by_id(const std::string &name, const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleExternalTrafficPolicyEnum &value);
+  void update_k8sdispatcher_nodeport_rule_list_by_id(const std::string &name, const std::vector<NodeportRuleJsonObject> &value);
+  void update_k8sdispatcher_ports_by_id(const std::string &name, const std::string &portsName, const PortsJsonObject &value);
+  void update_k8sdispatcher_ports_list_by_id(const std::string &name, const std::vector<PortsJsonObject> &value);
+
+  /* help related */
+  std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_list_by_id_get_list();
+  std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_nodeport_rule_list_by_id_get_list(const std::string &name);
+  std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_ports_list_by_id_get_list(const std::string &name);
+  std::vector<nlohmann::fifo_map<std::string, std::string>> read_k8sdispatcher_session_rule_list_by_id_get_list(const std::string &name);
+
+}
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.cpp b/src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.cpp
new file mode 100644
index 000000000..8eb540dbe
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.cpp
@@ -0,0 +1,171 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+#include "K8sdispatcherBase.h"
+
+K8sdispatcherBase::K8sdispatcherBase(const std::string name) {
+  logger()->set_pattern("[%Y-%m-%d %H:%M:%S.%e] [K8sdispatcher] [%n] [%l] %v");
+}
+
+
+
+K8sdispatcherBase::~K8sdispatcherBase() {}
+
+void K8sdispatcherBase::update(const K8sdispatcherJsonObject &conf) {
+  set_conf(conf.getBase());
+
+  if (conf.portsIsSet()) {
+    for (auto &i : conf.getPorts()) {
+      auto name = i.getName();
+      auto m = getPorts(name);
+      m->update(i);
+    }
+  }
+  if (conf.nodeportRangeIsSet()) {
+    setNodeportRange(conf.getNodeportRange());
+  }
+  if (conf.sessionRuleIsSet()) {
+    for (auto &i : conf.getSessionRule()) {
+      auto direction = i.getDirection();
+      auto srcIp = i.getSrcIp();
+      auto dstIp = i.getDstIp();
+      auto srcPort = i.getSrcPort();
+      auto dstPort = i.getDstPort();
+      auto proto = i.getProto();
+      auto m = getSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto);
+      m->update(i);
+    }
+  }
+  if (conf.nodeportRuleIsSet()) {
+    for (auto &i : conf.getNodeportRule()) {
+      auto nodeportPort = i.getNodeportPort();
+      auto proto = i.getProto();
+      auto m = getNodeportRule(nodeportPort, proto);
+      m->update(i);
+    }
+  }
+}
+
+K8sdispatcherJsonObject K8sdispatcherBase::toJsonObject() {
+  K8sdispatcherJsonObject conf;
+  conf.setBase(to_json());
+
+  conf.setName(getName());
+  for (auto &i : getPortsList()) {
+    conf.addPorts(i->toJsonObject());
+  }
+  conf.setInternalSrcIp(getInternalSrcIp());
+  conf.setNodeportRange(getNodeportRange());
+  for(auto &i : getSessionRuleList()) {
+    conf.addSessionRule(i->toJsonObject());
+  }
+  for(auto &i : getNodeportRuleList()) {
+    conf.addNodeportRule(i->toJsonObject());
+  }
+
+  return conf;
+}
+void K8sdispatcherBase::addPortsList(const std::vector<PortsJsonObject> &conf) {
+  for (auto &i : conf) {
+    std::string name_ = i.getName();
+    addPorts(name_, i);
+  }
+}
+
+void K8sdispatcherBase::replacePorts(const std::string &name, const PortsJsonObject &conf) {
+  delPorts(name);
+  std::string name_ = conf.getName();
+  addPorts(name_, conf);
+}
+
+void K8sdispatcherBase::delPortsList() {
+  auto elements = getPortsList();
+  for (auto &i : elements) {
+    std::string name_ = i->getName();
+    delPorts(name_);
+  }
+}
+
+void K8sdispatcherBase::addPorts(const std::string &name, const PortsJsonObject &conf) {
+  add_port<PortsJsonObject>(name, conf);
+}
+
+void K8sdispatcherBase::delPorts(const std::string &name) {
+  remove_port(name);
+}
+
+std::shared_ptr<Ports> K8sdispatcherBase::getPorts(const std::string &name) {
+  return get_port(name);
+}
+
+std::vector<std::shared_ptr<Ports>> K8sdispatcherBase::getPortsList() {
+  return get_ports();
+}
+void K8sdispatcherBase::addSessionRuleList(const std::vector<SessionRuleJsonObject> &conf) {
+  for (auto &i : conf) {
+    SessionRuleDirectionEnum direction_ = i.getDirection();
+    std::string srcIp_ = i.getSrcIp();
+    std::string dstIp_ = i.getDstIp();
+    uint16_t srcPort_ = i.getSrcPort();
+    uint16_t dstPort_ = i.getDstPort();
+    L4ProtoEnum proto_ = i.getProto();
+    addSessionRule(direction_, srcIp_, dstIp_, srcPort_, dstPort_, proto_, i);
+  }
+}
+
+void K8sdispatcherBase::replaceSessionRule(const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto, const SessionRuleJsonObject &conf) {
+  delSessionRule(direction, srcIp, dstIp, srcPort, dstPort, proto);
+  SessionRuleDirectionEnum direction_ = conf.getDirection();
+  std::string srcIp_ = conf.getSrcIp();
+  std::string dstIp_ = conf.getDstIp();
+  uint16_t srcPort_ = conf.getSrcPort();
+  uint16_t dstPort_ = conf.getDstPort();
+  L4ProtoEnum proto_ = conf.getProto();
+  addSessionRule(direction_, srcIp_, dstIp_, srcPort_, dstPort_, proto_, conf);
+}
+
+void K8sdispatcherBase::delSessionRuleList() {
+  auto elements = getSessionRuleList();
+  for (auto &i : elements) {
+    SessionRuleDirectionEnum direction_ = i->getDirection();
+    std::string srcIp_ = i->getSrcIp();
+    std::string dstIp_ = i->getDstIp();
+    uint16_t srcPort_ = i->getSrcPort();
+    uint16_t dstPort_ = i->getDstPort();
+    L4ProtoEnum proto_ = i->getProto();
+    delSessionRule(direction_, srcIp_, dstIp_, srcPort_, dstPort_, proto_);
+  }
+}
+void K8sdispatcherBase::addNodeportRuleList(const std::vector<NodeportRuleJsonObject> &conf) {
+  for (auto &i : conf) {
+    uint16_t nodeportPort_ = i.getNodeportPort();
+    L4ProtoEnum proto_ = i.getProto();
+    addNodeportRule(nodeportPort_, proto_, i);
+  }
+}
+
+void K8sdispatcherBase::replaceNodeportRule(const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &conf) {
+  delNodeportRule(nodeportPort, proto);
+  uint16_t nodeportPort_ = conf.getNodeportPort();
+  L4ProtoEnum proto_ = conf.getProto();
+  addNodeportRule(nodeportPort_, proto_, conf);
+}
+
+void K8sdispatcherBase::delNodeportRuleList() {
+  auto elements = getNodeportRuleList();
+  for (auto &i : elements) {
+    uint16_t nodeportPort_ = i->getNodeportPort();
+    L4ProtoEnum proto_ = i->getProto();
+    delNodeportRule(nodeportPort_, proto_);
+  }
+}
+
+
diff --git a/src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.h b/src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.h
new file mode 100644
index 000000000..375b025e1
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/K8sdispatcherBase.h
@@ -0,0 +1,91 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* K8sdispatcherBase.h
+*
+*
+*/
+
+#pragma once
+
+#include "../serializer/K8sdispatcherJsonObject.h"
+
+#include "../NodeportRule.h"
+#include "../Ports.h"
+#include "../SessionRule.h"
+
+#include "polycube/services/cube.h"
+#include "polycube/services/port.h"
+
+
+
+#include "polycube/services/utils.h"
+#include "polycube/services/fifo_map.hpp"
+
+#include <spdlog/spdlog.h>
+
+using namespace polycube::service::model;
+
+
+class K8sdispatcherBase: public virtual polycube::service::Cube<Ports> {
+ public:
+  K8sdispatcherBase(const std::string name);
+
+  virtual ~K8sdispatcherBase();
+  virtual void update(const K8sdispatcherJsonObject &conf);
+  virtual K8sdispatcherJsonObject toJsonObject();
+
+  /// <summary>
+  /// Entry of the ports table
+  /// </summary>
+  virtual std::shared_ptr<Ports> getPorts(const std::string &name);
+  virtual std::vector<std::shared_ptr<Ports>> getPortsList();
+  virtual void addPorts(const std::string &name, const PortsJsonObject &conf);
+  virtual void addPortsList(const std::vector<PortsJsonObject> &conf);
+  virtual void replacePorts(const std::string &name, const PortsJsonObject &conf);
+  virtual void delPorts(const std::string &name);
+  virtual void delPortsList();
+
+  /// <summary>
+  /// Internal source IP address used for natting incoming packets directed to Kubernetes Services with a CLUSTER external traffic policy
+  /// </summary>
+  virtual std::string getInternalSrcIp() = 0;
+
+  /// <summary>
+  /// Port range used for NodePort Services
+  /// </summary>
+  virtual std::string getNodeportRange() = 0;
+  virtual void setNodeportRange(const std::string &value) = 0;
+
+  /// <summary>
+  /// Session entry related to a specific traffic direction
+  /// </summary>
+  virtual std::shared_ptr<SessionRule> getSessionRule(const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto) = 0;
+  virtual std::vector<std::shared_ptr<SessionRule>> getSessionRuleList() = 0;
+  virtual void addSessionRule(const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto, const SessionRuleJsonObject &conf) = 0;
+  virtual void addSessionRuleList(const std::vector<SessionRuleJsonObject> &conf);
+  virtual void replaceSessionRule(const SessionRuleDirectionEnum &direction, const std::string &srcIp, const std::string &dstIp, const uint16_t &srcPort, const uint16_t &dstPort, const L4ProtoEnum &proto, const SessionRuleJsonObject &conf);
+  virtual void delSessionRule(const SessionRuleDirectionEnum &direction,const std::string &srcIp,const std::string &dstIp,const uint16_t &srcPort,const uint16_t &dstPort,const L4ProtoEnum &proto) = 0;
+  virtual void delSessionRuleList();
+
+  /// <summary>
+  /// NodePort rule associated with a Kubernetes NodePort Service
+  /// </summary>
+  virtual std::shared_ptr<NodeportRule> getNodeportRule(const uint16_t &nodeportPort, const L4ProtoEnum &proto) = 0;
+  virtual std::vector<std::shared_ptr<NodeportRule>> getNodeportRuleList() = 0;
+  virtual void addNodeportRule(const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &conf) = 0;
+  virtual void addNodeportRuleList(const std::vector<NodeportRuleJsonObject> &conf);
+  virtual void updateNodeportRuleList(const std::vector<NodeportRuleJsonObject> &conf) = 0;
+  virtual void replaceNodeportRule(const uint16_t &nodeportPort, const L4ProtoEnum &proto, const NodeportRuleJsonObject &conf);
+  virtual void replaceNodeportRuleList(const std::vector<NodeportRuleJsonObject> &conf) = 0;
+  virtual void delNodeportRule(const uint16_t &nodeportPort,const L4ProtoEnum &proto) = 0;
+  virtual void delNodeportRuleList();
+};
diff --git a/src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.cpp b/src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.cpp
new file mode 100644
index 000000000..97be76fea
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.cpp
@@ -0,0 +1,42 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+#include "NodeportRuleBase.h"
+#include "../K8sdispatcher.h"
+
+
+NodeportRuleBase::NodeportRuleBase(K8sdispatcher &parent)
+    : parent_(parent) {}
+
+NodeportRuleBase::~NodeportRuleBase() {}
+
+void NodeportRuleBase::update(const NodeportRuleJsonObject &conf) {
+
+  if (conf.externalTrafficPolicyIsSet()) {
+    setExternalTrafficPolicy(conf.getExternalTrafficPolicy());
+  }
+}
+
+NodeportRuleJsonObject NodeportRuleBase::toJsonObject() {
+  NodeportRuleJsonObject conf;
+
+  conf.setNodeportPort(getNodeportPort());
+  conf.setProto(getProto());
+  conf.setExternalTrafficPolicy(getExternalTrafficPolicy());
+  conf.setRuleName(getRuleName());
+
+  return conf;
+}
+
+std::shared_ptr<spdlog::logger> NodeportRuleBase::logger() {
+  return parent_.logger();
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.h b/src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.h
new file mode 100644
index 000000000..e819bf274
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/NodeportRuleBase.h
@@ -0,0 +1,65 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* NodeportRuleBase.h
+*
+*
+*/
+
+#pragma once
+
+#include "../serializer/NodeportRuleJsonObject.h"
+
+
+
+
+
+
+#include <spdlog/spdlog.h>
+
+using namespace polycube::service::model;
+
+class K8sdispatcher;
+
+class NodeportRuleBase {
+ public:
+  
+  NodeportRuleBase(K8sdispatcher &parent);
+  
+  virtual ~NodeportRuleBase();
+  virtual void update(const NodeportRuleJsonObject &conf);
+  virtual NodeportRuleJsonObject toJsonObject();
+
+  /// <summary>
+  /// NodePort rule nodeport port number
+  /// </summary>
+  virtual uint16_t getNodeportPort() = 0;
+
+  /// <summary>
+  /// NodePort rule L4 protocol
+  /// </summary>
+  virtual L4ProtoEnum getProto() = 0;
+
+  /// <summary>
+  /// The external traffic policy of the Kubernetes NodePort Service
+  /// </summary>
+  virtual NodeportRuleExternalTrafficPolicyEnum getExternalTrafficPolicy() = 0;
+  virtual void setExternalTrafficPolicy(const NodeportRuleExternalTrafficPolicyEnum &value) = 0;
+
+  /// <summary>
+  /// An optional name for the NodePort rule
+  /// </summary>
+  virtual std::string getRuleName() = 0;
+
+  std::shared_ptr<spdlog::logger> logger();
+ protected:
+  K8sdispatcher &parent_;
+};
diff --git a/src/services/pcn-k8sdispatcher/src/base/PortsBase.cpp b/src/services/pcn-k8sdispatcher/src/base/PortsBase.cpp
new file mode 100644
index 000000000..d55efb130
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/PortsBase.cpp
@@ -0,0 +1,41 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+#include "PortsBase.h"
+#include "../K8sdispatcher.h"
+
+PortsBase::PortsBase(polycube::service::Cube<Ports> &parent,
+    std::shared_ptr<polycube::service::PortIface> port)
+    : Port(port), parent_(dynamic_cast<K8sdispatcher &>(parent)) {}
+
+
+PortsBase::~PortsBase() {}
+
+void PortsBase::update(const PortsJsonObject &conf) {
+  set_conf(conf.getBase());
+
+}
+
+PortsJsonObject PortsBase::toJsonObject() {
+  PortsJsonObject conf;
+  conf.setBase(to_json());
+
+  conf.setName(getName());
+  conf.setType(getType());
+  conf.setIp(getIp());
+
+  return conf;
+}
+
+std::shared_ptr<spdlog::logger> PortsBase::logger() {
+  return parent_.logger();
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/base/PortsBase.h b/src/services/pcn-k8sdispatcher/src/base/PortsBase.h
new file mode 100644
index 000000000..33cf3163a
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/PortsBase.h
@@ -0,0 +1,59 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* PortsBase.h
+*
+*
+*/
+
+#pragma once
+
+#include "../serializer/PortsJsonObject.h"
+
+
+
+
+#include "polycube/services/cube.h"
+#include "polycube/services/port.h"
+
+#include "polycube/services/utils.h"
+#include "polycube/services/fifo_map.hpp"
+
+#include <spdlog/spdlog.h>
+
+using namespace polycube::service::model;
+
+class K8sdispatcher;
+class Ports;
+
+class PortsBase: public polycube::service::Port {
+ public:
+  PortsBase(polycube::service::Cube<Ports> &parent,
+      std::shared_ptr<polycube::service::PortIface> port);
+  
+  virtual ~PortsBase();
+  virtual void update(const PortsJsonObject &conf);
+  virtual PortsJsonObject toJsonObject();
+
+  /// <summary>
+  /// Type of the K8s Dispatcher cube port (e.g. BACKEND or FRONTEND)
+  /// </summary>
+  virtual PortsTypeEnum getType() = 0;
+
+  /// <summary>
+  /// IP address of the node interface (only for FRONTEND port)
+  /// </summary>
+  virtual std::string getIp() = 0;
+
+  std::shared_ptr<spdlog::logger> logger();
+ protected:
+  K8sdispatcher &parent_;
+};
diff --git a/src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.cpp b/src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.cpp
new file mode 100644
index 000000000..2b5a8a3f4
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.cpp
@@ -0,0 +1,45 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+#include "SessionRuleBase.h"
+#include "../K8sdispatcher.h"
+
+
+SessionRuleBase::SessionRuleBase(K8sdispatcher &parent)
+    : parent_(parent) {}
+
+SessionRuleBase::~SessionRuleBase() {}
+
+void SessionRuleBase::update(const SessionRuleJsonObject &conf) {
+
+}
+
+SessionRuleJsonObject SessionRuleBase::toJsonObject() {
+  SessionRuleJsonObject conf;
+
+  conf.setDirection(getDirection());
+  conf.setSrcIp(getSrcIp());
+  conf.setDstIp(getDstIp());
+  conf.setSrcPort(getSrcPort());
+  conf.setDstPort(getDstPort());
+  conf.setProto(getProto());
+  conf.setNewIp(getNewIp());
+  conf.setNewPort(getNewPort());
+  conf.setOperation(getOperation());
+  conf.setOriginatingRule(getOriginatingRule());
+
+  return conf;
+}
+
+std::shared_ptr<spdlog::logger> SessionRuleBase::logger() {
+  return parent_.logger();
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.h b/src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.h
new file mode 100644
index 000000000..90e2ab09a
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/base/SessionRuleBase.h
@@ -0,0 +1,94 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* SessionRuleBase.h
+*
+*
+*/
+
+#pragma once
+
+#include "../serializer/SessionRuleJsonObject.h"
+
+
+
+
+
+
+#include <spdlog/spdlog.h>
+
+using namespace polycube::service::model;
+
+class K8sdispatcher;
+
+class SessionRuleBase {
+ public:
+  
+  SessionRuleBase(K8sdispatcher &parent);
+  
+  virtual ~SessionRuleBase();
+  virtual void update(const SessionRuleJsonObject &conf);
+  virtual SessionRuleJsonObject toJsonObject();
+
+  /// <summary>
+  /// Session entry direction (e.g. INGRESS or EGRESS)
+  /// </summary>
+  virtual SessionRuleDirectionEnum getDirection() = 0;
+
+  /// <summary>
+  /// Session entry source IP address
+  /// </summary>
+  virtual std::string getSrcIp() = 0;
+
+  /// <summary>
+  /// Session entry destination IP address
+  /// </summary>
+  virtual std::string getDstIp() = 0;
+
+  /// <summary>
+  /// Session entry source L4 port number
+  /// </summary>
+  virtual uint16_t getSrcPort() = 0;
+
+  /// <summary>
+  /// Session entry destination L4 port number
+  /// </summary>
+  virtual uint16_t getDstPort() = 0;
+
+  /// <summary>
+  /// Session entry L4 protocol
+  /// </summary>
+  virtual L4ProtoEnum getProto() = 0;
+
+  /// <summary>
+  /// Translated IP address
+  /// </summary>
+  virtual std::string getNewIp() = 0;
+
+  /// <summary>
+  /// Translated L4 port number
+  /// </summary>
+  virtual uint16_t getNewPort() = 0;
+
+  /// <summary>
+  /// Operation applied on the original packet
+  /// </summary>
+  virtual SessionRuleOperationEnum getOperation() = 0;
+
+  /// <summary>
+  /// Rule originating the session entry
+  /// </summary>
+  virtual SessionRuleOriginatingRuleEnum getOriginatingRule() = 0;
+
+  std::shared_ptr<spdlog::logger> logger();
+ protected:
+  K8sdispatcher &parent_;
+};
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.cpp b/src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.cpp
new file mode 100644
index 000000000..2296417c0
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.cpp
@@ -0,0 +1,69 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+#include "JsonObjectBase.h"
+
+namespace polycube {
+namespace service {
+namespace model {
+
+JsonObjectBase::JsonObjectBase(const nlohmann::json &base) : base_(base) {}
+
+bool JsonObjectBase::iequals(const std::string &a, const std::string &b) {
+  if(a.size() != b.size())
+    return false;
+  for (unsigned int i = 0; i < a.size(); i++){
+    if(tolower(a[i]) != tolower(b[i]))
+      return false;
+  }
+  return true;
+}
+
+std::string JsonObjectBase::toJson(const std::string& value) {
+  return value;
+}
+
+std::string JsonObjectBase::toJson(const std::time_t& value) {
+  char buf[sizeof "2011-10-08T07:07:09Z"];
+  strftime(buf, sizeof buf, "%FT%TZ", gmtime(&value));
+  return buf;
+}
+
+int32_t JsonObjectBase::toJson(int32_t value) {
+  return value;
+}
+
+int64_t JsonObjectBase::toJson(int64_t value) {
+  return value;
+}
+
+double JsonObjectBase::toJson(double value) {
+  return value;
+}
+
+bool JsonObjectBase::toJson(bool value) {
+  return value;
+}
+
+nlohmann::json JsonObjectBase::toJson(const JsonObjectBase &content) {
+  return content.toJson();
+}
+
+const nlohmann::json &JsonObjectBase::getBase() const {
+  return base_;
+}
+
+void JsonObjectBase::setBase(const nlohmann::json &base) {
+  base_ = base;
+}
+
+}
+}
+}
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.h b/src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.h
new file mode 100644
index 000000000..bda8934b9
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/JsonObjectBase.h
@@ -0,0 +1,55 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* JsonObjectBase.h
+*
+* This is the base class for all model classes
+*/
+
+#pragma once
+
+
+#include "polycube/services/json.hpp"
+#include "polycube/services/fifo_map.hpp"
+#include <ctime>
+#include <string>
+
+namespace polycube {
+namespace service {
+namespace model {
+
+class  JsonObjectBase {
+ public:
+  JsonObjectBase() = default;
+  JsonObjectBase(const nlohmann::json &base);
+  virtual ~JsonObjectBase() = default;
+
+  virtual nlohmann::json toJson() const = 0;
+
+  static bool iequals(const std::string &a, const std::string &b);
+  static std::string toJson(const std::string& value);
+  static std::string toJson(const std::time_t& value);
+  static int32_t toJson(int32_t value);
+  static int64_t toJson(int64_t value);
+  static double toJson(double value);
+  static bool toJson(bool value);
+  static nlohmann::json toJson(const JsonObjectBase &content);
+
+  const nlohmann::json &getBase() const;
+  void setBase(const nlohmann::json &base);
+
+ private:
+  nlohmann::json base_;
+};
+
+}
+}
+}
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.cpp b/src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.cpp
new file mode 100644
index 000000000..9ce528e74
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.cpp
@@ -0,0 +1,239 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+
+#include "K8sdispatcherJsonObject.h"
+#include <regex>
+
+namespace polycube {
+namespace service {
+namespace model {
+
+K8sdispatcherJsonObject::K8sdispatcherJsonObject() {
+  m_nameIsSet = false;
+  m_portsIsSet = false;
+  m_internalSrcIpIsSet = false;
+  m_nodeportRange = "30000-32767";
+  m_nodeportRangeIsSet = true;
+  m_sessionRuleIsSet = false;
+  m_nodeportRuleIsSet = false;
+}
+
+K8sdispatcherJsonObject::K8sdispatcherJsonObject(const nlohmann::json &val) :
+  JsonObjectBase(val) {
+  m_nameIsSet = false;
+  m_portsIsSet = false;
+  m_internalSrcIpIsSet = false;
+  m_nodeportRangeIsSet = false;
+  m_sessionRuleIsSet = false;
+  m_nodeportRuleIsSet = false;
+
+
+  if (val.count("name")) {
+    setName(val.at("name").get<std::string>());
+  }
+
+  if (val.count("ports")) {
+    for (auto& item : val["ports"]) {
+      PortsJsonObject newItem{ item };
+      m_ports.push_back(newItem);
+    }
+
+    m_portsIsSet = true;
+  }
+
+  if (val.count("internal-src-ip")) {
+    setInternalSrcIp(val.at("internal-src-ip").get<std::string>());
+  }
+
+  if (val.count("nodeport-range")) {
+    setNodeportRange(val.at("nodeport-range").get<std::string>());
+  }
+
+  if (val.count("session-rule")) {
+    for (auto& item : val["session-rule"]) {
+      SessionRuleJsonObject newItem{ item };
+      m_sessionRule.push_back(newItem);
+    }
+
+    m_sessionRuleIsSet = true;
+  }
+
+  if (val.count("nodeport-rule")) {
+    for (auto& item : val["nodeport-rule"]) {
+      NodeportRuleJsonObject newItem{ item };
+      m_nodeportRule.push_back(newItem);
+    }
+
+    m_nodeportRuleIsSet = true;
+  }
+}
+
+nlohmann::json K8sdispatcherJsonObject::toJson() const {
+  nlohmann::json val = nlohmann::json::object();
+  if (!getBase().is_null()) {
+    val.update(getBase());
+  }
+
+  if (m_nameIsSet) {
+    val["name"] = m_name;
+  }
+
+  {
+    nlohmann::json jsonArray;
+    for (auto& item : m_ports) {
+      jsonArray.push_back(JsonObjectBase::toJson(item));
+    }
+
+    if (jsonArray.size() > 0) {
+      val["ports"] = jsonArray;
+    }
+  }
+
+  if (m_internalSrcIpIsSet) {
+    val["internal-src-ip"] = m_internalSrcIp;
+  }
+
+  if (m_nodeportRangeIsSet) {
+    val["nodeport-range"] = m_nodeportRange;
+  }
+
+  {
+    nlohmann::json jsonArray;
+    for (auto& item : m_sessionRule) {
+      jsonArray.push_back(JsonObjectBase::toJson(item));
+    }
+
+    if (jsonArray.size() > 0) {
+      val["session-rule"] = jsonArray;
+    }
+  }
+
+  {
+    nlohmann::json jsonArray;
+    for (auto& item : m_nodeportRule) {
+      jsonArray.push_back(JsonObjectBase::toJson(item));
+    }
+
+    if (jsonArray.size() > 0) {
+      val["nodeport-rule"] = jsonArray;
+    }
+  }
+
+  return val;
+}
+
+std::string K8sdispatcherJsonObject::getName() const {
+  return m_name;
+}
+
+void K8sdispatcherJsonObject::setName(std::string value) {
+  m_name = value;
+  m_nameIsSet = true;
+}
+
+bool K8sdispatcherJsonObject::nameIsSet() const {
+  return m_nameIsSet;
+}
+
+
+
+const std::vector<PortsJsonObject>& K8sdispatcherJsonObject::getPorts() const{
+  return m_ports;
+}
+
+void K8sdispatcherJsonObject::addPorts(PortsJsonObject value) {
+  m_ports.push_back(value);
+  m_portsIsSet = true;
+}
+
+
+bool K8sdispatcherJsonObject::portsIsSet() const {
+  return m_portsIsSet;
+}
+
+void K8sdispatcherJsonObject::unsetPorts() {
+  m_portsIsSet = false;
+}
+
+std::string K8sdispatcherJsonObject::getInternalSrcIp() const {
+  return m_internalSrcIp;
+}
+
+void K8sdispatcherJsonObject::setInternalSrcIp(std::string value) {
+  m_internalSrcIp = value;
+  m_internalSrcIpIsSet = true;
+}
+
+bool K8sdispatcherJsonObject::internalSrcIpIsSet() const {
+  return m_internalSrcIpIsSet;
+}
+
+
+
+std::string K8sdispatcherJsonObject::getNodeportRange() const {
+  return m_nodeportRange;
+}
+
+void K8sdispatcherJsonObject::setNodeportRange(std::string value) {
+  m_nodeportRange = value;
+  m_nodeportRangeIsSet = true;
+}
+
+bool K8sdispatcherJsonObject::nodeportRangeIsSet() const {
+  return m_nodeportRangeIsSet;
+}
+
+void K8sdispatcherJsonObject::unsetNodeportRange() {
+  m_nodeportRangeIsSet = false;
+}
+
+const std::vector<SessionRuleJsonObject>& K8sdispatcherJsonObject::getSessionRule() const{
+  return m_sessionRule;
+}
+
+void K8sdispatcherJsonObject::addSessionRule(SessionRuleJsonObject value) {
+  m_sessionRule.push_back(value);
+  m_sessionRuleIsSet = true;
+}
+
+
+bool K8sdispatcherJsonObject::sessionRuleIsSet() const {
+  return m_sessionRuleIsSet;
+}
+
+void K8sdispatcherJsonObject::unsetSessionRule() {
+  m_sessionRuleIsSet = false;
+}
+
+const std::vector<NodeportRuleJsonObject>& K8sdispatcherJsonObject::getNodeportRule() const{
+  return m_nodeportRule;
+}
+
+void K8sdispatcherJsonObject::addNodeportRule(NodeportRuleJsonObject value) {
+  m_nodeportRule.push_back(value);
+  m_nodeportRuleIsSet = true;
+}
+
+
+bool K8sdispatcherJsonObject::nodeportRuleIsSet() const {
+  return m_nodeportRuleIsSet;
+}
+
+void K8sdispatcherJsonObject::unsetNodeportRule() {
+  m_nodeportRuleIsSet = false;
+}
+
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.h b/src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.h
new file mode 100644
index 000000000..d0f80cef9
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/K8sdispatcherJsonObject.h
@@ -0,0 +1,108 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* K8sdispatcherJsonObject.h
+*
+*
+*/
+
+#pragma once
+
+
+#include "JsonObjectBase.h"
+
+#include "SessionRuleJsonObject.h"
+#include "NodeportRuleJsonObject.h"
+#include "PortsJsonObject.h"
+#include <vector>
+#include "polycube/services/cube.h"
+
+namespace polycube {
+namespace service {
+namespace model {
+
+
+/// <summary>
+///
+/// </summary>
+class  K8sdispatcherJsonObject : public JsonObjectBase {
+public:
+  K8sdispatcherJsonObject();
+  K8sdispatcherJsonObject(const nlohmann::json &json);
+  ~K8sdispatcherJsonObject() final = default;
+  nlohmann::json toJson() const final;
+
+
+  /// <summary>
+  /// Name of the k8sdispatcher service
+  /// </summary>
+  std::string getName() const;
+  void setName(std::string value);
+  bool nameIsSet() const;
+
+  /// <summary>
+  /// Entry of the ports table
+  /// </summary>
+  const std::vector<PortsJsonObject>& getPorts() const;
+  void addPorts(PortsJsonObject value);
+  bool portsIsSet() const;
+  void unsetPorts();
+
+  /// <summary>
+  /// Internal source IP address used for natting incoming packets directed to Kubernetes Services with a CLUSTER external traffic policy
+  /// </summary>
+  std::string getInternalSrcIp() const;
+  void setInternalSrcIp(std::string value);
+  bool internalSrcIpIsSet() const;
+
+  /// <summary>
+  /// Port range used for NodePort Services
+  /// </summary>
+  std::string getNodeportRange() const;
+  void setNodeportRange(std::string value);
+  bool nodeportRangeIsSet() const;
+  void unsetNodeportRange();
+
+  /// <summary>
+  /// Session entry related to a specific traffic direction
+  /// </summary>
+  const std::vector<SessionRuleJsonObject>& getSessionRule() const;
+  void addSessionRule(SessionRuleJsonObject value);
+  bool sessionRuleIsSet() const;
+  void unsetSessionRule();
+
+  /// <summary>
+  /// NodePort rule associated with a Kubernetes NodePort Service
+  /// </summary>
+  const std::vector<NodeportRuleJsonObject>& getNodeportRule() const;
+  void addNodeportRule(NodeportRuleJsonObject value);
+  bool nodeportRuleIsSet() const;
+  void unsetNodeportRule();
+
+private:
+  std::string m_name;
+  bool m_nameIsSet;
+  std::vector<PortsJsonObject> m_ports;
+  bool m_portsIsSet;
+  std::string m_internalSrcIp;
+  bool m_internalSrcIpIsSet;
+  std::string m_nodeportRange;
+  bool m_nodeportRangeIsSet;
+  std::vector<SessionRuleJsonObject> m_sessionRule;
+  bool m_sessionRuleIsSet;
+  std::vector<NodeportRuleJsonObject> m_nodeportRule;
+  bool m_nodeportRuleIsSet;
+};
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.cpp b/src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.cpp
new file mode 100644
index 000000000..43894f2dd
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.cpp
@@ -0,0 +1,186 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+
+#include "NodeportRuleJsonObject.h"
+#include <regex>
+
+namespace polycube {
+namespace service {
+namespace model {
+
+NodeportRuleJsonObject::NodeportRuleJsonObject() {
+  m_nodeportPortIsSet = false;
+  m_protoIsSet = false;
+  m_externalTrafficPolicy = NodeportRuleExternalTrafficPolicyEnum::CLUSTER;
+  m_externalTrafficPolicyIsSet = true;
+  m_ruleNameIsSet = false;
+}
+
+NodeportRuleJsonObject::NodeportRuleJsonObject(const nlohmann::json &val) :
+  JsonObjectBase(val) {
+  m_nodeportPortIsSet = false;
+  m_protoIsSet = false;
+  m_externalTrafficPolicyIsSet = false;
+  m_ruleNameIsSet = false;
+
+
+  if (val.count("nodeport-port")) {
+    setNodeportPort(val.at("nodeport-port").get<uint16_t>());
+  }
+
+  if (val.count("proto")) {
+    setProto(string_to_L4ProtoEnum(val.at("proto").get<std::string>()));
+  }
+
+  if (val.count("external-traffic-policy")) {
+    setExternalTrafficPolicy(string_to_NodeportRuleExternalTrafficPolicyEnum(val.at("external-traffic-policy").get<std::string>()));
+  }
+
+  if (val.count("rule-name")) {
+    setRuleName(val.at("rule-name").get<std::string>());
+  }
+}
+
+nlohmann::json NodeportRuleJsonObject::toJson() const {
+  nlohmann::json val = nlohmann::json::object();
+  if (!getBase().is_null()) {
+    val.update(getBase());
+  }
+
+  if (m_nodeportPortIsSet) {
+    val["nodeport-port"] = m_nodeportPort;
+  }
+
+  if (m_protoIsSet) {
+    val["proto"] = L4ProtoEnum_to_string(m_proto);
+  }
+
+  if (m_externalTrafficPolicyIsSet) {
+    val["external-traffic-policy"] = NodeportRuleExternalTrafficPolicyEnum_to_string(m_externalTrafficPolicy);
+  }
+
+  if (m_ruleNameIsSet) {
+    val["rule-name"] = m_ruleName;
+  }
+
+  return val;
+}
+
+uint16_t NodeportRuleJsonObject::getNodeportPort() const {
+  return m_nodeportPort;
+}
+
+void NodeportRuleJsonObject::setNodeportPort(uint16_t value) {
+  m_nodeportPort = value;
+  m_nodeportPortIsSet = true;
+}
+
+bool NodeportRuleJsonObject::nodeportPortIsSet() const {
+  return m_nodeportPortIsSet;
+}
+
+
+
+L4ProtoEnum NodeportRuleJsonObject::getProto() const {
+  return m_proto;
+}
+
+void NodeportRuleJsonObject::setProto(L4ProtoEnum value) {
+  m_proto = value;
+  m_protoIsSet = true;
+}
+
+bool NodeportRuleJsonObject::protoIsSet() const {
+  return m_protoIsSet;
+}
+
+
+
+std::string NodeportRuleJsonObject::L4ProtoEnum_to_string(const L4ProtoEnum &value){
+  switch(value) {
+    case L4ProtoEnum::TCP:
+      return std::string("tcp");
+    case L4ProtoEnum::UDP:
+      return std::string("udp");
+    case L4ProtoEnum::ICMP:
+      return std::string("icmp");
+    default:
+      throw std::runtime_error("Bad NodeportRule proto");
+  }
+}
+
+L4ProtoEnum NodeportRuleJsonObject::string_to_L4ProtoEnum(const std::string &str){
+  if (JsonObjectBase::iequals("tcp", str))
+    return L4ProtoEnum::TCP;
+  if (JsonObjectBase::iequals("udp", str))
+    return L4ProtoEnum::UDP;
+  if (JsonObjectBase::iequals("icmp", str))
+    return L4ProtoEnum::ICMP;
+  throw std::runtime_error("NodeportRule proto is invalid");
+}
+NodeportRuleExternalTrafficPolicyEnum NodeportRuleJsonObject::getExternalTrafficPolicy() const {
+  return m_externalTrafficPolicy;
+}
+
+void NodeportRuleJsonObject::setExternalTrafficPolicy(NodeportRuleExternalTrafficPolicyEnum value) {
+  m_externalTrafficPolicy = value;
+  m_externalTrafficPolicyIsSet = true;
+}
+
+bool NodeportRuleJsonObject::externalTrafficPolicyIsSet() const {
+  return m_externalTrafficPolicyIsSet;
+}
+
+void NodeportRuleJsonObject::unsetExternalTrafficPolicy() {
+  m_externalTrafficPolicyIsSet = false;
+}
+
+std::string NodeportRuleJsonObject::NodeportRuleExternalTrafficPolicyEnum_to_string(const NodeportRuleExternalTrafficPolicyEnum &value){
+  switch(value) {
+    case NodeportRuleExternalTrafficPolicyEnum::LOCAL:
+      return std::string("local");
+    case NodeportRuleExternalTrafficPolicyEnum::CLUSTER:
+      return std::string("cluster");
+    default:
+      throw std::runtime_error("Bad NodeportRule externalTrafficPolicy");
+  }
+}
+
+NodeportRuleExternalTrafficPolicyEnum NodeportRuleJsonObject::string_to_NodeportRuleExternalTrafficPolicyEnum(const std::string &str){
+  if (JsonObjectBase::iequals("local", str))
+    return NodeportRuleExternalTrafficPolicyEnum::LOCAL;
+  if (JsonObjectBase::iequals("cluster", str))
+    return NodeportRuleExternalTrafficPolicyEnum::CLUSTER;
+  throw std::runtime_error("NodeportRule externalTrafficPolicy is invalid");
+}
+std::string NodeportRuleJsonObject::getRuleName() const {
+  return m_ruleName;
+}
+
+void NodeportRuleJsonObject::setRuleName(std::string value) {
+  m_ruleName = value;
+  m_ruleNameIsSet = true;
+}
+
+bool NodeportRuleJsonObject::ruleNameIsSet() const {
+  return m_ruleNameIsSet;
+}
+
+void NodeportRuleJsonObject::unsetRuleName() {
+  m_ruleNameIsSet = false;
+}
+
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.h b/src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.h
new file mode 100644
index 000000000..9f3838c2d
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/NodeportRuleJsonObject.h
@@ -0,0 +1,96 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* NodeportRuleJsonObject.h
+*
+*
+*/
+
+#pragma once
+
+
+#include "JsonObjectBase.h"
+
+
+namespace polycube {
+namespace service {
+namespace model {
+
+#ifndef L4PROTOENUM
+#define L4PROTOENUM
+enum class L4ProtoEnum {
+  TCP, UDP, ICMP
+};
+#endif
+enum class NodeportRuleExternalTrafficPolicyEnum {
+  LOCAL, CLUSTER
+};
+
+/// <summary>
+///
+/// </summary>
+class  NodeportRuleJsonObject : public JsonObjectBase {
+public:
+  NodeportRuleJsonObject();
+  NodeportRuleJsonObject(const nlohmann::json &json);
+  ~NodeportRuleJsonObject() final = default;
+  nlohmann::json toJson() const final;
+
+
+  /// <summary>
+  /// NodePort rule nodeport port number
+  /// </summary>
+  uint16_t getNodeportPort() const;
+  void setNodeportPort(uint16_t value);
+  bool nodeportPortIsSet() const;
+
+  /// <summary>
+  /// NodePort rule L4 protocol
+  /// </summary>
+  L4ProtoEnum getProto() const;
+  void setProto(L4ProtoEnum value);
+  bool protoIsSet() const;
+  static std::string L4ProtoEnum_to_string(const L4ProtoEnum &value);
+  static L4ProtoEnum string_to_L4ProtoEnum(const std::string &str);
+
+  /// <summary>
+  /// The external traffic policy of the Kubernetes NodePort Service
+  /// </summary>
+  NodeportRuleExternalTrafficPolicyEnum getExternalTrafficPolicy() const;
+  void setExternalTrafficPolicy(NodeportRuleExternalTrafficPolicyEnum value);
+  bool externalTrafficPolicyIsSet() const;
+  void unsetExternalTrafficPolicy();
+  static std::string NodeportRuleExternalTrafficPolicyEnum_to_string(const NodeportRuleExternalTrafficPolicyEnum &value);
+  static NodeportRuleExternalTrafficPolicyEnum string_to_NodeportRuleExternalTrafficPolicyEnum(const std::string &str);
+
+  /// <summary>
+  /// An optional name for the NodePort rule
+  /// </summary>
+  std::string getRuleName() const;
+  void setRuleName(std::string value);
+  bool ruleNameIsSet() const;
+  void unsetRuleName();
+
+private:
+  uint16_t m_nodeportPort;
+  bool m_nodeportPortIsSet;
+  L4ProtoEnum m_proto;
+  bool m_protoIsSet;
+  NodeportRuleExternalTrafficPolicyEnum m_externalTrafficPolicy;
+  bool m_externalTrafficPolicyIsSet;
+  std::string m_ruleName;
+  bool m_ruleNameIsSet;
+};
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.cpp b/src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.cpp
new file mode 100644
index 000000000..e9bd6a543
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.cpp
@@ -0,0 +1,136 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+
+#include "PortsJsonObject.h"
+#include <regex>
+
+namespace polycube {
+namespace service {
+namespace model {
+
+PortsJsonObject::PortsJsonObject() {
+  m_nameIsSet = false;
+  m_typeIsSet = false;
+  m_ipIsSet = false;
+}
+
+PortsJsonObject::PortsJsonObject(const nlohmann::json &val) :
+  JsonObjectBase(val) {
+  m_nameIsSet = false;
+  m_typeIsSet = false;
+  m_ipIsSet = false;
+
+
+  if (val.count("name")) {
+    setName(val.at("name").get<std::string>());
+  }
+
+  if (val.count("type")) {
+    setType(string_to_PortsTypeEnum(val.at("type").get<std::string>()));
+  }
+
+  if (val.count("ip")) {
+    setIp(val.at("ip").get<std::string>());
+  }
+}
+
+nlohmann::json PortsJsonObject::toJson() const {
+  nlohmann::json val = nlohmann::json::object();
+  if (!getBase().is_null()) {
+    val.update(getBase());
+  }
+
+  if (m_nameIsSet) {
+    val["name"] = m_name;
+  }
+
+  if (m_typeIsSet) {
+    val["type"] = PortsTypeEnum_to_string(m_type);
+  }
+
+  if (m_ipIsSet) {
+    val["ip"] = m_ip;
+  }
+
+  return val;
+}
+
+std::string PortsJsonObject::getName() const {
+  return m_name;
+}
+
+void PortsJsonObject::setName(std::string value) {
+  m_name = value;
+  m_nameIsSet = true;
+}
+
+bool PortsJsonObject::nameIsSet() const {
+  return m_nameIsSet;
+}
+
+
+
+PortsTypeEnum PortsJsonObject::getType() const {
+  return m_type;
+}
+
+void PortsJsonObject::setType(PortsTypeEnum value) {
+  m_type = value;
+  m_typeIsSet = true;
+}
+
+bool PortsJsonObject::typeIsSet() const {
+  return m_typeIsSet;
+}
+
+
+
+std::string PortsJsonObject::PortsTypeEnum_to_string(const PortsTypeEnum &value){
+  switch(value) {
+    case PortsTypeEnum::BACKEND:
+      return std::string("backend");
+    case PortsTypeEnum::FRONTEND:
+      return std::string("frontend");
+    default:
+      throw std::runtime_error("Bad Ports type");
+  }
+}
+
+PortsTypeEnum PortsJsonObject::string_to_PortsTypeEnum(const std::string &str){
+  if (JsonObjectBase::iequals("backend", str))
+    return PortsTypeEnum::BACKEND;
+  if (JsonObjectBase::iequals("frontend", str))
+    return PortsTypeEnum::FRONTEND;
+  throw std::runtime_error("Ports type is invalid");
+}
+std::string PortsJsonObject::getIp() const {
+  return m_ip;
+}
+
+void PortsJsonObject::setIp(std::string value) {
+  m_ip = value;
+  m_ipIsSet = true;
+}
+
+bool PortsJsonObject::ipIsSet() const {
+  return m_ipIsSet;
+}
+
+void PortsJsonObject::unsetIp() {
+  m_ipIsSet = false;
+}
+
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.h b/src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.h
new file mode 100644
index 000000000..f15b2aab1
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/PortsJsonObject.h
@@ -0,0 +1,79 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* PortsJsonObject.h
+*
+*
+*/
+
+#pragma once
+
+
+#include "JsonObjectBase.h"
+
+#include <vector>
+
+namespace polycube {
+namespace service {
+namespace model {
+
+enum class PortsTypeEnum {
+  BACKEND, FRONTEND
+};
+
+/// <summary>
+///
+/// </summary>
+class  PortsJsonObject : public JsonObjectBase {
+public:
+  PortsJsonObject();
+  PortsJsonObject(const nlohmann::json &json);
+  ~PortsJsonObject() final = default;
+  nlohmann::json toJson() const final;
+
+
+  /// <summary>
+  /// Port Name
+  /// </summary>
+  std::string getName() const;
+  void setName(std::string value);
+  bool nameIsSet() const;
+
+  /// <summary>
+  /// Type of the K8s Dispatcher cube port (e.g. BACKEND or FRONTEND)
+  /// </summary>
+  PortsTypeEnum getType() const;
+  void setType(PortsTypeEnum value);
+  bool typeIsSet() const;
+  static std::string PortsTypeEnum_to_string(const PortsTypeEnum &value);
+  static PortsTypeEnum string_to_PortsTypeEnum(const std::string &str);
+
+  /// <summary>
+  /// IP address of the node interface (only for FRONTEND port)
+  /// </summary>
+  std::string getIp() const;
+  void setIp(std::string value);
+  bool ipIsSet() const;
+  void unsetIp();
+
+private:
+  std::string m_name;
+  bool m_nameIsSet;
+  PortsTypeEnum m_type;
+  bool m_typeIsSet;
+  std::string m_ip;
+  bool m_ipIsSet;
+};
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.cpp b/src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.cpp
new file mode 100644
index 000000000..225afbc0c
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.cpp
@@ -0,0 +1,375 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+
+
+#include "SessionRuleJsonObject.h"
+#include <regex>
+
+namespace polycube {
+namespace service {
+namespace model {
+
+SessionRuleJsonObject::SessionRuleJsonObject() {
+  m_directionIsSet = false;
+  m_srcIpIsSet = false;
+  m_dstIpIsSet = false;
+  m_srcPortIsSet = false;
+  m_dstPortIsSet = false;
+  m_protoIsSet = false;
+  m_newIpIsSet = false;
+  m_newPortIsSet = false;
+  m_operationIsSet = false;
+  m_originatingRuleIsSet = false;
+}
+
+SessionRuleJsonObject::SessionRuleJsonObject(const nlohmann::json &val) :
+  JsonObjectBase(val) {
+  m_directionIsSet = false;
+  m_srcIpIsSet = false;
+  m_dstIpIsSet = false;
+  m_srcPortIsSet = false;
+  m_dstPortIsSet = false;
+  m_protoIsSet = false;
+  m_newIpIsSet = false;
+  m_newPortIsSet = false;
+  m_operationIsSet = false;
+  m_originatingRuleIsSet = false;
+
+
+  if (val.count("direction")) {
+    setDirection(string_to_SessionRuleDirectionEnum(val.at("direction").get<std::string>()));
+  }
+
+  if (val.count("src-ip")) {
+    setSrcIp(val.at("src-ip").get<std::string>());
+  }
+
+  if (val.count("dst-ip")) {
+    setDstIp(val.at("dst-ip").get<std::string>());
+  }
+
+  if (val.count("src-port")) {
+    setSrcPort(val.at("src-port").get<uint16_t>());
+  }
+
+  if (val.count("dst-port")) {
+    setDstPort(val.at("dst-port").get<uint16_t>());
+  }
+
+  if (val.count("proto")) {
+    setProto(string_to_L4ProtoEnum(val.at("proto").get<std::string>()));
+  }
+
+  if (val.count("new-ip")) {
+    setNewIp(val.at("new-ip").get<std::string>());
+  }
+
+  if (val.count("new-port")) {
+    setNewPort(val.at("new-port").get<uint16_t>());
+  }
+
+  if (val.count("operation")) {
+    setOperation(string_to_SessionRuleOperationEnum(val.at("operation").get<std::string>()));
+  }
+
+  if (val.count("originating-rule")) {
+    setOriginatingRule(string_to_SessionRuleOriginatingRuleEnum(val.at("originating-rule").get<std::string>()));
+  }
+}
+
+nlohmann::json SessionRuleJsonObject::toJson() const {
+  nlohmann::json val = nlohmann::json::object();
+  if (!getBase().is_null()) {
+    val.update(getBase());
+  }
+
+  if (m_directionIsSet) {
+    val["direction"] = SessionRuleDirectionEnum_to_string(m_direction);
+  }
+
+  if (m_srcIpIsSet) {
+    val["src-ip"] = m_srcIp;
+  }
+
+  if (m_dstIpIsSet) {
+    val["dst-ip"] = m_dstIp;
+  }
+
+  if (m_srcPortIsSet) {
+    val["src-port"] = m_srcPort;
+  }
+
+  if (m_dstPortIsSet) {
+    val["dst-port"] = m_dstPort;
+  }
+
+  if (m_protoIsSet) {
+    val["proto"] = L4ProtoEnum_to_string(m_proto);
+  }
+
+  if (m_newIpIsSet) {
+    val["new-ip"] = m_newIp;
+  }
+
+  if (m_newPortIsSet) {
+    val["new-port"] = m_newPort;
+  }
+
+  if (m_operationIsSet) {
+    val["operation"] = SessionRuleOperationEnum_to_string(m_operation);
+  }
+
+  if (m_originatingRuleIsSet) {
+    val["originating-rule"] = SessionRuleOriginatingRuleEnum_to_string(m_originatingRule);
+  }
+
+  return val;
+}
+
+SessionRuleDirectionEnum SessionRuleJsonObject::getDirection() const {
+  return m_direction;
+}
+
+void SessionRuleJsonObject::setDirection(SessionRuleDirectionEnum value) {
+  m_direction = value;
+  m_directionIsSet = true;
+}
+
+bool SessionRuleJsonObject::directionIsSet() const {
+  return m_directionIsSet;
+}
+
+
+
+std::string SessionRuleJsonObject::SessionRuleDirectionEnum_to_string(const SessionRuleDirectionEnum &value){
+  switch(value) {
+    case SessionRuleDirectionEnum::INGRESS:
+      return std::string("ingress");
+    case SessionRuleDirectionEnum::EGRESS:
+      return std::string("egress");
+    default:
+      throw std::runtime_error("Bad SessionRule direction");
+  }
+}
+
+SessionRuleDirectionEnum SessionRuleJsonObject::string_to_SessionRuleDirectionEnum(const std::string &str){
+  if (JsonObjectBase::iequals("ingress", str))
+    return SessionRuleDirectionEnum::INGRESS;
+  if (JsonObjectBase::iequals("egress", str))
+    return SessionRuleDirectionEnum::EGRESS;
+  throw std::runtime_error("SessionRule direction is invalid");
+}
+std::string SessionRuleJsonObject::getSrcIp() const {
+  return m_srcIp;
+}
+
+void SessionRuleJsonObject::setSrcIp(std::string value) {
+  m_srcIp = value;
+  m_srcIpIsSet = true;
+}
+
+bool SessionRuleJsonObject::srcIpIsSet() const {
+  return m_srcIpIsSet;
+}
+
+
+
+std::string SessionRuleJsonObject::getDstIp() const {
+  return m_dstIp;
+}
+
+void SessionRuleJsonObject::setDstIp(std::string value) {
+  m_dstIp = value;
+  m_dstIpIsSet = true;
+}
+
+bool SessionRuleJsonObject::dstIpIsSet() const {
+  return m_dstIpIsSet;
+}
+
+
+
+uint16_t SessionRuleJsonObject::getSrcPort() const {
+  return m_srcPort;
+}
+
+void SessionRuleJsonObject::setSrcPort(uint16_t value) {
+  m_srcPort = value;
+  m_srcPortIsSet = true;
+}
+
+bool SessionRuleJsonObject::srcPortIsSet() const {
+  return m_srcPortIsSet;
+}
+
+
+
+uint16_t SessionRuleJsonObject::getDstPort() const {
+  return m_dstPort;
+}
+
+void SessionRuleJsonObject::setDstPort(uint16_t value) {
+  m_dstPort = value;
+  m_dstPortIsSet = true;
+}
+
+bool SessionRuleJsonObject::dstPortIsSet() const {
+  return m_dstPortIsSet;
+}
+
+
+
+L4ProtoEnum SessionRuleJsonObject::getProto() const {
+  return m_proto;
+}
+
+void SessionRuleJsonObject::setProto(L4ProtoEnum value) {
+  m_proto = value;
+  m_protoIsSet = true;
+}
+
+bool SessionRuleJsonObject::protoIsSet() const {
+  return m_protoIsSet;
+}
+
+
+
+std::string SessionRuleJsonObject::L4ProtoEnum_to_string(const L4ProtoEnum &value){
+  switch(value) {
+    case L4ProtoEnum::TCP:
+      return std::string("tcp");
+    case L4ProtoEnum::UDP:
+      return std::string("udp");
+    case L4ProtoEnum::ICMP:
+      return std::string("icmp");
+    default:
+      throw std::runtime_error("Bad SessionRule proto");
+  }
+}
+
+L4ProtoEnum SessionRuleJsonObject::string_to_L4ProtoEnum(const std::string &str){
+  if (JsonObjectBase::iequals("tcp", str))
+    return L4ProtoEnum::TCP;
+  if (JsonObjectBase::iequals("udp", str))
+    return L4ProtoEnum::UDP;
+  if (JsonObjectBase::iequals("icmp", str))
+    return L4ProtoEnum::ICMP;
+  throw std::runtime_error("SessionRule proto is invalid");
+}
+std::string SessionRuleJsonObject::getNewIp() const {
+  return m_newIp;
+}
+
+void SessionRuleJsonObject::setNewIp(std::string value) {
+  m_newIp = value;
+  m_newIpIsSet = true;
+}
+
+bool SessionRuleJsonObject::newIpIsSet() const {
+  return m_newIpIsSet;
+}
+
+void SessionRuleJsonObject::unsetNewIp() {
+  m_newIpIsSet = false;
+}
+
+uint16_t SessionRuleJsonObject::getNewPort() const {
+  return m_newPort;
+}
+
+void SessionRuleJsonObject::setNewPort(uint16_t value) {
+  m_newPort = value;
+  m_newPortIsSet = true;
+}
+
+bool SessionRuleJsonObject::newPortIsSet() const {
+  return m_newPortIsSet;
+}
+
+void SessionRuleJsonObject::unsetNewPort() {
+  m_newPortIsSet = false;
+}
+
+SessionRuleOperationEnum SessionRuleJsonObject::getOperation() const {
+  return m_operation;
+}
+
+void SessionRuleJsonObject::setOperation(SessionRuleOperationEnum value) {
+  m_operation = value;
+  m_operationIsSet = true;
+}
+
+bool SessionRuleJsonObject::operationIsSet() const {
+  return m_operationIsSet;
+}
+
+void SessionRuleJsonObject::unsetOperation() {
+  m_operationIsSet = false;
+}
+
+std::string SessionRuleJsonObject::SessionRuleOperationEnum_to_string(const SessionRuleOperationEnum &value){
+  switch(value) {
+    case SessionRuleOperationEnum::XLATE_SRC:
+      return std::string("xlate_src");
+    case SessionRuleOperationEnum::XLATE_DST:
+      return std::string("xlate_dst");
+    default:
+      throw std::runtime_error("Bad SessionRule operation");
+  }
+}
+
+SessionRuleOperationEnum SessionRuleJsonObject::string_to_SessionRuleOperationEnum(const std::string &str){
+  if (JsonObjectBase::iequals("xlate_src", str))
+    return SessionRuleOperationEnum::XLATE_SRC;
+  if (JsonObjectBase::iequals("xlate_dst", str))
+    return SessionRuleOperationEnum::XLATE_DST;
+  throw std::runtime_error("SessionRule operation is invalid");
+}
+SessionRuleOriginatingRuleEnum SessionRuleJsonObject::getOriginatingRule() const {
+  return m_originatingRule;
+}
+
+void SessionRuleJsonObject::setOriginatingRule(SessionRuleOriginatingRuleEnum value) {
+  m_originatingRule = value;
+  m_originatingRuleIsSet = true;
+}
+
+bool SessionRuleJsonObject::originatingRuleIsSet() const {
+  return m_originatingRuleIsSet;
+}
+
+void SessionRuleJsonObject::unsetOriginatingRule() {
+  m_originatingRuleIsSet = false;
+}
+
+std::string SessionRuleJsonObject::SessionRuleOriginatingRuleEnum_to_string(const SessionRuleOriginatingRuleEnum &value){
+  switch(value) {
+    case SessionRuleOriginatingRuleEnum::POD_TO_EXT:
+      return std::string("pod_to_ext");
+    case SessionRuleOriginatingRuleEnum::NODEPORT_CLUSTER:
+      return std::string("nodeport_cluster");
+    default:
+      throw std::runtime_error("Bad SessionRule originatingRule");
+  }
+}
+
+SessionRuleOriginatingRuleEnum SessionRuleJsonObject::string_to_SessionRuleOriginatingRuleEnum(const std::string &str){
+  if (JsonObjectBase::iequals("pod_to_ext", str))
+    return SessionRuleOriginatingRuleEnum::POD_TO_EXT;
+  if (JsonObjectBase::iequals("nodeport_cluster", str))
+    return SessionRuleOriginatingRuleEnum::NODEPORT_CLUSTER;
+  throw std::runtime_error("SessionRule originatingRule is invalid");
+}
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.h b/src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.h
new file mode 100644
index 000000000..3452f2591
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/src/serializer/SessionRuleJsonObject.h
@@ -0,0 +1,162 @@
+/**
+* k8sdispatcher API generated from k8sdispatcher.yang
+*
+* NOTE: This file is auto generated by polycube-codegen
+* https://github.com/polycube-network/polycube-codegen
+*/
+
+
+/* Do not edit this file manually */
+
+/*
+* SessionRuleJsonObject.h
+*
+*
+*/
+
+#pragma once
+
+
+#include "JsonObjectBase.h"
+
+
+namespace polycube {
+namespace service {
+namespace model {
+
+enum class SessionRuleDirectionEnum {
+  INGRESS, EGRESS
+};
+#ifndef L4PROTOENUM
+#define L4PROTOENUM
+enum class L4ProtoEnum {
+  TCP, UDP, ICMP
+};
+#endif
+enum class SessionRuleOperationEnum {
+  XLATE_SRC, XLATE_DST
+};
+enum class SessionRuleOriginatingRuleEnum {
+  POD_TO_EXT, NODEPORT_CLUSTER
+};
+
+/// <summary>
+///
+/// </summary>
+class  SessionRuleJsonObject : public JsonObjectBase {
+public:
+  SessionRuleJsonObject();
+  SessionRuleJsonObject(const nlohmann::json &json);
+  ~SessionRuleJsonObject() final = default;
+  nlohmann::json toJson() const final;
+
+
+  /// <summary>
+  /// Session entry direction (e.g. INGRESS or EGRESS)
+  /// </summary>
+  SessionRuleDirectionEnum getDirection() const;
+  void setDirection(SessionRuleDirectionEnum value);
+  bool directionIsSet() const;
+  static std::string SessionRuleDirectionEnum_to_string(const SessionRuleDirectionEnum &value);
+  static SessionRuleDirectionEnum string_to_SessionRuleDirectionEnum(const std::string &str);
+
+  /// <summary>
+  /// Session entry source IP address
+  /// </summary>
+  std::string getSrcIp() const;
+  void setSrcIp(std::string value);
+  bool srcIpIsSet() const;
+
+  /// <summary>
+  /// Session entry destination IP address
+  /// </summary>
+  std::string getDstIp() const;
+  void setDstIp(std::string value);
+  bool dstIpIsSet() const;
+
+  /// <summary>
+  /// Session entry source L4 port number
+  /// </summary>
+  uint16_t getSrcPort() const;
+  void setSrcPort(uint16_t value);
+  bool srcPortIsSet() const;
+
+  /// <summary>
+  /// Session entry destination L4 port number
+  /// </summary>
+  uint16_t getDstPort() const;
+  void setDstPort(uint16_t value);
+  bool dstPortIsSet() const;
+
+  /// <summary>
+  /// Session entry L4 protocol
+  /// </summary>
+  L4ProtoEnum getProto() const;
+  void setProto(L4ProtoEnum value);
+  bool protoIsSet() const;
+  static std::string L4ProtoEnum_to_string(const L4ProtoEnum &value);
+  static L4ProtoEnum string_to_L4ProtoEnum(const std::string &str);
+
+  /// <summary>
+  /// Translated IP address
+  /// </summary>
+  std::string getNewIp() const;
+  void setNewIp(std::string value);
+  bool newIpIsSet() const;
+  void unsetNewIp();
+
+  /// <summary>
+  /// Translated L4 port number
+  /// </summary>
+  uint16_t getNewPort() const;
+  void setNewPort(uint16_t value);
+  bool newPortIsSet() const;
+  void unsetNewPort();
+
+  /// <summary>
+  /// Operation applied on the original packet
+  /// </summary>
+  SessionRuleOperationEnum getOperation() const;
+  void setOperation(SessionRuleOperationEnum value);
+  bool operationIsSet() const;
+  void unsetOperation();
+  static std::string SessionRuleOperationEnum_to_string(const SessionRuleOperationEnum &value);
+  static SessionRuleOperationEnum string_to_SessionRuleOperationEnum(const std::string &str);
+
+  /// <summary>
+  /// Rule originating the session entry
+  /// </summary>
+  SessionRuleOriginatingRuleEnum getOriginatingRule() const;
+  void setOriginatingRule(SessionRuleOriginatingRuleEnum value);
+  bool originatingRuleIsSet() const;
+  void unsetOriginatingRule();
+  static std::string SessionRuleOriginatingRuleEnum_to_string(const SessionRuleOriginatingRuleEnum &value);
+  static SessionRuleOriginatingRuleEnum string_to_SessionRuleOriginatingRuleEnum(const std::string &str);
+
+private:
+  SessionRuleDirectionEnum m_direction;
+  bool m_directionIsSet;
+  std::string m_srcIp;
+  bool m_srcIpIsSet;
+  std::string m_dstIp;
+  bool m_dstIpIsSet;
+  uint16_t m_srcPort;
+  bool m_srcPortIsSet;
+  uint16_t m_dstPort;
+  bool m_dstPortIsSet;
+  L4ProtoEnum m_proto;
+  bool m_protoIsSet;
+  std::string m_newIp;
+  bool m_newIpIsSet;
+  uint16_t m_newPort;
+  bool m_newPortIsSet;
+  SessionRuleOperationEnum m_operation;
+  bool m_operationIsSet;
+  SessionRuleOriginatingRuleEnum m_originatingRule;
+  bool m_originatingRuleIsSet;
+};
+
+}
+}
+}
+
diff --git a/src/services/pcn-k8sdispatcher/test/test.sh b/src/services/pcn-k8sdispatcher/test/test.sh
new file mode 100755
index 000000000..be221f807
--- /dev/null
+++ b/src/services/pcn-k8sdispatcher/test/test.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+function cleanup {
+  set +e
+  polycubectl k8sdispatcher del k0
+}
+trap cleanup EXIT
+
+set -x
+set -e
+
+polycubectl k8sdispatcher add k0 internal-src-ip=3.3.1.1 loglevel=TRACE
+polycubectl k0 show
+polycubectl k0 ports show
+polycubectl k0 nodeport-rule show
+polycubectl k0 session-rule show
+polycubectl k0 ports add to_frontend type=FRONTEND ip=10.10.10.10
+polycubectl k0 show ports to_frontend
+polycubectl k0 ports add to_backend type=BACKEND
+polycubectl k0 show ports to_backend
+polycubectl k0 nodeport-rule add 32000 TCP external-traffic-policy=LOCAL rule-name=my-rule
+polycubectl k0 show nodeport-rule 32000 TCP
+polycubectl k0 set nodeport-range=32000-32500
+polycubectl k0 show nodeport-range