2 files changed, 10 insertions, 7 deletions

diff --git a/main/iptables/APKBUILD b/main/iptables/APKBUILD
index 0d6f174c254..138d3277acb 100644
--- a/main/iptables/APKBUILD
+++ b/main/iptables/APKBUILD
@@ -54,15 +54,14 @@ build() {
 package() {
 	make install DESTDIR="$pkgdir"
 
-	mkdir -p "$pkgdir"/usr/include/libiptc \
-		"$pkgdir"/usr/lib \
+	mkdir -p "$pkgdir"/usr/lib \
 		"$pkgdir"/var/lib/iptables \
 		"$pkgdir"/var/lib/ip6tables \
 		"$pkgdir"/etc/iptables
 
-	install -m644 include/iptables.h include/ip6tables.h \
-		"$pkgdir"/usr/include/
-	install include/libiptc/*.h "$pkgdir"/usr/include/libiptc/
+	install -Dm644 include/iptables.h include/ip6tables.h \
+		-t "$pkgdir"/usr/include/
+	install -Dm644 include/libiptc/*.h -t "$pkgdir"/usr/include/libiptc/
 
 	install -D -m755 "$srcdir"/iptables.initd "$pkgdir"/etc/init.d/iptables
 	install -D -m644 "$srcdir"/iptables.confd "$pkgdir"/etc/conf.d/iptables
diff --git a/main/iptables/iptables.post-upgrade b/main/iptables/iptables.post-upgrade
index 334cc385d1e..89c13667d00 100644
--- a/main/iptables/iptables.post-upgrade
+++ b/main/iptables/iptables.post-upgrade
@@ -8,10 +8,14 @@ if [ "$(apk version -t "$ver_old" '1.8.9-r4')" = '<' ]; then
 	* the "iptables" commands now point to xtables-nft-multi
 	* instead of xtables-legacy-multi. this means that by default,
 	* the kernel nftables backend is used instead of the iptables one.
-	* because mixing backends is not supported, you should reboot your system.
 	* 
 	* note that to keep working with your current loaded ruleset (if you want to
-	* make changes before rebooting), you have to install iptables-legacy.
+	* make changes before rebooting, or save your rules), you have to install
+	* iptables-legacy. to save the rules, use iptables-legacy-save/ip6tables-legacy-save
+	* from that package (to where the rules are normally saved, IPTABLES_SAVE from
+	* /etc/conf.d/iptables / /etc/conf.d/ip6tables)
+	*
+	* because mixing backends is not supported, you should reboot your system.
 	*
 	EOF
 fi