diff --git a/README.md b/README.md
index 8df37ca..6e6c127 100644
--- a/README.md
+++ b/README.md
@@ -23,7 +23,7 @@ edit the .gitattributes file accordingly:
 
 ```txt
 neovim/*.conf gitlab-language=vim
-spacemacs/*.conf gitlab-language=elisp
+emacs/*.conf gitlab-language=elisp
 ```
 
 ## Support
diff --git a/iptables/iptables-http-full-f2b.fw b/iptables/iptables-http-full-f2b.fw
new file mode 100644
index 0000000..45db85a
--- /dev/null
+++ b/iptables/iptables-http-full-f2b.fw
@@ -0,0 +1,22 @@
+*filter
+:INPUT DROP [4414218:211789180]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [17973:1146056]
+:f2b-sshd - [0:0]
+-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
+-A INPUT -i lo -j ACCEPT
+-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -m conntrack --ctstate INVALID -j DROP
+-A INPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 80 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 587 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
+-A OUTPUT -o lo -j ACCEPT
+-A OUTPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A OUTPUT -p tcp -m tcp --sport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A OUTPUT -p tcp -m tcp --sport 80 -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A OUTPUT -p tcp -m tcp --sport 443 -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A OUTPUT -p tcp -m tcp --dport 25 -j REJECT --reject-with icmp-port-unreachable
+-A OUTPUT -p tcp -m tcp --sport 587 -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A f2b-sshd -j RETURN
+COMMIT
diff --git a/iptables/iptables-http-full.fw b/iptables/iptables-http-full.fw
new file mode 100644
index 0000000..6b2a30b
--- /dev/null
+++ b/iptables/iptables-http-full.fw
@@ -0,0 +1,20 @@
+*filter
+:INPUT DROP [4414218:211789180]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [17973:1146056]
+-A INPUT -i lo -j ACCEPT
+-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -m conntrack --ctstate INVALID -j DROP
+-A INPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 80 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 587 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
+-A OUTPUT -o lo -j ACCEPT
+-A OUTPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A OUTPUT -p tcp -m tcp --sport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A OUTPUT -p tcp -m tcp --sport 80 -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A OUTPUT -p tcp -m tcp --sport 443 -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A OUTPUT -p tcp -m tcp --dport 25 -j REJECT --reject-with icmp-port-unreachable
+-A OUTPUT -p tcp -m tcp --sport 587 -m conntrack --ctstate ESTABLISHED -j ACCEPT
+COMMIT
+
diff --git a/iptables/iptables-ssh-only.fw b/iptables/iptables-ssh-only.fw
new file mode 100644
index 0000000..42ec8dc
--- /dev/null
+++ b/iptables/iptables-ssh-only.fw
@@ -0,0 +1,14 @@
+*filter
+:INPUT DROP [4414218:211789180]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [17973:1146056]
+-A INPUT -i lo -j ACCEPT
+-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -m conntrack --ctstate INVALID -j DROP
+-A INPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
+-A OUTPUT -o lo -j ACCEPT
+-A OUTPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A OUTPUT -p tcp -m tcp --sport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A OUTPUT -p tcp -m tcp --dport 25 -j REJECT --reject-with icmp-port-unreachable
+COMMIT
+
diff --git a/iptables/iptables.md b/iptables/iptables.md
new file mode 100644
index 0000000..85a508f
--- /dev/null
+++ b/iptables/iptables.md
@@ -0,0 +1,16 @@
+# Configurations
+All configurations includes:
+* INPUT DROP
+* SSH port on 22.
+* SMTP port 25 as `--reject-with icmp-port-unreachable`
+
+- [ssh-only](iptables-ssh-only.fw) -> SSH
+- [http-full](iptables-http-full.fw) -> HTTP/ HTTPS/ SMTPS
+- [http-full-f2b](iptables-http-full-f2b.fw) -> HTTP/ HTTPS/ SMTPS/ fail2ban
+
+## Usage
+
+Simply:
+```bash
+iptables-restore < file.fw
+```