diff --git a/README.md b/README.md
index e193ea9..6419609 100644
--- a/README.md
+++ b/README.md
@@ -1493,10 +1493,14 @@ htpasswd –c /etc/nginx/.htpasswd WEB
 
 >chmod 700 /etc/pki/CA/private
 
+<p align="center">
+  <img src="picture для варинта 2\mkdir pki.png" width="600" />
+</p>
+
 Создайте корневой ключ и сертификат (RSA 4096, SHA256):
 
- openssl req -x509 -new -nodes \ 
-   -keyout /etc/pki/CA/private/ca.key \ 
+ openssl req -x509 -new -nodes \
+   -keyout /etc/pki/CA/private/ca.key \
    -out /etc/pki/CA/certs/ca.crt \
    -days 3650 \
    -sha256 \
diff --git a/files/br-rtr/nftables.conf b/files/br-rtr/nftables.conf
index 16d42c5..c338fe2 100755
--- a/files/br-rtr/nftables.conf
+++ b/files/br-rtr/nftables.conf
@@ -8,8 +8,8 @@ table inet filter {
 		log prefix "Dropped Input: " level debug
 		iif lo accept
 		ct state established,related accept
-		tcp dport { 22,514,53,80,443,3015,445,139,88 } accept
-		udp dport { 53,123,500,4500,88,137 } accept
+		tcp dport { 22,514,53,80,443,3015,445,139,88,2026,8080 } accept
+		udp dport { 53,123,500,4500,88,137,8080 } accept
 		ip protocol icmp accept
 		ip protocol esp accept
 		ip protocol gre accept
@@ -20,8 +20,8 @@ table inet filter {
 		log prefix "Dropped forward: " level debug
 		iif lo accept
 		ct state established,related accept
-		tcp dport { 22,514,53,80,443,3015,445,139,88 } accept
-		udp dport { 53,123,500,4500,88,137 } accept
+		tcp dport { 22,514,53,80,443,3015,445,139,88,2026,8080 } accept
+		udp dport { 53,123,500,4500,88,137,8080 } accept
 		ip protocol icmp accept
 		ip protocol esp accept
 		ip protocol gre accept
diff --git a/files/hq-rtr/nftables.conf b/files/hq-rtr/nftables.conf
index 42e7355..70d4fdf 100755
--- a/files/hq-rtr/nftables.conf
+++ b/files/hq-rtr/nftables.conf
@@ -8,8 +8,8 @@ table inet filter {
 		log prefix "Dropped Input: " level debug
 		iif lo accept
 		ct state established,related accept
-		tcp dport { 22,514,53,80,443,3015,445,139,88 } accept
-		udp dport { 53,123,500,4500,88,137 } accept
+		tcp dport { 22,514,53,80,443,3015,445,139,88,2026,8080 } accept
+		udp dport { 53,123,500,4500,88,137,8080 } accept
 		ip protocol icmp accept
 		ip protocol esp accept
 		ip protocol gre accept
@@ -20,8 +20,8 @@ table inet filter {
 		log prefix "Dropped forward: " level debug
 		iif lo accept
 		ct state established,related accept
-		tcp dport { 22,514,53,80,443,3015,445,139,88 } accept
-		udp dport { 53,123,500,4500,88,137 } accept
+		tcp dport { 22,514,53,80,443,3015,445,139,88,2026,8080 } accept
+		udp dport { 53,123,500,4500,88,137,8080 } accept
 		ip protocol icmp accept
 		ip protocol esp accept
 		ip protocol gre accept
diff --git a/images/module2/hosts.png b/images/module2/hosts.png
index 9d4a1d8..9072af8 100644
Binary files a/images/module2/hosts.png and b/images/module2/hosts.png differ
diff --git a/picture для варинта 2/mkdir pki.png b/picture для варинта 2/mkdir pki.png
new file mode 100644
index 0000000..58b522f
Binary files /dev/null and b/picture для варинта 2/mkdir pki.png differ