diff --git a/assets/knockd.conf b/assets/knockd.conf
index 5103028..09500cd 100644
--- a/assets/knockd.conf
+++ b/assets/knockd.conf
@@ -4,8 +4,8 @@
 [SSH]
       sequence    = 7000,8000,9000
       seq_timeout = 5
-      # TODO do not limit port 22 to the ip as it don't work with 4G connection 
-      start_command = ufw allow from %IP% to any port 22
+      # TODO do not limit port 22 to the ip as it don't work with 4G connection
+      start_command = ufw insert 1 allow from %IP% to any port 22
       tcpflags    = syn
       cmd_timeout   = 10
       stop_command  = ufw delete allow from %IP% to any port 22
diff --git a/bin/misc.sh b/bin/misc.sh
index 128cca4..03a221f 100755
--- a/bin/misc.sh
+++ b/bin/misc.sh
@@ -20,6 +20,6 @@ sed -i "s/^# en_GB.UTF-8/en_GB.UTF-8/g" /etc/locale.gen
 locale-gen
 apt-get --yes --force-yes install ntp
 dpkg-reconfigure tzdata
-apt-get --yes --force-yes install needrestart
+apt-get --yes --force-yes install etckeeper needrestart
 
 echo -e "\033[92;1mMisc done \033[Om"