diff --git a/gestion/gen_confs/firewall.py b/gestion/gen_confs/firewall.py
index d4bfdd10..85dd0832 100755
--- a/gestion/gen_confs/firewall.py
+++ b/gestion/gen_confs/firewall.py
@@ -617,7 +617,7 @@ class firewall_komaz(firewall_crans) :
                   'udp' : machine.portUDPout() }
 
         for proto in [ 'tcp', 'udp' ] :
-            for port in ports[proto].split() :
+            for port in ports[proto]:
                 iptables("-I SERVEURS_VERS_EXT -s %s -p %s --dport %s -m mac --mac-source %s -j ACCEPT" \
                 %(ip,proto,port,mac))
 
@@ -631,7 +631,7 @@ class firewall_komaz(firewall_crans) :
                   'udp' : machine.portUDPin() }
                   
         for proto in [ 'tcp', 'udp' ] :
-            for port in ports[proto].split() :
+            for port in ports[proto]:
                 iptables("-I EXT_VERS_SERVEURS -d %s -p %s --dport %s -j ACCEPT"\
                 %(ip,proto,port))
    
@@ -645,7 +645,7 @@ class firewall_komaz(firewall_crans) :
                   'udp' : machine.portUDPout() }
    
         for proto in [ 'tcp', 'udp' ] :
-            for port in ports[proto].split() :
+            for port in ports[proto]:
                 iptables("-I CRANS_VERS_EXT -s %s -p %s --dport %s -j ACCEPT" \
                 %(ip,proto,port))
   
@@ -659,14 +659,7 @@ class firewall_komaz(firewall_crans) :
                   'udp' : machine.portUDPin() }
   
         for proto in [ 'tcp', 'udp' ] :
-            for port in ports[proto].split() :
-                """ FIXME: bug dans la base ldap """
-                if ip == '138.231.141.26':
-                    for fixed_port in port.split(','):
-                        iptables("-I EXT_VERS_CRANS -d %s -p %s --dport %s -j ACCEPT" \
-                        %(ip,proto,fixed_port))
-                    continue
-
+            for port in ports[proto]:
                 iptables("-I EXT_VERS_CRANS -d %s -p %s --dport %s -j ACCEPT" \
                 %(ip,proto,port))
  
diff --git a/gestion/gest_crans.py b/gestion/gest_crans.py
index cbd2fbf0..b27578f9 100755
--- a/gestion/gest_crans.py
+++ b/gestion/gest_crans.py
@@ -1203,10 +1203,10 @@ def set_machine(machine) :
     arg+= u'"Adresse mac :" 2 1 "%s" 2 15 17 0 ' % machine.mac()
     arg+= u'"IP :" 3 1 "%s" 3 6 15 0 ' % machine.ip()
     if isadm :
-        arg+= u'"PortsTCP ext->machine :" 4 1 "%s" 4 25 50 0 ' % machine.portTCPin()
-        arg+= u'"PortsTCP machine->ext :" 5 1 "%s" 5 25 50 0 ' % machine.portTCPout()
-        arg+= u'"PortsUDP ext->machine :" 6 1 "%s" 6 25 50 0 ' % machine.portUDPin()
-        arg+= u'"PortsUDP machine->ext :" 7 1 "%s" 7 25 50 0 ' % machine.portUDPout()
+        arg+= u'"PortsTCP ext->machine :" 4 1 "%s" 4 25 50 0 ' % ' '.join(machine.portTCPin())
+        arg+= u'"PortsTCP machine->ext :" 5 1 "%s" 5 25 50 0 ' % ' '.join(machine.portTCPout())
+        arg+= u'"PortsUDP ext->machine :" 6 1 "%s" 6 25 50 0 ' % ' '.join(machine.portUDPin())
+        arg+= u'"PortsUDP machine->ext :" 7 1 "%s" 7 25 50 0 ' % ' '.join(machine.portUDPout())
     if isinstance(machine, BorneWifi) and isadm :
         # Borne wifi
         p = u'Mettre le lieu de la borne comme première remarque.'
@@ -1253,10 +1253,10 @@ def set_machine(machine) :
     
     if isadm :
         try :
-            machine.portTCPin(result[3])
-            machine.portTCPout(result[4])
-            machine.portUDPin(result[5])
-            machine.portUDPout(result[6])
+            machine.portTCPin(result[3].split())
+            machine.portTCPout(result[4].split())
+            machine.portUDPin(result[5].split())
+            machine.portUDPout(result[6].split())
         except ValueError, c : err += c.args[0] + '\n'
     
     if isadm and isinstance(machine, BorneWifi):
diff --git a/gestion/ldap_crans.py b/gestion/ldap_crans.py
index 27c29cdf..51476c77 100755
--- a/gestion/ldap_crans.py
+++ b/gestion/ldap_crans.py
@@ -1046,7 +1046,8 @@ class base_classes_crans(crans_ldap):
             
             # Formate les entrées de l'historique de la forme champ+diff-diff
             for champ in ['droits', 'controle', 'paiement', 'carteEtudiant',
-                          'mailAlias', 'hostAlias', 'exempt', 'nvram']:
+                          'mailAlias', 'hostAlias', 'exempt', 'nvram',
+                          'portTCPin', 'portTCPout', 'portUDPin', 'portUDPout']:
                 if champ in self.modifs:
                     if champ == 'controle':
                         # Ce n'est pas pareil que self._init_data.get('controle', [''])
@@ -2546,7 +2547,8 @@ class Machine(base_classes_crans):
                 self.services_to_restart('ragnarok-dhcp')
             else:
                 self.services_to_restart('rouge-dhcp')
-        if 'ports' in self.modifs:
+        if 'portTCPin' in self.modifs or 'portTCPout' in self.modifs or \
+           'portUDPin' in self.modifs or 'portUDPout' in self.modifs:
             self.services_to_restart('komaz-ports', [self.ip()])
             self.services_to_restart('mail_modif', ['ip=%s' % self.ip()])
             
@@ -2632,17 +2634,11 @@ class Machine(base_classes_crans):
         
     def __port(self, ports, champ):
         if ports == None:
-            return self._data.get(champ, [''])[0]
+            return self._data.get(champ, [])
         
-        ports = preattr(ports)[1]
-        if ports and self._data.get(champ) != ports:
-            self._data[champ] = [ports]
-            if 'ports' not in self.modifs:
-                self.modifs.setdefault('ports', None)
-        elif self._data.has_key(champ):
-            self._data.pop(champ)
-            if 'ports' not in self.modifs:
-                self.modifs.setdefault('ports', None)
+        ports = map(int, ports)
+        ports.sort()
+        self._set(champ, map(str, ports))
 
 
 class MachineFixe(Machine):
diff --git a/gestion/tools/list_firewall.py b/gestion/tools/list_firewall.py
index 3b7540d5..9fb96a06 100755
--- a/gestion/tools/list_firewall.py
+++ b/gestion/tools/list_firewall.py
@@ -25,13 +25,13 @@ for m in machines :
     txt += u'Propriétaire  : %s\n' % m.proprietaire().Nom().encode('iso-8859-1')
     txt += u'Machine       : %s\n' % m.nom()
     if m.portTCPin() :
-        txt += u'ports TCP in  : %s\n' % m.portTCPin()
+        txt += u'ports TCP in  : %s\n' % ' '.join(m.portTCPin())
     if m.portTCPout() :
-        txt += u'ports TCP out : %s\n' % m.portTCPout()
+        txt += u'ports TCP out : %s\n' % ' '.join(m.portTCPout())
     if m.portUDPin() :
-        txt += u'ports UDP in  : %s\n' % m.portUDPin()
+        txt += u'ports UDP in  : %s\n' % ' '.join(m.portUDPin())
     if m.portUDPout() :
-        txt += u'ports UDP out : %s\n' % m.portUDPout()
+        txt += u'ports UDP out : %s\n' % ' '.join(m.portUDPout())
     
     txts.append(txt.strip())
 
diff --git a/gestion/whos.py b/gestion/whos.py
index 11b3fa62..941c1a7a 100755
--- a/gestion/whos.py
+++ b/gestion/whos.py
@@ -593,14 +593,14 @@ def machine_details(machine) :
         f += '\n'
         
     # Ports spéciaux
-    if machine.portTCPin() :
-        f += coul(u'Ports TCP ouvert ext->machine : ','gras') + machine.portTCPin() + '\n'
-    if machine.portTCPout() :
-        f += coul(u'Ports TCP ouvert machine->ext : ','gras') + machine.portTCPout() + '\n'
-    if machine.portTCPin() :
-        f += coul(u'Ports UDP ouvert ext->machine : ','gras') + machine.portUDPin() + '\n'
-    if machine.portUDPout() :
-        f += coul(u'Ports UDP ouvert machine->ext : ','gras') + machine.portUDPout() + '\n'
+    if machine.portTCPin():
+        f += coul(u'Ports TCP ouvert ext->machine : ','gras') + ' '.join(machine.portTCPin()) + '\n'
+    if machine.portTCPout():
+        f += coul(u'Ports TCP ouvert machine->ext : ','gras') + ' '.join(machine.portTCPout()) + '\n'
+    if machine.portTCPin():
+        f += coul(u'Ports UDP ouvert ext->machine : ','gras') + ' '.join(machine.portUDPin()) + '\n'
+    if machine.portUDPout():
+        f += coul(u'Ports UDP ouvert machine->ext : ','gras') + ' '.join(machine.portUDPout()) + '\n'
 
     # Exemption d'upload
     if machine.exempt() :