diff --git a/gestion/gen_confs/firewall.py b/gestion/gen_confs/firewall.py
index fafdaaf6..6ab6e610 100644
--- a/gestion/gen_confs/firewall.py
+++ b/gestion/gen_confs/firewall.py
@@ -617,6 +617,25 @@ class firewall_komaz(firewall_crans) :
                 iptables("-t mangle -A SUBNET-%(subnet)s -o ens   -s %(ip)s "
                          "-j CLASSIFY --set-class 1:%(class_id)s" % locals())
 
+        # +-----------------+
+        # | QOS pour le ftp |
+        # +-----------------+
+
+        # On ne veut pas que les gens à l'éxtérieur bouffe toute la
+        # bande passante.
+
+        # Classification des paquets à destination du ftp
+        iptables("-t mangle -A POSTROUTING -o %(eth_int)s --destination 136.231.136.10 --destination-port 21 "
+                 "-j CLASSIFY --set-class 1:9997" % locals())
+
+        debit_ftp = 12000
+        # Restriction
+        for interface in [self.eth_ext, self.eth_int]:
+            tc("class add dev %(interface)s parent 1:1 classid 1:9997 "
+               "htb rate %(debit_ftp)s ceil %(debit_ftp)s" % locals())
+            tc("qdisc add dev %(interface)s parent 1:9997 "
+               "handle %(qdisc_id)d: sfq perturb 10" % locals())
+
         self.anim.reinit()
         print OK