diff --git a/gestion/gen_confs/firewall_new.py b/gestion/gen_confs/firewall_new.py
index 26a1cf73..03d7a218 100755
--- a/gestion/gen_confs/firewall_new.py
+++ b/gestion/gen_confs/firewall_new.py
@@ -164,6 +164,10 @@ class firewall_crans :
         # Comprend pas pourquoi il faut réimporter ici -- Fred
         from lock import remove_lock
         remove_lock('firewall')
+        
+    def reload_qos(self):
+        """Recherche la QoS"""
+        return
 
     def mangle_table(self) :
         """ Remplit la table mangle """
@@ -479,7 +483,13 @@ class firewall_komaz(firewall_crans) :
         self.anim.reinit()
         print OK
 
+
+    def reload_qos(self):
+        self.mangle_table()
+        self.qos()
+        
     def mangle_table(self):
+
         self.anim = anim('\tStructure de la table mangle')
 
         # On vide complètement la table
@@ -503,6 +513,7 @@ class firewall_komaz(firewall_crans) :
         # Parametres pour iptables/tc
         mark = conf_fw.mark['bittorrent']
         debit_max = conf_fw.debit_max
+        debit_max_semi=debit_max/2
         eth_ext = self.eth_ext
         eth_int = self.eth_int
 
@@ -521,7 +532,9 @@ class firewall_komaz(firewall_crans) :
                  "-j CONNMARK --save-mark" % mark)
 
         warn = ''
-
+        
+        # pas de QoS pour la zone ens
+        iptables("-t mangle -A POSTROUTING -d 138.231.0.0/16 -s 138.231.0.0/16 -j RETURN")
         # Par défaut, on envoit les paquets dans la classe 9998
         for net in NETs['all']:
             iptables("-t mangle -A POSTROUTING -o %(eth_int)s -d %(net)s "
@@ -544,10 +557,11 @@ class firewall_komaz(firewall_crans) :
                     redirect_chain('mangle', prev_chain, next_chain, subnet)
         print OK
 
+
+        self.anim = anim('\tLimitation du debit')
         adherents = db.search('paiement=ok')['adherent']
+        self.adherents=adherents
         debit_adh = int(debit_max / float(len(adherents)))
-        
-        self.anim = anim('\tGénération des classes de QoS', len(adherents))
 
         # Création des classes et qdisc
         for interface in [eth_ext, eth_int]:
@@ -567,15 +581,33 @@ class firewall_komaz(firewall_crans) :
                "handle 9999: sfq perturb 10" % locals())
             debit_ftp = 1000 # kbps
             tc("class add dev %(interface)s parent 1:1 classid 1:9997 "
-               "htb rate %(debit_ftp)skbps ceil %(debit_max)skbps" % locals())
+               "htb rate %(debit_ftp)skbps ceil %(debit_max_semi)skbps prio 1" % locals())
             tc("qdisc add dev %(interface)s parent 1:9997 "
                "handle 9997: sfq perturb 10" % locals())
                
             tc("class add dev %(interface)s parent 1:1 classid 1:9998 "
-                   "htb rate %(debit_adh)skbps ceil %(debit_max)skbps" % locals())
+                   "htb rate %(debit_adh)skbps ceil %(debit_max_semi)skbps prio 0" % locals())
             tc("qdisc add dev %(interface)s parent 1:9998 "
                    "handle 9998: sfq perturb 10" % locals())
+        print OK
+                   
+    def qos(self):
+        
+        if len(self.adherents) == 0 :
+            self.mangle_table()
+        
+        # Parametres pour iptables/tc
+        mark = conf_fw.mark['bittorrent']
+        debit_max = conf_fw.debit_max
+        debit_max_semi=debit_max/2
+        eth_ext = self.eth_ext
+        eth_int = self.eth_int
+        
+        adherents =  self.adherents
+        debit_adh = int(debit_max / float(len(adherents)))
 
+
+        self.anim = anim('\tGénération des classes de QoS', len(adherents))
         # On construit ensuite les classes et qdisc pour chaque adhérent
         for adherent in adherents:
             self.anim.cycle()
@@ -585,7 +617,7 @@ class firewall_komaz(firewall_crans) :
             qdisc_id = class_id
             for interface in [self.eth_ext, self.eth_int]:
                 tc("class add dev %(interface)s parent 1:1 classid 1:%(class_id)d "
-                   "htb rate %(debit_adh)skbps ceil %(debit_max)skbps" % locals())
+                   "htb rate %(debit_adh)skbps ceil %(debit_max)skbps prio 1" % locals())
                 tc("qdisc add dev %(interface)s parent 1:%(class_id)d "
                    "handle %(qdisc_id)d: sfq perturb 10" % locals())
 
@@ -637,6 +669,8 @@ class firewall_komaz(firewall_crans) :
         self.anim = anim('\tStructure de la table filter')
         for chaine in [ 'TEST_MAC-IP', 'RESEAUX_NON_ROUTABLES_SRC', 'RESEAUX_NON_ROUTABLES_DST' ] :
             iptables('-t filter -N %s' % chaine)
+
+        
         iptables("-A FORWARD -i lo -j ACCEPT")
         iptables("-A FORWARD -p icmp -j ACCEPT")
         iptables("-A FORWARD -i tun-ovh -j ACCEPT")
@@ -833,6 +867,7 @@ class firewall_komaz(firewall_crans) :
         self.exception_catcher(self.ext_vers_crans)
         self.exception_catcher(self.test_mac_ip)
         self.exception_catcher(self.filtre_p2p)
+        self.exception_catcher(self.qos)
 
     def serveurs_maj_list_to_do(self) :
         self.exception_catcher(self.serveurs_vers_ext)
@@ -1418,7 +1453,7 @@ if __name__ == '__main__' :
     fw = eval('firewall_%s()' % hostname)
     chaines = []
     for nom in dir(fw) :
-        if nom in [ 'log_chaines' , 'test_virus_flood', 'reseaux_non_routables', 'test_mac_ip' , 'blacklist' , 'ext_vers_serveurs' , 'serveurs_vers_ext', 'ext_vers_crans', 'crans_vers_ext' , 'filtre_p2p', 'admin_vlan' , 'serv_out_adm', 'mangle_table', 'classes_p2p_maj' ] :
+        if nom in [ 'log_chaines' , 'test_virus_flood', 'reseaux_non_routables', 'test_mac_ip' , 'blacklist' , 'ext_vers_serveurs' , 'serveurs_vers_ext', 'ext_vers_crans', 'crans_vers_ext' , 'filtre_p2p', 'admin_vlan' , 'serv_out_adm', 'mangle_table', 'classes_p2p_maj','reload_qos' ] :
             chaines.append(nom)
 
     def __usage(txt=None) :