diff --git a/sisr1/tp07/files_firewall/current_ruleset.nft b/sisr1/tp07/files_firewall/current_ruleset.nft
new file mode 100644
index 0000000..5e456c3
--- /dev/null
+++ b/sisr1/tp07/files_firewall/current_ruleset.nft
@@ -0,0 +1,13 @@
+table ip ipfilter {
+	chain routing {
+		type filter hook forward priority filter; policy accept;
+		icmp type echo-request iif { "enp0s3", "enp0s8" } drop
+		icmp type { echo-reply, echo-request } accept
+		drop
+	}
+
+	chain system_in {
+		type filter hook input priority filter; policy accept;
+		icmp type echo-request iif { "enp0s3", "enp0s8" } drop
+	}
+}
diff --git a/sisr1/tp07/files_firewall/interfaces b/sisr1/tp07/files_firewall/interfaces
new file mode 100644
index 0000000..cab3445
--- /dev/null
+++ b/sisr1/tp07/files_firewall/interfaces
@@ -0,0 +1,25 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+allow-hotplug enp0s3
+iface enp0s3 inet static
+address 192.168.0.120
+gateway 192.168.0.1
+pre-up bash /root/scriptsnft/refresh_firewall.sh
+
+# Second network interface : DMZ
+allow-hotplug enp0s8
+iface enp0s8 inet static
+address 172.16.0.254/24
+
+# Third network interface : LAN
+allow-hotplug enp0s9
+iface enp0s9 inet static
+address 10.0.0.254/24
diff --git a/sisr1/tp07/files_firewall/refresh_firewall.sh b/sisr1/tp07/files_firewall/refresh_firewall.sh
new file mode 100644
index 0000000..070243f
--- /dev/null
+++ b/sisr1/tp07/files_firewall/refresh_firewall.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+# active le routage entre les interfaces réseau du firewall
+echo "1" > /proc/sys/net/ipv4/ip_forward
+#vide les règles actuelles du pare-feu
+nft flush ruleset
+#charge les règles du pare-feu présentes dans le fichier
+nft -f /root/scriptsnft/current_ruleset.nft
diff --git a/sisr1/tp07/files_firewall/resolv.conf b/sisr1/tp07/files_firewall/resolv.conf
new file mode 100644
index 0000000..04f8dc4
--- /dev/null
+++ b/sisr1/tp07/files_firewall/resolv.conf
@@ -0,0 +1,4 @@
+domain sio.lan
+search sio.lan
+nameserver 10.121.38.7
+nameserver 10.121.38.8
diff --git a/sisr1/tp07/files_pclan/interfaces b/sisr1/tp07/files_pclan/interfaces
new file mode 100644
index 0000000..563707b
--- /dev/null
+++ b/sisr1/tp07/files_pclan/interfaces
@@ -0,0 +1,14 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+allow-hotplug enp0s3
+iface enp0s3 inet static
+address 10.0.0.1/24
+gateway 10.0.0.254
diff --git a/sisr1/tp07/files_pclan/resolv.conf b/sisr1/tp07/files_pclan/resolv.conf
new file mode 100644
index 0000000..04f8dc4
--- /dev/null
+++ b/sisr1/tp07/files_pclan/resolv.conf
@@ -0,0 +1,4 @@
+domain sio.lan
+search sio.lan
+nameserver 10.121.38.7
+nameserver 10.121.38.8
diff --git a/sisr1/tp07/files_pcnet/interfaces b/sisr1/tp07/files_pcnet/interfaces
new file mode 100644
index 0000000..05e785e
--- /dev/null
+++ b/sisr1/tp07/files_pcnet/interfaces
@@ -0,0 +1,14 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+allow-hotplug enp0s3
+iface enp0s3 inet static
+address 192.168.0.121
+gateway 192.168.0.120
diff --git a/sisr1/tp07/files_pcnet/resolv.conf b/sisr1/tp07/files_pcnet/resolv.conf
new file mode 100644
index 0000000..04f8dc4
--- /dev/null
+++ b/sisr1/tp07/files_pcnet/resolv.conf
@@ -0,0 +1,4 @@
+domain sio.lan
+search sio.lan
+nameserver 10.121.38.7
+nameserver 10.121.38.8
diff --git a/sisr1/tp07/files_srvweb/interfaces b/sisr1/tp07/files_srvweb/interfaces
new file mode 100644
index 0000000..9a67b8a
--- /dev/null
+++ b/sisr1/tp07/files_srvweb/interfaces
@@ -0,0 +1,14 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+allow-hotplug enp0s3
+iface enp0s3 inet static
+address 172.16.0.1/24
+gateway 172.16.0.254
diff --git a/sisr1/tp07/files_srvweb/resolv.conf b/sisr1/tp07/files_srvweb/resolv.conf
new file mode 100644
index 0000000..04f8dc4
--- /dev/null
+++ b/sisr1/tp07/files_srvweb/resolv.conf
@@ -0,0 +1,4 @@
+domain sio.lan
+search sio.lan
+nameserver 10.121.38.7
+nameserver 10.121.38.8