diff --git a/roles/logall/handlers/main.yml b/roles/logall/handlers/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..ae4936a5c8f893b8b8de3abc88bf324bb71da964
--- /dev/null
+++ b/roles/logall/handlers/main.yml
@@ -0,0 +1,10 @@
+---
+- name: systemctl restart rsyslog.service
+  systemd:
+    name: rsyslog
+    state: restarted
+
+- name: systemctl restart logrotate.service
+  systemd:
+    name: logrotate
+    state: restarted
diff --git a/roles/logall/tasks/main.yml b/roles/logall/tasks/main.yml
index f63159b0cfaaac4639f51e33dd8a2725f39e5df6..8a4b031df05da43f8189c32b3a7bcd1c3c6037b9 100644
--- a/roles/logall/tasks/main.yml
+++ b/roles/logall/tasks/main.yml
@@ -22,24 +22,3 @@
     mode: 0644
     owner: root
     group: root
-
-- name: Create logs directory
-  file:
-    path: /logs
-    mode: 0755
-    owner: root
-    group: root
-    state: directory
-
-- name: Deploy nfs systemd mount
-  template:
-    src: systemd/system/logs.mount.j2
-    dest: /etc/systemd/system/logs.mount
-    mode: 0644
-
-- name: Load and activate nfs systemd mount
-  systemd:
-    name: logs.mount
-    daemon_reload: true
-    enabled: true
-    state: started
diff --git a/roles/logall/templates/logrotate.d/firewall.j2 b/roles/logall/templates/logrotate.d/firewall.j2
index 6d733471b41e2f6953c9e08927b6992d64adac90..644404ac2f45e3cb4268be5dd57c06e214885aaa 100644
--- a/roles/logall/templates/logrotate.d/firewall.j2
+++ b/roles/logall/templates/logrotate.d/firewall.j2
@@ -1,29 +1,24 @@
 {{ ansible_header | comment }}
 
-/var/log/firewall/trace.log
-/var/log/firewall/filtre.log
-/var/log/firewall/iptables.err
-/var/log/firewall/iptables.log {
-    rotate 1
-        weekly
-        missingok
-        notifempty
-        compress
-        postrotate
-        /usr/sbin/invoke-rc.d rsyslog rotate >/dev/null;
-    endscript
-}
-/var/log/firewall/logall.log {
+/var/log/firewall/logall.prerouting.log
+/var/log/firewall/logall.prerouting.json.log
+/var/log/firewall/logall.srv.log
+/var/log/firewall/logall.srv.json.log
+/var/log/firewall/logall.adh.log
+/var/log/firewall/logall.adh.json.log {
     daily
-        compress
-        compresscmd /bin/bzip2
-        uncompresscmd /bin/bunzip2
-        compressext .bz2
-        rotate 10
-        notifempty
-        sharedscripts
-        postrotate
-        /usr/sbin/invoke-rc.d rsyslog rotate >/dev/null;
-    QUIET=y /logs/firewall-logrotate-script.sh;
+    compress
+    compresscmd /bin/bzip2
+    uncompresscmd /bin/bunzip2
+    compressext .bz2
+    create 0640 root root
+    rotate 365
+    notifempty
+    sharedscripts
+    dateext
+    dateformat %Y-%m-%d.
+    extension log
+    postrotate
+        usr/lib/rsyslog/rsyslog-rotate
     endscript
 }
diff --git a/roles/logall/templates/rsyslog.d/10-firewall.conf.j2 b/roles/logall/templates/rsyslog.d/10-firewall.conf.j2
index 9905590166448106c0167a4df4fcfcd918a67dbb..649dada6bb05e7f683864503a15de4836597eebb 100644
--- a/roles/logall/templates/rsyslog.d/10-firewall.conf.j2
+++ b/roles/logall/templates/rsyslog.d/10-firewall.conf.j2
@@ -1,32 +1,42 @@
 {{ ansible_header | comment }}
-#$ModLoad imklog #DÃ©jÃ  prÃ©sent dans rsyslog.conf
-
-# Messages du firewall (ie de sa gÃ©nÃ©ration)
-if $programname == 'firewall' and $syslogseverity <= '3' then /var/log/firewall/iptables.err
-
-if $programname == 'firewall' then /var/log/firewall/iptables.log
-
-
-# kernel (facility = 0):
-# Discard broadcast (sinon trop de spam)
-# Note: on discard tout au final, sinon, on risquerait d'envoyer du contenu
-# (LOG_ALL est dans PREROUTING donc je sais pas si Ã§a compte, mais je veux
-# pas essayer)
-if $syslogfacility == '0' and $msg contains 'ff:ff:ff:ff:ff:ff' then ~
-
-# LOG_ALL pour â€¦ je sais plus Ã  quoi Ã§a sert â€¦
+template(name="logall" type="list" option.jsonf="on"){
+	property(outname="@timestamp" name="timereported" dateFormat="rfc3339" format="jsonf")
+	property(outname="host" name="hostname" format="jsonf")
+	property(outname="message" name="msg" format="jsonf")
+}
+
+module(load="omprog")
+
+if ($syslogfacility == '0' and $msg contains 'LOG_ALL_PREROUTING')
+then {
+	action(type="omprog"
+		binary="/usr/bin/python3 /usr/local/src/scripts/firewall/logs_to_json.py"
+		template="logall"
+		output="/var/log/firewall/logall.prerouting.json.log")
+	action(type="omfile" file="/var/log/firewall/logall.prerouting.log" template="logall")
+	stop
+}
+
+if ($syslogfacility == '0' and $msg contains 'LOG_ALL_ADH')
+then {
+	action(type="omprog"
+		binary="/usr/bin/python3 /usr/local/src/scripts/firewall/logs_to_json.py"
+		template="logall"
+		output="/var/log/firewall/logall.adh.json.log")
+	action(type="omfile" file="/var/log/firewall/logall.adh.log" template="logall")
+	stop
+}
+
+if ($syslogfacility == '0' and $msg contains 'LOG_ALL_SRV')
+then {
+	action(type="omprog"
+		binary="/usr/bin/python3 /usr/local/src/scripts/firewall/logs_to_json.py"
+		template="logall"
+		output="/var/log/firewall/logall.srv.json.log")
+	action(type="omfile" file="/var/log/firewall/logall.srv.log" template="logall")
+	stop
+}
+
+# Legacy LOG_ALL
 if $syslogfacility == '0' and $msg contains 'LOG_ALL' then /var/log/firewall/logall.log
 &   ~
-
-# LOG_MAC_IP pour l'association mac_ip en ipv6
-if $syslogfacility == '0' and $msg contains 'LOG_MAC_IP' then ~
-
-# TRACE
-if $syslogfacility == '0' and $msg contains 'TRACE:' then /var/log/firewall/trace.log
-&   ~
-
-# filtre.log Ã©tait parsÃ© par un script pour gÃ©rer les dÃ©connexions
-#if $syslogfacility == '0' and $msg contains 'DST=' then /var/log/firewall/filtre.log
-#&   ~
-
-if $syslogfacility == '0' and $msg contains 'LOG_ALL' then ~
diff --git a/roles/logall/templates/systemd/system/logs.mount.j2 b/roles/logall/templates/systemd/system/logs.mount.j2
deleted file mode 100644
index cc726e5aa56d9bdf68f4615bfdcaef8ac7e5e34c..0000000000000000000000000000000000000000
--- a/roles/logall/templates/systemd/system/logs.mount.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-{{ ansible_header | comment }}
-[Unit]
-Description=Mount home
-Wants=network-online.target
-After=network-online.target
-
-[Mount]
-What=172.16.10.1:/pool/logs
-Where=/logs
-Type=nfs
-Options=rw,nosuid
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/nfs-common/tasks/main.yml b/roles/nfs-common/tasks/main.yml
index ded8852528ce1b098357f33652e3e1f4d01b7e23..c0f9d083acba8e9841565b4c2194b23590ecc5dd 100644
--- a/roles/nfs-common/tasks/main.yml
+++ b/roles/nfs-common/tasks/main.yml
@@ -16,10 +16,9 @@
 - name: Disable and mask rpcbind.service
   systemd:
     name: rpcbind.service
-    enabled: false
-    masked: true
+    masked: false
 
 - name:
   systemd:
     name: rpcbind.socket
-    masked: true
+    masked: false
diff --git a/roles/nfs-common/templates/nfs-common.j2 b/roles/nfs-common/templates/nfs-common.j2
index ef51d4e7531965379337378fa0c4bca88ae576dd..b860909d7abfbaef143b614884b61c90a2b10109 100644
--- a/roles/nfs-common/templates/nfs-common.j2
+++ b/roles/nfs-common/templates/nfs-common.j2
@@ -14,7 +14,7 @@ NEED_STATD=
 STATDOPTS=
 
 # Do you want to start the idmapd daemon? It is only needed for NFSv4.
-NEED_IDMAPD=no
+NEED_IDMAPD=
 
 # Do you want to start the gssd daemon? It is required for Kerberos mounts.
 NEED_GSSD=