diff --git a/README b/README
index 23dde05..4f08238 100644
--- a/README
+++ b/README
@@ -16,4 +16,8 @@ To compile it :
 
     make data src
 
+Makefile flags :
+  * DEBUG=1 to compile in debug mode
+  * USE_SECCOMP=1 to compile with seccomp support
+
 More information can be found at http://indefero.soutade.fr/p/iptogeo
diff --git a/src/Makefile b/src/Makefile
index 057fca7..95fd6b9 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -11,7 +11,7 @@ else
 CFLAGS += -O2
 endif
 
-ifneq ($(DISABLE_SECCOMP),)
+ifeq ($(USE_SECCOMP),1)
 CFLAGS  += -DUSE_SECCOMP=1
 LDFLAGS += -lseccomp
 endif
diff --git a/src/server.c b/src/server.c
index acc7934..7f99bc1 100644
--- a/src/server.c
+++ b/src/server.c
@@ -22,6 +22,7 @@
 #include <sys/socket.h>
 #include <sys/select.h>
 #include <sys/time.h>
+#include <sys/stat.h>
 #include <arpa/inet.h>
 #include <netinet/in.h>
 #include <time.h>
@@ -33,6 +34,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <poll.h>
+#include <fcntl.h>
 
 #ifdef USE_SECCOMP
 #include <seccomp.h>
@@ -466,7 +468,7 @@ int daemonize(struct gengetopt_args_info* params)
     signal(SIGUSR2, sigint);
 
 #ifdef USE_SECCOMP
-    scmp_filter_ctx seccomp_ctx = seccomp_init(SCMP_ACT_KILL);
+    scmp_filter_ctx seccomp_ctx = seccomp_init(SCMP_ACT_KILL/*SCMP_ACT_TRAP*/);
     
     if (seccomp_ctx == NULL)
     {
@@ -474,10 +476,37 @@ int daemonize(struct gengetopt_args_info* params)
         return -5;
     }
 
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(poll), 0);
     seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 0);
     seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 0);
     seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0);
     seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(accept), 0);
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(syncfs), 0);
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(nanosleep), 0);
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(restart_syscall), 0); // for usleep
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(syslog), 0);
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(sendto), 0); // For syslog
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), 1, SCMP_A1(SCMP_CMP_EQ , O_RDONLY|O_CLOEXEC));
+    // For create_thread 
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(mmap), 0); 
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(munmap), 0); 
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(mprotect), 0);
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(clone), 0);
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(fstat), 0);
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(access), 0);
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit), 0);
+
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(set_robust_list), 0);
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(madvise), 0);
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(munlock), 0);
+    seccomp_rule_add(seccomp_ctx, SCMP_ACT_ALLOW, SCMP_SYS(futex), 0);
+
+    ret = seccomp_load(seccomp_ctx);
+    if (ret < 0)
+    {
+        syslog(LOG_ERR, "Error seccomp load %d\n", ret);
+        return -6;
+    }
 #endif
 
     while (!s_stop)