add HAS_NET conditional

2 files changed, 6 insertions, 1 deletions

diff --git a/src/firejail/profile.c b/src/firejail/profile.c
index 03cd9dadb..9a724331b 100644
--- a/src/firejail/profile.c
+++ b/src/firejail/profile.c
@@ -143,6 +143,10 @@ static int check_appimage(void) {
         return arg_appimage != 0;
 }
 
+static int check_netoptions(void) {
+        return (arg_nonetwork || any_bridge_configured());
+}
+
 static int check_nodbus(void) {
         return arg_nodbus != 0;
 }
@@ -161,6 +165,7 @@ static int check_allow_drm(void) {
 
 Cond conditionals[] = {
         {"HAS_APPIMAGE", check_appimage},
+        {"HAS_NET", check_netoptions},
         {"HAS_NODBUS", check_nodbus},
         {"HAS_X11", check_x11},
         {"BROWSER_DISABLE_U2F", check_disable_u2f},
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 4a84cc828..719a80c2c 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -103,7 +103,7 @@ Example: "?HAS_APPIMAGE: whitelist ${HOME}/special/appimage/dir"
 
 This example will load the whitelist profile line only if the \-\-appimage option has been specified on the command line.
 
-Currently the only conditionals supported this way are HAS_APPIMAGE, HAS_NODBUS and HAS_X11. The conditionals BROWSER_DISABLE_U2F and BROWSER_ALLOW_DRM
+Currently the only conditionals supported this way are HAS_APPIMAGE, HAS_NET, HAS_NODBUS and HAS_X11. The conditionals BROWSER_DISABLE_U2F and BROWSER_ALLOW_DRM
 can be enabled or disabled globally in Firejail's configuration file.
 
 The profile line may be any profile line that you would normally use in a profile \fBexcept\fR for "quiet" and "include" lines.