28 files changed, 417 insertions, 130 deletions

diff --git a/Makefile.in b/Makefile.in
index 86acc206c..d93eee502 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -39,6 +39,7 @@ clean:
         for dir in $(APPS) $(MYLIBS); do \
                 $(MAKE) -C $$dir clean; \
         done
+        rm -fr gcov-file gcov-dir
         rm -f $(MANPAGES) $(MANPAGES:%=%.gz) firejail*.rpm
         rm -f test/utils/index.html*
         rm -f test/utils/wget-log
@@ -214,11 +215,21 @@ test-environment:
 test-filters:
         cd test/filters; ./filters.sh | grep TESTING
 
+test-arguments:
+        cd test/arguments; ./arguments.sh | grep TESTING
+        
 test-network:
         echo "Please read test/network/README file and run the test manually"
 
 test-fs:
         cd test/fs; ./fs.sh | grep TESTING
 
-test: test-profiles test-fs test-utils  test-environment test-apps test-apps-x11 test-apps-x11-xorg test-filters
+test: test-profiles test-fs test-utils  test-environment test-apps test-apps-x11 test-apps-x11-xorg test-filters test-arguments
         echo "TEST COMPLETE"
+
+gcov:;
+        lcov --capture -d src/firejail -d src/firemon -d src/fseccomp -d src/fnet -d src/ftee -d src/lib -d src/firecfg --output-file gcov-file
+        rm -fr gcov-dir
+        genhtml gcov-file --output-directory gcov-dir
+        
+        
\ No newline at end of file
diff --git a/configure b/configure
index a89fddbef..0aefb5c62 100755
--- a/configure
+++ b/configure
@@ -625,6 +625,7 @@ ac_includes_default="\
 ac_subst_vars='LTLIBOBJS
 LIBOBJS
 HAVE_SECCOMP_H
+HAVE_GCOV
 BUSYBOX_WORKAROUND
 HAVE_FATAL_WARNINGS
 HAVE_WHITELIST
@@ -709,6 +710,7 @@ enable_file_transfer
 enable_whitelist
 enable_fatal_warnings
 enable_busybox_workaround
+enable_gcov
 '
       ac_precious_vars='build_alias
 host_alias
@@ -1346,6 +1348,7 @@ Optional Features:
   --enable-fatal-warnings -W -Wall -Werror
   --enable-busybox-workaround
                           enable busybox workaround
+  --enable-gcov           Gcov instrumentation
 
 Some influential environment variables:
   CC          C compiler command
@@ -3508,7 +3511,7 @@ fi
 fi
 if test "x$enable_apparmor" = "xyes"; then :
 
-        EXTRA_LDFLAGS="-lapparmor"
+        EXTRA_LDFLAGS+="-lapparmor "
 
 fi
 
@@ -3693,6 +3696,21 @@ if test "x$enable_busybox_workaround" = "xyes"; then :
 fi
 
 
+HAVE_GCOV=""
+# Check whether --enable-gcov was given.
+if test "${enable_gcov+set}" = set; then :
+  enableval=$enable_gcov;
+fi
+
+if test "x$enable_gcov" = "xyes"; then :
+
+        HAVE_GCOV="--coverage -DHAVE_GCOV "
+        EXTRA_LDFLAGS+="-lgcov --coverage "
+
+
+fi
+
+
 
 # checking pthread library
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lpthread" >&5
@@ -4952,9 +4970,10 @@ echo "   whitelisting: $HAVE_WHITELIST"
 echo "   private home support: $HAVE_PRIVATE_HOME"
 echo "   file transfer support: $HAVE_FILE_TRANSFER"
 echo "   overlayfs support: $HAVE_OVERLAYFS"
-echo "   fatal warnings: $HAVE_FATAL_WARNINGS"
 echo "   busybox workaround: $BUSYBOX_WORKAROUND"
-printf "   EXTRA_LDFLAGS: $EXTRA_LDFLAGS"
+echo "   EXTRA_LDFLAGS: $EXTRA_LDFLAGS"
+echo "   fatal warnings: $HAVE_FATAL_WARNINGS"
+echo "   Gcov instrumentation: $HAVE_GCOV"
 echo
 
 
diff --git a/configure.ac b/configure.ac
index 9e7680d7d..74ba09f43 100644
--- a/configure.ac
+++ b/configure.ac
@@ -22,7 +22,7 @@ AS_IF([test "x$enable_apparmor" = "xyes"], [
         [Couldn't find sys/apparmor.h... please install apparmor user space library and development files] )])
 ])
 AS_IF([test "x$enable_apparmor" = "xyes"], [
-        EXTRA_LDFLAGS="-lapparmor"
+        EXTRA_LDFLAGS+="-lapparmor "
 ])
 AC_SUBST([EXTRA_LDFLAGS])
 
@@ -136,6 +136,16 @@ AS_IF([test "x$enable_busybox_workaround" = "xyes"], [
 ])
 
 
+HAVE_GCOV=""
+AC_ARG_ENABLE([gcov],
+    AS_HELP_STRING([--enable-gcov], [Gcov instrumentation]))
+AS_IF([test "x$enable_gcov" = "xyes"], [
+        HAVE_GCOV="--coverage -DHAVE_GCOV "
+        EXTRA_LDFLAGS+="-lgcov --coverage "
+        AC_SUBST(HAVE_GCOV)
+])
+
+
 
 # checking pthread library
 AC_CHECK_LIB([pthread], [main], [], AC_MSG_ERROR([*** POSIX thread support not installed ***]))
@@ -168,9 +178,10 @@ echo "   whitelisting: $HAVE_WHITELIST"
 echo "   private home support: $HAVE_PRIVATE_HOME"
 echo "   file transfer support: $HAVE_FILE_TRANSFER"
 echo "   overlayfs support: $HAVE_OVERLAYFS"
-echo "   fatal warnings: $HAVE_FATAL_WARNINGS"
 echo "   busybox workaround: $BUSYBOX_WORKAROUND"
-printf "   EXTRA_LDFLAGS: $EXTRA_LDFLAGS"
+echo "   EXTRA_LDFLAGS: $EXTRA_LDFLAGS"
+echo "   fatal warnings: $HAVE_FATAL_WARNINGS"
+echo "   Gcov instrumentation: $HAVE_GCOV"
 echo
 
 
diff --git a/src/faudit/main.c b/src/faudit/main.c
index 61005945d..7f47ccaf0 100644
--- a/src/faudit/main.c
+++ b/src/faudit/main.c
@@ -21,6 +21,19 @@
 char *prog;
 
 int main(int argc, char **argv) {
+        // make test-arguments helper
+        if (getenv("FIREJAIL_TEST_ARGUMENTS")) {
+                printf("Arguments:\n");
+        
+                int i;
+                for (i = 0; i < argc; i++) {
+                        printf("#%s#\n", argv[i]);
+                }
+                
+                return 0;
+        }
+
+
         if (argc != 1) {
                 int i;
                 
diff --git a/src/firecfg/Makefile.in b/src/firecfg/Makefile.in
index 11f8b1e8d..f9fe08768 100644
--- a/src/firecfg/Makefile.in
+++ b/src/firecfg/Makefile.in
@@ -16,22 +16,24 @@ HAVE_NETWORK=@HAVE_NETWORK@
 HAVE_USERNS=@HAVE_USERNS@
 HAVE_X11=@HAVE_X11@
 HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@
+HAVE_GCOV=@HAVE_GCOV@
+EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
 
 
 H_FILE_LIST       = $(sort $(wildcard *.[h]))
 C_FILE_LIST       = $(sort $(wildcard *.c))
 OBJS = $(C_FILE_LIST:.c=.o)
 BINOBJS =  $(foreach file, $(OBJS), $file)
-CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"'  -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_SECCOMP) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
+CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV)  -DPREFIX='"$(prefix)"'  -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_SECCOMP) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
 LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
 
 %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/libnetlink.h ../include/pid.h
         $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@
 
 firecfg: $(OBJS) ../lib/common.o
-        $(CC)  $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o $(LIBS)
+        $(CC)  $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o $(LIBS) $(EXTRA_LDFLAGS)
 
-clean:; rm -f *.o firecfg firecfg.1 firecfg.1.gz
+clean:; rm -f *.o firecfg firecfg.1 firecfg.1.gz *.gcov *.gcda *.gcno
 
 distclean: clean
         rm -fr Makefile
diff --git a/src/firejail/Makefile.in b/src/firejail/Makefile.in
index c99b6c30c..6e5071925 100644
--- a/src/firejail/Makefile.in
+++ b/src/firejail/Makefile.in
@@ -21,13 +21,14 @@ HAVE_GLOBALCFG=@HAVE_GLOBALCFG@
 HAVE_APPARMOR=@HAVE_APPARMOR@
 HAVE_OVERLAYFS=@HAVE_OVERLAYFS@
 HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@
+HAVE_GCOV=@HAVE_GCOV@
 EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
 
 H_FILE_LIST       = $(sort $(wildcard *.[h]))
 C_FILE_LIST       = $(sort $(wildcard *.c))
 OBJS = $(C_FILE_LIST:.c=.o)
 BINOBJS =  $(foreach file, $(OBJS), $file)
-CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"'  -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
+CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"'  $(HAVE_GCOV) -DPREFIX='"$(prefix)"'  -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
 LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
 
 %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/pid.h ../include/seccomp.h ../include/syscall.h
@@ -36,7 +37,7 @@ LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
 firejail: $(OBJS) ../lib/libnetlink.o ../lib/common.o
         $(CC)  $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o $(LIBS) $(EXTRA_LDFLAGS)
 
-clean:; rm -f *.o firejail firejail.1 firejail.1.gz
+clean:; rm -f *.o firejail firejail.1 firejail.1.gz *.gcov *.gcda *.gcno
 
 distclean: clean
         rm -fr Makefile
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index 556cb1fca..6b7f7f003 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -481,28 +481,24 @@ int sandbox(void* sandbox_arg) {
                 sandbox_if_up(&cfg.bridge3);
                 
 
-// todo: this code seems to be dead!!!
-                // enable interfaces
+                // moving an interface in a namespace using --interface will reset the interface configuration;
+                // we need to put the configuration back
                 if (cfg.interface0.configured && cfg.interface0.ip) {
-assert(0);                      
                         if (arg_debug)
                                 printf("Configuring %d.%d.%d.%d address on interface %s\n", PRINT_IP(cfg.interface0.ip), cfg.interface0.dev);
                         net_config_interface(cfg.interface0.dev, cfg.interface0.ip, cfg.interface0.mask, cfg.interface0.mtu);
                 }                       
                 if (cfg.interface1.configured && cfg.interface1.ip) {
-assert(0);                      
                         if (arg_debug)
                                 printf("Configuring %d.%d.%d.%d address on interface %s\n", PRINT_IP(cfg.interface1.ip), cfg.interface1.dev);
                         net_config_interface(cfg.interface1.dev, cfg.interface1.ip, cfg.interface1.mask, cfg.interface1.mtu);
                 }                       
                 if (cfg.interface2.configured && cfg.interface2.ip) {
-assert(0);                      
                         if (arg_debug)
                                 printf("Configuring %d.%d.%d.%d address on interface %s\n", PRINT_IP(cfg.interface2.ip), cfg.interface2.dev);
                         net_config_interface(cfg.interface2.dev, cfg.interface2.ip, cfg.interface2.mask, cfg.interface2.mtu);
                 }                       
                 if (cfg.interface3.configured && cfg.interface3.ip) {
-assert(0);                      
                         if (arg_debug)
                                 printf("Configuring %d.%d.%d.%d address on interface %s\n", PRINT_IP(cfg.interface3.ip), cfg.interface3.dev);
                         net_config_interface(cfg.interface3.dev, cfg.interface3.ip, cfg.interface3.mask, cfg.interface3.mtu);
diff --git a/src/firejail/sbox.c b/src/firejail/sbox.c
index b16736dee..3d4eef3aa 100644
--- a/src/firejail/sbox.c
+++ b/src/firejail/sbox.c
@@ -156,9 +156,11 @@ int sbox_run(unsigned filter, int num, ...) {
                         caps_drop_all();
                 }
                 else if (filter & SBOX_CAPS_NETWORK) {
+#ifndef HAVE_GCOV // the following filter will prevent GCOV from saving info in .gcda files
                         uint64_t set = ((uint64_t) 1) << CAP_NET_ADMIN;
                         set |=  ((uint64_t) 1) << CAP_NET_RAW;
                         caps_set(set);
+#endif
                 }       
 
                 if (filter & SBOX_SECCOMP) {
diff --git a/src/firemon/Makefile.in b/src/firemon/Makefile.in
index 21888d354..efc48b212 100644
--- a/src/firemon/Makefile.in
+++ b/src/firemon/Makefile.in
@@ -4,21 +4,26 @@ PREFIX=@prefix@
 VERSION=@PACKAGE_VERSION@
 NAME=@PACKAGE_NAME@
 HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@
+HAVE_GCOV=@HAVE_GCOV@
+EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
 
 H_FILE_LIST       = $(sort $(wildcard *.[h]))
 C_FILE_LIST       = $(sort $(wildcard *.c))
 OBJS = $(C_FILE_LIST:.c=.o)
 BINOBJS =  $(foreach file, $(OBJS), $file)
-CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
+CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
 LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now 
+HAVE_GCOV=@HAVE_GCOV@
+EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
+
 
 %.o : %.c $(H_FILE_LIST)
         $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@
 
 firemon: $(OBJS) ../lib/common.o ../lib/pid.o
-        $(CC)  $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o ../lib/pid.o $(LIBS)
+        $(CC)  $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o ../lib/pid.o $(LIBS) $(EXTRA_LDFLAGS)
 
-clean:; rm -f *.o firemon
+clean:; rm -f *.o firemon *.gcov *.gcda *.gcno
 
 distclean: clean
         rm -fr Makefile
diff --git a/src/fnet/Makefile.in b/src/fnet/Makefile.in
index bba4406d4..32f08882a 100644
--- a/src/fnet/Makefile.in
+++ b/src/fnet/Makefile.in
@@ -22,21 +22,23 @@ HAVE_APPARMOR=@HAVE_APPARMOR@
 HAVE_OVERLAYFS=@HAVE_OVERLAYFS@
 HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@
 EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
+HAVE_GCOV=@HAVE_GCOV@
+EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
 
 H_FILE_LIST       = $(sort $(wildcard *.[h]))
 C_FILE_LIST       = $(sort $(wildcard *.c))
 OBJS = $(C_FILE_LIST:.c=.o)
 BINOBJS =  $(foreach file, $(OBJS), $file)
-CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"'  -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
+CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(prefix)"'  -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
 LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
 
 %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/libnetlink.h
         $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@
 
 fnet: $(OBJS) ../lib/libnetlink.o
-        $(CC)  $(LDFLAGS) -o $@ $(OBJS) ../lib/libnetlink.o $(LIBS)
+        $(CC)  $(LDFLAGS) -o $@ $(OBJS) ../lib/libnetlink.o $(LIBS) $(EXTRA_LDFLAGS)
 
-clean:; rm -f *.o fnet
+clean:; rm -f *.o fnet *.gcov *.gcda *.gcno
 
 distclean: clean
         rm -fr Makefile
diff --git a/src/fnet/interface.c b/src/fnet/interface.c
index 67af062bf..046b2c972 100644
--- a/src/fnet/interface.c
+++ b/src/fnet/interface.c
@@ -284,6 +284,7 @@ void net_if_ip(const char *ifname, uint32_t ip, uint32_t mask, int mtu) {
         ((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr.s_addr = htonl(ip);
         if (ioctl( sock, SIOCSIFADDR, &ifr ) < 0) {
                 close(sock);
+                fprintf(stderr, "Error fnet: cannot find interface %s\n", ifname);
                 errExit("ioctl");
         }
 
diff --git a/src/fseccomp/Makefile.in b/src/fseccomp/Makefile.in
index 1878ad2f3..04c46f128 100644
--- a/src/fseccomp/Makefile.in
+++ b/src/fseccomp/Makefile.in
@@ -22,21 +22,23 @@ HAVE_APPARMOR=@HAVE_APPARMOR@
 HAVE_OVERLAYFS=@HAVE_OVERLAYFS@
 HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@
 EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
+HAVE_GCOV=@HAVE_GCOV@
+EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
 
 H_FILE_LIST       = $(sort $(wildcard *.[h]))
 C_FILE_LIST       = $(sort $(wildcard *.c))
 OBJS = $(C_FILE_LIST:.c=.o)
 BINOBJS =  $(foreach file, $(OBJS), $file)
-CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"'  -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
+CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(prefix)"'  -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
 LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
 
 %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h
         $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@
 
 fseccomp: $(OBJS)
-        $(CC)  $(LDFLAGS) -o $@ $(OBJS) $(LIBS)
+        $(CC)  $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS)
 
-clean:; rm -f *.o fseccomp
+clean:; rm -f *.o fseccomp *.gcov *.gcda *.gcno
 
 distclean: clean
         rm -fr Makefile
diff --git a/src/ftee/Makefile.in b/src/ftee/Makefile.in
index be159225f..ad508cadd 100644
--- a/src/ftee/Makefile.in
+++ b/src/ftee/Makefile.in
@@ -4,21 +4,23 @@ PREFIX=@prefix@
 VERSION=@PACKAGE_VERSION@
 NAME=@PACKAGE_NAME@
 HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@
+HAVE_GCOV=@HAVE_GCOV@
+EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
 
 H_FILE_LIST       = $(sort $(wildcard *.[h]))
 C_FILE_LIST       = $(sort $(wildcard *.c))
 OBJS = $(C_FILE_LIST:.c=.o)
 BINOBJS =  $(foreach file, $(OBJS), $file)
-CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(PREFIX)"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
+CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(PREFIX)"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
 LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
 
 %.o : %.c $(H_FILE_LIST)
         $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@
 
 ftee: $(OBJS)
-        $(CC)  $(LDFLAGS) -o $@ $(OBJS)
+        $(CC)  $(LDFLAGS) -o $@ $(OBJS) $(EXTRA_LDFLAGS)
 
-clean:; rm -f *.o ftee
+clean:; rm -f *.o ftee *.gcov *.gcda *.gcno
 
 distclean: clean
         rm -fr Makefile
diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in
index 71f96bab1..5549aca11 100644
--- a/src/lib/Makefile.in
+++ b/src/lib/Makefile.in
@@ -2,12 +2,14 @@ PREFIX=@prefix@
 VERSION=@PACKAGE_VERSION@
 NAME=@PACKAGE_NAME@
 HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@
+HAVE_GCOV=@HAVE_GCOV@
+EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
 
 H_FILE_LIST       = $(sort $(wildcard *.[h]))
 C_FILE_LIST       = $(sort $(wildcard *.c))
 OBJS = $(C_FILE_LIST:.c=.o)
 BINOBJS =  $(foreach file, $(OBJS), $file)
-CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIC -Wformat -Wformat-security
+CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIC -Wformat -Wformat-security
 LDFLAGS:=-pic -Wl,-z,relro -Wl,-z,now 
 
 all: $(OBJS)
@@ -15,7 +17,7 @@ all: $(OBJS)
 %.o : %.c $(H_FILE_LIST)
         $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@
 
-clean:; rm -f $(OBJS)
+clean:; rm -f $(OBJS) *.gcov *.gcda *.gcno
 
 distclean: clean
         rm -fr Makefile
diff --git a/test/arguments/Makefile b/test/arguments/Makefile
deleted file mode 100644
index 3ccab3702..000000000
--- a/test/arguments/Makefile
+++ /dev/null
@@ -1,13 +0,0 @@
-all: argtest
-
-argtest: main.c
-        gcc -o argtest main.c
-
-clean:; rm -f argtest; rm -fr symtest; rm -f out out.*
-
-install:;install -c -m 0755 argtest /usr/local/bin/argtest
-
-uninstall:; rm -f /usr/local/bin/argtest
-
-
-test:; ./arguments.sh | grep TESTING
diff --git a/test/arguments/arguments.sh b/test/arguments/arguments.sh
index 2f53eb3fa..db4c9b472 100755
--- a/test/arguments/arguments.sh
+++ b/test/arguments/arguments.sh
@@ -4,12 +4,16 @@
 
 echo "TESTING: 1. regular bash session"
 ./bashrun.exp
+sleep 1
 
 echo "TESTING: 2. symbolic link to firejail"
 ./symrun.exp
+rm -fr symtest
+sleep 1
 
 echo "TESTING: 3. --join option"
 ./joinrun.exp
+sleep 1
 
 echo "TESTING: 4. --output option"
 ./outrun.exp
diff --git a/test/arguments/bashrun.sh b/test/arguments/bashrun.sh
index c2f209548..0797c92c2 100755
--- a/test/arguments/bashrun.sh
+++ b/test/arguments/bashrun.sh
@@ -1,22 +1,22 @@
 #!/bin/bash
 
 echo "TESTING: 1.1 - simple args"
-firejail --quiet ./argtest arg1 arg2
+firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --quiet /usr/lib/firejail/faudit arg1 arg2
 
 # simple quotes, testing spaces in file names
 echo "TESTING: 1.2 - args with space and \""
-firejail --quiet ./argtest "arg1 tail" "arg2 tail"
+firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --quiet /usr/lib/firejail/faudit "arg1 tail" "arg2 tail"
 
 echo "TESTING: 1.3 - args with space and '"
-firejail --quiet ./argtest 'arg1 tail' 'arg2 tail'
+firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --quiet /usr/lib/firejail/faudit 'arg1 tail' 'arg2 tail'
 
 # escaped space in file names
 echo "TESTING: 1.4 - args with space and \\"
-firejail --quiet ./argtest arg1\ tail arg2\ tail
+firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --quiet /usr/lib/firejail/faudit arg1\ tail arg2\ tail
 
 # & char appears in URLs - URLs should be quoted
 echo "TESTING: 1.5 - args with & and \""
-firejail --quiet ./argtest "arg1&tail" "arg2&tail"
+firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --quiet /usr/lib/firejail/faudit "arg1&tail" "arg2&tail"
 
 echo "TESTING: 1.6 - args with & and '"
-firejail --quiet ./argtest 'arg1&tail' 'arg2&tail'
+firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --quiet /usr/lib/firejail/faudit 'arg1&tail' 'arg2&tail'
diff --git a/test/arguments/joinrun.sh b/test/arguments/joinrun.sh
index f6c2b2e22..2743d823e 100755
--- a/test/arguments/joinrun.sh
+++ b/test/arguments/joinrun.sh
@@ -1,22 +1,22 @@
 #!/bin/bash
 
 echo "TESTING: 3.1 - simple args"
-firejail --join=joinrun ./argtest arg1 arg2
+firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --join=joinrun /usr/lib/firejail/faudit arg1 arg2
 
 # simple quotes, testing spaces in file names
 echo "TESTING: 3.2 - args with space and \""
-firejail --quiet ./argtest "arg1 tail" "arg2 tail"
+firejail--env=FIREJAIL_TEST_ARGUMENTS=yes  --quiet /usr/lib/firejail/faudit "arg1 tail" "arg2 tail"
 
 echo "TESTING: 3.3 - args with space and '"
-firejail --quiet ./argtest 'arg1 tail' 'arg2 tail'
+firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --quiet /usr/lib/firejail/faudit 'arg1 tail' 'arg2 tail'
 
 # escaped space in file names
 echo "TESTING: 3.4 - args with space and \\"
-firejail --quiet ./argtest arg1\ tail arg2\ tail
+firejail--env=FIREJAIL_TEST_ARGUMENTS=yes  --quiet /usr/lib/firejail/faudit arg1\ tail arg2\ tail
 
 # & char appears in URLs - URLs should be quoted
 echo "TESTING: 3.5 - args with & and \""
-firejail --quiet ./argtest "arg1&tail" "arg2&tail"
+firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --quiet /usr/lib/firejail/faudit "arg1&tail" "arg2&tail"
 
 echo "TESTING: 3.6 - args with & and '"
-firejail --quiet ./argtest 'arg1&tail' 'arg2&tail'
+firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --quiet /usr/lib/firejail/faudit 'arg1&tail' 'arg2&tail'
diff --git a/test/arguments/main.c b/test/arguments/main.c
deleted file mode 100644
index 75bdca715..000000000
--- a/test/arguments/main.c
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Copyright (C) 2014-2016 Firejail Authors
- *
- * This file is part of firejail project
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-*/
-#include <stdio.h>
-
-int main(int argc, char **argv) {
-        printf("Arguments:\n");
-
-        int i;
-        for (i = 0; i < argc; i++) {
-                printf("#%s#\n", argv[i]);
-        }
-        
-        return 0;
-}
diff --git a/test/arguments/outrun.sh b/test/arguments/outrun.sh
index cfd8e684c..a21243873 100755
--- a/test/arguments/outrun.sh
+++ b/test/arguments/outrun.sh
@@ -1,22 +1,22 @@
 #!/bin/bash
 
 echo "TESTING: 4.1 - simple args"
-firejail --output=out ./argtest arg1 arg2
+firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --output=out /usr/lib/firejail/faudit arg1 arg2
 
 # simple quotes, testing spaces in file names
 echo "TESTING: 4.2 - args with space and \""
-firejail --output=out ./argtest "arg1 tail" "arg2 tail"
+firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --output=out /usr/lib/firejail/faudit "arg1 tail" "arg2 tail"
 
 echo "TESTING: 4.3 - args with space and '"
-firejail --output=out ./argtest 'arg1 tail' 'arg2 tail'
+firejail--env=FIREJAIL_TEST_ARGUMENTS=yes  --output=out /usr/lib/firejail/faudit 'arg1 tail' 'arg2 tail'
 
 # escaped space in file names
 echo "TESTING: 4.4 - args with space and \\"
-firejail --output=out ./argtest arg1\ tail arg2\ tail
+firejail--env=FIREJAIL_TEST_ARGUMENTS=yes  --output=out /usr/lib/firejail/faudit arg1\ tail arg2\ tail
 
 # & char appears in URLs - URLs should be quoted
 echo "TESTING: 4.5 - args with & and \""
-firejail --output=out ./argtest "arg1&tail" "arg2&tail"
+firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --output=out /usr/lib/firejail/faudit "arg1&tail" "arg2&tail"
 
 echo "TESTING: 4.6 - args with & and '"
-firejail --output=out ./argtest 'arg1&tail' 'arg2&tail'
+firejail--env=FIREJAIL_TEST_ARGUMENTS=yes  --output=out /usr/lib/firejail/faudit 'arg1&tail' 'arg2&tail'
diff --git a/test/arguments/readme b/test/arguments/readme
deleted file mode 100644
index c28461478..000000000
--- a/test/arguments/readme
+++ /dev/null
@@ -1,9 +0,0 @@
-Argument testing fremework for Firejail.
-
-A small test program, argtest, is compiled and installed in /usr/local/bin directory.
-Run "make && sudo make install" to install it.
-
-Run "make test" to run the tests.
-
-Run "sudo make uninstall" to remove the test program.
-
diff --git a/test/fs/fs.sh b/test/fs/fs.sh
index 3139b8eae..812da02b0 100755
--- a/test/fs/fs.sh
+++ b/test/fs/fs.sh
@@ -22,7 +22,13 @@ echo "TESTING: read/write /dev/shm (test/fs/fs_dev_shm.exp)"
 ./fs_dev_shm.exp
 
 echo "TESTING: private (test/fs/private.exp)"
-./private.exp `whoami`
+./private.exp
+
+echo "TESTING: private home (test/fs/private-home.exp)"
+./private-home.exp
+
+echo "TESTING: private home dir (test/fs/private-home-dir.exp)"
+./private-home-dir.exp
 
 echo "TESTING: private-etc (test/fs/private-etc.exp)"
 ./private-etc.exp
diff --git a/test/fs/private-home-dir.exp b/test/fs/private-home-dir.exp
new file mode 100755
index 000000000..5491be834
--- /dev/null
+++ b/test/fs/private-home-dir.exp
@@ -0,0 +1,70 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+
+if {[file exists ~/.asoundrc]} {
+        puts "found .asoundrc file\n"
+} else {
+        send -- "touch ~/.asoundrc\r"
+}
+after 100
+
+if {[file exists ~/.Xauthority]} {
+        puts "found .Xauthority file\n"
+} else {
+        send -- "touch ~/.Xauthority\r"
+}
+after 100
+send -- "mkdir ~/_firejail_test_dir_\r"
+sleep 1
+
+# testing profile and private
+send -- "firejail --private=~/_firejail_test_dir_\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Child process initialized"
+}
+sleep 1
+
+send -- "ls -l ~\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "total 0"
+}
+after 100
+
+send -- "ls -al ~\r"
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        ".asoundrc"
+}
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        ".bashrc"
+}
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        ".Xauthority"
+}
+after 100
+
+send -- "exit\r"
+sleep 1
+
+
+# testing profile and private
+send -- "firejail --private=/etc\r"
+expect {
+        timeout {puts "TESTING ERROR 5\n";exit}
+        "private directory should be owned by the current user"
+}
+sleep 1
+
+
+puts "all done\n"
diff --git a/test/fs/private-home.exp b/test/fs/private-home.exp
new file mode 100755
index 000000000..de5a88dea
--- /dev/null
+++ b/test/fs/private-home.exp
@@ -0,0 +1,45 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+# create some test files in user home directory
+send -- "touch ~/_firejail_test_file1\r"
+send -- "touch ~/_firejail_test_file2\r"
+send -- "mkdir ~/_firejail_test_dir1\r"
+send -- "mkdir ~/_firejail_test_dir1/_firejail_test_dir2\r"
+send -- "touch ~/_firejail_test_dir1/_firejail_test_dir2/_firejail_test_file3\r"
+after 100
+
+send -- "firejail --private-home=_firejail_test_file1,_firejail_test_file2,_firejail_test_dir1\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "Child process initialized"
+}
+after 100
+
+send -- "find ~\r"
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "_firejail_test_file3"
+}
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "_firejail_test_file2"
+}
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "_firejail_test_file1"
+}
+after 100
+
+send -- "rm -f ~/_firejail_test_file*\r"
+send -- "rm -fr ~/_firejail_test_dir*\r"
+after 100
+
+puts "\nall done\n"
+
diff --git a/test/fs/private.exp b/test/fs/private.exp
index 67435b888..8114ee45d 100755
--- a/test/fs/private.exp
+++ b/test/fs/private.exp
@@ -7,53 +7,52 @@ set timeout 10
 spawn $env(SHELL)
 match_max 100000
 
-if { $argc != 1 } {
-        puts "TESTING ERROR: argument missing"
-        puts "Usage: private.exp username"
-        puts "where username is the name of the current user"
-        exit
+
+if {[file exists ~/.asoundrc]} {
+        puts "found .asoundrc file\n"
+} else {
+        send -- "touch ~/.asoundrc\r"
 }
+after 100
+
+if {[file exists ~/.Xauthority]} {
+        puts "found .Xauthority file\n"
+} else {
+        send -- "touch ~/.Xauthority\r"
+}
+after 100
 
 # testing profile and private
-send -- "firejail --private --profile=/etc/firejail/default.profile\r"
+send -- "firejail --private\r"
 expect {
         timeout {puts "TESTING ERROR 0\n";exit}
         "Child process initialized"
 }
 sleep 1
-send -- "exit\r"
-sleep 1
 
-send -- "firejail --private --noprofile\r"
+send -- "ls -l ~\r"
 expect {
         timeout {puts "TESTING ERROR 1\n";exit}
-        "Child process initialized"
+        "total 0"
 }
+after 100
 
-sleep 1
-send -- "cd ~; ls -al; echo done\r"
+send -- "ls -al ~\r"
 expect {
         timeout {puts "TESTING ERROR 2\n";exit}
-        ".bashrc"
+        ".asoundrc"
 }
 expect {
         timeout {puts "TESTING ERROR 3\n";exit}
-        done
-}
-
-# owner /tmp
-send -- "stat -c %U%a /tmp;echo done\r"
-expect {
-        timeout {puts "TESTING ERROR 10\n";exit}
-        "root777" {puts "version 1\n";}
-            "root1777" {puts "version 2\n";}
-        "nobody777" {puts "version 3\n";}
-            "nobody1777" {puts "version 4\n";}
+        ".bashrc"
 }
 expect {
-        timeout {puts "TESTING ERROR 11\n";exit}
-        "done"
+        timeout {puts "TESTING ERROR 4\n";exit}
+        ".Xauthority"
 }
 after 100
 
+send -- "exit\r"
+sleep 1
+
 puts "all done\n"
diff --git a/test/network/interface.exp b/test/network/interface.exp
new file mode 100755
index 000000000..b15563eec
--- /dev/null
+++ b/test/network/interface.exp
@@ -0,0 +1,66 @@
+#!/usr/bin/expect -f
+#
+# interface
+#
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+set overlay [lindex $argv 0]
+set chroot [lindex $argv 1]
+
+#
+# N
+#
+# todo: seems to be unable to find interface eth0.7
+#send -- "firejail --noprofile --interface=eth0.5 --interface=eth0.6 --interface=eth0.7\r"
+send -- "firejail --noprofile --interface=eth0.7 --interface=eth0.6\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Child process initialized"
+}
+sleep 1
+
+send -- "/sbin/ifconfig\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "eth0.5"
+}
+expect {
+        timeout {puts "TESTING ERROR 2n";exit}
+        "Link"
+}
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "10.10.205.10"
+}
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1"
+}
+after 100
+
+send -- "/sbin/ifconfig\r"
+expect {
+        timeout {puts "TESTING ERROR 5\n";exit}
+        "eth0.6"
+}
+expect {
+        timeout {puts "TESTING ERROR 6\n";exit}
+        "Link"
+}
+expect {
+        timeout {puts "TESTING ERROR 7\n";exit}
+        "10.10.206.10"
+}
+expect {
+        timeout {puts "TESTING ERROR 8\n";exit}
+        "UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1"
+}
+after 100
+
+send -- "exit\r"
+sleep 1
+
+
+puts "\nall done\n"
diff --git a/test/network/net_scan.exp b/test/network/net_scan.exp
new file mode 100755
index 000000000..5afbbeea6
--- /dev/null
+++ b/test/network/net_scan.exp
@@ -0,0 +1,75 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+# 
+send -- "firejail --net=br1 --ip=10.10.30.50\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "eth0"
+}
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "10.10.30.50"
+}
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "255.255.255.0"
+}
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "Child process initialized"
+}
+sleep 1
+
+spawn $env(SHELL)
+send -- "firejail --net=br1 --ip=10.10.30.51\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "eth0"
+}
+expect {
+        timeout {puts "TESTING ERROR 5\n";exit}
+        "10.10.30.51"
+}
+expect {
+        timeout {puts "TESTING ERROR 6\n";exit}
+        "255.255.255.0"
+}
+expect {
+        timeout {puts "TESTING ERROR 7\n";exit}
+        "Child process initialized"
+}
+sleep 1
+
+spawn $env(SHELL)
+send -- "firejail --net=br1 --scan\r"
+expect {
+        timeout {puts "TESTING ERROR 8\n";exit}
+        "eth0"
+}
+expect {
+        timeout {puts "TESTING ERROR 9\n";exit}
+        "10.10.30.50"
+}
+expect {
+        timeout {puts "TESTING ERROR 10\n";exit}
+        "10.10.30.51"
+}
+expect {
+        timeout {puts "TESTING ERROR 11\n";exit}
+        "Child process initialized"
+}
+sleep 1
+
+
+
+after 100
+
+puts "\nall done\n"
+
diff --git a/test/network/network.sh b/test/network/network.sh
index 7b6d66e34..e0087411d 100755
--- a/test/network/network.sh
+++ b/test/network/network.sh
@@ -52,6 +52,12 @@ echo "TESTING: network default gateway test 2 (net_defaultgw2.exp)"
 echo "TESTING: network default gateway test 3 (net_defaultgw3.exp)"
 ./net_defaultgw3.exp
 
+echo "TESTING: scan (net_scan.exp)"
+./net_scan.exp
+
+echo "TESTING: interface (interface.exp)"
+./interface.exp
+
 echo "TESTING: netfilter (net_netfilter.exp)"
 ./net_netfilter.exp