From 901f73ef75c0fb519242743815aed557d81b0dc2 Mon Sep 17 00:00:00 2001
From: avoidr <avoidr@users.noreply.github.com>
Date: Wed, 6 Apr 2016 22:18:11 +0200
Subject: profile.c: add --net <iface>

---
 src/firejail/profile.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'src')

diff --git a/src/firejail/profile.c b/src/firejail/profile.c
index d2894d463..c3fb37558 100644
--- a/src/firejail/profile.c
+++ b/src/firejail/profile.c
@@ -228,6 +228,34 @@ int profile_check_line(char *ptr, int lineno, const char *fname) {
 #endif
 		return 0;
 	}
+	else if (strncmp(ptr, "net ", 4) == 0) {
+#ifdef HAVE_NETWORK
+		if (checkcfg(CFG_NETWORK)) {
+			if (strcmp(ptr + 4, "lo") == 0) {
+				fprintf(stderr, "Error: cannot attach to lo device\n");
+				exit(1);
+			}
+
+			Bridge *br;
+			if (cfg.bridge0.configured == 0)
+				br = &cfg.bridge0;
+			else if (cfg.bridge1.configured == 0)
+				br = &cfg.bridge1;
+			else if (cfg.bridge2.configured == 0)
+				br = &cfg.bridge2;
+			else if (cfg.bridge3.configured == 0)
+				br = &cfg.bridge3;
+			else {
+				fprintf(stderr, "Error: maximum 4 network devices are allowed\n");
+				exit(1);
+			}
+			net_configure_bridge(br, ptr + 4);
+		}
+		else
+			fprintf(stderr, "Warning: networking features are disabled in Firejail configuration file\n");
+#endif
+		return 0;
+	}
 	
 	if (strncmp(ptr, "protocol ", 9) == 0) {
 #ifdef HAVE_SECCOMP
-- 
cgit v1.2.3-54-g00ecf