diff --git a/cmd/landlock-nonet/main.go b/cmd/landlock-nonet/main.go
new file mode 100644
index 0000000..7d1928b
--- /dev/null
+++ b/cmd/landlock-nonet/main.go
@@ -0,0 +1,28 @@
+package main
+
+import (
+	"log"
+	"os"
+	"syscall"
+
+	"github.com/landlock-lsm/go-landlock/landlock"
+)
+
+func main() {
+	var cmd []string
+	if len(os.Args) > 1 {
+		cmd = os.Args[1:]
+	} else {
+		log.Println("missing command to call, using /bin/bash")
+		cmd = []string{"/bin/bash"}
+	}
+
+	if err := landlock.V4.RestrictNet(); err != nil {
+		log.Fatalf("landlock RestrictNet: %v", err)
+	}
+
+	log.Printf("Starting %v", cmd)
+	if err := syscall.Exec(cmd[0], cmd, os.Environ()); err != nil {
+		log.Fatalf("execve: %v", err)
+	}
+}