1NMCLI(1) General Commands Manual NMCLI(1)
2
3
4
6 nmcli - command-line tool for controlling NetworkManager
7
9 nmcli [OPTIONS...] {help | general | networking | radio | connection |
10 device | agent | monitor} [COMMAND] [ARGUMENTS...]
11
13 nmcli is a command-line tool for controlling NetworkManager and
14 reporting network status. It can be utilized as a replacement for
15 nm-applet or other graphical clients. nmcli is used to create,
16 display, edit, delete, activate, and deactivate network connections, as
17 well as control and display network device status.
18
19 Typical uses include:
20
21 · Scripts: Utilize NetworkManager via nmcli instead of managing
22 network connections manually. nmcli supports a terse output format
23 which is better suited for script processing. Note that
24 NetworkManager can also execute scripts, called "dispatcher
25 scripts", in response to network events. See NetworkManager(8) for
26 details about these dispatcher scripts.
27
28 · Servers, headless machines, and terminals: nmcli can be used to
29 control NetworkManager without a GUI, including creating, editing,
30 starting and stopping network connections and viewing network
31 status.
32
34 -t | --terse
35 Output is terse. This mode is designed and suitable for computer
36 (script) processing.
37
38 -p | --pretty
39 Output is pretty. This causes nmcli to produce easily readable
40 outputs for humans, i.e. values are aligned, headers are printed,
41 etc.
42
43 -m | --mode {tabular | multiline}
44 Switch between tabular and multiline output:
45
46 tabular
47 Output is a table where each line describes a single entry.
48 Columns define particular properties of the entry.
49
50 multiline
51 Each entry comprises multiple lines, each property on its own
52 line. The values are prefixed with the property name.
53
54 If omitted, default is tabular for most commands. For the commands
55 producing more structured information, that cannot be displayed on
56 a single line, default is multiline. Currently, they are:
57
58 · nmcli connection show ID
59
60 · nmcli device show
61
62 -c | --colors {yes | no | auto}
63 This option controls color output (using terminal escape
64 sequences). yes enables colors, no disables them, auto only
65 produces colors when standard output is directed to a terminal. The
66 default value is auto.
67
68 The actual colors used are configured as described in terminal-
69 colors.d(5). Please refer to the COLORS section for a list of color
70 names supported by nmcli.
71
72 -f | --fields {field1,field2... | all | common}
73 This option is used to specify what fields (column names) should be
74 printed. Valid field names differ for specific commands. List
75 available fields by providing an invalid value to the --fields
76 option. all is used to print all valid field values of the
77 command. common is used to print common field values of the
78 command.
79
80 If omitted, default is common.
81
82 -g | --get-values {field1,field2... | all | common}
83 This option is used to print values from specific fields. It is
84 basically a shortcut for --mode tabular --terse --fields and is a
85 convenient way to retrieve values for particular fields. The values
86 are printed one per line without headers.
87
88 If a section is specified instead of a field, the section name will
89 be printed followed by colon separated values of the fields
90 belonging to that section, all on the same line.
91
92 -e | --escape {yes | no}
93 Whether to escape : and \ characters in terse tabular mode. The
94 escape character is \.
95
96 If omitted, default is yes.
97
98 -a | --ask
99 When using this option nmcli will stop and ask for any missing
100 required arguments, so do not use this option for non-interactive
101 purposes like scripts. This option controls, for example, whether
102 you will be prompted for a password if it is required for
103 connecting to a network.
104
105 -s | --show-secrets
106 When using this option nmcli will display passwords and secrets
107 that might be present in an output of an operation. This option
108 also influences echoing passwords typed by user as an input.
109
110 -w | --wait seconds
111 This option sets a timeout period for which nmcli will wait for
112 NetworkManager to finish operations. It is especially useful for
113 commands that may take a longer time to complete, e.g. connection
114 activation.
115
116 Specifying a value of 0 instructs nmcli not to wait but to exit
117 immediately with a status of success. The default value depends on
118 the executed command.
119
120 --complete-args
121 Instead of conducting the desired action, nmcli will list possible
122 completions for the last argument. This is useful to implement
123 argument completion in shell.
124
125 The exit status will indicate success or return a code 65 to
126 indicate the last argument is a file name.
127
128 NetworkManager ships with command completion support for GNU Bash.
129
130 -v | --version
131 Show nmcli version.
132
133 -h | --help
134 Print help information.
135
137 nmcli general {status | hostname | permissions | logging}
138 [ARGUMENTS...]
139
140 Use this command to show NetworkManager status and permissions. You can
141 also get and change system hostname, as well as NetworkManager logging
142 level and domains.
143
144 status
145 Show overall status of NetworkManager. This is the default action,
146 when no additional command is provided for nmcli general.
147
148 hostname [hostname]
149 Get and change system hostname. With no arguments, this prints
150 currently configured hostname. When you pass a hostname, it will be
151 handed over to NetworkManager to be set as a new system hostname.
152
153 Note that the term "system" hostname may also be referred to as
154 "persistent" or "static" by other programs or tools. The hostname
155 is stored in /etc/hostname file in most distributions. For example,
156 systemd-hostnamed service uses the term "static" hostname and it
157 only reads the /etc/hostname file when it starts.
158
159 permissions
160 Show the permissions a caller has for various authenticated
161 operations that NetworkManager provides, like enable and disable
162 networking, changing Wi-Fi and WWAN state, modifying connections,
163 etc.
164
165 logging [level level] [domains domains...]
166 Get and change NetworkManager logging level and domains. Without
167 any argument current logging level and domains are shown. In order
168 to change logging state, provide level and, or, domain parameters.
169 See NetworkManager.conf(5) for available level and domain values.
170
172 nmcli networking {on | off | connectivity} [ARGUMENTS...]
173
174 Query NetworkManager networking status, enable and disable networking.
175
176 on, off
177 Enable or disable networking control by NetworkManager. All
178 interfaces managed by NetworkManager are deactivated when
179 networking is disabled.
180
181 connectivity [check]
182 Get network connectivity state. The optional check argument tells
183 NetworkManager to re-check the connectivity, else the most recent
184 known connectivity state is displayed without re-checking.
185
186 Possible states are:
187
188 none
189 the host is not connected to any network.
190
191 portal
192 the host is behind a captive portal and cannot reach the full
193 Internet.
194
195 limited
196 the host is connected to a network, but it has no access to the
197 Internet.
198
199 full
200 the host is connected to a network and has full access to the
201 Internet.
202
203 unknown
204 the connectivity status cannot be found out.
205
207 nmcli radio {all | wifi | wwan} [ARGUMENTS...]
208
209 Show radio switches status, or enable and disable the switches.
210
211 wifi [on | off]
212 Show or set status of Wi-Fi in NetworkManager. If no arguments are
213 supplied, Wi-Fi status is printed; on enables Wi-Fi; off disables
214 Wi-Fi.
215
216 wwan [on | off]
217 Show or set status of WWAN (mobile broadband) in NetworkManager. If
218 no arguments are supplied, mobile broadband status is printed; on
219 enables mobile broadband, off disables it.
220
221 all [on | off]
222 Show or set all previously mentioned radio switches at the same
223 time.
224
226 nmcli monitor
227
228 Observe NetworkManager activity. Watches for changes in connectivity
229 state, devices or connection profiles.
230
231 See also nmcli connection monitor and nmcli device monitor to watch for
232 changes in certain devices or connections.
233
235 nmcli connection {show | up | down | modify | add | edit | clone |
236 delete | monitor | reload | load | import | export}
237 [ARGUMENTS...]
238
239 NetworkManager stores all network configuration as "connections", which
240 are collections of data (Layer2 details, IP addressing, etc.) that
241 describe how to create or connect to a network. A connection is
242 "active" when a device uses that connection's configuration to create
243 or connect to a network. There may be multiple connections that apply
244 to a device, but only one of them can be active on that device at any
245 given time. The additional connections can be used to allow quick
246 switching between different networks and configurations.
247
248 Consider a machine which is usually connected to a DHCP-enabled
249 network, but sometimes connected to a testing network which uses static
250 IP addressing. Instead of manually reconfiguring eth0 each time the
251 network is changed, the settings can be saved as two connections which
252 both apply to eth0, one for DHCP (called default) and one with the
253 static addressing details (called testing). When connected to the
254 DHCP-enabled network the user would run nmcli con up default , and when
255 connected to the static network the user would run nmcli con up
256 testing.
257
258 show [--active] [--order [+-]category:...]
259 List in-memory and on-disk connection profiles, some of which may
260 also be active if a device is using that connection profile.
261 Without a parameter, all profiles are listed. When --active option
262 is specified, only the active profiles are shown.
263
264 The --order option can be used to get custom ordering of
265 connections. The connections can be ordered by active status
266 (active), name (name), type (type) or D-Bus path (path). If
267 connections are equal according to a sort order category, an
268 additional category can be specified. The default sorting order is
269 equivalent to --order active:name:path. + or no prefix means
270 sorting in ascending order (alphabetically or in numbers), - means
271 reverse (descending) order. The category names can be abbreviated
272 (e.g. --order -a:na).
273
274 show [--active] [id | uuid | path | apath] ID...
275 Show details for specified connections. By default, both static
276 configuration and active connection data are displayed. When
277 --active option is specified, only the active profiles are taken
278 into account. Use global --show-secrets option to display secrets
279 associated with the profile.
280
281 id, uuid, path and apath keywords can be used if ID is ambiguous.
282 Optional ID-specifying keywords are:
283
284 id
285 the ID denotes a connection name.
286
287 uuid
288 the ID denotes a connection UUID.
289
290 path
291 the ID denotes a D-Bus static connection path in the format of
292 /org/freedesktop/NetworkManager/Settings/num or just num.
293
294 apath
295 the ID denotes a D-Bus active connection path in the format of
296 /org/freedesktop/NetworkManager/ActiveConnection/num or just
297 num.
298
299 It is possible to filter the output using the global --fields
300 option. Use the following values:
301
302 profile
303 only shows static profile configuration.
304
305 active
306 only shows active connection data (when the profile is active).
307
308 You can also specify particular fields. For static configuration,
309 use setting and property names as described in nm-settings(5)
310 manual page. For active data use GENERAL, IP4, DHCP4, IP6, DHCP6,
311 VPN.
312
313 When no command is given to the nmcli connection, the default
314 action is nmcli connection show.
315
316 up [id | uuid | path] ID [ifname ifname] [ap BSSID] [passwd-file file]
317 Activate a connection. The connection is identified by its name,
318 UUID or D-Bus path. If ID is ambiguous, a keyword id, uuid or path
319 can be used. When requiring a particular device to activate the
320 connection on, the ifname option with interface name should be
321 given. If the ID is not given an ifname is required, and
322 NetworkManager will activate the best available connection for the
323 given ifname. In case of a VPN connection, the ifname option
324 specifies the device of the base connection. The ap option specify
325 what particular AP should be used in case of a Wi-Fi connection.
326
327 If --wait option is not specified, the default timeout will be 90
328 seconds.
329
330 See connection show above for the description of the ID-specifying
331 keywords.
332
333 Available options are:
334
335 ifname
336 interface that will be used for activation.
337
338 ap
339 BSSID of the AP which the command should connect to (for Wi-Fi
340 connections).
341
342 passwd-file
343 some networks may require credentials during activation. You
344 can give these credentials using this option. Each line of the
345 file should contain one password in the form:
346
347 setting_name.property_name:the password
348
349 For example, for WPA Wi-Fi with PSK, the line would be
350
351 802-11-wireless-security.psk:secret12345
352
353 For 802.1X password, the line would be
354
355 802-1x.password:my 1X password
356
357
358 nmcli also accepts wifi-sec and wifi strings instead of
359 802-11-wireless-security. When NetworkManager requires a
360 password and it is not given, nmcli will ask for it when run
361 with --ask. If --ask was not passed, NetworkManager can ask
362 another secret agent that may be running (typically a GUI
363 secret agent, such as nm-applet or gnome-shell).
364
365 down [id | uuid | path | apath] ID...
366 Deactivate a connection from a device without preventing the device
367 from further auto-activation. Multiple connections can be passed to
368 the command.
369
370 Be aware that this command deactivates the specified active
371 connection, but the device on which the connection was active, is
372 still ready to connect and will perform auto-activation by looking
373 for a suitable connection that has the 'autoconnect' flag set. This
374 includes the just deactivated connection. So if the connection is
375 set to auto-connect, it will be automatically started on the
376 disconnected device again.
377
378 In most cases you may want to use device disconnect command
379 instead.
380
381 The connection is identified by its name, UUID or D-Bus path. If ID
382 is ambiguous, a keyword id, uuid, path or apath can be used.
383
384 See connection show above for the description of the ID-specifying
385 keywords.
386
387 If --wait option is not specified, the default timeout will be 10
388 seconds.
389
390 modify [--temporary] [id | uuid | path] ID
391 {option value | [+|-]setting.property value}...
392 Add, modify or remove properties in the connection profile.
393
394 To set the property just specify the property name followed by the
395 value. An empty value ("") removes the property value.
396
397 In addition to the properties, you can also use short names for
398 some of the properties. Consult the PROPERTY ALIASES section for
399 details.
400
401 If you want to append an item to the existing value, use + prefix
402 for the property name. If you want to remove just one item from
403 container-type property, use - prefix for the property name and
404 specify a value or an zero-based index of the item to remove (or
405 option name for properties with named options) as value. The + and
406 - modifies only have a real effect for multi-value (container)
407 properties like ipv4.dns, ipv4.addresses, bond.options, etc.
408
409 See nm-settings(5) for complete reference of setting and property
410 names, their descriptions and default values. The setting and
411 property can be abbreviated provided they are unique.
412
413 The connection is identified by its name, UUID or D-Bus path. If ID
414 is ambiguous, a keyword id, uuid or path can be used.
415
416 add [save {yes | no}] {option value | [+|-]setting.property value}...
417 Create a new connection using specified properties.
418
419 You need to describe the newly created connections with the
420 property and value pairs. See nm-settings(5) for the complete
421 reference. You can also use the aliases described in PROPERTY
422 ALIASES section. The syntax is the same as of the nmcli connection
423 modify command.
424
425 To construct a meaningful connection you at the very least need to
426 set the connection.type property (or use the type alias) to one of
427 known NetworkManager connection types:
428
429 · ethernet
430
431 · wifi
432
433 · wimax
434
435 · pppoe
436
437 · gsm
438
439 · cdma
440
441 · infiniband
442
443 · bluetooth
444
445 · vlan
446
447 · bond
448
449 · bond-slave
450
451 · team
452
453 · team-slave
454
455 · bridge
456
457 · bridge-slave
458
459 · vpn
460
461 · olpc-mesh
462
463 · adsl
464
465 · tun
466
467 · ip-tunnel
468
469 · macvlan
470
471 · vxlan
472
473 · dummy
474
475 The most typical uses are described in the EXAMPLES section.
476
477 Aside from the properties and values two special options are
478 accepted:
479
480 save
481 Controls whether the connection should be persistent, i.e.
482 NetworkManager should store it on disk (default: yes).
483
484 --
485 If a single -- argument is encountered it is ignored. This is
486 for compatibility with older versions on nmcli.
487
488 edit {[id | uuid | path] ID | [type type] [con-name name] }
489 Edit an existing connection or add a new one, using an interactive
490 editor.
491
492 The existing connection is identified by its name, UUID or D-Bus
493 path. If ID is ambiguous, a keyword id, uuid, or path can be used.
494 See connection show above for the description of the ID-specifying
495 keywords. Not providing an ID means that a new connection will be
496 added.
497
498 The interactive editor will guide you through the connection
499 editing and allow you to change connection parameters according to
500 your needs by means of a simple menu-driven interface. The editor
501 indicates what settings and properties can be modified and provides
502 in-line help.
503
504 Available options:
505
506 type
507 type of the new connection; valid types are the same as for
508 connection add command.
509
510 con-name
511 name for the new connection. It can be changed later in the
512 editor.
513
514 See also nm-settings(5) for all NetworkManager settings and
515 property names, and their descriptions; and nmcli-examples(7) for
516 sample editor sessions.
517
518 clone [--temporary] [id | uuid | path] ID new_name
519 Clone a connection. The connection to be cloned is identified by
520 its name, UUID or D-Bus path. If ID is ambiguous, a keyword id,
521 uuid or path can be used. See connection show above for the
522 description of the ID-specifying keywords. new_name is the name of
523 the new cloned connection. The new connection will be the exact
524 copy except the connection.id (new_name) and connection.uuid
525 (generated) properties.
526
527 The new connection profile will be saved as persistent unless
528 --temporary option is specified, in which case the new profile
529 won't exist after NetworkManager restart.
530
531 delete [id | uuid | path] ID...
532 Delete a configured connection. The connection to be deleted is
533 identified by its name, UUID or D-Bus path. If ID is ambiguous, a
534 keyword id, uuid or path can be used. See connection show above for
535 the description of the ID-specifying keywords.
536
537 If --wait option is not specified, the default timeout will be 10
538 seconds.
539
540 monitor [id | uuid | path] ID...
541 Monitor connection profile activity. This command prints a line
542 whenever the specified connection changes. The connection to be
543 monitored is identified by its name, UUID or D-Bus path. If ID is
544 ambiguous, a keyword id, uuid or path can be used. See connection
545 show above for the description of the ID-specifying keywords.
546
547 Monitors all connection profiles in case none is specified. The
548 command terminates when all monitored connections disappear. If you
549 want to monitor connection creation consider using the global
550 monitor with nmcli monitor command.
551
552 reload
553 Reload all connection files from disk. NetworkManager does not
554 monitor changes to connection files by default. So you need to use
555 this command in order to tell NetworkManager to re-read the
556 connection profiles from disk when a change was made to them.
557 However, the auto-loading feature can be enabled and then
558 NetworkManager will reload connection files any time they change
559 (monitor-connection-files=true in NetworkManager.conf(5)).
560
561 load filename...
562 Load/reload one or more connection files from disk. Use this after
563 manually editing a connection file to ensure that NetworkManager is
564 aware of its latest state.
565
566 import [--temporary] type type file file
567 Import an external/foreign configuration as a NetworkManager
568 connection profile. The type of the input file is specified by type
569 option.
570
571 Only VPN configurations are supported at the moment. The
572 configuration is imported by NetworkManager VPN plugins. type
573 values are the same as for vpn-type option in nmcli connection add.
574 VPN configurations are imported by VPN plugins. Therefore the
575 proper VPN plugin has to be installed so that nmcli could import
576 the data.
577
578 The imported connection profile will be saved as persistent unless
579 --temporary option is specified, in which case the new profile
580 won't exist after NetworkManager restart.
581
582 export [id | uuid | path] ID [file]
583 Export a connection.
584
585 Only VPN connections are supported at the moment. A proper VPN
586 plugin has to be installed so that nmcli could export a connection.
587 If no file is provided, the VPN configuration data will be printed
588 to standard output.
589
591 nmcli device {status | show | set | connect | reapply | modify |
592 disconnect | delete | monitor | wifi | lldp}
593 [ARGUMENTS...]
594
595 Show and manage network interfaces.
596
597 status
598 Print status of devices.
599
600 This is the default action if no command is specified to nmcli
601 device.
602
603 show [ifname]
604 Show detailed information about devices. Without an argument, all
605 devices are examined. To get information for a specific device, the
606 interface name has to be provided.
607
608 set [ifname] ifname [autoconnect {yes | no}] [managed {yes | no}]
609 Set device properties.
610
611 connect ifname
612 Connect the device. NetworkManager will try to find a suitable
613 connection that will be activated. It will also consider
614 connections that are not set to auto connect.
615
616 If --wait option is not specified, the default timeout will be 90
617 seconds.
618
619 reapply ifname
620 Attempt to update device with changes to the currently active
621 connection made since it was last applied.
622
623 modify ifname {option value | [+|-]setting.property value}...
624 Modify the settings currently active on the device.
625
626 This command lets you do temporary changes to a configuration
627 active on a particular device. The changes are not preserved in the
628 connection profile.
629
630 See nm-settings(5) for the list of available properties. Please
631 note that some properties can't be changed on an already connected
632 device.
633
634 You can also use the aliases described in PROPERTY ALIASES section.
635 The syntax is the same as of the nmcli connection modify command.
636
637 disconnect ifname...
638 Disconnect a device and prevent the device from automatically
639 activating further connections without user/manual intervention.
640 Note that disconnecting software devices may mean that the devices
641 will disappear.
642
643 If --wait option is not specified, the default timeout will be 10
644 seconds.
645
646 delete ifname...
647 Delete a device. The command removes the interface from the system.
648 Note that this only works for software devices like bonds, bridges,
649 teams, etc. Hardware devices (like Ethernet) cannot be deleted by
650 the command.
651
652 If --wait option is not specified, the default timeout will be 10
653 seconds.
654
655 monitor [ifname...]
656 Monitor device activity. This command prints a line whenever the
657 specified devices change state.
658
659 Monitors all devices in case no interface is specified. The monitor
660 terminates when all specified devices disappear. If you want to
661 monitor device addition consider using the global monitor with
662 nmcli monitor command.
663
664 wifi [list [--rescan | auto | no | yes] [ifname ifname] [bssid BSSID]]
665 List available Wi-Fi access points. The ifname and bssid options
666 can be used to list APs for a particular interface or with a
667 specific BSSID, respectively.
668
669 By default, nmcli ensures that the access point list is no older
670 than 30 seconds and triggers a network scan if necessary. The
671 --rescan can be used to either force or disable the scan regardless
672 of how fresh the access point list is.
673
674 wifi connect (B)SSID [password password] [wep-key-type {key | phrase}]
675 [ifname ifname] [bssid BSSID] [name name] [private {yes | no}]
676 [hidden {yes | no}]
677 Connect to a Wi-Fi network specified by SSID or BSSID. The command
678 creates a new connection and then activates it on a device. This is
679 a command-line counterpart of clicking an SSID in a GUI client. The
680 command always creates a new connection and thus it is mainly
681 useful for connecting to new Wi-Fi networks. If a connection for
682 the network already exists, it is better to bring up (activate) the
683 existing connection as follows: nmcli con up id name. Note that
684 only open, WEP and WPA-PSK networks are supported at the moment. It
685 is also supposed that IP configuration is obtained via DHCP.
686
687 If --wait option is not specified, the default timeout will be 90
688 seconds.
689
690 Available options are:
691
692 password
693 password for secured networks (WEP or WPA).
694
695 wep-key-type
696 type of WEP secret, either key for ASCII/HEX key or phrase for
697 passphrase.
698
699 ifname
700 interface that will be used for activation.
701
702 bssid
703 if specified, the created connection will be restricted just
704 for the BSSID.
705
706 name
707 if specified, the connection will use the name (else NM creates
708 a name itself).
709
710 private
711 if set to yes, the connection will only be visible to the user
712 who created it. Otherwise the connection is system-wide, which
713 is the default.
714
715 hidden
716 set to yes when connecting for the first time to an AP not
717 broadcasting its SSID. Otherwise the SSID would not be found
718 and the connection attempt would fail.
719
720 wifi hotspot [ifname ifname] [con-name name] [ssid SSID]
721 [band {a | bg}] [channel channel] [password password]
722 Create a Wi-Fi hotspot. The command creates a hotspot connection
723 profile according to Wi-Fi device capabilities and activates it on
724 the device. The hotspot is secured with WPA if device/driver
725 supports that, otherwise WEP is used. Use connection down or device
726 disconnect to stop the hotspot.
727
728 Parameters of the hotspot can be influenced by the optional
729 parameters:
730
731 ifname
732 what Wi-Fi device is used.
733
734 con-name
735 name of the created hotspot connection profile.
736
737 ssid
738 SSID of the hotspot.
739
740 band
741 Wi-Fi band to use.
742
743 channel
744 Wi-Fi channel to use.
745
746 password
747 password to use for the created hotspot. If not provided, nmcli
748 will generate a password. The password is either WPA pre-shared
749 key or WEP key.
750
751 Note that --show-secrets global option can be used to print the
752 hotspot password. It is useful especially when the password was
753 generated.
754
755 wifi rescan [ifname ifname] [ssid SSID...]
756 Request that NetworkManager immediately re-scan for available
757 access points. NetworkManager scans Wi-Fi networks periodically,
758 but in some cases it can be useful to start scanning manually (e.g.
759 after resuming the computer). By using ssid, it is possible to scan
760 for a specific SSID, which is useful for APs with hidden SSIDs. You
761 can provide multiple ssid parameters in order to scan more SSIDs.
762
763 This command does not show the APs, use nmcli device wifi list for
764 that.
765
766 lldp [list [ifname ifname]]
767 Display information about neighboring devices learned through the
768 Link Layer Discovery Protocol (LLDP). The ifname option can be used
769 to list neighbors only for a given interface. The protocol must be
770 enabled in the connection settings.
771
773 nmcli agent {secret | polkit | all}
774
775 Run nmcli as a NetworkManager secret agent, or polkit agent.
776
777 secret
778 Register nmcli as a NetworkManager secret agent and listen for
779 secret requests. You do usually not need this command, because
780 nmcli can handle secrets when connecting to networks. However, you
781 may find the command useful when you use another tool for
782 activating connections and you do not have a secret agent available
783 (like nm-applet).
784
785 polkit
786 Register nmcli as a polkit agent for the user session and listen
787 for authorization requests. You do not usually need this command,
788 because nmcli can handle polkit actions related to NetworkManager
789 operations (when run with --ask). However, you may find the command
790 useful when you want to run a simple text based polkit agent and
791 you do not have an agent of a desktop environment. Note that
792 running this command makes nmcli handle all polkit requests, not
793 only NetworkManager related ones, because only one polkit agent can
794 run for the session.
795
796 all
797 Runs nmcli as both NetworkManager secret and a polkit agent.
798
800 Apart from the property-value pairs, connection add, connection modify
801 and device modify also accept short forms of some properties. They
802 exist for convenience. Some aliases can affect multiple connection
803 properties at once.
804
805 The overview of the aliases is below. An actual connection type is used
806 to disambiguate these options from the options of the same name that
807 are valid for multiple connection types (such as mtu).
808
809 Table 1. Options for all connections
810 ┌────────────┬───────────────────────────┬─────────────────────────────┐
811 │Alias │ Property │ Note │
812 ├────────────┼───────────────────────────┼─────────────────────────────┤
813 │type │ connection.type │ This alias also │
814 │ │ │ accepts values of │
815 │ │ │ bond-slave, │
816 │ │ │ team-slave and │
817 │ │ │ bridge-slave. They │
818 │ │ │ create ethernet │
819 │ │ │ connection │
820 │ │ │ profiles. Their use │
821 │ │ │ is discouraged in │
822 │ │ │ favor of using a │
823 │ │ │ specific type with │
824 │ │ │ master option. │
825 ├────────────┼───────────────────────────┼─────────────────────────────┤
826 │con-name │ connection.id │ When not provided a │
827 │ │ │ default name is │
828 │ │ │ generated: │
829 │ │ │ <type>[-<ifname>][-<num>]). │
830 ├────────────┼───────────────────────────┼─────────────────────────────┤
831 │autoconnect │ connection.autoconnect │ │
832 ├────────────┼───────────────────────────┼─────────────────────────────┤
833 │ifname │ connection.interface-name │ A value of * will be │
834 │ │ │ interpreted as no value, │
835 │ │ │ making the connection │
836 │ │ │ profile │
837 │ │ │ interface-independent. │
838 │ │ │ Note: use quotes around * │
839 │ │ │ to suppress shell │
840 │ │ │ expansion. For bond, team │
841 │ │ │ and bridge connections a │
842 │ │ │ default name will be │
843 │ │ │ generated if not set. │
844 ├────────────┼───────────────────────────┼─────────────────────────────┤
845 │master │ connection.master │ Value specified here will │
846 │ │ │ be canonicalized. It can │
847 │ │ │ be prefixed with ifname/, │
848 │ │ │ uuid/ or id/ to │
849 │ │ │ disambiguate it. │
850 ├────────────┼───────────────────────────┼─────────────────────────────┤
851 │slave-type │ connection.slave-type │ │
852 └────────────┴───────────────────────────┴─────────────────────────────┘
853
854 Table 2. PPPoE options
855 ┌─────────┬────────────────┐
856 │Alias │ Property │
857 ├─────────┼────────────────┤
858 │username │ pppoe.username │
859 ├─────────┼────────────────┤
860 │password │ pppoe.password │
861 ├─────────┼────────────────┤
862 │service │ pppoe.service │
863 ├─────────┼────────────────┤
864 │parent │ pppoe.parent │
865 └─────────┴────────────────┘
866
867 Table 3. Wired Ethernet options
868 ┌───────────┬──────────────────────────┐
869 │Alias │ Property │
870 ├───────────┼──────────────────────────┤
871 │mtu │ wired.mtu │
872 ├───────────┼──────────────────────────┤
873 │mac │ wired.mac-address │
874 ├───────────┼──────────────────────────┤
875 │cloned-mac │ wired.cloned-mac-address │
876 └───────────┴──────────────────────────┘
877
878 Table 4. Infiniband options
879 ┌───────────────┬───────────────────────────┐
880 │Alias │ Property │
881 ├───────────────┼───────────────────────────┤
882 │mtu │ infiniband.mtu │
883 ├───────────────┼───────────────────────────┤
884 │mac │ infiniband.mac-address │
885 ├───────────────┼───────────────────────────┤
886 │transport-mode │ infiniband.transport-mode │
887 ├───────────────┼───────────────────────────┤
888 │parent │ infiniband.parent │
889 ├───────────────┼───────────────────────────┤
890 │p-key │ infiniband.p-key │
891 └───────────────┴───────────────────────────┘
892
893 Table 5. Wi-Fi options
894 ┌───────────┬─────────────────────────────┐
895 │Alias │ Property │
896 ├───────────┼─────────────────────────────┤
897 │ssid │ wireless.ssid │
898 ├───────────┼─────────────────────────────┤
899 │mode │ wireless.mode │
900 ├───────────┼─────────────────────────────┤
901 │mtu │ wireless.mtu │
902 ├───────────┼─────────────────────────────┤
903 │mac │ wireless.mac-address │
904 ├───────────┼─────────────────────────────┤
905 │cloned-mac │ wireless.cloned-mac-address │
906 └───────────┴─────────────────────────────┘
907
908 Table 6. WiMax options
909 ┌──────┬────────────────────┐
910 │Alias │ Property │
911 ├──────┼────────────────────┤
912 │nsp │ wimax.network-name │
913 ├──────┼────────────────────┤
914 │mac │ wimax.mac-address │
915 └──────┴────────────────────┘
916
917 Table 7. GSM options
918 ┌─────────┬──────────────┐
919 │Alias │ Property │
920 ├─────────┼──────────────┤
921 │apn │ gsm.apn │
922 ├─────────┼──────────────┤
923 │user │ gsm.username │
924 ├─────────┼──────────────┤
925 │password │ gsm.password │
926 └─────────┴──────────────┘
927
928 Table 8. CDMA options
929 ┌─────────┬───────────────┐
930 │Alias │ Property │
931 ├─────────┼───────────────┤
932 │user │ cdma.username │
933 ├─────────┼───────────────┤
934 │password │ cdma.password │
935 └─────────┴───────────────┘
936
937 Table 9. Bluetooth options
938 ┌────────┬──────────────────┬─────────────────────┐
939 │Alias │ Property │ Note │
940 ├────────┼──────────────────┼─────────────────────┤
941 │addr │ bluetooth.bdaddr │ │
942 ├────────┼──────────────────┼─────────────────────┤
943 │bt-type │ bluetooth.type │ Apart from the │
944 │ │ │ usual panu, nap and │
945 │ │ │ dun options, the │
946 │ │ │ values of dun-gsm │
947 │ │ │ and dun-cdma can be │
948 │ │ │ used for │
949 │ │ │ compatibility with │
950 │ │ │ older versions. │
951 │ │ │ They are equivalent │
952 │ │ │ to using dun and │
953 │ │ │ setting appropriate │
954 │ │ │ gsm.* or cdma.* │
955 │ │ │ properties. │
956 └────────┴──────────────────┴─────────────────────┘
957
958 Table 10. VLAN options
959 ┌────────┬───────────────────────────┐
960 │Alias │ Property │
961 ├────────┼───────────────────────────┤
962 │dev │ vlan.parent │
963 ├────────┼───────────────────────────┤
964 │id │ vlan.id │
965 ├────────┼───────────────────────────┤
966 │flags │ vlan.flags │
967 ├────────┼───────────────────────────┤
968 │ingress │ vlan.ingress-priority-map │
969 ├────────┼───────────────────────────┤
970 │egress │ vlan.egress-priority-map │
971 └────────┴───────────────────────────┘
972
973 Table 11. Bonding options
974 ┌──────────────┬──────────────┬───────────────────┐
975 │Alias │ Property │ Note │
976 ├──────────────┼──────────────┼───────────────────┤
977 │mode │ │ Setting each of │
978 ├──────────────┤ │ these adds the │
979 │primary │ │ option to │
980 ├──────────────┤ │ bond.options │
981 │miimon │ │ property. It's │
982 ├──────────────┤ │ equivalent to the │
983 │downdelay │ │ +bond.options │
984 ├──────────────┤ bond.options │ 'option=value' │
985 │updelay │ │ syntax. │
986 ├──────────────┤ │ │
987 │arp-interval │ │ │
988 ├──────────────┤ │ │
989 │arp-ip-target │ │ │
990 ├──────────────┤ │ │
991 │lacp-rate │ │ │
992 └──────────────┴──────────────┴───────────────────┘
993
994 Table 12. Team options
995 ┌───────┬─────────────┬────────────────────┐
996 │Alias │ Property │ Note │
997 ├───────┼─────────────┼────────────────────┤
998 │config │ team.config │ Either a filename │
999 │ │ │ or a team │
1000 │ │ │ configuration in │
1001 │ │ │ JSON format. To │
1002 │ │ │ enforce one or the │
1003 │ │ │ other, the value │
1004 │ │ │ can be prefixed │
1005 │ │ │ with "file://" or │
1006 │ │ │ "json://". │
1007 └───────┴─────────────┴────────────────────┘
1008
1009 Table 13. Team port options
1010 ┌───────┬──────────────────┬────────────────────┐
1011 │Alias │ Property │ Note │
1012 ├───────┼──────────────────┼────────────────────┤
1013 │config │ team-port.config │ Either a filename │
1014 │ │ │ or a team │
1015 │ │ │ configuration in │
1016 │ │ │ JSON format. To │
1017 │ │ │ enforce one or the │
1018 │ │ │ other, the value │
1019 │ │ │ can be prefixed │
1020 │ │ │ with "file://" or │
1021 │ │ │ "json://". │
1022 └───────┴──────────────────┴────────────────────┘
1023
1024 Table 14. Bridge options
1025 ┌───────────────────┬───────────────────────────┐
1026 │Alias │ Property │
1027 ├───────────────────┼───────────────────────────┤
1028 │stp │ bridge.stp │
1029 ├───────────────────┼───────────────────────────┤
1030 │priority │ bridge.priority │
1031 ├───────────────────┼───────────────────────────┤
1032 │forward-delay │ bridge.forward-delay │
1033 ├───────────────────┼───────────────────────────┤
1034 │hello-time │ bridge.hello-time │
1035 ├───────────────────┼───────────────────────────┤
1036 │max-age │ bridge.max-age │
1037 ├───────────────────┼───────────────────────────┤
1038 │ageing-time │ bridge.ageing-time │
1039 ├───────────────────┼───────────────────────────┤
1040 │group-forward-mask │ bridge.group-forward-mask │
1041 ├───────────────────┼───────────────────────────┤
1042 │multicast-snooping │ bridge.multicast-snooping │
1043 ├───────────────────┼───────────────────────────┤
1044 │mac │ bridge.mac-address │
1045 ├───────────────────┼───────────────────────────┤
1046 │priority │ bridge-port.priority │
1047 ├───────────────────┼───────────────────────────┤
1048 │path-cost │ bridge-port.path-cost │
1049 ├───────────────────┼───────────────────────────┤
1050 │hairpin │ bridge-port.hairpin-mode │
1051 └───────────────────┴───────────────────────────┘
1052
1053 Table 15. VPN options
1054 ┌─────────┬──────────────────┐
1055 │Alias │ Property │
1056 ├─────────┼──────────────────┤
1057 │vpn-type │ vpn.service-type │
1058 ├─────────┼──────────────────┤
1059 │user │ vpn.user-name │
1060 └─────────┴──────────────────┘
1061
1062 Table 16. OLPC Mesh options
1063 ┌─────────────┬────────────────────────────────┐
1064 │Alias │ Property │
1065 ├─────────────┼────────────────────────────────┤
1066 │ssid │ olpc-mesh.ssid │
1067 ├─────────────┼────────────────────────────────┤
1068 │channel │ olpc-mesh.channel │
1069 ├─────────────┼────────────────────────────────┤
1070 │dhcp-anycast │ olpc-mesh.dhcp-anycast-address │
1071 └─────────────┴────────────────────────────────┘
1072
1073 Table 17. ADSL options
1074 ┌──────────────┬────────────────────┐
1075 │Alias │ Property │
1076 ├──────────────┼────────────────────┤
1077 │username │ adsl.username │
1078 ├──────────────┼────────────────────┤
1079 │protocol │ adsl.protocol │
1080 ├──────────────┼────────────────────┤
1081 │password │ adsl.password │
1082 ├──────────────┼────────────────────┤
1083 │encapsulation │ adsl.encapsulation │
1084 └──────────────┴────────────────────┘
1085
1086 Table 18. MACVLAN options
1087 ┌──────┬────────────────┐
1088 │Alias │ Property │
1089 ├──────┼────────────────┤
1090 │dev │ macvlan.parent │
1091 ├──────┼────────────────┤
1092 │mode │ macvlan.mode │
1093 ├──────┼────────────────┤
1094 │tap │ macvlan.tap │
1095 └──────┴────────────────┘
1096
1097 Table 19. MACsec options
1098 ┌────────┬────────────────┐
1099 │Alias │ Property │
1100 ├────────┼────────────────┤
1101 │dev │ macsec.parent │
1102 ├────────┼────────────────┤
1103 │mode │ macsec.mode │
1104 ├────────┼────────────────┤
1105 │encrypt │ macsec.encrypt │
1106 ├────────┼────────────────┤
1107 │cak │ macsec.cak │
1108 ├────────┼────────────────┤
1109 │ckn │ macsec.ckn │
1110 ├────────┼────────────────┤
1111 │port │ macsec.port │
1112 └────────┴────────────────┘
1113
1114 Table 20. VxLAN options
1115 ┌─────────────────┬────────────────────────┐
1116 │Alias │ Property │
1117 ├─────────────────┼────────────────────────┤
1118 │id │ vxlan.id │
1119 ├─────────────────┼────────────────────────┤
1120 │remote │ vxlan.remote │
1121 ├─────────────────┼────────────────────────┤
1122 │dev │ vxlan.parent │
1123 ├─────────────────┼────────────────────────┤
1124 │local │ vxlan.local │
1125 ├─────────────────┼────────────────────────┤
1126 │source-port-min │ vxlan.source-port-min │
1127 ├─────────────────┼────────────────────────┤
1128 │source-port-max │ vxlan.source-port-max │
1129 ├─────────────────┼────────────────────────┤
1130 │destination-port │ vxlan.destination-port │
1131 └─────────────────┴────────────────────────┘
1132
1133 Table 21. Tun options
1134 ┌────────────┬─────────────────┐
1135 │Alias │ Property │
1136 ├────────────┼─────────────────┤
1137 │mode │ tun.mode │
1138 ├────────────┼─────────────────┤
1139 │owner │ tun.owner │
1140 ├────────────┼─────────────────┤
1141 │group │ tun.group │
1142 ├────────────┼─────────────────┤
1143 │pi │ tun.pi │
1144 ├────────────┼─────────────────┤
1145 │vnet-hdr │ tun.vnet-hdr │
1146 ├────────────┼─────────────────┤
1147 │multi-queue │ tun.multi-queue │
1148 └────────────┴─────────────────┘
1149
1150 Table 22. IP tunneling options
1151 ┌───────┬──────────────────┐
1152 │Alias │ Property │
1153 ├───────┼──────────────────┤
1154 │mode │ ip-tunnel.mode │
1155 ├───────┼──────────────────┤
1156 │local │ ip-tunnel.local │
1157 ├───────┼──────────────────┤
1158 │remote │ ip-tunnel.remote │
1159 ├───────┼──────────────────┤
1160 │dev │ ip-tunnel.parent │
1161 └───────┴──────────────────┘
1162
1163 Table 23. IPv4 options
1164 ┌──────┬────────────────┬─────────────────────┐
1165 │Alias │ Property │ Note │
1166 ├──────┼────────────────┼─────────────────────┤
1167 │ip4 │ ipv4.addresses │ The alias is │
1168 │ │ ipv4.method │ equivalent to the │
1169 │ │ │ +ipv4.addresses │
1170 │ │ │ syntax and also │
1171 │ │ │ sets ipv4.method to │
1172 │ │ │ manual. It can be │
1173 │ │ │ specified multiple │
1174 │ │ │ times. │
1175 ├──────┼────────────────┼─────────────────────┤
1176 │gw4 │ ipv4.gateway │ │
1177 └──────┴────────────────┴─────────────────────┘
1178
1179 Table 24. IPv6 options
1180 ┌──────┬────────────────┬─────────────────────┐
1181 │Alias │ Property │ Note │
1182 ├──────┼────────────────┼─────────────────────┤
1183 │ip6 │ ipv6.addresses │ The alias is │
1184 │ │ ipv6.method │ equivalent to the │
1185 │ │ │ +ipv6.addresses │
1186 │ │ │ syntax and also │
1187 │ │ │ sets ipv6.method to │
1188 │ │ │ manual. It can be │
1189 │ │ │ specified multiple │
1190 │ │ │ times. │
1191 ├──────┼────────────────┼─────────────────────┤
1192 │gw6 │ ipv6.gateway │ │
1193 └──────┴────────────────┴─────────────────────┘
1194
1195 Table 25. Proxy options
1196 ┌─────────────┬────────────────────┬─────────────────────┐
1197 │Alias │ Property │ Note │
1198 ├─────────────┼────────────────────┼─────────────────────┤
1199 │method │ proxy.method │ │
1200 ├─────────────┼────────────────────┼─────────────────────┤
1201 │browser-only │ proxy.browser-only │ │
1202 ├─────────────┼────────────────────┼─────────────────────┤
1203 │pac-url │ proxy.pac-url │ │
1204 ├─────────────┼────────────────────┼─────────────────────┤
1205 │pac-script │ proxy.pac-script │ Read the JavaScript │
1206 │ │ │ PAC (proxy │
1207 │ │ │ auto-config) script │
1208 │ │ │ from file or pass │
1209 │ │ │ it directly on the │
1210 │ │ │ command line. │
1211 │ │ │ Prefix the value │
1212 │ │ │ with "file://" or │
1213 │ │ │ "js://" to force │
1214 │ │ │ one or the other. │
1215 └─────────────┴────────────────────┴─────────────────────┘
1216
1218 Implicit coloring can be disabled by an empty file
1219 /etc/terminal-colors.d/nmcli.disable.
1220
1221 See terminal-colors.d(5) for more details about colorization
1222 configuration. The logical color names supported by nmcli are:
1223
1224 connection-activated
1225 A connection that is active.
1226
1227 connection-activating
1228 Connection that is being activated.
1229
1230 connection-disconnecting
1231 Connection that is being disconnected.
1232
1233 connection-invisible
1234 Connection whose details is the user not permitted to see.
1235
1236 connectivity-full
1237 Conectivity state when Internet is reachable.
1238
1239 connectivity-limited
1240 Conectivity state when only a local network reachable.
1241
1242 connectivity-none
1243 Conectivity state when the network is disconnected.
1244
1245 connectivity-portal
1246 Conectivity state when a captive portal hijacked the connection.
1247
1248 connectivity-unknown
1249 Conectivity state when a connectivity check didn't run.
1250
1251 device-activated
1252 Device that is connected.
1253
1254 device-activating
1255 Device that is being configured.
1256
1257 device-disconnected
1258 Device that is not connected.
1259
1260 device-firmware-missing
1261 Warning of a missing device firmware.
1262
1263 device-plugin-missing
1264 Warning of a missing device plugin.
1265
1266 device-unavailable
1267 Device that is not available for activation.
1268
1269 manager-running
1270 Notice that the NetworkManager daemon is available.
1271
1272 manager-starting
1273 Notice that the NetworkManager daemon is being initially connected.
1274
1275 manager-stopped
1276 Notice that the NetworkManager daemon is not available.
1277
1278 permission-auth
1279 An action that requires user authentication to get permission.
1280
1281 permission-no
1282 An action that is not permitted.
1283
1284 permission-yes
1285 An action that is permitted.
1286
1287 prompt
1288 Prompt in interactive mode.
1289
1290 state-asleep
1291 Indication that NetworkManager in suspended state.
1292
1293 state-connected-global
1294 Indication that NetworkManager in connected to Internet.
1295
1296 state-connected-local
1297 Indication that NetworkManager in local network.
1298
1299 state-connected-site
1300 Indication that NetworkManager in connected to networks other than
1301 Internet.
1302
1303 state-connecting
1304 Indication that NetworkManager is establishing a network
1305 connection.
1306
1307 state-disconnected
1308 Indication that NetworkManager is disconnected from a network.
1309
1310 state-disconnecting
1311 Indication that NetworkManager is being disconnected from a
1312 network.
1313
1314 wifi-signal-excellent
1315 Wi-Fi network with an excellent signal level.
1316
1317 wifi-signal-fair
1318 Wi-Fi network with a fair signal level.
1319
1320 wifi-signal-good
1321 Wi-Fi network with a good signal level.
1322
1323 wifi-signal-poor
1324 Wi-Fi network with a poor signal level.
1325
1326 wifi-signal-unknown
1327 Wi-Fi network that hasn't been actually seen (a hidden AP).
1328
1329 disabled
1330 A property that is turned off.
1331
1332 enabled
1333 A property that is turned on.
1334
1336 nmcli's behavior is affected by the following environment variables.
1337
1338 LC_ALL
1339 If set to a non-empty string value, it overrides the values of all
1340 the other internationalization variables.
1341
1342 LC_MESSAGES
1343 Determines the locale to be used for internationalized messages.
1344
1345 LANG
1346 Provides a default value for the internationalization variables
1347 that are unset or null.
1348
1350 Be aware that nmcli is localized and that is why the output depends on
1351 your environment. This is important to realize especially when you
1352 parse the output.
1353
1354 Call nmcli as LC_ALL=C nmcli to be sure the locale is set to C while
1355 executing in a script.
1356
1357 LC_ALL, LC_MESSAGES, LANG variables specify the LC_MESSAGES locale
1358 category (in that order), which determines the language that nmcli uses
1359 for messages. The C locale is used if none of these variables are set,
1360 and this locale uses English messages.
1361
1363 nmcli exits with status 0 if it succeeds, a value greater than 0 is
1364 returned if an error occurs.
1365
1366 0
1367 Success – indicates the operation succeeded.
1368
1369 1
1370 Unknown or unspecified error.
1371
1372 2
1373 Invalid user input, wrong nmcli invocation.
1374
1375 3
1376 Timeout expired (see --wait option).
1377
1378 4
1379 Connection activation failed.
1380
1381 5
1382 Connection deactivation failed.
1383
1384 6
1385 Disconnecting device failed.
1386
1387 7
1388 Connection deletion failed.
1389
1390 8
1391 NetworkManager is not running.
1392
1393 10
1394 Connection, device, or access point does not exist.
1395
1396 65
1397 When used with --complete-args option, a file name is expected to
1398 follow.
1399
1401 This section presents various examples of nmcli usage. If you want even
1402 more, please refer to nmcli-examples(7) manual page.
1403
1404 nmcli -t -f RUNNING general
1405 tells you whether NetworkManager is running or not.
1406
1407 nmcli -t -f STATE general
1408 shows the overall status of NetworkManager.
1409
1410 nmcli radio wifi off
1411 switches Wi-Fi off.
1412
1413 nmcli connection show
1414 lists all connections NetworkManager has.
1415
1416 nmcli -p -m multiline -f all con show
1417 shows all configured connections in multi-line mode.
1418
1419 nmcli connection show --active
1420 lists all currently active connections.
1421
1422 nmcli -f name,autoconnect c s
1423 shows all connection profile names and their auto-connect property.
1424
1425 nmcli -p connection show "My default em1"
1426 shows details for "My default em1" connection profile.
1427
1428 nmcli --show-secrets connection show "My Home WiFi"
1429 shows details for "My Home WiFi" connection profile with all
1430 passwords. Without --show-secrets option, secrets would not be
1431 displayed.
1432
1433 nmcli -f active connection show "My default em1"
1434 shows details for "My default em1" active connection, like IP, DHCP
1435 information, etc.
1436
1437 nmcli -f profile con s "My wired connection"
1438 shows static configuration details of the connection profile with
1439 "My wired connection" name.
1440
1441 nmcli -p con up "My wired connection" ifname eth0
1442 activates the connection profile with name "My wired connection" on
1443 interface eth0. The -p option makes nmcli show progress of the
1444 activation.
1445
1446 nmcli con up 6b028a27-6dc9-4411-9886-e9ad1dd43761 ap 00:3A:98:7C:42:D3
1447 connects the Wi-Fi connection with UUID
1448 6b028a27-6dc9-4411-9886-e9ad1dd43761 to the AP with BSSID
1449 00:3A:98:7C:42:D3.
1450
1451 nmcli device status
1452 shows the status for all devices.
1453
1454 nmcli dev disconnect em2
1455 disconnects a connection on interface em2 and marks the device as
1456 unavailable for auto-connecting. As a result, no connection will
1457 automatically be activated on the device until the device's
1458 'autoconnect' is set to TRUE or the user manually activates a
1459 connection.
1460
1461 nmcli -f GENERAL,WIFI-PROPERTIES dev show wlan0
1462 shows details for wlan0 interface; only GENERAL and WIFI-PROPERTIES
1463 sections will be shown.
1464
1465 nmcli -f CONNECTIONS device show wlp3s0
1466 shows all available connection profiles for your Wi-Fi interface
1467 wlp3s0.
1468
1469 nmcli dev wifi
1470 lists available Wi-Fi access points known to NetworkManager.
1471
1472 nmcli dev wifi con "Cafe Hotspot 1" password caffeine name "My cafe"
1473 creates a new connection named "My cafe" and then connects it to
1474 "Cafe Hotspot 1" SSID using password "caffeine". This is mainly
1475 useful when connecting to "Cafe Hotspot 1" for the first time. Next
1476 time, it is better to use nmcli con up id "My cafe" so that the
1477 existing connection profile can be used and no additional is
1478 created.
1479
1480 nmcli -s dev wifi hotspot con-name QuickHotspot
1481 creates a hotspot profile and connects it. Prints the hotspot
1482 password the user should use to connect to the hotspot from other
1483 devices.
1484
1485 nmcli dev modify em1 ipv4.method shared
1486 starts IPv4 connection sharing using em1 device. The sharing will
1487 be active until the device is disconnected.
1488
1489 nmcli dev modify em1 ipv6.address 2001:db8::a:bad:c0de
1490 temporarily adds an IP address to a device. The address will be
1491 removed when the same connection is activated again.
1492
1493 nmcli connection add type ethernet autoconnect no ifname eth0
1494 non-interactively adds an Ethernet connection tied to eth0
1495 interface with automatic IP configuration (DHCP), and disables the
1496 connection's autoconnect flag.
1497
1498 nmcli c a ifname Maxipes-fik type vlan dev eth0 id 55
1499 non-interactively adds a VLAN connection with ID 55. The connection
1500 will use eth0 and the VLAN interface will be named Maxipes-fik.
1501
1502 nmcli c a ifname eth0 type ethernet ipv4.method disabled ipv6.method
1503 link-local
1504 non-interactively adds a connection that will use eth0 Ethernet
1505 interface and only have an IPv6 link-local address configured.
1506
1507 nmcli connection edit ethernet-em1-2
1508 edits existing "ethernet-em1-2" connection in the interactive
1509 editor.
1510
1511 nmcli connection edit type ethernet con-name "yet another Ethernet
1512 connection"
1513 adds a new Ethernet connection in the interactive editor.
1514
1515 nmcli con mod ethernet-2 connection.autoconnect no
1516 modifies 'autoconnect' property in the 'connection' setting of
1517 'ethernet-2' connection.
1518
1519 nmcli con mod "Home Wi-Fi" wifi.mtu 1350
1520 modifies 'mtu' property in the 'wifi' setting of 'Home Wi-Fi'
1521 connection.
1522
1523 nmcli con mod em1-1 ipv4.method manual ipv4.addr "192.168.1.23/24
1524 192.168.1.1, 10.10.1.5/8, 10.0.0.11"
1525 sets manual addressing and the addresses in em1-1 profile.
1526
1527 nmcli con modify ABC +ipv4.dns 8.8.8.8
1528 appends a Google public DNS server to DNS servers in ABC profile.
1529
1530 nmcli con modify ABC -ipv4.addresses "192.168.100.25/24 192.168.1.1"
1531 removes the specified IP address from (static) profile ABC.
1532
1533 nmcli con import type openvpn file ~/Downloads/frootvpn.ovpn
1534 imports an OpenVPN configuration to NetworkManager.
1535
1536 nmcli con export corp-vpnc /home/joe/corpvpn.conf
1537 exports NetworkManager VPN profile corp-vpnc as standard Cisco
1538 (vpnc) configuration.
1539
1541 nmcli accepts abbreviations, as long as they are a unique prefix in the
1542 set of possible options. As new options get added, these abbreviations
1543 are not guaranteed to stay unique. For scripting and long term
1544 compatibility it is therefore strongly advised to spell out the full
1545 option names.
1546
1548 There are probably some bugs. If you find a bug, please report it to
1549 https://bugzilla.gnome.org/ — product NetworkManager.
1550
1552 nmcli-examples(7), nm-online(1), NetworkManager(8),
1553 NetworkManager.conf(5), nm-settings(5), nm-applet(1), nm-connection-
1554 editor(1), terminal-colors.d(5).
1555
1556
1557
1558NetworkManager 1.12.0 NMCLI(1)