1NMCLI(1)                    General Commands Manual                   NMCLI(1)
2
3
4

NAME

6       nmcli - command-line tool for controlling NetworkManager
7

SYNOPSIS

9       nmcli [OPTIONS...] {help | general | networking | radio | connection |
10             device | agent | monitor} [COMMAND] [ARGUMENTS...]
11

DESCRIPTION

13       nmcli is a command-line tool for controlling NetworkManager and
14       reporting network status. It can be utilized as a replacement for
15       nm-applet or other graphical clients.  nmcli is used to create,
16       display, edit, delete, activate, and deactivate network connections, as
17       well as control and display network device status.
18
19       Typical uses include:
20
21       ·   Scripts: Utilize NetworkManager via nmcli instead of managing
22           network connections manually.  nmcli supports a terse output format
23           which is better suited for script processing. Note that
24           NetworkManager can also execute scripts, called "dispatcher
25           scripts", in response to network events. See NetworkManager(8) for
26           details about these dispatcher scripts.
27
28       ·   Servers, headless machines, and terminals: nmcli can be used to
29           control NetworkManager without a GUI, including creating, editing,
30           starting and stopping network connections and viewing network
31           status.
32

OPTIONS

34       -t | --terse
35           Output is terse. This mode is designed and suitable for computer
36           (script) processing.
37
38       -p | --pretty
39           Output is pretty. This causes nmcli to produce easily readable
40           outputs for humans, i.e. values are aligned, headers are printed,
41           etc.
42
43       -m | --mode {tabular | multiline}
44           Switch between tabular and multiline output:
45
46           tabular
47               Output is a table where each line describes a single entry.
48               Columns define particular properties of the entry.
49
50           multiline
51               Each entry comprises multiple lines, each property on its own
52               line. The values are prefixed with the property name.
53
54           If omitted, default is tabular for most commands. For the commands
55           producing more structured information, that cannot be displayed on
56           a single line, default is multiline. Currently, they are:
57
58           ·   nmcli connection show ID
59
60           ·   nmcli device show
61
62       -c | --colors {yes | no | auto}
63           This option controls color output (using terminal escape
64           sequences).  yes enables colors, no disables them, auto only
65           produces colors when standard output is directed to a terminal. The
66           default value is auto.
67
68           The actual colors used are configured as described in terminal-
69           colors.d(5). Please refer to the COLORS section for a list of color
70           names supported by nmcli.
71
72       -f | --fields {field1,field2... | all | common}
73           This option is used to specify what fields (column names) should be
74           printed. Valid field names differ for specific commands. List
75           available fields by providing an invalid value to the --fields
76           option.  all is used to print all valid field values of the
77           command.  common is used to print common field values of the
78           command.
79
80           If omitted, default is common.
81
82       -g | --get-values {field1,field2... | all | common}
83           This option is used to print values from specific fields. It is
84           basically a shortcut for --mode tabular --terse --fields and is a
85           convenient way to retrieve values for particular fields. The values
86           are printed one per line without headers.
87
88           If a section is specified instead of a field, the section name will
89           be printed followed by colon separated values of the fields
90           belonging to that section, all on the same line.
91
92       -e | --escape {yes | no}
93           Whether to escape : and \ characters in terse tabular mode. The
94           escape character is \.
95
96           If omitted, default is yes.
97
98       -a | --ask
99           When using this option nmcli will stop and ask for any missing
100           required arguments, so do not use this option for non-interactive
101           purposes like scripts. This option controls, for example, whether
102           you will be prompted for a password if it is required for
103           connecting to a network.
104
105       -s | --show-secrets
106           When using this option nmcli will display passwords and secrets
107           that might be present in an output of an operation. This option
108           also influences echoing passwords typed by user as an input.
109
110       -w | --wait seconds
111           This option sets a timeout period for which nmcli will wait for
112           NetworkManager to finish operations. It is especially useful for
113           commands that may take a longer time to complete, e.g. connection
114           activation.
115
116           Specifying a value of 0 instructs nmcli not to wait but to exit
117           immediately with a status of success. The default value depends on
118           the executed command.
119
120       --complete-args
121           Instead of conducting the desired action, nmcli will list possible
122           completions for the last argument. This is useful to implement
123           argument completion in shell.
124
125           The exit status will indicate success or return a code 65 to
126           indicate the last argument is a file name.
127
128           NetworkManager ships with command completion support for GNU Bash.
129
130       -v | --version
131           Show nmcli version.
132
133       -h | --help
134           Print help information.
135

GENERAL COMMANDS

137       nmcli general {status | hostname | permissions | logging}
138                     [ARGUMENTS...]
139
140       Use this command to show NetworkManager status and permissions. You can
141       also get and change system hostname, as well as NetworkManager logging
142       level and domains.
143
144       status
145           Show overall status of NetworkManager. This is the default action,
146           when no additional command is provided for nmcli general.
147
148       hostname [hostname]
149           Get and change system hostname. With no arguments, this prints
150           currently configured hostname. When you pass a hostname, it will be
151           handed over to NetworkManager to be set as a new system hostname.
152
153           Note that the term "system" hostname may also be referred to as
154           "persistent" or "static" by other programs or tools. The hostname
155           is stored in /etc/hostname file in most distributions. For example,
156           systemd-hostnamed service uses the term "static" hostname and it
157           only reads the /etc/hostname file when it starts.
158
159       permissions
160           Show the permissions a caller has for various authenticated
161           operations that NetworkManager provides, like enable and disable
162           networking, changing Wi-Fi and WWAN state, modifying connections,
163           etc.
164
165       logging [level level] [domains domains...]
166           Get and change NetworkManager logging level and domains. Without
167           any argument current logging level and domains are shown. In order
168           to change logging state, provide level and, or, domain parameters.
169           See NetworkManager.conf(5) for available level and domain values.
170

NETWORKING CONTROL COMMANDS

172       nmcli networking {on | off | connectivity} [ARGUMENTS...]
173
174       Query NetworkManager networking status, enable and disable networking.
175
176       on, off
177           Enable or disable networking control by NetworkManager. All
178           interfaces managed by NetworkManager are deactivated when
179           networking is disabled.
180
181       connectivity [check]
182           Get network connectivity state. The optional check argument tells
183           NetworkManager to re-check the connectivity, else the most recent
184           known connectivity state is displayed without re-checking.
185
186           Possible states are:
187
188           none
189               the host is not connected to any network.
190
191           portal
192               the host is behind a captive portal and cannot reach the full
193               Internet.
194
195           limited
196               the host is connected to a network, but it has no access to the
197               Internet.
198
199           full
200               the host is connected to a network and has full access to the
201               Internet.
202
203           unknown
204               the connectivity status cannot be found out.
205

RADIO TRANSMISSION CONTROL COMMANDS

207       nmcli radio {all | wifi | wwan} [ARGUMENTS...]
208
209       Show radio switches status, or enable and disable the switches.
210
211       wifi [on | off]
212           Show or set status of Wi-Fi in NetworkManager. If no arguments are
213           supplied, Wi-Fi status is printed; on enables Wi-Fi; off disables
214           Wi-Fi.
215
216       wwan [on | off]
217           Show or set status of WWAN (mobile broadband) in NetworkManager. If
218           no arguments are supplied, mobile broadband status is printed; on
219           enables mobile broadband, off disables it.
220
221       all [on | off]
222           Show or set all previously mentioned radio switches at the same
223           time.
224

ACTIVITY MONITOR

226       nmcli monitor
227
228       Observe NetworkManager activity. Watches for changes in connectivity
229       state, devices or connection profiles.
230
231       See also nmcli connection monitor and nmcli device monitor to watch for
232       changes in certain devices or connections.
233

CONNECTION MANAGEMENT COMMANDS

235       nmcli connection {show | up | down | modify | add | edit | clone |
236                        delete | monitor | reload | load | import | export}
237                        [ARGUMENTS...]
238
239       NetworkManager stores all network configuration as "connections", which
240       are collections of data (Layer2 details, IP addressing, etc.) that
241       describe how to create or connect to a network. A connection is
242       "active" when a device uses that connection's configuration to create
243       or connect to a network. There may be multiple connections that apply
244       to a device, but only one of them can be active on that device at any
245       given time. The additional connections can be used to allow quick
246       switching between different networks and configurations.
247
248       Consider a machine which is usually connected to a DHCP-enabled
249       network, but sometimes connected to a testing network which uses static
250       IP addressing. Instead of manually reconfiguring eth0 each time the
251       network is changed, the settings can be saved as two connections which
252       both apply to eth0, one for DHCP (called default) and one with the
253       static addressing details (called testing). When connected to the
254       DHCP-enabled network the user would run nmcli con up default , and when
255       connected to the static network the user would run nmcli con up
256       testing.
257
258       show [--active] [--order [+-]category:...]
259           List in-memory and on-disk connection profiles, some of which may
260           also be active if a device is using that connection profile.
261           Without a parameter, all profiles are listed. When --active option
262           is specified, only the active profiles are shown.
263
264           The --order option can be used to get custom ordering of
265           connections. The connections can be ordered by active status
266           (active), name (name), type (type) or D-Bus path (path). If
267           connections are equal according to a sort order category, an
268           additional category can be specified. The default sorting order is
269           equivalent to --order active:name:path.  + or no prefix means
270           sorting in ascending order (alphabetically or in numbers), - means
271           reverse (descending) order. The category names can be abbreviated
272           (e.g.  --order -a:na).
273
274       show [--active] [id | uuid | path | apath] ID...
275           Show details for specified connections. By default, both static
276           configuration and active connection data are displayed. When
277           --active option is specified, only the active profiles are taken
278           into account. Use global --show-secrets option to display secrets
279           associated with the profile.
280
281           id, uuid, path and apath keywords can be used if ID is ambiguous.
282           Optional ID-specifying keywords are:
283
284           id
285               the ID denotes a connection name.
286
287           uuid
288               the ID denotes a connection UUID.
289
290           path
291               the ID denotes a D-Bus static connection path in the format of
292               /org/freedesktop/NetworkManager/Settings/num or just num.
293
294           apath
295               the ID denotes a D-Bus active connection path in the format of
296               /org/freedesktop/NetworkManager/ActiveConnection/num or just
297               num.
298
299           It is possible to filter the output using the global --fields
300           option. Use the following values:
301
302           profile
303               only shows static profile configuration.
304
305           active
306               only shows active connection data (when the profile is active).
307
308           You can also specify particular fields. For static configuration,
309           use setting and property names as described in nm-settings(5)
310           manual page. For active data use GENERAL, IP4, DHCP4, IP6, DHCP6,
311           VPN.
312
313           When no command is given to the nmcli connection, the default
314           action is nmcli connection show.
315
316       up [id | uuid | path] ID [ifname ifname] [ap BSSID] [passwd-file file]
317           Activate a connection. The connection is identified by its name,
318           UUID or D-Bus path. If ID is ambiguous, a keyword id, uuid or path
319           can be used. When requiring a particular device to activate the
320           connection on, the ifname option with interface name should be
321           given. If the ID is not given an ifname is required, and
322           NetworkManager will activate the best available connection for the
323           given ifname. In case of a VPN connection, the ifname option
324           specifies the device of the base connection. The ap option specify
325           what particular AP should be used in case of a Wi-Fi connection.
326
327           If --wait option is not specified, the default timeout will be 90
328           seconds.
329
330           See connection show above for the description of the ID-specifying
331           keywords.
332
333           Available options are:
334
335           ifname
336               interface that will be used for activation.
337
338           ap
339               BSSID of the AP which the command should connect to (for Wi-Fi
340               connections).
341
342           passwd-file
343               some networks may require credentials during activation. You
344               can give these credentials using this option. Each line of the
345               file should contain one password in the form:
346
347                   setting_name.property_name:the password
348
349               For example, for WPA Wi-Fi with PSK, the line would be
350
351                   802-11-wireless-security.psk:secret12345
352
353               For 802.1X password, the line would be
354
355                   802-1x.password:my 1X password
356
357
358               nmcli also accepts wifi-sec and wifi strings instead of
359               802-11-wireless-security. When NetworkManager requires a
360               password and it is not given, nmcli will ask for it when run
361               with --ask. If --ask was not passed, NetworkManager can ask
362               another secret agent that may be running (typically a GUI
363               secret agent, such as nm-applet or gnome-shell).
364
365       down [id | uuid | path | apath] ID...
366           Deactivate a connection from a device without preventing the device
367           from further auto-activation. Multiple connections can be passed to
368           the command.
369
370           Be aware that this command deactivates the specified active
371           connection, but the device on which the connection was active, is
372           still ready to connect and will perform auto-activation by looking
373           for a suitable connection that has the 'autoconnect' flag set. This
374           includes the just deactivated connection. So if the connection is
375           set to auto-connect, it will be automatically started on the
376           disconnected device again.
377
378           In most cases you may want to use device disconnect command
379           instead.
380
381           The connection is identified by its name, UUID or D-Bus path. If ID
382           is ambiguous, a keyword id, uuid, path or apath can be used.
383
384           See connection show above for the description of the ID-specifying
385           keywords.
386
387           If --wait option is not specified, the default timeout will be 10
388           seconds.
389
390       modify [--temporary] [id | uuid | path] ID
391       {option value | [+|-]setting.property value}...
392           Add, modify or remove properties in the connection profile.
393
394           To set the property just specify the property name followed by the
395           value. An empty value ("") removes the property value.
396
397           In addition to the properties, you can also use short names for
398           some of the properties. Consult the PROPERTY ALIASES section for
399           details.
400
401           If you want to append an item to the existing value, use + prefix
402           for the property name. If you want to remove just one item from
403           container-type property, use - prefix for the property name and
404           specify a value or an zero-based index of the item to remove (or
405           option name for properties with named options) as value. The + and
406           - modifies only have a real effect for multi-value (container)
407           properties like ipv4.dns, ipv4.addresses, bond.options, etc.
408
409           See nm-settings(5) for complete reference of setting and property
410           names, their descriptions and default values. The setting and
411           property can be abbreviated provided they are unique.
412
413           The connection is identified by its name, UUID or D-Bus path. If ID
414           is ambiguous, a keyword id, uuid or path can be used.
415
416       add [save {yes | no}] {option value | [+|-]setting.property value}...
417           Create a new connection using specified properties.
418
419           You need to describe the newly created connections with the
420           property and value pairs. See nm-settings(5) for the complete
421           reference. You can also use the aliases described in PROPERTY
422           ALIASES section. The syntax is the same as of the nmcli connection
423           modify command.
424
425           To construct a meaningful connection you at the very least need to
426           set the connection.type property (or use the type alias) to one of
427           known NetworkManager connection types:
428
429           ·   ethernet
430
431           ·   wifi
432
433           ·   wimax
434
435           ·   pppoe
436
437           ·   gsm
438
439           ·   cdma
440
441           ·   infiniband
442
443           ·   bluetooth
444
445           ·   vlan
446
447           ·   bond
448
449           ·   bond-slave
450
451           ·   team
452
453           ·   team-slave
454
455           ·   bridge
456
457           ·   bridge-slave
458
459           ·   vpn
460
461           ·   olpc-mesh
462
463           ·   adsl
464
465           ·   tun
466
467           ·   ip-tunnel
468
469           ·   macvlan
470
471           ·   vxlan
472
473           ·   dummy
474
475           The most typical uses are described in the EXAMPLES section.
476
477           Aside from the properties and values two special options are
478           accepted:
479
480           save
481               Controls whether the connection should be persistent, i.e.
482               NetworkManager should store it on disk (default: yes).
483
484           --
485               If a single -- argument is encountered it is ignored. This is
486               for compatibility with older versions on nmcli.
487
488       edit {[id | uuid | path] ID | [type type] [con-name name] }
489           Edit an existing connection or add a new one, using an interactive
490           editor.
491
492           The existing connection is identified by its name, UUID or D-Bus
493           path. If ID is ambiguous, a keyword id, uuid, or path can be used.
494           See connection show above for the description of the ID-specifying
495           keywords. Not providing an ID means that a new connection will be
496           added.
497
498           The interactive editor will guide you through the connection
499           editing and allow you to change connection parameters according to
500           your needs by means of a simple menu-driven interface. The editor
501           indicates what settings and properties can be modified and provides
502           in-line help.
503
504           Available options:
505
506           type
507               type of the new connection; valid types are the same as for
508               connection add command.
509
510           con-name
511               name for the new connection. It can be changed later in the
512               editor.
513
514           See also nm-settings(5) for all NetworkManager settings and
515           property names, and their descriptions; and nmcli-examples(7) for
516           sample editor sessions.
517
518       clone [--temporary] [id | uuid | path] ID new_name
519           Clone a connection. The connection to be cloned is identified by
520           its name, UUID or D-Bus path. If ID is ambiguous, a keyword id,
521           uuid or path can be used. See connection show above for the
522           description of the ID-specifying keywords.  new_name is the name of
523           the new cloned connection. The new connection will be the exact
524           copy except the connection.id (new_name) and connection.uuid
525           (generated) properties.
526
527           The new connection profile will be saved as persistent unless
528           --temporary option is specified, in which case the new profile
529           won't exist after NetworkManager restart.
530
531       delete [id | uuid | path] ID...
532           Delete a configured connection. The connection to be deleted is
533           identified by its name, UUID or D-Bus path. If ID is ambiguous, a
534           keyword id, uuid or path can be used. See connection show above for
535           the description of the ID-specifying keywords.
536
537           If --wait option is not specified, the default timeout will be 10
538           seconds.
539
540       monitor [id | uuid | path] ID...
541           Monitor connection profile activity. This command prints a line
542           whenever the specified connection changes. The connection to be
543           monitored is identified by its name, UUID or D-Bus path. If ID is
544           ambiguous, a keyword id, uuid or path can be used. See connection
545           show above for the description of the ID-specifying keywords.
546
547           Monitors all connection profiles in case none is specified. The
548           command terminates when all monitored connections disappear. If you
549           want to monitor connection creation consider using the global
550           monitor with nmcli monitor command.
551
552       reload
553           Reload all connection files from disk. NetworkManager does not
554           monitor changes to connection files by default. So you need to use
555           this command in order to tell NetworkManager to re-read the
556           connection profiles from disk when a change was made to them.
557           However, the auto-loading feature can be enabled and then
558           NetworkManager will reload connection files any time they change
559           (monitor-connection-files=true in NetworkManager.conf(5)).
560
561       load filename...
562           Load/reload one or more connection files from disk. Use this after
563           manually editing a connection file to ensure that NetworkManager is
564           aware of its latest state.
565
566       import [--temporary] type type file file
567           Import an external/foreign configuration as a NetworkManager
568           connection profile. The type of the input file is specified by type
569           option.
570
571           Only VPN configurations are supported at the moment. The
572           configuration is imported by NetworkManager VPN plugins.  type
573           values are the same as for vpn-type option in nmcli connection add.
574           VPN configurations are imported by VPN plugins. Therefore the
575           proper VPN plugin has to be installed so that nmcli could import
576           the data.
577
578           The imported connection profile will be saved as persistent unless
579           --temporary option is specified, in which case the new profile
580           won't exist after NetworkManager restart.
581
582       export [id | uuid | path] ID [file]
583           Export a connection.
584
585           Only VPN connections are supported at the moment. A proper VPN
586           plugin has to be installed so that nmcli could export a connection.
587           If no file is provided, the VPN configuration data will be printed
588           to standard output.
589

DEVICE MANAGEMENT COMMANDS

591       nmcli device {status | show | set | connect | reapply | modify |
592                    disconnect | delete | monitor | wifi | lldp}
593                    [ARGUMENTS...]
594
595       Show and manage network interfaces.
596
597       status
598           Print status of devices.
599
600           This is the default action if no command is specified to nmcli
601           device.
602
603       show [ifname]
604           Show detailed information about devices. Without an argument, all
605           devices are examined. To get information for a specific device, the
606           interface name has to be provided.
607
608       set [ifname] ifname [autoconnect {yes | no}] [managed {yes | no}]
609           Set device properties.
610
611       connect ifname
612           Connect the device. NetworkManager will try to find a suitable
613           connection that will be activated. It will also consider
614           connections that are not set to auto connect.
615
616           If --wait option is not specified, the default timeout will be 90
617           seconds.
618
619       reapply ifname
620           Attempt to update device with changes to the currently active
621           connection made since it was last applied.
622
623       modify ifname {option value | [+|-]setting.property value}...
624           Modify the settings currently active on the device.
625
626           This command lets you do temporary changes to a configuration
627           active on a particular device. The changes are not preserved in the
628           connection profile.
629
630           See nm-settings(5) for the list of available properties. Please
631           note that some properties can't be changed on an already connected
632           device.
633
634           You can also use the aliases described in PROPERTY ALIASES section.
635           The syntax is the same as of the nmcli connection modify command.
636
637       disconnect ifname...
638           Disconnect a device and prevent the device from automatically
639           activating further connections without user/manual intervention.
640           Note that disconnecting software devices may mean that the devices
641           will disappear.
642
643           If --wait option is not specified, the default timeout will be 10
644           seconds.
645
646       delete ifname...
647           Delete a device. The command removes the interface from the system.
648           Note that this only works for software devices like bonds, bridges,
649           teams, etc. Hardware devices (like Ethernet) cannot be deleted by
650           the command.
651
652           If --wait option is not specified, the default timeout will be 10
653           seconds.
654
655       monitor [ifname...]
656           Monitor device activity. This command prints a line whenever the
657           specified devices change state.
658
659           Monitors all devices in case no interface is specified. The monitor
660           terminates when all specified devices disappear. If you want to
661           monitor device addition consider using the global monitor with
662           nmcli monitor command.
663
664       wifi [list [--rescan | auto | no | yes] [ifname ifname] [bssid BSSID]]
665           List available Wi-Fi access points. The ifname and bssid options
666           can be used to list APs for a particular interface or with a
667           specific BSSID, respectively.
668
669           By default, nmcli ensures that the access point list is no older
670           than 30 seconds and triggers a network scan if necessary. The
671           --rescan can be used to either force or disable the scan regardless
672           of how fresh the access point list is.
673
674       wifi connect (B)SSID [password password] [wep-key-type {key | phrase}]
675       [ifname ifname] [bssid BSSID] [name name] [private {yes | no}]
676       [hidden {yes | no}]
677           Connect to a Wi-Fi network specified by SSID or BSSID. The command
678           creates a new connection and then activates it on a device. This is
679           a command-line counterpart of clicking an SSID in a GUI client. The
680           command always creates a new connection and thus it is mainly
681           useful for connecting to new Wi-Fi networks. If a connection for
682           the network already exists, it is better to bring up (activate) the
683           existing connection as follows: nmcli con up id name. Note that
684           only open, WEP and WPA-PSK networks are supported at the moment. It
685           is also supposed that IP configuration is obtained via DHCP.
686
687           If --wait option is not specified, the default timeout will be 90
688           seconds.
689
690           Available options are:
691
692           password
693               password for secured networks (WEP or WPA).
694
695           wep-key-type
696               type of WEP secret, either key for ASCII/HEX key or phrase for
697               passphrase.
698
699           ifname
700               interface that will be used for activation.
701
702           bssid
703               if specified, the created connection will be restricted just
704               for the BSSID.
705
706           name
707               if specified, the connection will use the name (else NM creates
708               a name itself).
709
710           private
711               if set to yes, the connection will only be visible to the user
712               who created it. Otherwise the connection is system-wide, which
713               is the default.
714
715           hidden
716               set to yes when connecting for the first time to an AP not
717               broadcasting its SSID. Otherwise the SSID would not be found
718               and the connection attempt would fail.
719
720       wifi hotspot [ifname ifname] [con-name name] [ssid SSID]
721       [band {a | bg}] [channel channel] [password password]
722           Create a Wi-Fi hotspot. The command creates a hotspot connection
723           profile according to Wi-Fi device capabilities and activates it on
724           the device. The hotspot is secured with WPA if device/driver
725           supports that, otherwise WEP is used. Use connection down or device
726           disconnect to stop the hotspot.
727
728           Parameters of the hotspot can be influenced by the optional
729           parameters:
730
731           ifname
732               what Wi-Fi device is used.
733
734           con-name
735               name of the created hotspot connection profile.
736
737           ssid
738               SSID of the hotspot.
739
740           band
741               Wi-Fi band to use.
742
743           channel
744               Wi-Fi channel to use.
745
746           password
747               password to use for the created hotspot. If not provided, nmcli
748               will generate a password. The password is either WPA pre-shared
749               key or WEP key.
750
751               Note that --show-secrets global option can be used to print the
752               hotspot password. It is useful especially when the password was
753               generated.
754
755       wifi rescan [ifname ifname] [ssid SSID...]
756           Request that NetworkManager immediately re-scan for available
757           access points. NetworkManager scans Wi-Fi networks periodically,
758           but in some cases it can be useful to start scanning manually (e.g.
759           after resuming the computer). By using ssid, it is possible to scan
760           for a specific SSID, which is useful for APs with hidden SSIDs. You
761           can provide multiple ssid parameters in order to scan more SSIDs.
762
763           This command does not show the APs, use nmcli device wifi list for
764           that.
765
766       lldp [list [ifname ifname]]
767           Display information about neighboring devices learned through the
768           Link Layer Discovery Protocol (LLDP). The ifname option can be used
769           to list neighbors only for a given interface. The protocol must be
770           enabled in the connection settings.
771

SECRET AGENT

773       nmcli agent {secret | polkit | all}
774
775       Run nmcli as a NetworkManager secret agent, or polkit agent.
776
777       secret
778           Register nmcli as a NetworkManager secret agent and listen for
779           secret requests. You do usually not need this command, because
780           nmcli can handle secrets when connecting to networks. However, you
781           may find the command useful when you use another tool for
782           activating connections and you do not have a secret agent available
783           (like nm-applet).
784
785       polkit
786           Register nmcli as a polkit agent for the user session and listen
787           for authorization requests. You do not usually need this command,
788           because nmcli can handle polkit actions related to NetworkManager
789           operations (when run with --ask). However, you may find the command
790           useful when you want to run a simple text based polkit agent and
791           you do not have an agent of a desktop environment. Note that
792           running this command makes nmcli handle all polkit requests, not
793           only NetworkManager related ones, because only one polkit agent can
794           run for the session.
795
796       all
797           Runs nmcli as both NetworkManager secret and a polkit agent.
798

PROPERTY ALIASES

800       Apart from the property-value pairs, connection add, connection modify
801       and device modify also accept short forms of some properties. They
802       exist for convenience. Some aliases can affect multiple connection
803       properties at once.
804
805       The overview of the aliases is below. An actual connection type is used
806       to disambiguate these options from the options of the same name that
807       are valid for multiple connection types (such as mtu).
808
809       Table 1. Options for all connections
810       ┌────────────┬───────────────────────────┬─────────────────────────────┐
811Alias       Property                  Note                        
812       ├────────────┼───────────────────────────┼─────────────────────────────┤
813       │type        │ connection.type           │ This alias also             │
814       │            │                           │ accepts values of           │
815       │            │                           │ bond-slave,                 │
816       │            │                           │ team-slave and              │
817       │            │                           │ bridge-slave. They          │
818       │            │                           │ create ethernet             
819       │            │                           │ connection                  │
820       │            │                           │ profiles. Their use         │
821       │            │                           │ is discouraged in           │
822       │            │                           │ favor of using a            │
823       │            │                           │ specific type with          │
824       │            │                           │ master option.              │
825       ├────────────┼───────────────────────────┼─────────────────────────────┤
826       │con-name    │ connection.id             │ When not provided a         │
827       │            │                           │ default name is             │
828       │            │                           │ generated:                  │
829       │            │                           │ <type>[-<ifname>][-<num>]). │
830       ├────────────┼───────────────────────────┼─────────────────────────────┤
831       │autoconnect │ connection.autoconnect    │                             │
832       ├────────────┼───────────────────────────┼─────────────────────────────┤
833       │ifname      │ connection.interface-name │ A value of * will be        │
834       │            │                           │ interpreted as no value,    │
835       │            │                           │ making the connection       │
836       │            │                           │ profile                     │
837       │            │                           │ interface-independent.      │
838       │            │                           │ Note: use quotes around *   │
839       │            │                           │ to suppress shell           │
840       │            │                           │ expansion.  For bond, team  │
841       │            │                           │ and bridge connections a    │
842       │            │                           │ default name will be        │
843       │            │                           │ generated if not set.       │
844       ├────────────┼───────────────────────────┼─────────────────────────────┤
845       │master      │ connection.master         │ Value specified here will   │
846       │            │                           │ be canonicalized.  It can   │
847       │            │                           │ be prefixed with ifname/,   │
848       │            │                           │ uuid/ or id/ to             │
849       │            │                           │ disambiguate it.            │
850       ├────────────┼───────────────────────────┼─────────────────────────────┤
851       │slave-type  │ connection.slave-type     │                             │
852       └────────────┴───────────────────────────┴─────────────────────────────┘
853
854       Table 2. PPPoE options
855       ┌─────────┬────────────────┐
856Alias    Property       
857       ├─────────┼────────────────┤
858       │username │ pppoe.username │
859       ├─────────┼────────────────┤
860       │password │ pppoe.password │
861       ├─────────┼────────────────┤
862       │service  │ pppoe.service  │
863       ├─────────┼────────────────┤
864       │parent   │ pppoe.parent   │
865       └─────────┴────────────────┘
866
867       Table 3. Wired Ethernet options
868       ┌───────────┬──────────────────────────┐
869Alias      Property                 
870       ├───────────┼──────────────────────────┤
871       │mtu        │ wired.mtu                │
872       ├───────────┼──────────────────────────┤
873       │mac        │ wired.mac-address        │
874       ├───────────┼──────────────────────────┤
875       │cloned-mac │ wired.cloned-mac-address │
876       └───────────┴──────────────────────────┘
877
878       Table 4. Infiniband options
879       ┌───────────────┬───────────────────────────┐
880Alias          Property                  
881       ├───────────────┼───────────────────────────┤
882       │mtu            │ infiniband.mtu            │
883       ├───────────────┼───────────────────────────┤
884       │mac            │ infiniband.mac-address    │
885       ├───────────────┼───────────────────────────┤
886       │transport-mode │ infiniband.transport-mode │
887       ├───────────────┼───────────────────────────┤
888       │parent         │ infiniband.parent         │
889       ├───────────────┼───────────────────────────┤
890       │p-key          │ infiniband.p-key          │
891       └───────────────┴───────────────────────────┘
892
893       Table 5. Wi-Fi options
894       ┌───────────┬─────────────────────────────┐
895Alias      Property                    
896       ├───────────┼─────────────────────────────┤
897       │ssid       │ wireless.ssid               │
898       ├───────────┼─────────────────────────────┤
899       │mode       │ wireless.mode               │
900       ├───────────┼─────────────────────────────┤
901       │mtu        │ wireless.mtu                │
902       ├───────────┼─────────────────────────────┤
903       │mac        │ wireless.mac-address        │
904       ├───────────┼─────────────────────────────┤
905       │cloned-mac │ wireless.cloned-mac-address │
906       └───────────┴─────────────────────────────┘
907
908       Table 6. WiMax options
909       ┌──────┬────────────────────┐
910Alias Property           
911       ├──────┼────────────────────┤
912       │nsp   │ wimax.network-name │
913       ├──────┼────────────────────┤
914       │mac   │ wimax.mac-address  │
915       └──────┴────────────────────┘
916
917       Table 7. GSM options
918       ┌─────────┬──────────────┐
919Alias    Property     
920       ├─────────┼──────────────┤
921       │apn      │ gsm.apn      │
922       ├─────────┼──────────────┤
923       │user     │ gsm.username │
924       ├─────────┼──────────────┤
925       │password │ gsm.password │
926       └─────────┴──────────────┘
927
928       Table 8. CDMA options
929       ┌─────────┬───────────────┐
930Alias    Property      
931       ├─────────┼───────────────┤
932       │user     │ cdma.username │
933       ├─────────┼───────────────┤
934       │password │ cdma.password │
935       └─────────┴───────────────┘
936
937       Table 9. Bluetooth options
938       ┌────────┬──────────────────┬─────────────────────┐
939Alias   Property         Note                
940       ├────────┼──────────────────┼─────────────────────┤
941       │addr    │ bluetooth.bdaddr │                     │
942       ├────────┼──────────────────┼─────────────────────┤
943       │bt-type │ bluetooth.type   │ Apart from the      │
944       │        │                  │ usual panu, nap and │
945       │        │                  │ dun options, the    │
946       │        │                  │ values of dun-gsm   │
947       │        │                  │ and dun-cdma can be │
948       │        │                  │ used for            │
949       │        │                  │ compatibility with  │
950       │        │                  │ older versions.     │
951       │        │                  │ They are equivalent │
952       │        │                  │ to using dun and    │
953       │        │                  │ setting appropriate │
954       │        │                  │ gsm.* or cdma.*     │
955       │        │                  │ properties.         │
956       └────────┴──────────────────┴─────────────────────┘
957
958       Table 10. VLAN options
959       ┌────────┬───────────────────────────┐
960Alias   Property                  
961       ├────────┼───────────────────────────┤
962       │dev     │ vlan.parent               │
963       ├────────┼───────────────────────────┤
964       │id      │ vlan.id                   │
965       ├────────┼───────────────────────────┤
966       │flags   │ vlan.flags                │
967       ├────────┼───────────────────────────┤
968       │ingress │ vlan.ingress-priority-map │
969       ├────────┼───────────────────────────┤
970       │egress  │ vlan.egress-priority-map  │
971       └────────┴───────────────────────────┘
972
973       Table 11. Bonding options
974       ┌──────────────┬──────────────┬───────────────────┐
975Alias         Property     Note              
976       ├──────────────┼──────────────┼───────────────────┤
977       │mode          │              │ Setting each of   │
978       ├──────────────┤              │ these adds the    │
979       │primary       │              │ option to         │
980       ├──────────────┤              │ bond.options      │
981       │miimon        │              │ property.  It's   │
982       ├──────────────┤              │ equivalent to the │
983       │downdelay     │              │ +bond.options     │
984       ├──────────────┤ bond.options │ 'option=value'    │
985       │updelay       │              │ syntax.           │
986       ├──────────────┤              │                   │
987       │arp-interval  │              │                   │
988       ├──────────────┤              │                   │
989       │arp-ip-target │              │                   │
990       ├──────────────┤              │                   │
991       │lacp-rate     │              │                   │
992       └──────────────┴──────────────┴───────────────────┘
993
994       Table 12. Team options
995       ┌───────┬─────────────┬────────────────────┐
996Alias  Property    Note               
997       ├───────┼─────────────┼────────────────────┤
998       │config │ team.config │ Either a filename  │
999       │       │             │ or a team          │
1000       │       │             │ configuration in   │
1001       │       │             │ JSON format. To    │
1002       │       │             │ enforce one or the │
1003       │       │             │ other, the value   │
1004       │       │             │ can be prefixed    │
1005       │       │             │ with "file://" or  │
1006       │       │             │ "json://".         │
1007       └───────┴─────────────┴────────────────────┘
1008
1009       Table 13. Team port options
1010       ┌───────┬──────────────────┬────────────────────┐
1011Alias  Property         Note               
1012       ├───────┼──────────────────┼────────────────────┤
1013       │config │ team-port.config │ Either a filename  │
1014       │       │                  │ or a team          │
1015       │       │                  │ configuration in   │
1016       │       │                  │ JSON format. To    │
1017       │       │                  │ enforce one or the │
1018       │       │                  │ other, the value   │
1019       │       │                  │ can be prefixed    │
1020       │       │                  │ with "file://" or  │
1021       │       │                  │ "json://".         │
1022       └───────┴──────────────────┴────────────────────┘
1023
1024       Table 14. Bridge options
1025       ┌───────────────────┬───────────────────────────┐
1026Alias              Property                  
1027       ├───────────────────┼───────────────────────────┤
1028       │stp                │ bridge.stp                │
1029       ├───────────────────┼───────────────────────────┤
1030       │priority           │ bridge.priority           │
1031       ├───────────────────┼───────────────────────────┤
1032       │forward-delay      │ bridge.forward-delay      │
1033       ├───────────────────┼───────────────────────────┤
1034       │hello-time         │ bridge.hello-time         │
1035       ├───────────────────┼───────────────────────────┤
1036       │max-age            │ bridge.max-age            │
1037       ├───────────────────┼───────────────────────────┤
1038       │ageing-time        │ bridge.ageing-time        │
1039       ├───────────────────┼───────────────────────────┤
1040       │group-forward-mask │ bridge.group-forward-mask │
1041       ├───────────────────┼───────────────────────────┤
1042       │multicast-snooping │ bridge.multicast-snooping │
1043       ├───────────────────┼───────────────────────────┤
1044       │mac                │ bridge.mac-address        │
1045       ├───────────────────┼───────────────────────────┤
1046       │priority           │ bridge-port.priority      │
1047       ├───────────────────┼───────────────────────────┤
1048       │path-cost          │ bridge-port.path-cost     │
1049       ├───────────────────┼───────────────────────────┤
1050       │hairpin            │ bridge-port.hairpin-mode  │
1051       └───────────────────┴───────────────────────────┘
1052
1053       Table 15. VPN options
1054       ┌─────────┬──────────────────┐
1055Alias    Property         
1056       ├─────────┼──────────────────┤
1057       │vpn-type │ vpn.service-type │
1058       ├─────────┼──────────────────┤
1059       │user     │ vpn.user-name    │
1060       └─────────┴──────────────────┘
1061
1062       Table 16. OLPC Mesh options
1063       ┌─────────────┬────────────────────────────────┐
1064Alias        Property                       
1065       ├─────────────┼────────────────────────────────┤
1066       │ssid         │ olpc-mesh.ssid                 │
1067       ├─────────────┼────────────────────────────────┤
1068       │channel      │ olpc-mesh.channel              │
1069       ├─────────────┼────────────────────────────────┤
1070       │dhcp-anycast │ olpc-mesh.dhcp-anycast-address │
1071       └─────────────┴────────────────────────────────┘
1072
1073       Table 17. ADSL options
1074       ┌──────────────┬────────────────────┐
1075Alias         Property           
1076       ├──────────────┼────────────────────┤
1077       │username      │ adsl.username      │
1078       ├──────────────┼────────────────────┤
1079       │protocol      │ adsl.protocol      │
1080       ├──────────────┼────────────────────┤
1081       │password      │ adsl.password      │
1082       ├──────────────┼────────────────────┤
1083       │encapsulation │ adsl.encapsulation │
1084       └──────────────┴────────────────────┘
1085
1086       Table 18. MACVLAN options
1087       ┌──────┬────────────────┐
1088Alias Property       
1089       ├──────┼────────────────┤
1090       │dev   │ macvlan.parent │
1091       ├──────┼────────────────┤
1092       │mode  │ macvlan.mode   │
1093       ├──────┼────────────────┤
1094       │tap   │ macvlan.tap    │
1095       └──────┴────────────────┘
1096
1097       Table 19. MACsec options
1098       ┌────────┬────────────────┐
1099Alias   Property       
1100       ├────────┼────────────────┤
1101       │dev     │ macsec.parent  │
1102       ├────────┼────────────────┤
1103       │mode    │ macsec.mode    │
1104       ├────────┼────────────────┤
1105       │encrypt │ macsec.encrypt │
1106       ├────────┼────────────────┤
1107       │cak     │ macsec.cak     │
1108       ├────────┼────────────────┤
1109       │ckn     │ macsec.ckn     │
1110       ├────────┼────────────────┤
1111       │port    │ macsec.port    │
1112       └────────┴────────────────┘
1113
1114       Table 20. VxLAN options
1115       ┌─────────────────┬────────────────────────┐
1116Alias            Property               
1117       ├─────────────────┼────────────────────────┤
1118       │id               │ vxlan.id               │
1119       ├─────────────────┼────────────────────────┤
1120       │remote           │ vxlan.remote           │
1121       ├─────────────────┼────────────────────────┤
1122       │dev              │ vxlan.parent           │
1123       ├─────────────────┼────────────────────────┤
1124       │local            │ vxlan.local            │
1125       ├─────────────────┼────────────────────────┤
1126       │source-port-min  │ vxlan.source-port-min  │
1127       ├─────────────────┼────────────────────────┤
1128       │source-port-max  │ vxlan.source-port-max  │
1129       ├─────────────────┼────────────────────────┤
1130       │destination-port │ vxlan.destination-port │
1131       └─────────────────┴────────────────────────┘
1132
1133       Table 21. Tun options
1134       ┌────────────┬─────────────────┐
1135Alias       Property        
1136       ├────────────┼─────────────────┤
1137       │mode        │ tun.mode        │
1138       ├────────────┼─────────────────┤
1139       │owner       │ tun.owner       │
1140       ├────────────┼─────────────────┤
1141       │group       │ tun.group       │
1142       ├────────────┼─────────────────┤
1143       │pi          │ tun.pi          │
1144       ├────────────┼─────────────────┤
1145       │vnet-hdr    │ tun.vnet-hdr    │
1146       ├────────────┼─────────────────┤
1147       │multi-queue │ tun.multi-queue │
1148       └────────────┴─────────────────┘
1149
1150       Table 22. IP tunneling options
1151       ┌───────┬──────────────────┐
1152Alias  Property         
1153       ├───────┼──────────────────┤
1154       │mode   │ ip-tunnel.mode   │
1155       ├───────┼──────────────────┤
1156       │local  │ ip-tunnel.local  │
1157       ├───────┼──────────────────┤
1158       │remote │ ip-tunnel.remote │
1159       ├───────┼──────────────────┤
1160       │dev    │ ip-tunnel.parent │
1161       └───────┴──────────────────┘
1162
1163       Table 23. IPv4 options
1164       ┌──────┬────────────────┬─────────────────────┐
1165Alias Property       Note                
1166       ├──────┼────────────────┼─────────────────────┤
1167       │ip4   │ ipv4.addresses │ The alias is        │
1168       │      │ ipv4.method    │ equivalent to the   │
1169       │      │                │ +ipv4.addresses     │
1170       │      │                │ syntax and also     │
1171       │      │                │ sets ipv4.method to │
1172       │      │                │ manual. It can be   │
1173       │      │                │ specified multiple  │
1174       │      │                │ times.              │
1175       ├──────┼────────────────┼─────────────────────┤
1176       │gw4   │ ipv4.gateway   │                     │
1177       └──────┴────────────────┴─────────────────────┘
1178
1179       Table 24. IPv6 options
1180       ┌──────┬────────────────┬─────────────────────┐
1181Alias Property       Note                
1182       ├──────┼────────────────┼─────────────────────┤
1183       │ip6   │ ipv6.addresses │ The alias is        │
1184       │      │ ipv6.method    │ equivalent to the   │
1185       │      │                │ +ipv6.addresses     │
1186       │      │                │ syntax and also     │
1187       │      │                │ sets ipv6.method to │
1188       │      │                │ manual. It can be   │
1189       │      │                │ specified multiple  │
1190       │      │                │ times.              │
1191       ├──────┼────────────────┼─────────────────────┤
1192       │gw6   │ ipv6.gateway   │                     │
1193       └──────┴────────────────┴─────────────────────┘
1194
1195       Table 25. Proxy options
1196       ┌─────────────┬────────────────────┬─────────────────────┐
1197Alias        Property           Note                
1198       ├─────────────┼────────────────────┼─────────────────────┤
1199       │method       │ proxy.method       │                     │
1200       ├─────────────┼────────────────────┼─────────────────────┤
1201       │browser-only │ proxy.browser-only │                     │
1202       ├─────────────┼────────────────────┼─────────────────────┤
1203       │pac-url      │ proxy.pac-url      │                     │
1204       ├─────────────┼────────────────────┼─────────────────────┤
1205       │pac-script   │ proxy.pac-script   │ Read the JavaScript │
1206       │             │                    │ PAC (proxy          │
1207       │             │                    │ auto-config) script │
1208       │             │                    │ from file or pass   │
1209       │             │                    │ it directly on the  │
1210       │             │                    │ command line.       │
1211       │             │                    │ Prefix the value    │
1212       │             │                    │ with "file://" or   │
1213       │             │                    │ "js://" to force    │
1214       │             │                    │ one or the other.   │
1215       └─────────────┴────────────────────┴─────────────────────┘
1216

COLORS

1218       Implicit coloring can be disabled by an empty file
1219       /etc/terminal-colors.d/nmcli.disable.
1220
1221       See terminal-colors.d(5) for more details about colorization
1222       configuration. The logical color names supported by nmcli are:
1223
1224       connection-activated
1225           A connection that is active.
1226
1227       connection-activating
1228           Connection that is being activated.
1229
1230       connection-disconnecting
1231           Connection that is being disconnected.
1232
1233       connection-invisible
1234           Connection whose details is the user not permitted to see.
1235
1236       connectivity-full
1237           Conectivity state when Internet is reachable.
1238
1239       connectivity-limited
1240           Conectivity state when only a local network reachable.
1241
1242       connectivity-none
1243           Conectivity state when the network is disconnected.
1244
1245       connectivity-portal
1246           Conectivity state when a captive portal hijacked the connection.
1247
1248       connectivity-unknown
1249           Conectivity state when a connectivity check didn't run.
1250
1251       device-activated
1252           Device that is connected.
1253
1254       device-activating
1255           Device that is being configured.
1256
1257       device-disconnected
1258           Device that is not connected.
1259
1260       device-firmware-missing
1261           Warning of a missing device firmware.
1262
1263       device-plugin-missing
1264           Warning of a missing device plugin.
1265
1266       device-unavailable
1267           Device that is not available for activation.
1268
1269       manager-running
1270           Notice that the NetworkManager daemon is available.
1271
1272       manager-starting
1273           Notice that the NetworkManager daemon is being initially connected.
1274
1275       manager-stopped
1276           Notice that the NetworkManager daemon is not available.
1277
1278       permission-auth
1279           An action that requires user authentication to get permission.
1280
1281       permission-no
1282           An action that is not permitted.
1283
1284       permission-yes
1285           An action that is permitted.
1286
1287       prompt
1288           Prompt in interactive mode.
1289
1290       state-asleep
1291           Indication that NetworkManager in suspended state.
1292
1293       state-connected-global
1294           Indication that NetworkManager in connected to Internet.
1295
1296       state-connected-local
1297           Indication that NetworkManager in local network.
1298
1299       state-connected-site
1300           Indication that NetworkManager in connected to networks other than
1301           Internet.
1302
1303       state-connecting
1304           Indication that NetworkManager is establishing a network
1305           connection.
1306
1307       state-disconnected
1308           Indication that NetworkManager is disconnected from a network.
1309
1310       state-disconnecting
1311           Indication that NetworkManager is being disconnected from a
1312           network.
1313
1314       wifi-signal-excellent
1315           Wi-Fi network with an excellent signal level.
1316
1317       wifi-signal-fair
1318           Wi-Fi network with a fair signal level.
1319
1320       wifi-signal-good
1321           Wi-Fi network with a good signal level.
1322
1323       wifi-signal-poor
1324           Wi-Fi network with a poor signal level.
1325
1326       wifi-signal-unknown
1327           Wi-Fi network that hasn't been actually seen (a hidden AP).
1328
1329       disabled
1330           A property that is turned off.
1331
1332       enabled
1333           A property that is turned on.
1334

ENVIRONMENT VARIABLES

1336       nmcli's behavior is affected by the following environment variables.
1337
1338       LC_ALL
1339           If set to a non-empty string value, it overrides the values of all
1340           the other internationalization variables.
1341
1342       LC_MESSAGES
1343           Determines the locale to be used for internationalized messages.
1344
1345       LANG
1346           Provides a default value for the internationalization variables
1347           that are unset or null.
1348

INTERNATIONALIZATION NOTES

1350       Be aware that nmcli is localized and that is why the output depends on
1351       your environment. This is important to realize especially when you
1352       parse the output.
1353
1354       Call nmcli as LC_ALL=C nmcli to be sure the locale is set to C while
1355       executing in a script.
1356
1357       LC_ALL, LC_MESSAGES, LANG variables specify the LC_MESSAGES locale
1358       category (in that order), which determines the language that nmcli uses
1359       for messages. The C locale is used if none of these variables are set,
1360       and this locale uses English messages.
1361

EXIT STATUS

1363       nmcli exits with status 0 if it succeeds, a value greater than 0 is
1364       returned if an error occurs.
1365
1366       0
1367           Success – indicates the operation succeeded.
1368
1369       1
1370           Unknown or unspecified error.
1371
1372       2
1373           Invalid user input, wrong nmcli invocation.
1374
1375       3
1376           Timeout expired (see --wait option).
1377
1378       4
1379           Connection activation failed.
1380
1381       5
1382           Connection deactivation failed.
1383
1384       6
1385           Disconnecting device failed.
1386
1387       7
1388           Connection deletion failed.
1389
1390       8
1391           NetworkManager is not running.
1392
1393       10
1394           Connection, device, or access point does not exist.
1395
1396       65
1397           When used with --complete-args option, a file name is expected to
1398           follow.
1399

EXAMPLES

1401       This section presents various examples of nmcli usage. If you want even
1402       more, please refer to nmcli-examples(7) manual page.
1403
1404       nmcli -t -f RUNNING general
1405           tells you whether NetworkManager is running or not.
1406
1407       nmcli -t -f STATE general
1408           shows the overall status of NetworkManager.
1409
1410       nmcli radio wifi off
1411           switches Wi-Fi off.
1412
1413       nmcli connection show
1414           lists all connections NetworkManager has.
1415
1416       nmcli -p -m multiline -f all con show
1417           shows all configured connections in multi-line mode.
1418
1419       nmcli connection show --active
1420           lists all currently active connections.
1421
1422       nmcli -f name,autoconnect c s
1423           shows all connection profile names and their auto-connect property.
1424
1425       nmcli -p connection show "My default em1"
1426           shows details for "My default em1" connection profile.
1427
1428       nmcli --show-secrets connection show "My Home WiFi"
1429           shows details for "My Home WiFi" connection profile with all
1430           passwords. Without --show-secrets option, secrets would not be
1431           displayed.
1432
1433       nmcli -f active connection show "My default em1"
1434           shows details for "My default em1" active connection, like IP, DHCP
1435           information, etc.
1436
1437       nmcli -f profile con s "My wired connection"
1438           shows static configuration details of the connection profile with
1439           "My wired connection" name.
1440
1441       nmcli -p con up "My wired connection" ifname eth0
1442           activates the connection profile with name "My wired connection" on
1443           interface eth0. The -p option makes nmcli show progress of the
1444           activation.
1445
1446       nmcli con up 6b028a27-6dc9-4411-9886-e9ad1dd43761 ap 00:3A:98:7C:42:D3
1447           connects the Wi-Fi connection with UUID
1448           6b028a27-6dc9-4411-9886-e9ad1dd43761 to the AP with BSSID
1449           00:3A:98:7C:42:D3.
1450
1451       nmcli device status
1452           shows the status for all devices.
1453
1454       nmcli dev disconnect em2
1455           disconnects a connection on interface em2 and marks the device as
1456           unavailable for auto-connecting. As a result, no connection will
1457           automatically be activated on the device until the device's
1458           'autoconnect' is set to TRUE or the user manually activates a
1459           connection.
1460
1461       nmcli -f GENERAL,WIFI-PROPERTIES dev show wlan0
1462           shows details for wlan0 interface; only GENERAL and WIFI-PROPERTIES
1463           sections will be shown.
1464
1465       nmcli -f CONNECTIONS device show wlp3s0
1466           shows all available connection profiles for your Wi-Fi interface
1467           wlp3s0.
1468
1469       nmcli dev wifi
1470           lists available Wi-Fi access points known to NetworkManager.
1471
1472       nmcli dev wifi con "Cafe Hotspot 1" password caffeine name "My cafe"
1473           creates a new connection named "My cafe" and then connects it to
1474           "Cafe Hotspot 1" SSID using password "caffeine". This is mainly
1475           useful when connecting to "Cafe Hotspot 1" for the first time. Next
1476           time, it is better to use nmcli con up id "My cafe" so that the
1477           existing connection profile can be used and no additional is
1478           created.
1479
1480       nmcli -s dev wifi hotspot con-name QuickHotspot
1481           creates a hotspot profile and connects it. Prints the hotspot
1482           password the user should use to connect to the hotspot from other
1483           devices.
1484
1485       nmcli dev modify em1 ipv4.method shared
1486           starts IPv4 connection sharing using em1 device. The sharing will
1487           be active until the device is disconnected.
1488
1489       nmcli dev modify em1 ipv6.address 2001:db8::a:bad:c0de
1490           temporarily adds an IP address to a device. The address will be
1491           removed when the same connection is activated again.
1492
1493       nmcli connection add type ethernet autoconnect no ifname eth0
1494           non-interactively adds an Ethernet connection tied to eth0
1495           interface with automatic IP configuration (DHCP), and disables the
1496           connection's autoconnect flag.
1497
1498       nmcli c a ifname Maxipes-fik type vlan dev eth0 id 55
1499           non-interactively adds a VLAN connection with ID 55. The connection
1500           will use eth0 and the VLAN interface will be named Maxipes-fik.
1501
1502       nmcli c a ifname eth0 type ethernet ipv4.method disabled ipv6.method
1503       link-local
1504           non-interactively adds a connection that will use eth0 Ethernet
1505           interface and only have an IPv6 link-local address configured.
1506
1507       nmcli connection edit ethernet-em1-2
1508           edits existing "ethernet-em1-2" connection in the interactive
1509           editor.
1510
1511       nmcli connection edit type ethernet con-name "yet another Ethernet
1512       connection"
1513           adds a new Ethernet connection in the interactive editor.
1514
1515       nmcli con mod ethernet-2 connection.autoconnect no
1516           modifies 'autoconnect' property in the 'connection' setting of
1517           'ethernet-2' connection.
1518
1519       nmcli con mod "Home Wi-Fi" wifi.mtu 1350
1520           modifies 'mtu' property in the 'wifi' setting of 'Home Wi-Fi'
1521           connection.
1522
1523       nmcli con mod em1-1 ipv4.method manual ipv4.addr "192.168.1.23/24
1524       192.168.1.1, 10.10.1.5/8, 10.0.0.11"
1525           sets manual addressing and the addresses in em1-1 profile.
1526
1527       nmcli con modify ABC +ipv4.dns 8.8.8.8
1528           appends a Google public DNS server to DNS servers in ABC profile.
1529
1530       nmcli con modify ABC -ipv4.addresses "192.168.100.25/24 192.168.1.1"
1531           removes the specified IP address from (static) profile ABC.
1532
1533       nmcli con import type openvpn file ~/Downloads/frootvpn.ovpn
1534           imports an OpenVPN configuration to NetworkManager.
1535
1536       nmcli con export corp-vpnc /home/joe/corpvpn.conf
1537           exports NetworkManager VPN profile corp-vpnc as standard Cisco
1538           (vpnc) configuration.
1539

NOTES

1541       nmcli accepts abbreviations, as long as they are a unique prefix in the
1542       set of possible options. As new options get added, these abbreviations
1543       are not guaranteed to stay unique. For scripting and long term
1544       compatibility it is therefore strongly advised to spell out the full
1545       option names.
1546

BUGS

1548       There are probably some bugs. If you find a bug, please report it to
1549       https://bugzilla.gnome.org/ — product NetworkManager.
1550

SEE ALSO

1552       nmcli-examples(7), nm-online(1), NetworkManager(8),
1553       NetworkManager.conf(5), nm-settings(5), nm-applet(1), nm-connection-
1554       editor(1), terminal-colors.d(5).
1555
1556
1557
1558NetworkManager 1.12.0                                                 NMCLI(1)
Impressum