1NMCLI-EXAMPLES(7) Examples NMCLI-EXAMPLES(7)
2
6 nmcli-examples - usage examples of nmcli
7
9 nmcli [OPTIONS...]
10
12 nmcli is a command-line client for NetworkManager. It allows
13 controlling NetworkManager and reporting its status. For more
14 information please refer to nmcli(1) manual page.
15 The purpose of this manual page is to provide you with various examples
17 and usage scenarios of nmcli.
18
20 Example 1. Listing available Wi-Fi APs
21 $ nmcli device wifi list
23 * SSID MODE CHAN RATE SIGNAL BARS SECURITY
24 netdatacomm_local Infra 6 54 Mbit/s 37 ▂▄__ WEP
25 * F1 Infra 11 54 Mbit/s 98 ▂▄▆█ WPA1
26 LoremCorp Infra 1 54 Mbit/s 62 ▂▄▆_ WPA2 802.1X
27 Internet Infra 6 54 Mbit/s 29 ▂___ WPA1
28 HPB110a.F2672A Ad-Hoc 6 54 Mbit/s 22 ▂___ --
29 Jozinet Infra 1 54 Mbit/s 19 ▂___ WEP
30 VOIP Infra 1 54 Mbit/s 20 ▂___ WEP
31 MARTINA Infra 4 54 Mbit/s 32 ▂▄__ WPA2
32 N24PU1 Infra 7 11 Mbit/s 22 ▂___ --
33 alfa Infra 1 54 Mbit/s 67 ▂▄▆_ WPA2
34 bertnet Infra 5 54 Mbit/s 20 ▂___ WPA1 WPA2
35 This command shows how to list available Wi-Fi networks (APs). You can
37 also use --fields option for displaying different columns. nmcli -f
38 all dev wifi list will show all of them.
39 Example 2. Showing general information and properties for a Wi-Fi
41 interface
42 $ nmcli -p -f general,wifi-properties device show wlan0
44 ===========================================================================
45 Device details (wlan0)
46 ===========================================================================
47 GENERAL.DEVICE: wlan0
48 GENERAL.TYPE: wifi
49 GENERAL.VENDOR: Intel Corporation
50 GENERAL.PRODUCT: PRO/Wireless 5100 AGN [Shiloh] Network Connection
51 GENERAL.DRIVER: iwlwifi
52 GENERAL.DRIVER-VERSION: 3.8.13-100.fc17.x86_64
53 GENERAL.FIRMWARE-VERSION: 8.83.5.1 build 33692
54 GENERAL.HWADDR: 00:1E:65:37:A1:D3
55 GENERAL.MTU: 1500
56 GENERAL.STATE: 100 (connected)
57 GENERAL.REASON: 0 (No reason given)
58 GENERAL.UDI: /sys/devices/pci0000:00/0000:00:1c.1/net/wlan0
59 GENERAL.IP-IFACE: wlan0
60 GENERAL.IS-SOFTWARE: no
61 GENERAL.NM-MANAGED: yes
62 GENERAL.AUTOCONNECT: yes
63 GENERAL.FIRMWARE-MISSING: no
64 GENERAL.CONNECTION: My Alfa WiFi
65 GENERAL.CON-UUID: 85194f4c-d496-4eec-bae0-d880b4cbcf26
66 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/
67 10
68 ---------------------------------------------------------------------------
69 WIFI-PROPERTIES.WEP: yes
70 WIFI-PROPERTIES.WPA: yes
71 WIFI-PROPERTIES.WPA2: yes
72 WIFI-PROPERTIES.TKIP: yes
73 WIFI-PROPERTIES.CCMP: yes
74 WIFI-PROPERTIES.AP: no
75 WIFI-PROPERTIES.ADHOC: yes
76 ---------------------------------------------------------------------------
77 This command shows information about a Wi-Fi device.
79 Example 3. Listing NetworkManager polkit permissions
81 $ nmcli general permissions
83 PERMISSION VALUE
84 org.freedesktop.NetworkManager.enable-disable-network yes
85 org.freedesktop.NetworkManager.enable-disable-wifi yes
86 org.freedesktop.NetworkManager.enable-disable-wwan yes
87 org.freedesktop.NetworkManager.enable-disable-wimax yes
88 org.freedesktop.NetworkManager.sleep-wake no
89 org.freedesktop.NetworkManager.network-control yes
90 org.freedesktop.NetworkManager.wifi.share.protected yes
91 org.freedesktop.NetworkManager.wifi.share.open yes
92 org.freedesktop.NetworkManager.settings.modify.system yes
93 org.freedesktop.NetworkManager.settings.modify.own yes
94 org.freedesktop.NetworkManager.settings.modify.hostname auth
95 org.freedesktop.NetworkManager.settings.modify.global-dns auth
96 org.freedesktop.NetworkManager.reload auth
97 This command shows configured polkit permissions for various
99 NetworkManager operations. These permissions or actions (using polkit
100 language) are configured by a system administrator and are not meant to
101 be changed by users. The usual place for the polkit configuration is
102 /usr/share/polkit-1/actions/org.freedesktop.NetworkManager.policy.
103 pkaction command can display description for polkit actions.
104 pkaction --action-id org.freedesktop.NetworkManager.network-control --verbose
106 More information about polkit can be found at
109 http://www.freedesktop.org/wiki/Software/polkit.
110 Example 4. Listing NetworkManager log level and domains
112 $ nmcli general logging
114 LEVEL DOMAINS
115 INFO PLATFORM,RFKILL,ETHER,WIFI,BT,MB,DHCP4,DHCP6,PPP,WIFI_SCAN,IP4,IP6,A
116 UTOIP4,DNS,VPN,SHARING,SUPPLICANT,AGENTS,SETTINGS,SUSPEND,CORE,DEVICE,OLPC,
117 WIMAX,INFINIBAND,FIREWALL,ADSL,BOND,VLAN,BRIDGE,DBUS_PROPS,TEAM,CONCHECK,DC
118 B,DISPATCH
119 This command shows current NetworkManager logging status.
121 Example 5. Changing NetworkManager logging
123 $ nmcli g log level DEBUG domains CORE,ETHER,IP
125 $ nmcli g log level INFO domains DEFAULT
126 The first command makes NetworkManager log in DEBUG level, and only for
128 CORE, ETHER and IP domains. The second command restores the default
129 logging state. Please refer to the NetworkManager.conf(5) manual page
130 for available logging levels and domains.
131 Example 6. Adding a bonding master and two slave connection profiles
133 $ nmcli con add type bond ifname mybond0 mode active-backup
135 $ nmcli con add type ethernet ifname eth1 master mybond0
136 $ nmcli con add type ethernet ifname eth2 master mybond0
137 This example demonstrates adding a bond master connection and two
139 slaves. The first command adds a master bond connection, naming the
140 bonding interface mybond0 and using active-backup mode. The next two
141 commands add slaves connections, both enslaved to mybond0. The first
142 slave will be bound to eth1 interface, the second to eth2.
143 Example 7. Adding a team master and two slave connection profiles
145 $ nmcli con add type team con-name Team1 ifname Team1 config team1-master-json.conf
147 $ nmcli con add type ethernet con-name Team1-slave1 ifname em1 master Team1
148 $ nmcli con add type ethernet con-name Team1-slave2 ifname em2 master Team1
149 This example demonstrates adding a team master connection profile and
151 two slaves. It is very similar to the bonding example. The first
152 command adds a master team profile, naming the team interface and the
153 profile Team1. The team configuration for the master is read from
154 team1-master-json.conf file. Later, you can change the configuration
155 with modify command (nmcli con modify Team1 team.config
156 team1-master-another-json.conf). The last two commands add slaves
157 profiles, both enslaved to Team1. The first slave will be bound to em1
158 interface, the second to em2. The slaves don't specify config and thus
159 teamd will use its default configuration. You will activate the whole
160 setup by activating both slaves:
161 $ nmcli con up Team1-slave1
163 $ nmcli con up Team1-slave2
164 By default, the created profiles are marked for auto-activation. But if
166 another connection has been activated on the device, the new profile
167 won't activate automatically and you need to activate it manually.
168 Example 8. Adding a bridge and two slave profiles
170 $ nmcli con add type bridge con-name TowerBridge ifname TowerBridge
172 $ nmcli con add type ethernet con-name br-slave-1 ifname ens3 master TowerBridge
173 $ nmcli con add type ethernet con-name br-slave-2 ifname ens4 master TowerBridge
174 $ nmcli con modify TowerBridge bridge.stp no
175 This example demonstrates adding a bridge master connection and two
177 slaves. The first command adds a master bridge connection, naming the
178 bridge interface and the profile as TowerBridge. The next two commands
179 add slaves profiles, both will be enslaved to TowerBridge. The first
180 slave will be tied to ens3 interface, the second to ens4. The last
181 command will disable 802.1D STP for the TowerBridge profile.
182 Example 9. Adding an ethernet connection profile with manual IP
184 configuration
185 $ nmcli con add con-name my-con-em1 ifname em1 type ethernet \
187 ip4 192.168.100.100/24 gw4 192.168.100.1 ip4 1.2.3.4 ip6 abbe::cafe
188 $ nmcli con mod my-con-em1 ipv4.dns "8.8.8.8 8.8.4.4"
189 $ nmcli con mod my-con-em1 +ipv4.dns 1.2.3.4
190 $ nmcli con mod my-con-em1 ipv6.dns "2001:4860:4860::8888 2001:4860:4860::8844"
191 $ nmcli -p con show my-con-em1
192 The first command adds an Ethernet connection profile named my-con-em1
194 that is bound to interface name em1. The profile is configured with
195 static IP addresses. Three addresses are added, two IPv4 addresses and
196 one IPv6. The first IP 192.168.100.100 has a prefix of 24 (netmask
197 equivalent of 255.255.255.0). Gateway entry will become the default
198 route if this profile is activated on em1 interface (and there is no
199 connection with higher priority). The next two addresses do not specify
200 a prefix, so a default prefix will be used, i.e. 32 for IPv4 and 128
201 for IPv6. The second, third and fourth commands modify DNS parameters
202 of the new connection profile. The last con show command displays the
203 profile so that all parameters can be reviewed.
204 Example 10. Convenient field values retrieval for scripting
206 $ nmcli -g ip4.address connection show my-con-eth0
208 192.168.1.12/24
209 $ nmcli -g ip4.address,ip4.dns connection show my-con-eth0
211 192.168.1.12/24
212 192.168.1.1
213 $ nmcli -g ip4 connection show my-con-eth0
215 IP4:192.168.1.12/24:192.168.1.1::192.168.1.1::
216 This example shows retrieval of ip4 connection field values via the
218 --get-values option. Multiple comma separated fields can be provided:
219 they will be printed one per line. If a whole section is provided
220 instead of a single field, the name of the section will be printed
221 followed by all the related field values on the same line. See also
222 --terse, --mode, --fields and --escape options in nmcli(1) manual page
223 for more customized output.
224 Example 11. Escaping colon characters in tabular mode
226 $ nmcli -t -f general -e yes -m tab dev show eth0
228 GENERAL:eth0:ethernet:Intel Corporation:82567LM Gigabit Network Connection:
229 e1000e:2.1.4-k:1.8-3:00\:22\:68\:15\:29\:21:1500:100 (connected):0 (No reas
230 on given):/sys/devices/pci0000\:00/0000\:00\:19.0/net/eth0:eth0:yes:yes:no:
231 ethernet-13:89cbcbc6-dc85-456c-9c8b-bd828fee3917:/org/freedesktop/NetworkMa
232 nager/ActiveConnection/9
233 This example shows escaping colon characters in tabular mode. It may be
235 useful for script processing, because ':' is used as a field separator.
236 Example 12. nmcli usage in a NetworkManager dispatcher script to make
238 Ethernet and Wi-Fi mutually exclusive
239 #!/bin/bash
241 export LC_ALL=C
242 enable_disable_wifi ()
244 {
245 result=$(nmcli dev | grep "ethernet" | grep -w "connected")
246 if [ -n "$result" ]; then
247 nmcli radio wifi off
248 else
249 nmcli radio wifi on
250 fi
251 }
252 if [ "$2" = "up" ]; then
254 enable_disable_wifi
255 fi
256 if [ "$2" = "down" ]; then
258 enable_disable_wifi
259 fi
260 This dispatcher script makes Wi-Fi mutually exclusive with wired
263 networking. When a wired interface is connected, Wi-Fi will be set to
264 airplane mode (rfkilled). When the wired interface is disconnected,
265 Wi-Fi will be turned back on. Name this script e.g.
266 70-wifi-wired-exclusive.sh and put it into
267 /etc/NetworkManager/dispatcher.d/ directory. See NetworkManager(8)
268 manual page for more information about NetworkManager dispatcher
269 scripts.
270 Example sessions of interactive connection editor
272 Example 13. Adding an ethernet connection profile in interactive editor
274 (a)
275 $ nmcli connection edit type ethernet
277 ===| nmcli interactive connection editor |===
279 Adding a new '802-3-ethernet' connection
281 Type 'help' or '?' for available commands.
283 Type 'describe [<setting>.<prop>]' for detailed property description.
284 You may edit the following settings: connection, 802-3-ethernet (ethernet),
286 802-1x, ipv4, ipv6, dcb
287 nmcli> print
288 ===========================================================================
289 Connection details
290 ===========================================================================
291 connection.id: ethernet-4
292 connection.uuid: de89cdeb-a3e1-4d53-8fa0-c22546c775f4
293 connection.interface-name: --
294 connection.type: 802-3-ethernet
295 connection.autoconnect: yes
296 connection.autoconnect-priority: 0
297 connection.timestamp: 0
298 connection.read-only: no
299 connection.permissions:
300 connection.zone: --
301 connection.master: --
302 connection.slave-type: --
303 connection.secondaries:
304 connection.gateway-ping-timeout: 0
305 ---------------------------------------------------------------------------
306 802-3-ethernet.port: --
307 802-3-ethernet.speed: 0
308 802-3-ethernet.duplex: --
309 802-3-ethernet.auto-negotiate: yes
310 802-3-ethernet.mac-address: --
311 802-3-ethernet.cloned-mac-address: --
312 802-3-ethernet.mac-address-blacklist:
313 802-3-ethernet.mtu: auto
314 802-3-ethernet.s390-subchannels:
315 802-3-ethernet.s390-nettype: --
316 802-3-ethernet.s390-options:
317 ---------------------------------------------------------------------------
318 ipv4.method: auto
319 ipv4.dns:
320 ipv4.dns-search:
321 ipv4.addresses:
322 ipv4.gateway: --
323 ipv4.routes:
324 ipv4.route-metric: -1
325 ipv4.ignore-auto-routes: no
326 ipv4.ignore-auto-dns: no
327 ipv4.dhcp-client-id: --
328 ipv4.dhcp-send-hostname: yes
329 ipv4.dhcp-hostname: --
330 ipv4.never-default: no
331 ipv4.may-fail: yes
332 ---------------------------------------------------------------------------
333 ipv6.method: auto
334 ipv6.dns:
335 ipv6.dns-search:
336 ipv6.addresses:
337 ipv6.gateway: --
338 ipv6.routes:
339 ipv6.route-metric: -1
340 ipv6.ignore-auto-routes: no
341 ipv6.ignore-auto-dns: no
342 ipv6.never-default: no
343 ipv6.may-fail: yes
344 ipv6.ip6-privacy: -1 (unknown)
345 ipv6.dhcp-hostname: --
346 ---------------------------------------------------------------------------
347 nmcli> goto ethernet
348 You may edit the following properties: port, speed, duplex, auto-negotiate,
349 mac-address, cloned-mac-address, mac-address-blacklist, mtu, s390-subchann
350 els, s390-nettype, s390-options
351 nmcli 802-3-ethernet> set mtu 1492
352 nmcli 802-3-ethernet> b
353 nmcli> goto ipv4.addresses
354 nmcli ipv4.addresses> desc
355 === [addresses] ===
357 [NM property description]
358 Array of IP addresses.
359 [nmcli specific description]
361 Enter a list of IPv4 addresses formatted as:
362 ip[/prefix], ip[/prefix],...
363 Missing prefix is regarded as prefix of 32.
364 Example: 192.168.1.5/24, 10.0.0.11/24
366 nmcli ipv4.addresses> set 192.168.1.100/24
368 Do you also want to set 'ipv4.method' to 'manual'? [yes]: yes
369 nmcli ipv4.addresses>
370 nmcli ipv4.addresses> print
371 addresses: 192.168.1.100/24
372 nmcli ipv4.addresses> back
373 nmcli ipv4> b
374 nmcli> set ipv4.gateway 192.168.1.1
375 nmcli> verify
376 Verify connection: OK
377 nmcli> print
378 ===========================================================================
379 Connection details
380 ===========================================================================
381 connection.id: ethernet-4
382 connection.uuid: de89cdeb-a3e1-4d53-8fa0-c22546c775f4
383 connection.interface-name: --
384 connection.type: 802-3-ethernet
385 connection.autoconnect: yes
386 connection.autoconnect-priority: 0
387 connection.timestamp: 0
388 connection.read-only: no
389 connection.permissions:
390 connection.zone: --
391 connection.master: --
392 connection.slave-type: --
393 connection.secondaries:
394 connection.gateway-ping-timeout: 0
395 ---------------------------------------------------------------------------
396 802-3-ethernet.port: --
397 802-3-ethernet.speed: 0
398 802-3-ethernet.duplex: --
399 802-3-ethernet.auto-negotiate: yes
400 802-3-ethernet.mac-address: --
401 802-3-ethernet.cloned-mac-address: --
402 802-3-ethernet.mac-address-blacklist:
403 802-3-ethernet.mtu: 1492
404 802-3-ethernet.s390-subchannels:
405 802-3-ethernet.s390-nettype: --
406 802-3-ethernet.s390-options:
407 ---------------------------------------------------------------------------
408 ipv4.method: manual
409 ipv4.dns:
410 ipv4.dns-search:
411 ipv4.addresses: 192.168.1.100/24
412 ipv4.gateway: 192.168.1.1
413 ipv4.routes:
414 ipv4.route-metric: -1
415 ipv4.ignore-auto-routes: no
416 ipv4.ignore-auto-dns: no
417 ipv4.dhcp-client-id: --
418 ipv4.dhcp-send-hostname: yes
419 ipv4.dhcp-hostname: --
420 ipv4.never-default: no
421 ipv4.may-fail: yes
422 ---------------------------------------------------------------------------
423 ipv6.method: auto
424 ipv6.dns:
425 ipv6.dns-search:
426 ipv6.addresses:
427 ipv6.routes:
428 ipv6.route-metric: -1
429 ipv6.ignore-auto-routes: no
430 ipv6.ignore-auto-dns: no
431 ipv6.never-default: no
432 ipv6.may-fail: yes
433 ipv6.ip6-privacy: -1 (unknown)
434 ipv6.dhcp-hostname: --
435 ---------------------------------------------------------------------------
436 nmcli> set ipv4.dns 8.8.8.8 8.8.4.4
437 nmcli> print
438 ===========================================================================
439 Connection details
440 ===========================================================================
441 connection.id: ethernet-4
442 connection.uuid: de89cdeb-a3e1-4d53-8fa0-c22546c775f4
443 connection.interface-name: --
444 connection.type: 802-3-ethernet
445 connection.autoconnect: yes
446 connection.autoconnect-priority: 0
447 connection.timestamp: 0
448 connection.read-only: no
449 connection.permissions:
450 connection.zone: --
451 connection.master: --
452 connection.slave-type: --
453 connection.secondaries:
454 connection.gateway-ping-timeout: 0
455 ---------------------------------------------------------------------------
456 802-3-ethernet.port: --
457 802-3-ethernet.speed: 0
458 802-3-ethernet.duplex: --
459 802-3-ethernet.auto-negotiate: yes
460 802-3-ethernet.mac-address: --
461 802-3-ethernet.cloned-mac-address: --
462 802-3-ethernet.mac-address-blacklist:
463 802-3-ethernet.mtu: 1492
464 802-3-ethernet.s390-subchannels:
465 802-3-ethernet.s390-nettype: --
466 802-3-ethernet.s390-options:
467 ---------------------------------------------------------------------------
468 ipv4.method: manual
469 ipv4.dns: 8.8.8.8,8.8.4.4
470 ipv4.dns-search:
471 ipv4.addresses: 192.168.1.100/24
472 ipv4.gateway: 192.168.1.1
473 ipv4.routes:
474 ipv4.route-metric: -1
475 ipv4.ignore-auto-routes: no
476 ipv4.ignore-auto-dns: no
477 ipv4.dhcp-client-id: --
478 ipv4.dhcp-send-hostname: yes
479 ipv4.dhcp-hostname: --
480 ipv4.never-default: no
481 ipv4.may-fail: yes
482 ---------------------------------------------------------------------------
483 ipv6.method: auto
484 ipv6.dns:
485 ipv6.dns-search:
486 ipv6.addresses:
487 ipv6.gateway: --
488 ipv6.routes:
489 ipv6.route-metric: -1
490 ipv6.ignore-auto-routes: no
491 ipv6.ignore-auto-dns: no
492 ipv6.never-default: no
493 ipv6.may-fail: yes
494 ipv6.ip6-privacy: -1 (unknown)
495 ipv6.dhcp-hostname: --
496 ---------------------------------------------------------------------------
497 nmcli> verify
498 Verify connection: OK
499 nmcli> save
500 Connection 'ethernet-4' (de89cdeb-a3e1-4d53-8fa0-c22546c775f4) successfully
501 saved.
502 nmcli> quit
503 Example session in the nmcli interactive connection editor. The
505 scenario creates an Ethernet connection profile with static addressing
506 (IPs and DNS).
507
509 nmcli(1), NetworkManager(8), NetworkManager.conf(5), nm-settings(5),
510 nm-online(1), nm-applet(1), nm-connection-editor(1)
511NetworkManager 1.12.6 NMCLI-EXAMPLES(7)