1NMCLI(1) General Commands Manual NMCLI(1)
2
6 nmcli - command-line tool for controlling NetworkManager
7
9 nmcli [OPTIONS...] {help | general | networking | radio | connection |
10 device | agent | monitor} [COMMAND] [ARGUMENTS...]
11
13 nmcli is a command-line tool for controlling NetworkManager and
14 reporting network status. It can be utilized as a replacement for
15 nm-applet or other graphical clients. nmcli is used to create,
16 display, edit, delete, activate, and deactivate network connections, as
17 well as control and display network device status. See nmcli-
18 examples(7) for ready to run nmcli examples.
19 Typical uses include:
21 · Scripts: Utilize NetworkManager via nmcli instead of managing
23 network connections manually. nmcli supports a terse output format
24 which is better suited for script processing. Note that
25 NetworkManager can also execute scripts, called "dispatcher
26 scripts", in response to network events. See NetworkManager(8) for
27 details about these dispatcher scripts.
28 · Servers, headless machines, and terminals: nmcli can be used to
30 control NetworkManager without a GUI, including creating, editing,
31 starting and stopping network connections and viewing network
32 status.
33
35 -a | --ask
36 When using this option nmcli will stop and ask for any missing
37 required arguments, so do not use this option for non-interactive
38 purposes like scripts. This option controls, for example, whether
39 you will be prompted for a password if it is required for
40 connecting to a network.
41 -c | --colors {yes | no | auto}
43 This option controls color output (using terminal escape
44 sequences). yes enables colors, no disables them, auto only
45 produces colors when standard output is directed to a terminal. The
46 default value is auto.
47 The actual colors used are configured as described in terminal-
49 colors.d(5). Please refer to the COLORS section for a list of color
50 names supported by nmcli.
51 --complete-args
53 Instead of conducting the desired action, nmcli will list possible
54 completions for the last argument. This is useful to implement
55 argument completion in shell.
56 The exit status will indicate success or return a code 65 to
58 indicate the last argument is a file name.
59 NetworkManager ships with command completion support for GNU Bash.
61 -e | --escape {yes | no}
63 Whether to escape : and \ characters in terse tabular mode. The
64 escape character is \.
65 If omitted, default is yes.
67 -f | --fields {field1,field2... | all | common}
69 This option is used to specify what fields (column names) should be
70 printed. Valid field names differ for specific commands. List
71 available fields by providing an invalid value to the --fields
72 option. all is used to print all valid field values of the
73 command. common is used to print common field values of the
74 command.
75 If omitted, default is common.
77 -g | --get-values {field1,field2... | all | common}
79 This option is used to print values from specific fields. It is
80 basically a shortcut for --mode tabular --terse --fields and is a
81 convenient way to retrieve values for particular fields. The values
82 are printed one per line without headers.
83 If a section is specified instead of a field, the section name will
85 be printed followed by colon separated values of the fields
86 belonging to that section, all on the same line.
87 -h | --help
89 Print help information.
90 -m | --mode {tabular | multiline}
92 Switch between tabular and multiline output:
93 tabular
95 Output is a table where each line describes a single entry.
96 Columns define particular properties of the entry.
97 multiline
99 Each entry comprises multiple lines, each property on its own
100 line. The values are prefixed with the property name.
101 If omitted, default is tabular for most commands. For the commands
103 producing more structured information, that cannot be displayed on
104 a single line, default is multiline. Currently, they are:
105 · nmcli connection show ID
107 · nmcli device show
109 -p | --pretty
111 Output is pretty. This causes nmcli to produce easily readable
112 outputs for humans, i.e. values are aligned, headers are printed,
113 etc.
114 -s | --show-secrets
116 When using this option nmcli will display passwords and secrets
117 that might be present in an output of an operation. This option
118 also influences echoing passwords typed by user as an input.
119 -t | --terse
121 Output is terse. This mode is designed and suitable for computer
122 (script) processing.
123 -v | --version
125 Show nmcli version.
126 -w | --wait seconds
128 This option sets a timeout period for which nmcli will wait for
129 NetworkManager to finish operations. It is especially useful for
130 commands that may take a longer time to complete, e.g. connection
131 activation.
132 Specifying a value of 0 instructs nmcli not to wait but to exit
134 immediately with a status of success. The default value depends on
135 the executed command.
136
138 nmcli general {status | hostname | permissions | logging}
139 [ARGUMENTS...]
140 Use this command to show NetworkManager status and permissions. You can
142 also get and change system hostname, as well as NetworkManager logging
143 level and domains.
144 status
146 Show overall status of NetworkManager. This is the default action,
147 when no additional command is provided for nmcli general.
148 hostname [hostname]
150 Get and change system hostname. With no arguments, this prints
151 currently configured hostname. When you pass a hostname, it will be
152 handed over to NetworkManager to be set as a new system hostname.
153 Note that the term "system" hostname may also be referred to as
155 "persistent" or "static" by other programs or tools. The hostname
156 is stored in /etc/hostname file in most distributions. For example,
157 systemd-hostnamed service uses the term "static" hostname and it
158 only reads the /etc/hostname file when it starts.
159 permissions
161 Show the permissions a caller has for various authenticated
162 operations that NetworkManager provides, like enable and disable
163 networking, changing Wi-Fi and WWAN state, modifying connections,
164 etc.
165 logging [level level] [domains domains...]
167 Get and change NetworkManager logging level and domains. Without
168 any argument current logging level and domains are shown. In order
169 to change logging state, provide level and, or, domain parameters.
170 See NetworkManager.conf(5) for available level and domain values.
171
173 nmcli networking {on | off | connectivity} [ARGUMENTS...]
174 Query NetworkManager networking status, enable and disable networking.
176 on, off
178 Enable or disable networking control by NetworkManager. All
179 interfaces managed by NetworkManager are deactivated when
180 networking is disabled.
181 connectivity [check]
183 Get network connectivity state. The optional check argument tells
184 NetworkManager to re-check the connectivity, else the most recent
185 known connectivity state is displayed without re-checking.
186 Possible states are:
188 none
190 the host is not connected to any network.
191 portal
193 the host is behind a captive portal and cannot reach the full
194 Internet.
195 limited
197 the host is connected to a network, but it has no access to the
198 Internet.
199 full
201 the host is connected to a network and has full access to the
202 Internet.
203 unknown
205 the connectivity status cannot be found out.
206
208 nmcli radio {all | wifi | wwan} [ARGUMENTS...]
209 Show radio switches status, or enable and disable the switches.
211 wifi [on | off]
213 Show or set status of Wi-Fi in NetworkManager. If no arguments are
214 supplied, Wi-Fi status is printed; on enables Wi-Fi; off disables
215 Wi-Fi.
216 wwan [on | off]
218 Show or set status of WWAN (mobile broadband) in NetworkManager. If
219 no arguments are supplied, mobile broadband status is printed; on
220 enables mobile broadband, off disables it.
221 all [on | off]
223 Show or set all previously mentioned radio switches at the same
224 time.
225
227 nmcli monitor
228 Observe NetworkManager activity. Watches for changes in connectivity
230 state, devices or connection profiles.
231 See also nmcli connection monitor and nmcli device monitor to watch for
233 changes in certain devices or connections.
234
236 nmcli connection {show | up | down | modify | add | edit | clone |
237 delete | monitor | reload | load | import | export}
238 [ARGUMENTS...]
239 NetworkManager stores all network configuration as "connections", which
241 are collections of data (Layer2 details, IP addressing, etc.) that
242 describe how to create or connect to a network. A connection is
243 "active" when a device uses that connection's configuration to create
244 or connect to a network. There may be multiple connections that apply
245 to a device, but only one of them can be active on that device at any
246 given time. The additional connections can be used to allow quick
247 switching between different networks and configurations.
248 Consider a machine which is usually connected to a DHCP-enabled
250 network, but sometimes connected to a testing network which uses static
251 IP addressing. Instead of manually reconfiguring eth0 each time the
252 network is changed, the settings can be saved as two connections which
253 both apply to eth0, one for DHCP (called default) and one with the
254 static addressing details (called testing). When connected to the
255 DHCP-enabled network the user would run nmcli con up default , and when
256 connected to the static network the user would run nmcli con up
257 testing.
258 show [--active] [--order [+-]category:...]
260 List in-memory and on-disk connection profiles, some of which may
261 also be active if a device is using that connection profile.
262 Without a parameter, all profiles are listed. When --active option
263 is specified, only the active profiles are shown.
264 The --order option can be used to get custom ordering of
266 connections. The connections can be ordered by active status
267 (active), name (name), type (type) or D-Bus path (path). If
268 connections are equal according to a sort order category, an
269 additional category can be specified. The default sorting order is
270 equivalent to --order active:name:path. + or no prefix means
271 sorting in ascending order (alphabetically or in numbers), - means
272 reverse (descending) order. The category names can be abbreviated
273 (e.g. --order -a:na).
274 show [--active] [id | uuid | path | apath] ID...
276 Show details for specified connections. By default, both static
277 configuration and active connection data are displayed. When
278 --active option is specified, only the active profiles are taken
279 into account. Use global --show-secrets option to display secrets
280 associated with the profile.
281 id, uuid, path and apath keywords can be used if ID is ambiguous.
283 Optional ID-specifying keywords are:
284 id
286 the ID denotes a connection name.
287 uuid
289 the ID denotes a connection UUID.
290 path
292 the ID denotes a D-Bus static connection path in the format of
293 /org/freedesktop/NetworkManager/Settings/num or just num.
294 apath
296 the ID denotes a D-Bus active connection path in the format of
297 /org/freedesktop/NetworkManager/ActiveConnection/num or just
298 num.
299 It is possible to filter the output using the global --fields
301 option. Use the following values:
302 profile
304 only shows static profile configuration.
305 active
307 only shows active connection data (when the profile is active).
308 You can also specify particular fields. For static configuration,
310 use setting and property names as described in nm-settings(5)
311 manual page. For active data use GENERAL, IP4, DHCP4, IP6, DHCP6,
312 VPN.
313 When no command is given to the nmcli connection, the default
315 action is nmcli connection show.
316 up [id | uuid | path] ID [ifname ifname] [ap BSSID] [passwd-file file]
318 Activate a connection. The connection is identified by its name,
319 UUID or D-Bus path. If ID is ambiguous, a keyword id, uuid or path
320 can be used. When requiring a particular device to activate the
321 connection on, the ifname option with interface name should be
322 given. If the ID is not given an ifname is required, and
323 NetworkManager will activate the best available connection for the
324 given ifname. In case of a VPN connection, the ifname option
325 specifies the device of the base connection. The ap option specify
326 what particular AP should be used in case of a Wi-Fi connection.
327 If --wait option is not specified, the default timeout will be 90
329 seconds.
330 See connection show above for the description of the ID-specifying
332 keywords.
333 Available options are:
335 ifname
337 interface that will be used for activation.
338 ap
340 BSSID of the AP which the command should connect to (for Wi-Fi
341 connections).
342 passwd-file
344 some networks may require credentials during activation. You
345 can give these credentials using this option. Each line of the
346 file should contain one password in the form:
347 setting_name.property_name:the password
349 For example, for WPA Wi-Fi with PSK, the line would be
351 802-11-wireless-security.psk:secret12345
353 For 802.1X password, the line would be
355 802-1x.password:my 1X password
357 nmcli also accepts wifi-sec and wifi strings instead of
360 802-11-wireless-security. When NetworkManager requires a
361 password and it is not given, nmcli will ask for it when run
362 with --ask. If --ask was not passed, NetworkManager can ask
363 another secret agent that may be running (typically a GUI
364 secret agent, such as nm-applet or gnome-shell).
365 down [id | uuid | path | apath] ID...
367 Deactivate a connection from a device without preventing the device
368 from further auto-activation. Multiple connections can be passed to
369 the command.
370 Be aware that this command deactivates the specified active
372 connection, but the device on which the connection was active, is
373 still ready to connect and will perform auto-activation by looking
374 for a suitable connection that has the 'autoconnect' flag set. Note
375 that the deactivating connection profile is internally blocked from
376 autoconnecting again. Hence it will not autoconnect until reboot or
377 until the user performs an action that unblocks autoconnect, like
378 modifying the profile or explicitly activating it.
379 In most cases you may want to use device disconnect command
381 instead.
382 The connection is identified by its name, UUID or D-Bus path. If ID
384 is ambiguous, a keyword id, uuid, path or apath can be used.
385 See connection show above for the description of the ID-specifying
387 keywords.
388 If --wait option is not specified, the default timeout will be 10
390 seconds.
391 modify [--temporary] [id | uuid | path] ID
393 {option value | [+|-]setting.property value}...
394 Add, modify or remove properties in the connection profile.
395 To set the property just specify the property name followed by the
397 value. An empty value ("") removes the property value.
398 In addition to the properties, you can also use short names for
400 some of the properties. Consult the PROPERTY ALIASES section for
401 details.
402 If you want to append an item to the existing value, use + prefix
404 for the property name. If you want to remove just one item from
405 container-type property, use - prefix for the property name and
406 specify a value or an zero-based index of the item to remove (or
407 option name for properties with named options) as value. The + and
408 - modifies only have a real effect for multi-value (container)
409 properties like ipv4.dns, ipv4.addresses, bond.options, etc.
410 See nm-settings(5) for complete reference of setting and property
412 names, their descriptions and default values. The setting and
413 property can be abbreviated provided they are unique.
414 The connection is identified by its name, UUID or D-Bus path. If ID
416 is ambiguous, a keyword id, uuid or path can be used.
417 add [save {yes | no}] {option value | [+|-]setting.property value}...
419 Create a new connection using specified properties.
420 You need to describe the newly created connections with the
422 property and value pairs. See nm-settings(5) for the complete
423 reference. You can also use the aliases described in PROPERTY
424 ALIASES section. The syntax is the same as of the nmcli connection
425 modify command.
426 To construct a meaningful connection you at the very least need to
428 set the connection.type property (or use the type alias) to one of
429 known NetworkManager connection types:
430 · ethernet
432 · wifi
434 · wimax
436 · pppoe
438 · gsm
440 · cdma
442 · infiniband
444 · bluetooth
446 · vlan
448 · bond
450 · bond-slave
452 · team
454 · team-slave
456 · bridge
458 · bridge-slave
460 · vpn
462 · olpc-mesh
464 · adsl
466 · tun
468 · ip-tunnel
470 · macvlan
472 · vxlan
474 · dummy
476 The most typical uses are described in the EXAMPLES section.
478 Aside from the properties and values two special options are
480 accepted:
481 save
483 Controls whether the connection should be persistent, i.e.
484 NetworkManager should store it on disk (default: yes).
485 --
487 If a single -- argument is encountered it is ignored. This is
488 for compatibility with older versions on nmcli.
489 edit {[id | uuid | path] ID | [type type] [con-name name] }
491 Edit an existing connection or add a new one, using an interactive
492 editor.
493 The existing connection is identified by its name, UUID or D-Bus
495 path. If ID is ambiguous, a keyword id, uuid, or path can be used.
496 See connection show above for the description of the ID-specifying
497 keywords. Not providing an ID means that a new connection will be
498 added.
499 The interactive editor will guide you through the connection
501 editing and allow you to change connection parameters according to
502 your needs by means of a simple menu-driven interface. The editor
503 indicates what settings and properties can be modified and provides
504 in-line help.
505 Available options:
507 type
509 type of the new connection; valid types are the same as for
510 connection add command.
511 con-name
513 name for the new connection. It can be changed later in the
514 editor.
515 See also nm-settings(5) for all NetworkManager settings and
517 property names, and their descriptions; and nmcli-examples(7) for
518 sample editor sessions.
519 clone [--temporary] [id | uuid | path] ID new_name
521 Clone a connection. The connection to be cloned is identified by
522 its name, UUID or D-Bus path. If ID is ambiguous, a keyword id,
523 uuid or path can be used. See connection show above for the
524 description of the ID-specifying keywords. new_name is the name of
525 the new cloned connection. The new connection will be the exact
526 copy except the connection.id (new_name) and connection.uuid
527 (generated) properties.
528 The new connection profile will be saved as persistent unless
530 --temporary option is specified, in which case the new profile
531 won't exist after NetworkManager restart.
532 delete [id | uuid | path] ID...
534 Delete a configured connection. The connection to be deleted is
535 identified by its name, UUID or D-Bus path. If ID is ambiguous, a
536 keyword id, uuid or path can be used. See connection show above for
537 the description of the ID-specifying keywords.
538 If --wait option is not specified, the default timeout will be 10
540 seconds.
541 monitor [id | uuid | path] ID...
543 Monitor connection profile activity. This command prints a line
544 whenever the specified connection changes. The connection to be
545 monitored is identified by its name, UUID or D-Bus path. If ID is
546 ambiguous, a keyword id, uuid or path can be used. See connection
547 show above for the description of the ID-specifying keywords.
548 Monitors all connection profiles in case none is specified. The
550 command terminates when all monitored connections disappear. If you
551 want to monitor connection creation consider using the global
552 monitor with nmcli monitor command.
553 reload
555 Reload all connection files from disk. NetworkManager does not
556 monitor changes to connection files by default. So you need to use
557 this command in order to tell NetworkManager to re-read the
558 connection profiles from disk when a change was made to them.
559 However, the auto-loading feature can be enabled and then
560 NetworkManager will reload connection files any time they change
561 (monitor-connection-files=true in NetworkManager.conf(5)).
562 load filename...
564 Load/reload one or more connection files from disk. Use this after
565 manually editing a connection file to ensure that NetworkManager is
566 aware of its latest state.
567 import [--temporary] type type file file
569 Import an external/foreign configuration as a NetworkManager
570 connection profile. The type of the input file is specified by type
571 option.
572 Only VPN configurations are supported at the moment. The
574 configuration is imported by NetworkManager VPN plugins. type
575 values are the same as for vpn-type option in nmcli connection add.
576 VPN configurations are imported by VPN plugins. Therefore the
577 proper VPN plugin has to be installed so that nmcli could import
578 the data.
579 The imported connection profile will be saved as persistent unless
581 --temporary option is specified, in which case the new profile
582 won't exist after NetworkManager restart.
583 export [id | uuid | path] ID [file]
585 Export a connection.
586 Only VPN connections are supported at the moment. A proper VPN
588 plugin has to be installed so that nmcli could export a connection.
589 If no file is provided, the VPN configuration data will be printed
590 to standard output.
591
593 nmcli device {status | show | set | connect | reapply | modify |
594 disconnect | delete | monitor | wifi | lldp}
595 [ARGUMENTS...]
596 Show and manage network interfaces.
598 status
600 Print status of devices.
601 This is the default action if no command is specified to nmcli
603 device.
604 show [ifname]
606 Show detailed information about devices. Without an argument, all
607 devices are examined. To get information for a specific device, the
608 interface name has to be provided.
609 set [ifname] ifname [autoconnect {yes | no}] [managed {yes | no}]
611 Set device properties.
612 connect ifname
614 Connect the device. NetworkManager will try to find a suitable
615 connection that will be activated. It will also consider
616 connections that are not set to auto connect.
617 If no compatible connection exists, a new profile with default
619 settings will be created and activated. This differentiates nmcli
620 connection up ifname "$DEVICE" from nmcli device connect "$DEVICE"
621 If --wait option is not specified, the default timeout will be 90
623 seconds.
624 reapply ifname
626 Attempt to update device with changes to the currently active
627 connection made since it was last applied.
628 modify ifname {option value | [+|-]setting.property value}...
630 Modify the settings currently active on the device.
631 This command lets you do temporary changes to a configuration
633 active on a particular device. The changes are not preserved in the
634 connection profile.
635 See nm-settings(5) for the list of available properties. Please
637 note that some properties can't be changed on an already connected
638 device.
639 You can also use the aliases described in PROPERTY ALIASES section.
641 The syntax is the same as of the nmcli connection modify command.
642 disconnect ifname...
644 Disconnect a device and prevent the device from automatically
645 activating further connections without user/manual intervention.
646 Note that disconnecting software devices may mean that the devices
647 will disappear.
648 If --wait option is not specified, the default timeout will be 10
650 seconds.
651 delete ifname...
653 Delete a device. The command removes the interface from the system.
654 Note that this only works for software devices like bonds, bridges,
655 teams, etc. Hardware devices (like Ethernet) cannot be deleted by
656 the command.
657 If --wait option is not specified, the default timeout will be 10
659 seconds.
660 monitor [ifname...]
662 Monitor device activity. This command prints a line whenever the
663 specified devices change state.
664 Monitors all devices in case no interface is specified. The monitor
666 terminates when all specified devices disappear. If you want to
667 monitor device addition consider using the global monitor with
668 nmcli monitor command.
669 wifi [list [--rescan | auto | no | yes] [ifname ifname] [bssid BSSID]]
671 List available Wi-Fi access points. The ifname and bssid options
672 can be used to list APs for a particular interface or with a
673 specific BSSID, respectively.
674 By default, nmcli ensures that the access point list is no older
676 than 30 seconds and triggers a network scan if necessary. The
677 --rescan can be used to either force or disable the scan regardless
678 of how fresh the access point list is.
679 wifi connect (B)SSID [password password] [wep-key-type {key | phrase}]
681 [ifname ifname] [bssid BSSID] [name name] [private {yes | no}]
682 [hidden {yes | no}]
683 Connect to a Wi-Fi network specified by SSID or BSSID. The command
684 finds a matching connection or creates one and then activates it on
685 a device. This is a command-line counterpart of clicking an SSID in
686 a GUI client. If a connection for the network already exists, it is
687 possible to bring up (activate) the existing profile as follows:
688 nmcli con up id name. Note that only open, WEP and WPA-PSK networks
689 are supported if no previous connection exists. It is also assumed
690 that IP configuration is obtained via DHCP.
691 If --wait option is not specified, the default timeout will be 90
693 seconds.
694 Available options are:
696 password
698 password for secured networks (WEP or WPA).
699 wep-key-type
701 type of WEP secret, either key for ASCII/HEX key or phrase for
702 passphrase.
703 ifname
705 interface that will be used for activation.
706 bssid
708 if specified, the created connection will be restricted just
709 for the BSSID.
710 name
712 if specified, the connection will use the name (else NM creates
713 a name itself).
714 private
716 if set to yes, the connection will only be visible to the user
717 who created it. Otherwise the connection is system-wide, which
718 is the default.
719 hidden
721 set to yes when connecting for the first time to an AP not
722 broadcasting its SSID. Otherwise the SSID would not be found
723 and the connection attempt would fail.
724 wifi hotspot [ifname ifname] [con-name name] [ssid SSID]
726 [band {a | bg}] [channel channel] [password password]
727 Create a Wi-Fi hotspot. The command creates a hotspot connection
728 profile according to Wi-Fi device capabilities and activates it on
729 the device. The hotspot is secured with WPA if device/driver
730 supports that, otherwise WEP is used. Use connection down or device
731 disconnect to stop the hotspot.
732 Parameters of the hotspot can be influenced by the optional
734 parameters:
735 ifname
737 what Wi-Fi device is used.
738 con-name
740 name of the created hotspot connection profile.
741 ssid
743 SSID of the hotspot.
744 band
746 Wi-Fi band to use.
747 channel
749 Wi-Fi channel to use.
750 password
752 password to use for the created hotspot. If not provided, nmcli
753 will generate a password. The password is either WPA pre-shared
754 key or WEP key.
755 Note that --show-secrets global option can be used to print the
757 hotspot password. It is useful especially when the password was
758 generated.
759 wifi rescan [ifname ifname] [ssid SSID...]
761 Request that NetworkManager immediately re-scan for available
762 access points. NetworkManager scans Wi-Fi networks periodically,
763 but in some cases it can be useful to start scanning manually (e.g.
764 after resuming the computer). By using ssid, it is possible to scan
765 for a specific SSID, which is useful for APs with hidden SSIDs. You
766 can provide multiple ssid parameters in order to scan more SSIDs.
767 This command does not show the APs, use nmcli device wifi list for
769 that.
770 lldp [list [ifname ifname]]
772 Display information about neighboring devices learned through the
773 Link Layer Discovery Protocol (LLDP). The ifname option can be used
774 to list neighbors only for a given interface. The protocol must be
775 enabled in the connection settings.
776
778 nmcli agent {secret | polkit | all}
779 Run nmcli as a NetworkManager secret agent, or polkit agent.
781 secret
783 Register nmcli as a NetworkManager secret agent and listen for
784 secret requests. You do usually not need this command, because
785 nmcli can handle secrets when connecting to networks. However, you
786 may find the command useful when you use another tool for
787 activating connections and you do not have a secret agent available
788 (like nm-applet).
789 polkit
791 Register nmcli as a polkit agent for the user session and listen
792 for authorization requests. You do not usually need this command,
793 because nmcli can handle polkit actions related to NetworkManager
794 operations (when run with --ask). However, you may find the command
795 useful when you want to run a simple text based polkit agent and
796 you do not have an agent of a desktop environment. Note that
797 running this command makes nmcli handle all polkit requests, not
798 only NetworkManager related ones, because only one polkit agent can
799 run for the session.
800 all
802 Runs nmcli as both NetworkManager secret and a polkit agent.
803
805 Apart from the property-value pairs, connection add, connection modify
806 and device modify also accept short forms of some properties. They
807 exist for convenience. Some aliases can affect multiple connection
808 properties at once.
809 The overview of the aliases is below. An actual connection type is used
811 to disambiguate these options from the options of the same name that
812 are valid for multiple connection types (such as mtu).
813 Table 1. Options for all connections
815 ┌────────────┬───────────────────────────┬─────────────────────────────┐
816 │Alias │ Property │ Note │
817 ├────────────┼───────────────────────────┼─────────────────────────────┤
818 │type │ connection.type │ This alias also │
819 │ │ │ accepts values of │
820 │ │ │ bond-slave, │
821 │ │ │ team-slave and │
822 │ │ │ bridge-slave. They │
823 │ │ │ create ethernet │
824 │ │ │ connection │
825 │ │ │ profiles. Their use │
826 │ │ │ is discouraged in │
827 │ │ │ favor of using a │
828 │ │ │ specific type with │
829 │ │ │ master option. │
830 ├────────────┼───────────────────────────┼─────────────────────────────┤
831 │con-name │ connection.id │ When not provided a │
832 │ │ │ default name is │
833 │ │ │ generated: │
834 │ │ │ <type>[-<ifname>][-<num>]). │
835 ├────────────┼───────────────────────────┼─────────────────────────────┤
836 │autoconnect │ connection.autoconnect │ │
837 ├────────────┼───────────────────────────┼─────────────────────────────┤
838 │ifname │ connection.interface-name │ A value of * will be │
839 │ │ │ interpreted as no value, │
840 │ │ │ making the connection │
841 │ │ │ profile │
842 │ │ │ interface-independent. │
843 │ │ │ Note: use quotes around * │
844 │ │ │ to suppress shell │
845 │ │ │ expansion. For bond, team │
846 │ │ │ and bridge connections a │
847 │ │ │ default name will be │
848 │ │ │ generated if not set. │
849 ├────────────┼───────────────────────────┼─────────────────────────────┤
850 │master │ connection.master │ Value specified here will │
851 │ │ │ be canonicalized. It can │
852 │ │ │ be prefixed with ifname/, │
853 │ │ │ uuid/ or id/ to │
854 │ │ │ disambiguate it. │
855 ├────────────┼───────────────────────────┼─────────────────────────────┤
856 │slave-type │ connection.slave-type │ │
857 └────────────┴───────────────────────────┴─────────────────────────────┘
858 Table 2. PPPoE options
860 ┌─────────┬────────────────┐
861 │Alias │ Property │
862 ├─────────┼────────────────┤
863 │username │ pppoe.username │
864 ├─────────┼────────────────┤
865 │password │ pppoe.password │
866 ├─────────┼────────────────┤
867 │service │ pppoe.service │
868 ├─────────┼────────────────┤
869 │parent │ pppoe.parent │
870 └─────────┴────────────────┘
871 Table 3. Wired Ethernet options
873 ┌───────────┬──────────────────────────┐
874 │Alias │ Property │
875 ├───────────┼──────────────────────────┤
876 │mtu │ wired.mtu │
877 ├───────────┼──────────────────────────┤
878 │mac │ wired.mac-address │
879 ├───────────┼──────────────────────────┤
880 │cloned-mac │ wired.cloned-mac-address │
881 └───────────┴──────────────────────────┘
882 Table 4. Infiniband options
884 ┌───────────────┬───────────────────────────┐
885 │Alias │ Property │
886 ├───────────────┼───────────────────────────┤
887 │mtu │ infiniband.mtu │
888 ├───────────────┼───────────────────────────┤
889 │mac │ infiniband.mac-address │
890 ├───────────────┼───────────────────────────┤
891 │transport-mode │ infiniband.transport-mode │
892 ├───────────────┼───────────────────────────┤
893 │parent │ infiniband.parent │
894 ├───────────────┼───────────────────────────┤
895 │p-key │ infiniband.p-key │
896 └───────────────┴───────────────────────────┘
897 Table 5. Wi-Fi options
899 ┌───────────┬─────────────────────────────┐
900 │Alias │ Property │
901 ├───────────┼─────────────────────────────┤
902 │ssid │ wireless.ssid │
903 ├───────────┼─────────────────────────────┤
904 │mode │ wireless.mode │
905 ├───────────┼─────────────────────────────┤
906 │mtu │ wireless.mtu │
907 ├───────────┼─────────────────────────────┤
908 │mac │ wireless.mac-address │
909 ├───────────┼─────────────────────────────┤
910 │cloned-mac │ wireless.cloned-mac-address │
911 └───────────┴─────────────────────────────┘
912 Table 6. WiMax options
914 ┌──────┬────────────────────┐
915 │Alias │ Property │
916 ├──────┼────────────────────┤
917 │nsp │ wimax.network-name │
918 ├──────┼────────────────────┤
919 │mac │ wimax.mac-address │
920 └──────┴────────────────────┘
921 Table 7. GSM options
923 ┌─────────┬──────────────┐
924 │Alias │ Property │
925 ├─────────┼──────────────┤
926 │apn │ gsm.apn │
927 ├─────────┼──────────────┤
928 │user │ gsm.username │
929 ├─────────┼──────────────┤
930 │password │ gsm.password │
931 └─────────┴──────────────┘
932 Table 8. CDMA options
934 ┌─────────┬───────────────┐
935 │Alias │ Property │
936 ├─────────┼───────────────┤
937 │user │ cdma.username │
938 ├─────────┼───────────────┤
939 │password │ cdma.password │
940 └─────────┴───────────────┘
941 Table 9. Bluetooth options
943 ┌────────┬──────────────────┬─────────────────────┐
944 │Alias │ Property │ Note │
945 ├────────┼──────────────────┼─────────────────────┤
946 │addr │ bluetooth.bdaddr │ │
947 ├────────┼──────────────────┼─────────────────────┤
948 │bt-type │ bluetooth.type │ Apart from the │
949 │ │ │ usual panu, nap and │
950 │ │ │ dun options, the │
951 │ │ │ values of dun-gsm │
952 │ │ │ and dun-cdma can be │
953 │ │ │ used for │
954 │ │ │ compatibility with │
955 │ │ │ older versions. │
956 │ │ │ They are equivalent │
957 │ │ │ to using dun and │
958 │ │ │ setting appropriate │
959 │ │ │ gsm.* or cdma.* │
960 │ │ │ properties. │
961 └────────┴──────────────────┴─────────────────────┘
962 Table 10. VLAN options
964 ┌────────┬───────────────────────────┐
965 │Alias │ Property │
966 ├────────┼───────────────────────────┤
967 │dev │ vlan.parent │
968 ├────────┼───────────────────────────┤
969 │id │ vlan.id │
970 ├────────┼───────────────────────────┤
971 │flags │ vlan.flags │
972 ├────────┼───────────────────────────┤
973 │ingress │ vlan.ingress-priority-map │
974 ├────────┼───────────────────────────┤
975 │egress │ vlan.egress-priority-map │
976 └────────┴───────────────────────────┘
977 Table 11. Bonding options
979 ┌──────────────┬──────────────┬───────────────────┐
980 │Alias │ Property │ Note │
981 ├──────────────┼──────────────┼───────────────────┤
982 │mode │ │ Setting each of │
983 ├──────────────┤ │ these adds the │
984 │primary │ │ option to │
985 ├──────────────┤ │ bond.options │
986 │miimon │ │ property. It's │
987 ├──────────────┤ │ equivalent to the │
988 │downdelay │ │ +bond.options │
989 ├──────────────┤ bond.options │ 'option=value' │
990 │updelay │ │ syntax. │
991 ├──────────────┤ │ │
992 │arp-interval │ │ │
993 ├──────────────┤ │ │
994 │arp-ip-target │ │ │
995 ├──────────────┤ │ │
996 │lacp-rate │ │ │
997 └──────────────┴──────────────┴───────────────────┘
998 Table 12. Team options
1000 ┌───────┬─────────────┬────────────────────┐
1001 │Alias │ Property │ Note │
1002 ├───────┼─────────────┼────────────────────┤
1003 │config │ team.config │ Either a filename │
1004 │ │ │ or a team │
1005 │ │ │ configuration in │
1006 │ │ │ JSON format. To │
1007 │ │ │ enforce one or the │
1008 │ │ │ other, the value │
1009 │ │ │ can be prefixed │
1010 │ │ │ with "file://" or │
1011 │ │ │ "json://". │
1012 └───────┴─────────────┴────────────────────┘
1013 Table 13. Team port options
1015 ┌───────┬──────────────────┬────────────────────┐
1016 │Alias │ Property │ Note │
1017 ├───────┼──────────────────┼────────────────────┤
1018 │config │ team-port.config │ Either a filename │
1019 │ │ │ or a team │
1020 │ │ │ configuration in │
1021 │ │ │ JSON format. To │
1022 │ │ │ enforce one or the │
1023 │ │ │ other, the value │
1024 │ │ │ can be prefixed │
1025 │ │ │ with "file://" or │
1026 │ │ │ "json://". │
1027 └───────┴──────────────────┴────────────────────┘
1028 Table 14. Bridge options
1030 ┌───────────────────┬───────────────────────────┐
1031 │Alias │ Property │
1032 ├───────────────────┼───────────────────────────┤
1033 │stp │ bridge.stp │
1034 ├───────────────────┼───────────────────────────┤
1035 │priority │ bridge.priority │
1036 ├───────────────────┼───────────────────────────┤
1037 │forward-delay │ bridge.forward-delay │
1038 ├───────────────────┼───────────────────────────┤
1039 │hello-time │ bridge.hello-time │
1040 ├───────────────────┼───────────────────────────┤
1041 │max-age │ bridge.max-age │
1042 ├───────────────────┼───────────────────────────┤
1043 │ageing-time │ bridge.ageing-time │
1044 ├───────────────────┼───────────────────────────┤
1045 │group-forward-mask │ bridge.group-forward-mask │
1046 ├───────────────────┼───────────────────────────┤
1047 │multicast-snooping │ bridge.multicast-snooping │
1048 ├───────────────────┼───────────────────────────┤
1049 │mac │ bridge.mac-address │
1050 ├───────────────────┼───────────────────────────┤
1051 │priority │ bridge-port.priority │
1052 ├───────────────────┼───────────────────────────┤
1053 │path-cost │ bridge-port.path-cost │
1054 ├───────────────────┼───────────────────────────┤
1055 │hairpin │ bridge-port.hairpin-mode │
1056 └───────────────────┴───────────────────────────┘
1057 Table 15. VPN options
1059 ┌─────────┬──────────────────┐
1060 │Alias │ Property │
1061 ├─────────┼──────────────────┤
1062 │vpn-type │ vpn.service-type │
1063 ├─────────┼──────────────────┤
1064 │user │ vpn.user-name │
1065 └─────────┴──────────────────┘
1066 Table 16. OLPC Mesh options
1068 ┌─────────────┬────────────────────────────────┐
1069 │Alias │ Property │
1070 ├─────────────┼────────────────────────────────┤
1071 │ssid │ olpc-mesh.ssid │
1072 ├─────────────┼────────────────────────────────┤
1073 │channel │ olpc-mesh.channel │
1074 ├─────────────┼────────────────────────────────┤
1075 │dhcp-anycast │ olpc-mesh.dhcp-anycast-address │
1076 └─────────────┴────────────────────────────────┘
1077 Table 17. ADSL options
1079 ┌──────────────┬────────────────────┐
1080 │Alias │ Property │
1081 ├──────────────┼────────────────────┤
1082 │username │ adsl.username │
1083 ├──────────────┼────────────────────┤
1084 │protocol │ adsl.protocol │
1085 ├──────────────┼────────────────────┤
1086 │password │ adsl.password │
1087 ├──────────────┼────────────────────┤
1088 │encapsulation │ adsl.encapsulation │
1089 └──────────────┴────────────────────┘
1090 Table 18. MACVLAN options
1092 ┌──────┬────────────────┐
1093 │Alias │ Property │
1094 ├──────┼────────────────┤
1095 │dev │ macvlan.parent │
1096 ├──────┼────────────────┤
1097 │mode │ macvlan.mode │
1098 ├──────┼────────────────┤
1099 │tap │ macvlan.tap │
1100 └──────┴────────────────┘
1101 Table 19. MACsec options
1103 ┌────────┬────────────────┐
1104 │Alias │ Property │
1105 ├────────┼────────────────┤
1106 │dev │ macsec.parent │
1107 ├────────┼────────────────┤
1108 │mode │ macsec.mode │
1109 ├────────┼────────────────┤
1110 │encrypt │ macsec.encrypt │
1111 ├────────┼────────────────┤
1112 │cak │ macsec.cak │
1113 ├────────┼────────────────┤
1114 │ckn │ macsec.ckn │
1115 ├────────┼────────────────┤
1116 │port │ macsec.port │
1117 └────────┴────────────────┘
1118 Table 20. VxLAN options
1120 ┌─────────────────┬────────────────────────┐
1121 │Alias │ Property │
1122 ├─────────────────┼────────────────────────┤
1123 │id │ vxlan.id │
1124 ├─────────────────┼────────────────────────┤
1125 │remote │ vxlan.remote │
1126 ├─────────────────┼────────────────────────┤
1127 │dev │ vxlan.parent │
1128 ├─────────────────┼────────────────────────┤
1129 │local │ vxlan.local │
1130 ├─────────────────┼────────────────────────┤
1131 │source-port-min │ vxlan.source-port-min │
1132 ├─────────────────┼────────────────────────┤
1133 │source-port-max │ vxlan.source-port-max │
1134 ├─────────────────┼────────────────────────┤
1135 │destination-port │ vxlan.destination-port │
1136 └─────────────────┴────────────────────────┘
1137 Table 21. Tun options
1139 ┌────────────┬─────────────────┐
1140 │Alias │ Property │
1141 ├────────────┼─────────────────┤
1142 │mode │ tun.mode │
1143 ├────────────┼─────────────────┤
1144 │owner │ tun.owner │
1145 ├────────────┼─────────────────┤
1146 │group │ tun.group │
1147 ├────────────┼─────────────────┤
1148 │pi │ tun.pi │
1149 ├────────────┼─────────────────┤
1150 │vnet-hdr │ tun.vnet-hdr │
1151 ├────────────┼─────────────────┤
1152 │multi-queue │ tun.multi-queue │
1153 └────────────┴─────────────────┘
1154 Table 22. IP tunneling options
1156 ┌───────┬──────────────────┐
1157 │Alias │ Property │
1158 ├───────┼──────────────────┤
1159 │mode │ ip-tunnel.mode │
1160 ├───────┼──────────────────┤
1161 │local │ ip-tunnel.local │
1162 ├───────┼──────────────────┤
1163 │remote │ ip-tunnel.remote │
1164 ├───────┼──────────────────┤
1165 │dev │ ip-tunnel.parent │
1166 └───────┴──────────────────┘
1167 Table 23. WPAN options
1169 ┌───────────┬─────────────────┐
1170 │Alias │ Property │
1171 ├───────────┼─────────────────┤
1172 │mac │ wpan.mac │
1173 ├───────────┼─────────────────┤
1174 │short-addr │ wpan.short-addr │
1175 ├───────────┼─────────────────┤
1176 │pan-id │ wpan.pan-id │
1177 └───────────┴─────────────────┘
1178 Table 24. 6LoWPAN options
1180 ┌──────┬────────────────┐
1181 │Alias │ Property │
1182 ├──────┼────────────────┤
1183 │dev │ 6lowpan.parent │
1184 └──────┴────────────────┘
1185 Table 25. IPv4 options
1187 ┌──────┬────────────────┬─────────────────────┐
1188 │Alias │ Property │ Note │
1189 ├──────┼────────────────┼─────────────────────┤
1190 │ip4 │ ipv4.addresses │ The alias is │
1191 │ │ ipv4.method │ equivalent to the │
1192 │ │ │ +ipv4.addresses │
1193 │ │ │ syntax and also │
1194 │ │ │ sets ipv4.method to │
1195 │ │ │ manual. It can be │
1196 │ │ │ specified multiple │
1197 │ │ │ times. │
1198 ├──────┼────────────────┼─────────────────────┤
1199 │gw4 │ ipv4.gateway │ │
1200 └──────┴────────────────┴─────────────────────┘
1201 Table 26. IPv6 options
1203 ┌──────┬────────────────┬─────────────────────┐
1204 │Alias │ Property │ Note │
1205 ├──────┼────────────────┼─────────────────────┤
1206 │ip6 │ ipv6.addresses │ The alias is │
1207 │ │ ipv6.method │ equivalent to the │
1208 │ │ │ +ipv6.addresses │
1209 │ │ │ syntax and also │
1210 │ │ │ sets ipv6.method to │
1211 │ │ │ manual. It can be │
1212 │ │ │ specified multiple │
1213 │ │ │ times. │
1214 ├──────┼────────────────┼─────────────────────┤
1215 │gw6 │ ipv6.gateway │ │
1216 └──────┴────────────────┴─────────────────────┘
1217 Table 27. Proxy options
1219 ┌─────────────┬────────────────────┬─────────────────────┐
1220 │Alias │ Property │ Note │
1221 ├─────────────┼────────────────────┼─────────────────────┤
1222 │method │ proxy.method │ │
1223 ├─────────────┼────────────────────┼─────────────────────┤
1224 │browser-only │ proxy.browser-only │ │
1225 ├─────────────┼────────────────────┼─────────────────────┤
1226 │pac-url │ proxy.pac-url │ │
1227 ├─────────────┼────────────────────┼─────────────────────┤
1228 │pac-script │ proxy.pac-script │ Read the JavaScript │
1229 │ │ │ PAC (proxy │
1230 │ │ │ auto-config) script │
1231 │ │ │ from file or pass │
1232 │ │ │ it directly on the │
1233 │ │ │ command line. │
1234 │ │ │ Prefix the value │
1235 │ │ │ with "file://" or │
1236 │ │ │ "js://" to force │
1237 │ │ │ one or the other. │
1238 └─────────────┴────────────────────┴─────────────────────┘
1239
1241 Implicit coloring can be disabled by an empty file
1242 /etc/terminal-colors.d/nmcli.disable.
1243 See terminal-colors.d(5) for more details about colorization
1245 configuration. The logical color names supported by nmcli are:
1246 connection-activated
1248 A connection that is active.
1249 connection-activating
1251 Connection that is being activated.
1252 connection-disconnecting
1254 Connection that is being disconnected.
1255 connection-invisible
1257 Connection whose details is the user not permitted to see.
1258 connectivity-full
1260 Conectivity state when Internet is reachable.
1261 connectivity-limited
1263 Conectivity state when only a local network reachable.
1264 connectivity-none
1266 Conectivity state when the network is disconnected.
1267 connectivity-portal
1269 Conectivity state when a captive portal hijacked the connection.
1270 connectivity-unknown
1272 Conectivity state when a connectivity check didn't run.
1273 device-activated
1275 Device that is connected.
1276 device-activating
1278 Device that is being configured.
1279 device-disconnected
1281 Device that is not connected.
1282 device-firmware-missing
1284 Warning of a missing device firmware.
1285 device-plugin-missing
1287 Warning of a missing device plugin.
1288 device-unavailable
1290 Device that is not available for activation.
1291 manager-running
1293 Notice that the NetworkManager daemon is available.
1294 manager-starting
1296 Notice that the NetworkManager daemon is being initially connected.
1297 manager-stopped
1299 Notice that the NetworkManager daemon is not available.
1300 permission-auth
1302 An action that requires user authentication to get permission.
1303 permission-no
1305 An action that is not permitted.
1306 permission-yes
1308 An action that is permitted.
1309 prompt
1311 Prompt in interactive mode.
1312 state-asleep
1314 Indication that NetworkManager in suspended state.
1315 state-connected-global
1317 Indication that NetworkManager in connected to Internet.
1318 state-connected-local
1320 Indication that NetworkManager in local network.
1321 state-connected-site
1323 Indication that NetworkManager in connected to networks other than
1324 Internet.
1325 state-connecting
1327 Indication that NetworkManager is establishing a network
1328 connection.
1329 state-disconnected
1331 Indication that NetworkManager is disconnected from a network.
1332 state-disconnecting
1334 Indication that NetworkManager is being disconnected from a
1335 network.
1336 wifi-signal-excellent
1338 Wi-Fi network with an excellent signal level.
1339 wifi-signal-fair
1341 Wi-Fi network with a fair signal level.
1342 wifi-signal-good
1344 Wi-Fi network with a good signal level.
1345 wifi-signal-poor
1347 Wi-Fi network with a poor signal level.
1348 wifi-signal-unknown
1350 Wi-Fi network that hasn't been actually seen (a hidden AP).
1351 disabled
1353 A property that is turned off.
1354 enabled
1356 A property that is turned on.
1357
1359 nmcli's behavior is affected by the following environment variables.
1360 LC_ALL
1362 If set to a non-empty string value, it overrides the values of all
1363 the other internationalization variables.
1364 LC_MESSAGES
1366 Determines the locale to be used for internationalized messages.
1367 LANG
1369 Provides a default value for the internationalization variables
1370 that are unset or null.
1371
1373 Be aware that nmcli is localized and that is why the output depends on
1374 your environment. This is important to realize especially when you
1375 parse the output.
1376 Call nmcli as LC_ALL=C nmcli to be sure the locale is set to C while
1378 executing in a script.
1379 LC_ALL, LC_MESSAGES, LANG variables specify the LC_MESSAGES locale
1381 category (in that order), which determines the language that nmcli uses
1382 for messages. The C locale is used if none of these variables are set,
1383 and this locale uses English messages.
1384
1386 nmcli exits with status 0 if it succeeds, a value greater than 0 is
1387 returned if an error occurs.
1388 0
1390 Success – indicates the operation succeeded.
1391 1
1393 Unknown or unspecified error.
1394 2
1396 Invalid user input, wrong nmcli invocation.
1397 3
1399 Timeout expired (see --wait option).
1400 4
1402 Connection activation failed.
1403 5
1405 Connection deactivation failed.
1406 6
1408 Disconnecting device failed.
1409 7
1411 Connection deletion failed.
1412 8
1414 NetworkManager is not running.
1415 10
1417 Connection, device, or access point does not exist.
1418 65
1420 When used with --complete-args option, a file name is expected to
1421 follow.
1422
1424 This section presents various examples of nmcli usage. If you want even
1425 more, please refer to nmcli-examples(7) manual page.
1426 nmcli -t -f RUNNING general
1428 tells you whether NetworkManager is running or not.
1429 nmcli -t -f STATE general
1431 shows the overall status of NetworkManager.
1432 nmcli radio wifi off
1434 switches Wi-Fi off.
1435 nmcli connection show
1437 lists all connections NetworkManager has.
1438 nmcli -p -m multiline -f all con show
1440 shows all configured connections in multi-line mode.
1441 nmcli connection show --active
1443 lists all currently active connections.
1444 nmcli -f name,autoconnect c s
1446 shows all connection profile names and their auto-connect property.
1447 nmcli -p connection show "My default em1"
1449 shows details for "My default em1" connection profile.
1450 nmcli --show-secrets connection show "My Home Wi-Fi"
1452 shows details for "My Home Wi-Fi" connection profile with all
1453 passwords. Without --show-secrets option, secrets would not be
1454 displayed.
1455 nmcli -f active connection show "My default em1"
1457 shows details for "My default em1" active connection, like IP, DHCP
1458 information, etc.
1459 nmcli -f profile con s "My wired connection"
1461 shows static configuration details of the connection profile with
1462 "My wired connection" name.
1463 nmcli -p con up "My wired connection" ifname eth0
1465 activates the connection profile with name "My wired connection" on
1466 interface eth0. The -p option makes nmcli show progress of the
1467 activation.
1468 nmcli con up 6b028a27-6dc9-4411-9886-e9ad1dd43761 ap 00:3A:98:7C:42:D3
1470 connects the Wi-Fi connection with UUID
1471 6b028a27-6dc9-4411-9886-e9ad1dd43761 to the AP with BSSID
1472 00:3A:98:7C:42:D3.
1473 nmcli device status
1475 shows the status for all devices.
1476 nmcli dev disconnect em2
1478 disconnects a connection on interface em2 and marks the device as
1479 unavailable for auto-connecting. As a result, no connection will
1480 automatically be activated on the device until the device's
1481 'autoconnect' is set to TRUE or the user manually activates a
1482 connection.
1483 nmcli -f GENERAL,WIFI-PROPERTIES dev show wlan0
1485 shows details for wlan0 interface; only GENERAL and WIFI-PROPERTIES
1486 sections will be shown.
1487 nmcli -f CONNECTIONS device show wlp3s0
1489 shows all available connection profiles for your Wi-Fi interface
1490 wlp3s0.
1491 nmcli dev wifi
1493 lists available Wi-Fi access points known to NetworkManager.
1494 nmcli dev wifi con "Cafe Hotspot 1" password caffeine name "My cafe"
1496 creates a new connection named "My cafe" and then connects it to
1497 "Cafe Hotspot 1" SSID using password "caffeine". This is mainly
1498 useful when connecting to "Cafe Hotspot 1" for the first time. Next
1499 time, it is better to use nmcli con up id "My cafe" so that the
1500 existing connection profile can be used and no additional is
1501 created.
1502 nmcli -s dev wifi hotspot con-name QuickHotspot
1504 creates a hotspot profile and connects it. Prints the hotspot
1505 password the user should use to connect to the hotspot from other
1506 devices.
1507 nmcli dev modify em1 ipv4.method shared
1509 starts IPv4 connection sharing using em1 device. The sharing will
1510 be active until the device is disconnected.
1511 nmcli dev modify em1 ipv6.address 2001:db8::a:bad:c0de
1513 temporarily adds an IP address to a device. The address will be
1514 removed when the same connection is activated again.
1515 nmcli connection add type ethernet autoconnect no ifname eth0
1517 non-interactively adds an Ethernet connection tied to eth0
1518 interface with automatic IP configuration (DHCP), and disables the
1519 connection's autoconnect flag.
1520 nmcli c a ifname Maxipes-fik type vlan dev eth0 id 55
1522 non-interactively adds a VLAN connection with ID 55. The connection
1523 will use eth0 and the VLAN interface will be named Maxipes-fik.
1524 nmcli c a ifname eth0 type ethernet ipv4.method disabled ipv6.method
1526 link-local
1527 non-interactively adds a connection that will use eth0 Ethernet
1528 interface and only have an IPv6 link-local address configured.
1529 nmcli connection edit ethernet-em1-2
1531 edits existing "ethernet-em1-2" connection in the interactive
1532 editor.
1533 nmcli connection edit type ethernet con-name "yet another Ethernet
1535 connection"
1536 adds a new Ethernet connection in the interactive editor.
1537 nmcli con mod ethernet-2 connection.autoconnect no
1539 modifies 'autoconnect' property in the 'connection' setting of
1540 'ethernet-2' connection.
1541 nmcli con mod "Home Wi-Fi" wifi.mtu 1350
1543 modifies 'mtu' property in the 'wifi' setting of 'Home Wi-Fi'
1544 connection.
1545 nmcli con mod em1-1 ipv4.method manual ipv4.addr "192.168.1.23/24
1547 192.168.1.1, 10.10.1.5/8, 10.0.0.11"
1548 sets manual addressing and the addresses in em1-1 profile.
1549 nmcli con modify ABC +ipv4.dns 8.8.8.8
1551 appends a Google public DNS server to DNS servers in ABC profile.
1552 nmcli con modify ABC -ipv4.addresses "192.168.100.25/24 192.168.1.1"
1554 removes the specified IP address from (static) profile ABC.
1555 nmcli con import type openvpn file ~/Downloads/frootvpn.ovpn
1557 imports an OpenVPN configuration to NetworkManager.
1558 nmcli con export corp-vpnc /home/joe/corpvpn.conf
1560 exports NetworkManager VPN profile corp-vpnc as standard Cisco
1561 (vpnc) configuration.
1562
1564 nmcli accepts abbreviations, as long as they are a unique prefix in the
1565 set of possible options. As new options get added, these abbreviations
1566 are not guaranteed to stay unique. For scripting and long term
1567 compatibility it is therefore strongly advised to spell out the full
1568 option names.
1569
1571 There are probably some bugs. If you find a bug, please report it to
1572 your distribution or upstream at
1573 https://gitlab.freedesktop.org/NetworkManager/NetworkManager.
1574
1576 nmcli-examples(7), nm-online(1), NetworkManager(8),
1577 NetworkManager.conf(5), nm-settings(5), nm-applet(1), nm-connection-
1578 editor(1), terminal-colors.d(5).
1579NetworkManager 1.20.8 NMCLI(1)