1NMCLI(1) General Commands Manual NMCLI(1)
2
6 nmcli - command-line tool for controlling NetworkManager
7
9 nmcli [OPTIONS...] {help | general | networking | radio | connection |
10 device | agent | monitor} [COMMAND] [ARGUMENTS...]
11
13 nmcli is a command-line tool for controlling NetworkManager and
14 reporting network status. It can be utilized as a replacement for
15 nm-applet or other graphical clients. nmcli is used to create,
16 display, edit, delete, activate, and deactivate network connections, as
17 well as control and display network device status. See nmcli-
18 examples(7) for ready to run nmcli examples.
19 Typical uses include:
21 · Scripts: Utilize NetworkManager via nmcli instead of managing
23 network connections manually. nmcli supports a terse output format
24 which is better suited for script processing. Note that
25 NetworkManager can also execute scripts, called "dispatcher
26 scripts", in response to network events. See NetworkManager(8) for
27 details about these dispatcher scripts.
28 · Servers, headless machines, and terminals: nmcli can be used to
30 control NetworkManager without a GUI, including creating, editing,
31 starting and stopping network connections and viewing network
32 status.
33
35 -a | --ask
36 When using this option nmcli will stop and ask for any missing
37 required arguments, so do not use this option for non-interactive
38 purposes like scripts. This option controls, for example, whether
39 you will be prompted for a password if it is required for
40 connecting to a network.
41 -c | --colors {yes | no | auto}
43 This option controls color output (using terminal escape
44 sequences). yes enables colors, no disables them, auto only
45 produces colors when standard output is directed to a terminal. The
46 default value is auto.
47 The actual colors used are configured as described in terminal-
49 colors.d(5). Please refer to the COLORS section for a list of color
50 names supported by nmcli.
51 If the environment variable NO_COLOR is set (to any value), then
53 coloring is disabled with mode "auto". Explicitly enabling coloring
54 overrides the environment variable.
55 --complete-args
57 Instead of conducting the desired action, nmcli will list possible
58 completions for the last argument. This is useful to implement
59 argument completion in shell.
60 The exit status will indicate success or return a code 65 to
62 indicate the last argument is a file name.
63 NetworkManager ships with command completion support for GNU Bash.
65 -e | --escape {yes | no}
67 Whether to escape : and \ characters in terse tabular mode. The
68 escape character is \.
69 If omitted, default is yes.
71 -f | --fields {field1,field2... | all | common}
73 This option is used to specify what fields (column names) should be
74 printed. Valid field names differ for specific commands. List
75 available fields by providing an invalid value to the --fields
76 option. all is used to print all valid field values of the
77 command. common is used to print common field values of the
78 command.
79 If omitted, default is common.
81 -g | --get-values {field1,field2... | all | common}
83 This option is used to print values from specific fields. It is
84 basically a shortcut for --mode tabular --terse --fields and is a
85 convenient way to retrieve values for particular fields. The values
86 are printed one per line without headers.
87 If a section is specified instead of a field, the section name will
89 be printed followed by colon separated values of the fields
90 belonging to that section, all on the same line.
91 -h | --help
93 Print help information.
94 -m | --mode {tabular | multiline}
96 Switch between tabular and multiline output:
97 tabular
99 Output is a table where each line describes a single entry.
100 Columns define particular properties of the entry.
101 multiline
103 Each entry comprises multiple lines, each property on its own
104 line. The values are prefixed with the property name.
105 If omitted, default is tabular for most commands. For the commands
107 producing more structured information, that cannot be displayed on
108 a single line, default is multiline. Currently, they are:
109 · nmcli connection show ID
111 · nmcli device show
113 -p | --pretty
115 Output is pretty. This causes nmcli to produce easily readable
116 outputs for humans, i.e. values are aligned, headers are printed,
117 etc.
118 -s | --show-secrets
120 When using this option nmcli will display passwords and secrets
121 that might be present in an output of an operation. This option
122 also influences echoing passwords typed by user as an input.
123 -t | --terse
125 Output is terse. This mode is designed and suitable for computer
126 (script) processing.
127 -v | --version
129 Show nmcli version.
130 -w | --wait seconds
132 This option sets a timeout period for which nmcli will wait for
133 NetworkManager to finish operations. It is especially useful for
134 commands that may take a longer time to complete, e.g. connection
135 activation.
136 Specifying a value of 0 instructs nmcli not to wait but to exit
138 immediately with a status of success. The default value depends on
139 the executed command.
140
142 nmcli general {status | hostname | permissions | logging}
143 [ARGUMENTS...]
144 Use this command to show NetworkManager status and permissions. You can
146 also get and change system hostname, as well as NetworkManager logging
147 level and domains.
148 status
150 Show overall status of NetworkManager. This is the default action,
151 when no additional command is provided for nmcli general.
152 hostname [hostname]
154 Get and change system hostname. With no arguments, this prints
155 currently configured hostname. When you pass a hostname, it will be
156 handed over to NetworkManager to be set as a new system hostname.
157 Note that the term "system" hostname may also be referred to as
159 "persistent" or "static" by other programs or tools. The hostname
160 is stored in /etc/hostname file in most distributions. For example,
161 systemd-hostnamed service uses the term "static" hostname and it
162 only reads the /etc/hostname file when it starts.
163 permissions
165 Show the permissions a caller has for various authenticated
166 operations that NetworkManager provides, like enable and disable
167 networking, changing Wi-Fi and WWAN state, modifying connections,
168 etc.
169 logging [level level] [domains domains...]
171 Get and change NetworkManager logging level and domains. Without
172 any argument current logging level and domains are shown. In order
173 to change logging state, provide level and, or, domain parameters.
174 See NetworkManager.conf(5) for available level and domain values.
175
177 nmcli networking {on | off | connectivity} [ARGUMENTS...]
178 Query NetworkManager networking status, enable and disable networking.
180 on, off
182 Enable or disable networking control by NetworkManager. All
183 interfaces managed by NetworkManager are deactivated when
184 networking is disabled.
185 connectivity [check]
187 Get network connectivity state. The optional check argument tells
188 NetworkManager to re-check the connectivity, else the most recent
189 known connectivity state is displayed without re-checking.
190 Possible states are:
192 none
194 the host is not connected to any network.
195 portal
197 the host is behind a captive portal and cannot reach the full
198 Internet.
199 limited
201 the host is connected to a network, but it has no access to the
202 Internet.
203 full
205 the host is connected to a network and has full access to the
206 Internet.
207 unknown
209 the connectivity status cannot be found out.
210
212 nmcli radio {all | wifi | wwan} [ARGUMENTS...]
213 Show radio switches status, or enable and disable the switches.
215 wifi [on | off]
217 Show or set status of Wi-Fi in NetworkManager. If no arguments are
218 supplied, Wi-Fi status is printed; on enables Wi-Fi; off disables
219 Wi-Fi.
220 wwan [on | off]
222 Show or set status of WWAN (mobile broadband) in NetworkManager. If
223 no arguments are supplied, mobile broadband status is printed; on
224 enables mobile broadband, off disables it.
225 all [on | off]
227 Show or set all previously mentioned radio switches at the same
228 time.
229
231 nmcli monitor
232 Observe NetworkManager activity. Watches for changes in connectivity
234 state, devices or connection profiles.
235 See also nmcli connection monitor and nmcli device monitor to watch for
237 changes in certain devices or connections.
238
240 nmcli connection {show | up | down | modify | add | edit | clone |
241 delete | monitor | reload | load | import | export}
242 [ARGUMENTS...]
243 NetworkManager stores all network configuration as "connections", which
245 are collections of data (Layer2 details, IP addressing, etc.) that
246 describe how to create or connect to a network. A connection is
247 "active" when a device uses that connection's configuration to create
248 or connect to a network. There may be multiple connections that apply
249 to a device, but only one of them can be active on that device at any
250 given time. The additional connections can be used to allow quick
251 switching between different networks and configurations.
252 Consider a machine which is usually connected to a DHCP-enabled
254 network, but sometimes connected to a testing network which uses static
255 IP addressing. Instead of manually reconfiguring eth0 each time the
256 network is changed, the settings can be saved as two connections which
257 both apply to eth0, one for DHCP (called default) and one with the
258 static addressing details (called testing). When connected to the
259 DHCP-enabled network the user would run nmcli con up default , and when
260 connected to the static network the user would run nmcli con up
261 testing.
262 show [--active] [--order [+-]category:...]
264 List in-memory and on-disk connection profiles, some of which may
265 also be active if a device is using that connection profile.
266 Without a parameter, all profiles are listed. When --active option
267 is specified, only the active profiles are shown.
268 The --order option can be used to get custom ordering of
270 connections. The connections can be ordered by active status
271 (active), name (name), type (type) or D-Bus path (path). If
272 connections are equal according to a sort order category, an
273 additional category can be specified. The default sorting order is
274 equivalent to --order active:name:path. + or no prefix means
275 sorting in ascending order (alphabetically or in numbers), - means
276 reverse (descending) order. The category names can be abbreviated
277 (e.g. --order -a:na).
278 show [--active] [id | uuid | path | apath] ID...
280 Show details for specified connections. By default, both static
281 configuration and active connection data are displayed. When
282 --active option is specified, only the active profiles are taken
283 into account. Use global --show-secrets option to display secrets
284 associated with the profile.
285 id, uuid, path and apath keywords can be used if ID is ambiguous.
287 Optional ID-specifying keywords are:
288 id
290 the ID denotes a connection name.
291 uuid
293 the ID denotes a connection UUID.
294 path
296 the ID denotes a D-Bus static connection path in the format of
297 /org/freedesktop/NetworkManager/Settings/num or just num.
298 apath
300 the ID denotes a D-Bus active connection path in the format of
301 /org/freedesktop/NetworkManager/ActiveConnection/num or just
302 num.
303 It is possible to filter the output using the global --fields
305 option. Use the following values:
306 profile
308 only shows static profile configuration.
309 active
311 only shows active connection data (when the profile is active).
312 You can also specify particular fields. For static configuration,
314 use setting and property names as described in nm-settings(5)
315 manual page. For active data use GENERAL, IP4, DHCP4, IP6, DHCP6,
316 VPN.
317 When no command is given to the nmcli connection, the default
319 action is nmcli connection show.
320 up [id | uuid | path] ID [ifname ifname] [ap BSSID] [passwd-file file]
322 Activate a connection. The connection is identified by its name,
323 UUID or D-Bus path. If ID is ambiguous, a keyword id, uuid or path
324 can be used. When requiring a particular device to activate the
325 connection on, the ifname option with interface name should be
326 given. If the ID is not given an ifname is required, and
327 NetworkManager will activate the best available connection for the
328 given ifname. In case of a VPN connection, the ifname option
329 specifies the device of the base connection. The ap option specify
330 what particular AP should be used in case of a Wi-Fi connection.
331 If --wait option is not specified, the default timeout will be 90
333 seconds.
334 See connection show above for the description of the ID-specifying
336 keywords.
337 Available options are:
339 ifname
341 interface that will be used for activation.
342 ap
344 BSSID of the AP which the command should connect to (for Wi-Fi
345 connections).
346 passwd-file
348 some networks may require credentials during activation. You
349 can give these credentials using this option. Each line of the
350 file should contain one password in the form:
351 setting_name.property_name:the password
353 For example, for WPA Wi-Fi with PSK, the line would be
355 802-11-wireless-security.psk:secret12345
357 For 802.1X password, the line would be
359 802-1x.password:my 1X password
361 nmcli also accepts wifi-sec and wifi strings instead of
364 802-11-wireless-security. When NetworkManager requires a
365 password and it is not given, nmcli will ask for it when run
366 with --ask. If --ask was not passed, NetworkManager can ask
367 another secret agent that may be running (typically a GUI
368 secret agent, such as nm-applet or gnome-shell).
369 down [id | uuid | path | apath] ID...
371 Deactivate a connection from a device without preventing the device
372 from further auto-activation. Multiple connections can be passed to
373 the command.
374 Be aware that this command deactivates the specified active
376 connection, but the device on which the connection was active, is
377 still ready to connect and will perform auto-activation by looking
378 for a suitable connection that has the 'autoconnect' flag set. Note
379 that the deactivating connection profile is internally blocked from
380 autoconnecting again. Hence it will not autoconnect until reboot or
381 until the user performs an action that unblocks autoconnect, like
382 modifying the profile or explicitly activating it.
383 In most cases you may want to use device disconnect command
385 instead.
386 The connection is identified by its name, UUID or D-Bus path. If ID
388 is ambiguous, a keyword id, uuid, path or apath can be used.
389 See connection show above for the description of the ID-specifying
391 keywords.
392 If --wait option is not specified, the default timeout will be 10
394 seconds.
395 modify [--temporary] [id | uuid | path] ID
397 {option value | [+|-]setting.property value}...
398 Add, modify or remove properties in the connection profile.
399 To set the property just specify the property name followed by the
401 value. An empty value ("") resets the property value to the
402 default.
403 In addition to the properties, you can also use short names for
405 some of the properties. Consult the PROPERTY ALIASES section for
406 details.
407 If you want to append an item or a flag to the existing value, use
409 + prefix for the property name or alias. If you want to remove
410 items from a container-type or flag property, use - prefix. For
411 certain properties you can also remove elements by specifying the
412 zero-based index(es). The + and - modifiers only have a real effect
413 for properties that support them. These are for example multi-value
414 (container) properties or flags like ipv4.dns, ip4, ipv4.addresses,
415 bond.options, 802-1x.phase1-auth-flags etc.
416 See nm-settings(5) for complete reference of setting and property
418 names, their descriptions and default values. The setting and
419 property can be abbreviated provided they are unique.
420 The connection is identified by its name, UUID or D-Bus path. If ID
422 is ambiguous, a keyword id, uuid or path can be used.
423 add [save {yes | no}] {option value | [+|-]setting.property value}...
425 Create a new connection using specified properties.
426 You need to describe the newly created connections with the
428 property and value pairs. See nm-settings(5) for the complete
429 reference. You can also use the aliases described in PROPERTY
430 ALIASES section. The syntax is the same as of the nmcli connection
431 modify command.
432 To construct a meaningful connection you at the very least need to
434 set the connection.type property (or use the type alias) to one of
435 known NetworkManager connection types:
436 · ethernet
438 · wifi
440 · wimax
442 · pppoe
444 · gsm
446 · cdma
448 · infiniband
450 · bluetooth
452 · vlan
454 · bond
456 · bond-slave
458 · team
460 · team-slave
462 · bridge
464 · bridge-slave
466 · vpn
468 · olpc-mesh
470 · adsl
472 · tun
474 · ip-tunnel
476 · macvlan
478 · vxlan
480 · dummy
482 The most typical uses are described in the EXAMPLES section.
484 Aside from the properties and values two special options are
486 accepted:
487 save
489 Controls whether the connection should be persistent, i.e.
490 NetworkManager should store it on disk (default: yes).
491 --
493 If a single -- argument is encountered it is ignored. This is
494 for compatibility with older versions on nmcli.
495 edit {[id | uuid | path] ID | [type type] [con-name name] }
497 Edit an existing connection or add a new one, using an interactive
498 editor.
499 The existing connection is identified by its name, UUID or D-Bus
501 path. If ID is ambiguous, a keyword id, uuid, or path can be used.
502 See connection show above for the description of the ID-specifying
503 keywords. Not providing an ID means that a new connection will be
504 added.
505 The interactive editor will guide you through the connection
507 editing and allow you to change connection parameters according to
508 your needs by means of a simple menu-driven interface. The editor
509 indicates what settings and properties can be modified and provides
510 in-line help.
511 Available options:
513 type
515 type of the new connection; valid types are the same as for
516 connection add command.
517 con-name
519 name for the new connection. It can be changed later in the
520 editor.
521 See also nm-settings(5) for all NetworkManager settings and
523 property names, and their descriptions; and nmcli-examples(7) for
524 sample editor sessions.
525 clone [--temporary] [id | uuid | path] ID new_name
527 Clone a connection. The connection to be cloned is identified by
528 its name, UUID or D-Bus path. If ID is ambiguous, a keyword id,
529 uuid or path can be used. See connection show above for the
530 description of the ID-specifying keywords. new_name is the name of
531 the new cloned connection. The new connection will be the exact
532 copy except the connection.id (new_name) and connection.uuid
533 (generated) properties.
534 The new connection profile will be saved as persistent unless
536 --temporary option is specified, in which case the new profile
537 won't exist after NetworkManager restart.
538 delete [id | uuid | path] ID...
540 Delete a configured connection. The connection to be deleted is
541 identified by its name, UUID or D-Bus path. If ID is ambiguous, a
542 keyword id, uuid or path can be used. See connection show above for
543 the description of the ID-specifying keywords.
544 If --wait option is not specified, the default timeout will be 10
546 seconds.
547 monitor [id | uuid | path] ID...
549 Monitor connection profile activity. This command prints a line
550 whenever the specified connection changes. The connection to be
551 monitored is identified by its name, UUID or D-Bus path. If ID is
552 ambiguous, a keyword id, uuid or path can be used. See connection
553 show above for the description of the ID-specifying keywords.
554 Monitors all connection profiles in case none is specified. The
556 command terminates when all monitored connections disappear. If you
557 want to monitor connection creation consider using the global
558 monitor with nmcli monitor command.
559 reload
561 Reload all connection files from disk. NetworkManager does not
562 monitor changes to connection files by default. So you need to use
563 this command in order to tell NetworkManager to re-read the
564 connection profiles from disk when a change was made to them.
565 However, the auto-loading feature can be enabled and then
566 NetworkManager will reload connection files any time they change
567 (monitor-connection-files=true in NetworkManager.conf(5)).
568 load filename...
570 Load/reload one or more connection files from disk. Use this after
571 manually editing a connection file to ensure that NetworkManager is
572 aware of its latest state.
573 import [--temporary] type type file file
575 Import an external/foreign configuration as a NetworkManager
576 connection profile. The type of the input file is specified by type
577 option.
578 Only VPN configurations are supported at the moment. The
580 configuration is imported by NetworkManager VPN plugins. type
581 values are the same as for vpn-type option in nmcli connection add.
582 VPN configurations are imported by VPN plugins. Therefore the
583 proper VPN plugin has to be installed so that nmcli could import
584 the data.
585 The imported connection profile will be saved as persistent unless
587 --temporary option is specified, in which case the new profile
588 won't exist after NetworkManager restart.
589 export [id | uuid | path] ID [file]
591 Export a connection.
592 Only VPN connections are supported at the moment. A proper VPN
594 plugin has to be installed so that nmcli could export a connection.
595 If no file is provided, the VPN configuration data will be printed
596 to standard output.
597
599 nmcli device {status | show | set | connect | reapply | modify |
600 disconnect | delete | monitor | wifi | lldp}
601 [ARGUMENTS...]
602 Show and manage network interfaces.
604 status
606 Print status of devices.
607 This is the default action if no command is specified to nmcli
609 device.
610 show [ifname]
612 Show detailed information about devices. Without an argument, all
613 devices are examined. To get information for a specific device, the
614 interface name has to be provided.
615 set [ifname] ifname [autoconnect {yes | no}] [managed {yes | no}]
617 Set device properties.
618 connect ifname
620 Connect the device. NetworkManager will try to find a suitable
621 connection that will be activated. It will also consider
622 connections that are not set to auto connect.
623 If no compatible connection exists, a new profile with default
625 settings will be created and activated. This differentiates nmcli
626 connection up ifname "$DEVICE" from nmcli device connect "$DEVICE"
627 If --wait option is not specified, the default timeout will be 90
629 seconds.
630 reapply ifname
632 Attempt to update device with changes to the currently active
633 connection made since it was last applied.
634 modify ifname {option value | [+|-]setting.property value}...
636 Modify the settings currently active on the device.
637 This command lets you do temporary changes to a configuration
639 active on a particular device. The changes are not preserved in the
640 connection profile.
641 See nm-settings(5) for the list of available properties. Please
643 note that some properties can't be changed on an already connected
644 device.
645 You can also use the aliases described in PROPERTY ALIASES section.
647 The syntax is the same as of the nmcli connection modify command.
648 disconnect ifname...
650 Disconnect a device and prevent the device from automatically
651 activating further connections without user/manual intervention.
652 Note that disconnecting software devices may mean that the devices
653 will disappear.
654 If --wait option is not specified, the default timeout will be 10
656 seconds.
657 delete ifname...
659 Delete a device. The command removes the interface from the system.
660 Note that this only works for software devices like bonds, bridges,
661 teams, etc. Hardware devices (like Ethernet) cannot be deleted by
662 the command.
663 If --wait option is not specified, the default timeout will be 10
665 seconds.
666 monitor [ifname...]
668 Monitor device activity. This command prints a line whenever the
669 specified devices change state.
670 Monitors all devices in case no interface is specified. The monitor
672 terminates when all specified devices disappear. If you want to
673 monitor device addition consider using the global monitor with
674 nmcli monitor command.
675 wifi [list [--rescan | auto | no | yes] [ifname ifname] [bssid BSSID]]
677 List available Wi-Fi access points. The ifname and bssid options
678 can be used to list APs for a particular interface or with a
679 specific BSSID, respectively.
680 By default, nmcli ensures that the access point list is no older
682 than 30 seconds and triggers a network scan if necessary. The
683 --rescan can be used to either force or disable the scan regardless
684 of how fresh the access point list is.
685 wifi connect (B)SSID [password password] [wep-key-type {key | phrase}]
687 [ifname ifname] [bssid BSSID] [name name] [private {yes | no}]
688 [hidden {yes | no}]
689 Connect to a Wi-Fi network specified by SSID or BSSID. The command
690 finds a matching connection or creates one and then activates it on
691 a device. This is a command-line counterpart of clicking an SSID in
692 a GUI client. If a connection for the network already exists, it is
693 possible to bring up (activate) the existing profile as follows:
694 nmcli con up id name. Note that only open, WEP and WPA-PSK networks
695 are supported if no previous connection exists. It is also assumed
696 that IP configuration is obtained via DHCP.
697 If --wait option is not specified, the default timeout will be 90
699 seconds.
700 Available options are:
702 password
704 password for secured networks (WEP or WPA).
705 wep-key-type
707 type of WEP secret, either key for ASCII/HEX key or phrase for
708 passphrase.
709 ifname
711 interface that will be used for activation.
712 bssid
714 if specified, the created connection will be restricted just
715 for the BSSID.
716 name
718 if specified, the connection will use the name (else NM creates
719 a name itself).
720 private
722 if set to yes, the connection will only be visible to the user
723 who created it. Otherwise the connection is system-wide, which
724 is the default.
725 hidden
727 set to yes when connecting for the first time to an AP not
728 broadcasting its SSID. Otherwise the SSID would not be found
729 and the connection attempt would fail.
730 wifi hotspot [ifname ifname] [con-name name] [ssid SSID]
732 [band {a | bg}] [channel channel] [password password]
733 Create a Wi-Fi hotspot. The command creates a hotspot connection
734 profile according to Wi-Fi device capabilities and activates it on
735 the device. The hotspot is secured with WPA if device/driver
736 supports that, otherwise WEP is used. Use connection down or device
737 disconnect to stop the hotspot.
738 Parameters of the hotspot can be influenced by the optional
740 parameters:
741 ifname
743 what Wi-Fi device is used.
744 con-name
746 name of the created hotspot connection profile.
747 ssid
749 SSID of the hotspot.
750 band
752 Wi-Fi band to use.
753 channel
755 Wi-Fi channel to use.
756 password
758 password to use for the created hotspot. If not provided, nmcli
759 will generate a password. The password is either WPA pre-shared
760 key or WEP key.
761 Note that --show-secrets global option can be used to print the
763 hotspot password. It is useful especially when the password was
764 generated.
765 wifi rescan [ifname ifname] [ssid SSID...]
767 Request that NetworkManager immediately re-scan for available
768 access points. NetworkManager scans Wi-Fi networks periodically,
769 but in some cases it can be useful to start scanning manually (e.g.
770 after resuming the computer). By using ssid, it is possible to scan
771 for a specific SSID, which is useful for APs with hidden SSIDs. You
772 can provide multiple ssid parameters in order to scan more SSIDs.
773 This command does not show the APs, use nmcli device wifi list for
775 that.
776 wifi show-password [ifname ifname]
778 Show the details of the active Wi-Fi networks, including the
779 secrets.
780 lldp [list [ifname ifname]]
782 Display information about neighboring devices learned through the
783 Link Layer Discovery Protocol (LLDP). The ifname option can be used
784 to list neighbors only for a given interface. The protocol must be
785 enabled in the connection settings.
786
788 nmcli agent {secret | polkit | all}
789 Run nmcli as a NetworkManager secret agent, or polkit agent.
791 secret
793 Register nmcli as a NetworkManager secret agent and listen for
794 secret requests. You do usually not need this command, because
795 nmcli can handle secrets when connecting to networks. However, you
796 may find the command useful when you use another tool for
797 activating connections and you do not have a secret agent available
798 (like nm-applet).
799 polkit
801 Register nmcli as a polkit agent for the user session and listen
802 for authorization requests. You do not usually need this command,
803 because nmcli can handle polkit actions related to NetworkManager
804 operations (when run with --ask). However, you may find the command
805 useful when you want to run a simple text based polkit agent and
806 you do not have an agent of a desktop environment. Note that
807 running this command makes nmcli handle all polkit requests, not
808 only NetworkManager related ones, because only one polkit agent can
809 run for the session.
810 all
812 Runs nmcli as both NetworkManager secret and a polkit agent.
813
815 Apart from the property-value pairs, connection add, connection modify
816 and device modify also accept short forms of some properties. They
817 exist for convenience. Some aliases can affect multiple connection
818 properties at once.
819 The overview of the aliases is below. An actual connection type is used
821 to disambiguate these options from the options of the same name that
822 are valid for multiple connection types (such as mtu).
823 Table 1. Options for all connections
825 ┌────────────┬───────────────────────────┬─────────────────────────────┐
826 │Alias │ Property │ Note │
827 ├────────────┼───────────────────────────┼─────────────────────────────┤
828 │type │ connection.type │ This alias also │
829 │ │ │ accepts values of │
830 │ │ │ bond-slave, │
831 │ │ │ team-slave and │
832 │ │ │ bridge-slave. They │
833 │ │ │ create ethernet │
834 │ │ │ connection │
835 │ │ │ profiles. Their use │
836 │ │ │ is discouraged in │
837 │ │ │ favor of using a │
838 │ │ │ specific type with │
839 │ │ │ master option. │
840 ├────────────┼───────────────────────────┼─────────────────────────────┤
841 │con-name │ connection.id │ When not provided a │
842 │ │ │ default name is │
843 │ │ │ generated: │
844 │ │ │ <type>[-<ifname>][-<num>]). │
845 ├────────────┼───────────────────────────┼─────────────────────────────┤
846 │autoconnect │ connection.autoconnect │ │
847 ├────────────┼───────────────────────────┼─────────────────────────────┤
848 │ifname │ connection.interface-name │ A value of * will be │
849 │ │ │ interpreted as no value, │
850 │ │ │ making the connection │
851 │ │ │ profile │
852 │ │ │ interface-independent. │
853 │ │ │ Note: use quotes around * │
854 │ │ │ to suppress shell │
855 │ │ │ expansion. For bond, team │
856 │ │ │ and bridge connections a │
857 │ │ │ default name will be │
858 │ │ │ generated if not set. │
859 ├────────────┼───────────────────────────┼─────────────────────────────┤
860 │master │ connection.master │ Value specified here will │
861 │ │ │ be canonicalized. It can │
862 │ │ │ be prefixed with ifname/, │
863 │ │ │ uuid/ or id/ to │
864 │ │ │ disambiguate it. │
865 ├────────────┼───────────────────────────┼─────────────────────────────┤
866 │slave-type │ connection.slave-type │ │
867 └────────────┴───────────────────────────┴─────────────────────────────┘
868 Table 2. PPPoE options
870 ┌─────────┬────────────────┐
871 │Alias │ Property │
872 ├─────────┼────────────────┤
873 │username │ pppoe.username │
874 ├─────────┼────────────────┤
875 │password │ pppoe.password │
876 ├─────────┼────────────────┤
877 │service │ pppoe.service │
878 ├─────────┼────────────────┤
879 │parent │ pppoe.parent │
880 └─────────┴────────────────┘
881 Table 3. Wired Ethernet options
883 ┌───────────┬──────────────────────────┐
884 │Alias │ Property │
885 ├───────────┼──────────────────────────┤
886 │mtu │ wired.mtu │
887 ├───────────┼──────────────────────────┤
888 │mac │ wired.mac-address │
889 ├───────────┼──────────────────────────┤
890 │cloned-mac │ wired.cloned-mac-address │
891 └───────────┴──────────────────────────┘
892 Table 4. Infiniband options
894 ┌───────────────┬───────────────────────────┐
895 │Alias │ Property │
896 ├───────────────┼───────────────────────────┤
897 │mtu │ infiniband.mtu │
898 ├───────────────┼───────────────────────────┤
899 │mac │ infiniband.mac-address │
900 ├───────────────┼───────────────────────────┤
901 │transport-mode │ infiniband.transport-mode │
902 ├───────────────┼───────────────────────────┤
903 │parent │ infiniband.parent │
904 ├───────────────┼───────────────────────────┤
905 │p-key │ infiniband.p-key │
906 └───────────────┴───────────────────────────┘
907 Table 5. Wi-Fi options
909 ┌───────────┬─────────────────────────────┐
910 │Alias │ Property │
911 ├───────────┼─────────────────────────────┤
912 │ssid │ wireless.ssid │
913 ├───────────┼─────────────────────────────┤
914 │mode │ wireless.mode │
915 ├───────────┼─────────────────────────────┤
916 │mtu │ wireless.mtu │
917 ├───────────┼─────────────────────────────┤
918 │mac │ wireless.mac-address │
919 ├───────────┼─────────────────────────────┤
920 │cloned-mac │ wireless.cloned-mac-address │
921 └───────────┴─────────────────────────────┘
922 Table 6. WiMax options
924 ┌──────┬────────────────────┐
925 │Alias │ Property │
926 ├──────┼────────────────────┤
927 │nsp │ wimax.network-name │
928 ├──────┼────────────────────┤
929 │mac │ wimax.mac-address │
930 └──────┴────────────────────┘
931 Table 7. GSM options
933 ┌─────────┬──────────────┐
934 │Alias │ Property │
935 ├─────────┼──────────────┤
936 │apn │ gsm.apn │
937 ├─────────┼──────────────┤
938 │user │ gsm.username │
939 ├─────────┼──────────────┤
940 │password │ gsm.password │
941 └─────────┴──────────────┘
942 Table 8. CDMA options
944 ┌─────────┬───────────────┐
945 │Alias │ Property │
946 ├─────────┼───────────────┤
947 │user │ cdma.username │
948 ├─────────┼───────────────┤
949 │password │ cdma.password │
950 └─────────┴───────────────┘
951 Table 9. Bluetooth options
953 ┌────────┬──────────────────┬─────────────────────┐
954 │Alias │ Property │ Note │
955 ├────────┼──────────────────┼─────────────────────┤
956 │addr │ bluetooth.bdaddr │ │
957 ├────────┼──────────────────┼─────────────────────┤
958 │bt-type │ bluetooth.type │ Apart from the │
959 │ │ │ usual panu, nap and │
960 │ │ │ dun options, the │
961 │ │ │ values of dun-gsm │
962 │ │ │ and dun-cdma can be │
963 │ │ │ used for │
964 │ │ │ compatibility with │
965 │ │ │ older versions. │
966 │ │ │ They are equivalent │
967 │ │ │ to using dun and │
968 │ │ │ setting appropriate │
969 │ │ │ gsm.* or cdma.* │
970 │ │ │ properties. │
971 └────────┴──────────────────┴─────────────────────┘
972 Table 10. VLAN options
974 ┌────────┬───────────────────────────┐
975 │Alias │ Property │
976 ├────────┼───────────────────────────┤
977 │dev │ vlan.parent │
978 ├────────┼───────────────────────────┤
979 │id │ vlan.id │
980 ├────────┼───────────────────────────┤
981 │flags │ vlan.flags │
982 ├────────┼───────────────────────────┤
983 │ingress │ vlan.ingress-priority-map │
984 ├────────┼───────────────────────────┤
985 │egress │ vlan.egress-priority-map │
986 └────────┴───────────────────────────┘
987 Table 11. Bonding options
989 ┌──────────────┬──────────────┬───────────────────┐
990 │Alias │ Property │ Note │
991 ├──────────────┼──────────────┼───────────────────┤
992 │mode │ │ Setting each of │
993 ├──────────────┤ │ these adds the │
994 │primary │ │ option to │
995 ├──────────────┤ │ bond.options │
996 │miimon │ │ property. It's │
997 ├──────────────┤ │ equivalent to the │
998 │downdelay │ │ +bond.options │
999 ├──────────────┤ bond.options │ 'option=value' │
1000 │updelay │ │ syntax. │
1001 ├──────────────┤ │ │
1002 │arp-interval │ │ │
1003 ├──────────────┤ │ │
1004 │arp-ip-target │ │ │
1005 ├──────────────┤ │ │
1006 │lacp-rate │ │ │
1007 └──────────────┴──────────────┴───────────────────┘
1008 Table 12. Team options
1010 ┌───────┬─────────────┬────────────────────┐
1011 │Alias │ Property │ Note │
1012 ├───────┼─────────────┼────────────────────┤
1013 │config │ team.config │ Either a filename │
1014 │ │ │ or a team │
1015 │ │ │ configuration in │
1016 │ │ │ JSON format. To │
1017 │ │ │ enforce one or the │
1018 │ │ │ other, the value │
1019 │ │ │ can be prefixed │
1020 │ │ │ with "file://" or │
1021 │ │ │ "json://". │
1022 └───────┴─────────────┴────────────────────┘
1023 Table 13. Team port options
1025 ┌───────┬──────────────────┬────────────────────┐
1026 │Alias │ Property │ Note │
1027 ├───────┼──────────────────┼────────────────────┤
1028 │config │ team-port.config │ Either a filename │
1029 │ │ │ or a team │
1030 │ │ │ configuration in │
1031 │ │ │ JSON format. To │
1032 │ │ │ enforce one or the │
1033 │ │ │ other, the value │
1034 │ │ │ can be prefixed │
1035 │ │ │ with "file://" or │
1036 │ │ │ "json://". │
1037 └───────┴──────────────────┴────────────────────┘
1038 Table 14. Bridge options
1040 ┌───────────────────┬───────────────────────────┐
1041 │Alias │ Property │
1042 ├───────────────────┼───────────────────────────┤
1043 │stp │ bridge.stp │
1044 ├───────────────────┼───────────────────────────┤
1045 │priority │ bridge.priority │
1046 ├───────────────────┼───────────────────────────┤
1047 │forward-delay │ bridge.forward-delay │
1048 ├───────────────────┼───────────────────────────┤
1049 │hello-time │ bridge.hello-time │
1050 ├───────────────────┼───────────────────────────┤
1051 │max-age │ bridge.max-age │
1052 ├───────────────────┼───────────────────────────┤
1053 │ageing-time │ bridge.ageing-time │
1054 ├───────────────────┼───────────────────────────┤
1055 │group-forward-mask │ bridge.group-forward-mask │
1056 ├───────────────────┼───────────────────────────┤
1057 │multicast-snooping │ bridge.multicast-snooping │
1058 ├───────────────────┼───────────────────────────┤
1059 │mac │ bridge.mac-address │
1060 ├───────────────────┼───────────────────────────┤
1061 │priority │ bridge-port.priority │
1062 ├───────────────────┼───────────────────────────┤
1063 │path-cost │ bridge-port.path-cost │
1064 ├───────────────────┼───────────────────────────┤
1065 │hairpin │ bridge-port.hairpin-mode │
1066 └───────────────────┴───────────────────────────┘
1067 Table 15. VPN options
1069 ┌─────────┬──────────────────┐
1070 │Alias │ Property │
1071 ├─────────┼──────────────────┤
1072 │vpn-type │ vpn.service-type │
1073 ├─────────┼──────────────────┤
1074 │user │ vpn.user-name │
1075 └─────────┴──────────────────┘
1076 Table 16. OLPC Mesh options
1078 ┌─────────────┬────────────────────────────────┐
1079 │Alias │ Property │
1080 ├─────────────┼────────────────────────────────┤
1081 │ssid │ olpc-mesh.ssid │
1082 ├─────────────┼────────────────────────────────┤
1083 │channel │ olpc-mesh.channel │
1084 ├─────────────┼────────────────────────────────┤
1085 │dhcp-anycast │ olpc-mesh.dhcp-anycast-address │
1086 └─────────────┴────────────────────────────────┘
1087 Table 17. ADSL options
1089 ┌──────────────┬────────────────────┐
1090 │Alias │ Property │
1091 ├──────────────┼────────────────────┤
1092 │username │ adsl.username │
1093 ├──────────────┼────────────────────┤
1094 │protocol │ adsl.protocol │
1095 ├──────────────┼────────────────────┤
1096 │password │ adsl.password │
1097 ├──────────────┼────────────────────┤
1098 │encapsulation │ adsl.encapsulation │
1099 └──────────────┴────────────────────┘
1100 Table 18. MACVLAN options
1102 ┌──────┬────────────────┐
1103 │Alias │ Property │
1104 ├──────┼────────────────┤
1105 │dev │ macvlan.parent │
1106 ├──────┼────────────────┤
1107 │mode │ macvlan.mode │
1108 ├──────┼────────────────┤
1109 │tap │ macvlan.tap │
1110 └──────┴────────────────┘
1111 Table 19. MACsec options
1113 ┌────────┬────────────────┐
1114 │Alias │ Property │
1115 ├────────┼────────────────┤
1116 │dev │ macsec.parent │
1117 ├────────┼────────────────┤
1118 │mode │ macsec.mode │
1119 ├────────┼────────────────┤
1120 │encrypt │ macsec.encrypt │
1121 ├────────┼────────────────┤
1122 │cak │ macsec.cak │
1123 ├────────┼────────────────┤
1124 │ckn │ macsec.ckn │
1125 ├────────┼────────────────┤
1126 │port │ macsec.port │
1127 └────────┴────────────────┘
1128 Table 20. VxLAN options
1130 ┌─────────────────┬────────────────────────┐
1131 │Alias │ Property │
1132 ├─────────────────┼────────────────────────┤
1133 │id │ vxlan.id │
1134 ├─────────────────┼────────────────────────┤
1135 │remote │ vxlan.remote │
1136 ├─────────────────┼────────────────────────┤
1137 │dev │ vxlan.parent │
1138 ├─────────────────┼────────────────────────┤
1139 │local │ vxlan.local │
1140 ├─────────────────┼────────────────────────┤
1141 │source-port-min │ vxlan.source-port-min │
1142 ├─────────────────┼────────────────────────┤
1143 │source-port-max │ vxlan.source-port-max │
1144 ├─────────────────┼────────────────────────┤
1145 │destination-port │ vxlan.destination-port │
1146 └─────────────────┴────────────────────────┘
1147 Table 21. Tun options
1149 ┌────────────┬─────────────────┐
1150 │Alias │ Property │
1151 ├────────────┼─────────────────┤
1152 │mode │ tun.mode │
1153 ├────────────┼─────────────────┤
1154 │owner │ tun.owner │
1155 ├────────────┼─────────────────┤
1156 │group │ tun.group │
1157 ├────────────┼─────────────────┤
1158 │pi │ tun.pi │
1159 ├────────────┼─────────────────┤
1160 │vnet-hdr │ tun.vnet-hdr │
1161 ├────────────┼─────────────────┤
1162 │multi-queue │ tun.multi-queue │
1163 └────────────┴─────────────────┘
1164 Table 22. IP tunneling options
1166 ┌───────┬──────────────────┐
1167 │Alias │ Property │
1168 ├───────┼──────────────────┤
1169 │mode │ ip-tunnel.mode │
1170 ├───────┼──────────────────┤
1171 │local │ ip-tunnel.local │
1172 ├───────┼──────────────────┤
1173 │remote │ ip-tunnel.remote │
1174 ├───────┼──────────────────┤
1175 │dev │ ip-tunnel.parent │
1176 └───────┴──────────────────┘
1177 Table 23. WPAN options
1179 ┌───────────┬─────────────────┐
1180 │Alias │ Property │
1181 ├───────────┼─────────────────┤
1182 │mac │ wpan.mac │
1183 ├───────────┼─────────────────┤
1184 │short-addr │ wpan.short-addr │
1185 ├───────────┼─────────────────┤
1186 │pan-id │ wpan.pan-id │
1187 └───────────┴─────────────────┘
1188 Table 24. 6LoWPAN options
1190 ┌──────┬────────────────┐
1191 │Alias │ Property │
1192 ├──────┼────────────────┤
1193 │dev │ 6lowpan.parent │
1194 └──────┴────────────────┘
1195 Table 25. IPv4 options
1197 ┌──────┬────────────────┬─────────────────────┐
1198 │Alias │ Property │ Note │
1199 ├──────┼────────────────┼─────────────────────┤
1200 │ip4 │ ipv4.addresses │ The alias is │
1201 │ │ ipv4.method │ equivalent to the │
1202 │ │ │ +ipv4.addresses │
1203 │ │ │ syntax and also │
1204 │ │ │ sets ipv4.method to │
1205 │ │ │ manual. It can be │
1206 │ │ │ specified multiple │
1207 │ │ │ times. │
1208 ├──────┼────────────────┼─────────────────────┤
1209 │gw4 │ ipv4.gateway │ │
1210 └──────┴────────────────┴─────────────────────┘
1211 Table 26. IPv6 options
1213 ┌──────┬────────────────┬─────────────────────┐
1214 │Alias │ Property │ Note │
1215 ├──────┼────────────────┼─────────────────────┤
1216 │ip6 │ ipv6.addresses │ The alias is │
1217 │ │ ipv6.method │ equivalent to the │
1218 │ │ │ +ipv6.addresses │
1219 │ │ │ syntax and also │
1220 │ │ │ sets ipv6.method to │
1221 │ │ │ manual. It can be │
1222 │ │ │ specified multiple │
1223 │ │ │ times. │
1224 ├──────┼────────────────┼─────────────────────┤
1225 │gw6 │ ipv6.gateway │ │
1226 └──────┴────────────────┴─────────────────────┘
1227 Table 27. Proxy options
1229 ┌─────────────┬────────────────────┬─────────────────────┐
1230 │Alias │ Property │ Note │
1231 ├─────────────┼────────────────────┼─────────────────────┤
1232 │method │ proxy.method │ │
1233 ├─────────────┼────────────────────┼─────────────────────┤
1234 │browser-only │ proxy.browser-only │ │
1235 ├─────────────┼────────────────────┼─────────────────────┤
1236 │pac-url │ proxy.pac-url │ │
1237 ├─────────────┼────────────────────┼─────────────────────┤
1238 │pac-script │ proxy.pac-script │ Read the JavaScript │
1239 │ │ │ PAC (proxy │
1240 │ │ │ auto-config) script │
1241 │ │ │ from file or pass │
1242 │ │ │ it directly on the │
1243 │ │ │ command line. │
1244 │ │ │ Prefix the value │
1245 │ │ │ with "file://" or │
1246 │ │ │ "js://" to force │
1247 │ │ │ one or the other. │
1248 └─────────────┴────────────────────┴─────────────────────┘
1249
1251 Implicit coloring can be disabled by an empty file
1252 /etc/terminal-colors.d/nmcli.disable.
1253 See terminal-colors.d(5) for more details about colorization
1255 configuration. The logical color names supported by nmcli are:
1256 connection-activated
1258 A connection that is active.
1259 connection-activating
1261 Connection that is being activated.
1262 connection-disconnecting
1264 Connection that is being disconnected.
1265 connection-invisible
1267 Connection whose details is the user not permitted to see.
1268 connectivity-full
1270 Conectivity state when Internet is reachable.
1271 connectivity-limited
1273 Conectivity state when only a local network reachable.
1274 connectivity-none
1276 Conectivity state when the network is disconnected.
1277 connectivity-portal
1279 Conectivity state when a captive portal hijacked the connection.
1280 connectivity-unknown
1282 Conectivity state when a connectivity check didn't run.
1283 device-activated
1285 Device that is connected.
1286 device-activating
1288 Device that is being configured.
1289 device-disconnected
1291 Device that is not connected.
1292 device-firmware-missing
1294 Warning of a missing device firmware.
1295 device-plugin-missing
1297 Warning of a missing device plugin.
1298 device-unavailable
1300 Device that is not available for activation.
1301 device-disabled
1303 Device is disabled by software or hardware kill switch.
1304 manager-running
1306 Notice that the NetworkManager daemon is available.
1307 manager-starting
1309 Notice that the NetworkManager daemon is being initially connected.
1310 manager-stopped
1312 Notice that the NetworkManager daemon is not available.
1313 permission-auth
1315 An action that requires user authentication to get permission.
1316 permission-no
1318 An action that is not permitted.
1319 permission-yes
1321 An action that is permitted.
1322 prompt
1324 Prompt in interactive mode.
1325 state-asleep
1327 Indication that NetworkManager in suspended state.
1328 state-connected-global
1330 Indication that NetworkManager in connected to Internet.
1331 state-connected-local
1333 Indication that NetworkManager in local network.
1334 state-connected-site
1336 Indication that NetworkManager in connected to networks other than
1337 Internet.
1338 state-connecting
1340 Indication that NetworkManager is establishing a network
1341 connection.
1342 state-disconnected
1344 Indication that NetworkManager is disconnected from a network.
1345 state-disconnecting
1347 Indication that NetworkManager is being disconnected from a
1348 network.
1349 wifi-signal-excellent
1351 Wi-Fi network with an excellent signal level.
1352 wifi-signal-fair
1354 Wi-Fi network with a fair signal level.
1355 wifi-signal-good
1357 Wi-Fi network with a good signal level.
1358 wifi-signal-poor
1360 Wi-Fi network with a poor signal level.
1361 wifi-signal-unknown
1363 Wi-Fi network that hasn't been actually seen (a hidden AP).
1364 disabled
1366 A property that is turned off.
1367 enabled
1369 A property that is turned on.
1370
1372 nmcli's behavior is affected by the following environment variables.
1373 LC_ALL
1375 If set to a non-empty string value, it overrides the values of all
1376 the other internationalization variables.
1377 LC_MESSAGES
1379 Determines the locale to be used for internationalized messages.
1380 LANG
1382 Provides a default value for the internationalization variables
1383 that are unset or null.
1384
1386 Be aware that nmcli is localized and that is why the output depends on
1387 your environment. This is important to realize especially when you
1388 parse the output.
1389 Call nmcli as LC_ALL=C nmcli to be sure the locale is set to C while
1391 executing in a script.
1392 LC_ALL, LC_MESSAGES, LANG variables specify the LC_MESSAGES locale
1394 category (in that order), which determines the language that nmcli uses
1395 for messages. The C locale is used if none of these variables are set,
1396 and this locale uses English messages.
1397
1399 nmcli exits with status 0 if it succeeds, a value greater than 0 is
1400 returned if an error occurs.
1401 0
1403 Success – indicates the operation succeeded.
1404 1
1406 Unknown or unspecified error.
1407 2
1409 Invalid user input, wrong nmcli invocation.
1410 3
1412 Timeout expired (see --wait option).
1413 4
1415 Connection activation failed.
1416 5
1418 Connection deactivation failed.
1419 6
1421 Disconnecting device failed.
1422 7
1424 Connection deletion failed.
1425 8
1427 NetworkManager is not running.
1428 10
1430 Connection, device, or access point does not exist.
1431 65
1433 When used with --complete-args option, a file name is expected to
1434 follow.
1435
1437 This section presents various examples of nmcli usage. If you want even
1438 more, please refer to nmcli-examples(7) manual page.
1439 nmcli -t -f RUNNING general
1441 tells you whether NetworkManager is running or not.
1442 nmcli -t -f STATE general
1444 shows the overall status of NetworkManager.
1445 nmcli radio wifi off
1447 switches Wi-Fi off.
1448 nmcli connection show
1450 lists all connections NetworkManager has.
1451 nmcli -p -m multiline -f all con show
1453 shows all configured connections in multi-line mode.
1454 nmcli connection show --active
1456 lists all currently active connections.
1457 nmcli -f name,autoconnect c s
1459 shows all connection profile names and their auto-connect property.
1460 nmcli -p connection show "My default em1"
1462 shows details for "My default em1" connection profile.
1463 nmcli --show-secrets connection show "My Home Wi-Fi"
1465 shows details for "My Home Wi-Fi" connection profile with all
1466 passwords. Without --show-secrets option, secrets would not be
1467 displayed.
1468 nmcli -f active connection show "My default em1"
1470 shows details for "My default em1" active connection, like IP, DHCP
1471 information, etc.
1472 nmcli -f profile con s "My wired connection"
1474 shows static configuration details of the connection profile with
1475 "My wired connection" name.
1476 nmcli -p con up "My wired connection" ifname eth0
1478 activates the connection profile with name "My wired connection" on
1479 interface eth0. The -p option makes nmcli show progress of the
1480 activation.
1481 nmcli con up 6b028a27-6dc9-4411-9886-e9ad1dd43761 ap 00:3A:98:7C:42:D3
1483 connects the Wi-Fi connection with UUID
1484 6b028a27-6dc9-4411-9886-e9ad1dd43761 to the AP with BSSID
1485 00:3A:98:7C:42:D3.
1486 nmcli device status
1488 shows the status for all devices.
1489 nmcli dev disconnect em2
1491 disconnects a connection on interface em2 and marks the device as
1492 unavailable for auto-connecting. As a result, no connection will
1493 automatically be activated on the device until the device's
1494 'autoconnect' is set to TRUE or the user manually activates a
1495 connection.
1496 nmcli -f GENERAL,WIFI-PROPERTIES dev show wlan0
1498 shows details for wlan0 interface; only GENERAL and WIFI-PROPERTIES
1499 sections will be shown.
1500 nmcli -f CONNECTIONS device show wlp3s0
1502 shows all available connection profiles for your Wi-Fi interface
1503 wlp3s0.
1504 nmcli dev wifi
1506 lists available Wi-Fi access points known to NetworkManager.
1507 nmcli dev wifi con "Cafe Hotspot 1" password caffeine name "My cafe"
1509 creates a new connection named "My cafe" and then connects it to
1510 "Cafe Hotspot 1" SSID using password "caffeine". This is mainly
1511 useful when connecting to "Cafe Hotspot 1" for the first time. Next
1512 time, it is better to use nmcli con up id "My cafe" so that the
1513 existing connection profile can be used and no additional is
1514 created.
1515 nmcli -s dev wifi hotspot con-name QuickHotspot
1517 creates a hotspot profile and connects it. Prints the hotspot
1518 password the user should use to connect to the hotspot from other
1519 devices.
1520 nmcli dev modify em1 ipv4.method shared
1522 starts IPv4 connection sharing using em1 device. The sharing will
1523 be active until the device is disconnected.
1524 nmcli dev modify em1 ipv6.address 2001:db8::a:bad:c0de
1526 temporarily adds an IP address to a device. The address will be
1527 removed when the same connection is activated again.
1528 nmcli connection add type ethernet autoconnect no ifname eth0
1530 non-interactively adds an Ethernet connection tied to eth0
1531 interface with automatic IP configuration (DHCP), and disables the
1532 connection's autoconnect flag.
1533 nmcli c a ifname Maxipes-fik type vlan dev eth0 id 55
1535 non-interactively adds a VLAN connection with ID 55. The connection
1536 will use eth0 and the VLAN interface will be named Maxipes-fik.
1537 nmcli c a ifname eth0 type ethernet ipv4.method disabled ipv6.method
1539 link-local
1540 non-interactively adds a connection that will use eth0 Ethernet
1541 interface and only have an IPv6 link-local address configured.
1542 nmcli connection edit ethernet-em1-2
1544 edits existing "ethernet-em1-2" connection in the interactive
1545 editor.
1546 nmcli connection edit type ethernet con-name "yet another Ethernet
1548 connection"
1549 adds a new Ethernet connection in the interactive editor.
1550 nmcli con mod ethernet-2 connection.autoconnect no
1552 modifies 'autoconnect' property in the 'connection' setting of
1553 'ethernet-2' connection.
1554 nmcli con mod "Home Wi-Fi" wifi.mtu 1350
1556 modifies 'mtu' property in the 'wifi' setting of 'Home Wi-Fi'
1557 connection.
1558 nmcli con mod em1-1 ipv4.method manual ipv4.addr "192.168.1.23/24
1560 192.168.1.1, 10.10.1.5/8, 10.0.0.11"
1561 sets manual addressing and the addresses in em1-1 profile.
1562 nmcli con modify ABC +ipv4.dns 8.8.8.8
1564 appends a Google public DNS server to DNS servers in ABC profile.
1565 nmcli con modify ABC -ipv4.addresses "192.168.100.25/24 192.168.1.1"
1567 removes the specified IP address from (static) profile ABC.
1568 nmcli con import type openvpn file ~/Downloads/frootvpn.ovpn
1570 imports an OpenVPN configuration to NetworkManager.
1571 nmcli con export corp-vpnc /home/joe/corpvpn.conf
1573 exports NetworkManager VPN profile corp-vpnc as standard Cisco
1574 (vpnc) configuration.
1575
1577 nmcli accepts abbreviations, as long as they are a unique prefix in the
1578 set of possible options. As new options get added, these abbreviations
1579 are not guaranteed to stay unique. For scripting and long term
1580 compatibility it is therefore strongly advised to spell out the full
1581 option names.
1582
1584 There are probably some bugs. If you find a bug, please report it to
1585 your distribution or upstream at
1586 https://gitlab.freedesktop.org/NetworkManager/NetworkManager.
1587
1589 nmcli-examples(7), nm-online(1), NetworkManager(8),
1590 NetworkManager.conf(5), nm-settings(5), nm-applet(1), nm-connection-
1591 editor(1), terminal-colors.d(5).
1592NetworkManager 1.22.10 NMCLI(1)