|
|
| (24 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) |
| Zeile 1: |
Zeile 1: |
| '''nmcli''' - command-line tool for controlling NetworkManager | | '''nmcli''' - Befehlszeilenwerkzeug zur Steuerung von [[NetworkManager]] |
|
| |
|
| == SYNOPSIS == | | == Beschreibung == |
| nmcli [OPTIONS...] {help | general | networking | radio | connection | device | agent | monitor} [COMMAND] [ARGUMENTS...]
| | Befehlszeilenwerkzeug zur Steuerung von [[NetworkManager]] und zur Meldung des Netzwerkstatus |
| | * Ersatz für grafische Clients |
|
| |
|
| == DESCRIPTION ==
| | ; Netzwerkverbindungen |
| nmcli is a command-line tool for controlling NetworkManager and reporting network status. It can be utilized as a
| | * Erstellen |
| replacement for nm-applet or other graphical clients. nmcli is used to create, display, edit, delete, activate, and
| | * Anzeigen |
| deactivate network connections, as well as control and display network device status. See nmcli-examples(7) for ready to run
| | * Bearbeiten |
| nmcli examples.
| | * Löschen |
| | * Aktivieren |
|
| |
|
| Typical uses include:
| | Siehe [[nmcli-examples(7)]] für ausführungsbereite Anwendungsfälle |
|
| |
|
| • Scripts: Utilize NetworkManager via nmcli instead of managing network connections manually. nmcli supports a terse
| | ; Skripte |
| output format which is better suited for script processing. Note that NetworkManager can also execute scripts, called
| | * Verwenden Sie [[NetworkManager]] über nmcli, anstatt Netzwerkverbindungen manuell zu verwalten |
| "dispatcher scripts", in response to network events. See NetworkManager(8) for details about these dispatcher scripts.
| |
|
| |
|
| • Servers, headless machines, and terminals: nmcli can be used to control NetworkManager without a GUI, including
| | nmcli unterstützt ein knappes Ausgabeformat, das sich besser für die Skriptverarbeitung eignet |
| creating, editing, starting and stopping network connections and viewing network status.
| | * Beachten Sie, dass NetworkManager auch Skripte ausführen kann, die als „Dispatcher-Skripte“ genannt, als Reaktion auf Netzwerkereignisse ausführen kann |
|
| |
|
| == OPTIONS ==
| | ; Weitere Informationen zu Dispatcher-Skripten |
| -a | --ask
| | * [[NetworkManager(8)]] Server, Maschinen ohne Monitor und Terminals: nmcli kann zur Steuerung von NetworkManager ohne grafische Benutzeroberfläche verwendet werden, einschließlich Erstellen, Bearbeiten, Starten und Beenden von Netzwerkverbindungen und Anzeigen des Netzwerkstatus |
| When using this option nmcli will stop and ask for any missing required arguments, so do not use this option for
| |
| non-interactive purposes like scripts. This option controls, for example, whether you will be prompted for a password if
| |
| it is required for connecting to a network.
| |
|
| |
|
| -c | --colors {yes | no | auto}
| | == Installation == |
| This option controls color output (using terminal escape sequences). yes enables colors, no disables them, auto only
| | <syntaxhighlight lang="bash" highlight="1" line copy> |
| produces colors when standard output is directed to a terminal. The default value is auto.
| | </syntaxhighlight> |
|
| |
|
| The actual colors used are configured as described in terminal-colors.d(5). Please refer to the COLORS section for a
| | == Aufruf == |
| list of color names supported by nmcli.
| | <syntaxhighlight lang="bash" highlight="1" line copy> |
| | | nmcli [OPTIONS...] {help | general | networking | radio | connection | device | agent | monitor} [COMMAND] [ARGUMENTS...] |
| If the environment variable NO_COLOR is set (to any non-empty value), then coloring is disabled with mode "auto". If the
| | </syntaxhighlight> |
| environment variable CLICOLOR_FORCE is set (to any non-empty value), then coloring is enabled with mode "auto".
| |
| Explicitly enabling coloring overrides the environment variable.
| |
| | |
| --complete-args
| |
| Instead of conducting the desired action, nmcli will list possible completions for the last argument. This is useful to
| |
| implement argument completion in shell.
| |
| | |
| The exit status will indicate success or return a code 65 to indicate the last argument is a file name.
| |
| | |
| NetworkManager ships with command completion support for GNU Bash.
| |
| | |
| -e | --escape {yes | no}
| |
| Whether to escape : and \ characters in terse tabular mode. The escape character is \.
| |
| | |
| If omitted, default is yes.
| |
| | |
| -f | --fields {field1,field2... | all | common}
| |
| This option is used to specify what fields (column names) should be printed. Valid field names differ for specific
| |
| commands. List available fields by providing an invalid value to the --fields option. all is used to print all valid
| |
| field values of the command. common is used to print common field values of the command.
| |
| | |
| If omitted, default is common.
| |
| | |
| -g | --get-values {field1,field2... | all | common}
| |
| This option is used to print values from specific fields. It is basically a shortcut for --mode tabular --terse --fields
| |
| and is a convenient way to retrieve values for particular fields. The values are printed one per line without headers.
| |
| | |
| If a section is specified instead of a field, the section name will be printed followed by colon separated values of the
| |
| fields belonging to that section, all on the same line.
| |
| | |
| -h | --help
| |
| Print help information.
| |
| | |
| -m | --mode {tabular | multiline}
| |
| Switch between tabular and multiline output:
| |
| | |
| tabular
| |
| Output is a table where each line describes a single entry. Columns define particular properties of the entry.
| |
| | |
| multiline
| |
| Each entry comprises multiple lines, each property on its own line. The values are prefixed with the property name.
| |
| | |
| If omitted, default is tabular for most commands. For the commands producing more structured information, that cannot be
| |
| displayed on a single line, default is multiline. Currently, they are:
| |
| | |
| • nmcli connection show ID
| |
| | |
| • nmcli device show
| |
| | |
| -p | --pretty
| |
| Output is pretty. This causes nmcli to produce easily readable outputs for humans, i.e. values are aligned, headers are
| |
| printed, etc.
| |
| | |
| -s | --show-secrets
| |
| When using this option nmcli will display passwords and secrets that might be present in an output of an operation. This
| |
| option also influences echoing passwords typed by user as an input.
| |
| | |
| -t | --terse
| |
| Output is terse. This mode is designed and suitable for computer (script) processing.
| |
| | |
| --offline
| |
| Work without a daemon. Makes connection add and connection modify commands accept and produce connection data via
| |
| standard input/output. Ordinarily, nmcli would communicate with the NetworkManager service.
| |
| | |
| The connection data format (keyfile) is described in nm-settings-keyfile(5) manual.
| |
| | |
| -v | --version
| |
| Show nmcli version.
| |
| | |
| -w | --wait seconds
| |
| This option sets a timeout period for which nmcli will wait for NetworkManager to finish operations. It is especially
| |
| useful for commands that may take a longer time to complete, e.g. connection activation.
| |
| | |
| Specifying a value of 0 instructs nmcli not to wait but to exit immediately with a status of success. The default value
| |
| depends on the executed command.
| |
| | |
| == GENERAL COMMANDS == | |
| | |
| nmcli general {status | hostname | permissions | logging | reload} [ARGUMENTS...]
| |
| | |
| Use this command to show NetworkManager status and permissions. You can also get and change system hostname, as well as
| |
| NetworkManager logging level and domains.
| |
| | |
| status
| |
| Show overall status of NetworkManager. This is the default action, when no additional command is provided for nmcli
| |
| general.
| |
| | |
| hostname [hostname]
| |
| Get and change system hostname. With no arguments, this prints currently configured hostname. When you pass a hostname,
| |
| it will be handed over to NetworkManager to be set as a new system hostname.
| |
| | |
| Note that the term "system" hostname may also be referred to as "persistent" or "static" by other programs or tools. The
| |
| hostname is stored in /etc/hostname file in most distributions. For example, systemd-hostnamed service uses the term
| |
| "static" hostname and it only reads the /etc/hostname file when it starts.
| |
| | |
| permissions
| |
| Show the permissions a caller has for various authenticated operations that NetworkManager provides, like enable and
| |
| disable networking, changing Wi-Fi and WWAN state, modifying connections, etc.
| |
| | |
| logging [level level] [domains domains...]
| |
| Get and change NetworkManager logging level and domains. Without any argument current logging level and domains are
| |
| shown. In order to change logging state, provide level and, or, domain parameters. See NetworkManager.conf(5) for
| |
| available level and domain values.
| |
| | |
| reload [flags...]
| |
| Reload NetworkManager's configuration and perform certain updates, like flushing caches or rewriting external state to
| |
| disk. This is similar to sending SIGHUP to NetworkManager but it allows for more fine-grained control over what to
| |
| reload through the flags argument. It also allows non-root access via PolicyKit and contrary to signals it is
| |
| synchronous. Available flags are:
| |
| | |
| conf
| |
| Reload the NetworkManager.conf configuration from disk. Note that this does not include connections, which can be
| |
| reloaded through nmcli connection reload instead.
| |
| | |
| dns-rc
| |
| Update DNS configuration, which usually involves writing /etc/resolv.conf anew. This is equivalent to sending the
| |
| SIGUSR1 signal to the NetworkManager process.
| |
| | |
| dns-full
| |
| Restart the DNS plugin. This is for example useful when using dnsmasq plugin, which uses additional configuration in
| |
| /etc/NetworkManager/dnsmasq.d. If you edit those files, you can restart the DNS plugin. This action shortly
| |
| interrupts name resolution.
| |
| | |
| With no flags, everything that is supported is reloaded, which is identical to sending a SIGHUP. See NetworkManager(8)
| |
| for more details about signals.
| |
| | |
| == NETWORKING CONTROL COMMANDS == | |
| | |
| nmcli networking {on | off | connectivity} [ARGUMENTS...]
| |
| | |
| Query NetworkManager networking status, enable and disable networking.
| |
| | |
| on, off
| |
| Enable or disable networking control by NetworkManager. All interfaces managed by NetworkManager are deactivated when
| |
| networking is disabled.
| |
| | |
| connectivity [check]
| |
| Get network connectivity state. The optional check argument tells NetworkManager to re-check the connectivity, else the
| |
| most recent known connectivity state is displayed without re-checking.
| |
| | |
| Possible states are:
| |
| | |
| none
| |
| the host is not connected to any network.
| |
| | |
| portal
| |
| the host is behind a captive portal and cannot reach the full Internet.
| |
| | |
| limited
| |
| the host is connected to a network, but it has no access to the Internet.
| |
| | |
| full
| |
| the host is connected to a network and has full access to the Internet.
| |
| | |
| unknown
| |
| the connectivity status cannot be found out.
| |
| | |
| == RADIO TRANSMISSION CONTROL COMMANDS ==
| |
| | |
| nmcli radio {all | wifi | wwan} [ARGUMENTS...]
| |
| | |
| Show radio switches status, or enable and disable the switches.
| |
| | |
| wifi [on | off]
| |
| Show or set status of Wi-Fi in NetworkManager. If no arguments are supplied, Wi-Fi status is printed; on enables Wi-Fi;
| |
| off disables Wi-Fi.
| |
| | |
| wwan [on | off]
| |
| Show or set status of WWAN (mobile broadband) in NetworkManager. If no arguments are supplied, mobile broadband status
| |
| is printed; on enables mobile broadband, off disables it.
| |
| | |
| all [on | off]
| |
| Show or set all previously mentioned radio switches at the same time.
| |
| | |
| == ACTIVITY MONITOR ==
| |
| | |
| nmcli monitor
| |
| | |
| Observe NetworkManager activity. Watches for changes in connectivity state, devices or connection profiles.
| |
| | |
| See also nmcli connection monitor and nmcli device monitor to watch for changes in certain devices or connections.
| |
| | |
| == CONNECTION MANAGEMENT COMMANDS ==
| |
| | |
| nmcli connection {show | up | down | modify | add | edit | clone | delete | monitor | reload | load | import | export |
| |
| migrate} [ARGUMENTS...]
| |
| | |
| NetworkManager stores all network configuration as "connections", which are collections of data (Layer2 details, IP
| |
| addressing, etc.) that describe how to create or connect to a network. A connection is "active" when a device uses that
| |
| connection's configuration to create or connect to a network. There may be multiple connections that apply to a device, but
| |
| only one of them can be active on that device at any given time. The additional connections can be used to allow quick
| |
| switching between different networks and configurations.
| |
| | |
| Consider a machine which is usually connected to a DHCP-enabled network, but sometimes connected to a testing network which
| |
| uses static IP addressing. Instead of manually reconfiguring eth0 each time the network is changed, the settings can be
| |
| saved as two connections which both apply to eth0, one for DHCP (called default) and one with the static addressing details
| |
| (called testing). When connected to the DHCP-enabled network the user would run nmcli con up default , and when connected to
| |
| the static network the user would run nmcli con up testing.
| |
| | |
| show [--active] [--order [+-]category:...]
| |
| List in-memory and on-disk connection profiles, some of which may also be active if a device is using that connection
| |
| profile. Without a parameter, all profiles are listed. When --active option is specified, only the active profiles are
| |
| shown.
| |
| | |
| The --order option can be used to get custom ordering of connections. The connections can be ordered by active status
| |
| (active), name (name), type (type) or D-Bus path (path). If connections are equal according to a sort order category, an
| |
| additional category can be specified. The default sorting order is equivalent to --order active:name:path. + or no
| |
| prefix means sorting in ascending order (alphabetically or in numbers), - means reverse (descending) order. The category
| |
| names can be abbreviated (e.g. --order -a:na).
| |
| | |
| show [--active] [id | uuid | path | apath] ID...
| |
| Show details for specified connections. By default, both static configuration and active connection data are displayed.
| |
| When --active option is specified, only the active profiles are taken into account. Use global --show-secrets option to
| |
| display secrets associated with the profile.
| |
| | |
| id, uuid, path and apath keywords can be used if ID is ambiguous. Optional ID-specifying keywords are:
| |
| | |
| id
| |
| the ID denotes a connection name.
| |
| | |
| uuid
| |
| the ID denotes a connection UUID.
| |
| | |
| path
| |
| the ID denotes a D-Bus static connection path in the format of /org/freedesktop/NetworkManager/Settings/num or just
| |
| num.
| |
| | |
| apath
| |
| the ID denotes a D-Bus active connection path in the format of /org/freedesktop/NetworkManager/ActiveConnection/num
| |
| or just num.
| |
| | |
| It is possible to filter the output using the global --fields option. Use the following values:
| |
| | |
| profile
| |
| only shows static profile configuration.
| |
| | |
| active
| |
| only shows active connection data (when the profile is active).
| |
| | |
| You can also specify particular fields. For static configuration, use setting and property names as described in nm-
| |
| settings-nmcli(5) manual page. For active data use GENERAL, IP4, DHCP4, IP6, DHCP6, VPN.
| |
| | |
| When no command is given to the nmcli connection, the default action is nmcli connection show.
| |
| | |
| up [id | uuid | path] ID [ifname ifname] [ap BSSID] [passwd-file file]
| |
| Activate a connection. The connection is identified by its name, UUID or D-Bus path. If ID is ambiguous, a keyword id,
| |
| uuid or path can be used. When requiring a particular device to activate the connection on, the ifname option with
| |
| interface name should be given. If the ID is not given an ifname is required, and NetworkManager will activate the best
| |
| available connection for the given ifname. In case of a VPN connection, the ifname option specifies the device of the
| |
| base connection. The ap option specify what particular AP should be used in case of a Wi-Fi connection.
| |
| | |
| If --wait option is not specified, the default timeout will be 90 seconds.
| |
| | |
| See connection show above for the description of the ID-specifying keywords.
| |
| | |
| Available options are:
| |
| | |
| ifname
| |
| interface that will be used for activation.
| |
| | |
| ap
| |
| BSSID of the AP which the command should connect to (for Wi-Fi connections).
| |
| | |
| passwd-file
| |
| some networks may require credentials during activation. You can give these credentials using this option. Each line
| |
| of the file should contain one password in the form:
| |
| | |
| setting_name.property_name:the password
| |
| | |
| For example, for WPA Wi-Fi with PSK, the line would be
| |
| | |
| 802-11-wireless-security.psk:secret12345
| |
| | |
| For 802.1X password, the line would be
| |
| | |
| 802-1x.password:my 1X password
| |
| | |
| nmcli also accepts wifi-sec and wifi strings instead of 802-11-wireless-security. When NetworkManager requires a | |
| password and it is not given, nmcli will ask for it when run with --ask. If --ask was not passed, NetworkManager can
| |
| ask another secret agent that may be running (typically a GUI secret agent, such as nm-applet or gnome-shell).
| |
| | |
| down [id | uuid | path | apath] ID...
| |
| Deactivate a connection from a device without preventing the device from further auto-activation. Multiple connections
| |
| can be passed to the command.
| |
| | |
| Be aware that this command deactivates the specified active connection, but the device on which the connection was
| |
| active, is still ready to connect and will perform auto-activation by looking for a suitable connection that has the
| |
| 'autoconnect' flag set. Note that the deactivating connection profile is internally blocked from autoconnecting again.
| |
| Hence it will not autoconnect until reboot or until the user performs an action that unblocks autoconnect, like
| |
| modifying the profile or explicitly activating it.
| |
| | |
| In most cases you may want to use device down command instead.
| |
| | |
| The connection is identified by its name, UUID or D-Bus path. If ID is ambiguous, a keyword id, uuid, path or apath can
| |
| be used.
| |
| | |
| See connection show above for the description of the ID-specifying keywords.
| |
| | |
| If --wait option is not specified, the default timeout will be 10 seconds.
| |
| | |
| modify [--temporary] [id | uuid | path] [ID] {option value | [+|-]setting.property value}...
| |
| Add, modify or remove properties in the connection profile.
| |
| | |
| To set the property just specify the property name followed by the value. An empty value ("") resets the property value
| |
| to the default.
| |
| | |
| See nm-settings-nmcli(5) for complete reference of setting and property names, their descriptions and default values.
| |
| The setting and property can be abbreviated provided they are unique.
| |
| | |
| If you want to append an item or a flag to the existing value, use + prefix for the property name or alias. If you want
| |
| to remove items from a container-type or flag property, use - prefix. For certain properties you can also remove
| |
| elements by specifying the zero-based index(es). The + and - modifiers only have a real effect for properties that
| |
| support them. These are for example multi-value (container) properties or flags like ipv4.dns, ip4, ipv4.addresses,
| |
| bond.options, 802-1x.phase1-auth-flags etc.
| |
| | |
| The connection is identified by its name, UUID or D-Bus path. If ID is ambiguous, a keyword id, uuid or path can be
| |
| used. The ID is not used with the global --offline option.
| |
| | |
| When the global --offline is used, the command reads the connection from the standard input and prints the modified
| |
| connection to standard output instead of making the the NetworkManager daemon act upon specified connection.
| |
| | |
| modify [--temporary] [id | uuid | path] ID remove setting
| |
| Removes a setting from the connection profile.
| |
| | |
| add [save {yes | no}] {option value | [+|-]setting.property value}...
| |
| Create a new connection using specified properties.
| |
| | |
| You need to describe the newly created connections with the property and value pairs. See nm-settings-nmcli(5) for the
| |
| complete reference. The syntax is the same as of the nmcli connection modify command.
| |
| | |
| To construct a meaningful connection you at the very least need to set the connection.type property (or use the type
| |
| alias) to one of known NetworkManager connection types:
| |
| | |
| • 6lowpan
| |
| | |
| • 802-11-olpc-mesh (alias olpc-mesh)
| |
| | |
| • 802-11-wireless (alias wifi)
| |
| | |
| • 802-3-ethernet (alias ethernet)
| |
| | |
| • adsl
| |
| | |
| • bluetooth
| |
| | |
| • bond
| |
| | |
| • bond-slave (deprecated for ethernet with controller)
| |
| | |
| • bridge
| |
| | |
| • bridge-slave (deprecated for ethernet with controller)
| |
| | |
| • cdma
| |
| | |
| • dummy
| |
| | |
| • generic
| |
| | |
| • gsm
| |
| | |
| • infiniband
| |
| | |
| • ip-tunnel
| |
| | |
| • macsec
| |
| | |
| • macvlan
| |
| | |
| • olpc-mesh
| |
| | |
| • ovs-bridge
| |
| | |
| • ovs-dpdk
| |
| | |
| • ovs-interface
| |
| | |
| • ovs-patch
| |
| | |
| • ovs-port
| |
| | |
| • pppoe
| |
| | |
| • team
| |
| | |
| • team-slave (deprecated for ethernet with controller)
| |
| | |
| • tun
| |
| | |
| • veth
| |
| | |
| • vlan
| |
| | |
| • vpn
| |
| | |
| • vrf
| |
| | |
| • vxlan
| |
| | |
| • wifi-p2p
| |
| | |
| • wimax
| |
| | |
| • wireguard
| |
| | |
| • wpan
| |
| | |
| The most typical uses are described in the EXAMPLES section.
| |
| | |
| Aside from the properties and values two special options are accepted:
| |
| | |
| save
| |
| Controls whether the connection should be persistent, i.e. NetworkManager should store it on disk (default: yes).
| |
| | |
| --
| |
| If a single -- argument is encountered it is ignored. This is for compatibility with older versions on nmcli.
| |
| | |
| When the global --offline is used, the command prints the resulting connection to standard output instead of actually
| |
| adding the connection via the NetworkManager daemon.
| |
| | |
| edit {[id | uuid | path] ID | [type type] [con-name name] }
| |
| Edit an existing connection or add a new one, using an interactive editor.
| |
| | |
| The existing connection is identified by its name, UUID or D-Bus path. If ID is ambiguous, a keyword id, uuid, or path
| |
| can be used. See connection show above for the description of the ID-specifying keywords. Not providing an ID means that
| |
| a new connection will be added.
| |
| | |
| The interactive editor will guide you through the connection editing and allow you to change connection parameters
| |
| according to your needs by means of a simple menu-driven interface. The editor indicates what settings and properties
| |
| can be modified and provides in-line help.
| |
| | |
| Available options:
| |
| | |
| type
| |
| type of the new connection; valid types are the same as for connection add command.
| |
| | |
| con-name
| |
| name for the new connection. It can be changed later in the editor.
| |
| | |
| See also nm-settings-nmcli(5) for all NetworkManager settings and property names, and their descriptions; and nmcli-
| |
| examples(7) for sample editor sessions.
| |
| | |
| clone [--temporary] [id | uuid | path] ID new_name
| |
| Clone a connection. The connection to be cloned is identified by its name, UUID or D-Bus path. If ID is ambiguous, a
| |
| keyword id, uuid or path can be used. See connection show above for the description of the ID-specifying keywords.
| |
| new_name is the name of the new cloned connection. The new connection will be the exact copy except the connection.id
| |
| (new_name) and connection.uuid (generated) properties.
| |
| | |
| The new connection profile will be saved as persistent unless --temporary option is specified, in which case the new
| |
| profile won't exist after NetworkManager restart.
| |
| | |
| delete [id | uuid | path] ID...
| |
| Delete a configured connection. The connection to be deleted is identified by its name, UUID or D-Bus path. If ID is
| |
| ambiguous, a keyword id, uuid or path can be used. See connection show above for the description of the ID-specifying
| |
| keywords.
| |
| | |
| If --wait option is not specified, the default timeout will be 10 seconds.
| |
| | |
| monitor [id | uuid | path] ID...
| |
| Monitor connection profile activity. This command prints a line whenever the specified connection changes. The
| |
| connection to be monitored is identified by its name, UUID or D-Bus path. If ID is ambiguous, a keyword id, uuid or path
| |
| can be used. See connection show above for the description of the ID-specifying keywords.
| |
| | |
| Monitors all connection profiles in case none is specified. The command terminates when all monitored connections
| |
| disappear. If you want to monitor connection creation consider using the global monitor with nmcli monitor command.
| |
| | |
| reload
| |
| Reload all connection files from disk. NetworkManager does not monitor changes to connection. So you need to use this
| |
| command in order to tell NetworkManager to re-read the connection profiles from disk when a change was made to them.
| |
| | |
| load filename...
| |
| Load/reload one or more connection files from disk. Use this after manually editing a connection file to ensure that
| |
| NetworkManager is aware of its latest state.
| |
| | |
| import [--temporary] type type file file
| |
| Import an external/foreign configuration as a NetworkManager connection profile. The type of the input file is specified
| |
| by type option.
| |
| | |
| Only VPN configurations are supported at the moment. The configuration is imported by NetworkManager VPN plugins. type
| |
| values are the same as for vpn-type option in nmcli connection add. VPN configurations are imported by VPN plugins.
| |
| Therefore the proper VPN plugin has to be installed so that nmcli could import the data.
| |
| | |
| The imported connection profile will be saved as persistent unless --temporary option is specified, in which case the
| |
| new profile won't exist after NetworkManager restart.
| |
| | |
| export [id | uuid | path] ID [file]
| |
| Export a connection.
| |
| | |
| Only VPN connections are supported at the moment. A proper VPN plugin has to be installed so that nmcli could export a
| |
| connection. If no file is provided, the VPN configuration data will be printed to standard output.
| |
| | |
| migrate [--plugin plugin...] [id | uuid | path] [ID...]
| |
| Migrate connection profiles to a different settings plugin, such as keyfile (default) or ifcfg-rh.
| |
| | |
| The connection to be migrated is identified by its name, UUID or D-Bus path. If ID is ambiguous, a keyword id, uuid or
| |
| path can be used. See connection show above for the description of the ID-specifying keywords.
| |
| | |
| If no connections are specified, the command acts on all available connections. Therefore, with no arguments, the
| |
| command migrates all connection profiles to the keyfile plugin.
| |
| | |
| If --wait option is not specified, the default timeout will be 10 seconds.
| |
| | |
| == DEVICE MANAGEMENT COMMANDS ==
| |
| | |
| nmcli device {status | show | set | up | connect | reapply | modify | down | disconnect | delete | monitor | wifi | lldp |
| |
| checkpoint} [ARGUMENTS...]
| |
| | |
| Show and manage network interfaces.
| |
| | |
| status
| |
| Print status of devices.
| |
| | |
| This is the default action if no command is specified to nmcli device.
| |
| | |
| show [ifname]
| |
| Show detailed information about devices. Without an argument, all devices are examined. To get information for a
| |
| specific device, the interface name has to be provided.
| |
| | |
| set [ifname] ifname [autoconnect {yes | no}] [managed {yes | no}]
| |
| Set device properties.
| |
| | |
| up ifname
| |
| Connect the device. NetworkManager will try to find a suitable connection that will be activated. It will also consider
| |
| connections that are not set to auto connect.
| |
| | |
| If no compatible connection exists, a new profile with default settings will be created and activated. This
| |
| differentiates nmcli connection up ifname "$DEVICE" from nmcli device up "$DEVICE"
| |
| | |
| If --wait option is not specified, the default timeout will be 90 seconds.
| |
| | |
| connect ifname
| |
| Alias for command up. Before version 1.34.0 up was not supported.
| |
| | |
| reapply ifname
| |
| Attempt to update device with changes to the currently active connection made since it was last applied.
| |
| | |
| modify ifname {option value | [+|-]setting.property value}...
| |
| Modify the settings currently active on the device.
| |
| | |
| This command lets you do temporary changes to a configuration active on a particular device. The changes are not
| |
| preserved in the connection profile.
| |
| | |
| See nm-settings-nmcli(5) for the list of available properties. Please note that some properties can't be changed on an
| |
| already connected device.
| |
| | |
| down ifname...
| |
| Disconnect a device and prevent the device from automatically activating further connections without user/manual
| |
| intervention. Note that disconnecting software devices may mean that the devices will disappear.
| |
| | |
| If --wait option is not specified, the default timeout will be 10 seconds.
| |
| | |
| disconnect ifname...
| |
| Alias for command down. Before version 1.34.0 down was not supported.
| |
| | |
| delete ifname...
| |
| Delete a device. The command removes the interface from the system. Note that this only works for software devices like
| |
| bonds, bridges, teams, etc. Hardware devices (like Ethernet) cannot be deleted by the command.
| |
| | |
| If --wait option is not specified, the default timeout will be 10 seconds.
| |
| | |
| monitor [ifname...]
| |
| Monitor device activity. This command prints a line whenever the specified devices change state.
| |
| | |
| Monitors all devices in case no interface is specified. The monitor terminates when all specified devices disappear. If
| |
| you want to monitor device addition consider using the global monitor with nmcli monitor command.
| |
| | |
| wifi [list [--rescan | auto | no | yes] [ifname ifname] [bssid BSSID]]
| |
| List available Wi-Fi access points. The ifname and bssid options can be used to list APs for a particular interface or
| |
| with a specific BSSID, respectively.
| |
| | |
| By default, nmcli ensures that the access point list is no older than 30 seconds and triggers a network scan if
| |
| necessary. The --rescan can be used to either force or disable the scan regardless of how fresh the access point list
| |
| is.
| |
| | |
| wifi connect (B)SSID [password password] [wep-key-type {key | phrase}] [ifname ifname] [bssid BSSID] [name name]
| |
| [private {yes | no}] [hidden {yes | no}]
| |
| Connect to a Wi-Fi network specified by SSID or BSSID. The command finds a matching connection or creates one and then
| |
| activates it on a device. This is a command-line counterpart of clicking an SSID in a GUI client. If a connection for
| |
| the network already exists, it is possible to bring up (activate) the existing profile as follows: nmcli con up id name.
| |
| Note that only open, WEP and WPA-PSK networks are supported if no previous connection exists. It is also assumed that IP
| |
| configuration is obtained via DHCP.
| |
| | |
| If --wait option is not specified, the default timeout will be 90 seconds.
| |
| | |
| Available options are:
| |
| | |
| password
| |
| password for secured networks (WEP or WPA).
| |
| | |
| wep-key-type
| |
| type of WEP secret, either key for ASCII/HEX key or phrase for passphrase.
| |
| | |
| ifname
| |
| interface that will be used for activation.
| |
| | |
| bssid
| |
| if specified, the created connection will be restricted just for the BSSID.
| |
| | |
| name
| |
| if specified, the connection will use the name (else NM creates a name itself).
| |
| | |
| private
| |
| if set to yes, the connection will only be visible to the user who created it. Otherwise, the connection is
| |
| system-wide, which is the default.
| |
| | |
| hidden
| |
| set to yes when connecting for the first time to an AP not broadcasting its SSID. Otherwise, the SSID would not be
| |
| found and the connection attempt would fail.
| |
| | |
| wifi hotspot [ifname ifname] [con-name name] [ssid SSID] [band {a | bg}] [channel channel] [password password]
| |
| Create a Wi-Fi hotspot. The command creates a hotspot connection profile according to Wi-Fi device capabilities and
| |
| activates it on the device. The hotspot is secured with WPA if device/driver supports that, otherwise WEP is used. Use
| |
| connection down or device down to stop the hotspot.
| |
| | |
| Parameters of the hotspot can be influenced by the optional parameters:
| |
| | |
| ifname
| |
| what Wi-Fi device is used.
| |
| | |
| con-name
| |
| name of the created hotspot connection profile.
| |
| | |
| ssid
| |
| SSID of the hotspot.
| |
| | |
| band
| |
| Wi-Fi band to use.
| |
| | |
| channel
| |
| Wi-Fi channel to use.
| |
| | |
| password
| |
| password to use for the created hotspot. If not provided, nmcli will generate a password. The password is either WPA
| |
| pre-shared key or WEP key.
| |
| | |
| Note that --show-secrets global option can be used to print the hotspot password. It is useful especially when the
| |
| password was generated.
| |
| | |
| wifi rescan [ifname ifname] [ssid SSID...]
| |
| Request that NetworkManager immediately re-scan for available access points. NetworkManager scans Wi-Fi networks
| |
| periodically, but in some cases it can be useful to start scanning manually (e.g. after resuming the computer). By using
| |
| ssid, it is possible to scan for a specific SSID, which is useful for APs with hidden SSIDs. You can provide multiple
| |
| ssid parameters in order to scan more SSIDs.
| |
| | |
| This command does not show the APs, use nmcli device wifi list for that.
| |
| | |
| wifi show-password [ifname ifname]
| |
| Show the details of the active Wi-Fi networks, including the secrets.
| |
| | |
| lldp [list [ifname ifname]]
| |
| Display information about neighboring devices learned through the Link Layer Discovery Protocol (LLDP). The ifname
| |
| option can be used to list neighbors only for a given interface. The protocol must be enabled in the connection
| |
| settings.
| |
| | |
| checkpoint [--timeout seconds] [ifname...] -- COMMAND...
| |
| Runs the command with a configuration checkpoint taken and asks for a confirmation when finished. When the confirmation
| |
| is not given, the checkpoint is automatically restored after timeout.
| |
| | |
| This allows doing disruptive configuration changes over remote connections with an option of restoring the network
| |
| configuration to a known good state in case of an error.
| |
| | |
| If the a list of interface names is specified, the checkpoint is taken, the checkpoint is takes only on the specified
| |
| devices. Otherwise a checkpoint is taken for all devices.
| |
| | |
| Currently the timeout defaults to 15 seconds. This may change in a future version.
| |
| | |
| == SECRET AGENT ==
| |
| | |
| nmcli agent {secret | polkit | all}
| |
| | |
| Run nmcli as a NetworkManager secret agent, or polkit agent.
| |
| | |
| secret
| |
| Register nmcli as a NetworkManager secret agent and listen for secret requests. You usually do not need this command,
| |
| because nmcli can handle secrets when connecting to networks. However, you may find the command useful when you use
| |
| another tool for activating connections and you do not have a secret agent available (like nm-applet).
| |
| | |
| polkit
| |
| Register nmcli as a polkit agent for the user session and listen for authorization requests. You do not usually need
| |
| this command, because nmcli can handle polkit actions related to NetworkManager operations (when run with --ask).
| |
| However, you may find the command useful when you want to run a simple text based polkit agent and you do not have an
| |
| agent of a desktop environment. Note that running this command makes nmcli handle all polkit requests, not only
| |
| NetworkManager related ones, because only one polkit agent can run for the session.
| |
| | |
| all
| |
| Runs nmcli as both NetworkManager secret and a polkit agent.
| |
| | |
| == COLORS ==
| |
| Implicit coloring can be disabled by an empty file /etc/terminal-colors.d/nmcli.disable.
| |
| | |
| See terminal-colors.d(5) for more details about colorization configuration. The logical color names supported by nmcli are:
| |
| | |
| connection-activated
| |
| A connection that is active.
| |
| | |
| connection-activating
| |
| Connection that is being activated.
| |
| | |
| connection-disconnecting
| |
| Connection that is being disconnected.
| |
| | |
| connection-external
| |
| Connection representing configuration created externally to NetworkManager.
| |
| | |
| connection-invisible
| |
| Connection whose details is the user not permitted to see.
| |
| | |
| connection-deprecated
| |
| Connection that uses deprecated settings. It might not be possible to activate it.
| |
| | |
| connectivity-full
| |
| Connectivity state when Internet is reachable.
| |
| | |
| connectivity-limited
| |
| Connectivity state when only a local network reachable.
| |
| | |
| connectivity-none
| |
| Connectivity state when the network is disconnected.
| |
| | |
| connectivity-portal
| |
| Connectivity state when a captive portal hijacked the connection.
| |
| | |
| connectivity-unknown
| |
| Connectivity state when a connectivity check didn't run.
| |
| | |
| device-activated
| |
| Device that is connected.
| |
| | |
| device-activating
| |
| Device that is being configured.
| |
| | |
| device-disconnected
| |
| Device that is not connected.
| |
| | |
| device-external
| |
| Device configured externally to NetworkManager.
| |
| | |
| device-firmware-missing
| |
| Warning of a missing device firmware.
| |
| | |
| device-plugin-missing
| |
| Warning of a missing device plugin.
| |
| | |
| device-unavailable
| |
| Device that is not available for activation.
| |
| | |
| device-disabled
| |
| Device is disabled by software or hardware kill switch.
| |
| | |
| manager-running
| |
| Notice that the NetworkManager daemon is available.
| |
| | |
| manager-starting
| |
| Notice that the NetworkManager daemon is being initially connected.
| |
| | |
| manager-stopped
| |
| Notice that the NetworkManager daemon is not available.
| |
| | |
| permission-auth
| |
| An action that requires user authentication to get permission.
| |
| | |
| permission-no
| |
| An action that is not permitted.
| |
| | |
| permission-yes
| |
| An action that is permitted.
| |
| | |
| prompt
| |
| Prompt in interactive mode.
| |
| | |
| state-asleep
| |
| Indication that NetworkManager in suspended state.
| |
| | |
| state-connected-global
| |
| Indication that NetworkManager in connected to Internet.
| |
| | |
| state-connected-local
| |
| Indication that NetworkManager in local network.
| |
| | |
| state-connected-site
| |
| Indication that NetworkManager in connected to networks other than Internet.
| |
| | |
| state-connecting
| |
| Indication that NetworkManager is establishing a network connection.
| |
| | |
| state-disconnected
| |
| Indication that NetworkManager is disconnected from a network.
| |
| | |
| state-disconnecting
| |
| Indication that NetworkManager is being disconnected from a network.
| |
| | |
| wifi-signal-excellent
| |
| Wi-Fi network with an excellent signal level.
| |
| | |
| wifi-signal-fair
| |
| Wi-Fi network with a fair signal level.
| |
| | |
| wifi-signal-good
| |
| Wi-Fi network with a good signal level.
| |
| | |
| wifi-signal-poor
| |
| Wi-Fi network with a poor signal level.
| |
| | |
| wifi-signal-unknown
| |
| Wi-Fi network that hasn't been actually seen (a hidden AP).
| |
| | |
| wifi-deprecated
| |
| Wi-Fi network that might be impossible to connect to due to use of deprecated functionality.
| |
| | |
| disabled
| |
| A property that is turned off.
| |
| | |
| enabled
| |
| A property that is turned on.
| |
| | |
| == ENVIRONMENT VARIABLES ==
| |
| nmcli's behavior is affected by the following environment variables.
| |
| | |
| == LC_ALL ==
| |
| If set to a non-empty string value, it overrides the values of all the other internationalization variables.
| |
| | |
| == LC_MESSAGES ==
| |
| Determines the locale to be used for internationalized messages.
| |
| | |
| == LANG ==
| |
| Provides a default value for the internationalization variables that are unset or null.
| |
| | |
| == NO_COLOR ==
| |
| Default to not producing colored and paged output. The --colors option, if used, takes precedence.
| |
| | |
| == PAGER ==
| |
| Filter to pipe the output through if it doesn't fit on a screen. Can be a file name of an executable or a shell command.
| |
| Empty string to disable the functionality.
| |
| | |
| Note that the pager command is expected to handle wide characters and ANSI escape sequences for changing colors (unless
| |
| they're disabled). nmcli sets up the environment variables LESS and LESSCHARSET appropriately for the less(1) pager,
| |
| other pagers may or may not need extra configuration.
| |
| | |
| If unspecified, pager(1), less(1) and more(1) will be tried (in that order).
| |
| | |
| == TERM ==
| |
| Terminal type. If dumb, nmcli will not use a pager or produce ANSI escape sequences for coloring.
| |
| | |
| Terminal types other than dumb are assumed to support ASCII escape sequences for setting the output color.
| |
| | |
| == INTERNATIONALIZATION NOTES ==
| |
| Be aware that nmcli is localized and that is why the output depends on your environment. This is important to realize
| |
| especially when you parse the output.
| |
| | |
| Call nmcli as LC_ALL=C nmcli to be sure the locale is set to C while executing in a script.
| |
| | |
| LC_ALL, LC_MESSAGES, LANG variables specify the LC_MESSAGES locale category (in that order), which determines the language
| |
| that nmcli uses for messages. The C locale is used if none of these variables are set, and this locale uses English
| |
| messages.
| |
| | |
| == EXIT STATUS ==
| |
| nmcli exits with status 0 if it succeeds, a value greater than 0 is returned if an error occurs.
| |
| | |
| 0
| |
| Success – indicates the operation succeeded.
| |
| | |
| 1
| |
| Unknown or unspecified error.
| |
| | |
| 2
| |
| Invalid user input, wrong nmcli invocation.
| |
| | |
| 3
| |
| Timeout expired (see --wait option).
| |
| | |
| 4
| |
| Connection activation failed.
| |
| | |
| 5
| |
| Connection deactivation failed.
| |
| | |
| 6
| |
| Disconnecting device failed.
| |
| | |
| 7
| |
| Connection deletion failed.
| |
| | |
| 8
| |
| NetworkManager is not running.
| |
| | |
| 10
| |
| Connection, device, or access point does not exist.
| |
| | |
| 65
| |
| When used with --complete-args option, a file name is expected to follow.
| |
| | |
| == EXAMPLES ==
| |
| This section presents various examples of nmcli usage. If you want even more, please refer to nmcli-examples(7) manual page.
| |
| | |
| nmcli -t -f RUNNING general
| |
| tells you whether NetworkManager is running or not.
| |
| | |
| nmcli -t -f STATE general
| |
| shows the overall status of NetworkManager.
| |
| | |
| nmcli radio wifi off
| |
| switches Wi-Fi off.
| |
| | |
| nmcli connection show
| |
| lists all connections NetworkManager has.
| |
| | |
| nmcli -p -m multiline -f all con show
| |
| shows all configured connections in multi-line mode.
| |
| | |
| nmcli connection show --active
| |
| lists all currently active connections.
| |
| | |
| nmcli -f name,autoconnect c s
| |
| shows all connection profile names and their auto-connect property.
| |
| | |
| nmcli -p connection show "My default em1"
| |
| shows details for "My default em1" connection profile.
| |
| | |
| nmcli --show-secrets connection show "My Home Wi-Fi"
| |
| shows details for "My Home Wi-Fi" connection profile with all passwords. Without --show-secrets option, secrets would
| |
| not be displayed.
| |
| | |
| nmcli -f active connection show "My default em1"
| |
| shows details for "My default em1" active connection, like IP, DHCP information, etc.
| |
| | |
| nmcli -f profile con s "My wired connection"
| |
| shows static configuration details of the connection profile with "My wired connection" name.
| |
| | |
| nmcli -p con up "My wired connection" ifname eth0
| |
| activates the connection profile with name "My wired connection" on interface eth0. The -p option makes nmcli show
| |
| progress of the activation.
| |
| | |
| nmcli con up 6b028a27-6dc9-4411-9886-e9ad1dd43761 ap 00:3A:98:7C:42:D3
| |
| connects the Wi-Fi connection with UUID 6b028a27-6dc9-4411-9886-e9ad1dd43761 to the AP with BSSID 00:3A:98:7C:42:D3.
| |
| | |
| nmcli device status
| |
| shows the status for all devices.
| |
| | |
| nmcli dev down em2
| |
| disconnects a connection on interface em2 and marks the device as unavailable for auto-connecting. As a result, no
| |
| connection will automatically be activated on the device until the device's 'autoconnect' is set to TRUE or the user
| |
| manually activates a connection.
| |
| | |
| nmcli -f GENERAL,WIFI-PROPERTIES dev show wlan0
| |
| shows details for wlan0 interface; only GENERAL and WIFI-PROPERTIES sections will be shown.
| |
| | |
| nmcli -f CONNECTIONS device show wlp3s0
| |
| shows all available connection profiles for your Wi-Fi interface wlp3s0.
| |
| | |
| nmcli dev wifi
| |
| lists available Wi-Fi access points known to NetworkManager.
| |
| | |
| nmcli dev wifi con "Cafe Hotspot 1" password caffeine name "My cafe"
| |
| creates a new connection named "My cafe" and then connects it to "Cafe Hotspot 1" SSID using password "caffeine". This
| |
| is mainly useful when connecting to "Cafe Hotspot 1" for the first time. Next time, it is better to use nmcli con up id
| |
| "My cafe" so that the existing connection profile can be used and no additional is created.
| |
| | |
| nmcli -s dev wifi hotspot con-name QuickHotspot
| |
| creates a hotspot profile and connects it. Prints the hotspot password the user should use to connect to the hotspot
| |
| from other devices.
| |
| | |
| nmcli dev modify em1 ipv4.method shared
| |
| starts IPv4 connection sharing using em1 device. The sharing will be active until the device is disconnected.
| |
|
| |
|
| nmcli dev modify em1 ipv6.address 2001:db8::a:bad:c0de
| | === Optionen === |
| temporarily adds an IP address to a device. The address will be removed when the same connection is activated again.
| | {| class="wikitable sortable options gnu" |
| | |- |
| | ! Unix !! GNU !! Parameter !! Beschreibung |
| | |- |
| | | || || || |
| | |- |
| | |} |
|
| |
|
| nmcli connection add type ethernet autoconnect no ifname eth0
| | === Parameter === |
| non-interactively adds an Ethernet connection tied to eth0 interface with automatic IP configuration (DHCP), and
| |
| disables the connection's autoconnect flag.
| |
|
| |
|
| nmcli c a ifname Maxipes-fik type vlan dev eth0 id 55
| | === Umgebungsvariablen === |
| non-interactively adds a VLAN connection with ID 55. The connection will use eth0 and the VLAN interface will be named
| |
| Maxipes-fik.
| |
|
| |
|
| nmcli c a ifname eth0 type ethernet ipv4.method disabled ipv6.method link-local
| | === Exit-Status === |
| non-interactively adds a connection that will use eth0 Ethernet interface and only have an IPv6 link-local address
| | {| class="wikitable options col1center" |
| configured.
| | |- |
| | ! Wert !! Beschreibung |
| | |- |
| | | 0 || Erfolg |
| | |- |
| | | >0 || Fehler |
| | |} |
|
| |
|
| nmcli connection edit ethernet-em1-2
| | == Anwendung == |
| edits existing "ethernet-em1-2" connection in the interactive editor.
| | <syntaxhighlight lang="bash" highlight="1" line copy> |
| | </syntaxhighlight> |
|
| |
|
| nmcli connection edit type ethernet con-name "yet another Ethernet connection"
| | === Problembehebung === |
| adds a new Ethernet connection in the interactive editor.
| |
|
| |
|
| nmcli con mod ethernet-2 connection.autoconnect no
| | == Konfiguration == |
| modifies 'autoconnect' property in the 'connection' setting of 'ethernet-2' connection.
| |
|
| |
|
| nmcli con mod "Home Wi-Fi" wifi.mtu 1350
| | === Dateien === |
| modifies 'mtu' property in the 'wifi' setting of 'Home Wi-Fi' connection.
| | {| class="wikitable options" |
| | |- |
| | ! Datei !! Beschreibung |
| | |- |
| | | || |
| | |- |
| | | || |
| | |} |
| | <noinclude> |
|
| |
|
| nmcli con mod em1-1 ipv4.method manual ipv4.addr "192.168.1.23/24 192.168.1.1, 10.10.1.5/8, 10.0.0.11"
| | == Anhang == |
| sets manual addressing and the addresses in em1-1 profile.
| | === Siehe auch === |
| | {{Special:PrefixIndex/{{BASEPAGENAME}}/}} |
|
| |
|
| nmcli con modify ABC +ipv4.dns 8.8.8.8
| | === Dokumentation === |
| appends a Google public DNS server to DNS servers in ABC profile.
| | ; Man-Page |
| | # [https://manpages.debian.org/stable/network-manager/nmcli.1.en.html nmcli(1)] |
|
| |
|
| nmcli con modify ABC -ipv4.addresses "192.168.100.25/24 192.168.1.1"
| | === Links === |
| removes the specified IP address from (static) profile ABC.
| | ==== Projekt ==== |
|
| |
|
| nmcli con import type openvpn file ~/Downloads/frootvpn.ovpn
| | ==== Weblinks ==== |
| imports an OpenVPN configuration to NetworkManager.
| |
|
| |
|
| nmcli con export corp-vpnc /home/joe/corpvpn.conf
| |
| exports NetworkManager VPN profile corp-vpnc as standard Cisco (vpnc) configuration.
| |
|
| |
|
| == NOTES ==
| | {{DEFAULTSORT:nmcli}} |
| nmcli accepts abbreviations, as long as they are a unique prefix in the set of possible options. As new options get added, | | {{DISPLAYTITLE:nmcli}} |
| these abbreviations are not guaranteed to stay unique. For scripting and long term compatibility it is therefore strongly
| |
| advised to spell out the full option names.
| |
|
| |
|
| == BUGS ==
| | [[Kategorie:NetworkManager]] |
| There are probably some bugs. If you find a bug, please report it to your distribution or upstream at
| |
| https://gitlab.freedesktop.org/NetworkManager/NetworkManager.
| |
|
| |
|
| == SEE ALSO ==
| | </noinclude> |
| nmcli-examples(7), nm-settings-nmcli(5), nm-online(1), NetworkManager(8), NetworkManager.conf(5), nm-applet(1), nm-
| |
| connection-editor(1), terminal-colors.d(5).
| |