man--nmcli
NMCLI(1) General Commands Manual NMCLI(1)
NAME
nmcli - command‐line tool for controlling NetworkManager
SYNOPSIS
nmcli [ OPTIONS ] OBJECT { COMMAND | help }
OBJECT := { general | networking | radio | connection | device | agent }
OPTIONS := {
-t[erse]
-p[retty]
-m[mode] tabular | multiline
-f[ields] | all | common
-e[scape] yes | no
-n[ocheck]
-a[sk]
-w[ait]
-v[ersion]
-h[elp]
}
DESCRIPTION
nmcli is a command‐line tool for controlling NetworkManager and reporting network status. It
can be utilized as a replacement for nm‐applet or other graphical clients. nmcli is used to
create, display, edit, delete, activate, and deactivate network connections, as well as con‐
trol and display network device status.
Typical uses include:
— Scripts: utilize NetworkManager via nmcli instead of managing network connections manu‐
ally. nmcli supports a terse output format which is better suited for script processing.
Note that NetworkManager can also execute scripts, called "dispatcher scripts", in
response to network events. See NetworkManager for details about these dispatcher scripts.
— Servers, headless machines, and terminals: nmcli can be used to control NetworkManager
without a GUI, including creating, editing, starting and stopping network connections and
viewing network status.
OPTIONS
-t, --terse
Output is terse. This mode is designed and suitable for computer (script) processing.
-p, --pretty
Output is pretty. This causes nmcli to produce easily readable outputs for humans, i.e.
values are aligned, headers are printed, etc.
-m, --mode tabular | multiline
Switch between tabular and multiline output. If omitted, default is tabular for most
commands. For the commands producing more structured information, that cannot be dis‐
played on a single line, default is multiline. Currently, they are:
'nmcli connection show '
'nmcli device show'
tabular – Output is a table where each line describes a single entry. Columns define
particular properties of the entry.
multiline – Each entry comprises multiple lines, each property on its own line. The
values are prefixed with the property name.
-f, --fields | all | common
This option is used to specify what fields (column names) should be printed. Valid
field names differ for specific commands. List available fields by providing an invalid
value to the --fields option.
all is used to print all valid field values of the command. common is used to print
common field values of the command. If omitted, default is common. The option is
mandatory when --terse is used. In this case, generic values all and common cannot be
used. (This is to maintain compatibility when new fields are added in the future).
-e, --escape yes | no
Whether to escape ':' and '\' characters in terse tabular mode. The escape character
is '\'. If omitted, default is yes.
-n, --nocheck
This option can be used to force nmcli to skip checking nmcli and NetworkManager ver‐
sion compatibility. Use it with care, because using incompatible versions may produce
incorrect results.
-a, --ask
When using this option nmcli will stop and ask for any missing required arguments, so
do not use this option for non-interactive purposes like scripts. This option con‐
trols, for example, whether you will be prompted for a password if it is required for
connecting to a network.
-w, --wait
This option sets a timeout period for which nmcli will wait for NetworkManager to fin‐
ish operations. It is especially useful for commands that may take a longer time to
complete, e.g. connection activation. Specifying a value of 0 instructs nmcli not to
wait but to exit immediately with a status of success. The default value depends on the
executed command.
-v, --version
Show nmcli version.
-h, --help
Print help information.
OBJECT
general - general NetworkManager status and operations
Use this object to show NetworkManager status and permissions. You can also get and
change system hostname, as well as NetworkManager logging level and domains.
COMMAND := { status | hostname | permissions | logging }
status
Show overall status of NetworkManager. This is the default action, when no addi‐
tional command is provided for general object.
hostname []
Get and change system hostname. With no arguments, this prints currently config‐
ured hostname. When you pass a hostname, it will be handed over to NetworkMan‐
ager to be set as a new system hostname.
Note that the term system hostname may also be referred to as persistent or
static by other programs or tools. The hostname is stored in /etc/hostname file
in most distributions. For example, systemd-hostnamed service uses the term
static hostname and it only reads the /etc/hostname file when it starts.
permissions
Show the permissions a caller has for various authenticated operations that Net‐
workManager provides, like enable and disable networking, changing Wi‐Fi, WWAN,
and WiMAX state, modifying connections, etc.
logging [level ] [domains ]
Get and change NetworkManager logging level and domains. Without any argument
current logging level and domains are shown. In order to change logging state,
provide level and, or, domain parameters. See NetworkManager.conf for available
level and domain values.
networking - get or set general networking state of NetworkManager
Use this object to show NetworkManager networking status, or to enable and disable net‐
working. Disabling networking removes the configuration from all devices and changes
them to the 'unmanaged' state.
COMMAND := { [ on | off | connectivity ] }
[ on | off ]
Get networking‐enabled status or enable and disable networking by NetworkMan‐
ager. All interfaces managed by NetworkManager are deactivated when networking
has been disabled.
connectivity [check]
Get network connectivity state. The optional check argument tells NetworkMan‐
ager to re-check the connectivity, else the most recent known connectivity state
is displayed without re-checking.
Possible states are:
none – the host is not connected to any network
portal – the host is behind a captive portal and cannot reach the full Inter‐
net
limited – the host is connected to a network, but it has no access to the
Internet
full – the host is connected to a network and has full access to the Inter‐
net
unknown – the connectivity status cannot be found out
radio - get or set radio switch states
Use this object to show radio switches status, or enable and disable the switches.
COMMAND := { all | wifi | wwan | wimax }
wifi [ on | off ]
Show or set status of Wi‐Fi in NetworkManager. If no arguments are supplied, Wi‐
Fi status is printed; on enables Wi‐Fi; off disables Wi‐Fi.
wwan [ on | off ]
Show or set status of WWAN (mobile broadband) in NetworkManager. If no arguments
are supplied, mobile broadband status is printed; on enables mobile broadband,
off disables it.
wimax [ on | off ]
Show or set status of WiMAX in NetworkManager. If no arguments are supplied,
WiMAX status is printed; on enables WiMAX; off disables WiMAX. Note: WiMAX sup‐
port is a compile‐time decision, so it may be unavailable on some installations.
all [ on | off ]
Show or set all previously mentioned radio switches at the same time.
connection - start, stop, and manage network connections
NetworkManager stores all network configuration as connections, which are collections
of data (Layer2 details, IP addressing, etc.) that describe how to create or connect to
a network. A connection is active when a device uses that connection's configuration
to create or connect to a network. There may be multiple connections that apply to a
device, but only one of them can be active on that device at any given time. The addi‐
tional connections can be used to allow quick switching between different networks and
configurations.
Consider a machine which is usually connected to a DHCP-enabled network, but sometimes
connected to a testing network which uses static IP addressing. Instead of manually
reconfiguring eth0 each time the network is changed, the settings can be saved as two
connections which both apply to eth0, one for DHCP (called "default") and one with the
static addressing details (called "testing"). When connected to the DHCP-enabled net‐
work the user would run "nmcli con up default" , and when connected to the static net‐
work the user would run "nmcli con up testing".
COMMAND := { show | up | down | add | edit | modify | delete | reload | load }
show [--active]
List in-memory and on-disk connection profiles, some of which may also be active
if a device is using that connection profile. Without a parameter, all profiles
are listed. When --active option is specified, only the active profiles are
shown.
show [--active] [--show-secrets] [ id | uuid | path | apath ] ...
Show details for specified connections. By default, both static configuration
and active connection data are displayed. When --active option is specified,
only the active profiles are taken into account. When --show-secrets option is
specified, secrets associated with the profile will be revealed too. id, uuid,
path and apath keywords can be used if is ambiguous.
Optional -specifying keywords are:
id – the denotes a connection name
uuid – the denotes a connection UUID
path – the denotes a D-Bus static connection path in the format of
/org/freedesktop/NetworkManager/Settings/ or just
apath – the denotes a D-Bus active connection path in the format of
/org/freedesktop/NetworkManager/ActiveConnection/ or just
It is possible to filter the output using the global --fields option. Use the
following values:
profile – only shows static profile configuration
active – only shows active connection data (when the profile is active)
You can also specify particular fields. For static configuration, use setting
and property names as described in nm-settings(5) manual page. For active data
use GENERAL, IP4, DHCP4, IP6, DHCP6, VPN.
When no command is given to the connection object, the default action is 'nmcli
connection show'.
up [ id | uuid | path ] [ifname ] [ap ] [nsp ] [passwd ]
up ifname [ap ] [nsp ] [passwd ]
Activate a connection. The connection is identified by its name, UUID or D-Bus
path. If is ambiguous, a keyword id, uuid or path can be used. When
requiring a particular device to activate the connection on, the ifname option
with interface name should be given. If the is not given an ifname is
required, and NetworkManager will activate the best available connection for the
given ifname. In case of a VPN connection, the ifname option specifies the
device of the base connection. The ap option specify what particular AP should
be used in case of a Wi‐Fi connection.
If '--wait' option is not specified, the default timeout will be 90 seconds.
See connection show above for the description of the -specifying keywords.
Available options are:
ifname – interface that will be used for activation
ap – BSSID of the AP which the command should connect to (for
Wi‐Fi connections)
nsp – NSP (Network Service Provider) which the command should
connect to (for WiMAX connections)
passwd-file – some networks may require credentials during activation.
You can give these credentials using this option. Each line
of the file should contain one password in the form of
setting_name.property_name:the password
For example, for WPA Wi-Fi with PSK, the line would be
802-11-wireless-security.psk:secret12345
For 802.1X password, the line would be
802-1x.password:my 1X password
nmcli also accepts "wifi-sec" and "wifi" strings instead of
"802-11-wireless-security". When NetworkManager requires a
password and it is not given, nmcli will ask for it when run
with --ask. If --ask was not passed, NetworkManager can ask
another secret agent that may be running (typically a GUI
secret agent, such as nm-applet or gnome-shell).
down [ id | uuid | path | apath ] ...
Deactivate a connection from a device without preventing the device from further
auto-activation. Multiple connections can be passed to the command.
Be aware that this command deactivates the specified active connection, but the
device on which the connection was active, is still ready to connect and will
perform auto-activation by looking for a suitable connection that has the 'auto‐
connect' flag set. This includes the just deactivated connection. So if the con‐
nection is set to auto-connect, it will be automatically started on the discon‐
nected device again.
In most cases you may want to use device disconnect command instead.
The connection is identified by its name, UUID or D-Bus path. If is
ambiguous, a keyword id, uuid, path or apath can be used.
See connection show above for the description of the -specifying keywords.
If '--wait' option is not specified, the default timeout will be 10 seconds.
add COMMON_OPTIONS TYPE_SPECIFIC_OPTIONS IP_OPTIONS
Add a connection for NetworkManager. Arguments differ according to connection
types, see below.
COMMON_OPTIONS:
type – connection type; see below TYPE_SPE‐
CIFIC_OPTIONS for allowed values;
(mandatory)
ifname | "*" – interface to bind the connection to.
The connection will only be applicable
to this interface name. A special
value of "*" can be used for inter‐
face-independent connections. The
ifname argument is mandatory for all
connection types except bond, team,
bridge and vlan. Note: use quotes
around * to suppress shell expansion.
[con-name ] – connection name (when not provided a
default name is generated:
[-][-])
[autoconnect yes|no] – whether the connection profile can
be automatically activated (default:
yes)
[save yes|no] – whether the connection should be
persistent, i.e. NetworkManager should
store it on disk (default: yes)
TYPE_SPECIFIC_OPTIONS:
ethernet:
[mac ] – MAC address of the device this con‐
nection is locked to
[cloned-mac ] – cloned MAC
[mtu ] – MTU
wifi:
ssid – SSID
[mac ] – MAC address of the device this con‐
nection is locked to
[cloned-mac ] – cloned MAC
[mode infrastructure|ap|adhoc] – Wi-Fi network mode. If blank, infra‐
structure is assumed.
[mtu ] – MTU
wimax:
[mac ] – MAC address of the device this con‐
nection is locked to
[nsp ] – Network Service Provider name
pppoe:
username – PPPoE username
[password ] – Password for the PPPoE username
[service ] – PPPoE service name (if required by
concentrator)
[mtu ] – MTU
[mac ] – MAC address of the device this con‐
nection is locked to
gsm:
apn – APN - GSM Access Point Name
[user ] – user name
[password ] – password
cdma:
[user ] – user name
[password ] – password
infiniband:
[mac ] – MAC address of the device this con‐
nection is locked to (InfiniBand MAC
is 20 bytes)
[mtu ] – MTU
[transport-mode datagram | connected] – InfiniBand transport mode
[parent ] – the interface name of the parent
device (if any)
[p-key ] – the InfiniBand P_Key (16-bit
unsigned integer)
bluetooth:
[addr ] – Bluetooth device address (MAC)
[bt-type panu|dun-gsm|dun-cdma] – Bluetooth connection type
vlan:
dev
– parent device this VLAN is on
id – VLAN ID in range <0-4095>
[flags ] – flags
[ingress ] – VLAN ingress priority mapping
[egress ] – VLAN egress priority mapping
[mtu ] – MTU
bond:
[mode balance-rr (0) | active-backup (1) | balance-xor (2) | broadcast (3) |
802.3ad (4) | balance-tlb (5) | balance-alb (6)]
– bonding mode (default: balance-rr)
[primary ] – primary interface name (for "active-
backup" mode)
[miimon ] – miimon (default: 100)
[downdelay ] – downdelay (default: 0)
[updelay ] – updelay (default: 0)
[arp-interval ] – ARP interval (default: 0)
[arp-ip-target ] – ARP IP target
bond-slave:
master
– master bond interface name, or con‐
nection UUID or ID of bond master con‐
nection profile. The value can be
prefixed with ifname/, uuid/ or id/ to
disambiguate it.
team:
[config |] – JSON configuration for team
team-slave:
master
– master team interface name, or con‐
nection UUID or ID of team master con‐
nection profile. The value can be
prefixed with ifname/, uuid/ or id/ to
disambiguate it.
[config |] – JSON configuration for team
bridge:
[stp yes|no] – controls whether Spanning Tree Pro‐
tocol (STP) is enabled for this bridge
(default: yes)
[priority ] – sets STP priority (default: 128)
[forward-delay <2-30>] – STP forwarding delay, in seconds
(default: 15)
[hello-time <1-10>] – STP hello time, in seconds (default:
2)
[max-age <6-42>] – STP maximum message age, in seconds
(default: 20)
[ageing-time <0-1000000>] – the Ethernet MAC address aging time,
in seconds (default: 300)
[mac ] – MAC address of the bridge (note:
this requires a recent kernel feature,
originally introduced in 3.15 upstream
kernel)
bridge-slave:
master
– master bridge interface name, or
connection UUID or ID of bridge master
connection profile. The value can be
prefixed with ifname/, uuid/ or id/ to
disambiguate it.
[priority <0-63>] – STP priority of this slave (default:
32)
[path-cost <1-65535>] – STP port cost for destinations via
this slave (default: 100)
[hairpin yes|no] – 'hairpin mode' for the slave, which
allows frames to be sent back out
through the slave the frame was
received on (default: yes)
vpn:
vpn-type vpnc|openvpn|pptp|openconnect|openswan|libreswan|ssh|l2tp|iodine|...
– VPN type
[user ] – VPN username
olpc-mesh:
ssid – SSID
[channel <1-13>] – channel to use for the network
[dhcp-anycast ] – anycast DHCP MAC address used when
requesting an IP address via DHCP
adsl:
username – ADSL user name
protocol pppoa|pppoe|ipoatm – ADSL protocol
[password ] – ADSL password
[encapsulation vcmux|llc] – ADSL encapsulation
IP_OPTIONS:
[ip4 ] [gw4 ] – IPv4 addresses
[ip6 ] [gw6 ] – IPv6 addresses
edit [id | uuid | path ] - edit an existing connection
edit [type ] [con-name ] - add a new connec‐
tion
Edit an existing connection or add a new one, using an interactive editor.
The existing connection is identified by its name, UUID or D-Bus path. If
is ambiguous, a keyword id, uuid, or path can be used. See connection show
above for the description of the -specifying keywords. Not providing an
means that a new connection will be added.
The interactive editor will guide you through the connection editing and allow
you to change connection parameters according to your needs by means of a simple
menu-driven interface. The editor indicates what settings and properties can be
modified and provides in-line help.
Available options:
type – type of the new connection; valid types are the same as for con‐
nection add command
con-name – name for the new connection. It can be changed later in the edi‐
tor.
See also nm-settings(5) for all NetworkManager settings and property names, and
their descriptions; and nmcli-examples(5) for sample editor sessions.
modify [--temporary] [ id | uuid | path ] [+|-].
[+|-]. ...
Modify one or more properties in the connection profile.
The connection is identified by its name, UUID or D-Bus path. If is ambigu‐
ous, a keyword id, uuid or path can be used. See nm-settings(5) for setting and
property names, their descriptions and default values. This command supports
abbreviations for setting name and property name provided they are unique. Empty
value ("") removes the property value (sets the property to the default value).
The provided value overwrites the existing property value.
If you want to append an item to the existing value, use + prefix for the prop‐
erty name. If you want to remove just one item from container-type property, use
- prefix for the property name and specify a value or an zero-based index of the
item to remove (or option name for properties with named options) as value. Of
course, +|- only have a real effect for multi-value (container) properties like
ipv4.dns, ipv4.addresses, bond.options, etc.
The changes to the connection profile will be saved persistently by NetworkMan‐
ager, unless --temporary option is provided, in which case the changes won't
persist over NetworkManager restart.
delete [ id | uuid | path ] ...
Delete a configured connection. The connection to be deleted is identified by
its name, UUID or D-Bus path. If is ambiguous, a keyword id, uuid or path
can be used.
See connection show above for the description of the -specifying keywords.
If '--wait' option is not specified, the default timeout will be 10 seconds.
reload
Reload all connection files from disk. NetworkManager does not monitor changes
to connection files by default. So you need to use this command in order to tell
NetworkManager to re-read the connection profiles from disk when a change was
made to them. However, the auto-loading feature can be enabled and then Network‐
Manager will reload connection files any time they change (monitor-connection-
files=true in NetworkManager.conf(5)).
load [...]
Load/reload one or more connection files from disk. Use this after manually
editing a connection file to ensure that NetworkManager is aware of its latest
state.
device - show and manage network interfaces
COMMAND := { status | show | connect | disconnect | delete | wifi | wimax }
status
Print status of devices.
This is the default action if no command is specified to device object.
show []
Show detailed information about devices. Without an argument, all devices are
examined. To get information for a specific device, the interface name has to be
provided.
connect
Connect the device. NetworkManager will try to find a suitable connection that
will be activated. It will also consider connections that are not set to auto
connect.
If '--wait' option is not specified, the default timeout will be 90 seconds.
disconnect ...
Disconnect a device and prevent the device from automatically activating further
connections without user/manual intervention. Note that disconnecting software
devices may mean that the devices will disappear.
If '--wait' option is not specified, the default timeout will be 10 seconds.
delete ...
Delete a device. The command removes the interface from the system. Note that
this only works for software devices like bonds, bridges, teams, etc. Hardware
devices (like Ethernet) cannot be deleted by the command.
If '--wait' option is not specified, the default timeout will be 10 seconds.
wifi [list [ifname ] [bssid ]]
List available Wi‐Fi access points. The ifname and bssid options can be used to
list APs for a particular interface or with a specific BSSID, respectively.
wifi connect <(b)ssid> [password ] [wep-key-type key|phrase] [ifname
] [bssid ] [name ]
[private yes|no] [hidden yes|no]
Connect to a Wi‐Fi network specified by SSID or BSSID. The command creates a new
connection and then activates it on a device. This is a command‐line counterpart
of clicking an SSID in a GUI client. The command always creates a new connection
and thus it is mainly useful for connecting to new Wi‐Fi networks. If a connec‐
tion for the network already exists, it is better to bring up (activate) the
existing connection as follows: nmcli con up id . Note that only open, WEP
and WPA‐PSK networks are supported at the moment. It is also supposed that IP
configuration is obtained via DHCP.
If '--wait' option is not specified, the default timeout will be 90 seconds.
Available options are:
password – password for secured networks (WEP or WPA)
wep-key-type – type of WEP secret, either key for ASCII/HEX key or phrase for
passphrase
ifname – interface that will be used for activation
bssid – if specified, the created connection will be restricted just for
the BSSID
name – if specified, the connection will use the name (else NM creates a
name itself)
private – if set to yes, the connection will only be visible to the user
who created it. Otherwise the connection is system‐wide, which is
the default.
hidden – set to yes when connecting for the first time to an AP not broad‐
casting its SSID. Otherwise the SSID would not be found and the
connection attempt would fail.
wifi rescan [ifname ] [[ssid ] ...]
Request that NetworkManager immediately re-scan for available access points.
NetworkManager scans Wi‐Fi networks periodically, but in some cases it can be
useful to start scanning manually (e.g. after resuming the computer). By using
ssid, it is possible to scan for a specific SSID, which is useful for APs with
hidden SSIDs. You can provide multiple ssid parameters in order to scan more
SSIDs.
This command does not show the APs, use 'nmcli device wifi list' for that.
wimax [list [ifname ] [nsp ]]
List available WiMAX NSP. The ifname and nsp options can be used to list net‐
works for a particular interface or with a specific NSP, respectively.
agent - run nmcli as a NetworkManager secret agent, or polkit agent
COMMAND := { secret | polkit | all }
secret
Register nmcli as a NetworkManager secret agent and listen for secret requests.
You do usually not need this command, because nmcli can handle secrets when con‐
necting to networks. However, you may find the command useful when you use
another tool for activating connections and you do not have a secret agent
available (like nm-applet).
polkit
Register nmcli as a polkit agent for the user session and listen for authoriza‐
tion requests. You do not usually need this command, because nmcli can handle
polkit actions related to NetworkManager operations (when run with --ask). How‐
ever, you may find the command useful when you want to run a simple text based
polkit agent and you do not have an agent of a desktop environment. Note that
running this command makes nmcli handle all polkit requests, not only Network‐
Manager related ones, because only one polkit agent can run for the session.
all
Runs nmcli as both NetworkManager secret and a polkit agent.
ENVIRONMENT VARIABLES
nmcli's behavior is affected by the following environment variables.
LC_ALL If set to a non‐empty string value, it overrides the values of all the other
internationalization variables.
LC_MESSAGES Determines the locale to be used for internationalized messages.
LANG Provides a default value for the internationalization variables that are unset or
null.
Internationalization notes:
Be aware that nmcli is localized and that is why the output depends on your environment. This
is important to realize especially when you parse the output.
Call nmcli as LC_ALL=C nmcli to be sure the locale is set to "C" while executing in a script.
LC_ALL, LC_MESSAGES, LANG variables specify the LC_MESSAGES locale category (in that order),
which determines the language that nmcli uses for messages. The "C" locale is used if none of
these variables are set, and this locale uses English messages.
EXIT STATUS
nmcli exits with status 0 if it succeeds, a value greater than 0 is returned if an error
occurs.
0 Success – indicates the operation succeeded
1 Unknown or unspecified error
2 Invalid user input, wrong nmcli invocation
3 Timeout expired (see --wait option)
4 Connection activation failed
5 Connection deactivation failed
6 Disconnecting device failed
7 Connection deletion failed
8 NetworkManager is not running
9 nmcli and NetworkManager versions mismatch
10 Connection, device, or access point does not exist.
EXAMPLES
This section presents various examples of nmcli usage. If you want even more, please refer to
nmcli-examples(5) manual page.
nmcli -t -f RUNNING general
tells you whether NetworkManager is running or not.
nmcli -t -f STATE general
shows the overall status of NetworkManager.
nmcli radio wifi off
switches Wi‐Fi off.
nmcli connection show
lists all connections NetworkManager has.
nmcli -p -m multiline -f all con show
shows all configured connections in multi-line mode.
nmcli connection show --active
lists all currently active connections.
nmcli -f name,autoconnect c s
shows all connection profile names and their auto-connect property.
nmcli -p connection show "My default em1"
shows details for "My default em1" connection profile.
nmcli connection show --show-secrets "My Home WiFi"
shows details for "My Home WiFi" connection profile with all passwords. Without
--show-secrets option, secrets would not be displayed.
nmcli -f active connection show "My default em1"
shows details for "My default em1" active connection, like IP, DHCP information, etc.
nmcli -f profile con s "My wired connection"
shows static configuration details of the connection profile with "My wired connection"
name.
nmcli -p con up "My wired connection" ifname eth0
activates the connection profile with name "My wired connection" on interface eth0.
The -p option makes nmcli show progress of the activation.
nmcli con up 6b028a27-6dc9-4411-9886-e9ad1dd43761 ap 00:3A:98:7C:42:D3
connects the Wi‐Fi connection with UUID 6b028a27-6dc9-4411-9886-e9ad1dd43761 to the AP
with BSSID 00:3A:98:7C:42:D3.
nmcli device status
shows the status for all devices.
nmcli dev disconnect em2
disconnects a connection on interface em2 and marks the device as unavailable for auto‐
connecting. As a result, no connection will automatically be activated on the device
until the device's 'autoconnect' is set to TRUE or the user manually activates a con‐
nection.
nmcli -f GENERAL,WIFI-PROPERTIES dev show wlan0
shows details for wlan0 interface; only GENERAL and WIFI-PROPERTIES sections will be
shown.
nmcli dev wifi
lists available Wi‐Fi access points known to NetworkManager.
nmcli dev wifi con "Cafe Hotspot 1" password caffeine name "My cafe"
creates a new connection named "My cafe" and then connects it to "Cafe Hotspot 1" SSID
using password "caffeine". This is mainly useful when connecting to "Cafe Hotspot 1"
for the first time. Next time, it is better to use 'nmcli con up id "My cafe"' so that
the existing connection profile can be used and no additional is created.
nmcli connection add type ethernet autoconnect no ifname eth0
non-interactively adds an Ethernet connection tied to eth0 interface with automatic IP
configuration (DHCP), and disables the connection's "autoconnect" flag.
nmcli c a ifname Maxipes‐fik type vlan dev eth0 id 55
non-interactively adds a VLAN connection with ID 55. The connection will use eth0 and
the VLAN interface will be named Maxipes‐fik.
nmcli connection edit ethernet-em1-2
edits existing "ethernet‐em1‐2" connection in the interactive editor.
nmcli connection edit type ethernet con-name "yet another Ethernet connection"
adds a new Ethernet connection in the interactive editor.
nmcli con mod ethernet-2 connection.autoconnect no
modifies 'autoconnect' property in the 'connection' setting of 'ethernet‐2' connection.
nmcli con mod "Home Wi-Fi" wifi.mtu 1350
modifies 'mtu' property in the 'wifi' setting of 'Home Wi‐Fi' connection.
nmcli con mod em1-1 ipv4.method manual ipv4.addr "192.168.1.23/24 192.168.1.1, 10.10.1.5/8,
10.0.0.11"
sets manual addressing and the addresses in em1-1 profile.
nmcli con modify ABC +ipv4.dns 8.8.8.8
appends a Google public DNS server to DNS servers in ABC profile.
nmcli con modify ABC -ipv4.addresses "192.168.100.25/24 192.168.1.1"
removes the specified IP address from (static) profile ABC.
NOTES
nmcli accepts abbreviations, as long as they are a unique prefix in the set of possible
options. As new options get added, these abbreviations are not guaranteed to stay unique. For
scripting and long term compatiblity it is therefore strongly advised to spell out the full
option names.
BUGS
There are probably some bugs. If you find a bug, please report it to
https://bugzilla.gnome.org/ — product NetworkManager.
SEE ALSO
nmcli-examples(5), nm-online(1), NetworkManager(8), NetworkManager.conf(5), nm-settings(5),
nm-applet(1), nm-connection-editor(1).
12 August 2015 NMCLI(1)
Manual page nmcli(1) line 929/962 (END) (press h for help or q to quit)