.\" nmcli (1) manual page .\" .\" This is free documentation; you can redistribute it and/or .\" modify it under the terms of the GNU General Public License as .\" published by the Free Software Foundation; either version 2 of .\" the License, or (at your option) any later version. .\" .\" The GNU General Public License's references to "object code" .\" and "executables" are to be interpreted as the output of any .\" document formatting or typesetting system, including .\" intermediate and printed output. .\" .\" This manual is distributed in the hope that it will be useful, .\" but WITHOUT ANY WARRANTY; without even the implied warranty of .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the .\" GNU General Public License for more details. .\" .\" You should have received a copy of the GNU General Public Licence along .\" with this manual; if not, write to the Free Software Foundation, Inc., .\" 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. .\" .\" Copyright (C) 2010 - 2013 Red Hat, Inc. .\" .TH NMCLI "1" "13 April 2013" .SH NAME nmcli \- command\(hyline tool for controlling NetworkManager .SH SYNOPSIS .ad l .B nmcli .RI " [ " OPTIONS " ] " OBJECT " { " COMMAND " | " .BR help " } " .sp .IR OBJECT " := { " .BR general " | " networking " | " radio " | " connection " | " device .RI " }" .sp .IR OPTIONS " := { " .br \fB\-t\fR[\fIerse\fR] .br \fB\-p\fR[\fIretty\fR] .br \fB\-m\fR[\fImode\fR] tabular | multiline .br \fB\-f\fR[\fIields\fR] | all | common .br \fB\-e\fR[\fIscape\fR] yes | no .br \fB\-n\fR[\fIocheck\fR] .br \fB\-a\fR[\fIsk\fR] .br \fB\-w\fR[\fIait\fR] .br \fB\-v\fR[\fIersion\fR] .br \fB\-h\fR[\fIelp\fR] .br .RI "}" .SH DESCRIPTION .B nmcli is a command\(hyline tool for controlling NetworkManager and reporting on its status. It is not meant as a full replacement for \fInm\(hyapplet\fP or other similar clients but as a complementary utility to those programs. The main usage for \fInmcli\fP is on servers, headless machines or for power users who prefer the command line. .P Typical applications include: .IP \(em 4 Initscripts: ifup/ifdown can utilize NetworkManager via \fInmcli\fP instead of having to manage connections itself and possibly interfere with NetworkManager. .IP \(em 4 Servers, headless machines: No GUI is available; then \fInmcli\fP can be used to activate/deactivate connections. However, if a connection requires a secret in order to activate and if that secret is not stored at the system level, \fInmcli\fP will not be able to activate it; it is currently unable to supply the secrets to NetworkManager. .IP \(em 4 User sessions: \fInmcli\fP can be used to activate/deactivate connections from the command line, but a client with a secret agent (like \fInm\(hyapplet\fP) is needed for supplying secrets not stored at the system level. Keyring dialogs and password prompts may appear if this happens. .SS \fIOPTIONS\fP .TP .B \-t, \-\-terse Output is terse. This mode is designed and suitable for computer (script) processing. .TP .B \-p, \-\-pretty Output is pretty. This causes \fInmcli\fP to produce easily readable outputs for humans, i.e. values are aligned, headers are printed, etc. .TP .B \-m, \-\-mode tabular | multiline Switch between \fItabular\fP and \fImultiline\fP output. If omitted, default is \fItabular\fP for most commands. For the commands producing more structured information, that cannot be displayed on a single line, default is \fImultiline\fP. Currenly, they are: .br .nf 'nmcli connection show configured ' 'nmcli connection show active ' 'nmcli device show' .fi \fItabular\fP \(en Output is a table where each line describes a single entry. Columns define particular properties of the entry. .br \fImultiline\fP \(en Each entry comprises multiple lines, each property on its own line. The values are prefixed with the property name. .TP .B \-f, \-\-fields | all | common This option is used to specify what fields (column names) should be printed. Valid field names differ for specific commands. List available fields by providing an invalid value to the \fI\-\-fields\fP option. .br \fIall\fP is used to print all valid field values of the command. \fIcommon\fP is used to print common field values of the command. If omitted, default is \fIcommon\fP. The option is mandatory when \fI\-\-terse\fP is used. In this case, generic values \fIall\fP and \fIcommon\fP cannot be used. (This is to maintain compatibility when new fields are added in the future). .TP .B \-e, \-\-escape yes | no Whether to escape ':' and '\\' characters in terse tabular mode. The escape character is '\\'. If omitted, default is \fIyes\fP. .TP .B \-n, \-\-nocheck This option can be used to force \fInmcli\fP to skip checking \fInmcli\fP and \fINetworkManager\fP version compatibility. Use it with care, because using incompatible versions may produce incorrect results. .TP .B \-a, \-\-ask When using this option \fInmcli\fP will stop and ask for any missing required arguments, so do not use this option for non-interactive purposes like scripts. .TP .B \-w, \-\-wait This option sets a timeout \fInmcli\fP waits for finishing operations that \fINetworkManager\fP take longer time to complete, like e.g. connection activation. Specifying value of \fB0\fP instructs \fInmcli\fP not to wait and exit immediatelly with a success. Default value depends on the executed command. .TP .B \-v, \-\-version Show \fInmcli\fP version. .TP .B \-h, \-\-help Print help information. .SS \fIOBJECT\fP .TP .B general General NetworkManager status and operations .br Use this object to show NetworkManager status and permissions. You can also get and change NetworkManager logging level and domains. .TP .SS \fICOMMAND\fP := { status | permissions | logging } .sp .RS .TP .B status .br Show overall status of NetworkManager. This is the default action, when no additional command is provided for \fIgeneral\fP object. .TP .B permissions .br Show the permissions a caller has for various authenticated operations that NetworkManager provides, like enable/disable networking, changing Wi\(hyFi, WWAN, and WiMAX state, modifying connections, etc. .TP .B logging [level ] [domains ] .br Get and change \fINetworkManager\fP logging level and domains. Without any argument current logging level and domains are shown. In order to change logging state, provide \fIlevel\fP and/or \fIdomains\fP parameters. See \fBNetworkManager.conf\fP for available level and domain values. .RE .TP .B networking Get or set general networking state of NetworkManager .br Use this object to show NetworkManager networking status, or enable/disable networking. Disabling networking changes all devices to 'unmanaged' state. .TP .SS \fICOMMAND\fP := { [ on | off ] } .sp .RS .TP .B [ on | off ] .br Get networking\(hyenabled status or enable/disable networking by NetworkManager. All interfaces managed by NetworkManager are deactivated when networking has been disabled. .RE .TP .B radio Get or set radio switches state .br Use this object to show radio switches status, or enable/disable the switches. .TP .SS \fICOMMAND\fP := { all | wifi | wwan | wimax } .sp .RS .TP .B wifi [ on | off ] .br Show or set status of Wi\(hyFi in NetworkManager. If no arguments are supplied, Wi\(hyFi status is printed; \fIon\fP enables Wi\(hyFi; \fIoff\fP disables Wi\(hyFi. .TP .B wwan [ on | off ] .br Show or set status of WWAN (mobile broadband) in NetworkManager. If no arguments are supplied, mobile broadband status is printed; \fIon\fP enables mobile broadband, \fIoff\fP disables it. .TP .B wimax [ on | off ] .br Show or set status of WiMAX in NetworkManager. If no arguments are supplied, WiMAX status is printed; \fIon\fP enables WiMAX; \fIoff\fP disables WiMAX. .br Note: WiMAX support is a compile\(hytime decision, so it may be unavailable on some installations. .TP .B all [ on | off ] .br Show or set all previously mentioned radio switches at the same time. .RE .TP .B connection NetworkManager connections .br Get information about \fINetworkManager\fP connections and manage them. .TP .SS \fICOMMAND\fP := { show | up | down | add | delete } .sp .RS .TP .B show active [[ id | uuid | path | apath ] ] .br Shows active connections. Without a parameter, all active connections are listed. In order to show the connection details, \fI\fP must be provided. \fIid\fP, \fIuuid\fP, \fIpath\fP and \fIapath\fP keywords can be used if \fI\fP is ambiguous. .RS .PP Optional -specifying keywords are: .IP \fIid\fP 13 \(en the denotes a connection name .IP \fIuuid\fP 13 \(en the denotes a connection UUID .IP \fIpath\fP 13 \(en the denotes a D-Bus static connection path in the format of /org/freedesktop/NetworkManager/Settings/ or just .IP \fIapath\fP 13 \(en the denotes a D-Bus active connection path in the format of /org/freedesktop/NetworkManager/ActiveConnection/ or just .RE .TP .B show configured [[ id | uuid | path ] ] .br Shows configured connections. Without a parameter, all connections are listed. In order to show connection details, \fI\fP must be provided. \fIid\fP, \fIuuid\fP and \fIpath\fP keywords can be used if \fI\fP is ambiguous. See \fBshow active\fP above for the description of the keywords. .br When no command is given to the \fIconnection\fP object, the default action is 'nmcli connection show configured'. .TP .B up [ id | uuid | path ] [ifname ] [ap ] [nsp ] .br Activate a connection. The connection is identified by its name, UUID or D-Bus path. If is ambiguous, a keyword \fIid\fP, \fIuuid\fP or \fIpath\fP can be used. When requiring a particular device to activate the connection on, the \fIifname\fP option with interface name should be given. In case of a VPN connection, the \fIifname\fP option specify the device of the base connection. The \fIap\fP option specify what particular AP should be used in case of a Wi\(hyFi connection. .br If '--wait' option is not specified, the default timeout will be 90 seconds. .br See \fBshow active\fP above for the description of the -specifying keywords. .RS .PP Available options are: .IP \fIifname\fP 13 \(en interface that will be used for activation .IP \fIap\fP 13 \(en BSSID of the AP which the command should connect to (for Wi\(hyFi connections) .IP \fInsp\fP 13 \(en NSP (Network Service Provider) which the command should connect to (for WiMAX connections) .RE .TP .B down [ id | uuid | path | apath ] .br Deactivate a connection from a device without preventing the device from further auto-activation. .sp Be aware that this command only deactivates the specified connection, but doesn't prevent the device, the connection was on, from performing auto-activation. Thus, if the connection that was downed (or another compatible connection) has autoconnect flag set, it will be automatically started on the idling device again. .br In most cases you may want to use \fIdevice disconnect\fP command instead. .sp The connection is identified by its name, UUID or D-Bus path. If is ambiguous, a keyword \fIid\fP, \fIuuid\fP, \fIpath\fP or \fIapath\fP can be used. .br See \fBshow active\fP above for the description of the -specifying keywords. .TP .B add COMMON_OPTIONS TYPE_SPECIFIC_OPTIONS IP_OPTIONS .br Add a connection for NetworkManager. Arguments differ according to connection types, see bellow. .RS .TP .B COMMON_OPTIONS: .IP "\fItype \fP" 42 \(en connection type; see bellow \fBTYPE_SPECIFIC_OPTIONS\fP for allowed values; (mandatory) .IP "\fI[con-name ]\fP" 42 \(en connection name (when not provided a default name is generated: [-][-]) .IP "\fI[autoconnect yes|no]\fP" 42 \(en whether the connection can auto-connect or not .IP "\fI[ifname ]\fP" 42 \(en interface to bind the connection to .RE .RS .TP .B TYPE_SPECIFIC_OPTIONS: .TP .B ethernet: .IP "\fI[mac ]\fP" 42 \(en MAC address of the device this connection is locked to .IP "\fI[cloned-mac ]\fP" 42 \(en cloned MAC .IP "\fI[mtu ]\fP" 42 \(en MTU .RE .RS .TP .B wifi: .IP "\fI[mac ]\fP" 42 \(en MAC address of the device this connection is locked to .IP "\fI[cloned-mac ]\fP" 42 \(en cloned MAC .IP "\fI[mtu ]\fP" 42 \(en MAC .IP "\fI[ssid ]\fP" 42 \(en SSID .RE .RS .TP .B wimax: .IP "\fI[mac ]\fP" 42 \(en MAC address of the device this connection is locked to .IP "\fI[nsp ]\fP" 42 \(en Network Service Provider name .RE .RS .TP .B gsm: .IP "\fIapn \fP" 42 \(en APN - GSM Access Point Name .IP "\fI[user ]\fP" 42 \(en user name .IP "\fI[password ]\fP" 42 \(en password .RE .RS .TP .B cdma: .IP "\fI[user ]\fP" 42 \(en user name .IP "\fI[password ]\fP" 42 \(en password .RE .RS .TP .B infiniband: .IP "\fI[mac ]\fP" 42 \(en MAC address of the device this connection is locked to (InfiniBand MAC is 20 bytes) .IP "\fI[mtu ]\fP" 42 \(en MTU .IP "\fI[transport-mode ]\fP" 42 \(en InfiniBand transport mode .RE .RS .TP .B bluetooth: .IP "\fI[addr ]\fP" 42 \(en Bluetooth device address (MAC) .IP "\fI[bt-type panu|dun-gsm|dun-cdma]\fP" 42 \(en Bluetooth connection type .RE .RS .TP .B vlan: .IP "\fIdev ]\fP" 42 \(en VLAN ID .IP "\fI[flags ]\fP" 42 \(en flags .IP "\fI[ingress ]\fP" 42 \(en VLAN ingress priority mapping .IP "\fI[egress ]\fP" 42 \(en VLAN egress priority mapping .IP "\fI[mtu ]\fP" 42 \(en MTU .RE .RS .TP .B bond: .IP "\fI[mode balance-rr (0) | active-backup (1) | balance-xor (2) | broadcast (3) |\fP" .IP "\fI 802.3ad (4) | balance-tlb (5) | balance-alb (6)]\fP" 42 \(en bonding mode .IP "\fI[miimon ]\fP" 42 \(en miimon .IP "\fI[downdelay ]\fP" 42 \(en downdelay .IP "\fI[updelay ]\fP" 42 \(en updelay .IP "\fI[arp_interval ]\fP" 42 \(en ARP interval .IP "\fI[arp_ip_traget ]\fP" 42 \(en ARP IP target .RE .RS .TP .B bond-slave: .IP "\fImaster ]\fP" 42 \(en controls whether Spanning Tree Protocol (STP) is enabled for this bridge .IP "\fI[priority ]\fP" 42 \(en sets STP priority .IP "\fI[forward-delay <2-30>]\fP" 42 \(en STP forwarding delay, in seconds .IP "\fI[hello-time <1-10>]\fP" 42 \(en STP hello time, in seconds .IP "\fI[max-age <6-42>]\fP" 42 \(en STP maximum message age, in seconds .IP "\fI[ageing-time <0-1000000>]\fP" 42 \(en the ethernet MAC address aging time, in seconds .RE .RS .TP .B bridge-slave: .IP "\fImaster ]\fP" 42 \(en STP priority of this slave .IP "\fI[path-cost <1-65535>]\fP" 42 \(en STP port cost for destinations via this slave .IP "\fI[hairpin yes|no]\fP" 42 \(en 'hairpin mode' for the slave, which allows frames to be sent back out through the slave the frame was received on .RE .RS .TP .B vpn: .IP "\fIvpn-type vpnc|openvpn|pptp|openconnect|openswan\fP" 42 \(en VPN type .IP "\fI[user ]\fP" 42 \(en VPN username .RE .RS .TP .B olpc-mesh: .IP "\fI[ssid ]\fP" 42 \(en SSID .RE .RS .TP .B IP_OPTIONS: .IP "\fI[ip4 ] [gw4 ]\fP" 42 \(en IPv4 addresses .IP "\fI[ip6 ] [gw6 ]\fP" 42 \(en IPv6 addresses .RE .TP .B delete [ id | uuid | path ] .br Delete a configured connection. The connection to delete is identified by its name, UUID or D-Bus path. If is ambiguous, a keyword \fIid\fP, \fIuuid\fP or \fIpath\fP can be used. .br See \fBshow active\fP above for the description of the -specifying keywords. .RE .TP .B device NetworkManager devices .br Get information about devices and manage them. .TP .SS \fICOMMAND\fP := { status | show | disconnect | wifi | wimax } .sp .RS .TP .B status .br Print status of devices. .br This is the default action if no command is specified to \fIdevice\fP object. .TP .B show [] .br Show detailed information about devices. Without an argument, all devices are examined. To get information for a specific device, the interface name has to be provided. .TP .B disconnect .br Disconnect a device and prevent the device from automatically activating further connections without user/manual intervention. .br If '--wait' option is not specified, the default timeout will be 10 seconds. .TP .B wifi [list [ifname ] [bssid ]] .br List available Wi\(hyFi access points. The \fIifname\fP and \fIbssid\fP options can be used to list APs for a particular interface or with a specific BSSID, respectively. .TP .B wifi connect <(B)SSID> [password ] [wep\-key\-type key|phrase] [ifname ] [bssid ] [name ] [private yes|no] .br Connect to a Wi\(hyFi network specified by SSID or BSSID. The command creates a new connection and then activates it on a device. This is a command\(hyline counterpart of clicking an SSID in a GUI client. The command always creates a new connection and thus it is mainly useful for connecting to new Wi\(hyFi networks. If a connection for the network already exists, it's better to connect through it using \fInmcli con up id \fP. Note that only open, WEP and WPA\(hyPSK networks are supported at the moment. It is also supposed that IP configuration is obtained via DHCP. .br If '--wait' option is not specified, the default timeout will be 90 seconds. .RS .PP Available options are: .IP \fIpassword\fP 13 \(en password for secured networks (WEP or WPA) .IP \fIwep\-key\-type\fP 13 \(en type of WEP secret, either \fIkey\fP for ASCII/HEX key or \fIphrase\fP for passphrase .IP \fIifname\fP 13 \(en interface that will be used for activation .IP \fIbssid\fP 13 \(en if specified, the created connection will be restricted just for the BSSID .IP \fIname\fP 13 \(en if specified, the connection will use the name (else NM creates a name itself) .IP \fIprivate\fP 13 \(en if set to \fByes\fP, the connection will only be visible to the user who created it. Otherwise the connection is system\(hywide, which is default. .RE .TP .B wifi rescan [[ifname] ] .br Request that \fINetworkManager\fP immediately re-scan for available access points. NetworkManager scans Wi\(hyFi networks periodically, but in some cases it can be useful to start scanning manually (e.g. after resuming the computer). This command doesn't show the APs, use 'nmcli device wifi list' for that. .TP .B wimax [list [ifname ] [nsp ]] .br List available WiMAX NSP. The \fIifname\fP and \fInsp\fP options can be used to list networks for a particular interface or with a specific NSP, respectively. .SH ENVIRONMENT VARIABLES \fInmcli\fP's behavior is affected by the following environment variables. .IP "LC_ALL" 13 If set to a non\(hyempty string value, it overrides the values of all the other internationalization variables. .IP "LC_MESSAGES" 13 Determines the locale to be used for internationalized messages. .IP "LANG" 13 Provides a default value for the internationalization variables that are unset or null. .RE Internationalization notes: .br Be aware that \fInmcli\fP is localized and that's why the output depends on your environment. This is important to realize especially when you parse the output. .br Call \fInmcli\fP as \fBLC_ALL=C nmcli\fP to be sure the locale is set to "C" while executing in a script. \fBLC_ALL\fP, \fBLC_MESSAGES\fP, \fBLANG\fP variables specify the LC_MESSAGES locale category (in that order), which determines the language that \fInmcli\fP uses for messages. The "C" locale is used if none of these variables are set, and this locale uses English messages. .SH EXIT STATUS \fInmcli\fP exits with status 0 if it succeeds, a value greater than 0 is returned if an error occurs. .IP "0" 4 Success \(en indicates the operation succeeded .IP "1" 4 Unknown or unspecified error .IP "2" 4 Invalid user input, wrong \fInmcli\fP invocation .IP "3" 4 Timeout expired (see \fI\-\-wait\fP option) .IP "4" 4 Connection activation failed .IP "5" 4 Connection deactivation failed .IP "6" 4 Disconnecting device failed .IP "7" 4 Connection deletion failed .IP "8" 4 NetworkManager is not running .IP "9" 4 \fInmcli\fP and \fINetworkManager\fP versions mismatch .SH EXAMPLES .IP "\fB\f(CWnmcli \-t \-f RUNNING general\fP\fP" .IP tells you whether NetworkManager is running or not. .IP "\fB\f(CWnmcli \-t \-f STATE general\fP\fP" .IP shows the overall status of NetworkManager. .IP "\fB\f(CWnmcli radio wifi off\fP\fP" .IP switches Wi\(hyFi off. .IP "\fB\f(CWnmcli connection show configured\fP\fP" .IP lists all connections NetworkManager has. .IP "\fB\f(CWnmcli \-p \-m multiline \-f all con show c\fP\fP" .IP shows all configured connections in multiline mode. .IP "\fB\f(CWnmcli \-p connection show active\fP\fP" .IP lists all currently active connections. .IP "\fB\f(CWnmcli \-p connection show active \(dq\&My default em1\(dq\&\fP\fP" .IP shows details for "My default em1" active connection, like IP, DHCP information. .IP "\fB\f(CWnmcli \-f name,autoconnect c s c\fP\fP" .IP shows all connections' names and their autoconnect settings. .IP "\fB\f(CWnmcli con s c \(dq\&My wired connection\(dq\&\fP\fP" .IP shows all details of the connection with "My wired connection" name. .IP "\fB\f(CWnmcli \-p con up \(dq\&My wired connection\(dq\& ifname eth0\fP\fP" .IP activates the connection with name "My wired connection" on interface eth0. The \-p option makes nmcli show progress of the activation. .IP "\fB\f(CWnmcli con up 6b028a27\-6dc9\-4411\-9886\-e9ad1dd43761 ap 00:3A:98:7C:42:D3\fP\fP" .IP connects the Wi\(hyFi connection with UUID 6b028a27\-6dc9\-4411\-9886\-e9ad1dd43761 to the AP with BSSID 00:3A:98:7C:42:D3. .IP "\fB\f(CWnmcli device status\fP\fP" .IP shows the status for all devices. .IP "\fB\f(CWnmcli dev disconnect em2\fP\fP" .IP disconnects a connection on interface em2 and marks the device as unavailable for auto\(hyconnecting. That's why no connection will automatically be activated on the device until the device's "autoconnect" is set to TRUE or user manually activates a connection. .IP "\fB\f(CWnmcli \-f GENERAL,WIFI\-PROPERTIES dev show wlan0\fP\fP" .IP shows details for wlan0 interface; only GENERAL and WIFI\-PROPERTIES sections will be shown. .IP "\fB\f(CWnmcli dev wifi\fP\fP" .IP lists available Wi\(hyFi access points known to NetworkManager. .IP "\fB\f(CWnmcli dev wifi con \(dq\&Cafe Hotspot 1\(dq\& password caffeine name \(dq\&My cafe\(dq\&\fP\fP" .IP creates a new connection named "My cafe" and then connects it to "Cafe Hotspot 1" SSID using "caffeine" password. This is mainly useful when connecting to "Cafe Hotspot 1" for the first time. Next time, it is better to use 'nmcli con up id "My cafe"' so that the existing connection profile can be used and no additional is created. .IP "\fB\f(CWnmcli connection add type ethernet autoconnect no ifname eth0\fP\fP" .IP non-interactively adds an ethernet connection tied to eth0 interface with auto IP configuration (DHCP), and disables the connection's auto-connect flag. .IP "\fB\f(CWnmcli c a ifname maxipes\-fik type vlan dev eth0 id 55\fP\fP" .IP non-interactively adds a VLAN connection with ID 55. The connection will use eth0 and the VLAN interface will be named maxipes\(hyfik. .SH BUGS There are probably some bugs. If you find a bug, please report it to https://bugzilla.gnome.org/ \(em product \fINetworkManager\fP. .SH SEE ALSO .BR nm\-online (1), .BR NetworkManager (8), .BR NetworkManager.conf (5), .BR nm\-settings (5), .BR nm\-applet (1), .BR nm\-connection\-editor (1).