NetworkManager.conf(5)


NAME

   NetworkManager.conf - NetworkManager configuration file

SYNOPSIS

   /etc/NetworkManager/NetworkManager.conf,
   /etc/NetworkManager/conf.d/name.conf,
   /usr/lib/NetworkManager/conf.d/name.conf,
   /var/lib/NetworkManager/NetworkManager-intern.conf

DESCRIPTION

   NetworkManager.conf is the configuration file for NetworkManager. It is
   used to set up various aspects of NetworkManager's behavior. The
   location of the main file and configuration directories may be changed
   through use of the --config, --config-dir, --system-config-dir, and
   --intern-config argument for NetworkManager, respectively.

   If a default NetworkManager.conf is provided by your distribution's
   packages, you should not modify it, since your changes may get
   overwritten by package updates. Instead, you can add additional .conf
   files to the /etc/NetworkManager/conf.d directory. These will be read
   in order, with later files overriding earlier ones. Packages might
   install further configuration snippets to
   /usr/lib/NetworkManager/conf.d. This directory is parsed first, even
   before NetworkManager.conf. The loading of a file
   /usr/lib/NetworkManager/conf.d/name.conf can be prevented by adding a
   file /etc/NetworkManager/conf.d/name.conf. In this case, the file from
   the etc configuration shadows the file from the system configuration
   directory.

   NetworkManager can overwrite certain user configuration options via
   D-Bus or other internal operations. In this case it writes those
   changes to /var/lib/NetworkManager/NetworkManager-intern.conf. This
   file is not intended to be modified by the user, but it is read last
   and can shadow user configuration from NetworkManager.conf.

   Certain settings from the configuration can be reloaded at runtime
   either by sending SIGHUP signal or via D-Bus' Reload call.

FILE FORMAT

   The configuration file format is so-called key file (sort of ini-style
   format). It consists of sections (groups) of key-value pairs. Lines
   beginning with a '#' and blank lines are considered comments. Sections
   are started by a header line containing the section enclosed in '[' and
   ']', and ended implicitly by the start of the next section or the end
   of the file. Each key-value pair must be contained in a section.

   For keys that take a list of devices as their value, you can specify
   devices by their MAC addresses or interface names, or "*" to specify
   all devices. See the section called "Device List Format" below.

   Minimal system settings configuration file looks like this:

       [main]
       plugins=keyfile

   As an extension to the normal keyfile format, you can also append a
   value to a previously-set list-valued key by doing:

       plugins+=another-plugin
       plugins-=remove-me

MAIN SECTION

   plugins
       Lists system settings plugin names separated by ','. These plugins
       are used to read and write system-wide connections. When multiple
       plugins are specified, the connections are read from all listed
       plugins. When writing connections, the plugins will be asked to
       save the connection in the order listed here; if the first plugin
       cannot write out that connection type (or can't write out any
       connections) the next plugin is tried, etc. If none of the plugins
       can save the connection, an error is returned to the user.

       If NetworkManager defines a distro-specific network-configuration
       plugin for your system, then that will normally be listed here.
       (See below for the available plugins.) Note that the keyfile plugin
       is always appended to the end of this list (if it doesn't already
       appear earlier in the list), so if there is no distro-specific
       plugin for your system then you can leave this key unset and
       NetworkManager will fall back to using keyfile.

   monitor-connection-files
       Whether the configured settings plugin(s) should set up file
       monitors and immediately pick up changes made to connection files
       while NetworkManager is running. This is disabled by default;
       NetworkManager will only read the connection files at startup, and
       when explicitly requested via the ReloadConnections D-Bus call. If
       this key is set to 'true', then NetworkManager will reload
       connection files any time they changed. Automatic reloading is not
       advised because there are race conditions involved and it depends
       on the way how the editor updates the file. In some situations,
       NetworkManager might first delete and add the connection anew,
       instead of updating the existing one. Also, NetworkManager might
       pick up incomplete settings while the user is still editing the
       files.

   auth-polkit
       Whether the system uses PolicyKit for authorization. If false, all
       requests will be allowed. If true, non-root requests are authorized
       using PolicyKit. The default value is true.

   dhcp
       This key sets up what DHCP client NetworkManager will use. Allowed
       values are dhclient, dhcpcd, and internal. The dhclient and dhcpcd
       options require the indicated clients to be installed. The internal
       option uses a built-in DHCP client which is not currently as
       featureful as the external clients.

       If this key is missing, available DHCP clients are looked for in
       this order: dhclient, dhcpcd, internal.

   no-auto-default
       Specify devices for which NetworkManager shouldn't create default
       wired connection (Auto eth0). By default, NetworkManager creates a
       temporary wired connection for any Ethernet device that is managed
       and doesn't have a connection configured. List a device in this
       option to inhibit creating the default connection for the device.
       May have the special value * to apply to all devices.

       When the default wired connection is deleted or saved to a new
       persistent connection by a plugin, the device is added to a list in
       the file /var/run/NetworkManager/no-auto-default.state to prevent
       creating the default connection for that device again.

       See the section called "Device List Format" for the syntax how to
       specify a device.

       Example:

           no-auto-default=00:22:68:5c:5d:c4,00:1e:65:ff:aa:ee
           no-auto-default=eth0,eth1
           no-auto-default=*

   ignore-carrier
       This setting is deprecated for the per-device setting
       ignore-carrier which overwrites this setting if specified (See
       ???). Otherwise, it is a list of matches to specify for which
       device carrier should be ignored. See the section called "Device
       List Format" for the syntax how to specify a device.

   assume-ipv6ll-only
       Specify devices for which NetworkManager will try to generate a
       connection based on initial configuration when the device only has
       an IPv6 link-local address.

       See the section called "Device List Format" for the syntax how to
       specify a device.

   configure-and-quit
       When set to 'true', NetworkManager quits after performing initial
       network configuration but spawns small helpers to preserve DHCP
       leases and IPv6 addresses. This is useful in environments where
       network setup is more or less static or it is desirable to save
       process time but still handle some dynamic configurations. When
       this option is true, network configuration for WiFi, WWAN,
       Bluetooth, ADSL, and PPPoE interfaces cannot be preserved due to
       their use of external services, and these devices will be
       deconfigured when NetworkManager quits even though other
       interface's configuration may be preserved. Also, to preserve DHCP
       addresses the 'dhcp' option must be set to 'internal'. The default
       value of the 'configure-and-quit' option is 'false', meaning that
       NetworkManager will continue running after initial network
       configuration and continue responding to system and hardware
       events, D-Bus requests, and user commands.

   dns
       Set the DNS (resolv.conf) processing mode.

       default: NetworkManager will update resolv.conf to reflect the
       nameservers provided by currently active connections. This is the
       default if the key is not specified, unless the system is
       configured to use systemd-resolved; in this case the default is
       systemd-resolved

       dnsmasq: NetworkManager will run dnsmasq as a local caching
       nameserver, using a "split DNS" configuration if you are connected
       to a VPN, and then update resolv.conf to point to the local
       nameserver.

       unbound: NetworkManager will talk to unbound and dnssec-triggerd,
       providing a "split DNS" configuration with DNSSEC support. The
       /etc/resolv.conf will be managed by dnssec-trigger daemon.

       systemd-resolved: NetworkManager will push the DNS configuration to
       systemd-resolved

       none: NetworkManager will not modify resolv.conf. This implies
       rc-manager unmanaged

   rc-manager
       Set the resolv.conf management mode. The default value depends on
       NetworkManager build options, and this version of NetworkManager
       was build with a default of "symlink". Regardless of this setting,
       NetworkManager will always write resolv.conf to its runtime state
       directory.

       symlink: NetworkManager will symlink /etc/resolv.conf to its
       private resolv.conf file in the runtime state directory. If
       /etc/resolv.conf already is a symlink pointing to a different
       location, the file will not be modified. This allows the user to
       disable managing by pointing the link /etc/resolv.conf to somewhere
       else.

       file: NetworkManager will write /etc/resolv.conf as file. If it
       finds a symlink, it will follow the symlink and update the target
       instead.

       resolvconf: NetworkManager will run resolvconf to update the DNS
       configuration.

       netconfig: NetworkManager will run netconfig to update the DNS
       configuration.

       unmanaged: don't touch /etc/resolv.conf.

       none: deprecated alias for symlink.

   debug
       Comma separated list of options to aid debugging. This value will
       be combined with the environment variable NM_DEBUG. Currently the
       following values are supported:

       RLIMIT_CORE: set ulimit -c unlimited to write out core dumps.
       Beware, that a core dump can contain sensitive information such as
       passwords or configuration settings.

       fatal-warnings: set g_log_set_always_fatal() to core dump on
       warning messages from glib. This is equivalent to the
       --g-fatal-warnings command line option.

KEYFILE SECTION

   This section contains keyfile-plugin-specific options, and is normally
   only used when you are not using any other distro-specific plugin.

   hostname
       This key is deprecated and has no effect since the hostname is now
       stored in /etc/hostname or other system configuration files
       according to build options.

   path
       The location where keyfiles are read and stored. This defaults to
       "/etc/NetworkManager/conf.d".

   unmanaged-devices
       Set devices that should be ignored by NetworkManager.

       See the section called "Device List Format" for the syntax how to
       specify a device.

       Example:

           unmanaged-devices=interface-name:em4
           unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth2

IFUPDOWN SECTION

   This section contains ifupdown-specific options and thus only has
   effect when using the ifupdown plugin.

   managed
       If set to true, then interfaces listed in /etc/network/interfaces
       are managed by NetworkManager. If set to false, then any interface
       listed in /etc/network/interfaces will be ignored by
       NetworkManager. Remember that NetworkManager controls the default
       route, so because the interface is ignored, NetworkManager may
       assign the default route to some other interface.

       The default value is false.

LOGGING SECTION

   This section controls NetworkManager's logging. Any settings here are
   overridden by the --log-level and --log-domains command-line options.

   level
       The default logging verbosity level. One of OFF, ERR, WARN, INFO,
       DEBUG, TRACE. The ERR level logs only critical errors. WARN logs
       warnings that may reflect operation. INFO logs various
       informational messages that are useful for tracking state and
       operations. DEBUG enables verbose logging for debugging purposes.
       TRACE enables even more verbose logging then DEBUG level.
       Subsequent levels also log all messages from earlier levels; thus
       setting the log level to INFO also logs error and warning messages.

   domains
       The following log domains are available: PLATFORM, RFKILL, ETHER,
       WIFI, BT, MB, DHCP4, DHCP6, PPP, WIFI_SCAN, IP4, IP6, AUTOIP4, DNS,
       VPN, SHARING, SUPPLICANT, AGENTS, SETTINGS, SUSPEND, CORE, DEVICE,
       OLPC, WIMAX, INFINIBAND, FIREWALL, ADSL, BOND, VLAN, BRIDGE,
       DBUS_PROPS, TEAM, CONCHECK, DCB, DISPATCH, AUDIT, SYSTEMD,
       VPN_PLUGIN.

       In addition, these special domains can be used: NONE, ALL, DEFAULT,
       DHCP, IP.

       You can specify per-domain log level overrides by adding a colon
       and a log level to any domain. E.g., "WIFI:DEBUG,WIFI_SCAN:OFF".

       Domain descriptions:
           PLATFORM    : OS (platform) operations
           RFKILL      : RFKill subsystem operations
           ETHER       : Ethernet device operations
           WIFI        : Wi-Fi device operations
           BT          : Bluetooth operations
           MB          : Mobile broadband operations
           DHCP4       : DHCP for IPv4
           DHCP6       : DHCP for IPv6
           PPP         : Point-to-point protocol operations
           WIFI_SCAN   : Wi-Fi scanning operations
           IP4         : IPv4-related operations
           IP6         : IPv6-related operations
           AUTOIP4     : AutoIP operations
           DNS         : Domain Name System related operations
           VPN         : Virtual Private Network connections and
           operations
           SHARING     : Connection sharing
           SUPPLICANT  : WPA supplicant related operations
           AGENTS      : Secret agents operations and communication
           SETTINGS    : Settings/config service operations
           SUSPEND     : Suspend/resume
           CORE        : Core daemon and policy operations
           DEVICE      : Activation and general interface operations
           OLPC        : OLPC Mesh device operations
           WIMAX       : WiMAX device operations
           INFINIBAND  : InfiniBand device operations
           FIREWALL    : FirewallD related operations
           ADSL        : ADSL device operations
           BOND        : Bonding operations
           VLAN        : VLAN operations
           BRIDGE      : Bridging operations
           DBUS_PROPS  : D-Bus property changes
           TEAM        : Teaming operations
           CONCHECK    : Connectivity check
           DCB         : Data Center Bridging (DCB) operations
           DISPATCH    : Dispatcher scripts
           AUDIT       : Audit records
           SYSTEMD     : Messages from internal libsystemd
           VPN_PLUGIN  : logging messages from VPN plugins

           NONE        : when given by itself logging is disabled
           ALL         : all log domains
           DEFAULT     : default log domains
           DHCP        : shortcut for "DHCP4,DHCP6"
           IP          : shortcut for "IP4,IP6"

           HW          : deprecated alias for "PLATFORM"

       In general, the logfile should not contain passwords or private
       data. However, you are always advised to check the file before
       posting it online or attaching to a bug report.  VPN_PLUGIN is
       special as it might reveal private information of the VPN plugins
       with verbose levels. Therefore this domain will be excluded when
       setting ALL or DEFAULT to more verbose levels then INFO.

   backend
       The logging backend. Supported values are "debug", "syslog",
       "journal". "debug" uses syslog and logs to standard error. If
       NetworkManager is started in debug mode (--debug) this option is
       ignored and "debug" is always used. Otherwise, the default is
       "journal".

   audit
       Whether the audit records are delivered to auditd, the audit
       daemon. If false, audit records will be sent only to the
       NetworkManager logging system. If set to true, they will be also
       sent to auditd. The default value is false.

CONNECTION SECTION

   Specify default values for connections.

   Example:

       [connection]
       ipv6.ip6-privacy=0

   Supported Properties
   Not all properties can be overwritten, only the following properties
   are supported to have their default values configured (see nm-
   settings(5) for details). A default value is only consulted if the
   corresponding per-connection value explicitly allows for that.

   connection.autoconnect-slaves

   connection.lldp

   ethernet.cloned-mac-address
       If left unspecified, it defaults to "permanent".

   ethernet.generate-mac-address-mask

   ethernet.wake-on-lan

   ipv4.dad-timeout

   ipv4.dhcp-timeout
       If left unspecified, the default value for the interface type is
       used.

   ipv4.route-metric

   ipv6.ip6-privacy
       If ipv6.ip6-privacy is unset, use the content of
       "/proc/sys/net/ipv6/conf/default/use_tempaddr" as last fallback.

   ipv6.route-metric

   vpn.timeout
       If left unspecified, default value of 60 seconds is used.

   wifi.cloned-mac-address
       If left unspecified, it defaults to "permanent".

   wifi.generate-mac-address-mask

   wifi.mac-address-randomization
       If left unspecified, MAC address randomization is disabled. This
       setting is deprecated for wifi.cloned-mac-address.

   wifi.powersave
       If left unspecified, the default value "ignore" will be used.

   Sections
   You can configure multiple connection sections, by having different
   sections with a name that all start with "connection". Example:

       [connection]
       ipv6.ip6-privacy=0
       connection.autoconnect-slaves=1
       vpn.timeout=120

       [connection-wifi-wlan0]
       match-device=interface-name:wlan0
       ipv4.route-metric=50

       [connection-wifi-other]
       match-device=type:wifi
       ipv4.route-metric=55
       ipv6.ip6-privacy=1

   The sections within one file are considered in order of appearance,
   with the exception that the [connection] section is always considered
   last. In the example above, this order is [connection-wifi-wlan0],
   [connection-wlan-other], and [connection]. When checking for a default
   configuration value, the sections are searched until the requested
   value is found. In the example above, "ipv4.route-metric" for wlan0
   interface is set to 50, and for all other Wi-Fi typed interfaces to 55.
   Also, Wi-Fi devices would have IPv6 private addresses enabled by
   default, but other devices would have it disabled. Note that also
   "wlan0" gets "ipv6.ip6-privacy=1", because although the section
   "[connection-wifi-wlan0]" matches the device, it does not contain that
   property and the search continues.

   When having different sections in multiple files, sections from files
   that are read later have higher priority. So within one file the
   priority of the sections is top-to-bottom. Across multiple files later
   definitions take precedence.

   The following properties further control how a connection section
   applies.

   match-device
       An optional device spec that restricts when the section applies.
       See the section called "Device List Format" for the possible
       values.

   stop-match
       An optional boolean value which defaults to no. If the section
       matches (based on match-device), further sections will not be
       considered even if the property in question is not present. In the
       example above, if [connection-wifi-wlan0] would have stop-match set
       to yes, the device wlan0 would have ipv6.ip6-privacy property
       unspecified. That is, the search for the property would not
       continue in the connection sections [connection-wifi-other] or
       [connection].

DEVICE SECTION

   Contains per-device persistent configuration.

   Example:

       [device]
       match-device=interface-name:eth3
       unmanaged=1

   Supported Properties
   The following properties can be configured per-device.

   ignore-carrier
       Specify devices for which NetworkManager will (partially) ignore
       the carrier state. Normally, for device types that support
       carrier-detect, such as Ethernet and InfiniBand, NetworkManager
       will only allow a connection to be activated on the device if
       carrier is present (ie, a cable is plugged in), and it will
       deactivate the device if carrier drops for more than a few seconds.

       A device with carrier ignored will allow activating connections on
       that device even when it does not have carrier, provided that the
       connection uses only statically-configured IP addresses.
       Additionally, it will allow any active connection (whether static
       or dynamic) to remain active on the device when carrier is lost.

       Note that the "carrier" property of NMDevices and device D-Bus
       interfaces will still reflect the actual device state; it's just
       that NetworkManager will not make use of that information.

       This setting overwrites the deprecated main.ignore-carrier setting
       above.

   wifi.scan-rand-mac-address
       Configures MAC address randomization of a Wi-Fi device during
       scanning. This defaults to yes in which case a random,
       locally-administered MAC address will be used. The setting
       wifi.scan-generate-mac-address-mask allows to influence the
       generated MAC address to use certain vendor OUIs. If disabled, the
       MAC address during scanning is left unchanged to whatever is
       configured. For the configured MAC address while the device is
       associated, see instead the per-connection setting
       wifi.cloned-mac-address.

   wifi.scan-generate-mac-address-mask
       Like the per-connection settings ethernet.generate-mac-address-mask
       and wifi.generate-mac-address-mask, this allows to configure the
       generated MAC addresses during scanning. See nm-settings(5) for
       details.

   Sections
   The [device] section works the same as the [connection] section. That
   is, multiple sections that all start with the prefix "device" can be
   specified. The settings "match-device" and "stop-match" are available
   to match a device section on a device. The order of multiple sections
   is also top-down within the file and later files overwrite previous
   settings. See the section called "Sections" for details.

CONNECTIVITY SECTION

   This section controls NetworkManager's optional connectivity checking
   functionality. This allows NetworkManager to detect whether or not the
   system can actually access the internet or whether it is behind a
   captive portal.

   uri
       The URI of a web page to periodically request when connectivity is
       being checked. This page should return the header
       "X-NetworkManager-Status" with a value of "online". Alternatively,
       it's body content should be set to "NetworkManager is online". The
       body content check can be controlled by the response option. If
       this option is blank or missing, connectivity checking is disabled.

   interval
       Specified in seconds; controls how often connectivity is checked
       when a network connection exists. If set to 0 connectivity checking
       is disabled. If missing, the default is 300 seconds.

   response
       If set controls what body content NetworkManager checks for when
       requesting the URI for connectivity checking. If missing, defaults
       to "NetworkManager is online"

GLOBAL-DNS SECTION

   This section specifies global DNS settings that override
   connection-specific configuration.

   searches
       A list of search domains to be used during hostname lookup.

   options
       A list of of options to be passed to the hostname resolver.

GLOBAL-DNS-DOMAIN SECTIONS

   Sections with a name starting with the "global-dns-domain-" prefix
   allow to define global DNS configuration for specific domains. The part
   of section name after "global-dns-domain-" specifies the domain name a
   section applies to. More specific domains have the precedence over less
   specific ones and the default domain is represented by the wildcard
   "*". A default domain section is mandatory.

   servers
       A list of addresses of DNS servers to be used for the given domain.

   options
       A list of domain-specific DNS options. Not used at the moment.

.CONFIG SECTIONS

   This is a special section that contains options which apply to the
   configuration file that contains the option.

   enable
       Defaults to "true". If "false", the configuration file will be
       skipped during loading. Note that the main configuration file
       NetworkManager.conf cannot be disabled.

           # always skip loading the config file
           [.config]
           enable=false

       You can also match against the version of NetworkManager. For
       example the following are valid configurations:

           # only load on version 1.0.6
           [.config]
           enable=nm-version:1.0.6

           # load on all versions 1.0.x, but not 1.2.x
           [.config]
           enable=nm-version:1.0

           # only load on versions >= 1.1.6. This does not match
           # with version 1.2.0 or 1.4.4. Only the last digit is considered.
           [.config]
           enable=nm-version-min:1.1.6

           # only load on versions >= 1.2. Contrary to the previous
           # example, this also matches with 1.2.0, 1.2.10, 1.4.4, etc.
           [.config]
           enable=nm-version-min:1.2

           # Match against the maximum allowed version. The example matches
           # versions 1.2.0, 1.2.2, 1.2.4. Again, only the last version digit
           # is allowed to be smaller. So this would not match match on 1.1.10.
           [.config]
           enable=nm-version-max:1.2.6

       You can also match against the value of the environment variable
       NM_CONFIG_ENABLE_TAG, like:

           # always skip loading the file when running NetworkManager with
           # environment variable "NM_CONFIG_ENABLE_TAG=TAG1"
           [.config]
           enable=env:TAG1

       More then one match can be specified. The configuration will be
       enabled if one of the predicates matches ("or"). The special prefix
       "except:" can be used to negate the match. Note that if one
       except-predicate matches, the entire configuration will be
       disabled. In other words, a except predicate always wins over other
       predicates.

           # enable the configuration either when the environment variable
           # is present or the version is at least 1.2.0.
           [.config]
           enable=env:TAG2,nm-version-min:1.2

           # enable the configuration for version >= 1.2.0, but disable
           # it when the environment variable is set to "TAG3"
           [.config]
           enable=except:env:TAG3,nm-version-min:1.2

           # enable the configuration on >= 1.3, >= 1.2.6, and >= 1.0.16.
           # Useful if a certain feature is only present since those releases.
           [.config]
           enable=nm-version-min:1.3,nm-version-min:1.2.6,nm-version-min:1.0.16

PLUGINS

   keyfile
       The keyfile plugin is the generic plugin that supports all the
       connection types and capabilities that NetworkManager has. It
       writes files out in an .ini-style format in
       /etc/NetworkManager/system-connections.

       The stored connection file may contain passwords and private keys,
       so it will be made readable only to root, and the plugin will
       ignore files that are readable or writable by any user or group
       other than root.

       This plugin is always active, and will automatically be used to
       store any connections that aren't supported by any other active
       plugin.

   ifcfg-rh
       This plugin is used on the Fedora and Red Hat Enterprise Linux
       distributions to read and write configuration from the standard
       /etc/sysconfig/network-scripts/ifcfg-* files. It currently supports
       reading Ethernet, Wi-Fi, InfiniBand, VLAN, Bond, Bridge, and Team
       connections. Enabling ifcfg-rh implicitly enables ibft plugin, if
       it is available. This can be disabled by adding no-ibft.

   ifcfg-suse
       This plugin is deprecated and its selection has no effect. The
       keyfile plugin should be used instead.

   ifupdown
       This plugin is used on the Debian and Ubuntu distributions, and
       reads Ethernet and Wi-Fi connections from /etc/network/interfaces.

       This plugin is read-only; any connections (of any type) added from
       within NetworkManager when you are using this plugin will be saved
       using the keyfile plugin instead.

   ibft, no-ibft
       This plugin allows to read iBFT configuration (iSCSI Boot Firmware
       Table). The configuration is read using /sbin/iscsiadm. Users are
       expected to configure iBFT connections via the firmware interfaces.
       If ibft support is available, it is automatically enabled after
       ifcfg-rh. This can be disabled by no-ibft. You can also explicitly
       specify ibft to load the plugin without ifcfg-rh or to change the
       plugin order.

       Note that ibft plugin uses /sbin/iscsiadm and thus requires
       CAP_SYS_ADMIN capability.

APPENDIX

   Device List Format
   The configuration options main.no-auto-default, main.ignore-carrier,
   keyfile.unmanaged-devices, connection*.match-device and
   device*.match-device select devices based on a list of matchings.
   Devices can be specified using the following format:

   *
       Matches every device.

   IFNAME
       Case sensitive match of interface name of the device. Globbing is
       not supported.

   HWADDR
       Match the permanent MAC address of the device. Globbing is not
       supported

   interface-name:IFNAME, interface-name:~IFNAME
       Case sensitive match of interface name of the device. Simple
       globbing is supported with * and ?. Ranges and escaping is not
       supported.

   interface-name:=IFNAME
       Case sensitive match of interface name of the device. Globbing is
       disabled and IFNAME is taken literally.

   mac:HWADDR
       Match the permanent MAC address of the device. Globbing is not
       supported

   s390-subchannels:HWADDR
       Match the device based on the subchannel address. Globbing is not
       supported

   type:TYPE
       Match the device type. Valid type names are as reported by "nmcli
       -f GENERAL.TYPE device show". Globbing is not supported.

   except:SPEC
       Negative match of a device.  SPEC must be explicitly qualified with
       a prefix such as interface-name:. A negative match has higher
       priority then the positive matches above.

   SPEC[,;]SPEC
       Multiple specs can be concatenated with commas or semicolons. The
       order does not matter as matches are either inclusive or negative
       (except:), with negative matches having higher priority.

       Backslash is supported to escape the separators ';' and ',', and to
       express special characters such as newline ('\n'), tabulator
       ('\t'), whitespace ('\s') and backslash ('\\'). The globbing of
       interface names cannot be escaped. Whitespace is not a separator
       but will be trimmed between two specs (unless escaped as '\s').

   Example:

       interface-name:em4
       mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth2
       interface-name:vboxnet*,except:interface-name:vboxnet2
       *,except:mac:00:22:68:1c:59:b1

SEE ALSO

   NetworkManager(8), nmcli(1), nmcli-examples(7), nm-online(1), nm-
   settings(5), nm-applet(1), nm-connection-editor(1)





Opportunity


Personal Opportunity - Free software gives you access to billions of dollars of software at no cost. Use this software for your business, personal use or to develop a profitable skill. Access to source code provides access to a level of capabilities/information that companies protect though copyrights. Open source is a core component of the Internet and it is available to you. Leverage the billions of dollars in resources and capabilities to build a career, establish a business or change the world. The potential is endless for those who understand the opportunity.

Business Opportunity - Goldman Sachs, IBM and countless large corporations are leveraging open source to reduce costs, develop products and increase their bottom lines. Learn what these companies know about open source and how open source can give you the advantage.





Free Software


Free Software provides computer programs and capabilities at no cost but more importantly, it provides the freedom to run, edit, contribute to, and share the software. The importance of free software is a matter of access, not price. Software at no cost is a benefit but ownership rights to the software and source code is far more significant.


Free Office Software - The Libre Office suite provides top desktop productivity tools for free. This includes, a word processor, spreadsheet, presentation engine, drawing and flowcharting, database and math applications. Libre Office is available for Linux or Windows.





Free Books


The Free Books Library is a collection of thousands of the most popular public domain books in an online readable format. The collection includes great classical literature and more recent works where the U.S. copyright has expired. These books are yours to read and use without restrictions.


Source Code - Want to change a program or know how it works? Open Source provides the source code for its programs so that anyone can use, modify or learn how to write those programs themselves. Visit the GNU source code repositories to download the source.





Education


Study at Harvard, Stanford or MIT - Open edX provides free online courses from Harvard, MIT, Columbia, UC Berkeley and other top Universities. Hundreds of courses for almost all major subjects and course levels. Open edx also offers some paid courses and selected certifications.


Linux Manual Pages - A man or manual page is a form of software documentation found on Linux/Unix operating systems. Topics covered include computer programs (including library and system calls), formal standards and conventions, and even abstract concepts.