NetworkManager 运维教程 / 第 3 章:nmcli 命令行详解
第 3 章:nmcli 命令行详解
3.1 nmcli 基础
nmcli 是 NetworkManager 的官方命令行客户端,支持交互式和非交互式两种使用模式。
命令语法
nmcli [OPTIONS] OBJECT { COMMAND | help }
OBJECT(对象类型)
| 对象 | 缩写 | 说明 |
|---|
general | g | NM 总体状态和操作 |
networking | n | 网络连接开关 |
radio | r | WiFi/WWAN 射频开关 |
connection | c | 连接配置管理 |
device | d | 网络设备管理 |
agent | a | NetworkManager Secret Agent |
monitor | m | 实时监控状态变化 |
全局选项
# 颜色输出
nmcli --colors yes device status
# 禁用颜色(脚本中推荐)
nmcli --colors no device status
# 输出为表格(默认)
nmcli -t device status # terse 模式(适合 grep)
# 输出为紧凑表格
nmcli -f device status # fields 指定输出字段
# 输出为多行(每个字段一行)
nmcli -m multiline device status
# 指定输出字段
nmcli -f DEVICE,TYPE,STATE device status
# 查看所有字段
nmcli -f all device status
# 显示字段名(适合脚本解析)
nmcli -t -f DEVICE,TYPE,STATE device status
# 版本信息
nmcli --version
获取帮助
# 总体帮助
nmcli help
# 对象级帮助
nmcli device help
nmcli connection help
# 命令级帮助
nmcli connection add help
nmcli connection modify help
3.2 general — 总体状态管理
# 查看 NM 总体状态
nmcli general status
# STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN
# connected full enabled enabled enabled enabled
# 状态值说明:
# disconnected / connecting / connected (local) / connected (site) / connected (global)
# 查看主机名
nmcli general hostname
# 设置主机名
sudo nmcli general hostname myserver
# 查看日志级别
nmcli general logging
# 修改日志级别
sudo nmcli general logging level DEBUG domains WIFI
# 重载配置
nmcli general reload conf # 重载所有配置
nmcli connection reload # 重载连接配置
nmcli general reload dns # 重载 DNS
连接性检查
# NM 通过向预设的 URL 发送 HTTP 请求来检查网络连通性
# 默认检查以下地址(可配置):
# - http://ping.archlinux.org/nm-check
# - http://connectivity.fedoraproject.org
# - ...
# 查看连通性状态
nmcli networking connectivity
# full / limited / portal / none / unknown
# 详细检查
nmcli networking connectivity check
# 禁用连通性检查(服务器场景推荐)
sudo tee /etc/NetworkManager/conf.d/connectivity.conf << 'EOF'
[connectivity]
uri=
interval=0
EOF
sudo nmcli general reload conf
3.3 device — 设备管理
查看设备状态
# 列出所有网络设备
nmcli device status
# DEVICE TYPE STATE CONNECTION
# eth0 ethernet connected Wired connection 1
# wlan0 wifi disconnected --
# lo loopback unmanaged --
# 输出字段说明:
# DEVICE - 设备名称
# TYPE - 设备类型(ethernet, wifi, bridge, bond 等)
# STATE - 状态(connected, disconnected, unavailable, unmanaged)
# CONNECTION - 当前绑定的连接名
# 过滤特定字段
nmcli -t -f DEVICE,TYPE,STATE device status
# 只看已连接的设备
nmcli -t -f DEVICE,TYPE,STATE device status | grep connected
# 查看设备详细信息
nmcli device show eth0
# 示例输出:
# GENERAL.DEVICE: eth0
# GENERAL.TYPE: ethernet
# GENERAL.HWADDR: AA:BB:CC:DD:EE:FF
# GENERAL.MTU: 1500
# GENERAL.STATE: 100 (connected)
# GENERAL.CONNECTION: Wired connection 1
# IP4.ADDRESS[1]: 192.168.1.100/24
# IP4.GATEWAY: 192.168.1.1
# IP4.DNS[1]: 8.8.8.8
# IP6.ADDRESS[1]: fe80::a8bb:ccff:fedd:eeff/64
# 查看所有设备详细信息
nmcli -f all device show
设备操作
# 连接设备(使用已有的自动连接配置)
sudo nmcli device connect eth0
# 断开设备
sudo nmcli device disconnect eth0
# 重新应用连接配置(修改后不重启连接直接生效)
sudo nmcli device reapply eth0
# 修改设备的 managed 状态
sudo nmcli device set eth0 managed yes
sudo nmcli device set eth0 managed no
# WiFi 特有:扫描
sudo nmcli device wifi rescan
# WiFi:列出可用网络
nmcli device wifi list
# 示例输出:
# IN-USE BSSID SSID MODE CHAN RATE SIGNAL BARS SECURITY
# * AA:BB:CC:DD:EE:FF MyNetwork Infra 6 270 Mbit/s 85 ▂▄▆█ WPA2
# 11:22:33:44:55:66 GuestNetwork Infra 11 130 Mbit/s 60 ▂▄▆_ WPA2
设备状态机
理解设备状态对于排障非常重要:
┌──────────────┐
│ unmanaged │ ← NM 不管理此设备(udev 规则或配置)
└──────┬───────┘
│ set managed=yes
▼
┌──────────────┐
│ unavailable │ ← 设备未就绪(网线未插、WiFi 硬件关闭等)
└──────┬───────┘
│ 硬件就绪
▼
┌──────────────┐
│ disconnected │ ← 设备就绪但未连接
└──────┬───────┘
│ 激活连接
▼
┌──────────────┐
│ connected │ ← 已连接
└──────────────┘
3.4 connection — 连接管理
查看连接
# 列出所有连接
nmcli connection show
# NAME UUID TYPE DEVICE
# Wired connection 1 a1b2c3d4-e5f6-7890-abcd-ef1234567890 ethernet eth0
# MyWiFi b2c3d4e5-f6a7-8901-bcde-f12345678901 wifi wlan0
# VPN-Work c3d4e5f6-a7b8-9012-cdef-123456789012 openvpn --
# 只看活跃连接
nmcli connection show --active
# 查看连接详细信息
nmcli connection show "Wired connection 1"
# 查看连接的特定属性
nmcli connection show "Wired connection 1" | grep -i ipv4
# 按 UUID 查看
nmcli connection show a1b2c3d4-e5f6-7890-abcd-ef1234567890
# 过滤特定字段
nmcli -f connection.id,connection.type,ipv4.method connection show "Wired connection 1"
创建连接
# 创建 DHCP 以太网连接
nmcli connection add \
type ethernet \
con-name "Office-LAN" \
ifname eth0 \
ipv4.method auto \
ipv6.method auto
# 创建静态 IP 以太网连接
nmcli connection add \
type ethernet \
con-name "Server-LAN" \
ifname eth0 \
ipv4.method manual \
ipv4.addresses "192.168.1.100/24" \
ipv4.gateway "192.168.1.1" \
ipv4.dns "8.8.8.8,8.8.4.4" \
ipv6.method disabled
# 创建 WiFi 连接
nmcli connection add \
type wifi \
con-name "MyHomeWiFi" \
ifname wlan0 \
ssid "MyHomeNetwork" \
wifi-sec.key-mgmt wpa-psk \
wifi-sec.psk "MyPassword123" \
ipv4.method auto
# 创建桥接连接
nmcli connection add \
type bridge \
con-name "br0" \
ifname br0 \
ipv4.method manual \
ipv4.addresses "10.0.0.1/24"
# 创建 VLAN 连接
nmcli connection add \
type vlan \
con-name "vlan100" \
ifname eth0.100 \
vlan.parent eth0 \
vlan.id 100 \
ipv4.method manual \
ipv4.addresses "10.100.0.1/24"
修改连接
# 修改 IP 地址
nmcli connection modify "Server-LAN" \
ipv4.addresses "192.168.1.200/24"
# 修改 DNS
nmcli connection modify "Server-LAN" \
ipv4.dns "1.1.1.1,8.8.8.8"
# 添加额外的 DNS
nmcli connection modify "Server-LAN" \
+ipv4.dns "8.8.4.4"
# 移除 DNS
nmcli connection modify "Server-LAN" \
-ipv4.dns "8.8.4.4"
# 修改网关
nmcli connection modify "Server-LAN" \
ipv4.gateway "192.168.1.254"
# 切换为 DHCP
nmcli connection modify "Server-LAN" \
ipv4.method auto \
ipv4.addresses "" \
ipv4.gateway ""
# 修改连接名称
nmcli connection modify "Old Name" \
connection.id "New Name"
# 设置自动连接
nmcli connection modify "Server-LAN" \
connection.autoconnect yes
# 设置自动连接优先级(数值越大越优先)
nmcli connection modify "Wired connection 1" \
connection.autoconnect-priority 10
# 设置连接的接口名
nmcli connection modify "Server-LAN" \
connection.interface-name eth0
# 设置 MTU
nmcli connection modify "Server-LAN" \
ethernet.mtu 9000
# 修改路由
nmcli connection modify "Server-LAN" \
+ipv4.routes "10.0.0.0/8 192.168.1.254"
# 禁用 IPv6
nmcli connection modify "Server-LAN" \
ipv6.method disabled
激活与断开连接
# 激活连接
nmcli connection up "Server-LAN"
# 按 UUID 激活
nmcli connection up a1b2c3d4-e5f6-7890-abcd-ef1234567890
# 断开连接
nmcli connection down "Server-LAN"
# 重新激活(先断开再连接,等同于 up + down)
nmcli connection reload
nmcli connection up "Server-LAN"
# 删除连接
nmcli connection delete "Old-Connection"
# 按 UUID 删除
nmcli connection delete a1b2c3d4-e5f6-7890-abcd-ef1234567890
# 导出连接为文件(备份)
nmcli connection export "Server-LAN" > /tmp/server-lan.nmconnection
# 从文件导入连接
nmcli connection load /tmp/server-lan.nmconnection
# 克隆连接
nmcli connection clone "Server-LAN" "Server-LAN-Backup"
3.5 实用操作示例
快速切换网络环境
# 场景:在公司和家庭之间切换
# 创建公司连接(静态 IP)
nmcli connection add \
type ethernet \
con-name "Office" \
ifname eth0 \
ipv4.method manual \
ipv4.addresses "10.0.1.50/24" \
ipv4.gateway "10.0.1.1" \
ipv4.dns "10.0.1.1" \
connection.autoconnect-priority 10
# 创建家庭连接(DHCP)
nmcli connection add \
type ethernet \
con-name "Home" \
ifname eth0 \
ipv4.method auto \
connection.autoconnect-priority 5
# 切换到家庭网络
nmcli connection up "Home"
# 切换到公司网络
nmcli connection up "Office"
查看连接速率和统计
# 查看设备统计信息
nmcli device show eth0 | grep -i speed
nmcli device show eth0 | grep -i bitrate
# 实时监控设备状态
nmcli device monitor eth0
# 监控所有设备
nmcli monitor
批量操作脚本
#!/bin/bash
# 列出所有非活跃连接并输出信息
for conn in $(nmcli -t -f NAME connection show); do
active=$(nmcli -t -f NAME connection show --active | grep -c "^${conn}$")
if [ "$active" -eq 0 ]; then
echo "非活跃: $conn"
fi
done
# 获取所有连接的 DNS 配置
nmcli -t -f NAME connection show | while IFS= read -r name; do
echo "=== $name ==="
nmcli connection show "$name" | grep ipv4.dns:
done
3.6 nmcli 常用命令速查表
| 操作 | 命令 |
|---|
| 查看 NM 状态 | nmcli general status |
| 查看设备列表 | nmcli device status |
| 查看设备详情 | nmcli device show eth0 |
| 查看连接列表 | nmcli connection show |
| 查看活跃连接 | nmcli connection show --active |
| 创建 DHCP 连接 | nmcli connection add type ethernet con-name NAME ifname eth0 |
| 创建静态连接 | nmcli connection add type ethernet con-name NAME ifname eth0 ipv4.method manual ipv4.addresses IP |
| 修改 IP | nmcli connection modify NAME ipv4.addresses IP |
| 激活连接 | nmcli connection up NAME |
| 断开连接 | nmcli connection down NAME |
| 删除连接 | nmcli connection delete NAME |
| 重载配置 | nmcli connection reload |
| 查看 WiFi | nmcli device wifi list |
| 连接 WiFi | nmcli device wifi connect SSID password PASS |
| 网络开关 | nmcli networking on/off |
3.7 本章小结
| 要点 | 说明 |
|---|
| nmcli 对象 | general, networking, radio, connection, device, agent, monitor |
| 设备管理 | nmcli device status/show/connect/disconnect |
| 连接管理 | nmcli connection show/add/modify/delete/up/down |
| 输出控制 | -t terse, -f fields, -m multiline, --colors |
| 脚本友好 | 推荐使用 -t -f 组合获取结构化输出 |
| 修改生效 | modify 只改配置文件,up 重新激活才生效 |
扩展阅读