mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager
synced 2024-10-14 20:18:39 +00:00
56 lines
2.2 KiB
Plaintext
56 lines
2.2 KiB
Plaintext
# Example configuration snippet for NetworkManager to
|
|
# overwrite some default value for more privacy.
|
|
# Put it for example to /etc/NetworkManager/conf.d/30-anon.conf
|
|
#
|
|
# See man NetworkManager.conf(5) for how default values
|
|
# work. See man nm-settings(5) for the connection properties.
|
|
#
|
|
#
|
|
# This enables privacy setting by default. The defaults
|
|
# apply only to settings that do not explicitly configure
|
|
# a per-connection override.
|
|
# That means, if the connection profile has
|
|
#
|
|
# $ nmcli connection show "$CON_NAME" |
|
|
# grep '^\(connection.stable-id\|ipv6.addr-gen-mode\|ipv6.ip6-privacy\|802-11-wireless.cloned-mac-address\|802-11-wireless.mac-address-randomization\|802-3-ethernet.cloned-mac-address\)'
|
|
# connection.stable-id: --
|
|
# 802-3-ethernet.cloned-mac-address: --
|
|
# 802-11-wireless.cloned-mac-address: --
|
|
# 802-11-wireless.mac-address-randomization:default
|
|
# ipv6.ip6-privacy: -1 (unknown)
|
|
# ipv6.addr-gen-mode: stable-privacy
|
|
#
|
|
# then the default values are inherited and thus both the MAC
|
|
# address and the IPv6 host identifier are randomized.
|
|
# Also, ipv6 private addresses (RFC4941) are used in
|
|
# addition.
|
|
#
|
|
#
|
|
# For some profiles it can make sense to reuse the same stable-id
|
|
# (and thus MAC address and IPv6 host identifier) for the duration
|
|
# of the current boot, but still exclusive to the connection profile.
|
|
# Thus, explicitly set the stable-id like:
|
|
#
|
|
# $ nmcli connection modify "$CON_NAME" connection.stable-id '${CONNECTION}/${BOOT}'
|
|
#
|
|
# ... or keep it stable accross reboots, still distinct per profile:
|
|
#
|
|
# $ nmcli connection modify "$CON_NAME" connection.stable-id '${CONNECTION}'
|
|
#
|
|
# ... or use the same stable IDs for a bunch of profiles
|
|
#
|
|
# $ nmcli connection modify "$CON_NAME" connection.stable-id 'my-home-wifi yada yada'
|
|
#
|
|
# ... or use the same IDs for a bunch of profiles, but only for the current boot
|
|
#
|
|
# $ nmcli connection modify "$CON_NAME" connection.stable-id 'my-home-wifi yada yada/${BOOT}'
|
|
|
|
[device-anon]
|
|
wifi.scan-rand-mac-address=yes
|
|
|
|
[connection-anon]
|
|
connection.stable-id=${RANDOM}
|
|
ethernet.cloned-mac-address=stable
|
|
wifi.cloned-mac-address=stable
|
|
ipv6.ip6-privacy=2
|