Creating User-Defined Profiles

You can use the netcfg command to create user-defined profiles. The command can be used in either interactive mode or command-line mode. The netcfg command also supports the export of profile configuration information to an output file. For more information about command-line mode and interactive mode, see netcfg Command-Line Mode and netcfg Interactive Mode.

You can use the netcfg command to create user-defined profiles, if you have the Console User privileges. These privileges are automatically assigned to any user who is logged in to the system from /dev/console. Users who have the Network Autoconf Admin rights profile can also create and modify all types of reactive network (NWAM-managed) profiles and configuration objects. For more information, see Network Configuration Security and Authorizations.

You can create the following profiles and configuration objects:

Network configuration profiles (NCPs)
Location profiles
External network modifiers (ENMs)
Known wireless local area networks (Known WLANs)
Network configuration units (NCUs)

For information about profiles and configuration objects, see Network Profiles and Types.

Note - The Automatic and DefaultFixed NCPs and Location profiles are system-defined. Do not attempt to create these profiles by using the netcfg command.

The basic command syntax to create a profile from the command-line is as follows:

netcfg create [ -t template ] object-type [ class ] object-name

create

Creates an in-memory profile (or configuration object) of the specified type and name.

-t template

Specifies that the new profile be identical to template, where template is the name of an existing profile of the same type. If the -t option is not used, the new profile is created with default values.

object-type

Specifies the type of profile to be created.

You can specify one of the following values for the object-type option:

ncp
ncu
loc
enm
wlan

All profiles that are specified by the object-type option, with the exception of an ncu, must be created at the global scope before you can use the netcfg select command to select the particular object.

class

Specifies the class of profile that is specified by object-type. This parameter is only used for the ncu object type, and has two possible values, phys (for link NCUs) or ip (for interface NCUs).

object-name

Specifies the name of the user-defined profile. For an NCU, object-name is the name of the corresponding link or interface. For all the other profile types, object-name is any user-defined name.

Note - For the creation of NCPs, the class option is not required.

Optionally, you can use a copy of the Automatic NCP as your template, then make changes to that profile, as shown here:

$ netcfg> create -t Automatic ncp test

To create a Location profile with the name office, you would type the following command:

$ netcfg> create loc office

For information about the netcfg subcommands, see netcfg Subcommands.

Creating an NCP

Creating a profile in interactive mode results in a command prompt in one of the following scopes:

In the NCP scope, if an NCP is created
In the profile scope, if a Location profile, an ENM profile, or a Known WLAN profile is created

Creating an NCP or an NCU moves the focus into that object's scope, walking you through the default properties for the specified profile.

To interactively create an NCP, you begin by initiating a netcfg interactive session. Then, you use the create subcommand to create the new NCP. For example:

$ netcfg
netcfg> create ncp User
netcfg:ncp:User>

Creating NCUs for an NCP

The NCP is essentially a container that consists of a set of NCUs. All NCPs contain both link and interface NCUs. Link NCUs specify both the link configuration and link selection policy. Interface NCUs specify the interface configuration policy. If IP connectivity is required, both a link and an interface NCU are required. NCUs must be added or removed explicitly by using the netcfg command or by using the network administration GUI. For more information about adding and removing NCUs using the network administration GUI, see Editing Network Profiles.

The DefaultFixed NCP cannot be modified by using the netcfg command. You can use the ipadm and dladm commands to create, modify, or delete NCUs in the DefaultFixed NCP while the NCP is active. You can also use the ipadm and dladm commands to add NCU classes other than physical links and IP interfaces to reactive NCPs. The ipadm and dladm commands provide the capabilities to create and modify more complex link and interface classes.

For more information about the ipadm and dladm commands, see Chapter 3, Working With Datalinks, in Connecting Systems Using Fixed Network Configuration in Oracle Solaris 11.1 and Chapter 4, Working With IP Interfaces, in Connecting Systems Using Fixed Network Configuration in Oracle Solaris 11.1.

Note - You can add NCUs that do not correlate to any link that is currently installed on the system. Additionally, you can remove NCUs that map to a link that is currently installed on the system.

You can create NCUs by using the netcfg command in either interactive mode or command-line mode. Because creating an NCU involves several operations, it is easier and more efficient to create NCUs in interactive mode, rather than trying to construct a single-line command that creates the NCU and all of its properties. NCUs can be created when you initially create an NCP or afterward. The process of creating or modifying an NCU involves setting general NCU properties, as well as setting properties that specifically apply to each NCU type.

The properties that you are presented with during the process of creating NCUs for an NCP make the most sense based on the choices that you made during the creation of that particular NCP.

When you create an NCU interactively, netcfg walks you through each relevant property, displaying both the default value, where a default exists, and the possible values. Pressing Return without specifying a value applies the default value (or leaves the property empty if there is no default), or you can specify an alternate value. The properties that are displayed during the process of creating NCUs for an NCP are relevant based on the choices that you have already made. For example, if you choose dhcp for the ipv4-addrsrc property for an interface NCU, you are not prompted to specify a value for the ipv4-addr property.

The following table describes all of the NCU properties that you might specify when creating or modifying an NCU. Some properties apply to both NCU types. Other properties apply to either a link NCU or an interface NCU. For a complete description of all of the NCU properties, including rules and conditions that might apply when you specify these properties, see the netcfg(1M) man page.

Table 2-1 NCU Properties to Create or Modify an NCU

Property	Description	Possible Values	NCU Type
`type`	Specifies the NCU type, either link or interface.	`link` or interface	Link and interface
`class`	Specifies the NCU class.	`phys` (for link NCUs) or `ip` (for interface NCUs)	Link and interface
`parent`	Specifies the NCP to which this NCU belongs.	`parent-NCP`	Link and interface
`enabled`	Specifies whether the NCU is enabled or disabled. This property is read-only. It is changed indirectly when you use the `netadm` command or the network administration GUI to enable or disable the NCU.	`true` or `false`	Link and interface
`activation-mode`	Specifies the type of trigger for the automatic activation of the NCU.	`manual` or `prioritized` The default value is `manual`.	Link
`priority-group`	Specifies the group priority number.	`0` (for wired links) or `1` (for wireless links) For user-defined NCPs, different policies can be specified, for example, wireless link 1 is priority 1, wired link 1 is priority 2, and wired link 2 is priority 3. Note - A lower number indicates a higher priority.	Link
`priority-mode`	Specifies the mode that is used to determine the activation behavior for a priority group, if the `activation-mode` property is set to `prioritized`.	`exclusive`, `shared`, or `all` For the rules that apply when you specify these values, see the `netcfg`(1M) man page.	Link
`mac-address`	Specifies the MAC address that is assigned to this link. By default, the factory-assigned or the default MAC address is used for the link. A different value can be set here to override that selection.	A string containing a 48–bit MAC address
`autopush`	Identifies modules that are automatically pushed over the link when it is opened.	A list of strings (modules that are to be pushed over the link) For information, see the `autopush`(1M) man page.	Link
`mtu`	Is automatically set to the default MTU for the physical link. The value can be overridden by setting the property to a different value.	MTU size for the link	Link
`ip-version`	Specifies the version of IP to use. Multiple values can be assigned.	`ipv4` and `ipv6` The default value is `ipv4`, `ipv6`.	Interface
`ipv4-addrsrc`	Identifies the source of IPv4 addresses that are assigned to this NCU. Multiple values can be assigned.	`dhcp` and `static` The default value is `dhcp`.	Interface
`ipv6-addrsrc`	Identifies the source of IPv6 addresses assigned to this NCU. Multiple values can be assigned.	`dhcp`, `autoconf`, or `static` The default value is `dhcp`, `autoconf`.	Interface
`ipv4-addr`	Specifies one or more IPv4 addresses to be assigned to this NCU.	One or more IPv4 addresses to be assigned	Interface
`ipv6-addr`	Specifies one or more IPv6 addresses to be assigned to this NCU.	One or more IPv6 addresses to be assigned	Interface
`ipv4-default-route`	Specifies the default route for an IPv4 address.	An IPv4 address	Interface
`ipv6-default-route`	Specifies the default route for an IPv6 address.	An IPv6 address	Interface

How to Interactively Create an NCP With NCUs

The following procedure describes how to create an NCP and NCUs for the NCP in interactive mode.

Note - The “walk” process that the system network performs during the initial profile creation ensures that you are prompted for only those properties that are applicable, given the choices that you made previously.

Initiate an netcfg interactive session.
```
$ netcfg
netcfg>
```
Create the NCP.
```
netcfg> create ncp User
netcfg:ncp:User>
```
where ncp is the profile type and User is the profile name.
Creating the NCP automatically takes you into the NCP scope. If you were creating a location, an ENM, or a WLAN object, the command prompt would take you to that profile scope.

Note - Repeat Steps 3 and 4 until all of the required NCUs for the NCP are created.
Create the link and interface NCUs for the NCP.
1. To create the link NCU, type the following command:
```
netcfg:ncp:User> create ncu phys net0
Created ncu `net0', Walking properties ...
```
  where ncu is the object type, phys is the class, and net0 (for example purposes only) is the object name.
  Creating an NCU moves you into that object's scope and walks you through the default properties for the object.
  For information about NCU properties, see Table 2-1.
2. To create an interface NCU, type the following command:
```
netcfg:ncp:User> create ncu ip net0
Created ncu `net0'. walking properties ...
```
  where ncu is the object type, ip is the class, and net0 (for example purposes only) is the object name.
  Creating an NCU moves you into that object's scope and walks you through the default properties for the object.
  During the creation of an NCU, the class option is used to differentiate between the two types of NCUs. This option is especially valuable in situations where different NCU types share the same name. If the class option is omitted, it is much more difficult to distinguish NCUs that share the same name.
Add the appropriate properties for the NCU that you created.
During the creation of the NCU, or when setting property values for a specified NCU, use the verify subcommand to ensure that the changes that you made are correct.
```
netcfg:ncp:User:ncu:net0> verify
All properties verified
```
The verify subcommand verifies your configuration and notifies if any required values are missing. You can verify your changes by using the verify subcommand explicitly when creating or modifying a profile.
Commit the properties that you set for the NCU.
```
netcfg:ncp:User:ncu:net0> commit
committed changes.
```
The commit subcommand implicitly verifies your changes.
Alternatively, you can use the end subcommand to perform an implicit commit, which moves the interactive session up one level to the next higher scope. In this instance, if you have completed creating the NCP and adding NCUs to it, you can exit the interactive session directly from the NCP scope.
In interactive mode, changes are not saved to persistent storage until you commit them. When you use the commit subcommand, the entire profile is committed. To maintain the consistency of persistent storage, the commit operation also includes a verification step. If the verification fails, the commit operation also fails. If an implicit commit fails, you are given the option of ending or exiting the interactive session without committing the current changes. Alternatively, you can remain in the current scope and continue making changes to the profile.

Note - To cancel the changes that you made, use the cancel or the revert subcommand.
The cancel subcommand ends the current profile configuration without committing the current changes to persistent storage, then moves the interactive session up on level to the next higher scope. The revert subcommand undoes the changes that you made and rereads the previous configuration. When you use the revert subcommand, the interactive session remains in the same scope.
Use the list subcommand to display the NCP configuration.
When you are finished configuring the NCP, exit the interactive session.
```
netcfg:ncp:User> exit
```
Any time that you use the exit subcommand to end a netcfg interactive session, the current profile is verified and committed. If either the verification or the commit operation fails, an appropriate error message is issued, and you are given the opportunity to exit without committing the current changes. Alternatively, you can remain in the current scope and continue making changes to the profile.
Note - To exit the scope without exiting the netcfg interactive session, type the end subcommand:
```
netcfg:ncp:User> end
netcfg>
```

Example 2-1 Interactively Creating an NCP With NCUs

In the following example, an NCP and two NCUs (one link and one interface) are created.

$ netcfg
netcfg> create ncp User
netcfg:ncp:User> create ncu phys net0
Created ncu `net0', Walking properties ...
activation-mode (manual) [manual|prioritized]>
mac-address>
autopush>
mtu>
netcfg:ncp:User:ncu:net0> end
Committed changes
netcfg:ncp:User> create ncu ip net0
Created ncu `net0'. Walking properties ...
ip-version (ipv4,ipv6) [ipv4|ipv6]> ipv4
ipv4-addrsrc (dhcp) [dhcp|static]> dhcp
ipv4-default-route>
netcfg:ncp:User:ncu:net0> verify
All properties verified
netcfg:ncp:User:ncu:net0> end
Committed changes
netcfg:ncp:User> list
ncp:User
        management-type     reactive
NCUs:
        phys    net0
        ip      net0
netcfg:ncp:User> list ncu phys net0
ncu:net0
        type                    link
        class                   phys
        parent                  "User"
        activation-mode         manual
        enabled                 true
netcfg:ncp:User> list ncu ip net0
ncu:net0
        type                    interface
        class                   ip
        parent                  "User"
        enabled                 true
        ip-version              ipv4
        ipv4-addrsrc            dhcp
        netcfg:ncp:User> exit
$

In this example, because the value ipv4 is chosen, no prompt is displayed for the ipv6-addrsrc property, as this property is unused. Likewise, for the phys NCU, the default value (manual activation) for the priority-group property is accepted, so no other conditionally related properties are applied.

Example 2-2 Interactively Creating an NCU for an Existing NCP

To create an NCU for an existing NCP or to modify the properties of any existing profile, use the netcfg command with the select subcommand.

In the following example, an IP NCU is created for an existing NCP. The process of modifying an existing profile in interactive mode is similar to creating a profile. The difference between the following example and Example 2-1 is that in this example, the select subcommand is used instead of the create subcommand because the NCP already exists.

$ netcfg
netcfg> select ncp User
netcfg:ncp:User> list
ncp:User
        management-type    reactive
NCUs:
        phys   net0
netcfg:ncp:User> create ncu ip net0
Created ncu `net0'. Walking properties ...
ip-version (ipv4,ipv6) [ipv4|ipv6]> ipv4
ipv4-addrsrc (dhcp) [dhcp|static]> dhcp
ipv4-default-route>
netcfg:ncp:User:ncu:net0> end
Committed changes
netcfg:ncp:User> list
ncp:User
        management-type    reactive
NCUs:
        phys    net0
        ip      net0
netcfg:ncp:User> list ncu phys net0
ncu:net0
        type                    link
        class                   phys
        parent                  "User"
        activation-mode         manual
        enabled                 true
netcfg:ncp:User> list ncu ip net0
NCU:net0
        type                    interface
        class                   ip
        parent                  "User"
        enabled                 true
        ip-version              ipv4
        ipv4-addrsrc            dhcp
        netcfg:ncp:User> exit
$

Creating a Location Profile

A Location profile contains properties that define network configuration values that are not directly related to basic link and IP connectivity. Some examples include naming service and IP Filter settings that are applied together, when required. At any given time, one Location profile and one NCP must be active on the system.

There are system-defined locations and user-defined locations. System-defined locations are the default locations chosen by the network management daemon, nwamd, under certain conditions, for example, if you did not specify a location, or if no manually enabled locations are enabled, and none of the conditions of the conditionally enabled locations has been met. System-defined locations have a system activation mode. User-defined locations are configured to be manually or conditionally enabled, according to network conditions, for example, an IP address that is obtained by a network connection.

For information about manually activating (enabling) a Location profile, see Enabling and Disabling Profiles.

You can create locations by using the netcfg command in either interactive mode or command-line mode. When you create a Location profile, you must set the properties for the location by specifying values that define the particular configuration properties for that location. Location properties are categorized by group, where the group signifies a particular class of configuration preferences.

Location properties are also stored in a repository. When a particular Location profile is enabled, its properties are automatically applied to the running system. Creating or modifying Location profiles involves setting various properties that define how the profile is configured and setting properties that define when the profile should be enabled. The properties that you are presented with during the configuration process are based on the property values that you have already set.

The following table describes all of the location properties that can be specified. Note that location properties are categorized by group. For a complete description of all of the location properties, including any rules, conditions, and dependencies that might apply when you specify any of these properties, see the netcfg(1M) man page.

Table 2-2 Location Properties and Their Descriptions

Property Group and Description	Property Value and Description
Selection criteria Specifies the criteria for how and when a location is enabled or disabled.	`activation-mode` The possible values for the `activation-mode` property are `manual`, `conditional-any`, and `conditional-all`. `conditions` For information about the criteria and operations that can be used to construct the condition strings, see Table 1-1.
System domain Determines a host's domain name for direct use by the NIS naming service.	The `system-domain` property consists of the `default-domain` property. This property specifies the system-wide domain that is used for Remote Procedure Call (RPC) exchanges.
Name services information Specifies the naming service to use and the naming service switch configuration.	The following is a list of properties for the specified naming service: `domain-name` `nameservices` `nameservices-config-file` `dns-nameservice-configsrc` `dns-nameservice-domain` `dns-namservice-servers` `dns-nameservice-search` `dns-nameservice-sortlist` `dns-nameservice-options` `nis-nameservice-configsrc` `nis-namservice-servers` `ldap-nameservice-configsrc` `ldap-namservice-servers` For more information about these properties, see the “Location Properties” section in the `netcfg`(1M) man page.
NFSv4 domain Specifies the NFSv4 domain.	The value that is used for the system's `nfsmapid_domain` property. This value is used to set the `nfsmapid_domain` SMF property, as described in the `nfsmapid` man page, while the location is active. If this property is not set, the system's `nfsmapid_property` is cleared when the location is active. For more information, see the `nfsmapid`(1M) man page .
IP Filter configuration Specifies the parameters that are used for IP Filter configuration. For these properties, the paths to the appropriate `ipf` and `ipnat` files containing IP filter and NAT rules are specified.	`ipfilter-config-file` `ipfilter-v6-config-file` `ipnat-config-file` `ippool-config-file` If a configuration file is specified, the rules that are contained in the identified file are applied to the appropriate `ipfilter` subsystem.
Configuration files for IPsec Specifies which files to use for IPsec configuration.	`ike-config-file` `ipsecpolicy-config-file`

How to Interactively Create a Location Profile

The following procedure describes how to create a Location profile.

Note - The “walk” process that the reactive network performs during an initial profile creation only prompts you for those properties that are applicable, given the values that you entered previously.

For information about the netcfg subcommands, see netcfg Subcommands.

Initiate an netcfg interactive session.
```
$ netcfg
netcfg>
```
Create or select the location.
```
netcfg> create loc office
netcfg:loc:office>
```
In this example, the location office is created.
Creating the location automatically moves you to into the profile scope for this location.
Set the appropriate properties for the location.
For information about the location properties, see Table 2-2.

Display the profile configuration.

For example, the following output displays the properties for the location office:

netcfg:loc:office> list
LOC:office
    activation-mode              conditional-any
    conditions                   "ncu ip:wpi0 is active"
    enabled                      false
    nameservices                 dns
    nameservices-config-file     "/etc/nsswitch.dns"
    dns-nameservice-configsrc    dhcp
    ipfilter-config-file         "/export/home/test/wifi.ipf.conf"

Verify that the profile configuration is correct.
In the following example, the configuration for the location office is verified:
```
netcfg:loc:office> verify
All properties verified
```
The verify subcommand verifies your configuration and notifies if any required values are missing. You can verify your changes by using the verify subcommand explicitly when creating or modifying a profile.
When you complete the verification, commit the Location profile to persistent storage.
```
netcfg:loc:office> commit
Committed changes
```
The commit subcommand implicitly verifies your changes.
Alternatively, you can use the end subcommand to end the session, which also saves the profile configuration.
```
netcfg:loc:office> end
Committed changes
```
In interactive mode, changes are not saved to persistent storage until you commit them. When you use the commit subcommand, the entire profile is committed. To maintain the consistency of persistent storage, the commit operation also includes a verification step. If the verification fails, the commit operation also fails. If an implicit commit fails, you are given the option of ending or exiting the interactive session without committing the current changes. Alternatively, you can remain in the current scope and continue making changes to the profile.

Note - To cancel the changes that you made, use the cancel subcommand.
The cancel subcommand ends the current profile configuration without committing the current changes to persistent storage, then moves the interactive session up one level to the next higher scope.
Exit the interactive session.
```
netcfg> exit
$
```

Example 2-3 Interactively Creating a Location Profile

In the following example, a location named office is created.

$ netcfg
netcfg> create loc office
Created loc 'office'.  Walking properties ...
activation-mode (manual) [manual|conditional-any|conditional-all]> conditional-any
conditions> ncu ip:wpi0 is active
nameservices (dns) [dns|files|nis|ldap]> 
nameservices-config-file ("/etc/nsswitch.dns")> 
dns-nameservice-configsrc (dhcp) [manual|dhcp]> 
nfsv4-domain> 
ipfilter-config-file> /export/home/test/wifi.ipf.conf
ipfilter-v6-config-file> 
ipnat-config-file> 
ippool-config-file> 
ike-config-file> 
ipsecpolicy-config-file> 
netcfg:loc:office> list
LOC:office
    activation-mode              conditional-any
    conditions                   "ncu ip:wpi0 is active"
    enabled                      false
    nameservices                 dns
    nameservices-config-file     "/etc/nsswitch.dns"
    dns-nameservice-configsrc    dhcp
    ipfilter-config-file         "/export/home/test/wifi.ipf.conf"
netcfg:loc:office> verify
All properties verified
netcfg:loc:office> commit
Committed changes
netcfg:loc:office> end
netcfg> list
NCPs:
    DefaultFixed
    User
    Automatic
Locations:
    Automatic
    NoNet
    office
    DefaultFixed
WLANs:
    sunwifi
    ibahn
    gogoinflight
    admiralsclub
    hhonors
    sjcfreewifi
netcfg> exit
$

In this example, the following properties were specified for the office location:

The activation-mode property was set to conditional-any, which resulted in a command prompt that enabled the conditions for activation to be specified. For information about the criteria and operations that can be used to construct the condition strings, see Table 1-1.
The condition for activation was specified as: ncu ip:wpi0 is active.

Note - The conditions property was required because the conditional-any property was specified in the previous step. If, for example, the manual property had been specified, the conditions property would not be required.
The following default values were accepted by pressing Return:
- nameservices
- nameservices-config-file
- dns-nameservice-configsrc
- nfsv4-domain
For the ipfilter-config-file property, the /export/home/test/wifi.ipf.conf file was specified.
The following default values were accepted by pressing Return:
- ipfilter-v6-config-file
- ipnat-config-file
- ippool-config-file
- ike-config-file
- ipsecpolicy-config-file
The list subcommand was used to view the properties of the Location profile.
The verify subcommand was used to perform a verification of the configuration.
The commit subcommand was used to commit the changes to persistent storage.
The list subcommand was used again to ensure that the new location was created correctly and that it contains the correct information.
The exit subcommand was used to exit the netcfg interactive session.

Creating an ENM Profile

ENMs enable you to specify when applications or scripts, for example, a VPN application, should perform their own network configuration external to the configuration specified in the NCP and Location profiles. For more information about ENMs, see Description of an ENM.

Note - The system does not automatically recognize an application for which you might create an ENM. These applications must first be installed and then configured on your system before you can use the netcfg command to create an ENM for them.

To create an ENM, type the following command:

$ netcfg
netcfg> create enm my_enm
Created enm 'my_enm'.  Walking properties ...

where enm is the ENM profile and my_enm is the object name.

The process of creating the ENM takes you to the profile scope for the newly created ENM, and automatically begins a walk of the properties in the newly created ENM. From the profile scope, you can set properties for the ENM that dictate when and how the ENM is enabled, as well as other conditions, including the ENM's start and stop method.

For further instructions about specifying ENM properties, see the netcfg(1M) man page.

The following table describes the properties that you might specify when creating or modifying an ENM.

Table 2-3 ENM Properties and Descriptions

Property Name	Description	Possible Values
`activation-mode`	Mode that is used to determine activation of an ENM.	`conditional-any`, `conditional-all`, `manual`
`conditions`	If activation-mode is `conditional-any` or `conditional-all`, specifies the test to determine whether the ENM must be enabled.	A string or strings formatted as specified in the Table 1-1, if the property is used
`start`	(Optional) Absolute path to the script to be executed upon activation.	Path to script, if this property is used
`stop`	(Optional) Absolute path to the script to be executed upon deactivation.	Path to script, if this property is used
`fmri`	(Optional) FMRI (fault managed resource identifier) to be enabled upon ENM activation. Note - Either an FMRI or a start script must be specified. If an FMRI is specified, both the `start` and `stop` properties are ignored.	Path to script

How to Interactively Create an ENM Profile

The following procedure describes how to create an ENM profile by using test-enm as an example.

Initiate an netcfg interactive session.
```
$ netcfg
netcfg>
```

Create the ENM.

netcfg> create enm test-enm
Created enm 'test-enm'.  Walking properties ...
activation-mode (manual) [manual|conditional-any|conditional-all]>
fmri> svc:/application/test-enm:default
start>
stop>
netcfg:enm:test-enm>

Creating the ENM automatically moves you into the profile scope for this ENM and walks the properties. Then, set the fmri property.

For information about ENM properties, see Table 2-3.

Display the profile configuration.

netcfg:enm:test-enm> list
ENM:test-enm
    activation-mode     manual
    enabled             false
    fmri                "svc:/application/test-enm:default"
netcfg:enm:test-enm>

Verify that the profile configuration is correct.
```
netcfg:enm:test-enm> verify
All properties verified
```
The verify subcommand verifies your configuration and notifies if any required values are missing. You can verify your changes by using the verify subcommand explicitly when creating or modifying a profile.
When you complete the verification, commit the ENM profile to persistent storage.
```
netcfg:enm:test-enm> commit
Committed changes
```
The commit subcommand verifies the changes implicitly and then commits the changes.
Alternatively, you can use the end subcommand to end the session, which also saves the profile configuration.
```
netcfg:enm:test-enm> end
Committed changes
```

Example 2-4 Interactively Creating an ENM Profile

In the following example, an ENM named test-enm is created in interactive mode.

$ netcfg
netcfg> create enm test-enm
Created enm 'testenm'.  Walking properties ...
activation-mode (manual) [manual|conditional-any|conditional-all]> 
fmri> svc:/application/test-app:default
start> 
stop> 
netcfg:enm:test-enm> list
ENM:test-enm
    activation-mode     manual
    enabled             false
    fmri                "svc:/application/test-enm:default"
netcfg:enm:test-enm> verify
All properties verified
netcfg:enm:test-enm> end
Committed changes
netcfg> list
NCPs:
    DefaultFixed
    User
    Automatic
Locations:
    Automatic
    NoNet
    test-loc
    DefaultFixed
ENMs:
    test-enm
WLANs:
    sunwifi
    ibahn
    gogoinflight
    admiralsclub
    hhonors
    sjcfreewifi
netcfg> exit
$

In this example, an ENM named test-enm was created with the following property values:

The default value (manual) for the activation-mode property was accepted by pressing the Return key.
The SMF FMRI property svc:/application/test-enm:default was specified as the method to use for enabling and disabling the application.

Note that because an FMRI was specified, the start and stop method properties were bypassed.
The list subcommand was used to view the properties of the ENM.
The verify subcommand was used to ensure that the profile configuration is correct.
The end subcommand was used to implicitly save the configuration.
The end subcommand was used again to end the interactive session.

Creating a Known WLAN Profile

Known WLAN profiles store information about wireless networks, enabling NCPs to automatically configure wireless interfaces based on the configuration information of wireless networks that you connect to from your system. For more information about known WLANs, see Description of a Known WLAN.

To create a WLAN object, type the following command:

$ netcfg
netcfg> create wlan mywifi
Created wlan 'mywifi'.  Walking properties ...

where wlan is the WLAN object and mywifi is the object name.

The process of creating a WLAN object takes you to the profile scope for the newly created WLAN, and automatically begins a walk of the properties in the newly created WLAN. From here, you can set properties for the WLAN that define its configuration.

The following table describes the properties that you might specify when creating or modifying WLANs.

Table 2-4 Known WLAN Properties and Data Types

Known WLAN Property	Data Type for Property
`name`	ESSID (wireless network name).
`bssids`	Base Station IDs of WLANs that your system has connected to while connected to the specified WLAN.
`priority`	WLAN connection preference (lower values are preferred).
`keyslot`	Slot number (1–4) in which the WEP key is contained.
`keyname`	Name of the WLAN key that is created by using the `dladm create-secobj` command. For more information about the `dladm` command, see Chapter 3, Working With Datalinks, in Connecting Systems Using Fixed Network Configuration in Oracle Solaris 11.1.
`security-mode`	The type of encryption key in use. The type must be `none`, `wep`, or `wpa`.

How to Interactively Create a Known WLAN Profile

The following procedure describes how to create a known WLAN profile by using mywifi as an example.

Initiate an netcfg interactive session.
```
$ netcfg
netcfg>
```

Create the WLAN.

netcfg> create wlan mywifi
Created wlan 'mywifi'.  Walking properties ...
priority (0)> 100
bssids>
keyname> mywifi-key
keyslot>
security-mode [none|wep|wpa]> wpa
netcfg:wlan:mywifi>

Creating the WLAN automatically moves you into the profile scope for this WLAN and walks the properties.

For information about the known WLAN properties, see Table 2-4.

Display the profile configuration.

netcfg:wlan:mywifi> list known wlan:mywifi
    priority            100
    keyname             "mywifi-key"
    security-mode       wpa
netcfg:wlan:mywifi>

Verify that the profile configuration is correct.
```
netcfg:wlan:mywifi> verify
All properties verified
```
The verify subcommand verifies your configuration and notifies if any required values are missing. You can verify your changes by using the verify subcommand explicitly when creating or modifying a profile.
When you complete the verification, end the session.
```
netcfg:wlan:mywifi> end
Committed changes
```
The end subcommand ends the session and also saves the profile configuration.
Exit the interactive session.
```
netcfg> exit
```

Example 2-5 Interactively Creating a WLAN Profile

In the following example, a WLAN object named mywifi is created.

This example assumes that a secure object named mywifi-key, which contains the key that is specified by the keyname property for the WLAN mywifi, is created before adding the WLAN.

The priority number can change as other WLANs are added or removed. Note that no two WLANs can be assigned the same priority number. Lower numbers indicate a higher priority, in terms of which WLANs are preferred. In this example, the WLAN is assigned the priority number 100 to ensure that it has a lower priority than any other known WLANs.

When the list subcommand is used at the end of the procedure, the new WLAN is added to the bottom of the list, indicating that it has the lowest priority of all the existing known WLANs. If the WLAN was assigned a priority number of zero (0), which is the default, it would have been displayed at the top of the list, indicating the highest priority. Subsequently, the priority of all other existing WLANs would have shifted down in priority and would have been displayed in the list after the newly added WLAN.

$ netcfg
netcfg> create wlan mywifi
Created wlan 'mywifi'.  Walking properties ...
priority (0)> 100
bssids> 
keyname> mywifi-key
keyslot> 
security-mode [none|wep|wpa]> wpa
netcfg:wlan:mywifi> list
known wlan:mywifi
    priority            100
    keyname             "mywifi-key"
    security-mode       wpa
netcfg:wlan:mywifi> verify
All properties verified
netcfg:wlan:mywifi> end
Committed changes
netcfg> list
NCPs:
    DefaultFixed
    User
    Automatic
Locations:
    Automatic
    NoNet
    test-loc
    DefaultFixed
ENMs:
    test-enm
WLANs:
    sunwifi
    ibahn
    gogoinflight
    admiralsclub
    hhonors
    sjcfreewifi
    mywifi
netcfg> exit
$

Skip Navigation Links
Exit Print View
	Connecting Systems Using Reactive Network Configuration in Oracle Solaris 11.1 Oracle Solaris 11.1 Information Library