| EnableNetworkConfiguration |
Values: true, false Enable
network configuration. Setting this option to true enables
iwd to configure the network interfaces with the IP addresses.
There are two types IP addressing supported by iwd: static and
dynamic. The static IP addresses are configured through the network
configuration files. If no static IP configuration has been provided for a
network, iwd will attempt to obtain the dynamic addresses from the
network through the built-in DHCP client. This also enables network
configuration and the DHCP server when in AP mode and the AP profile being
activated does not override it. The network configuration feature is
disabled by default. See [Network] settings for additional settings
related to network configuration. |
| APRanges |
Values: <IP in prefix notation>
Sets the range of IP's used for DHCP server (AP mode). The IP should be in
prefix notation e.g. 192.168.1.0/24. AP's which are started in a
profile-less configuration will use this pool of IP's to set the AP's
interface address as well as default DHCP server options. Each AP will get
a new subnet from the range and clients will be addressed in that subnet
to avoid IP conflicts if multiple AP's are started. |
| UseDefaultInterface |
Values: true, false Do not
allow iwd to destroy / recreate wireless interfaces at startup,
including default interfaces. Enable this behavior if your wireless card
driver is buggy or does not allow such an operation, or if you do not want
iwd to manage netdevs for another reason. For most users with an
upstream driver it should be safe to omit/disable this setting. |
| AddressRandomization |
Values: disabled, once,
network If AddressRandomization is set to disabled, the
default kernel behavior is used. This means the kernel will assign a mac
address from the permanent mac address range provided by the hardware /
driver. Thus it is possible for networks to track the user by the mac
address which is permanent. If AddressRandomization is set to
once, MAC address is randomized a single time when iwd
starts or when the hardware is detected for the first time (due to
hotplug, etc.) If AddressRandomization is set to network,
the MAC address is randomized on each connection to a network. The MAC is
generated based on the SSID and permanent address of the adapter. This
allows the same MAC to be generated each time connecting to a given SSID
while still hiding the permanent address. |
| AddressRandomizationRange |
Values: full, nic One can
control which part of the address is randomized using this setting. When
using AddressRandomizationRange set to nic, only the NIC
specific octets (last 3 octets) are randomized. Note that the
randomization range is limited to 00:00:01 to 00:00:FE. The permanent mac
address of the card is used for the initial 3 octets. When using
AddressRandomizationRange set to full, all 6 octets of the
address are randomized. The locally-administered bit will be set. |
| RoamThreshold |
Value: rssi dBm value, from -100 to
1, default: -70 This value can be used to control how aggressively
iwd roams when connected to a 2.4Ghz access point. |
| RoamThreshold5G |
Value: rssi dBm value, from -100 to
1, default: -76 This value can be used to control how aggressively
iwd roams when connected to a 5GHz access point. |
| RoamRetryInterval |
Value: unsigned int value in seconds
(default: 60) Specifies how long iwd will wait before
attempting to roam again if the last roam attempt failed, or if the signal
of the newly connected BSS is still considered weak. |
| ManagementFrameProtection |
Values: 0, 1 or 2 When
ManagementFrameProtection is 0, MFP is completely turned
off, even if the hardware is capable. This setting is not recommended.
When ManagementFrameProtection is 1, MFP is enabled if the
local hardware and remote AP both support it. When
ManagementFrameProtection is 2, MFP is always required. This
can prevent successful connection establishment on some hardware or to
some networks. |
| ControlPortOverNL80211 |
Values: false, true
Enable/Disable sending EAPoL packets over NL80211. Enabled by default if
kernel support is available. Doing so sends all EAPoL traffic over
directly to the supplicant process (iwd) instead of putting these
on the Ethernet device. Since only the supplicant can usually make sense /
decrypt these packets, enabling this option can save some CPU cycles on
your system and avoids certain long-standing race conditions. |
| DisableANQP |
Values: false, true
Enable/disable ANQP queries. The way IWD does ANQP queries is dependent on
a recent kernel patch (available in Kernel 5.3). If your kernel does not
have this functionality this should be disabled (default). Some drivers
also do a terrible job of sending public action frames (freezing or
crashes) which is another reason why this has been turned off by default.
If you want to easily utilize Hotspot 2.0 networks, then setting
DisableANQP to false is recommended. |
| DisableOCV |
Value: false, true Disable
Operating Channel Validation. Support for this is not advertised by the
kernel so if kernels/drivers exist which don't support OCV it can be
disabled here. |