Config analysis & guided cleanup

Walks every iface block in /etc/network/interfaces and verifies that the underlying physical NIC still exists. Reports orphan blocks left behind by hardware changes and offers a guided removal with backup, preview and per-block confirmation.

What this does

Identifies iface declarations whose backing NIC is no longer present on the host (typical after replacing or removing a network card). Then offers a guided cleanup that removes only the orphan blocks, with a backup, a per-section preview and an explicit final confirmation.

How it differs from bridge analysis

Aspect	Bridge analysis	Config analysis
Looks at	Bridges (`vmbrX`) and their `bridge-ports` line	Every `iface` block (excluding loopback, bridges, bonds)
Detects	Bridges referencing a non-existent port	Standalone interface blocks for NICs that don't exist
Repair action	Replaces the port name in `bridge-ports`	Removes the entire `iface` block
Excludes	Nothing — every bridge is analyzed	Bridges (`vmbrX`) and bonds (`bondX`) are always kept, since they are virtual and "not existing" would be normal during boot

In practice you often run both, in this order: config analysis first to remove orphans, then bridge analysis to re-point any bridge that was relying on the now-removed interface.

Step 1: analysis (read-only)

Aborts immediately if the host is not on the classic stack. Otherwise lists every configured non-loopback interface and reports its status:

🔍 NETWORK CONFIGURATION ANALYSIS
==================================================

📋 CONFIGURED INTERFACES
==============================
🔌 Interface: enp3s0
   ❌ Status: NOT FOUND
   ⚠️  Issue: Configured but doesn't exist

🔌 Interface: eno1
   ✅ Status: EXISTS (UP)
   🌐 IP: 192.168.1.10/24
   ℹ️  Type: Physical interface

🔌 Interface: vmbr0
   ✅ Status: EXISTS (UP)
   🌐 IP: 192.168.1.10/24
   ℹ️  Type: Virtual interface (normal)

🔧 SUGGESTION FOR enp3s0:
   This interface is configured but doesn't exist physically
   Consider removing its configuration
   Command: sed -i '/iface enp3s0/,/^$/d' /etc/network/interfaces

📊 ANALYSIS SUMMARY
=========================
Interfaces configured: 3
Issues found: 1

⚠️  IMPORTANT: No changes have been made to your system
Use the Guided Cleanup option to fix issues safely

Virtual interfaces are protected

Bridges (vmbrX) and bonds (bondX) are virtual constructs. They may legitimately not exist at the moment of inspection (e.g. a bridge with no ports yet), so the analysis never proposes removing them — only physical NICs.

Step 2: guided cleanup (5 steps)

Only entered if you accept the prompt at the end of the analysis. Each step requires confirmation; cancelling at any point exits without writing.

1. Safety backup

Copies /etc/network/interfaces to /var/backups/proxmenux/interfaces_backup_<TIMESTAMP>. Path shown before and after.

2. Confirm the removal list

Lists exactly which physical interface blocks will be removed. If, between analysis and cleanup, the NICs reappeared (e.g. you re-seated a card), the flow exits with "No cleanup needed."

3. Preview the exact block(s)

Opens a scrollable view of every iface block that would be deleted, verbatim from the file. This is the moment to spot e.g. an interesting up hook you want to preserve.

4. Apply removal

For each orphan interface, runs sed -i "/^iface $iface/,/^$/d" /etc/network/interfaces. That deletes from the matching iface line up to the next blank line.

5. Verification

Re-reads the file, lists what was removed, and re-checks the remaining interfaces. Prints the rollback command. Does not automatically restart networking — removing an unused block is safe to apply on the next reboot, and avoids touching the live state.

Does not auto-restart networking

Unlike bridge repair, the cleanup flow does not offer to restart the service. Removing an unused interface block has no immediate effect on the running config, so a restart is unnecessary and would be a needless connectivity risk. The change takes effect on the next manual systemctl restart networking or at the next reboot.

Important caveats

The block boundary is the first blank line

The sed pattern deletes from iface <name> down to the next empty line. If your /etc/network/interfaces has no blank line separating blocks (rare, but possible if hand-edited), the deletion may consume the next block too. This is why step 3 is mandatory: review the preview before confirming.

An orphan iface used by a bridge is detected here, not in bridge analysis

If vmbr0 declares bridge-ports enp3s0 and enp3s0 also has its own iface enp3s0 inet manual block, removing enp3s0 here will leave vmbr0 with a dangling reference. After the cleanup, run bridge analysis to repoint or remove the bridge port. The two flows are designed to be used in tandem.

Troubleshooting

The analysis shows my new NIC as "NOT FOUND"

The kernel sees the device under a different name than what is in the file. Run ip link show to get the actual name. This is exactly the case where Persistent interface names would prevent the issue going forward.

The cleanup removed too much (a block I wanted to keep)

Restore from the backup printed in step 5:

cp /var/backups/proxmenux/interfaces_backup_<TIMESTAMP> /etc/network/interfaces

Edit the file by hand to add a clear blank line between blocks before re-running the cleanup, or remove the problematic block manually.

A bridge stops working after the cleanup

The bridge was relying on a port whose iface block was just removed. Run bridge analysis and the suggestion will point the bridge at an existing physical interface.

Bridge analysis & guided repair — the natural follow-up after a cleanup.
Persistent interface names — stops orphan blocks from accumulating after each hardware change.
Interfaces backup & restart — manual snapshots and the restore browser.

ProxMenux Scripts: Previous

Bridge analysis & repair

ProxMenux Scripts: Next

Persistent interface names

How it differs from bridge analysis

Step 1: analysis (read-only)

Step 2: guided cleanup (5 steps)

Important caveats

Troubleshooting

Related