Network Tools

🛡️ Enterprise-Grade Network and Anonymization Infrastructure

The network tools in Kodachi OS provide comprehensive control over network routing, anonymization, DNS management, and IP operations. These production-ready binaries enable secure and anonymous network communications through multiple protocols, advanced Tor orchestration, and intelligent routing mechanisms.

Core Architecture Principles - Verified

Multi-Protocol Support: 12+ routing protocols including VPN, proxies, and Tor

Defense Against Surveillance: Complete traffic anonymization and DNS leak prevention

Intelligent Routing: Automatic failover, load balancing, and protocol optimization

Zero Information Leakage: Multi-source verification and comprehensive leak testing

🛡️ Binary Categories and Requirements

Core Network Tools

Binary	Primary Function	Commands	Requires Auth	Requires Sudo	Auto-Start
tor-switch	Advanced Tor network orchestration	108	Yes	Yes (iptables/nftables)	No
routing-switch	Multi-protocol routing engine	18	Yes	Yes (network config)	No
ip-fetch	Secure IP geolocation with verification	13	Yes	No (basic ops)	No
dns-switch	DNS management with 50+ resolvers	25	Yes	Yes (system DNS)	No
dns-leak	Real-time DNS leak detection	4	Yes	No	No

🛡️ Inter-Binary Dependencies Matrix

Binary Communication Flow

Service	Calls These Binaries	Called By These Binaries
tor-switch	logs-hook, online-auth, ip-fetch	routing-switch
routing-switch	logs-hook, online-auth, tor-switch, ip-fetch	health-control, ip-fetch
ip-fetch	logs-hook, online-auth, routing-switch	tor-switch, routing-switch, dns-switch, dns-leak
dns-switch	logs-hook, online-auth, ip-fetch	None
dns-leak	logs-hook, online-auth, ip-fetch	None

Critical Service Dependencies

Dependency Type	Description	Affected Services
Authentication Chain	Services requiring valid authentication	ALL network services
IP Verification	Services using ip-fetch for testing	tor-switch, routing-switch, dns-switch, dns-leak
Tor Integration	Services that can route through Tor	routing-switch, ip-fetch
Logging Infrastructure	Centralized logging via logs-hook	ALL network binaries

🛡️ System Requirements and Permissions

Privilege Escalation Requirements

Operation Type	Required Permissions	Affected Binaries
Firewall Configuration	sudo/root	tor-switch (iptables/nftables rules)
Routing Tables	sudo/root	routing-switch (system routing)
DNS Configuration	sudo/root	dns-switch (resolv.conf)
Network Interfaces	sudo/root	tor-switch, routing-switch
Read-Only Operations	Standard user	ip-fetch, dns-leak (testing)

Network Stack Integration

Component	Integration Method	Binaries
iptables/nftables	Direct rule manipulation	tor-switch, routing-switch
Network Manager	D-Bus interface	dns-switch
resolv.conf	Direct file management	dns-switch
SOCKS Proxy	Tor SOCKS5 on 9050	tor-switch, ip-fetch
Network Interfaces	iproute2 commands	All network tools

🛡️ Key Capabilities Overview

Tor Network Orchestration (tor-switch - 108 commands)

Feature	Description
Instance Management	Create, delete, clone unlimited Tor instances
Load Balancing (Native)	Kernel-level: round-robin, weighted, consistent-hashing
Load Balancing (HAProxy)	Integration: roundrobin, source, leastconn, random
Exit Node Control	Country-specific exit nodes, exclusion lists, per-instance configuration
System Torrification	Complete traffic routing through Tor, iptables and nftables support, DNS leak prevention
Automation Features	Timer-based IP rotation, automatic circuit renewal, configuration backup/restore

Multi-Protocol Routing (routing-switch - 18 commands)

Feature	Description
Native VPNs	OpenVPN (tun0), WireGuard (wg0)
Redsocks	Tor (iptables NAT)
Tun2socks	Dante, Shadowsocks, V2Ray, Xray-VLESS, Xray-VLESS-Reality, Xray-Trojan, Xray-VMess, Mieru/Mita, Hysteria2
Auto-selection	Based on speed/reliability
Protocol Benchmarking	Test and compare protocol performance
Automatic Failover	Switch protocols on connection failure
Configuration Export	Files, URLs, QR codes

IP Intelligence (ip-fetch - 13 commands)

Feature	Description
Multi-Source Verification	Cross-reference multiple APIs
Tor Testing	Verify connections through SOCKS proxy
Geolocation Data	Country, city, ISP, coordinates
Fallback Mechanisms	Automatic API rotation on failure
Authentication Debug	Test and debug auth issues
Cache Management	Performance optimization

DNS Management (dns-switch - 25 commands)

Feature	Description
50+ Secure Resolvers	Curated list of privacy-focused DNS
DNSCrypt	Encrypted DNS protocol support
DNS-over-TLS (DoT)	TLS encryption for DNS queries
DNS-over-HTTPS (DoH)	HTTPS encryption for DNS queries
Pi-hole Integration	Ad-blocking DNS filtering
Automatic Selection	Fastest DNS based on latency
Health Checking	Monitor DNS server availability
Score-based Ranking	Rank servers by performance and privacy
Database Operations	Remote fetching, duplicate removal, backup/restore

DNS Leak Detection (dns-leak - 4 commands)

Feature	Description
Comprehensive Testing	All network interfaces
Real-time Detection	Immediate leak identification
Detailed Reporting	JSON and human-readable formats
Interface Discovery	Automatic network mapping

🛡️ Common Workflows

Complete Anonymization Setup

# Start and configure Tor
sudo ./tor-switch start_tor
sudo ./tor-switch create_multiple_instances 3
sudo ./tor-switch set_load_balancing_mode round-robin
# Prefer nftables for torrification; load-balancing is handled by instance/HA settings
sudo ./tor-switch torrify_system_nftables

# Verify anonymization
./ip-fetch check-tor --json
./dns-leak test --json

Multi-Protocol Routing Configuration

# List available protocols with scores
./routing-switch list-protocols

# Connect through fastest protocol
sudo ./routing-switch auto-select

# Configure specific protocol
sudo ./routing-switch connect shadowsocks

# Export configuration
./routing-switch export-config --qr-code

DNS Security Setup

# Pick reputable DNS (randomized)
sudo ./dns-switch random --type reputable

# Enable DNSCrypt (choose resolver explicitly)
sudo ./dns-switch dnscrypt-set --resolver cloudflare

# Test for leaks
./dns-leak test --json

# Enable Pi-hole filtering
sudo ./dns-switch pihole-enable

Network Testing and Verification

# Complete network check
./ip-fetch test-all

# DNS leak testing
./dns-leak discover
./dns-leak test
./dns-leak report

# Tor verification
./ip-fetch check-tor --json
sudo ./tor-switch verify_tor_dns_all

Advanced Tor Operations

# Set exit node country
sudo ./tor-switch set_exit_node US

# Exclude certain countries
sudo ./tor-switch set_exclude_node CN,RU

# Configure HAProxy load balancing
sudo ./tor-switch generate_haproxy_config roundrobin 8118
sudo ./tor-switch haproxy_start

# Set automatic IP rotation
sudo ./tor-switch update_ip_all_timer 600  # Every 10 minutes

🛡️ Performance Metrics

Metric	Value	Description
Total Commands	168	Across all network binaries
Protocol Count	15+	Supported routing protocols
DNS Resolvers	50+	Available secure DNS servers
Tor Instances	Unlimited	Concurrent Tor instances
Response Time	< 200ms	For routing operations
Load Balance Modes	7	Different distribution algorithms

🛡️ Protocol Support Matrix

VPN Protocols

Protocol	Binary	Encryption	Speed
OpenVPN	routing-switch	AES-256	Medium
WireGuard	routing-switch	ChaCha20	Fast

Proxy Protocols

Protocol	Binary	Obfuscation	Use Case
SOCKS5	routing-switch	None	General proxy
Shadowsocks	routing-switch	Yes	Censorship bypass
V2Ray	routing-switch	Yes	Advanced routing
Xray-VLESS	routing-switch	Yes	TLS disguise
Hysteria2	routing-switch	Yes	UDP optimization

DNS Protocols

Protocol	Binary	Security	Privacy
Standard DNS	dns-switch	None	Low
DNSCrypt	dns-switch	Encrypted	High
DNS-over-TLS	dns-switch	TLS	High
DNS-over-HTTPS	dns-switch	HTTPS	High

🛡️ Network Security Features

Traffic Analysis Prevention

Feature	Description
Tor Load Balancing	Distribute traffic across instances
Protocol Rotation	Automatic protocol switching
DNS Randomization	Rotate DNS servers
IP Rotation	Timed identity changes

Leak Prevention

Feature	Description
DNS Leak Testing	Continuous monitoring
WebRTC Blocking	Prevent IP leaks
IPv6 Management	Disable when needed
Kill Switch	Network isolation on failure

Connection Security

Feature	Description
Certificate Pinning	TLS verification
Authentication	Secure credential management
Encryption	End-to-end encryption
Obfuscation	Traffic disguising

🛡️ Integration Points

The network tools integrate with:

Integration Type	Services/Components
Security Services	health-control, online-auth
System Services	logs-hook, permission-guard
Firewall Systems	iptables, nftables, ufw
Network Managers	NetworkManager, systemd-networkd
Proxy Software	HAProxy, redsocks, tun2socks

🛡️ Troubleshooting

Common Issues

Issue	Solution	Prevention
Tor connection fails	Check firewall, restart service	Monitor logs
DNS leaks detected	Enable kill switch, check config	Regular testing
Routing fails	Verify credentials, check protocol	Use fallback
IP not changing	New circuit, check exit nodes	Timer automation

Diagnostic Commands

# Check Tor status
sudo ./tor-switch tor_status_all
sudo ./tor-switch check_tor_all

# Test routing
./routing-switch status
./routing-switch test-connection
sudo ./routing-switch recover

# Verify DNS
./dns-switch status
./dns-switch test-dns

# Network connectivity
./ip-fetch test-all

🛡️ Security Considerations

Important Security Notice

Network anonymization tools should be used responsibly and in accordance with local laws. These tools are designed for legitimate privacy protection and security testing purposes only.

Best Practices

Practice	Description
Layer Your Defenses	Use multiple anonymization layers
Test Regularly	Verify no leaks after configuration changes
Rotate Identities	Change circuits and exit nodes frequently
Monitor Performance	Watch for unusual latency or failures
Update Protocols	Keep routing protocols current

Operational Security

Security Measure	Implementation
Compartmentalization	Separate activities by Tor instance
Traffic Patterns	Vary timing and volume
Protocol Diversity	Don't rely on single protocol
Backup Routes	Configure fallback options
Regular Audits	Review logs and configurations

🛡️ System Information

Component	Version	Build Date	License
tor-switch	9.0.1	2025-09-18	Proprietary
routing-switch	9.0.1	2025-09-18	Proprietary
ip-fetch	9.0.1	2025-09-18	Proprietary
dns-switch	9.0.1	2025-09-18	Proprietary
dns-leak	9.0.1	2025-09-18	Proprietary
Documentation	9.0.1	2025-09-19	© 2025 Linux Kodachi