Network Tools

Network and Anonymity Control Plane

Kodachi networking binaries combine Tor orchestration, multi-protocol routing, DNS hardening, and IP verification into a unified operational stack that can be used interactively or in scripted security workflows.

5 Core Binaries 184 Commands 12 Routing Protocols 50+ DNS Resolvers Leak Detection

tor-switch and routing-switch control exit paths, balancing, and protocol failover, while ip-fetch validates effective network identity from multiple sources.

129 Routing Commands Tor + VPN + Proxy Multi-Source Verify

dns-switch and dns-leak provide encrypted resolver control and immediate leak diagnostics to confirm that anonymization settings are effective end to end.

44 DNS Commands DoH + DoT + DNSCrypt Real-Time Checks

Documentation Navigation

Navigate the documentation:

Quick Start - Installation guide and getting started
CLI Reference - Complete command-line reference

Enterprise-Grade Network and Anonymization Infrastructure

The network tools in Kodachi OS provide comprehensive control over network routing, anonymization, DNS management, and IP operations. These production-ready binaries enable secure and anonymous network communications through multiple protocols, advanced Tor orchestration, and intelligent routing mechanisms.

Core Architecture Principles - Verified

Multi-Protocol Support: 12 routing protocols including VPN, proxies, and Tor

Defense Against Surveillance: Complete traffic anonymization and DNS leak prevention

Intelligent Routing: Automatic failover, load balancing, and protocol optimization

Zero Information Leakage: Multi-source verification and comprehensive leak testing

Binary Categories and Requirements

Core Network Tools

Binary	Primary Function	Commands	Requires Auth	Requires Sudo	Auto-Start
tor-switch	Advanced Tor network orchestration	107	Yes	Yes (iptables/nftables)	No
routing-switch	Multi-protocol routing engine	22	Yes	Yes (network config)	No
ip-fetch	Secure IP geolocation with verification	11	Yes	No (basic ops)	No
dns-switch	DNS management with 50+ resolvers	40	Yes	Yes (system DNS)	No
dns-leak	Real-time DNS leak detection	4	Yes	No	No

Inter-Binary Dependencies Matrix

Binary Communication Flow

Service	Calls These Binaries	Called By These Binaries
tor-switch	logs-hook, online-auth, ip-fetch	routing-switch
routing-switch	logs-hook, online-auth, tor-switch, ip-fetch	health-control, ip-fetch
ip-fetch	logs-hook, online-auth	tor-switch, routing-switch, dns-switch, dns-leak
dns-switch	logs-hook, online-auth, ip-fetch	None
dns-leak	logs-hook, online-auth, ip-fetch	None

Critical Service Dependencies

Dependency Type	Description	Affected Services
Authentication Chain	Services requiring valid authentication	ALL network services
IP Verification	Services using ip-fetch for testing	tor-switch, routing-switch, dns-switch, dns-leak
Tor Integration	Services that can route through Tor	routing-switch, ip-fetch
Logging Infrastructure	Centralized logging via logs-hook	ALL network binaries

System Requirements and Permissions

Privilege Escalation Requirements

Operation Type	Required Permissions	Affected Binaries
Firewall Configuration	sudo/root	tor-switch (iptables/nftables rules)
Routing Tables	sudo/root	routing-switch (system routing)
DNS Configuration	sudo/root	dns-switch (resolv.conf)
Network Interfaces	sudo/root	tor-switch, routing-switch
Read-Only Operations	Standard user	ip-fetch, dns-leak (testing)

Network Stack Integration

Component	Integration Method	Binaries
iptables/nftables	Direct rule manipulation	tor-switch, routing-switch
Network Manager	D-Bus interface	dns-switch
resolv.conf	Direct file management	dns-switch
SOCKS Proxy	Tor SOCKS5 on 9050	tor-switch, ip-fetch
Network Interfaces	iproute2 commands	All network tools

Key Capabilities Overview

Tor Network Orchestration (tor-switch - 107 commands)

Feature	Description
Instance Management	Create, delete, clone unlimited Tor instances
Load Balancing (Native)	Kernel-level: round-robin, weighted, consistent-hashing
Load Balancing (HAProxy)	Integration: roundrobin, source, leastconn, random
Exit Node Control	Country-specific exit nodes, exclusion lists, per-instance configuration
System Torrification	Complete traffic routing through Tor, iptables and nftables support, DNS leak prevention
Automation Features	Timer-based IP rotation, automatic circuit renewal, configuration backup/restore

Multi-Protocol Routing (routing-switch - 18 commands)

Feature	Description
Native VPNs	OpenVPN (tun0), WireGuard (wg0)
Redsocks	Tor (iptables NAT)
Tun2socks	Dante, Shadowsocks, V2Ray, Xray-VLESS, Xray-VLESS-Reality, Xray-Trojan, Xray-VMess, Mieru/Mita, Hysteria2
Auto-selection	Based on speed/reliability
Protocol Benchmarking	Test and compare protocol performance
Automatic Failover	Switch protocols on connection failure
Configuration Export	Files, URLs, QR codes

IP Intelligence (ip-fetch - 11 commands)

Feature	Description
Multi-Source Verification	Cross-reference multiple APIs
Tor Testing	Verify connections through SOCKS proxy
Geolocation Data	Country, city, ISP, coordinates
Fallback Mechanisms	Automatic API rotation on failure
Authentication Debug	Test and debug auth issues
Cache Management	Performance optimization

DNS Management (dns-switch - 27 commands)

Feature	Description
50+ Secure Resolvers	Curated list of privacy-focused DNS
DNSCrypt	Encrypted DNS protocol support
DNS-over-TLS (DoT)	TLS encryption for DNS queries
DNS-over-HTTPS (DoH)	HTTPS encryption for DNS queries
Pi-hole Integration	Ad-blocking DNS filtering
Automatic Selection	Fastest DNS based on latency
Health Checking	Monitor DNS server availability
Score-based Ranking	Rank servers by performance and privacy
Database Operations	Remote fetching, duplicate removal, backup/restore

DNS Leak Detection (dns-leak - 4 commands)

Feature	Description
Comprehensive Testing	All network interfaces
Real-time Detection	Immediate leak identification
Detailed Reporting	JSON and human-readable formats
Interface Discovery	Automatic network mapping

Common Workflows

Complete Anonymization Setup

# Start and configure Tor
sudo tor-switch start-tor
sudo tor-switch create-multiple-instances 3
sudo tor-switch set-load-balancing-mode round-robin
# Prefer nftables for torrification; load-balancing is handled by instance/HA settings
sudo tor-switch torrify-system-nftables

# Verify anonymization
ip-fetch check-tor --json
dns-leak test --json

Multi-Protocol Routing Configuration

# List available protocols with scores
routing-switch list-protocols

# Connect through fastest protocol
sudo routing-switch auto-select

# Configure specific protocol
sudo routing-switch connect shadowsocks

# Export configuration
routing-switch showconfigqr

DNS Security Setup

# Pick reputable DNS (randomized)
sudo dns-switch random --type reputable

# Enable DNSCrypt (choose resolver explicitly)
sudo dns-switch dnscrypt-set --resolver cloudflare

# Test for leaks
dns-leak test --json

# Enable Pi-hole filtering
sudo dns-switch pihole-enable

Network Testing and Verification

# Complete network check
ip-fetch test-all

# DNS leak testing
dns-leak discover
dns-leak test
dns-leak report

# Tor verification
ip-fetch check-tor --json
sudo tor-switch verify-tor-dns-all

Advanced Tor Operations

# Set exit node country
sudo tor-switch set-exit-node US

# Exclude certain countries
sudo tor-switch set-exclude-node CN,RU

# Configure HAProxy load balancing
sudo tor-switch generate-haproxy-config roundrobin 8118
sudo tor-switch haproxy-start

# Set automatic IP rotation
sudo tor-switch update-ip-all-timer 600  # Every 10 minutes

Performance Metrics

Metric	Value	Description
Total Commands	184	Across all network binaries
Protocol Count	12	Supported routing protocols
DNS Resolvers	50+	Available secure DNS servers
Tor Instances	Unlimited	Concurrent Tor instances
Response Time	< 200ms	For routing operations
Load Balance Modes	7	Different distribution algorithms

Protocol Support Matrix

VPN Protocols

Protocol	Binary	Encryption	Speed
OpenVPN	routing-switch	AES-256	Medium
WireGuard	routing-switch	ChaCha20	Fast

Proxy Protocols

Protocol	Binary	Obfuscation	Use Case
Dante	routing-switch	No	SOCKS5 proxy
Tor	routing-switch	Yes	Anonymization
Shadowsocks	routing-switch	Yes	Censorship bypass
V2Ray	routing-switch	Yes	Advanced routing
Xray-VLESS	routing-switch	Yes	TLS disguise
Xray-VLESS-Reality	routing-switch	Yes	Advanced TLS disguise
Xray-Trojan	routing-switch	Yes	HTTPS camouflage
Xray-VMess	routing-switch	Yes	Encrypted proxy
Mita/Mieru	routing-switch	Yes	Traffic obfuscation
Hysteria2	routing-switch	Yes	UDP optimization

DNS Protocols

Protocol	Binary	Security	Privacy
Standard DNS	dns-switch	None	Low
DNSCrypt	dns-switch	Encrypted	High
DNS-over-TLS	dns-switch	TLS	High
DNS-over-HTTPS	dns-switch	HTTPS	High

Network Security Features

Traffic Analysis Prevention

Feature	Description
Tor Load Balancing	Distribute traffic across instances
Protocol Rotation	Automatic protocol switching
DNS Randomization	Rotate DNS servers
IP Rotation	Timed identity changes

Leak Prevention

Feature	Description
DNS Leak Testing	Continuous monitoring
WebRTC Blocking	Prevent IP leaks
IPv6 Management	Disable when needed
Kill Switch	Network isolation on failure

Connection Security

Feature	Description
Certificate Pinning	TLS verification
Authentication	Secure credential management
Encryption	End-to-end encryption
Obfuscation	Traffic disguising

Integration Points

The network tools integrate with:

Integration Type	Services/Components
Security Services	health-control, online-auth
System Services	logs-hook, permission-guard
Firewall Systems	iptables, nftables, ufw
Network Managers	NetworkManager, systemd-networkd
Proxy Software	HAProxy, redsocks, tun2socks

Troubleshooting

Common Issues

Issue	Solution	Prevention
Tor connection fails	Check firewall, restart service	Monitor logs
DNS leaks detected	Enable kill switch, check config	Regular testing
Routing fails	Verify credentials, check protocol	Use fallback
IP not changing	New circuit, check exit nodes	Timer automation

Diagnostic Commands

# Check Tor status
sudo tor-switch tor-status-all
sudo tor-switch check-tor-all

# Test routing
routing-switch status
routing-switch test-protocol openvpn
sudo routing-switch recover

# Verify DNS
dns-switch status
dns-switch health --type reputable

# Network connectivity
ip-fetch test-all

Security Considerations

Important Security Notice

Network anonymization tools should be used responsibly and in accordance with local laws. These tools are designed for legitimate privacy protection and security testing purposes only.

Best Practices

Practice	Description
Layer Your Defenses	Use multiple anonymization layers
Test Regularly	Verify no leaks after configuration changes
Rotate Identities	Change circuits and exit nodes frequently
Monitor Performance	Watch for unusual latency or failures
Update Protocols	Keep routing protocols current

Operational Security

Security Measure	Implementation
Compartmentalization	Separate activities by Tor instance
Traffic Patterns	Vary timing and volume
Protocol Diversity	Don't rely on single protocol
Backup Routes	Configure fallback options
Regular Audits	Review logs and configurations

System Information

Component	Version	Build Date	License
tor-switch	9.0.1	2026-03-23	Proprietary
routing-switch	9.0.1	2026-03-23	Proprietary
ip-fetch	9.0.1	2026-03-23	Proprietary
dns-switch	9.0.1	2026-03-23	Proprietary
dns-leak	9.0.1	2026-03-23	Proprietary
Documentation	9.0.1	2026-03-23	© 2026 Linux Kodachi