{"id":17091170,"url":"https://github.com/cjdelisle/cjdnstool","last_synced_at":"2025-04-12T22:31:40.211Z","repository":{"id":57199090,"uuid":"121175912","full_name":"cjdelisle/cjdnstool","owner":"cjdelisle","description":"Diagnostic and management tools for cjdns","archived":false,"fork":false,"pushed_at":"2019-11-20T14:13:24.000Z","size":62,"stargazers_count":11,"open_issues_count":2,"forks_count":1,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-26T16:38:49.433Z","etag":null,"topics":["cjdns","hyperboria","mesh","mesh-networks"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cjdelisle.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-02-11T22:58:51.000Z","updated_at":"2024-09-28T05:31:15.000Z","dependencies_parsed_at":"2022-09-16T15:01:38.922Z","dependency_job_id":null,"html_url":"https://github.com/cjdelisle/cjdnstool","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cjdelisle%2Fcjdnstool","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cjdelisle%2Fcjdnstool/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cjdelisle%2Fcjdnstool/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cjdelisle%2Fcjdnstool/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cjdelisle","download_url":"https://codeload.github.com/cjdelisle/cjdnstool/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248497809,"owners_count":21113984,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cjdns","hyperboria","mesh","mesh-networks"],"created_at":"2024-10-14T13:57:53.113Z","updated_at":"2025-04-12T22:31:40.192Z","avatar_url":"https://github.com/cjdelisle.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Cjdnstool\n\n[![Build Status](https://travis-ci.org/cjdelisle/cjdnstool.svg?branch=master)](https://travis-ci.org/cjdelisle/cjdnstool)\n\nDiagnostic and management tools for cjdns\n\n## Install\n(you might also want to install [cjdns](https://github.com/cjdelisle/cjdns.git))\n\n```bash\nnpm install -g cjdnstool\n```\n\n## Use\n\n```\n$ cjdnstool\nUsage: cjdnstool COMMAND OPTIONS\ncjdnstool ping [OPTIONS] \u003cnodename|ipv6|hostname\u003e\n    -k, --keyping                 # send switch ping requesting the key\n    -s, --switchping              # send switch ping (requires -k)\n    -d \u003cdata\u003e, --data=\u003cdata\u003e      # send extra data in the ping message\n    -c \u003cnum\u003e, --count=\u003cnum\u003e       # number of pings to send before stopping\n    -v, --verbose                 # print debug information\n    -i \u003csecs\u003e, --waittime=\u003csecs\u003e  # number of seconds between messages\n    -p \u003cpref\u003e, --pref=\u003cpref\u003e      # use specified address resolution preference\n\ncjdnstool query COMMAND\n    getpeers [OPTIONS] \u003cnodename|ipv6|hostname\u003e\n        -2                        # request from the subnode pathfinder\n        -v, --verbose             # print debug information\n        -p \u003cpref\u003e, --pref=\u003cpref\u003e  # use specified address resolution preference\n\ncjdnstool peer COMMAND\n    show (default command)\n        -6, --ip6                 # print ipv6 of peers rather than pubkeys\n\ncjdnstool session [COMMAND]\n    show (default command)\n        -6, --ip6                 # print ipv6 of sessions rather than pubkeys\n\ncjdnstool util COMMAND\n    key2ip6 \u003cpubkey\u003e[ \u003cpubkey\u003e][ \u003cpubkey\u003e][...]\n    priv2pub \u003cprivkey\u003e[ \u003cprivkey\u003e][ \u003cprivkey\u003e][...]\n    keygen\n\ncjdnstool mon COMMAND\n    pf                            # monitor pathfinder traffic\n    ctrl                          # monitor switch control traffic\n    snode                         # monitor traffic to/from the snode\n\ncjdnstool resolve OPTIONS \u003chostname|ipv6\u003e\n    -v, --verbose                 # print debug information\n    -p \u003cpref\u003e, --pref=\u003cpref\u003e      # use specified address resolution preference\n\ncjdnstool cexec [COMMAND ARGS...]\n                                  # run `cjdnstool cexec` for all commands\n                                  # below are a couple of examples\n    Allocator_bytesAllocated      # Determine how many bytes are allocated\n    Core_pid                      # Get the cjdns core pid number\n    ReachabilityCollector_getPeerInfo\n        --page=\u003cInt\u003e              # Get information about your peers (paginated)\n    SupernodeHunter_status        # Get a status report from the snode hunter\n    see: https://github.com/cjdelisle/cjdns/blob/crashey/doc/admin-api.md#funcs\n\ncjdnstool log [OPTIONS]\n    -v \u003cverb\u003e, --verbosity=\u003cverb\u003e # specify the verbosity level of logging\n                                  # one of DEBUG, INFO, WARN, ERROR, CRITICAL\n                                  # each level implies the levels above it\n                                  # INFO will include WARN, ERROR and CRITICAL\n    -f \u003cfile\u003e, --file=\u003cfile\u003e      # limit logging to one file\n    -l \u003cline\u003e, --line=\u003cline\u003e      # limit logging to a specific line number\n\ncjdnstool snode COMMAND\n    show (default command)        # display the currently used supernode, if any\n    ls                            # list all configured snodes\n\ncjdnstool passwd COMMAND\n    show (default command)        # show names of configured peering passwords\n\ncjdnstool iptun COMMAND\n    show (default command)        # show all incoming and outgoing\n                                  # iptun connections\n\ncjdnstool iface COMMAND\n    show (default command)        # show all configured interfaces\n\ncjdnstool traceroute [OPTIONS] \u003cnodename|ipv6|hostname\u003e\n    -2                            # request from the subnode pathfinder\n    -v, --verbose                 # print debug information\n    -p \u003cpref\u003e, --pref=\u003cpref\u003e      # use specified address resolution preference\n\ncjdnstool conf [-f \u003cf\u003e] [--file=\u003cf\u003e] COMMAND\n    -f \u003cf\u003e, --file=\u003cf\u003e            # use file \u003cf\u003e, default: /etc/cjdroute.conf\n    migrate [-y]                  # convert v1 config format to v2\n        -y                        # answer yes to all questions\n        -d, --dryrun              # dry-run, print a unified diff of what\n                                  # WOULD be changed\n    put [OPTIONS] \u003cpath\u003e \u003cval\u003e    # add/update an entry in a v2 config\n        -d, --dryrun              # dry-run, print a unified diff of what\n                                  # WOULD be changed\n    get \u003cpath\u003e                    # retreive an entry in a v1 or v2 config\n```\n\n### cjdnstool ping\n\ncjdnstool ping allows you to send pathfinder pings and switch pings.\nUnlike ICMP pings, both pathfinder pings and switch pings will be routed back according\nthe the same path which they took (this is critical to  the pathfinder that it's probe\nmessages come back on the same path so these pings do as well).\n\nIf you send a pathfinder ping and it comes back, you know that the CryptoAuth session is\nworking well and that your path to the other node is ok. However, it does not tell you\nwhether the other node's path back to you is working.\n\nIf a pathfinder ping fails to return, you can use a switch ping `-s` to check whether anything\nis at the end of the path or if it is a dead path. If you request a key ping `-k` then\nit the node at the end of the path will tell you it's key which will help you determine\nwhether it is the node which you (or your cjdns instance) think is at the end of the path.\n\n#### Options\n\n* `-s`, `--switchping`: Send a switch CTRL ping message rather than a pathfinder query\n* `-k`, `--keyping`: If the message is a switch ping, send a request for the other party's\npublic key.\n* `-d \u003cdata\u003e`, `--data=\u003cdata\u003e`: Send specific content in the message\n* `-c \u003cnum\u003e`, `--count=\u003cnum\u003e`: Send this many probes and then exit\n* `-v`, `--verbose`: Print additional debugging information\n* `-i \u003csecs\u003e`, `--waittime=\u003csecs\u003e`: Wait this many seconds between sending messages\n(can be decimal)\n* `-p \u003cpref\u003e`, `--pref=\u003cpref\u003e`: Use the specified resolution preference, for example\n`session,snode,pf` (the default) will try first to use what is in the session manager,\nthen it will try querying the supernode, then it will try the old pathfinder. If you\nspecify only 1 or 2 of the 3 options, the other option(s) will be skipped which may result\nin a failure to resolve the domain.\n\n#### Example\n\n```\n$ cjdnstool ping irc.fc00.io\npathfinder ping v20.0000.0000.0027.82a3.fdud7rqg7puz4hf6u4kztfku0pbujw88l29s4ugwhf61vgqv6cj0.k (resolved from [session])\n1518729009 v20.0000.0000.0027.82a3.fdud7rqg7puz4hf6u4kztfku0pbujw88l29s4ugwhf61vgqv6cj0.k seq=0 time=150ms\n1518729010 v20.0000.0000.0027.82a3.fdud7rqg7puz4hf6u4kztfku0pbujw88l29s4ugwhf61vgqv6cj0.k seq=1 time=149ms\n^C\n$ cjdnstool ping irc.fc00.io -s\nctrl PING 0000.0000.0027.82a3 (resolved from [session])\n1518729017 0000.0000.0027.82a3 v=20 seq=0 time=148ms\n1518729018 0000.0000.0027.82a3 v=20 seq=1 time=147ms\n^c\n$ cjdnstool ping irc.fc00.io -s -k\nctrl KEYPING 0000.0000.0027.82a3 (resolved from [session])\n1518729042 0000.0000.0027.82a3 fdud7rqg7puz4hf6u4kztfku0pbujw88l29s4ugwhf61vgqv6cj0.k v=20 seq=0 time=175ms\n1518729043 0000.0000.0027.82a3 fdud7rqg7puz4hf6u4kztfku0pbujw88l29s4ugwhf61vgqv6cj0.k v=20 seq=1 time=146ms\n^C\n$\n```\n\n### cjdnstool query getpeers\n\nSend a sequence of pathfinder GetPeers queries to the other node and print the result.\nThe GetPeers query does not return all of the peers of a given node in one shot, multiple\nqueries must be made in order to get the whole list.\n\nBecause of a bug in v20 nodes, the subnode pathfinder does not always know about all peers,\nthis bug was fixed in v20.1 but for some nodes it persists. By defauly this tool will\nmake a query which is handled by the old pathfinder which has no such bug but by passing\nthe `-2` flag, you can query the subnode pathfinder.\n\n#### Options\n\n* `-2`: Flag the query in such a way that it will be handled by the *subnode* pathfinder\nrather than by the old pathfinder.\n* `-v`, `--verbose`: Print additional debugging information\n* `-p \u003cpref\u003e`, `--pref=\u003cpref\u003e`: Use the specified resolution preference, for example\n`session,snode,pf` (the default) will try first to use what is in the session manager,\nthen it will try querying the supernode, then it will try the old pathfinder. If you\nspecify only 1 or 2 of the 3 options, the other option(s) will be skipped which may result\nin a failure to resolve the domain.\n\n#### Example\n\n```\n$ cjdnstool query getpeers irc.fc00.io\nPeers for v20.0000.0000.0007.cd45.fdud7rqg7puz4hf6u4kztfku0pbujw88l29s4ugwhf61vgqv6cj0.k (resolved from [snode])\nv20.0000.0000.0000.0001.fdud7rqg7puz4hf6u4kztfku0pbujw88l29s4ugwhf61vgqv6cj0.k\nv20.0000.0000.0000.0082.p0tsd5589yy3ph769ktk5cwcgkubqjdtrlhsq3hjsy9wwlhjhfk0.k\nv20.0000.0000.0000.0086.1941p5k8qqvj17vjrkb9z97wscvtgc1vp8pv1huk5120cu42ytt0.k\nv20.0000.0000.0000.008a.8hgr62ylugxjyyhxkz254qtz60p781kbswmhhywtbb5rpzc5lxj0.k\nv20.0000.0000.0000.0092.2z5lkm9d7c8rbc77qty33sfv050mj5fpc6wjfbbqjyb7kxbrxvj0.k\nv20.0000.0000.0000.0096.5lt1py8x0mfy1h44gmp7b2277t2t3mv5ppt56gpgyhgbwjunf020.k\nv20.0000.0000.0000.009a.u64fnj4b3s0mcbgf9zfh08qbxh556p8z2z2plw2qp97bpcdg6gf0.k\nv20.0000.0000.0000.009e.7jljkrtc4t6g87styqmbgj6d2ff2jlq4yhnzq85lnwp4tydu19q0.k\nv20.0000.0000.0000.00a2.ywx5ykk2xnnpth9wqbzb59whpzlqx95zrpyg2u6xukf85y6zws10.k\nv20.0000.0000.0000.00a6.ubbtkp0txwjh44v8kkznvhjqqwr1hd2jzv5ms9zlkfk25svxvtg0.k\nv20.0000.0000.0000.00aa.hyj4xmkz00z02vf5n3cwft2yfgg91dfmmq7stjjz09w4lxgnxkz0.k\nv20.0000.0000.0000.00ae.7vgm4mwzhuc8wjx4grd5km66qtb641llyv48g8qvcfntvy772820.k\nv20.0000.0000.0000.00b2.5wfwcfyhpn3gkmy89r9prw1csx4t4q4nbmscqp040bzmm7mbh8b0.k\nv20.0000.0000.0000.00b6.ckpd4v8sgwsds7vx1qhdm8uufnj62wb0l4pgzns3zxc4whv3brq0.k\nv20.0000.0000.0000.00ba.2hwmvzgxhy6h02zsk81cz2h4ybwh1hxjtsk7j8cu9954lzwgu8t0.k\nv20.0000.0000.0000.00be.5msc47cgr8h1bqtnq9xyb0hr9rbqp2qlq3t1v14rk5y727z03390.k\nv20.0000.0000.0000.00c2.6bb1kywn12w8n3crvzx7r21d2x4j4bst4zythd3rrnvckjtu0sq0.k\nv20.0000.0000.0000.00c6.11sfkq2clbv4dgzgx8hm47p4ld9pwy82y7jluvjh91cyl1n7bwf0.k\nTotal 18 peers\n$\n```\n\n### cjdnstool peer show\n\nPrint a list of the peers of this node according to the InterfaceController. This is\nequivilent to `./tools/peerStats`\n\n#### Options\n\n* `-6`, `--ip6`: Print peers with their cjdns IPv6 rather than their pubkeys\n\n### cjdnstool session show\n\nPrint a list of the active sessions of this node according to the SessionManager.\nThis is equivilent to `./tools/sessionStats`\n\n#### Options\n\n* `-6`, `--ip6`: Print sessions with their cjdns IPv6 rather than their pubkeys\n\n### cjdnstool util\n\nThese are utility functions which do not require the cjdns node to be running in order\nto use them.\n\n#### cjdnstool util key2ip6\n\nConvert one or more cjdns public keys into cjdns IPv6 addresses. This command has no options.\n\n##### Example\n\n```\n$ cjdnstool util key2ip6 kw0vfw3tmb6u6p21z5jmmymdlumwknlg3x8muk5mcw66tdpqlw30.k cmnkylz1dx8mx3bdxku80yw20gqmg0s9nsrusdv0psnxnfhqfmu0.k\nkw0vfw3tmb6u6p21z5jmmymdlumwknlg3x8muk5mcw66tdpqlw30.k fc02:2735:e595:bb70:8ffc:5293:8af8:c4b7\ncmnkylz1dx8mx3bdxku80yw20gqmg0s9nsrusdv0psnxnfhqfmu0.k fcbb:5056:899e:2838:f1ad:12eb:9704:1ff1\n$\n```\n\n#### cjdnstool util priv2pub\n\nConvert one or more cjdns private keys (in hexidecimal format) into public keys in base64.\n\n##### Example\n\n```\n$ cjdnstool util priv2pub 28ee6a11ab624cf8750e255e347909bb35f10291b972b6fb261a534798049d66\nvn2hwbvnvyky9wcgrlwyl4vnqn63z73bvqky1hslt3n4ur0mnpv0.k\n$\n```\n\n#### cjdnstool util keygen\n\nGenerate a new cjdns keypair, outputs a private key in hex, a public key in base64 and an\nIPv6 address. This command takes no arguments.\n\n##### Example\n\n```\n$ cjdnstool util keygen\n28ee6a11ab624cf8750e255e347909bb35f10291b972b6fb261a534798049d66 vn2hwbvnvyky9wcgrlwyl4vnqn63z73bvqky1hslt3n4ur0mnpv0.k fc83:54f8:7f02:75c0:e2ac:d575:4b4d:eb28\n```\n\n### cjdnstool mon pf\n\nMonitor incoming and outgoing inter-pathfinder traffic in cjdns, each message will start with\nan arrow pointing either left or right. If it points left then the message is outgoing and if\nit points right then the message is incoming. This command has no options.\n\n#### Example\n\n```\n$ cjdnstool mon pf\n\u003e v17 0000.0000.000a.e553 fcfd:9511:69cc:a05e:4eb2:ed20:c6a0:52e3 fn fcdb:4cd0:d748:0b1f:4eaf:5c9e:8cd9:b815\n\u003c v17 0000.0000.000a.e553 fcfd:9511:69cc:a05e:4eb2:ed20:c6a0:52e3 reply\n\u003e v17 0000.0000.000a.e553 fcfd:9511:69cc:a05e:4eb2:ed20:c6a0:52e3 fn fcdb:4cd0:d748:0b1f:4eaf:5c9e:8cd9:b815\n\u003c v17 0000.0000.000a.e553 fcfd:9511:69cc:a05e:4eb2:ed20:c6a0:52e3 reply\n^C\n$\n```\n\n### cjdnstool mon ctrl\n\nMonitor incoming and outgoing switch CTRL traffic on this cjdns node. Each message will begin\nwith an arrow pointing either left or right, if it points left then this is an outgoing\nmessage and if it points right then it's an incoming message. This command has no options.\n\n#### Example\n\n```\n$ cjdnstool mon ctrl\nListening for CTRL traffic on node\n\u003e 0000.0000.0006.f7a5 ERROR AUTHENTICATION label_at_err_node: 64e9.4c00.0000.0000 nonce: 1 00d596edf689e7fe14de00000000000b00000000\n\u003e 0000.0000.0006.4dc5 ERROR AUTHENTICATION label_at_err_node: cc12.2000.0000.0000 nonce: 1 00866a1edb69ced59e0800000000000b00000000\n^C\n$\n```\n\n### cjdnstool mon snode\n\nMonitor traffic to and from the supernode. This will print all of the messages going to and from\nthe snode which are either CTRL messages or are DHT messages *that are snode queries and replies*,\nnormal interactions with the cjdns engine running on the snode will not be printed. It takes no\narguments.\n\nTypes of messages sent to and from the snode:\n\n* getRoute request: request for a path between two nodes in the network, given as IPv6.\n* getRoute reply: response is a node list (of one) which contains the version and key of the\ndestination as well as a route which should work for the source, to get to that destination.\n* ann: signed announcement of reachability, see [Cjdnsann](https://github.com/cjdelisle/cjdnsann.git).\n* ann reply: reply from the snode, contains `stateHash` which is compared with the node's local\nstate in order to ensure that they are aligned.\n\n#### Example\n\n```\n$ cjdnstool mon snode\n\u003c getRoute fc92:8136:dc1f:e6e0:4ef6:a6dd:7187:b85f fcec:ae97:8902:d810:6c92:ec67:efb2:3ec5\n\u003c getRoute fc92:8136:dc1f:e6e0:4ef6:a6dd:7187:b85f fc8b:7aa7:e2bf:c82b:4fa3:57a4:de2a:52a3\n\u003c getRoute fc92:8136:dc1f:e6e0:4ef6:a6dd:7187:b85f fc8b:7aa7:e2bf:c82b:4fa3:57a4:de2a:52a3\n\u003c getRoute fc92:8136:dc1f:e6e0:4ef6:a6dd:7187:b85f fcde:5b9e:fe85:5af7:5368:6dff:729d:f859\n\u003c getRoute fc92:8136:dc1f:e6e0:4ef6:a6dd:7187:b85f fcde:5b9e:fe85:5af7:5368:6dff:729d:f859\n\u003e reply [\n    \"v20.0000.0000.1b2c.1405.fdyb6wrbnvr8qfr7uds81f8dxfgl7xj2shumtwx9szkpkz8j01y0.k\"\n]\n\u003e reply [\n    \"v20.0000.0000.1b2c.1405.fdyb6wrbnvr8qfr7uds81f8dxfgl7xj2shumtwx9szkpkz8j01y0.k\"\n]\n^C\n$\n```\n\n### cjdnstool resolve\n\nResolve a hostname or cjdns IPv6 address to a version, path and key which can be used for sending\na ping. This resolution happens every time you start a session with a previously unknown node.\n\nThe resolution may come from either an already known session in the SessionManager, or from the\nsupernode or from the old pathfinder. By default this command will return all of them.\n\nWith the session manager result there will be a metric, specifying how valuable the information is\nconsidered (lower is better).\n\n* `metric=fff00000`: means the SessionManager discovered the node because it's a peer.\n* `metric=fff00033`: means the SessionManager discovered the path from the supernode.\n* `metric=ffff0000`: means the SessionManager discovered the path from the old pathfinder.\n\n#### Options\n\n* `-v`, `--verbose`: Print additional debugging information\n* `-p \u003cpref\u003e`, `--pref=\u003cpref\u003e`: Use the specified resolution preference, for example\n`session,snode,pf` (the default) will try first to use what is in the session manager,\nthen it will try querying the supernode, then it will try the old pathfinder. If you\nspecify only 1 or 2 of the 3 options, the other option(s) will be skipped which may result\nin a failure to resolve the domain.\n\n#### Example\n```\n$ cjdnstool resolve irc.fc00.io -p pf,snode\nResolving irc.fc00.io\nsnode   v20.0000.0000.0004.d005.fdud7rqg7puz4hf6u4kztfku0pbujw88l29s4ugwhf61vgqv6cj0.k\npf      v20.0000.0000.0004.d005.fdud7rqg7puz4hf6u4kztfku0pbujw88l29s4ugwhf61vgqv6cj0.k\n$ cjdnstool resolve irc.fc00.io -p session\nResolving irc.fc00.io\nsession v20.0000.0000.0007.cd45.fdud7rqg7puz4hf6u4kztfku0pbujw88l29s4ugwhf61vgqv6cj0.k metric=fff00033\n$\n```\n\n### cjdnstool cexec\n\nExecute a direct RPC call to the cjdns engine. Everything in cjdnstool uses these RPCs\nto access data from and to control cjdns but this is a raw access to the cjdns RPC calls.\nThere are many calls which are documented to varying extents. The names of the calls\nalways begin with the name of the .c file where they are defined so even if the call is\nnot well documented, finding the source code is reasonable.\n\nThe best documentation to be found on these RPC calls is here:\nhttps://github.com/cjdelisle/cjdns/blob/master/doc/admin-api.md#cjdns-functions\n\nIn general it's better to use the tools provided in cjdnstool but if you want to access\nsomething internal, these RPCs are the best option.\n\n#### Options\n\nEach RPC call has different options which are shown when you execute `cjdnstool cexec`\nwith no arguments. All options must be in the form `--\u003cname\u003e=\u003cvalue\u003e` and if the option\nis shown in square brackets, it is optional.\n\n#### Example\n\n```\n$ cjdnstool cexec ReachabilityCollector_getPeerInfo --page=0\n{\n  \"error\": \"none\",\n  \"peers\": [\n    {\n      \"addr\": \"v20.0000.0000.0000.0015.kw0vfw3tmb6u6p21z5jmmymdlumwknlg3x8muk5mcw66tdpqlw30.k\",\n      \"pathThemToUs\": \"0000.0000.0000.04cc\",\n      \"querying\": 0\n    },\n    {\n      \"addr\": \"v20.0000.0000.0000.0013.cmnkylz1dx8mx3bdxku80yw20gqmg0s9nsrusdv0psnxnfhqfmu0.k\",\n      \"pathThemToUs\": \"0000.0000.0000.00b6\",\n      \"querying\": 0\n    }\n  ]\n}\n$\n```\n\n### cjdnstool log\n\nCjdns DEBUG level logging is more like a sort of tracepoint or kprobe, when you enable logging\nit prints a fantastic amount of noise. Fortunartely for performance, the logs are not even\ncreated inside of cjdns unless logging is enabled. You can enable logging on a verbosity,\nper-file and per-line basis.\n\nFor example `cjdnstool log -f CryptoAuth.c` will take all logs from CryptoAuth file.\n`cjdnstool log -v INFO` will collect logs at INFO level or higher.\n`cjdnstool log -f CryptoAuth.c -l 727` will collect logs only from one line in the CryptoAuth\nfile (assuming there is a log line there).\n\nIf you call `cjdnstool log` with no arguments, it will simply print all logs.\n\n#### Options\n\nEach option can be specified only once, but options can be used together.\n\n* `-v \u003cverb\u003e`, `--verbosity=\u003cverb\u003e`: Specify the level of verbosity for logging, each level\nimplies the higher levels so if you specify INFO, it will log INFO, WARN and CRITICAL levels.\n* `-f \u003cfile\u003e`, `--file=\u003cfile\u003e`: Limit logging to one file, this helps when you only want to\nsee what's going on inside of one particular module.\n* `-l \u003cline\u003e`, `--line=\u003cline\u003e`: Limit logging to one specific line number, this is\nmost useful in conjunction with `--file` to only listen to invocations of one particular log\nline.\n\n#### Example\n\n```\n$ cjdnstool log\n1483311804 DEBUG SessionManager.c:380 ver[17] send[18269] recv[379733] ip[fcc7:91f7:ab6f:85b7:5bfc:790a:31c8:dd38] path[0000.0000.0037.91c5] new session nonce[3]\n1483311804 DEBUG CryptoAuth.c:628 0x7ff313e860b8 inner [fcc7:91f7:ab6f:85b7:5bfc:790a:31c8:dd38] state[0]: Received a repeat key packet\n1483311804 DEBUG CryptoAuth.c:631 0x7ff313e860b8 inner [fcc7:91f7:ab6f:85b7:5bfc:790a:31c8:dd38] state[0]: DROP a stray key packet\n1483311804 DEBUG SessionManager.c:391 ver[17] send[18269] recv[379733] ip[fcc7:91f7:ab6f:85b7:5bfc:790a:31c8:dd38] path[0000.0000.0037.91c5] DROP Failed decrypting message NoH[3] state[INIT]\n1483311804 DEBUG SessionManager.c:380 ver[17] send[18269] recv[379733] ip[fcc7:91f7:ab6f:85b7:5bfc:790a:31c8:dd38] path[0000.0000.0037.91c5] new session nonce[3]\n1483311804 DEBUG CryptoAuth.c:628 0x7ff313e860b8 inner [fcc7:91f7:ab6f:85b7:5bfc:790a:31c8:dd38] state[0]: Received a repeat key packet\n^CDisconnecting...\ndone\n$ cjdnstool log -v INFO\n1483311840 INFO SwitchCore.c:194 no such iface\n1483311841 INFO ControlHandler.c:224 DROP ctrl packet from [0000.000d.a193.4585] with invalid checksum\n1483311842 INFO SwitchCore.c:194 no such iface\n^CDisconnecting...\ndone\n$ node cjdnstool log -f ControlHandler.c -l 224\n1483311886 INFO ControlHandler.c:224 DROP ctrl packet from [0000.5750.a6c4.23a3] with invalid checksum\n^CDisconnecting...\ndone\n$\n```\n\n### cjdnstool snode\n\nCjdns uses a supernode to aid in finding routes to things, you can configure which supernode\nto use or you can allow it to use the supernode used by your peers. If the supernode comes\nfrom one of your peers, it will try to select supernodes used by the lower peers in the list\n(outgoing peers which you have ostensibly configured in your cjdroute.conf file).\n\n#### cjdnstool snode show\n\nShow the currently used supernode, this command takes no options. The result shows whether\nthe supernode is \"authorized\" meaning whether it was manually configured or was automatically\ndetected.\n\n##### Example\n\n```\n$ cjdnstool snode show\nv20.0000.0000.0004.f2a3.9syly12vuwr1jh5qpktmjc817y38bc9ytsvs8d5qwcnvn6c2lwq0.k authorized=false\n$\n```\n\n#### cjdnstool snode ls\n\nList configured supernodes, this command takes no options. The result will be the list of\nall public keys of the supernodes which have been configured in the cjdroute.conf file.\n\n##### Example\n\n```\n$ cjdnstool snode ls\n9syly12vuwr1jh5qpktmjc817y38bc9ytsvs8d5qwcnvn6c2lwq0.k\n$\n```\n\n### cjdnstool passwd\n\nThis submodule is for managing the authorized passwords which allow peering. Each password\nhas a \"login\" name associated and that name is needed for the other side to authenticate.\n\nIf no command is given, the default is `cjdnstool passwd show`.\n\n#### cjdnstool passwd show\n\nShow the list of configured passwords which other nodes can use for connecting. This will\nshow the username to login but not the actual password itself. This command takes no options.\n\n##### Example\n\n```\n$ cjdnstool passwd show\nAnon #1\nLocal Peers\n$\n```\n\n### cjdnstool iptun\n\nThis is for configuring the IPTunnel submodule which is used for issuing IPv4 and IPv6\naddresses to a cjdns node and converting it to a VPN client. The format of an address\nis `1.2.3.4/5:6` or `1234::/5:6` the 5:6 is to be interpreted as:\n\naddress SLASH prefix_announced_to_client COLON size_of_address_block_issued_to_client\n\nFor example: 192.168.123.0/0:24 will be issuing the address block 192.168.123.0/24 to\nthe client and then announcing /0 (whole internet) to the client.\n\nFor a smaller network (business VPN for example), you might use 10.118.12.3/16:32 issuing\na /32 (1 address) to the client but announcing to the a /16, the whole company network.\n\n#### cjdnstool iptun show\n\nThis shows the list of all configured IPTunnel connections (servers for which you are\nthe client and clients for which you are the server). It takes no arguments.\n\n##### Example\n\n```\n$ cjdnstool iptun show\nSERVER cmnkylz1dx8mx3bdxku80yw20gqmg0s9nsrusdv0psnxnfhqfmu0.k 10.66.6.1/0:32 2c0f:f930:2:1::/0:64\n```\n\nThis is showing a SERVER (for which we are the client), and that server has issued us\n10.66.6.1/0:32 (allocating us 1 address, but instructing us to route the whole internet there)\nand 2c0f:f930:2:1::/0:64 (allocating us a /64 block of IPv6 and instructing us to route\nthe whole internet there).\n\n### cjdnstool iface\n\nCjdns connects to peers via pluggable interfaces, there are the UDPInterface and the\nETHInterface classes of interfaces but other interfaces can easily be developed. Of\nthese classes, there may be multiple actual interfaces which corrispond to (for example)\nthe UDP/IPv4 stack vs. the UDP/IPv6 stack, or ETHInterface instances connected to\ndifferent ethernet devices.\n\n#### cjdnstool iface show\n\nThis shows a list of all the configured interfaces, this command takes no arguments and\nit is the default command, so typing `cjdnstool iface` will do the same thing. The output\nis the interface number (needed when configuring new peers), the name of the interface,\nand the beaconing state (whether it is sending beacon messages to search for new peers).\n\n##### Example\n\nThis shows 2 UDPInterface instances, 1 configured for IPv4 and 1 configured for IPv6.\n\n```\n$ cjdnstool iface show\n1 \tUDP/IPv6/[::]:51056\tbeaconState=DISABLED\n0 \tUDP/IPv4/0.0.0.0:51056\tbeaconState=SENDING\n$\n```\n\n### cjdnstool traceroute\n\nGive the list of nodes between your node and the target of the traceroute. The target\ncan be given in any way that is accepted by `cjdnstool resolve`. There are 3 options\nto this command.\n\n* `-2` Use the subnode pathfinder for resolving the getPeers requests which are needed\nto perform the traceroute. Because in certain versions, the subnode pathfinder's getPeers\nhandler had a bug (present in 20.0 and 20.1, fixed in 20.2), this is disabled by default,\nbut it can be effective for detecting the nodes which are running the problematic version.\n* `-v`, `--verbose` Print extra debug information.\n* `-p \u003cpref\u003e`, `--pref=\u003cpref\u003e` Use this method of resolving the path, see\n[cjdnstool resolve](https://github.com/cjdelisle/cjdnstool#cjdnstool-resolve) for more\ninformation.\n\nThe way this traceroute works is by performing getPeers requests in sequence to your own\nnode and then to each node along the path, following the node which is in the path to the\nfinal destination.\n\n#### Example\n\n```\n$ cjdnstool traceroute fcfc:5d70:99b6:4e0c:cba6:61ec:434b:df1a\ntraceroute v17.0000.0000.0005.d3a3.h4quw20xhnz4m40l5td9h6qhug86yghs83w54qd0v7fzywdsh700.k (getPeers) (resolved from [session])\nv20.0000.0000.0000.0001.3fdqgz2vtqb0wx02hhvx3wjmjqktyt567fcuvj3m72vw5u6ubu70.k 3ms\nv20.0000.0000.0000.0013.cmnkylz1dx8mx3bdxku80yw20gqmg0s9nsrusdv0psnxnfhqfmu0.k 32ms\nv20.0000.0000.0000.0ba3.cnm1119sxujn7judmpnj100j8mmvxgyrqb250ldx61p3rh6d0dc0.k 51ms\nv17.0000.0000.0005.d3a3.h4quw20xhnz4m40l5td9h6qhug86yghs83w54qd0v7fzywdsh700.k 59ms\n```\n\n### cjdnstool conf\n\nThese commands are for manipulating the cjdns config file format. That format is JSON with\nC and C++ style comments but without floating points numbers, null, nor the boolean type.\nBefore any sub-command, you can specify `-f \u003cfilename\u003e` or `--file=\u003cfilename\u003e` in order to\nprovide a particular path to the cjdns conf file, otherwise it will default to using\n`/etc/cjdroute.conf`.\n\n#### cjdnstool conf migrate\n\nBefore you can make changes to a cjdns conf file, it must be migrated to version 2.\nHistorically, cjdns was known for accepting conf files with errors such as missing\ncommas or even arbitrary text in certain places. Version 2 forbids such things\nbut files which do not specify `version: 2` will be treated by cjdns as version 1\nin order to avoid surprise no-start on upgrade. `cjdnstool conf migrate` will make\nparse and then re-serialize your conf file (preserving comments!) and it will then\nadd `version: 2` flag to the end of the conf file in order to indicate to cjdns that\nit should from now on be parsed in strict mode. Your old conf file will be preserved\nas `\u003cname of your conf file\u003e.old`.\n\nOptions to `cjdnstool conf migrate` are as follows:\n* `-y` Treat the answer as yes, you will not be prompted - use with caution.\n* `-d`, `--dryrun` Do not actually edit the conf file, just print a *unified diff*\npatch showing what would be changed and then exit.\n\n##### Example\n\n```\n$ cjdnstool conf --file=./cjdroute-new.conf migrate\nIndex: ./cjdroute-new.conf\n===================================================================\n--- ./cjdroute-new.conf\n+++ ./cjdroute-new.conf\n@@ -274,13 +274,14 @@\n     },\n\n     // If set to non-zero, cjdns will not fork to the background.\n     // Recommended for use in conjunction with \"logTo\":\"stdout\".\n-    \"noBackground\": 0\n+    \"noBackground\": 0,\n\n     // Pipe file will store in this path, recommended value: /tmp (for unix),\n     // \\\\.\\pipe (for windows)\n     // /data/local/tmp (for rooted android)\n     // /data/data/AppName (for non-root android)\n     // This only needs to be specified if cjdroute's guess is incorrect\n     // \"pipe\": \"/tmp\"\n+    \"version\": 2\n }\n\n\nMaking these changes in file [./cjdroute-new.conf]\nOld version will be stored in [./cjdroute-new.conf.old]\nIs this ok? [Y/n] Y\n./cjdroute-new.conf written\n$\n```\n\n#### cjdnstool conf put\n\nOnce you have migrated your conf file, you can now make changes to it programmatically.\nYour changes will be performed using [cjdnsconf](https://github.com/cjdelisle/cjdnsconf)\nwhich will do its best to preserve comments and empty lines while altering the config\nfile. `cjdnstool conf put` takes 2 mandatory arguments: path and value. The path is a\nJSON path, e.g. `security[0].name` and the value is a number, string or piece of JSON.\n\nOptions for `cjdnstool conf put` are as follows:\n* `-d`, `--dryrun` Do not actually edit the conf file, just print a *unified diff*\npatch showing what would be changed and then exit.\n\nTips:\n* If you want to delete an entry, you can do so by assigning it to null.\n* If you want to assign an entry to a string value which *could* parse as JSON, be\ncareful to quote the string in order to avoid it being parsed before assignment.\nFor example if you want to assign something to a string which is: `[2]`, you should\nuse `cjdnstool conf put whatever.path '\"[2]\"'` because otherwise it will be assigned\nto a single element array containing the number 2.\n\n##### Example\n\nWith the `-d` (dryrun) feature, you can see what your command *would* do if it was\ngiven, the output will be a patch in unified diff format.\n\n```\n$ cjdnstool conf put -d admin.password very_secret\nIndex: /etc/cjdroute.conf\n===================================================================\n--- /etc/cjdroute.conf\n+++ /etc/cjdroute.conf\n@@ -53,9 +53,9 @@\n         // Port to bind the admin RPC server to.\n         \"bind\": \"127.0.0.1:11234\",\n\n         // Password for admin RPC server.\n-        \"password\": \"NONE\"\n+        \"password\": \"very_secret\"\n     },\n\n     // Interfaces to connect to the switch core.\n     \"interfaces\": {\n\n```\n\nSince null is not allowed in cjdns config objects, setting an entry to null deletes\nthat entry. Furthermore, deleting an entry in a list or dictionary will clean out all\ncomments which are just before that entry.\n\n```\n$ cjdnstool conf put -d security[4] null\nIndex: /etc/cjdroute.conf\n===================================================================\n--- /etc/cjdroute.conf\n+++ /etc/cjdroute.conf\n@@ -240,15 +240,8 @@\n         // this prevents many types of exploits from attacking the wider system.\n         // Default: enabled\n         { \"noforks\": 1 },\n\n-        // Seccomp is the most advanced sandboxing feature in cjdns, it uses\n-        // SECCOMP_BPF to filter the system calls which cjdns is able to make on a\n-        // linux system, strictly limiting it's access to the outside world\n-        // This will fail quietly on any non-linux system\n-        // Default: enabled\n-        { \"seccomp\": 1 },\n-\n         // The client sets up the core using a sequence of RPC calls, the responses\n         // to these calls are verified but in the event that the client crashes\n         // setup of the core completes, it could leave the core in an insecure state\n         // This call constitutes the client telling the core that the security rules\n\n```\n\nYou can assign entire blocks of JSON to parts of the conf, but beware, any comments\nwhich live inside of that JSON block will go away.\n\n```\n$ cjdnstool conf put -d logging '{ \"logTo\": \"stdout\" }'\nIndex: /etc/cjdroute.conf\n===================================================================\n--- /etc/cjdroute.conf\n+++ /etc/cjdroute.conf\n@@ -258,13 +258,9 @@\n         { \"setupComplete\": 1 }\n     ],\n\n     // Logging\n-    \"logging\": {\n-        // Uncomment to have cjdns log to stdout rather than making logs available\n-        // via the admin socket.\n-        //        \"logTo\":\"stdout\"\n-    },\n+    \"logging\": { \"logTo\": \"stdout\" },\n\n     // If set to non-zero, cjdns will not fork to the background.\n     // Recommended for use in conjunction with \"logTo\":\"stdout\".\n     \"noBackground\": 1,\n\n```\n\nYou can also assign just a single entry in a block\n\n```\n$ cjdnstool conf put -d logging.logTo stdout\nIndex: /etc/cjdroute.conf\n===================================================================\n--- /etc/cjdroute.conf\n+++ /etc/cjdroute.conf\n@@ -262,8 +262,9 @@\n     \"logging\": {\n         // Uncomment to have cjdns log to stdout rather than making logs available\n         // via the admin socket.\n         //        \"logTo\":\"stdout\"\n+        \"logTo\": \"stdout\"\n     },\n\n     // If set to non-zero, cjdns will not fork to the background.\n     // Recommended for use in conjunction with \"logTo\":\"stdout\".\n\n```\n\n#### cjdnstool conf get\n\n`cjdnstool conf get` works even without a version 2 configuration, so for this migration is\nnot necessary. Like `cjdnstool conf put`, `cjdnstool conf get` takes a JSON path which selects\nan entry and it returns that entry. `cjdnstool conf get` takes no options.\n\n##### Example\n\n```\n$ cjdnstool conf get admin.bind\n127.0.0.1:11234\n$ cjdnstool conf get logging.logTo\nundefined\n$ cjdnstool conf get security[2]\n{\"nofiles\":0}\n$ cjdnstool conf get router.ipTunnel.outgoingConnections[0]\ncmnkylz1dx8mx3bdxku80yw20gqmg0s9nsrusdv0psnxnfhqfmu0.k\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcjdelisle%2Fcjdnstool","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcjdelisle%2Fcjdnstool","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcjdelisle%2Fcjdnstool/lists"}