Skip to main content

Overview

Daemon control commands interact with a running TurkeyDPI daemon (started with run command) via Unix socket. These commands allow you to monitor status, gather statistics, and manage the engine without restarting. All commands communicate through the control socket (default: /tmp/turkeydpi.sock).

Commands

start

Start the DPI bypass engine. 
turkeydpi start
Output: 
Engine started
Use case: Start processing after stop command or initialization. Note: The engine auto-starts when daemon launches, so this is mainly used after explicit stop.

stop

Stop the DPI bypass engine. 
turkeydpi stop
Output: 
Engine stopped
Use case: Temporarily pause packet processing without shutting down the daemon. Effect:
  • Stops accepting new flows
  • Existing flows are completed
  • Control server remains active
  • Proxy backend (if enabled) stops accepting connections

status

Display detailed daemon status. 
turkeydpi status
Output: 
Status:
  State: Running
  Running: true
  Active flows: 127
  Packets processed: 458392
  Bytes processed: 245.67 MB
  Errors: 3
  Last error: Flow table full
  Config: /etc/turkeydpi/config.toml
Fields:
State
enum
Engine state: Stopped, Starting, Running, Stopping, or Error
Running
boolean
Whether engine is currently processing packets
Active flows
integer
Number of currently tracked flows in the flow table
Packets processed
integer
Total packets processed since engine start
Bytes processed
string
Total data processed (formatted: B, KB, MB, GB)
Errors
integer
Total error count since engine start
Last error
string
Most recent error message (if any)
Config
string
Path to loaded configuration file (if specified)

health

Display health information and system details. 
turkeydpi health
Output: 
Health:
  Version: 0.1.0
  API Version: 1.0.0
  Running: true
  Uptime: 3647s
  Backend: proxy
  OS: linux (x86_64)
Fields:
Version
string
TurkeyDPI version (from Cargo.toml)
API Version
string
Control protocol API version (currently 1.0.0)
Running
boolean
Overall daemon running status
Uptime
integer
Seconds since daemon started
Backend
string
Active backend type: proxy, transparent, or tun
OS
string
Operating system and architecture
Use case: Quick health check, version verification, uptime monitoring.

stats

Display detailed packet processing statistics. 
turkeydpi stats
Output: 
Statistics:
  Packets in:       1245789
  Packets out:      1245623
  Bytes in:         856.34 MB
  Bytes out:        857.12 MB
  Packets dropped:  166
  Packets matched:  892456
  Transformed:      892450
  Transform errors: 6
  Active flows:     234
  Flows created:    15678
  Flows evicted:    15444
  Fragments gen:    445623
  Total jitter:     12456ms
  Decoys sent:      0
Metrics:
Packets in
integer
Total packets received from clients
Packets out
integer
Total packets sent to destinations
Bytes in
string
Total data received (formatted)
Bytes out
string
Total data sent (formatted)
Packets dropped
integer
Packets dropped due to errors or policy
Packets matched
integer
Packets matching configured rules
Transformed
integer
Packets successfully transformed
Transform errors
integer
Transformation failures
Active flows
integer
Currently tracked flows
Flows created
integer
Total flows created since start
Flows evicted
integer
Flows removed (timeout or table full)
Fragments gen
integer
Total packet fragments generated
Total jitter
string
Cumulative jitter delay applied (milliseconds)
Decoys sent
integer
Decoy packets sent (if decoy transform enabled)
Use case: Performance monitoring, rule effectiveness analysis, troubleshooting.

reset-stats

Reset all statistics counters to zero. 
turkeydpi reset-stats
Output: 
Statistics reset
Effect: Resets all counters from stats command to 0. Does not affect:
  • Flow table (active flows remain)
  • Engine state
  • Configuration
Use case: Benchmarking, testing, clearing after configuration changes.

Global Options

All daemon control commands support these global options:
--socket
path
default:"/tmp/turkeydpi.sock"
Path to control socket.Must match the socket path used when starting the daemon with run --socket.Example:
turkeydpi --socket /var/run/turkeydpi.sock status
--log-level
string
default:"info"
Logging level for the command itself (not the daemon).
--json-logs
boolean
default:"false"
Output logs in JSON format.

Examples

Monitor active connections

watch -n 1 'turkeydpi stats | grep "Active flows"'
Output: 
Every 1.0s: turkeydpi stats | grep "Active flows"
  Active flows:     234

Check health in script

#!/bin/bash
if turkeydpi health | grep -q "Running: true"; then
    echo "TurkeyDPI is healthy"
else
    echo "TurkeyDPI is not running"
    exit 1
fi

Get uptime

turkeydpi health | grep Uptime | awk '{print $2}'

Check transformation effectiveness

turkeydpi stats | grep -E "(Packets matched|Transformed)"
Output: 
  Packets matched:  892456
  Transformed:      892450
Transform rate: 892450/892456 = 99.999% success

Monitor with custom socket

turkeydpi --socket /var/run/turkeydpi.sock status

Integration Examples

Prometheus Exporter Script

#!/bin/bash
# Export TurkeyDPI metrics for Prometheus

STATS=$(turkeydpi stats)

echo "# HELP turkeydpi_packets_in Total packets received"
echo "# TYPE turkeydpi_packets_in counter"
echo "turkeydpi_packets_in $(echo "$STATS" | grep 'Packets in' | awk '{print $3}')"

echo "# HELP turkeydpi_active_flows Currently active flows"
echo "# TYPE turkeydpi_active_flows gauge"
echo "turkeydpi_active_flows $(echo "$STATS" | grep 'Active flows' | awk '{print $3}')"

# ... more metrics ...

Health Check for Monitoring

#!/bin/bash
# Nagios/Icinga compatible health check

HEALTH=$(turkeydpi health 2>&1)
RET=$?

if [ $RET -ne 0 ]; then
    echo "CRITICAL - Cannot connect to TurkeyDPI daemon"
    exit 2
fi

if echo "$HEALTH" | grep -q "Running: true"; then
    UPTIME=$(echo "$HEALTH" | grep Uptime | awk '{print $2}')
    echo "OK - TurkeyDPI running, uptime ${UPTIME}s"
    exit 0
else
    echo "WARNING - TurkeyDPI daemon not running"
    exit 1
fi

Auto-restart on Error State

#!/bin/bash
# Monitor and auto-restart on error

while true; do
    STATUS=$(turkeydpi status 2>&1)
    
    if echo "$STATUS" | grep -q "State: Error"; then
        echo "$(date): Error state detected, restarting..."
        systemctl restart turkeydpi
    fi
    
    sleep 60
done

Control Protocol

The control commands use a Unix socket protocol with JSON messages:

Request Format

{
  "id": 1,
  "command": {
    "type": "get_status"
  }
}

Response Format

{
  "id": 1,
  "success": true,
  "result": "status",
  "payload": {
    "running": true,
    "state": "running",
    "active_flows": 127,
    ...
  }
}
Available Commands:
  • health - Get health info
  • start - Start engine
  • stop - Stop engine
  • get_config - Get current config
  • set_config - Update config
  • reload - Reload from file
  • get_stats - Get statistics
  • reset_stats - Reset counters
  • get_status - Get status
  • ping - Connectivity test

Troubleshooting

Causes:
  • Daemon not running
  • Wrong socket path
  • Permission denied
Solutions:
# Check if daemon is running
ps aux | grep turkeydpi

# Verify socket exists
ls -la /tmp/turkeydpi.sock

# Check permissions
chmod 666 /tmp/turkeydpi.sock

# Use correct socket path
turkeydpi --socket /var/run/turkeydpi.sock status
Daemon is running but not accepting connections. Check logs:
journalctl -u turkeydpi -n 50
Socket file exists but daemon is not running:
rm /tmp/turkeydpi.sock
systemctl restart turkeydpi
Daemon is overloaded or hung. Check resource usage:
top -p $(pgrep turkeydpi)

See Also

Build docs developers (and LLMs) love

Get started for freeTalk to us