This topic describes how to obtain the originating IP addresses of clients that access a game running on a Linux server.

Integrate a TCP Option Address (TOA) module by using application hooks

  1. Run the install.sh script to install services that relate to the toa_server.
  2. Specify preload.so when you start an application service. If the name of an application service is nginx, you can use the following command to start the application server. 
    LD_PRELOAD=./preload.so ./nginx
    Note You must find the entry point to your program and include the parameter in the preceding command to start the service.
    Perform the following steps to install the nginx service.
    1. Run the install.sh script.
    2. Check whether the /usr/lib/systemd/system/nginx.service file exists.
    3. Run the following command to update the mynginx.sh script. 
      cat > /root/mynginx.sh
    4. Add the following content to the mynginx.sh script and replace path-to-preload.so with the full path of the preload.so file. 
      #!/bin/bash
LD_PRELOAD=path-to-preload.so /usr/sbin/nginx
    5. Run the following command to modify the permissions on the mynginx.sh script. 
      chmod +x /root/mynginx.sh
    6. Run the following command to edit the nginx.service file. 
      vi /usr/lib/systemd/system/nginx.service
    7. Replace ExecStart=/usr/sbin/nginx with ExecStart=/root/mynginx.sh.
    8. Run the following command to restart the nginx service. 
      service nginx restart
    9. Run the following command to enable automatic start for the nginx service at startup. 
      systemctl enable nginx.service
      Note You can also start the nginx service by adding the following content to the nginx_reload.sh script. 
      killall nginx
LD_PRELOAD=path-to-preload.so /usr/local/nginx/sbin/nginx

      Then, you need to add the directory where the nginx_reload.sh script is stored to the rc.local startup configuration file.

  3. Run the following command to enable automatic start for the TOA module at startup. 
    chmod +x /etc/rc.d/rc.local
  4. Check whether preload.so is loaded by the nginx service.
    The following command examples are provided for your reference:
    • To check whether a port is enabled, run the netstat -ntulp |grep 48888 command.
    • To check whether the nginx service is running and view its process identifier (PID), run the ps -ef | grep nginx command.
    • To check whether preload.so is loaded, run the cat /proc/PID/maps | grep preload.so command.

Integrate a TOA module into application code

The TOA module of GameShield installs a process on an origin server. The process listens on UDP port 48888. A game process passes non-real port numbers and IP addresses to port 48888 by using a specific format and retrieves port numbers and originating IP addresses from the process.

Usage notes
  • You must ensure that UDP port 48888 is not disabled by the firewall on the localhost of 127.0.0.1.
  • When you configure settings to allow access to the endpoint of 127.0.0.1:48888 over UDP, you must specify a timeout period. This setting helps avoid denial of services due to unexpected issues.
  • You can retrieve originating IP addresses by using the bypass method. In theory, there is only a low probability that retrieving originating IP addresses fails. However, you still need to prepare related solutions when an application process fails to retrieve originating IP addresses.
  • In a server-client connection, data that is related to IP addresses and ports is deleted when one of the parties closes the connection socket. You must re-establish a connection between the server and the client to create data that relates to IP addresses and ports.

For more information, see the instructions that are provided in the TOA archive. You can also contact GameShield technical support.