This topic describes how to obtain real IP addresses of clients that access a game running on a Windows server.


  1. You can use Visual Studio 2013 or a later version to open and compile the toaservice.sln file.
  2. Run the toaservice.exe file that is compiled from toaservice.sln. This application runs as a backend process that listens on a network interface card (NIC) and allows access to API operations from UDP port 48888.

Integrate a TCP Options as Address (TOA) module by using application hooks

Note This method is only applicable to C++ and not applicable to other languages, such as C#.

You can follow these steps to integrate the module.

  1. Start the target application. Then, use the LoadLibraryA("GetSourceName.dll") command to load the GetSourceName.DLL file as soon as possbile.
    Note For more information, see the TestGetSourceName method in the toaservice.sln file.
  2. After the GetSourceName.DLL file is loaded, a backend process that is linked to the .dll file intercepts messages from the getpeername and accepts methods to retrieve the real IP addresses of clients.

Integrate a TOA module into application code

Similar to the method that is applied in Linux, you can integrate the TOA module by using code. The TOA module of GameShield installs a process on an origin server. The process listens on UDP port 48888. A game process passes non-real port numbers and IP addresses to port 48888 by using a specific format and retrieves port numbers and real IP addresses from the process.

  • Microsoft no longer offers support for Windows Server 2008.
  • During tests, you must make sure that the firewall on an origin server is disabled. Otherwise, you fail to obtain real IP addresses because the WSASocket SOCK_RAW socket cannot sniff incoming data packets.
  • You can retrieve real IP addresses by using the bypass method. In theory, retrieving real IP addresses seldom fails. However, you still need to prepare related solutions when an application process fails to retrieve real IP addresses.
  • You cannot use FreeLibrary to release the GetSourceName.dll file after you use the LoadLibrary method to load the GetSourceName.dll file. Otherwise, a Windows crash issue occurs.
    Note To resolve this issue, you can purchase the Microsoft Detours package and replace the mhook library.
  • The GetSourceName.dll file, the toaservice.exe file, and the executable file that loads GetSourceName.dll must reside in the same directory.
  • You must have the administrator permissions to run the executable file that is used to load the GetSourceName.dll file.
  • In terms of performance optimization, you must bind an NIC when a TOA module need to sniff data packets. If several NICs exists on an application server, you can modify the parameters in lines 131 to 139 of the toa_service/win/toaservice/toaservice/Sniffer.cpp file to bind the target NIC.

For more information, see the instructions that are provided in the TOA archive. You can also contact GameShield Technical Support.