Docs
uantiddos
Mainland High Defense
FAQ
How to obtain the user's real IP address

How to get the real IP address of the user?

Operations carry certain risks, it is recommended to backup the environment, and carry out when it does not affect the business.

Method one: Install the toa module

The mainland high defense gets the real IP address, You can load the exclusive UCloud Global kernel module on your source server, let the application directly get the source IP, then check the log, which is the real IP of the visitor. After passing the high defense, all the visitor IPs seen in the log become the source IPs of the high defense. If you need to obtain the real client IP, You can load the exclusive UCloud Global kernel module on your source server, so the application can directly get the source IP, then check the log, which is the real IP of the visitor.
Linux system
64-bit linux system can run “modprobe toa” to try to load the module, no other operations are required after successful.
If it prompts that the module is not found, you can manually compile and load it as follows:

  1. Check the current kernel version number, confirm whether the dependencies kernel-devel and kernel-headers are installed and whether the version number matches the kernel (uname -r && rpm -qa |egrep ‘kernel-devel|kernel-headers’):

  • If they match, skip step 2 and proceed to compile and install the toa module

  • If they do not match, as shown below:

After uninstallation, proceed to step 2 (rpm -e —nodeps kernel-devel kernel-headers)

  • If the dependencies are not installed, as shown below:
  1. yum search for ‘kernel-devel and kernel-headers’ packages corresponding to the current kernel version

  • If they exist, install the corresponding version (yum install pkgname-version.x86_64)

  • If not, as shown below

  • Open the website http://rpm.pbone.net , click the SEARCH label on the left, fill in the package name + version number (for example: kernel-devel-3.10.0-693.11.6.el7.x86_64), select the corresponding system release version (here is CentOS7), click search

Search result:

Or use Google to search for rpm.pbone.net kernel-devel-3.10.0-693.11.6.el7.x86_64

Install the downloaded file by rpm, the same applies to the installation of kernel-headers

Confirm the installation result (uname -r && rpm -qa|egrep ‘kernel-devel|kernel-headers’), as shown below:

  1. Download the universal version of the source package for linux, which supports most linux distributions including but not limited to Centos 6.9, Centos 7, Ubuntu 14.04, and has already adapted the linux kernel 5.0:
  1. Compile and load
yum install -y gcc
tar -zxvf linux_toa.tar.gz
cd linux_toa
make
mv toa.ko /lib/modules/`uname -r`/kernel/net/netfilter/ipvs/toa.ko
insmod /lib/modules/`uname -r`/kernel/net/netfilter/ipvs/toa.ko

The verification of the toa module installation is as follows (lsmod |grep toa):

  1. Add autoload modules at boot
echo "insmod /lib/modules/`uname -r`/kernel/net/netfilter/ipvs/toa.ko">> /etc/rc.local

Under the nginx environment, directly check the real visitor address in the nginx log, log path: /var/log/nginx/access.log

Under the Apache environment, directly inspect the real visitor’s address in the Apache log, log path: /etc/httpd/logs/access_log

  • Other web configuration environments, use the same method to check in the related web log files

Method two: Use with UWAF

If the requirements of Method one are not met, you can also purchase UWAF for use together. The domain name is first resolved to highdefense, and the source station is specified as uwaf’s IP. Operation see here.

Frequently Asked QuestionsOverseas High Defense