IP2Location Nginx Module配置使用小结

IP2Location Nginx Module配置使用小结

技术杂谈小彩虹2021-08-23 18:08:23140A+A-

前言

IP2Location主要是用于代替MaxMind GeoIP,原因是GeoIP数据库针对中国的Blacklist黑名单有非常高的误伤率,选择IP2Location可以有效降低误伤,为了业务需求得及时做出改变。在使用IP2Location的过程中发现官网的步骤还是存在一些问题,这里记录和分享下自己逐步解决问题的过程。

更新历史

2020年04月21日 - 初稿

阅读原文 - wsgzao.github.io/post/ip2loc…


GeoIP和IP2Location简介

GeoIP是一套含IP数据库的软件工具。除此之外还有IP2Location等,国内做得比较深入的是高春辉创建的IPIP.NET

Geo根据来访者的IP, 定位该IP所在经纬度、国家/地区、省市、和街道等位置信息。

GeoIP/IP2Location等通常有两个版本,一个免费版,一个收费版本。

收费版本的准确率高一些,更新频率也更频繁。

Geo IP solution to identify country, region, city, latitude & longitude, ZIP code, time zone, connection speed, ISP, domain name, IDD country code, area code, weather station data, mobile network codes (MNC), mobile country codes (MCC), mobile carrier, elevation and usage type.

GeoIP是大家都非常熟悉的老字号,而这次的主角是IP2Location

IP2Location Nginx Module

This is an IP2Location Nginx Module that enables the user to identify the country code and country name by IP address. In general, it is faster, easier and more accurate than reverse DNS lookups.

www.ip2location.com/development…

Installation

IP2Location C library enables the user to find the country, region, city, coordinates, ZIP code, time zone, ISP, domain name, connection type, area code, weather, MCC, MNC, mobile brand name, elevation and usage type that any IP address or hostname originates from. It has been optimized for speed and memory utilization. Developers can use the API to query all IP2Location binary databases for IPv4 and IPv6 address.

  • Download IP2location C library from here.

  • Download and decompress this Nginx module package.

  • Change the path to IP2Location library in "ngx_http_ip2location_module.c".

  • Re-compile Nginx from source to include this module. Add the below directive into the compile of Nginx:

    ./configure --add-module=/absolute/path/to/nginx-ip2location-8.0.0 make make install

  • Edit your Nginx config file to point the correct path of IP2Location database file:

    ip2location_database /absolute/path/to/IP2LOCATION-DB1.BIN;

安装备注

IP2Location官方的执行步骤存在一些问题没有说清楚,这里分享自己实践后的步骤和结论

安装依赖包

# These are for RedHat, CentOS, and Fedora.
sudo yum install wget git gcc-c++ pcre-devel zlib-devel make libtool autoconf automake

# These are for Debian. Ubuntu will be similar.
sudo apt-get install wget git build-essential zlib1g-dev libpcre3 libpcre3-dev libtool autoconf automake

编译 IP2Location C library

git clone https://github.com/chrislim2888/IP2Location-C-Library
cd IP2Location-C-Library
autoreconf -i -v --force
./configure
make
make install
# 以下步骤可选
cd data
perl ip-country.pl
cd ../test
./test-IP2Location

编译 Nginx

nginx: download

# Download ip2location-nginx
git clone https://github.com/ip2location/ip2location-nginx

# IP2Location library in "ngx_http_ip2location_module.c"
cd ip2location-nginx
vim ngx_http_ip2location_module.c
#include "IP2Location.h"
#include "/root/ip2location/IP2Location-C-Library-master/libIP2Location/IP2Location.h"

# Download Nginx Stable version
VERSION="1.16.1"
wget http://nginx.org/download/nginx-${VERSION}.tar.gz 
tar -xvzf nginx-${VERSION}.tar.gz 
cd nginx-${VERSION}

# Compile Nginx
./configure --add-module=../ip2location-nginx
make
sudo make install

# error: Failed dependencies:
# libIP2Location.so.1()(64bit) is needed by nginx-garena-1.16.1-0.noarch
# 一般编译nginx二进制文件不会出现该问题,如果你使用rpmbuild打包就要注意了
rpm -Uvh https://rpms.remirepo.net/enterprise/7/remi/x86_64/libip2location-8.0.7-1.el7.remi.x86_64.rpm

IP2Location Database Download

IP2Location offers 5 free LITE databases and 24 commercial IP geolocation databases. Free database is less accurate comparing to commercial database.

# Create new directory for IP2Location database.
mkdir -p /usr/share/ip2location
cd /usr/share/ip2location

# Go to https://lite.ip2location.com. Sign up an account for login and password.
# Download and decompress the latest IP2Location LITE database.
wget http://download.ip2location.com/lite/IP2LOCATION-LITE-DB1.BIN.ZIP
unzip IP2LOCATION-LITE-DB1.BIN.ZIP

Configuration

You need to configure Nginx to use IP2LOCATION module.

# Edit
vi /etc/nginx/nginx.conf

# Add following lines under `http` context:

http {
ip2location on;
ip2location_database /usr/share/ip2location/IP2LOCATION-LITE-DB1.BIN;
#ip2location_database /usr/share/ip2location/IP-COUNTRY-REGION-CITY-LATITUDE-LONGITUDE-ZIPCODE-ISP-DOMAIN.BIN
ip2location_access_type shared_memory;
}

可选参数 ip2location_access_type file_io|shared_memory|cache_memory 默认为 shared_memory 建议不要选择 file_io, 否则可能会严重拖慢响应速度

Syntax

Syntax: ip2location on|off Default: off Context: http, server, location Description: Enable or disable IP2LOCATION Nginx module.

Syntax: ip2location_database path Default: none Context: http Description: The absolute path to IP2LOCATION BIN database.

Syntax: ip2location_access_type file_io|shared_memory|cache_memory Default: shared_memory Context: http Description: Set the method used for lookup.

Syntax: ip2location_proxy cidr|address Default: none Context: http Description: Set a list of proxies to translate x-forwarded-for headers for.

Syntax: ip2location_proxy_recursive on|off Default: off Context: http Description: Enable recursive search in the x-forwarded-for headers.

Variables

The following variables will be made available in Nginx:

ip2location_country_short
ip2location_country_long
ip2location_region
ip2location_city
ip2location_isp
ip2location_latitude
ip2location_longitude
ip2location_domain
ip2location_zipcode
ip2location_timezone
ip2location_netspeed
ip2location_iddcode
ip2location_areacode
ip2location_weatherstationcode
ip2location_weatherstationname
ip2location_mcc
ip2location_mnc
ip2location_elevation
ip2location_usagetype

You may block the traffic from United States in Nginx as below:

if ( $ip2location_country_short = 'US' ) {
    return 444;
}

if ( $ip2location_country_short = 'SG' ) {
    return 444;
}

还可以参照GeoIP的配置方法

map $ip2location_country_short $blacklist_country {
    default no;
    CN yes;
}

server {
        listen 80;
        server_name wangao.com;
        if ($blacklist_country = yes) {
            return 444;
        }
}

浏览器访问检查nginx log结果

tailf /var/log/nginx/access.log

xxx - - [21/Apr/2020:17:18:11 +0800] "GET / HTTP/1.1" 200 396 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"

xxx - - [21/Apr/2020:17:18:42 +0800] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"

IP2Location Python Library

This module is a Python Library to support all IP2Location database products. It has been optimized for speed and memory utilization. Developers can use this API to query all IP2Location binary databases for IPv4 and IPv6 address.

www.ip2location.com/development…

import IP2Location
 
IP2LocObj = IP2Location.IP2Location()
''' Cache the database into memory to accelerate lookup speed. WARNING: Please make sure your system have sufficient RAM to use this feature. '''
# database = IP2Location.IP2Location(os.path.join("data", "IPV6-COUNTRY.BIN"), "SHARED_MEMORY")
IP2LocObj.open("data/IP-COUNTRY-REGION-CITY-LATITUDE-LONGITUDE-ZIPCODE-TIMEZONE-ISP-DOMAIN-NETSPEED-AREACODE-WEATHER-MOBILE-ELEVATION-USAGETYPE-SAMPLE.BIN")
rec = IP2LocObj.get_all("19.5.10.1")
 
print rec.country_short
import IP2Location
import sys
import argparse

def ip2location_search(ip, db):
    IP2LocObj = IP2Location.IP2Location()
    ''' Cache the database into memory to accelerate lookup speed. WARNING: Please make sure your system have sufficient RAM to use this feature. '''
    # database = IP2Location.IP2Location(os.path.join("data", "IPV6-COUNTRY.BIN"), "SHARED_MEMORY")
    IP2LocObj.open(db)
    rec = IP2LocObj.get_all(ip)
    print rec.country_short

def _parse_args():
    parser = argparse.ArgumentParser(description="Search IP in IP2Location Database")
    parser.add_argument("-i", "--ip", help="Input ip", required=True)
    parser.add_argument("-d", "--db", help="Path to ip2location db", required=True)
    return parser.parse_args()

if __name__ == "__main__":
    args = _parse_args()
    ip = args.ip
    db = args.db
    ip2location_search(ip, db)

参考文章

How to use IP2Location GeoLocation with Nginx

How to Install IP2Location Nginx Module on Debian

Upgrade to GeoIP2 with NGINX on CentOS/RHEL

点击这里复制本文地址 以上内容由权冠洲的博客整理呈现,请务必在转载分享时注明本文地址!如对内容有疑问,请联系我们,谢谢!

支持Ctrl+Enter提交

联系我们| 本站介绍| 留言建议 | 交换友链 | 域名展示
本站资源来自互联网收集,仅供用于学习和交流,请遵循相关法律法规,本站一切资源不代表本站立场,如有侵权、后门、不妥请联系本站删除

权冠洲的博客 © All Rights Reserved.  Copyright quanguanzhou.top All Rights Reserved
苏公网安备 32030302000848号   苏ICP备20033101号-1
本网站由 提供CDN/云存储服务

联系我们