I've patched 1.3.33 to provide a new boolean directive ProxyFakeRemoteAddr which, when enabled, plucks the value of any X-Forwarded-For header and populates REMOTE_ADDR with it. It also supresses any attempt to set REMOTE_HOST.
-1 for adding this to 1.3 (IIRC, we once decided to not add any new features to 1.3).
-0 for adding this to 2.x
Thanks Lars. I'll be doing a 2.x patch this evening. I'll report back.
