Drupal behind reverse proxy "loses" client IP

SourceForge recently upgraded their systems to put all their Apache's behind Nginx, as a reverse proxy ("accelerator"). This has the downside that all logs, rate limitations based on IP etc. "breaks", since all requests seems to come from a single IP. It would also break any module additions that depend on accurate IP information (there seems to be plenty of such plugins). I can imagine other systems behind any reverse proxy could suffer the same (at least without some Apache tweaking/config).

So, my suggestion is to add a global preference, which lets you specify which Host: header (if available) should be used for the remote IP. I'm attaching a prototype patch, which does work for my particular installation (Drupal behind Nginx). This is obviously not a proposed patch, for example it doesn't have the preference part. We should probably also add support for parsing an X-Forwarded-For type header, which can include multiple IPs, I'd be happy to help out with this code, if this is a feature that'd be considered useful. The attached patch is there as a proof of concept (and it does work in real use).

Note: I understand that this has security issues, i.e. the reverse proxy needs to make sure to never let this header slip through from the outside, and that users can not bypass the reverse proxy. Either could let clients (abusers) set the IP arbitrarily, so a user of this feature must be aware of this.