This is similar to the defensible module I tried out last year, but it appears to work really well. Its available in debian, which is convenient, but since I run Apache behind a reverse proxy (most likely Varnish), I need to switch around the X-Forwarded-For headers.
Thankfully, this works fine: http://www.openinfo.co.uk/apache/index.html. Since the author of mod_extract_forwarded used Apache 2.0, I've just emailed to share that I have succeeded in compiling it with 2.2:
Just a heads up that mod_extract_forwarded.c works for me with Apache 2.2 on Debian Squeeze. I'm using it to bridge between Varnish and mod-spamhaus.
I did run into a small issue on debian, the proxy modules must be loaded first, and apxs2 couldn't activate the module for me in httpd.conf (because its blank on debian). I used this name as the module loader: "proxy_xtract_forwarded", and this as its contents:
LoadModule extract_forwarded_module /usr/lib/apache2/modules/mod_extract_forwarded.so
And for the configuration:
<IfModule mod_extract_forwarded.c> MEFaccept all MEFdebug off </IfModule>
Note: this is on my development machine. I'll change MEFaccept on any production machines I install this on.
For more information on mod-spamhaus, here's a link to the author's website: Luca Ercoli.
This page about X-Forwarded-For at the Varnish trac was helpful too.