I've added a patch to the "'IP spoofing attack' breaks with some proxies" discussion.
http://rails.lighthouseapp.com/projects/8994-ruby-on-rails/tickets/1200
The patch is a workaround to the issue, since the real problem is poorly configured proxies, which can't be patched in Rails. Our site, which has a lot of WAP traffic, generates massive amounts of false positive "Spoofing Checks." To date, we've been monkey patching rails to remove that check, but I think the change I've suggested is a reasonable compromise.
Thanks, Darren
