Search for duplicate feature request

• I already searched, and this feature request or improvement is not a duplicate.

Feature scope

Improve existing functionality

Feature request related to a problem

While sws can log X-Forwarded-For headers with --log-forwarded-for, they aren't always reliable for security because clients and intermediate proxies can set the value to whatever they want.

Adding support for X-Real-IP would be useful since it's commonly used to log actual end-user IP addresses.

Also, the current logging misrepresents X-Forwarded-For addresses as "real". The header should generally be treated as untrusted user input, but "real" suggests otherwise.

Describe the solution you'd like

1. Change the existing log message real_remote_ip text to x_forwarded_for
2. Add a --log-x-real-ip flag that, when enabled, causes --log-remote-addr to use X-Real-IP (if present) instead of the socket address.

Describe alternatives you've considered

Adding a rich structured JSON logger for requests would be a reasonable alternative.

Build target

All targets

Additional context

Related: #494, #495, #112