Pound経由でのHTTPアクセスではX-Forwarded-ForヘッダのIPアドレスに
クライアントのIPアドレスが格納されApache側ではPoundのIPでの
アクセスに見えてしまいます。

この問題を解決するためにmod_extract_forwarded2を使います。
このモジュールを使えばApacheのアクセスログやアクセス制限が
普通に使えるようになります。という事で、まずはコンパイル。

# yum install httpd-devel
　→apxsが必要になるのでパッケージをインストール
# wget http://www.cotds.org/mod_extract_forwarded2/mod_extract_forwarded2-0.1.tar.gz
　→ソースの取得
# tar zxvf /$HOME/mod_extract_forwarded2-0.1.tar.gz
# cd /$HOME/mod_extract_forwarded2-0.1
# /usr/sbin/apxs -i -c -a ./mod_extract_forwarded2.c
/usr/lib64/apr-1/build/libtool --silent --mode=compile gcc -prefer-pic -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -fno-strict-aliasing  -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -pthread -I/usr/include/httpd  -I/usr/include/apr-1   -I/usr/include/apr-1   -c -o ./mod_extract_forwarded2.lo ./mod_extract_forwarded2.c && touch ./mod_extract_forwarded2.slo
./mod_extract_forwarded2.c: In function 'rm_forwarder':
./mod_extract_forwarded2.c:130: warning: unused variable 'r'
./mod_extract_forwarded2.c: In function 'real_set_proxy_remote_addr':
./mod_extract_forwarded2.c:331: warning: unused variable 'start_ptr'
./mod_extract_forwarded2.c: In function 'restore_proxy_remote_addr':
./mod_extract_forwarded2.c:318: warning: control reaches end of non-void function
./mod_extract_forwarded2.c: At top level:
./mod_extract_forwarded2.c:426: warning: 'ft_set_proxy_remote_addr' defined but not used
/usr/lib64/apr-1/build/libtool --silent --mode=link gcc -o ./mod_extract_forwarded2.la  -rpath /usr/lib64/httpd/modules -module -avoid-version    ./mod_extract_forwarded2.lo
/usr/lib64/httpd/build/instdso.sh SH_LIBTOOL='/usr/lib64/apr-1/build/libtool' ./mod_extract_forwarded2.la /usr/lib64/httpd/modules
/usr/lib64/apr-1/build/libtool --mode=install cp ./mod_extract_forwarded2.la /usr/lib64/httpd/modules/
cp ./.libs/mod_extract_forwarded2.so /usr/lib64/httpd/modules/mod_extract_forwarded2.so
cp ./.libs/mod_extract_forwarded2.lai /usr/lib64/httpd/modules/mod_extract_forwarded2.la
cp ./.libs/mod_extract_forwarded2.a /usr/lib64/httpd/modules/mod_extract_forwarded2.a
chmod 644 /usr/lib64/httpd/modules/mod_extract_forwarded2.a
ranlib /usr/lib64/httpd/modules/mod_extract_forwarded2.a
PATH="$PATH:/sbin" ldconfig -n /usr/lib64/httpd/modules
----------------------------------------------------------------------
Libraries have been installed in:
   /usr/lib64/httpd/modules

If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
   - add LIBDIR to the `LD_LIBRARY_PATH' environment variable
     during execution
   - add LIBDIR to the `LD_RUN_PATH' environment variable
     during linking
   - use the `-Wl,--rpath -Wl,LIBDIR' linker flag
   - have your system administrator add LIBDIR to `/etc/ld.so.conf'

See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
chmod 755 /usr/lib64/httpd/modules/mod_extract_forwarded2.so
[activating module `extract_forwarded' in /etc/httpd/conf/httpd.conf]
　→コンパイル http.confまで追記してくれます。
# cat /etc/httpd/conf/httpd.conf | grep mod_extract_forwarded2
LoadModule extract_forwarded_module /usr/lib64/httpd/modules/mod_extract_forwarded2.so
　→http.confにてLoadModuleされているかの確認