Problem: identifying the correct client IP address, to be used of deny and allow lists when customer has 2 trusted proxies (CDN and ALB) before the http requests reach the CE, and both of them populates the XFF header.

We need to consider the 2 trusted proxy to evaluate the correct real client ip address, and not just using the rightmost -1.