From cdac75be06fe73f9189d24a467fb40e6a8b415cb Mon Sep 17 00:00:00 2001
From: Kevin Pham <kevin@deoxy.net>
Date: Fri, 1 Dec 2023 14:13:29 -0600
Subject: [PATCH] add troubleshooting comment for CF-Connecting-IP header
 spoofing issue with cloudflare

---
 .../requestmodifers/masquerade_as_trusted_bot.go     | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/proxychain/requestmodifers/masquerade_as_trusted_bot.go b/proxychain/requestmodifers/masquerade_as_trusted_bot.go
index f9bab95..aaa1e9d 100644
--- a/proxychain/requestmodifers/masquerade_as_trusted_bot.go
+++ b/proxychain/requestmodifers/masquerade_as_trusted_bot.go
@@ -87,8 +87,20 @@ func masqueradeAsTrustedBot(botUA string, botIP string, ja3 string) proxychain.R
 			SetRequestHeader("X-Real-IP", botIP),
 			// akamai
 			SetRequestHeader("True-Client-IP", botIP),
+
 			// cloudflare
+			// TODO: this seems to cause issues with CF... figure out workaround or remove
+			/*
+				Error 1000
+				Ray ID: xxxxxxxxxxxxxxxx •
+				2023-12-01 20:09:22 UTC
+				DNS points to prohibited IP
+				What happened?
+				You've requested a page on a website (xxxxxxxxxxxxxxxxxxx) that is on the Cloudflare network. Unfortunately, it is resolving to an IP address that is creating a conflict within Cloudflare's system
+			*/
+
 			SetRequestHeader("CF-Connecting-IP", botIP),
+
 			// weblogic
 			SetRequestHeader("WL-Proxy-Client-IP", botIP),
 			// azure