diff --git a/Setup.hs b/Setup.hs
deleted file mode 100644
index 9a994af..0000000
--- a/Setup.hs
+++ /dev/null
@@ -1,2 +0,0 @@
-import Distribution.Simple
-main = defaultMain
diff --git a/src/Tunnel.hs b/src/Tunnel.hs
index 035432b..5451010 100644
--- a/src/Tunnel.hs
+++ b/src/Tunnel.hs
@@ -46,7 +46,7 @@ rrunTCPClient cfg app = bracket
       N.setSocketOption s N.RecvBuffer defaultRecvBufferSize
       N.setSocketOption s N.SendBuffer defaultSendBufferSize
       so_mark_val <- readIORef sO_MARK_Value
-      _ <- when (so_mark_val /= 0 && N.isSupportedSocketOption sO_MARK) (N.setSocketOption s sO_MARK so_mark_val)
+      when (so_mark_val /= 0 && N.isSupportedSocketOption sO_MARK) (N.setSocketOption s sO_MARK so_mark_val)
       return (s,addr)
     )
     (\r -> catch (N.close $ fst r) (\(_ :: SomeException) -> return ()))
@@ -190,7 +190,7 @@ runTlsTunnelingServer endPoint@(bindTo, portNumber) isAllowed = do
   info $ "WAIT for TLS connection on " <> toStr endPoint
 
   N.runTCPServerTLS (N.tlsConfigBS (fromString bindTo) (fromIntegral portNumber) Credentials.certificate Credentials.key) $ \sClient ->
-    runApp sClient WS.defaultConnectionOptions (serverEventLoop isAllowed)
+    runApp sClient WS.defaultConnectionOptions (serverEventLoop (N.appSockAddr sClient) isAllowed)
 
   info "SHUTDOWN server"
 
@@ -209,7 +209,7 @@ runTunnelingServer endPoint@(host, port) isAllowed = do
   let srvSet = N.setReadBufferSize defaultRecvBufferSize $ N.serverSettingsTCP (fromIntegral port) (fromString host)
   void $ N.runTCPServer srvSet $ \sClient -> do
     stream <- WS.makeStream (N.appRead sClient <&> \payload -> if payload == mempty then Nothing else Just payload) (N.appWrite sClient . toStrict . fromJust)
-    runApp stream WS.defaultConnectionOptions (serverEventLoop isAllowed)
+    runApp stream WS.defaultConnectionOptions (serverEventLoop (N.appSockAddr sClient) isAllowed)
 
   info "CLOSE server"
 
@@ -218,9 +218,11 @@ runTunnelingServer endPoint@(host, port) isAllowed = do
     runApp socket opts = bracket (WS.makePendingConnectionFromStream socket opts)
                          (\conn -> catch (WS.close $ WS.pendingStream conn) (\(_ :: SomeException) -> return ()))
 
-serverEventLoop :: ((ByteString, Int) -> Bool) -> WS.PendingConnection -> IO ()
-serverEventLoop isAllowed pendingConn = do
+serverEventLoop :: N.SockAddr -> ((ByteString, Int) -> Bool) -> WS.PendingConnection -> IO ()
+serverEventLoop sClient isAllowed pendingConn = do
   let path =  fromPath . WS.requestPath $ WS.pendingRequest pendingConn
+  let forwardedFor = filter (\(header,val) -> header == "x-forwarded-for") $ WS.requestHeaders $ WS.pendingRequest pendingConn
+  info $ "NEW incoming connection from " <> show sClient <> " " <> show forwardedFor
   case path of
     Nothing -> info "Rejecting connection" >> WS.rejectRequest pendingConn "Invalid tunneling information"
     Just (!proto, !rhost, !rport) ->
diff --git a/src/Types.hs b/src/Types.hs
index 6ee8c76..f3007c7 100644
--- a/src/Types.hs
+++ b/src/Types.hs
@@ -36,7 +36,7 @@ defaultSendBufferSize :: Int
 defaultSendBufferSize = defaultRecvBufferSize
 
 sO_MARK :: N.SocketOption
-sO_MARK = N.CustomSockOpt (fromIntegral 1, fromIntegral 36) -- https://elixir.bootlin.com/linux/latest/source/arch/alpha/include/uapi/asm/socket.h#L64
+sO_MARK = N.CustomSockOpt (1, 36) -- https://elixir.bootlin.com/linux/latest/source/arch/alpha/include/uapi/asm/socket.h#L64
 
 {-# NOINLINE sO_MARK_Value #-}
 sO_MARK_Value :: IORef Int