I have a site that sits behind a load balancer. I had dynamic blacklist On and the load balancer IP was blocked, blocking everyone.
I had to disable that feature.
It would be great to have a "behind load balancer" option, and you would block the "X-Forwarded-For" IP instead of the load balancer IP.
Please consider it.
There is an option to do that: just go to Configuration -> Global configuration -> Tuning and set the "Avoid proxies" option to No. This way the X-Forwarder-For header will be used to determine offensive IP.