diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
index f32523c561..eab82121c0 100644
--- a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
+++ b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
@@ -47,7 +47,15 @@ class Configuration implements ConfigurationInterface
         $rootNode
             ->children()
                 ->scalarNode('charset')->end()
-                ->scalarNode('trust_proxy_headers')->defaultFalse()->end()
+                ->arrayNode('trusted_proxies')
+                    ->prototype('scalar')
+                        ->validate()
+                            ->ifTrue(function($v) { return !filter_var($v, FILTER_VALIDATE_IP); })
+                            ->thenInvalid('Invalid proxy IP "%s"')
+                        ->end()
+                    ->end()
+                ->end()
+                ->scalarNode('trust_proxy_headers')->defaultFalse()->end() // @deprecated, to be removed in 2.3
                 ->scalarNode('secret')->isRequired()->end()
                 ->scalarNode('ide')->defaultNull()->end()
                 ->booleanNode('test')->end()
diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
index 989991ad34..0a74063123 100644
--- a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
+++ b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
@@ -62,6 +62,9 @@ class FrameworkExtension extends Extension
         }
         $container->setParameter('kernel.secret', $config['secret']);
 
+        $container->setParameter('kernel.trusted_proxies', $config['trusted_proxies']);
+
+        // @deprecated, to be removed in 2.3
         $container->setParameter('kernel.trust_proxy_headers', $config['trust_proxy_headers']);
 
         if (!empty($config['test'])) {
diff --git a/src/Symfony/Bundle/FrameworkBundle/FrameworkBundle.php b/src/Symfony/Bundle/FrameworkBundle/FrameworkBundle.php
index 5f34b12ef8..06284b96a5 100644
--- a/src/Symfony/Bundle/FrameworkBundle/FrameworkBundle.php
+++ b/src/Symfony/Bundle/FrameworkBundle/FrameworkBundle.php
@@ -37,8 +37,10 @@ class FrameworkBundle extends Bundle
 {
     public function boot()
     {
-        if ($this->container->getParameter('kernel.trust_proxy_headers')) {
-            Request::trustProxyData();
+        if ($trustedProxies = $this->container->getParameter('kernel.trusted_proxies')) {
+            Request::setTrustedProxies($trustedProxies);
+        } elseif ($this->container->getParameter('kernel.trust_proxy_headers')) {
+            Request::trustProxyData(); // @deprecated, to be removed in 2.3
         }
     }