MODSEC-362

apache2/apache2_config.c

@@ -159,6 +159,9 @@ void *create_directory_config(apr_pool_t *mp, char *path)
     /* xml external entity */
     dcfg->xml_external_entity = NOT_SET;
 
+    /* remote addr define */
+    dcfg->remote_define = NOT_SET_P;
+
     return dcfg;
 }
 
@@ -598,6 +601,10 @@ void *merge_directory_configs(apr_pool_t *mp, void *_parent, void *_child)
     merged->xml_external_entity = (child->xml_external_entity == NOT_SET
         ? parent->xml_external_entity : child->xml_external_entity);
 
+    /* remote add define */
+    merged->remote_define = (child->remote_define == NOT_SET_P
+        ? parent->remote_define : child->remote_define);
+
     return merged;
 }
 
@@ -721,6 +728,9 @@ void init_directory_config(directory_config *dcfg)
     /* xml external entity */
     if (dcfg->xml_external_entity == NOT_SET) dcfg->xml_external_entity = 0;
 
+    /* remote addr define */
+    if (dcfg->remote_define == NOT_SET_P) dcfg->remote_define = "default";
+
 }
 
 /**
@@ -2286,6 +2296,15 @@ static const char *cmd_web_app_id(cmd_parms *cmd, void *_dcfg, const char *p1)
     return NULL;
 }
 
+static const char *cmd_remote_addr_define(cmd_parms *cmd, void *_dcfg, const char *p1)
+{
+    directory_config *dcfg = (directory_config *)_dcfg;
+
+    dcfg->remote_define = p1;
+
+    return NULL;
+}
+
 static const char *cmd_sensor_id(cmd_parms *cmd, void *_dcfg, const char *p1)
 {
     directory_config *dcfg = (directory_config *)_dcfg;
@@ -3475,6 +3494,14 @@ const command_rec module_directives[] = {
         "id"
     ),
 
+    AP_INIT_TAKE1 (
+        "SecRemoteAddrDefine",
+        cmd_remote_addr_define,
+        NULL,
+        CMD_SCOPE_MAIN,
+        "Define a request header field to define remote addr"
+    ),
+
     AP_INIT_TAKE1 (
         "SecSensorId",
         cmd_sensor_id,

apache2/modsecurity.h

@@ -598,6 +598,9 @@ struct directory_config {
 
     /* xml */
     int                 xml_external_entity;
+
+    /* remote addr */
+    const char          *remote_define;
 };
 
 struct error_message_t {

apache2/re_variables.c

@@ -700,7 +700,35 @@ static int var_useragent_ip_generate(modsec_rec *msr, msre_var *var, msre_rule *
 static int var_remote_addr_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
     apr_table_t *vartab, apr_pool_t *mptmp)
 {
+    char *remote = NULL;
+    char *parse_remote = NULL;
+    char *saved = NULL;
+    char *str = NULL;
+
+    if(strcasecmp(msr->txcfg->remote_define, "default") == 0)   {
+        if (msr->txcfg->debuglog_level >= 9) {
+            msr_log(msr, 9, "Set variable \"%s\" to \"%s\".", var->name, msr->remote_addr);
+        }
         return var_simple_generate(var, vartab, mptmp, msr->remote_addr);
+    } else  {
+        remote = (char *)apr_table_get(msr->r->headers_in, msr->txcfg->remote_define);
+        if(remote == NULL)  {
+            if (msr->txcfg->debuglog_level >= 9) {
+                msr_log(msr, 9, "Request header \"%s\" not present setting variable \"%s\" to \"%s\".", msr->txcfg->remote_define,
+                    var->name, msr->remote_addr);
+            }
+            return var_simple_generate(var, vartab, mptmp, msr->remote_addr);
+        } else  {
+            parse_remote = apr_pstrdup(msr->mp, remote);
+            str = apr_strtok(parse_remote, ",", &saved);
+            msr->remote_addr = apr_pstrdup(msr->mp, str);
+            if (msr->txcfg->debuglog_level >= 9) {
+                msr_log(msr, 9, "Request header \"%s\" is present setting variable \"%s\" to \"%s\".", msr->txcfg->remote_define,
+                    var->name, msr->remote_addr);
+            }
+            return var_simple_generate(var, vartab, mptmp, msr->remote_addr);
+        }
+    }
 }
 
 /* REMOTE_HOST */