From 86d939fbeee9e60c9dae801c12ff270bd62005f3 Mon Sep 17 00:00:00 2001
From: Breno Silva <breno.silva@gmail.com>
Date: Mon, 22 Apr 2013 14:05:51 -0400
Subject: [PATCH] MODSEC-362

---
 apache2/apache2_util.c | 25 ++++++++++++++++++++++---
 1 file changed, 22 insertions(+), 3 deletions(-)

diff --git a/apache2/apache2_util.c b/apache2/apache2_util.c
index 2f33c87e..03351769 100644
--- a/apache2/apache2_util.c
+++ b/apache2/apache2_util.c
@@ -198,6 +198,10 @@ static void internal_log_ex(request_rec *r, directory_config *dcfg, modsec_rec *
     apr_size_t nbytes, nbytes_written;
     apr_file_t *debuglog_fd = NULL;
     int filter_debug_level = 0;
+    char *remote = NULL;
+    char *parse_remote = NULL;
+    char *saved = NULL;
+    char *str = NULL;
     char str1[1024] = "";
     char str2[1256] = "";
 
@@ -268,9 +272,24 @@ static void internal_log_ex(request_rec *r, directory_config *dcfg, modsec_rec *
             "[client %s] ModSecurity: %s%s [uri \"%s\"]%s", r->useragent_ip ? r->useragent_ip : r->connection->client_ip, str1,
             hostname, log_escape(msr->mp, r->uri), unique_id);
 #else
-        ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r->server,
-            "[client %s] ModSecurity: %s%s [uri \"%s\"]%s", r->connection->remote_ip, str1,
-            hostname, log_escape(msr->mp, r->uri), unique_id);
+        if(strcasecmp(msr->txcfg->remote_define, "default") == 0)   {
+            ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r->server,
+                    "[client %s] ModSecurity: %s%s [uri \"%s\"]%s", r->connection->remote_ip, str1,
+                    hostname, log_escape(msr->mp, r->uri), unique_id);
+        } else  {
+            remote = (char *)apr_table_get(msr->r->headers_in, msr->txcfg->remote_define);
+            if(remote == NULL)  {
+                ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r->server,
+                        "[client %s] ModSecurity: %s%s [uri \"%s\"]%s", r->connection->remote_ip, str1,
+                        hostname, log_escape(msr->mp, r->uri), unique_id);
+            } else  {
+                parse_remote = apr_pstrdup(msr->mp, remote);
+                str = apr_strtok(parse_remote, ",", &saved);
+                ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r->server,
+                        "[client %s] ModSecurity: %s%s [uri \"%s\"]%s", str, str1,
+                        hostname, log_escape(msr->mp, r->uri), unique_id);
+            }
+        }
 #endif
 
         /* Add this message to the list. */