Hi there,
I 'v just installed mod_security 2.5 on a Fedora core 9 with apache ver 2.2.8. I'm accessing  internet from behind my university proxy. I think I did every thing is needed  for configuring Mod_Security (edit httpd.conf and copying rules to proper directory.I add following to chttpd.conf:
LoadFile /usr/lib/libxml2.so.2
LoadModule security2_module modules/mod_security2.so
LoadModule unique_id_module modules/mod_unique_id.so
<IfModule mod_security2.c>
       SecServerSignature "Microsoft-IIS/5.0 (Nintendo DS)"
       Include conf.d/modsecurity2/rules/*.conf
</IfModule> ),

but "modsec_audit.log" and modsec_debug.log are always empty! when I go to URL "http://yourhost/cmd.exe", i get a Network access Message with a technical report like this:
Technical Information (for support personnel)

I wanna know if mod_sec cant work behind a proxy. and if it can, how does it work??