看懂OSSIM的WebUI菜单源码文件

      menu.inc是一段采用PHP编写的菜单文件,在OSSIM各个版本都会要用到,对于希望汉化OSSIM菜单的用户需要深入理解段代码的含义,为了便于代码维护和理解,作者对文件中关键代码进行了说明。阅读本文需要用户具备一定PHP和HTML知识。

一、版权信息

* @package    ossim-frameworkAdministration

* @autor      AlienVault INC

* @license    http://www.gnu.org/licenses/gpl-2.0.txt

* @copyright  2003-2006 ossim.net

* @copyright  2007-2013 AlienVault

* @link       AT&T Cybersecurity | Managed Security Services for Network, XDR & more

二、权限设置

         这一部分主要介绍定义菜单和模板的权限。下面这是一组调用文件,用来导入信誉类定义、模板文件和av配置参数,建议不要轻易修改否则引起“fatal error”致命错误。

require_once 'classes/Reputation.inc';

require_once 'classes/template.inc';

require_once 'av_config.php';

//这是一个类构造函数

 public function __construct($conn, $login = '')

    {

        Ossim_db::check_connection($conn);

        // 从数据库中获取用户信息

        $this->user = Session::get_user_info($conn, $login);



        if (empty($this->user))

        {

            $exp_msg = _('Error! Menu class not created.  Logged user not found in the System');



            Av_exception::throw_error(Av_exception::USER_ERROR, $exp_msg);

        }

//获取管理员admin的菜单权限

 // 初始化一个空数组,用于存储允许访问的菜单$this->allowed_menus = array();

// 如果用户不是管理员if (!$this->is_user_admin())

 // 重新初始化为空数组,以确保不会受到任何预先设置的影响

 $this->allowed_menus = array();

   // 实例化一个模板对象,并从数据库加载模板数据

    $template = new Template($conn, $this->user->get_template_id());

    $template->load_from_db($conn);

    // 获取模板的权限信息

    

$template_perms = $template->get_perms();

    // 如果权限信息是数组且不为空 

   if (is_array($template_perms) && !empty($template_perms))

    {

        // 遍历权限信息,将权限数据存入allowed_menus数组

        foreach($template_perms as $perm_data)

        {

            $perm_data = explode('###', $perm_data);

            $this->allowed_menus[$perm_data[0]][$perm_data[1]] = 1;

        }

    }

}

下面这是对安全相关的部分,定义菜单权限。

$perm_m_settings = TRUE;

// 检查权限,根据用户日志工具设置用户活动权限

$perm_user_activity = $this->check_perm("settings-menu", "ToolsUserLog");

$this->menus['settings'] = array(

    "name"     => _("Settings"), // 设置名称

    "enabled"  => $perm_m_settings, // 设置是否启用

    "display"  => FALSE, // 设置是否显示

    "submenu"  => array(

        "settings" => array(  // 子菜单项

            "name"    => _("Settings"),  // 子菜单名称

            "enabled" => TRUE,  // 子菜单是否启用

            "hmenu"   => array(  // 子菜单列表

                "my_profile"  => array(  

                    "name"    => _("My Profile"),  // 子菜单名称

                    "enabled" => TRUE,  // 启用

                    "url"     => "/session/user_form.php?login=".$this->user->get_login()  // 跳转链接

                ),

                "current_sessions" => array(  // 当前会话

                    "name"    => _("Current Sessions"),  // 子菜单名称

                    "enabled" => TRUE,  // 启用

                    "url"     => "/userlog/opened_sessions.php"  // 跳转链接

                ),

                "user_activity" => array(  // 活动用户

                    "name"    => _("User Activity"),  // 设置子菜单名称

                    "enabled" => $perm_user_activity,  // 根据权限设置是否启用

                    "url"     => "/userlog/user_action_log.php"  // 跳转链接

                )

            )

        )

    )

);

三、Analysis一级菜单

      菜单选项,包括一级导航和子菜单选项,其中包括 "Alarms" 和其子菜单 "List View" 和 "Group View"。

// 设置分析模块的菜单选项

$this->menus['analysis'] = array(

    "name"     => _("Analysis"), 

     

 // 一级导航,菜单名称,用户可以修改,但不能使用中文字符。  

  "enabled"  => $perm_m_analysis,

    "display" => TRUE,

    "submenu"  => array(



        /* Alarms */

        "alarms" => array(

            "name"    => _("Alarms"),       // 子菜单名称

            "enabled" => $perm_alarms,

            "hmenu"   => array(



                "alarms" => array(

                    "name"    => _("List View"),  // 子菜单选项名称

                    "enabled" => $perm_alarms,

                    "url"     => "/alarm/alarm_console.php?hide_closed=1",  // 子菜单跳转链接

                    "b_param" => "/alarm/alarm_detail.php?backlog="  //链接参数

                ),

                "alarm_groups" => array(

                    "name"    => _("Group View"),  // 子菜单选项名称

                    "enabled" => $perm_alarms,

                    "url"     => "/alarm/alarm_group_console.php?hide_closed=1"  // 子菜单跳转链接

                )

            )

        )

    )

);

四、定义Environment一级菜单

     

//下面这段代码定义资产环境的权限

/* 对五个下拉菜单的定义 */

        /* Assets & Groups */

// 检查对环境菜单中的PolicyHostsPolicyNetworks和ToolsScan的权限

      

  $perm_hosts           = $this->check_perm("environment-menu", "PolicyHosts");

  $perm_networks        = $this->check_perm("environment-menu", "PolicyNetworks");

  $perm_asset_discovery = $this->check_perm("environment-menu", "ToolsScan");

//资产权限是对主机或资产发现的权限

        $perm_assets          = $perm_hosts || $perm_asset_discovery;

        $perm_asset_groups    = $perm_hosts || $perm_networks;

        /* Vulnerabilities */

//检查对环境菜单中的EventsVulnerabilities的权限,以下几段代码功能类似就不在赘述。

        $perm_vulns           = $this->check_perm("environment-menu", "EventsVulnerabilities");

        /* Profiles */

        $perm_profiles        = $this->check_perm("environment-menu", "MonitorsNetwork");

        /* Netflows */

        $perm_netflow         = $this->check_perm("environment-menu", "MonitorsNetflows");

        /* Traffic Capture */

        $perm_traffic_capture = $this->check_perm("environment-menu", "TrafficCapture")



        /* Availability */

        $perm_availability    = $this->check_perm("environment-menu", "MonitorsAvailability")

        /* Detection */

        $perm_hids            = $this->check_perm("environment-menu", "EventsHids");

        $perm_config_hids     = $this->check_perm("environment-menu", "EventsHidsConfig");

        $perm_wireless        = $this->check_perm("environment-menu", "ReportsWireless");

//下面这段代码解释了每个菜单项的名称、权限控制、显示设置和链接信息。

 $this->menus['environment'] = array(

            "name"     => _("Environment"),         //一级菜单

            "enabled"  => $perm_m_environment,  //菜单权限控制

            "display"  => TRUE,  //显示菜单

            "submenu"  => array( //定义数组菜单分类

                /* Assets */

                "assets" => array(

                    "name"    => _("Assets-111)

 //自定义下拉菜单   

                 "enabled" => $perm_assets,

                    "hmenu"   => array(

                        "assets" => array(

                            "name"    => _("Assets—“)

 //定义TAB标签的资产 

                           "enabled" => $perm_hosts,

                            "url"     => "/assets/index.php",

                            "b_param" => "/asset_details/index.php?id="

                        ),



                        "asset_discovery" => array(

                            "name"    => _("Asset Discovery")

 //资产发现,执行智能化,可定制的定时扫描和事件驱动的扫描

                            "enabled" => $perm_asset_discovery,

                            "url"     => "/netscan/index.php"

                        )

                    )

                ),

/* 二级菜单-资产*/

//菜单定义方法类似,不在赘述。

                "assets" => array(

                    "name"    => _("Assets"), //资产列表

                    "enabled" => $perm_assets,

                    "hmenu"   => array(



                        "assets" => array(

                            "name"    => _("Assets"),

                            "enabled" => $perm_hosts,

                            "url"     => "/assets/index.php",

                            "b_param" => "/asset_details/index.php?id="

                        ),



                        "asset_discovery" => array(

                            "name"    => _("Asset Discovery"),

                            "enabled" => $perm_asset_discovery,

                            "url"     => "/netscan/index.php"

                        )

                    )

                ),

/* 定义名为"assets_groups"的数组,用于存储资产组相关信息包括资产组名称、是否启用、以及相关菜单项 */

"assets_groups" => array(

    "name"    => _("Groups & Networks"),  // 资产组名称为"Groups & Networks"

    "enabled" => $perm_asset_groups, // 启用状态取决于$perm_asset_groups变量的值

    "hmenu"   => array(  // 菜单项存储在"hmenu"数组中



        // "host_groups"菜单项用于管理主机组

        "host_groups" => array(

            "name"    => _("Groups"),    // 菜单项名称为"Groups"

            "enabled" => $perm_hosts,    // 启用状态取决于$perm_hosts变量的值

            "url"     => "/assets/list_view.php?type=group",  // 点击菜单后跳转的URL

            "b_param" => "/asset_details/index.php?id="  // 设置参数

        ),
        // "networks"菜单项用于管理网络

        "networks" => array(

            "name"    => _("Networks"),  // 菜单项名称为"Networks"

            "enabled" => $perm_networks, // 启用状态取决于$perm_networks变量的值

            "url"     => "/assets/list_view.php?type=network",  // 点击菜单后跳转的URL

            "b_param" => "/asset_details/index.php?id="  // 设置参数

        ),



        // "network_groups"菜单项用于管理网络组

        "network_groups" => array(

            "name"    => _("Network Groups"),  // 菜单项名称为"Network Groups"

            "enabled" => $perm_networks, // 启用状态取决于$perm_networks变量的值

            "url"     => "/netgroup/netgroup.php"  // 点击菜单后跳转的URL

        )

    )

)

*/

/* Vulnerabilities */                     

// 定义名为"vulnerabilities"的关联数组,和“assets_groups”类似。功能上用于存储漏洞相关信息

"vulnerabilities" => array(

    "name"    => _("Vulnerabilities"),  // 指定漏洞名称

    "enabled" => $perm_vulns,  

    "hmenu"   => array(  // 定义名为"hmenu"的关联数组,用于存储漏洞菜单相关信息

        "overview" => array(  // 定义名为"overview"的关联数组,用于存储概览信息

            "name"    => _("Overview"),  // 指定概览名称

            "enabled" => $perm_vulns,  // 指定概览是否启用的布尔值

            "url"     => "/vulnmeter/index.php",  // 指定概览页面的URL

            "r_lmenu" => array (  // 定义名为"r_lmenu"的关联数组,用于存储右侧菜单相关信息

                "profiles" => array(  // 定义名为"profiles"的关联数组,用于存储配置文件相关信息

                    "name"       => _("Profiles"),  // 指定配置文件名称

                    "enabled"    => TRUE,  // 指定配置文件是否启用的布尔值

                    "display_in" => "greybox",  // 指定配置文件显示方式

                    "b_class"    => "av_b_secondary",  // 指定配置文件按钮类别

                    "url"        => "/vulnmeter/settings.php"  // 指定配置文件的URL

               ),

               "settings" => array(  // 定义名为"settings"的关联数组,用于存储设置相关信息

                    "name"       => _("Settings"),  // 菜单Settings的名称

                    "enabled"    => TRUE,  // 指定设置是否启用的布尔值

                    "display_in" => "greybox",  // 指定设置显示方式

                    "b_class"    => "av_b_secondary",  // 指定设置按钮类别

                    "url"        => "/vulnmeter/webconfig.php"  // 指定设置的URL

               )

           )

       )

   )

),  
                        "scan_jobs" => array(  //数组定义了漏洞扫描作业信息

                            "name"    => _("Scan Jobs"),

                            "enabled" => $perm_vulns,

                            "url"     => "/vulnmeter/manage_jobs.php",

                            "r_lmenu" => array (

                                "profiles" => array(

                                    "name"       => _("Profiles"),

                                    "enabled"    => TRUE,

                                    "display_in" => "greybox",

                                    "b_class"    => "av_b_secondary",

                                    "url"        => "/vulnmeter/settings.php"

                               ),

                                "settings" => array( //定义Settings子菜单配置信息

                                    "name"       => _("Settings"),

                                    "enabled"    => TRUE,

                                    "display_in" => "greybox",

                                    "b_class"    => "av_b_secondary",

                                    "url"        => "/vulnmeter/webconfig.php"

                               )

                            )

                        ),
                        "threat_database" => array( //定义了威胁数据库的配置信息



                            "name"    => _("Threat Database"),//威胁数据库,用户可自定义菜单

                            "enabled" => $perm_vulns,

                            "url"     => "/vulnmeter/threats-db.php" //在WebUI配置页面的URL

                        )

                    )

               ),

五、Ntop菜单

/*Ntop流量和协议分析,在OSSIM 5 以上版本已取消*/

/* Profiles */

                "profiles" => array(

                    "name"   => _("Profiles"),

                    "enabled" => $perm_profiles,

                    "hmenu"   => array(

                        "services" => array(

                            "name"    => _("Services"),

                            "enabled" => TRUE,

                            "url"     => "/ntop/index.php?opc=services"

                        ),



                        "global" => array(

                            "name"    => _("Global"),

                            "enabled" => TRUE,

                            "url"     => "/ntop/index.php"

                        ),



                        "throughput" => array(

                            "name"    => _("Throughput"),

                            "enabled" => TRUE,

                            "url"     => "/ntop/index.php?opc=throughput"

                        ),



                        "matrix" => array(

                            "name"    => _("Matrix"),

                            "enabled" => TRUE,

                            "url"     => "/ntop/index.php?opc=matrix"

                        )

                    )

               ),

/* Netflow */

// 定义了netflow数组,包含netflow的相关信息

                "netflow" => array(

                    "name"    => _("Netflow"), // netflow的名称

                    "enabled" => $perm_netflow, // 根据权限确定netflow是否启用

                    "hmenu"   => array( // netflow的水平菜单

                        "details" => array(

                            "name"    => _("Details"), // 定义“Details”菜单项名称

                            "enabled" => TRUE, // 是否:启用

                            "url"     => "/nfsen/nfsen.php?tab=2"

// 详细信息菜单项对应的url

                        ),

    

                    "overview" => array(

                            "name"    => _("Overview"), // Overview菜单项的名称(可修改)

                            "enabled" => TRUE, // 同上

                            "url"     => "/nfsen/nfsen.php?tab=0" // Overview菜单项对应的url

                        ),



                        "graph" => array(

                            "name"    => _("Graph"), // Graph菜单项的名称

                            "enabled" => TRUE,

                            "url"     => "/nfsen/nfsen.php?tab=1" // Graph菜单项对应的url

                        )

                    )

                ),

/* Traffic Capture */

// 定义 "Traffic Capture" 的功能模块,包括名称和水平导航菜单

"traffic_capture" => array(

    "name"    => _("Traffic Capture"), //定义功能模块的名称

    "enabled" => $perm_traffic_capture, // 启用的变量

    "hmenu"   => array( // 定义水平导航菜单数组

        "traffic_capture" => array( // 导航菜单项

            "name"    => _("Traffic Capture"), // 导航菜单项的名称,可以自定义

            "enabled" => TRUE, // 启用

            "url"     => "/pcap/index.php" // 导航菜单项链接地址

        )

    )

),

/* Availability */

// 定义了名为 "Availability" 的功能模块,包括名称、启用状态和水平导航菜单

"availability" => array(

    "name"    => _("Availability"), // 功能模块的名称

    "enabled" => $perm_availability, // 是否启用的变量

    "hmenu"   => array( // 水平导航菜单

        "monitoring" => array( // 导航菜单项

            "name"    => _("Monitoring"), // 导航菜单项的名称

            "enabled" => TRUE, // 是否启用的固定值

            "url"     => "/nagios/index.php" // 导航菜单项链接地址

        ),



        "reporting" => array( // 导航菜单项

            "name"    => _("Reporting"), // 导航菜单项的名称

            "enabled" => TRUE, // 是否启用的固定值

            "url"     => "/nagios/index.php?opc=reporting" // 导航菜单项链接地址

        )

    )

),

        OSSEC设置和报表菜单设置方法同上,不再赘述。有关系统设置与部署的菜单讲解我们放在下一期再来讲解。

2023年度 51CTO杰出讲师评选开始啦,期待大家投上宝贵一票! 李晨光的网络课堂,李晨光 网络管理,Linux 大讲堂 - 51CTO学堂