menu.inc是一段采用PHP编写的菜单文件,在OSSIM各个版本都会要用到,对于希望汉化OSSIM菜单的用户需要深入理解段代码的含义,为了便于代码维护和理解,作者对文件中关键代码进行了说明。阅读本文需要用户具备一定PHP和HTML知识。
一、版权信息
* @package ossim-frameworkAdministration
* @autor AlienVault INC
* @license http://www.gnu.org/licenses/gpl-2.0.txt
* @copyright 2003-2006 ossim.net
* @copyright 2007-2013 AlienVault
* @link AT&T Cybersecurity | Managed Security Services for Network, XDR & more
二、权限设置
这一部分主要介绍定义菜单和模板的权限。下面这是一组调用文件,用来导入信誉类定义、模板文件和av配置参数,建议不要轻易修改否则引起“fatal error”致命错误。
require_once 'classes/Reputation.inc'; require_once 'classes/template.inc'; require_once 'av_config.php';
//这是一个类构造函数
public function __construct($conn, $login = '') { Ossim_db::check_connection($conn);
// 从数据库中获取用户信息
$this->user = Session::get_user_info($conn, $login); if (empty($this->user)) { $exp_msg = _('Error! Menu class not created. Logged user not found in the System'); Av_exception::throw_error(Av_exception::USER_ERROR, $exp_msg); }
//获取管理员admin的菜单权限
// 初始化一个空数组,用于存储允许访问的菜单$this->allowed_menus = array();
// 如果用户不是管理员if (!$this->is_user_admin())
// 重新初始化为空数组,以确保不会受到任何预先设置的影响
$this->allowed_menus = array();
// 实例化一个模板对象,并从数据库加载模板数据
$template = new Template($conn, $this->user->get_template_id()); $template->load_from_db($conn);
// 获取模板的权限信息
$template_perms = $template->get_perms();
// 如果权限信息是数组且不为空
if (is_array($template_perms) && !empty($template_perms)) {
// 遍历权限信息,将权限数据存入allowed_menus数组
foreach($template_perms as $perm_data) { $perm_data = explode('###', $perm_data); $this->allowed_menus[$perm_data[0]][$perm_data[1]] = 1; } } }
下面这是对安全相关的部分,定义菜单权限。
$perm_m_settings = TRUE;
// 检查权限,根据用户日志工具设置用户活动权限
$perm_user_activity = $this->check_perm("settings-menu", "ToolsUserLog"); $this->menus['settings'] = array( "name" => _("Settings"), // 设置名称 "enabled" => $perm_m_settings, // 设置是否启用 "display" => FALSE, // 设置是否显示 "submenu" => array( "settings" => array( // 子菜单项 "name" => _("Settings"), // 子菜单名称 "enabled" => TRUE, // 子菜单是否启用 "hmenu" => array( // 子菜单列表 "my_profile" => array( "name" => _("My Profile"), // 子菜单名称 "enabled" => TRUE, // 启用 "url" => "/session/user_form.php?login=".$this->user->get_login() // 跳转链接 ), "current_sessions" => array( // 当前会话 "name" => _("Current Sessions"), // 子菜单名称 "enabled" => TRUE, // 启用 "url" => "/userlog/opened_sessions.php" // 跳转链接 ), "user_activity" => array( // 活动用户 "name" => _("User Activity"), // 设置子菜单名称 "enabled" => $perm_user_activity, // 根据权限设置是否启用 "url" => "/userlog/user_action_log.php" // 跳转链接 ) ) ) ) );
三、Analysis的一级菜单
菜单选项,包括一级导航和子菜单选项,其中包括 "Alarms" 和其子菜单 "List View" 和 "Group View"。
// 设置分析模块的菜单选项
$this->menus['analysis'] = array( "name" => _("Analysis"),
// 一级导航,菜单名称,用户可以修改,但不能使用中文字符。
"enabled" => $perm_m_analysis, "display" => TRUE, "submenu" => array( /* Alarms */ "alarms" => array( "name" => _("Alarms"), // 子菜单名称 "enabled" => $perm_alarms, "hmenu" => array( "alarms" => array( "name" => _("List View"), // 子菜单选项名称 "enabled" => $perm_alarms, "url" => "/alarm/alarm_console.php?hide_closed=1", // 子菜单跳转链接 "b_param" => "/alarm/alarm_detail.php?backlog=" //链接参数 ), "alarm_groups" => array( "name" => _("Group View"), // 子菜单选项名称 "enabled" => $perm_alarms, "url" => "/alarm/alarm_group_console.php?hide_closed=1" // 子菜单跳转链接 ) ) ) ) );
四、定义Environment一级菜单
//下面这段代码定义资产环境的权限
/* 对五个下拉菜单的定义 */
/* Assets & Groups */
// 检查对环境菜单中的PolicyHosts、PolicyNetworks和ToolsScan的权限。
$perm_hosts = $this->check_perm("environment-menu", "PolicyHosts"); $perm_networks = $this->check_perm("environment-menu", "PolicyNetworks"); $perm_asset_discovery = $this->check_perm("environment-menu", "ToolsScan");
//资产权限是对主机或资产发现的权限
$perm_assets = $perm_hosts || $perm_asset_discovery;
$perm_asset_groups = $perm_hosts || $perm_networks;
/* Vulnerabilities */
//检查对环境菜单中的EventsVulnerabilities的权限,以下几段代码功能类似就不在赘述。
$perm_vulns = $this->check_perm("environment-menu", "EventsVulnerabilities"); /* Profiles */ $perm_profiles = $this->check_perm("environment-menu", "MonitorsNetwork"); /* Netflows */ $perm_netflow = $this->check_perm("environment-menu", "MonitorsNetflows"); /* Traffic Capture */ $perm_traffic_capture = $this->check_perm("environment-menu", "TrafficCapture") /* Availability */ $perm_availability = $this->check_perm("environment-menu", "MonitorsAvailability") /* Detection */ $perm_hids = $this->check_perm("environment-menu", "EventsHids"); $perm_config_hids = $this->check_perm("environment-menu", "EventsHidsConfig"); $perm_wireless = $this->check_perm("environment-menu", "ReportsWireless");
//下面这段代码解释了每个菜单项的名称、权限控制、显示设置和链接信息。
$this->menus['environment'] = array( "name" => _("Environment"), //一级菜单 "enabled" => $perm_m_environment, //菜单权限控制 "display" => TRUE, //显示菜单 "submenu" => array( //定义数组菜单分类
/* Assets */ "assets" => array( "name" => _("Assets-111)
//自定义下拉菜单
"enabled" => $perm_assets, "hmenu" => array( "assets" => array( "name" => _("Assets—“)
//定义TAB标签的资产
"enabled" => $perm_hosts, "url" => "/assets/index.php", "b_param" => "/asset_details/index.php?id=" ), "asset_discovery" => array( "name" => _("Asset Discovery")
//资产发现,执行智能化,可定制的定时扫描和事件驱动的扫描
"enabled" => $perm_asset_discovery, "url" => "/netscan/index.php" ) ) ),
/* 二级菜单-资产*/
//菜单定义方法类似,不在赘述。
"assets" => array( "name" => _("Assets"), //资产列表 "enabled" => $perm_assets, "hmenu" => array( "assets" => array( "name" => _("Assets"), "enabled" => $perm_hosts, "url" => "/assets/index.php", "b_param" => "/asset_details/index.php?id=" ), "asset_discovery" => array( "name" => _("Asset Discovery"), "enabled" => $perm_asset_discovery, "url" => "/netscan/index.php" ) ) ),
/* 定义名为"assets_groups"的数组,用于存储资产组相关信息包括资产组名称、是否启用、以及相关菜单项 */
"assets_groups" => array( "name" => _("Groups & Networks"), // 资产组名称为"Groups & Networks" "enabled" => $perm_asset_groups, // 启用状态取决于$perm_asset_groups变量的值 "hmenu" => array( // 菜单项存储在"hmenu"数组中 // "host_groups"菜单项用于管理主机组 "host_groups" => array( "name" => _("Groups"), // 菜单项名称为"Groups" "enabled" => $perm_hosts, // 启用状态取决于$perm_hosts变量的值 "url" => "/assets/list_view.php?type=group", // 点击菜单后跳转的URL "b_param" => "/asset_details/index.php?id=" // 设置参数 ),
// "networks"菜单项用于管理网络 "networks" => array( "name" => _("Networks"), // 菜单项名称为"Networks" "enabled" => $perm_networks, // 启用状态取决于$perm_networks变量的值 "url" => "/assets/list_view.php?type=network", // 点击菜单后跳转的URL "b_param" => "/asset_details/index.php?id=" // 设置参数 ), // "network_groups"菜单项用于管理网络组 "network_groups" => array( "name" => _("Network Groups"), // 菜单项名称为"Network Groups" "enabled" => $perm_networks, // 启用状态取决于$perm_networks变量的值 "url" => "/netgroup/netgroup.php" // 点击菜单后跳转的URL ) ) ) */
/* Vulnerabilities */
// 定义名为"vulnerabilities"的关联数组,和“assets_groups”类似。功能上用于存储漏洞相关信息 "vulnerabilities" => array( "name" => _("Vulnerabilities"), // 指定漏洞名称 "enabled" => $perm_vulns, "hmenu" => array( // 定义名为"hmenu"的关联数组,用于存储漏洞菜单相关信息 "overview" => array( // 定义名为"overview"的关联数组,用于存储概览信息 "name" => _("Overview"), // 指定概览名称 "enabled" => $perm_vulns, // 指定概览是否启用的布尔值 "url" => "/vulnmeter/index.php", // 指定概览页面的URL "r_lmenu" => array ( // 定义名为"r_lmenu"的关联数组,用于存储右侧菜单相关信息 "profiles" => array( // 定义名为"profiles"的关联数组,用于存储配置文件相关信息 "name" => _("Profiles"), // 指定配置文件名称 "enabled" => TRUE, // 指定配置文件是否启用的布尔值 "display_in" => "greybox", // 指定配置文件显示方式 "b_class" => "av_b_secondary", // 指定配置文件按钮类别 "url" => "/vulnmeter/settings.php" // 指定配置文件的URL ), "settings" => array( // 定义名为"settings"的关联数组,用于存储设置相关信息 "name" => _("Settings"), // 菜单Settings的名称 "enabled" => TRUE, // 指定设置是否启用的布尔值 "display_in" => "greybox", // 指定设置显示方式 "b_class" => "av_b_secondary", // 指定设置按钮类别 "url" => "/vulnmeter/webconfig.php" // 指定设置的URL ) ) ) ) ),
"scan_jobs" => array( //数组定义了漏洞扫描作业信息 "name" => _("Scan Jobs"), "enabled" => $perm_vulns, "url" => "/vulnmeter/manage_jobs.php", "r_lmenu" => array ( "profiles" => array( "name" => _("Profiles"), "enabled" => TRUE, "display_in" => "greybox", "b_class" => "av_b_secondary", "url" => "/vulnmeter/settings.php" ), "settings" => array( //定义Settings子菜单配置信息 "name" => _("Settings"), "enabled" => TRUE, "display_in" => "greybox", "b_class" => "av_b_secondary", "url" => "/vulnmeter/webconfig.php" ) ) ),
"threat_database" => array( //定义了威胁数据库的配置信息 "name" => _("Threat Database"),//威胁数据库,用户可自定义菜单 "enabled" => $perm_vulns, "url" => "/vulnmeter/threats-db.php" //在WebUI配置页面的URL ) ) ),
五、Ntop菜单
/*Ntop流量和协议分析,在OSSIM 5 以上版本已取消*/
/* Profiles */
"profiles" => array( "name" => _("Profiles"), "enabled" => $perm_profiles, "hmenu" => array( "services" => array( "name" => _("Services"), "enabled" => TRUE, "url" => "/ntop/index.php?opc=services" ), "global" => array( "name" => _("Global"), "enabled" => TRUE, "url" => "/ntop/index.php" ), "throughput" => array( "name" => _("Throughput"), "enabled" => TRUE, "url" => "/ntop/index.php?opc=throughput" ), "matrix" => array( "name" => _("Matrix"), "enabled" => TRUE, "url" => "/ntop/index.php?opc=matrix" ) ) ),
/* Netflow */
// 定义了netflow数组,包含netflow的相关信息
"netflow" => array( "name" => _("Netflow"), // netflow的名称 "enabled" => $perm_netflow, // 根据权限确定netflow是否启用 "hmenu" => array( // netflow的水平菜单 "details" => array( "name" => _("Details"), // 定义“Details”菜单项名称 "enabled" => TRUE, // 是否:启用 "url" => "/nfsen/nfsen.php?tab=2" // 详细信息菜单项对应的url ),
"overview" => array( "name" => _("Overview"), // Overview菜单项的名称(可修改) "enabled" => TRUE, // 同上 "url" => "/nfsen/nfsen.php?tab=0" // Overview菜单项对应的url ), "graph" => array( "name" => _("Graph"), // Graph菜单项的名称 "enabled" => TRUE, "url" => "/nfsen/nfsen.php?tab=1" // Graph菜单项对应的url ) ) ),
/* Traffic Capture */
// 定义 "Traffic Capture" 的功能模块,包括名称和水平导航菜单
"traffic_capture" => array( "name" => _("Traffic Capture"), //定义功能模块的名称 "enabled" => $perm_traffic_capture, // 启用的变量 "hmenu" => array( // 定义水平导航菜单数组 "traffic_capture" => array( // 导航菜单项 "name" => _("Traffic Capture"), // 导航菜单项的名称,可以自定义 "enabled" => TRUE, // 启用 "url" => "/pcap/index.php" // 导航菜单项链接地址 ) ) ),
/* Availability */
// 定义了名为 "Availability" 的功能模块,包括名称、启用状态和水平导航菜单
"availability" => array( "name" => _("Availability"), // 功能模块的名称 "enabled" => $perm_availability, // 是否启用的变量 "hmenu" => array( // 水平导航菜单 "monitoring" => array( // 导航菜单项 "name" => _("Monitoring"), // 导航菜单项的名称 "enabled" => TRUE, // 是否启用的固定值 "url" => "/nagios/index.php" // 导航菜单项链接地址 ), "reporting" => array( // 导航菜单项 "name" => _("Reporting"), // 导航菜单项的名称 "enabled" => TRUE, // 是否启用的固定值 "url" => "/nagios/index.php?opc=reporting" // 导航菜单项链接地址 ) ) ),
OSSEC设置和报表菜单设置方法同上,不再赘述。有关系统设置与部署的菜单讲解我们放在下一期再来讲解。
2023年度 51CTO杰出讲师评选开始啦,期待大家投上宝贵一票! 李晨光的网络课堂,李晨光 网络管理,Linux 大讲堂 - 51CTO学堂