menu.inc是一段采用PHP编写的菜单文件,在OSSIM各个版本都会要用到,对于希望汉化OSSIM菜单的用户需要深入理解段代码的含义,为了便于代码维护和理解,作者对文件中关键代码进行了说明。阅读本文需要用户具备一定PHP和HTML知识。
一、版权信息
* @package ossim-framework\Administration
* @autor AlienVault INC
* @license http://www.gnu.org/licenses/gpl-2.0.txt
* @copyright 2003-2006 ossim.***
* @copyright 2007-2013 AlienVault
* @link AT&T Cybersecurity | Managed Security Services for ***work, XDR & more
二、权限设置
这一部分主要介绍定义菜单和模板的权限。下面这是一组调用文件,用来导入信誉类定义、模板文件和av配置参数,建议不要轻易修改否则引起“fatal error”致命错误。
require_once 'classes/Reputation.inc';
require_once 'classes/template.inc';
require_once 'av_config.php';//这是一个类构造函数
public function __construct($conn, $login = '')
{
Ossim_db::check_connection($conn);// 从数据库中获取用户信息
$this->user = Session::get_user_info($conn, $login);
if (empty($this->user))
{
$exp_msg = _('Error! Menu class not created. Logged user not found in the System');
Av_exception::throw_error(Av_exception::USER_ERROR, $exp_msg);
}//获取管理员admin的菜单权限
// 初始化一个空数组,用于存储允许访问的菜单$this->allowed_menus = array();
// 如果用户不是管理员if (!$this->is_user_admin())
// 重新初始化为空数组,以确保不会受到任何预先设置的影响
$this->allowed_menus = array();// 实例化一个模板对象,并从数据库加载模板数据
$template = new Template($conn, $this->user->get_template_id());
$template->load_from_db($conn);// 获取模板的权限信息
$template_perms = $template->get_perms();// 如果权限信息是数组且不为空
if (is_array($template_perms) && !empty($template_perms))
{// 遍历权限信息,将权限数据存入allowed_menus数组
foreach($template_perms as $perm_data)
{
$perm_data = explode('###', $perm_data);
$this->allowed_menus[$perm_data[0]][$perm_data[1]] = 1;
}
}
}下面这是对安全相关的部分,定义菜单权限。
$perm_m_settings = TRUE;
// 检查权限,根据用户日志工具设置用户活动权限
$perm_user_activity = $this->check_perm("settings-menu", "ToolsUserLog");
$this->menus['settings'] = array(
"name" => _("Settings"), // 设置名称
"enabled" => $perm_m_settings, // 设置是否启用
"display" => FALSE, // 设置是否显示
"submenu" => array(
"settings" => array( // 子菜单项
"name" => _("Settings"), // 子菜单名称
"enabled" => TRUE, // 子菜单是否启用
"hmenu" => array( // 子菜单列表
"my_profile" => array(
"name" => _("My Profile"), // 子菜单名称
"enabled" => TRUE, // 启用
"url" => "/session/user_form.php?login=".$this->user->get_login() // 跳转链接
),
"current_sessions" => array( // 当前会话
"name" => _("Current Sessions"), // 子菜单名称
"enabled" => TRUE, // 启用
"url" => "/userlog/opened_sessions.php" // 跳转链接
),
"user_activity" => array( // 活动用户
"name" => _("User Activity"), // 设置子菜单名称
"enabled" => $perm_user_activity, // 根据权限设置是否启用
"url" => "/userlog/user_action_log.php" // 跳转链接
)
)
)
)
);三、Analysis的一级菜单
菜单选项,包括一级导航和子菜单选项,其中包括 "Alarms" 和其子菜单 "List View" 和 "Group View"。
// 设置分析模块的菜单选项
$this->menus['analysis'] = array(
"name" => _("Analysis"),
// 一级导航,菜单名称,用户可以修改,但不能使用中文字符。
"enabled" => $perm_m_analysis,
"display" => TRUE,
"submenu" => array(
/* Alarms */
"alarms" => array(
"name" => _("Alarms"), // 子菜单名称
"enabled" => $perm_alarms,
"hmenu" => array(
"alarms" => array(
"name" => _("List View"), // 子菜单选项名称
"enabled" => $perm_alarms,
"url" => "/alarm/alarm_console.php?hide_closed=1", // 子菜单跳转链接
"b_param" => "/alarm/alarm_detail.php?backlog=" //链接参数
),
"alarm_groups" => array(
"name" => _("Group View"), // 子菜单选项名称
"enabled" => $perm_alarms,
"url" => "/alarm/alarm_group_console.php?hide_closed=1" // 子菜单跳转链接
)
)
)
)
);四、定义Environment一级菜单
//下面这段代码定义资产环境的权限
/* 对五个下拉菜单的定义 */
/* Assets & Groups */
// 检查对环境菜单中的PolicyHosts、Policy***works和ToolsScan的权限。
$perm_hosts = $this->check_perm("environment-menu", "PolicyHosts");
$perm_***works = $this->check_perm("environment-menu", "Policy***works");
$perm_asset_discovery = $this->check_perm("environment-menu", "ToolsScan");//资产权限是对主机或资产发现的权限
$perm_assets = $perm_hosts || $perm_asset_discovery;
$perm_asset_groups = $perm_hosts || $perm_***works;
/* Vulnerabilities */
//检查对环境菜单中的EventsVulnerabilities的权限,以下几段代码功能类似就不在赘述。
$perm_vulns = $this->check_perm("environment-menu", "EventsVulnerabilities");
/* Profiles */
$perm_profiles = $this->check_perm("environment-menu", "Monitors***work");
/* ***flows */
$perm_***flow = $this->check_perm("environment-menu", "Monitors***flows");
/* Traffic Capture */
$perm_traffic_capture = $this->check_perm("environment-menu", "Traffi***apture")
/* Availability */
$perm_availability = $this->check_perm("environment-menu", "MonitorsAvailability")
/* Detection */
$perm_hids = $this->check_perm("environment-menu", "EventsHids");
$perm_config_hids = $this->check_perm("environment-menu", "EventsHidsConfig");
$perm_wireless = $this->check_perm("environment-menu", "ReportsWireless");//下面这段代码解释了每个菜单项的名称、权限控制、显示设置和链接信息。
$this->menus['environment'] = array(
"name" => _("Environment"), //一级菜单
"enabled" => $perm_m_environment, //菜单权限控制
"display" => TRUE, //显示菜单
"submenu" => array( //定义数组菜单分类 /* Assets */
"assets" => array(
"name" => _("Assets-111)//自定义下拉菜单
"enabled" => $perm_assets,
"hmenu" => array(
"assets" => array(
"name" => _("Assets—“)//定义TAB标签的资产
"enabled" => $perm_hosts,
"url" => "/assets/index.php",
"b_param" => "/asset_details/index.php?id="
),
"asset_discovery" => array(
"name" => _("Asset Discovery")//资产发现,执行智能化,可定制的定时扫描和事件驱动的扫描
"enabled" => $perm_asset_discovery,
"url" => "/***scan/index.php"
)
)
),/* 二级菜单-资产*/
//菜单定义方法类似,不在赘述。
"assets" => array(
"name" => _("Assets"), //资产列表
"enabled" => $perm_assets,
"hmenu" => array(
"assets" => array(
"name" => _("Assets"),
"enabled" => $perm_hosts,
"url" => "/assets/index.php",
"b_param" => "/asset_details/index.php?id="
),
"asset_discovery" => array(
"name" => _("Asset Discovery"),
"enabled" => $perm_asset_discovery,
"url" => "/***scan/index.php"
)
)
),/* 定义名为"assets_groups"的数组,用于存储资产组相关信息包括资产组名称、是否启用、以及相关菜单项 */
"assets_groups" => array(
"name" => _("Groups & ***works"), // 资产组名称为"Groups & ***works"
"enabled" => $perm_asset_groups, // 启用状态取决于$perm_asset_groups变量的值
"hmenu" => array( // 菜单项存储在"hmenu"数组中
// "host_groups"菜单项用于管理主机组
"host_groups" => array(
"name" => _("Groups"), // 菜单项名称为"Groups"
"enabled" => $perm_hosts, // 启用状态取决于$perm_hosts变量的值
"url" => "/assets/list_view.php?type=group", // 点击菜单后跳转的URL
"b_param" => "/asset_details/index.php?id=" // 设置参数
), // "***works"菜单项用于管理网络
"***works" => array(
"name" => _("***works"), // 菜单项名称为"***works"
"enabled" => $perm_***works, // 启用状态取决于$perm_***works变量的值
"url" => "/assets/list_view.php?type=***work", // 点击菜单后跳转的URL
"b_param" => "/asset_details/index.php?id=" // 设置参数
),
// "***work_groups"菜单项用于管理网络组
"***work_groups" => array(
"name" => _("***work Groups"), // 菜单项名称为"***work Groups"
"enabled" => $perm_***works, // 启用状态取决于$perm_***works变量的值
"url" => "/***group/***group.php" // 点击菜单后跳转的URL
)
)
)
*//* Vulnerabilities */
// 定义名为"vulnerabilities"的关联数组,和“assets_groups”类似。功能上用于存储漏洞相关信息
"vulnerabilities" => array(
"name" => _("Vulnerabilities"), // 指定漏洞名称
"enabled" => $perm_vulns,
"hmenu" => array( // 定义名为"hmenu"的关联数组,用于存储漏洞菜单相关信息
"overview" => array( // 定义名为"overview"的关联数组,用于存储概览信息
"name" => _("Overview"), // 指定概览名称
"enabled" => $perm_vulns, // 指定概览是否启用的布尔值
"url" => "/vulnmeter/index.php", // 指定概览页面的URL
"r_lmenu" => array ( // 定义名为"r_lmenu"的关联数组,用于存储右侧菜单相关信息
"profiles" => array( // 定义名为"profiles"的关联数组,用于存储配置文件相关信息
"name" => _("Profiles"), // 指定配置文件名称
"enabled" => TRUE, // 指定配置文件是否启用的布尔值
"display_in" => "greybox", // 指定配置文件显示方式
"b_class" => "av_b_secondary", // 指定配置文件按钮类别
"url" => "/vulnmeter/settings.php" // 指定配置文件的URL
),
"settings" => array( // 定义名为"settings"的关联数组,用于存储设置相关信息
"name" => _("Settings"), // 菜单Settings的名称
"enabled" => TRUE, // 指定设置是否启用的布尔值
"display_in" => "greybox", // 指定设置显示方式
"b_class" => "av_b_secondary", // 指定设置按钮类别
"url" => "/vulnmeter/webconfig.php" // 指定设置的URL
)
)
)
)
), "scan_jobs" => array( //数组定义了漏洞扫描作业信息
"name" => _("Scan Jobs"),
"enabled" => $perm_vulns,
"url" => "/vulnmeter/manage_jobs.php",
"r_lmenu" => array (
"profiles" => array(
"name" => _("Profiles"),
"enabled" => TRUE,
"display_in" => "greybox",
"b_class" => "av_b_secondary",
"url" => "/vulnmeter/settings.php"
),
"settings" => array( //定义Settings子菜单配置信息
"name" => _("Settings"),
"enabled" => TRUE,
"display_in" => "greybox",
"b_class" => "av_b_secondary",
"url" => "/vulnmeter/webconfig.php"
)
)
), "threat_database" => array( //定义了威胁数据库的配置信息
"name" => _("Threat Database"),//威胁数据库,用户可自定义菜单
"enabled" => $perm_vulns,
"url" => "/vulnmeter/threats-db.php" //在WebUI配置页面的URL
)
)
),五、Ntop菜单
/*Ntop流量和协议分析,在OSSIM 5 以上版本已取消*/
/* Profiles */
"profiles" => array(
"name" => _("Profiles"),
"enabled" => $perm_profiles,
"hmenu" => array(
"services" => array(
"name" => _("Services"),
"enabled" => TRUE,
"url" => "/ntop/index.php?opc=services"
),
"global" => array(
"name" => _("Global"),
"enabled" => TRUE,
"url" => "/ntop/index.php"
),
"throughput" => array(
"name" => _("Throughput"),
"enabled" => TRUE,
"url" => "/ntop/index.php?opc=throughput"
),
"matrix" => array(
"name" => _("Matrix"),
"enabled" => TRUE,
"url" => "/ntop/index.php?opc=matrix"
)
)
),/* ***flow */
// 定义了***flow数组,包含***flow的相关信息
"***flow" => array(
"name" => _("***flow"), // ***flow的名称
"enabled" => $perm_***flow, // 根据权限确定***flow是否启用
"hmenu" => array( // ***flow的水平菜单
"details" => array(
"name" => _("Details"), // 定义“Details”菜单项名称
"enabled" => TRUE, // 是否:启用
"url" => "/nfsen/nfsen.php?tab=2"
// 详细信息菜单项对应的url
),
"overview" => array(
"name" => _("Overview"), // Overview菜单项的名称(可修改)
"enabled" => TRUE, // 同上
"url" => "/nfsen/nfsen.php?tab=0" // Overview菜单项对应的url
),
"graph" => array(
"name" => _("Graph"), // Graph菜单项的名称
"enabled" => TRUE,
"url" => "/nfsen/nfsen.php?tab=1" // Graph菜单项对应的url
)
)
),/* Traffic Capture */
// 定义 "Traffic Capture" 的功能模块,包括名称和水平导航菜单
"traffic_capture" => array(
"name" => _("Traffic Capture"), //定义功能模块的名称
"enabled" => $perm_traffic_capture, // 启用的变量
"hmenu" => array( // 定义水平导航菜单数组
"traffic_capture" => array( // 导航菜单项
"name" => _("Traffic Capture"), // 导航菜单项的名称,可以自定义
"enabled" => TRUE, // 启用
"url" => "/pcap/index.php" // 导航菜单项链接地址
)
)
),/* Availability */
// 定义了名为 "Availability" 的功能模块,包括名称、启用状态和水平导航菜单
"availability" => array(
"name" => _("Availability"), // 功能模块的名称
"enabled" => $perm_availability, // 是否启用的变量
"hmenu" => array( // 水平导航菜单
"monitoring" => array( // 导航菜单项
"name" => _("Monitoring"), // 导航菜单项的名称
"enabled" => TRUE, // 是否启用的固定值
"url" => "/nagios/index.php" // 导航菜单项链接地址
),
"reporting" => array( // 导航菜单项
"name" => _("Reporting"), // 导航菜单项的名称
"enabled" => TRUE, // 是否启用的固定值
"url" => "/nagios/index.php?opc=reporting" // 导航菜单项链接地址
)
)
),OSSEC设置和报表菜单设置方法同上,不再赘述。有关系统设置与部署的菜单讲解我们放在下一期再来讲解。
2023年度 51CTO杰出讲师评选开始啦,期待大家投上宝贵一票! 李晨光的网络课堂,李晨光 网络管理,Linux 大讲堂 - 51CTO学堂
