gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
009cee44c2724fd30e4a966f42156a2c03fec95b
dongxiaoyan-tsg-autotest/01-TestCase/tsg_adc/multi_step/MultiStepDenyAllTests.robot

197 lines
11 KiB
Plaintext
Raw Normal View History

删除目录
2020-05-29 16:14:49 +08:00
*** Settings ***
Test Teardown DeleteAfterCase ${policyIds} ${objectids}
Force Tags tsg_adc tsg_security selfserver
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/PolicyObjectDefault.txt
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
Resource ../../../03-Variable/AllFlowCaseVariable.txt
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Library Custometest
Library json
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/responsepages
${profiledId} ${EMPTY}
${dict} ${None}
${caseName} SecurityPolicy-Deny-AllProtol-00001
*** Keywords ***
create-object-policy
[Arguments] @{flag}
Comment 创建目标IP
${objectDict} Create Dictionary
... objectType=IP
... isValid=1
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_IPobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc}
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} Run Keyword If '${testPart}'=='all' set Variable ${objectId}
Comment 创建安全策略针对所有协议相当于BlackIP
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=tsg_security
... policyDesc=${Default_PolicyDesc}
... action=deny
... effectiveRange=${Default_EffectiveRange}
... userRegion=${Default_UserRegion}
... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR
... isValid=${Default_IsValid}
... appObjectIdArray=2,3,4,5,6
... userTags=${Default_UserTags}
... doLog=2
... scheduleId=${Default_ScheduleId}
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${policyIds} Run Keyword If '${testPart}'=='all' Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
# 区分执行方式
${value} Run Keyword If ${flag}==[] insert_policyId_to_file ${caseName} ${policyId} ${objectids}
... ELSE Create Dictionary policyId=${policyId} objectId=${objectids}
Set Test Variable ${dict} ${value}
function-test
Run Keyword If '${testPart}'=='all' Sleep ${policyVerificationSleepSeconds}s
${starttime} Get Time
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/${caseName}_HTTP.bat
... ELSE set variable curl -kv http://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime_http} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Run Keyword If '${testPart}'=='all' Sleep ${policyLogVerificationSleepSeconds}s
${endtime_http} Get Time
#日志验证
#GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 功能端验证SSL验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/${caseName}_SSL.bat
... ELSE set variable curl -kv https://open.node.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
#OpenSSL SSL_connect: Connection was reset in connection to
#Send failure: Connection was reset
... ELSE Create List OpenSSL SSL_connect: Connection reset by peer in connection to
${starttime_ssl} Get Time
${rescode} SystemCommands ${commandstr} ${stringlist}
Run Keyword If '${testPart}'=='all' Sleep ${policyLogVerificationSleepSeconds}s
${endtime_ssl} Get Time
#日志验证
#GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com
Comment 功能端验证DNS验证
Comment 功能端验证MAIL验证
#${mail} EmailLogin mail.tsgmail.com 25 dongxiaoyan@mail.tsgmail.com dxy123
${starttime_mail} Get Time
${Smtp服务器} Set Variable 192.168.100.5
${Smtp服务器端口} Set Variable 25
${邮箱账号} Set Variable dongxiaoyan@mail.tsgmail.com
${邮箱密码} Set Variable dxy123
${邮件主题} Set Variable что- иностранныеsuject
${发送者} Set Variable dongxiaoyan@mail.tsgmail.com
${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
${接收者} Set Variable ["jwctest@mail.tsgmail.com"]
${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"]
${密送者} Set Variable ["lyftest@mail.tsgmail.com"]
${邮件正文} Set Variable 朱明明contentчто-иностранныеsuject
${mail} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
should contain ${mail} mail_fail
Run Keyword If '${testPart}'=='all' Sleep ${policyLogVerificationSleepSeconds}s
${endtime_mail} Get Time
#日志验证
#GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_protocol_type SMTP
Comment 功能端验证FTP验证
${starttime_ftp} Get Time
${ftpLogin} FTP_login ftp://192.168.100.5:21 -u"ftp_user:qazXSW@edc" test.txt
should contain ${ftpLogin} ftp_fail
#日志验证
#GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ''
Run Keyword If '${testPart}'=='all' Sleep ${policyLogVerificationSleepSeconds}s
${endtime_ftp} Get Time
${endtime} Get Time
# 区分执行方式
Run Keyword If ${dict}==${None} insert_time_to_file ${caseName} ${starttime} ${endtime}
... ELSE Run Keyword Set To Dictionary ${dict} ${starttime} ${endtime}
log-test
# 日志验证
${obj} Run Keyword If ${dict}==${None} json.Loads ${caseName}
... ELSE Set Variable ${dict}
${policyId} Set Variable ${obj}[policyId]
${s} Convert to String ${policyId}
${objectids} Run Keyword If '${testPart}'!='all' set Variable ${obj}[objectids]
${policyIds} Run Keyword If '${testPart}'!='all' Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
#日志验证
GetLogList security_event_log ${starttime_http} ${endtime_http} ${testClentIP} ${s} http_host open.node.com
${obj}[starttime] ${obj}[endtime]
Comment 功能端验证SSL验证
#日志验证
GetLogList security_event_log ${starttime_ssl} ${endtime_ssl} ${testClentIP} ${s} ssl_sni open.node.com
Comment 功能端验证DNS验证
Comment 功能端验证MAIL验证
#日志验证
GetLogList security_event_log ${starttime_mail} ${endtime_mail} ${testClentIP} ${s} mail_protocol_type SMTP
Comment 功能端验证FTP验证
#日志验证
GetLogList security_event_log ${starttime_ftp} ${endtime_ftp} ${testClentIP} ${s} ftp_account ''
log-test_bak
# 日志验证
${obj} Run Keyword If ${dict}==${None} json.Loads ${caseName}
... ELSE Set Variable ${dict}
${policyId} Set Variable ${obj}[policyId]
${s} Convert to String ${policyId}
${objectids} Run Keyword If '${testPart}'!='all' set Variable ${obj}[objectids]
${policyIds} Run Keyword If '${testPart}'!='all' Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
#日志验证
#GetLogList security_event_log ${starttime_http} ${endtime_http} ${testClentIP} ${s} http_host open.node.com
GetLogList security_event_log ${obj}[starttime_http] ${obj}[endtime_http] ${testClentIP} ${s} http_host open.node.com
${obj}[starttime] ${obj}[endtime]
Comment 功能端验证SSL验证
#日志验证
#GetLogList security_event_log ${starttime_ssl} ${endtime_ssl} ${testClentIP} ${s} ssl_sni open.node.com
GetLogList security_event_log ${obj}[starttime_ssl} ${obj}[endtime_ssl} ${testClentIP} ${s} ssl_sni open.node.com
Comment 功能端验证DNS验证
Comment 功能端验证MAIL验证
#日志验证
#GetLogList security_event_log ${starttime_mail} ${endtime_mail} ${testClentIP} ${s} mail_protocol_type SMTP
GetLogList security_event_log ${obj}[starttime_mail} ${obj}[endtime_mail} ${testClentIP} ${s} mail_protocol_type SMTP
Comment 功能端验证FTP验证
#日志验证
#GetLogList security_event_log ${starttime_ftp} ${endtime_ftp} ${testClentIP} ${s} ftp_account ''
GetLogList security_event_log ${obj}[starttime_ftp} ${obj}[endtime_ftp} ${testClentIP} ${s} ftp_account ''
*** Test Cases ***
MultiSecurityPolicy-Deny-AllProtol-00001
[Tags] securitypolciy deny allprotol multistep
#${caseName} set variable SecurityPolicy-Deny-AllProtol-00001
Run Keyword If '${testPart}'=='all' Run Keywords create-object-policy True
... AND function-test
... AND log-test
... ELSE IF ${testPart}==1 Run Keyword create-object-policy
... ELSE IF ${testPart}==2 Run Keyword function-test
... ELSE IF ${testPart}==3 Run Keyword log-test
#{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"rst"},"referenceObject":[{"objectId":6926,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":6943,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]}],"isValid":0,"scheduleId":[],"appObjectIdArray":[2,3,4,5,6]}}
Reference in New Issue Copy Permalink