gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
009cee44c2724fd30e4a966f42156a2c03fec95b
dongxiaoyan-tsg-autotest/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace2.robot

654 lines
42 KiB
Plaintext
Raw Normal View History

cli相关文件更改大小写适应linux; 添加oam接口 中间件接口更新,添加限流测试
2020-06-11 09:26:43 +08:00
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
Force Tags zjj tsg_proxy replace
Library OperatingSystem
Resource ../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../03-Variable/PolicyObjectDefault.txt
Resource ../../02-Keyword/tsg_common/StmpHandle.robot
Resource ../../03-Variable/BifangApiVariable.txt
Library Custometest
Library json
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
${url} /policy/profile/decryption
${profiledId} ${EMPTY}
*** Test Cases ***
#添加测试数据
ZJJ_ProxyPolicy-131Replace-ResbodyReqbocy-00001
[Tags] selfserver SIP+DIP+URL
${caseName} set variable ZJJ_ProxyPolicy-131Replace-ResbodyReqbocy-00001
#创建url
${objectDict} Create Dictionary
... objectType=url
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_URLobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=www.baidu.com
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
${objectids} set variable ${objectids} ${object_URL_Id}
#创建url
${objectDict} Create Dictionary
... objectType=fqdn
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_fqdnobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=$www.baidu.com
${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id}
#{"opAction":"add","returnData":0,"list":[{"profileName":"dxytest","profileDesc":"","isValid":1,"decryption":{"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}}}]}
${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileDesc":"autotest_decryption_add","isValid":1,"decryption":{${dynamic_bypass},${certificate_checks},${protocol_version}}}]}
#{"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"profileDesc":"autotest"}]}}
${data} set variable ${requestbody}
${response} CreatePolicyFileNoFile ${url} ${data}
${decryption_profile} Get From Dictionary ${response} profileId
Comment 创建拦截策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=tsg_security
... policyDesc=${caseName}
... action=intercept
... effectiveRange=${Default_EffectiveRange}
#... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1}
... userRegion={"protocol":"SSL","keyring":1,"decryption":${decryption_profile},"decrypt_mirror":{"enable":0,"mirror_profile":null}}
... referenceObject=${object_FQDN_Id}|TSG_FIELD_SSL_SNI
... isValid=1
... appObjectIdArray=${3}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
Comment 创建带有比例的替换策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=pxy_manipulation
... policyDesc=${Default_PolicyDesc}
... action=manipulation
... effectiveRange=${Default_EffectiveRange}
... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_resp_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.5,"protocol":"HTTP"}
... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL
... isValid=1
... appObjectIdArray=${2}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${s} Convert to String ${policyId}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
ZJJ_ProxyPolicy-131Replace-ResbodyReqbocy-00002
[Tags] selfserver SIP+DIP+URL
${caseName} set variable ZJJ_ProxyPolicy-131Replace-ResbodyReqbocy-00002
#创建url
${objectDict} Create Dictionary
... objectType=url
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_URLobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=www.jd.com
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
#创建url
${objectDict} Create Dictionary
... objectType=fqdn
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_fqdnobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=$www.jd.com
${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id}
${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${data} set variable ${requestbody}
${response} CreatePolicyFileNoFile ${url} ${data}
${decryption_profile} Get From Dictionary ${response} profileId
Comment 创建拦截策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=tsg_security
... policyDesc=${caseName}
... action=intercept
... effectiveRange=${Default_EffectiveRange}
#... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1}
... userRegion={"protocol":"SSL","keyring":1,"decryption":${decryption_profile},"decrypt_mirror":{"enable":0,"mirror_profile":null}}
... referenceObject=${object_FQDN_Id}|TSG_FIELD_SSL_SNI
... isValid=1
... appObjectIdArray=${3}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
Comment 创建带有比例的替换策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=pxy_manipulation
... policyDesc=${Default_PolicyDesc}
... action=manipulation
... effectiveRange=${Default_EffectiveRange}
... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_resp_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.9999,"protocol":"HTTP"}
... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL
... isValid=1
... appObjectIdArray=${2}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${s} Convert to String ${policyId}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
#添加测试数据
ZJJ_ProxyPolicy-131Redirect-00001
[Tags] selfserver SIP+DIP+URL
${caseName} set variable ZJJ_ProxyPolicy-131Redirect-00001
#创建url
${objectDict} Create Dictionary
... objectType=url
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_URLobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=www.tmall.com
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
${objectids} set variable ${objectids} ${object_URL_Id}
#创建fqdn
${objectDict} Create Dictionary
... objectType=fqdn
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_fqdnobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=$www.tmall.com
${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id}
#{"opAction":"add","returnData":0,"list":[{"profileName":"dxytest","profileDesc":"","isValid":1,"decryption":{"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}}}]}
${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileDesc":"autotest_decryption_add","isValid":1,"decryption":{${dynamic_bypass},${certificate_checks},${protocol_version}}}]}
#{"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"profileDesc":"autotest"}]}}
${data} set variable ${requestbody}
${response} CreatePolicyFileNoFile ${url} ${data}
${decryption_profile} Get From Dictionary ${response} profileId
Comment 创建拦截策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=tsg_security
... policyDesc=${caseName}
... action=intercept
... effectiveRange=${Default_EffectiveRange}
#... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1}
... userRegion={"protocol":"SSL","keyring":1,"decryption":${decryption_profile},"decrypt_mirror":{"enable":0,"mirror_profile":null}}
... referenceObject=${object_FQDN_Id}|TSG_FIELD_SSL_SNI
... isValid=1
... appObjectIdArray=${3}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
#{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"pxy_manipulation","action":"manipulation",
#"userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},
#"userRegion":{"method":"redirect","to":"https://zhidao.baidu.com","code":302,"protocol":"HTTP"},
#"isValid":0,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":1192,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]},{"objectId":1194,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
Comment 创建带有比例的替换策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=pxy_manipulation
... policyDesc=${Default_PolicyDesc}
... action=manipulation
... effectiveRange=${Default_EffectiveRange}
... userRegion={"method":"redirect","to":"https://zhidao.baidu.com","code":302,"enforcement_ratio":0.5,"protocol":"HTTP"}
... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL
... isValid=1
... appObjectIdArray=${2}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${s} Convert to String ${policyId}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
ZJJ_ProxyPolicy-131Redirect-00002
[Tags] selfserver SIP+DIP+URL
${caseName} set variable ZJJ_ProxyPolicy-131Redirect-00002
#创建url
${objectDict} Create Dictionary
... objectType=url
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_URLobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=www.vip.com
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
#创建url
${objectDict} Create Dictionary
... objectType=fqdn
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_fqdnobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=$www.vip.com
${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id}
${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${data} set variable ${requestbody}
${response} CreatePolicyFileNoFile ${url} ${data}
${decryption_profile} Get From Dictionary ${response} profileId
Comment 创建拦截策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=tsg_security
... policyDesc=${caseName}
... action=intercept
... effectiveRange=${Default_EffectiveRange}
#... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1}
... userRegion={"protocol":"SSL","keyring":1,"decryption":${decryption_profile},"decrypt_mirror":{"enable":0,"mirror_profile":null}}
... referenceObject=${object_FQDN_Id}|TSG_FIELD_SSL_SNI
... isValid=1
... appObjectIdArray=${3}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
Comment 创建带有比例的替换策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=pxy_manipulation
... policyDesc=${Default_PolicyDesc}
... action=manipulation
... effectiveRange=${Default_EffectiveRange}
#... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_resp_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":1,"protocol":"HTTP"}
... userRegion={"method":"redirect","to":"http://image.baidu.com/","code":301,"enforcement_ratio":0.9999,"protocol":"HTTP"}
... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL
... isValid=1
... appObjectIdArray=${2}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${s} Convert to String ${policyId}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
#添加测试数据
ZJJ_ProxyPolicy-131Hjack-00001
[Tags] selfserver SIP+DIP+URL
${caseName} set variable ZJJ_ProxyPolicy-131Hjack-00001
#创建url
${objectDict} Create Dictionary
... objectType=url
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_URLobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=www.126.com
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
${objectids} set variable ${objectids} ${object_URL_Id}
#创建fqdn
${objectDict} Create Dictionary
... objectType=fqdn
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_fqdnobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=$www.126.com
${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id}
#{"opAction":"add","returnData":0,"list":[{"profileName":"dxytest","profileDesc":"","isValid":1,"decryption":{"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}}}]}
${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileDesc":"autotest_decryption_add","isValid":1,"decryption":{${dynamic_bypass},${certificate_checks},${protocol_version}}}]}
#{"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"profileDesc":"autotest"}]}}
${data} set variable ${requestbody}
${response} CreatePolicyFileNoFile ${url} ${data}
${decryption_profile} Get From Dictionary ${response} profileId
Comment 创建拦截策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=tsg_security
... policyDesc=${caseName}
... action=intercept
... effectiveRange=${Default_EffectiveRange}
#... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1}
... userRegion={"protocol":"SSL","keyring":1,"decryption":${decryption_profile},"decrypt_mirror":{"enable":0,"mirror_profile":null}}
... referenceObject=${object_FQDN_Id}|TSG_FIELD_SSL_SNI
... isValid=1
... appObjectIdArray=${3}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
#{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":2,"policyDesc":"",
#"effectiveRange":{"tag_sets":[[]]},
#"userRegion":{"method":"hijack","hijack_profile":2,"protocol":"HTTP"}
#,"isValid":0,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":1192,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]},{"objectId":1187,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
Comment 创建带有比例的替换策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=pxy_manipulation
... policyDesc=${Default_PolicyDesc}
... action=manipulation
... effectiveRange=${Default_EffectiveRange}
... userRegion={"method":"hijack","hijack_profile":2,"enforcement_ratio":0.5,"protocol":"HTTP"}
... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL
... isValid=1
... appObjectIdArray=${2}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${s} Convert to String ${policyId}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
ZJJ_ProxyPolicy-131Hjack-00002
[Tags] selfserver SIP+DIP+URL
${caseName} set variable ZJJ_ProxyPolicy-131Hjack-00002
#创建url
${objectDict} Create Dictionary
... objectType=url
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_URLobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=www.jd.com
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
${objectids} set variable ${object_URL_Id}
#创建url
${objectDict} Create Dictionary
... objectType=fqdn
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_fqdnobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=$www.jd.com
${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id}
${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${data} set variable ${requestbody}
${response} CreatePolicyFileNoFile ${url} ${data}
${decryption_profile} Get From Dictionary ${response} profileId
Comment 创建拦截策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=tsg_security
... policyDesc=${caseName}
... action=intercept
... effectiveRange=${Default_EffectiveRange}
... userRegion={"protocol":"SSL","keyring":1,"decryption":${decryption_profile},"decrypt_mirror":{"enable":0,"mirror_profile":null}}
... referenceObject=${object_FQDN_Id}|TSG_FIELD_SSL_SNI
... isValid=1
... appObjectIdArray=${3}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
Comment 创建带有比例的替换策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=pxy_manipulation
... policyDesc=${Default_PolicyDesc}
... action=manipulation
... effectiveRange=${Default_EffectiveRange}
#... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_resp_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":1,"protocol":"HTTP"}
... userRegion={"method":"hijack","hijack_profile":2,"enforcement_ratio":0.9999,"protocol":"HTTP"}
... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL
... isValid=1
... appObjectIdArray=${2}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${s} Convert to String ${policyId}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
#添加测试数据
ZJJ_ProxyPolicy-131Insert-00001
[Tags] selfserver SIP+DIP+URL
${caseName} set variable ZJJ_ProxyPolicy-131Insert-00001
#创建url
${objectDict} Create Dictionary
... objectType=url
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_URLobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=www.tmall.com
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
${objectids} set variable ${objectids} ${object_URL_Id}
#创建fqdn
${objectDict} Create Dictionary
... objectType=fqdn
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_fqdnobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=$www.tmall.com
${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id}
#{"opAction":"add","returnData":0,"list":[{"profileName":"dxytest","profileDesc":"","isValid":1,"decryption":{"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}}}]}
${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
${protocol_version} set variable "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","profileDesc":"autotest_decryption_add","isValid":1,"decryption":{${dynamic_bypass},${certificate_checks},${protocol_version}}}]}
#{"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"profileDesc":"autotest"}]}}
${data} set variable ${requestbody}
${response} CreatePolicyFileNoFile ${url} ${data}
${decryption_profile} Get From Dictionary ${response} profileId
Comment 创建拦截策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=tsg_security
... policyDesc=${caseName}
... action=intercept
... effectiveRange=${Default_EffectiveRange}
#... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1}
... userRegion={"protocol":"SSL","keyring":1,"decryption":${decryption_profile},"decrypt_mirror":{"enable":0,"mirror_profile":null}}
... referenceObject=${object_FQDN_Id}|TSG_FIELD_SSL_SNI
... isValid=1
... appObjectIdArray=${3}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
#{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},
#"userRegion":{"method":"insert","insert_profile":2,"protocol":"HTTP"}
#,"isValid":0,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":1192,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":1194,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
Comment 创建带有比例的替换策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=pxy_manipulation
... policyDesc=${Default_PolicyDesc}
... action=manipulation
... effectiveRange=${Default_EffectiveRange}
... userRegion={"method":"insert","insert_profile":2,"enforcement_ratio":0.5,"protocol":"HTTP"}
... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL
... isValid=1
... appObjectIdArray=${2}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${s} Convert to String ${policyId}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
ZJJ_ProxyPolicy-131Insert-00002
[Tags] selfserver SIP+DIP+URL
${caseName} set variable ZJJ_ProxyPolicy-131Insert-00002
#创建url
${objectDict} Create Dictionary
... objectType=url
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_URLobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=www.jd.com
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
${objectids} set variable ${object_URL_Id}
#创建url
${objectDict} Create Dictionary
... objectType=fqdn
... isValid=${1}
... objectSubType=${Default_ObjectSubType}
... isInitialize=${Default_IsInitialize}
... isExclusion=${Default_IsExclusion}
... objectName=${caseName}_fqdnobject
... objectDesc=${Default_ObjectDesc}
... subObjectIds=${Default_SubObjectIds}
... addItemList=$www.jd.com
${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id}
${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1}
${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
${data} set variable ${requestbody}
${response} CreatePolicyFileNoFile ${url} ${data}
${decryption_profile} Get From Dictionary ${response} profileId
Comment 创建拦截策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=tsg_security
... policyDesc=${caseName}
... action=intercept
... effectiveRange=${Default_EffectiveRange}
... userRegion={"protocol":"SSL","keyring":1,"decryption":${decryption_profile},"decrypt_mirror":{"enable":0,"mirror_profile":null}}
... referenceObject=${object_FQDN_Id}|TSG_FIELD_SSL_SNI
... isValid=1
... appObjectIdArray=${3}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
Comment 创建带有比例的替换策略
${policyDict} Create Dictionary
... policyName=${caseName}
... policyType=pxy_manipulation
... policyDesc=${Default_PolicyDesc}
... action=manipulation
... effectiveRange=${Default_EffectiveRange}
#... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_resp_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":1,"protocol":"HTTP"}
... userRegion={"method":"insert","insert_profile":2,"enforcement_ratio":0.9999,"protocol":"HTTP"}
... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL
... isValid=1
... appObjectIdArray=${2}
... userTags=${Default_UserTags}
... doLog=${Default_DoLog}
... scheduleId=${Default_ScheduleId}
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${s} Convert to String ${policyId}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
Reference in New Issue Copy Permalink