2020-04-24 10:42:33 +08:00
|
|
|
*** Settings ***
|
|
|
|
|
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
|
|
|
|
|
Force Tags tsg_adc Security_Policy
|
|
|
|
|
Library OperatingSystem
|
|
|
|
|
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
|
|
|
|
|
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
|
|
|
|
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
|
|
|
|
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
|
|
|
|
|
Library Custometest
|
|
|
|
|
|
|
|
|
|
*** Variables ***
|
|
|
|
|
${policyIds} ${EMPTY}
|
|
|
|
|
${objectids} ${EMPTY}
|
|
|
|
|
|
|
|
|
|
*** Test Cases ***
|
|
|
|
|
SecurityPolicy-Deny-Ftp-00001
|
2020-04-25 21:20:16 +08:00
|
|
|
[Tags] Selfserver Deny Ftp Account子串匹配
|
2020-04-24 10:42:33 +08:00
|
|
|
Comment 创建Account
|
|
|
|
|
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user
|
|
|
|
|
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
|
|
|
|
|
${objectids} set Variable ${object_Account_Id}
|
|
|
|
|
Comment 创建安全策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
|
|
|
|
|
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
|
|
|
|
#删除策略
|
|
|
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
|
|
|
|
Comment 功能端验证
|
|
|
|
|
${starttime} Get Time
|
|
|
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|
|
|
|
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english
|
2020-04-24 15:57:51 +08:00
|
|
|
should contain ${FTP} ftp_fail
|
2020-04-24 10:42:33 +08:00
|
|
|
Sleep ${policyLogVerificationSleepSeconds}s
|
|
|
|
|
${endtime} Get Time
|
|
|
|
|
#日志验证
|
|
|
|
|
${s} Convert to String ${policyId}
|
|
|
|
|
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
|
|
|
|
|
|
|
|
|
|
SecurityPolicy-Deny-Ftp-00002
|
2020-04-25 21:20:16 +08:00
|
|
|
[Tags] Selfserver Deny Ftp Account右匹配
|
2020-04-24 10:42:33 +08:00
|
|
|
Comment 创建Account
|
|
|
|
|
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user
|
|
|
|
|
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
|
|
|
|
|
${objectids} set Variable ${object_Account_Id}
|
|
|
|
|
Comment 创建安全策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
|
|
|
|
|
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
|
|
|
|
#删除策略
|
|
|
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
|
|
|
|
Comment 功能端验证
|
|
|
|
|
${starttime} Get Time
|
|
|
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|
|
|
|
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english
|
2020-04-24 15:57:51 +08:00
|
|
|
should contain ${FTP} ftp_fail
|
2020-04-24 10:42:33 +08:00
|
|
|
Sleep ${policyLogVerificationSleepSeconds}s
|
|
|
|
|
${endtime} Get Time
|
|
|
|
|
#日志验证
|
|
|
|
|
${s} Convert to String ${policyId}
|
|
|
|
|
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
|
|
|
|
|
|
|
|
|
|
SecurityPolicy-Deny-Ftp-00003
|
2020-04-25 21:20:16 +08:00
|
|
|
[Tags] Selfserver Deny Ftp Account完整匹配
|
2020-04-24 10:42:33 +08:00
|
|
|
Comment 创建Account
|
|
|
|
|
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$ftp_user
|
|
|
|
|
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
|
|
|
|
|
${objectids} set Variable ${object_Account_Id}
|
|
|
|
|
Comment 创建安全策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
|
|
|
|
|
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
|
|
|
|
#删除策略
|
|
|
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
|
|
|
|
Comment 功能端验证
|
|
|
|
|
${starttime} Get Time
|
|
|
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|
|
|
|
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english
|
2020-04-24 15:57:51 +08:00
|
|
|
should contain ${FTP} ftp_fail
|
2020-04-24 10:42:33 +08:00
|
|
|
Sleep ${policyLogVerificationSleepSeconds}s
|
|
|
|
|
${endtime} Get Time
|
|
|
|
|
#日志验证
|
|
|
|
|
${s} Convert to String ${policyId}
|
|
|
|
|
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
|
|
|
|
|
|
|
|
|
|
SecurityPolicy-Deny-Ftp-00004
|
2020-04-25 21:20:16 +08:00
|
|
|
[Tags] Selfserver Deny Ftp Account左匹配
|
2020-04-24 10:42:33 +08:00
|
|
|
Comment 创建Account
|
|
|
|
|
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_u*
|
|
|
|
|
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
|
|
|
|
|
${objectids} set Variable ${object_Account_Id}
|
|
|
|
|
Comment 创建安全策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
|
|
|
|
|
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
|
|
|
|
#删除策略
|
|
|
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
|
|
|
|
Comment 功能端验证
|
|
|
|
|
${starttime} Get Time
|
|
|
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|
|
|
|
${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english
|
2020-04-24 15:57:51 +08:00
|
|
|
should contain ${FTP} ftp_fail
|
2020-04-24 10:42:33 +08:00
|
|
|
Sleep ${policyLogVerificationSleepSeconds}s
|
|
|
|
|
${endtime} Get Time
|
|
|
|
|
#日志验证
|
|
|
|
|
${s} Convert to String ${policyId}
|
|
|
|
|
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
|
|
|
|
|
|
|
|
|
|
SecurityPolicy-Deny-Ftp-00005
|
2020-04-25 21:20:16 +08:00
|
|
|
[Tags] Selfserver Deny Ftp Account子串匹配
|
|
|
|
|
Comment 创建Account
|
2020-04-24 10:42:33 +08:00
|
|
|
${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user
|
2020-04-24 15:57:51 +08:00
|
|
|
${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict}
|
|
|
|
|
${objectids} set Variable ${object_Account_Id}
|
2020-04-24 10:42:33 +08:00
|
|
|
Comment 创建安全策略
|
2020-04-25 21:20:16 +08:00
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6
|
2020-04-24 10:42:33 +08:00
|
|
|
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
|
|
|
|
#删除策略
|
|
|
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
|
|
|
|
Comment 功能端验证
|
|
|
|
|
${starttime} Get Time
|
2020-04-24 15:57:51 +08:00
|
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|
|
|
|
${FTP} FTP_down ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 435814 zmmtext123.txt
|
|
|
|
|
should contain ${FTP} ftp_fail
|
2020-04-24 10:42:33 +08:00
|
|
|
Sleep ${policyLogVerificationSleepSeconds}s
|
|
|
|
|
${endtime} Get Time
|
|
|
|
|
#日志验证
|
|
|
|
|
${s} Convert to String ${policyId}
|
|
|
|
|
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user
|
