diff --git a/01-TestCase/tsg_adc/multi_step/a_Allow_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Allow_Http_Tests.robot index dea2935..4e2de73 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Allow_Http_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Allow_Http_Tests.robot @@ -10,7 +10,7 @@ Resource ../../../03-Variable/ApplicationID.txt *** Test Cases *** SecurityPolicy-Allow-Http-00001 - [Tags] halashaohahaha + [Tags] fqdn right match,whole world match,ip geo,url Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*clintonairport.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} @@ -66,4 +66,16 @@ SecurityPolicy-Allow-Http-00002 insert_policyId_to_file1 allow_http_objectId7 ${objectId2} insert_policyId_to_file1 allow_http_objectId8 ${objectId3} insert_policyId_to_file1 allow_http_policyId1 ${policyId} + +SecurityPolicy-Allow-Http-00003 + [Tags] the minimum match + Comment 与allow00002组合验证筛选条件优先级 + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-Http-00003 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol":"HTTP"} isValid=${0} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} Get-Pids ${policyId} + ${policyId} Set Variable ${policyId}[0] + insert_policyId_to_file1 allow_http_policyId2 ${policyId} + diff --git a/01-TestCase/tsg_adc/multi_step/a_Allow_Ssl_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Allow_Ssl_Tests.robot index a199191..7c00f07 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Allow_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Allow_Ssl_Tests.robot @@ -47,3 +47,14 @@ SecurityPolicy-Allow-Ssl-00002 insert_policyId_to_file1 allow_ssl_objectId1 ${objectId} insert_policyId_to_file1 allow_ssl_objectId3 ${objectId1} insert_policyId_to_file1 allow_ssl_policyId1 ${policyId} + +SecurityPolicy-Allow-Ssl-00003 + [Tags] the minimum match + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-Ssl-00003 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol":"SSL"} isValid=${0} appIdObjects=${SSL_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} Get-Pids ${policyId} + ${policyId} Set Variable ${policyId}[0] + insert_policyId_to_file1 allow_ssl_policyId2 ${policyId} + diff --git a/01-TestCase/tsg_adc/multi_step/a_Allow_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Allow_Tests.robot index 43ca7d1..cebb7e2 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Allow_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Allow_Tests.robot @@ -12,6 +12,7 @@ Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody. *** Test Cases *** Proxy-Policy-allow-00001 [Tags] fqdn完整匹配 修改fqdn + log ${testClentSubID} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$mp.pipix.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} @@ -19,7 +20,7 @@ Proxy-Policy-allow-00001 ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*mp.pipix.com ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建拦截策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-allow policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-allow policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} @@ -57,7 +58,7 @@ Proxy-Policy-allow-00002 insert_policyId_to_file1 allow_policyId1 ${policyId2} Proxy-Policy-allow-00003 - [Tags] url4种匹配 + [Tags] url4种匹配,fqdn_category Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*csgo500.com,*znakitaro.ru,*astrou.ru,*lunar.pw ${rescode} ${objectId} AddObject2 ${1} ${objectDict} @@ -213,7 +214,7 @@ Proxy-Policy-allow-00008 Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=market/overview/ ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - Comment 创建请求头 + Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment Comment 创建拦截策略 @@ -242,7 +243,7 @@ Proxy-Policy-allow-00009 Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=lawrules ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - Comment 创建请求头 + Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment Comment 创建拦截策略 @@ -271,7 +272,7 @@ Proxy-Policy-allow-00010 Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=about/intro ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - Comment 创建请求头 + Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html|Content-Type ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment Comment 创建拦截策略 @@ -419,3 +420,6 @@ Proxy-Policy-allow-00014 insert_policyId_to_file1 allow_objectId38 ${object_sk_Id} insert_policyId_to_file1 intercept_allow_policyId13 ${policyId1} insert_policyId_to_file1 allow_policyId13 ${policyId2} + +Proxy-Policy-allow-00015 + [Tags] the minimum match diff --git a/01-TestCase/tsg_adc/multi_step/a_Deny_Dns_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Deny_Dns_Tests.robot index b82afe2..917ab63 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Deny_Dns_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Dns_Tests.robot @@ -38,7 +38,7 @@ SecurityPolicy-Deny-Dns-00002 ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*arctictrucks.ru,*wifika.ru ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.jd.com","ttl":{"min":500,"max":500}},{"atype":"A","value":"192.168.41.186","ttl":{"min":300,"max":300}}]}]} filterList=103|TSG_FIELD_DNS_QNAME,103|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=${DNS_ID} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.jd.com","ttl":{"min":500,"max":500}},{"atype":"A","value":"192.168.41.186","ttl":{"min":300,"max":300}}]}]} filterList=103|TSG_FIELD_DNS_QNAME,${objectId}|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=${DNS_ID} log ${policyDict} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyId} Get-Pids ${policyId} @@ -80,3 +80,15 @@ SecurityPolicy-Deny-Dns-00004 insert_policyId_to_file1 deny_dns_objectId3 ${objectId} insert_policyId_to_file1 deny_dns_objectId5 ${objectId1} insert_policyId_to_file1 deny_dns_policyId3 ${policyId} + +SecurityPolicy-Deny-Dns-00005 + [Tags] the minimum match + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00005 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"drop"} isValid=${0} appIdObjects=${DNS_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} Get-Pids ${policyId} + ${policyId} Set Variable ${policyId}[0] + insert_policyId_to_file1 deny_dns_policyId4 ${policyId} + log ${defaultClient} + diff --git a/01-TestCase/tsg_adc/multi_step/a_Deny_Ftp_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Deny_Ftp_Tests.robot index b56ab10..ae75fc4 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Deny_Ftp_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Ftp_Tests.robot @@ -111,3 +111,13 @@ SecurityPolicy-Deny-Ftp-00004 insert_policyId_to_file1 deny_ftp_objectId10 ${object_url_Id} insert_policyId_to_file1 deny_ftp_objectId11 ${object_content_Id} insert_policyId_to_file1 deny_ftp_policyId3 ${policyId} + +SecurityPolicy-Deny-Ftp-00005 + [Tags] the minimum match + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00005 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"rst"} isValid=${0} appIdObjects=${FTP_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + insert_policyId_to_file1 deny_ftp_policyId4 ${policyId} + ${policyId} Get-Pids ${policyId} + ${policyId} Set Variable ${policyId}[0] + diff --git a/01-TestCase/tsg_adc/multi_step/a_Deny_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Deny_Http_Tests.robot index ccd21d2..0ec65f8 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Deny_Http_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Http_Tests.robot @@ -376,3 +376,13 @@ SecurityPolicy-Deny-Http-00018 insert_policyId_to_file1 deny_http_objectId33 ${objectId} insert_policyId_to_file1 deny_http_objectId34 ${object_fqdn_Id} insert_policyId_to_file1 deny_http_policyId17 ${policyId} + +SecurityPolicy-Deny-Http-00019 + [Tags] the minimum match + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00019 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} isValid=${0} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} Get-Pids ${policyId} + ${policyId} Set Variable ${policyId}[0] + insert_policyId_to_file1 deny_http_policyId18 ${policyId} + \ No newline at end of file diff --git a/01-TestCase/tsg_adc/multi_step/a_Deny_Mail_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Deny_Mail_Tests.robot index 57f3094..b52b2fe 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Deny_Mail_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Mail_Tests.robot @@ -13,7 +13,7 @@ Resource ../../../03-Variable/ApplicationID.txt *** Test Cases *** SecurityPolicy-Deny-Mail-00001 [Tags] content字串匹配 update:ip geo,Content - Comment 创建Content + Comment 创建Content1 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} Comment 创建ip geo @@ -21,11 +21,11 @@ SecurityPolicy-Deny-Mail-00001 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=geo_location isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} - Comment 创建Content + Comment 创建Content2 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=$Простопорно ${rescode} ${object_Content_Id1} AddObject2 ${1} ${objectDict} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00001dxytest policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appIdObjects=${MAIL_ID} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appIdObjects=${MAIL_ID} #userRegion={"protocol":"MAIL","method":"block","code":550} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyId} Get-Pids ${policyId} @@ -54,16 +54,16 @@ SecurityPolicy-Deny-Mail-00002 SecurityPolicy-Deny-Mail-00003 [Tags] from右匹配 subject右匹配 update: from,subject - Comment 创建Subject + Comment 创建Subject1 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*ОВИДЕО ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} - Comment 创建From + Comment 创建From1 ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*163.com ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} - Comment 创建Subject + Comment 创建Subject2 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=ОВИДЕО ${rescode} ${object_Subject_Id1} AddObject2 ${1} ${objectDict} - Comment 创建From + Comment 创建From2 ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=163.com ${rescode} ${object_From_Id1} AddObject2 ${1} ${objectDict} Comment 创建安全策略 @@ -296,3 +296,11 @@ SecurityPolicy-Deny-Mail-00015 insert_policyId_to_file1 deny_mail_objectId30 ${object_To_Id} insert_policyId_to_file1 deny_mail_objectId31 ${object_Account_Id} insert_policyId_to_file1 deny_mail_policyId14 ${policyId} + +SecurityPolicy-Deny-Mail-00016 + [Tags] the minimum match + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00016 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"rst"} isValid=${0} appIdObjects=${MAIL_ID} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} Get-Pids ${policyId} + ${policyId} Set Variable ${policyId}[0] + insert_policyId_to_file1 deny_mail_policyId15 ${policyId} diff --git a/01-TestCase/tsg_adc/multi_step/a_Deny_Ssl_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Deny_Ssl_Tests.robot index f882b86..7ebbc88 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Deny_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Ssl_Tests.robot @@ -93,3 +93,12 @@ SecurityPolicy-Deny-Ssl-00005 ${policyId} Set Variable ${policyId}[0] insert_policyId_to_file1 deny_ssl_objectId7 ${objectId} insert_policyId_to_file1 deny_ssl_policyId4 ${policyId} + +SecurityPolicy-Deny-Ssl-00006 + [Tags] the minimum match + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Ssl-00006 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"drop"} isValid=${0} appIdObjects=${SSL_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} Get-Pids ${policyId} + ${policyId} Set Variable ${policyId}[0] diff --git a/01-TestCase/tsg_adc/multi_step/a_Deny_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Deny_Tests.robot index c97c0a2..a7635f9 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Deny_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Tests.robot @@ -242,7 +242,7 @@ Proxy-Policy-deny-00008 Comment 创建fqdn2 ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*tianya.cn ${rescode} ${objectId3} AddObject2 ${1} ${objectDict} - Comment 创建url + Comment 创建url2 ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=tianya.cn ${rescode} ${objectId4} AddObject2 ${1} ${objectDict} Comment 创建应答头2 diff --git a/01-TestCase/tsg_adc/multi_step/a_Hijack_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Hijack_Tests.robot index 75aaa0c..923fef1 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Hijack_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Hijack_Tests.robot @@ -367,7 +367,7 @@ Proxy-Policy-hijack-00011 ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment Comment 创建拦截策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack-011 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${0} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} diff --git a/01-TestCase/tsg_adc/multi_step/a_Insert_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Insert_Tests.robot index 8e633cf..f784e8c 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Insert_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Insert_Tests.robot @@ -204,7 +204,7 @@ Proxy-Policy-insert-00006 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建insert策略 - ${policyDict} Create Dictionary policyName=Proxy-Policy-insert-00006 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} + ${policyDict} Create Dictionary policyName=Proxy-Policy-insert-00006 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"insert","insert_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} diff --git a/01-TestCase/tsg_adc/multi_step/a_Monitor_Ftp_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Monitor_Ftp_Tests.robot index 3ab7b8e..59154f5 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Monitor_Ftp_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Monitor_Ftp_Tests.robot @@ -11,13 +11,13 @@ Resource ../../../03-Variable/ApplicationID.txt *** Test Cases *** SecurityPolicy-Monitor-Ftp-00001 [Tags] 子串匹配 update :ip geo,url,content,account - Comment 创建Account + Comment 创建Account1 ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftpuser ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} - Comment 创建url + Comment 创建url1 ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=123zxcvbnm.txt ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} - Comment 创建content + Comment 创建content1 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=crfvtgbyhnuj ${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict} Comment 创建ip geo @@ -25,13 +25,13 @@ SecurityPolicy-Monitor-Ftp-00001 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=geo_location isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} - Comment 创建Account + Comment 创建Account2 ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$ftpuser ${rescode} ${object_Account_Id1} AddObject2 ${1} ${objectDict} - Comment 创建url + Comment 创建url2 ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*cvbnm.txt ${rescode} ${object_url_Id1} AddObject2 ${1} ${objectDict} - Comment 创建content + Comment 创建content2 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*tgbyhnuj ${rescode} ${object_content_Id1} AddObject2 ${1} ${objectDict} Comment 创建安全策略 diff --git a/01-TestCase/tsg_adc/multi_step/a_Monitor_Mail_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Monitor_Mail_Tests.robot index 22639a2..4449792 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Monitor_Mail_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Monitor_Mail_Tests.robot @@ -12,7 +12,7 @@ Resource ../../../03-Variable/ApplicationID.txt *** Test Cases *** SecurityPolicy-Monitor-Mail-00001 [Tags] content字串匹配 update :ip geo,Content - Comment 创建Content + Comment 创建Content1 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=zzzzz ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} Comment 创建ip geo @@ -20,7 +20,7 @@ SecurityPolicy-Monitor-Mail-00001 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=geo_location isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} - Comment 创建Content + Comment 创建Content2 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*zzz ${rescode} ${object_Content_Id1} AddObject2 ${1} ${objectDict} Comment 创建安全策略 @@ -35,7 +35,7 @@ SecurityPolicy-Monitor-Mail-00001 SecurityPolicy-Monitor-Mail-00002 [Tags] att_cont字串匹配 update:att_cont - Comment 创建ATT_CONT + Comment 创建ATT_CONT1 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=朱明明测试文件 ${rescode} ${object_ATT_CONT_Id} AddObject2 ${1} ${objectDict} Comment 创建ATT_CONT2 @@ -52,10 +52,10 @@ SecurityPolicy-Monitor-Mail-00002 SecurityPolicy-Monitor-Mail-00003 [Tags] subject右匹配 from右匹配 update :subject, from - Comment 创建Subject + Comment 创建Subject1 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*асятся ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} - Comment 创建From + Comment 创建From1 ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*qq.com ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} Comment 创建Subject2 diff --git a/01-TestCase/tsg_adc/multi_step/a_Redirect_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Redirect_Tests.robot index 53ca42c..d34afae 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Redirect_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Redirect_Tests.robot @@ -292,7 +292,7 @@ Proxy-Policy-redirect-00010 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html|Content-Type ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment Comment 创建拦截策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-redirect policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-redirect policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${0} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyId1} Get-Pids ${policyId1} @@ -472,7 +472,7 @@ Proxy-Policy-redirect-00016 ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*personal/ ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} Comment 创建cookie - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=saltkey|Cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=COOKIE_SUPPORT|Cookie ${rescode} ${object_qq_Id} AddObject2 ${1} ${objectDict} Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=GUEST_LANGUAGE_ID|Set-Cookie diff --git a/01-TestCase/tsg_adc/multi_step/a_Replace_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Replace_Tests.robot index 307d3f2..aa14ab0 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Replace_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Replace_Tests.robot @@ -47,13 +47,13 @@ Proxy-Policy-replace-00001 Proxy-Policy-replace-00002 [Tags] cat右匹配 update policy:url, replace content:http_req_uri Comment 创建fqdn - ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*plishsplash.com + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*stana.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建url - ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=www.splishsplash.com + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=airastana.com ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建url2 - ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*shsplash.com + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*airastana.com ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} Comment Comment 创建拦截策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-replace policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=109|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} @@ -62,7 +62,7 @@ Proxy-Policy-replace-00002 ${policyId1} Get-Pids ${policyId1} ${policyId1} Set Variable ${policyId1}[0] Comment 创建replace策略 - ${policyDict} Create Dictionary policyName=Proxy-Policy-replace-00002 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"replace","rules":[{"search_in":"http_req_uri","find":"splishsplash","replace_with":"facebook"}],"protocol":"HTTP"} filterList=109|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} + ${policyDict} Create Dictionary policyName=Proxy-Policy-replace-00002 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"replace","rules":[{"search_in":"http_req_uri","find":"Kop-baghytty-ushu","replace_with":"Arnaiy-usynystar"}],"protocol":"HTTP"} filterList=109|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2 ${policyId2} Get-Pids ${policyId2} diff --git a/01-TestCase/tsg_adc/multi_step/b_Allow_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Allow_Http_Tests.robot index 360c15e..a34c0f4 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Allow_Http_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Allow_Http_Tests.robot @@ -47,3 +47,21 @@ SecurityPolicy-Allow-Http-00002 ${stringlist} run keyword if '${systemType}'=='Windows' Create List 女生小说-香网小说网 ... ELSE Create List 女生小说-香网小说网 ${rescode} SystemCommands ${commandstr} ${stringlist} + +SecurityPolicy-Allow-Http-00003 + Comment 开启allow策略 + ${policyDict} Create Dictionary policyId=${allow_http_policyId2} policyName=SecurityPolicy-Allow-Http-00003-1 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol":"HTTP"} isValid=${1} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + sleep ${policyModifySleepSeconds} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00002.bat + ... ELSE set variable curl http://scoutbahamas.org/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List ScoutBahamas.org + ... ELSE Create List ScoutBahamas.org + ${rescode} SystemCommands ${commandstr} ${stringlist} + Comment 关闭allow策略 + ${policyDict} Create Dictionary policyId=${allow_http_policyId2} policyName=SecurityPolicy-Allow-Http-00003-2 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol":"HTTP"} isValid=${0} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + diff --git a/01-TestCase/tsg_adc/multi_step/b_Allow_Ssl_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Allow_Ssl_Tests.robot index 4f0d9f6..6e9493d 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Allow_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Allow_Ssl_Tests.robot @@ -47,3 +47,22 @@ SecurityPolicy-Allow-Ssl-00002 ${stringlist} run keyword if '${systemType}'=='Windows' Create List 心悦 ... ELSE Create List 心悦 ${rescode} SystemCommands ${commandstr} ${stringlist} + +SecurityPolicy-Allow-Ssl-00003 + Comment 开启allow策略 + ${policyDict} Create Dictionary policyId=${allow_ssl_policyId2} policyName=SecurityPolicy-Allow-Ssl-00003-1 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol":"SSL"} isValid=${1} appIdObjects=${SSL_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + sleep ${policyModifySleepSeconds} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Allow_SSL_00002.bat + ... ELSE set variable curl -kv https://protonmail.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Secure email + ... ELSE Create List Secure email + ${rescode} SystemCommands ${commandstr} ${stringlist} + Comment 关闭allow策略 + ${policyDict} Create Dictionary policyId=${allow_ssl_policyId2} policyName=SecurityPolicy-Allow-Ssl-00003-2 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol":"SSL"} isValid=${0} appIdObjects=${SSL_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + + diff --git a/01-TestCase/tsg_adc/multi_step/b_Allow_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Allow_Tests.robot index 1fd095c..8488909 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Allow_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Allow_Tests.robot @@ -79,7 +79,7 @@ Proxy-Policy-allow-00004 ... ELSE Create List 上网从这里开始 Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 改变allow策略 - ${policyDict} Create Dictionary policyId=${allow_policyId3} policyName=Proxy-Policy-allow-00004 policyType=pxy_manipulation policyDesc=autotest action=allow userRegion={"method":"allow","protocol":"HTTP"} filterList=${allow_objectId40}|TSG_FIELD_HTTP_URL,${allow_objectId41}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} + ${policyDict} Create Dictionary policyId=${allow_policyId3} policyName=Proxy-Policy-allow-00004-1 policyType=pxy_manipulation policyDesc=autotest action=allow userRegion={"method":"allow","protocol":"HTTP"} filterList=${allow_objectId40}|TSG_FIELD_HTTP_URL,${allow_objectId41}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 diff --git a/01-TestCase/tsg_adc/multi_step/b_Deny_Dns_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Deny_Dns_Tests.robot index 715d3db..87536ab 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Deny_Dns_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Deny_Dns_Tests.robot @@ -85,3 +85,19 @@ SecurityPolicy-Deny-Dns-00004 ${stringlist} run keyword if '${systemType}'=='Windows' Create List fc00::2:22 www.facebook.com ttl = 400 www.ok.ru 192.168.40.110 ... ELSE Create List ttl = 400 www.facebook.com fc00::2:22 ${rescode} SystemCommands ${commandstr} ${stringlist} + +SecurityPolicy-Deny-Dns-00005 + Comment 打开安全策略 + ${policyDict} Create Dictionary policyId=${deny_dns_policyId4} policyName=SecurityPolicy-Deny-Dns-00005-1 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"drop"} isValid=${1} appIdObjects=${DNS_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.facebook.com + ... ELSE set variable nslookup www.facebook.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 超时 + ... ELSE Create List canonical name = www.facebook.com + ${rescode} SystemCommands ${commandstr} ${stringlist} + Comment 关闭安全策略 + ${policyDict} Create Dictionary policyId=${deny_dns_policyId4} policyName=SecurityPolicy-Deny-Dns-00005-2 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"drop"} isValid=${0} appIdObjects=${DNS_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update diff --git a/01-TestCase/tsg_adc/multi_step/b_Deny_Ftp_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Deny_Ftp_Tests.robot index 3439b51..00f835d 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Deny_Ftp_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Deny_Ftp_Tests.robot @@ -37,3 +37,17 @@ SecurityPolicy-Deny-Ftp-00004 Comment 功能端验证 ${FTP} FTP_login ftp://192.168.40.158/aewn.txt -u ftpuser:111111 завезенными should contain ${FTP} ftp_fail + +SecurityPolicy-Deny-Ftp-00005 + Comment 开启阻断策略 + ${policyDict} Create Dictionary policyId=${deny_ftp_policyId4} policyName=SecurityPolicy-Deny-FTP-00005-1 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"rst"} isValid=${1} appIdObjects=${FTP_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + Comment 功能端验证 + ${FTP} FTP_login ftp://192.168.40.158/test.txt -u ftpuser:111111 中文test + should contain ${FTP} ftp_fail + Comment 关闭阻断策略 + ${policyDict} Create Dictionary policyId=${deny_ftp_policyId4} policyName=SecurityPolicy-Deny-FTP-00005-2 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"rst"} isValid=${0} appIdObjects=${FTP_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + diff --git a/01-TestCase/tsg_adc/multi_step/b_Deny_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Deny_Http_Tests.robot index 580df8d..d8b61ae 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Deny_Http_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Deny_Http_Tests.robot @@ -13,19 +13,20 @@ Resource ../../../05-Other/AllFlowCaseVariable.txt SecurityPolicy-Deny-Http-00001 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00001.bat - ... ELSE set variable curl http://www.lkong.net/forum.php + ... ELSE set variable curl -m 10 -kv http://www.lkong.net/forum.php ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ... ELSE Create List Connection was reset ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 改变阻断策略 ${policyDict} Create Dictionary policyId=${deny_http_policyId} source=${deny_http_objectId35}|TSG_SECURITY_SOURCE_LOCATION policyName=SecurityPolicy-Deny-Http-00001-1 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${deny_http_objectId36}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} UpdatePolicies 1 ${policyDict} v2 update + sleep ${policyModifySleepSeconds} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00001.bat - ... ELSE set variable curl http://www.lkong.net/forum.php + ... ELSE set variable curl -m 10 http://www.lkong.net/forum.php ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ... ELSE Create List Connection was reset ${rescode} SystemCommands ${commandstr} ${stringlist} SecurityPolicy-Deny-Http-00002 @@ -90,9 +91,9 @@ SecurityPolicy-Deny-Http-00004 SecurityPolicy-Deny-Http-00005 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00005.bat - ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \http://www.abchina.com/cn/ + ... ELSE set variable curl -m 10 -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \http://www.abchina.com/cn/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ... ELSE Create List Connection was reset ${rescode} SystemCommands ${commandstr} ${stringlist} SecurityPolicy-Deny-Http-00006 @@ -136,15 +137,15 @@ SecurityPolicy-Deny-Http-00008 SecurityPolicy-Deny-Http-00009 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00009.bat - ... ELSE set variable curl http://www.skycn.com/soft/bangongruanjian.html + ... ELSE set variable curl -m 10 -kv http://www.skycn.com/soft/bangongruanjian.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out - ... ELSE Create List Connection reset by peer + ... ELSE Create List timed out ${rescode} SystemCommands ${commandstr} ${stringlist} SecurityPolicy-Deny-Http-00010 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00010.bat - ... ELSE set variable curl http://www.avaxsearch.com/tangkas/ + ... ELSE set variable curl -m 10 -kv http://www.avaxsearch.com/tangkas/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out ... ELSE Create List Connection reset by peer ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -154,14 +155,14 @@ SecurityPolicy-Deny-Http-00010 ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00010.bat - ... ELSE set variable curl http://www.avaxsearch.com/tangkas/ + ... ELSE set variable curl -m 10 -kv http://www.avaxsearch.com/tangkas/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out ... ELSE Create List Connection reset by peer ${rescode} SystemCommands ${commandstr} ${stringlist} SecurityPolicy-Deny-Http-00011 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00011.bat - ... ELSE set variable curl http://www.finestquotes.com/quotesbyauthors.php + ... ELSE set variable curl -m 10 -kv http://www.finestquotes.com/quotesbyauthors.php ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out ... ELSE Create List Connection reset by peer ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -173,6 +174,10 @@ SecurityPolicy-Deny-Http-00012 ${stringlist} run keyword if '${systemType}'=='Windows' Create List 马上到周末 ... ELSE Create List 马上到周末 ${rescode} SystemCommands ${commandstr} ${stringlist} + Comment 策略验证之后关闭Deny策略,若开启可以与monitor_http_001验证条件优先级 + ${policyDict} Create Dictionary policyId=${deny_http_policyId11} policyName=SecurityPolicy-Deny-Http-00012 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":404,"message":"马上到周末"} filterList=${deny_http_objectId19}|TSG_FIELD_HTTP_REQ_HDR isValid=${0} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update SecurityPolicy-Deny-Http-00013 Comment 功能端验证HTTP验证 @@ -199,6 +204,10 @@ SecurityPolicy-Deny-Http-00013 ${stringlist} run keyword if '${systemType}'=='Windows' Create List 000 ... ELSE Create List 000 ${rescode} SystemCommands ${commandstr} ${stringlist} + Comment 策略验证之后关闭Deny策略,若开启可以与monitor_http_001验证条件优先级 + ${policyDict} Create Dictionary policyId=${deny_http_policyId12} policyName=SecurityPolicy-Deny-Http-00013 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${deny_http_objectId20}|TSG_FIELD_HTTP_RES_HDR isValid=${0} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update SecurityPolicy-Deny-Http-00014 Comment 防止策略之间相互影响,策略验证时再打开策略 @@ -232,7 +241,7 @@ SecurityPolicy-Deny-Http-00014 SecurityPolicy-Deny-Http-00015 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00015.bat - ... ELSE set variable curl http://www.huatonggs.com/about.html#gsjj + ... ELSE set variable curl -m 10 -kv http://www.huatonggs.com/about.html#gsjj ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out ... ELSE Create List timed out ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -242,7 +251,7 @@ SecurityPolicy-Deny-Http-00015 ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00015.bat - ... ELSE set variable curl http://www.huatonggs.com/about.html#gsjj + ... ELSE set variable curl -m 10 -kv http://www.huatonggs.com/about.html#gsjj ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out ... ELSE Create List timed out ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -254,7 +263,7 @@ SecurityPolicy-Deny-Http-00016 sleep 6 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00016.bat - ... ELSE set variable curl -H "Content-Type:application/json;charset=UTF-8" -X POST -d "{"requestbody":"DenyHttp0016","setcook":"asdf","contenttype": "charsetDeny0016","responsebody": "adzx"}" -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com/go + ... ELSE set variable curl -m 10 -kv -H "Content-Type:application/json;charset=UTF-8" -X POST -d "{"requestbody":"DenyHttp0016","setcook":"asdf","contenttype": "charsetDeny0016","responsebody": "adzx"}" -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com/go ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out ... ELSE Create List 000 ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -270,7 +279,7 @@ SecurityPolicy-Deny-Http-00017 # ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://smspunch.net/send-free-sms.aspx -w %{http_code} # sleep 3 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00017.bat - ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://smspunch.net/send-free-sms.aspx -w %{http_code} + ... ELSE set variable curl -m 10 -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://smspunch.net/send-free-sms.aspx -w %{http_code} ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out ... ELSE Create List timed out ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -283,3 +292,20 @@ SecurityPolicy-Deny-Http-00018 ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset ... ELSE Create List Connection reset by peer ${rescode} SystemCommands ${commandstr} ${stringlist} + +SecurityPolicy-Deny-Http-00019 + Comment 开启阻断策略 + ${policyDict} Create Dictionary policyId=${deny_http_policyId18} policyName=SecurityPolicy-Deny-Http-00019-1 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} isValid=${1} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + sleep ${policyModifySleepSeconds} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00018.bat + ... ELSE set variable curl http://www.hebbank.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${rescode} SystemCommands ${commandstr} ${stringlist} + Comment 失效阻断策略 + ${policyDict} Create Dictionary policyId=${deny_http_policyId18} policyName=SecurityPolicy-Deny-Http-00019-2 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} isValid=${0} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update \ No newline at end of file diff --git a/01-TestCase/tsg_adc/multi_step/b_Deny_Mail_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Deny_Mail_Tests.robot index 06934f4..d8bdd1e 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Deny_Mail_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Deny_Mail_Tests.robot @@ -29,7 +29,7 @@ SecurityPolicy-Deny-Mail-00001 Log ${发送邮件返回结果} should contain ${发送邮件返回结果} mail_fail Comment 改变监控策略 - ${policyDict} Create Dictionary policyId=${deny_mail_policyId} source=${deny_mail_objectId32}|TSG_SECURITY_SOURCE_LOCATION policyName=SecurityPolicy-Deny-Mail-00001-1dxytest policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${deny_mail_objectId33}|TSG_FIELD_MAIL_CONTENT isValid=${1} appIdObjects=${MAIL_ID} + ${policyDict} Create Dictionary policyId=${deny_mail_policyId} source=${deny_mail_objectId32}|TSG_SECURITY_SOURCE_LOCATION policyName=SecurityPolicy-Deny-Mail-00001-1 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${deny_mail_objectId33}|TSG_FIELD_MAIL_CONTENT isValid=${1} appIdObjects=${MAIL_ID} log ${policyDict} ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证 @@ -323,3 +323,32 @@ SecurityPolicy-Deny-Mail-00015 ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} should contain ${发送邮件返回结果} mail_fail + +SecurityPolicy-Deny-Mail-00016 + Comment 开启阻断策略 + ${policyDict} Create Dictionary policyId=${deny_mail_policyId15} policyName=SecurityPolicy-Deny-Mail-00016 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"rst"} isValid=${0} appIdObjects=${MAIL_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + sleep ${policyModifySleepSeconds} + Comment 功能端验证 + ${Smtp服务器} Set Variable Smtp.163.com + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable ${mailAccount} + ${邮箱密码} Set Variable ${mailPasswd} + ${邮件主题} Set Variable 人生路远及时行乐 + ${发送者} Set Variable ${mailAccount} + ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"] + ${接收者} Set Variable ["${mailAccountGeedge}"] + ${抄送者} Set Variable ["${mailAccountGeedge}"] + ${密送者} Set Variable ["${mailAccountGeedge}"] + ${邮件正文} Set Variable good + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Comment 关闭阻断策略 + ${policyDict} Create Dictionary policyId=${deny_mail_policyId15} policyName=SecurityPolicy-Deny-Mail-00016 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"rst"} isValid=${0} appIdObjects=${MAIL_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + sleep ${policyModifySleepSeconds} + + diff --git a/01-TestCase/tsg_adc/multi_step/b_Deny_Ssl_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Deny_Ssl_Tests.robot index c9fc9d3..e8027d6 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Deny_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Deny_Ssl_Tests.robot @@ -96,3 +96,6 @@ SecurityPolicy-Deny-Ssl-00005 ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out ... ELSE Create List timed out ${rescode} SystemCommands ${commandstr} ${stringlist} + +SecurityPolicy-Deny-Ssl-00006 + Comment diff --git a/01-TestCase/tsg_adc/multi_step/b_Deny_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Deny_Tests.robot index 3abc7c8..64e5803 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Deny_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Deny_Tests.robot @@ -291,8 +291,6 @@ Proxy-Policy-deny-00018 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00017.bat ... ELSE set variable curl -kv --cookie "test%20cookie=null; timezoneoffset=-480; ASP.NET_SessionId=sta2b3gxpxzqei3by1ka3qsa; visid_incap_1010467=Iu/pLzeoTnGn2VDjWdP9GpoBGF8AAAAAQUIPAAAAAADzSLZtZ1tZ/Rbjfct3Nq69" --referer 'https://www.baidu.com/' \ https://www.umusicpub.com/au/ - ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_Deny_00017.bat - ... ELSE set variable curl -kv --cookie "test%20cookie=null; timezoneoffset=-480; ASP.NET_SessionId=sta2b3gxpxzqei3by1ka3qsa; visid_incap_1010467=Iu/pLzeoTnGn2VDjWdP9GpoBGF8AAAAAQUIPAAAAAADzSLZtZ1tZ/Rbjfct3Nq69" --referer 'https://www.baidu.com/' \ https://www.umusicpub.com/au/ - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset Tango Secure Gateway CA - ... ELSE Create List Connection reset by peer Tango Secure Gateway CA + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} diff --git a/01-TestCase/tsg_adc/multi_step/b_Hijack_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Hijack_Tests.robot index 3a375a6..06bda0a 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Hijack_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Hijack_Tests.robot @@ -157,15 +157,22 @@ Proxy-Policy-hijack-00010 ${rescode} SystemCommands ${commandstr} ${stringlist} Proxy-Policy-hijack-00011 + Comment 做策略验证时再开启拦截策略,因为与SecurityPolicy-Monitor-Http-00017可组合验证条件优先级 + ${policyDict} Create Dictionary policyId=${intercept_hijack_policyId10} policyName=SecurityPolicy-Intercept-hijack-011 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${hijack_objectId25}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + sleep ${policyModifySleepSeconds} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_hijack_00011.bat ... ELSE set variable curl http://www.airwargame.com/eng/start/ - ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_hijack_00011.bat - ... ELSE set variable curl http://www.airwargame.com/eng/start/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac ... ELSE Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac ${rescode} SystemCommands ${commandstr} ${stringlist} - + Comment 昨晚策略验证关闭 + ${policyDict} Create Dictionary policyId=${intercept_hijack_policyId10} policyName=SecurityPolicy-Intercept-hijack-011 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${hijack_objectId25}|TSG_FIELD_HTTP_HOST isValid=${0} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + Proxy-Policy-hijack-00012 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_hijack_00012.bat diff --git a/01-TestCase/tsg_adc/multi_step/b_Monitor_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Monitor_Http_Tests.robot index 9351586..a289c7f 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Monitor_Http_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Monitor_Http_Tests.robot @@ -206,7 +206,7 @@ SecurityPolicy-Monitor-Http-00015 ${stringlist} run keyword if '${systemType}'=='Windows' Create List 国际金价走势图 ... ELSE Create List 国际金价走势图 ${rescode} SystemCommands ${commandstr} ${stringlist} - sleep 6 + sleep ${policyModifySleepSeconds} Comment 改变监控策略 ${policyDict} Create Dictionary policyId=${monitor_http_policyId14} policyName=SecurityPolicy-Monitor-Http-00015-1 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"HTTP"} filterList=${monitor_http_objectId39}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} diff --git a/01-TestCase/tsg_adc/multi_step/b_Redirect_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Redirect_Tests.robot index 078c02e..afabf7d 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Redirect_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Redirect_Tests.robot @@ -141,13 +141,21 @@ Proxy-Policy-redirect-00009 ${rescode} SystemCommands ${commandstr} ${stringlist} Proxy-Policy-redirect-00010 + Comment 策略验证时再打开策略 + ${policyDict} Create Dictionary policyId=${intercept_redirect_policyId9} policyName=SecurityPolicy-Intercept-redirect policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${redirect_objectId22}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_redirect_00010.bat ... ELSE set variable curl -kv http://www.chinahr.com/home/bj/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.iceo.com.cn/renwu2013/ ... ELSE Create List http://www.iceo.com.cn/renwu2013/ ${rescode} SystemCommands ${commandstr} ${stringlist} - + Comment 做完策略验证关闭策略,与SecurityPolicy-Monitor-Http-00005相互影响 + ${policyDict} Create Dictionary policyId=${intercept_redirect_policyId9} policyName=SecurityPolicy-Intercept-redirect policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${redirect_objectId22}|TSG_FIELD_HTTP_HOST isValid=${0} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + Proxy-Policy-redirect-00011 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_redirect_00011.bat @@ -239,7 +247,7 @@ Proxy-Policy-redirect-00015 Proxy-Policy-redirect-00016 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_redirect_00016.bat - ... ELSE set variable curl -kv --cookie "lQfQ_2132_saltkey=t8WY1oPe; lQfQ_2132_lastvisit=1595381790; lQfQ_2132_sid=vqXOg6; lQfQ_2132_lastact=1595385400%09forum.php%09image" --referer 'https://www.baidu.com/' \ https://www.equifax.com/personal/ + ... ELSE set variable curl -kv --cookie "COOKIE_SUPPORT=true; GUEST_LANGUAGE_ID=en_US; check=true; optimizelyEndUserId=oeu1614475207300r0.5456467694720912; AMCVS_0D2431DD533AE3ED0A490D44%40AdobeOrg=1; s_ecid=MCMID%7C60761335805840825830014857054941623749; AMCV_0D2431DD533AE3ED0A490D44%40AdobeOrg=1585540135%7CMCIDTS%7C18687%7CMCMID%7C60761335805840825830014857054941623749%7CMCAAMLH-1615080007%7C11%7CMCAAMB-1615080007%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1614482408s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0; _gcl_au=1.1.1338628350.1614475209; _cs_c=1; mboxEdgeCluster=38; bounceClientVisit4326v=N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0ApgI4CuAlgGYCGAHmQMYD2AtkRBQCcUnAHZMwREABoQAmCBABfIA; s_dfa=equifaxgcsusprod%2Cequifaxgcsglobalprod; _cs_mk=0.6956552086218912_1614475214635; s2_visit=1; s2_dslv_s=first%20visit; s2_gpv_as=no%20value; s2_gpv_pn=us%20%7C%20gcs%20%7C%20home; s2_gpv_pt=home; s_vnum=1614528000644%26vn%3D1; s_invisit=true; s2_ttce=1614475214645; s2_ptc=%5B%5BB%5D%5D; s_cc=true; aam_uuid=60782751376829515990016981052062115069; QSI_HistorySession=https%3A%2F%2Fwww.equifax.com%2Fpersonal%2F~1614475214944; ats-cid-AM-141627-sid=42959954; s_vi=[CS]v1|301D77E8A8742FEB-400013573E0D5817[CE]; mbox=session#be301dd442d743f0a9801609db54a320#1614477138|PC#be301dd442d743f0a9801609db54a320.38_0#1677720010; _cs_id=dec49cf1-0907-a158-aaf5-5b82707dd758.1614475208.1.1614475278.1614475208.1.1648639208984.Lax.0; _cs_s=2.0; LFR_SESSION_STATE_20105=1614475279282; _uetsid=1cc2e370796311ebabaf9b1249a9cba5; _uetvid=1cc2ecd0796311eb890f8f8f18f8e982; s2_getNewRepeat=1614475281456-Repeat; s2_dslv=1614475281456; JSESSIONID=DF505B4E7193A5871D79196DF19CD8C8; TS013d4770=0131c2fe50536b48a838ba47248a57b5c14a6e36de393cb14df413b1272d8566ff9d9af3b07411d579abea5a03f5fd4dda2e9117d9d1e9cb5676bace395d6fcede1c0a8f8061ef2b222db7cb7472622d48944b693c3cdc0b7603d5a91e9930c55752d58c11" --referer 'https://www.baidu.com/' \ https://www.equifax.com/personal/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.iceo.com.cn/renwu2013/ Tango Secure Gateway CA ... ELSE Create List http://www.iceo.com.cn/renwu2013/ Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} diff --git a/01-TestCase/tsg_adc/multi_step/b_Replace_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Replace_Tests.robot index 1e09370..d9eae18 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Replace_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Replace_Tests.robot @@ -36,20 +36,20 @@ Proxy-Policy-replace-00001 Proxy-Policy-replace-00002 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_replace_00002.bat - ... ELSE set variable curl -kv https://www.splishsplash.com/ - ${stringlist} run keyword if '${systemType}'=='Windows' Create List facebook Tango Secure Gateway CA - ... ELSE Create List facebook Tango Secure Gateway CA + ... ELSE set variable curl -kv https://airastana.com/kaz/kk-kz/Josparlau/Kop-baghytty-ushu + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 改变Replace策略 - ${policyDict} Create Dictionary policyId=${replace_policyId1} policyName=Proxy-Policy-replace-00002-1 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"replace","rules":[{"search_in":"http_req_uri","find":"splishsplash","replace_with":"halashaotestreplace0002"}],"protocol":"HTTP"} filterList=109|TSG_FIELD_HTTP_HOST,${replace_objectId44}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} + ${policyDict} Create Dictionary policyId=${replace_policyId1} policyName=Proxy-Policy-replace-00002-1 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"replace","rules":[{"search_in":"http_req_uri","find":"Kop-baghytty-ushu","replace_with":"Arnaiy-usynystar"}],"protocol":"HTTP"} filterList=109|TSG_FIELD_HTTP_HOST,${replace_objectId44}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} UpdatePolicies 1 ${policyDict} v2 update - sleep 5 + sleep ${policyModifySleepSeconds} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_replace_00002.bat - ... ELSE set variable curl -kv https://www.splishsplash.com/ - ${stringlist} run keyword if '${systemType}'=='Windows' Create List halashaotestreplace0002 Tango Secure Gateway CA - ... ELSE Create List halashaotestreplace0002 Tango Secure Gateway CA + ... ELSE set variable curl -kv https://airastana.com/kaz/kk-kz/Josparlau/Kop-baghytty-ushu + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Proxy-Policy-replace-00003 diff --git a/01-TestCase/tsg_adc/multi_step/c_Allow_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Allow_Http_Tests.robot index b3a6b5a..7fa2528 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Allow_Http_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Allow_Http_Tests.robot @@ -40,4 +40,9 @@ SecurityPolicy-Allow-Http-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.xiang5.com +SecurityPolicy-Allow-Http-00003 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${allow_http_policyId2}]} + ${s} Convert to String ${allow_http_policyId2} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host scoutbahamas + diff --git a/01-TestCase/tsg_adc/multi_step/c_Allow_Ssl_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Allow_Ssl_Tests.robot index a2a9ba5..8599112 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Allow_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Allow_Ssl_Tests.robot @@ -32,3 +32,8 @@ SecurityPolicy-Allow-Ssl-00002 ${s} Convert to String ${allow_ssl_policyId1} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni protonmail.com GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni xinyue.qq.com + +SecurityPolicy-Allow-Ssl-00003 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${allow_ssl_policyId2}]} + ${s} Convert to String ${allow_ssl_policyId2} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni protonmail.com diff --git a/01-TestCase/tsg_adc/multi_step/c_Deny_Dns_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Deny_Dns_Tests.robot index 9876165..bdfacb5 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Deny_Dns_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Deny_Dns_Tests.robot @@ -51,3 +51,9 @@ SecurityPolicy-Deny-Dns-00004 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_dns_policyId3}]} ${s} Convert to String ${deny_dns_policyId3} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.twitch.tv + +SecurityPolicy-Deny-Dns-00005 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_dns_policyId4}]} + ${s} Convert to String ${deny_dns_policyId4} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname facebook.com + diff --git a/01-TestCase/tsg_adc/multi_step/c_Deny_Ftp_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Deny_Ftp_Tests.robot index a09cc2b..9c48aa4 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Deny_Ftp_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Deny_Ftp_Tests.robot @@ -57,3 +57,10 @@ SecurityPolicy-Deny-ftp-00004 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_ftp_policyId3}]} ${s} Convert to String ${deny_ftp_policyId3} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftpuser + +SecurityPolicy-Deny-Ftp-00005 + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_ftp_policyId4}]} + ${s} Convert to String ${deny_ftp_policyId4} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftpuser + diff --git a/01-TestCase/tsg_adc/multi_step/c_Deny_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Deny_Http_Tests.robot index 2a66e43..39ac82b 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Deny_Http_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Deny_Http_Tests.robot @@ -194,3 +194,9 @@ SecurityPolicy-Deny-Http-00018 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId17}]} ${s} Convert to String ${deny_http_policyId17} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.hebbank.com + +SecurityPolicy-Deny-Http-00019 + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId18}]} + ${s} Convert to String ${deny_http_policyId18} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.hebbank.com diff --git a/01-TestCase/tsg_adc/multi_step/c_Deny_Mail_Test.robot b/01-TestCase/tsg_adc/multi_step/c_Deny_Mail_Test.robot index 210fe04..34cb891 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Deny_Mail_Test.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Deny_Mail_Test.robot @@ -156,3 +156,9 @@ SecurityPolicy-Deny-Mail-00015 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_mail_policyId14}]} ${s} Convert to String ${deny_mail_policyId14} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account ${mailAccount} + +SecurityPolicy-Deny-Mail-00016 + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_mail_policyId15}]} + ${s} Convert to String ${deny_mail_policyId15} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account ${mailAccount} diff --git a/01-TestCase/tsg_adc/multi_step/c_Deny_Ssl_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Deny_Ssl_Tests.robot index c358820..330417a 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Deny_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Deny_Ssl_Tests.robot @@ -58,4 +58,7 @@ SecurityPolicy-Deny-Ssl-00005 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_ssl_policyId4}]} ${s} Convert to String ${deny_ssl_policyId4} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.leisu.com \ No newline at end of file + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.leisu.com + +SecurityPolicy-Deny-Ssl-00006 + \ No newline at end of file diff --git a/01-TestCase/tsg_adc/multi_step/c_Replace_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Replace_Tests.robot index d52d77b..42bd019 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Replace_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Replace_Tests.robot @@ -37,7 +37,7 @@ Proxy-Policy-replace-00002 ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${replace_policyId1}]} ${policyIds} Create List ${policyId1} ${policyId2} ${s} Convert to String ${replace_policyId1} - GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.splishsplash.com + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host airastana.com Proxy-Policy-replace-00003 #删除对象 diff --git a/05-Other/curl/command/ProxyPolicy_redirect_00016.bat b/05-Other/curl/command/ProxyPolicy_redirect_00016.bat index aea2ba3..6ccd144 100644 --- a/05-Other/curl/command/ProxyPolicy_redirect_00016.bat +++ b/05-Other/curl/command/ProxyPolicy_redirect_00016.bat @@ -1 +1 @@ -curl -kv --cookie "lQfQ_2132_saltkey=t8WY1oPe; lQfQ_2132_lastvisit=1595381790; lQfQ_2132_sid=vqXOg6; lQfQ_2132_lastact=1595385400%09forum.php%09image" --referer 'https://www.baidu.com/' \ https://www.equifax.com/personal/ | iconv -f utf-8 -t gbk \ No newline at end of file +curl -kv --cookie "COOKIE_SUPPORT=true; GUEST_LANGUAGE_ID=en_US; check=true; optimizelyEndUserId=oeu1614475207300r0.5456467694720912; AMCVS_0D2431DD533AE3ED0A490D44%40AdobeOrg=1; s_ecid=MCMID%7C60761335805840825830014857054941623749; AMCV_0D2431DD533AE3ED0A490D44%40AdobeOrg=1585540135%7CMCIDTS%7C18687%7CMCMID%7C60761335805840825830014857054941623749%7CMCAAMLH-1615080007%7C11%7CMCAAMB-1615080007%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1614482408s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0; _gcl_au=1.1.1338628350.1614475209; _cs_c=1; mboxEdgeCluster=38; bounceClientVisit4326v=N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0ApgI4CuAlgGYCGAHmQMYD2AtkRBQCcUnAHZMwREABoQAmCBABfIA; s_dfa=equifaxgcsusprod%2Cequifaxgcsglobalprod; _cs_mk=0.6956552086218912_1614475214635; s2_visit=1; s2_dslv_s=first%20visit; s2_gpv_as=no%20value; s2_gpv_pn=us%20%7C%20gcs%20%7C%20home; s2_gpv_pt=home; s_vnum=1614528000644%26vn%3D1; s_invisit=true; s2_ttce=1614475214645; s2_ptc=%5B%5BB%5D%5D; s_cc=true; aam_uuid=60782751376829515990016981052062115069; QSI_HistorySession=https%3A%2F%2Fwww.equifax.com%2Fpersonal%2F~1614475214944; ats-cid-AM-141627-sid=42959954; s_vi=[CS]v1|301D77E8A8742FEB-400013573E0D5817[CE]; mbox=session#be301dd442d743f0a9801609db54a320#1614477138|PC#be301dd442d743f0a9801609db54a320.38_0#1677720010; _cs_id=dec49cf1-0907-a158-aaf5-5b82707dd758.1614475208.1.1614475278.1614475208.1.1648639208984.Lax.0; _cs_s=2.0; LFR_SESSION_STATE_20105=1614475279282; _uetsid=1cc2e370796311ebabaf9b1249a9cba5; _uetvid=1cc2ecd0796311eb890f8f8f18f8e982; s2_getNewRepeat=1614475281456-Repeat; s2_dslv=1614475281456; JSESSIONID=DF505B4E7193A5871D79196DF19CD8C8; TS013d4770=0131c2fe50536b48a838ba47248a57b5c14a6e36de393cb14df413b1272d8566ff9d9af3b07411d579abea5a03f5fd4dda2e9117d9d1e9cb5676bace395d6fcede1c0a8f8061ef2b222db7cb7472622d48944b693c3cdc0b7603d5a91e9930c55752d58c11" --referer 'https://www.baidu.com/' \ https://www.equifax.com/personal/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/ProxyPolicy_replace_00002.bat b/05-Other/curl/command/ProxyPolicy_replace_00002.bat index 9ccd355..84007cd 100644 --- a/05-Other/curl/command/ProxyPolicy_replace_00002.bat +++ b/05-Other/curl/command/ProxyPolicy_replace_00002.bat @@ -1 +1 @@ -curl -kv https://www.splishsplash.com/ | iconv -f utf-8 -t gbk \ No newline at end of file +curl -kv https://airastana.com/kaz/kk-kz/Josparlau/Kop-baghytty-ushu | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Monitor_HTTP_00005.bat b/05-Other/curl/command/SecurityPolicy_Monitor_HTTP_00005.bat index f149078..dfb06a4 100644 --- a/05-Other/curl/command/SecurityPolicy_Monitor_HTTP_00005.bat +++ b/05-Other/curl/command/SecurityPolicy_Monitor_HTTP_00005.bat @@ -1 +1 @@ -curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ curl http://www.chinahr.com/home/bj/ | iconv -f utf-8 -t gbk \ No newline at end of file +curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://www.chinahr.com/home/bj/ | iconv -f utf-8 -t gbk \ No newline at end of file