diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_DNS_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_DNS_Tests.robot index d1d1f23..9c155a3 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_DNS_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_DNS_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Library Custometest +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -16,8 +17,8 @@ ${objectids} ${EMPTY} SecurityPolicy-Allow-DNS-00001 [Tags] selfserver monitor dns Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "DNS"} isValid=${1} appObjectIdArray=4 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-DNS-00001 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol": "DNS"} isValid=${1} appIdObjects=4 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Ftp_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Ftp_Tests.robot index f275600..cae8a84 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Ftp_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Ftp_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Library Custometest +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -15,9 +16,9 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Allow-Ftp-00001 [Tags] selfserver monitor ftp - Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"FTP"} isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-FTP-00001 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol":"FTP"} isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot index b37cb03..98ad5a6 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -15,13 +16,15 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Allow-Http-00001 [Tags] Selfserver Allow Http Ip - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00001 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol": "HTTP"} filterList= isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -40,17 +43,19 @@ SecurityPolicy-Allow-Http-00001 SecurityPolicy-Allow-Http-00002 [Tags] Selfserver Allow Http Ip+Cat右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00002 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol": "HTTP"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -69,17 +74,19 @@ SecurityPolicy-Allow-Http-00002 SecurityPolicy-Allow-Http-00003 [Tags] Selfserver Allow Http Ip+Fqdn完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol": "HTTP"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -98,17 +105,19 @@ SecurityPolicy-Allow-Http-00003 SecurityPolicy-Allow-Http-00004 [Tags] Selfserver Allow Http Ip+Fqdn完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol": "HTTP"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Mail_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Mail_Tests.robot index c4535c7..61cbcb7 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Mail_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Mail_Tests.robot @@ -9,6 +9,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt Library Custometest Resource ../../../../02-Keyword/tsg_common/StmpHandle.robot +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -17,8 +18,8 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Allow-Mail-00001 Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol":"MAIL"} isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-Mail-00001 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol":"MAIL"} isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot index b2418c8..11db429 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -15,13 +16,15 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Allow-SSL-00001 [Tags] Selfserver Allow Ssl Ip - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00001 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol": "SSL"} filterList= isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -40,17 +43,19 @@ SecurityPolicy-Allow-SSL-00001 SecurityPolicy-Allow-SSL-00002 [Tags] Selfserver Allow Ssl Ip+Cat完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol": "SSL"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -69,17 +74,19 @@ SecurityPolicy-Allow-SSL-00002 SecurityPolicy-Allow-SSL-00003 [Tags] Selfserver Allow Ssl Ip+Fqdn右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol": "SSL"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot index fb15e5c..932584e 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -20,8 +21,8 @@ SecurityPolicy-Deny-DNS-00001 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "DNS","method":"drop"} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "DNS","method":"drop"} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -45,8 +46,8 @@ SecurityPolicy-Deny-DNS-00002 ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_cat_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.vip.com","ttl":{"min":300,"max":300}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_cat_Id}|TSG_FIELD_DNS_QNAME - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.vip.com","ttl":{"min":300,"max":300}}]}]} isValid=${1} appIdObjects=4 filterList=${object_cat_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -65,17 +66,19 @@ SecurityPolicy-Deny-DNS-00002 SecurityPolicy-Deny-DNS-00003 [Tags] dns deny selfserver 多Ip+fqdn网站匹配 - Comment 创建第二个源IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.18|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.50.18-192.168.50.18 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.douban.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"CNAME","value":"www.taobao.com","ttl":{"min":350,"max":350}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME,${objectId}|TSG_SECURITY_SOURCE_ADDR - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00003 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"CNAME","value":"www.taobao.com","ttl":{"min":350,"max":350}}]}]} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME source=${objectId}|TSG_SECURITY_SOURCE_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -99,8 +102,8 @@ SecurityPolicy-Deny-DNS-00004 ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_cat_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":400,"max":400}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_cat_Id}|TSG_FIELD_DNS_QNAME - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00004 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":400,"max":400}}]}]} isValid=${1} appIdObjects=4 filterList=${object_cat_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -124,8 +127,8 @@ SecurityPolicy-Deny-DNS-00005 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00005 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}}]}]} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -153,8 +156,8 @@ SecurityPolicy-Deny-DNS-00006 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00006 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}}]}]} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -171,8 +174,8 @@ SecurityPolicy-Deny-DNS-00006 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.mgtv.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":400,"max":400}}]}]} referenceObject=${object_cat_Id}|TSG_FIELD_DNS_QNAME isValid=${1} appObjectIdArray=4 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00006 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":400,"max":400}}]}]} filterList=${object_cat_Id}|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=4 policyId=${policyId} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.suning.com ... ELSE set variable nslookup -debug -query=A \ www.suning.com @@ -193,8 +196,8 @@ SecurityPolicy-Deny-DNS-00007 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.zhihu.com","ttl":{"min":300,"max":300}}],"qtype":"AAAA"}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00007 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.zhihu.com","ttl":{"min":300,"max":300}}],"qtype":"AAAA"}]} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -218,8 +221,8 @@ SecurityPolicy-Deny-DNS-00008 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":500,"max":500}},{"atype":"CNAME","value":"www.bilibili.com","ttl":{"min":500,"max":500}}],"qtype":"A"}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00008 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":500,"max":500}},{"atype":"CNAME","value":"www.bilibili.com","ttl":{"min":500,"max":500}}],"qtype":"A"}]} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -238,13 +241,13 @@ SecurityPolicy-Deny-DNS-00008 SecurityPolicy-Deny-DNS-00009 [Tags] selfserver dns deny ip+fqdn完整匹配 - Comment 创建fqdn + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.douyu.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}},{"atype":"CNAME","value":"www.booking.com","ttl":{"min":500,"max":500}}],"qtype":"AAAA"},{"qtype":"A","answer":[{"atype":"CNAME","value":"www.tuniu.com","ttl":{"min":500,"max":500}},{"atype":"A","value":"192.168.50.18","ttl":{"min":500,"max":500}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00009 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}},{"atype":"CNAME","value":"www.booking.com","ttl":{"min":500,"max":500}}],"qtype":"AAAA"},{"qtype":"A","answer":[{"atype":"CNAME","value":"www.tuniu.com","ttl":{"min":500,"max":500}},{"atype":"A","value":"192.168.50.18","ttl":{"min":500,"max":500}}]}]} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot index e5c24f3..1db25d5 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Library Custometest +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -20,8 +21,8 @@ SecurityPolicy-Deny-Ftp-00001 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -42,8 +43,8 @@ SecurityPolicy-Deny-Ftp-00002 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -64,8 +65,8 @@ SecurityPolicy-Deny-Ftp-00003 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00003 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -86,8 +87,8 @@ SecurityPolicy-Deny-Ftp-00004 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00004 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -108,8 +109,8 @@ SecurityPolicy-Deny-Ftp-00005 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_url_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00005 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -130,8 +131,8 @@ SecurityPolicy-Deny-Ftp-00006 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_url_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00006 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -152,8 +153,8 @@ SecurityPolicy-Deny-Ftp-00007 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_url_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00007 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -174,8 +175,8 @@ SecurityPolicy-Deny-Ftp-00008 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_url_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00008 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -196,8 +197,8 @@ SecurityPolicy-Deny-Ftp-00009 ${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_content_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00009 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -218,8 +219,8 @@ SecurityPolicy-Deny-Ftp-00010 ${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_content_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00010 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00010 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -240,8 +241,8 @@ SecurityPolicy-Deny-Ftp-00011 ${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_content_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00011 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -262,8 +263,8 @@ SecurityPolicy-Deny-Ftp-00012 ${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_content_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00012 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00012 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -279,10 +280,12 @@ SecurityPolicy-Deny-Ftp-00012 SecurityPolicy-Deny-Ftp-00013 [Tags] selfserver deny ftp 多ip+修改 - Comment 创建第二个源IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.10|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.50.10-192.168.50.10 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} @@ -292,8 +295,8 @@ SecurityPolicy-Deny-Ftp-00013 ${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_content_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT,${objectId}|TSG_SECURITY_SOURCE_ADDR isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00013 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_content_Id}|TSG_FIELD_FTP_CONTENT isValid=${1} appIdObjects=6 source=${objectId}|TSG_SECURITY_SOURCE_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -307,8 +310,8 @@ SecurityPolicy-Deny-Ftp-00013 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_SOURCE_ADDR,${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00013 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appIdObjects=6 policyId=${policyId} source=${objectId}|TSG_SECURITY_SOURCE_ADDR + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s @@ -329,8 +332,8 @@ SecurityPolicy-Deny-Ftp-00014 ${rescode} ${object_content_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_content_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_content_Id}|TSG_FIELD_FTP_CONTENT,${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00014 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} filterList=${object_content_Id}|TSG_FIELD_FTP_CONTENT,${object_url_Id}|TSG_FIELD_FTP_URI isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot index cc0217d..7b4d503 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -16,14 +17,16 @@ ${profiledId} ${EMPTY} *** Test Cases *** SecurityPolicy-Deny-Http-00001 - [Tags] deny http p selfserver - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + [Tags] deny http selfserver + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appIdObjects=2 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -42,17 +45,19 @@ SecurityPolicy-Deny-Http-00001 SecurityPolicy-Deny-Http-00002 [Tags] selfserver deny http ip+fqdn右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -71,17 +76,19 @@ SecurityPolicy-Deny-Http-00002 SecurityPolicy-Deny-Http-00003 [Tags] selfserver deny http ip+cat完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00003 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"rst"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -100,17 +107,19 @@ SecurityPolicy-Deny-Http-00003 SecurityPolicy-Deny-Http-00004 [Tags] selfserver deny http ip+url字串匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node.com ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00004 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"rst"} filterList=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -129,17 +138,19 @@ SecurityPolicy-Deny-Http-00004 SecurityPolicy-Deny-Http-00005 [Tags] selfserver deny http ip+url右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*youtube.html ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00005 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -158,17 +169,19 @@ SecurityPolicy-Deny-Http-00005 SecurityPolicy-Deny-Http-00006 [Tags] selfserver deny http ip+url完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"block","code":403,"message":"123123"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00006 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":403,"message":"123123"} filterList=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -187,17 +200,19 @@ SecurityPolicy-Deny-Http-00006 SecurityPolicy-Deny-Http-00007 [Tags] selfserver deny http ip+url左匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open* ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00007 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -216,17 +231,19 @@ SecurityPolicy-Deny-Http-00007 SecurityPolicy-Deny-Http-00008 [Tags] selfserver deny ip+请求头字串匹配 http - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00008 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"rst"} filterList=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -245,17 +262,19 @@ SecurityPolicy-Deny-Http-00008 SecurityPolicy-Deny-Http-00009 [Tags] selfserver deny http ip+请求头右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00009 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -274,17 +293,19 @@ SecurityPolicy-Deny-Http-00009 SecurityPolicy-Deny-Http-00010 [Tags] selfserver deny http ip+请求头完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00010 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"block","code":404,"message":"123123"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00010 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":404,"message":"123123"} filterList=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -303,17 +324,19 @@ SecurityPolicy-Deny-Http-00010 SecurityPolicy-Deny-Http-00011 [Tags] selfserver deny http ip+请求头左匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00011 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -332,17 +355,19 @@ SecurityPolicy-Deny-Http-00011 SecurityPolicy-Deny-Http-00012 [Tags] selfserver http ip+cookie子串匹配 deny - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie ${rescode} ${object_CK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00012 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00012 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -361,17 +386,19 @@ SecurityPolicy-Deny-Http-00012 SecurityPolicy-Deny-Http-00013 [Tags] selfserver deny http ip+应答头字串匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=utf-8|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00013 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"rst"} filterList=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -390,17 +417,19 @@ SecurityPolicy-Deny-Http-00013 SecurityPolicy-Deny-Http-00014 [Tags] selfserver deny http ip+应答头右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00014 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -419,17 +448,19 @@ SecurityPolicy-Deny-Http-00014 SecurityPolicy-Deny-Http-00015 [Tags] selfserver deny http ip+应答头完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00015 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00015 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -448,17 +479,19 @@ SecurityPolicy-Deny-Http-00015 SecurityPolicy-Deny-Http-00016 [Tags] selfserver deny http ip+应答头左匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00016 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00016 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -477,17 +510,19 @@ SecurityPolicy-Deny-Http-00016 SecurityPolicy-Deny-Http-00017 [Tags] selfserver deny http ip+set-cookie字串匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=4567|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00017 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00017 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"rst"} filterList=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -506,17 +541,19 @@ SecurityPolicy-Deny-Http-00017 SecurityPolicy-Deny-Http-00018 [Tags] selfserver deny http ip+set-cookie右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*5678|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00018 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00018 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -535,17 +572,19 @@ SecurityPolicy-Deny-Http-00018 SecurityPolicy-Deny-Http-00019 [Tags] selfserver deny ip+set-cookie完整匹配 http - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00019 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00019 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -564,17 +603,19 @@ SecurityPolicy-Deny-Http-00019 SecurityPolicy-Deny-Http-00020 [Tags] selfserver deny ip+set-cookie左匹配 http - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=1234*|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00020 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00020 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -593,17 +634,19 @@ SecurityPolicy-Deny-Http-00020 SecurityPolicy-Deny-Http-00021 [Tags] selfserver deny ip+请求体 http - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00021 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00021 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -622,17 +665,19 @@ SecurityPolicy-Deny-Http-00021 SecurityPolicy-Deny-Http-00022 [Tags] selfserver deny http ip+应答体 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00022 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00022 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -651,10 +696,12 @@ SecurityPolicy-Deny-Http-00022 SecurityPolicy-Deny-Http-00023 [Tags] selfserver deny http 最大组合 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} @@ -676,8 +723,8 @@ SecurityPolicy-Deny-Http-00023 ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00023 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"drop"} referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00023 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -704,8 +751,8 @@ SecurityPolicy-Deny-Http-00024 ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00024 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"block","code":403,"html_profile":${profiledId}} referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00024 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":403,"html_profile":${profiledId}} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -724,17 +771,19 @@ SecurityPolicy-Deny-Http-00024 SecurityPolicy-Deny-Http-00025 [Tags] selfserver deny http ip+host alert - Comment 创建第二个源IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.10|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00025 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"No Content"} referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${objectId}|TSG_SECURITY_SOURCE_ADDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00025 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"No Content"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -753,10 +802,12 @@ SecurityPolicy-Deny-Http-00025 SecurityPolicy-Deny-Http-00026 [Tags] selfserver deny http ip+host alert - Comment 创建第二个源IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.10|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} @@ -765,8 +816,8 @@ SecurityPolicy-Deny-Http-00026 ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00026 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${objectId}|TSG_SECURITY_SOURCE_ADDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00026 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -785,10 +836,12 @@ SecurityPolicy-Deny-Http-00026 SecurityPolicy-Deny-Http-00027 [Tags] selfserver deny http 最大组合 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} @@ -810,8 +863,8 @@ SecurityPolicy-Deny-Http-00027 ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00027 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00027 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -830,17 +883,19 @@ SecurityPolicy-Deny-Http-00027 SecurityPolicy-Deny-Http-00028 [Tags] selfserver deny http 多ip+fqdn - Comment 创建第二个源IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.18|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.50.18-192.168.50.18 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00028 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_SOURCE_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00028 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -859,13 +914,15 @@ SecurityPolicy-Deny-Http-00028 SecurityPolicy-Deny-Http-00029 [Tags] selfserver deny 多协议 ip - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00029 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2,3,4,5,6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00029 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appIdObjects=2,3,4,5,6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -893,8 +950,8 @@ SecurityPolicy-Deny-Http-00030 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00030 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00030 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -911,8 +968,8 @@ SecurityPolicy-Deny-Http-00030 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00030 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00030 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2 policyId=${policyId} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html @@ -928,10 +985,12 @@ SecurityPolicy-Deny-Http-00030 SecurityPolicy-Deny-Http-00031 [Tags] selfserver deny alert http ip+url+请求头字串匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=node ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} @@ -944,8 +1003,8 @@ SecurityPolicy-Deny-Http-00031 ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00031 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"block","code":404,"html_profile":${profiledId}} referenceObject=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00031 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":404,"html_profile":${profiledId}} filterList=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -962,8 +1021,8 @@ SecurityPolicy-Deny-Http-00031 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00031 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00031 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} filterList=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 policyId=${policyId} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com @@ -979,10 +1038,12 @@ SecurityPolicy-Deny-Http-00031 SecurityPolicy-Deny-Http-00032 [Tags] selfserver deny alert http ip+url+请求头左匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=node ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} @@ -992,8 +1053,8 @@ SecurityPolicy-Deny-Http-00032 ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00032 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"Главная страница"} referenceObject=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00032 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"Главная страница"} filterList=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -1010,8 +1071,8 @@ SecurityPolicy-Deny-Http-00032 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00032 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"Главная страница"} referenceObject=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00032 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"Главная страница"} filterList=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 policyId=${policyId} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com @@ -1027,10 +1088,12 @@ SecurityPolicy-Deny-Http-00032 SecurityPolicy-Deny-Http-00033 [Tags] selfserver deny alert http ip+url+请求头右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*nationalbank.html ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} @@ -1043,8 +1106,8 @@ SecurityPolicy-Deny-Http-00033 ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00033 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"block","code":403,"html_profile":${profiledId}} referenceObject=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00033 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":403,"html_profile":${profiledId}} filterList=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -1061,8 +1124,8 @@ SecurityPolicy-Deny-Http-00033 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00033 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00033 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} filterList=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 policyId=${policyId} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com @@ -1078,10 +1141,12 @@ SecurityPolicy-Deny-Http-00033 SecurityPolicy-Deny-Http-00034 [Tags] selfserver deny alert http ip+url+请求头完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/xiaozhu/xiaozhu.html ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} @@ -1094,8 +1159,8 @@ SecurityPolicy-Deny-Http-00034 ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00034 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00034 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} filterList=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -1112,8 +1177,8 @@ SecurityPolicy-Deny-Http-00034 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00034 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00034 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} filterList=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 policyId=${policyId} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ curl \ http://open.node.com/ @@ -1129,10 +1194,12 @@ SecurityPolicy-Deny-Http-00034 SecurityPolicy-Deny-Http-00035 [Tags] selfserver deny alert http ip+set-cookie+应答头字串匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=UTF-8|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} @@ -1142,8 +1209,8 @@ SecurityPolicy-Deny-Http-00035 ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00035 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00035 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -1160,8 +1227,8 @@ SecurityPolicy-Deny-Http-00035 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00035 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00035 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 policyId=${policyId} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat ... ELSE set variable curl http://open.node.com/ @@ -1177,10 +1244,12 @@ SecurityPolicy-Deny-Http-00035 SecurityPolicy-Deny-Http-00036 [Tags] selfserver deny alert http ip+set-cookie+应答头左匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} @@ -1190,8 +1259,8 @@ SecurityPolicy-Deny-Http-00036 ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00036 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"rst"} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00036 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"rst"} filterList=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -1208,8 +1277,8 @@ SecurityPolicy-Deny-Http-00036 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00036 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"rst"} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00036 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"rst"} filterList=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 policyId=${policyId} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action @@ -1225,10 +1294,12 @@ SecurityPolicy-Deny-Http-00036 SecurityPolicy-Deny-Http-00037 [Tags] selfserver deny alert http ip+set-cookie+应答头完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} @@ -1238,8 +1309,8 @@ SecurityPolicy-Deny-Http-00037 ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00037 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00037 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -1256,8 +1327,8 @@ SecurityPolicy-Deny-Http-00037 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00037 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00037 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 policyId=${policyId} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action @@ -1273,10 +1344,12 @@ SecurityPolicy-Deny-Http-00037 SecurityPolicy-Deny-Http-00038 [Tags] selfserver deny alert http ip+set-cookie+应答头右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} @@ -1286,8 +1359,8 @@ SecurityPolicy-Deny-Http-00038 ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00038 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"rst"} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00038 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"rst"} filterList=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -1304,8 +1377,8 @@ SecurityPolicy-Deny-Http-00038 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00038 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"rst"} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00038 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"rst"} filterList=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 policyId=${policyId} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action @@ -1321,10 +1394,12 @@ SecurityPolicy-Deny-Http-00038 SecurityPolicy-Deny-Http-00039 [Tags] selfserver deny alert http ip+cookie+请求体+应答体 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} @@ -1338,8 +1413,8 @@ SecurityPolicy-Deny-Http-00039 ${rescode} ${object_yq_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_yq_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00039 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00039 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=2 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -1356,8 +1431,8 @@ SecurityPolicy-Deny-Http-00039 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00039 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_yq_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00039 policyType=tsg_security policyDesc=autotest \ action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_yq_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=2 policyId=${policyId} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat ... ELSE set variable curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html @@ -1373,17 +1448,19 @@ SecurityPolicy-Deny-Http-00039 SecurityPolicy-Deny-Http-00040 [Tags] selfserver ip+请求体and关系 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=ctes&t123 ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00040 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00040 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -1402,17 +1479,19 @@ SecurityPolicy-Deny-Http-00040 SecurityPolicy-Deny-Http-00041 [Tags] selfserver ip+请求体或关系 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test,qazx ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00041 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00041 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -1431,17 +1510,19 @@ SecurityPolicy-Deny-Http-00041 SecurityPolicy-Deny-Http-00042 [Tags] selfserver ip+应答体and关系 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық&жайлы ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00022 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00022 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -1460,17 +1541,19 @@ SecurityPolicy-Deny-Http-00042 SecurityPolicy-Deny-Http-00043 [Tags] selfserver ip+应答体或关系 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық,1234 ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00022 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00022 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "HTTP","method":"drop"} filterList=${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot index 2065a3d..d4ccc53 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot @@ -9,6 +9,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt Library Custometest Resource ../../../../02-Keyword/tsg_common/StmpHandle.robot +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -22,8 +23,8 @@ SecurityPolicy-Deny-Mail-00001 ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"block","code":550} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"block","code":550} filterList=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -56,8 +57,8 @@ SecurityPolicy-Deny-Mail-00002 ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -90,8 +91,8 @@ SecurityPolicy-Deny-Mail-00003 ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00003 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"rst"} filterList=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -124,8 +125,8 @@ SecurityPolicy-Deny-Mail-00004 ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00004 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"rst"} filterList=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -158,8 +159,8 @@ SecurityPolicy-Deny-Mail-00005 ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Content_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"block","code":551} referenceObject=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00005 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"block","code":551} filterList=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -192,8 +193,8 @@ SecurityPolicy-Deny-Mail-00006 ${rescode} ${object_ATT_CONT_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_ATT_CONT_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00006 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -226,8 +227,8 @@ SecurityPolicy-Deny-Mail-00007 ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00007 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"rst"} filterList=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -260,8 +261,8 @@ SecurityPolicy-Deny-Mail-00008 ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00008 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"rst"} filterList=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -294,8 +295,8 @@ SecurityPolicy-Deny-Mail-00009 ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00009 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -328,8 +329,8 @@ SecurityPolicy-Deny-Mail-00010 ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00010 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00010 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -362,8 +363,8 @@ SecurityPolicy-Deny-Mail-00011 ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00011 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"rst"} filterList=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -396,8 +397,8 @@ SecurityPolicy-Deny-Mail-00012 ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00012 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00012 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"rst"} filterList=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -430,8 +431,8 @@ SecurityPolicy-Deny-Mail-00013 ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00013 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -464,8 +465,8 @@ SecurityPolicy-Deny-Mail-00014 ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00014 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -498,8 +499,8 @@ SecurityPolicy-Deny-Mail-00015 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00015 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"rst"} filterList=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -532,8 +533,8 @@ SecurityPolicy-Deny-Mail-00016 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00016 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"rst"} filterList=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -566,8 +567,8 @@ SecurityPolicy-Deny-Mail-00017 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00017 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00017 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -600,8 +601,8 @@ SecurityPolicy-Deny-Mail-00018 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00018 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00018 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -654,8 +655,8 @@ SecurityPolicy-Deny-Mail-00019 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00019 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT,${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT,${object_Content_Id}|TSG_FIELD_MAIL_CONTENT,${object_From_Id}|TSG_FIELD_MAIL_FROM,${object_To_Id}|TSG_FIELD_MAIL_TO,${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00019 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT,${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT,${object_Content_Id}|TSG_FIELD_MAIL_CONTENT,${object_From_Id}|TSG_FIELD_MAIL_FROM,${object_To_Id}|TSG_FIELD_MAIL_TO,${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -683,10 +684,12 @@ SecurityPolicy-Deny-Mail-00019 SecurityPolicy-Deny-Mail-00020 [Tags] selfserver mali deny 多ip+修改 - Comment 创建第二个源IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.10|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.50.10-192.168.50.10 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwctest* ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} @@ -696,8 +699,8 @@ SecurityPolicy-Deny-Mail-00020 ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00020 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT,${objectId}|TSG_SECURITY_SOURCE_ADDR isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00020 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"MAIL","method":"drop"} filterList=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appIdObjects=5 source=${objectId}|TSG_SECURITY_SOURCE_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -723,8 +726,8 @@ SecurityPolicy-Deny-Mail-00020 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00020 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT,${objectId}|TSG_SECURITY_SOURCE_ADDR isValid=${1} appObjectIdArray=5 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00020 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} filterList=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appIdObjects=5 policyId=${policyId} source=${objectId}|TSG_SECURITY_SOURCE_ADDR + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot index 360b577..fb7cccf 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -15,17 +16,19 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Deny-SSL-00001 [Tags] selfserver deny ssl ip+fqdn - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "SSL","method":"rst"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -44,17 +47,19 @@ SecurityPolicy-Deny-SSL-00001 SecurityPolicy-Deny-SSL-00002 [Tags] selfserver ssl deny sni ip+fqdn右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "SSL","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -73,17 +78,19 @@ SecurityPolicy-Deny-SSL-00002 SecurityPolicy-Deny-SSL-00003 [Tags] selfserver deny ssl sni ip+Cat完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00003 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "SSL","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -102,17 +109,19 @@ SecurityPolicy-Deny-SSL-00003 SecurityPolicy-Deny-SSL-00004 [Tags] selfserver ssl deny ip+fqdn右匹配 cn - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00004 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "SSL","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -131,17 +140,19 @@ SecurityPolicy-Deny-SSL-00004 SecurityPolicy-Deny-SSL-00005 [Tags] deny selfserver cn ssl ip+cat完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00005 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "SSL","method":"rst"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -160,17 +171,19 @@ SecurityPolicy-Deny-SSL-00005 SecurityPolicy-Deny-SSL-00006 [Tags] selfserver ssl deny san ip+fqdn右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00006 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "SSL","method":"rst"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -189,17 +202,19 @@ SecurityPolicy-Deny-SSL-00006 SecurityPolicy-Deny-SSL-00007 [Tags] selfserver deny san ssl ip+cat完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00007 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "SSL","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -227,8 +242,8 @@ SecurityPolicy-Deny-SSL-00008 ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_cat_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SAN,${object_fqdn_Id}|TSG_FIELD_SSL_SNI,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00008 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "SSL","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SAN,${object_fqdn_Id}|TSG_FIELD_SSL_SNI,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appIdObjects=3 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -245,8 +260,8 @@ SecurityPolicy-Deny-SSL-00008 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${object_cat_Id}|TSG_FIELD_SSL_SAN,${object_cat_Id}|TSG_FIELD_SSL_SNI,${object_cat_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00008 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "SSL","method":"drop"} filterList=${object_cat_Id}|TSG_FIELD_SSL_SAN,${object_cat_Id}|TSG_FIELD_SSL_SNI,${object_cat_Id}|TSG_FIELD_SSL_CN isValid=${1} appIdObjects=3 policyId=${policyId} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html @@ -262,17 +277,19 @@ SecurityPolicy-Deny-SSL-00008 SecurityPolicy-Deny-SSL-00009 [Tags] selfserver ssl deny san 多ip+fqdn右匹配 - Comment 创建第二个源IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.18|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.50.18-192.168.50.18 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_SOURCE_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00009 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "SSL","method":"rst"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appIdObjects=3 source=${objectId}|TSG_SECURITY_SOURCE_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot index 1a44f7c..904f042 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -15,13 +16,15 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Intercept-Http-00001 [Tags] Selfserver Intercept Ip Http - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol": "HTTP"} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appIdObjects=2 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -40,17 +43,19 @@ SecurityPolicy-Intercept-Http-00001 SecurityPolicy-Intercept-Http-00002 [Tags] Selfserver Intercept Http Ip+Cat右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00002 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol": "HTTP"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -69,17 +74,19 @@ SecurityPolicy-Intercept-Http-00002 SecurityPolicy-Intercept-Http-00003 [Tags] Selfserver Intercept Http Ip+Fqdn完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00003 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol": "HTTP"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -95,15 +102,18 @@ SecurityPolicy-Intercept-Http-00003 #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + SecurityPolicy-Intercept-Http-00004 [Tags] Selfserver Intercept Http 双协议 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2,3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00004 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol": "HTTP"} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appIdObjects=2,3 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -122,10 +132,12 @@ SecurityPolicy-Intercept-Http-00004 SecurityPolicy-Intercept-Http-00005 [Tags] Selfserver Intercept Http 修改 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} @@ -135,8 +147,8 @@ SecurityPolicy-Intercept-Http-00005 ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_cat_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00006 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol": "HTTP"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -153,8 +165,8 @@ SecurityPolicy-Intercept-Http-00005 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_cat_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00006 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol": "HTTP"} filterList=${object_cat_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 policyId=${policyId} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot index 9672972..cbb59b9 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -15,13 +16,15 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Intercept-SSL-00001 [Tags] Selfserver Intercept Ssl Ip - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appIdObjects=3 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -40,17 +43,19 @@ SecurityPolicy-Intercept-SSL-00001 SecurityPolicy-Intercept-SSL-00002 [Tags] Selfserver Intercept Ssl Ip+Cat完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -69,17 +74,19 @@ SecurityPolicy-Intercept-SSL-00002 SecurityPolicy-Intercept-SSL-00003 [Tags] Selfserver Intercept Ssl Ip+Fqdn右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -98,10 +105,12 @@ SecurityPolicy-Intercept-SSL-00003 SecurityPolicy-Intercept-SSL-00004 [Tags] Selfserver Intercept Ssl 修改 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} @@ -111,8 +120,8 @@ SecurityPolicy-Intercept-SSL-00004 ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_cat_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -129,12 +138,12 @@ SecurityPolicy-Intercept-SSL-00004 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_cat_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 policyId=${policyId} - ${rescode} ${policyId} EditPolicy ${policyDict} update + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_cat_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 policyId=${policyId} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html - @{stringlist} run keyword if '${systemType}'=='Windows' set variable Twitter Tango Secure Gateway CA + ${stringlist} run keyword if '${systemType}'=='Windows' set variable Twitter Tango Secure Gateway CA ... ELSE set variable 新鲜事一网打尽 Tango Secure Gateway CA ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_keyring_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_keyring_Tests.robot index e4f36de..d5fb165 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_keyring_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_keyring_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Library Custometest +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -21,8 +22,8 @@ SecurityPolicy-Intercept-SSL-00001 ${response} CreatePolicyMutipartFile ${url} keyrings/root/ mesalab-ca-cert.pem mesalab-ca-key.pem root ${keyringId} Get From Dictionary ${response} keyringId Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList= isValid=${1} appIdObjects=3 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -49,8 +50,8 @@ SecurityPolicy-Intercept-SSL-00002 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -77,8 +78,8 @@ SecurityPolicy-Intercept-SSL-00003 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -101,8 +102,8 @@ SecurityPolicy-Intercept-SSL-00004 ${response} CreatePolicyMutipartFile ${url} keyrings/intermediate/ tang-ca-v3-intermediate-01-cer.pem tang-ca-v3-intermediate-01-key.pem intermediate ${keyringId} Get From Dictionary ${response} keyringId Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00004 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList= isValid=${1} appIdObjects=3 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -129,8 +130,8 @@ SecurityPolicy-Intercept-SSL-00005 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00005 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -153,8 +154,8 @@ SecurityPolicy-Intercept-SSL-00006 ${response} CreatePolicyMutipartFile ${url} keyrings/end-entity/ tang-ca-v3-www.amazon.cn-cer.pem tang-ca-v3-www.amazon.cn-key.pem end-entity ${keyringId} Get From Dictionary ${response} keyringId Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00006 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList= isValid=${1} appIdObjects=3 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -177,8 +178,8 @@ SecurityPolicy-Intercept-SSL-00007 ${response} CreatePolicyMutipartFile ${url} keyrings/end-entity/ tang-ca-v3-www.bing.com-cer.pem tang-ca-v3-www.bing.com-key.pem end-entity ${keyringId} Get From Dictionary ${response} keyringId Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00004 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList= isValid=${1} appIdObjects=3 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_DNS_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_DNS_Tests.robot index 96c3bab..e44401d 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_DNS_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_DNS_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -20,8 +21,8 @@ SecurityPolicy-Monitor-DNS-00001 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=Monitor effectiveRange= userRegion={"protocol": "DNS"} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-DNS-00001 policyType=tsg_security policyDesc=autotest action=Monitor userRegion={"protocol": "DNS"} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -45,8 +46,8 @@ SecurityPolicy-Monitor-DNS-00002 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"DNS"} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"DNS"} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot index 18bc1cb..cc2a396 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Library Custometest +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -20,8 +21,8 @@ SecurityPolicy-Monitor-Ftp-00001 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00001 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"FTP"} filterList=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -42,8 +43,8 @@ SecurityPolicy-Monitor-Ftp-00002 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00002 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"FTP"} filterList=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -64,8 +65,8 @@ SecurityPolicy-Monitor-Ftp-00003 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00003 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"FTP"} filterList=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -86,8 +87,8 @@ SecurityPolicy-Monitor-Ftp-00004 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00004 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"FTP"} filterList=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appIdObjects=6 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot index c591fe5..ebd9fd0 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -15,13 +16,15 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Monitor-Http-00001 [Tags] Selfserver Monitor Ip Http - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00001 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appIdObjects=2 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -40,17 +43,19 @@ SecurityPolicy-Monitor-Http-00001 SecurityPolicy-Monitor-Http-00002 [Tags] Selfserver Monitor Http Ip+Fqdn右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00002 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -69,17 +74,19 @@ SecurityPolicy-Monitor-Http-00002 SecurityPolicy-Monitor-Http-00003 [Tags] Selfserver Monitor Http Ip+Cat完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00003 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -98,17 +105,19 @@ SecurityPolicy-Monitor-Http-00003 SecurityPolicy-Monitor-Http-00004 [Tags] Selfserver Monitor Http Ip+Url字串匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node.com ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00004 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -127,17 +136,19 @@ SecurityPolicy-Monitor-Http-00004 SecurityPolicy-Monitor-Http-00005 [Tags] Selfserver Monitor Http Ip+Url右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*youtube.html ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00005 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -156,17 +167,19 @@ SecurityPolicy-Monitor-Http-00005 SecurityPolicy-Monitor-Http-00006 [Tags] Selfserver Monitor Http Ip+Url完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00006 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -185,17 +198,19 @@ SecurityPolicy-Monitor-Http-00006 SecurityPolicy-Monitor-Http-00007 [Tags] Selfserver Monitor Http Ip+Url左匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open* ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00007 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -214,17 +229,19 @@ SecurityPolicy-Monitor-Http-00007 SecurityPolicy-Monitor-Http-00008 [Tags] Selfserver Monitor Http Ip+请求头字串匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00008 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00008 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -243,17 +260,19 @@ SecurityPolicy-Monitor-Http-00008 SecurityPolicy-Monitor-Http-00009 [Tags] Selfserver Monitor Http Ip+请求头右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00009 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00009 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -272,17 +291,19 @@ SecurityPolicy-Monitor-Http-00009 SecurityPolicy-Monitor-Http-00010 [Tags] Selfserver Monitor Http Ip+请求头完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00010 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00010 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -301,17 +322,19 @@ SecurityPolicy-Monitor-Http-00010 SecurityPolicy-Monitor-Http-00011 [Tags] Selfserver Monitor Http Ip+请求头左匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00011 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00011 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -330,17 +353,19 @@ SecurityPolicy-Monitor-Http-00011 SecurityPolicy-Monitor-Http-00012 [Tags] Selfserver Monitor Http Ip+Cookie子串匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie ${rescode} ${object_CK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00012 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00012 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -359,17 +384,19 @@ SecurityPolicy-Monitor-Http-00012 SecurityPolicy-Monitor-Http-00013 [Tags] Selfserver Monitor Http Ip+应答头字串匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=utf-8|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00013 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00013 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -388,17 +415,19 @@ SecurityPolicy-Monitor-Http-00013 SecurityPolicy-Monitor-Http-00014 [Tags] Selfserver Monitor Http Ip+应答头右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00014 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00014 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -417,17 +446,19 @@ SecurityPolicy-Monitor-Http-00014 SecurityPolicy-Monitor-Http-00015 [Tags] Selfserver Monitor Http Ip+应答头完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00015 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00015 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -446,17 +477,19 @@ SecurityPolicy-Monitor-Http-00015 SecurityPolicy-Monitor-Http-00016 [Tags] Selfserver Monitor Http Ip+应答头左匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00016 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00016 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -475,17 +508,19 @@ SecurityPolicy-Monitor-Http-00016 SecurityPolicy-Monitor-Http-00017 [Tags] Selfserver Monitor Http Ip+Set-Cookie字串匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=4567|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00017 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00017 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -504,17 +539,19 @@ SecurityPolicy-Monitor-Http-00017 SecurityPolicy-Monitor-Http-00018 [Tags] Selfserver Monitor Http Ip+Set-Cookie右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*5678|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00018 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00018 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -533,17 +570,19 @@ SecurityPolicy-Monitor-Http-00018 SecurityPolicy-Monitor-Http-00019 [Tags] Selfserver Monitor Http Ip+Set-Cookie完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00019 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00019 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -562,17 +601,19 @@ SecurityPolicy-Monitor-Http-00019 SecurityPolicy-Monitor-Http-00020 [Tags] Selfserver Monitor Http Ip+Set-Cookie左匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=1234*|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00020 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00020 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -591,17 +632,19 @@ SecurityPolicy-Monitor-Http-00020 SecurityPolicy-Monitor-Http-00021 [Tags] Selfserver Monitor Http Ip+请求体 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00021 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00021 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -620,17 +663,19 @@ SecurityPolicy-Monitor-Http-00021 SecurityPolicy-Monitor-Http-00022 [Tags] Selfserver Monitor Http Ip+应答体 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00022 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00022 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -649,17 +694,19 @@ SecurityPolicy-Monitor-Http-00022 SecurityPolicy-Monitor-Http-00023 [Tags] selfserver ip+请求体and关系 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=ctes&t123 ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00023 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00023 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -678,17 +725,19 @@ SecurityPolicy-Monitor-Http-00023 SecurityPolicy-Monitor-Http-00024 [Tags] selfserver ip+请求体或关系 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建请求体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test,qazx ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00024 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00024 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -707,17 +756,19 @@ SecurityPolicy-Monitor-Http-00024 SecurityPolicy-Monitor-Http-00025 [Tags] selfserver ip+应答体and关系 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық&жайлы ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00025 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00025 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -736,17 +787,19 @@ SecurityPolicy-Monitor-Http-00025 SecurityPolicy-Monitor-Http-00026 [Tags] selfserver ip+应答体或关系 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建应答体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық,1234 ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00026 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00026 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "HTTP"} filterList=${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=2 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_MAIL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_MAIL_Tests.robot index 6f97368..865a4e3 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_MAIL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_MAIL_Tests.robot @@ -9,6 +9,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt Library Custometest Resource ../../../../02-Keyword/tsg_common/StmpHandle.robot +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -22,8 +23,8 @@ SecurityPolicy-Monitor-Mail-00001 ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00001 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -56,8 +57,8 @@ SecurityPolicy-Monitor-Mail-00002 ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00002 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -90,8 +91,8 @@ SecurityPolicy-Monitor-Mail-00003 ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00003 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -124,8 +125,8 @@ SecurityPolicy-Monitor-Mail-00004 ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00004 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -158,8 +159,8 @@ SecurityPolicy-Monitor-Mail-00005 ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Content_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00005 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -192,8 +193,8 @@ SecurityPolicy-Monitor-Mail-00006 ${rescode} ${object_ATT_CONT_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_ATT_CONT_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00006 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -226,8 +227,8 @@ SecurityPolicy-Monitor-Mail-00007 ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00007 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -260,8 +261,8 @@ SecurityPolicy-Monitor-Mail-00008 ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00008 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00008 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -294,8 +295,8 @@ SecurityPolicy-Monitor-Mail-00009 ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00009 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00009 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -328,8 +329,8 @@ SecurityPolicy-Monitor-Mail-00010 ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00010 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00010 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -362,8 +363,8 @@ SecurityPolicy-Monitor-Mail-00011 ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00011 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -396,8 +397,8 @@ SecurityPolicy-Monitor-Mail-00012 ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00012 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00012 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -430,8 +431,8 @@ SecurityPolicy-Monitor-Mail-00013 ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00013 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -464,8 +465,8 @@ SecurityPolicy-Monitor-Mail-00014 ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00014 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -498,8 +499,8 @@ SecurityPolicy-Monitor-Mail-00015 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00015 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -532,8 +533,8 @@ SecurityPolicy-Monitor-Mail-00016 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00016 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -566,8 +567,8 @@ SecurityPolicy-Monitor-Mail-00017 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00017 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00017 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 @@ -600,8 +601,8 @@ SecurityPolicy-Monitor-Mail-00018 ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-monitor-Mail-00018 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-monitor-Mail-00018 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"MAIL"} filterList=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appIdObjects=5 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_SSL_Tests.robot index 556bf88..7e07e99 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_SSL_Tests.robot @@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot *** Variables *** ${policyIds} ${EMPTY} @@ -15,13 +16,15 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Monitor-SSL-00001 [Tags] Selfserver Monitor Ip Ssl - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00001 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "SSL"} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appIdObjects=3 + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -40,17 +43,19 @@ SecurityPolicy-Monitor-SSL-00001 SecurityPolicy-Monitor-SSL-00002 [Tags] Selfserver Monitor Ssl Sni Ip+Fqdn右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00002 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "SSL"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -69,17 +74,19 @@ SecurityPolicy-Monitor-SSL-00002 SecurityPolicy-Monitor-SSL-00003 [Tags] Selfserver Monitor Ssl Ip+Cat完整匹配 Sni - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00003 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "SSL"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -98,17 +105,19 @@ SecurityPolicy-Monitor-SSL-00003 SecurityPolicy-Monitor-SSL-00004 [Tags] Selfserver SSL Monitor Cn Ip+Fqdn右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00004 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "SSL"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -127,17 +136,19 @@ SecurityPolicy-Monitor-SSL-00004 SecurityPolicy-Monitor-SSL-00005 [Tags] Selfserver Monitor Ssl Ip+Cat完整匹配 Cn - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00005 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"SSL"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -156,17 +167,19 @@ SecurityPolicy-Monitor-SSL-00005 SecurityPolicy-Monitor-SSL-00006 [Tags] Selfserver Monitor Ssl San Ip+Fqdn右匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00006 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"SSL"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 @@ -185,17 +198,19 @@ SecurityPolicy-Monitor-SSL-00006 SecurityPolicy-Monitor-SSL-00007 [Tags] Selfserver Monitor Ssl Ip+Cat完整匹配 San - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} + Comment 创建IP + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} + ${objectIds} Set Variable ${objectId} Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00007 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol": "SSL"} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证