gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改将安全策略由v1接口改为v2接口

Browse Source
This commit is contained in:
jwc
2020-08-18 09:26:52 +08:00
parent 02e3a2834b
commit 0c9d6e8c74
18 changed files with 1017 additions and 796 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot
View File

@@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
*** Variables ***
${policyIds} ${EMPTY}
@@ -20,8 +21,8 @@ SecurityPolicy-Deny-DNS-00001
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "DNS","method":"drop"} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol": "DNS","method":"drop"} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
@@ -45,8 +46,8 @@ SecurityPolicy-Deny-DNS-00002
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.vip.com","ttl":{"min":300,"max":300}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_cat_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.vip.com","ttl":{"min":300,"max":300}}]}]} isValid=${1} appIdObjects=4 filterList=${object_cat_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
@@ -65,17 +66,19 @@ SecurityPolicy-Deny-DNS-00002
SecurityPolicy-Deny-DNS-00003
[Tags] dns deny selfserver 多Ip+fqdn网站匹配
Comment 创建第二个源IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.18|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建IP
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.50.18-192.168.50.18 port=0-0 direction=0 protocol=0 isInitialize=0
${addItemLists} Create list ${addItemList1}
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId} AddObjects ${1} ${objectDict}
${objectIds} Set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.douban.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"CNAME","value":"www.taobao.com","ttl":{"min":350,"max":350}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME,${objectId}|TSG_SECURITY_SOURCE_ADDR
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00003 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"CNAME","value":"www.taobao.com","ttl":{"min":350,"max":350}}]}]} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME source=${objectId}|TSG_SECURITY_SOURCE_ADDR
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
@@ -99,8 +102,8 @@ SecurityPolicy-Deny-DNS-00004
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_cat_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":400,"max":400}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_cat_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00004 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":400,"max":400}}]}]} isValid=${1} appIdObjects=4 filterList=${object_cat_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
@@ -124,8 +127,8 @@ SecurityPolicy-Deny-DNS-00005
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00005 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}}]}]} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
@@ -153,8 +156,8 @@ SecurityPolicy-Deny-DNS-00006
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00006 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}}]}]} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
@@ -171,8 +174,8 @@ SecurityPolicy-Deny-DNS-00006
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.mgtv.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":400,"max":400}}]}]} referenceObject=${object_cat_Id}|TSG_FIELD_DNS_QNAME isValid=${1} appObjectIdArray=4 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00006 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":400,"max":400}}]}]} filterList=${object_cat_Id}|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=4 policyId=${policyId}
${rescode} UpdatePolicies 1 ${policyDict} v2 update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.suning.com
... ELSE set variable nslookup -debug -query=A \ www.suning.com
@@ -193,8 +196,8 @@ SecurityPolicy-Deny-DNS-00007
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.zhihu.com","ttl":{"min":300,"max":300}}],"qtype":"AAAA"}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00007 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.zhihu.com","ttl":{"min":300,"max":300}}],"qtype":"AAAA"}]} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
@@ -218,8 +221,8 @@ SecurityPolicy-Deny-DNS-00008
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":500,"max":500}},{"atype":"CNAME","value":"www.bilibili.com","ttl":{"min":500,"max":500}}],"qtype":"A"}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00008 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"A","value":"192.168.50.18","ttl":{"min":500,"max":500}},{"atype":"CNAME","value":"www.bilibili.com","ttl":{"min":500,"max":500}}],"qtype":"A"}]} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
@@ -238,13 +241,13 @@ SecurityPolicy-Deny-DNS-00008
SecurityPolicy-Deny-DNS-00009
[Tags] selfserver dns deny ip+fqdn完整匹配
Comment 创建fqdn
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.douyu.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${object_fqdn_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}},{"atype":"CNAME","value":"www.booking.com","ttl":{"min":500,"max":500}}],"qtype":"AAAA"},{"qtype":"A","answer":[{"atype":"CNAME","value":"www.tuniu.com","ttl":{"min":500,"max":500}},{"atype":"A","value":"192.168.50.18","ttl":{"min":500,"max":500}}]}]} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00009 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:66","ttl":{"min":500,"max":500}},{"atype":"CNAME","value":"www.booking.com","ttl":{"min":500,"max":500}}],"qtype":"AAAA"},{"qtype":"A","answer":[{"atype":"CNAME","value":"www.tuniu.com","ttl":{"min":500,"max":500}},{"atype":"A","value":"192.168.50.18","ttl":{"min":500,"max":500}}]}]} isValid=${1} appIdObjects=4 filterList=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证