修改将安全策略由v1接口改为v2接口
This commit is contained in:
jwc
@@ -7,6 +7,7 @@ Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
||||
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
||||
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
|
||||
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
|
||||
Resource ../../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
|
||||
|
||||
*** Variables ***
|
||||
${policyIds} ${EMPTY}
|
||||
@@ -15,13 +16,15 @@ ${objectids} ${EMPTY}
|
||||
*** Test Cases ***
|
||||
SecurityPolicy-Intercept-SSL-00001
|
||||
[Tags] Selfserver Intercept Ssl Ip
|
||||
Comment 创建目标IP
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appIdObjects=3
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
Comment 功能端验证HTTP验证
|
||||
@@ -40,17 +43,19 @@ SecurityPolicy-Intercept-SSL-00001
|
||||
|
||||
SecurityPolicy-Intercept-SSL-00002
|
||||
[Tags] Selfserver Intercept Ssl Ip+Cat完整匹配
|
||||
Comment 创建目标IP
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId}
|
||||
Comment 创建cat
|
||||
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
|
||||
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
Comment 功能端验证HTTP验证
|
||||
@@ -69,17 +74,19 @@ SecurityPolicy-Intercept-SSL-00002
|
||||
|
||||
SecurityPolicy-Intercept-SSL-00003
|
||||
[Tags] Selfserver Intercept Ssl Ip+Fqdn右匹配
|
||||
Comment 创建目标IP
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId}
|
||||
Comment 创建fqdn
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com
|
||||
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
Comment 功能端验证HTTP验证
|
||||
@@ -98,10 +105,12 @@ SecurityPolicy-Intercept-SSL-00003
|
||||
|
||||
SecurityPolicy-Intercept-SSL-00004
|
||||
[Tags] Selfserver Intercept Ssl 修改
|
||||
Comment 创建目标IP
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.100.5-192.168.100.5 port=0-0 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId}
|
||||
Comment 创建fqdn
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com
|
||||
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
|
||||
@@ -111,8 +120,8 @@ SecurityPolicy-Intercept-SSL-00004
|
||||
${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_cat_Id}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
Comment 功能端验证HTTP验证
|
||||
@@ -129,12 +138,12 @@ SecurityPolicy-Intercept-SSL-00004
|
||||
${s} Convert to String ${policyId}
|
||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
Comment 修改策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_cat_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 policyId=${policyId}
|
||||
${rescode} ${policyId} EditPolicy ${policyDict} update
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_cat_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3 policyId=${policyId} destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR
|
||||
${rescode} UpdatePolicies 1 ${policyDict} v2 update
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
|
||||
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' set variable Twitter Tango Secure Gateway CA
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' set variable Twitter Tango Secure Gateway CA
|
||||
... ELSE set variable 新鲜事一网打尽 Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Reference in New Issue
Block a user