gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

提交安全策略和代理策略全流程用例

Browse Source
This commit is contained in:
lyf
2021-05-14 15:57:06 +08:00
parent 52e72067ff
commit 0d828fcd7a
46 changed files with 11647 additions and 6232 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
01-TestCase/tsg_adc/api_security/DenySSLTests.robot
View File

@@ -60,15 +60,15 @@ SecurityPolicy-Deny-SSL-00001
Comment 策略验证
#新增策略验证
#创建attributes中的字典
${sni} Create Dictionary attributeType=string attributeName=sni appId=126 appName=ssl protocol=ssl attributeValue={"string": "www.prlib.ru"}
${cn} Create Dictionary attributeType=string attributeName=cn appId=126 appName=ssl protocol=ssl attributeValue={"string": "www.prlib.ru"}
${san} Create Dictionary attributeType=string attributeName=san appId=126 appName=ssl protocol=ssl attributeValue={"string": "www.prlib.ru"}
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "126"}
${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
${sni} Create Dictionary attributeType=string attributeName=sni appId=199 appName=ssl protocol=ssl attributeValue={"string": "www.prlib.ru"}
${cn} Create Dictionary attributeType=string attributeName=cn appId=199 appName=ssl protocol=ssl attributeValue={"string": "www.prlib.ru"}
${san} Create Dictionary attributeType=string attributeName=san appId=199 appName=ssl protocol=ssl attributeValue={"string": "www.prlib.ru"}
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "199"}
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
# 合成attributes字典集
${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${sni} ${cn} ${san}
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${sni} ${cn} ${san}
${verifySession} Create Dictionary attributes=${attributes}
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
log ${verifyList}
@@ -127,13 +127,13 @@ SecurityPolicy-Deny-SSL-00002
Comment 策略验证
#新增策略验证
#创建attributes中的字典
${sni} Create Dictionary attributeType=string attributeName=sni appId=126 appName=ssl protocol=ssl attributeValue={"string": "www.prlib.ru"}
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "126"}
${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
${sni} Create Dictionary attributeType=string attributeName=sni appId=199 appName=ssl protocol=ssl attributeValue={"string": "www.prlib.ru"}
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "199"}
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
# 合成attributes字典集
${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${sni}
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${sni}
${verifySession} Create Dictionary attributes=${attributes}
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
log ${verifyList}
@@ -193,13 +193,13 @@ SecurityPolicy-Deny-SSL-00003
Comment 策略验证
#新增策略验证
#创建attributes中的字典
${cn} Create Dictionary attributeType=string attributeName=cn appId=126 appName=ssl protocol=ssl attributeValue={"string": "www.prlib.ru"}
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "126"}
${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
${cn} Create Dictionary attributeType=string attributeName=cn appId=199 appName=ssl protocol=ssl attributeValue={"string": "www.prlib.ru"}
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "199"}
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
# 合成attributes字典集
${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${cn}
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${cn}
${verifySession} Create Dictionary attributes=${attributes}
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
log ${verifyList}
@@ -240,7 +240,7 @@ SecurityPolicy-Deny-SSL-00004
${objectids} set Variable ${objectId}
Comment 创建SAN
${addItemList1} Create Dictionary keywordArray=*austinama.org isHexbin=${0}
${addItemList1} Create Dictionary keywordArray=*prlib.ru isHexbin=${0}
${addItemLists} Create list ${addItemList1}
${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId3} AddObjects ${1} ${objectDict1}
@@ -258,13 +258,13 @@ SecurityPolicy-Deny-SSL-00004
Comment 策略验证
#新增策略验证
#创建attributes中的字典
${san} Create Dictionary attributeType=string attributeName=san appId=126 appName=ssl protocol=ssl attributeValue={"string": "austinama.org"}
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "126"}
${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
${san} Create Dictionary attributeType=string attributeName=san appId=199 appName=ssl protocol=ssl attributeValue={"string": "prlib.ru"}
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "199"}
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
# 合成attributes字典集
${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${san}
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${san}
${verifySession} Create Dictionary attributes=${attributes}
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
log ${verifyList}
@@ -283,17 +283,18 @@ SecurityPolicy-Deny-SSL-00004
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00003.bat
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00003_L.bat
${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00004.bat
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00004_L.bat
${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out
... ELSE Create List timed out
${rescode} SystemCommands ${commandstr} ${stringlist}
Comment 日志验证
#日志验证
${s} Convert to String ${policyIds}
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ssl_sni austinama.org
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ssl_sni www.prlib.ru
Should Be Equal As Strings ${returnvalue} true
SecurityPolicy-Deny-SSL-00005
[Tags] Deny IP SSL
@@ -317,12 +318,12 @@ SecurityPolicy-Deny-SSL-00005
Comment 策略验证
#新增策略验证
#创建attributes中的字典
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "126"}
${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "199"}
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
# 合成attributes字典集
${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination}
${attributes} Create List ${app_id} ${ipsource} ${ipdestination}
${verifySession} Create Dictionary attributes=${attributes}
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
log ${verifyList}
@@ -350,5 +351,5 @@ SecurityPolicy-Deny-SSL-00005
Comment 日志验证
#日志验证
${s} Convert to String ${policyIds}
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ssl_sni austinama.org
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ssl_sni SSL
Should Be Equal As Strings ${returnvalue} true