提交安全策略和代理策略全流程用例
This commit is contained in:
lyf
@@ -1,103 +1,809 @@
|
||||
*** Settings ***
|
||||
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
|
||||
Force Tags tsg_adc Security_Policy
|
||||
Library OperatingSystem
|
||||
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
||||
Resource ../../../03-Variable/BifangApiVariable.txt
|
||||
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
|
||||
|
||||
*** Variables ***
|
||||
${policyIds} ${EMPTY}
|
||||
${objectids} ${EMPTY}
|
||||
|
||||
|
||||
*** Test Cases ***
|
||||
SecurityPolicy-monitor-Http-00001
|
||||
[Tags] monitor http ip+cat+User-Agent+Content-Type+url
|
||||
#创建cat
|
||||
${rescodeip} ${object_cat_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn_category", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_cat_zm", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_cat_zm", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*ziroom.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
log ${object_cat_Id}
|
||||
#删除对象
|
||||
${objectids} set Variable ${object_cat_Id}
|
||||
#创建url
|
||||
${rescode} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_zm", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_zm", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "ziroom" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
log ${object_url_Id}
|
||||
#删除对象
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
|
||||
#创建请求头
|
||||
${rescode} ${object_User_Agent_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_UA","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}}
|
||||
log ${object_User_Agent_Id}
|
||||
#删除对象
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_User_Agent_Id}
|
||||
#创建应答头
|
||||
${rescode} ${object_Content-Type_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_CT","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}}
|
||||
log ${object_Content-Type_Id}
|
||||
#删除对象
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_Content-Type_Id}
|
||||
#创建策略
|
||||
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-http-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_User_Agent_Id},"protocolFields": ["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_Content-Type_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-http-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_User_Agent_Id},"protocolFields": ["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_Content-Type_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-http-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_cat_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_User_Agent_Id},"protocolFields": ["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_Content-Type_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
${rescode} ${policyId} AddPolicy ${addPolicyStr}
|
||||
log ${policyId}
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
#功能端验证
|
||||
#${commandstr} set variable curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://www.ziroom.com/life/index \ \ | iconv -f utf-8 -t gbk
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://www.ziroom.com/life/index \ \ | iconv -f utf-8 -t gbk
|
||||
... ELSE set variable curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://www.ziroom.com/life/index
|
||||
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${commandreturn} OperatingSystem.Run ${commandstr}
|
||||
should contain ${commandreturn} 全屋智能美家
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
log ${rescode}
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId}
|
||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_domain www.ziroom.com
|
||||
|
||||
SecurityPolicy-monitor-Http-00002
|
||||
[Tags] monitor http SUB+cat+set-cookie+url
|
||||
#创建fqdn
|
||||
${rescodeip} ${object_fqdn_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_fqdn_ziroom", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_fqdn_ziroom", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*zhu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
log ${object_fqdn_Id}
|
||||
#删除对象
|
||||
${objectids} set Variable ${object_fqdn_Id}
|
||||
#创建url
|
||||
${rescode} ${object_url_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"url", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_url_xz", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "www.xiaozhu*" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
log ${object_url_Id}
|
||||
#删除对象
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
|
||||
#创建请求头
|
||||
${rescode} ${object_sk_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_http_sk","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*domain=.xiaozhu.com"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}}
|
||||
log ${object_sk_Id}
|
||||
#删除对象
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_sk_Id}
|
||||
#创建策略
|
||||
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_fqdn_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${object_SUB_Id}, \ \ \ \ \ \ \ \ "protocolFields":[]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_sk_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_fqdn_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${testClentSubID}, \ \ \ \ \ \ \ \ "protocolFields":[null]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_sk_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] } \
|
||||
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-http-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_fqdn_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_HTTP_HOST"]}, \ \ \ \ \ \ \ \ {"objectId":${testClentSubID}, \ \ \ \ \ \ \ \ "protocolFields":[]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${object_sk_Id},"protocolFields": ["TSG_FIELD_HTTP_RES_HDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
|
||||
${rescode} ${policyId} AddPolicy ${addPolicyStr}
|
||||
log ${policyId}
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
#功能端验证
|
||||
#${commandstr} set variable curl --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' \ http://www.xiaozhu.com \ \ | iconv -f utf-8 -t gbk
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable curl --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' \ http://www.xiaozhu.com \ \ | iconv -f utf-8 -t gbk
|
||||
... ELSE set variable curl --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' http://www.xiaozhu.com
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${commandreturn} SystemCommand ${commandstr}
|
||||
should contain ${commandreturn} 200
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
log ${rescode}
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId}
|
||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_domain www.xiaozhu.com
|
||||
|
||||
*** Settings ***
|
||||
Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids}
|
||||
Force Tags tsg_adc tsg_security
|
||||
Library OperatingSystem
|
||||
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
||||
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
|
||||
Resource ../../../03-Variable/ApplicationID.txt
|
||||
Resource ../../../03-Variable/BifangApiVariable.txt
|
||||
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
|
||||
Library ../../../04-CustomLibrary/Library/VerifyPolicy.py
|
||||
|
||||
*** Variables ***
|
||||
${policyIds} ${EMPTY}
|
||||
${objectids} ${EMPTY}
|
||||
${url1} /v1/policy/profile/responsepages
|
||||
*** Test Cases ***
|
||||
SecurityPolicy-Monitor-HTTP-00001
|
||||
[Tags] Monitor IP HTTP
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00002.bat
|
||||
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00002_L.bat
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Fitzhugh Media
|
||||
... ELSE Create List Fitzhugh Media
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host HTTP
|
||||
Should Be Equal As Strings ${returnvalue} true
|
||||
|
||||
SecurityPolicy-Monitor-HTTP-00002
|
||||
[Tags] Monitor IP HTTP FQDN
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment 创建fqdn
|
||||
${addItemList1} Create Dictionary keywordArray=*fitzhughmedia.com isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${qname_fqdn_id} Create Dictionary attributeType=string attributeName=host appId=67 appName=http protocol=http attributeValue={"string": "fitzhughmedia.com"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${qname_fqdn_id}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00002.bat
|
||||
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00002_L.bat
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Fitzhugh Media
|
||||
... ELSE Create List Fitzhugh Media
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host fitzhughmedia.com
|
||||
Should Be Equal As Strings ${returnvalue} true
|
||||
|
||||
SecurityPolicy-Monitor-HTTP-00003
|
||||
[Tags] Monitor IP HTTP URL
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment 创建url
|
||||
${addItemList1} Create Dictionary keywordArray=portal/zh_CN/home/index.html isHexbin=${0}
|
||||
${addItemList2} Create Dictionary keywordArray=www.nuk-baby.ru* isHexbin=${0}
|
||||
${addItemList3} Create Dictionary keywordArray=davidsmithhunting.com isHexbin=${0}
|
||||
${addItemList4} Create Dictionary keywordArray=crosswordheaven isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1} ${addItemList2} ${addItemList3} ${addItemList4}
|
||||
${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=Monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${url} Create Dictionary attributeType=string attributeName=url appId=67 appName=http protocol=http attributeValue={"string": "www.hkbchina.com/portal/zh_CN/home/index.html"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${url}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00003.bat
|
||||
... ELSE set variable curl http://www.hkbchina.com/portal/zh_CN/home/index.html
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 汉口银行
|
||||
... ELSE Create List 汉口银行
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00003_1.bat
|
||||
... ELSE set variable curl http://www.nuk-baby.ru/ru_ru/kollekcii/disney-mickey-mouse.html
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Поиск
|
||||
... ELSE Create List Поиск
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00003_2.bat
|
||||
... ELSE set variable curl http://davidsmithhunting.com/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List David Smith
|
||||
... ELSE Create List David Smith
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00003_3.bat
|
||||
... ELSE set variable curl http://crosswordheaven.com/search
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Search
|
||||
... ELSE Create List Search
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host hkbchina.com
|
||||
Should Be Equal As Strings ${returnvalue} true
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host baby.ru
|
||||
Should Be Equal As Strings ${returnvalue} true
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host davidsmithhunting.com
|
||||
Should Be Equal As Strings ${returnvalue} true
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host crosswordheaven.com
|
||||
Should Be Equal As Strings ${returnvalue} true
|
||||
|
||||
SecurityPolicy-Monitor-HTTP-00004
|
||||
[Tags] Monitor IP HTTP User-Agent
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment User-Agent
|
||||
${addItemList1} Create Dictionary keywordArray=Mozilla/5.0* isHexbin=${0} district=User-Agent
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${req_hdr_ua} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "Mozilla/5.0","district": "User-Agent"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${req_hdr_ua}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00004.bat
|
||||
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00004_L.bat
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Motivational
|
||||
... ELSE Create List Motivational
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host quotes.info
|
||||
Should Be Equal As Strings ${returnvalue} true
|
||||
|
||||
SecurityPolicy-Monitor-HTTP-00005
|
||||
[Tags] Monitor IP HTTP Content-Type
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment Content-Type
|
||||
${addItemList1} Create Dictionary keywordArray=*html isHexbin=${0} district=Content-Type
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${res_hdr_ct} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "text/html","district": "Content-Type"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${res_hdr_ct}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_yumi.bat
|
||||
... ELSE set variable curl http://www.yumi.com
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 服务平台
|
||||
... ELSE Create List 服务平台
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.yumi.com
|
||||
|
||||
SecurityPolicy-Monitor-HTTP-00006
|
||||
[Tags] Monitor IP HTTP Cookie
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment Cookie
|
||||
${addItemList1} Create Dictionary keywordArray=wingsofprey isHexbin=${0} district=Cookie
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${req_hdr_ck} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "wingsofprey","district": "Cookie"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${req_hdr_ck}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00012.bat
|
||||
... ELSE set variable curl -kv --cookie "*wingsofprey=jkmg7dm2dqjhf4514u0ehjde45; __utma=1.780132397.1593856991.1593856991.1593856991.1; __utmc=1; __utmz=1.1593856991.1.1.utmcsr=lvse.cn" --referer 'http://www.baidu.com/' \ http://www.titter.com/en/games/jack-stone.html
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Scooby Doo Adventure 3
|
||||
... ELSE Create List Scooby Doo Adventure 3
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.titter.com
|
||||
|
||||
SecurityPolicy-Monitor-HTTP-00007
|
||||
[Tags] Monitor IP HTTP Set-Cookie
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment Set-Cookie
|
||||
${addItemList1} Create Dictionary keywordArray=domain=www.spore isHexbin=${0} district=Set-Cookie
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=Monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${res_hdr_sc} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "domain=www.spore","district": "Set-Cookie"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${res_hdr_sc}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00013.bat
|
||||
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00013_L.bat
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List www.spore.com
|
||||
... ELSE Create List www.spore.com
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.spore.com
|
||||
|
||||
SecurityPolicy-Monitor-HTTP-00008
|
||||
[Tags] Monitor IP HTTP Request Content
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment Request Content
|
||||
${addItemList1} Create Dictionary keywordArray=monitortest141 isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${req_body} Create Dictionary attributeType=string attributeName=req_body appId=67 appName=http protocol=http attributeValue={"string": "monitortest141"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${req_body}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00014.bat
|
||||
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Monitor_HTTP_00014_L.bat
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List monitortest141
|
||||
... ELSE Create List monitortest141
|
||||
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
SecurityPolicy-Monitor-HTTP-00009
|
||||
[Tags] Monitor IP HTTP Response Content
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment Response Content
|
||||
${addItemList1} Create Dictionary keywordArray=华彤公司 isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${res_body} Create Dictionary attributeType=string attributeName=res_body appId=67 appName=http protocol=http attributeValue={"string": "华彤公司"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${res_body}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00015.bat
|
||||
... ELSE set variable curl -m 10 -kv http://www.huatonggs.com/about.html#gsjj
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 华彤公司
|
||||
... ELSE Create List 华彤公司
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host huatonggs.com
|
||||
|
||||
SecurityPolicy-Monitor-HTTP-00010
|
||||
[Tags] Monitor IP HTTP FQDN URL User-Agent Content-Type Request Content
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment 创建fqdn
|
||||
${addItemList1} Create Dictionary keywordArray=*open.node.com isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||
|
||||
Comment 创建url
|
||||
${addItemList1} Create Dictionary keywordArray=open.node isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId2} AddObjects ${1} ${objectDict1}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2}
|
||||
|
||||
Comment User-Agent
|
||||
${addItemList1} Create Dictionary keywordArray=Mozilla/5.0* isHexbin=${0} district=User-Agent
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId3} AddObjects ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId3}
|
||||
|
||||
Comment Content-Type
|
||||
${addItemList1} Create Dictionary keywordArray=charset isHexbin=${0} district=Content-Type
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId4} AddObjects ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId4}
|
||||
|
||||
Comment Request Content
|
||||
${addItemList1} Create Dictionary keywordArray=MonitorHttp0016 isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId5} AddObjects ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId5}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST,${objectId2}|TSG_FIELD_HTTP_URL,${objectId3}|TSG_FIELD_HTTP_REQ_HDR,${objectId4}|TSG_FIELD_HTTP_RES_HDR,${objectId5}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${qname_fqdn_id} Create Dictionary attributeType=string attributeName=host appId=67 appName=http protocol=http attributeValue={"string": "open.node.com"}
|
||||
${url} Create Dictionary attributeType=string attributeName=url appId=67 appName=http protocol=http attributeValue={"string": "open.node.com/"}
|
||||
${req_hdr_ua} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "Mozilla/5.0","district": "User-Agent"}
|
||||
${res_hdr_ct} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "charset","district": "Content-Type"}
|
||||
${req_body} Create Dictionary attributeType=string attributeName=req_body appId=67 appName=http protocol=http attributeValue={"string": "testMonitorHttp0016"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${qname_fqdn_id} ${url} ${req_hdr_ua} ${res_hdr_ct} ${req_body}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00016.bat
|
||||
... ELSE set variable curl -m 10 -kv -H "Content-Type:application/json;charset=UTF-8" -X POST -d "{"requestbody":"MonitorHttp0016","setcook":"asdf","contenttype": "charsetMonitor0016","responsebody": "adzx"}" -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com:180/go
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List MonitorHttp0016
|
||||
... ELSE Create List MonitorHttp0016
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
SecurityPolicy-Monitor-HTTP-00011
|
||||
[Tags] Monitor IP HTTP FQDN URL Cookie Set-Cookie Response Content
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment 创建fqdn
|
||||
${addItemList1} Create Dictionary keywordArray=*smspunch.net isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||
|
||||
Comment 创建url
|
||||
${addItemList1} Create Dictionary keywordArray=*send-free-sms.aspx isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId2} AddObjects ${1} ${objectDict1}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2}
|
||||
|
||||
Comment Cookie
|
||||
${addItemList1} Create Dictionary keywordArray=_ym_isad=2 isHexbin=${0} district=Cookie
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId3} AddObjects ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId3}
|
||||
|
||||
Comment Set-Cookie
|
||||
${addItemList1} Create Dictionary keywordArray=NET_SessionId isHexbin=${0} district=Set-Cookie
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId4} AddObjects ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId4}
|
||||
|
||||
Comment Response Content
|
||||
${addItemList1} Create Dictionary keywordArray=Cell No isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId5} AddObjects ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId5}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST,${objectId2}|TSG_FIELD_HTTP_URL,${objectId3}|TSG_FIELD_HTTP_REQ_HDR,${objectId4}|TSG_FIELD_HTTP_RES_HDR,${objectId5}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${fqdn} Create Dictionary attributeType=string attributeName=host appId=67 appName=http protocol=http attributeValue={"string": "smspunch.net"}
|
||||
${url} Create Dictionary attributeType=string attributeName=url appId=67 appName=http protocol=http attributeValue={"string": "smspunch.net/send-free-sms.aspx"}
|
||||
${req_hdr_ck} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "_ym_isad=2","district": "Cookie"}
|
||||
${res_hdr_sc} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "NET_SessionId","district": "Set-Cookie"}
|
||||
${res_body} Create Dictionary attributeType=string attributeName=res_body appId=67 appName=http protocol=http attributeValue={"string": "Cell No"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${fqdn} ${url} ${req_hdr_ck} ${res_hdr_sc} ${res_body}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00017.bat
|
||||
... ELSE set variable curl -m 10 -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://smspunch.net/send-free-sms.aspx
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List smspunch.net
|
||||
... ELSE Create List smspunch.net
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host smspunch.net
|
||||
Reference in New Issue
Block a user