提交安全策略和代理策略全流程用例
This commit is contained in:
lyf
@@ -1,98 +1,356 @@
|
||||
*** Settings ***
|
||||
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
|
||||
Force Tags tsg_adc Security_Policy
|
||||
Library OperatingSystem
|
||||
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
||||
Resource ../../../03-Variable/BifangApiVariable.txt
|
||||
Resource ../../../02-Keyword/tsg_common/StmpHandle.robot
|
||||
|
||||
*** Variables ***
|
||||
${policyIds} ${EMPTY}
|
||||
${objectids} ${EMPTY}
|
||||
|
||||
*** Test Cases ***
|
||||
SecurityPolicy-monitor-SSL-00001
|
||||
[Tags] monitor ssl ip+cat
|
||||
#创建SNI_CAT
|
||||
${rescodeip} ${object_sni_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_SSL_yhd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
|
||||
log ${object_sni_Id}
|
||||
#删除对象
|
||||
${objectids} set Variable ${object_sni_Id}
|
||||
#创建SAN_CAT
|
||||
${rescodeip} ${object_san_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_SSL_yhd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
|
||||
log ${object_san_Id}
|
||||
#删除对象
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_san_Id}
|
||||
#创建对象 CN_CAT
|
||||
${rescodeip} ${object_cn_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_SSL_yhd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
|
||||
log ${object_cn_Id}
|
||||
#删除对象
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_cn_Id}
|
||||
#创建策略
|
||||
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-SSL-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_sni_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, {"objectId":${object_san_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SAN"]},{"objectId":${object_cn_Id}, \ \ \ \ \ \ \ \ "protocolFields":[ "TSG_FIELD_SSL_CN"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-SSL-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_sni_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, {"objectId":${object_san_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SAN"]},{"objectId":${object_cn_Id}, \ \ \ \ \ \ \ \ "protocolFields":[ "TSG_FIELD_SSL_CN"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-SSL-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_sni_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, {"objectId":${object_san_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SAN"]},{"objectId":${object_cn_Id}, \ \ \ \ \ \ \ \ "protocolFields":[ "TSG_FIELD_SSL_CN"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
${rescode} ${policyId} AddPolicy ${addPolicyStr}
|
||||
log ${policyId}
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
#功能端验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_monitor_ssl001.bat
|
||||
... ELSE set variable curl -kv https://www.jd.com
|
||||
@{stringlist} set variable 正品低价 html
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
log ${rescode}
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId}
|
||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.jd.com
|
||||
|
||||
SecurityPolicy-monitor-SSL-00002
|
||||
[Tags] monitor ssl SUB+fqdn
|
||||
# #创建对象SUB
|
||||
# ${rescode} ${object_SUB_Id} AddObject { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"subscriberid", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"jwc_SUB_ip", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"jwc_SUB_ip", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "$jwctest" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] } \
|
||||
# log ${object_SUB_Id}
|
||||
# #删除对象
|
||||
# ${objectids} set Variable ${object_SUB_Id}
|
||||
#创建SNI_CAT
|
||||
${rescodeip} ${object_sni_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_SSL_yhd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
|
||||
log ${object_sni_Id}
|
||||
#删除对象
|
||||
${objectids} set Variable ${object_sni_Id}
|
||||
#创建SAN_CAT
|
||||
${rescodeip} ${object_san_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_SSL_yhd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
|
||||
log ${object_san_Id}
|
||||
#删除对象
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_san_Id}
|
||||
#创建对象 CN_CAT
|
||||
${rescodeip} ${object_cn_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"jwc_SSL_yhd_cat","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*d.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
|
||||
log ${object_cn_Id}
|
||||
#删除对象
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_cn_Id}
|
||||
#创建策略
|
||||
#${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-SSL-00001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_sni_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, {"objectId":${object_san_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SAN"]},{"objectId":${object_cn_Id}, \ \ \ \ \ \ \ \ "protocolFields":[ "TSG_FIELD_SSL_CN"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-SSL-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_sni_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, {"objectId":${object_san_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SAN"]},{"objectId":${object_cn_Id}, \ \ \ \ \ \ \ \ "protocolFields":[ "TSG_FIELD_SSL_CN"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ],"appObjectIdArray":[3] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-monitor-SSL-00002", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"monitor", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${object_sni_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}, {"objectId":${object_san_Id}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SAN"]},{"objectId":${object_cn_Id}, \ \ \ \ \ \ \ \ "protocolFields":[ "TSG_FIELD_SSL_CN"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
|
||||
${rescode} ${policyId} AddPolicy ${addPolicyStr}
|
||||
log ${policyId}
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
#功能端验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/SecurityPolicy_monitor_ssl002.bat
|
||||
... ELSE set variable curl -kv https://www.yhd.com
|
||||
@{stringlist} set variable 货到付款 text
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
log ${rescode}
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId}
|
||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.yhd.com
|
||||
|
||||
*** Settings ***
|
||||
Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids}
|
||||
Force Tags tsg_adc tsg_security
|
||||
Library OperatingSystem
|
||||
Library Selenium2Library
|
||||
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
||||
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
|
||||
Resource ../../../03-Variable/ApplicationID.txt
|
||||
Resource ../../../03-Variable/BifangApiVariable.txt
|
||||
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
|
||||
Library ../../../04-CustomLibrary/Library/VerifyPolicy.py
|
||||
*** Variables ***
|
||||
${policyIds} ${EMPTY}
|
||||
${objectids} ${EMPTY}
|
||||
|
||||
*** Test Cases ***
|
||||
SecurityPolicy-Monitor-SSL-00001
|
||||
[Tags] Monitor IP SSL SNI SAN CN
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment 创建SNI
|
||||
${addItemList1} Create Dictionary keywordArray=*academia.org isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||
|
||||
Comment 创建CN
|
||||
${addItemList1} Create Dictionary keywordArray=*academia.org isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId2} AddObjects ${1} ${objectDict1}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2}
|
||||
|
||||
Comment 创建SAN
|
||||
${addItemList1} Create Dictionary keywordArray=*academia.org isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId3} AddObjects ${1} ${objectDict1}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId3}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL"} filterList=${objectId3}|TSG_FIELD_SSL_SAN,${objectId1}|TSG_FIELD_SSL_SNI,${objectId2}|TSG_FIELD_SSL_CN isValid=${1} appIdObjects=${SSL_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${sni} Create Dictionary attributeType=string attributeName=sni appId=199 appName=ssl protocol=ssl attributeValue={"string": "academia.org"}
|
||||
${cn} Create Dictionary attributeType=string attributeName=cn appId=199 appName=ssl protocol=ssl attributeValue={"string": "academia.org"}
|
||||
${san} Create Dictionary attributeType=string attributeName=san appId=199 appName=ssl protocol=ssl attributeValue={"string": "academia.org"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "199"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${sni} ${cn} ${san}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_SSL_00003.bat
|
||||
... ELSE set variable curl https://www.academia.org/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Accuracy In Academia
|
||||
... ELSE Create List Accuracy In Academia
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ssl_sni www.academia.org
|
||||
Should Be Equal As Strings ${returnvalue} true
|
||||
|
||||
SecurityPolicy-Monitor-SSL-00002
|
||||
[Tags] Monitor IP SSL SNI
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment 创建SNI
|
||||
${addItemList1} Create Dictionary keywordArray=*freecountry.com isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL"} filterList=${objectId1}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${sni} Create Dictionary attributeType=string attributeName=sni appId=199 appName=ssl protocol=ssl attributeValue={"string": "freecountry.com"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "199"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${sni}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_SSL_00001_1.bat
|
||||
... ELSE set variable curl \ https://freecountry.com/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Jackets
|
||||
... ELSE Create List Jackets
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ssl_sni freecountry.com
|
||||
Should Be Equal As Strings ${returnvalue} true
|
||||
|
||||
SecurityPolicy-Monitor-SSL-00003
|
||||
[Tags] Monitor IP SSL CN
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
|
||||
Comment 创建CN
|
||||
${addItemList1} Create Dictionary keywordArray=*keysnews.com isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId2} AddObjects ${1} ${objectDict1}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL"} filterList=${objectId2}|TSG_FIELD_SSL_CN isValid=${1} appIdObjects=${SSL_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${cn} Create Dictionary attributeType=string attributeName=cn appId=199 appName=ssl protocol=ssl attributeValue={"string": "keysnews.com"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "199"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${cn}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_SSL_00002.bat
|
||||
... ELSE set variable curl https://www.keysnews.com/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List keysnews.com
|
||||
... ELSE Create List keysnews.com
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ssl_sni www.keysnews.com
|
||||
Should Be Equal As Strings ${returnvalue} true
|
||||
|
||||
SecurityPolicy-Monitor-SSL-00004
|
||||
[Tags] Monitor IP SSL SAN
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
Comment 创建SAN
|
||||
${addItemList1} Create Dictionary keywordArray=*academia.org isHexbin=${0}
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId3} AddObjects ${1} ${objectDict1}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId3}
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL"} filterList=${objectId3}|TSG_FIELD_SSL_SAN isValid=${1} appIdObjects=${SSL_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${san} Create Dictionary attributeType=string attributeName=san appId=199 appName=ssl protocol=ssl attributeValue={"string": "academia.org"}
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "199"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${san}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_SSL_00003.bat
|
||||
... ELSE set variable curl https://www.academia.org/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Accuracy In Academia
|
||||
... ELSE Create List Accuracy In Academia
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ssl_sni www.academia.org
|
||||
Should Be Equal As Strings ${returnvalue} true
|
||||
|
||||
SecurityPolicy-Monitor-SSL-00005
|
||||
[Tags] Monitor IP SSL
|
||||
Comment 创建IP
|
||||
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
|
||||
Comment 创建Monitor策略
|
||||
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=monitor source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL"} isValid=${1} appIdObjects=${SSL_ID}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||
|
||||
${starttime} Get Time
|
||||
#功能端验证
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
|
||||
Comment 策略验证
|
||||
#新增策略验证
|
||||
#创建attributes中的字典
|
||||
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "199"}
|
||||
|
||||
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
# 合成attributes字典集
|
||||
${attributes} Create List ${app_id} ${ipsource} ${ipdestination}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
log ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
# 打印检查结果
|
||||
${objectid_verify} Set Variable ${objectids}
|
||||
${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyIds}
|
||||
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||
log ${objectid_verify}
|
||||
${testType} Evaluate type($objectid_verify)
|
||||
${testType} Evaluate type($resData)
|
||||
log ${resData}
|
||||
sleep 5
|
||||
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||
Should Be Equal As Strings ${ok} true
|
||||
|
||||
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Monitor_SSL_00003.bat
|
||||
... ELSE set variable curl https://www.academia.org/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Accuracy In Academia
|
||||
... ELSE Create List Accuracy In Academia
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
Comment 日志验证
|
||||
#日志验证
|
||||
${s} Convert to String ${policyIds}
|
||||
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ssl_sni SSL
|
||||
Should Be Equal As Strings ${returnvalue} true
|
||||
Reference in New Issue
Block a user