gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

提交intercept策略ssl和http协议用例

Browse Source
This commit is contained in:
lyf
2021-03-19 17:10:35 +08:00
parent 0f60f443cb
commit 188ddfce7b
3 changed files with 1112 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
01-TestCase/tsg_ui/ui_security/Ui_AllowSSLCase.robot
View File

@@ -9,7 +9,7 @@ Resource ../../../02-Keyword/tsg_ui/policy/UIPolicy.robot
*** Test Cases *** *** Test Cases ***
###############################################################VOIP################################################################# ################################################################################################################################
SecurityAllowSSL001 SecurityAllowSSL001
[Tags] Allow SSL SNI [Tags] Allow SSL SNI
#新建对象fqdn #新建对象fqdn
@@ -129,4 +129,4 @@ SecurityAllowSSL006
###############################################################VOIP################################################################# ################################################################################################################################

169
01-TestCase/tsg_ui/ui_security/Ui_InterceptHttpCase.robot Normal file
View File

@@ -0,0 +1,169 @@
*** Settings ***
Force Tags tsg-ui Policies Security
Library Selenium2Library
Resource ../../../02-Keyword/tsg_ui/objects/NewObjectPages.robot
Resource ../../../02-Keyword/tsg_ui/objects/NewObject.robot
Resource ../../../02-Keyword/tsg_ui/Menu.robot
Resource ../../../03-Variable/PolicyObjectDefault.txt
Resource ../../../02-Keyword/tsg_ui/policy/UIPolicy.robot
*** Test Cases ***
################################################################################################################################
SecurityInterceptHTTP001
[Tags] Intercept Http FQDN
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN keywordtext=$poplar.ru
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${hostname} create list ${TEST NAME}_FQDN
${filter} create list Host
${filterInfo} Create Dictionary Filter=${filter} Hostname=${hostname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=HTTP PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo}
PoliciesDelete
SecurityInterceptHTTP002
[Tags] Intercept Http FQDN
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN keywordtext=*environment.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${hostname} create list ${TEST NAME}_FQDN
${filter} create list Host
${filterInfo} Create Dictionary Filter=${filter} Hostname=${hostname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=HTTP PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo}
PoliciesDelete
SecurityInterceptHTTP003
[Tags] Intercept Http FQDN
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=$mil.qianlong.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN2 keywordtext=*.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${hostname} create list ${TEST NAME}_FQDN1 ${TEST NAME}_FQDN2
${filter} create list Host
${filterInfo} Create Dictionary Filter=${filter} Hostname=${hostname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=HTTP PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo}
PoliciesDelete
SecurityInterceptHTTP004
[Tags] Intercept Http FQDN
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=$mil.qianlong.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN2 keywordtext=*.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${hostname} create list ${TEST NAME}_FQDN1 ${TEST NAME}_FQDN2
${filter} create list Host
${filterInfo} Create Dictionary Filter=${filter} Hostname=${hostname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=HTTP PolicyLogSession=close PolicyEnabled=1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo}
SecurityInterceptHTTP006
[Tags] Intercept Http Category
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${hostname} create list recreation
${filter} create list Host
${filterInfo} Create Dictionary Filter=${filter} Hostname=${hostname} Hosttype=Category
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=HTTP PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo}
#007和008自动化创建不了需要手工测试
SecurityInterceptHTTP009
[Tags] Intercept Http FQDN
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN keywordtext=$poplar.ru
${hostname} create list ${TEST NAME}_FQDN
${filter} create list Host
${filterInfo} Create Dictionary Filter=${filter} Hostname=${hostname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=HTTP PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} FilterInfo=${filterInfo}
PoliciesDelete
SecurityInterceptHTTP010
[Tags] Intercept Http Category
${dip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=163.171.198.89 Port=1-65535
${destinationAddIpList} Create List ${dip1}
${destinationInfo} Create Dictionary destinationAddIpList=${destinationAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=HTTP PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} DestinationInfo=${destinationInfo}
################################################################################################################################

941
01-TestCase/tsg_ui/ui_security/Ui_InterceptSSLCase.robot Normal file
View File

@@ -0,0 +1,941 @@
*** Settings ***
Force Tags tsg-ui Policies Security
Library Selenium2Library
Resource ../../../02-Keyword/tsg_ui/objects/NewObjectPages.robot
Resource ../../../02-Keyword/tsg_ui/objects/NewObject.robot
Resource ../../../02-Keyword/tsg_ui/Menu.robot
Resource ../../../03-Variable/PolicyObjectDefault.txt
Resource ../../../02-Keyword/tsg_ui/policy/UIPolicy.robot
*** Test Cases ***
################################################################################################################################
SecurityInterceptSSL001
[Tags] Intercept SSL SNI
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN keywordtext=$www.facebook.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}_FQDN
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo}
PoliciesDelete
SecurityInterceptSSL002
[Tags] Intercept SSL SNI
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN keywordtext=*youtube.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}_FQDN
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo}
PoliciesDelete
SecurityInterceptSSL003
[Tags] Intercept SSL SNI
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=$twitter.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN2 keywordtext=*.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}_FQDN1 ${TEST NAME}_FQDN2
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo}
PoliciesDelete
SecurityInterceptSSL005
[Tags] Intercept SSL Category
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list chat
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} Hosttype=Category
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo}
SecurityInterceptSSL006
[Tags] Intercept SSL FQDN
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN keywordtext=$mail.ru
${sniname} create list ${TEST NAME}_FQDN
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
UIPolicies ${policyInfo} FilterInfo=${filterInfo}
PoliciesDelete
################################################################################################################################
#DecryptionProfile 按钮用例
SecurityInterceptSSL007
[Tags] Intercept SSL 证书验证开关全部开启Fail-close
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*wrong.host.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN2 keywordtext=*untrusted-root.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN3 keywordtext=*self-signed.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN4 keywordtext=*expired.badssl.com
${sniname} create list ${TEST NAME}_FQDN1 ${TEST NAME}_FQDN2 ${TEST NAME}_FQDN3 ${TEST NAME}_FQDN4
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=1 Issuer=1 Self-signed=1 Expiry Date=1 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_按钮开启Fail-close Dict1=${dict} Fail1=Fail-close
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL008
[Tags] Intercept SSL 证书验证开关全部关闭
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*wrong.host.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN2 keywordtext=*untrusted-root.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN3 keywordtext=*self-signed.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN4 keywordtext=*expired.badssl.com
${sniname} create list ${TEST NAME}_FQDN1 ${TEST NAME}_FQDN2 ${TEST NAME}_FQDN3 ${TEST NAME}_FQDN4
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_证书验证关闭1 Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL009
[Tags] Intercept SSL 证书验证开关failclose-Common Name打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*wrong.host.badssl.com
${sniname} create list ${TEST NAME}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=1 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_证书验证开关failclose-Common Name打开 Dict1=${dict} Fail1=Fail-close
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL010
[Tags] Intercept SSL 证书验证开关failclose-Issuer打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*untrusted-root.badssl.com
${sniname} create list ${TEST NAME}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=1 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_证书验证开关failclose-Issuer打开 Dict1=${dict} Fail1=Fail-close
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL011
[Tags] Intercept SSL 证书验证开关failclose-Self-signed打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*self-signed.badssl.com
${sniname} create list ${TEST NAME}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=1 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_证书验证开关failclose-Self-signed打开 Dict1=${dict} Fail1=Fail-close
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL012
[Tags] Intercept SSL 证书验证开关failclose-Expiry-Date打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*expired.badssl.com
${sniname} create list ${TEST NAME}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=1 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_failclose-Expiry-Date打开 Dict1=${dict} Fail1=Fail-close
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL013
[Tags] Intercept SSL 证书验证开关全部开启Pass-through
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*wrong.host.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN2 keywordtext=*untrusted-root.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN3 keywordtext=*self-signed.badssl.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN4 keywordtext=*expired.badssl.com
${sniname} create list ${TEST NAME}_FQDN1 ${TEST NAME}_FQDN2 ${TEST NAME}_FQDN3 ${TEST NAME}_FQDN4
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=1 Issuer=1 Self-signed=1 Expiry Date=1 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_按钮开启Fail-close Dict1=${dict} Fail1=Pass-through
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL014
[Tags] Intercept SSL 证书验证开关pass-through-Common打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*wrong.host.badssl.com
${sniname} create list ${TEST NAME}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=1 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_pass-through-Common打开 Dict1=${dict} Fail1=Pass-through
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL015
[Tags] Intercept SSL 证书验证开关pass-through-Issuer打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*untrusted-root.badssl.com
${sniname} create list ${TEST NAME}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=1 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_pass-through-Issuer打开 Dict1=${dict} Fail1=Pass-through
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL016
[Tags] Intercept SSL 证书验证开关pass-through-Self-signed打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*self-signed.badssl.com
${sniname} create list ${TEST NAME}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=1 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_pass-through-Self-signed打开 Dict1=${dict} Fail1=Pass-through
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL017
[Tags] Intercept SSL 证书验证开关pass-through-Expiry Date打开
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*expired.badssl.com
${sniname} create list ${TEST NAME}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=1 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_pass-through-Expiry Date打开 Dict1=${dict} Fail1=Pass-through
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL018
[Tags] Intercept SSL 证书验证开关EV开启
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=$www.myssl.cn
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN2 keywordtext=$pbsz.ebank.cmbchina.com
${sniname} create list ${TEST NAME}_FQDN1 ${TEST NAME}_FQDN2
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=1
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_EV开启 Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL019
[Tags] Intercept SSL 证书验证开关CT开启
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=$www.jd.com
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN2 keywordtext=$mail.ru
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN3 keywordtext=$www.vip.com
${sniname} create list ${TEST NAME}_FQDN1 ${TEST NAME}_FQDN2 ${TEST NAME}_FQDN3
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=1 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_CT开启 Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL020
[Tags] Intercept SSL 证书验证开关MA开启
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*client.badssl.com
${sniname} create list ${TEST NAME}_FQDN1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=1 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_MA开启 Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL021
[Tags] Intercept SSL 证书验证开关开启Certificate Pinning
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=1 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_开启Certificate Pinning Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL022
[Tags] Intercept SSL 证书验证开关关闭Certificate Pinning
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_关闭Certificate Pinning Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL023
[Tags] Intercept SSL 证书验证开关关闭Certificate Not Installed
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_关闭Certificate Not Installed Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL024
[Tags] Intercept SSL 证书验证开关开启Certificate Not Installed
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=1 Mirror Client Versions=1
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_开启Certificate Not Installed Dict1=${dict}
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL025
[Tags] Intercept SSL 证书验证开关IP-协议版本SSL3.0
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_IP-协议版本SSL3.0 Dict1=${dict} min1=SSLv3.0 max1=SSLv3.0
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL026
[Tags] Intercept SSL 证书验证开关IP-协议版本TSL1.0
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_IP-协议版本TSL1.0 Dict1=${dict} min1=TLSv1.0 max1=TLSv1.0
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL027
[Tags] Intercept SSL 证书验证开关IP-协议版本TSL1.1
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_IP-协议版本TSL1.1 Dict1=${dict} min1=TLSv1.1 max1=TLSv1.1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL028
[Tags] Intercept SSL 证书验证开关IP-协议版本TSL1.2
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_IP-协议版本TSL1.2 Dict1=${dict} min1=TLSv1.2 max1=TLSv1.2
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
SecurityInterceptSSL029
[Tags] Intercept SSL 证书验证开关IP-协议版本TSL1.3
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0
... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0
... Allow HTTP/2=1
${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}_IP-协议版本TSL1.3 Dict1=${dict} min1=TLSv1.3 max1=TLSv1.3
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile}
PoliciesDelete
################################################################################################################################
#解密流量转发
SecurityInterceptSSL030
[Tags] Intercept SSL 解密流量mac
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*$twitter.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}_FQDN1
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${MirrorDecryptedTrafficInfo} Create Dictionary MirrorDecryptedTraffic=open MirrorDecryptedTrafficSearchorCreate=Create MirrorDecryptedTrafficname=${TEST NAME}_解密流量mac Type=mac Shuru=11:11:11:11:11:11
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} MirrorDecryptedTrafficInfo=${MirrorDecryptedTrafficInfo}
PoliciesDelete
SecurityInterceptSSL031
[Tags] Intercept SSL 解密流量vlan
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*$twitter.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}_FQDN1
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${MirrorDecryptedTrafficInfo} Create Dictionary MirrorDecryptedTraffic=open MirrorDecryptedTrafficSearchorCreate=Create MirrorDecryptedTrafficname=${TEST NAME}_解密流量vlan Type=vlan Shuru=111
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} MirrorDecryptedTrafficInfo=${MirrorDecryptedTrafficInfo}
PoliciesDelete
################################################################################################################################
#证书验证
SecurityInterceptSSL032
[Tags] Intercept SSL 根证书
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*$twitter.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}_FQDN1
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${Keyring} Create Dictionary KeySearchorCreate=Create Keyname=${TEST NAME}_根证书1 File=${path}keyrings//root//ca-cer.pem File1=${path}keyrings//root//ca.key ExpiryHours1or2=2 Type=certificateType_select0
... Type1=keyringsadd_publicKeyAlgoSelet1
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} Keyring=${Keyring}
PoliciesDelete
SecurityInterceptSSL033
[Tags] Intercept SSL 中间证书
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*$twitter.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}_FQDN1
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${Keyring} Create Dictionary KeySearchorCreate=Create Keyname=${TEST NAME}_中间证书1 File=${path}keyrings//Intermediate//camiddle.chain.pem File1=${path}keyrings//Intermediate//camiddle.key ExpiryHours1or2=2
... Type=certificateType_select1 Type1=keyringsadd_publicKeyAlgoSelet2
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} Keyring=${Keyring}
PoliciesDelete
SecurityInterceptSSL034
[Tags] Intercept SSL 实体证书
#新建对象fqdn
Comment 新建对象fqdn
CreatePage FQDN single ${TEST NAME}_FQDN1 keywordtext=*$twitter.com
${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535
${sourceAddIpList} Create List ${sip1}
${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList}
${sniname} create list ${TEST NAME}_FQDN1
${filter} create list SNI
${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname}
${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1
${Keyring} Create Dictionary KeySearchorCreate=Create Keyname=${TEST NAME}_实体证书1 File=${path}keyrings//end-entity//caentity.chain.pem File1=${path}keyrings//end-entity//caentity.key ExpiryHours1or2=2
... Type=certificateType_select2 Type1=keyringsadd_publicKeyAlgoSelet3
UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} Keyring=${Keyring}
PoliciesDelete
################################################################################################################################