gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

提价安全策略case

Browse Source
This commit is contained in:
lyf
2020-07-30 19:10:03 +08:00
parent e1cabb0168
commit 1e9b87db65
6 changed files with 1681 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
01-TestCase/tsg_adc/multi_step/a_Allow_Http_Tests.robot
View File

@@ -1,33 +1,33 @@
*** Settings ***
Force Tags tsg_adc_wp adc_api security_policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
*** Test Cases ***
SecurityPolicy-Allow-Http-00001
[Tags] fqdn
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*clintonairport.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-Http-00001 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
insert_policyId_to_file1 allow_http_objectId ${objectId}
insert_policyId_to_file1 allow_http_policyId ${policyId}
SecurityPolicy-Allow-Http-00002
[Tags] cat
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.airpano.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-Http-00002 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
insert_policyId_to_file1 allow_http_objectId1 ${objectId}
insert_policyId_to_file1 allow_http_policyId1 ${policyId}
*** Settings ***
Force Tags tsg_adc_wp adc_api security_policy
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
*** Test Cases ***
SecurityPolicy-Allow-Http-00001
[Tags] fqdn
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*clintonairport.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-Http-00001 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
insert_policyId_to_file1 allow_http_objectId ${objectId}
insert_policyId_to_file1 allow_http_policyId ${policyId}
SecurityPolicy-Allow-Http-00002
[Tags] cat
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.airpano.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-Http-00002 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
insert_policyId_to_file1 allow_http_objectId ${objectId}
insert_policyId_to_file1 allow_http_policyId ${policyId}

740
01-TestCase/tsg_bfapi/security_policy/Security_Policy_Allow_Test.robot Normal file
View File

@@ -0,0 +1,740 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectIds} ${group}
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Object.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Log.robot
Resource ../../../02-Keyword/tsg_bfapi/Common.robot
Library json
Library DateTime
*** Variables ***
@{policyIds}
@{profiles}
${objectIds} ${EMPTY}
${group} ${EMPTY}
*** Test Cases ***
Allow-test-001
#新建allow协议单选http
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary policyName=新建allow单选协 action=allow source=${objectId1}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} isValid=${1} appIdObjects=2
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-002
#新建allow协议单选ssl
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-003
#新建allow协议单选dns
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"DNS"}
... isValid=${1}
... appIdObjects=4
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-004
#新建allow协议单选mail
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"MAIL"}
... isValid=${1}
... appIdObjects=5
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-005
#新建allow协议单选ftp
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"FTP"}
... isValid=${1}
... appIdObjects=6
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-006
#新建allow协议单选quic
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow单选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-007
#新建allow协议单选quic
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建allow多选协议
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... isValid=${1}
... userRegion={}
... appIdObjects=2,3,4,5,6,7
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-008
#新建allowApplication选择HTTPfilter选择host中的fqdn右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-009
#新建allowApplication选择HTTPfilter选择host中的fqdn完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-010
#新建allowApplication选择HTTPfilter选择host中的fqdn-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-011
#新建allowApplication选择HTTPfilter选择host中的category右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-012
#新建allowApplication选择HTTPfilter选择host中的category完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-013
#新建allowApplication选择HTTPfilter选择host中的fqdn_category-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
...
... userRegion={"protocol":"HTTP"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-014
#新建allowApplication选择SSLfilter选择SNI中的fqdn右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的fqdn右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-015
#新建allowApplication选择SSLfilter选择SNI中的fqdn完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的fqdn完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-016
#新建allowApplication选择SSLfilter选择SNI中的fqdn-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的fqdn-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-017
#新建allowApplication选择SSLfilter选择SNI中的category右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的category右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-018
#新建allowApplication选择SSLfilter选择SNI中的category完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择SNI中的category完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-019
#新建allowApplication选择SSLfilter选择SNI中的fqdn_category-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择SSLfilter选择SNI中的category-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
...
... userRegion={"protocol":"SSL"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_SSL_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-020
#新建allowApplication选择QUICfilter选择SNI中的fqdn右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-021
#新建allowApplication选择QUICfilter选择SNI中的fqdn完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的fqdn完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-022
#新建allowApplication选择QUICfilter选择SNI中的fqdn-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的fqdn-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-023
#新建allowApplication选择QUICfilter选择SNI中的category右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的category右匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-024
#新建allowApplication选择QUICfilter选择SNI中的category完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的category完全匹配
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
Allow-test-025
#新建allowApplication选择QUICfilter选择SNI中的fqdn_category-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择QUICfilter选择SNI中的category-group
... policyType=tsg_security
... action=allow
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_QUIC_SNI
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}

701
01-TestCase/tsg_bfapi/security_policy/Security_Policy_Deny_Test.robot Normal file
View File

@@ -0,0 +1,701 @@
*** Settings ***
Test Teardown DeletePolicyAndObject ${policyIds} ${objectIds} ${group}
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Object.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Log.robot
Resource ../../../02-Keyword/tsg_bfapi/Common.robot
Library json
Library DateTime
*** Variables ***
@{policyIds}
@{profiles}
${objectIds} ${EMPTY}
${group} ${EMPTY}
*** Test Cases ***
deny-test-001
#新建deny协议单选http
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary policyName=新建deny单选协 action=deny source=${objectId1}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} isValid=${1} appIdObjects=2
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-002
#新建deny协议单选ssl
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建deny单选协议
... policyType=tsg_security
... action=deny
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"SSL","method":"drop"}
... isValid=${1}
... appIdObjects=3
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-003
#新建deny协议单选dns
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建deny单选协议
... policyType=tsg_security
... action=deny
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"DNS","method":"drop"}
... isValid=${1}
... appIdObjects=4
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-004
#新建deny协议单选mail
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建deny单选协议
... policyType=tsg_security
... action=deny
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"MAIL","method":"drop"}
... isValid=${1}
... appIdObjects=5
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-005
#新建deny协议单选ftp
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建deny单选协议
... policyType=tsg_security
... action=deny
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"FTP","method":"drop"}
... isValid=${1}
... appIdObjects=6
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-006
#新建deny协议单选quic
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建deny单选协议
... policyType=tsg_security
... action=deny
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"QUIC","method":"drop"}
... isValid=${1}
... appIdObjects=7
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-007
#新建deny协议单选quic
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=新建deny多选协议
... policyType=tsg_security
... action=deny
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... isValid=${1}
... userRegion={"method":"drop"}
... appIdObjects=2,3,4,5,6,7
... policyDesc=autotest
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-008
#新建denyApplication选择HTTPfilter选择host中的fqdn右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn右匹配
... policyType=tsg_security
... action=deny
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-009
#新建denyApplication选择HTTPfilter选择host中的fqdn完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn完全匹配
... policyType=tsg_security
... action=deny
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-010
#新建denyApplication选择HTTPfilter选择host中的fqdn-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的fqdn-group
... policyType=tsg_security
... action=deny
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-011
#新建denyApplication选择HTTPfilter选择host中的category右匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category右匹配
... policyType=tsg_security
... action=deny
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-012
#新建denyApplication选择HTTPfilter选择host中的category完全匹配
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId},${objectIds}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category完全匹配
... policyType=tsg_security
... action=deny
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-013
#新建denyApplication选择HTTPfilter选择host中的fqdn_category-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建fqdn1
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId0},${objectId},${objectId1}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId} ${objectId0}
log 111111111111111111${subObjectIds}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId2} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId2}|TSG_FIELD_HTTP_HOST
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-014
#新建denyApplication选择HTTPfilter选择url左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=abcd.*
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId1}|TSG_FIELD_HTTP_URL
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-015
#新建denyApplication选择HTTPfilter选择url右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*скрипцияк
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId1}|TSG_FIELD_HTTP_URL
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-016
#新建denyApplication选择HTTPfilter选择url完全匹配
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$完全匹配
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId1}|TSG_FIELD_HTTP_URL
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-017
#新建denyApplication选择HTTPfilter选择url
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=123@#¥%……
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId1}|TSG_FIELD_HTTP_URL
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-018
#新建denyApplication选择HTTPfilter选择url-group
Comment 创建IP
#object为IP→endpoint时的addItemList单个对象
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0
#可以添加多个
${addItemLists} Create list ${addItemList1}
#objectList对象
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId0} AddObject2 ${1} ${objectDict}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=abcd.*
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*скрипцияк
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$完全匹配
${rescode} ${objectId3} AddObject2 ${1} ${objectDict}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=123@#¥%……
${rescode} ${objectId4} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1},${objectId2},${objectId3},${objectId4},${objectId0}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId1} ${objectId2} ${objectId3} ${objectId4}
log 11111111111111${subObjectIds}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId5} AddObject ${objectDict}
${group} Set Variable ${objectId5}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId5}|TSG_FIELD_HTTP_URL
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-019
#新建denyApplication选择HTTPfilter选择request header中的user-agent左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=abcd.*|User-Agent
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-020
#新建denyApplication选择HTTPfilter选择request header中的user-agent右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*скрипцияк|User-Agent
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-021
#新建denyApplication选择HTTPfilter选择request header中的user-agent完全匹配
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$完全匹配|User-Agent
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-022
#新建denyApplication选择HTTPfilter选择request header中的user-agent,子串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=123@#¥%……|User-Agent
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-023
#新建denyApplication选择HTTPfilter选择request header中的user-agent-group
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=abcd.*|User-Agent
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*скрипцияк|User-Agent
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$完全匹配|User-Agent
${rescode} ${objectId3} AddObject2 ${1} ${objectDict}
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=123@#¥%……|User-Agent
${rescode} ${objectId4} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1},${objectId2},${objectId3},${objectId4}
Comment 创建url-group
${subObjectIds} Create list ${objectId1},${objectId2},${objectId3},${objectId4}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId5} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId5}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-024
#新建denyApplication选择HTTPfilter选择request header中的Cookie左匹配
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=abcd.*|Cookie
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-025
#新建denyApplication选择HTTPfilter选择request header中的Cookie右匹配
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*скрипцияк|Cookie
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-026
#新建denyApplication选择HTTPfilter选择request header中的Cookie完全匹配
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$完全匹配|Cookie
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-027
#新建denyApplication选择HTTPfilter选择request header中的Cookie,子串匹配
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=123@#¥%……|Cookie
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}
deny-test-028
#新建denyApplication选择HTTPfilter选择request header中的Cookie-group
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=abcd.*|Cookie
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*скрипцияк|Cookie
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$完全匹配|Cookie
${rescode} ${objectId3} AddObject2 ${1} ${objectDict}
Comment 创建url
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=123@#¥%……|Cookie
${rescode} ${objectId4} AddObject2 ${1} ${objectDict}
${objectIds} Set Variable ${objectId1},${objectId2},${objectId3},${objectId4}
Comment 创建fqdn-group
${subObjectIds} Create list ${objectId1},${objectId2},${objectId3},${objectId4}
${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}}
${rescode} ${objectId5} AddObject ${objectDict}
${group} Set Variable ${objectId2}
Comment 创建策略
${policyDict} Create Dictionary
... policyName=Application选择HTTPfilter选择host中的category-group
... policyType=tsg_security
... action=deny
... userRegion={"protocol":"HTTP","method":"drop"}
... isValid=${1}
... appIdObjects=2
... policyDesc=autotest
... filterList=${objectId5}|TSG_FIELD_HTTP_REQ_HDR
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]}

76
01-TestCase/tsg_ui/ui_tags/Tagscase.robot Normal file
View File

@@ -0,0 +1,76 @@
*** Settings ***
Force Tags tsg-ui objects tags
Resource ../../../02-Keyword/tsg_ui/tag/Tags.robot
Library OperatingSystem
*** Test Cases ***
create-tags-001
#最小值
ui-tags-create a id=tagAddColor0 a
ui-tags-search-name a
ui-tags-delete
create-tags-002
#俄文
ui-tags-create *скрипцияк id=tagAddColor1 *скрипцияк
ui-tags-search-name *скрипцияк
ui-tags-delete
create-tags-003
#最大值
ui-tags-create 11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111 id=tagAddColor2 111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
ui-tags-search-name 11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
ui-tags-delete
create-tags-004
#中文英文俄文特殊字符
ui-tags-create g中@enция id=tagAddColor3 g中@enция
ui-tags-search-name g中@enция
ui-tags-delete
create-tags-005
#数字英文
ui-tags-create g123 id=tagAddColor4 g123
ui-tags-search-name g123
ui-tags-delete
edit-tags-006
#修改
ui-tags-create g123 id=tagAddColor4 g123
ui-tags-search-name g123
ui-tags-edit g123 id=tagAddColor3 g中@enция
ui-tags-search-name g123
ui-tags-delete
create-tags-007
#新建两个tags中文英文俄文数字特殊字符
ui-tags-create-1 g中@enция1 id=tagAddColor4 g中@enция1 g中@enция123
ui-tags-search-name g中@enция1
ui-tags-delete
create-tags-008
#新建两个tags最小值
ui-tags-create-1 a id=tagAddColor4 a b
ui-tags-search-name a
ui-tags-delete
create-tags-009
#新建两个tags最大值
ui-tags-create-1 11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111 id=tagAddColor4 111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
ui-tags-search-name 11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
ui-tags-delete
edit-tags-010
#修改
ui-tags-create-1 g123 id=tagAddColor4 g123 g123123
ui-tags-search-name g123
ui-tags-edit-1 g123 id=tagAddColor3 g中@enция g中@enция1
ui-tags-search-name g123
ui-tags-delete

8
02-Keyword/tsg_bfapi/PolicyObject.robot
View File

@@ -74,7 +74,7 @@ AddObject
[Arguments] ${body}
#addIPobject#################################################################################
${response} BasePostRequest /${version}/policy/object body=${body}
#log ${response}
log 11111111111111${response}
${objectId} Set Variable ${response['data']['objectList'][0]['objectId']}
${rescodeReturn} Set Variable ${response['code']}
[Return] ${rescodeReturn} ${objectId}
@@ -224,7 +224,7 @@ DeleteProfiles
Run Keyword If "${profile}"!="" and ${profile}!="${EMPTY}" DeleteProfile ${profile}[typeUrl] ${profile}[profileIds]
END
DeletePolicyAndObject
[Arguments] ${policyids} ${objectids}
[Arguments] ${policyids} ${objectids} ${group}
#删除和对象
#删除策略
log toDeletePolicy_DeletePolicyAndObject
@@ -232,11 +232,13 @@ DeletePolicyAndObject
FOR ${var} IN RANGE ${listlenth}
#log dxytest111111
log ${var}
DeletePolicy ${policyids}[${var}]
DeletePolicy ${policyids}[${var}]
#Should Contain ${commandreturn} ${ca}
END
#删除对象
log todeleteobj_DeletePolicyAndObject
Run Keyword If "${group}"=="${EMPTY}" log no obj to del
... ELSE DeleteObject ${group}
Run Keyword If "${objectids}"=="${EMPTY}" log no obj to del
... ELSE DeleteObject ${objectids}

246
02-Keyword/tsg_ui/tag/Tags.robot
View File

@@ -1,120 +1,126 @@
*** Settings ***
Library Selenium2Library
*** Keywords ***
ui-tags-create
[Arguments] ${tag-name} ${color-element} ${tag-value}
[Documentation] 引用关键字,填入必填参数:
... ${tag-name}:输入tag 的name
... ${color-element}:选择tag字体的颜色
... ${tag-value}:输入tag内容
click element id=tagAdd #点击create按钮新建tag
sleep 2
input text id=tagsAdd_name ${tag-name} #输入tag name
sleep 1
click element id=tagsAdd_color #点击color
sleep 2
click element ${color-element} #选择tag字体颜色
sleep 2
input text id=tag_tagName0 ${tag-value} #输入tag内容
sleep 1
click element id=tagAddOk1
sleep 1
ui-tags-create-1
[Arguments] ${tag-name} ${color-element} ${tag-value} ${tag-value1}
[Documentation] 引用关键字,填入必填参数:
... ${tag-name}:输入tag 的name
... ${color-element}:选择tag字体的颜色
... ${tag-value}:输入tag内容
... ${tag-value1}:输入tag内容
click element id=tagAdd #点击create按钮新建tag
sleep 2
input text id=tagsAdd_name ${tag-name} #输入tag name
sleep 1
click element id=tagsAdd_color #点击color
sleep 2
click element ${color-element} #选择tag字体颜色
sleep 1
input text id=tag_tagName0 ${tag-value} #输入tag内容
sleep 1
click element id=tagAddInput
input text id=tag_tagName1 ${tag-value1} #输入tag内容
sleep 1
click element id=tagAddOk1
ui-tags-edit
[Arguments] ${tag-name} ${color-element} ${tag-value}
[Documentation] 引用关键字,填入必填参数:
... ${tag-name}:输入tag 的name
... ${color-element}:选择tag字体的颜色
... ${tag-value}:输入tag内容
sleep 1
click element id=tagEdit #点击edit按钮
sleep 2
input text id=tagsAdd_name ${tag-name} #输入tag name
sleep 2
click element id=tagsAdd_color #点击color
sleep 1
click element ${color-element} #选择tag字体颜色
sleep 1
input text id=tag_tagName0 ${tag-value} #输入tag内容
sleep 1
click element id=tagAddOk1
sleep 1
ui-tags-search-id
[Arguments] ${id}
sleep 1
click element id=one-input
sleep 1
click element id=input_list_li1
sleep 1
input text id=sreach_input ${id}
sleep 1
click element id=select_new_search_btn
sleep 1
click element xpath=//*[@id="ly-table1-listcontent"]/div/div[3]/table
ui-tags-search-name
[Arguments] ${name}
sleep 1
click element id=one-input
sleep 1
click element id=input_list_li2
sleep 1
input text id=sreach_input ${name}
sleep 1
click element id=select_new_search_btn
sleep 1
click element xpath=//*[@id="ly-table1-listcontent"]/div/div[3]/table
ui-tags-delete
sleep 1
click element id=tagDel #点击删除按钮
sleep 1
click element id=tags-tagsDel-confirm
ui-tags-edit-1
[Arguments] ${tag-name} ${color-element} ${tag-value} ${tag-value1}
[Documentation] 引用关键字,填入必填参数:
... ${tag-name}:输入tag 的name
... ${color-element}:选择tag字体的颜色
... ${tag-value}:输入tag内容
... ${tag-value1}:输入tag内容
sleep 1
click element id=tagEdit #点击edit按钮
sleep 2
input text id=tagsAdd_name ${tag-name} #输入tag name
sleep 1
click element id=tagsAdd_color #点击color
sleep 1
click element ${color-element} #选择tag字体颜色
sleep 2
input text id=tag_tagName0 ${tag-value} #输入tag内容
sleep 1
sleep 1
click element id=tagAddInput
input text id=tag_tagName1 ${tag-value1} #输入tag内容
click element id=tagAddOk1
sleep 1
*** Settings ***
Library Selenium2Library
Resource ../Menu.robot
Library Collections
*** Keywords ***
ui-tags-create
[Arguments] ${tag-name} ${color-element} ${tag-value}
[Documentation] 引用关键字,填入必填参数:
... ${tag-name}:输入tag 的name
... ${color-element}:选择tag字体的颜色
... ${tag-value}:输入tag内容
Menu policy&objects Tags
sleep 3
click element id=tagAdd #点击create按钮新建tag
sleep 2
input text id=tagsAdd_name ${tag-name} #输入tag name
sleep 1
click element id=tagsAdd_color #点击color
sleep 2
click element ${color-element} #选择tag字体颜色
sleep 2
input text id=tag_tagName0 ${tag-value} #输入tag内容
sleep 1
click element id=tagAddOk1
sleep 1
ui-tags-create-1
[Arguments] ${tag-name} ${color-element} ${tag-value} ${tag-value1}
[Documentation] 引用关键字,填入必填参数:
... ${tag-name}:输入tag 的name
... ${color-element}:选择tag字体的颜色
... ${tag-value}:输入tag内容
... ${tag-value1}:输入tag内容
Menu policy&objects Tags
sleep 3
click element id=tagAdd #点击create按钮新建tag
sleep 2
input text id=tagsAdd_name ${tag-name} #输入tag name
sleep 1
click element id=tagsAdd_color #点击color
sleep 2
click element ${color-element} #选择tag字体颜色
sleep 1
input text id=tag_tagName0 ${tag-value} #输入tag内容
sleep 1
click element id=tagAddInput
input text id=tag_tagName1 ${tag-value1} #输入tag内容
sleep 1
click element id=tagAddOk1
ui-tags-edit
[Arguments] ${tag-name} ${color-element} ${tag-value}
[Documentation] 引用关键字,填入必填参数:
... ${tag-name}:输入tag name
... ${color-element}:选择tag字体的颜色
... ${tag-value}:输入tag内容
sleep 1
click element id=tagEdit #点击edit按钮
sleep 2
input text id=tagsAdd_name ${tag-name} #输入tag name
sleep 2
click element id=tagsAdd_color #点击color
sleep 1
click element ${color-element} #选择tag字体颜色
sleep 1
input text id=tag_tagName0 ${tag-value} #输入tag内容
sleep 1
click element id=tagAddOk1
sleep 1
ui-tags-search-id
[Arguments] ${id}
sleep 1
click element id=one-input
sleep 1
click element id=input_list_li1
sleep 1
input text id=sreach_input ${id}
sleep 1
click element id=select_new_search_btn
sleep 1
click element xpath=//*[@id="ly-table1-listcontent"]/div/div[3]/table
ui-tags-search-name
[Arguments] ${name}
sleep 1
click element id=one-input
sleep 1
click element id=input_list_li2
sleep 1
input text id=sreach_input ${name}
sleep 1
click element id=select_new_search_btn
sleep 1
click element xpath=//*[@id="ly-table1-listcontent"]/div/div[3]/table
ui-tags-delete
sleep 1
click element id=tagDel #点击删除按钮
sleep 1
click element xpath=/html/body/div/div/div[3]/button[2]
ui-tags-edit-1
[Arguments] ${tag-name} ${color-element} ${tag-value} ${tag-value1}
[Documentation] 引用关键字,填入必填参数:
... ${tag-name}:输入tag 的name
... ${color-element}:选择tag字体的颜色
... ${tag-value}:输入tag内容
... ${tag-value1}:输入tag内容
sleep 1
click element id=tagEdit #点击edit按钮
sleep 2
input text id=tagsAdd_name ${tag-name} #输入tag name
sleep 1
click element id=tagsAdd_color #点击color
sleep 1
click element ${color-element} #选择tag字体颜色
sleep 2
input text id=tag_tagName0 ${tag-value} #输入tag内容
sleep 1
sleep 1
click element id=tagAddInput
input text id=tag_tagName1 ${tag-value1} #输入tag内容
click element id=tagAddOk1
sleep 1