diff --git a/01-TestCase/tsg_adc/api_proxy/DenySSLTests.robot b/01-TestCase/tsg_adc/api_proxy/DenySSLTests.robot index 928a472..3e2c4da 100644 --- a/01-TestCase/tsg_adc/api_proxy/DenySSLTests.robot +++ b/01-TestCase/tsg_adc/api_proxy/DenySSLTests.robot @@ -140,7 +140,7 @@ ProxyPolicy-deny-ssl-00005 #创建管控策略 #${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] } - ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] } + ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] } ... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] } ${rescode} ${policyId3} AddPolicy ${addPolicyStr} log ${policyId3} @@ -301,11 +301,11 @@ ProxyPolicy-deny-ssl-00010 ${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} #删除所有策略 ${policyIds} Create List ${policyId1} ${policyId2} - #功能端验证 + #功能端验证证书问题 #${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00010.bat ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00010.bat ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.twitch.tv/directory - ${stringlist} Create List Tango Secure Gateway CA 404 X-TG-Construct-By: tfe 404 sorry! The page you visited does not exist + ${stringlist} Create List Tango Secure Gateway CA 404 X-TG-Construct-By: tfe The page you visited does not exist ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/.gitkeep b/01-TestCase/tsg_adc/selfserver/Api_Proxy/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot new file mode 100644 index 0000000..fefadd6 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot @@ -0,0 +1,786 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc proxy_policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} +${url} /policy/profile/responsepages +${profiledId} ${EMPTY} + +*** Test Cases *** +ProxyPolicy-Deny-Http-00001 + [Tags] selfserver ip http deny + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"test","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test + ... ELSE Create List test + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00002 + [Tags] selfserver ip+fqdn完整匹配 http deny + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好,五一 + ... ELSE Create List 你好,五一 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00003 + [Tags] selfserver ip+cat右匹配 http deny + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List виде + ... ELSE Create List виде + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00004 + [Tags] selfserver http deny ip+url右匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00005 + [Tags] selfserver http deny ip+url字串匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00006 + [Tags] selfserver http deny ip+url完整匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List виде + ... ELSE Create List виде + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00007 + [Tags] selfserver http deny ip+url左匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node* + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + #创建引用文件 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00008 + [Tags] selfserver http deny ip+请求头右匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00009 + [Tags] selfserver http deny ip+请求头字串匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00010 + [Tags] selfserver http deny ip+请求头完整匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List виде + ... ELSE Create List виде + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00011 + [Tags] selfserver http deny ip+请求头左匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + #创建引用文件 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00012 + [Tags] selfserver http deny ip+cookie字串匹配 + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"zxcvbnm","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat + ... ELSE set variable curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm + ... ELSE Create List zxcvbnm + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00013 + [Tags] selfserver http deny ip+应答头右匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 + ... ELSE Create List 你好明天 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00014 + [Tags] selfserver http deny ip+应答头字串匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00015 + [Tags] selfserver http deny ip+应答头完整匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty + ... ELSE Create List qwerty + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00016 + [Tags] selfserver http deny ip+应答头左匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat \ + ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 + ... ELSE Create List 123456 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00017 + [Tags] selfserver http deny ip+set-cookie右匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat + ... ELSE set variable curl http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 + ... ELSE Create List 你好明天 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00018 + [Tags] selfserver http deny ip+set-cookie字串匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat + ... ELSE set variable curl http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00019 + [Tags] selfserver http deny ip+set-cookie完整匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=yyyyy" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty + ... ELSE Create List qwerty + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00020 + [Tags] selfserver http deny ip+set-cookie左匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat + ... ELSE set variable curl http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 + ... ELSE Create List 123456 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00021 + [Tags] selfserver http deny ip+请求体字串匹配 + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Извините + ... ELSE Create List Извините + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00022 + [Tags] selfserver http deny ip+应答体字串匹配 + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response Body + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00023 + [Tags] selfserver 最大组合 http deny + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id} + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=酒店式公寓 + ${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00023 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_RES_CONTENT + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00023.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com \ No newline at end of file diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot new file mode 100644 index 0000000..84128e5 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot @@ -0,0 +1,786 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc proxy_policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} +${url} /policy/profile/responsepages +${profiledId} ${EMPTY} + +*** Test Cases *** +ProxyPolicy-Deny-Ssl-00001 + [Tags] selfserver ip deny ssl + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"test","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List test Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List test Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00002 + [Tags] selfserver ip+fqdn完整匹配 deny ssl + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好,五一 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 你好,五一 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00003 + [Tags] selfserver ip+cat右匹配 deny ssl + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List виде Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00004 + [Tags] selfserver deny ip+url右匹配 ssl + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00005 + [Tags] selfserver deny ip+url字串匹配 ssl + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00006 + [Tags] selfserver deny ip+url完整匹配 ssl + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List виде Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00007 + [Tags] selfserver deny ip+url左匹配 ssl + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node* + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + #创建引用文件 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00008 + [Tags] selfserver deny ssl ip+请求头右匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00009 + [Tags] selfserver deny ip+请求头字串匹配 ssl + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00010 + [Tags] selfserver deny ip+请求头完整匹配 ssl + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List виде Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00011 + [Tags] selfserver deny ip+请求头左匹配 ssl + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + #创建引用文件 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00012 + [Tags] selfserver deny ip+cookie字串匹配 ssl + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"zxcvbnm","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat + ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List zxcvbnm Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00013 + [Tags] selfserver deny ip+应答头右匹配 ssl + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00014 + [Tags] selfserver deny ip+应答头字串匹配 ssl + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00015 + [Tags] selfserver deny ip+应答头完整匹配 ssl + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List qwerty Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00016 + [Tags] selfserver deny ip+应答头左匹配 ssl + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 123456 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00017 + [Tags] selfserver deny ip+set-cookie右匹配 ssl + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00018 + [Tags] selfserver deny ip+set-cookie字串匹配 ssl + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00019 + [Tags] selfserver deny ip+set-cookie完整匹配 ssl + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-ssl-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=yyyyy" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List qwerty Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00020 + [Tags] selfserver deny ip+set-cookie左匹配 ssl + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 123456 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00021 + [Tags] selfserver deny ip+请求体字串匹配 ssl + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Извините Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Извините Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00022 + [Tags] selfserver deny ip+应答体字串匹配 ssl + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response Body + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-ssl-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Empty reply from server Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Connection reset by peer Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00023 + [Tags] selfserver 最大组合 deny ssl + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*bytedance.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id} + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=字节跳动 + ${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00023 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_RES_CONTENT + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00023.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Empty reply from server X-TG-Construct-By + ... ELSE Create List Connection reset by peer X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Http_Tests.robot new file mode 100644 index 0000000..344bb2a --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Http_Tests.robot @@ -0,0 +1,802 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc proxy_policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +ProxyPolicy-Redirect-Http-00001 + [Tags] selfserver ip http Redirect + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.ziroom.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv \ http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.ziroom.com/ 301 X-TG-Construct-By + ... ELSE Create List http://www.ziroom.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00002 + [Tags] selfserver ip+fqdn完整匹配 http Redirect + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yhd.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yhd.com 302 X-TG-Construct-By + ... ELSE Create List https://www.yhd.com 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00003 + [Tags] selfserver ip+cat右匹配 http Redirect + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com + ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_cat_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.toutiao.com/ch/news_hot/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.toutiao.com/ch/news_hot/ 301 X-TG-Construct-By + ... ELSE Create List https://www.toutiao.com/ch/news_hot/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00004 + [Tags] selfserver http Redirect ip+url右匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://bbs.tianya.cn/list-lookout-1.shtml","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://bbs.tianya.cn/list-lookout-1.shtml 301 X-TG-Construct-By + ... ELSE Create List http://bbs.tianya.cn/list-lookout-1.shtml 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00005 + [Tags] selfserver http Redirect ip+url字串匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://kefu.ctrip.com/index","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat + ... ELSE set variable curl -kv http://open.node.com/test/youtube/youtube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://kefu.ctrip.com/index 301 X-TG-Construct-By + ... ELSE Create List https://kefu.ctrip.com/index 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00006 + [Tags] selfserver http Redirect ip+url完整匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.booking.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat + ... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.booking.com/ 302 X-TG-Construct-By + ... ELSE Create List https://www.booking.com/ 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00007 + [Tags] selfserver http Redirect ip+url左匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node* + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.eastmoney.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.eastmoney.com/ 301 X-TG-Construct-By + ... ELSE Create List https://www.eastmoney.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00008 + [Tags] selfserver http Redirect ip+请求头右匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.iqiyi.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.iqiyi.com/ 301 X-TG-Construct-By + ... ELSE Create List https://www.iqiyi.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00009 + [Tags] selfserver http Redirect ip+请求头字串匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://chaoshi.tmall.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://chaoshi.tmall.com/ 302 X-TG-Construct-By + ... ELSE Create List https://chaoshi.tmall.com/ 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00010 + [Tags] selfserver http Redirect ip+请求头完整匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://military.china.com/zh_cn/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://military.china.com/zh_cn/ 301 X-TG-Construct-By + ... ELSE Create List http://military.china.com/zh_cn/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00011 + [Tags] selfserver http Redirect ip+请求头左匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.tiexue.net/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.tiexue.net/ 302 X-TG-Construct-By + ... ELSE Create List http://www.tiexue.net/ 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00012 + [Tags] selfserver http Redirect ip+cookie字串匹配 + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.douyu.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat + ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.douyu.com/ 301 X-TG-Construct-By + ... ELSE Create List https://www.douyu.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00013 + [Tags] selfserver http Redirect ip+应答头右匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.fang.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.fang.com/ 301 X-TG-Construct-By + ... ELSE Create List https://www.fang.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00014 + [Tags] selfserver http Redirect ip+应答头字串匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID=","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID= 302 X-TG-Construct-By + ... ELSE Create List https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID= 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00015 + [Tags] selfserver http Redirect ip+应答头完整匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://stock.stockstar.com/gem/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat + ... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://stock.stockstar.com/gem/ 302 X-TG-Construct-By + ... ELSE Create List http://stock.stockstar.com/gem/ 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00016 + [Tags] selfserver http Redirect ip+应答头左匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.kugou.com/yy/html/rank.html","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat + ... ELSE set variable curl -kv \ http://open.node.com/test/youtube/youtube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.kugou.com/yy/html/rank.html 301 X-TG-Construct-By + ... ELSE Create List https://www.kugou.com/yy/html/rank.html 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00017 + [Tags] selfserver http Redirect ip+set-cookie右匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yy.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat + ... ELSE set variable curl -kv http://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yy.com/ 301 X-TG-Construct-By + ... ELSE Create List https://www.yy.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00018 + [Tags] selfserver http Redirect ip+set-cookie字串匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.xiaohongshu.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat + ... ELSE set variable curl -kv http://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.xiaohongshu.com/ 302 X-TG-Construct-By + ... ELSE Create List https://www.xiaohongshu.com/ 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00019 + [Tags] selfserver http Redirect ip+set-cookie完整匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.zhihu.com/signin?next=%2F","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.zhihu.com/signin?next=%2F 301 X-TG-Construct-By + ... ELSE Create List https://www.zhihu.com/signin?next=%2F 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00020 + [Tags] selfserver http Redirect ip+set-cookie左匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.pcauto.com.cn/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat + ... ELSE set variable curl -kv http://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.pcauto.com.cn/ 302 X-TG-Construct-By + ... ELSE Create List https://www.pcauto.com.cn/ 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00021 + [Tags] selfserver http Redirect ip+请求体字串匹配 + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.cmbchina.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body"-kv http://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.cmbchina.com/ 301 X-TG-Construct-By + ... ELSE Create List http://www.cmbchina.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00022 + [Tags] selfserver 最大组合 http Redirect + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type + ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id} + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yhd.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_REQ_CONTENT,${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00023.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yhd.com 301 X-TG-Construct-By + ... ELSE Create List https://www.yhd.com 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot new file mode 100644 index 0000000..bcabb79 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot @@ -0,0 +1,802 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc proxy_policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +ProxyPolicy-Redirect-Ssl-00001 + [Tags] selfserver ip ssl Redirect + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.ziroom.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.ziroom.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List http://www.ziroom.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00002 + [Tags] selfserver ip+fqdn完整匹配 ssl Redirect + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yhd.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yhd.com 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.yhd.com 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00003 + [Tags] selfserver ip+cat右匹配 ssl Redirect + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com + ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_cat_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.toutiao.com/ch/news_hot/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.toutiao.com/ch/news_hot/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.toutiao.com/ch/news_hot/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00004 + [Tags] selfserver ssl Redirect ip+url右匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://bbs.tianya.cn/list-lookout-1.shtml","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://bbs.tianya.cn/list-lookout-1.shtml 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List http://bbs.tianya.cn/list-lookout-1.shtml 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00005 + [Tags] selfserver ssl Redirect ip+url字串匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://kefu.ctrip.com/index","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://kefu.ctrip.com/index 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://kefu.ctrip.com/index 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00006 + [Tags] selfserver ssl Redirect ip+url完整匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.booking.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.booking.com/ 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.booking.com/ 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00007 + [Tags] selfserver ssl Redirect ip+url左匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node* + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.eastmoney.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.eastmoney.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.eastmoney.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00008 + [Tags] selfserver ssl Redirect ip+请求头右匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.iqiyi.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.iqiyi.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.iqiyi.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00009 + [Tags] selfserver ssl Redirect ip+请求头字串匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://chaoshi.tmall.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://chaoshi.tmall.com/ 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://chaoshi.tmall.com/ 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00010 + [Tags] selfserver ssl Redirect ip+请求头完整匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://military.china.com/zh_cn/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://military.china.com/zh_cn/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List http://military.china.com/zh_cn/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00011 + [Tags] selfserver ssl Redirect ip+请求头左匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.tiexue.net/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.tiexue.net/ 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List http://www.tiexue.net/ 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00012 + [Tags] selfserver ssl Redirect ip+cookie字串匹配 + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.douyu.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat + ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.douyu.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.douyu.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00013 + [Tags] selfserver ssl Redirect ip+应答头右匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.fang.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.fang.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.fang.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00014 + [Tags] selfserver ssl Redirect ip+应答头字串匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID=","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID= 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID= 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00015 + [Tags] selfserver ssl Redirect ip+应答头完整匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://stock.stockstar.com/gem/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://stock.stockstar.com/gem/ 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List http://stock.stockstar.com/gem/ 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00016 + [Tags] selfserver ssl Redirect ip+应答头左匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.kugou.com/yy/html/rank.html","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.kugou.com/yy/html/rank.html 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.kugou.com/yy/html/rank.html 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00017 + [Tags] selfserver ssl Redirect ip+set-cookie右匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yy.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yy.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.yy.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00018 + [Tags] selfserver ssl Redirect ip+set-cookie字串匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.xiaohongshu.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.xiaohongshu.com/ 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.xiaohongshu.com/ 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00019 + [Tags] selfserver ssl Redirect ip+set-cookie完整匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.zhihu.com/signin?next=%2F","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.zhihu.com/signin?next=%2F 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.zhihu.com/signin?next=%2F 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00020 + [Tags] selfserver ssl Redirect ip+set-cookie左匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.pcauto.com.cn/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.pcauto.com.cn/ 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.pcauto.com.cn/ 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00021 + [Tags] selfserver ssl Redirect ip+请求体字串匹配 + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.cmbchina.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.cmbchina.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List http://www.cmbchina.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00022 + [Tags] selfserver 最大组合 ssl Redirect + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type + ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id} + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yhd.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_REQ_CONTENT,${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-SSL-00023.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yhd.com 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.yhd.com 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot new file mode 100644 index 0000000..5867a07 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot @@ -0,0 +1,762 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc proxy_policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +ProxyPolicy-Replace-Http-00001 + [Tags] selfserver ip http Replace + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv \ http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00002 + [Tags] selfserver ip+fqdn完整匹配 http Replace + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_uri","find":"xiaozhu/xiaozhu.html","replace_with":"nationalbank/nationalbank.html"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00003 + [Tags] selfserver ip+cat右匹配 http Replace + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com + ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_cat_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*action + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"test","replace_with":"12345678"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 12345678 + ... ELSE Create List 12345678 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00004 + [Tags] selfserver http Replace ip+url右匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"酒店式公寓","replace_with":"онлайнвхорошемкачествеслюбыхустройст"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List онлайнвхорошемкачествеслюбыхустройст + ... ELSE Create List онлайнвхорошемкачествеслюбыхустройст + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00005 + [Tags] selfserver http Replace ip+url字串匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"酒店式公寓","replace_with":"Newsgd.com is the premier online source of Guangdong news and information"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Newsgd.com is the premier online source of Guangdong news and information + ... ELSE Create List Newsgd.com is the premier online source of Guangdong news and information + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00006 + [Tags] selfserver http Replace ip+url完整匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat + ... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00007 + [Tags] selfserver http Replace ip+url左匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node* + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"test","replace_with":"nhwy"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nhwy + ... ELSE Create List nhwy + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00008 + [Tags] selfserver http Replace ip+请求头右匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_header","find":"Mozilla/5.0","replace_with":"1234"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List open.node.com X-TG-Construct-By + ... ELSE Create List open.node.com X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00009 + [Tags] selfserver http Replace ip+请求头字串匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00010 + [Tags] selfserver http Replace ip+请求头完整匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"发送GET请求"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送GET请求 + ... ELSE Create List 发送GET请求 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00011 + [Tags] selfserver http Replace ip+请求头左匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00012 + [Tags] selfserver http Replace ip+cookie字串匹配 + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat + ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00013 + [Tags] selfserver http Replace ip+应答头右匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"酒店式公寓","replace_with":"Technology"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Technology + ... ELSE Create List Technology + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00014 + [Tags] selfserver http Replace ip+应答头字串匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"酒店式公寓","replace_with":"你好五一"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好五一 + ... ELSE Create List 你好五一 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00015 + [Tags] selfserver http Replace ip+应答头完整匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=utf-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat + ... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00016 + [Tags] selfserver http Replace ip+应答头左匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat + ... ELSE set variable curl -kv \ http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00017 + [Tags] selfserver http Replace ip+set-cookie右匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat + ... ELSE set variable curl -kv http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00018 + [Tags] selfserver http Replace ip+set-cookie字串匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"发送GET请求"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat + ... ELSE set variable curl -kv http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送GET请求 + ... ELSE Create List 发送GET请求 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00019 + [Tags] selfserver http Replace ip+set-cookie完整匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"test","replace_with":"zxcvbnm"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm + ... ELSE Create List zxcvbnm + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00020 + [Tags] selfserver http Replace ip+set-cookie左匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat + ... ELSE set variable curl -kv http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00021 + [Tags] selfserver 最大组合 http Replace + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type + ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"test","replace_with":"zxcvbnm"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00023.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm + ... ELSE Create List zxcvbnm + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Ssl_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Ssl_Tests.robot new file mode 100644 index 0000000..7ca85cd --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Ssl_Tests.robot @@ -0,0 +1,761 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc proxy_policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +ProxyPolicy-Replace-Ssl-00001 + [Tags] selfserver ip ssl Replace + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00002 + [Tags] selfserver ip+fqdn完整匹配 ssl Replace + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_uri","find":"rutube/rutube.html","replace_with":"bytedance/bytedance.html"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 字节跳动 Tango Secure Gateway CA \ \ \ Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00003 + [Tags] selfserver ip+cat右匹配 ssl Replace + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com + ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_cat_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*action + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"test","replace_with":"12345678"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 12345678 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 12345678 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00004 + [Tags] selfserver ssl Replace ip+url右匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"видео","replace_with":"酒店式公寓"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 酒店式公寓 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00005 + [Tags] selfserver ssl Replace ip+url字串匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"twitter","replace_with":"Newsgd.com is the premier online source of Guangdong news and information"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Newsgd.com is the premier online source of Guangdong news and information Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Newsgd.com is the premier online source of Guangdong news and information Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00006 + [Tags] selfserver ssl Replace ip+url完整匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00007 + [Tags] selfserver ssl Replace ip+url左匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node* + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"test","replace_with":"nhwy"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List nhwy Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List nhwy Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00008 + [Tags] selfserver ssl Replace ip+请求头右匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_header","find":"Mozilla/5.0","replace_with":"1234"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List open.node.com X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List open.node.com X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00009 + [Tags] selfserver ssl Replace ip+请求头字串匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List text/json X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00010 + [Tags] selfserver ssl Replace ip+请求头完整匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"发送GET请求"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送GET请求 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List 发送GET请求 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00011 + [Tags] selfserver ssl Replace ip+请求头左匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List text/json X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00012 + [Tags] selfserver ssl Replace ip+cookie字串匹配 + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat + ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00013 + [Tags] selfserver ssl Replace ip+应答头右匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"видео","replace_with":"онлайнвхорошемкачествеслюбыхустройст"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List онлайнвхорошемкачествеслюбыхустройст Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List онлайнвхорошемкачествеслюбыхустройст Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00014 + [Tags] selfserver ssl Replace ip+应答头字串匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"видео","replace_with":"你好五一"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好五一 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 你好五一 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00015 + [Tags] selfserver ssl Replace ip+应答头完整匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00016 + [Tags] selfserver ssl Replace ip+应答头左匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00017 + [Tags] selfserver ssl Replace ip+set-cookie右匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00018 + [Tags] selfserver ssl Replace ip+set-cookie字串匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"发送GET请求"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送GET请求 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 发送GET请求 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00019 + [Tags] selfserver ssl Replace ip+set-cookie完整匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"test","replace_with":"zxcvbnm"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List zxcvbnm Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00020 + [Tags] selfserver ssl Replace ip+set-cookie左匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00021 + [Tags] selfserver 最大组合 ssl Replace + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type + ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"test","replace_with":"zxcvbnm"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-SSL-00023.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List zxcvbnm X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot index 4b2f21c..5701abe 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot @@ -14,13 +14,13 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Allow-Http-00001 - [Tags] ip Selfserver Allow HTTP + [Tags] Selfserver Allow Http Ip Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol: HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -39,17 +39,17 @@ SecurityPolicy-Allow-Http-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Allow-Http-00002 - [Tags] Selfserver Allow HTTP ip+cat右匹配 + [Tags] Selfserver Allow Http Ip+Cat右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -68,17 +68,46 @@ SecurityPolicy-Allow-Http-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Allow-Http-00003 - [Tags] Selfserver Allow HTTP ip+fqdn完整匹配 + [Tags] Selfserver Allow Http Ip+Fqdn完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Allow-Http-00004 + [Tags] Selfserver Allow Http Ip+Fqdn完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot index b26e6c2..756c1d7 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot @@ -14,13 +14,13 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Allow-SSL-00001 - [Tags] Selfserver SSL ip Allow + [Tags] Selfserver Allow Ssl Ip Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -39,17 +39,17 @@ SecurityPolicy-Allow-SSL-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Allow-SSL-00002 - [Tags] Selfserver SSL ip+cat完整匹配 Allow + [Tags] Selfserver Allow Ssl Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -68,17 +68,17 @@ SecurityPolicy-Allow-SSL-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Allow-SSL-00003 - [Tags] Selfserver SSL ip+fqdn右匹配 Allow + [Tags] Selfserver Allow Ssl Ip+Fqdn右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot new file mode 100644 index 0000000..76994f2 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot @@ -0,0 +1,64 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-DNS-00001 + [Tags] Selfserver Deny Dns Ip+Fqdn右匹配 + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*yhd.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "DNS","method":"drop"} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.yhd.com + ... ELSE set variable nslookup -d www.yhd.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 超时 + ... ELSE Create List canonical name = www.yhd.com + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname yhd.com + +SecurityPolicy-Deny-DNS-00002 + [Tags] Selfserver Deny Dns Ip+Cat完整匹配 + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.toutiao.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.vip.com","ttl":{"min":300,"max":300}}]}]} isValid=${1} appObjectIdArray=4 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.toutiao.com + ... ELSE set variable nslookup \ www.toutiao.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name = www.vip.com + ... ELSE Create List canonical name = www.vip.com + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname toutiao.com diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot new file mode 100644 index 0000000..809793f --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot @@ -0,0 +1,124 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Library Custometest + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-Ftp-00001 + [Tags] Selfserver Deny Ftp Account子串匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} ftp_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Deny-Ftp-00002 + [Tags] Selfserver Deny Ftp Account右匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} ftp_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Deny-Ftp-00003 + [Tags] Selfserver Deny Ftp Account完整匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$ftp_user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} ftp_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Deny-Ftp-00004 + [Tags] Selfserver Deny Ftp Account左匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_u* + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} ftp_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Deny-Ftp-00005 + [Tags] Selfserver Deny Ftp Account子串匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_down ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 435814 zmmtext123.txt + should contain ${FTP} ftp_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot new file mode 100644 index 0000000..d213812 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot @@ -0,0 +1,648 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-Http-00001 + [Tags] Selfserver Ip Deny Http + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00002 + [Tags] Selfserver Deny Http Ip+Fqdn右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00003 + [Tags] Selfserver Deny Http Ip+Cat完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00004 + [Tags] Selfserver Deny Http Ip+Url字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node.com + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00005 + [Tags] Selfserver Deny Http Ip+Url右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*youtube.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl \ http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00006 + [Tags] Selfserver Deny Http Ip+Url完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"block","code":403,"message":"123123"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List when not allowed + ... ELSE Create List when not allowed + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00007 + [Tags] Selfserver Deny Http Ip+Url左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open* + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00008 + [Tags] Selfserver Deny Ip+请求头字串匹配 Http + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00009 + [Tags] Selfserver Deny Http Ip+请求头右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00010 + [Tags] Selfserver Deny Http Ip+请求头完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00010 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"block","code":403,"message":"123123"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List when not allowed + ... ELSE Create List when not allowed + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00011 + [Tags] Selfserver Deny Http Ip+请求头左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00012 + [Tags] Selfserver Http Ip+Cookie子串匹配 Deny + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${object_CK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00012 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat + ... ELSE set variable curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00013 + [Tags] Selfserver Deny Http Ip+应答头字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=utf-8|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00014 + [Tags] Selfserver Deny Http Ip+应答头右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl \ http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00015 + [Tags] Selfserver Deny Http Ip+应答头完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00015 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00016 + [Tags] Selfserver Deny Http Ip+应答头左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00016 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00017 + [Tags] Selfserver Deny Http Ip+Set-Cookie字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=4567|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00017 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl \ http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00018 + [Tags] Selfserver Deny Http Ip+Set-Cookie右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*5678|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00018 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl \ http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00019 + [Tags] Selfserver Deny Ip+Set-Cookie完整匹配 Http + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00019 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl \ http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00020 + [Tags] Selfserver Deny Ip+Set-Cookie左匹配 Http + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=1234*|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00020 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl \ http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00021 + [Tags] Selfserver Deny Ip+请求体 Http + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_RQ_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00021 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00022 + [Tags] Selfserver Deny Http Ip+应答体 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық + ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_RQ_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00022 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot new file mode 100644 index 0000000..702b850 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot @@ -0,0 +1,628 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Library Custometest +Resource ../../../../02-Keyword/tsg_common/StmpHandle.robot + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-Mail-00001 + [Tags] Selfserver Subject右匹配 Mail Deny + Comment 创建Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*test + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00002 + [Tags] Selfserver Subject完整匹配 Mail Deny + Comment 创建Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=$你好明天 + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00003 + [Tags] Selfserver Subject字串匹配 Mail Deny + Comment 创建Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00004 + [Tags] Selfserver Subject左匹配 Mail Deny + Comment 创建Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=zxcv* + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00005 + [Tags] Selfserver Content字串匹配 Mail Deny + Comment 创建Content + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо + ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Content_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123123132 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable Простопорно + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00006 + [Tags] Selfserver Deny ATT_CONT字串匹配 Mail + Comment 创建ATT_CONT + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо + ${rescode} ${object_ATT_CONT_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_ATT_CONT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00007 + [Tags] Selfserver Deny From右匹配 Mail + Comment 创建From + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00008 + [Tags] Selfserver Deny From完整匹配 Mail + Comment 创建From + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00009 + [Tags] Selfserver Deny From字串匹配 Mail + Comment 创建From + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=tsgmail + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00010 + [Tags] Selfserver Deny From左匹配 Mail + Comment 创建From + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwct* + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00010 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00011 + [Tags] Selfserver Deny To右匹配 Mail + Comment 创建To + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00012 + [Tags] Selfserver Mali Deny To完整匹配 + Comment 创建To + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$zmmtest@mail.tsgmail.com + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00012 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00013 + [Tags] Selfserver Mali Deny To字串匹配 + Comment 创建To + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmtes + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["tsgtest@mail.tsgmail.com"] + ${密送者} Set Variable ["yyqtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00014 + [Tags] Selfserver Mali Deny To左匹配 + Comment 创建To + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmt* + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00015 + [Tags] Selfserver Mali Deny Account右匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*ail.com + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00016 + [Tags] Selfserver Mali Deny Account完整匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00017 + [Tags] Selfserver Mali Deny Account字串匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwcte + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00017 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00018 + [Tags] Selfserver Mali Deny Account左匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwctest* + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00018 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot new file mode 100644 index 0000000..3280e6f --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot @@ -0,0 +1,213 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-SSL-00001 + [Tags] Selfserver Ip Deny Ssl + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-SSL-00002 + [Tags] Selfserver Ssl Deny Sni Ip+Fqdn右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Operation timed out after + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-SSL-00003 + [Tags] Selfserver Deny Sni Ssl Ip+Cat完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Operation timed out after + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-SSL-00004 + [Tags] Selfserver Ssl Deny Ip+Fqdn右匹配 Cn + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-SSL-00005 + [Tags] Selfserver Deny Cn Ssl Ip+Cat完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-SSL-00006 + [Tags] Selfserver Ssl Deny Ip+Fqdn右匹配 San + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-SSL-00007 + [Tags] Selfserver Deny San Ssl Ip+Cat完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot index b144fe8..ca200fb 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot @@ -14,13 +14,13 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Intercept-Http-00001 - [Tags] ip Selfserver Intercept HTTP + [Tags] Selfserver Intercept Ip Http Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion=protocol: HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -39,17 +39,17 @@ SecurityPolicy-Intercept-Http-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Intercept-Http-00002 - [Tags] Selfserver Intercept HTTP ip+cat右匹配 + [Tags] Selfserver Intercept Http Ip+Cat右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion=protocol:HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -68,17 +68,17 @@ SecurityPolicy-Intercept-Http-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Intercept-Http-00003 - [Tags] Selfserver Intercept HTTP ip+fqdn完整匹配 + [Tags] Selfserver Intercept Http Ip+Fqdn完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion=protocol:HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -95,5 +95,3 @@ SecurityPolicy-Intercept-Http-00003 #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com - - diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot index ef5de39..003a9ae 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot @@ -14,13 +14,13 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Intercept-SSL-00001 - [Tags] Selfserver Intercept SSL ip + [Tags] Selfserver Intercept Ssl Ip Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -39,17 +39,17 @@ SecurityPolicy-Intercept-SSL-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Intercept-SSL-00002 - [Tags] Selfserver Intercept SSL ip+cat完整匹配 + [Tags] Selfserver Intercept Ssl Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -68,17 +68,17 @@ SecurityPolicy-Intercept-SSL-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Intercept-SSL-00003 - [Tags] Selfserver Intercept SSL ip+fqdn右匹配 + [Tags] Selfserver Intercept Ssl Ip+Fqdn右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -86,7 +86,7 @@ SecurityPolicy-Intercept-SSL-00003 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html @{stringlist} run keyword if '${systemType}'=='Windows' set variable 字节跳动 Tango Secure Gateway CA - ... ELSE set variable 字节跳动 Tango Secure Gateway CA + ... ELSE set variable 字节跳动 Tango Secure Gateway CA ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -94,4 +94,4 @@ SecurityPolicy-Intercept-SSL-00003 ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com \ No newline at end of file + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_DNS_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_DNS_Tests.robot new file mode 100644 index 0000000..cd30f1b --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_DNS_Tests.robot @@ -0,0 +1,64 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Monitor-DNS-00001 + [Tags] Selfserver Monitor Dns Ip+Fqdn右匹配 + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*yhd.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=Monitor effectiveRange= userRegion={"protocol": "DNS"} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.yhd.com + ... ELSE set variable nslookup -d www.yhd.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name = www.yhd.com + ... ELSE Create List canonical name = www.yhd.com + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname yhd.com + +SecurityPolicy-Monitor-DNS-00002 + [Tags] Selfserver Monitor Dns Ip+Cat完整匹配 + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.toutiao.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"DNS"} isValid=${1} appObjectIdArray=4 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.toutiao.com + ... ELSE set variable nslookup -d www.toutiao.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name = www.toutiao.com + ... ELSE Create List canonical name = www.toutiao.com + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname toutiao.com diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot new file mode 100644 index 0000000..000b8ca --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot @@ -0,0 +1,124 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Library Custometest + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Monitor-Ftp-00001 + [Tags] Selfserver Ftp Monitor Account字串匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} ftp_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Monitor-Ftp-00002 + [Tags] Selfserver Ftp Monitor Account右匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} ftp_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Monitor-Ftp-00003 + [Tags] Selfserver Ftp Account完整匹配 Monitor + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$ftp_user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} ftp_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Monitor-Ftp-00004 + [Tags] Selfserver Ftp Monitor Account左匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_u* + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} ftp_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Monitor-Ftp-00005 + [Tags] Selfserver Ftp Account字串 Monitor + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_down ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 7 zmmtext123.txt + should contain ${FTP} ftp_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot new file mode 100644 index 0000000..8425a4b --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot @@ -0,0 +1,648 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Monitor-Http-00001 + [Tags] Selfserver Monitor Ip Http + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓 + ... ELSE Create List 酒店式公寓 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00002 + [Tags] Selfserver Monitor Http Ip+Fqdn右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员 + ... ELSE Create List 关闭播放器 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00003 + [Tags] Selfserver Monitor Http Ip+Cat完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00004 + [Tags] Selfserver Monitor Http Ip+Url字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node.com + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00005 + [Tags] Selfserver Monitor Http Ip+Url右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*youtube.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl \ http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员 + ... ELSE Create List 关闭播放器 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00006 + [Tags] Selfserver Monitor Http Ip+Url完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00007 + [Tags] Selfserver Monitor Http Ip+Url左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open* + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00008 + [Tags] Selfserver Monitor Http Ip+请求头字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00008 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 + ... ELSE Create List 发送POST请求 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00009 + [Tags] Selfserver Monitor Http Ip+请求头右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00009 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 + ... ELSE Create List 发送POST请求 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00010 + [Tags] Selfserver Monitor Http Ip+请求头完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00010 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 + ... ELSE Create List 发送POST请求 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00011 + [Tags] Selfserver Monitor Http Ip+请求头左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00011 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 + ... ELSE Create List 发送POST请求 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00012 + [Tags] Selfserver Monitor Http Ip+Cookie子串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${object_CK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00012 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat + ... ELSE set variable curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00013 + [Tags] Selfserver Monitor Http Ip+应答头字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=utf-8|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00013 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00014 + [Tags] Selfserver Monitor Http Ip+应答头右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00014 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl \ http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员 + ... ELSE Create List 关闭播放器 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00015 + [Tags] Selfserver Monitor Http Ip+应答头完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00015 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00016 + [Tags] Selfserver Monitor Http Ip+应答头左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00016 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List ақстан Республ + ... ELSE Create List ақстан Республ + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00017 + [Tags] Selfserver Monitor Http Ip+Set-Cookie字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=4567|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00017 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test + ... ELSE Create List test + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00018 + [Tags] Selfserver Monitor Http Ip+Set-Cookie右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*5678|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00018 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test + ... ELSE Create List test + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00019 + [Tags] Selfserver Monitor Http Ip+Set-Cookie完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00019 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test + ... ELSE Create List test + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00020 + [Tags] Selfserver Monitor Http Ip+Set-Cookie左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=1234*|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00020 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test + ... ELSE Create List test + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00021 + [Tags] Selfserver Monitor Http Ip+请求体 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_RQ_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00021 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test + ... ELSE Create List test + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00022 + [Tags] Selfserver Monitor Http Ip+应答体 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық + ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_RQ_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00022 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_MAIL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_MAIL_Tests.robot new file mode 100644 index 0000000..6f97368 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_MAIL_Tests.robot @@ -0,0 +1,628 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Library Custometest +Resource ../../../../02-Keyword/tsg_common/StmpHandle.robot + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Monitor-Mail-00001 + [Tags] Selfserver Subject右匹配 Mail Monitor + Comment 创建Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*test + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00002 + [Tags] Selfserver Mali Subject完整匹配 Monitor + Comment 创建Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=$你好明天 + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00003 + [Tags] Selfserver Mali Subject字串匹配 Monitor + Comment 创建Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00004 + [Tags] Selfserver Subject左匹配 Mail Monitor + Comment 创建Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=zxcv* + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00005 + [Tags] Selfserver Content字串匹配 Mail Monitor + Comment 创建Content + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо + ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Content_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123123132 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable Простопорно + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00006 + [Tags] Selfserver ATT_CONT字串匹配 Monitor Mail + Comment 创建ATT_CONT + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо + ${rescode} ${object_ATT_CONT_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_ATT_CONT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00007 + [Tags] Selfserver Mali From右匹配 Monitor + Comment 创建From + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00008 + [Tags] Selfserver From完整匹配 Monitor Mail + Comment 创建From + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00008 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00009 + [Tags] Selfserver From字串匹配 Mail Monitor + Comment 创建From + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=tsgmail + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00009 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00010 + [Tags] Selfserver From左匹配 Mail Monitor + Comment 创建From + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwct* + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00010 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00011 + [Tags] Selfserver To右匹配 Mail Monitor + Comment 创建To + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00012 + [Tags] Selfserver To完整匹配 Monitor Mail + Comment 创建To + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$zmmtest@mail.tsgmail.com + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00012 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00013 + [Tags] Selfserver To字串匹配 Monitor Mail + Comment 创建To + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmtes + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["tsgtest@mail.tsgmail.com"] + ${密送者} Set Variable ["yyqtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00014 + [Tags] Selfserver To左匹配 Mail Monitor + Comment 创建To + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmt* + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00015 + [Tags] Selfserver Account右匹配 Mail monitor + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*ail.com + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00016 + [Tags] Selfserver Account完整匹配 Mail Monitor + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00017 + [Tags] Selfserver Account字串匹配 Monitor Mail + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwcte + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00017 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00018 + [Tags] Selfserver Account左匹配 Monitor Mail + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwctest* + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-monitor-Mail-00018 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_SSL_Tests.robot new file mode 100644 index 0000000..e7a468a --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_SSL_Tests.robot @@ -0,0 +1,213 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Monitor-SSL-00001 + [Tags] Selfserver Monitor Ip Ssl + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List видео + ... ELSE Create List рутуб + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-SSL-00002 + [Tags] Selfserver Monitor Ssl Sni Ip+Fqdn右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Twitter + ... ELSE Create List 新鲜事一网打尽 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-SSL-00003 + [Tags] Selfserver Monitor Ssl Ip+Cat完整匹配 Sni + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 + ... ELSE Create List 字节跳动 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-SSL-00004 + [Tags] Selfserver SSL Monitor Cn Ip+Fqdn右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Twitter + ... ELSE Create List 新鲜事一网打尽 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-SSL-00005 + [Tags] Selfserver Monitor Ssl Ip+Cat完整匹配 Cn + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 + ... ELSE Create List 字节跳动 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-SSL-00006 + [Tags] Selfserver Monitor Ssl San Ip+Fqdn右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Twitter + ... ELSE Create List 新鲜事一网打尽 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-SSL-00007 + [Tags] Selfserver Monitor Ssl Ip+Cat完整匹配 San + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 + ... ELSE Create List 字节跳动 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com diff --git a/01-TestCase/tsg_bfapi/api_log/LogStatistics.robot b/01-TestCase/tsg_bfapi/api_log/LogStatistics.robot new file mode 100644 index 0000000..199274c --- /dev/null +++ b/01-TestCase/tsg_bfapi/api_log/LogStatistics.robot @@ -0,0 +1,82 @@ +*** Settings *** +Resource ../../../02-Keyword/tsg_bfapi/LogStatistics.robot + +*** Test Cases *** +Statistics-Country-00001 + #apiName,请求大数据时,用于区分每个接口的sql + ${apiName} set variable Country + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/country/sourceipnum + #开始时间格式Y-M-D h:i:s + ${startTime} set variable 2020-4-20 13:36:35 + #结束时间格式Y-M-D h:i:s + ${endTime} set variable 2020-4-23 13:36:35 + #limit int型 + ${limit} set variable 50 + GetApi ${url} startTime=${startTime} endTime=${endTime} limit=${limit} + +Statistics-domain-00001 + #apiName,请求大数据时,用于区分每个接口的sql + ${apiName} set variable domain + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/domain/recommend + #查询时间时间格式Y-M-D h:i:s + ${statisticTime} set variable 2020-04-22 14:00:00 + GetApi ${url} statisticTime=${statisticTime} + +Statistics-url-00001 + #apiName,请求大数据时,用于区分每个接口的sql + ${apiName} set variable url + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/url/recommend + #查询时间时间格式Y-M-D h:i:s + ${statisticTime} set variable 2020-04-22 14:00:00 + GetApi ${url} statisticTime=${statisticTime} + +Statistics-traffic-00001 + #apiName,请求大数据时,用于区分每个接口的sql + ${apiName} set variable traffic + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/traffic/statisticsbyunit + #统计类型: bytes:字节数 packets:包数 sessions:连接数 如不指定,则统计全部 + ${statisticUnit} set variable bytes + #开始时间格式Y-M-D h:i:s + ${startTime} set variable 2020-4-20 13:36:35 + #结束时间格式Y-M-D h:i:s + ${endTime} set variable 2020-4-26 16:04:56 + #统计粒度,单位秒,仅用于趋势查询sql 缺省为30秒 + ${timeGranularity} set variable 50 + ${limit} set variable 50 + GetApi ${url} statisticsUnit=${statisticUnit} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity} limit=${limit} + +Statistics-traffic-00002 + #apiName,请求大数据时,用于区分每个接口的sql + ${apiName} set variable traffic + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/traffic/statisticsbyunit + #开始时间格式Y-M-D h:i:s + ${startTime} set variable 2020-4-20 13:36:35 + ${endTime} set variable 2020-4-26 16:04:56 + GetApi ${url} startTime=${startTime} endTime=${endTime} + +Statistics-ip_correlation_domain-00001 + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/ip_correlation_domain + #开始时间格式Y-M-D h:i:s + ${startTime} set variable 2020-4-20 13:36:35 + #结束时间格式Y-M-D h:i:s + ${endTime} set variable 2020-4-26 16:04:56 + #IP + ${ip} set variable 157.225.77.82 + GetApi ${url} startTime=${startTime} endTime=${endTime} ip=${ip} + +Statistics-hijack_srcip_location-00001 + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/ip_correlation_domain + #开始时间格式Y-M-D h:i:s + ${startTime} set variable 2020-4-20 13:36:35 + #结束时间格式Y-M-D h:i:s + ${endTime} set variable 2020-4-26 16:04:56 + #策略ID + ${policy_id} set variable 0 + GetApi ${url} startTime=${startTime} endTime=${endTime} policy_id=${policy_id} diff --git a/01-TestCase/tsg_bfapi/policy_file_interface/Decryption.robot b/01-TestCase/tsg_bfapi/policy_file_interface/Decryption.robot new file mode 100644 index 0000000..7ac41e5 --- /dev/null +++ b/01-TestCase/tsg_bfapi/policy_file_interface/Decryption.robot @@ -0,0 +1,64 @@ +*** Settings *** +Test Teardown TeardownDelete ${url} profileIds ${profileId} +Force Tags tsg_bf_api Response_Pages +Library String +Library OperatingSystem +Library Selenium2Library +Library Collections +Resource ../../../02-Keyword/tsg_bfapi/Common.robot +Resource ../../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot +Resource ../../../03-Variable/BifangApiVariable.txt + +*** Variables *** +${url} /policy/profile/decryption +${profileId} ${EMPTY} + +*** Test Cases *** +Decryption_ADD_001 + + Comment 全串{"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{"dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + Comment "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + Comment "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1} + Comment dynamic_bypass + Comment 拦截排除参数对象 + Comment ev_cert Integer 是 ON/OFF,缺省OFF,1表示ON,0表示OFF + Comment cert_transparency Integer 是 ON/OFF,缺省OFF,1表示ON,0表示OFF + Comment mutual_authentication Integer 是 ON/OFF,缺省ON,1表示ON,0表示OFF + Comment cert_pinning Integer 是 Blocl/Bypass,缺省Block,1表示Block,0表示Bypass + Comment protocol_errors Integer 是 ON/OFF,缺省ON,1表示ON,0表示OFF + Comment protocol_version Object 是 协议版本对象 + Comment min Integer 否 如果mirror_client=1,则此参数可为空 + Comment max Integer 否 如果mirror_client=1,则此参数可为空 + Comment mirror_client Integer 是 ON/OFF,缺省ON,1表示ON,0表示OFF + Comment allow_http2 Integer 是 1表示ON,0表示OFF + Comment certificate_checks Object 是 证书检查参数对象 + Comment approachObject 是 certificateChecksObj对象参数 + Comment cn Integer 是 approach对象参数,ON/OFF,缺省ON, 1表示ON,0表示OFF + Comment issuer Integer 是 approach对象参数,ON/OFF,缺省ON, 1表示ON,0表示OFF + Comment self-signed Integer 是 approach对象参数, ON/OFF,缺省ON, 1表示ON,0表示OFF + Comment expiration Integer 是 approach对象参数,ON/OFF,缺省ON, 1表示ON,0表示OFF + Comment fail_action String 是 certificateChecksObj对象参数,值为: fail-close pass-through + Comment isValid Integer 是 是否有效 + Comment isInitialize Integer 否 0:非内置,缺省 1:内置 + + ${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + ${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + ${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + ${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + ${data} Create List ${requestbody} + ${response} CreatePolicyFileNoFile ${url} ${data} + + # 查询 + ${profileId} Get From Dictionary ${response} profileId + ${profileName} Get From Dictionary ${response} profileName + QueryPolicyFile ${url} profileId=${profileId}&profileName=${profileName} + + + # 修改 + ${dynamic_bypass}="dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"cert_pinning":0,"protocol_errors":0} + ${protocol_version}="protocol_version":{"min":"ssl3","max":"tls13","mirror_client":0,"allow_http2":0} + ${certificate_checks}="certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"} + ${requestbody}={"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_edit","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":0,"isInitialize":0,"profileDesc":""}]} + @{data} set variable ${requestbody} + UpdatePolicyFile2 ${url} ${reqData_edit} @{data} + diff --git a/01-TestCase/tsg_bfapi/policy_file_interface/HijackFilesPolicy.robot b/01-TestCase/tsg_bfapi/policy_file_interface/HijackFilesPolicy.robot index 47fd2bf..e31f427 100644 --- a/01-TestCase/tsg_bfapi/policy_file_interface/HijackFilesPolicy.robot +++ b/01-TestCase/tsg_bfapi/policy_file_interface/HijackFilesPolicy.robot @@ -17,7 +17,7 @@ ${profileId} ${EMPTY} Hijack Files Policy CRUD case # 新增 - ${response} CreatePolicyFile2 ${url} Hijack Files-files/ Create-Hijack Files-test-3.html hijack + ${response} CreatePolicyFile2 ${url} hijack_files/ Create-Hijack Files-test-3.html hijack # 查询 ${profileId} Get From Dictionary ${response} profileId diff --git a/01-TestCase/tsg_bfapi/policy_file_interface/InsertScriptsPolicy.robot b/01-TestCase/tsg_bfapi/policy_file_interface/InsertScriptsPolicy.robot index c58b5da..e04f838 100644 --- a/01-TestCase/tsg_bfapi/policy_file_interface/InsertScriptsPolicy.robot +++ b/01-TestCase/tsg_bfapi/policy_file_interface/InsertScriptsPolicy.robot @@ -17,7 +17,7 @@ ${profileId} ${EMPTY} Insert Scripts Policy CRUD case # 新增 - ${response} CreatePolicyFile2 ${url} Insert Scripts-files/ Create-Insert Scripts-test-1.js insert + ${response} CreatePolicyFile2 ${url} insert_files/ Create-Insert Scripts-test-1.js insert # 查询 ${profileId} Get From Dictionary ${response} profileId diff --git a/01-TestCase/tsg_bfapi/policy_file_interface/KeyringPolicyFile.robot b/01-TestCase/tsg_bfapi/policy_file_interface/KeyringPolicyFile.robot index 69f6789..a7483b0 100644 --- a/01-TestCase/tsg_bfapi/policy_file_interface/KeyringPolicyFile.robot +++ b/01-TestCase/tsg_bfapi/policy_file_interface/KeyringPolicyFile.robot @@ -17,7 +17,7 @@ ${keyringId} ${EMPTY} Keyring Policy File case # 新增 - ${response} CreatePolicyMutipartFile ${url} Keyrings/root/ mesalab-ca-cert.pem mesalab-ca-key.pem + ${response} CreatePolicyMutipartFile ${url} keyrings/root/ mesalab-ca-cert.pem mesalab-ca-key.pem # 查询 ${keyringId} Get From Dictionary ${response} keyringId diff --git a/01-TestCase/tsg_bfapi/policy_file_interface/ResponsePagesPolicy.robot b/01-TestCase/tsg_bfapi/policy_file_interface/ResponsePagesPolicy.robot index 95d374b..f385997 100644 --- a/01-TestCase/tsg_bfapi/policy_file_interface/ResponsePagesPolicy.robot +++ b/01-TestCase/tsg_bfapi/policy_file_interface/ResponsePagesPolicy.robot @@ -17,7 +17,7 @@ ${profileId} ${EMPTY} Response Pages Policy CRUD case # 新增 - ${response} CreatePolicyFile2 ${url} Response pages-files/ Create-Response Pages-test-1.html resPages + ${response} CreatePolicyFile2 ${url} response_pages_files/ Create-Response Pages-test-1.html resPages # 查询 ${profileId} Get From Dictionary ${response} profileId diff --git a/01-TestCase/tsg_bfapi/policy_file_interface/TrustedCertPolicy.robot b/01-TestCase/tsg_bfapi/policy_file_interface/TrustedCertPolicy.robot index 4b211f5..aa3e912 100644 --- a/01-TestCase/tsg_bfapi/policy_file_interface/TrustedCertPolicy.robot +++ b/01-TestCase/tsg_bfapi/policy_file_interface/TrustedCertPolicy.robot @@ -17,7 +17,7 @@ ${certId} ${EMPTY} Trusted Cert Policy CRUD case # 新增 - ${response} CreatePolicyFile ${url} Keyrings/root/ tango-ca-trust-ca-cer.pem + ${response} CreatePolicyFile ${url} keyrings/root/ tango-ca-trust-ca-cer.pem # 查询 ${certId} Get From Dictionary ${response} certId diff --git a/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot b/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot new file mode 100644 index 0000000..5738c8b --- /dev/null +++ b/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot @@ -0,0 +1,163 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags zjj Security_Policy Active_Defence_Policy +Library OperatingSystem +Resource ../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../03-Variable/PolicyObjectDefault.txt +Resource ../../02-Keyword/tsg_common/StmpHandle.robot +Resource ../../03-Variable/BifangApiVariable.txt +Resource ../../02-Keyword/tsg_bfapi/Common.robot +Library Custometest +Library json + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} +${url} /policy/profile/responsepages +${profiledId} ${EMPTY} +${target_ip} 10.3.22.129 +# 无DHCP,需要手动设置IP,可用地址段: 10.3.22.[129-254], 掩码: 255.255.255.0, DNS服务器: 10.3.22.11。 +*** Test Cases *** +ZDFY_ActiveDefencePolicy-Flood-00001 + [Tags] flood + + ${caseName} set variable ZDFY_ActiveDefencePolicy-Flood-00001 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + + Comment 创建带主动策略Flood + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} + +ZDFY_ActiveDefencePolicy-Flood-00002 + [Tags] flood TwoPolicyOneprofile + + ${caseName} set variable ZDFY_ActiveDefencePolicy-Flood-00002 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + + Comment 创建带主动策略Flood + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + Comment 创建带主动策略Flood + ${policyDict2} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId2} AddPolicy2 ${1} ${policyDict2} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId},${policyId2} ]} + + +ZDFY_ActiveDefencePolicy-Reflection-00001 + [Tags] reflection + ${caseName} set variable ZDFY_ActiveDefencePolicy-Reflection-00001 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /policy/profile/reflector body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.11"],"reflectorType":"dns","isValid":1,"profileDesc":"autotest"}]} + ${reflector_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + ${response} BasePostRequest /policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorType":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} + #${response} BasePostRequest /policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorPayload":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} + ${payload_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + Comment 创建策略reflection + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"reflection","reflector_type":"DNS","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"payload_profile_id":${payload_profile_id},"reflector_profile_id":${reflector_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} +ZDFY_ActiveDefencePolicy-CC-00001 + [Tags] CC + ${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00001 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":""}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + Comment 创建带主动策略CC + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"cc","l7_protocol":"HTTP","target_url":"http://test.com","rate_cps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} + + +ZDFY_ActiveDefencePolicy-CC-00002 + [Tags] CC + ${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00002 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + Comment 创建带主动策略CC + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"cc","l7_protocol":"HTTPS","target_url":"https://test.com","rate_cps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} \ No newline at end of file diff --git a/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot b/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot index 882a3ff..314ca73 100644 --- a/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot +++ b/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot @@ -18,17 +18,597 @@ ${url} /policy/profile/responsepages ${profiledId} ${EMPTY} *** Test Cases *** -ZJJ_ProxyPolicy-Replace-Uri-00001 - [Tags] selfserver +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00001 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00001 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} - ${caseName} set variable ZJJ_ProxyPolicy-Replace-Uri-00001 - # 创建对象-IP - # addItemList全参数:(为方便说明,将参数值拆分为几部分,其实际值为单条无空格/回车字符串,每部分内代表的各参数不可跳跃。) - # [addrType]|[protocol]|[direction]|[isSession]# 第一部分(可省略) - # [clientIpFormat]|[clientIp1]|[clientIp2]|[clientPort1/clientPort2]& 第二部分(不可省略) - # [serverIpFormat]|[serverIp1]|[serverIp2]|[serverPort1/serverPort2]| 第三部分(可省略) - # [isInitialize]|[itemName]|[itemDesc], 第四部分(可省略) - # ... + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.0001,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.1,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00003 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00003 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.9,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00004 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00004 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":0,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.9999,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00005 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00005 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":0.5,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.9,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} +#TestLogSize + #日志验证security_event_log + #GetLogListSize proxy_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co + #${logsize} GetLogListSize security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co + #log 11${logsize} + #${logsize} GetLogCount security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co + #log 22${logsize} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-000012 + [Tags] selfserver SIP+DIP+URL+ResHeader+ReqHeader + + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 Comment 创建目标IP ${objectDict} Create Dictionary ... objectType=ip @@ -57,15 +637,61 @@ ZJJ_ProxyPolicy-Replace-Uri-00001 ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} - Comment 创建安全策略,针对所有协议,相当于BlackIP + #创建Resheader + ${objectDict} Create Dictionary + ... objectType=http_signature + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_http_signatureheaderobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725|Set-Cookie + ${rescode} ${object_ResH_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ResH_Id} + + #创建ReqHeader + ${objectDict} Create Dictionary + ... objectType=http_signature + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_http_signatureheaderobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725|Cookie + ${rescode} ${object_ReqH_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ReqH_Id} + + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ... isValid=1 + ... appObjectIdArray=${2},${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + #{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"protocol_errors":1,"cert_pinning":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":112,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":8337,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]}],"isValid":0,"scheduleId":[],"appObjectIdArray":[2,3]}} + Comment 创建带有替换比例的策略"enforcement_ratio":0.9999 ${policyDict} Create Dictionary ... policyName=${caseName}_IPobject ... policyType=pxy_manipulation - ... policyDesc=${Default_PolicyDesc} + ... policyDesc=${caseName} ... action=manipulation ... effectiveRange=${Default_EffectiveRange} - ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.1,"protocol":"HTTP"} - ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find汉字 результатом манипуляций","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.1,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL,${object_ReqH_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_ResH_Id}|TSG_FIELD_HTTP_RES_HDR ... isValid=1 ... appObjectIdArray=${2} ... userTags=${Default_UserTags} @@ -78,16 +704,16 @@ ZJJ_ProxyPolicy-Replace-Uri-00001 ${policyIds} Create List {"policyType":"pxy_manipulation","policyIds":[${policyId}]} #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} # - ${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} - EditPolicy ${disablePolciy} + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} Comment 功能端验证SSL验证 - ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-AllProtol-00001_SSL.bat - ... ELSE set variable curl -kv https://open.node.com/ + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00002.bat + ... ELSE set variable curl -kv --cookie "JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725" -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find汉字 результатом манипуляций&setCookie=JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA replacetest #OpenSSL SSL_connect: Connection was reset in connection to #Send failure: Connection was reset - ... ELSE Create List OpenSSL SSL_connect: Connection reset by peer in connection to + ... ELSE Create List Tango Secure Gateway CA replacetest ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s @@ -95,6 +721,10 @@ ZJJ_ProxyPolicy-Replace-Uri-00001 Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com - - #{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"阿斯蒂","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_req_uri","find":"find","replace_with":"replace"}],"protocol":"HTTP"},"isValid":0,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":10103,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":8337,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]},{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}} \ No newline at end of file + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} + \ No newline at end of file diff --git a/01-TestCase/zjj/ZJJ_SecurityPolicy_Http.robot b/01-TestCase/zjj/ZJJ_SecurityPolicy_Http.robot new file mode 100644 index 0000000..17178f0 --- /dev/null +++ b/01-TestCase/zjj/ZJJ_SecurityPolicy_Http.robot @@ -0,0 +1,297 @@ +*** Settings *** +#Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags zjj tsg_proxy replace +Library OperatingSystem +Resource ../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../03-Variable/PolicyObjectDefault.txt +Resource ../../02-Keyword/tsg_common/StmpHandle.robot +Resource ../../03-Variable/BifangApiVariable.txt +Resource ../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot +Library Custometest +Library json + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} +${url} /policy/profile/responsepages +${profiledId} ${EMPTY} + +*** Test Cases *** +ZJJ_SecurityPolicy-Deny-Http-Alert00001 + [Tags] ZJJ HttpAlert + ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00001 + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + ${objectids} set Variable ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #创建Resheader + ${objectDict} Create Dictionary + ... objectType=http_signature + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_http_signatureheaderobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725|Set-Cookie + ${rescode} ${object_ResH_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ResH_Id} + + #创建ReqHeader + ${objectDict} Create Dictionary + ... objectType=http_signature + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_http_signatureheaderobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725|Cookie + ${rescode} ${object_ReqH_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ReqH_Id} + + #创建ResBocy + ${objectDict} Create Dictionary + ... objectType=keywords + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_http_keywordsobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=创建ResBocy* + ${rescode} ${object_ResB_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ResB_Id} + + #创建ReqBody + ${objectDict} Create Dictionary + ... objectType=keywords + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_http_keywordsobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=*创建ReqBocy + ${rescode} ${object_ReqB_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ReqB_Id} + + # 新增 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建Deny策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=deny + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol": "HTTP","method":"alert","code":200,"html_profile":${profiledId}} + ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL,${object_FQDN_Id}|TSG_FIELD_HTTP_HOST,${object_ReqH_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_ResH_Id}|TSG_FIELD_HTTP_RES_HDR,${object_ReqB_Id}|TSG_FIELD_HTTP_REQ_CONTENT,${object_ResB_Id}|TSG_FIELD_HTTP_RES_CONTENT + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + + + + + +ZJJ_SecurityPolicy-Deny-Http-Alert00002 + [Tags] ZJJ HttpAlert + ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00002 + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + ${objectids} set Variable ${object_URL_Id} + + + # 新增 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建Deny策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=deny + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol": "HTTP","method":"alert","code":200,"html_profile":${profiledId}} + ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + +ZJJ_SecurityPolicy-Deny-Http-Alert00003 + [Tags] ZJJ HttpAlert + ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00003 + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=www.icbc.com.cn + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + ${objectids} set Variable ${object_URL_Id} + + + # 新增 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建Deny策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=deny + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol": "HTTP","method":"alert","code":204,"html_profile":${profiledId}} + ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + +ZJJ_SecurityPolicy-Deny-Http-Alert00004 + [Tags] ZJJ HttpAlert + ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00004 + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=www.xiaozhu.com + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + ${objectids} set Variable ${object_URL_Id} + + + Comment 创建Deny策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=deny + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol": "HTTP","method":"alert","code":200,"message":"alerttest200"} + ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + +ZJJ_SecurityPolicy-Deny-Http-Alert00005 + [Tags] ZJJ HttpAlert + ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00005 + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=www.sinovision.net + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + ${objectids} set Variable ${object_URL_Id} + + + Comment 创建Deny策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=deny + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol": "HTTP","method":"alert","code":204,"message":"alerttest204"} + ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} diff --git a/02-Keyword/tsg_adc/PolicyVertify.robot b/02-Keyword/tsg_adc/PolicyVertify.robot index a8f2c0c..96422df 100644 --- a/02-Keyword/tsg_adc/PolicyVertify.robot +++ b/02-Keyword/tsg_adc/PolicyVertify.robot @@ -36,7 +36,7 @@ PolicyVertify ${resultObj} Create Dictionary verifyList=${verifyList} ${json} json.Dumps ${resultObj} ensure_ascii=False - ${response} BasePostRequest /v1/policy/verify body=${json} + ${response} BasePostRequest /policy/verify body=${json} Log REQ = ${json} Log RES = ${response} Should Be True ${response['code']} == 200 diff --git a/02-Keyword/tsg_bfapi/Common.robot b/02-Keyword/tsg_bfapi/Common.robot index 7dd8217..7151171 100644 --- a/02-Keyword/tsg_bfapi/Common.robot +++ b/02-Keyword/tsg_bfapi/Common.robot @@ -1,6 +1,6 @@ *** Settings *** Resource ../../03-Variable/BifangApiVariable.txt -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library RequestsLibrary @@ -20,7 +20,7 @@ BasePostRequest BaseDeleteRequest [Arguments] ${requestUri} ${data} ${headers} set variable {"Authorization":"${token}","Content-Type":"application/json"} - create session api http://${host}:${port} ${headers} + create session api http://${host}:${port}/${version} ${headers} ${response}= Delete Request api ${requestUri} data=${data} log return data =${response} Should Be Equal As Strings ${response.status_code} 200 @@ -30,7 +30,7 @@ BaseDeleteRequest BaseEditRequest [Arguments] ${requestUri} ${data} ${headers} set variable {"Authorization":"${token}","Content-Type":"application/json"} - create session api http://${host}:${port} ${headers} + create session api http://${host}:${port}/${version} ${headers} ${response}= Put Request api ${requestUri} data=${data} log return data =${response} Should Be Equal As Strings ${response.status_code} 200 diff --git a/02-Keyword/tsg_bfapi/LogStatistics.robot b/02-Keyword/tsg_bfapi/LogStatistics.robot new file mode 100644 index 0000000..1bd113c --- /dev/null +++ b/02-Keyword/tsg_bfapi/LogStatistics.robot @@ -0,0 +1,46 @@ +*** Settings *** +Library RequestsLibrary +Resource ../../03-Variable/BifangApiVariable.txt +Library string + +*** Keywords *** +GetApi + [Arguments] ${url} ${startTime}=${None} ${endTime}=${None} ${limit}=${None} ${statisticTime}=${None} ${statisticsUnit}=${None} ${timeGranularity}=${None} ${policy_id}=${None} ${ip}=${None} + #拼接查询条件 + ${strstrartTime}= run keyword if '${startTime}'!='${None}' Set Variable startTime=${startTime}& + ... ELSE Set Variable ${EMPTY} + ${strendTime}= run keyword if '${endTime}'!='${None}' Set Variable endTime=${endTime}& + ... ELSE Set Variable ${EMPTY} + ${strstatisticTime}= run keyword if '${statisticTime}'!='${None}' Set Variable statisticTime=${statisticTime}& + ... ELSE Set Variable ${EMPTY} + ${strlimit}= run keyword if '${limit}'!='${None}' Set Variable limit=${limit}& + ... ELSE Set Variable ${EMPTY} + ${strstatisticsUnit}= run keyword if '${statisticsUnit}'!='${None}' Set Variable statisticsUnit=${statisticsUnit}& + ... ELSE Set Variable ${EMPTY} + ${strtimeGranularity}= run keyword if '${timeGranularity}'!='${None}' Set Variable timeGranularity=${timeGranularity}& + ... ELSE Set Variable ${EMPTY} + ${strpolicy_id} run keyword if '${policy_id}'!='${None}' Set Variable policy_id=${policy_id}& + ... ELSE Set Variable ${EMPTY} + ${strip} run keyword if '${ip}'!='${None}' Set Variable ip=${ip}& + ... ELSE Set Variable ${EMPTY} + ${condition} catenate SEPARATOR= ${strstrartTime} ${strendTime} ${strstatisticTime} ${strlimit} ${strstatisticsUnit} ${strtimeGranularity} ${strpolicy_id} ${ip} + #创建请求信息 + ${header} Create Dictionary Content-Type=application/x-www-form-urlencoded Authorization=${token} + Create Session api http://${host}:${port}/${version} + #发送请求 + ${remoteResponse} Get Request api ${url}?${condition} headers=${header} + log ${remoteResponse} + ${response} to json ${remoteResponse.content} + #验证请求是否成功 + Should Be Equal As Strings ${remoteResponse.status_code} 200 + Should Be Equal As Strings ${response}[code] 200 + #请求大数据 + #sql拼接 + #BigData ${sql} + +BigData + [Arguments] ${sql} + #创建请求信息 + Create Session api http://192.168.40.224:9999 + #发送请求 + ${remoteResponse} Get Request api ?query= ${sql} diff --git a/02-Keyword/tsg_bfapi/LogVariable.robot b/02-Keyword/tsg_bfapi/LogVariable.robot index 62bbc83..9d05bd0 100644 --- a/02-Keyword/tsg_bfapi/LogVariable.robot +++ b/02-Keyword/tsg_bfapi/LogVariable.robot @@ -29,4 +29,32 @@ GetLogList Should Contain ${logs}"" ${client_ip} Should Contain ${logs}"" ${policy_id} Should Contain ${logs}"" ${parmkey} - Should Contain ${logs}"${parmkey}" ${parmvalue} \ No newline at end of file + Should Contain ${logs}"${parmkey}" ${parmvalue} + + + +GetLogListSize + [Documentation] + ... 描述:ProxyPinning + ... + [Arguments] ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} ${parmkey} ${parmvalue} + ${logCondition} GetALLLogCondition ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} 10000 1 + log ${logCondition} + ${LogListResponse} PostRemoteData /log/list ${logCondition} + Should Be Equal As Strings ${LogListResponse.status_code} 200 + ${returnData} To Json ${LogListResponse.content} + ${data} Get From Dictionary ${returnData} data + ${len} Get Length ${data}[list] + [Return] ${len} + + +GetLogCount + [Arguments] ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} ${parmkey} ${parmvalue} + ${logCondition} GetALLLogCondition ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} 10000 1 + ${LogListResponse} PostRemoteData /log/count ${logCondition} + Should Be Equal As Strings ${LogListResponse.status_code} 200 + ${returnData} To Json ${LogListResponse.content} + ${len} Set Variable ${LogListResponse.json()}[data][total] + #${len} Get From Dictionary ${returnData} total + [Return] ${len} + \ No newline at end of file diff --git a/02-Keyword/tsg_bfapi/LoginLogout.robot b/02-Keyword/tsg_bfapi/LoginLogout.robot index 46f8b18..ea37673 100644 --- a/02-Keyword/tsg_bfapi/LoginLogout.robot +++ b/02-Keyword/tsg_bfapi/LoginLogout.robot @@ -1,6 +1,6 @@ *** Settings *** Resource ../../03-Variable/BifangApiVariable.txt -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library SSHLibrary Resource PolicyObject.robot @@ -13,7 +13,7 @@ Login [Tags] tsg_adc tsg_bf_api #[Arguments] ${username} ${password} ${authmode} ${authCode} ${ldapId} # 毕方接口用户名密码 - GET /v1/user/encryptpwd?password=${password} + GET /user/encryptpwd?password=${password} Object response body #OUTPUT response body #${rescode} Integer $.code @@ -33,7 +33,7 @@ Login #getToken################################################################################## #log ${username} #log ${pwdstr} - POST /v1/user/login?username=${username}&password=${encodePassword}&authMode=${authmode} + POST /user/login?username=${username}&password=${encodePassword}&authMode=${authmode} Object response body #OUTPUT response body Integer $.code 200 @@ -51,7 +51,7 @@ Login Logout [Tags] tsg_adc tsg_bf_api - POST /v1/user/logout headers=${headers} + POST /user/logout headers=${headers} Object response body Integer $.code 200 ${rescode} Integer $.code diff --git a/02-Keyword/tsg_bfapi/PolicyObject.robot b/02-Keyword/tsg_bfapi/PolicyObject.robot index 1f9f4da..4319673 100644 --- a/02-Keyword/tsg_bfapi/PolicyObject.robot +++ b/02-Keyword/tsg_bfapi/PolicyObject.robot @@ -3,7 +3,7 @@ Resource ../../03-Variable/BifangApiVariable.txt Resource ../tsg_common/ManagePolicyBody.robot Resource ../tsg_common/ManageObjectBody.robot Resource ../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library RequestsLibrary Resource Common.robot @@ -52,17 +52,17 @@ AddLocalIPObject DelLocalIPObject log to_DelLocalIPObject - ${response} BaseDeleteRequest /v1/policy/object {"objectIds":[${testClentID}]} + ${response} BaseDeleteRequest /policy/object {"objectIds":[${testClentID}]} #${response_code} Get From Dictionary ${response} code #Should Be Equal As Strings ${response} {'code': 200, 'msg': 'Success', 'success': True} SET GLOBAL VARIABLE ${testClentID} ${EMPTY} - ${response} BaseDeleteRequest /v1/policy/object {"objectIds":[${testClentSubID}]} + ${response} BaseDeleteRequest /policy/object {"objectIds":[${testClentSubID}]} SET GLOBAL VARIABLE ${testClentSubID} ${EMPTY} AddObject [Arguments] ${body} #addIPobject################################################################################# - ${response} BasePostRequest /v1/policy/object body=${body} + ${response} BasePostRequest /policy/object body=${body} #log ${response} ${objectId} Set Variable ${response['data']['objectList'][0]['objectId']} ${rescodeReturn} Set Variable ${response['code']} @@ -72,7 +72,7 @@ AddObject2 [Arguments] ${returnData} ${policyList} ${body} ObjectParamsOpertion ${returnData} ${policyList} - ${response} BasePostRequest /v1/policy/object body=${body} + ${response} BasePostRequest /policy/object body=${body} ${objectId} Set Variable ${response['data']['objectList'][0]['objectId']} ${rescodeReturn} Set Variable ${response['code']} [Return] ${rescodeReturn} ${objectId} @@ -84,7 +84,7 @@ EditObject DeleteObjectbak [Arguments] ${objectids} ${body} String {"objectIds":[${objectids}]} - DELETE /v1/policy/object body=${body} headers=${headers} + DELETE /policy/object body=${body} headers=${headers} Object response body log DeleteObject log dxytestOUtputstart @@ -96,7 +96,7 @@ DeleteObjectbak AddPolicy [Arguments] ${body} - ${response} BasePostRequest /v1/policy/compile body=${body} + ${response} BasePostRequest /policy/compile body=${body} #log ${response} ${policyId} Set Variable ${response['data']['policyList'][0]['policyId']} ${rescode} Set Variable ${response['code']} @@ -104,22 +104,23 @@ AddPolicy AddPolicy2 [Arguments] ${returnData} ${policyList} - ${body} PolicyParamsOpertion ${returnData} ${policyList} + ${body} PolicyParamsOpertion ${returnData} ${policyList} add - ${response} BasePostRequest /v1/policy/compile body=${body} + ${response} BasePostRequest /policy/compile body=${body} ${policyId} Set Variable ${response['data']['policyList'][0]['policyId']} ${rescode} Set Variable ${response['code']} [Return] ${rescode} ${policyId} EditPolicy - [Arguments] ${body} - ${response} BaseEditRequest /v1/policy/compile ${body} + [Arguments] ${policyList} ${opAction} + ${body} PolicyParamsOpertion ${1} ${policyList} ${opAction} + ${response} BaseEditRequest /policy/compile ${body} [Return] ${rescode} DeletePolicybak [Arguments] ${policyids} ${body} String {"policyType":"tsg_security","policyIds":[${policyids}]} - DELETE /v1/policy/compile body=${body} headers=${headers} + DELETE /policy/compile body=${body} headers=${headers} Object response body log DeletePolicy Output response body @@ -131,7 +132,7 @@ DeletePolicy [Arguments] ${body} #删除策略 log toDeletePolicy_DeletePolicyDeletePolicy - ${response} BaseDeleteRequest /v1/policy/compile ${body} + ${response} BaseDeleteRequest /policy/compile ${body} #{"policyType":"tsg_security","policyIds":[${policyids}]} ${response_code} Get From Dictionary ${response} code Should Be Equal As Strings ${response_code} 200 @@ -143,7 +144,7 @@ DeleteObject [Arguments] ${objectids} #删除对象 log todeleteobj - ${response} BaseDeleteRequest /v1/policy/object {"objectIds":[${objectids}]} + ${response} BaseDeleteRequest /policy/object {"objectIds":[${objectids}]} ${response_code} Get From Dictionary ${response} code #log aaaaaaaaaa:${response_code} Should Be Equal As Strings ${response_code} 200 @@ -166,7 +167,8 @@ DeletePolicyAndObject END #删除对象 log todeleteobj_DeletePolicyAndObject - DeleteObject ${objectids} + Run Keyword If "${objectids}"=="${EMPTY}" log no obj to del + ... ELSE DeleteObject ${objectids} DeleteAfterCase [Arguments] ${policyids} ${objectids} diff --git a/02-Keyword/tsg_bfapi/Tag.robot b/02-Keyword/tsg_bfapi/Tag.robot index bf7643b..d84346d 100644 --- a/02-Keyword/tsg_bfapi/Tag.robot +++ b/02-Keyword/tsg_bfapi/Tag.robot @@ -1,6 +1,6 @@ *** Settings *** Resource ../../03-Variable/BifangApiVariable.txt -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library RequestsLibrary Resource Common.robot @@ -9,7 +9,7 @@ Resource Common.robot ApiAddTags [Arguments] ${body} #ApiAddTags################################################################################# - ${response} BasePostRequest /v1/customize/tags body=${body} + ${response} BasePostRequest /customize/tags body=${body} #log ${response} ${tagId} Set Variable ${response['data']['tagList'][0]['id']} ${rescodeReturn} Set Variable ${response['code']} @@ -23,7 +23,7 @@ ApiDeleteTags [Arguments] ${body} #删除策略 log toApiDeleteTags - ${response} BaseDeleteRequest /v1/customize/tags ${body} + ${response} BaseDeleteRequest /customize/tags ${body} ${response_code} Get From Dictionary ${response} code Should Be Equal As Strings ${response_code} 200 ${response} Convert to String ${response} diff --git a/02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot b/02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot index b066bab..9e68200 100644 --- a/02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot +++ b/02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot @@ -103,6 +103,29 @@ CreatePolicyFile3 Log profileId:${profileId} [Return] ${response} +CreatePolicyFileNoFile + [Documentation] + ... 必传参数:url + ... 可选参数:data(不传时使用默认值) + [Arguments] ${url} ${data} + ${suffix} Generate Random String + ${profileName} Catenate SEPARATOR=_ test ${suffix} + ${listlenth}= Get Length ${data} + ${requestbody} Set Variable {"opAction":"add","returnData":1,"trafficMirrorList":[{"profileName":"${profileName}","addrType":"mac","isValid":1,"addrArray":["00:A1:B2:06:C3:29"]}]} + FOR ${var} IN RANGE ${listlenth} + #log ${var} + ${request} Set Variable ${data}[${var}] + END + ${content} Post-Request ${url} ${requestbody} + ${msg} Set Variable ${content['msg']} + ${list} Set Variable ${content['data']['list']} + ${profileId} Set Variable ${list[0]['profileId']} + ${profileName} Set Variable ${list[0]['profileName']} + ${response} Create Dictionary msg=${msg} profileId=${profileId} profileName=${profileName} + Log add operation:${msg} + Log profileId:${profileId} + [Return] ${response} + CreatePolicyMutipartFile [Documentation] ... 必传参数:url、filePath(文件路径)、pubFileName(证书文件名)、priFileName(私钥文件名) diff --git a/02-Keyword/tsg_cli/Interface.robot b/02-Keyword/tsg_cli/Interface.robot index ba4c4bc..656776d 100644 --- a/02-Keyword/tsg_cli/Interface.robot +++ b/02-Keyword/tsg_cli/Interface.robot @@ -18,7 +18,8 @@ ${Tsg_Passwd} tsg_passwd # tsg_help指令返回值对比文件路径 ${Tsg_Help_file_Path} cli_files/tsg_help.txt # tsg_show指令查询时附加sql条件 -${Tsg_Show_Added_Sql} "order by time desc limit 20 " --querey +${Tsg_Show_Added_Sql} "order by time desc limit 1" +${Tsg_Show_Added_Sql_Query} --query # tsg_show指令返回数据flowType和sled参数值 ${Tsg_Show_FlowType_Values} inline|intercomm|mirror ${Tsg_Show_Sled_Values} mcn0|mcn1|mcn2|mcn3 @@ -273,7 +274,7 @@ Tsg_Show_Interface ... 描述:执行'tsg_show --interface'指令,并验证返回值 ... 参数:无 ... 返回:无 - ${str} Set Variable ${Tsg_Show} --interface -- ${Tsg_Show_Added_Sql} + ${str} Set Variable ${Tsg_Show} --interface -- ${Tsg_Show_Added_Sql} ${Tsg_Show_Added_Sql_Query} ${stime} Get Time @{list} Run5 ${str} ${etime} Get Time @@ -288,7 +289,7 @@ Tsg_Show_APP ... 描述:执行'tsg_show --app'指令,并验证返回值 ... 参数:无 ... 返回:无 - ${str} Set Variable ${Tsg_Show} --app -- ${Tsg_Show_Added_Sql} + ${str} Set Variable ${Tsg_Show} --app -- ${Tsg_Show_Added_Sql} ${Tsg_Show_Added_Sql_Query} ${stime} Get Time @{list} Run5 ${str} ${etime} Get Time @@ -303,7 +304,7 @@ Tsg_Show_Protocol ... 描述:执行'tsg_show --protocol'指令,并验证返回值 ... 参数:无 ... 返回:无 - ${str} Set Variable ${Tsg_Show} --protocol -- ${Tsg_Show_Added_Sql} + ${str} Set Variable ${Tsg_Show} --protocol -- ${Tsg_Show_Added_Sql} ${Tsg_Show_Added_Sql_Query} ${stime} Get Time @{list} Run5 ${str} ${etime} Get Time @@ -318,7 +319,7 @@ Tsg_Show_Stream ... 描述:执行'tsg_show --stream'指令,并验证返回值 ... 参数:无 ... 返回:无 - ${str} Set Variable ${Tsg_Show} --stream -- ${Tsg_Show_Added_Sql} + ${str} Set Variable ${Tsg_Show} --stream -- ${Tsg_Show_Added_Sql} ${Tsg_Show_Added_Sql_Query} ${stime} Get Time @{list} Run5 ${str} ${etime} Get Time @@ -333,7 +334,7 @@ Tsg_Show_Intercept ... 描述:执行'tsg_show --intercept'指令,并验证返回值 ... 参数:无 ... 返回:无 - ${str} Set Variable ${Tsg_Show} --intercept -- ${Tsg_Show_Added_Sql} + ${str} Set Variable ${Tsg_Show} --intercept -- ${Tsg_Show_Added_Sql} ${Tsg_Show_Added_Sql_Query} ${stime} Get Time @{list} Run5 ${str} ${etime} Get Time diff --git a/02-Keyword/tsg_common/LoginAndLogoutTypeSwitch.robot b/02-Keyword/tsg_common/LoginAndLogoutTypeSwitch.robot index 87073a4..170e720 100644 --- a/02-Keyword/tsg_common/LoginAndLogoutTypeSwitch.robot +++ b/02-Keyword/tsg_common/LoginAndLogoutTypeSwitch.robot @@ -1,6 +1,6 @@ *** Settings *** Resource ../../03-Variable/BifangApiVariable.txt -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library ExtensionLibrary Resource ../tsg_bfapi/LoginLogout.robot diff --git a/02-Keyword/tsg_common/ManagePolicyBody.robot b/02-Keyword/tsg_common/ManagePolicyBody.robot index 3d6db02..7512f04 100644 --- a/02-Keyword/tsg_common/ManagePolicyBody.robot +++ b/02-Keyword/tsg_common/ManagePolicyBody.robot @@ -33,7 +33,7 @@ PolicyParamsOpertion ... policyList: 必传,字典类型。字典内可选参数信息: ... 其它参数默认值见../../03-Variable/PolicyObjectDefault.txt - [Arguments] ${returnData} ${policyList} + [Arguments] ${returnData} ${policyList} ${opAction} ${emptyList} Create List # 断言必传参数 # Should Not Be Empty ${policyList}[policyType] @@ -72,13 +72,17 @@ PolicyParamsOpertion Set To Dictionary ${policyList} userRegion=${Default_UserRegion} ${userRegion} Run Keyword If "${return}"=="FAIL" or '${userRegion}'=="${EMPTY}" Set Variable "" ... ELSE Set Variable ${userRegion} + + #针对主动防御特殊处理,主动防御不应用对象 + ${active_defence_emptyList} Create List + ${return} ${policyType} Run Keyword And Ignore Error Set Variable ${policyList}[policyType] + Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} referenceObject=${active_defence_emptyList} + Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} appObjectIdArray=${active_defence_emptyList} # 转为json结构并返回 - ${dict} Create Dictionary opAction=add returnData=${returnData} policyList=${policyList} + ${dict} Create Dictionary opAction=${opAction} returnData=${returnData} policyList=${policyList} ${json} json.Dumps ${dict} ensure_ascii=False ${json} Replace String ${json} "method:rst" ${userRegion} - #${json} Evaluate ${userRegion}.replace('"method"','${userRegion}') - #${json} Replace String ${json} "' { - #${json} Replace String ${json} \" " + Log Policy_Request_Body-${json} [Return] ${json} diff --git a/03-Variable/PolicyObjectDefault.txt b/03-Variable/PolicyObjectDefault.txt index c49dbdc..ca65056 100644 --- a/03-Variable/PolicyObjectDefault.txt +++ b/03-Variable/PolicyObjectDefault.txt @@ -9,15 +9,15 @@ ${Default_PolicyDesc} autotest ${Default_Action} deny ${Default_EffectiveRange} Nursurtan|Transtelecom&Astel,|Astel&Transtelecom ${Default_UserRegion} method:rst -${Default_ReferenceObject} 1|TSG_SECURITY_DESTINATION_ADDR +${Default_ReferenceObject} ${EMPTY} ${Default_AppObjectIdArray} 2,3,4,5,6 -${Default_UserTags} 3 -${Default_DoLog} ${2} -${Default_ScheduleId} 7 +${Default_UserTags} 2 +${Default_DoLog} ${1} +${Default_ScheduleId} 1 # 对象 ${Default_ObjectType} ip -${Default_ObjectSubType} endpoint +${Default_ObjectSubType} ${EMPTY} ${Default_IsInitialize} ${0} ${Default_IsExclusion} ${0} ${Default_ObjectName} autotestobj diff --git a/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0008.bat b/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0008.bat new file mode 100644 index 0000000..989e635 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0008.bat @@ -0,0 +1 @@ +curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ curl https://open.node.com/ | iconv -f utf-8 -t gbk diff --git a/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0012.bat b/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0012.bat new file mode 100644 index 0000000..7f8642f --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0012.bat @@ -0,0 +1 @@ +curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' https://open.node.com/test/nationalbank/nationalbank.html | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0019.bat b/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0019.bat new file mode 100644 index 0000000..0ace4b6 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0019.bat @@ -0,0 +1 @@ +curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action | iconv -f utf-8 -t gbk diff --git a/05-Other/curl/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat b/05-Other/curl/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat new file mode 100644 index 0000000..9baac40 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat @@ -0,0 +1 @@ +curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action | iconv -f utf-8 -t gbk diff --git a/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat new file mode 100644 index 0000000..af46590 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat @@ -0,0 +1 @@ +curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat new file mode 100644 index 0000000..ca54462 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat @@ -0,0 +1 @@ +curl -kv http://open.node.com/test/youtube/youtube.html | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat new file mode 100644 index 0000000..7432b87 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat @@ -0,0 +1 @@ +curl -kv http://open.node.com/test/nationalbank/nationalbank.html | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat new file mode 100644 index 0000000..1aaefd6 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat @@ -0,0 +1 @@ +curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ curl http://open.node.com/ | iconv -f utf-8 -t gbk diff --git a/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat new file mode 100644 index 0000000..4e4bb32 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat @@ -0,0 +1 @@ +curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' http://open.node.com/test/nationalbank/nationalbank.html | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0008.bat b/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0008.bat new file mode 100644 index 0000000..b97694f --- /dev/null +++ b/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0008.bat @@ -0,0 +1 @@ +curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ curl http://open.node.com/ | iconv -f utf-8 -t gbk diff --git a/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0012.bat b/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0012.bat new file mode 100644 index 0000000..19ef6b0 --- /dev/null +++ b/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0012.bat @@ -0,0 +1 @@ +curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' http://open.node.com/test/nationalbank/nationalbank.html | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0017.bat b/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0017.bat new file mode 100644 index 0000000..8c5075e --- /dev/null +++ b/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0017.bat @@ -0,0 +1 @@ +curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=yyyyy" http://open.node.com/action | iconv -f utf-8 -t gbk diff --git a/05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00017.bat b/05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00017.bat new file mode 100644 index 0000000..5ef9233 --- /dev/null +++ b/05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00017.bat @@ -0,0 +1 @@ +curl http://open.node.com/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00023.bat b/05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00023.bat new file mode 100644 index 0000000..d97b57c --- /dev/null +++ b/05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00023.bat @@ -0,0 +1 @@ +curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com/test/xiaozhu/xiaozhu.html | iconv -f utf-8 -t gbk diff --git a/05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00017.bat b/05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00017.bat new file mode 100644 index 0000000..88a624d --- /dev/null +++ b/05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00017.bat @@ -0,0 +1 @@ +curl -kv https://open.node.com/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00023.bat b/05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00023.bat new file mode 100644 index 0000000..95475be --- /dev/null +++ b/05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00023.bat @@ -0,0 +1 @@ +curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com/test/bytedance/bytedance.html | iconv -f utf-8 -t gbk diff --git a/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00017.bat b/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00017.bat new file mode 100644 index 0000000..d90714b --- /dev/null +++ b/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00017.bat @@ -0,0 +1 @@ +curl -kv http://open.node.com/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00023.bat b/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00023.bat new file mode 100644 index 0000000..168deef --- /dev/null +++ b/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00023.bat @@ -0,0 +1 @@ +curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action |iconv -f utf-8 -t gbk diff --git a/05-Other/zjj/ZJJ_ProxyPolicy-Replace-00001.bat b/05-Other/zjj/ZJJ_ProxyPolicy-Replace-00001.bat new file mode 100644 index 0000000..1d126e9 --- /dev/null +++ b/05-Other/zjj/ZJJ_ProxyPolicy-Replace-00001.bat @@ -0,0 +1 @@ +curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=content-type;charset=utf-8&resBody=Response Body" https://open.node.com/action | iconv -f utf-8 -t gbk \ No newline at end of file