From 75cb1b5e2808b3891f7b77e9a220e5ce9941474d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 10:38:31 +0800 Subject: [PATCH 01/75] =?UTF-8?q?deny=E4=B8=ADDNS=E6=B5=8B=E8=AF=95?= =?UTF-8?q?=E5=B7=B2=E9=80=9A=E8=BF=87?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Deny_DNS_Tests.robot | 64 +++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot new file mode 100644 index 0000000..a75a488 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot @@ -0,0 +1,64 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-DNS-00001 + [Tags] Selfserver deny DNS ip+fqdn右匹配 + Comment FQDN + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*yhd.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "DNS","method":"drop"} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.yhd.com + ... ELSE set variable nslookup -d www.yhd.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 超时 + ... ELSE Create List 超时 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname yhd.com + +SecurityPolicy-Deny-DNS-00002 + [Tags] Selfserver deny DNS ip+cat完整匹配 + Comment FQDN + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.toutiao.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.vip.com","ttl":{"min":300,"max":300}}]}]} isValid=${1} appObjectIdArray=4 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.toutiao.com + ... ELSE set variable nslookup -d www.toutiao.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name =www.vip.com + ... ELSE Create List canonical name =www.vip.com + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname toutiao.com From c16c2a12006e824f46a86fbee4a33f1ae1c38db8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 10:39:45 +0800 Subject: [PATCH 02/75] =?UTF-8?q?deny=E4=B8=ADMAIL=E6=B5=8B=E8=AF=95,?= =?UTF-8?q?=E9=99=A4=E5=8F=91=E4=BB=B6=E4=BA=BA=E5=92=8C=E6=94=B6=E4=BB=B6?= =?UTF-8?q?=E4=BA=BA=E5=AD=98=E5=9C=A8bug=EF=BC=8C=E5=85=B6=E4=BB=96?= =?UTF-8?q?=E5=B7=B2=E6=B5=8B=E8=AF=95=E9=80=9A=E8=BF=87?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Deny_MAIL_Tests.robot | 646 ++++++++++++++++++ 1 file changed, 646 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot new file mode 100644 index 0000000..7903b95 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot @@ -0,0 +1,646 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Library Custometest +Resource ../../../../02-Keyword/tsg_common/StmpHandle.robot + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-Mail-00001 + [Tags] Selfserver Mali Deny Subject右匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*test + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00002 + [Tags] Selfserver Mali Deny Subject完整匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=$你好明天 + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00003 + [Tags] Selfserver Mali Deny Subject字串匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00004 + [Tags] Selfserver Mali Deny Subject左匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=zxcv* + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00005 + [Tags] Selfserver Mali Deny Content字串匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо + ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Content_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${Content}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123123132 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable Простопорно + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00006 + [Tags] Selfserver Mali Deny ATT_CONT字串匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо + ${rescode} ${object_ATT_CONT_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_ATT_CONT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00007 + [Tags] Selfserver Mali Deny From右匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00008 + [Tags] Selfserver Mali Deny From完整匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00009 + [Tags] Selfserver Mali Deny From字串匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=tsgmail + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00010 + [Tags] Selfserver Mali Deny From左匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwct* + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00011 + [Tags] Selfserver Mali Deny To右匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00012 + [Tags] Selfserver Mali Deny To完整匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$zmmtest@mail.tsgmail.com + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00012 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00013 + [Tags] Selfserver Mali Deny To字串匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmtes + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["tsgtest@mail.tsgmail.com"] + ${密送者} Set Variable ["yyqtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00014 + [Tags] Selfserver Mali Deny To左匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmt* + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00015 + [Tags] Selfserver Mali Deny Account右匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*ail.com + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00016 + [Tags] Selfserver Mali Deny Account完整匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00017 + [Tags] Selfserver Mali Deny Account字串匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwcte + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00017 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Deny-Mail-00018 + [Tags] Selfserver Mali Deny Account左匹配 + Comment Subject + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwctest* + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00018 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com From 35b1c2d3d09b75125973d49d5a306ffe167ddbbc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 10:40:47 +0800 Subject: [PATCH 03/75] =?UTF-8?q?deny=E4=B8=ADHTTP=E9=99=A4set-cookie?= =?UTF-8?q?=E4=BB=A5=E5=A4=96=EF=BC=8C=E5=85=B6=E4=BB=96=E6=B5=8B=E8=AF=95?= =?UTF-8?q?=E5=B7=B2=E9=80=9A=E8=BF=87?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Deny_Http_Tests.robot | 648 ++++++++++++++++++ 1 file changed, 648 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot new file mode 100644 index 0000000..2ce5bbb --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot @@ -0,0 +1,648 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-Http-00001 + [Tags] ip Selfserver deny HTTP + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00002 + [Tags] Selfserver deny HTTP ip+fqdn右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00003 + [Tags] Selfserver deny HTTP ip+cat完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00004 + [Tags] Selfserver deny HTTP ip+url字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node.com + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00005 + [Tags] Selfserver deny HTTP ip+url右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*youtube.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl \ http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00006 + [Tags] Selfserver deny HTTP ip+url完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"block","code":403,"message":"123123"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List when not allowed + ... ELSE Create List when not allowed + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00007 + [Tags] Selfserver deny HTTP ip+url左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open* + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00008 + [Tags] Selfserver deny HTTP ip+请求头字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00009 + [Tags] Selfserver deny HTTP ip+请求头右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00010 + [Tags] Selfserver deny HTTP ip+请求头完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00010 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"block","code":403,"message":"123123"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List when not allowed + ... ELSE Create List when not allowed + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00011 + [Tags] Selfserver deny HTTP ip+请求头左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00012 + [Tags] Selfserver deny HTTP ip+cookie左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${object_CK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00012 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat + ... ELSE set variable curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00013 + [Tags] Selfserver deny HTTP ip+应答头字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=utf-8|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00014 + [Tags] Selfserver deny HTTP ip+应答头右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl \ http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00015 + [Tags] Selfserver deny HTTP ip+应答头完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00015 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00016 + [Tags] Selfserver deny HTTP ip+应答头左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00016 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00017 + [Tags] Selfserver deny HTTP ip+set-cookie字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=4567|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00017 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl \ http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00018 + [Tags] Selfserver deny HTTP ip+set-cookie右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*5678|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00018 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl \ http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00019 + [Tags] Selfserver deny HTTP ip+set-cookie完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00019 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl \ http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00020 + [Tags] Selfserver deny HTTP ip+set-cookie左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=1234*|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00020 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl \ http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00021 + [Tags] Selfserver deny HTTP ip+请求体 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_RQ_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00021 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-Http-00022 + [Tags] Selfserver deny HTTP ip+应答体 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық + ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_RQ_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00022 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com From 51f1347c142c0165ec01fabe162989ac7fd5aba2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 10:41:33 +0800 Subject: [PATCH 04/75] =?UTF-8?q?deny=E4=B8=ADSSL=E5=8D=8F=E8=AE=AE?= =?UTF-8?q?=EF=BC=8C=E6=B5=8B=E8=AF=95=E9=80=9A=E8=BF=87?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Deny_SSL_Tests.robot | 213 ++++++++++++++++++ 1 file changed, 213 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot new file mode 100644 index 0000000..d5779a0 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot @@ -0,0 +1,213 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-SSL-00001 + [Tags] ip Selfserver deny SSL + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl https://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-SSL-00002 + [Tags] Selfserver SSL deny sni ip+fqdn右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId},${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-SSL-00003 + [Tags] Selfserver SSL ip+cat完整匹配 deny sni + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId},${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-SSL-00004 + [Tags] Selfserver SSL deny ip+fqdn右匹配 cn + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId},${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-SSL-00005 + [Tags] Selfserver SSL ip+cat完整匹配 deny cn + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId},${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-SSL-00006 + [Tags] Selfserver SSL deny ip+fqdn右匹配 san + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId},${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Deny-SSL-00007 + [Tags] Selfserver SSL ip+cat完整匹配 deny sam + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId},${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com From fd0242319a4734b22206d17ed5cf63074e972572 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 10:42:33 +0800 Subject: [PATCH 05/75] =?UTF-8?q?deny=E4=B8=ADFTP=E5=8D=8F=E8=AE=AE?= =?UTF-8?q?=EF=BC=8C=E7=9B=AE=E5=89=8D=E4=B8=8B=E8=BD=BD=E5=AD=98=E5=9C=A8?= =?UTF-8?q?=E9=97=AE=E9=A2=98=EF=BC=8C=E6=AD=A3=E5=9C=A8=E8=A7=A3=E5=86=B3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Deny_FTP_Tests.robot | 147 ++++++++++++++++++ 1 file changed, 147 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot new file mode 100644 index 0000000..f1e04c3 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot @@ -0,0 +1,147 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Library Custometest + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-Ftp-00001 + [Tags] Selfserver Deny Ftp Account + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} Fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Deny-Ftp-00002 + [Tags] Selfserver Deny Ftp Account + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} Fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Deny-Ftp-00003 + [Tags] Selfserver Deny Ftp Account + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$ftp_user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} Fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Deny-Ftp-00004 + [Tags] Selfserver Deny Ftp Account + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_u* + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} Fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Deny-Ftp-00005 + [Tags] Selfserver Deny Ftp Url + Comment 创建URL + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList= + ${rescode} ${object_Url_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${FTP} FTP_down ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 12312313 zmm123.txt + should contain ${FTP} Fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt + +SecurityPolicy-Deny-Ftp-00006 + [Tags] Selfserver Deny Ftp Content + Comment 创建Content + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user + ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Content_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"rst"} referenceObject=${object_Content_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${FTP} FTP_down ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 123123 zmmtext123.txt + should contain ${FTP} Fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user From 554f47d5958a113573093d045b64c984343fe0e7 Mon Sep 17 00:00:00 2001 From: dongxiaoyan Date: Fri, 24 Apr 2020 11:17:09 +0800 Subject: [PATCH 06/75] =?UTF-8?q?Denyssl=EF=BC=9A=E5=88=A0=E9=99=A4?= =?UTF-8?q?=E5=A4=9A=E6=AC=A1=E5=BC=95=E7=94=A8ip=20Interface=EF=BC=9A?= =?UTF-8?q?=E8=B0=83=E6=95=B4=E9=80=82=E5=BA=94cli=E8=B0=83=E6=95=B4=20Pol?= =?UTF-8?q?icyObjectdefault=E8=B0=83=E6=95=B4=E9=80=82=E5=BA=94subid?= =?UTF-8?q?=E5=92=8Clocalip=E4=B8=8D=E5=90=8C=E6=97=B6=E9=BB=98=E8=AE=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- 01-TestCase/tsg_adc/api_proxy/DenySSLTests.robot | 6 +++--- 02-Keyword/tsg_cli/Interface.robot | 13 +++++++------ 03-Variable/PolicyObjectDefault.txt | 2 +- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/01-TestCase/tsg_adc/api_proxy/DenySSLTests.robot b/01-TestCase/tsg_adc/api_proxy/DenySSLTests.robot index 928a472..3e2c4da 100644 --- a/01-TestCase/tsg_adc/api_proxy/DenySSLTests.robot +++ b/01-TestCase/tsg_adc/api_proxy/DenySSLTests.robot @@ -140,7 +140,7 @@ ProxyPolicy-deny-ssl-00005 #创建管控策略 #${addPolicyStr} set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] } - ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] } + ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] } ... ELSE set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"ProxyPolicy-deny-Https-00005", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"pxy_manipulation", \ \ \ \ \ \ \ \ \ \ \ \ "action":"deny", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ "method": "block", "html_profile": ${profiledId}, "code": 404,\ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"HTTP" \ \ \ \ }, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[ \ \ \ \ \ \ \ \ {"objectId":${object_url_Id},"protocolFields": ["TSG_FIELD_HTTP_URL"]},{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[],"appObjectIdArray":[2] \ \ \ \ \ \ \ \ } \ \ \ \ ] } ${rescode} ${policyId3} AddPolicy ${addPolicyStr} log ${policyId3} @@ -301,11 +301,11 @@ ProxyPolicy-deny-ssl-00010 ${policyId2} set variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} #删除所有策略 ${policyIds} Create List ${policyId1} ${policyId2} - #功能端验证 + #功能端验证证书问题 #${commandstr} set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00010.bat ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/ProxyPolicy_Redirect_ssl00010.bat ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://www.twitch.tv/directory - ${stringlist} Create List Tango Secure Gateway CA 404 X-TG-Construct-By: tfe 404 sorry! The page you visited does not exist + ${stringlist} Create List Tango Secure Gateway CA 404 X-TG-Construct-By: tfe The page you visited does not exist ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} diff --git a/02-Keyword/tsg_cli/Interface.robot b/02-Keyword/tsg_cli/Interface.robot index ba4c4bc..c9aabd2 100644 --- a/02-Keyword/tsg_cli/Interface.robot +++ b/02-Keyword/tsg_cli/Interface.robot @@ -18,7 +18,8 @@ ${Tsg_Passwd} tsg_passwd # tsg_help指令返回值对比文件路径 ${Tsg_Help_file_Path} cli_files/tsg_help.txt # tsg_show指令查询时附加sql条件 -${Tsg_Show_Added_Sql} "order by time desc limit 20 " --querey +${Tsg_Show_Added_Sql} "order by time desc limit 20 " +${Tsg_Show_Added_Sql_Query} --query # tsg_show指令返回数据flowType和sled参数值 ${Tsg_Show_FlowType_Values} inline|intercomm|mirror ${Tsg_Show_Sled_Values} mcn0|mcn1|mcn2|mcn3 @@ -273,7 +274,7 @@ Tsg_Show_Interface ... 描述:执行'tsg_show --interface'指令,并验证返回值 ... 参数:无 ... 返回:无 - ${str} Set Variable ${Tsg_Show} --interface -- ${Tsg_Show_Added_Sql} + ${str} Set Variable ${Tsg_Show} --interface -- ${Tsg_Show_Added_Sql} ${Tsg_Show_Added_Sql_Query} ${stime} Get Time @{list} Run5 ${str} ${etime} Get Time @@ -288,7 +289,7 @@ Tsg_Show_APP ... 描述:执行'tsg_show --app'指令,并验证返回值 ... 参数:无 ... 返回:无 - ${str} Set Variable ${Tsg_Show} --app -- ${Tsg_Show_Added_Sql} + ${str} Set Variable ${Tsg_Show} --app -- ${Tsg_Show_Added_Sql} ${Tsg_Show_Added_Sql_Query} ${stime} Get Time @{list} Run5 ${str} ${etime} Get Time @@ -303,7 +304,7 @@ Tsg_Show_Protocol ... 描述:执行'tsg_show --protocol'指令,并验证返回值 ... 参数:无 ... 返回:无 - ${str} Set Variable ${Tsg_Show} --protocol -- ${Tsg_Show_Added_Sql} + ${str} Set Variable ${Tsg_Show} --protocol -- ${Tsg_Show_Added_Sql} ${Tsg_Show_Added_Sql_Query} ${stime} Get Time @{list} Run5 ${str} ${etime} Get Time @@ -318,7 +319,7 @@ Tsg_Show_Stream ... 描述:执行'tsg_show --stream'指令,并验证返回值 ... 参数:无 ... 返回:无 - ${str} Set Variable ${Tsg_Show} --stream -- ${Tsg_Show_Added_Sql} + ${str} Set Variable ${Tsg_Show} --stream -- ${Tsg_Show_Added_Sql} ${Tsg_Show_Added_Sql_Query} ${stime} Get Time @{list} Run5 ${str} ${etime} Get Time @@ -333,7 +334,7 @@ Tsg_Show_Intercept ... 描述:执行'tsg_show --intercept'指令,并验证返回值 ... 参数:无 ... 返回:无 - ${str} Set Variable ${Tsg_Show} --intercept -- ${Tsg_Show_Added_Sql} + ${str} Set Variable ${Tsg_Show} --intercept -- ${Tsg_Show_Added_Sql} ${Tsg_Show_Added_Sql_Query} ${stime} Get Time @{list} Run5 ${str} ${etime} Get Time diff --git a/03-Variable/PolicyObjectDefault.txt b/03-Variable/PolicyObjectDefault.txt index c49dbdc..0e83bb2 100644 --- a/03-Variable/PolicyObjectDefault.txt +++ b/03-Variable/PolicyObjectDefault.txt @@ -17,7 +17,7 @@ ${Default_ScheduleId} 7 # 对象 ${Default_ObjectType} ip -${Default_ObjectSubType} endpoint +${Default_ObjectSubType} ${EMPTY} ${Default_IsInitialize} ${0} ${Default_IsExclusion} ${0} ${Default_ObjectName} autotestobj From cf132d22db5eb3fd7a8b47fe776243e25fced92d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 14:57:57 +0800 Subject: [PATCH 07/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=B7=E5=BC=8F?= =?UTF-8?q?=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Allow_Http_Tests.robot | 35 +++++++++++++++++-- 1 file changed, 32 insertions(+), 3 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot index 4b2f21c..f2f9bd4 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot @@ -20,7 +20,7 @@ SecurityPolicy-Allow-Http-00001 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol: HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -49,7 +49,7 @@ SecurityPolicy-Allow-Http-00002 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId},${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -78,7 +78,36 @@ SecurityPolicy-Allow-Http-00003 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId},${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Allow-Http-00004 + [Tags] Selfserver Allow HTTP ip+fqdn完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId},${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${testClentSubID}|[null],${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} From dcf3b9d4d07791293ce6c4c3f751664227dafac5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 14:58:30 +0800 Subject: [PATCH 08/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=B7=E5=BC=8F?= =?UTF-8?q?=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot index b26e6c2..de7d7b5 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot @@ -20,7 +20,7 @@ SecurityPolicy-Allow-SSL-00001 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -49,7 +49,7 @@ SecurityPolicy-Allow-SSL-00002 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId},${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -78,7 +78,7 @@ SecurityPolicy-Allow-SSL-00003 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId},${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} From 17e8991dab1ce64cc69ecad21596ce7b4859a3a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 14:59:10 +0800 Subject: [PATCH 09/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=B7=E5=BC=8F?= =?UTF-8?q?=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../selfserver/Api_Security/Intercept_Http_Tests.robot | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot index b144fe8..7d7ce30 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot @@ -20,7 +20,7 @@ SecurityPolicy-Intercept-Http-00001 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion=protocol: HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -49,7 +49,7 @@ SecurityPolicy-Intercept-Http-00002 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId},${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion=protocol:HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -78,7 +78,7 @@ SecurityPolicy-Intercept-Http-00003 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId},${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion=protocol:HTTP referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -95,5 +95,3 @@ SecurityPolicy-Intercept-Http-00003 #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com - - From 934bda6bfb1e3b19d77bf0949534e2ca5367f0bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 14:59:43 +0800 Subject: [PATCH 10/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=B7=E5=BC=8F?= =?UTF-8?q?=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../selfserver/Api_Security/Intercept_SSL_Tests.robot | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot index ef5de39..470895d 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot @@ -20,7 +20,7 @@ SecurityPolicy-Intercept-SSL-00001 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -49,7 +49,7 @@ SecurityPolicy-Intercept-SSL-00002 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId},${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -78,7 +78,7 @@ SecurityPolicy-Intercept-SSL-00003 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId},${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -86,7 +86,7 @@ SecurityPolicy-Intercept-SSL-00003 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html @{stringlist} run keyword if '${systemType}'=='Windows' set variable 字节跳动 Tango Secure Gateway CA - ... ELSE set variable 字节跳动 Tango Secure Gateway CA + ... ELSE set variable 字节跳动 Tango Secure Gateway CA ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -94,4 +94,4 @@ SecurityPolicy-Intercept-SSL-00003 ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com \ No newline at end of file + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com From 0b0e2217f1d639a503bdf25a2f67f375c20b71e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 15:17:01 +0800 Subject: [PATCH 11/75] =?UTF-8?q?=E5=88=A0=E9=99=A4=E9=94=99=E8=AF=AF?= =?UTF-8?q?=E7=94=A8=E4=BE=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Allow_Http_Tests.robot | 28 ------------------- 1 file changed, 28 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot index f2f9bd4..659f51d 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot @@ -96,31 +96,3 @@ SecurityPolicy-Allow-Http-00003 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com -SecurityPolicy-Allow-Http-00004 - [Tags] Selfserver Allow HTTP ip+fqdn完整匹配 - Comment 创建目标IP - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN - ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com - ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} - Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${testClentSubID}|[null],${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} - #删除策略 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} - Comment 功能端验证HTTP验证 - ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat - ... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank - ... ELSE Create List nationalbank - ${starttime} Get Time - Sleep ${policyVerificationSleepSeconds}s - ${rescode} SystemCommands ${commandstr} ${stringlist} - Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com From ccbaed53098a85a253233ea22619071ce2b1f22d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 15:34:43 +0800 Subject: [PATCH 12/75] Upload New File --- 05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0008.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0008.bat diff --git a/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0008.bat b/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0008.bat new file mode 100644 index 0000000..b97694f --- /dev/null +++ b/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0008.bat @@ -0,0 +1 @@ +curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ curl http://open.node.com/ | iconv -f utf-8 -t gbk From f9622dd2e66b45db790ba21f534a5f94458fa362 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 15:34:59 +0800 Subject: [PATCH 13/75] Upload New File --- 05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0012.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0012.bat diff --git a/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0012.bat b/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0012.bat new file mode 100644 index 0000000..19ef6b0 --- /dev/null +++ b/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0012.bat @@ -0,0 +1 @@ +curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' http://open.node.com/test/nationalbank/nationalbank.html | iconv -f utf-8 -t gbk \ No newline at end of file From 56f3b0a2920e935a413d5ededddcb89698504923 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 15:35:15 +0800 Subject: [PATCH 14/75] Upload New File --- 05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0017.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0017.bat diff --git a/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0017.bat b/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0017.bat new file mode 100644 index 0000000..8c5075e --- /dev/null +++ b/05-Other/curl/selfserver/SecurityPolicy-Deny-HTTP-0017.bat @@ -0,0 +1 @@ +curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=yyyyy" http://open.node.com/action | iconv -f utf-8 -t gbk From be8cee55636719911d4e95c15a49d709b168757c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 15:57:51 +0800 Subject: [PATCH 15/75] =?UTF-8?q?=E8=A7=A3=E5=86=B3=E7=94=B1=E4=BA=8E?= =?UTF-8?q?=E7=8E=AF=E5=A2=83=E5=AF=BC=E8=87=B4=E9=AA=8C=E8=AF=81=E9=97=AE?= =?UTF-8?q?=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Deny_FTP_Tests.robot | 43 +++++-------------- 1 file changed, 10 insertions(+), 33 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot index f1e04c3..76c2515 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot @@ -6,7 +6,6 @@ Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot -Resource ../../../../03-Variable/AllFlowCaseVariable.txt Library Custometest *** Variables *** @@ -29,7 +28,7 @@ SecurityPolicy-Deny-Ftp-00001 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english - should contain ${FTP} Fail + should contain ${FTP} ftp_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 @@ -51,7 +50,7 @@ SecurityPolicy-Deny-Ftp-00002 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english - should contain ${FTP} Fail + should contain ${FTP} ftp_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 @@ -73,7 +72,7 @@ SecurityPolicy-Deny-Ftp-00003 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english - should contain ${FTP} Fail + should contain ${FTP} ftp_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 @@ -95,7 +94,7 @@ SecurityPolicy-Deny-Ftp-00004 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english - should contain ${FTP} Fail + should contain ${FTP} ftp_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 @@ -103,43 +102,21 @@ SecurityPolicy-Deny-Ftp-00004 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user SecurityPolicy-Deny-Ftp-00005 - [Tags] Selfserver Deny Ftp Url - Comment 创建URL - ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList= - ${rescode} ${object_Url_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_Url_Id} - Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6 - ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} - #删除策略 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} - Comment 功能端验证 - Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time - ${FTP} FTP_down ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 12312313 zmm123.txt - should contain ${FTP} Fail - Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt - -SecurityPolicy-Deny-Ftp-00006 [Tags] Selfserver Deny Ftp Content Comment 创建Content ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user - ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_Content_Id} + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"rst"} referenceObject=${object_Content_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 - Sleep ${policyVerificationSleepSeconds}s ${starttime} Get Time - ${FTP} FTP_down ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 123123 zmmtext123.txt - should contain ${FTP} Fail + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_down ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 435814 zmmtext123.txt + should contain ${FTP} ftp_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 From bc2db50a84b84034dbb6d662a6257dc17fdcb201 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 18:16:19 +0800 Subject: [PATCH 16/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9DNS=E7=AD=96=E7=95=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot index a75a488..a1e850c 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot @@ -52,8 +52,8 @@ SecurityPolicy-Deny-DNS-00002 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.toutiao.com ... ELSE set variable nslookup -d www.toutiao.com - ${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name =www.vip.com - ... ELSE Create List canonical name =www.vip.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name = www.vip.com + ... ELSE Create List canonical name = www.vip.com ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} From ae2ecc414de5c4909dd14778d337c7b3fe751539 Mon Sep 17 00:00:00 2001 From: dongxiaoyan Date: Fri, 24 Apr 2020 18:44:07 +0800 Subject: [PATCH 17/75] =?UTF-8?q?=E8=B0=83=E6=95=B4=E7=AD=96=E7=95=A5?= =?UTF-8?q?=E6=8B=BC=E6=8E=A5=E9=80=82=E5=BA=94=E4=B8=BB=E5=8A=A8=E7=AD=96?= =?UTF-8?q?=E7=95=A5=E9=83=A8=E5=88=86=EF=BC=8C=E4=B8=BB=E5=8A=A8=E7=AD=96?= =?UTF-8?q?=E7=95=A5=E9=83=A8=E5=88=86=E4=B8=BA=E6=B7=BB=E5=8A=A0=E5=8A=9F?= =?UTF-8?q?=E8=83=BD=E7=AB=AF=E9=AA=8C=E8=AF=81=E5=B0=9D=E8=AF=95=E4=B8=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../zjj/ZDFY_ActiveDefencePolicy.robot | 123 ++++++++++++++++++ 02-Keyword/tsg_bfapi/PolicyObject.robot | 3 +- 02-Keyword/tsg_common/ManagePolicyBody.robot | 10 +- 3 files changed, 132 insertions(+), 4 deletions(-) create mode 100644 01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot diff --git a/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot b/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot new file mode 100644 index 0000000..a51887e --- /dev/null +++ b/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot @@ -0,0 +1,123 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags zjj Security_Policy Active_Defence_Policy +Library OperatingSystem +Resource ../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../03-Variable/PolicyObjectDefault.txt +Resource ../../02-Keyword/tsg_common/StmpHandle.robot +Resource ../../03-Variable/BifangApiVariable.txt +Resource ../../02-Keyword/tsg_bfapi/Common.robot +Library Custometest +Library json + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} +${url} /policy/profile/responsepages +${profiledId} ${EMPTY} +${target_ip} 10.3.22.199 +# 无DHCP,需要手动设置IP,可用地址段: 10.3.22.[129-254], 掩码: 255.255.255.0, DNS服务器: 10.3.22.11。 +*** Test Cases *** +ZDFY_ActiveDefencePolicy-Flood-00001 + [Tags] flood + + ${caseName} set variable ZDFY_ActiveDefencePolicy-Flood-00001 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + + Comment 创建带主动策略Flood + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} + + +ZDFY_ActiveDefencePolicy-Reflection-00001 + [Tags] reflection + ${caseName} set variable ZDFY_ActiveDefencePolicy-Reflection-00001 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /v1/policy/profile/reflector body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.11"],"isValid":1,"profileDesc":"autotest"}]} + ${reflector_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + ${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorType":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} + #${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorPayload":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} + ${payload_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + Comment 创建策略reflection + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"reflection","reflector_type":"DNS","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"payload_profile_id":${payload_profile_id},"reflector_profile_id":${reflector_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} +ZDFY_ActiveDefencePolicy-CC-00001 + [Tags] CC + ${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00001 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":""}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + Comment 创建带主动策略CC + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"cc","l7_protocol":"HTTP","target_url":"http://test.com","rate_cps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} + + +ZDFY_ActiveDefencePolicy-CC-00002 + [Tags] CC + ${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00002 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + Comment 创建带主动策略CC + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"cc","l7_protocol":"HTTPS","target_url":"https://test.com","rate_cps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} \ No newline at end of file diff --git a/02-Keyword/tsg_bfapi/PolicyObject.robot b/02-Keyword/tsg_bfapi/PolicyObject.robot index 1f9f4da..947e3f4 100644 --- a/02-Keyword/tsg_bfapi/PolicyObject.robot +++ b/02-Keyword/tsg_bfapi/PolicyObject.robot @@ -166,7 +166,8 @@ DeletePolicyAndObject END #删除对象 log todeleteobj_DeletePolicyAndObject - DeleteObject ${objectids} + Run Keyword If "${objectids}"=="${EMPTY}" log no obj to del + ... ELSE DeleteObject ${objectids} DeleteAfterCase [Arguments] ${policyids} ${objectids} diff --git a/02-Keyword/tsg_common/ManagePolicyBody.robot b/02-Keyword/tsg_common/ManagePolicyBody.robot index 3d6db02..579619f 100644 --- a/02-Keyword/tsg_common/ManagePolicyBody.robot +++ b/02-Keyword/tsg_common/ManagePolicyBody.robot @@ -72,13 +72,17 @@ PolicyParamsOpertion Set To Dictionary ${policyList} userRegion=${Default_UserRegion} ${userRegion} Run Keyword If "${return}"=="FAIL" or '${userRegion}'=="${EMPTY}" Set Variable "" ... ELSE Set Variable ${userRegion} + + #针对主动防御特殊处理,主动防御不应用对象 + ${active_defence_emptyList} Create List + ${return} ${policyType} Run Keyword And Ignore Error Set Variable ${policyList}[policyType] + Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} referenceObject=${active_defence_emptyList} + Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} appObjectIdArray=${active_defence_emptyList} # 转为json结构并返回 ${dict} Create Dictionary opAction=add returnData=${returnData} policyList=${policyList} ${json} json.Dumps ${dict} ensure_ascii=False ${json} Replace String ${json} "method:rst" ${userRegion} - #${json} Evaluate ${userRegion}.replace('"method"','${userRegion}') - #${json} Replace String ${json} "' { - #${json} Replace String ${json} \" " + Log Policy_Request_Body-${json} [Return] ${json} From 77bea1c7b755125c3baa5bdc49e71f3ab794694e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 19:16:47 +0800 Subject: [PATCH 18/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9mail=E9=AA=8C=E8=AF=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Deny_MAIL_Tests.robot | 162 ++++++++---------- 1 file changed, 72 insertions(+), 90 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot index 7903b95..0f39c5b 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot @@ -15,21 +15,20 @@ ${policyIds} ${EMPTY} ${objectids} ${EMPTY} *** Test Cases *** -SecurityPolicy-Deny-Mail-00001 - [Tags] Selfserver Mali Deny Subject右匹配 +SecurityPolicy-Monitor-Mail-00001 + [Tags] Selfserver Subject右匹配 Mail Monitor Comment Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*test ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -43,28 +42,27 @@ SecurityPolicy-Deny-Mail-00001 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00002 - [Tags] Selfserver Mali Deny Subject完整匹配 +SecurityPolicy-Monitor-Mail-00002 + [Tags] Selfserver Mali Subject完整匹配 Monitor Comment Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=$你好明天 ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -78,28 +76,27 @@ SecurityPolicy-Deny-Mail-00002 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00003 - [Tags] Selfserver Mali Deny Subject字串匹配 +SecurityPolicy-Monitor-Mail-00003 + [Tags] Selfserver Mali Subject字串匹配 Monitor Comment Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -113,28 +110,27 @@ SecurityPolicy-Deny-Mail-00003 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00004 - [Tags] Selfserver Mali Deny Subject左匹配 +SecurityPolicy-Monitor-Mail-00004 + [Tags] Selfserver Subject左匹配 Mail Monitor Comment Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=zxcv* ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -148,28 +144,27 @@ SecurityPolicy-Deny-Mail-00004 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00005 - [Tags] Selfserver Mali Deny Content字串匹配 +SecurityPolicy-Monitor-Mail-00005 + [Tags] Selfserver Content字串匹配 Mail Monitor Comment Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Content_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${Content}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -183,28 +178,27 @@ SecurityPolicy-Deny-Mail-00005 ${邮件正文} Set Variable Простопорно ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00006 - [Tags] Selfserver Mali Deny ATT_CONT字串匹配 +SecurityPolicy-Monitor-Mail-00006 + [Tags] Selfserver ATT_CONT字串匹配 Monitor Mail Comment Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо ${rescode} ${object_ATT_CONT_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_ATT_CONT_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -218,28 +212,27 @@ SecurityPolicy-Deny-Mail-00006 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00007 - [Tags] Selfserver Mali Deny From右匹配 +SecurityPolicy-Monitor-Mail-00007 + [Tags] Selfserver Mali From右匹配 Monitor Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -253,28 +246,27 @@ SecurityPolicy-Deny-Mail-00007 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00008 - [Tags] Selfserver Mali Deny From完整匹配 +SecurityPolicy-Monitor-Mail-00008 + [Tags] Selfserver From完整匹配 Monitor Mail Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00008 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -288,28 +280,27 @@ SecurityPolicy-Deny-Mail-00008 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00009 - [Tags] Selfserver Mali Deny From字串匹配 +SecurityPolicy-Monitor-Mail-00009 + [Tags] Selfserver From字串匹配 Mail Monitor Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=tsgmail ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00009 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -323,28 +314,27 @@ SecurityPolicy-Deny-Mail-00009 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00010 - [Tags] Selfserver Mali Deny From左匹配 +SecurityPolicy-Monitor-Mail-00010 + [Tags] Selfserver From左匹配 Mail Monitor Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwct* ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00010 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -358,28 +348,27 @@ SecurityPolicy-Deny-Mail-00010 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00011 - [Tags] Selfserver Mali Deny To右匹配 +SecurityPolicy-Monitor-Mail-00011 + [Tags] Selfserver To右匹配 Mail Monitor Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -393,28 +382,27 @@ SecurityPolicy-Deny-Mail-00011 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00012 - [Tags] Selfserver Mali Deny To完整匹配 +SecurityPolicy-Monitor-Mail-00012 + [Tags] Selfserver To完整匹配 Monitor Mail Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$zmmtest@mail.tsgmail.com ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00012 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00012 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -428,28 +416,27 @@ SecurityPolicy-Deny-Mail-00012 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00013 - [Tags] Selfserver Mali Deny To字串匹配 +SecurityPolicy-Monitor-Mail-00013 + [Tags] Selfserver To字串匹配 Monitor Mail Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmtes ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -463,28 +450,27 @@ SecurityPolicy-Deny-Mail-00013 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00014 - [Tags] Selfserver Mali Deny To左匹配 +SecurityPolicy-Monitor-Mail-00014 + [Tags] Selfserver To左匹配 Mail Monitor Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmt* ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -498,28 +484,27 @@ SecurityPolicy-Deny-Mail-00014 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00015 - [Tags] Selfserver Mali Deny Account右匹配 +SecurityPolicy-Monitor-Mail-00015 + [Tags] Selfserver Account右匹配 Mail monitor Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*ail.com ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -533,28 +518,27 @@ SecurityPolicy-Deny-Mail-00015 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00016 - [Tags] Selfserver Mali Deny Account完整匹配 +SecurityPolicy-Monitor-Mail-00016 + [Tags] Selfserver Account完整匹配 Mail Monitor Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -568,28 +552,27 @@ SecurityPolicy-Deny-Mail-00016 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00017 - [Tags] Selfserver Mali Deny Account字串匹配 +SecurityPolicy-Monitor-Mail-00017 + [Tags] Selfserver Account字串匹配 Monitor Mail Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwcte ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00017 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00017 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -603,28 +586,27 @@ SecurityPolicy-Deny-Mail-00017 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Deny-Mail-00018 - [Tags] Selfserver Mali Deny Account左匹配 +SecurityPolicy-Monitor-Mail-00018 + [Tags] Selfserver Account左匹配 Monitor Mail Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwctest* ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00018 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-monitor-Mail-00018 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time ${Smtp服务器} Set Variable 192.168.100.5 ${Smtp服务器端口} Set Variable 25 ${邮箱账号} Set Variable jwctest@mail.tsgmail.com @@ -638,7 +620,7 @@ SecurityPolicy-Deny-Mail-00018 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} fail + should contain ${发送邮件返回结果} mail_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 From 0061e495cc68beabda6843892c78c372dfc4a7d2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 19:17:11 +0800 Subject: [PATCH 19/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9mail=E9=AA=8C=E8=AF=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Deny_MAIL_Tests.robot | 144 +++++++++--------- 1 file changed, 72 insertions(+), 72 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot index 0f39c5b..e0a3531 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot @@ -15,14 +15,14 @@ ${policyIds} ${EMPTY} ${objectids} ${EMPTY} *** Test Cases *** -SecurityPolicy-Monitor-Mail-00001 - [Tags] Selfserver Subject右匹配 Mail Monitor +SecurityPolicy-Deny-Mail-00001 + [Tags] Selfserver Subject右匹配 Mail Deny Comment Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*test ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -42,21 +42,21 @@ SecurityPolicy-Monitor-Mail-00001 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00002 - [Tags] Selfserver Mali Subject完整匹配 Monitor +SecurityPolicy-Deny-Mail-00002 + [Tags] Selfserver Subject完整匹配 Mail Deny Comment Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=$你好明天 ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -76,21 +76,21 @@ SecurityPolicy-Monitor-Mail-00002 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00003 - [Tags] Selfserver Mali Subject字串匹配 Monitor +SecurityPolicy-Deny-Mail-00003 + [Tags] Selfserver Subject字串匹配 Mail Deny Comment Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -110,21 +110,21 @@ SecurityPolicy-Monitor-Mail-00003 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00004 - [Tags] Selfserver Subject左匹配 Mail Monitor +SecurityPolicy-Deny-Mail-00004 + [Tags] Selfserver Subject左匹配 Mail Deny Comment Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=zxcv* ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -144,21 +144,21 @@ SecurityPolicy-Monitor-Mail-00004 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00005 - [Tags] Selfserver Content字串匹配 Mail Monitor +SecurityPolicy-Deny-Mail-00005 + [Tags] Selfserver Content字串匹配 Mail Deny Comment Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Content_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${Content}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -178,21 +178,21 @@ SecurityPolicy-Monitor-Mail-00005 ${邮件正文} Set Variable Простопорно ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00006 - [Tags] Selfserver ATT_CONT字串匹配 Monitor Mail +SecurityPolicy-Deny-Mail-00006 + [Tags] Selfserver Deny ATT_CONT字串匹配 Mail Comment Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо ${rescode} ${object_ATT_CONT_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_ATT_CONT_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -212,21 +212,21 @@ SecurityPolicy-Monitor-Mail-00006 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00007 - [Tags] Selfserver Mali From右匹配 Monitor +SecurityPolicy-Deny-Mail-00007 + [Tags] Selfserver Deny From右匹配 Mail Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -246,21 +246,21 @@ SecurityPolicy-Monitor-Mail-00007 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00008 - [Tags] Selfserver From完整匹配 Monitor Mail +SecurityPolicy-Deny-Mail-00008 + [Tags] Selfserver Deny From完整匹配 Mail Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00008 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00008 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -280,21 +280,21 @@ SecurityPolicy-Monitor-Mail-00008 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00009 - [Tags] Selfserver From字串匹配 Mail Monitor +SecurityPolicy-Deny-Mail-00009 + [Tags] Selfserver Deny From字串匹配 Mail Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=tsgmail ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00009 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00009 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -314,21 +314,21 @@ SecurityPolicy-Monitor-Mail-00009 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00010 - [Tags] Selfserver From左匹配 Mail Monitor +SecurityPolicy-Deny-Mail-00010 + [Tags] Selfserver Deny From左匹配 Mail Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwct* ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00010 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00010 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -348,21 +348,21 @@ SecurityPolicy-Monitor-Mail-00010 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00011 - [Tags] Selfserver To右匹配 Mail Monitor +SecurityPolicy-Deny-Mail-00011 + [Tags] Selfserver Deny To右匹配 Mail Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -382,21 +382,21 @@ SecurityPolicy-Monitor-Mail-00011 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00012 - [Tags] Selfserver To完整匹配 Monitor Mail +SecurityPolicy-Deny-Mail-00012 + [Tags] Selfserver Mali Deny To完整匹配 Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$zmmtest@mail.tsgmail.com ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00012 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00012 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -416,21 +416,21 @@ SecurityPolicy-Monitor-Mail-00012 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00013 - [Tags] Selfserver To字串匹配 Monitor Mail +SecurityPolicy-Deny-Mail-00013 + [Tags] Selfserver Mali Deny To字串匹配 Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmtes ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -450,21 +450,21 @@ SecurityPolicy-Monitor-Mail-00013 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00014 - [Tags] Selfserver To左匹配 Mail Monitor +SecurityPolicy-Deny-Mail-00014 + [Tags] Selfserver Mali Deny To左匹配 Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmt* ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -484,21 +484,21 @@ SecurityPolicy-Monitor-Mail-00014 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00015 - [Tags] Selfserver Account右匹配 Mail monitor +SecurityPolicy-Deny-Mail-00015 + [Tags] Selfserver Mali Deny Account右匹配 Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*ail.com ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -518,21 +518,21 @@ SecurityPolicy-Monitor-Mail-00015 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00016 - [Tags] Selfserver Account完整匹配 Mail Monitor +SecurityPolicy-Deny-Mail-00016 + [Tags] Selfserver Mali Deny Account完整匹配 Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -552,21 +552,21 @@ SecurityPolicy-Monitor-Mail-00016 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00017 - [Tags] Selfserver Account字串匹配 Monitor Mail +SecurityPolicy-Deny-Mail-00017 + [Tags] Selfserver Mali Deny Account字串匹配 Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwcte ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00017 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00017 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -586,21 +586,21 @@ SecurityPolicy-Monitor-Mail-00017 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com -SecurityPolicy-Monitor-Mail-00018 - [Tags] Selfserver Account左匹配 Monitor Mail +SecurityPolicy-Deny-Mail-00018 + [Tags] Selfserver Mali Deny Account左匹配 Comment Subject ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwctest* ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-monitor-Mail-00018 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00018 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -620,7 +620,7 @@ SecurityPolicy-Monitor-Mail-00018 ${邮件正文} Set Variable 朱明明content ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_success + should contain ${发送邮件返回结果} mail_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 From 9b18bcb5e9a246e4186c8552f5f0fde92dd1e253 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Fri, 24 Apr 2020 19:18:49 +0800 Subject: [PATCH 20/75] Update Deny_MAIL_Tests.robot --- .../tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot index e0a3531..3593439 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot @@ -158,7 +158,7 @@ SecurityPolicy-Deny-Mail-00005 ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Content_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${Content}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Mail-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"MAIL","method":"rst"} referenceObject=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} From e2af5f5ec70093e1fe18e21797c168806a0ce5b8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:18:00 +0800 Subject: [PATCH 21/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=87=E7=AD=BE?= =?UTF-8?q?=E5=A4=A7=E5=B0=8F=E5=86=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Allow_Http_Tests.robot | 46 +++++++++++++++---- 1 file changed, 37 insertions(+), 9 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot index 659f51d..5701abe 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot @@ -14,7 +14,7 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Allow-Http-00001 - [Tags] ip Selfserver Allow HTTP + [Tags] Selfserver Allow Http Ip Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} @@ -39,15 +39,15 @@ SecurityPolicy-Allow-Http-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Allow-Http-00002 - [Tags] Selfserver Allow HTTP ip+cat右匹配 + [Tags] Selfserver Allow Http Ip+Cat右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -68,15 +68,15 @@ SecurityPolicy-Allow-Http-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Allow-Http-00003 - [Tags] Selfserver Allow HTTP ip+fqdn完整匹配 + [Tags] Selfserver Allow Http Ip+Fqdn完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -96,3 +96,31 @@ SecurityPolicy-Allow-Http-00003 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com +SecurityPolicy-Allow-Http-00004 + [Tags] Selfserver Allow Http Ip+Fqdn完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com From 875ff87998c9126a6cbe7942cb4a5fe7eb0f18f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:19:23 +0800 Subject: [PATCH 22/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=87=E7=AD=BE?= =?UTF-8?q?=E5=A4=A7=E5=B0=8F=E5=86=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Allow_SSL_Tests.robot | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot index de7d7b5..756c1d7 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot @@ -14,7 +14,7 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Allow-SSL-00001 - [Tags] Selfserver SSL ip Allow + [Tags] Selfserver Allow Ssl Ip Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} @@ -39,15 +39,15 @@ SecurityPolicy-Allow-SSL-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Allow-SSL-00002 - [Tags] Selfserver SSL ip+cat完整匹配 Allow + [Tags] Selfserver Allow Ssl Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -68,15 +68,15 @@ SecurityPolicy-Allow-SSL-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Allow-SSL-00003 - [Tags] Selfserver SSL ip+fqdn右匹配 Allow + [Tags] Selfserver Allow Ssl Ip+Fqdn右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} From e2c3d09153e1efd2561eabca577bf17af1a03a5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:19:46 +0800 Subject: [PATCH 23/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=87=E7=AD=BE?= =?UTF-8?q?=E5=A4=A7=E5=B0=8F=E5=86=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../selfserver/Api_Security/Deny_DNS_Tests.robot | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot index a1e850c..76994f2 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_DNS_Tests.robot @@ -14,8 +14,8 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Deny-DNS-00001 - [Tags] Selfserver deny DNS ip+fqdn右匹配 - Comment FQDN + [Tags] Selfserver Deny Dns Ip+Fqdn右匹配 + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*yhd.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_fqdn_Id} @@ -28,7 +28,7 @@ SecurityPolicy-Deny-DNS-00001 ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.yhd.com ... ELSE set variable nslookup -d www.yhd.com ${stringlist} run keyword if '${systemType}'=='Windows' Create List 超时 - ... ELSE Create List 超时 + ... ELSE Create List canonical name = www.yhd.com ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -39,8 +39,8 @@ SecurityPolicy-Deny-DNS-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname yhd.com SecurityPolicy-Deny-DNS-00002 - [Tags] Selfserver deny DNS ip+cat完整匹配 - Comment FQDN + [Tags] Selfserver Deny Dns Ip+Cat完整匹配 + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.toutiao.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_fqdn_Id} @@ -51,7 +51,7 @@ SecurityPolicy-Deny-DNS-00002 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.toutiao.com - ... ELSE set variable nslookup -d www.toutiao.com + ... ELSE set variable nslookup \ www.toutiao.com ${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name = www.vip.com ... ELSE Create List canonical name = www.vip.com ${starttime} Get Time From d4ee1786a9d92ee43d98a43b5e642bb8aa4f16d2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:20:16 +0800 Subject: [PATCH 24/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9ftp=E4=B8=8B=E8=BD=BD?= =?UTF-8?q?=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../selfserver/Api_Security/Deny_FTP_Tests.robot | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot index 76c2515..809793f 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot @@ -14,7 +14,7 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Deny-Ftp-00001 - [Tags] Selfserver Deny Ftp Account + [Tags] Selfserver Deny Ftp Account子串匹配 Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} @@ -36,7 +36,7 @@ SecurityPolicy-Deny-Ftp-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user SecurityPolicy-Deny-Ftp-00002 - [Tags] Selfserver Deny Ftp Account + [Tags] Selfserver Deny Ftp Account右匹配 Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} @@ -58,7 +58,7 @@ SecurityPolicy-Deny-Ftp-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user SecurityPolicy-Deny-Ftp-00003 - [Tags] Selfserver Deny Ftp Account + [Tags] Selfserver Deny Ftp Account完整匹配 Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$ftp_user ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} @@ -80,7 +80,7 @@ SecurityPolicy-Deny-Ftp-00003 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user SecurityPolicy-Deny-Ftp-00004 - [Tags] Selfserver Deny Ftp Account + [Tags] Selfserver Deny Ftp Account左匹配 Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_u* ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} @@ -102,13 +102,13 @@ SecurityPolicy-Deny-Ftp-00004 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user SecurityPolicy-Deny-Ftp-00005 - [Tags] Selfserver Deny Ftp Content - Comment 创建Content + [Tags] Selfserver Deny Ftp Account子串匹配 + Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} From 38f1822f184e997049dc61e3830672335e154906 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:20:53 +0800 Subject: [PATCH 25/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=87=E7=AD=BE?= =?UTF-8?q?=E5=A4=A7=E5=B0=8F=E5=86=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Deny_Http_Tests.robot | 90 +++++++++---------- 1 file changed, 45 insertions(+), 45 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot index 2ce5bbb..03b0b15 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot @@ -14,7 +14,7 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Deny-Http-00001 - [Tags] ip Selfserver deny HTTP + [Tags] Selfserver Ip Deny Http Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} @@ -28,7 +28,7 @@ SecurityPolicy-Deny-Http-00001 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ... ELSE Create List Message content over the limit has been removed ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -39,12 +39,12 @@ SecurityPolicy-Deny-Http-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00002 - [Tags] Selfserver deny HTTP ip+fqdn右匹配 + [Tags] Selfserver Deny Http Ip+Fqdn右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} @@ -57,7 +57,7 @@ SecurityPolicy-Deny-Http-00002 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ... ELSE Create List Message content over the limit has been removed ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -68,12 +68,12 @@ SecurityPolicy-Deny-Http-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00003 - [Tags] Selfserver deny HTTP ip+cat完整匹配 + [Tags] Selfserver Deny Http Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} @@ -97,12 +97,12 @@ SecurityPolicy-Deny-Http-00003 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00004 - [Tags] Selfserver deny HTTP ip+url字串匹配 + [Tags] Selfserver Deny Http Ip+Url字串匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node.com ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} @@ -126,12 +126,12 @@ SecurityPolicy-Deny-Http-00004 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00005 - [Tags] Selfserver deny HTTP ip+url右匹配 + [Tags] Selfserver Deny Http Ip+Url右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*youtube.html ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} @@ -155,12 +155,12 @@ SecurityPolicy-Deny-Http-00005 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00006 - [Tags] Selfserver deny HTTP ip+url完整匹配 + [Tags] Selfserver Deny Http Ip+Url完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} @@ -184,12 +184,12 @@ SecurityPolicy-Deny-Http-00006 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00007 - [Tags] Selfserver deny HTTP ip+url左匹配 + [Tags] Selfserver Deny Http Ip+Url左匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open* ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} @@ -213,12 +213,12 @@ SecurityPolicy-Deny-Http-00007 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00008 - [Tags] Selfserver deny HTTP ip+请求头字串匹配 + [Tags] Selfserver Deny Ip+请求头字串匹配 Http Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} @@ -242,12 +242,12 @@ SecurityPolicy-Deny-Http-00008 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00009 - [Tags] Selfserver deny HTTP ip+请求头右匹配 + [Tags] Selfserver Deny Http Ip+请求头右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} @@ -271,12 +271,12 @@ SecurityPolicy-Deny-Http-00009 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00010 - [Tags] Selfserver deny HTTP ip+请求头完整匹配 + [Tags] Selfserver Deny Http Ip+请求头完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} @@ -300,12 +300,12 @@ SecurityPolicy-Deny-Http-00010 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00011 - [Tags] Selfserver deny HTTP ip+请求头左匹配 + [Tags] Selfserver Deny Http Ip+请求头左匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} @@ -329,12 +329,12 @@ SecurityPolicy-Deny-Http-00011 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00012 - [Tags] Selfserver deny HTTP ip+cookie左匹配 + [Tags] Selfserver Http Ip+Cookie子串匹配 Deny Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie ${rescode} ${object_CK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CK_Id} @@ -358,12 +358,12 @@ SecurityPolicy-Deny-Http-00012 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00013 - [Tags] Selfserver deny HTTP ip+应答头字串匹配 + [Tags] Selfserver Deny Http Ip+应答头字串匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=utf-8|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} @@ -387,12 +387,12 @@ SecurityPolicy-Deny-Http-00013 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00014 - [Tags] Selfserver deny HTTP ip+应答头右匹配 + [Tags] Selfserver Deny Http Ip+应答头右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} @@ -416,12 +416,12 @@ SecurityPolicy-Deny-Http-00014 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00015 - [Tags] Selfserver deny HTTP ip+应答头完整匹配 + [Tags] Selfserver Deny Http Ip+应答头完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} @@ -445,12 +445,12 @@ SecurityPolicy-Deny-Http-00015 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00016 - [Tags] Selfserver deny HTTP ip+应答头左匹配 + [Tags] Selfserver Deny Http Ip+应答头左匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} @@ -474,12 +474,12 @@ SecurityPolicy-Deny-Http-00016 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00017 - [Tags] Selfserver deny HTTP ip+set-cookie字串匹配 + [Tags] Selfserver Deny Http Ip+Set-Cookie字串匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=4567|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} @@ -503,12 +503,12 @@ SecurityPolicy-Deny-Http-00017 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00018 - [Tags] Selfserver deny HTTP ip+set-cookie右匹配 + [Tags] Selfserver Deny Http Ip+Set-Cookie右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*5678|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} @@ -532,12 +532,12 @@ SecurityPolicy-Deny-Http-00018 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00019 - [Tags] Selfserver deny HTTP ip+set-cookie完整匹配 + [Tags] Selfserver Deny Ip+Set-Cookie完整匹配 Http Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} @@ -561,12 +561,12 @@ SecurityPolicy-Deny-Http-00019 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00020 - [Tags] Selfserver deny HTTP ip+set-cookie左匹配 + [Tags] Selfserver Deny Ip+Set-Cookie左匹配 Http Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建set-cookie ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=1234*|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} @@ -590,12 +590,12 @@ SecurityPolicy-Deny-Http-00020 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00021 - [Tags] Selfserver deny HTTP ip+请求体 + [Tags] Selfserver Deny Ip+请求体 Http Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建请求体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_RQ_Id} @@ -619,12 +619,12 @@ SecurityPolicy-Deny-Http-00021 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-Http-00022 - [Tags] Selfserver deny HTTP ip+应答体 + [Tags] Selfserver Deny Http Ip+应答体 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} - Comment FQDN + Comment 创建应答体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectId} ${object_RQ_Id} From 7eb73f2e7df156f6a933d083b2c0ea848ba9e6cb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:21:20 +0800 Subject: [PATCH 26/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=87=E7=AD=BE?= =?UTF-8?q?=E5=A4=A7=E5=B0=8F=E5=86=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Deny_MAIL_Tests.robot | 36 +++++++++---------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot index 3593439..702b850 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_MAIL_Tests.robot @@ -17,7 +17,7 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Deny-Mail-00001 [Tags] Selfserver Subject右匹配 Mail Deny - Comment Subject + Comment 创建Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*test ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} @@ -51,7 +51,7 @@ SecurityPolicy-Deny-Mail-00001 SecurityPolicy-Deny-Mail-00002 [Tags] Selfserver Subject完整匹配 Mail Deny - Comment Subject + Comment 创建Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=$你好明天 ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} @@ -85,7 +85,7 @@ SecurityPolicy-Deny-Mail-00002 SecurityPolicy-Deny-Mail-00003 [Tags] Selfserver Subject字串匹配 Mail Deny - Comment Subject + Comment 创建Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} @@ -119,7 +119,7 @@ SecurityPolicy-Deny-Mail-00003 SecurityPolicy-Deny-Mail-00004 [Tags] Selfserver Subject左匹配 Mail Deny - Comment Subject + Comment 创建Subject ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=zxcv* ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Subject_Id} @@ -153,7 +153,7 @@ SecurityPolicy-Deny-Mail-00004 SecurityPolicy-Deny-Mail-00005 [Tags] Selfserver Content字串匹配 Mail Deny - Comment Subject + Comment 创建Content ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Content_Id} @@ -187,7 +187,7 @@ SecurityPolicy-Deny-Mail-00005 SecurityPolicy-Deny-Mail-00006 [Tags] Selfserver Deny ATT_CONT字串匹配 Mail - Comment Subject + Comment 创建ATT_CONT ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо ${rescode} ${object_ATT_CONT_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_ATT_CONT_Id} @@ -221,7 +221,7 @@ SecurityPolicy-Deny-Mail-00006 SecurityPolicy-Deny-Mail-00007 [Tags] Selfserver Deny From右匹配 Mail - Comment Subject + Comment 创建From ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} @@ -255,7 +255,7 @@ SecurityPolicy-Deny-Mail-00007 SecurityPolicy-Deny-Mail-00008 [Tags] Selfserver Deny From完整匹配 Mail - Comment Subject + Comment 创建From ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} @@ -289,7 +289,7 @@ SecurityPolicy-Deny-Mail-00008 SecurityPolicy-Deny-Mail-00009 [Tags] Selfserver Deny From字串匹配 Mail - Comment Subject + Comment 创建From ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=tsgmail ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} @@ -323,7 +323,7 @@ SecurityPolicy-Deny-Mail-00009 SecurityPolicy-Deny-Mail-00010 [Tags] Selfserver Deny From左匹配 Mail - Comment Subject + Comment 创建From ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwct* ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_From_Id} @@ -357,7 +357,7 @@ SecurityPolicy-Deny-Mail-00010 SecurityPolicy-Deny-Mail-00011 [Tags] Selfserver Deny To右匹配 Mail - Comment Subject + Comment 创建To ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} @@ -391,7 +391,7 @@ SecurityPolicy-Deny-Mail-00011 SecurityPolicy-Deny-Mail-00012 [Tags] Selfserver Mali Deny To完整匹配 - Comment Subject + Comment 创建To ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$zmmtest@mail.tsgmail.com ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} @@ -425,7 +425,7 @@ SecurityPolicy-Deny-Mail-00012 SecurityPolicy-Deny-Mail-00013 [Tags] Selfserver Mali Deny To字串匹配 - Comment Subject + Comment 创建To ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmtes ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} @@ -459,7 +459,7 @@ SecurityPolicy-Deny-Mail-00013 SecurityPolicy-Deny-Mail-00014 [Tags] Selfserver Mali Deny To左匹配 - Comment Subject + Comment 创建To ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmt* ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_To_Id} @@ -493,7 +493,7 @@ SecurityPolicy-Deny-Mail-00014 SecurityPolicy-Deny-Mail-00015 [Tags] Selfserver Mali Deny Account右匹配 - Comment Subject + Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*ail.com ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} @@ -527,7 +527,7 @@ SecurityPolicy-Deny-Mail-00015 SecurityPolicy-Deny-Mail-00016 [Tags] Selfserver Mali Deny Account完整匹配 - Comment Subject + Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} @@ -561,7 +561,7 @@ SecurityPolicy-Deny-Mail-00016 SecurityPolicy-Deny-Mail-00017 [Tags] Selfserver Mali Deny Account字串匹配 - Comment Subject + Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwcte ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} @@ -595,7 +595,7 @@ SecurityPolicy-Deny-Mail-00017 SecurityPolicy-Deny-Mail-00018 [Tags] Selfserver Mali Deny Account左匹配 - Comment Subject + Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwctest* ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} From 81e9ca606f3bf8013831034fa4027fa87ef3009b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:21:48 +0800 Subject: [PATCH 27/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=87=E7=AD=BE?= =?UTF-8?q?=E5=A4=A7=E5=B0=8F=E5=86=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Deny_SSL_Tests.robot | 56 +++++++++---------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot index d5779a0..3280e6f 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot @@ -14,7 +14,7 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Deny-SSL-00001 - [Tags] ip Selfserver deny SSL + [Tags] Selfserver Ip Deny Ssl Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} @@ -26,7 +26,7 @@ SecurityPolicy-Deny-SSL-00001 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat - ... ELSE set variable curl https://open.node.com/test/xiaozhu/xiaozhu.html + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset ... ELSE Create List Connection reset by peer ${starttime} Get Time @@ -39,15 +39,15 @@ SecurityPolicy-Deny-SSL-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00002 - [Tags] Selfserver SSL deny sni ip+fqdn右匹配 + [Tags] Selfserver Ssl Deny Sni Ip+Fqdn右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -57,7 +57,7 @@ SecurityPolicy-Deny-SSL-00002 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ... ELSE Create List Operation timed out after ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -68,15 +68,15 @@ SecurityPolicy-Deny-SSL-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00003 - [Tags] Selfserver SSL ip+cat完整匹配 deny sni + [Tags] Selfserver Deny Sni Ssl Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -86,7 +86,7 @@ SecurityPolicy-Deny-SSL-00003 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ... ELSE Create List Operation timed out after ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -97,15 +97,15 @@ SecurityPolicy-Deny-SSL-00003 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00004 - [Tags] Selfserver SSL deny ip+fqdn右匹配 cn + [Tags] Selfserver Ssl Deny Ip+Fqdn右匹配 Cn Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -126,15 +126,15 @@ SecurityPolicy-Deny-SSL-00004 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00005 - [Tags] Selfserver SSL ip+cat完整匹配 deny cn + [Tags] Selfserver Deny Cn Ssl Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -155,15 +155,15 @@ SecurityPolicy-Deny-SSL-00005 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00006 - [Tags] Selfserver SSL deny ip+fqdn右匹配 san + [Tags] Selfserver Ssl Deny Ip+Fqdn右匹配 San Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -184,15 +184,15 @@ SecurityPolicy-Deny-SSL-00006 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00007 - [Tags] Selfserver SSL ip+cat完整匹配 deny sam + [Tags] Selfserver Deny San Ssl Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} From d52a2db7173ac9bad56564ad358b08f66f299d30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:22:13 +0800 Subject: [PATCH 28/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=87=E7=AD=BE?= =?UTF-8?q?=E5=A4=A7=E5=B0=8F=E5=86=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Intercept_Http_Tests.robot | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot index 7d7ce30..ca200fb 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_Http_Tests.robot @@ -14,7 +14,7 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Intercept-Http-00001 - [Tags] ip Selfserver Intercept HTTP + [Tags] Selfserver Intercept Ip Http Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} @@ -39,15 +39,15 @@ SecurityPolicy-Intercept-Http-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Intercept-Http-00002 - [Tags] Selfserver Intercept HTTP ip+cat右匹配 + [Tags] Selfserver Intercept Http Ip+Cat右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -68,15 +68,15 @@ SecurityPolicy-Intercept-Http-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Intercept-Http-00003 - [Tags] Selfserver Intercept HTTP ip+fqdn完整匹配 + [Tags] Selfserver Intercept Http Ip+Fqdn完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} From 1724e247fa827f7465a97a19f9ae17bd3acd7010 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:22:32 +0800 Subject: [PATCH 29/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=87=E7=AD=BE?= =?UTF-8?q?=E5=A4=A7=E5=B0=8F=E5=86=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Intercept_SSL_Tests.robot | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot index 470895d..003a9ae 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot @@ -14,7 +14,7 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Intercept-SSL-00001 - [Tags] Selfserver Intercept SSL ip + [Tags] Selfserver Intercept Ssl Ip Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} @@ -39,15 +39,15 @@ SecurityPolicy-Intercept-SSL-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Intercept-SSL-00002 - [Tags] Selfserver Intercept SSL ip+cat完整匹配 + [Tags] Selfserver Intercept Ssl Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -68,15 +68,15 @@ SecurityPolicy-Intercept-SSL-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Intercept-SSL-00003 - [Tags] Selfserver Intercept SSL ip+fqdn右匹配 + [Tags] Selfserver Intercept Ssl Ip+Fqdn右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} From f96aa0848f596bdfde5f19a17cbb2a7c7e541ab1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:23:21 +0800 Subject: [PATCH 30/75] =?UTF-8?q?monitor=E5=8A=A8=E4=BD=9Cdns=E5=8D=8F?= =?UTF-8?q?=E8=AE=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Monitor_DNS_Tests.robot | 64 +++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_DNS_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_DNS_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_DNS_Tests.robot new file mode 100644 index 0000000..cd30f1b --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_DNS_Tests.robot @@ -0,0 +1,64 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Monitor-DNS-00001 + [Tags] Selfserver Monitor Dns Ip+Fqdn右匹配 + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*yhd.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=Monitor effectiveRange= userRegion={"protocol": "DNS"} isValid=${1} appObjectIdArray=4 referenceObject=${object_fqdn_Id}|TSG_FIELD_DNS_QNAME + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.yhd.com + ... ELSE set variable nslookup -d www.yhd.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name = www.yhd.com + ... ELSE Create List canonical name = www.yhd.com + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname yhd.com + +SecurityPolicy-Monitor-DNS-00002 + [Tags] Selfserver Monitor Dns Ip+Cat完整匹配 + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.toutiao.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-DNS-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"DNS"} isValid=${1} appObjectIdArray=4 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.toutiao.com + ... ELSE set variable nslookup -d www.toutiao.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List canonical name = www.toutiao.com + ... ELSE Create List canonical name = www.toutiao.com + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname toutiao.com From f59b7bebc99128e3c05942e597843811dfd7f21c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:23:58 +0800 Subject: [PATCH 31/75] =?UTF-8?q?monitor=E5=8A=A8=E4=BD=9Cftp=E5=8D=8F?= =?UTF-8?q?=E8=AE=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Monitor_FTP_Tests.robot | 124 ++++++++++++++++++ 1 file changed, 124 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot new file mode 100644 index 0000000..000b8ca --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot @@ -0,0 +1,124 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Library Custometest + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Monitor-Ftp-00001 + [Tags] Selfserver Ftp Monitor Account字串匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} ftp_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Monitor-Ftp-00002 + [Tags] Selfserver Ftp Monitor Account右匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} ftp_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Monitor-Ftp-00003 + [Tags] Selfserver Ftp Account完整匹配 Monitor + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$ftp_user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} ftp_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Monitor-Ftp-00004 + [Tags] Selfserver Ftp Monitor Account左匹配 + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_u* + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} ftp_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Monitor-Ftp-00005 + [Tags] Selfserver Ftp Account字串 Monitor + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-FTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"FTP"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_down ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 7 zmmtext123.txt + should contain ${FTP} ftp_fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user From b4418f2f717ab717d11b5863ddc164c65c2cca5a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:24:22 +0800 Subject: [PATCH 32/75] =?UTF-8?q?monitor=E5=8A=A8=E4=BD=9Chttp=E5=8D=8F?= =?UTF-8?q?=E8=AE=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Monitor_Http_Tests.robot | 648 ++++++++++++++++++ 1 file changed, 648 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot new file mode 100644 index 0000000..2da2131 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot @@ -0,0 +1,648 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Monitor-Http-00001 + [Tags] Selfserver Monitor Ip Http + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓 + ... ELSE Create List 酒店式公寓 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00002 + [Tags] Selfserver Monitor Http Ip+Fqdn右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员 + ... ELSE Create List 关闭播放器 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00003 + [Tags] Selfserver Monitor Http Ip+Cat完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00004 + [Tags] Selfserver Monitor Http Ip+Url字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node.com + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00005 + [Tags] Selfserver Monitor Http Ip+Url右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*youtube.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl \ http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员 + ... ELSE Create List 关闭播放器 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00006 + [Tags] Selfserver Monitor Http Ip+Url完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00007 + [Tags] Selfserver Monitor Http Ip+Url左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open* + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00008 + [Tags] Selfserver Monitor Http Ip+请求头字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00008 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 + ... ELSE Create List 发送POST请求 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00009 + [Tags] Selfserver Monitor Http Ip+请求头右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00009 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 + ... ELSE Create List 发送POST请求 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00010 + [Tags] Selfserver Monitor Http Ip+请求头完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00010 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 + ... ELSE Create List 发送POST请求 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00011 + [Tags] Selfserver Monitor Http Ip+请求头左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_UA_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00011 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送POST请求 + ... ELSE Create List 发送POST请求 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00012 + [Tags] Selfserver Monitor Http Ip+Cookie子串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${object_CK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00012 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat + ... ELSE set variable curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00013 + [Tags] Selfserver Monitor Http Ip+应答头字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=utf-8|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00013 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00014 + [Tags] Selfserver Monitor Http Ip+应答头右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00014 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl \ http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 您可以免费加入成为频道会员 + ... ELSE Create List 关闭播放器 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00015 + [Tags] Selfserver Monitor Http Ip+应答头完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00015 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00016 + [Tags] Selfserver Monitor Http Ip+应答头左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type + ${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_CT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00016 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00017 + [Tags] Selfserver Monitor Http Ip+Set-Cookie字串匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=4567|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00017 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl \ http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00018 + [Tags] Selfserver Monitor Http Ip+Set-Cookie右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*5678|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00018 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl \ http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00019 + [Tags] Selfserver Monitor Http Ip+Set-Cookie完整匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00019 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl \ http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00020 + [Tags] Selfserver Monitor Http Ip+Set-Cookie左匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=1234*|Set-Cookie + ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_SK_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00020 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl \ http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00021 + [Tags] Selfserver Monitor Http Ip+请求体 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_RQ_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00021 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test + ... ELSE Create List test + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-Http-00022 + [Tags] Selfserver Monitor Http Ip+应答体 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық + ${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_RQ_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-HTTP-00022 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_RQ_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com From 0abfc71e4c97cfa1ac3fadf55d2b210160f1e6a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:24:49 +0800 Subject: [PATCH 33/75] =?UTF-8?q?monitor=E5=8A=A8=E4=BD=9Cmail=E5=8D=8F?= =?UTF-8?q?=E8=AE=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Monitor_MAIL_Tests.robot | 628 ++++++++++++++++++ 1 file changed, 628 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_MAIL_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_MAIL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_MAIL_Tests.robot new file mode 100644 index 0000000..6f97368 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_MAIL_Tests.robot @@ -0,0 +1,628 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Library Custometest +Resource ../../../../02-Keyword/tsg_common/StmpHandle.robot + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Monitor-Mail-00001 + [Tags] Selfserver Subject右匹配 Mail Monitor + Comment 创建Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=*test + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00002 + [Tags] Selfserver Mali Subject完整匹配 Monitor + Comment 创建Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=$你好明天 + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00003 + [Tags] Selfserver Mali Subject字串匹配 Monitor + Comment 创建Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00004 + [Tags] Selfserver Subject左匹配 Mail Monitor + Comment 创建Subject + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=zxcv* + ${rescode} ${object_Subject_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Subject_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Subject_Id}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00005 + [Tags] Selfserver Content字串匹配 Mail Monitor + Comment 创建Content + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо + ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Content_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Content_Id}|TSG_FIELD_MAIL_CONTENT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123123132 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable Простопорно + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00006 + [Tags] Selfserver ATT_CONT字串匹配 Monitor Mail + Comment 创建ATT_CONT + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=стопо + ${rescode} ${object_ATT_CONT_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_ATT_CONT_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_ATT_CONT_Id}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00007 + [Tags] Selfserver Mali From右匹配 Monitor + Comment 创建From + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00008 + [Tags] Selfserver From完整匹配 Monitor Mail + Comment 创建From + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00008 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00009 + [Tags] Selfserver From字串匹配 Mail Monitor + Comment 创建From + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=tsgmail + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00009 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00010 + [Tags] Selfserver From左匹配 Mail Monitor + Comment 创建From + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwct* + ${rescode} ${object_From_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_From_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00010 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_From_Id}|TSG_FIELD_MAIL_FROM isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00011 + [Tags] Selfserver To右匹配 Mail Monitor + Comment 创建To + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*il.com + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00011 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00012 + [Tags] Selfserver To完整匹配 Monitor Mail + Comment 创建To + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$zmmtest@mail.tsgmail.com + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00012 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00013 + [Tags] Selfserver To字串匹配 Monitor Mail + Comment 创建To + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmtes + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00013 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["tsgtest@mail.tsgmail.com"] + ${密送者} Set Variable ["yyqtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00014 + [Tags] Selfserver To左匹配 Mail Monitor + Comment 创建To + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=zmmt* + ${rescode} ${object_To_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_To_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00014 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_To_Id}|TSG_FIELD_MAIL_TO isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00015 + [Tags] Selfserver Account右匹配 Mail monitor + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*ail.com + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00015 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 123test + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00016 + [Tags] Selfserver Account完整匹配 Mail Monitor + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$jwctest@mail.tsgmail.com + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00016 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable 你好明天 + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00017 + [Tags] Selfserver Account字串匹配 Monitor Mail + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwcte + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Mail-00017 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable Простопорно + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com + +SecurityPolicy-Monitor-Mail-00018 + [Tags] Selfserver Account左匹配 Monitor Mail + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=jwctest* + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-monitor-Mail-00018 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"MAIL"} referenceObject=${object_Account_Id}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appObjectIdArray=5 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${Smtp服务器} Set Variable 192.168.100.5 + ${Smtp服务器端口} Set Variable 25 + ${邮箱账号} Set Variable jwctest@mail.tsgmail.com + ${邮箱密码} Set Variable jwctest + ${邮件主题} Set Variable zxcvbnm + ${发送者} Set Variable jwctest@mail.tsgmail.com + ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] + ${接收者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${抄送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${密送者} Set Variable ["zmmtest@mail.tsgmail.com"] + ${邮件正文} Set Variable 朱明明content + ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} + Log ${发送邮件返回结果} + should contain ${发送邮件返回结果} mail_success + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account jwctest@mail.tsgmail.com From edf709ae450738ae32bc4e921f5bfd262c7c00d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:25:07 +0800 Subject: [PATCH 34/75] =?UTF-8?q?monitor=E5=8A=A8=E4=BD=9CSSL=E5=8D=8F?= =?UTF-8?q?=E8=AE=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Monitor_SSL_Tests.robot | 213 ++++++++++++++++++ 1 file changed, 213 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_SSL_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_SSL_Tests.robot new file mode 100644 index 0000000..e7a468a --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_SSL_Tests.robot @@ -0,0 +1,213 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Monitor-SSL-00001 + [Tags] Selfserver Monitor Ip Ssl + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List видео + ... ELSE Create List рутуб + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-SSL-00002 + [Tags] Selfserver Monitor Ssl Sni Ip+Fqdn右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Twitter + ... ELSE Create List 新鲜事一网打尽 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-SSL-00003 + [Tags] Selfserver Monitor Ssl Ip+Cat完整匹配 Sni + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 + ... ELSE Create List 字节跳动 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-SSL-00004 + [Tags] Selfserver SSL Monitor Cn Ip+Fqdn右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Twitter + ... ELSE Create List 新鲜事一网打尽 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-SSL-00005 + [Tags] Selfserver Monitor Ssl Ip+Cat完整匹配 Cn + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 + ... ELSE Create List 字节跳动 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-SSL-00006 + [Tags] Selfserver Monitor Ssl San Ip+Fqdn右匹配 + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol":"SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Twitter + ... ELSE Create List 新鲜事一网打尽 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Monitor-SSL-00007 + [Tags] Selfserver Monitor Ssl Ip+Cat完整匹配 San + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-SSL-00007 policyType=tsg_security policyDesc=autotest userTags= action=monitor effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 + ... ELSE Create List 字节跳动 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com From a4317dba0c12fe44282e43fbd043a143e695249a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sun, 26 Apr 2020 16:48:46 +0800 Subject: [PATCH 35/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E9=AA=8C=E8=AF=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot index 03b0b15..d213812 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot @@ -28,7 +28,7 @@ SecurityPolicy-Deny-Http-00001 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Message content over the limit has been removed + ... ELSE Create List Connection reset by peer ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -57,7 +57,7 @@ SecurityPolicy-Deny-Http-00002 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Message content over the limit has been removed + ... ELSE Create List Connection reset by peer ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} From 99adc436c7cc768d40f8eac5b28d3d1e327943f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sun, 26 Apr 2020 16:53:16 +0800 Subject: [PATCH 36/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E9=94=99=E8=AF=AF?= =?UTF-8?q?=E9=AA=8C=E8=AF=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Monitor_Http_Tests.robot | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot index 2da2131..4d869ca 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot @@ -491,8 +491,8 @@ SecurityPolicy-Monitor-Http-00017 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat ... ELSE set variable curl \ http://open.node.com/ - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test + ... ELSE Create List test ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -520,8 +520,8 @@ SecurityPolicy-Monitor-Http-00018 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat ... ELSE set variable curl \ http://open.node.com/ - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test + ... ELSE Create List test ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -549,8 +549,8 @@ SecurityPolicy-Monitor-Http-00019 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat ... ELSE set variable curl \ http://open.node.com/ - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test + ... ELSE Create List test ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -578,8 +578,8 @@ SecurityPolicy-Monitor-Http-00020 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat ... ELSE set variable curl \ http://open.node.com/ - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test + ... ELSE Create List test ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} From 9d70215314ab1e2989c96d43700ec65e158f542a Mon Sep 17 00:00:00 2001 From: unknown <杨永强@yangyongqiang.com> Date: Sun, 26 Apr 2020 18:53:34 +0800 Subject: [PATCH 37/75] =?UTF-8?q?0426=20=E6=97=A5=E5=BF=97=E6=9F=A5?= =?UTF-8?q?=E8=AF=A2=E5=B0=81=E8=A3=85=E5=85=AC=E5=85=B1=E9=83=A8=E5=88=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tsg_bfapi/api_log/LogStatistics.robot | 82 +++++++++++++++++++ 02-Keyword/tsg_bfapi/ApiRequest.robot | 22 ++--- 02-Keyword/tsg_bfapi/LogStatistics.robot | 46 +++++++++++ 3 files changed, 139 insertions(+), 11 deletions(-) create mode 100644 01-TestCase/tsg_bfapi/api_log/LogStatistics.robot create mode 100644 02-Keyword/tsg_bfapi/LogStatistics.robot diff --git a/01-TestCase/tsg_bfapi/api_log/LogStatistics.robot b/01-TestCase/tsg_bfapi/api_log/LogStatistics.robot new file mode 100644 index 0000000..199274c --- /dev/null +++ b/01-TestCase/tsg_bfapi/api_log/LogStatistics.robot @@ -0,0 +1,82 @@ +*** Settings *** +Resource ../../../02-Keyword/tsg_bfapi/LogStatistics.robot + +*** Test Cases *** +Statistics-Country-00001 + #apiName,请求大数据时,用于区分每个接口的sql + ${apiName} set variable Country + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/country/sourceipnum + #开始时间格式Y-M-D h:i:s + ${startTime} set variable 2020-4-20 13:36:35 + #结束时间格式Y-M-D h:i:s + ${endTime} set variable 2020-4-23 13:36:35 + #limit int型 + ${limit} set variable 50 + GetApi ${url} startTime=${startTime} endTime=${endTime} limit=${limit} + +Statistics-domain-00001 + #apiName,请求大数据时,用于区分每个接口的sql + ${apiName} set variable domain + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/domain/recommend + #查询时间时间格式Y-M-D h:i:s + ${statisticTime} set variable 2020-04-22 14:00:00 + GetApi ${url} statisticTime=${statisticTime} + +Statistics-url-00001 + #apiName,请求大数据时,用于区分每个接口的sql + ${apiName} set variable url + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/url/recommend + #查询时间时间格式Y-M-D h:i:s + ${statisticTime} set variable 2020-04-22 14:00:00 + GetApi ${url} statisticTime=${statisticTime} + +Statistics-traffic-00001 + #apiName,请求大数据时,用于区分每个接口的sql + ${apiName} set variable traffic + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/traffic/statisticsbyunit + #统计类型: bytes:字节数 packets:包数 sessions:连接数 如不指定,则统计全部 + ${statisticUnit} set variable bytes + #开始时间格式Y-M-D h:i:s + ${startTime} set variable 2020-4-20 13:36:35 + #结束时间格式Y-M-D h:i:s + ${endTime} set variable 2020-4-26 16:04:56 + #统计粒度,单位秒,仅用于趋势查询sql 缺省为30秒 + ${timeGranularity} set variable 50 + ${limit} set variable 50 + GetApi ${url} statisticsUnit=${statisticUnit} startTime=${startTime} endTime=${endTime} timeGranularity=${timeGranularity} limit=${limit} + +Statistics-traffic-00002 + #apiName,请求大数据时,用于区分每个接口的sql + ${apiName} set variable traffic + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/traffic/statisticsbyunit + #开始时间格式Y-M-D h:i:s + ${startTime} set variable 2020-4-20 13:36:35 + ${endTime} set variable 2020-4-26 16:04:56 + GetApi ${url} startTime=${startTime} endTime=${endTime} + +Statistics-ip_correlation_domain-00001 + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/ip_correlation_domain + #开始时间格式Y-M-D h:i:s + ${startTime} set variable 2020-4-20 13:36:35 + #结束时间格式Y-M-D h:i:s + ${endTime} set variable 2020-4-26 16:04:56 + #IP + ${ip} set variable 157.225.77.82 + GetApi ${url} startTime=${startTime} endTime=${endTime} ip=${ip} + +Statistics-hijack_srcip_location-00001 + #请求地址 例如:/report/domain/recommend + ${url} set variable /report/ip_correlation_domain + #开始时间格式Y-M-D h:i:s + ${startTime} set variable 2020-4-20 13:36:35 + #结束时间格式Y-M-D h:i:s + ${endTime} set variable 2020-4-26 16:04:56 + #策略ID + ${policy_id} set variable 0 + GetApi ${url} startTime=${startTime} endTime=${endTime} policy_id=${policy_id} diff --git a/02-Keyword/tsg_bfapi/ApiRequest.robot b/02-Keyword/tsg_bfapi/ApiRequest.robot index 6226ba8..2acf7e7 100644 --- a/02-Keyword/tsg_bfapi/ApiRequest.robot +++ b/02-Keyword/tsg_bfapi/ApiRequest.robot @@ -1,7 +1,7 @@ *** Settings *** -Library Collections -Library RequestsLibrary -Resource ../../03-Variable/BifangApiVariable.txt +Library Collections +Library RequestsLibrary +Resource ../../03-Variable/BifangApiVariable.txt *** Keywords *** Post-Request @@ -21,30 +21,30 @@ Get-Request ${response} to json ${remoteResponse.content} Should Be Equal As Strings ${remoteResponse.status_code} 200 [Return] ${response} - + Delete-Request [Arguments] ${url} ${data} ${header} Create Dictionary Content-Type=application/json Authorization=${token} Create Session api http://${host}:${port}/${version} headers=${header} - ${remoteResponse} Delete Request api ${url} data=${data} headers=${header} + ${remoteResponse} Delete Request api ${url} data=${data} headers=${header} ${response} to json ${remoteResponse.content} Should Be Equal As Strings ${remoteResponse.status_code} 200 [Return] ${response} - + UpFilePostRequest [Arguments] ${url} ${data} ${files} ${fileDesc} ${header} Set To Dictionary ${fileDesc} Authorization=${token} Create Session api http://${host}:${port}/${version} headers=${header} - ${remoteResponse} Post Request api ${url} data=${data} files=${files} headers=${header} + ${remoteResponse} Post Request api ${url} data=${data} files=${files} headers=${header} ${response} to json ${remoteResponse.content} Should Be Equal As Strings ${remoteResponse.status_code} 200 [Return] ${response} - + UpFilePutRequest [Arguments] ${url} ${data} ${files} ${fileDesc} - ${header} Set To Dictionary ${fileDesc} Authorization=${token} + ${header} Set To Dictionary ${fileDesc} Authorization=${token} Create Session api http://${host}:${port}/${version} headers=${header} - ${remoteResponse} Put Request api ${url} params=${data} files=${files} headers=${header} + ${remoteResponse} Put Request api ${url} params=${data} files=${files} headers=${header} ${response} to json ${remoteResponse.content} Should Be Equal As Strings ${remoteResponse.status_code} 200 - [Return] ${response} + [Return] ${response} diff --git a/02-Keyword/tsg_bfapi/LogStatistics.robot b/02-Keyword/tsg_bfapi/LogStatistics.robot new file mode 100644 index 0000000..1bd113c --- /dev/null +++ b/02-Keyword/tsg_bfapi/LogStatistics.robot @@ -0,0 +1,46 @@ +*** Settings *** +Library RequestsLibrary +Resource ../../03-Variable/BifangApiVariable.txt +Library string + +*** Keywords *** +GetApi + [Arguments] ${url} ${startTime}=${None} ${endTime}=${None} ${limit}=${None} ${statisticTime}=${None} ${statisticsUnit}=${None} ${timeGranularity}=${None} ${policy_id}=${None} ${ip}=${None} + #拼接查询条件 + ${strstrartTime}= run keyword if '${startTime}'!='${None}' Set Variable startTime=${startTime}& + ... ELSE Set Variable ${EMPTY} + ${strendTime}= run keyword if '${endTime}'!='${None}' Set Variable endTime=${endTime}& + ... ELSE Set Variable ${EMPTY} + ${strstatisticTime}= run keyword if '${statisticTime}'!='${None}' Set Variable statisticTime=${statisticTime}& + ... ELSE Set Variable ${EMPTY} + ${strlimit}= run keyword if '${limit}'!='${None}' Set Variable limit=${limit}& + ... ELSE Set Variable ${EMPTY} + ${strstatisticsUnit}= run keyword if '${statisticsUnit}'!='${None}' Set Variable statisticsUnit=${statisticsUnit}& + ... ELSE Set Variable ${EMPTY} + ${strtimeGranularity}= run keyword if '${timeGranularity}'!='${None}' Set Variable timeGranularity=${timeGranularity}& + ... ELSE Set Variable ${EMPTY} + ${strpolicy_id} run keyword if '${policy_id}'!='${None}' Set Variable policy_id=${policy_id}& + ... ELSE Set Variable ${EMPTY} + ${strip} run keyword if '${ip}'!='${None}' Set Variable ip=${ip}& + ... ELSE Set Variable ${EMPTY} + ${condition} catenate SEPARATOR= ${strstrartTime} ${strendTime} ${strstatisticTime} ${strlimit} ${strstatisticsUnit} ${strtimeGranularity} ${strpolicy_id} ${ip} + #创建请求信息 + ${header} Create Dictionary Content-Type=application/x-www-form-urlencoded Authorization=${token} + Create Session api http://${host}:${port}/${version} + #发送请求 + ${remoteResponse} Get Request api ${url}?${condition} headers=${header} + log ${remoteResponse} + ${response} to json ${remoteResponse.content} + #验证请求是否成功 + Should Be Equal As Strings ${remoteResponse.status_code} 200 + Should Be Equal As Strings ${response}[code] 200 + #请求大数据 + #sql拼接 + #BigData ${sql} + +BigData + [Arguments] ${sql} + #创建请求信息 + Create Session api http://192.168.40.224:9999 + #发送请求 + ${remoteResponse} Get Request api ?query= ${sql} From 5c3e7c9df1a64237969a96cf481dd2299358c382 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 13:30:50 +0800 Subject: [PATCH 38/75] Upload New File --- 05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00017.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00017.bat diff --git a/05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00017.bat b/05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00017.bat new file mode 100644 index 0000000..5ef9233 --- /dev/null +++ b/05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00017.bat @@ -0,0 +1 @@ +curl http://open.node.com/ | iconv -f utf-8 -t gbk \ No newline at end of file From 775582e3903db000e1176fde5276cc05e666db9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 13:31:03 +0800 Subject: [PATCH 39/75] Upload New File --- 05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00023.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00023.bat diff --git a/05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00023.bat b/05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00023.bat new file mode 100644 index 0000000..d97b57c --- /dev/null +++ b/05-Other/curl/selfserver/proxyPolicy-Deny-HTTP-00023.bat @@ -0,0 +1 @@ +curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com/test/xiaozhu/xiaozhu.html | iconv -f utf-8 -t gbk From 6adf43245b5662faf639c5540204471950b67686 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 13:31:19 +0800 Subject: [PATCH 40/75] Upload New File --- 05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0008.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0008.bat diff --git a/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0008.bat b/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0008.bat new file mode 100644 index 0000000..989e635 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0008.bat @@ -0,0 +1 @@ +curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ curl https://open.node.com/ | iconv -f utf-8 -t gbk From 8b60f453770a82766186b22505976c83c098c4b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 13:31:34 +0800 Subject: [PATCH 41/75] Upload New File --- 05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0012.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0012.bat diff --git a/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0012.bat b/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0012.bat new file mode 100644 index 0000000..7f8642f --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0012.bat @@ -0,0 +1 @@ +curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' https://open.node.com/test/nationalbank/nationalbank.html | iconv -f utf-8 -t gbk \ No newline at end of file From 72424ed78dc520fd26c8209bd9597ffedc15611e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 13:32:02 +0800 Subject: [PATCH 42/75] Upload New File --- 05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00017.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00017.bat diff --git a/05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00017.bat b/05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00017.bat new file mode 100644 index 0000000..88a624d --- /dev/null +++ b/05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00017.bat @@ -0,0 +1 @@ +curl -kv https://open.node.com/ | iconv -f utf-8 -t gbk \ No newline at end of file From 491ef128b83f1fbd6d550ff02e7038dd90ec4244 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 13:32:13 +0800 Subject: [PATCH 43/75] Upload New File --- 05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0019.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0019.bat diff --git a/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0019.bat b/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0019.bat new file mode 100644 index 0000000..0ace4b6 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Deny-SSL-0019.bat @@ -0,0 +1 @@ +curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action | iconv -f utf-8 -t gbk From 2f7c313fc3bf1439a33fab80524f754c411ad602 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 13:32:31 +0800 Subject: [PATCH 44/75] Upload New File --- 05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00023.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00023.bat diff --git a/05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00023.bat b/05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00023.bat new file mode 100644 index 0000000..95475be --- /dev/null +++ b/05-Other/curl/selfserver/proxyPolicy-Deny-SSL-00023.bat @@ -0,0 +1 @@ +curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com/test/bytedance/bytedance.html | iconv -f utf-8 -t gbk From 58d218afd8c9d162a6d91baf8fd6cc222120398a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 13:34:55 +0800 Subject: [PATCH 45/75] Add new directory --- 01-TestCase/tsg_adc/selfserver/Api_Proxy/.gitkeep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Proxy/.gitkeep diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/.gitkeep b/01-TestCase/tsg_adc/selfserver/Api_Proxy/.gitkeep new file mode 100644 index 0000000..e69de29 From ca7d3e0a48a92fc977717abab95c1c416ff7c097 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 13:35:57 +0800 Subject: [PATCH 46/75] =?UTF-8?q?=E4=BB=A3=E7=90=86=E7=AD=96=E7=95=A5deny?= =?UTF-8?q?=E5=8A=A8=E4=BD=9Chttp?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Proxy/Deny_Http_Tests.robot | 786 ++++++++++++++++++ 1 file changed, 786 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot new file mode 100644 index 0000000..9dc675f --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot @@ -0,0 +1,786 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc proxy_policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} +${url} /policy/profile/responsepages +${profiledId} ${EMPTY} + +*** Test Cases *** +ProxyPolicy-Deny-Http-00001 + [Tags] selfserver ip http deny + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"test","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test + ... ELSE Create List test + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00002 + [Tags] selfserver ip+fqdn完整匹配 http deny + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好,五一 + ... ELSE Create List 你好,五一 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00003 + [Tags] selfserver ip+cat右匹配 http deny + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List виде + ... ELSE Create List виде + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00004 + [Tags] selfserver http deny ip+url右匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00005 + [Tags] selfserver http deny ip+url字串匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat + ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00006 + [Tags] selfserver http deny ip+url完整匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List виде + ... ELSE Create List виде + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00007 + [Tags] selfserver http deny ip+url左匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node* + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + #创建引用文件 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00008 + [Tags] selfserver http deny ip+请求头右匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00009 + [Tags] selfserver http deny ip+请求头字串匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00010 + [Tags] selfserver http deny ip+请求头完整匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List виде + ... ELSE Create List виде + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00011 + [Tags] selfserver http deny ip+请求头左匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + #创建引用文件 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00012 + [Tags] selfserver http deny ip+cookie字串匹配 + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"zxcvbnm","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat + ... ELSE set variable curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm + ... ELSE Create List zxcvbnm + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00013 + [Tags] selfserver http deny ip+应答头右匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 + ... ELSE Create List 你好明天 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00014 + [Tags] selfserver http deny ip+应答头字串匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00015 + [Tags] selfserver http deny ip+应答头完整匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat + ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty + ... ELSE Create List qwerty + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00016 + [Tags] selfserver http deny ip+应答头左匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat \ + ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 + ... ELSE Create List 123456 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00017 + [Tags] selfserver http deny ip+set-cookie右匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat + ... ELSE set variable curl http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 + ... ELSE Create List 你好明天 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00018 + [Tags] selfserver http deny ip+set-cookie字串匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat + ... ELSE set variable curl http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00019 + [Tags] selfserver http deny ip+set-cookie完整匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=yyyyy" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty + ... ELSE Create List qwerty + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00020 + [Tags] selfserver http deny ip+set-cookie左匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat + ... ELSE set variable curl http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 + ... ELSE Create List 123456 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00021 + [Tags] selfserver http deny ip+请求体字串匹配 + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Извините + ... ELSE Create List Извините + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00022 + [Tags] selfserver http deny ip+应答体字串匹配 + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response Body + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Http-00023 + [Tags] selfserver 最大组合 http deny + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_url_Id} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_rq_Id} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_re_Id} + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=酒店式公寓 + ${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_by_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00023 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_RES_CONTENT + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00023.bat + ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com From 7030aaf7329c6d23440e4e3c852bf85f39b60096 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 13:36:27 +0800 Subject: [PATCH 47/75] =?UTF-8?q?=E4=BB=A3=E7=90=86=E7=AD=96=E7=95=A5deny?= =?UTF-8?q?=E5=8A=A8=E4=BD=9Cssl?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../selfserver/Api_Proxy/Deny_Ssl_Tests.robot | 786 ++++++++++++++++++ 1 file changed, 786 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot new file mode 100644 index 0000000..e16b59b --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot @@ -0,0 +1,786 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc proxy_policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} +${url} /policy/profile/responsepages +${profiledId} ${EMPTY} + +*** Test Cases *** +ProxyPolicy-Deny-Ssl-00001 + [Tags] selfserver ip deny ssl + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"test","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List test Tango Secure Gateway CA + ... ELSE Create List test Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00002 + [Tags] selfserver ip+fqdn完整匹配 deny ssl + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好,五一 Tango Secure Gateway CA + ... ELSE Create List 你好,五一 Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00003 + [Tags] selfserver ip+cat右匹配 deny ssl + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA + ... ELSE Create List виде Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00004 + [Tags] selfserver deny ip+url右匹配 ssl + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00005 + [Tags] selfserver deny ip+url字串匹配 ssl + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00006 + [Tags] selfserver deny ip+url完整匹配 ssl + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA + ... ELSE Create List виде Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00007 + [Tags] selfserver deny ip+url左匹配 ssl + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node* + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + #创建引用文件 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00008 + [Tags] selfserver deny ssl ip+请求头右匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00009 + [Tags] selfserver deny ip+请求头字串匹配 ssl + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00010 + [Tags] selfserver deny ip+请求头完整匹配 ssl + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA + ... ELSE Create List виде Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00011 + [Tags] selfserver deny ip+请求头左匹配 ssl + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + #创建引用文件 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00012 + [Tags] selfserver deny ip+cookie字串匹配 ssl + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"zxcvbnm","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat + ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm Tango Secure Gateway CA + ... ELSE Create List zxcvbnm Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00013 + [Tags] selfserver deny ip+应答头右匹配 ssl + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 Tango Secure Gateway CA + ... ELSE Create List 你好明天 Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00014 + [Tags] selfserver deny ip+应答头字串匹配 ssl + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List \ Tango Secure Gateway CA + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00015 + [Tags] selfserver deny ip+应答头完整匹配 ssl + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty Tango Secure Gateway CA + ... ELSE Create List qwerty Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00016 + [Tags] selfserver deny ip+应答头左匹配 ssl + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 Tango Secure Gateway CA + ... ELSE Create List 123456 Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00017 + [Tags] selfserver deny ip+set-cookie右匹配 ssl + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 Tango Secure Gateway CA + ... ELSE Create List 你好明天 Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00018 + [Tags] selfserver deny ip+set-cookie字串匹配 ssl + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00019 + [Tags] selfserver deny ip+set-cookie完整匹配 ssl + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-ssl-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=yyyyy" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty Tango Secure Gateway CA + ... ELSE Create List qwerty Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00020 + [Tags] selfserver deny ip+set-cookie左匹配 ssl + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 Tango Secure Gateway CA + ... ELSE Create List 123456 Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00021 + [Tags] selfserver deny ip+请求体字串匹配 ssl + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Извините Tango Secure Gateway CA + ... ELSE Create List Извините Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00022 + [Tags] selfserver deny ip+应答体字串匹配 ssl + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response Body + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-ssl-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Empty reply from server Tango Secure Gateway CA + ... ELSE Create List Connection reset by peer Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Deny-Ssl-00023 + [Tags] selfserver 最大组合 deny ssl + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*bytedance.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_url_Id} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_rq_Id} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_re_Id} + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=字节跳动 + ${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_by_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00023 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_RES_CONTENT + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00023.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Empty reply from server + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com From 6e784b136d45c9d0f6f44105a98aedc5513b242d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 14:12:51 +0800 Subject: [PATCH 48/75] Update Deny_Http_Tests.robot --- .../selfserver/Api_Proxy/Deny_Http_Tests.robot | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot index 9dc675f..360b4a6 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot @@ -742,23 +742,23 @@ ProxyPolicy-Deny-Http-00023 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_url_Id} + ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_rq_Id} + ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} ${object_rq_Id} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_re_Id} + ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} ${object_rq_Id} ${object_re_Id} Comment 创建应答体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=酒店式公寓 ${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_by_Id} + ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} ${object_rq_Id} ${object_re_Id} ${object_by_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -783,4 +783,4 @@ ProxyPolicy-Deny-Http-00023 ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId3} - GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com \ No newline at end of file From fb99a47069250a5efc41e9f47685753734a399d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 14:13:44 +0800 Subject: [PATCH 49/75] Update Deny_Ssl_Tests.robot --- .../tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot index e16b59b..1d23644 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot @@ -742,23 +742,23 @@ ProxyPolicy-Deny-Ssl-00023 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*bytedance.html ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_url_Id} + ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_rq_Id} + ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} ${object_rq_Id} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_re_Id} + ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} ${object_rq_Id} ${object_re_Id} Comment 创建应答体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=字节跳动 ${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_by_Id} + ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} ${object_rq_Id} ${object_re_Id} ${object_by_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} From 03c722b4a7139763e4a5adf7b8feac149ed3a74d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 15:13:27 +0800 Subject: [PATCH 50/75] =?UTF-8?q?=E6=B7=BB=E5=8A=A0tfe=E9=AA=8C=E8=AF=81?= =?UTF-8?q?=EF=BC=8C=E4=BF=AE=E6=94=B9=E5=A4=9A=E5=AF=B9=E8=B1=A1=E5=88=A0?= =?UTF-8?q?=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../selfserver/Api_Proxy/Deny_Ssl_Tests.robot | 102 +++++++++--------- 1 file changed, 51 insertions(+), 51 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot index 1d23644..84128e5 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot @@ -36,8 +36,8 @@ ProxyPolicy-Deny-Ssl-00001 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html - @{stringlist} run keyword if '${systemType}'=='Windows' Create List test Tango Secure Gateway CA - ... ELSE Create List test Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List test Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List test Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -68,8 +68,8 @@ ProxyPolicy-Deny-Ssl-00002 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html - @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好,五一 Tango Secure Gateway CA - ... ELSE Create List 你好,五一 Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好,五一 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 你好,五一 Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -100,8 +100,8 @@ ProxyPolicy-Deny-Ssl-00003 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html - @{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA - ... ELSE Create List виде Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List виде Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -134,8 +134,8 @@ ProxyPolicy-Deny-Ssl-00004 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html - @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA - ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -168,8 +168,8 @@ ProxyPolicy-Deny-Ssl-00005 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html - @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -200,8 +200,8 @@ ProxyPolicy-Deny-Ssl-00006 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html - @{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA - ... ELSE Create List виде Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List виде Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -235,8 +235,8 @@ ProxyPolicy-Deny-Ssl-00007 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html - @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA - ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -269,8 +269,8 @@ ProxyPolicy-Deny-Ssl-00008 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com - @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA - ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -303,8 +303,8 @@ ProxyPolicy-Deny-Ssl-00009 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com - @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -335,8 +335,8 @@ ProxyPolicy-Deny-Ssl-00010 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com - @{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA - ... ELSE Create List виде Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List виде Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -370,8 +370,8 @@ ProxyPolicy-Deny-Ssl-00011 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com - @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA - ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -402,8 +402,8 @@ ProxyPolicy-Deny-Ssl-00012 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html - @{stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm Tango Secure Gateway CA - ... ELSE Create List zxcvbnm Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List zxcvbnm Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -434,8 +434,8 @@ ProxyPolicy-Deny-Ssl-00013 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html - @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 Tango Secure Gateway CA - ... ELSE Create List 你好明天 Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -468,8 +468,8 @@ ProxyPolicy-Deny-Ssl-00014 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html - @{stringlist} run keyword if '${systemType}'=='Windows' Create List \ Tango Secure Gateway CA - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -500,8 +500,8 @@ ProxyPolicy-Deny-Ssl-00015 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html - @{stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty Tango Secure Gateway CA - ... ELSE Create List qwerty Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List qwerty Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -532,8 +532,8 @@ ProxyPolicy-Deny-Ssl-00016 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html - @{stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 Tango Secure Gateway CA - ... ELSE Create List 123456 Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 123456 Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -564,8 +564,8 @@ ProxyPolicy-Deny-Ssl-00017 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat ... ELSE set variable curl -kv https://open.node.com/ - @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 Tango Secure Gateway CA - ... ELSE Create List 你好明天 Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 你好明天 Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -598,8 +598,8 @@ ProxyPolicy-Deny-Ssl-00018 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat ... ELSE set variable curl -kv https://open.node.com/ - @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -630,8 +630,8 @@ ProxyPolicy-Deny-Ssl-00019 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat ... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=yyyyy" https://open.node.com/action - @{stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty Tango Secure Gateway CA - ... ELSE Create List qwerty Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List qwerty Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -662,8 +662,8 @@ ProxyPolicy-Deny-Ssl-00020 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat ... ELSE set variable curl -kv https://open.node.com/ - @{stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 Tango Secure Gateway CA - ... ELSE Create List 123456 Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 123456 Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -694,8 +694,8 @@ ProxyPolicy-Deny-Ssl-00021 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action - @{stringlist} run keyword if '${systemType}'=='Windows' Create List Извините Tango Secure Gateway CA - ... ELSE Create List Извините Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Извините Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Извините Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -726,8 +726,8 @@ ProxyPolicy-Deny-Ssl-00022 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action - @{stringlist} run keyword if '${systemType}'=='Windows' Create List Empty reply from server Tango Secure Gateway CA - ... ELSE Create List Connection reset by peer Tango Secure Gateway CA + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Empty reply from server Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Connection reset by peer Tango Secure Gateway CA X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} @@ -742,23 +742,23 @@ ProxyPolicy-Deny-Ssl-00023 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} + ${objectids} set Variable ${object_fqdn_Id} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*bytedance.html ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} - ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} - ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} ${object_rq_Id} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} - ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} ${object_rq_Id} ${object_re_Id} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id} Comment 创建应答体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=字节跳动 ${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict} - ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} ${object_rq_Id} ${object_re_Id} ${object_by_Id} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -774,8 +774,8 @@ ProxyPolicy-Deny-Ssl-00023 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00023.bat ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com/test/bytedance/bytedance.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Empty reply from server - ... ELSE Create List Connection reset by peer + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Empty reply from server X-TG-Construct-By + ... ELSE Create List Connection reset by peer X-TG-Construct-By ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} From d4108f5ec87cf7d5cdf1b17083697073fba29f1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Mon, 27 Apr 2020 15:14:43 +0800 Subject: [PATCH 51/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=AF=B9=E5=AF=B9?= =?UTF-8?q?=E8=B1=A1=E5=88=A0=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot index 360b4a6..fefadd6 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Http_Tests.robot @@ -742,23 +742,23 @@ ProxyPolicy-Deny-Http-00023 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} + ${objectids} set Variable ${object_fqdn_Id} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} - ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建请求头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} - ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} ${object_rq_Id} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id} Comment 创建应答头 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} - ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} ${object_rq_Id} ${object_re_Id} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id} Comment 创建应答体 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=酒店式公寓 ${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict} - ${objectids} Catenate SEPARATOR=, ${object_fqdn_Id} ${object_url_Id} ${object_rq_Id} ${object_re_Id} ${object_by_Id} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} From a92cc1d765b5c6e0fb2931e9025514b50fa00fcf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 09:58:40 +0800 Subject: [PATCH 52/75] =?UTF-8?q?=E9=87=8D=E5=AE=9A=E5=90=91http?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Proxy/Redirect_Http_Tests.robot | 802 ++++++++++++++++++ 1 file changed, 802 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Http_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Http_Tests.robot new file mode 100644 index 0000000..d1d02b1 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Http_Tests.robot @@ -0,0 +1,802 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc proxy_policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +ProxyPolicy-Redirect-Http-00001 + [Tags] selfserver ip http Redirect + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.ziroom.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv \ http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.ziroom.com/ 301 X-TG-Construct-By + ... ELSE Create List http://www.ziroom.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00002 + [Tags] selfserver ip+fqdn完整匹配 http Redirect + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yhd.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yhd.com 302 X-TG-Construct-By + ... ELSE Create List https://www.yhd.com 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00003 + [Tags] selfserver ip+cat右匹配 http Redirect + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com + ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_cat_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.toutiao.com/ch/news_hot/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.toutiao.com/ch/news_hot/ 301 X-TG-Construct-By + ... ELSE Create List https://www.toutiao.com/ch/news_hot/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00004 + [Tags] selfserver http Redirect ip+url右匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://bbs.tianya.cn/list-lookout-1.shtml","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://bbs.tianya.cn/list-lookout-1.shtml 301 X-TG-Construct-By + ... ELSE Create List http://bbs.tianya.cn/list-lookout-1.shtml 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00005 + [Tags] selfserver http Redirect ip+url字串匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://kefu.ctrip.com/index","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat + ... ELSE set variable curl -kv http://open.node.com/test/youtube/youtube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://kefu.ctrip.com/index 301 X-TG-Construct-By + ... ELSE Create List https://kefu.ctrip.com/index 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00006 + [Tags] selfserver http Redirect ip+url完整匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.booking.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat + ... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.booking.com/ 302 X-TG-Construct-By + ... ELSE Create List https://www.booking.com/ 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00007 + [Tags] selfserver http Redirect ip+url左匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node* + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.eastmoney.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.eastmoney.com/ 301 X-TG-Construct-By + ... ELSE Create List https://www.eastmoney.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00008 + [Tags] selfserver http Redirect ip+请求头右匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.iqiyi.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.iqiyi.com/ 301 X-TG-Construct-By + ... ELSE Create List https://www.iqiyi.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00009 + [Tags] selfserver http Redirect ip+请求头字串匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://chaoshi.tmall.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://chaoshi.tmall.com/ 302 X-TG-Construct-By + ... ELSE Create List https://chaoshi.tmall.com/ 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00010 + [Tags] selfserver http Redirect ip+请求头完整匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://military.china.com/zh_cn/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://military.china.com/zh_cn/ 301 X-TG-Construct-By + ... ELSE Create List http://military.china.com/zh_cn/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00011 + [Tags] selfserver http Redirect ip+请求头左匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.tiexue.net/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.tiexue.net/ 302 X-TG-Construct-By + ... ELSE Create List http://www.tiexue.net/ 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00012 + [Tags] selfserver http Redirect ip+cookie字串匹配 + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.douyu.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat + ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.douyu.com/ 301 X-TG-Construct-By + ... ELSE Create List https://www.douyu.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00013 + [Tags] selfserver http Redirect ip+应答头右匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.fang.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.fang.com/ 301 X-TG-Construct-By + ... ELSE Create List https://www.fang.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00014 + [Tags] selfserver http Redirect ip+应答头字串匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID=","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID= 302 X-TG-Construct-By + ... ELSE Create List https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID= 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00015 + [Tags] selfserver http Redirect ip+应答头完整匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://stock.stockstar.com/gem/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat + ... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://stock.stockstar.com/gem/ 302 X-TG-Construct-By + ... ELSE Create List http://stock.stockstar.com/gem/ 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00016 + [Tags] selfserver http Redirect ip+应答头左匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.kugou.com/yy/html/rank.html","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat + ... ELSE set variable curl -kv \ http://open.node.com/test/youtube/youtube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.kugou.com/yy/html/rank.html 301 X-TG-Construct-By + ... ELSE Create List https://www.kugou.com/yy/html/rank.html 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00017 + [Tags] selfserver http Redirect ip+set-cookie右匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yy.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat + ... ELSE set variable curl -kv http://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yy.com/ 301 X-TG-Construct-By + ... ELSE Create List https://www.yy.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00018 + [Tags] selfserver http Redirect ip+set-cookie字串匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.xiaohongshu.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat + ... ELSE set variable curl -kv http://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.xiaohongshu.com/ 302 X-TG-Construct-By + ... ELSE Create List https://www.xiaohongshu.com/ 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00019 + [Tags] selfserver http Redirect ip+set-cookie完整匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.zhihu.com/signin?next=%2F","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.zhihu.com/signin?next=%2F 301 X-TG-Construct-By + ... ELSE Create List https://www.zhihu.com/signin?next=%2F 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00020 + [Tags] selfserver http Redirect ip+set-cookie左匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.pcauto.com.cn/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat + ... ELSE set variable curl -kv http://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.pcauto.com.cn/ 302 X-TG-Construct-By + ... ELSE Create List https://www.pcauto.com.cn/ 302 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00021 + [Tags] selfserver http Redirect ip+请求体字串匹配 + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.cmbchina.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body"-kv http://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.cmbchina.com/ 301 X-TG-Construct-By + ... ELSE Create List http://www.cmbchina.com/ 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Http-00022 + [Tags] selfserver 最大组合 http Redirect + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type + ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id} + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-HTTP-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yhd.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_REQ_CONTENT,${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00023.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yhd.com 301 X-TG-Construct-By + ... ELSE Create List https://www.yhd.com 301 X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com From c4146b5262f4d832e19b3e73d703d288b21e3bd4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 09:58:55 +0800 Subject: [PATCH 53/75] =?UTF-8?q?=E9=87=8D=E5=AE=9A=E5=90=91ssl?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Proxy/Redirect_Ssl_Tests.robot | 802 ++++++++++++++++++ 1 file changed, 802 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot new file mode 100644 index 0000000..a3ea44b --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot @@ -0,0 +1,802 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc proxy_policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +ProxyPolicy-Redirect-Ssl-00001 + [Tags] selfserver ip ssl Redirect + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.ziroom.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.ziroom.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List http://www.ziroom.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00002 + [Tags] selfserver ip+fqdn完整匹配 ssl Redirect + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yhd.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yhd.com 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.yhd.com 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00003 + [Tags] selfserver ip+cat右匹配 ssl Redirect + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com + ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_cat_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.toutiao.com/ch/news_hot/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.toutiao.com/ch/news_hot/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.toutiao.com/ch/news_hot/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00004 + [Tags] selfserver ssl Redirect ip+url右匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://bbs.tianya.cn/list-lookout-1.shtml","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://bbs.tianya.cn/list-lookout-1.shtml 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List http://bbs.tianya.cn/list-lookout-1.shtml 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00005 + [Tags] selfserver ssl Redirect ip+url字串匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://kefu.ctrip.com/index","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://kefu.ctrip.com/index 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://kefu.ctrip.com/index 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00006 + [Tags] selfserver ssl Redirect ip+url完整匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.booking.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.booking.com/ 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.booking.com/ 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00007 + [Tags] selfserver ssl Redirect ip+url左匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node* + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.eastmoney.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.eastmoney.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.eastmoney.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00008 + [Tags] selfserver ssl Redirect ip+请求头右匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.iqiyi.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.iqiyi.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.iqiyi.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00009 + [Tags] selfserver ssl Redirect ip+请求头字串匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://chaoshi.tmall.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://chaoshi.tmall.com/ 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://chaoshi.tmall.com/ 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00010 + [Tags] selfserver ssl Redirect ip+请求头完整匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://military.china.com/zh_cn/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://military.china.com/zh_cn/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List http://military.china.com/zh_cn/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00011 + [Tags] selfserver ssl Redirect ip+请求头左匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.tiexue.net/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.tiexue.net/ 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List http://www.tiexue.net/ 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00012 + [Tags] selfserver ssl Redirect ip+cookie字串匹配 + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.douyu.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat + ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.douyu.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.douyu.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00013 + [Tags] selfserver ssl Redirect ip+应答头右匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.fang.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.fang.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.fang.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00014 + [Tags] selfserver ssl Redirect ip+应答头字串匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID=","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID= 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.zealer.com/video?ZC_ACCESS_TOKEN=&ZC_UID= 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00015 + [Tags] selfserver ssl Redirect ip+应答头完整匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://stock.stockstar.com/gem/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://stock.stockstar.com/gem/ 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List http://stock.stockstar.com/gem/ 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00016 + [Tags] selfserver ssl Redirect ip+应答头左匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.kugou.com/yy/html/rank.html","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.kugou.com/yy/html/rank.html 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.kugou.com/yy/html/rank.html 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00017 + [Tags] selfserver ssl Redirect ip+set-cookie右匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yy.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yy.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.yy.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00018 + [Tags] selfserver ssl Redirect ip+set-cookie字串匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.xiaohongshu.com/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.xiaohongshu.com/ 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.xiaohongshu.com/ 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00019 + [Tags] selfserver ssl Redirect ip+set-cookie完整匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.zhihu.com/signin?next=%2F","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.zhihu.com/signin?next=%2F 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.zhihu.com/signin?next=%2F 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00020 + [Tags] selfserver ssl Redirect ip+set-cookie左匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.pcauto.com.cn/","code":302,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.pcauto.com.cn/ 302 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.pcauto.com.cn/ 302 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00021 + [Tags] selfserver ssl Redirect ip+请求体字串匹配 + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"http://www.cmbchina.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.cmbchina.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List http://www.cmbchina.com/ 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Redirect-Ssl-00022 + [Tags] selfserver 最大组合 ssl Redirect + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type + ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id} + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test + ${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_by_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Redirect-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"redirect","to":"https://www.yhd.com/","code":301,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_REQ_CONTENT,${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-SSL-00023.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List https://www.yhd.com 301 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List https://www.yhd.com 301 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com From eace7ac745d67921fa2a08245b5625ee57014e01 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 09:59:23 +0800 Subject: [PATCH 54/75] Upload New File --- 05-Other/curl/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat diff --git a/05-Other/curl/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat b/05-Other/curl/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat new file mode 100644 index 0000000..9baac40 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat @@ -0,0 +1 @@ +curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action | iconv -f utf-8 -t gbk From ba93905b8c024f12f74539edb6de03fe97a34633 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 09:59:37 +0800 Subject: [PATCH 55/75] Upload New File --- 05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat diff --git a/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat new file mode 100644 index 0000000..af46590 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat @@ -0,0 +1 @@ +curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html | iconv -f utf-8 -t gbk \ No newline at end of file From bded53e2e8d9bd23bdba52c6b4992065e02da2a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 09:59:50 +0800 Subject: [PATCH 56/75] Upload New File --- 05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat diff --git a/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat new file mode 100644 index 0000000..ca54462 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat @@ -0,0 +1 @@ +curl -kv http://open.node.com/test/youtube/youtube.html | iconv -f utf-8 -t gbk \ No newline at end of file From 9d093d42bc77d2ee42d461e1eab184b86f0c2ef0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 10:00:03 +0800 Subject: [PATCH 57/75] Upload New File --- 05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat diff --git a/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat new file mode 100644 index 0000000..7432b87 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat @@ -0,0 +1 @@ +curl -kv http://open.node.com/test/nationalbank/nationalbank.html | iconv -f utf-8 -t gbk \ No newline at end of file From c9c7c15213cb768617d8c4af3e63079367cff439 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 10:00:14 +0800 Subject: [PATCH 58/75] Upload New File --- 05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat diff --git a/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat new file mode 100644 index 0000000..1aaefd6 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat @@ -0,0 +1 @@ +curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ curl http://open.node.com/ | iconv -f utf-8 -t gbk From 940c09071a77cedc2c73cf6622d964f44501f011 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 10:00:26 +0800 Subject: [PATCH 59/75] Upload New File --- 05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat diff --git a/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat new file mode 100644 index 0000000..4e4bb32 --- /dev/null +++ b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat @@ -0,0 +1 @@ +curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' http://open.node.com/test/nationalbank/nationalbank.html | iconv -f utf-8 -t gbk \ No newline at end of file From 16a1d44105f562e3726febd3a34a524a1e4a0d89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 10:00:37 +0800 Subject: [PATCH 60/75] Upload New File --- 05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00017.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00017.bat diff --git a/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00017.bat b/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00017.bat new file mode 100644 index 0000000..d90714b --- /dev/null +++ b/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00017.bat @@ -0,0 +1 @@ +curl -kv http://open.node.com/ | iconv -f utf-8 -t gbk \ No newline at end of file From 9673081af57db38e74864da7d9ea0a9fd4702646 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 10:01:02 +0800 Subject: [PATCH 61/75] Upload New File --- 05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00023.bat | 1 + 1 file changed, 1 insertion(+) create mode 100644 05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00023.bat diff --git a/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00023.bat b/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00023.bat new file mode 100644 index 0000000..7b186bf --- /dev/null +++ b/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00023.bat @@ -0,0 +1 @@ +curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com/action |iconv -f utf-8 -t gbk From 21d47dbbfec8fef8d04dfa3664af2f1546d298ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 10:06:22 +0800 Subject: [PATCH 62/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=AE=8C=E6=95=B4?= =?UTF-8?q?=E5=8C=B9=E9=85=8D=E5=BA=94=E7=AD=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot index a3ea44b..4b1af59 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot @@ -500,7 +500,7 @@ ProxyPolicy-Redirect-Ssl-00014 ProxyPolicy-Redirect-Ssl-00015 [Tags] selfserver ssl Redirect ip+应答头完整匹配 Comment 创建应答头 - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建url From 3adb8ca243eb98d7e2d460b2cb44ea989dcd2505 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 10:14:35 +0800 Subject: [PATCH 63/75] =?UTF-8?q?http=E6=94=B9=E4=B8=BAhttps?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- 05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00023.bat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00023.bat b/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00023.bat index 7b186bf..168deef 100644 --- a/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00023.bat +++ b/05-Other/curl/selfserver/proxyPolicy-Redirect-HTTP-00023.bat @@ -1 +1 @@ -curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com/action |iconv -f utf-8 -t gbk +curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action |iconv -f utf-8 -t gbk From 33f8c8c60644d0755101ea515e0c60b5d88d3cf4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 10:18:53 +0800 Subject: [PATCH 64/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=BD=91=E7=AB=99?= =?UTF-8?q?=E5=BC=95=E7=94=A8=E9=94=99=E8=AF=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot index 4b1af59..bcabb79 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Ssl_Tests.robot @@ -736,7 +736,7 @@ ProxyPolicy-Redirect-Ssl-00021 ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} ${policyIds} Create List ${policyId1} ${policyId2} Comment 功能端验证HTTP验证 - ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv https://open.node.com/action @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.cmbchina.com/ 301 X-TG-Construct-By Tango Secure Gateway CA ... ELSE Create List http://www.cmbchina.com/ 301 X-TG-Construct-By Tango Secure Gateway CA From 1efafe17e1e00c795a4b445b6ef10001cbece2e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 10:20:33 +0800 Subject: [PATCH 65/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=BD=91=E7=AB=99?= =?UTF-8?q?=E5=BC=95=E7=94=A8=E9=94=99=E8=AF=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tsg_adc/selfserver/Api_Proxy/Redirect_Http_Tests.robot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Http_Tests.robot index d1d02b1..344bb2a 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Redirect_Http_Tests.robot @@ -736,7 +736,7 @@ ProxyPolicy-Redirect-Http-00021 ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} ${policyIds} Create List ${policyId1} ${policyId2} Comment 功能端验证HTTP验证 - ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body"-kv http://open.node.com/action @{stringlist} run keyword if '${systemType}'=='Windows' Create List http://www.cmbchina.com/ 301 X-TG-Construct-By ... ELSE Create List http://www.cmbchina.com/ 301 X-TG-Construct-By From 51eb81f6bf7f5573afeb692ce0a3bdc2aae08d04 Mon Sep 17 00:00:00 2001 From: dongxiaoyan Date: Tue, 28 Apr 2020 12:43:00 +0800 Subject: [PATCH 66/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=A4=A7=E5=B0=8F?= =?UTF-8?q?=E5=86=99=E4=B8=8D=E4=B8=80=E8=87=B4=E5=AF=BC=E8=87=B4=E7=9A=84?= =?UTF-8?q?=E9=97=AE=E9=A2=98=EF=BC=9B=20=E6=B7=BB=E5=8A=A0interceptssl?= =?UTF-8?q?=E7=86=9F=E6=82=89=E6=8E=A5=E5=8F=A3=EF=BC=8C=E5=BE=85=E6=9B=B4?= =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E6=9B=B4=E6=96=B0=E5=90=8E=E6=B5=8B=E8=AF=95?= =?UTF-8?q?=EF=BC=9B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../policy_file_interface/Decryption.robot | 64 +++++++++++++++++++ .../HijackFilesPolicy.robot | 2 +- .../InsertScriptsPolicy.robot | 2 +- .../KeyringPolicyFile.robot | 2 +- .../ResponsePagesPolicy.robot | 2 +- .../TrustedCertPolicy.robot | 2 +- 6 files changed, 69 insertions(+), 5 deletions(-) create mode 100644 01-TestCase/tsg_bfapi/policy_file_interface/Decryption.robot diff --git a/01-TestCase/tsg_bfapi/policy_file_interface/Decryption.robot b/01-TestCase/tsg_bfapi/policy_file_interface/Decryption.robot new file mode 100644 index 0000000..7ac41e5 --- /dev/null +++ b/01-TestCase/tsg_bfapi/policy_file_interface/Decryption.robot @@ -0,0 +1,64 @@ +*** Settings *** +Test Teardown TeardownDelete ${url} profileIds ${profileId} +Force Tags tsg_bf_api Response_Pages +Library String +Library OperatingSystem +Library Selenium2Library +Library Collections +Resource ../../../02-Keyword/tsg_bfapi/Common.robot +Resource ../../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot +Resource ../../../03-Variable/BifangApiVariable.txt + +*** Variables *** +${url} /policy/profile/decryption +${profileId} ${EMPTY} + +*** Test Cases *** +Decryption_ADD_001 + + Comment 全串{"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{"dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + Comment "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + Comment "protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1} + Comment dynamic_bypass + Comment 拦截排除参数对象 + Comment ev_cert Integer 是 ON/OFF,缺省OFF,1表示ON,0表示OFF + Comment cert_transparency Integer 是 ON/OFF,缺省OFF,1表示ON,0表示OFF + Comment mutual_authentication Integer 是 ON/OFF,缺省ON,1表示ON,0表示OFF + Comment cert_pinning Integer 是 Blocl/Bypass,缺省Block,1表示Block,0表示Bypass + Comment protocol_errors Integer 是 ON/OFF,缺省ON,1表示ON,0表示OFF + Comment protocol_version Object 是 协议版本对象 + Comment min Integer 否 如果mirror_client=1,则此参数可为空 + Comment max Integer 否 如果mirror_client=1,则此参数可为空 + Comment mirror_client Integer 是 ON/OFF,缺省ON,1表示ON,0表示OFF + Comment allow_http2 Integer 是 1表示ON,0表示OFF + Comment certificate_checks Object 是 证书检查参数对象 + Comment approachObject 是 certificateChecksObj对象参数 + Comment cn Integer 是 approach对象参数,ON/OFF,缺省ON, 1表示ON,0表示OFF + Comment issuer Integer 是 approach对象参数,ON/OFF,缺省ON, 1表示ON,0表示OFF + Comment self-signed Integer 是 approach对象参数, ON/OFF,缺省ON, 1表示ON,0表示OFF + Comment expiration Integer 是 approach对象参数,ON/OFF,缺省ON, 1表示ON,0表示OFF + Comment fail_action String 是 certificateChecksObj对象参数,值为: fail-close pass-through + Comment isValid Integer 是 是否有效 + Comment isInitialize Integer 否 0:非内置,缺省 1:内置 + + ${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + ${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + ${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + ${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + ${data} Create List ${requestbody} + ${response} CreatePolicyFileNoFile ${url} ${data} + + # 查询 + ${profileId} Get From Dictionary ${response} profileId + ${profileName} Get From Dictionary ${response} profileName + QueryPolicyFile ${url} profileId=${profileId}&profileName=${profileName} + + + # 修改 + ${dynamic_bypass}="dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"cert_pinning":0,"protocol_errors":0} + ${protocol_version}="protocol_version":{"min":"ssl3","max":"tls13","mirror_client":0,"allow_http2":0} + ${certificate_checks}="certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"} + ${requestbody}={"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_edit","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":0,"isInitialize":0,"profileDesc":""}]} + @{data} set variable ${requestbody} + UpdatePolicyFile2 ${url} ${reqData_edit} @{data} + diff --git a/01-TestCase/tsg_bfapi/policy_file_interface/HijackFilesPolicy.robot b/01-TestCase/tsg_bfapi/policy_file_interface/HijackFilesPolicy.robot index 47fd2bf..e31f427 100644 --- a/01-TestCase/tsg_bfapi/policy_file_interface/HijackFilesPolicy.robot +++ b/01-TestCase/tsg_bfapi/policy_file_interface/HijackFilesPolicy.robot @@ -17,7 +17,7 @@ ${profileId} ${EMPTY} Hijack Files Policy CRUD case # 新增 - ${response} CreatePolicyFile2 ${url} Hijack Files-files/ Create-Hijack Files-test-3.html hijack + ${response} CreatePolicyFile2 ${url} hijack_files/ Create-Hijack Files-test-3.html hijack # 查询 ${profileId} Get From Dictionary ${response} profileId diff --git a/01-TestCase/tsg_bfapi/policy_file_interface/InsertScriptsPolicy.robot b/01-TestCase/tsg_bfapi/policy_file_interface/InsertScriptsPolicy.robot index c58b5da..e04f838 100644 --- a/01-TestCase/tsg_bfapi/policy_file_interface/InsertScriptsPolicy.robot +++ b/01-TestCase/tsg_bfapi/policy_file_interface/InsertScriptsPolicy.robot @@ -17,7 +17,7 @@ ${profileId} ${EMPTY} Insert Scripts Policy CRUD case # 新增 - ${response} CreatePolicyFile2 ${url} Insert Scripts-files/ Create-Insert Scripts-test-1.js insert + ${response} CreatePolicyFile2 ${url} insert_files/ Create-Insert Scripts-test-1.js insert # 查询 ${profileId} Get From Dictionary ${response} profileId diff --git a/01-TestCase/tsg_bfapi/policy_file_interface/KeyringPolicyFile.robot b/01-TestCase/tsg_bfapi/policy_file_interface/KeyringPolicyFile.robot index 69f6789..a7483b0 100644 --- a/01-TestCase/tsg_bfapi/policy_file_interface/KeyringPolicyFile.robot +++ b/01-TestCase/tsg_bfapi/policy_file_interface/KeyringPolicyFile.robot @@ -17,7 +17,7 @@ ${keyringId} ${EMPTY} Keyring Policy File case # 新增 - ${response} CreatePolicyMutipartFile ${url} Keyrings/root/ mesalab-ca-cert.pem mesalab-ca-key.pem + ${response} CreatePolicyMutipartFile ${url} keyrings/root/ mesalab-ca-cert.pem mesalab-ca-key.pem # 查询 ${keyringId} Get From Dictionary ${response} keyringId diff --git a/01-TestCase/tsg_bfapi/policy_file_interface/ResponsePagesPolicy.robot b/01-TestCase/tsg_bfapi/policy_file_interface/ResponsePagesPolicy.robot index 95d374b..f385997 100644 --- a/01-TestCase/tsg_bfapi/policy_file_interface/ResponsePagesPolicy.robot +++ b/01-TestCase/tsg_bfapi/policy_file_interface/ResponsePagesPolicy.robot @@ -17,7 +17,7 @@ ${profileId} ${EMPTY} Response Pages Policy CRUD case # 新增 - ${response} CreatePolicyFile2 ${url} Response pages-files/ Create-Response Pages-test-1.html resPages + ${response} CreatePolicyFile2 ${url} response_pages_files/ Create-Response Pages-test-1.html resPages # 查询 ${profileId} Get From Dictionary ${response} profileId diff --git a/01-TestCase/tsg_bfapi/policy_file_interface/TrustedCertPolicy.robot b/01-TestCase/tsg_bfapi/policy_file_interface/TrustedCertPolicy.robot index 4b211f5..aa3e912 100644 --- a/01-TestCase/tsg_bfapi/policy_file_interface/TrustedCertPolicy.robot +++ b/01-TestCase/tsg_bfapi/policy_file_interface/TrustedCertPolicy.robot @@ -17,7 +17,7 @@ ${certId} ${EMPTY} Trusted Cert Policy CRUD case # 新增 - ${response} CreatePolicyFile ${url} Keyrings/root/ tango-ca-trust-ca-cer.pem + ${response} CreatePolicyFile ${url} keyrings/root/ tango-ca-trust-ca-cer.pem # 查询 ${certId} Get From Dictionary ${response} certId From 7dea8cc295345b2708da2d0e49d8a01c6263f566 Mon Sep 17 00:00:00 2001 From: dongxiaoyan Date: Tue, 28 Apr 2020 12:46:43 +0800 Subject: [PATCH 67/75] =?UTF-8?q?1=E3=80=81=E4=B8=AD=E9=97=B4=E4=BB=B6?= =?UTF-8?q?=E6=AF=94=E7=8E=87=E6=B5=8B=E8=AF=95=EF=BC=9A=E5=8F=AA=E5=87=BA?= =?UTF-8?q?=E6=95=B0=E6=8D=AE=E4=B8=8D=E5=87=BA=E7=BB=93=E8=AE=BA=EF=BC=9B?= =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E6=97=A5=E5=BF=97=E6=80=BB=E9=87=8F=E6=9F=A5?= =?UTF-8?q?=E8=AF=A2=E5=85=B3=E9=94=AE=E5=AD=97=EF=BC=9B=202=E3=80=81?= =?UTF-8?q?=E5=88=B6=E9=80=A0http=E6=94=AF=E6=8C=81alert=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=EF=BC=9B=203=E3=80=81=E5=88=A0=E9=99=A4=E7=AD=96=E7=95=A5?= =?UTF-8?q?=E4=B8=AD=E7=9B=AE=E6=A0=87=E5=AF=B9=E8=B1=A1=E7=9A=84=E9=BB=98?= =?UTF-8?q?=E8=AE=A4=E5=BC=95=E7=94=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- 01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot | 201 ++++++++++-- 01-TestCase/zjj/ZJJ_SecurityPolicy_Http.robot | 297 ++++++++++++++++++ 02-Keyword/tsg_bfapi/LogSchema.robot | 36 +++ 02-Keyword/tsg_bfapi/LogVariable.robot | 30 +- .../FunctionalKeywords.robot | 23 ++ 03-Variable/PolicyObjectDefault.txt | 8 +- .../zjj/ZJJ_ProxyPolicy-Replace-00001.bat | 1 + 7 files changed, 569 insertions(+), 27 deletions(-) create mode 100644 01-TestCase/zjj/ZJJ_SecurityPolicy_Http.robot create mode 100644 05-Other/zjj/ZJJ_ProxyPolicy-Replace-00001.bat diff --git a/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot b/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot index 882a3ff..09107d7 100644 --- a/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot +++ b/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot @@ -18,17 +18,129 @@ ${url} /policy/profile/responsepages ${profiledId} ${EMPTY} *** Test Cases *** -ZJJ_ProxyPolicy-Replace-Uri-00001 - [Tags] selfserver +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00001 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00001 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} - ${caseName} set variable ZJJ_ProxyPolicy-Replace-Uri-00001 - # 创建对象-IP - # addItemList全参数:(为方便说明,将参数值拆分为几部分,其实际值为单条无空格/回车字符串,每部分内代表的各参数不可跳跃。) - # [addrType]|[protocol]|[direction]|[isSession]# 第一部分(可省略) - # [clientIpFormat]|[clientIp1]|[clientIp2]|[clientPort1/clientPort2]& 第二部分(不可省略) - # [serverIpFormat]|[serverIp1]|[serverIp2]|[serverPort1/serverPort2]| 第三部分(可省略) - # [isInitialize]|[itemName]|[itemDesc], 第四部分(可省略) - # ... + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.1,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List schannel + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List schannel + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} +TestLogSize + #日志验证security_event_log + #GetLogListSize proxy_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co + ${logsize} GetLogListSize security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co + log 11${logsize} + ${logsize} GetLogCount security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co + log 22${logsize} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 + [Tags] selfserver SIP+DIP+URL+ResHeader+ReqHeader + + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 Comment 创建目标IP ${objectDict} Create Dictionary ... objectType=ip @@ -57,15 +169,61 @@ ZJJ_ProxyPolicy-Replace-Uri-00001 ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} - Comment 创建安全策略,针对所有协议,相当于BlackIP + #创建Resheader + ${objectDict} Create Dictionary + ... objectType=http_signature + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_http_signatureheaderobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725|Set-Cookie + ${rescode} ${object_ResH_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ResH_Id} + + #创建ReqHeader + ${objectDict} Create Dictionary + ... objectType=http_signature + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_http_signatureheaderobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725|Cookie + ${rescode} ${object_ReqH_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ReqH_Id} + + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR + ... isValid=1 + ... appObjectIdArray=${2},${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + #{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"tsg_security","action":"intercept","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"protocol_errors":1,"cert_pinning":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":112,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":8337,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]}],"isValid":0,"scheduleId":[],"appObjectIdArray":[2,3]}} + Comment 创建带有替换比例的策略"enforcement_ratio":0.9999 ${policyDict} Create Dictionary ... policyName=${caseName}_IPobject ... policyType=pxy_manipulation - ... policyDesc=${Default_PolicyDesc} + ... policyDesc=${caseName} ... action=manipulation ... effectiveRange=${Default_EffectiveRange} - ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.1,"protocol":"HTTP"} - ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find汉字 результатом манипуляций","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.1,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL,${object_ReqH_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_ResH_Id}|TSG_FIELD_HTTP_RES_HDR ... isValid=1 ... appObjectIdArray=${2} ... userTags=${Default_UserTags} @@ -78,16 +236,16 @@ ZJJ_ProxyPolicy-Replace-Uri-00001 ${policyIds} Create List {"policyType":"pxy_manipulation","policyIds":[${policyId}]} #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} # - ${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} - EditPolicy ${disablePolciy} + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} Comment 功能端验证SSL验证 - ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-AllProtol-00001_SSL.bat - ... ELSE set variable curl -kv https://open.node.com/ + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00002.bat + ... ELSE set variable curl -kv --cookie "JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725" -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find汉字 результатом манипуляций&setCookie=JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA replacetest #OpenSSL SSL_connect: Connection was reset in connection to #Send failure: Connection was reset - ... ELSE Create List OpenSSL SSL_connect: Connection reset by peer in connection to + ... ELSE Create List Tango Secure Gateway CA replacetest ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s @@ -95,6 +253,5 @@ ZJJ_ProxyPolicy-Replace-Uri-00001 Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com - + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com #{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"阿斯蒂","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_req_uri","find":"find","replace_with":"replace"}],"protocol":"HTTP"},"isValid":0,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":10103,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":8337,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]},{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}} \ No newline at end of file diff --git a/01-TestCase/zjj/ZJJ_SecurityPolicy_Http.robot b/01-TestCase/zjj/ZJJ_SecurityPolicy_Http.robot new file mode 100644 index 0000000..17178f0 --- /dev/null +++ b/01-TestCase/zjj/ZJJ_SecurityPolicy_Http.robot @@ -0,0 +1,297 @@ +*** Settings *** +#Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags zjj tsg_proxy replace +Library OperatingSystem +Resource ../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../03-Variable/PolicyObjectDefault.txt +Resource ../../02-Keyword/tsg_common/StmpHandle.robot +Resource ../../03-Variable/BifangApiVariable.txt +Resource ../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot +Library Custometest +Library json + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} +${url} /policy/profile/responsepages +${profiledId} ${EMPTY} + +*** Test Cases *** +ZJJ_SecurityPolicy-Deny-Http-Alert00001 + [Tags] ZJJ HttpAlert + ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00001 + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + ${objectids} set Variable ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #创建Resheader + ${objectDict} Create Dictionary + ... objectType=http_signature + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_http_signatureheaderobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725|Set-Cookie + ${rescode} ${object_ResH_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ResH_Id} + + #创建ReqHeader + ${objectDict} Create Dictionary + ... objectType=http_signature + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_http_signatureheaderobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725|Cookie + ${rescode} ${object_ReqH_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ReqH_Id} + + #创建ResBocy + ${objectDict} Create Dictionary + ... objectType=keywords + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_http_keywordsobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=创建ResBocy* + ${rescode} ${object_ResB_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ResB_Id} + + #创建ReqBody + ${objectDict} Create Dictionary + ... objectType=keywords + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_http_keywordsobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=*创建ReqBocy + ${rescode} ${object_ReqB_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ReqB_Id} + + # 新增 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建Deny策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=deny + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol": "HTTP","method":"alert","code":200,"html_profile":${profiledId}} + ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL,${object_FQDN_Id}|TSG_FIELD_HTTP_HOST,${object_ReqH_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_ResH_Id}|TSG_FIELD_HTTP_RES_HDR,${object_ReqB_Id}|TSG_FIELD_HTTP_REQ_CONTENT,${object_ResB_Id}|TSG_FIELD_HTTP_RES_CONTENT + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat + ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + + + + + +ZJJ_SecurityPolicy-Deny-Http-Alert00002 + [Tags] ZJJ HttpAlert + ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00002 + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + ${objectids} set Variable ${object_URL_Id} + + + # 新增 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建Deny策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=deny + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol": "HTTP","method":"alert","code":200,"html_profile":${profiledId}} + ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + +ZJJ_SecurityPolicy-Deny-Http-Alert00003 + [Tags] ZJJ HttpAlert + ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00003 + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=www.icbc.com.cn + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + ${objectids} set Variable ${object_URL_Id} + + + # 新增 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建Deny策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=deny + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol": "HTTP","method":"alert","code":204,"html_profile":${profiledId}} + ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + +ZJJ_SecurityPolicy-Deny-Http-Alert00004 + [Tags] ZJJ HttpAlert + ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00004 + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=www.xiaozhu.com + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + ${objectids} set Variable ${object_URL_Id} + + + Comment 创建Deny策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=deny + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol": "HTTP","method":"alert","code":200,"message":"alerttest200"} + ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + +ZJJ_SecurityPolicy-Deny-Http-Alert00005 + [Tags] ZJJ HttpAlert + ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00005 + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=www.sinovision.net + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + ${objectids} set Variable ${object_URL_Id} + + + Comment 创建Deny策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=deny + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol": "HTTP","method":"alert","code":204,"message":"alerttest204"} + ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} diff --git a/02-Keyword/tsg_bfapi/LogSchema.robot b/02-Keyword/tsg_bfapi/LogSchema.robot index fcb8681..c6a1143 100644 --- a/02-Keyword/tsg_bfapi/LogSchema.robot +++ b/02-Keyword/tsg_bfapi/LogSchema.robot @@ -31,3 +31,39 @@ PostRemoteData Create Session api http://${host}:${port}/${version} headers=${header} ${remoteResponse} Post Request api ${url} data=${data} headers=${header} [Return] ${remoteResponse} + +GetALLLogCondition + [Arguments] ${logname} ${startTime} ${endTime} ${client_ip} ${policy_id} ${pageSize} ${pageNo} + Set Headers {"Content-Type":"application/x-www-form-urlencoded","Authorization":"${token}"} + &{LogSchemaResponse}= GET /v1/log/schema?logType=${logname} + log ${logname} + #Output Schema response body + Object response body + #Integer $.code 200 + log ${LogSchemaResponse.body['data']} + ${field} Evaluate json.dumps(eval(str(${LogSchemaResponse.body['data']['fields']}))) json + log ${field} + #${pageSize} Set Variable 30 + #${pageNo} Set Variable 1 + ${condition} Set Variable [{"value":["${startTime}","${endTime}"],"symbol":"between","field":"common_recv_time","type":"timestamp"}] + ${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","fields":${field},"start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition} ,"common_client_ips":"${client_ip}","common_policy_ids":"${policy_id}"} + log this time query condition:${logCondition} + [Return] ${logCondition} + +GetLogCountConditon + [Arguments] ${logname} ${startTime} ${endTime} ${client_ip} ${policy_id} ${pageSize} ${pageNo} + Set Headers {"Content-Type":"application/x-www-form-urlencoded","Authorization":"${token}"} + &{LogSchemaResponse}= GET /v1/log/schema?logType=${logname} + log ${logname} + #Output Schema response body + Object response body + #Integer $.code 200 + log ${LogSchemaResponse.body['data']} + ${field} Evaluate json.dumps(eval(str(${LogSchemaResponse.body['data']['fields']}))) json + log ${field} + #${pageSize} Set Variable 30 + #${pageNo} Set Variable 1 + ${condition} Set Variable [{"value":["${startTime}","${endTime}"],"symbol":"between","field":"common_recv_time","type":"timestamp"}] + ${logCondition} Set Variable {"pageNo":${pageNo},"pageSize":${pageSize},"logType":"${logname}","fields":${field},"start_common_recv_time":"${startTime}","end_common_recv_time":"${endTime}","conditions":${condition} ,"common_client_ips":"${client_ip}","common_policy_ids":"${policy_id}"} + log this time query condition:${logCondition} + [Return] ${logCondition} \ No newline at end of file diff --git a/02-Keyword/tsg_bfapi/LogVariable.robot b/02-Keyword/tsg_bfapi/LogVariable.robot index 62bbc83..9d05bd0 100644 --- a/02-Keyword/tsg_bfapi/LogVariable.robot +++ b/02-Keyword/tsg_bfapi/LogVariable.robot @@ -29,4 +29,32 @@ GetLogList Should Contain ${logs}"" ${client_ip} Should Contain ${logs}"" ${policy_id} Should Contain ${logs}"" ${parmkey} - Should Contain ${logs}"${parmkey}" ${parmvalue} \ No newline at end of file + Should Contain ${logs}"${parmkey}" ${parmvalue} + + + +GetLogListSize + [Documentation] + ... 描述:ProxyPinning + ... + [Arguments] ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} ${parmkey} ${parmvalue} + ${logCondition} GetALLLogCondition ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} 10000 1 + log ${logCondition} + ${LogListResponse} PostRemoteData /log/list ${logCondition} + Should Be Equal As Strings ${LogListResponse.status_code} 200 + ${returnData} To Json ${LogListResponse.content} + ${data} Get From Dictionary ${returnData} data + ${len} Get Length ${data}[list] + [Return] ${len} + + +GetLogCount + [Arguments] ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} ${parmkey} ${parmvalue} + ${logCondition} GetALLLogCondition ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} 10000 1 + ${LogListResponse} PostRemoteData /log/count ${logCondition} + Should Be Equal As Strings ${LogListResponse.status_code} 200 + ${returnData} To Json ${LogListResponse.content} + ${len} Set Variable ${LogListResponse.json()}[data][total] + #${len} Get From Dictionary ${returnData} total + [Return] ${len} + \ No newline at end of file diff --git a/02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot b/02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot index b066bab..9e68200 100644 --- a/02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot +++ b/02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot @@ -103,6 +103,29 @@ CreatePolicyFile3 Log profileId:${profileId} [Return] ${response} +CreatePolicyFileNoFile + [Documentation] + ... 必传参数:url + ... 可选参数:data(不传时使用默认值) + [Arguments] ${url} ${data} + ${suffix} Generate Random String + ${profileName} Catenate SEPARATOR=_ test ${suffix} + ${listlenth}= Get Length ${data} + ${requestbody} Set Variable {"opAction":"add","returnData":1,"trafficMirrorList":[{"profileName":"${profileName}","addrType":"mac","isValid":1,"addrArray":["00:A1:B2:06:C3:29"]}]} + FOR ${var} IN RANGE ${listlenth} + #log ${var} + ${request} Set Variable ${data}[${var}] + END + ${content} Post-Request ${url} ${requestbody} + ${msg} Set Variable ${content['msg']} + ${list} Set Variable ${content['data']['list']} + ${profileId} Set Variable ${list[0]['profileId']} + ${profileName} Set Variable ${list[0]['profileName']} + ${response} Create Dictionary msg=${msg} profileId=${profileId} profileName=${profileName} + Log add operation:${msg} + Log profileId:${profileId} + [Return] ${response} + CreatePolicyMutipartFile [Documentation] ... 必传参数:url、filePath(文件路径)、pubFileName(证书文件名)、priFileName(私钥文件名) diff --git a/03-Variable/PolicyObjectDefault.txt b/03-Variable/PolicyObjectDefault.txt index 0e83bb2..ca65056 100644 --- a/03-Variable/PolicyObjectDefault.txt +++ b/03-Variable/PolicyObjectDefault.txt @@ -9,11 +9,11 @@ ${Default_PolicyDesc} autotest ${Default_Action} deny ${Default_EffectiveRange} Nursurtan|Transtelecom&Astel,|Astel&Transtelecom ${Default_UserRegion} method:rst -${Default_ReferenceObject} 1|TSG_SECURITY_DESTINATION_ADDR +${Default_ReferenceObject} ${EMPTY} ${Default_AppObjectIdArray} 2,3,4,5,6 -${Default_UserTags} 3 -${Default_DoLog} ${2} -${Default_ScheduleId} 7 +${Default_UserTags} 2 +${Default_DoLog} ${1} +${Default_ScheduleId} 1 # 对象 ${Default_ObjectType} ip diff --git a/05-Other/zjj/ZJJ_ProxyPolicy-Replace-00001.bat b/05-Other/zjj/ZJJ_ProxyPolicy-Replace-00001.bat new file mode 100644 index 0000000..1d126e9 --- /dev/null +++ b/05-Other/zjj/ZJJ_ProxyPolicy-Replace-00001.bat @@ -0,0 +1 @@ +curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=content-type;charset=utf-8&resBody=Response Body" https://open.node.com/action | iconv -f utf-8 -t gbk \ No newline at end of file From 8d182ac15066155b30a889426bce8c559ac7883a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 13:44:47 +0800 Subject: [PATCH 68/75] =?UTF-8?q?=E4=BF=AE=E6=94=B917-20=E7=94=A8=E4=BE=8B?= =?UTF-8?q?liunx=E8=AE=BF=E9=97=AE=E5=9C=B0=E5=9D=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../selfserver/Api_Security/Monitor_Http_Tests.robot | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot index 4d869ca..29b6a6d 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot @@ -490,7 +490,7 @@ SecurityPolicy-Monitor-Http-00017 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat - ... ELSE set variable curl \ http://open.node.com/ + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action ${stringlist} run keyword if '${systemType}'=='Windows' Create List test ... ELSE Create List test ${starttime} Get Time @@ -519,7 +519,7 @@ SecurityPolicy-Monitor-Http-00018 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat - ... ELSE set variable curl \ http://open.node.com/ + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action ${stringlist} run keyword if '${systemType}'=='Windows' Create List test ... ELSE Create List test ${starttime} Get Time @@ -548,7 +548,7 @@ SecurityPolicy-Monitor-Http-00019 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat - ... ELSE set variable curl \ http://open.node.com/ + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action ${stringlist} run keyword if '${systemType}'=='Windows' Create List test ... ELSE Create List test ${starttime} Get Time @@ -577,7 +577,7 @@ SecurityPolicy-Monitor-Http-00020 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat - ... ELSE set variable curl \ http://open.node.com/ + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action ${stringlist} run keyword if '${systemType}'=='Windows' Create List test ... ELSE Create List test ${starttime} Get Time From c6338ff9d02ca5020b0d6497edbc7941a248772d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 13:52:22 +0800 Subject: [PATCH 69/75] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E4=BF=84=E6=96=87?= =?UTF-8?q?=E9=AA=8C=E8=AF=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot index 29b6a6d..8425a4b 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot @@ -462,8 +462,8 @@ SecurityPolicy-Monitor-Http-00016 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank - ... ELSE Create List nationalbank + ${stringlist} run keyword if '${systemType}'=='Windows' Create List ақстан Республ + ... ELSE Create List ақстан Республ ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} From 1ace02da3c99db5ca669a8eae9c0b06e1015bd47 Mon Sep 17 00:00:00 2001 From: dongxiaoyan Date: Tue, 28 Apr 2020 17:03:28 +0800 Subject: [PATCH 70/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=8E=A5=E5=8F=A3?= =?UTF-8?q?=E7=9A=84=E5=9C=B0=E5=9D=80=E5=89=8D=E7=BC=80=E5=85=A8=E9=83=A8?= =?UTF-8?q?=E4=BD=BF=E7=94=A8=E9=85=8D=E7=BD=AE=E6=96=87=E4=BB=B6=E7=89=88?= =?UTF-8?q?=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../zjj/ZDFY_ActiveDefencePolicy.robot | 56 +- 01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot | 491 +++++++++++++++++- 02-Keyword/tsg_adc/PolicyVertify.robot | 2 +- 02-Keyword/tsg_bfapi/Common.robot | 6 +- 02-Keyword/tsg_bfapi/LogSchema.robot | 8 +- 02-Keyword/tsg_bfapi/LoginLogout.robot | 8 +- 02-Keyword/tsg_bfapi/PolicyObject.robot | 29 +- 02-Keyword/tsg_bfapi/Tag.robot | 6 +- 02-Keyword/tsg_cli/Interface.robot | 2 +- .../tsg_common/LoginAndLogoutTypeSwitch.robot | 2 +- 02-Keyword/tsg_common/ManagePolicyBody.robot | 4 +- 11 files changed, 564 insertions(+), 50 deletions(-) diff --git a/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot b/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot index a51887e..5738c8b 100644 --- a/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot +++ b/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot @@ -17,7 +17,7 @@ ${policyIds} ${EMPTY} ${objectids} ${EMPTY} ${url} /policy/profile/responsepages ${profiledId} ${EMPTY} -${target_ip} 10.3.22.199 +${target_ip} 10.3.22.129 # 无DHCP,需要手动设置IP,可用地址段: 10.3.22.[129-254], 掩码: 255.255.255.0, DNS服务器: 10.3.22.11。 *** Test Cases *** ZDFY_ActiveDefencePolicy-Flood-00001 @@ -25,7 +25,7 @@ ZDFY_ActiveDefencePolicy-Flood-00001 ${caseName} set variable ZDFY_ActiveDefencePolicy-Flood-00001 Comment claimed_src_ip_profile_id - ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} Comment 创建带主动策略Flood @@ -46,15 +46,55 @@ ZDFY_ActiveDefencePolicy-Flood-00001 ${s} Convert to String ${policyId} ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} - +ZDFY_ActiveDefencePolicy-Flood-00002 + [Tags] flood TwoPolicyOneprofile + + ${caseName} set variable ZDFY_ActiveDefencePolicy-Flood-00002 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + + Comment 创建带主动策略Flood + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + Comment 创建带主动策略Flood + ${policyDict2} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId2} AddPolicy2 ${1} ${policyDict2} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId},${policyId2} ]} + + ZDFY_ActiveDefencePolicy-Reflection-00001 [Tags] reflection ${caseName} set variable ZDFY_ActiveDefencePolicy-Reflection-00001 Comment claimed_src_ip_profile_id - ${response} BasePostRequest /v1/policy/profile/reflector body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.11"],"isValid":1,"profileDesc":"autotest"}]} + ${response} BasePostRequest /policy/profile/reflector body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.11"],"reflectorType":"dns","isValid":1,"profileDesc":"autotest"}]} ${reflector_profile_id} Set Variable ${response['data']['list'][0]['profileId']} - ${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorType":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} - #${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorPayload":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} + ${response} BasePostRequest /policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorType":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} + #${response} BasePostRequest /policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorPayload":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} ${payload_profile_id} Set Variable ${response['data']['list'][0]['profileId']} Comment 创建策略reflection ${policyDict} Create Dictionary @@ -77,7 +117,7 @@ ZDFY_ActiveDefencePolicy-CC-00001 [Tags] CC ${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00001 Comment claimed_src_ip_profile_id - ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":""}]} + ${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":""}]} ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} Comment 创建带主动策略CC ${policyDict} Create Dictionary @@ -102,7 +142,7 @@ ZDFY_ActiveDefencePolicy-CC-00002 [Tags] CC ${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00002 Comment claimed_src_ip_profile_id - ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} Comment 创建带主动策略CC ${policyDict} Create Dictionary diff --git a/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot b/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot index 09107d7..314ca73 100644 --- a/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot +++ b/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot @@ -90,6 +90,123 @@ ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00001 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.0001,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + Comment 创建带有比例的替换策略 ${policyDict} Create Dictionary ... policyName=${caseName} @@ -115,10 +232,10 @@ ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00001 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action - ${stringlist} run keyword if '${systemType}'=='Windows' Create List schannel + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe #Send failure: Connection was reset Tango Secure Gateway CA - ... ELSE Create List schannel + ... ELSE Create List Tango Secure Gateway CA ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s @@ -130,14 +247,365 @@ ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00001 ${endtime} Get Time ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com log 22${logsize} -TestLogSize + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00003 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00003 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.9,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00004 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00004 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":0,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.9999,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00005 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00005 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":0.5,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.9,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} +#TestLogSize #日志验证security_event_log #GetLogListSize proxy_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co - ${logsize} GetLogListSize security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co - log 11${logsize} - ${logsize} GetLogCount security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co - log 22${logsize} -ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 + #${logsize} GetLogListSize security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co + #log 11${logsize} + #${logsize} GetLogCount security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co + #log 22${logsize} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-000012 [Tags] selfserver SIP+DIP+URL+ResHeader+ReqHeader ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 @@ -254,4 +722,9 @@ ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 ${endtime} Get Time #日志验证 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com - #{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"阿斯蒂","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_req_uri","find":"find","replace_with":"replace"}],"protocol":"HTTP"},"isValid":0,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":10103,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":8337,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]},{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}} \ No newline at end of file + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} + \ No newline at end of file diff --git a/02-Keyword/tsg_adc/PolicyVertify.robot b/02-Keyword/tsg_adc/PolicyVertify.robot index a8f2c0c..96422df 100644 --- a/02-Keyword/tsg_adc/PolicyVertify.robot +++ b/02-Keyword/tsg_adc/PolicyVertify.robot @@ -36,7 +36,7 @@ PolicyVertify ${resultObj} Create Dictionary verifyList=${verifyList} ${json} json.Dumps ${resultObj} ensure_ascii=False - ${response} BasePostRequest /v1/policy/verify body=${json} + ${response} BasePostRequest /policy/verify body=${json} Log REQ = ${json} Log RES = ${response} Should Be True ${response['code']} == 200 diff --git a/02-Keyword/tsg_bfapi/Common.robot b/02-Keyword/tsg_bfapi/Common.robot index f827db1..fa64e0c 100644 --- a/02-Keyword/tsg_bfapi/Common.robot +++ b/02-Keyword/tsg_bfapi/Common.robot @@ -1,6 +1,6 @@ *** Settings *** Resource ../../03-Variable/BifangApiVariable.txt -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library RequestsLibrary @@ -19,7 +19,7 @@ BasePostRequest BaseDeleteRequest [Arguments] ${requestUri} ${data} ${headers} set variable {"Authorization":"${token}","Content-Type":"application/json"} - create session api http://${host}:${port} ${headers} + create session api http://${host}:${port}/${version} ${headers} ${response}= Delete Request api ${requestUri} data=${data} log return data =${response} Should Be Equal As Strings ${response.status_code} 200 @@ -29,7 +29,7 @@ BaseDeleteRequest BaseEditRequest [Arguments] ${requestUri} ${data} ${headers} set variable {"Authorization":"${token}","Content-Type":"application/json"} - create session api http://${host}:${port} ${headers} + create session api http://${host}:${port}/${version} ${headers} ${response}= Put Request api ${requestUri} data=${data} log return data =${response} Should Be Equal As Strings ${response.status_code} 200 diff --git a/02-Keyword/tsg_bfapi/LogSchema.robot b/02-Keyword/tsg_bfapi/LogSchema.robot index c6a1143..7bda6a0 100644 --- a/02-Keyword/tsg_bfapi/LogSchema.robot +++ b/02-Keyword/tsg_bfapi/LogSchema.robot @@ -4,13 +4,13 @@ Library RequestsLibrary Library OperatingSystem Library Collections Library string -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} *** Keywords *** GetLogCondition [Arguments] ${logname} ${startTime} ${endTime} ${client_ip} ${policy_id} Set Headers {"Content-Type":"application/x-www-form-urlencoded","Authorization":"${token}"} - &{LogSchemaResponse}= GET /v1/log/schema?logType=${logname} + &{LogSchemaResponse}= GET /log/schema?logType=${logname} log ${logname} #Output Schema response body Object response body @@ -35,7 +35,7 @@ PostRemoteData GetALLLogCondition [Arguments] ${logname} ${startTime} ${endTime} ${client_ip} ${policy_id} ${pageSize} ${pageNo} Set Headers {"Content-Type":"application/x-www-form-urlencoded","Authorization":"${token}"} - &{LogSchemaResponse}= GET /v1/log/schema?logType=${logname} + &{LogSchemaResponse}= GET /log/schema?logType=${logname} log ${logname} #Output Schema response body Object response body @@ -53,7 +53,7 @@ GetALLLogCondition GetLogCountConditon [Arguments] ${logname} ${startTime} ${endTime} ${client_ip} ${policy_id} ${pageSize} ${pageNo} Set Headers {"Content-Type":"application/x-www-form-urlencoded","Authorization":"${token}"} - &{LogSchemaResponse}= GET /v1/log/schema?logType=${logname} + &{LogSchemaResponse}= GET /log/schema?logType=${logname} log ${logname} #Output Schema response body Object response body diff --git a/02-Keyword/tsg_bfapi/LoginLogout.robot b/02-Keyword/tsg_bfapi/LoginLogout.robot index 46f8b18..ea37673 100644 --- a/02-Keyword/tsg_bfapi/LoginLogout.robot +++ b/02-Keyword/tsg_bfapi/LoginLogout.robot @@ -1,6 +1,6 @@ *** Settings *** Resource ../../03-Variable/BifangApiVariable.txt -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library SSHLibrary Resource PolicyObject.robot @@ -13,7 +13,7 @@ Login [Tags] tsg_adc tsg_bf_api #[Arguments] ${username} ${password} ${authmode} ${authCode} ${ldapId} # 毕方接口用户名密码 - GET /v1/user/encryptpwd?password=${password} + GET /user/encryptpwd?password=${password} Object response body #OUTPUT response body #${rescode} Integer $.code @@ -33,7 +33,7 @@ Login #getToken################################################################################## #log ${username} #log ${pwdstr} - POST /v1/user/login?username=${username}&password=${encodePassword}&authMode=${authmode} + POST /user/login?username=${username}&password=${encodePassword}&authMode=${authmode} Object response body #OUTPUT response body Integer $.code 200 @@ -51,7 +51,7 @@ Login Logout [Tags] tsg_adc tsg_bf_api - POST /v1/user/logout headers=${headers} + POST /user/logout headers=${headers} Object response body Integer $.code 200 ${rescode} Integer $.code diff --git a/02-Keyword/tsg_bfapi/PolicyObject.robot b/02-Keyword/tsg_bfapi/PolicyObject.robot index 947e3f4..4319673 100644 --- a/02-Keyword/tsg_bfapi/PolicyObject.robot +++ b/02-Keyword/tsg_bfapi/PolicyObject.robot @@ -3,7 +3,7 @@ Resource ../../03-Variable/BifangApiVariable.txt Resource ../tsg_common/ManagePolicyBody.robot Resource ../tsg_common/ManageObjectBody.robot Resource ../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library RequestsLibrary Resource Common.robot @@ -52,17 +52,17 @@ AddLocalIPObject DelLocalIPObject log to_DelLocalIPObject - ${response} BaseDeleteRequest /v1/policy/object {"objectIds":[${testClentID}]} + ${response} BaseDeleteRequest /policy/object {"objectIds":[${testClentID}]} #${response_code} Get From Dictionary ${response} code #Should Be Equal As Strings ${response} {'code': 200, 'msg': 'Success', 'success': True} SET GLOBAL VARIABLE ${testClentID} ${EMPTY} - ${response} BaseDeleteRequest /v1/policy/object {"objectIds":[${testClentSubID}]} + ${response} BaseDeleteRequest /policy/object {"objectIds":[${testClentSubID}]} SET GLOBAL VARIABLE ${testClentSubID} ${EMPTY} AddObject [Arguments] ${body} #addIPobject################################################################################# - ${response} BasePostRequest /v1/policy/object body=${body} + ${response} BasePostRequest /policy/object body=${body} #log ${response} ${objectId} Set Variable ${response['data']['objectList'][0]['objectId']} ${rescodeReturn} Set Variable ${response['code']} @@ -72,7 +72,7 @@ AddObject2 [Arguments] ${returnData} ${policyList} ${body} ObjectParamsOpertion ${returnData} ${policyList} - ${response} BasePostRequest /v1/policy/object body=${body} + ${response} BasePostRequest /policy/object body=${body} ${objectId} Set Variable ${response['data']['objectList'][0]['objectId']} ${rescodeReturn} Set Variable ${response['code']} [Return] ${rescodeReturn} ${objectId} @@ -84,7 +84,7 @@ EditObject DeleteObjectbak [Arguments] ${objectids} ${body} String {"objectIds":[${objectids}]} - DELETE /v1/policy/object body=${body} headers=${headers} + DELETE /policy/object body=${body} headers=${headers} Object response body log DeleteObject log dxytestOUtputstart @@ -96,7 +96,7 @@ DeleteObjectbak AddPolicy [Arguments] ${body} - ${response} BasePostRequest /v1/policy/compile body=${body} + ${response} BasePostRequest /policy/compile body=${body} #log ${response} ${policyId} Set Variable ${response['data']['policyList'][0]['policyId']} ${rescode} Set Variable ${response['code']} @@ -104,22 +104,23 @@ AddPolicy AddPolicy2 [Arguments] ${returnData} ${policyList} - ${body} PolicyParamsOpertion ${returnData} ${policyList} + ${body} PolicyParamsOpertion ${returnData} ${policyList} add - ${response} BasePostRequest /v1/policy/compile body=${body} + ${response} BasePostRequest /policy/compile body=${body} ${policyId} Set Variable ${response['data']['policyList'][0]['policyId']} ${rescode} Set Variable ${response['code']} [Return] ${rescode} ${policyId} EditPolicy - [Arguments] ${body} - ${response} BaseEditRequest /v1/policy/compile ${body} + [Arguments] ${policyList} ${opAction} + ${body} PolicyParamsOpertion ${1} ${policyList} ${opAction} + ${response} BaseEditRequest /policy/compile ${body} [Return] ${rescode} DeletePolicybak [Arguments] ${policyids} ${body} String {"policyType":"tsg_security","policyIds":[${policyids}]} - DELETE /v1/policy/compile body=${body} headers=${headers} + DELETE /policy/compile body=${body} headers=${headers} Object response body log DeletePolicy Output response body @@ -131,7 +132,7 @@ DeletePolicy [Arguments] ${body} #删除策略 log toDeletePolicy_DeletePolicyDeletePolicy - ${response} BaseDeleteRequest /v1/policy/compile ${body} + ${response} BaseDeleteRequest /policy/compile ${body} #{"policyType":"tsg_security","policyIds":[${policyids}]} ${response_code} Get From Dictionary ${response} code Should Be Equal As Strings ${response_code} 200 @@ -143,7 +144,7 @@ DeleteObject [Arguments] ${objectids} #删除对象 log todeleteobj - ${response} BaseDeleteRequest /v1/policy/object {"objectIds":[${objectids}]} + ${response} BaseDeleteRequest /policy/object {"objectIds":[${objectids}]} ${response_code} Get From Dictionary ${response} code #log aaaaaaaaaa:${response_code} Should Be Equal As Strings ${response_code} 200 diff --git a/02-Keyword/tsg_bfapi/Tag.robot b/02-Keyword/tsg_bfapi/Tag.robot index bf7643b..d84346d 100644 --- a/02-Keyword/tsg_bfapi/Tag.robot +++ b/02-Keyword/tsg_bfapi/Tag.robot @@ -1,6 +1,6 @@ *** Settings *** Resource ../../03-Variable/BifangApiVariable.txt -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library RequestsLibrary Resource Common.robot @@ -9,7 +9,7 @@ Resource Common.robot ApiAddTags [Arguments] ${body} #ApiAddTags################################################################################# - ${response} BasePostRequest /v1/customize/tags body=${body} + ${response} BasePostRequest /customize/tags body=${body} #log ${response} ${tagId} Set Variable ${response['data']['tagList'][0]['id']} ${rescodeReturn} Set Variable ${response['code']} @@ -23,7 +23,7 @@ ApiDeleteTags [Arguments] ${body} #删除策略 log toApiDeleteTags - ${response} BaseDeleteRequest /v1/customize/tags ${body} + ${response} BaseDeleteRequest /customize/tags ${body} ${response_code} Get From Dictionary ${response} code Should Be Equal As Strings ${response_code} 200 ${response} Convert to String ${response} diff --git a/02-Keyword/tsg_cli/Interface.robot b/02-Keyword/tsg_cli/Interface.robot index c9aabd2..656776d 100644 --- a/02-Keyword/tsg_cli/Interface.robot +++ b/02-Keyword/tsg_cli/Interface.robot @@ -18,7 +18,7 @@ ${Tsg_Passwd} tsg_passwd # tsg_help指令返回值对比文件路径 ${Tsg_Help_file_Path} cli_files/tsg_help.txt # tsg_show指令查询时附加sql条件 -${Tsg_Show_Added_Sql} "order by time desc limit 20 " +${Tsg_Show_Added_Sql} "order by time desc limit 1" ${Tsg_Show_Added_Sql_Query} --query # tsg_show指令返回数据flowType和sled参数值 ${Tsg_Show_FlowType_Values} inline|intercomm|mirror diff --git a/02-Keyword/tsg_common/LoginAndLogoutTypeSwitch.robot b/02-Keyword/tsg_common/LoginAndLogoutTypeSwitch.robot index 87073a4..170e720 100644 --- a/02-Keyword/tsg_common/LoginAndLogoutTypeSwitch.robot +++ b/02-Keyword/tsg_common/LoginAndLogoutTypeSwitch.robot @@ -1,6 +1,6 @@ *** Settings *** Resource ../../03-Variable/BifangApiVariable.txt -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library ExtensionLibrary Resource ../tsg_bfapi/LoginLogout.robot diff --git a/02-Keyword/tsg_common/ManagePolicyBody.robot b/02-Keyword/tsg_common/ManagePolicyBody.robot index 579619f..7512f04 100644 --- a/02-Keyword/tsg_common/ManagePolicyBody.robot +++ b/02-Keyword/tsg_common/ManagePolicyBody.robot @@ -33,7 +33,7 @@ PolicyParamsOpertion ... policyList: 必传,字典类型。字典内可选参数信息: ... 其它参数默认值见../../03-Variable/PolicyObjectDefault.txt - [Arguments] ${returnData} ${policyList} + [Arguments] ${returnData} ${policyList} ${opAction} ${emptyList} Create List # 断言必传参数 # Should Not Be Empty ${policyList}[policyType] @@ -79,7 +79,7 @@ PolicyParamsOpertion Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} referenceObject=${active_defence_emptyList} Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} appObjectIdArray=${active_defence_emptyList} # 转为json结构并返回 - ${dict} Create Dictionary opAction=add returnData=${returnData} policyList=${policyList} + ${dict} Create Dictionary opAction=${opAction} returnData=${returnData} policyList=${policyList} ${json} json.Dumps ${dict} ensure_ascii=False ${json} Replace String ${json} "method:rst" ${userRegion} From a0336d4aef3029fd7ed6a20aa87e8e94f385b931 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 19:37:40 +0800 Subject: [PATCH 71/75] =?UTF-8?q?=E6=9B=BF=E6=8D=A2http?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Proxy/Replace_Http_Tests.robot | 762 ++++++++++++++++++ 1 file changed, 762 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot new file mode 100644 index 0000000..e02e37c --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot @@ -0,0 +1,762 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc proxy_policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +ProxyPolicy-Redirect-Http-00001 + [Tags] selfserver ip http Replace + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv \ http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00002 + [Tags] selfserver ip+fqdn完整匹配 http Replace + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_uri","find":"xiaozhu/xiaozhu.html","replace_with":"nationalbank/nationalbank.html"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nationalbank + ... ELSE Create List nationalbank + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00003 + [Tags] selfserver ip+cat右匹配 http Replace + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com + ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_cat_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*action + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"test","replace_with":"12345678"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 12345678 + ... ELSE Create List 12345678 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00004 + [Tags] selfserver http Replace ip+url右匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"酒店式公寓","replace_with":"онлайнвхорошемкачествеслюбыхустройст"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List онлайнвхорошемкачествеслюбыхустройст \ ${EMPTY} + ... ELSE Create List онлайнвхорошемкачествеслюбыхустройст + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00005 + [Tags] selfserver http Replace ip+url字串匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"酒店式公寓","replace_with":"Newsgd.com is the premier online source of Guangdong news and information"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Newsgd.com is the premier online source of Guangdong news and information + ... ELSE Create List Newsgd.com is the premier online source of Guangdong news and information + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00006 + [Tags] selfserver http Replace ip+url完整匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/nationalbank/nationalbank.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat + ... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00007 + [Tags] selfserver http Replace ip+url左匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node* + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"test","replace_with":"nhwy"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List nhwy + ... ELSE Create List nhwy + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00008 + [Tags] selfserver http Replace ip+请求头右匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_header","find":"Mozilla/5.0","replace_with":"1234"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List open.node.com X-TG-Construct-By + ... ELSE Create List open.node.com X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00009 + [Tags] selfserver http Replace ip+请求头字串匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00010 + [Tags] selfserver http Replace ip+请求头完整匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"发送GET请求"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送GET请求 + ... ELSE Create List 发送GET请求 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00011 + [Tags] selfserver http Replace ip+请求头左匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00012 + [Tags] selfserver http Replace ip+cookie字串匹配 + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0012.bat + ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00013 + [Tags] selfserver http Replace ip+应答头右匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*charset=UTF-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"酒店式公寓","replace_with":"Technology"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Technology + ... ELSE Create List Technology + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00014 + [Tags] selfserver http Replace ip+应答头字串匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"酒店式公寓","replace_with":"你好五一"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好五一 + ... ELSE Create List 你好五一 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00015 + [Tags] selfserver http Replace ip+应答头完整匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=utf-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0003.bat + ... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00016 + [Tags] selfserver http Replace ip+应答头左匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0002.bat + ... ELSE set variable curl -kv \ http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00017 + [Tags] selfserver http Replace ip+set-cookie右匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat + ... ELSE set variable curl -kv http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00018 + [Tags] selfserver http Replace ip+set-cookie字串匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"发送GET请求"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat + ... ELSE set variable curl -kv http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 发送GET请求 + ... ELSE Create List 发送GET请求 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00019 + [Tags] selfserver http Replace ip+set-cookie完整匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"test","replace_with":"zxcvbnm"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0017.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv \ http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm + ... ELSE Create List zxcvbnm + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00020 + [Tags] selfserver http Replace ip+set-cookie左匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00017.bat + ... ELSE set variable curl -kv http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List text/json + ... ELSE Create List text/json + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Http-00021 + [Tags] selfserver 最大组合 http Replace + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type + ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"test","replace_with":"zxcvbnm"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-HTTP-00023.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm + ... ELSE Create List zxcvbnm + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com From 49770b056c22cad6fa81f9f09e253a5b1f57e4c5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Tue, 28 Apr 2020 19:38:05 +0800 Subject: [PATCH 72/75] =?UTF-8?q?=E6=9B=BF=E6=8D=A2ssl?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Proxy/Replace_Ssl_Tests.robot | 761 ++++++++++++++++++ 1 file changed, 761 insertions(+) create mode 100644 01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Ssl_Tests.robot diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Ssl_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Ssl_Tests.robot new file mode 100644 index 0000000..0b61981 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Ssl_Tests.robot @@ -0,0 +1,761 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc proxy_policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +ProxyPolicy-Replace-Ssl-00001 + [Tags] selfserver ip ssl Replace + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00002 + [Tags] selfserver ip+fqdn完整匹配 ssl Replace + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_uri","find":"rutube/rutube.html","replace_with":"bytedance/bytedance.html"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 字节跳动 Tango Secure Gateway CA \ \ \ Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00003 + [Tags] selfserver ip+cat右匹配 ssl Replace + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com + ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_cat_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*action + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"test","replace_with":"12345678"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_cat_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 12345678 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 12345678 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00004 + [Tags] selfserver ssl Replace ip+url右匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"видео","replace_with":"酒店式公寓"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 酒店式公寓 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 酒店式公寓 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00005 + [Tags] selfserver ssl Replace ip+url字串匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"twitter","replace_with":"Newsgd.com is the premier online source of Guangdong news and information"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List Newsgd.com is the premier online source of Guangdong news and information Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List Newsgd.com is the premier online source of Guangdong news and information Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00006 + [Tags] selfserver ssl Replace ip+url完整匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00007 + [Tags] selfserver ssl Replace ip+url左匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node* + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"test","replace_with":"nhwy"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List nhwy Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List nhwy Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00008 + [Tags] selfserver ssl Replace ip+请求头右匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_req_header","find":"Mozilla/5.0","replace_with":"1234"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List open.node.com X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List open.node.com X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00009 + [Tags] selfserver ssl Replace ip+请求头字串匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List text/json X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00010 + [Tags] selfserver ssl Replace ip+请求头完整匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"发送GET请求"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送GET请求 X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List 发送GET请求 X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00011 + [Tags] selfserver ssl Replace ip+请求头左匹配 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List Create List text/json X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00012 + [Tags] selfserver ssl Replace ip+cookie字串匹配 + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat + ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00013 + [Tags] selfserver ssl Replace ip+应答头右匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"видео","replace_with":"онлайнвхорошемкачествеслюбыхустройст"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List онлайнвхорошемкачествеслюбыхустройст Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List онлайнвхорошемкачествеслюбыхустройст Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00014 + [Tags] selfserver ssl Replace ip+应答头字串匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"видео","replace_with":"你好五一"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好五一 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 你好五一 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00015 + [Tags] selfserver ssl Replace ip+应答头完整匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00016 + [Tags] selfserver ssl Replace ip+应答头左匹配 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00017 + [Tags] selfserver ssl Replace ip+set-cookie右匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00018 + [Tags] selfserver ssl Replace ip+set-cookie字串匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"发送POST请求","replace_with":"发送GET请求"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List 发送GET请求 Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List 发送GET请求 Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00019 + [Tags] selfserver ssl Replace ip+set-cookie完整匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"test","replace_with":"zxcvbnm"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat + ... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List zxcvbnm Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00020 + [Tags] selfserver ssl Replace ip+set-cookie左匹配 + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_header","find":"html","replace_with":"json"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat + ... ELSE set variable curl -kv https://open.node.com/ + @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ... ELSE Create List text/json Tango Secure Gateway CA X-TG-Construct-By + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +ProxyPolicy-Replace-Ssl-00021 + [Tags] selfserver 最大组合 ssl Replace + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open + ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_rq_Id} + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type + ${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_re_Id} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} + ${policyIds} Create List ${policyId1} + Comment 创建管控策略 + ${policyDict} Create Dictionary policyName=proxyPolicy-Replace-SSL-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"replace","rules":[{"search_in":"http_resp_body","find":"test","replace_with":"zxcvbnm"}],"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR + ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} + ${policyIds} Create List ${policyId1} ${policyId2} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Redirect-SSL-00023.bat + ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' https://open.node.com/action + @{stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List zxcvbnm X-TG-Construct-By Tango Secure Gateway CA + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommand ${commandstr} @{stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId3} + GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com From cb302828162a33f0eab263d82d01de0651b5be8b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Wed, 29 Apr 2020 10:30:33 +0800 Subject: [PATCH 73/75] =?UTF-8?q?=E5=8E=BB=E6=8E=89=E5=A4=9A=E4=BD=99Creat?= =?UTF-8?q?e=20List?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tsg_adc/selfserver/Api_Proxy/Replace_Ssl_Tests.robot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Ssl_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Ssl_Tests.robot index 0b61981..7ca85cd 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Ssl_Tests.robot @@ -379,7 +379,7 @@ ProxyPolicy-Replace-Ssl-00011 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com @{stringlist} run keyword if '${systemType}'=='Windows' Create List text/json X-TG-Construct-By Tango Secure Gateway CA - ... ELSE Create List Create List text/json X-TG-Construct-By Tango Secure Gateway CA + ... ELSE Create List text/json X-TG-Construct-By Tango Secure Gateway CA ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommand ${commandstr} @{stringlist} From ac187eaa01cc9587365cd8ad71591759dff2cf3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Wed, 29 Apr 2020 15:12:08 +0800 Subject: [PATCH 74/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E5=90=8D=E7=A7=B0=E9=94=99=E8=AF=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot index e02e37c..44eb6d6 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot @@ -13,7 +13,7 @@ ${policyIds} ${EMPTY} ${objectids} ${EMPTY} *** Test Cases *** -ProxyPolicy-Redirect-Http-00001 +ProxyPolicy-Replace-Http-00001 [Tags] selfserver ip http Replace Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html From dc3de9515a6f79d5a3eadb7bb7e06b5f33fc4109 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Wed, 29 Apr 2020 15:23:57 +0800 Subject: [PATCH 75/75] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E9=94=99=E8=AF=AF?= =?UTF-8?q?=E5=80=BC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot index 44eb6d6..5867a07 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Replace_Http_Tests.robot @@ -138,7 +138,7 @@ ProxyPolicy-Replace-Http-00004 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0001.bat ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List онлайнвхорошемкачествеслюбыхустройст \ ${EMPTY} + ${stringlist} run keyword if '${systemType}'=='Windows' Create List онлайнвхорошемкачествеслюбыхустройст ... ELSE Create List онлайнвхорошемкачествеслюбыхустройст ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s