调整,fqdn_category无法添加问题,补充代理白名单用例,安全除Tango外其他证书用例
This commit is contained in:
hebingning
@@ -27,9 +27,9 @@ Proxy-Policy-allow-00001
|
||||
insert_policyId_to_file1 allow_policyId ${policyId2}
|
||||
|
||||
Proxy-Policy-allow-00002
|
||||
[Tags] cat右匹配
|
||||
[Tags] cat匹配
|
||||
Comment 创建fqdn
|
||||
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*feishu.cn
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*feishu.cn
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
Comment Comment 创建拦截策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-allow policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||
@@ -39,27 +39,27 @@ Proxy-Policy-allow-00002
|
||||
${policyDict} Create Dictionary policyName=Proxy-Policy-allow-00002 policyType=pxy_manipulation policyDesc=autotest action=allow userRegion={"method":"allow","protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID}
|
||||
log ${policyDict}
|
||||
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
||||
insert_policyId_to_file1 allow_objectId1 ${objectId}
|
||||
insert_policyId_to_file1 allow_objectId1 ${objectId}
|
||||
insert_policyId_to_file1 intercept_allow_policyId1 ${policyId1}
|
||||
insert_policyId_to_file1 allow_policyId1 ${policyId2}
|
||||
|
||||
Proxy-Policy-allow-00003
|
||||
[Tags] url4种匹配
|
||||
Comment 创建fqdn
|
||||
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*smzdm.com,*bilibili.com,*cheapair.com,*surfline.com
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
# ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*smzdm.com,*bilibili.com,*cheapair.com,*surfline.com
|
||||
# ${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=passport.bilibili.com/l*,$www.smzdm.com/jingxuan/,*air.com/hotels/,premium
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=csgo500,$znakitaro.ru/,*trou.ru/,lun*
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
Comment Comment 创建拦截策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-allow policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-allow policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=114|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||
log ${policyDict}
|
||||
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
||||
Comment 创建allow策略
|
||||
${policyDict} Create Dictionary policyName=Proxy-Policy-allow-00003 policyType=pxy_manipulation policyDesc=autotest action=allow userRegion={"method":"allow","protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
|
||||
log ${policyDict}
|
||||
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
||||
insert_policyId_to_file1 allow_objectId2 ${objectId}
|
||||
#insert_policyId_to_file1 allow_objectId2 ${objectId}
|
||||
insert_policyId_to_file1 allow_objectId3 ${objectId1}
|
||||
insert_policyId_to_file1 intercept_allow_policyId2 ${policyId1}
|
||||
insert_policyId_to_file1 allow_policyId2 ${policyId2}
|
||||
@@ -67,10 +67,10 @@ Proxy-Policy-allow-00003
|
||||
Proxy-Policy-allow-00004
|
||||
[Tags] 请求头左匹配
|
||||
Comment 创建fqdn
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*expeditionportal.com
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*123.com
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=al.com/4wd/
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=www.hao123.com
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建请求头
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
|
||||
@@ -145,7 +145,7 @@ Proxy-Policy-allow-00007
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.woodsnap.com
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=about-us/frames
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=woodsnap
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建请求头
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
|
||||
@@ -215,7 +215,7 @@ Proxy-Policy-allow-00009
|
||||
insert_policyId_to_file1 allow_policyId8 ${policyId2}
|
||||
|
||||
Proxy-Policy-allow-00010
|
||||
[Tags] 应答头字串匹配
|
||||
[Tags] 应答头子串匹配
|
||||
Comment 创建fqdn
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*gf.com.cn
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
@@ -265,15 +265,15 @@ Proxy-Policy-allow-00011
|
||||
insert_policyId_to_file1 allow_policyId10 ${policyId2}
|
||||
|
||||
Proxy-Policy-allow-00012
|
||||
[Tags] cookie字串匹配
|
||||
[Tags] cookie四种匹配
|
||||
Comment 创建fqdn
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.virtuoso.com
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.virtuoso.com,$b.faloo.com,*readnovel.com,*hongxiu.com
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=destinations
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=virtuoso.com,faloo,readnovel,hongxiu.com
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建cookie
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=saltkey|Cookie
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=lQfQ_2132|Cookie,_csrfToken|Cookie,curr_url*|Cookie,*1406562325|Cookie,UM_*|Cookie
|
||||
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建拦截策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-allow policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||
|
||||
@@ -25,13 +25,34 @@ SecurityPolicy-Intercept-Ssl-00001
|
||||
insert_policyId_to_file1 intercept_ssl_policyId ${policyId}
|
||||
|
||||
SecurityPolicy-Intercept-Ssl-00002
|
||||
[Tags] cat右匹配
|
||||
Comment 创建cat
|
||||
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*momondo.ru
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
[Tags] category
|
||||
# ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*momondo.ru
|
||||
# ${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Ssl-00002 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Ssl-00002 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=166|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||
log ${policyDict}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
# insert_policyId_to_file1 intercept_ssl_objectId1 ${objectId}
|
||||
insert_policyId_to_file1 intercept_ssl_policyId1 ${policyId}
|
||||
|
||||
SecurityPolicy-Intercept-Ssl-00003
|
||||
[Tags] fqdn other
|
||||
Comment fqdn Certificate
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.xs8.cn
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Ssl-00003 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1727,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||
log ${policyDict}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
insert_policyId_to_file1 intercept_ssl_objectId1 ${objectId}
|
||||
insert_policyId_to_file1 intercept_ssl_policyId1 ${policyId}
|
||||
insert_policyId_to_file1 intercept_ssl_policyId2 ${policyId}
|
||||
|
||||
SecurityPolicy-Intercept-Ssl-00004
|
||||
[Tags] category Other Certificate to replace
|
||||
# ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*momondo.ru
|
||||
# ${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Ssl-00004 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1727,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=167|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||
log ${policyDict}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
# insert_policyId_to_file1 intercept_ssl_objectId1 ${objectId}
|
||||
insert_policyId_to_file1 intercept_ssl_policyId3 ${policyId}
|
||||
|
||||
@@ -10,7 +10,7 @@ Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
|
||||
Proxy-Policy-allow-00001
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00001.bat
|
||||
... ELSE set variable curl -kv https://mp.pipix.com/extra/user_agreement
|
||||
... ELSE set variable curl -kv https://mp.pipix.com
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 皮皮虾下载 Tango Secure Gateway CA
|
||||
... ELSE Create List 皮皮虾下载 Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
@@ -26,35 +26,35 @@ Proxy-Policy-allow-00002
|
||||
Proxy-Policy-allow-00003
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00003.bat
|
||||
... ELSE set variable curl -kv \ https://www.smzdm.com/jingxuan/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List PC所有AB测试集合 Tango Secure Gateway CA
|
||||
... ELSE Create List PC所有AB测试集合 Tango Secure Gateway CA
|
||||
... ELSE set variable curl -kv \ https://csgo500.com/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List csgo500 Tango Secure Gateway CA
|
||||
... ELSE Create List csgo500 Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00003_1.bat
|
||||
... ELSE set variable curl -kv \ https://passport.bilibili.com/login
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 哔哩哔哩弹幕视频网 Tango Secure Gateway CA
|
||||
... ELSE Create List 哔哩哔哩弹幕视频网 Tango Secure Gateway CA
|
||||
... ELSE set variable curl -kv \ https://znakitaro.ru/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Тайные Tango Secure Gateway CA
|
||||
... ELSE Create List Новости Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00003_2.bat
|
||||
... ELSE set variable curl -kv \ https://www.cheapair.com/hotels/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List search cheap hotels Tango Secure Gateway CA
|
||||
... ELSE Create List search cheap hotels Tango Secure Gateway CA
|
||||
... ELSE set variable curl -kv \ https://https://astrou.ru/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List каждые Tango Secure Gateway CA
|
||||
... ELSE Create List каждые Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00003_3.bat
|
||||
... ELSE set variable curl -kv https://www.surfline.com/category/premium
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List premium journalism. Get breaking news in all things surf Tango Secure Gateway CA
|
||||
... ELSE Create List premium journalism. Get breaking news in all things surf Tango Secure Gateway CA
|
||||
... ELSE set variable curl -kv https://lunar.pw/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Лунный календарь Tango Secure Gateway CA
|
||||
... ELSE Create List МАРТА Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
Proxy-Policy-allow-00004
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00004.bat
|
||||
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'https://www.baidu.com/' https://expeditionportal.com/4wd/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List as images are available in the DOM Tango Secure Gateway CA
|
||||
... ELSE Create List as images are available in the DOM Tango Secure Gateway CA
|
||||
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'https://www.baidu.com/' https://www.hao123.com
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 上网从这里开始 Tango Secure Gateway CA
|
||||
... ELSE Create List 上网从这里开始 Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
Proxy-Policy-allow-00005
|
||||
@@ -77,8 +77,8 @@ Proxy-Policy-allow-00007
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00007.bat
|
||||
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'https://www.baidu.com/' https://www.woodsnap.com/about-us/frames
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Google Tag Manager Tango Secure Gateway CA
|
||||
... ELSE Create List Google Tag Manager Tango Secure Gateway CA
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List WoodSnap Tango Secure Gateway CA
|
||||
... ELSE Create List WoodSnap Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
Proxy-Policy-allow-00008
|
||||
@@ -93,16 +93,16 @@ Proxy-Policy-allow-00009
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00009.bat
|
||||
... ELSE set variable curl http://www.szse.cn/lawrules/index.html
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 党的建设
|
||||
... ELSE Create List 党的建设
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 信息订阅
|
||||
... ELSE Create List 信息订阅
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
Proxy-Policy-allow-00010
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00010.bat
|
||||
... ELSE set variable curl http://www.gf.com.cn/about/intro
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 广发证券官方网站
|
||||
... ELSE Create List 广发证券官方网站
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 广发证券
|
||||
... ELSE Create List 广发证券
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
Proxy-Policy-allow-00011
|
||||
@@ -117,8 +117,23 @@ Proxy-Policy-allow-00012
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00012.bat
|
||||
... ELSE set variable curl -kv --cookie "lQfQ_2132_saltkey=t8WY1oPe; lQfQ_2132_lastvisit=1595381790; lQfQ_2132_sid=vqXOg6; lQfQ_2132_lastact=1595385400%09forum.php%09image" --referer 'https://www.baidu.com/' \ https://www.virtuoso.com/destinations
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Object moved to Tango Secure Gateway CA
|
||||
... ELSE Create List Object moved to Tango Secure Gateway CA
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Object moved Tango Secure Gateway CA
|
||||
... ELSE Create List Object moved Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00012_2.bat
|
||||
... ELSE set variable curl -kv --cookie "UM_distinctid=177195d2f67c6b-06a24c7c217958-31346d-384000-177195d2f68bcf; CNZZDATA1279340671=485789824-1611035725-null%7C1611035725; Hm_lvt_76131d7573faf448cb1cfa2a37e6e3ff=1611038274; Hm_lpvt_76131d7573faf448cb1cfa2a37e6e3ff=1611038274; _csrfToken=hcK679WZm6N2HCbL4lEBi8VIc5GD6d3nVrFPZTDP; newstatisticUUID=1611038276_1033864685" --referer 'https://www.baidu.com/' \ https://www.hongxiu.com/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 红袖读书 Tango Secure Gateway CA
|
||||
... ELSE Create List Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00012_3.bat
|
||||
... ELSE set variable curl -kv --cookie "_csrfToken=qjRd8SBOkzGEgOrCAvpDpRLD0hqTSIoNDVZ6DpbU; newstatisticUUID=1611038238_1406562325" --referer 'https://www.baidu.com/' \ https://www.readnovel.com/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 小说阅读网 Tango Secure Gateway CA
|
||||
... ELSE Create List Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00012_4.bat
|
||||
... ELSE set variable curl -kv --cookie "curr_url=https%3A//b.faloo.com/; host4chongzhi=http%3a%2f%2fb.faloo.com%2f" --referer 'https://www.baidu.com/' \ https://b.faloo.com/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA
|
||||
... ELSE Create List Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
Proxy-Policy-allow-00013
|
||||
@@ -143,8 +158,8 @@ Proxy-Policy-allow-00013
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00013_3.bat
|
||||
... ELSE set variable curl -kv https://www.vitalsource.com/textbooks
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List VitalSource Technologies Inc Tango Secure Gateway CA
|
||||
... ELSE Create List VitalSource Technologies Inc Tango Secure Gateway CA
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Shop online and downloadable Tango Secure Gateway CA
|
||||
... ELSE Create List Shop online and downloadable Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
Proxy-Policy-allow-00014
|
||||
|
||||
@@ -11,14 +11,30 @@ SecurityPolicy-Intercept-Ssl-00001
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_SSL_00001.bat
|
||||
... ELSE set variable curl -kv https://www.reviewpro.com/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Before Tango Secure Gateway CA
|
||||
... ELSE Create List Before Tango Secure Gateway CA
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List reviewpro Tango Secure Gateway CA
|
||||
... ELSE Create List reviewpro Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
SecurityPolicy-Intercept-Ssl-00002
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_SSL_00002.bat
|
||||
... ELSE set variable curl -kv https://www.momondo.ru/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Дешевые ави Tango Secure Gateway CA
|
||||
... ELSE Create List Дешевые ави Tango Secure Gateway CA
|
||||
... ELSE set variable curl -kv https://fenopy.se/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Fenopy Tango Secure Gateway CA
|
||||
... ELSE Create List Fenopy Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
SecurityPolicy-Intercept-Http-00003
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_SSL_00002_2.bat
|
||||
... ELSE set variable curl -kv https://www.xs8.cn/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 言情小说吧 CA TRUST
|
||||
... ELSE Create List Book
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
SecurityPolicy-Intercept-Ssl-00004
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_SSL_00002_3.bat
|
||||
... ELSE set variable curl -kv https://worldweapon.info/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Энциклопедия CA TRUST
|
||||
... ELSE Create List Camp Chippewa for Boys CA TRUST
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
@@ -36,34 +36,34 @@ Proxy-Policy-allow-00002
|
||||
|
||||
Proxy-Policy-allow-00003
|
||||
#删除对象
|
||||
${objectids} set Variable ${allow_objectId2}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId3}
|
||||
#${objectids} set Variable ${allow_objectId2}
|
||||
${objectids} set Variable ${allow_objectId3}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${intercept_allow_policyId2}]}
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${allow_policyId2}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
${s} Convert to String ${allow_policyId2}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host smzdm.com
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host bilibili.com
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host cheapair.com
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host surfline.com
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host csgo500
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host znakitaro.ru
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host astrou.ru
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host lunar
|
||||
|
||||
Proxy-Policy-allow-00004
|
||||
#删除对象
|
||||
${objectids} set Variable ${allow_objectId4}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId5}
|
||||
${objectids} Catenate SEPARATOR=, ${allow_objectId5}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId6}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${intercept_allow_policyId3}]}
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${allow_policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
${s} Convert to String ${allow_policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host expeditionportal.com
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host hao123
|
||||
|
||||
Proxy-Policy-allow-00005
|
||||
#删除对象
|
||||
${objectids} set Variable ${allow_objectId7}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId8}
|
||||
${objectids} Catenate SEPARATOR=, ${allow_objectId8}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId9}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${intercept_allow_policyId4}]}
|
||||
@@ -75,7 +75,7 @@ Proxy-Policy-allow-00005
|
||||
Proxy-Policy-allow-00006
|
||||
#删除对象
|
||||
${objectids} set Variable ${allow_objectId10}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId11}
|
||||
${objectids} Catenate SEPARATOR=, ${allow_objectId11}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId12}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${intercept_allow_policyId5}]}
|
||||
@@ -87,7 +87,7 @@ Proxy-Policy-allow-00006
|
||||
Proxy-Policy-allow-00007
|
||||
#删除对象
|
||||
${objectids} set Variable ${allow_objectId13}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId14}
|
||||
${objectids} Catenate SEPARATOR=, ${allow_objectId14}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId15}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${intercept_allow_policyId6}]}
|
||||
@@ -99,7 +99,7 @@ Proxy-Policy-allow-00007
|
||||
Proxy-Policy-allow-00008
|
||||
#删除对象
|
||||
${objectids} set Variable ${allow_objectId16}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId17}
|
||||
${objectids} Catenate SEPARATOR=, ${allow_objectId17}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId18}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${intercept_allow_policyId7}]}
|
||||
@@ -111,7 +111,7 @@ Proxy-Policy-allow-00008
|
||||
Proxy-Policy-allow-00009
|
||||
#删除对象
|
||||
${objectids} set Variable ${allow_objectId19}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId20}
|
||||
${objectids} Catenate SEPARATOR=, ${allow_objectId20}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId21}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${intercept_allow_policyId8}]}
|
||||
@@ -123,7 +123,7 @@ Proxy-Policy-allow-00009
|
||||
Proxy-Policy-allow-00010
|
||||
#删除对象
|
||||
${objectids} set Variable ${allow_objectId22}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId23}
|
||||
${objectids} Catenate SEPARATOR=, ${allow_objectId23}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId24}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${intercept_allow_policyId9}]}
|
||||
@@ -135,7 +135,7 @@ Proxy-Policy-allow-00010
|
||||
Proxy-Policy-allow-00011
|
||||
#删除对象
|
||||
${objectids} set Variable ${allow_objectId25}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId26}
|
||||
${objectids} Catenate SEPARATOR=, ${allow_objectId26}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId27}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${intercept_allow_policyId10}]}
|
||||
@@ -147,7 +147,7 @@ Proxy-Policy-allow-00011
|
||||
Proxy-Policy-allow-00012
|
||||
#删除对象
|
||||
${objectids} set Variable ${allow_objectId28}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId29}
|
||||
${objectids} Catenate SEPARATOR=, ${allow_objectId29}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId30}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${intercept_allow_policyId11}]}
|
||||
@@ -155,11 +155,14 @@ Proxy-Policy-allow-00012
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
${s} Convert to String ${allow_policyId11}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.virtuoso.com
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host www.hongxiu.com
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host readnovel
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host b.faloo.com
|
||||
|
||||
Proxy-Policy-allow-00013
|
||||
#删除对象
|
||||
${objectids} set Variable ${allow_objectId31}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId32}
|
||||
${objectids} Catenate SEPARATOR=, ${allow_objectId32}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${intercept_allow_policyId12}]}
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${allow_policyId12}]}
|
||||
@@ -173,7 +176,7 @@ Proxy-Policy-allow-00013
|
||||
Proxy-Policy-allow-00014
|
||||
#删除对象
|
||||
${objectids} set Variable ${allow_objectId33}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId34}
|
||||
${objectids} Catenate SEPARATOR=, ${allow_objectId34}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId35}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId36}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${allow_objectId37}
|
||||
|
||||
@@ -24,8 +24,24 @@ SecurityPolicy-Intercept-Ssl-00001
|
||||
|
||||
SecurityPolicy-Intercept-Ssl-00002
|
||||
#删除对象
|
||||
${objectids} set Variable ${intercept_ssl_objectId1}
|
||||
${objectids} set Variable ${EMPTY}
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${intercept_ssl_policyId1}]}
|
||||
${s} Convert to String ${intercept_ssl_policyId1}
|
||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.momondo.ru
|
||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni fenopy.se
|
||||
|
||||
SecurityPolicy-Intercept-Ssl-00003
|
||||
#删除对象
|
||||
${objectids} set Variable ${intercept_ssl_objectId1}
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${intercept_ssl_policyId2}]}
|
||||
${s} Convert to String ${intercept_ssl_policyId2}
|
||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni xs8
|
||||
|
||||
SecurityPolicy-Intercept-Ssl-00004
|
||||
#删除对象
|
||||
${objectids} set Variable ${EMPTY}
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${intercept_ssl_policyId3}]}
|
||||
${s} Convert to String ${intercept_ssl_policyId3}
|
||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni worldweapon.info
|
||||
@@ -28,22 +28,19 @@ Policy-Get-v2-00001
|
||||
${policyIds} Create List
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
Log ${rescode} ${response}
|
||||
|
||||
Policy-Post-v1-00001
|
||||
${policy} Create Dictionary policyId=1 policyType=tsg_security
|
||||
... policyName=wx-policyName1 action=allow doBlacklist=0
|
||||
... doLog=0 isValid=1 effectiveRange={}
|
||||
... userRegion={"protocol":"HTTP","traffic_forward":{"enable":1}}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v1
|
||||
${policy} Create Dictionary policyId=1 policyType=tsg_security policyName=wx-policyName1 action=allow doBlacklist=0 doLog=0 isValid=1 effectiveRange={} userRegion={"protocol":"HTTP","traffic_forward":{"enable":1}}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v1
|
||||
Log ${rescode} ${policyIds} ${objectIds}
|
||||
|
||||
Policy-Post-v2-00001
|
||||
${policy} Create Dictionary policyId=1 policyType=tsg_security
|
||||
... policyName=wx-policyName1 action=allow doBlacklist=0
|
||||
... doLog=0 isValid=1 effectiveRange={}
|
||||
... userRegion={"protocol":"HTTP","traffic_forward":{"enable":1}}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v2
|
||||
${policy} Create Dictionary policyId=1 policyType=tsg_security policyName=wx-policyName1 action=allow doBlacklist=0 doLog=0 isValid=1 effectiveRange={} userRegion={"protocol":"HTTP","traffic_forward":{"enable":1}}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v2
|
||||
Log ${rescode} ${policyIds} ${objectIds}
|
||||
|
||||
Policy-Post-v1-00002
|
||||
${policy} Create Dictionary policyId=1 policyType=tsg_security
|
||||
... policyName=wx-policyName1 action=allow doBlacklist=0
|
||||
@@ -61,8 +58,9 @@ Policy-Post-v1-00002
|
||||
... userRegion={"protocol":"HTTP","traffic_forward":{"enable":1}}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
@{policyList} Create List ${policy} ${policy1} ${policy2}
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policyList} v1
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policyList} v1
|
||||
Log ${rescode} ${policyIds} ${objectIds}
|
||||
|
||||
Policy-Post-v2-00002
|
||||
${policy} Create Dictionary policyId=1 policyType=tsg_security
|
||||
... policyName=wx-policyName1 action=allow doBlacklist=0
|
||||
@@ -80,49 +78,39 @@ Policy-Post-v2-00002
|
||||
... userRegion={"protocol":"HTTP","traffic_forward":{"enable":1}}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
@{policyList} Create List ${policy} ${policy1} ${policy2}
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policyList} v2
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policyList} v2
|
||||
Log ${rescode} ${policyIds} ${objectIds}
|
||||
|
||||
Policy-Post-v1-00003
|
||||
Comment 创建fqdn
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*baidu.com
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId}
|
||||
${objectIds} Set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policy} Create Dictionary policyName=WX_SecurityPolicy-v1-00003 policyType=tsg_security
|
||||
... policyDesc=autotest userTags=
|
||||
... action=deny effectiveRange={}
|
||||
... userRegion={"protocol":"SSL","method":"drop"}
|
||||
... referenceObject=${objectId}|TSG_FIELD_SSL_CN&TSG_FIELD_SSL_SAN
|
||||
... isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v1
|
||||
${policy} Create Dictionary policyName=WX_SecurityPolicy-v1-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange={} userRegion={"protocol":"SSL","method":"drop"} referenceObject=${objectId}|TSG_FIELD_SSL_CN&TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v1
|
||||
Log ${rescode} ${policyIds} ${objectIds}
|
||||
Policy-Post-v2-00004
|
||||
#${testClentID} ${testClentSubID}
|
||||
Comment 创建fqdn
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*baidu.com
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId}
|
||||
${objectIds} Set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policy} Create Dictionary policyName=WX_SecurityPolicy-v2-00004 policyType=tsg_security
|
||||
... policyDesc=autotest
|
||||
... action=deny #effectiveRange={}
|
||||
... userRegion={"protocol":"SSL","method":"drop"}
|
||||
... filterList=${objectId}|TSG_FIELD_SSL_CN
|
||||
... isValid=${1} appIdObjects=${SSL_ID}
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v2
|
||||
${policy} Create Dictionary policyName=WX_SecurityPolicy-v2-00004 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"drop"} filterList=${objectId}|TSG_FIELD_SSL_CN isValid=${1} appIdObjects=${SSL_ID} #effectiveRange={}
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v2
|
||||
Log ${rescode} ${policyIds} ${objectIds}
|
||||
|
||||
Policy-Post-v2-00005
|
||||
Comment 创建IP
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1}
|
||||
... isInitialize=0
|
||||
... addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} isInitialize=0 addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
Log Create IP Object
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*baidu.com
|
||||
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId2},${objectIds}
|
||||
${objectIds} Set Variable ${objectId2},${objectIds}
|
||||
Log Create url Object
|
||||
Comment 创建安全策略
|
||||
${policy} Create Dictionary policyName=WX_SecurityPolicy-v2-00005 policyType=tsg_security
|
||||
@@ -134,16 +122,17 @@ Policy-Post-v2-00005
|
||||
... isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v2
|
||||
Log ${rescode} ${policyIds} ${objectIds}
|
||||
|
||||
Policy-Post-v2-00006
|
||||
[Tags] reflection
|
||||
${caseName} set variable WX_ActiveDefencePolicy-Reflection-V2-00006
|
||||
${target_ip} set variable 10.3.22.139
|
||||
[Tags] reflection
|
||||
${caseName} set variable WX_ActiveDefencePolicy-Reflection-V2-00006
|
||||
${target_ip} set variable 10.3.22.139
|
||||
Comment claimed_src_ip_profile_id
|
||||
${response} BasePostRequest /v1/policy/profile/reflector body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.11"],"reflectorType":"dns","isValid":1,"profileDesc":"autotest"}]}
|
||||
${reflector_profile_id} Set Variable ${response['data']['list'][0]['profileId']}
|
||||
${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorType":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]}
|
||||
#${response} BasePostRequest /policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorPayload":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]}
|
||||
${payload_profile_id} Set Variable ${response['data']['list'][0]['profileId']}
|
||||
${response} BasePostRequest /v1/policy/profile/reflector body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.11"],"reflectorType":"dns","isValid":1,"profileDesc":"autotest"}]}
|
||||
${reflector_profile_id} Set Variable ${response['data']['list'][0]['profileId']}
|
||||
${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorType":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]}
|
||||
#${response} BasePostRequest /policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorPayload":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]}
|
||||
${payload_profile_id} Set Variable ${response['data']['list'][0]['profileId']}
|
||||
Comment 创建策略reflection
|
||||
${policyDict} Create Dictionary
|
||||
... policyName=${caseName}
|
||||
@@ -155,33 +144,29 @@ Policy-Post-v2-00006
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2
|
||||
${profile} Create Dictionary typeUrl=reflector profileIds=${reflector_profile_id}
|
||||
${profile1} Create Dictionary typeUrl=reflector/payload profileIds=${payload_profile_id}
|
||||
Append To List ${profiles} ${profile} ${profile1}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
Append To List ${profiles} ${profile} ${profile1}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
Log ${rescode} ${policyIds} ${objectIds}
|
||||
Policy-Post-v2-00007
|
||||
Comment 创建IP
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1}
|
||||
... isInitialize=0
|
||||
... addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} isInitialize=0 addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
Log Create IP Object1
|
||||
Comment 创建IP1
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1}
|
||||
... isInitialize=0
|
||||
... addItemList=range|192.168.41.67|192.168.41.67|0/0
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} isInitialize=0 addItemList=range|192.168.41.67|192.168.41.67|0/0
|
||||
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId2}
|
||||
${objectIds} Set Variable ${objectId2}
|
||||
Log Create IP Object2
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*baidu.com
|
||||
${rescode} ${objectId3} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
Log Create url Object3
|
||||
Comment 创建url1
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*google.com.com
|
||||
${rescode} ${objectId4} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId4},${objectIds}
|
||||
${objectIds} Set Variable ${objectId4},${objectIds}
|
||||
Log Create url Object4
|
||||
Comment 创建安全策略
|
||||
${policy} Create Dictionary policyName=WX_AddPolicy-v2-00007 policyType=tsg_security
|
||||
@@ -205,16 +190,14 @@ Policy-Post-v2-00007
|
||||
${rescode} UpdatePolicies 1 ${policy} v2 update
|
||||
Policy-Post-v2-00008
|
||||
Comment 创建IP
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1}
|
||||
... isInitialize=0
|
||||
... addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} isInitialize=0 addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
Log Create IP Object1
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*baidu.com
|
||||
${rescode} ${objectId3} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
Log Create url Object3
|
||||
|
||||
Comment 创建安全策略
|
||||
@@ -226,26 +209,24 @@ Policy-Post-v2-00008
|
||||
... destination=${objectId3}|TSG_FIELD_HTTP_URL
|
||||
... isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${policy1} Copy Dictionary ${policy} true
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v2
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v2
|
||||
Log ${rescode}
|
||||
${updatePolicyId} Set Variable ${policyIds}[0][policyIds][0]
|
||||
Comment 更新安全策略
|
||||
Set To Dictionary ${policy1} policyId=${updatePolicyId}
|
||||
${rescode} UpdatePolicies 1 ${policy1} v2 disable
|
||||
${rescode} UpdatePolicies 1 ${policy1} v2 disable
|
||||
|
||||
Policy-Post-v2-00009
|
||||
Comment 创建IP
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1}
|
||||
... isInitialize=0
|
||||
... addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} isInitialize=0 addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
Log Create IP Object1
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*baidu.com
|
||||
${rescode} ${objectId3} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
Log Create url Object3
|
||||
|
||||
Comment 创建安全策略
|
||||
${policy} Create Dictionary policyName=WX_AddPolicy-v2-00009 policyType=tsg_security
|
||||
... policyDesc=wx-autotest
|
||||
@@ -255,26 +236,24 @@ Policy-Post-v2-00009
|
||||
... destination=${objectId3}|TSG_FIELD_HTTP_URL
|
||||
... isValid=${0} appIdObjects=${HTTP_ID}
|
||||
${policy1} Copy Dictionary ${policy} true
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v2
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v2
|
||||
Log ${rescode}
|
||||
${updatePolicyId} Set Variable ${policyIds}[0][policyIds][0]
|
||||
Comment 更新安全策略
|
||||
Set To Dictionary ${policy1} policyId=${updatePolicyId}
|
||||
${rescode} UpdatePolicies 1 ${policy1} v2 enable
|
||||
${rescode} UpdatePolicies 1 ${policy1} v2 enable
|
||||
|
||||
Policy-Post-v2-00010
|
||||
Comment 创建IP
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1}
|
||||
... isInitialize=0
|
||||
... addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} isInitialize=0 addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
Log Create IP Object1
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*baidu.com
|
||||
${rescode} ${objectId3} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
Log Create url Object3
|
||||
|
||||
Comment 创建安全策略
|
||||
${policy} Create Dictionary policyName=WX_AddPolicy-v2-00010 policyType=tsg_security
|
||||
... policyDesc=wx-autotest
|
||||
@@ -288,21 +267,19 @@ Policy-Post-v2-00010
|
||||
${updatePolicyId} Set Variable ${policyIds}[0][policyIds][0]
|
||||
Comment 更新安全策略
|
||||
${policy} Create Dictionary policyId=${updatePolicyId}
|
||||
${rescode} UpdatePolicies 1 ${policy} v2 enable
|
||||
${rescode} UpdatePolicies 1 ${policy} v2 enable
|
||||
|
||||
Policy-Post-v2-00011
|
||||
Comment 创建IP
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1}
|
||||
... isInitialize=0
|
||||
... addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} isInitialize=0 addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
Log Create IP Object1
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*baidu.com
|
||||
${rescode} ${objectId3} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
Log Create url Object3
|
||||
|
||||
Comment 创建安全策略
|
||||
${policy} Create Dictionary policyName=WX_AddPolicy-v2-00011 policyType=tsg_security
|
||||
... policyDesc=wx-autotest
|
||||
@@ -316,49 +293,44 @@ Policy-Post-v2-00011
|
||||
${updatePolicyId} Set Variable ${policyIds}[0][policyIds][0]
|
||||
Comment 更新安全策略
|
||||
${policy} Create Dictionary policyId=${updatePolicyId}
|
||||
${rescode} UpdatePolicies 1 ${policy} v2 disable
|
||||
${rescode} UpdatePolicies 1 ${policy} v2 disable
|
||||
|
||||
Policy-Post-v1-00012
|
||||
Comment 创建IP
|
||||
${item1} Create Dictionary isSession=endpoint ip=192.168.32.32
|
||||
... port=80 direction=${0} protocol=${6} isInitialize=${0}
|
||||
${item1} Create Dictionary isSession=endpoint ip=192.168.32.32 port=80 direction=${0} protocol=${6} isInitialize=${0}
|
||||
${addItemList} Create List ${item1}
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1}
|
||||
... isInitialize=0
|
||||
... addItemList=${addItemList}
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} isInitialize=0 addItemList=${addItemList}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
Log Create IP Object
|
||||
Comment 更新IP
|
||||
${objectDict} Create Dictionary objectId=${objectId1} objectType=ip
|
||||
${rescode} UpdateObjects ${1} ${objectDict} disable
|
||||
Log Create IP Object
|
||||
|
||||
Policy-Post-v1-00013
|
||||
Comment 创建IP
|
||||
${item1} Create Dictionary isSession=endpoint ip=192.168.32.32
|
||||
... port=80 direction=${0} protocol=${6} isInitialize=${0}
|
||||
${item1} Create Dictionary isSession=endpoint ip=192.168.32.32 port=80 direction=${0} protocol=${6} isInitialize=${0}
|
||||
${addItemList} Create List ${item1}
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${0}
|
||||
... isInitialize=0
|
||||
... addItemList=${addItemList}
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${0} isInitialize=0 addItemList=${addItemList}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
Log Create IP Object
|
||||
${params} Create Dictionary objectId=${objectId1} itemType=ip
|
||||
${rescode} ${itemIds} ${itemList} GetObjectItems ${params}
|
||||
Log ${itemIds}
|
||||
Log ${itemIds}
|
||||
Comment 更新IP
|
||||
FOR ${item} IN @{itemList}
|
||||
Set To Dictionary ${item} ip 192.168.41.67
|
||||
END
|
||||
Set To Dictionary ${addItemList[0]} itemId=${itemIds[0]}
|
||||
Remove From Dictionary ${addItemList[0]} isInitialize
|
||||
${objectDict} Create Dictionary objectId=${objectId1} objectType=ip
|
||||
... updateItemList=${addItemList}
|
||||
Remove From Dictionary ${addItemList[0]} isInitialize
|
||||
${objectDict} Create Dictionary objectId=${objectId1} objectType=ip updateItemList=${addItemList}
|
||||
${rescode} UpdateObjects ${1} ${objectDict} update
|
||||
Log Create IP Object
|
||||
|
||||
Policy-Post-v1-00014
|
||||
Comment 创建urls
|
||||
|
||||
${item1} Create Dictionary keywordArray=*baidu.com isHexbin=${0}
|
||||
${item2} Create Dictionary keywordArray=*google.com isHexbin=${0}
|
||||
${addItemList} Create List ${item1}
|
||||
@@ -367,6 +339,7 @@ Policy-Post-v1-00014
|
||||
${objectDict2} Create Dictionary objectType=url isValid=${1} addItemList=${addItemList1}
|
||||
${objectList} Create List ${objectDict1} ${objectDict2}
|
||||
${rescode} ${objectIds} AddObjects ${1} ${objectList}
|
||||
|
||||
Policy-Post-v1-00015
|
||||
Comment 创建urls
|
||||
${item1} Create Dictionary keywordArray=*baidu.com isHexbin=${0}
|
||||
@@ -376,18 +349,15 @@ Policy-Post-v1-00015
|
||||
${rescode} ${objectIds} AddObjects ${1} ${objectDict1}
|
||||
${params} Create Dictionary objectId=${objectIds} itemType=url
|
||||
${rescode} ${itemIds} ${itemList} GetObjectItems ${params}
|
||||
Log ${itemIds}
|
||||
Log ${itemIds}
|
||||
Comment 修改urls
|
||||
${addItem1} Create Dictionary keywordArray=*baidu.com* isHexbin=${0}
|
||||
${updateItem2} Create Dictionary keywordArray=*baidu1.com* isHexbin=${0} itemId=${itemIds[0]}
|
||||
${addItemList} Create List ${addItem1}
|
||||
${updateList} Create List ${updateItem2}
|
||||
|
||||
${objectDict} Create Dictionary objectId=${objectIds} objectType=url
|
||||
... addItemList=${addItemList}
|
||||
... updateItemList=${updateList}
|
||||
... deleteItemIds=${itemIds}[1]
|
||||
${objectDict} Create Dictionary objectId=${objectIds} objectType=url addItemList=${addItemList} updateItemList=${updateList} deleteItemIds=${itemIds}[1]
|
||||
${rescode} UpdateObjects ${1} ${objectDict} update
|
||||
|
||||
Policy-Post-v1-00015-1
|
||||
Comment 创建http_signature
|
||||
${item1} Create Dictionary keywordArray=*baidu.com isHexbin=${0} district=Cookie isInitialize=0
|
||||
@@ -397,157 +367,123 @@ Policy-Post-v1-00015-1
|
||||
${rescode} ${objectIds} AddObjects ${1} ${objectDict1}
|
||||
${params} Create Dictionary objectId=${objectIds} itemType=http_signature
|
||||
${rescode} ${itemIds} ${itemList} GetObjectItems ${params}
|
||||
Log ${itemIds}
|
||||
Log ${itemIds}
|
||||
Comment 修改urls
|
||||
${addItem1} Create Dictionary keywordArray=*baidu.com* isHexbin=${0} district=Cookie
|
||||
${updateItem2} Create Dictionary keywordArray=*baidu1.com* isHexbin=${0} itemId=${itemIds[0]} isInitialize=0
|
||||
${addItemList} Create List ${addItem1}
|
||||
${updateList} Create List ${updateItem2}
|
||||
|
||||
${objectDict} Create Dictionary objectId=${objectIds} objectType=http_signature
|
||||
... addItemList=${addItemList}
|
||||
... updateItemList=${updateList}
|
||||
... deleteItemIds=${itemIds}[1]
|
||||
${rescode} UpdateObjects ${1} ${objectDict} update
|
||||
${objectDict} Create Dictionary objectId=${objectIds} objectType=http_signature addItemList=${addItemList} updateItemList=${updateList} deleteItemIds=${itemIds}[1]
|
||||
${rescode} UpdateObjects ${1} ${objectDict} update
|
||||
|
||||
Policy-Delete-v1-00016
|
||||
Comment 创建IP
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1}
|
||||
... isInitialize=0
|
||||
... addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} isInitialize=0 addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
Log Create IP Object1
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*baidu.com
|
||||
${rescode} ${objectId3} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
Log Create url Object3
|
||||
|
||||
Comment 创建安全策略
|
||||
${policy} Create Dictionary policyName=WX_AddPolicy-v2-00011 policyType=tsg_security
|
||||
... policyDesc=wx-autotest
|
||||
... action=deny effectiveRange={}
|
||||
... userRegion={"protocol":"HTTP","method":"drop"}
|
||||
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
|
||||
... destination=${objectId3}|TSG_FIELD_HTTP_URL
|
||||
... isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v2
|
||||
${policy} Create Dictionary policyName=WX_AddPolicy-v2-00011 policyType=tsg_security policyDesc=wx-autotest action=deny effectiveRange={} userRegion={"protocol":"HTTP","method":"drop"} source=${objectId1}|TSG_SECURITY_SOURCE_ADDR destination=${objectId3}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v2
|
||||
Log ${rescode}
|
||||
Comment 删除安全策略
|
||||
${rescode} DeletePolicy1 ${policyIds[0]['policyIds']} tsg_security
|
||||
${policyIds} Create List
|
||||
${rescode} DeletePolicy1 ${policyIds[0]['policyIds']} tsg_security
|
||||
${policyIds} Create List
|
||||
Log ${rescode}
|
||||
|
||||
Policy-Delete-v1-00017
|
||||
Comment 创建IP
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1}
|
||||
... isInitialize=0
|
||||
... addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} isInitialize=0 addItemList=range|192.168.41.68|192.168.41.68|0/0
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
${objectIds} Set Variable ${objectId1}
|
||||
Log Create IP Object1
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*baidu.com
|
||||
${rescode} ${objectId3} AddObject2 ${1} ${objectDict}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
${objectIds} Set Variable ${objectId3},${objectIds}
|
||||
Log Create url Object3
|
||||
|
||||
Comment 创建安全策略
|
||||
${policy} Create Dictionary policyName=WX_AddPolicy-v2-00011 policyType=tsg_security
|
||||
... policyDesc=wx-autotest
|
||||
... action=deny effectiveRange={}
|
||||
... userRegion={"protocol":"HTTP","method":"drop"}
|
||||
... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR
|
||||
... destination=${objectId3}|TSG_FIELD_HTTP_URL
|
||||
... isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v2
|
||||
${policy} Create Dictionary policyName=WX_AddPolicy-v2-00011 policyType=tsg_security policyDesc=wx-autotest action=deny effectiveRange={} userRegion={"protocol":"HTTP","method":"drop"} source=${objectId1}|TSG_SECURITY_SOURCE_ADDR destination=${objectId3}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${rescode} ${policyIds} AddPolicies 1 ${policy} v2
|
||||
Log ${rescode}
|
||||
Comment 删除安全策略
|
||||
${rescode} DeletePolicies ${policyIds}
|
||||
${policyIds} Create List
|
||||
${rescode} DeletePolicies ${policyIds}
|
||||
${policyIds} Create List
|
||||
Log ${rescode}
|
||||
|
||||
Policy-Import-v1-00018
|
||||
Comment 导入json
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${rescode} ImportPolicy uploadFiles tsg_security_imp.json tsg_security
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${rescode} ImportPolicy uploadFiles tsg_security_imp.json tsg_security
|
||||
|
||||
Policy-Export-v1-00019
|
||||
Comment 导 出json
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${response} ExportPolicy tsg_security ${EMPTY} ${EMPTY}
|
||||
WriteFile downloads download.json ${response}
|
||||
|
||||
Policy-Verify-v1-00020
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
Comment 创建对象
|
||||
${ipValue} Create Dictionary ip=192.168.41.67 port=${1}
|
||||
... addrType=${4} protocol=${6} tableName=TSG_SECURITY_SOURCE_ADDR
|
||||
${ipValue1} Create Dictionary ip=192.168.41.687 port=${1}
|
||||
... addrType=${4} protocol=${6} tableName=TSG_SECURITY_DESTINATION_ADDR
|
||||
${ipObj} Create Dictionary attributeType=ip protocol=HTTP attributeName=source
|
||||
... attributeValue=${ipValue}
|
||||
${ipObj1} Create Dictionary attributeType=ip protocol=HTTP attributeName=destination
|
||||
... attributeValue=${ipValue2}
|
||||
${ipValue} Create Dictionary ip=192.168.41.67 port=${1} addrType=${4} protocol=${6} tableName=TSG_SECURITY_SOURCE_ADDR
|
||||
${ipValue1} Create Dictionary ip=192.168.41.687 port=${1} addrType=${4} protocol=${6} tableName=TSG_SECURITY_DESTINATION_ADDR
|
||||
${ipObj} Create Dictionary attributeType=ip protocol=HTTP attributeName=source attributeValue=${ipValue}
|
||||
${ipObj1} Create Dictionary attributeType=ip protocol=HTTP attributeName=destination attributeValue=${ipValue2}
|
||||
${stringValue} Create Dictionary string=*baidu.com
|
||||
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url
|
||||
... attributeValue=${stringValue}
|
||||
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url attributeValue=${stringValue}
|
||||
${appIdValue} Create Dictionary string=http.
|
||||
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id
|
||||
... attributeValue=${appIdValue}
|
||||
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id attributeValue=${appIdValue}
|
||||
${attributes} Create List ${ipObj} ${stringObj} ${appIdObj} ${ipObj1}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
|
||||
Policy-Verify-v1-00021
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
Comment 创建对象
|
||||
${ipObj} Create Dictionary attributeType=ip tableName=TSG_SECURITY_SOURCE_ADDR protocol=HTTP attributeName=source
|
||||
... attributeValue={"ip":"192.168.41.67","port":1,"addrType":4,"protocol":6}
|
||||
${ipObj1} Create Dictionary attributeType=ip tableName=TSG_SECURITY_DESTINATION_ADDR protocol=HTTP attributeName=destination
|
||||
... attributeValue={"ip":"192.168.41.68","port":1,"addrType":4,"protocol":6}
|
||||
${ipObj} Create Dictionary attributeType=ip tableName=TSG_SECURITY_SOURCE_ADDR protocol=HTTP attributeName=source attributeValue={"ip":"192.168.41.67","port":1,"addrType":4,"protocol":6}
|
||||
${ipObj1} Create Dictionary attributeType=ip tableName=TSG_SECURITY_DESTINATION_ADDR protocol=HTTP attributeName=destination attributeValue={"ip":"192.168.41.68","port":1,"addrType":4,"protocol":6}
|
||||
${stringValue} Create Dictionary string=*baidu.com
|
||||
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url
|
||||
... attributeValue=${stringValue}
|
||||
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url attributeValue=${stringValue}
|
||||
${appIdValue} Create Dictionary string=http.
|
||||
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id
|
||||
... attributeValue=${appIdValue}
|
||||
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id attributeValue=${appIdValue}
|
||||
${attributes} Create List ${ipObj} ${stringObj} ${appIdObj} ${ipObj1}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
|
||||
Policy-Verify-v1-00022
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
Comment 创建对象
|
||||
${ipObj} Create Dictionary attributeType=ip protocol=HTTP attributeName=destination
|
||||
... attributeValue={"ip":"192.168.41.67","port":1,"addrType":4,"protocol":6,"tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
${ipObj1} Create Dictionary attributeType=ip protocol=HTTP attributeName=source
|
||||
... attributeValue={"ip":"192.168.41.68","port":1,"addrType":4,"protocol":6,"tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url
|
||||
... attributeValue={'string':'*baidu.com'}
|
||||
${ipObj} Create Dictionary attributeType=ip protocol=HTTP attributeName=destination attributeValue={"ip":"192.168.41.67","port":1,"addrType":4,"protocol":6,"tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||
${ipObj1} Create Dictionary attributeType=ip protocol=HTTP attributeName=source attributeValue={"ip":"192.168.41.68","port":1,"addrType":4,"protocol":6,"tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url attributeValue={'string':'*baidu.com'}
|
||||
${appIdValue} Create Dictionary string=http.
|
||||
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id
|
||||
... attributeValue=${appIdValue}
|
||||
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id attributeValue=${appIdValue}
|
||||
${attributes} Create List ${ipObj} ${stringObj} ${appIdObj} ${ipObj1}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
|
||||
Policy-Verify-v1-00023
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
Comment 创建对象
|
||||
${ipObj} Create Dictionary attributeType=ip tableName=TSG_SECURITY_SOURCE_ADDR attributeName=source
|
||||
... attributeValue=192.168.41.67|1|4|6
|
||||
${ipObj1} Create Dictionary attributeType=ip tableName=TSG_SECURITY_DESTINATION_ADDR attributeName=destination
|
||||
... attributeValue=192.168.41.68|1|4|6
|
||||
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url
|
||||
... attributeValue=*baidu.com
|
||||
${stringObj1} Create Dictionary attributeType=string protocol=HTTP attributeName=url
|
||||
... attributeValue=*jd.com
|
||||
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id
|
||||
... attributeValue=http.
|
||||
${signatureObj} Create Dictionary attributeType=signature protocol=HTTP attributeName=req_body
|
||||
... attributeValue=Content-Type|application/json
|
||||
${attributes} Create List ${ipObj} ${stringObj} ${appIdObj} ${signatureObj} ${ipObj1} ${stringObj1}
|
||||
${ipObj} Create Dictionary attributeType=ip tableName=TSG_SECURITY_SOURCE_ADDR attributeName=source attributeValue=192.168.41.67|1|4|6
|
||||
${ipObj1} Create Dictionary attributeType=ip tableName=TSG_SECURITY_DESTINATION_ADDR attributeName=destination attributeValue=192.168.41.68|1|4|6
|
||||
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url attributeValue=*baidu.com
|
||||
${stringObj1} Create Dictionary attributeType=string protocol=HTTP attributeName=url attributeValue=*jd.com
|
||||
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id attributeValue=http.
|
||||
${signatureObj} Create Dictionary attributeType=signature protocol=HTTP attributeName=req_body attributeValue=Content-Type|application/json
|
||||
${attributes} Create List ${ipObj} ${stringObj} ${appIdObj} ${signatureObj} ${ipObj1} ${stringObj1}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
|
||||
Policy-Verify-v1dxy
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
Comment 创建对象
|
||||
@@ -570,70 +506,57 @@ Policy-Verify-v1dxy
|
||||
${attributes} Create List ${ipObj} ${cnObj} ${appIdObj} ${subidObj} ${ipObj1} ${scnObj} ${sniObj}
|
||||
${verifySession} Create Dictionary attributes=${attributes}
|
||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||
|
||||
Policy-log-v1-00024
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
Comment 查询schema
|
||||
${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log
|
||||
${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log
|
||||
${queryFieldList} Create List
|
||||
FOR ${field} IN @{fields}
|
||||
${return} ${doc} Run Keyword And Ignore Error Get From Dictionary ${field} doc
|
||||
Continue For Loop If "${return}"=="FAIL"
|
||||
${return} ${allow_query} Run Keyword And Ignore Error Get From Dictionary ${doc} allow_query
|
||||
Continue For Loop If "${allow_query}"=="false" or "${return}"=="FAIL"
|
||||
${fieldDict} Create Dictionary name=${field['name']} type=${field['type']}
|
||||
${return} ${doc} Run Keyword And Ignore Error Get From Dictionary ${field} doc
|
||||
Continue For Loop If "${return}"=="FAIL"
|
||||
${return} ${allow_query} Run Keyword And Ignore Error Get From Dictionary ${doc} allow_query
|
||||
Continue For Loop If "${allow_query}"=="false" or "${return}"=="FAIL"
|
||||
${fieldDict} Create Dictionary name=${field['name']} type=${field['type']}
|
||||
Append To List ${queryFieldList} ${fieldDict}
|
||||
END
|
||||
Log ${queryFieldList}
|
||||
|
||||
Policy-log-v1-00025
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
Comment 查询schema
|
||||
${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log
|
||||
|
||||
${filters} Get From Dictionary ${schema_query} filters
|
||||
${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log
|
||||
${filters} Get From Dictionary ${schema_query} filters
|
||||
Log ${filters}
|
||||
|
||||
Policy-log-v1-00026
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
Comment 查询schema
|
||||
${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log
|
||||
Comment 处理schema,构造查询条件
|
||||
${params} Create Dictionary pageSize=${10} logType=security_event_log
|
||||
... start_common_recv_time=2020-06-01 00:00:00
|
||||
... end_common_recv_time=2020-06-24 00:00:00
|
||||
... fields=common_log_id|long,http_url|string,common_client_ip|string,common_client_port|int,common_server_ip|string,common_server_port|int
|
||||
... conditions=common_server_port|int|in|${80}^${8080}
|
||||
... orderBy=common_server_ip|true
|
||||
... common_log_ids=162273027957354498
|
||||
${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log
|
||||
Comment 处理schema,构造查询条件
|
||||
${params} Create Dictionary pageSize=${10} logType=security_event_log start_common_recv_time=2020-06-01 00:00:00 end_common_recv_time=2020-06-24 00:00:00 fields=common_log_id|long,http_url|string,common_client_ip|string,common_client_port|int,common_server_ip|string,common_server_port|int conditions=common_server_port|int|in|${80}^${8080} orderBy=common_server_ip|true common_log_ids=162273027957354498
|
||||
${resData} QueryLogs ${params} list
|
||||
|
||||
Policy-log-v1-00027
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
Comment 查询schema
|
||||
${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log
|
||||
Comment 处理schema,构造查询条件
|
||||
${params} Create Dictionary pageSize=${10} logType=security_event_log
|
||||
... start_common_recv_time=2020-06-01 00:00:00
|
||||
... end_common_recv_time=2020-06-24 00:00:00
|
||||
... fields=common_log_id|long,http_url|string,common_client_ip|string,common_client_port|int,common_server_ip|string,common_server_port|int
|
||||
... conditions=common_server_port|int|in|${80}^${8080}
|
||||
... orderBy=common_server_ip|true
|
||||
... common_log_ids=162273027957354498
|
||||
${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log
|
||||
Comment 处理schema,构造查询条件
|
||||
${params} Create Dictionary pageSize=${10} logType=security_event_log start_common_recv_time=2020-06-01 00:00:00 end_common_recv_time=2020-06-24 00:00:00 fields=common_log_id|long,http_url|string,common_client_ip|string,common_client_port|int,common_server_ip|string,common_server_port|int conditions=common_server_port|int|in|${80}^${8080} orderBy=common_server_ip|true common_log_ids=162273027957354498
|
||||
${resData} QueryLogs ${params} count
|
||||
|
||||
Policy-log-v1-00028
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
Comment 查询schema
|
||||
${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log
|
||||
Comment 处理schema,构造查询条件
|
||||
${params} Create Dictionary pageSize=${10} logType=security_event_log
|
||||
... start_common_recv_time=2020-06-01 00:00:00
|
||||
... end_common_recv_time=2020-06-24 00:00:00
|
||||
... fields=common_log_id|long|ID,http_url|string|地址,common_client_ip|string|客户端IP,common_client_port|int|客户端端口,common_server_ip|string|服务端IP,common_server_port|int|服务端端口
|
||||
... conditions=common_server_port|int|in|${80}^${8080}
|
||||
... orderBy=common_server_ip|true
|
||||
... common_log_ids=162273027957354498
|
||||
${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log
|
||||
Comment 处理schema,构造查询条件
|
||||
${params} Create Dictionary pageSize=${10} logType=security_event_log start_common_recv_time=2020-06-01 00:00:00 end_common_recv_time=2020-06-24 00:00:00 fields=common_log_id|long|ID,http_url|string|地址,common_client_ip|string|客户端IP,common_client_port|int|客户端端口,common_server_ip|string|服务端IP,common_server_port|int|服务端端口 conditions=common_server_port|int|in|${80}^${8080} orderBy=common_server_ip|true common_log_ids=162273027957354498
|
||||
${resData} QueryLogs ${params} batch
|
||||
|
||||
Policy-Delete-v1-00029
|
||||
Comment 创建urls
|
||||
${addItem1} Create Dictionary
|
||||
${addItem1} Create Dictionary
|
||||
${addItemList} Create List
|
||||
${objectDict1} Create Dictionary objectType=url isValid=${1} addItemList=*baidu.com,
|
||||
${objectDict2} Create Dictionary objectType=url isValid=${1} addItemList=*google.com
|
||||
@@ -642,42 +565,50 @@ Policy-Delete-v1-00029
|
||||
${objectIds} Evaluate list(map(int, re.split('[,]', '${objectIds}'))) re
|
||||
${rescode} DeleteObjects ${objectIds}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
|
||||
Policy-Import-v1-00030
|
||||
Comment 导入txt
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${rescode} ImportObject uploadFiles url.txt url ${EMPTY} ${EMPTY}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${rescode} ImportObject uploadFiles url.txt url ${EMPTY} ${EMPTY}
|
||||
|
||||
Policy-Import-v1-00031
|
||||
Comment 导入csv
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${rescode} ImportObject uploadFiles url.csv url ${EMPTY} ${EMPTY}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${rescode} ImportObject uploadFiles url.csv url ${EMPTY} ${EMPTY}
|
||||
|
||||
Policy-Import-v1-00032
|
||||
Comment 导入csv
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${rescode} ImportObject uploadFiles IP.csv ip endpoint ${EMPTY}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${rescode} ImportObject uploadFiles IP.csv ip endpoint ${EMPTY}
|
||||
|
||||
Policy-Export-v1-00033
|
||||
Comment 导 出Excel
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${response} ExportObject ip endpoint ${EMPTY} ${EMPTY}
|
||||
|
||||
Policy-Sort-v1-00034
|
||||
Comment 策略排序
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${params} Create Dictionary policyType=tsg_security policyId=${1517} afterPolicyId=${1518}
|
||||
${params1} Create Dictionary policyType=tsg_security policyId=${1515} beforePolicyId=${1514}
|
||||
${paramsList} Create List ${params} ${params1}
|
||||
${paramsList} Create List ${params} ${params1}
|
||||
${response} SortPolicies ${paramsList}
|
||||
|
||||
Policy-Statistics-v1-00035
|
||||
Comment 策略统计
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${response} StatisticsPolicies
|
||||
|
||||
Policy-ProtocolFields-v1-00036
|
||||
Comment 策略对象生效协议字段查询
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${response} PolicProtocolFields tsg_security ${EMPTY} ip
|
||||
|
||||
Object-Reference-v1-00037
|
||||
Comment 策略对象生效协议字段查询
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${response} ObjectReference 174
|
||||
Object-AppIDTree-v1-00038
|
||||
Comment 策略对象生效协议字段查询
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${response} AppIdTreeSearch 174
|
||||
${objectIds} Set Variable ${EMPTY}
|
||||
${response} AppIdTreeSearch 174
|
||||
|
||||
Reference in New Issue
Block a user