代理策略deny动作ssl
This commit is contained in:
姬巍川
786
01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot
Normal file
786
01-TestCase/tsg_adc/selfserver/Api_Proxy/Deny_Ssl_Tests.robot
Normal file
@@ -0,0 +1,786 @@
|
||||
*** Settings ***
|
||||
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
|
||||
Force Tags tsg_adc proxy_policy
|
||||
Library OperatingSystem
|
||||
Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot
|
||||
Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
||||
Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
||||
Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot
|
||||
Resource ../../../../03-Variable/AllFlowCaseVariable.txt
|
||||
|
||||
*** Variables ***
|
||||
${policyIds} ${EMPTY}
|
||||
${objectids} ${EMPTY}
|
||||
${url} /policy/profile/responsepages
|
||||
${profiledId} ${EMPTY}
|
||||
|
||||
*** Test Cases ***
|
||||
ProxyPolicy-Deny-Ssl-00001
|
||||
[Tags] selfserver ip deny ssl
|
||||
Comment 创建目标IP
|
||||
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00001 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"test","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
|
||||
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List test Tango Secure Gateway CA
|
||||
... ELSE Create List test Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00002
|
||||
[Tags] selfserver ip+fqdn完整匹配 deny ssl
|
||||
Comment 创建fqdn
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00002 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
|
||||
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好,五一 Tango Secure Gateway CA
|
||||
... ELSE Create List 你好,五一 Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00003
|
||||
[Tags] selfserver ip+cat右匹配 deny ssl
|
||||
Comment 创建cat
|
||||
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*node.com
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00003 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_HOST
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
|
||||
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA
|
||||
... ELSE Create List виде Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00004
|
||||
[Tags] selfserver deny ip+url右匹配 ssl
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*rutube.html
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
|
||||
${profiledId} Get From Dictionary ${response} profileId
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00004 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
|
||||
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA
|
||||
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00005
|
||||
[Tags] selfserver deny ip+url字串匹配 ssl
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=test
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
|
||||
${profiledId} Get From Dictionary ${response} profileId
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00005 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
|
||||
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA
|
||||
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00006
|
||||
[Tags] selfserver deny ip+url完整匹配 ssl
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/bytedance/bytedance.html
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00006 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
|
||||
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA
|
||||
... ELSE Create List виде Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00007
|
||||
[Tags] selfserver deny ip+url左匹配 ssl
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=open.node*
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
#创建引用文件
|
||||
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
|
||||
${profiledId} Get From Dictionary ${response} profileId
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00007 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_URL
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
|
||||
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA
|
||||
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00008
|
||||
[Tags] selfserver deny ssl ip+请求头右匹配
|
||||
Comment 创建请求头
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
|
||||
${profiledId} Get From Dictionary ${response} profileId
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00008 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":404,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
|
||||
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA
|
||||
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00009
|
||||
[Tags] selfserver deny ip+请求头字串匹配 ssl
|
||||
Comment 创建请求头
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
|
||||
${profiledId} Get From Dictionary ${response} profileId
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00009 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
|
||||
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA
|
||||
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00010
|
||||
[Tags] selfserver deny ip+请求头完整匹配 ssl
|
||||
Comment 创建请求头
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00010 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"виде","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
|
||||
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List виде Tango Secure Gateway CA
|
||||
... ELSE Create List виде Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00011
|
||||
[Tags] selfserver deny ip+请求头左匹配 ssl
|
||||
Comment 创建请求头
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
#创建引用文件
|
||||
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
|
||||
${profiledId} Get From Dictionary ${response} profileId
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00011 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
|
||||
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA
|
||||
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00012
|
||||
[Tags] selfserver deny ip+cookie字串匹配 ssl
|
||||
Comment 创建cookie
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00012 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"zxcvbnm","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0012.bat
|
||||
... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'https://www.baidu.com/' \ https://open.node.com/test/nationalbank/nationalbank.html
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm Tango Secure Gateway CA
|
||||
... ELSE Create List zxcvbnm Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00013
|
||||
[Tags] selfserver deny ip+应答头右匹配 ssl
|
||||
Comment 创建应答头
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*html|Content-Type
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00013 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
|
||||
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 Tango Secure Gateway CA
|
||||
... ELSE Create List 你好明天 Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00014
|
||||
[Tags] selfserver deny ip+应答头字串匹配 ssl
|
||||
Comment 创建应答头
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
|
||||
${profiledId} Get From Dictionary ${response} profileId
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00014 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
|
||||
... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List \ Tango Secure Gateway CA
|
||||
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00015
|
||||
[Tags] selfserver deny ip+应答头完整匹配 ssl
|
||||
Comment 创建应答头
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00015 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat
|
||||
... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty Tango Secure Gateway CA
|
||||
... ELSE Create List qwerty Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00016
|
||||
[Tags] selfserver deny ip+应答头左匹配 ssl
|
||||
Comment 创建应答头
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html*|Content-Type
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00016 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
|
||||
... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 Tango Secure Gateway CA
|
||||
... ELSE Create List 123456 Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00017
|
||||
[Tags] selfserver deny ip+set-cookie右匹配 ssl
|
||||
Comment 创建set-cookie
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*HttpOnly|Set-Cookie
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00017 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好明天","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
|
||||
... ELSE set variable curl -kv https://open.node.com/
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 Tango Secure Gateway CA
|
||||
... ELSE Create List 你好明天 Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00018
|
||||
[Tags] selfserver deny ip+set-cookie字串匹配 ssl
|
||||
Comment 创建set-cookie
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
|
||||
${profiledId} Get From Dictionary ${response} profileId
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-HTTP-00018 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","html_profile":${profiledId},"code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
|
||||
... ELSE set variable curl -kv https://open.node.com/
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA
|
||||
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00019
|
||||
[Tags] selfserver deny ip+set-cookie完整匹配 ssl
|
||||
Comment 创建set-cookie
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-ssl-00019 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"qwerty","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
|
||||
... ELSE set variable curl -kv \ -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=yyyyy" https://open.node.com/action
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty Tango Secure Gateway CA
|
||||
... ELSE Create List qwerty Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00020
|
||||
[Tags] selfserver deny ip+set-cookie左匹配 ssl
|
||||
Comment 创建set-cookie
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=JSESSIONID*|Set-Cookie
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00020 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"123456","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
|
||||
... ELSE set variable curl -kv https://open.node.com/
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 Tango Secure Gateway CA
|
||||
... ELSE Create List 123456 Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00021
|
||||
[Tags] selfserver deny ip+请求体字串匹配 ssl
|
||||
Comment 创建请求体
|
||||
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-SSL-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
|
||||
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Извините Tango Secure Gateway CA
|
||||
... ELSE Create List Извините Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00022
|
||||
[Tags] selfserver deny ip+应答体字串匹配 ssl
|
||||
Comment 创建应答体
|
||||
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Response Body
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-ssl-00022 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"Извините","code":451,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${objectId}|TSG_FIELD_HTTP_RES_CONTENT
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0019.bat
|
||||
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" https://open.node.com/action
|
||||
@{stringlist} run keyword if '${systemType}'=='Windows' Create List Empty reply from server Tango Secure Gateway CA
|
||||
... ELSE Create List Connection reset by peer Tango Secure Gateway CA
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommand ${commandstr} @{stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
|
||||
ProxyPolicy-Deny-Ssl-00023
|
||||
[Tags] selfserver 最大组合 deny ssl
|
||||
Comment 创建fqdn
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com
|
||||
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${object_fqdn_Id}
|
||||
Comment 创建url
|
||||
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*bytedance.html
|
||||
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${object_url_Id}
|
||||
Comment 创建请求头
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
|
||||
${rescode} ${object_rq_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${object_rq_Id}
|
||||
Comment 创建应答头
|
||||
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type
|
||||
${rescode} ${object_re_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${object_re_Id}
|
||||
Comment 创建应答体
|
||||
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=字节跳动
|
||||
${rescode} ${object_by_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${object_by_Id}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "SSL"} referenceObject= isValid=${1} appObjectIdArray=3
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]}
|
||||
${policyIds} Create List ${policyId1}
|
||||
Comment 创建管控策略
|
||||
${policyDict} Create Dictionary policyName=proxyPolicy-Deny-Ssl-00023 policyType=pxy_manipulation policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"method":"block","message":"你好,五一","code":403,"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${object_by_Id}|TSG_FIELD_HTTP_RES_CONTENT
|
||||
${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict}
|
||||
#删除策略
|
||||
${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
|
||||
${policyIds} Create List ${policyId1} ${policyId2}
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00023.bat
|
||||
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com/test/bytedance/bytedance.html
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Empty reply from server
|
||||
... ELSE Create List Connection reset by peer
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
${s} Convert to String ${policyId3}
|
||||
GetLogList proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
||||
Reference in New Issue
Block a user