gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

完善block和aler用例

Browse Source
This commit is contained in:
姬巍川
2020-05-08 20:13:36 +08:00
parent 30e4d5ddb0
commit 7cd6e0cbc2
1 changed files with 489 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

521
01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot
View File

@@ -16,7 +16,7 @@ ${profiledId} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Deny-Http-00001
[Tags] Selfserver Ip Deny Http
[Tags] deny http p selfserver
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -41,7 +41,7 @@ SecurityPolicy-Deny-Http-00001
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00002
[Tags] Selfserver Deny Http Ip+Fqdn右匹配
[Tags] selfserver deny http ip+fqdn右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -70,7 +70,7 @@ SecurityPolicy-Deny-Http-00002
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00003
[Tags] Selfserver Deny Http Ip+Cat完整匹配
[Tags] selfserver deny http ip+cat完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -99,7 +99,7 @@ SecurityPolicy-Deny-Http-00003
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00004
[Tags] Selfserver Deny Http Ip+Url字串匹配
[Tags] selfserver deny http ip+url字串匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -128,7 +128,7 @@ SecurityPolicy-Deny-Http-00004
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00005
[Tags] Selfserver Deny Http Ip+Url右匹配
[Tags] selfserver deny http ip+url右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -157,7 +157,7 @@ SecurityPolicy-Deny-Http-00005
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00006
[Tags] Selfserver Deny Http Ip+Url完整匹配
[Tags] selfserver deny http ip+url完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -186,7 +186,7 @@ SecurityPolicy-Deny-Http-00006
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00007
[Tags] Selfserver Deny Http Ip+Url左匹配
[Tags] selfserver deny http ip+url左匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -215,7 +215,7 @@ SecurityPolicy-Deny-Http-00007
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00008
[Tags] Selfserver Deny Ip+请求头字串匹配 Http
[Tags] selfserver deny ip+请求头字串匹配 http
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -244,7 +244,7 @@ SecurityPolicy-Deny-Http-00008
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00009
[Tags] Selfserver Deny Http Ip+请求头右匹配
[Tags] selfserver deny http ip+请求头右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -273,7 +273,7 @@ SecurityPolicy-Deny-Http-00009
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00010
[Tags] Selfserver Deny Http Ip+请求头完整匹配
[Tags] selfserver deny http ip+请求头完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -302,7 +302,7 @@ SecurityPolicy-Deny-Http-00010
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00011
[Tags] Selfserver Deny Http Ip+请求头左匹配
[Tags] selfserver deny http ip+请求头左匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -331,7 +331,7 @@ SecurityPolicy-Deny-Http-00011
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00012
[Tags] Selfserver Http Ip+Cookie子串匹配 Deny
[Tags] selfserver http ip+cookie子串匹配 deny
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -360,7 +360,7 @@ SecurityPolicy-Deny-Http-00012
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00013
[Tags] Selfserver Deny Http Ip+应答头字串匹配
[Tags] selfserver deny http ip+应答头字串匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -389,7 +389,7 @@ SecurityPolicy-Deny-Http-00013
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00014
[Tags] Selfserver Deny Http Ip+应答头右匹配
[Tags] selfserver deny http ip+应答头右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -418,7 +418,7 @@ SecurityPolicy-Deny-Http-00014
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00015
[Tags] Selfserver Deny Http Ip+应答头完整匹配
[Tags] selfserver deny http ip+应答头完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -447,7 +447,7 @@ SecurityPolicy-Deny-Http-00015
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00016
[Tags] Selfserver Deny Http Ip+应答头左匹配
[Tags] selfserver deny http ip+应答头左匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -476,7 +476,7 @@ SecurityPolicy-Deny-Http-00016
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00017
[Tags] Selfserver Deny Http Ip+Set-Cookie字串匹配
[Tags] selfserver deny http ip+set-cookie字串匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -492,7 +492,7 @@ SecurityPolicy-Deny-Http-00017
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl \ http://open.node.com/
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
@@ -505,7 +505,7 @@ SecurityPolicy-Deny-Http-00017
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00018
[Tags] Selfserver Deny Http Ip+Set-Cookie右匹配
[Tags] selfserver deny http ip+set-cookie右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -521,7 +521,7 @@ SecurityPolicy-Deny-Http-00018
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl \ http://open.node.com/
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
@@ -534,7 +534,7 @@ SecurityPolicy-Deny-Http-00018
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00019
[Tags] Selfserver Deny Ip+Set-Cookie完整匹配 Http
[Tags] selfserver deny ip+set-cookie完整匹配 http
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -550,7 +550,7 @@ SecurityPolicy-Deny-Http-00019
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl \ http://open.node.com/
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
@@ -563,7 +563,7 @@ SecurityPolicy-Deny-Http-00019
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00020
[Tags] Selfserver Deny Ip+Set-Cookie左匹配 Http
[Tags] selfserver deny ip+set-cookie左匹配 http
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -579,7 +579,7 @@ SecurityPolicy-Deny-Http-00020
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl \ http://open.node.com/
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${starttime} Get Time
@@ -592,7 +592,7 @@ SecurityPolicy-Deny-Http-00020
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00021
[Tags] Selfserver Deny Ip+请求体 Http
[Tags] selfserver deny ip+请求体 http
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -621,7 +621,7 @@ SecurityPolicy-Deny-Http-00021
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00022
[Tags] Selfserver Deny Http Ip+应答体
[Tags] selfserver deny http ip+应答体
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -650,7 +650,7 @@ SecurityPolicy-Deny-Http-00022
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00023
[Tags] Selfserver Deny Http 最大组合
[Tags] selfserver deny http 最大组合
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -695,7 +695,7 @@ SecurityPolicy-Deny-Http-00023
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00024
[Tags] selfserver deny Http IP+host block
[Tags] selfserver deny http ip+host block
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
@@ -723,7 +723,7 @@ SecurityPolicy-Deny-Http-00024
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00025
[Tags] selfserver deny Http IP+host alert
[Tags] selfserver deny http ip+host alert
Comment 创建第二个源IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.10|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -752,13 +752,13 @@ SecurityPolicy-Deny-Http-00025
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00026
[Tags] selfserver deny Http IP+host alert
[Tags] selfserver deny http ip+host alert
Comment 创建第二个源IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.50.10|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id}
#创建引用文件
@@ -784,7 +784,7 @@ SecurityPolicy-Deny-Http-00026
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00027
[Tags] Selfserver Deny Http 最大组合
[Tags] selfserver deny http 最大组合
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
@@ -925,3 +925,460 @@ SecurityPolicy-Deny-Http-00030
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00031
[Tags] selfserver deny alert http ip+url+请求头字串匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=node
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建引用文件
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00031 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"block","code":404,"html_profile":${profiledId}} referenceObject=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00031 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00032
[Tags] selfserver deny alert http ip+url+请求头左匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=node
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Chrome|User-Agent
${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00032 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"Главная страница"} referenceObject=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Главная страница
... ELSE Create List Главная страница
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00032 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"Главная страница"} referenceObject=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List Главная страница
... ELSE Create List Главная страница
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00033
[Tags] selfserver deny alert http ip+url+请求头右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*nationalbank.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建引用文件
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00033 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"block","code":403,"html_profile":${profiledId}} referenceObject=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00033 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00034
[Tags] selfserver deny alert http ip+url+请求头完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$open.node.com/test/xiaozhu/xiaozhu.html
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id}
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
${rescode} ${object_UA_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_Id}
#创建引用文件
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00034 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00034 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_UA_Id}|TSG_FIELD_HTTP_REQ_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00035
[Tags] selfserver deny alert http ip+set-cookie+应答头字串匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=utf-8|Content-Type
${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=4567|Set-Cookie
${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id}
#创建引用文件
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00031 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00031 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00036
[Tags] selfserver deny alert http ip+set-cookie+应答头左匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type
${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=1234*|Set-Cookie
${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00032 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"Главная страница"} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List Главная страница
... ELSE Create List Главная страница
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00032 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"Главная страница"} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Главная страница
... ELSE Create List Главная страница
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00037
[Tags] selfserver deny alert http ip+set-cookie+应答头完整匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=UTF-8|Content-Type
${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie
${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id}
#创建引用文件
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00034 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00034 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00038
[Tags] selfserver deny alert http ip+set-cookie+应答头右匹配
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type
${rescode} ${object_CT_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_Id}
Comment 创建set-cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*5678|Set-Cookie
${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id}
#创建引用文件
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00031 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat
... ELSE set variable curl \ http://open.node.com/test/youtube/youtube.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00031 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
SecurityPolicy-Deny-Http-00039
[Tags] selfserver deny alert http ip+cookie+请求体+应答体
Comment 创建目标IP
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test
${rescode} ${object_RQ_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_RQ_Id}
Comment 创建cookie
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie
${rescode} ${object_CK_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_Id}
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық
${rescode} ${object_yq_Id} AddObject2 ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${object_yq_Id}
#创建引用文件
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
${profiledId} Get From Dictionary ${response} profileId
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00031 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
Comment 修改策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00031 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_yq_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 policyId=${policyId}
${rescode} ${policyId} EditPolicy ${policyDict} update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat
... ELSE set variable curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html
${stringlist} run keyword if '${systemType}'=='Windows' Create List ${EMPTY}
... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${rescode} SystemCommands ${commandstr} ${stringlist}
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
#日志验证
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com