diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot index d5779a0..3280e6f 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot @@ -14,7 +14,7 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Deny-SSL-00001 - [Tags] ip Selfserver deny SSL + [Tags] Selfserver Ip Deny Ssl Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} @@ -26,7 +26,7 @@ SecurityPolicy-Deny-SSL-00001 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat - ... ELSE set variable curl https://open.node.com/test/xiaozhu/xiaozhu.html + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset ... ELSE Create List Connection reset by peer ${starttime} Get Time @@ -39,15 +39,15 @@ SecurityPolicy-Deny-SSL-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00002 - [Tags] Selfserver SSL deny sni ip+fqdn右匹配 + [Tags] Selfserver Ssl Deny Sni Ip+Fqdn右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -57,7 +57,7 @@ SecurityPolicy-Deny-SSL-00002 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ... ELSE Create List Operation timed out after ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -68,15 +68,15 @@ SecurityPolicy-Deny-SSL-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00003 - [Tags] Selfserver SSL ip+cat完整匹配 deny sni + [Tags] Selfserver Deny Sni Ssl Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -86,7 +86,7 @@ SecurityPolicy-Deny-SSL-00003 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ... ELSE Create List Operation timed out after ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -97,15 +97,15 @@ SecurityPolicy-Deny-SSL-00003 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00004 - [Tags] Selfserver SSL deny ip+fqdn右匹配 cn + [Tags] Selfserver Ssl Deny Ip+Fqdn右匹配 Cn Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -126,15 +126,15 @@ SecurityPolicy-Deny-SSL-00004 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00005 - [Tags] Selfserver SSL ip+cat完整匹配 deny cn + [Tags] Selfserver Deny Cn Ssl Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -155,15 +155,15 @@ SecurityPolicy-Deny-SSL-00005 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00006 - [Tags] Selfserver SSL deny ip+fqdn右匹配 san + [Tags] Selfserver Ssl Deny Ip+Fqdn右匹配 San Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -184,15 +184,15 @@ SecurityPolicy-Deny-SSL-00006 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00007 - [Tags] Selfserver SSL ip+cat完整匹配 deny sam + [Tags] Selfserver Deny San Ssl Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}