From 81e9ca606f3bf8013831034fa4027fa87ef3009b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Sat, 25 Apr 2020 21:21:48 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=87=E7=AD=BE=E5=A4=A7?= =?UTF-8?q?=E5=B0=8F=E5=86=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Deny_SSL_Tests.robot | 56 +++++++++---------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot index d5779a0..3280e6f 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_SSL_Tests.robot @@ -14,7 +14,7 @@ ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Deny-SSL-00001 - [Tags] ip Selfserver deny SSL + [Tags] Selfserver Ip Deny Ssl Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} @@ -26,7 +26,7 @@ SecurityPolicy-Deny-SSL-00001 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat - ... ELSE set variable curl https://open.node.com/test/xiaozhu/xiaozhu.html + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset ... ELSE Create List Connection reset by peer ${starttime} Get Time @@ -39,15 +39,15 @@ SecurityPolicy-Deny-SSL-00001 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00002 - [Tags] Selfserver SSL deny sni ip+fqdn右匹配 + [Tags] Selfserver Ssl Deny Sni Ip+Fqdn右匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -57,7 +57,7 @@ SecurityPolicy-Deny-SSL-00002 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ... ELSE Create List Operation timed out after ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -68,15 +68,15 @@ SecurityPolicy-Deny-SSL-00002 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00003 - [Tags] Selfserver SSL ip+cat完整匹配 deny sni + [Tags] Selfserver Deny Sni Ssl Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -86,7 +86,7 @@ SecurityPolicy-Deny-SSL-00003 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ... ELSE Create List Operation timed out after ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -97,15 +97,15 @@ SecurityPolicy-Deny-SSL-00003 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00004 - [Tags] Selfserver SSL deny ip+fqdn右匹配 cn + [Tags] Selfserver Ssl Deny Ip+Fqdn右匹配 Cn Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -126,15 +126,15 @@ SecurityPolicy-Deny-SSL-00004 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00005 - [Tags] Selfserver SSL ip+cat完整匹配 deny cn + [Tags] Selfserver Deny Cn Ssl Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -155,15 +155,15 @@ SecurityPolicy-Deny-SSL-00005 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00006 - [Tags] Selfserver SSL deny ip+fqdn右匹配 san + [Tags] Selfserver Ssl Deny Ip+Fqdn右匹配 San Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"rst"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} @@ -184,15 +184,15 @@ SecurityPolicy-Deny-SSL-00006 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com SecurityPolicy-Deny-SSL-00007 - [Tags] Selfserver SSL ip+cat完整匹配 deny sam + [Tags] Selfserver Deny San Ssl Ip+Cat完整匹配 Comment 创建目标IP ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId} - Comment FQDN + ${objectids} Catenate SEPARATOR=, ${objectId} + Comment 创建cat ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${objectId},${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectId} ${object_fqdn_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00007 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "SSL","method":"drop"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}