diff --git a/01-TestCase/tsg_bfapi/security_policy/Security_Policy_Deny_Test.robot b/01-TestCase/tsg_bfapi/security_policy/Security_Policy_Deny_Test.robot index b7223c0..d9f6ba3 100644 --- a/01-TestCase/tsg_bfapi/security_policy/Security_Policy_Deny_Test.robot +++ b/01-TestCase/tsg_bfapi/security_policy/Security_Policy_Deny_Test.robot @@ -1,701 +1,701 @@ -*** Settings *** -Test Teardown DeletePolicyAndObject ${policyIds} ${objectIds} ${group} -Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot -Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot -Resource ../../../02-Keyword/tsg_bfapi/policy_object/Object.robot -Resource ../../../02-Keyword/tsg_bfapi/policy_object/Log.robot -Resource ../../../02-Keyword/tsg_bfapi/Common.robot -Library json -Library DateTime -*** Variables *** -@{policyIds} -@{profiles} -${objectIds} ${EMPTY} -${group} ${EMPTY} -*** Test Cases *** -deny-test-001 - #新建deny,协议单选http - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary policyName=新建deny单选协 action=deny source=${objectId1}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} isValid=${1} appIdObjects=2 - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-002 - #新建deny,协议单选ssl - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=新建deny单选协议 - ... policyType=tsg_security - ... action=deny - ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR - ... userRegion={"protocol":"SSL","method":"drop"} - ... isValid=${1} - ... appIdObjects=3 - ... policyDesc=autotest - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-003 - #新建deny,协议单选dns - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=新建deny单选协议 - ... policyType=tsg_security - ... action=deny - ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR - ... userRegion={"protocol":"DNS","method":"drop"} - ... isValid=${1} - ... appIdObjects=4 - ... policyDesc=autotest - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-004 - #新建deny,协议单选mail - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=新建deny单选协议 - ... policyType=tsg_security - ... action=deny - ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR - ... userRegion={"protocol":"MAIL","method":"drop"} - ... isValid=${1} - ... appIdObjects=5 - ... policyDesc=autotest - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-005 - #新建deny,协议单选ftp - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=新建deny单选协议 - ... policyType=tsg_security - ... action=deny - ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR - ... userRegion={"protocol":"FTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=6 - ... policyDesc=autotest - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-006 - #新建deny,协议单选quic - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=新建deny单选协议 - ... policyType=tsg_security - ... action=deny - ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR - ... userRegion={"protocol":"QUIC","method":"drop"} - ... isValid=${1} - ... appIdObjects=7 - ... policyDesc=autotest - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-007 - #新建deny,协议单选quic - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=新建deny多选协议 - ... policyType=tsg_security - ... action=deny - ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR - ... isValid=${1} - ... userRegion={"method":"drop"} - ... appIdObjects=2,3,4,5,6,7 - ... policyDesc=autotest - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-008 - #新建deny,Application选择HTTP,filter选择host中的fqdn,右匹配 - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建fqdn - ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId},${objectIds} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的fqdn,右匹配 - ... policyType=tsg_security - ... action=deny - ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId}|TSG_FIELD_HTTP_HOST - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-009 - #新建deny,Application选择HTTP,filter选择host中的fqdn,完全匹配 - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建fqdn - ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId},${objectIds} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的fqdn,完全匹配 - ... policyType=tsg_security - ... action=deny - ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId}|TSG_FIELD_HTTP_HOST - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-010 - #新建deny,Application选择HTTP,filter选择host中的fqdn-group - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - Comment 创建fqdn - ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - Comment 创建fqdn1 - ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com - ${rescode} ${objectId0} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId0},${objectId},${objectId1} - Comment 创建fqdn-group - ${subObjectIds} Create list ${objectId} ${objectId0} - ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} - ${rescode} ${objectId2} AddObject ${objectDict} - ${group} Set Variable ${objectId2} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的fqdn-group - ... policyType=tsg_security - ... action=deny - ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId2}|TSG_FIELD_HTTP_HOST - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} -deny-test-011 - #新建deny,Application选择HTTP,filter选择host中的category,右匹配 - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建fqdn - ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId},${objectIds} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category,右匹配 - ... policyType=tsg_security - ... action=deny - ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId}|TSG_FIELD_HTTP_HOST - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-012 - #新建deny,Application选择HTTP,filter选择host中的category,完全匹配 - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建fqdn - ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId},${objectIds} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category,完全匹配 - ... policyType=tsg_security - ... action=deny - ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId}|TSG_FIELD_HTTP_HOST - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-013 - #新建deny,Application选择HTTP,filter选择host中的fqdn_category-group - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - Comment 创建fqdn - ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} - Comment 创建fqdn1 - ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com - ${rescode} ${objectId0} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId0},${objectId},${objectId1} - Comment 创建fqdn-group - ${subObjectIds} Create list ${objectId} ${objectId0} - log 111111111111111111${subObjectIds} - ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} - ${rescode} ${objectId2} AddObject ${objectDict} - ${group} Set Variable ${objectId2} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId2}|TSG_FIELD_HTTP_HOST - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-014 - #新建deny,Application选择HTTP,filter选择url,左匹配 - Comment 创建url - ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=abcd.* - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId1}|TSG_FIELD_HTTP_URL - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-015 - #新建deny,Application选择HTTP,filter选择url,右匹配 - Comment 创建url - ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*скрипцияк - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId1}|TSG_FIELD_HTTP_URL - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-016 - #新建deny,Application选择HTTP,filter选择url,完全匹配 - Comment 创建url - ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$完全匹配 - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId1}|TSG_FIELD_HTTP_URL - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-017 - #新建deny,Application选择HTTP,filter选择url - Comment 创建url - ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=123!@#¥%…… - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId1}|TSG_FIELD_HTTP_URL - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-018 - #新建deny,Application选择HTTP,filter选择url-group - Comment 创建IP - #object为IP→endpoint时的addItemList单个对象 - ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 - #可以添加多个 - ${addItemLists} Create list ${addItemList1} - #objectList对象 - ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} - ${rescode} ${objectId0} AddObject2 ${1} ${objectDict} - Comment 创建url - ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=abcd.* - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - Comment 创建url - ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*скрипцияк - ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} - Comment 创建url - ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$完全匹配 - ${rescode} ${objectId3} AddObject2 ${1} ${objectDict} - Comment 创建url - ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=123!@#¥%…… - ${rescode} ${objectId4} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1},${objectId2},${objectId3},${objectId4},${objectId0} - Comment 创建fqdn-group - ${subObjectIds} Create list ${objectId1} ${objectId2} ${objectId3} ${objectId4} - log 11111111111111${subObjectIds} - ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} - ${rescode} ${objectId5} AddObject ${objectDict} - ${group} Set Variable ${objectId5} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId5}|TSG_FIELD_HTTP_URL - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-019 - #新建deny,Application选择HTTP,filter选择request header中的user-agent,左匹配 - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=abcd.*|User-Agent - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-020 - #新建deny,Application选择HTTP,filter选择request header中的user-agent,右匹配 - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*скрипцияк|User-Agent - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-021 - #新建deny,Application选择HTTP,filter选择request header中的user-agent,完全匹配 - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$完全匹配|User-Agent - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-022 - #新建deny,Application选择HTTP,filter选择request header中的user-agent,子串匹配 - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=123!@#¥%……|User-Agent - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-023 - #新建deny,Application选择HTTP,filter选择request header中的user-agent-group - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=abcd.*|User-Agent - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*скрипцияк|User-Agent - ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$完全匹配|User-Agent - ${rescode} ${objectId3} AddObject2 ${1} ${objectDict} - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=123!@#¥%……|User-Agent - ${rescode} ${objectId4} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1},${objectId2},${objectId3},${objectId4} - Comment 创建url-group - ${subObjectIds} Create list ${objectId1},${objectId2},${objectId3},${objectId4} - ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} - ${rescode} ${objectId5} AddObject ${objectDict} - ${group} Set Variable ${objectId2} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId5}|TSG_FIELD_HTTP_REQ_HDR - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-024 - #新建deny,Application选择HTTP,filter选择request header中的Cookie,左匹配 - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=abcd.*|Cookie - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-025 - #新建deny,Application选择HTTP,filter选择request header中的Cookie,右匹配 - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*скрипцияк|Cookie - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-026 - #新建deny,Application选择HTTP,filter选择request header中的Cookie,完全匹配 - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$完全匹配|Cookie - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-027 - #新建deny,Application选择HTTP,filter选择request header中的Cookie,子串匹配 - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=123!@#¥%……|Cookie - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - -deny-test-028 - #新建deny,Application选择HTTP,filter选择request header中的Cookie-group - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=abcd.*|Cookie - ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*скрипцияк|Cookie - ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$完全匹配|Cookie - ${rescode} ${objectId3} AddObject2 ${1} ${objectDict} - Comment 创建url - ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=123!@#¥%……|Cookie - ${rescode} ${objectId4} AddObject2 ${1} ${objectDict} - ${objectIds} Set Variable ${objectId1},${objectId2},${objectId3},${objectId4} - Comment 创建fqdn-group - ${subObjectIds} Create list ${objectId1},${objectId2},${objectId3},${objectId4} - ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} - ${rescode} ${objectId5} AddObject ${objectDict} - ${group} Set Variable ${objectId2} - Comment 创建策略 - ${policyDict} Create Dictionary - ... policyName=Application选择HTTP,filter选择host中的category-group - ... policyType=tsg_security - ... action=deny - ... userRegion={"protocol":"HTTP","method":"drop"} - ... isValid=${1} - ... appIdObjects=2 - ... policyDesc=autotest - ... filterList=${objectId5}|TSG_FIELD_HTTP_REQ_HDR - ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 - ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} - +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectIds} ${group} +Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot +Resource ../../../02-Keyword/tsg_bfapi/policy_object/Object.robot +Resource ../../../02-Keyword/tsg_bfapi/policy_object/Log.robot +Resource ../../../02-Keyword/tsg_bfapi/Common.robot +Library json +Library DateTime +*** Variables *** +@{policyIds} +@{profiles} +${objectIds} ${EMPTY} +${group} ${EMPTY} +*** Test Cases *** +deny-test-001 + #新建deny,协议单选http + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary policyName=新建deny单选协 action=deny source=${objectId1}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} isValid=${1} appIdObjects=2 + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-002 + #新建deny,协议单选ssl + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=新建deny单选协议 + ... policyType=tsg_security + ... action=deny + ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR + ... userRegion={"protocol":"SSL","method":"drop"} + ... isValid=${1} + ... appIdObjects=3 + ... policyDesc=autotest + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-003 + #新建deny,协议单选dns + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=新建deny单选协议 + ... policyType=tsg_security + ... action=deny + ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR + ... userRegion={"protocol":"DNS","method":"drop"} + ... isValid=${1} + ... appIdObjects=4 + ... policyDesc=autotest + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-004 + #新建deny,协议单选mail + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=新建deny单选协议 + ... policyType=tsg_security + ... action=deny + ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR + ... userRegion={"protocol":"MAIL","method":"drop"} + ... isValid=${1} + ... appIdObjects=5 + ... policyDesc=autotest + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-005 + #新建deny,协议单选ftp + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=新建deny单选协议 + ... policyType=tsg_security + ... action=deny + ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR + ... userRegion={"protocol":"FTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=6 + ... policyDesc=autotest + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-006 + #新建deny,协议单选quic + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=新建deny单选协议 + ... policyType=tsg_security + ... action=deny + ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR + ... userRegion={"protocol":"QUIC","method":"drop"} + ... isValid=${1} + ... appIdObjects=7 + ... policyDesc=autotest + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-007 + #新建deny,协议单选quic + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=新建deny多选协议 + ... policyType=tsg_security + ... action=deny + ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR + ... isValid=${1} + ... userRegion={"method":"drop"} + ... appIdObjects=2,3,4,5,6,7 + ... policyDesc=autotest + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-008 + #新建deny,Application选择HTTP,filter选择host中的fqdn,右匹配 + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId},${objectIds} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的fqdn,右匹配 + ... policyType=tsg_security + ... action=deny + ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-009 + #新建deny,Application选择HTTP,filter选择host中的fqdn,完全匹配 + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId},${objectIds} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的fqdn,完全匹配 + ... policyType=tsg_security + ... action=deny + ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-010 + #新建deny,Application选择HTTP,filter选择host中的fqdn-group + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.5ytb.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建fqdn1 + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*.com + ${rescode} ${objectId0} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId0},${objectId},${objectId1} + Comment 创建fqdn-group + ${subObjectIds} Create list ${objectId} ${objectId0} + ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} + ${rescode} ${objectId2} AddObject ${objectDict} + ${group} Set Variable ${objectId2} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的fqdn-group + ... policyType=tsg_security + ... action=deny + ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId2}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} +deny-test-011 + #新建deny,Application选择HTTP,filter选择host中的category,右匹配 + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId},${objectIds} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category,右匹配 + ... policyType=tsg_security + ... action=deny + ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-012 + #新建deny,Application选择HTTP,filter选择host中的category,完全匹配 + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId},${objectIds} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category,完全匹配 + ... policyType=tsg_security + ... action=deny + ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-013 + #新建deny,Application选择HTTP,filter选择host中的fqdn_category-group + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$www.5ytb.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建fqdn1 + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*.com + ${rescode} ${objectId0} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId0},${objectId},${objectId1} + Comment 创建fqdn-group + ${subObjectIds} Create list ${objectId} ${objectId0} + log 111111111111111111${subObjectIds} + ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} + ${rescode} ${objectId2} AddObject ${objectDict} + ${group} Set Variable ${objectId2} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... source=${objectId1}|TSG_SECURITY_SOURCE_ADDR + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId2}|TSG_FIELD_HTTP_HOST + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-014 + #新建deny,Application选择HTTP,filter选择url,左匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=abcd.* + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId1}|TSG_FIELD_HTTP_URL + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-015 + #新建deny,Application选择HTTP,filter选择url,右匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*скрипцияк + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId1}|TSG_FIELD_HTTP_URL + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-016 + #新建deny,Application选择HTTP,filter选择url,完全匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$完全匹配 + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId1}|TSG_FIELD_HTTP_URL + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-017 + #新建deny,Application选择HTTP,filter选择url + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=123!@#¥%…… + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId1}|TSG_FIELD_HTTP_URL + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-018 + #新建deny,Application选择HTTP,filter选择url-group + Comment 创建IP + #object为IP→endpoint时的addItemList单个对象 + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.41.68-192.168.41.69 port=0-0 direction=0 protocol=0 isInitialize=0 + #可以添加多个 + ${addItemLists} Create list ${addItemList1} + #objectList对象 + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId0} AddObject2 ${1} ${objectDict} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=abcd.* + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*скрипцияк + ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=$完全匹配 + ${rescode} ${objectId3} AddObject2 ${1} ${objectDict} + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=123!@#¥%…… + ${rescode} ${objectId4} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1},${objectId2},${objectId3},${objectId4},${objectId0} + Comment 创建fqdn-group + ${subObjectIds} Create list ${objectId1} ${objectId2} ${objectId3} ${objectId4} + log 11111111111111${subObjectIds} + ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} + ${rescode} ${objectId5} AddObject ${objectDict} + ${group} Set Variable ${objectId5} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... source=${objectId0}|TSG_SECURITY_SOURCE_ADDR + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId5}|TSG_FIELD_HTTP_URL + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-019 + #新建deny,Application选择HTTP,filter选择request header中的user-agent,左匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=abcd.*|User-Agent + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-020 + #新建deny,Application选择HTTP,filter选择request header中的user-agent,右匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*скрипцияк|User-Agent + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-021 + #新建deny,Application选择HTTP,filter选择request header中的user-agent,完全匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$完全匹配|User-Agent + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-022 + #新建deny,Application选择HTTP,filter选择request header中的user-agent,子串匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=123!@#¥%……|User-Agent + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-023 + #新建deny,Application选择HTTP,filter选择request header中的user-agent-group + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=abcd.*|User-Agent + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*скрипцияк|User-Agent + ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$完全匹配|User-Agent + ${rescode} ${objectId3} AddObject2 ${1} ${objectDict} + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=123!@#¥%……|User-Agent + ${rescode} ${objectId4} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1},${objectId2},${objectId3},${objectId4} + Comment 创建url-group + ${subObjectIds} Create list ${objectId1},${objectId2},${objectId3},${objectId4} + ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} + ${rescode} ${objectId5} AddObject ${objectDict} + ${group} Set Variable ${objectId2} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId5}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-024 + #新建deny,Application选择HTTP,filter选择request header中的Cookie,左匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=abcd.*|Cookie + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-025 + #新建deny,Application选择HTTP,filter选择request header中的Cookie,右匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*скрипцияк|Cookie + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-026 + #新建deny,Application选择HTTP,filter选择request header中的Cookie,完全匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$完全匹配|Cookie + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-027 + #新建deny,Application选择HTTP,filter选择request header中的Cookie,子串匹配 + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=123!@#¥%……|Cookie + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + +deny-test-028 + #新建deny,Application选择HTTP,filter选择request header中的Cookie-group + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=abcd.*|Cookie + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*скрипцияк|Cookie + ${rescode} ${objectId2} AddObject2 ${1} ${objectDict} + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$完全匹配|Cookie + ${rescode} ${objectId3} AddObject2 ${1} ${objectDict} + Comment 创建url + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=123!@#¥%……|Cookie + ${rescode} ${objectId4} AddObject2 ${1} ${objectDict} + ${objectIds} Set Variable ${objectId1},${objectId2},${objectId3},${objectId4} + Comment 创建fqdn-group + ${subObjectIds} Create list ${objectId1},${objectId2},${objectId3},${objectId4} + ${objectDict} Set Variable {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"${Default_ObjectName}","objectDesc":"","subObjectIds":${subObjectIds},"addItemList":[],"updateItemList":[],"deleteItemIds":[],"iconColor":"#31739C"}} + ${rescode} ${objectId5} AddObject ${objectDict} + ${group} Set Variable ${objectId2} + Comment 创建策略 + ${policyDict} Create Dictionary + ... policyName=Application选择HTTP,filter选择host中的category-group + ... policyType=tsg_security + ... action=deny + ... userRegion={"protocol":"HTTP","method":"drop"} + ... isValid=${1} + ... appIdObjects=2 + ... policyDesc=autotest + ... filterList=${objectId5}|TSG_FIELD_HTTP_REQ_HDR + ${rescode} ${policyIds} AddPolicies 1 ${policyDict} v2 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyIds}]} + \ No newline at end of file