From 8f3571f6f939a485256ac97f7664c9a73da708ef Mon Sep 17 00:00:00 2001 From: hebingning Date: Tue, 26 Jan 2021 19:12:50 +0800 Subject: [PATCH] =?UTF-8?q?=E6=8B=A6=E6=88=AAhttp=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=A1=A5=E5=85=85=EF=BC=8Cip=20learning,ip=20geo,ip=20destinat?= =?UTF-8?q?ion,up=20policy:fqdn,ip?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../multi_step/a_Intercept_Http_Tests.robot | 55 ++++++++++++++++--- .../multi_step/b_Intercept_Http_Tests.robot | 51 ++++++++++++++--- .../multi_step/c_Intercept_Http_Tests.robot | 20 ++++++- .../SecurityPolicy_Intercept_HTTP_00002.bat | 2 +- 4 files changed, 111 insertions(+), 17 deletions(-) diff --git a/01-TestCase/tsg_adc/multi_step/a_Intercept_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Intercept_Http_Tests.robot index e97f7f7..ad08473 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Intercept_Http_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Intercept_Http_Tests.robot @@ -13,25 +13,66 @@ Resource ../../../03-Variable/ApplicationID.txt *** Test Cases *** SecurityPolicy-Intercept-Http-00001 - [Tags] fqdn完整匹配 + [Tags] fqdn完整匹配 update policy:source geo + ${addItemList1} Create Dictionary keywordArray=XXG地区.* + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip objectSubType=geo_location isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId} AddObjects ${1} ${objectDict} Comment 创建fqdn - ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.mydrivers.com - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.yumi.com + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Http-00001 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 insert_policyId_to_file1 intercept_http_objectId ${objectId} + insert_policyId_to_file1 intercept_http_objectId1 ${objectId1} insert_policyId_to_file1 intercept_http_policyId ${policyId} SecurityPolicy-Intercept-Http-00002 [Tags] cat右匹配 Comment 创建cat - ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*nerdacy.com - ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + # ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*nerdacy.com + # ${rescode} ${objectId} AddObject2 ${1} ${objectDict} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Http-00002 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Http-00002 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=109|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 - insert_policyId_to_file1 intercept_http_objectId1 ${objectId} + #insert_policyId_to_file1 intercept_http_objectId1 ${objectId} insert_policyId_to_file1 intercept_http_policyId1 ${policyId} + +SecurityPolicy-Intercept-Http-00003 + [Tags] destination ip + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建destination ip + ${addItemList1} Create Dictionary isSession=endpoint ip=192.168.40.158-192.168.40.158 port=0-65535 direction=0 protocol=0 isInitialize=0 + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObjects ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Http-00003 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + insert_policyId_to_file1 intercept_http_objectId2 ${objectId} + insert_policyId_to_file1 intercept_http_objectId3 ${objectId1} + insert_policyId_to_file1 intercept_http_policyId2 ${policyId} + +SecurityPolicy-Intercept-Http-00004 + [Tags] update policy:fqdn,destination ip learning + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*zongheng.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建fqdn2 + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.zongheng.com + ${rescode} ${objectId1} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Http-00004 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + insert_policyId_to_file1 intercept_http_objectId4 ${objectId} + insert_policyId_to_file1 intercept_http_objectId5 ${objectId1} + insert_policyId_to_file1 intercept_http_policyId3 ${policyId} + + diff --git a/01-TestCase/tsg_adc/multi_step/b_Intercept_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Intercept_Http_Tests.robot index e746be8..07e5905 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Intercept_Http_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Intercept_Http_Tests.robot @@ -5,20 +5,57 @@ Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../02-Keyword/tsg_adc/FileOperation.robot +Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot +Resource ../../../03-Variable/ApplicationID.txt +Resource ../../../05-Other/AllFlowCaseVariable.txt *** Test Cases *** SecurityPolicy-Intercept-Http-00001 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_HTTP_00001.bat - ... ELSE set variable curl http://www.mydrivers.com/ - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 硬件发烧友 - ... ELSE Create List 硬件发烧友 + ... ELSE set variable curl http://www.yumi.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 玉米 + ... ELSE Create List 玉米 + ${rescode} SystemCommands ${commandstr} ${stringlist} + Comment 修改policy的source + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Http-00001-1 policyId=${intercept_http_policyId} policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} source=${intercept_http_objectId}|TSG_SECURITY_SOURCE_LOCATION filterList=${intercept_http_objectId1}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_HTTP_00001.bat + ... ELSE set variable curl http://www.yumi.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 玉米 + ... ELSE Create List 玉米 ${rescode} SystemCommands ${commandstr} ${stringlist} - SecurityPolicy-Intercept-Http-00002 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_HTTP_00002.bat - ... ELSE set variable curl http://nerdacy.com/ - ${stringlist} run keyword if '${systemType}'=='Windows' Create List HOW TO CHOOSE BOOKSHELF SPEAKERS - ... ELSE Create List HOW TO CHOOSE BOOKSHELF SPEAKERS + ... ELSE set variable curl http://mbzponton.org/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Mercedes + ... ELSE Create List Mercedes + ${rescode} SystemCommands ${commandstr} ${stringlist} + +SecurityPolicy-Intercept-Http-00003 + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_HTTP_00003.bat + ... ELSE set variable curl http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Post + ... ELSE Create List Post + ${rescode} SystemCommands ${commandstr} ${stringlist} + +SecurityPolicy-Intercept-Http-00004 + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_HTTP_00004.bat + ... ELSE set variable curl http://www.zongheng.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 纵横中文网 + ... ELSE Create List 纵横中文网 + ${rescode} SystemCommands ${commandstr} ${stringlist} + Comment 改变安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Http-00004-1 policyId=${intercept_http_policyId3} destination=164533|TSG_SECURITY_DESTINATION_ADDR policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${intercept_http_objectId5}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_HTTP_00004.bat + ... ELSE set variable curl http://www.zongheng.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 纵横中文网 + ... ELSE Create List 纵横中文网 ${rescode} SystemCommands ${commandstr} ${stringlist} diff --git a/01-TestCase/tsg_adc/multi_step/c_Intercept_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Intercept_Http_Tests.robot index 0dec37b..a89a447 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Intercept_Http_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Intercept_Http_Tests.robot @@ -24,8 +24,24 @@ SecurityPolicy-Intercept-Http-00001 SecurityPolicy-Intercept-Http-00002 #删除对象 - ${objectids} set Variable ${intercept_http_objectId1} + #${objectids} set Variable ${intercept_http_objectId1} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${intercept_http_policyId1}]} ${s} Convert to String ${intercept_http_policyId1} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host nerdacy.com + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host mbzponton.org + +SecurityPolicy-Intercept-Http-00003 + #删除对象 + #${objectids} set Variable ${intercept_http_objectId1} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${intercept_http_policyId1}]} + ${s} Convert to String ${intercept_http_policyId1} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Intercept-Http-00004 + #删除对象 + ${objectids} set Variable ${intercept_http_objectId2} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${intercept_http_policyId3}]} + ${s} Convert to String ${intercept_http_policyId1} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host zongheng.com \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Intercept_HTTP_00002.bat b/05-Other/curl/command/SecurityPolicy_Intercept_HTTP_00002.bat index 36e2f49..fa7eefd 100644 --- a/05-Other/curl/command/SecurityPolicy_Intercept_HTTP_00002.bat +++ b/05-Other/curl/command/SecurityPolicy_Intercept_HTTP_00002.bat @@ -1 +1 @@ -curl http://nerdacy.com/ | iconv -f utf-8 -t gbk \ No newline at end of file +curl http://mbzponton.org/ | iconv -f utf-8 -t gbk \ No newline at end of file