From ae2ecc414de5c4909dd14778d337c7b3fe751539 Mon Sep 17 00:00:00 2001 From: dongxiaoyan Date: Fri, 24 Apr 2020 18:44:07 +0800 Subject: [PATCH] =?UTF-8?q?=E8=B0=83=E6=95=B4=E7=AD=96=E7=95=A5=E6=8B=BC?= =?UTF-8?q?=E6=8E=A5=E9=80=82=E5=BA=94=E4=B8=BB=E5=8A=A8=E7=AD=96=E7=95=A5?= =?UTF-8?q?=E9=83=A8=E5=88=86=EF=BC=8C=E4=B8=BB=E5=8A=A8=E7=AD=96=E7=95=A5?= =?UTF-8?q?=E9=83=A8=E5=88=86=E4=B8=BA=E6=B7=BB=E5=8A=A0=E5=8A=9F=E8=83=BD?= =?UTF-8?q?=E7=AB=AF=E9=AA=8C=E8=AF=81=E5=B0=9D=E8=AF=95=E4=B8=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../zjj/ZDFY_ActiveDefencePolicy.robot | 123 ++++++++++++++++++ 02-Keyword/tsg_bfapi/PolicyObject.robot | 3 +- 02-Keyword/tsg_common/ManagePolicyBody.robot | 10 +- 3 files changed, 132 insertions(+), 4 deletions(-) create mode 100644 01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot diff --git a/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot b/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot new file mode 100644 index 0000000..a51887e --- /dev/null +++ b/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot @@ -0,0 +1,123 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags zjj Security_Policy Active_Defence_Policy +Library OperatingSystem +Resource ../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../03-Variable/PolicyObjectDefault.txt +Resource ../../02-Keyword/tsg_common/StmpHandle.robot +Resource ../../03-Variable/BifangApiVariable.txt +Resource ../../02-Keyword/tsg_bfapi/Common.robot +Library Custometest +Library json + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} +${url} /policy/profile/responsepages +${profiledId} ${EMPTY} +${target_ip} 10.3.22.199 +# 无DHCP,需要手动设置IP,可用地址段: 10.3.22.[129-254], 掩码: 255.255.255.0, DNS服务器: 10.3.22.11。 +*** Test Cases *** +ZDFY_ActiveDefencePolicy-Flood-00001 + [Tags] flood + + ${caseName} set variable ZDFY_ActiveDefencePolicy-Flood-00001 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + + Comment 创建带主动策略Flood + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} + + +ZDFY_ActiveDefencePolicy-Reflection-00001 + [Tags] reflection + ${caseName} set variable ZDFY_ActiveDefencePolicy-Reflection-00001 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /v1/policy/profile/reflector body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.11"],"isValid":1,"profileDesc":"autotest"}]} + ${reflector_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + ${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorType":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} + #${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorPayload":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} + ${payload_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + Comment 创建策略reflection + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"reflection","reflector_type":"DNS","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"payload_profile_id":${payload_profile_id},"reflector_profile_id":${reflector_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} +ZDFY_ActiveDefencePolicy-CC-00001 + [Tags] CC + ${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00001 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":""}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + Comment 创建带主动策略CC + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"cc","l7_protocol":"HTTP","target_url":"http://test.com","rate_cps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} + + +ZDFY_ActiveDefencePolicy-CC-00002 + [Tags] CC + ${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00002 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + Comment 创建带主动策略CC + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"cc","l7_protocol":"HTTPS","target_url":"https://test.com","rate_cps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} \ No newline at end of file diff --git a/02-Keyword/tsg_bfapi/PolicyObject.robot b/02-Keyword/tsg_bfapi/PolicyObject.robot index 1f9f4da..947e3f4 100644 --- a/02-Keyword/tsg_bfapi/PolicyObject.robot +++ b/02-Keyword/tsg_bfapi/PolicyObject.robot @@ -166,7 +166,8 @@ DeletePolicyAndObject END #删除对象 log todeleteobj_DeletePolicyAndObject - DeleteObject ${objectids} + Run Keyword If "${objectids}"=="${EMPTY}" log no obj to del + ... ELSE DeleteObject ${objectids} DeleteAfterCase [Arguments] ${policyids} ${objectids} diff --git a/02-Keyword/tsg_common/ManagePolicyBody.robot b/02-Keyword/tsg_common/ManagePolicyBody.robot index 3d6db02..579619f 100644 --- a/02-Keyword/tsg_common/ManagePolicyBody.robot +++ b/02-Keyword/tsg_common/ManagePolicyBody.robot @@ -72,13 +72,17 @@ PolicyParamsOpertion Set To Dictionary ${policyList} userRegion=${Default_UserRegion} ${userRegion} Run Keyword If "${return}"=="FAIL" or '${userRegion}'=="${EMPTY}" Set Variable "" ... ELSE Set Variable ${userRegion} + + #针对主动防御特殊处理,主动防御不应用对象 + ${active_defence_emptyList} Create List + ${return} ${policyType} Run Keyword And Ignore Error Set Variable ${policyList}[policyType] + Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} referenceObject=${active_defence_emptyList} + Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} appObjectIdArray=${active_defence_emptyList} # 转为json结构并返回 ${dict} Create Dictionary opAction=add returnData=${returnData} policyList=${policyList} ${json} json.Dumps ${dict} ensure_ascii=False ${json} Replace String ${json} "method:rst" ${userRegion} - #${json} Evaluate ${userRegion}.replace('"method"','${userRegion}') - #${json} Replace String ${json} "' { - #${json} Replace String ${json} \" " + Log Policy_Request_Body-${json} [Return] ${json}