gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

安全策略Deny动作补充:ip geo,ip learning,改变策略中:源,目的,fqdn,url,请求头,返回头,请求体,返回体

Browse Source
This commit is contained in:
hebingning
2021-01-28 20:48:01 +08:00
parent 321d82575a
commit ddae7823f7
5 changed files with 161 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

94
01-TestCase/tsg_adc/multi_step/a_Deny_Http_Tests.robot
View File

@@ -14,27 +14,41 @@ ${url} /v1/policy/profile/responsepages
*** Test Cases ***
SecurityPolicy-Deny-Http-00001
[Tags] fqdn完整匹配
[Tags] fqdn完整匹配 update policy:source ip_geo,fqdn
Comment 创建fqdn
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$webalta.ru
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$lkong.net
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建ip geo
${addItemList1} Create Dictionary keywordArray=XXG地区.*
${addItemLists} Create list ${addItemList1}
${objectDict} Create Dictionary objectType=ip objectSubType=geo_location isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObjects ${1} ${objectDict}
Comment 创建fqdn2
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*longkong.net
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId ${objectId}
insert_policyId_to_file1 deny_http_objectId35 ${objectId1}
insert_policyId_to_file1 deny_http_objectId36 ${objectId2}
insert_policyId_to_file1 deny_http_policyId ${policyId}
SecurityPolicy-Deny-Http-00002
[Tags] cat右匹配
Comment 创建cat
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*nymbler.com
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
# ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*nymbler.com
# ${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"rst"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID}
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"rst"} filterList=150|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
insert_policyId_to_file1 deny_http_objectId1 ${objectId}
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
#insert_policyId_to_file1 deny_http_objectId1 ${objectId}
insert_policyId_to_file1 deny_http_policyId1 ${policyId}
SecurityPolicy-Deny-Http-00003
@@ -49,24 +63,36 @@ SecurityPolicy-Deny-Http-00003
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00003 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":403,"html_profile":${profiledId}} filterList=${objectId}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId2 ${objectId}
insert_policyId_to_file1 deny_http_policyId2 ${policyId}
insert_policyId_to_file1 deny_http_profiledId ${profiledId}
SecurityPolicy-Deny-Http-00004
[Tags] 请求头左匹配
[Tags] 请求头左匹配 update policy:url 请求头
Comment 创建请求头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*sveden
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
Comment 创建请求头2
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0|User-Agent
${rescode} ${objectId_req_Id} AddObject2 ${1} ${objectDict}
Comment 创建url2
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=tsutmb
${rescode} ${object_url_Id2} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00004 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":404,"message":"yyyyy"} filterList=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId3 ${object_url_Id}
insert_policyId_to_file1 deny_http_objectId4 ${objectId}
insert_policyId_to_file1 deny_http_objectId37 ${objectId_req_Id}
insert_policyId_to_file1 deny_http_objectId38 ${object_url_Id2}
insert_policyId_to_file1 deny_http_policyId3 ${policyId}
SecurityPolicy-Deny-Http-00005
@@ -81,6 +107,8 @@ SecurityPolicy-Deny-Http-00005
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00005 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId5 ${object_url_Id}
insert_policyId_to_file1 deny_http_objectId6 ${objectId}
insert_policyId_to_file1 deny_http_policyId4 ${policyId}
@@ -97,6 +125,8 @@ SecurityPolicy-Deny-Http-00006
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00006 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"网站被阻断"} filterList=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId7 ${object_url_Id}
insert_policyId_to_file1 deny_http_objectId8 ${objectId}
insert_policyId_to_file1 deny_http_policyId5 ${policyId}
@@ -116,25 +146,33 @@ SecurityPolicy-Deny-Http-00007
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00007 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} filterList=${objectId}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId9 ${object_url_Id}
insert_policyId_to_file1 deny_http_objectId10 ${objectId}
insert_policyId_to_file1 deny_http_policyId6 ${policyId}
insert_policyId_to_file1 deny_http_profiledId1 ${profiledId}
SecurityPolicy-Deny-Http-00008
[Tags] 应答头右匹配
[Tags] 应答头右匹配 update policy:应答头
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*index.aspx
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
Comment 创建应答头
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建应答头2
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=utf-8|Content-Type
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00008 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"rst"} filterList=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId11 ${object_url_Id}
insert_policyId_to_file1 deny_http_objectId12 ${objectId}
insert_policyId_to_file1 deny_http_objectId39 ${objectId1}
insert_policyId_to_file1 deny_http_policyId7 ${policyId}
SecurityPolicy-Deny-Http-00009
@@ -149,12 +187,14 @@ SecurityPolicy-Deny-Http-00009
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00009 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId13 ${object_url_Id}
insert_policyId_to_file1 deny_http_objectId14 ${objectId}
insert_policyId_to_file1 deny_http_policyId8 ${policyId}
SecurityPolicy-Deny-Http-00010
[Tags] 应答头字串匹配
[Tags] 应答头字串匹配 update policy:destination ip learning
Comment 创建url
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=www.avaxsearch.com
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
@@ -165,6 +205,8 @@ SecurityPolicy-Deny-Http-00010
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00010 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId15 ${object_url_Id}
insert_policyId_to_file1 deny_http_objectId16 ${objectId}
insert_policyId_to_file1 deny_http_policyId9 ${policyId}
@@ -178,9 +220,11 @@ SecurityPolicy-Deny-Http-00011
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00010 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00011 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId17 ${object_url_Id}
insert_policyId_to_file1 deny_http_objectId18 ${objectId}
insert_policyId_to_file1 deny_http_policyId10 ${policyId}
@@ -194,6 +238,8 @@ SecurityPolicy-Deny-Http-00012
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00012 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":404,"message":"马上到周末"} filterList=${objectId}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId19 ${objectId}
insert_policyId_to_file1 deny_http_policyId11 ${policyId}
@@ -206,31 +252,45 @@ SecurityPolicy-Deny-Http-00013
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00013 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId20 ${objectId}
insert_policyId_to_file1 deny_http_policyId12 ${policyId}
SecurityPolicy-Deny-Http-00014
[Tags] 请求体字串匹配
[Tags] 请求体字串匹配 update policy:请求体
Comment 创建请求体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=test
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建请求体2
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=biubiubiud
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00014 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId21 ${objectId}
insert_policyId_to_file1 deny_http_objectId40 ${objectId1}
insert_policyId_to_file1 deny_http_policyId13 ${policyId}
SecurityPolicy-Deny-Http-00015
[Tags] 应答体字串匹配
[Tags] 应答体字串匹配 update policy:返回体
Comment 创建应答体
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=华彤公司
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
Comment 创建应答体2
${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=华彤集团官网
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00015 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId22 ${objectId}
insert_policyId_to_file1 deny_http_objectId41 ${objectId1}
insert_policyId_to_file1 deny_http_policyId14 ${policyId}
SecurityPolicy-Deny-Http-00016
@@ -254,6 +314,8 @@ SecurityPolicy-Deny-Http-00016
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00016 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_qq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_yd_Id}|TSG_FIELD_HTTP_RES_HDR,${object_body_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId23 ${object_fqdn_Id}
insert_policyId_to_file1 deny_http_objectId24 ${object_url_Id}
insert_policyId_to_file1 deny_http_objectId25 ${object_qq_Id}
@@ -282,6 +344,8 @@ SecurityPolicy-Deny-Http-00017
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00017 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_qq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_yd_Id}|TSG_FIELD_HTTP_RES_HDR,${object_body_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId28 ${object_fqdn_Id}
insert_policyId_to_file1 deny_http_objectId29 ${object_url_Id}
insert_policyId_to_file1 deny_http_objectId30 ${object_qq_Id}
@@ -292,7 +356,7 @@ SecurityPolicy-Deny-Http-00017
SecurityPolicy-Deny-Http-00018
[Tags] 多源ip对象
Comment 创建第二个源IP
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.50.18-192.168.50.18 port=0-0 direction=0 protocol=0 isInitialize=0
${addItemList1} Create Dictionary isSession=endpoint ip=192.168.50.11-192.168.50.18 port=0-0 direction=0 protocol=0 isInitialize=0
${addItemLists} Create list ${addItemList1}
${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId} AddObjects ${1} ${objectDict}
@@ -300,9 +364,11 @@ SecurityPolicy-Deny-Http-00018
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.hebbank.com
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
Comment 创建安全策略
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} source=${objectId}|TSG_SECURITY_SOURCE_ADDR
${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00018 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} source=${objectId}|TSG_SECURITY_SOURCE_ADDR
log ${policyDict}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyId} Get-Pids ${policyId}
${policyId} Set Variable ${policyId}[0]
insert_policyId_to_file1 deny_http_objectId33 ${objectId}
insert_policyId_to_file1 deny_http_objectId34 ${object_fqdn_Id}
insert_policyId_to_file1 deny_http_policyId17 ${policyId}

82
01-TestCase/tsg_adc/multi_step/b_Deny_Http_Tests.robot
View File

@@ -5,20 +5,33 @@ Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
Resource ../../../03-Variable/ApplicationID.txt
Resource ../../../05-Other/AllFlowCaseVariable.txt
*** Test Cases ***
SecurityPolicy-Deny-Http-00001
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00001.bat
... ELSE set variable curl http://webalta.ru/
... ELSE set variable curl http://www.lkong.net/forum.php
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${rescode} SystemCommands ${commandstr} ${stringlist}
Comment 改变阻断策略
${policyDict} Create Dictionary policyId=${deny_http_policyId} source=${deny_http_objectId35}|TSG_SECURITY_SOURCE_LOCATION policyName=SecurityPolicy-Deny-Http-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${deny_http_objectId36}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} UpdatePolicies 1 ${policyDict} v2 update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00001.bat
... ELSE set variable curl http://www.lkong.net/forum.php
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${rescode} SystemCommands ${commandstr} ${stringlist}
SecurityPolicy-Deny-Http-00002
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00002.bat
... ELSE set variable curl http://www.nymbler.com/
... ELSE set variable curl http://bellaircraftmuseum.org/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${rescode} SystemCommands ${commandstr} ${stringlist}
@@ -56,7 +69,16 @@ SecurityPolicy-Deny-Http-00004
${stringlist} run keyword if '${systemType}'=='Windows' Create List yyyyy
... ELSE Create List yyyyy
${rescode} SystemCommands ${commandstr} ${stringlist}
Comment 改变阻断策略
${policyDict} Create Dictionary policyId=${deny_http_policyId3} policyName=SecurityPolicy-Deny-Http-00004_1 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":404,"message":"yyyyy"} filterList=${deny_http_objectId37}|TSG_FIELD_HTTP_REQ_HDR,${deny_http_objectId38}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} UpdatePolicies 1 ${policyDict} v2 update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00004.bat
... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' \http://www.tsutmb.ru/sveden
${stringlist} run keyword if '${systemType}'=='Windows' Create List yyyyy
... ELSE Create List yyyyy
${rescode} SystemCommands ${commandstr} ${stringlist}
SecurityPolicy-Deny-Http-00005
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00005.bat
@@ -88,7 +110,16 @@ SecurityPolicy-Deny-Http-00008
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${rescode} SystemCommands ${commandstr} ${stringlist}
Comment 改变阻断策略
${policyDict} Create Dictionary policyId=${deny_http_policyId7} policyName=SecurityPolicy-Deny-Http-00008_1 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"rst"} filterList=${deny_http_objectId39}|TSG_FIELD_HTTP_RES_HDR,${deny_http_objectId11}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} UpdatePolicies 1 ${policyDict} v2 update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00008.bat
... ELSE set variable curl http://www.cmbchina.com/CmbQuesInfo/index.aspx
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${rescode} SystemCommands ${commandstr} ${stringlist}
SecurityPolicy-Deny-Http-00009
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00009.bat
@@ -104,7 +135,16 @@ SecurityPolicy-Deny-Http-00010
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${rescode} SystemCommands ${commandstr} ${stringlist}
Comment 改变阻断策略
${policyDict} Create Dictionary policyId=${deny_http_policyId3} policyName=SecurityPolicy-Deny-Http-00010_1 destination=166827|TSG_SECURITY_DESTINATION_ADDR policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${deny_http_objectId16}|TSG_FIELD_HTTP_RES_HDR,${deny_http_objectId15}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} UpdatePolicies 1 ${policyDict} v2 update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00010.bat
... ELSE set variable curl http://www.avaxsearch.com/tangkas/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${rescode} SystemCommands ${commandstr} ${stringlist}
SecurityPolicy-Deny-Http-00011
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00011.bat
@@ -131,7 +171,7 @@ SecurityPolicy-Deny-Http-00013
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00013_1.bat
... ELSE set variable curl http://blog.cnstock.com/
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
${stringlist} run keyword if '${systemType}'=='Windows' Create List Time out
... ELSE Create List Connection reset by peer
${rescode} SystemCommands ${commandstr} ${stringlist}
Comment 功能端验证HTTP验证
@@ -151,10 +191,19 @@ SecurityPolicy-Deny-Http-00014
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00014.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
${stringlist} run keyword if '${systemType}'=='Windows' Create List Not Found
... ELSE Create List Connection reset by peer
${rescode} SystemCommands ${commandstr} ${stringlist}
Comment 改变阻断策略
${policyDict} Create Dictionary policyId=${deny_http_policyId13} policyName=SecurityPolicy-Deny-Http-00014_1 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${deny_http_objectId40}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} UpdatePolicies 1 ${policyDict} v2 update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00014.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=biubiubiud&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Not Found
... ELSE Create List Connection reset by peer
${rescode} SystemCommands ${commandstr} ${stringlist}
SecurityPolicy-Deny-Http-00015
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00015.bat
@@ -162,13 +211,22 @@ SecurityPolicy-Deny-Http-00015
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${rescode} SystemCommands ${commandstr} ${stringlist}
Comment 改变阻断策略
${policyDict} Create Dictionary policyId=${deny_http_policyId14} policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${deny_http_objectId41}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
log ${policyDict}
${rescode} UpdatePolicies 1 ${policyDict} v2 update
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00015.bat
... ELSE set variable curl http://www.huatonggs.com/about.html#gsjj
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${rescode} SystemCommands ${commandstr} ${stringlist}
SecurityPolicy-Deny-Http-00016
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00016.bat
... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=qazxs&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com/action
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
... ELSE Create List Connection reset by peer
${stringlist} run keyword if '${systemType}'=='Windows' Create List 404
... ELSE Create List 404
${rescode} SystemCommands ${commandstr} ${stringlist}
SecurityPolicy-Deny-Http-00017

11
01-TestCase/tsg_adc/multi_step/c_Deny_Http_Tests.robot
View File

@@ -19,6 +19,8 @@ ${profiledId} ${EMPTY}
SecurityPolicy-Deny-Http-00001
#删除对象
${objectids} set Variable ${deny_http_objectId}
${objectids} Catenate SEPARATOR=, ${objectids} ${deny_http_objectId35}
${objectids} Catenate SEPARATOR=, ${objectids} ${deny_http_objectId36}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId}]}
${s} Convert to String ${deny_http_policyId}
@@ -26,11 +28,11 @@ SecurityPolicy-Deny-Http-00001
SecurityPolicy-Deny-Http-00002
#删除对象
${objectids} set Variable ${deny_http_objectId1}
#${objectids} set Variable ${deny_http_objectId1}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId1}]}
${s} Convert to String ${deny_http_policyId1}
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host nymbler.com
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host bellaircraftmuseum.org
SecurityPolicy-Deny-Http-00003
#删除文件
@@ -49,6 +51,8 @@ SecurityPolicy-Deny-Http-00004
#删除对象
${objectids} set Variable ${deny_http_objectId3}
${objectids} Catenate SEPARATOR=, ${objectids} ${deny_http_objectId4}
${objectids} Catenate SEPARATOR=, ${objectids} ${deny_http_objectId37}
${objectids} Catenate SEPARATOR=, ${objectids} ${deny_http_objectId38}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId3}]}
${s} Convert to String ${deny_http_policyId3}
@@ -87,6 +91,7 @@ SecurityPolicy-Deny-Http-00008
#删除对象
${objectids} set Variable ${deny_http_objectId11}
${objectids} Catenate SEPARATOR=, ${objectids} ${deny_http_objectId12}
${objectids} Catenate SEPARATOR=, ${objectids} ${deny_http_objectId39}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId7}]}
${s} Convert to String ${deny_http_policyId7}
@@ -141,6 +146,7 @@ SecurityPolicy-Deny-Http-00013
SecurityPolicy-Deny-Http-00014
#删除对象
${objectids} set Variable ${deny_http_objectId21}
${objectids} Catenate SEPARATOR=, ${objectids} ${deny_http_objectId40}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId13}]}
${s} Convert to String ${deny_http_policyId13}
@@ -149,6 +155,7 @@ SecurityPolicy-Deny-Http-00014
SecurityPolicy-Deny-Http-00015
#删除对象
${objectids} set Variable ${deny_http_objectId22}
${objectids} Catenate SEPARATOR=, ${objectids} ${deny_http_objectId41}
#删除策略
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId14}]}
${s} Convert to String ${deny_http_policyId14}