From f03a423e2c1bea3d5fd8f7a297bab7c3e51e7c9c Mon Sep 17 00:00:00 2001 From: jwc Date: Tue, 21 Jul 2020 10:47:30 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=97=A7=E7=89=88=E6=9C=AC?= =?UTF-8?q?=E5=AE=89=E5=85=A8=E7=AD=96=E7=95=A5=E5=BC=95=E7=94=A8=E9=BB=98?= =?UTF-8?q?=E8=AE=A4=E6=8B=A6=E6=88=AA=EF=BC=8Cv2=E6=8E=A5=E5=8F=A3deny?= =?UTF-8?q?=E5=8A=A8=E4=BD=9C=E5=BA=94=E7=AD=94=E6=97=A0=E4=BD=BF=E7=94=A8?= =?UTF-8?q?alert=E5=8F=82=E6=95=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Security/Deny_FTP_Tests.robot | 2 +- .../Api_Security/Deny_Http_Tests.robot | 74 ++++++++----------- .../Api_Security/Intercept_SSL_Tests.robot | 10 +-- .../Intercept_SSL_keyring_Tests.robot | 6 +- .../Api_Security/Monitor_FTP_Tests.robot | 6 +- .../Api_Security/Monitor_Http_Tests.robot | 5 +- .../ProxyPolicy-Redirect-HTTP-0024.bat | 2 +- 7 files changed, 46 insertions(+), 59 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot index 1b509cb..e5c24f3 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot @@ -126,7 +126,7 @@ SecurityPolicy-Deny-Ftp-00005 SecurityPolicy-Deny-Ftp-00006 [Tags] selfserver deny ftp url右匹配 Comment 创建url - ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*t.txt + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*00.5/test.txt ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_url_Id} Comment 创建安全策略 diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot index 542e3bb..cc0217d 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_Http_Tests.robot @@ -693,6 +693,7 @@ SecurityPolicy-Deny-Http-00023 #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + SecurityPolicy-Deny-Http-00024 [Tags] selfserver deny http ip+host block Comment 创建fqdn @@ -1140,19 +1141,16 @@ SecurityPolicy-Deny-Http-00035 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Path=/tsgInterface|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} - #创建引用文件 - ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages - ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00035 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00035 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -1162,13 +1160,13 @@ SecurityPolicy-Deny-Http-00035 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00035 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00035 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} ${rescode} ${policyId} EditPolicy ${policyDict} update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat ... ELSE set variable curl http://open.node.com/ - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -1192,15 +1190,15 @@ SecurityPolicy-Deny-Http-00036 ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00036 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"Главная страница"} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00036 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"rst"} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Главная страница - ... ELSE Create List Главная страница + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -1210,13 +1208,13 @@ SecurityPolicy-Deny-Http-00036 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00036 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"Главная страница"} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00036 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"rst"} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} ${rescode} ${policyId} EditPolicy ${policyDict} update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Главная страница - ... ELSE Create List Главная страница + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -1239,19 +1237,16 @@ SecurityPolicy-Deny-Http-00037 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$12345678|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} - #创建引用文件 - ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages - ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00037 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00037 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -1261,13 +1256,13 @@ SecurityPolicy-Deny-Http-00037 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00037 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00037 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} ${rescode} ${policyId} EditPolicy ${policyDict} update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -1290,19 +1285,16 @@ SecurityPolicy-Deny-Http-00038 ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*5678|Set-Cookie ${rescode} ${object_SK_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SK_Id} - #创建引用文件 - ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages - ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00038 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00038 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"rst"} referenceObject=${object_CT_Id}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat ... ELSE set variable curl \ http://open.node.com/test/youtube/youtube.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -1312,13 +1304,13 @@ SecurityPolicy-Deny-Http-00038 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00038 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00038 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"rst"} referenceObject=${object_SK_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 policyId=${policyId} ${rescode} ${policyId} EditPolicy ${policyDict} update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -1345,19 +1337,16 @@ SecurityPolicy-Deny-Http-00039 ${objectDict} Create Dictionary objectType=keywords isValid=${1} addItemList=Ұлттық ${rescode} ${object_yq_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_yq_Id} - #创建引用文件 - ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages - ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00039 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00039 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_RQ_Id}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appObjectIdArray=2 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=Response Body" http://open.node.com/action - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -1367,7 +1356,7 @@ SecurityPolicy-Deny-Http-00039 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com Comment 修改策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00039 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_yq_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 policyId=${policyId} + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-HTTP-00039 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol": "HTTP","method":"drop"} referenceObject=${object_CK_Id}|TSG_FIELD_HTTP_REQ_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_yq_Id}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appObjectIdArray=2 policyId=${policyId} ${rescode} ${policyId} EditPolicy ${policyDict} update Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat @@ -1381,6 +1370,7 @@ SecurityPolicy-Deny-Http-00039 ${endtime} Get Time #日志验证 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + SecurityPolicy-Deny-Http-00040 [Tags] selfserver ip+请求体and关系 Comment 创建目标IP @@ -1397,7 +1387,7 @@ SecurityPolicy-Deny-Http-00040 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 - ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0024.bat + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0024.bat ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset ... ELSE Create List Connection reset by peer @@ -1426,7 +1416,7 @@ SecurityPolicy-Deny-Http-00041 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 - ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0024.bat + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0024.bat ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset ... ELSE Create List Connection reset by peer diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot index 6391ba3..9672972 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_Tests.robot @@ -20,7 +20,7 @@ SecurityPolicy-Intercept-SSL-00001 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -49,7 +49,7 @@ SecurityPolicy-Intercept-SSL-00002 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -78,7 +78,7 @@ SecurityPolicy-Intercept-SSL-00003 ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -95,6 +95,7 @@ SecurityPolicy-Intercept-SSL-00003 #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + SecurityPolicy-Intercept-SSL-00004 [Tags] Selfserver Intercept Ssl 修改 Comment 创建目标IP @@ -110,7 +111,7 @@ SecurityPolicy-Intercept-SSL-00004 ${rescode} ${object_cat_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_cat_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} @@ -141,4 +142,3 @@ SecurityPolicy-Intercept-SSL-00004 Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com - diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_keyring_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_keyring_Tests.robot index 9cf5973..e4f36de 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_keyring_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Intercept_SSL_keyring_Tests.robot @@ -152,12 +152,8 @@ SecurityPolicy-Intercept-SSL-00006 Comment 创建证书 ${response} CreatePolicyMutipartFile ${url} keyrings/end-entity/ tang-ca-v3-www.amazon.cn-cer.pem tang-ca-v3-www.amazon.cn-key.pem end-entity ${keyringId} Get From Dictionary ${response} keyringId - Comment 创建cat - ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*node.com - ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_fqdn_Id} Comment 创建安全策略 - ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-SSL-00006 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol":"SSL","keyring":${keyringId},"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} referenceObject= isValid=${1} appObjectIdArray=3 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot index ecc36e8..18bc1cb 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_FTP_Tests.robot @@ -27,7 +27,7 @@ SecurityPolicy-Monitor-Ftp-00001 Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test + ${FTP} FTP_login ftp://192.168.100.5/123zxcvbnm.txt -u"ftp_user:qazXSW@edc" crfvtgbyhnuj should contain ${FTP} ftp_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time @@ -71,7 +71,7 @@ SecurityPolicy-Monitor-Ftp-00003 Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test + ${FTP} FTP_login ftp://192.168.100.5/123zxcvbnm.txt -u"ftp_user:qazXSW@edc" crfvtgbyhnuj should contain ${FTP} ftp_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time @@ -93,7 +93,7 @@ SecurityPolicy-Monitor-Ftp-00004 Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s - ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 中文test + ${FTP} FTP_login ftp://192.168.100.5/123zxcvbnm.txt -u"ftp_user:qazXSW@edc" crfvtgbyhnuj should contain ${FTP} ftp_success Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot index 4737a1d..c591fe5 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Monitor_Http_Tests.robot @@ -646,6 +646,7 @@ SecurityPolicy-Monitor-Http-00022 #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + SecurityPolicy-Monitor-Http-00023 [Tags] selfserver ip+请求体and关系 Comment 创建目标IP @@ -662,7 +663,7 @@ SecurityPolicy-Monitor-Http-00023 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 - ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0024.bat + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0024.bat ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action ${stringlist} run keyword if '${systemType}'=='Windows' Create List Response Body ... ELSE Create List Response Body @@ -691,7 +692,7 @@ SecurityPolicy-Monitor-Http-00024 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证HTTP验证 - ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redircet-HTTP-0024.bat + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/ProxyPolicy-Redirect-HTTP-0024.bat ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action ${stringlist} run keyword if '${systemType}'=='Windows' Create List Response Body ... ELSE Create List Response Body diff --git a/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0024.bat b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0024.bat index 254b763..cb5f5ff 100644 --- a/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0024.bat +++ b/05-Other/curl/selfserver/ProxyPolicy-Redirect-HTTP-0024.bat @@ -1 +1 @@ -curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Body" -kv http://open.node.com/action | iconv -f utf-8 -t gbk +curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=jwctest123&setCookie=12345678&contentType=content-type&resBody=Response Body" -kv http://open.node.com/action | iconv -f utf-8 -t gbk