diff --git a/01-TestCase/tsg_adc/multi_step/a_Allow_Rtp_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Allow_Rtp_Tests.robot index 3b680e2..be2feeb 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Allow_Rtp_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Allow_Rtp_Tests.robot @@ -1,5 +1,5 @@ *** Settings *** -Force Tags adc_api security_policy +Force Tags tsg_adc_wp adc_api security_policy Library OperatingSystem Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot diff --git a/01-TestCase/tsg_adc/multi_step/a_Allow_Sip_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Allow_Sip_Tests.robot index 9c9e0e2..be9657f 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Allow_Sip_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Allow_Sip_Tests.robot @@ -1,5 +1,5 @@ *** Settings *** -Force Tags adc_api security_policy +Force Tags tsg_adc_wp adc_api security_policy Library OperatingSystem Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot diff --git a/01-TestCase/tsg_adc/multi_step/a_Allow_Ssl_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Allow_Ssl_Tests.robot index 7c00f07..5f8f456 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Allow_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Allow_Ssl_Tests.robot @@ -58,3 +58,24 @@ SecurityPolicy-Allow-Ssl-00003 ${policyId} Set Variable ${policyId}[0] insert_policyId_to_file1 allow_ssl_policyId2 ${policyId} +SecurityPolicy-Allow-Ssl-00001-test + [Tags] fqdn完整匹配 update policy:ip geo + Comment 创建fqdn + ${addTestClentIPFlag} Set Variable 0 + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$homebank.kz + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建ip geo + ${addItemList1} Create Dictionary keywordArray=XXG地区.* + ${addItemLists} Create list ${addItemList1} + ${objectDict} Create Dictionary objectType=ip objectSubType=geo_location isValid=${1} addItemList=${addItemLists} + ${rescode} ${objectId1} AddObjects ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-Ssl-00001 policyType=tsg_security policyDesc=autotest action=allow userRegion={"protocol":"SSL"} source=${objectId1}|TSG_SECURITY_SOURCE_LOCATION filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} Get-Pids ${policyId} + ${policyId} Set Variable ${policyId}[0] + insert_policyId_to_file1 allow_ssl_objectId ${objectId} + insert_policyId_to_file1 allow_ssl_objectId2 ${objectId1} + insert_policyId_to_file1 allow_ssl_policyId ${policyId} + diff --git a/01-TestCase/tsg_adc/multi_step/a_Deny_Dns_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Deny_Dns_Tests.robot index 917ab63..11e925e 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Deny_Dns_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Dns_Tests.robot @@ -90,5 +90,4 @@ SecurityPolicy-Deny-Dns-00005 ${policyId} Get-Pids ${policyId} ${policyId} Set Variable ${policyId}[0] insert_policyId_to_file1 deny_dns_policyId4 ${policyId} - log ${defaultClient} diff --git a/01-TestCase/tsg_adc/multi_step/a_Deny_Ftp_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Deny_Ftp_Tests.robot index ae75fc4..9e25cd7 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Deny_Ftp_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Ftp_Tests.robot @@ -117,7 +117,11 @@ SecurityPolicy-Deny-Ftp-00005 Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00005 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"rst"} isValid=${0} appIdObjects=${FTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 - insert_policyId_to_file1 deny_ftp_policyId4 ${policyId} ${policyId} Get-Pids ${policyId} ${policyId} Set Variable ${policyId}[0] + insert_policyId_to_file1 deny_ftp_policyId4 ${policyId} + + + + diff --git a/01-TestCase/tsg_adc/multi_step/a_Deny_Rtp_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Deny_Rtp_Tests.robot index afece77..ec39780 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Deny_Rtp_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Rtp_Tests.robot @@ -1,5 +1,5 @@ *** Settings *** -Force Tags adc_api security_policy +Force Tags adc_api security_policy Library OperatingSystem Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot diff --git a/01-TestCase/tsg_adc/multi_step/a_Deny_Ssl_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Deny_Ssl_Tests.robot index 7ebbc88..f770666 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Deny_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Ssl_Tests.robot @@ -102,3 +102,4 @@ SecurityPolicy-Deny-Ssl-00006 ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyId} Get-Pids ${policyId} ${policyId} Set Variable ${policyId}[0] + insert_policyId_to_file1 deny_ssl_policyId5 ${policyId} diff --git a/01-TestCase/tsg_adc/multi_step/a_Monitor_Dns_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Monitor_Dns_Tests.robot index d5ca3f8..65503aa 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Monitor_Dns_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Monitor_Dns_Tests.robot @@ -61,3 +61,13 @@ SecurityPolicy-Monitor-Dns-00003 ${policyId} Set Variable ${policyId}[0] insert_policyId_to_file1 monitor_dns_objectId3 ${objectId} insert_policyId_to_file1 monitor_dns_policyId2 ${policyId} + +SecurityPolicy-Monitor-Dns-00004 + [Tags] the minimum match + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Monitor-Dns-00004 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"DNS"} isValid=${0} appIdObjects=${DNS_ID} + log ${policyDict} + ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 + ${policyId} Get-Pids ${policyId} + ${policyId} Set Variable ${policyId}[0] + insert_policyId_to_file1 monitor_dns_policyId3 ${policyId} diff --git a/01-TestCase/tsg_adc/multi_step/a_Redirect_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Redirect_Tests.robot index d34afae..52db2d0 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Redirect_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Redirect_Tests.robot @@ -74,7 +74,7 @@ Proxy-Policy-redirect-00002 insert_policyId_to_file1 redirect_policyId1 ${policyId2} Proxy-Policy-redirect-00003 - [Tags] url4种匹配 + [Tags] url4种匹配 verify_redirect_00003 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.deepin.org,*vmall.com,$www.suning.com,*flights.ctrip.com ${rescode} ${objectId} AddObject2 ${1} ${objectDict} diff --git a/01-TestCase/tsg_adc/multi_step/a_Replace_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Replace_Tests.robot index aa14ab0..d3c3196 100644 --- a/01-TestCase/tsg_adc/multi_step/a_Replace_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/a_Replace_Tests.robot @@ -397,7 +397,7 @@ Proxy-Policy-replace-00013 insert_policyId_to_file1 replace_policyId12 ${policyId2} Proxy-Policy-replace-00014 - [Tags] 最大组合 + [Tags] 最大组合 verifyreplace0014 Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*engadget.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} @@ -436,3 +436,4 @@ Proxy-Policy-replace-00014 insert_policyId_to_file1 replace_objectId38 ${object_sk_Id} insert_policyId_to_file1 intercept_replace_policyId13 ${policyId1} insert_policyId_to_file1 replace_policyId13 ${policyId2} + sleep ${policyModifySleepSeconds} diff --git a/01-TestCase/tsg_adc/multi_step/b_Deny_Dns_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Deny_Dns_Tests.robot index 87536ab..40f6adb 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Deny_Dns_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Deny_Dns_Tests.robot @@ -91,13 +91,15 @@ SecurityPolicy-Deny-Dns-00005 ${policyDict} Create Dictionary policyId=${deny_dns_policyId4} policyName=SecurityPolicy-Deny-Dns-00005-1 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"drop"} isValid=${1} appIdObjects=${DNS_ID} log ${policyDict} ${rescode} UpdatePolicies 1 ${policyDict} v2 update + sleep ${policyModifySleepSeconds} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.facebook.com ... ELSE set variable nslookup www.facebook.com - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 超时 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 超时 time out ... ELSE Create List canonical name = www.facebook.com ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 关闭安全策略 ${policyDict} Create Dictionary policyId=${deny_dns_policyId4} policyName=SecurityPolicy-Deny-Dns-00005-2 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"drop"} isValid=${0} appIdObjects=${DNS_ID} log ${policyDict} ${rescode} UpdatePolicies 1 ${policyDict} v2 update + sleep ${policyModifySleepSeconds} diff --git a/01-TestCase/tsg_adc/multi_step/b_Deny_Ftp_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Deny_Ftp_Tests.robot index 00f835d..0114464 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Deny_Ftp_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Deny_Ftp_Tests.robot @@ -40,7 +40,7 @@ SecurityPolicy-Deny-Ftp-00004 SecurityPolicy-Deny-Ftp-00005 Comment 开启阻断策略 - ${policyDict} Create Dictionary policyId=${deny_ftp_policyId4} policyName=SecurityPolicy-Deny-FTP-00005-1 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"rst"} isValid=${1} appIdObjects=${FTP_ID} + ${policyDict} Create Dictionary policyId=${deny_dns_policyId4} policyName=SecurityPolicy-Deny-FTP-00005-1 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"drop"} isValid=${1} appIdObjects=${FTP_ID} log ${policyDict} ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证 @@ -50,4 +50,4 @@ SecurityPolicy-Deny-Ftp-00005 ${policyDict} Create Dictionary policyId=${deny_ftp_policyId4} policyName=SecurityPolicy-Deny-FTP-00005-2 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"FTP","method":"rst"} isValid=${0} appIdObjects=${FTP_ID} log ${policyDict} ${rescode} UpdatePolicies 1 ${policyDict} v2 update - + sleep ${policyModifySleepSeconds} diff --git a/01-TestCase/tsg_adc/multi_step/b_Deny_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Deny_Http_Tests.robot index d8b61ae..a811fb3 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Deny_Http_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Deny_Http_Tests.robot @@ -14,7 +14,7 @@ SecurityPolicy-Deny-Http-00001 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00001.bat ... ELSE set variable curl -m 10 -kv http://www.lkong.net/forum.php - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset ... ELSE Create List Connection was reset ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 改变阻断策略 @@ -55,9 +55,6 @@ SecurityPolicy-Deny-Http-00003 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003_2.bat ... ELSE set variable curl http://www.gotohoroscope.com/daily-horoscope.html - Comment 功能端验证HTTP验证 - ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003_2.bat - ... ELSE set variable curl http://www.gotohoroscope.com/daily-horoscope.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -150,7 +147,7 @@ SecurityPolicy-Deny-Http-00010 ... ELSE Create List Connection reset by peer ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 改变阻断策略 - ${policyDict} Create Dictionary policyId=${deny_http_policyId3} policyName=SecurityPolicy-Deny-Http-00010_1 destination=166827|TSG_SECURITY_DESTINATION_ADDR policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${deny_http_objectId16}|TSG_FIELD_HTTP_RES_HDR,${deny_http_objectId15}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} + ${policyDict} Create Dictionary policyId=${deny_http_policyId3} policyName=SecurityPolicy-Deny-Http-00010_1 destination=24849|TSG_SECURITY_DESTINATION_ADDR policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} filterList=${deny_http_objectId16}|TSG_FIELD_HTTP_RES_HDR,${deny_http_objectId15}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} UpdatePolicies 1 ${policyDict} v2 update Comment 功能端验证HTTP验证 @@ -308,4 +305,5 @@ SecurityPolicy-Deny-Http-00019 Comment 失效阻断策略 ${policyDict} Create Dictionary policyId=${deny_http_policyId18} policyName=SecurityPolicy-Deny-Http-00019-2 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} isValid=${0} appIdObjects=${HTTP_ID} log ${policyDict} - ${rescode} UpdatePolicies 1 ${policyDict} v2 update \ No newline at end of file + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + sleep ${policyModifySleepSeconds} \ No newline at end of file diff --git a/01-TestCase/tsg_adc/multi_step/b_Monitor_Dns_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Monitor_Dns_Tests.robot index 7a8416b..0239bb5 100644 --- a/01-TestCase/tsg_adc/multi_step/b_Monitor_Dns_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/b_Monitor_Dns_Tests.robot @@ -65,3 +65,20 @@ SecurityPolicy-Monitor-Dns-00003 ${stringlist} run keyword if '${systemType}'=='Windows' Create List www.u17.com ... ELSE Create List www.u17.com ${rescode} SystemCommands ${commandstr} ${stringlist} + +SecurityPolicy-Monitor-Dns-00004 + Comment 开启监控策略 + ${policyDict} Create Dictionary policyId=${monitor_dns_policyId3} policyName=SecurityPolicy-Monitor-Dns-00004 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"DNS"} isValid=${1} appIdObjects=${DNS_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d travelgam.com + ... ELSE set variable nslookup travelgam.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List travelgam.com + ... ELSE Create List travelgam.com + ${rescode} SystemCommands ${commandstr} ${stringlist} + Comment 关闭监控策略 + ${policyDict} Create Dictionary policyId=${monitor_dns_policyId3} policyName=SecurityPolicy-Monitor-Dns-00004 policyType=tsg_security policyDesc=autotest action=monitor userRegion={"protocol":"DNS"} isValid=${0} appIdObjects=${DNS_ID} + log ${policyDict} + ${rescode} UpdatePolicies 1 ${policyDict} v2 update + diff --git a/01-TestCase/tsg_adc/multi_step/c_Deny_Dns_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Deny_Dns_Tests.robot index bdfacb5..d35ea69 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Deny_Dns_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Deny_Dns_Tests.robot @@ -55,5 +55,4 @@ SecurityPolicy-Deny-Dns-00004 SecurityPolicy-Deny-Dns-00005 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_dns_policyId4}]} ${s} Convert to String ${deny_dns_policyId4} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname facebook.com diff --git a/01-TestCase/tsg_adc/multi_step/c_Deny_Ftp_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Deny_Ftp_Tests.robot index 9c48aa4..dd57923 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Deny_Ftp_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Deny_Ftp_Tests.robot @@ -62,5 +62,4 @@ SecurityPolicy-Deny-Ftp-00005 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_ftp_policyId4}]} ${s} Convert to String ${deny_ftp_policyId4} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftpuser diff --git a/01-TestCase/tsg_adc/multi_step/c_Deny_Mail_Test.robot b/01-TestCase/tsg_adc/multi_step/c_Deny_Mail_Test.robot index 34cb891..2d6067a 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Deny_Mail_Test.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Deny_Mail_Test.robot @@ -161,4 +161,4 @@ SecurityPolicy-Deny-Mail-00016 #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_mail_policyId15}]} ${s} Convert to String ${deny_mail_policyId15} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account ${mailAccount} + diff --git a/01-TestCase/tsg_adc/multi_step/c_Deny_Ssl_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Deny_Ssl_Tests.robot index 330417a..ebfe0a6 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Deny_Ssl_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Deny_Ssl_Tests.robot @@ -61,4 +61,5 @@ SecurityPolicy-Deny-Ssl-00005 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.leisu.com SecurityPolicy-Deny-Ssl-00006 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_ssl_policyId5}]} \ No newline at end of file diff --git a/01-TestCase/tsg_adc/multi_step/c_Monitor_Dns_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Monitor_Dns_Tests.robot index b4d7a77..2dedcec 100644 --- a/01-TestCase/tsg_adc/multi_step/c_Monitor_Dns_Tests.robot +++ b/01-TestCase/tsg_adc/multi_step/c_Monitor_Dns_Tests.robot @@ -41,3 +41,10 @@ SecurityPolicy-Monitor-Dns-00003 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${monitor_dns_policyId2}]} ${s} Convert to String ${monitor_dns_policyId2} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.u17.com + +SecurityPolicy-Monitor-Dns-00004 + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${monitor_dns_policyId3}]} + ${s} Convert to String ${monitor_dns_policyId3} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname www.u17.com +